From patchwork Mon May 22 19:33:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784639 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Ug6xaQd5; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=XXkpDcVy; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7320Wspz20f9 for ; Tue, 23 May 2023 05:35:40 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=MESRRtWtMhADnN4YsNcahwNj9p31uJ/8U1b6xsJWUFU=; b=Ug6xaQd5OPev3g h18U9GOUHGi4Tw1uTMDZzaHkCiUxpSChh7Isg8vZv+2mBfrN4VnOKaZDclGz8UP0ijizbIGA75bkN DHIUmreNNVZn5+LL/qb7qfQ4EyrU/vgVc6DSs0jjpB/ima9ftpK/iXxvWPJzhZu1NXeU/jmFoncmO k4MNP/+EDViS+qjp0pz1N28uaHJgN53SJrOwbGpHt60RfSZikBDnWMZgQGgOy4cQ9g4FVULf8DSgG K/jJ7yMiRQSSV7xdfqqDyN0KfoAHhI8o+cGCxc4pNgI6pMRpSkAjs2dUmnEcFfd5gQoBYnuSqRq/b a6xL3tPICts4lUNR9H1g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIq-007hUL-0N; Mon, 22 May 2023 19:34:44 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIm-007hSx-0g for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:41 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784080; x=1716320080; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=rDgx6EoN4MoBU0SR8EbfPYe1lORHxnSrnHnegOcbzgc=; b=XXkpDcVyJhp8sYuAyjUNoRp/wEtdzyA3jdUZUhG/9cOm7dRmD2UUWyrO I4JmXltkU7iyLpUokaBfs7X0G/z0wtuRp4sX1Nod+NX8RkJAhv8PZ5yI1 R20NLtvGBrfAvB4tATx5qoVbVSmprgb9xwLVcxSpxXSMJFCVMNU9+ZI1c IwkGEDRL6i1KKiVUMecVG3cf1fBwDQoCRVWFI7mlytiikB3F/4bV41LJT itX4Oru+/A7kctOei9T0MstZ3ClHSS+ZWPGMV8FHdsOZNEXs4PgUo9lmw i11+f/+633zck7IUntYAJ08ZpC56m27PCVGLKG+xCL7wGIkYtxtueJfQ6 w==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869079" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869079" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:39 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809072" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809072" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:38 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Benjamin Berg Subject: [PATCH v2 01/44] driver_nl80211: Rename the per iface-type capabilities struct Date: Mon, 22 May 2023 22:33:29 +0300 Message-Id: <20230522193412.658666-2-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123440_297779_79B8732E X-CRM114-Status: GOOD ( 16.01 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Benjamin Berg We will start using this structure to also track MLD related capabilities instead of just extended capabilities. As such, give the structure a more generic name. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Benjamin Berg We will start using this structure to also track MLD related capabilities instead of just extended capabilities. As such, give the structure a more generic name. Signed-off-by: Benjamin Berg --- src/drivers/driver_nl80211.c | 16 ++++++++-------- src/drivers/driver_nl80211.h | 6 +++--- src/drivers/driver_nl80211_capa.c | 22 +++++++++++----------- 3 files changed, 22 insertions(+), 22 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index eb25730c56..63c04d1b8e 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -3150,9 +3150,9 @@ static void wpa_driver_nl80211_deinit(struct i802_bss *bss) os_free(drv->extended_capa); os_free(drv->extended_capa_mask); - for (i = 0; i < drv->num_iface_ext_capa; i++) { - os_free(drv->iface_ext_capa[i].ext_capa); - os_free(drv->iface_ext_capa[i].ext_capa_mask); + for (i = 0; i < drv->num_iface_capa; i++) { + os_free(drv->iface_capa[i].ext_capa); + os_free(drv->iface_capa[i].ext_capa_mask); } os_free(drv->first_bss); #ifdef CONFIG_DRIVER_NL80211_QCA @@ -13155,11 +13155,11 @@ static int nl80211_get_ext_capab(void *priv, enum wpa_driver_if_type type, *ext_capa_len = drv->extended_capa_len; /* Replace the default value if a per-interface type value exists */ - for (i = 0; i < drv->num_iface_ext_capa; i++) { - if (nlmode == drv->iface_ext_capa[i].iftype) { - *ext_capa = drv->iface_ext_capa[i].ext_capa; - *ext_capa_mask = drv->iface_ext_capa[i].ext_capa_mask; - *ext_capa_len = drv->iface_ext_capa[i].ext_capa_len; + for (i = 0; i < drv->num_iface_capa; i++) { + if (nlmode == drv->iface_capa[i].iftype) { + *ext_capa = drv->iface_capa[i].ext_capa; + *ext_capa_mask = drv->iface_capa[i].ext_capa_mask; + *ext_capa_len = drv->iface_capa[i].ext_capa_len; break; } } diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h index 38b59ab505..0a6726bccd 100644 --- a/src/drivers/driver_nl80211.h +++ b/src/drivers/driver_nl80211.h @@ -119,12 +119,12 @@ struct wpa_driver_nl80211_data { struct wpa_driver_capa capa; u8 *extended_capa, *extended_capa_mask; unsigned int extended_capa_len; - struct drv_nl80211_ext_capa { + struct drv_nl80211_iface_capa { enum nl80211_iftype iftype; u8 *ext_capa, *ext_capa_mask; unsigned int ext_capa_len; - } iface_ext_capa[NL80211_IFTYPE_MAX]; - unsigned int num_iface_ext_capa; + } iface_capa[NL80211_IFTYPE_MAX]; + unsigned int num_iface_capa; int has_capability; int has_driver_key_mgmt; diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c index b904398ca3..9711379cd2 100644 --- a/src/drivers/driver_nl80211_capa.c +++ b/src/drivers/driver_nl80211_capa.c @@ -817,12 +817,12 @@ static void wiphy_info_extended_capab(struct wpa_driver_nl80211_data *drv, int rem = 0, i; struct nlattr *tb1[NL80211_ATTR_MAX + 1], *attr; - if (!tb || drv->num_iface_ext_capa == NL80211_IFTYPE_MAX) + if (!tb || drv->num_iface_capa == NL80211_IFTYPE_MAX) return; nla_for_each_nested(attr, tb, rem) { unsigned int len; - struct drv_nl80211_ext_capa *capa; + struct drv_nl80211_iface_capa *capa; nla_parse(tb1, NL80211_ATTR_MAX, nla_data(attr), nla_len(attr), NULL); @@ -832,7 +832,7 @@ static void wiphy_info_extended_capab(struct wpa_driver_nl80211_data *drv, !tb1[NL80211_ATTR_EXT_CAPA_MASK]) continue; - capa = &drv->iface_ext_capa[drv->num_iface_ext_capa]; + capa = &drv->iface_capa[drv->num_iface_capa]; capa->iftype = nla_get_u32(tb1[NL80211_ATTR_IFTYPE]); wpa_printf(MSG_DEBUG, "nl80211: Driver-advertised extended capabilities for interface type %s", @@ -858,8 +858,8 @@ static void wiphy_info_extended_capab(struct wpa_driver_nl80211_data *drv, wpa_hexdump(MSG_DEBUG, "nl80211: Extended capabilities mask", capa->ext_capa_mask, capa->ext_capa_len); - drv->num_iface_ext_capa++; - if (drv->num_iface_ext_capa == NL80211_IFTYPE_MAX) + drv->num_iface_capa++; + if (drv->num_iface_capa == NL80211_IFTYPE_MAX) break; } @@ -868,13 +868,13 @@ static void wiphy_info_extended_capab(struct wpa_driver_nl80211_data *drv, err: /* Cleanup allocated memory on error */ for (i = 0; i < NL80211_IFTYPE_MAX; i++) { - os_free(drv->iface_ext_capa[i].ext_capa); - drv->iface_ext_capa[i].ext_capa = NULL; - os_free(drv->iface_ext_capa[i].ext_capa_mask); - drv->iface_ext_capa[i].ext_capa_mask = NULL; - drv->iface_ext_capa[i].ext_capa_len = 0; + os_free(drv->iface_capa[i].ext_capa); + drv->iface_capa[i].ext_capa = NULL; + os_free(drv->iface_capa[i].ext_capa_mask); + drv->iface_capa[i].ext_capa_mask = NULL; + drv->iface_capa[i].ext_capa_len = 0; } - drv->num_iface_ext_capa = 0; + drv->num_iface_capa = 0; } From patchwork Mon May 22 19:33:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784641 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=JRIGBhDp; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=a4aBnuZ4; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7316rzPz20dZ for ; Tue, 23 May 2023 05:35:40 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=O17Si4lssNN0z3AlDpr/77vez9aXyzOUskKRc3kHt8A=; b=JRIGBhDpqDKUIl GxmzbNDWYEBJjs248B4W2QY/UoUDT96B/HyFi4W2zTfG75qHADYKt1e1oy9UH9xME+yRqAwE0fNxk IyrnfVMk5fBCXD7GSFRrPOST0WmBS9lWMnjxf2vRLiEtqTPLpXNKNIL77Gh2c9uiTGSIbhIFgBc/5 vxL5iXfR28Id2nIZc/r9WUcHlaXzCMnK42D6wIijtlaoTIkotzLjV73AJalil4PZ4g2dueLHTEB6Y UEiwhS+kAvBbjShGhIXpXjsBfm0pKuw41MM8m01nrcKjkOpcYKE5kZLSA6UCq+s/3lYjWtcsYrzar 2NOdctxXdVyyLuwFT6Rg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIt-007hVk-0h; Mon, 22 May 2023 19:34:47 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIp-007hU2-1i for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:44 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784083; x=1716320083; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=bbSFOowuDBPGLnYuT9ewQXIqJFj5SUiQKMuW+lnOUlI=; b=a4aBnuZ4qOW/Z9ucY1xMKy7HnagauCmBs49Iaya148Zie2w2Qg7xM1gl k6KvKle0pN6W4u+HPp/xYyJ+zBfoLFZEVIpi5N/x1e8ki5BBUTsbklu9A LDKYpWbZcbjvvJcnW+hYgAee0yTcTUs7OOdJ3BiIHu1S8CCivf2Uqnsjv lhHKvjJ+UEOfg9hCpyI6FSHZoGlm251jYIJNOG7m1EriBn7dMwYov2yj5 GlWgPOCEFr0HCzslSK+5eO5QeZTAJ5VNLynfCS8LuaK7UMdXFDXbG+xP+ ahCHMwVvcMFxO2qBsA/5oSpASjoUtz3ip941/RAksCIB3wwVPGWj/3Xsw A==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869082" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869082" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:43 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809078" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809078" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:41 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Benjamin Berg Subject: [PATCH v2 02/44] nl80211: Add support to fetch EML/MLD capabilities Date: Mon, 22 May 2023 22:33:30 +0300 Message-Id: <20230522193412.658666-3-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123443_579423_96BB3E13 X-CRM114-Status: GOOD ( 16.27 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Benjamin Berg Retrieve the EML capabilities as well as the MLD capabilities and ops from nl80211 and expose them using the new driver interface get_mld_capa. Signed-off-by: Benjamin Berg --- src/drivers/driver_nl80211.c | 33 +++++++++++++++++++++++++++++++ src/drivers/driver_nl80211.h | 2 ++ src/drivers/driver_nl80211_capa.c | 8 + [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Benjamin Berg Retrieve the EML capabilities as well as the MLD capabilities and ops from nl80211 and expose them using the new driver interface get_mld_capa. Signed-off-by: Benjamin Berg --- src/drivers/driver_nl80211.c | 33 +++++++++++++++++++++++++++++++ src/drivers/driver_nl80211.h | 2 ++ src/drivers/driver_nl80211_capa.c | 8 ++++++++ 3 files changed, 43 insertions(+) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 63c04d1b8e..e388a0f518 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -13168,6 +13168,38 @@ static int nl80211_get_ext_capab(void *priv, enum wpa_driver_if_type type, } +static int nl80211_get_mld_capab(void *priv, enum wpa_driver_if_type type, + u16 *eml_capa, + u16 *mld_capa_and_ops) +{ + struct i802_bss *bss = priv; + struct wpa_driver_nl80211_data *drv = bss->drv; + enum nl80211_iftype nlmode; + unsigned int i; + + if (!eml_capa || !mld_capa_and_ops) + return -1; + + nlmode = wpa_driver_nl80211_if_type(type); + + /* By default, set to zeo */ + *eml_capa = 0; + *mld_capa_and_ops = 0; + + /* Replace the default value if a per-interface type value exists */ + for (i = 0; i < drv->num_iface_capa; i++) { + if (nlmode == drv->iface_capa[i].iftype) { + *eml_capa = drv->iface_capa[i].eml_capa; + *mld_capa_and_ops = + drv->iface_capa[i].mld_capa_and_ops; + break; + } + } + + return 0; +} + + static int nl80211_update_connection_params( void *priv, struct wpa_driver_associate_params *params, enum wpa_drv_update_connect_params_mask mask) @@ -13596,6 +13628,7 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = { .do_acs = nl80211_do_acs, .configure_data_frame_filters = nl80211_configure_data_frame_filters, .get_ext_capab = nl80211_get_ext_capab, + .get_mld_capab = nl80211_get_mld_capab, .update_connect_params = nl80211_update_connection_params, .send_external_auth_status = nl80211_send_external_auth_status, .set_4addr_mode = nl80211_set_4addr_mode, diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h index 0a6726bccd..ed6293bd3b 100644 --- a/src/drivers/driver_nl80211.h +++ b/src/drivers/driver_nl80211.h @@ -123,6 +123,8 @@ struct wpa_driver_nl80211_data { enum nl80211_iftype iftype; u8 *ext_capa, *ext_capa_mask; unsigned int ext_capa_len; + u16 eml_capa; + u16 mld_capa_and_ops; } iface_capa[NL80211_IFTYPE_MAX]; unsigned int num_iface_capa; diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c index 9711379cd2..5e64068852 100644 --- a/src/drivers/driver_nl80211_capa.c +++ b/src/drivers/driver_nl80211_capa.c @@ -858,6 +858,14 @@ static void wiphy_info_extended_capab(struct wpa_driver_nl80211_data *drv, wpa_hexdump(MSG_DEBUG, "nl80211: Extended capabilities mask", capa->ext_capa_mask, capa->ext_capa_len); + if (tb1[NL80211_ATTR_EML_CAPABILITY] && + tb1[NL80211_ATTR_MLD_CAPA_AND_OPS]) { + capa->eml_capa = + nla_get_u16(tb1[NL80211_ATTR_EML_CAPABILITY]); + capa->mld_capa_and_ops = + nla_get_u16(tb1[NL80211_ATTR_MLD_CAPA_AND_OPS]); + } + drv->num_iface_capa++; if (drv->num_iface_capa == NL80211_IFTYPE_MAX) break; From patchwork Mon May 22 19:33:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784648 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=4ZS+mzVx; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=eDZ572jg; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7390tL1z20PS for ; Tue, 23 May 2023 05:35:49 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=l+ySAWonudF4dIW/fEac3sAOtZuWzvTX4ZdZ84LWZL4=; b=4ZS+mzVxlfHILa Hbk/YtvW1GaIQirtwkOO5KDUx2cryj/iw+zhisXrac9+gW//ClN8I8U7WTmcPT3m8CFkBsTs7KcGX fyG7mk48BedxYJr5LLRw0rLhnXfTcMu6E6cYXVon29pmgCcge9tgZs4ta05XeKQxFyJaYQQx+eVDa amFZpzot+parTsypLHuU1Mbw2lGilfc28FUQf5y3XBaFcPYOJELnK4CExVG/Hu0W8DeOlSdgZ8dDJ SgkobxWZPZCI2t4lDIFD6kMcY22rhM/XZcbEF+GJPuqzbA8HVRl/I1Ie0+C+jDaG2kyURHyt+iZSa tbuo8b3SPDq6pl5twbZQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIu-007hWS-1H; Mon, 22 May 2023 19:34:48 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIq-007hUd-2U for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:46 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784084; x=1716320084; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=PhdP/AmG0MUQhoMHTH7G/IhBlooKbXWbsM/wBsaFHeU=; b=eDZ572jgMdclC8/tUHQEYYFQG892vpUhDIqBJlYukda7gL8WhPWaehe2 ptN91wrrI+r3mgHrMTNKblJ67ZpUmC+ApmQhJV/RE7mwcR+fEEBDFaZku ClUYUEnchDJhZnR1d0wj7+SiaqVUsIYgVRXas4io6zSxwntNJEXwPqF3V pf2h+5wIeVu0Iu65A4YKvHiR8J9qufDrNzSJ85HwTK3Fi1uI69gaW/iYU GYK3VwlWrPUsarvMF+MBGRg8l/DusZUNQUnBsIMgKGxQMv/pxSbTBI3v+ Hx0IrsDO48/4+IJXlEwuyc++2TzaXgZ+bl4I3fm5DjfjKitlUQw6jC4FG w==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869083" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869083" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:44 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809081" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809081" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:43 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Benjamin Berg Subject: [PATCH v2 03/44] AP: MLO: Retrieve EML and MLD capabilities from driver Date: Mon, 22 May 2023 22:33:31 +0300 Message-Id: <20230522193412.658666-4-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123444_816857_A2A6131F X-CRM114-Status: GOOD ( 12.79 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Benjamin Berg Add the new driver API get_mld_capab and and use it to fetch MLD and EML capabilities. Signed-off-by: Benjamin Berg --- hostapd/main.c | 2 ++ src/ap/ap_drv_ops.c | 13 +++++++++++++ src/ap/ap_drv_ops.h | 1 + src/ap/hostapd.h | 2 ++ src/drivers/driver.h | 12 ++++ [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Benjamin Berg Add the new driver API get_mld_capab and and use it to fetch MLD and EML capabilities. Signed-off-by: Benjamin Berg --- hostapd/main.c | 2 ++ src/ap/ap_drv_ops.c | 13 +++++++++++++ src/ap/ap_drv_ops.h | 1 + src/ap/hostapd.h | 2 ++ src/drivers/driver.h | 12 ++++++++++++ 5 files changed, 30 insertions(+) diff --git a/hostapd/main.c b/hostapd/main.c index ce2df81c4a..fc5b51a172 100644 --- a/hostapd/main.c +++ b/hostapd/main.c @@ -235,6 +235,8 @@ static int hostapd_driver_init(struct hostapd_iface *iface) */ hostapd_get_ext_capa(iface); + hostapd_get_mld_capa(iface); + triggs = wpa_get_wowlan_triggers(conf->wowlan_triggers, &capa); if (triggs && hapd->driver->set_wowlan) { if (hapd->driver->set_wowlan(hapd->drv_priv, triggs)) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index aa4dbe9eba..c8e8bd6693 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -935,6 +935,19 @@ void hostapd_get_ext_capa(struct hostapd_iface *iface) } +void hostapd_get_mld_capa(struct hostapd_iface *iface) +{ + struct hostapd_data *hapd = iface->bss[0]; + + if (!hapd->driver || !hapd->driver->get_mld_capab) + return; + + hapd->driver->get_mld_capab(hapd->drv_priv, WPA_IF_AP_BSS, + &iface->mld_eml_capa, + &iface->mld_mld_capa); +} + + int hostapd_drv_do_acs(struct hostapd_data *hapd) { struct drv_acs_params params; diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index 023cbf1f89..866440027b 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -155,6 +155,7 @@ int hostapd_drv_set_qos_map(struct hostapd_data *hapd, const u8 *qos_map_set, u8 qos_map_set_len); void hostapd_get_ext_capa(struct hostapd_iface *iface); +void hostapd_get_mld_capa(struct hostapd_iface *iface); void hostapd_get_hw_mode_any_channels(struct hostapd_data *hapd, struct hostapd_hw_modes *mode, diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h index 5e16bc389b..0512830530 100644 --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h @@ -540,6 +540,8 @@ struct hostapd_iface { const u8 *extended_capa, *extended_capa_mask; unsigned int extended_capa_len; + u16 mld_eml_capa, mld_mld_capa; + unsigned int drv_max_acl_mac_addrs; struct hostapd_hw_modes *hw_features; diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 101f98a72d..d373353d37 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -4840,6 +4840,18 @@ struct wpa_driver_ops { const u8 **ext_capab, const u8 **ext_capab_mask, unsigned int *ext_capab_len); + /** + * get_mld_capab - Get MLD capabilities for the specified interface + * @priv: Private driver interface data + * @type: Interface type for which to get MLD capabilities + * @eml_capa: EML capabilities + * @mld_capa_and_ops: MLD Capabilities and Operations + * Returns: 0 on success or -1 on failure + */ + int (*get_mld_capab)(void *priv, enum wpa_driver_if_type type, + u16 *eml_capa, + u16 *mld_capa_and_ops); + /** * p2p_lo_start - Start offloading P2P listen to device * @priv: Private driver interface data From patchwork Mon May 22 19:33:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784638 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=M1glsQeB; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=HACrzcoq; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7320mj5z20fD for ; Tue, 23 May 2023 05:35:40 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ieps+KtLuigxoWn1Yhp/UIjhk3o1NkXTzfuVBHroJFY=; b=M1glsQeBn7TC6D 4dNf48pLelVx3zUXrb406w2Z7+TJvhgeA6ii2vSgj/txeF+Ou3vH3RIMERAOYM4ETegDkpUwff675 FrhretG7aL25nibIzEIBnGJMmeffjKtZ2LNVAmRc6wG06OtgJ7jrQaRaZaAcs1eQKuiDoSk100Y9q 3bC91dcvsX9Woy6ldjPRrtcKoWLSWgp87crQGxNVGYWGEMoMwEVPkqQNzg0ju1vDvXck33p1wQmJ4 vcdN2sY5pgFl4vjZoP/EU8nvGA7RmxU3LZTuQZOTVnj97m/xJ5ypHrFyO1TLgR1lSJaCPhNoEnUp7 E2tEvAMP4jtiIiUcNc/g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIw-007hXL-0z; Mon, 22 May 2023 19:34:50 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIr-007hU2-2x for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:47 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784085; x=1716320085; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=2tOEYH6X2bETOP61qKnLdYFwDVdAD4dTyezGOgGnifU=; b=HACrzcoqJsEbmAmYweOFXnGeWgqeSA+PiOIGZTfI8JqtiOLPYYk0CSZD nHLZEN7BjxIqcTMYNRjZNBpPRwebnjelbyLLq/UXYY99F+4RvoPhnvg9u imKaBvSsSiMUZLdHeU08Jqof3qDrsI52MCx2VpJ9XyVlRlEfJcRQAg4jX /3JcDLXWv8hcnDDmhw7SpU7MlSPz1QWBukczTlT4Zi/cxQdPaTCBjRe4A aNtXHKR2JeZO+DoRNh5P0tkjA0ijBAjbdnhzHFfyv/W6TPoDm89M8pxiW qjAWaTHOj64PHdSFr8uKmRUL9opPXlWV293W/UCJNxk0Zwapt8i7gqt+Y Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869088" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869088" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:45 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809085" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809085" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:44 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 04/44] AP: Add some basic MLD configuration options Date: Mon, 22 May 2023 22:33:32 +0300 Message-Id: <20230522193412.658666-5-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123445_959687_01AAC6C1 X-CRM114-Status: GOOD ( 11.46 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- hostapd/config_file.c | 4 ++++ src/ap/ap_config.h | 8 ++++++++ 2 files changed, 12 insertions(+) diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 8e179d1519..7e05a17c36 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -4770,6 +4770,10 @@ static int hostapd_config_ [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- hostapd/config_file.c | 4 ++++ src/ap/ap_config.h | 8 ++++++++ 2 files changed, 12 insertions(+) diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 8e179d1519..7e05a17c36 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -4770,6 +4770,10 @@ static int hostapd_config_fill(struct hostapd_config *conf, return 1; } conf->punct_acs_threshold = val; + } else if (os_strcmp(buf, "mld_ap") == 0) { + bss->mld_ap = !!atoi(pos); + } else if (os_strcmp(buf, "mld_id") == 0) { + bss->mld_id = atoi(pos); #endif /* CONFIG_IEEE80211BE */ } else { wpa_printf(MSG_ERROR, diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h index 8598602b16..4e84a2503b 100644 --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h @@ -934,6 +934,14 @@ struct hostapd_bss_config { u8 rnr; char *config_id; bool xrates_supported; + +#ifdef CONFIG_IEEE80211BE + /* The AP is part of an MLD AP */ + u8 mld_ap; + + /* The MLD ID to which the MLD AP is affiliated with */ + u8 mld_id; +#endif /* CONFIG_IEEE80211BE */ }; /** From patchwork Mon May 22 19:33:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784644 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=t3Q138oy; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=MMIewFjh; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7316d6dz20PY for ; Tue, 23 May 2023 05:35:40 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=T52AKkP0D41pIx6T2LbAWSbnVt+RviFhuzv1kVbfDBg=; b=t3Q138oyzhADoS bUQqduriqRzqrKDJI4aHMzdVt7DF8zuD3BfylKKVfWqZPaHm7Hp3ZUIsZlECIlk0MAS4tu8AQOH/I 2GbyEgBwjAWIJkt03n67oB5ibpfBjh4resGBSrVeBty5ftb9IA5u9jxS9NIjjD+j07SkDss2+6cpw alfykxFdr+b5ZXgkQh7y24dWe2oWfq/8pnQqD8gcScKwScJFZvWwyfdzybSNeFcGpxGO2bbvFt8JV UPAm+pQ/L/vKZEQ+7X2pXqzDWFAUwve2ohwdHpNmYdehZlJ+BP2222kACtKrFCA3+1SJinOw0dNWn jSJUZbL8W6SJ7eKtAWuA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIx-007hXy-1x; Mon, 22 May 2023 19:34:51 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIt-007hVw-1d for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784087; x=1716320087; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=waRZc/9Wm+9huvONGum+REfiVSQj+t9oBZprNCNADEs=; b=MMIewFjhWL2eGfkxil3taKm1edanbMYK0i97t2X1yOQPXhOLTcCqw/Il sE40o+X8pp3vkhnedwR7TeU0JtRd+ZvqqeQ7bCG+uGiP7ptRL+mp0DaOe tx5AlRSMBGW/9jM1v5t8iKVdgP48dUmOruorXDDzUYcZR1XnI/VKb64Rv S/Mu2HGJ5pXSNyTwvMOvljOknwh3yxlGErMzTHrU3nqFVEm7FPAFOi7KH ifJ70txHt4+fOvjc+k6fz1xXHsVAlLcsxxg+03AY0Bp7irNtYzyCf6/yl 96XLBOtNLR9Kml2+QzqLhvgr331GFW84fAR8XlqCg+11ZyLnYhrtY85wg w==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869089" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869089" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:47 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809088" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809088" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:45 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH v2 05/44] driver: Add MLD link id to AP parameters Date: Mon, 22 May 2023 22:33:33 +0300 Message-Id: <20230522193412.658666-6-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123447_601756_FA4FB17E X-CRM114-Status: GOOD ( 10.82 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: To be used in later patches, e.g., for link tracking etc. Signed-off-by: Andrei Otcheretianski Signed-off-by: Ilan Peer --- src/ap/beacon.c | 8 ++++++++ src/drivers/driver.h | 10 ++++++++++ 2 files chan [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org To be used in later patches, e.g., for link tracking etc. Signed-off-by: Andrei Otcheretianski Signed-off-by: Ilan Peer --- src/ap/beacon.c | 8 ++++++++ src/drivers/driver.h | 10 ++++++++++ 2 files changed, 18 insertions(+) diff --git a/src/ap/beacon.c b/src/ap/beacon.c index de944fed37..5e9ced1e25 100644 --- a/src/ap/beacon.c +++ b/src/ap/beacon.c @@ -2030,6 +2030,14 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, } } +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && hapd->iconf->ieee80211be && + !hapd->conf->disable_11be) { + params->mld_ap = true; + params->mld_link_id = hapd->mld_link_id; + } +#endif /* CONFIG_IEEE80211BE */ + return 0; } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index d373353d37..2831955e81 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -1758,6 +1758,16 @@ struct wpa_driver_ap_params { * channels whenever performing operations like ACS and DFS. */ int *allowed_freqs; + + /* + * MLD AP + */ + bool mld_ap; + + /** + * Link id for MLD BSS's + */ + u8 mld_link_id; }; struct wpa_driver_mesh_bss_params { From patchwork Mon May 22 19:33:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784637 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ZNMd4Oqk; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=MctlYuvn; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7320kDZz20fC for ; Tue, 23 May 2023 05:35:40 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=efP7rFWrIygogd3kK4d34czwcusqmi5ycPnR17ao0Ag=; b=ZNMd4OqkLOOJE6 mP+4Q8PsXIg6ozcvRo2Ol2f0BXTsiUagnnnoW8wPggPCNCDBuhx/enBuXvD8Y/5nexmNi4vWNG/77 9NtJwHoo7WxdMARme7Py+X/wc47DJeWnAQWY9mGUo8AS20azbRmSN/HD0NBWvy1wD2Gm3p1+aolhc Hn5A/gpRp/RBudV3/UtsammbfCzdOen+dxVnSmv0HHnwaYSBANJBRtyxUMaPFUKHHDBca3YJv6NCM WZBIsAZNP91GwUoNYo8kUPlkrxXUTb3gLlKRMJbVKUoCPI/4WtOmT7Aku9t78UDJGOoC2ul8K+CEx r7MTRcn7GBri7PiGUW4g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIz-007hYq-2e; Mon, 22 May 2023 19:34:53 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIv-007hVw-0T for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:50 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784089; x=1716320089; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=HmrVn0taDVXw2fv7/Y+piVyKqjJIpsRZsSr/kljdITs=; b=MctlYuvn+Cou67hVHksgsiMl5r7u0vjnJcHHkHJMx5nOu146rV+4QRV0 LhUgSMNRK5qHbwHeN+E0p66SW/gAHwnAQiG0sDCvJMBBKBGd3afICTpoT opViswCykZLtxZFc3LJSmWvk200iwW0xgb/Vwo7ceRlnPJsyaia38hbDy Cb3CvYIITXpoRPsoMv4+RmrS4Q6ZtdIV6isrd7jCzndO2DYnVt2kgUMDk 9l5yezORE4kDAAkdYfEAK+KHODwqQaPvCTdB6R60nHdfCWL0TsPscuDwe yAYITvJpX7Es8Opazdn/z092sLh50GdFzhHLZus9tGuzQdbK3bK+4FbrV Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869092" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869092" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:48 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809091" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809091" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:47 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH v2 06/44] driver: Allow to provide a link ID when setting a channel Date: Mon, 22 May 2023 22:33:34 +0300 Message-Id: <20230522193412.658666-7-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123449_214422_FED7ECAB X-CRM114-Status: GOOD ( 19.13 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer This includes: - Modifications of the driver API, to include the link ID as part of 'struct hostapd_freq_params'. - Modifications to nl80211 driver. - Modifications for the driver wrappers. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer This includes: - Modifications of the driver API, to include the link ID as part of 'struct hostapd_freq_params'. - Modifications to nl80211 driver. - Modifications for the driver wrappers. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 9 ++++++ src/drivers/driver.h | 5 ++++ src/drivers/driver_nl80211.c | 56 +++++++++++++++++++++++++++++++++++- wpa_supplicant/driver_i.h | 7 +++++ 4 files changed, 76 insertions(+), 1 deletion(-) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index c8e8bd6693..3167bca786 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -584,6 +584,15 @@ int hostapd_set_freq(struct hostapd_data *hapd, enum hostapd_hw_mode mode, return 0; if (hapd->driver->set_freq == NULL) return 0; + + data.link_id = -1; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + data.link_id = hapd->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ + + wpa_printf(MSG_DEBUG, "hostapd_set_freq: link_id=%d", data.link_id); return hapd->driver->set_freq(hapd->drv_priv, &data); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 2831955e81..42edd6b8dd 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -829,6 +829,11 @@ struct hostapd_freq_params { * eht_enabled - Whether EHT is enabled */ bool eht_enabled; + + /** + * if >=0 indicates the link of the MLD AP to configure. + */ + int link_id; }; /** diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index e388a0f518..bc267014a1 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4116,6 +4116,29 @@ int wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data *drv) } +static struct i802_link *nl80211_get_link(struct i802_bss *bss, s8 link_id) +{ + unsigned int i; + + for (i = 0; i < bss->n_links; i++) { + if (bss->links[i].link_id != link_id) + continue; + + return &bss->links[i]; + } + + return bss->flink; +} + + +static void nl80211_link_set_freq(struct i802_bss *bss, s8 link_id, int freq) +{ + struct i802_link *link = nl80211_get_link(bss, link_id); + + link->freq = freq; +} + + static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, size_t data_len, int noack, unsigned int freq, int no_cck, @@ -5287,6 +5310,26 @@ static int nl80211_put_freq_params(struct nl_msg *msg, return 0; } +static bool nl80211_link_valid(struct i802_bss *bss, s8 link_id) +{ + u32 i; + + if (link_id < 0) + return false; + + for (i = 0; i < bss->n_links; i++) { + wpa_printf(MSG_DEBUG, "nl80211: i=%u, link_Id=%u", + i, bss->links[i].link_id); + if (bss->links[i].link_id == NL80211_DRV_LINK_ID_NA) + continue; + + if (bss->links[i].link_id == link_id) + return true; + } + + return false; +} + static int nl80211_set_channel(struct i802_bss *bss, struct hostapd_freq_params *freq, int set_chan) @@ -5308,9 +5351,20 @@ static int nl80211_set_channel(struct i802_bss *bss, return -1; } + if (nl80211_link_valid(bss, freq->link_id)) { + wpa_printf(MSG_DEBUG, "nl80211: Set link_id=%u for freq", + freq->link_id); + + if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, + freq->link_id)) { + nlmsg_free(msg); + return -ENOBUFS; + } + } + ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); if (ret == 0) { - bss->flink->freq = freq->freq; + nl80211_link_set_freq(bss, freq->link_id, freq->freq); return 0; } wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): " diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index d707cf556d..d5ec22cee1 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -60,6 +60,9 @@ static inline int wpa_drv_associate(struct wpa_supplicant *wpa_s, struct wpa_driver_associate_params *params) { if (wpa_s->driver->associate) { + if (params) + params->freq.link_id = -1; + return wpa_s->driver->associate(wpa_s->drv_priv, params); } return -1; @@ -1098,6 +1101,10 @@ static inline int wpa_drv_update_connect_params( { if (!wpa_s->driver->update_connect_params) return -1; + + if (params) + params->freq.link_id = -1; + return wpa_s->driver->update_connect_params(wpa_s->drv_priv, params, mask); } From patchwork Mon May 22 19:33:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784636 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=URL3Equg; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=b0IU/qb7; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7320ccgz20fB for ; Tue, 23 May 2023 05:35:41 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=Kim8V1mBqkY6CFBh9vVcn+S2STAAUvt3Qbsqyp7cD4o=; b=URL3EqugDm26pR qnmyXWjCglLLDYF2KQra0PoA0eM2WL8KyoWJY6X0pjPBygHh+50MpgEk3q2fWUYz4b98E125varko hVn+oletf0P2TcbHU0dB72NUKfbicczwJP44nvqOcIqjNkjrmCj5dIy2UVLwxGgP/cqWYlnse0AN2 5J5kJLnM6NfQmtUkMg6tq6vOt4z+rvVZAxDfY3+U1ijTx+jYm3cgZa8AHtXv2BxnVXZuFTgHU4K67 DefywXp9HHZ6GGyhIIbWYRE53AEC4XZvHSnfldHcgfQ9iAGPJW+KsQHd6HP0Z/4fTWildTgkcKsW9 NeimU9o1ik5w+qgFzSGA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ1-007hZM-0H; Mon, 22 May 2023 19:34:55 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIw-007hVw-2V for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:52 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784090; x=1716320090; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=3iX7+v7nBo1Fto81tY6WoiT5imNywED3YVOxPOj2YKY=; b=b0IU/qb7NzpfaXaSOYoL5xXdku4P3jv8+YDa69EexTq9i+2rslO6EM8f i6ywcVnFs67VDdcPER9kd6FYGTsEtkjjxpweAFqeG2gKKtrPG4kanFtpN J2eGIB6Zs7jRYbQq094WEwyEVYrDLC5azySvERxSY3+mmH7RkGKbzuB3+ SvHXhvFz5lNijoDfhd7Kv3pv8/pZtwN/p2p58MqD5/aBnXhLZ7yy3Tdv7 sfz6W8iNT2TXzXDuV//DUepfuV1ABiDVELUuDBhEDz3S0iQE/OP/Tnb0X 5VkmcdQn5P56dzQft5MLt8DevzLj3oPa543Vqx7012KIB2FcKzkYJWeRO Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869103" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869103" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:50 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809098" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809098" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:48 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 07/44] driver_nl80211: Support setting up an AP on a specified link Date: Mon, 22 May 2023 22:33:35 +0300 Message-Id: <20230522193412.658666-8-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123450_841710_E531B161 X-CRM114-Status: GOOD ( 18.12 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 258 ++++++++++++++++++++ 1 file changed, 147 insertions(+), 111 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index bc267014a1..0ba46bea34 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4822,11 +4822,118 [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 258 ++++++++++++++++++++--------------- 1 file changed, 147 insertions(+), 111 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index bc267014a1..0ba46bea34 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4822,11 +4822,118 @@ err: #endif /* CONFIG_DRIVER_NL80211_QCA */ +static int nl80211_put_freq_params(struct nl_msg *msg, + const struct hostapd_freq_params *freq) +{ + enum hostapd_hw_mode hw_mode; + int is_24ghz; + u8 channel; + + wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq); + if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq)) + return -ENOBUFS; + + wpa_printf(MSG_DEBUG, " * eht_enabled=%d", freq->eht_enabled); + wpa_printf(MSG_DEBUG, " * he_enabled=%d", freq->he_enabled); + wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled); + wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled); + wpa_printf(MSG_DEBUG, " * radar_background=%d", + freq->radar_background); + + hw_mode = ieee80211_freq_to_chan(freq->freq, &channel); + is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G || + hw_mode == HOSTAPD_MODE_IEEE80211B; + + if (freq->vht_enabled || + ((freq->he_enabled || freq->eht_enabled) && !is_24ghz)) { + enum nl80211_chan_width cw; + + wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth); + switch (freq->bandwidth) { + case 20: + cw = NL80211_CHAN_WIDTH_20; + break; + case 40: + cw = NL80211_CHAN_WIDTH_40; + break; + case 80: + if (freq->center_freq2) + cw = NL80211_CHAN_WIDTH_80P80; + else + cw = NL80211_CHAN_WIDTH_80; + break; + case 160: + cw = NL80211_CHAN_WIDTH_160; + break; + case 320: + cw = NL80211_CHAN_WIDTH_320; + break; + default: + return -EINVAL; + } + + wpa_printf(MSG_DEBUG, " * channel_width=%d", cw); + wpa_printf(MSG_DEBUG, " * center_freq1=%d", + freq->center_freq1); + wpa_printf(MSG_DEBUG, " * center_freq2=%d", + freq->center_freq2); + if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) || + nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, + freq->center_freq1) || + (freq->center_freq2 && + nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, + freq->center_freq2))) + return -ENOBUFS; + } else if (freq->ht_enabled) { + enum nl80211_channel_type ct; + + wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d", + freq->sec_channel_offset); + switch (freq->sec_channel_offset) { + case -1: + ct = NL80211_CHAN_HT40MINUS; + break; + case 1: + ct = NL80211_CHAN_HT40PLUS; + break; + default: + ct = NL80211_CHAN_HT20; + break; + } + + wpa_printf(MSG_DEBUG, " * channel_type=%d", ct); + if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct)) + return -ENOBUFS; + } else if (freq->edmg.channels && freq->edmg.bw_config) { + wpa_printf(MSG_DEBUG, + " * EDMG configuration: channels=0x%x bw_config=%d", + freq->edmg.channels, freq->edmg.bw_config); + if (nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_CHANNELS, + freq->edmg.channels) || + nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_BW_CONFIG, + freq->edmg.bw_config)) + return -1; + } else { + wpa_printf(MSG_DEBUG, " * channel_type=%d", + NL80211_CHAN_NO_HT); + if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, + NL80211_CHAN_NO_HT)) + return -ENOBUFS; + } + if (freq->radar_background && + nla_put_flag(msg, NL80211_ATTR_RADAR_BACKGROUND)) + return -ENOBUFS; + + return 0; +} + + static int wpa_driver_nl80211_set_ap(void *priv, struct wpa_driver_ap_params *params) { struct i802_bss *bss = priv; struct wpa_driver_nl80211_data *drv = bss->drv; + struct i802_link *link = bss->flink; struct nl_msg *msg; u8 cmd = NL80211_CMD_NEW_BEACON; int ret = -ENOBUFS; @@ -4838,10 +4945,27 @@ static int wpa_driver_nl80211_set_ap(void *priv, struct wpa_driver_mesh_bss_params mesh_params; #endif /* CONFIG_MESH */ - beacon_set = params->reenable ? 0 : bss->flink->beacon_set; + if (params->mld_ap) { + size_t i; + + for (i = 0; i < bss->n_links; i++) { + if (bss->links[i].link_id == params->mld_link_id) { + link = &bss->links[i]; + break; + } + } + + if (i == bss->n_links) { + wpa_printf(MSG_DEBUG, "nl80211: link not found=%u", + params->mld_link_id); + return -EINVAL; + } + } + beacon_set = params->reenable ? 0 : link->beacon_set; wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)", beacon_set); + if (beacon_set) cmd = NL80211_CMD_SET_BEACON; else if (!drv->device_ap_sme && !drv->use_monitor && @@ -4870,6 +4994,23 @@ static int wpa_driver_nl80211_set_ap(void *priv, nl80211_put_dtim_period(msg, params->dtim_period) || nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) goto fail; + + if (params->mld_ap) { + wpa_printf(MSG_DEBUG, "nl80211: link_id=%u", + params->mld_link_id); + + if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, + params->mld_link_id)) + goto fail; + + if (params->freq && + nl80211_put_freq_params(msg, params->freq) < 0) + goto fail; + + nl80211_link_set_freq(bss, params->mld_link_id, + params->freq->freq); + } + if (params->proberesp && params->proberesp_len) { wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)", params->proberesp, params->proberesp_len); @@ -5155,17 +5296,17 @@ static int wpa_driver_nl80211_set_ap(void *priv, wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)", ret, strerror(-ret)); } else { - bss->flink->beacon_set = 1; + link->beacon_set = 1; nl80211_set_bss(bss, params->cts_protect, params->preamble, params->short_slot_time, params->ht_opmode, params->isolate, params->basic_rates); nl80211_set_multicast_to_unicast(bss, params->multicast_to_unicast); if (beacon_set && params->freq && - params->freq->bandwidth != bss->flink->bandwidth) { + params->freq->bandwidth != link->bandwidth) { wpa_printf(MSG_DEBUG, "nl80211: Update BSS %s bandwidth: %d -> %d", - bss->ifname, bss->flink->bandwidth, + bss->ifname, link->bandwidth, params->freq->bandwidth); ret = nl80211_set_channel(bss, params->freq, 1); if (ret) { @@ -5175,7 +5316,7 @@ static int wpa_driver_nl80211_set_ap(void *priv, } else { wpa_printf(MSG_DEBUG, "nl80211: Frequency set succeeded for ht2040 coex"); - bss->flink->bandwidth = params->freq->bandwidth; + link->bandwidth = params->freq->bandwidth; } } else if (!beacon_set && params->freq) { /* @@ -5183,7 +5324,7 @@ static int wpa_driver_nl80211_set_ap(void *priv, * mode only at the point when beaconing is started, so * set the initial value here. */ - bss->flink->bandwidth = params->freq->bandwidth; + link->bandwidth = params->freq->bandwidth; } } @@ -5205,111 +5346,6 @@ fail: } -static int nl80211_put_freq_params(struct nl_msg *msg, - const struct hostapd_freq_params *freq) -{ - enum hostapd_hw_mode hw_mode; - int is_24ghz; - u8 channel; - - wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq); - if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq)) - return -ENOBUFS; - - wpa_printf(MSG_DEBUG, " * eht_enabled=%d", freq->eht_enabled); - wpa_printf(MSG_DEBUG, " * he_enabled=%d", freq->he_enabled); - wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled); - wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled); - wpa_printf(MSG_DEBUG, " * radar_background=%d", - freq->radar_background); - - hw_mode = ieee80211_freq_to_chan(freq->freq, &channel); - is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G || - hw_mode == HOSTAPD_MODE_IEEE80211B; - - if (freq->vht_enabled || - ((freq->he_enabled || freq->eht_enabled) && !is_24ghz)) { - enum nl80211_chan_width cw; - - wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth); - switch (freq->bandwidth) { - case 20: - cw = NL80211_CHAN_WIDTH_20; - break; - case 40: - cw = NL80211_CHAN_WIDTH_40; - break; - case 80: - if (freq->center_freq2) - cw = NL80211_CHAN_WIDTH_80P80; - else - cw = NL80211_CHAN_WIDTH_80; - break; - case 160: - cw = NL80211_CHAN_WIDTH_160; - break; - case 320: - cw = NL80211_CHAN_WIDTH_320; - break; - default: - return -EINVAL; - } - - wpa_printf(MSG_DEBUG, " * channel_width=%d", cw); - wpa_printf(MSG_DEBUG, " * center_freq1=%d", - freq->center_freq1); - wpa_printf(MSG_DEBUG, " * center_freq2=%d", - freq->center_freq2); - if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) || - nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, - freq->center_freq1) || - (freq->center_freq2 && - nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, - freq->center_freq2))) - return -ENOBUFS; - } else if (freq->ht_enabled) { - enum nl80211_channel_type ct; - - wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d", - freq->sec_channel_offset); - switch (freq->sec_channel_offset) { - case -1: - ct = NL80211_CHAN_HT40MINUS; - break; - case 1: - ct = NL80211_CHAN_HT40PLUS; - break; - default: - ct = NL80211_CHAN_HT20; - break; - } - - wpa_printf(MSG_DEBUG, " * channel_type=%d", ct); - if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct)) - return -ENOBUFS; - } else if (freq->edmg.channels && freq->edmg.bw_config) { - wpa_printf(MSG_DEBUG, - " * EDMG configuration: channels=0x%x bw_config=%d", - freq->edmg.channels, freq->edmg.bw_config); - if (nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_CHANNELS, - freq->edmg.channels) || - nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_BW_CONFIG, - freq->edmg.bw_config)) - return -1; - } else { - wpa_printf(MSG_DEBUG, " * channel_type=%d", - NL80211_CHAN_NO_HT); - if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, - NL80211_CHAN_NO_HT)) - return -ENOBUFS; - } - if (freq->radar_background && - nla_put_flag(msg, NL80211_ATTR_RADAR_BACKGROUND)) - return -ENOBUFS; - - return 0; -} - static bool nl80211_link_valid(struct i802_bss *bss, s8 link_id) { u32 i; From patchwork Mon May 22 19:33:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784643 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=PEFcE7nH; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=mToWRne/; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7320FX4z20f8 for ; Tue, 23 May 2023 05:35:41 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=OH20WXLVYHwvNu/r7F/ms9HRaA+3t36VJSwxP7gGaiE=; b=PEFcE7nHZwlwxR VvpFP7b8wQgUH0fIIrl7yuVsVyU1J8qpP3RSH7jo99AtiTyKdmgbA0cRo9Mqco8Dyo0OlnygPasHK LcIgZyTOkIdIwgo9Q3/FKozEYdLZM5SFBXz862ECAbqJDDZtyT8UI2WmMfM+u1FyPkZYYWjpdaQpm SvWJyBQrve/DfME2qfIbV3keaxvNAaQNVzZx5Klt/P1nr/Lth0nMDxLyzOCV98aq3EpTeNCGcapuW 3GXp6WPetvfaoPGCpR8ekJYn04RpI1ZRe+U/Dpfv4wWVmt3O+FqUQMoSxttlWFxi30tNxmeMlmmLA w3DYGHVvQLl8g0tjnWIg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ3-007haw-0J; Mon, 22 May 2023 19:34:57 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIy-007hXS-02 for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:53 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784091; x=1716320091; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=biZF2H+0I7c6JujEzjTzQ0UPnOvcCTW1a7p572iSlNM=; b=mToWRne/W+WJI3cnObakZDLoCiltPgeYpxlMWFvxD7Kb/c2wzCFF6SwA DZed1sgS0yeXxLqVd8p2K7567fUfmega0A0nJlQHVr6SJKh45WWgOAqiV vLpmuFskxwilhyTITGvUg5e6TK0oLonyR0I9d0IkteyAYYPcZHuj7O5wW hyUKyTz55jLwluOQ/56OsHureztXm8duhFkTLt0PNGbDXVzRfQZGDhbQl jZAba+SZuTkpi27AUoxP9qk277Lb9+J3K7M9n653cpS9e9jOieh2jOxkL gT7qRCKiP+KGc9yMDIZ34H/yZObcPrAIG6MwF9nlOCIJ45Wxav6iGDdEs g==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869114" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869114" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:51 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809101" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809101" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:50 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH v2 08/44] AP: Allow starting multiple interfaces within single MLD Date: Mon, 22 May 2023 22:33:36 +0300 Message-Id: <20230522193412.658666-9-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123452_067914_4DAD2A3D X-CRM114-Status: GOOD ( 28.18 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add support for including multiple hostapd interfaces in the same AP MLD, i.e., all using the same underlying driver network interface. To do so, when a new hostapd interface is added, if there is already another interface using the same underlying network interface, associate the new interface with the same private data object, inste [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add support for including multiple hostapd interfaces in the same AP MLD, i.e., all using the same underlying driver network interface. To do so, when a new hostapd interface is added, if there is already another interface using the same underlying network interface, associate the new interface with the same private data object, instead of creating a new one. As some of the BSS's are non first BSS's, meaning that they reuse the drv_priv of the initial BSS, make sure not to double free it. Currently multiple BSS entries are not supported so always use bss[0] for MLD. Signed-off-by: Andrei Otcheretianski Signed-off-by: Ilan Peer --- hostapd/main.c | 88 +++++++++++++++++++++++++++++++++++++++++++++ src/ap/ap_drv_ops.h | 12 +++++++ src/ap/hostapd.c | 39 ++++++++++++++++---- src/ap/hostapd.h | 6 ++++ 4 files changed, 139 insertions(+), 6 deletions(-) diff --git a/hostapd/main.c b/hostapd/main.c index fc5b51a172..d1b48ff95d 100644 --- a/hostapd/main.c +++ b/hostapd/main.c @@ -164,6 +164,61 @@ static int hostapd_driver_init(struct hostapd_iface *iface) return -1; } +#ifdef CONFIG_IEEE80211BE + if (conf->mld_ap) { + for (i = 0; i < iface->interfaces->count; i++) { + struct hostapd_iface *h = iface->interfaces->iface[i]; + struct hostapd_data *h_hapd = h->bss[0]; + struct hostapd_bss_config *hconf = h_hapd->conf; + + if (h == iface) { + wpa_printf(MSG_ERROR, "Skip own iface"); + continue; + } + + if (!hconf->mld_ap || hconf->mld_id != conf->mld_id) { + wpa_printf(MSG_ERROR, + "Skip non matching mld_id"); + continue; + } + + wpa_printf(MSG_DEBUG, "Found matching MLD iface"); + if (!h_hapd->drv_priv) { + wpa_printf(MSG_ERROR, + "Matching MLD BSS not initialized yet"); + continue; + } + + hapd->drv_priv = h_hapd->drv_priv; + + /* + * All interfaces participating in the MLD AP would have + * the same MLD address, which in the interface HW + * address, while the interface address would be + * derived from the original interface address if BSSID + * is not configured, and otherwise it would be the + * configured BSSID. + */ + os_memcpy(hapd->mld_addr, h_hapd->mld_addr, ETH_ALEN); + if (is_zero_ether_addr(b)) { + os_memcpy(hapd->own_addr, h_hapd->mld_addr, ETH_ALEN); + random_mac_addr_keep_oui(hapd->own_addr); + } else { + os_memcpy(hapd->own_addr, b, ETH_ALEN); + } + + /* + * mark the interface as a secondary interface, as this + * is needed for the de-initialization flow + */ + hapd->mld_first_bss = h_hapd; + hapd->mld_link_id = hapd->mld_first_bss->mld_next_link_id++; + + goto setup_mld; + } + } +#endif /* CONFIG_IEEE80211BE */ + /* Initialize the driver interface */ if (!(b[0] | b[1] | b[2] | b[3] | b[4] | b[5])) b = NULL; @@ -214,6 +269,22 @@ static int hostapd_driver_init(struct hostapd_iface *iface) return -1; } +#ifdef CONFIG_IEEE80211BE + /* + * This is the first interface added to the MLD AP, so have the + * interface HW address be the MLD address and set a link address to + * this interface + */ + if (hapd->conf->mld_ap) { + os_memcpy(hapd->mld_addr, hapd->own_addr, ETH_ALEN); + random_mac_addr_keep_oui(hapd->own_addr); + hapd->mld_next_link_id = 0; + hapd->mld_link_id = hapd->mld_next_link_id++; + } + + setup_mld: +#endif /* CONFIG_IEEE80211BE */ + if (hapd->driver->get_capa && hapd->driver->get_capa(hapd->drv_priv, &capa) == 0) { struct wowlan_triggers *triggs; @@ -248,6 +319,23 @@ static int hostapd_driver_init(struct hostapd_iface *iface) iface->ema_max_periodicity = capa.ema_max_periodicity; } +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) { + if (!(iface->drv_flags2 & WPA_DRIVER_FLAGS2_MLO)) { + wpa_printf(MSG_DEBUG, "MLD: not supported by driver"); + return -1; + } + + wpa_printf(MSG_DEBUG, + "MLD: Set link_id=%u, mld_addr=" MACSTR ", own_addr=" MACSTR, + hapd->mld_link_id, + MAC2STR(hapd->mld_addr), + MAC2STR(hapd->own_addr)); + + hostapd_drv_link_add(hapd, hapd->mld_link_id, + hapd->own_addr); + } +#endif /* CONFIG_IEEE80211BE */ return 0; } diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index 866440027b..844d2d87ac 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -441,4 +441,16 @@ hostapd_drv_register_frame(struct hostapd_data *hapd, u16 type, } #endif /* CONFIG_TESTING_OPTIONS */ +#ifdef CONFIG_IEEE80211BE +static inline int hostapd_drv_link_add(struct hostapd_data *hapd, + u8 link_id, const u8 *addr) +{ + if (!hapd->driver || !hapd->drv_priv || !hapd->driver->link_add) + return -1; + + return hapd->driver->link_add(hapd->drv_priv, link_id, addr); + +} +#endif /* CONFIG_IEEE80211BE */ + #endif /* AP_DRV_OPS */ diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index ef8800c8c1..60d08e6cbb 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -393,6 +393,25 @@ static int hostapd_broadcast_wep_set(struct hostapd_data *hapd) #endif /* CONFIG_WEP */ +static void hostapd_clear_drv_priv(struct hostapd_data *hapd) +{ + u8 i; + + for (i = 0; i < hapd->iface->interfaces->count; i++) { + struct hostapd_iface *iface = hapd->iface->interfaces->iface[i]; + + if (hapd->iface == iface) + continue; + + if (iface->bss && iface->bss[0] && + iface->bss[0]->mld_first_bss == hapd) + iface->bss[0]->drv_priv = NULL; + } + + hapd->drv_priv = NULL; +} + + void hostapd_free_hapd_data(struct hostapd_data *hapd) { os_free(hapd->probereq_cb); @@ -449,7 +468,7 @@ void hostapd_free_hapd_data(struct hostapd_data *hapd) * driver wrapper may have removed its internal instance * and hapd->drv_priv is not valid anymore. */ - hapd->drv_priv = NULL; + hostapd_clear_drv_priv(hapd); } } @@ -2800,8 +2819,9 @@ void hostapd_interface_deinit_free(struct hostapd_iface *iface) wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit", __func__, driver, drv_priv); if (driver && driver->hapd_deinit && drv_priv) { - driver->hapd_deinit(drv_priv); - iface->bss[0]->drv_priv = NULL; + if (!iface->bss[0]->mld_first_bss) + driver->hapd_deinit(drv_priv); + hostapd_clear_drv_priv(iface->bss[0]); } hostapd_interface_free(iface); } @@ -2816,13 +2836,14 @@ static void hostapd_deinit_driver(const struct wpa_driver_ops *driver, wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit", __func__, driver, drv_priv); if (driver && driver->hapd_deinit && drv_priv) { - driver->hapd_deinit(drv_priv); + if (!hapd_iface->bss[0]->mld_first_bss) + driver->hapd_deinit(drv_priv); for (j = 0; j < hapd_iface->num_bss; j++) { wpa_printf(MSG_DEBUG, "%s:bss[%d]->drv_priv=%p", __func__, (int) j, hapd_iface->bss[j]->drv_priv); if (hapd_iface->bss[j]->drv_priv == drv_priv) { - hapd_iface->bss[j]->drv_priv = NULL; + hostapd_clear_drv_priv(hapd_iface->bss[j]); hapd_iface->extended_capa = NULL; hapd_iface->extended_capa_mask = NULL; hapd_iface->extended_capa_len = 0; @@ -3163,8 +3184,14 @@ int hostapd_add_iface(struct hapd_interfaces *interfaces, char *buf) conf_file = ptr + 7; for (i = 0; i < interfaces->count; i++) { + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap = interfaces->iface[i]->conf->bss[0]->mld_ap; +#endif /* CONFIG_IEEE80211BE */ + if (!os_strcmp(interfaces->iface[i]->conf->bss[0]->iface, - buf)) { + buf) && !mld_ap) { wpa_printf(MSG_INFO, "Cannot add interface - it " "already exists"); return -1; diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h index 0512830530..1c0d99112b 100644 --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h @@ -174,6 +174,12 @@ struct hostapd_data { unsigned int reenable_beacon:1; u8 own_addr[ETH_ALEN]; + u8 mld_addr[ETH_ALEN]; + u8 mld_link_id; + /* used for mld link id assignment - valid on first MLD BSS only */ + u8 mld_next_link_id; + + struct hostapd_data *mld_first_bss; int num_sta; /* number of entries in sta_list */ struct sta_info *sta_list; /* STA info list head */ From patchwork Mon May 22 19:33:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784645 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=zMsJ+exE; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=AoyXO692; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ731717qz20f6 for ; Tue, 23 May 2023 05:35:40 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=rM8oQykKsUS616xYGBxY6oBmzADcFCvcIUbgnyMGYg0=; b=zMsJ+exEH2wzj1 nXVrWAoldfhksOcHkCqaXF9CGno0IVDqMxWPK+icbez6a/XRH3gJ4yFqmpCINcxDf8IcUdqJTkxWe qSF3kTqS7EA9KfKC/lYUh93gc0DcFZg/N8yoQrk7F5VNJVCC/tUzUGxKv4oQkojqGTBovTT3zh5L3 MvTRcyyCehW+x9ZGM96/cNj5VxvoK5igDIaf9ESUvrloO95BLn2yLz+G57oDFopuPJjxdQD0t9c/W FBQf3b+owzA8WAH/PqGb9r7Gkugzge3/uTpfIF6kianWK+lGkBxHOUsGsxSLob91nP3fFxgrbzrLC HbDdbRdWjFJTnX4VEqKw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ4-007hbz-1c; Mon, 22 May 2023 19:34:58 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BIz-007hVw-1A for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784093; x=1716320093; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=KGsqwsgT6i4D4K8xA50wY8Av4i+Qz53D1W/crPSJqDA=; b=AoyXO692sgswn+ew8gS61H6t9Kw1tmsz4YFmDgq1o/FeVvM/HU0PEvEo 0gTAp9WPOq24K4nM4qyl3jpW9LPI5/EXipK8pG6i07nRjgit+JR8/I/f0 ebDHVV6Ge4SqLYiE0eyBHgEfpBUrQQrnyWy9pQm9Ld+UdvuehoSUA6f84 GU5AFHEptwuIIWvNNaYAn9K3CRXzd+miLC20wK1FHIC6yzZNntnH/vvbW FbUVYPzqgROG2UrHPa9ZZXksN2KCV6zA5Be0mq5VbiHR2QQQjAy49ipUi HRBa1cB60wrNLE0q01bRo5z8C0QdlrfmpLXhO+MLNJdJwEQzr6bZqGQpR Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869121" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869121" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:53 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809105" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809105" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:51 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH v2 09/44] AP: Include an RNR element in beacons for MLD AP Date: Mon, 22 May 2023 22:33:37 +0300 Message-Id: <20230522193412.658666-10-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123453_420584_A7253B15 X-CRM114-Status: GOOD ( 19.70 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer - Include RNR element in beacons of MLD APs. - Whenever a new interface is added to an MLD AP, reconfigure the beacon for all other interfaces, to allow updating their RNR element. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer - Include RNR element in beacons of MLD APs. - Whenever a new interface is added to an MLD AP, reconfigure the beacon for all other interfaces, to allow updating their RNR element. Signed-off-by: Ilan Peer --- src/ap/beacon.c | 24 ++++++---- src/ap/hostapd.c | 3 ++ src/ap/ieee802_11.c | 90 +++++++++++++++++++++++++++++------- src/common/ieee802_11_defs.h | 1 + 4 files changed, 93 insertions(+), 25 deletions(-) diff --git a/src/ap/beacon.c b/src/ap/beacon.c index 5e9ced1e25..6253b188d1 100644 --- a/src/ap/beacon.c +++ b/src/ap/beacon.c @@ -2194,21 +2194,29 @@ int ieee802_11_set_beacon(struct hostapd_data *hapd) if (!iface->interfaces || iface->interfaces->count <= 1) return 0; - /* Update Beacon frames in case of 6 GHz colocation */ + /* Update Beacon frames in case of 6 GHz colocation or MLD AP */ is_6g = is_6ghz_op_class(iface->conf->op_class); for (j = 0; j < iface->interfaces->count; j++) { - struct hostapd_iface *colocated; + struct hostapd_iface *other; + bool mld_ap = false; - colocated = iface->interfaces->iface[j]; - if (colocated == iface || !colocated || !colocated->conf) + other = iface->interfaces->iface[j]; + if (other == iface || !other || !other->conf) continue; - if (is_6g == is_6ghz_op_class(colocated->conf->op_class)) +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && other->bss[0]->conf->mld_ap && + hapd->conf->mld_id == other->bss[0]->conf->mld_id) + mld_ap = true; +#endif /* CONFIG_IEEE80211BE */ + + if (is_6g == is_6ghz_op_class(other->conf->op_class) && + !mld_ap) continue; - for (i = 0; i < colocated->num_bss; i++) { - if (colocated->bss[i] && colocated->bss[i]->started) - __ieee802_11_set_beacon(colocated->bss[i]); + for (i = 0; i < other->num_bss; i++) { + if (other->bss[i] && other->bss[i]->started) + __ieee802_11_set_beacon(other->bss[i]); } } diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index 60d08e6cbb..20fc8403d4 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -2336,6 +2336,9 @@ dfs_offload: for (j = 0; j < iface->num_bss; j++) hostapd_neighbor_set_own_report(iface->bss[j]); + if (iface->interfaces && iface->interfaces->count > 1) + ieee802_11_set_beacons(iface); + return 0; fail: diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index f795c06a66..e753fbb614 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -6438,6 +6438,11 @@ hostapd_eid_rnr_iface_len(struct hostapd_data *hapd, size_t total_len = 0, len = *current_len; int tbtt_count = 0; size_t i, start = 0; + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap = !!hapd->conf->mld_ap; +#endif /* CONFIG_IEEE80211BE */ while (start < hapd->iface->num_bss) { if (!len || @@ -6467,8 +6472,13 @@ hostapd_eid_rnr_iface_len(struct hostapd_data *hapd, tbtt_count >= RNR_TBTT_INFO_COUNT_MAX) break; - len += RNR_TBTT_INFO_LEN; - total_len += RNR_TBTT_INFO_LEN; + if (!mld_ap) { + len += RNR_TBTT_INFO_LEN; + total_len += RNR_TBTT_INFO_LEN; + } else { + len += RNR_TBTT_INFO_MLD_LEN; + total_len += RNR_TBTT_INFO_MLD_LEN; + } tbtt_count++; } start = i; @@ -6523,8 +6533,8 @@ static enum colocation_mode get_colocation_mode(struct hostapd_data *hapd) } -static size_t hostapd_eid_rnr_colocation_len(struct hostapd_data *hapd, - size_t *current_len) +static size_t hostapd_eid_rnr_multi_iface_len(struct hostapd_data *hapd, + size_t *current_len) { struct hostapd_iface *iface; size_t len = 0; @@ -6535,9 +6545,16 @@ static size_t hostapd_eid_rnr_colocation_len(struct hostapd_data *hapd, for (i = 0; i < hapd->iface->interfaces->count; i++) { iface = hapd->iface->interfaces->iface[i]; + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && iface->bss[0]->conf->mld_ap && + hapd->conf->mld_id == iface->bss[0]->conf->mld_id) + mld_ap = true; +#endif /* CONFIG_IEEE80211BE */ if (iface == hapd->iface || - !is_6ghz_op_class(iface->conf->op_class)) + !(is_6ghz_op_class(iface->conf->op_class) || mld_ap)) continue; len += hostapd_eid_rnr_iface_len(iface->bss[0], hapd, @@ -6552,6 +6569,11 @@ size_t hostapd_eid_rnr_len(struct hostapd_data *hapd, u32 type) { size_t total_len = 0, current_len = 0; enum colocation_mode mode = get_colocation_mode(hapd); + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap = !!hapd->conf->mld_ap; +#endif /* CONFIG_IEEE80211BE */ switch (type) { case WLAN_FC_STYPE_BEACON: @@ -6560,9 +6582,10 @@ size_t hostapd_eid_rnr_len(struct hostapd_data *hapd, u32 type) /* fallthrough */ case WLAN_FC_STYPE_PROBE_RESP: - if (mode == COLOCATED_LOWER_BAND) - total_len += hostapd_eid_rnr_colocation_len( - hapd, ¤t_len); + if (mode == COLOCATED_LOWER_BAND || mld_ap) + total_len += + hostapd_eid_rnr_multi_iface_len(hapd, + ¤t_len); if (hapd->conf->rnr && hapd->iface->num_bss > 1 && !hapd->iconf->mbssid) @@ -6652,6 +6675,11 @@ static u8 * hostapd_eid_rnr_iface(struct hostapd_data *hapd, size_t len = *current_len; u8 *tbtt_count_pos, *eid_start = eid, *size_offset = (eid - len) + 1; u8 tbtt_count = 0, op_class, channel, bss_param; + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap = !!hapd->conf->mld_ap; +#endif /* CONFIG_IEEE80211BE */ if (!(iface->drv_flags & WPA_DRIVER_FLAGS_AP_CSA) || !iface->freq) return eid; @@ -6674,7 +6702,12 @@ static u8 * hostapd_eid_rnr_iface(struct hostapd_data *hapd, } tbtt_count_pos = eid++; - *eid++ = RNR_TBTT_INFO_LEN; + + if (!mld_ap) + *eid++ = RNR_TBTT_INFO_LEN; + else + *eid++ = RNR_TBTT_INFO_MLD_LEN; + *eid++ = op_class; *eid++ = hapd->iconf->channel; len += RNR_TBTT_HEADER_LEN; @@ -6723,7 +6756,18 @@ static u8 * hostapd_eid_rnr_iface(struct hostapd_data *hapd, *eid++ = bss_param; *eid++ = RNR_20_MHZ_PSD_MAX_TXPOWER - 1; - len += RNR_TBTT_INFO_LEN; + + if (!mld_ap) { + len += RNR_TBTT_INFO_LEN; + } else { +#ifdef CONFIG_IEEE80211BE + *eid++ = hapd->conf->mld_id; + *eid++ = hapd->mld_link_id | (1 << 4); + *eid++ = 0; + len += RNR_TBTT_INFO_MLD_LEN; +#endif /* CONFIG_IEEE80211BE */ + } + tbtt_count += 1; } @@ -6740,7 +6784,7 @@ static u8 * hostapd_eid_rnr_iface(struct hostapd_data *hapd, } -static u8 * hostapd_eid_rnr_colocation(struct hostapd_data *hapd, u8 *eid, +static u8 *hostapd_eid_rnr_multi_iface(struct hostapd_data *hapd, u8 *eid, size_t *current_len) { struct hostapd_iface *iface; @@ -6751,9 +6795,16 @@ static u8 * hostapd_eid_rnr_colocation(struct hostapd_data *hapd, u8 *eid, for (i = 0; i < hapd->iface->interfaces->count; i++) { iface = hapd->iface->interfaces->iface[i]; + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && iface->bss[0]->conf->mld_ap && + hapd->conf->mld_id == iface->bss[0]->conf->mld_id) + mld_ap = true; +#endif /* CONFIG_IEEE80211BE */ if (iface == hapd->iface || - !is_6ghz_op_class(iface->conf->op_class)) + !(is_6ghz_op_class(iface->conf->op_class) || mld_ap)) continue; eid = hostapd_eid_rnr_iface(iface->bss[0], hapd, eid, @@ -6769,6 +6820,11 @@ u8 * hostapd_eid_rnr(struct hostapd_data *hapd, u8 *eid, u32 type) u8 *eid_start = eid; size_t current_len = 0; enum colocation_mode mode = get_colocation_mode(hapd); + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap = !!hapd->conf->mld_ap; +#endif /* CONFIG_IEEE80211BE */ switch (type) { case WLAN_FC_STYPE_BEACON: @@ -6777,9 +6833,9 @@ u8 * hostapd_eid_rnr(struct hostapd_data *hapd, u8 *eid, u32 type) /* fallthrough */ case WLAN_FC_STYPE_PROBE_RESP: - if (mode == COLOCATED_LOWER_BAND) - eid = hostapd_eid_rnr_colocation(hapd, eid, - ¤t_len); + if (mode == COLOCATED_LOWER_BAND || mld_ap) + eid = hostapd_eid_rnr_multi_iface(hapd, eid, + ¤t_len); if (hapd->conf->rnr && hapd->iface->num_bss > 1 && !hapd->iconf->mbssid) @@ -7094,8 +7150,8 @@ u8 * hostapd_eid_mbssid(struct hostapd_data *hapd, u8 *eid, u8 *end, if (hapd->conf->rnr) rnr_eid = hostapd_eid_nr_db(hapd, rnr_eid, &cur_len); if (get_colocation_mode(hapd) == COLOCATED_LOWER_BAND) - rnr_eid = hostapd_eid_rnr_colocation(hapd, rnr_eid, - &cur_len); + rnr_eid = hostapd_eid_rnr_multi_iface(hapd, rnr_eid, + &cur_len); } return eid; diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h index 12789227c4..b869068282 100644 --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h @@ -2454,6 +2454,7 @@ struct ieee80211_he_mu_edca_parameter_set { #define RNR_TBTT_INFO_COUNT(x) (((x) & 0xf) << 4) #define RNR_TBTT_INFO_COUNT_MAX 16 #define RNR_TBTT_INFO_LEN 13 +#define RNR_TBTT_INFO_MLD_LEN 16 #define RNR_NEIGHBOR_AP_OFFSET_UNKNOWN 255 /* Figure 9-632a - BSS Parameters subfield format */ #define RNR_BSS_PARAM_OCT_RECOMMENDED BIT(0) From patchwork Mon May 22 19:33:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784640 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=MRzwmTyw; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=bv8LGIbC; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ73203JGz20f7 for ; Tue, 23 May 2023 05:35:40 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=jkxO88NVDaJWTEx8cJZquVP9po7VVGs3uFrRrMxnAnc=; b=MRzwmTywmQbruX f2zVzFFgFQwNN+7x4vJhOJfJsOw3K5icikLkUIadFpPP/F+zB0eOqkrJVA0RLHjKgahVySgBinkLE l/7sQyR0Yxs/u27ZQJyeMjfiwGN/j8882z4NwaHf3X7OiyPV6WdLnh4ZGubdKYufz7rm5gExu/TNw cvwf+44yZFfKq6vvHFVYqNBI3/xbbYh/KHCYBzu+XcuEW4KbEI9v0H6v1s2dvovw5GSj2u6u4R4qp AM9+ykSsVp/5IeBPFYntU94HgC3YZgoCt7l9zB8frcGpOafjMoJaBMmXI68klWDIKg633Q866wWyO 16SzLwqHDdp1txylql6Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ6-007hd8-0H; Mon, 22 May 2023 19:35:00 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ0-007hXS-1Z for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784094; x=1716320094; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=G249GNc2R9YHS13wEXkSzpAfO/zREGhAxagc63LI+JE=; b=bv8LGIbChLPWqJvnQedTaycSxuThLlO7F+rjntMDiz2id8v5TBRDowR7 UHstA9bicU8YSrTy9bCqMISvOsfVZxYlx70FzCh3GirwyRXMvxYrHak4O GQJXCEfN2y/eTVWadq65f3P8l2pFB0bNg9060AWPvS2dQc9+7t/cAE4c7 sMJvhDQW3y1M4fJuPd+qsHjiTDhv+UJ860C4ofI8dK4xVmTexZVftXTKa NTWaUhL+fu1d65RiLtTi/j6nmklFCLRdF5uOoQGm09SXM5nSUYOQudgQU Qw73DPWOKiM+aIDbqi1gTwBfdlEzSZIcrM8rUxvFBqDe1KezZGU/cFoAH g==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869124" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869124" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:54 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809111" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809111" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:52 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 10/44] driver_nl80211: Select freq according to transmitting link Date: Mon, 22 May 2023 22:33:38 +0300 Message-Id: <20230522193412.658666-11-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123454_536880_41433E55 X-CRM114-Status: GOOD ( 13.37 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: In MLO, multiple BSS's can transmit on different frequencies. Select link frequencies according to the transmitter address. Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org In MLO, multiple BSS's can transmit on different frequencies. Select link frequencies according to the transmitter address. Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 0ba46bea34..53f506f9f3 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4139,6 +4139,22 @@ static void nl80211_link_set_freq(struct i802_bss *bss, s8 link_id, int freq) } +static int nl80211_get_link_freq(struct i802_bss *bss, u8 *addr) +{ + size_t i; + + for (i = 0; i < bss->n_links; i++) { + if (os_memcmp(bss->links[i].addr, addr, ETH_ALEN) == 0) { + wpa_printf(MSG_DEBUG, "nl80211: Use link freq=%d", + bss->links[i].freq); + return bss->links[i].freq; + } + } + + return bss->flink->freq; +} + + static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, size_t data_len, int noack, unsigned int freq, int no_cck, @@ -4183,13 +4199,14 @@ static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, } if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) { - if (freq == 0) { - wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d", - bss->flink->freq); - freq = bss->flink->freq; - } - if ((int) freq == bss->flink->freq) + unsigned int link_freq = nl80211_get_link_freq(bss, mgmt->sa); + + if (!freq) + freq = link_freq; + + if (freq == link_freq) wait_time = 0; + goto send_frame_cmd; } From patchwork Mon May 22 19:33:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784647 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=lt8t4zYN; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=Wg9zrP6m; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7375f3gz20PS for ; Tue, 23 May 2023 05:35:47 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=RZkCukCdeeE5Ow4481W1/TxjR+mt/2MDAEzi9ng/Lx0=; b=lt8t4zYNstzV3E bc3vNFrUb1fppWe/ooxfVmJiOxtshr+dWYlzre7VcAwVTn3IbFD0X50A9BE5UBnCHYO9XN+Lle+FP fuLnwmcFjnF+++OpLTX9uPIwRXk/GbCpbaic94o2To805GOEQAgbyQZONrr6V1IQJFftlLMl4Teca sx5pLP7CG6nLmEEfKysSw4Am33Nv8hKW+eyLKii5heC9rsFlS3tKK+coGJqoHxrI/HMjEz/5V4Idl BJ2bEqMPqYFvBd/fRrTxOObcoLA18nYSXNSSaT/cAt54S+8zN6NNdaaCP4/7kWeSo44+Jjwt2aYGY hzu7MeQbRafzhJS+3jZA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ9-007hfv-09; Mon, 22 May 2023 19:35:03 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ2-007hZy-0b for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:57 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784096; x=1716320096; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=7VLAXayr7gY+fS9NddBz5fnt6AUNtyXSPWSFffIFf74=; b=Wg9zrP6mVQ6mRlStTuMFujYXbkTgixmhIDdUESIe9a4EYlmI9a9LfBNU FJcMpGcuXc9PGuFPPJ6wBMKKUABl3WFhZ0SP+UHsyRSDRkh7S3MwaBwCt IbYTzWzyXCzh1l6mYznwzeyCIQeUMdNlEMEkwoXNtgIjZRYbLCRVPJuqM kaVJ1jcLrs0BSgxackkxWV9w3J1AA5ct+f7ATZYrvtuYjoWUk2wuhSTLp KLHqnwCbgMzwrCZBSCm/gUiSaXZUqLjtdCVtFMZtHEtxgNdqnaONJf5qP 3VY7ZZUT/UBGuNH5pa2613U33KM4aaTaO20W5YcPnxaD+yAi2qbTbM8ec A==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869127" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869127" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:55 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809114" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809114" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:54 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH v2 11/44] AP: MLO: Make 802.1X SM, authserv and radius client singletons Date: Mon, 22 May 2023 22:33:39 +0300 Message-Id: <20230522193412.658666-12-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123456_238363_5453377E X-CRM114-Status: GOOD ( 16.55 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer To simplify the handling of MLD stations, assume that all interfaces/BSSs use the same 802.1X authenticator, same radius server instance and same radius client. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/authsrv.c | 38 ++++++++++++++++++++++++ src/ap/hostapd.c | 71 +++++++++ [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer To simplify the handling of MLD stations, assume that all interfaces/BSSs use the same 802.1X authenticator, same radius server instance and same radius client. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/authsrv.c | 38 ++++++++++++++++++++++++ src/ap/hostapd.c | 71 +++++++++++++++++++++++++++------------------ src/ap/ieee802_1x.c | 16 ++++++++++ 3 files changed, 97 insertions(+), 28 deletions(-) diff --git a/src/ap/authsrv.c b/src/ap/authsrv.c index 4ab2a4a601..9914ed4e12 100644 --- a/src/ap/authsrv.c +++ b/src/ap/authsrv.c @@ -106,6 +106,15 @@ static int hostapd_setup_radius_srv(struct hostapd_data *hapd) { struct radius_server_conf srv; struct hostapd_bss_config *conf = hapd->conf; + + if (hapd->mld_first_bss) { + wpa_printf(MSG_DEBUG, + "MLD: using radius_srv of first BSS"); + + hapd->radius_srv = hapd->mld_first_bss->radius_srv; + return 0; + } + os_memset(&srv, 0, sizeof(srv)); srv.client_file = conf->radius_server_clients; srv.auth_port = conf->radius_server_auth_port; @@ -238,6 +247,20 @@ static struct eap_config * authsrv_eap_config(struct hostapd_data *hapd) int authsrv_init(struct hostapd_data *hapd) { + if (hapd->mld_first_bss) { + wpa_printf(MSG_DEBUG, + "MLD: using auth_serv of first BSS"); + +#ifdef EAP_TLS_FUNCS + hapd->ssl_ctx = hapd->mld_first_bss->ssl_ctx; +#endif /* EAP_TLS_FUNCS */ + hapd->eap_cfg = hapd->mld_first_bss->eap_cfg; +#ifdef EAP_SIM_DB + hapd->eap_sim_db_priv = hapd->mld_first_bss->eap_sim_db_priv; +#endif /* EAP_SIM_DB */ + return 0; + } + #ifdef EAP_TLS_FUNCS if (hapd->conf->eap_server && (hapd->conf->ca_cert || hapd->conf->server_cert || @@ -352,6 +375,21 @@ int authsrv_init(struct hostapd_data *hapd) void authsrv_deinit(struct hostapd_data *hapd) { + if (hapd->mld_first_bss) { + wpa_printf(MSG_DEBUG, + "MLD: deinit auth_serv of non first BSS"); + + hapd->radius_srv = NULL; + hapd->eap_cfg = NULL; +#ifdef EAP_SIM_DB + hapd->eap_sim_db_priv = NULL; +#endif /* EAP_SIM_DB */ +#ifdef EAP_TLS_FUNCS + hapd->ssl_ctx = NULL; +#endif /* EAP_TLS_FUNCS */ + return; + } + #ifdef RADIUS_SERVER radius_server_deinit(hapd->radius_srv); hapd->radius_srv = NULL; diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index 20fc8403d4..35b763f80b 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -439,9 +439,11 @@ void hostapd_free_hapd_data(struct hostapd_data *hapd) vlan_deinit(hapd); hostapd_acl_deinit(hapd); #ifndef CONFIG_NO_RADIUS - radius_client_deinit(hapd->radius); + if (!hapd->mld_first_bss) { + radius_client_deinit(hapd->radius); + radius_das_deinit(hapd->radius_das); + } hapd->radius = NULL; - radius_das_deinit(hapd->radius_das); hapd->radius_das = NULL; #endif /* CONFIG_NO_RADIUS */ @@ -1215,6 +1217,10 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first, u8 if_addr[ETH_ALEN]; int flush_old_stations = 1; + if (hapd->mld_first_bss) + wpa_printf(MSG_DEBUG, + "MLD: %s: setting non-first BSS", __func__); + wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s), first=%d)", __func__, hapd, conf->iface, first); @@ -1373,34 +1379,43 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first, } #endif /* CONFIG_SQLITE */ - hapd->radius = radius_client_init(hapd, conf->radius); - if (hapd->radius == NULL) { - wpa_printf(MSG_ERROR, "RADIUS client initialization failed."); - return -1; - } - - if (conf->radius_das_port) { - struct radius_das_conf das_conf; - os_memset(&das_conf, 0, sizeof(das_conf)); - das_conf.port = conf->radius_das_port; - das_conf.shared_secret = conf->radius_das_shared_secret; - das_conf.shared_secret_len = - conf->radius_das_shared_secret_len; - das_conf.client_addr = &conf->radius_das_client_addr; - das_conf.time_window = conf->radius_das_time_window; - das_conf.require_event_timestamp = - conf->radius_das_require_event_timestamp; - das_conf.require_message_authenticator = - conf->radius_das_require_message_authenticator; - das_conf.ctx = hapd; - das_conf.disconnect = hostapd_das_disconnect; - das_conf.coa = hostapd_das_coa; - hapd->radius_das = radius_das_init(&das_conf); - if (hapd->radius_das == NULL) { - wpa_printf(MSG_ERROR, "RADIUS DAS initialization " - "failed."); + if (!hapd->mld_first_bss) { + hapd->radius = radius_client_init(hapd, conf->radius); + if (!hapd->radius) { + wpa_printf(MSG_ERROR, + "RADIUS client initialization failed."); return -1; } + + if (conf->radius_das_port) { + struct radius_das_conf das_conf; + + os_memset(&das_conf, 0, sizeof(das_conf)); + das_conf.port = conf->radius_das_port; + das_conf.shared_secret = conf->radius_das_shared_secret; + das_conf.shared_secret_len = + conf->radius_das_shared_secret_len; + das_conf.client_addr = &conf->radius_das_client_addr; + das_conf.time_window = conf->radius_das_time_window; + das_conf.require_event_timestamp = + conf->radius_das_require_event_timestamp; + das_conf.require_message_authenticator = + conf->radius_das_require_message_authenticator; + das_conf.ctx = hapd; + das_conf.disconnect = hostapd_das_disconnect; + das_conf.coa = hostapd_das_coa; + hapd->radius_das = radius_das_init(&das_conf); + if (!hapd->radius_das) { + wpa_printf(MSG_ERROR, + "RADIUS DAS initialization failed."); + return -1; + } + } + } else { + wpa_printf(MSG_ERROR, + "MLD: Using radius client of first BSS"); + hapd->radius = hapd->mld_first_bss->radius; + hapd->radius_das = hapd->mld_first_bss->radius_das; } #endif /* CONFIG_NO_RADIUS */ diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c index 8b67669bb9..274fd2f613 100644 --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c @@ -2474,6 +2474,14 @@ int ieee802_1x_init(struct hostapd_data *hapd) struct eapol_auth_config conf; struct eapol_auth_cb cb; + if (hapd->mld_first_bss) { + wpa_printf(MSG_DEBUG, + "MLD: using 802.1X SM of first BSS"); + + hapd->eapol_auth = hapd->mld_first_bss->eapol_auth; + return 0; + } + dl_list_init(&hapd->erp_keys); os_memset(&conf, 0, sizeof(conf)); @@ -2558,6 +2566,14 @@ void ieee802_1x_erp_flush(struct hostapd_data *hapd) void ieee802_1x_deinit(struct hostapd_data *hapd) { + if (hapd->mld_first_bss) { + wpa_printf(MSG_DEBUG, + "MLD: deinit 802.1X SM of non first BSS"); + + hapd->eapol_auth = NULL; + return; + } + #ifdef CONFIG_WEP eloop_cancel_timeout(ieee802_1x_rekey, hapd, NULL); #endif /* CONFIG_WEP */ From patchwork Mon May 22 19:33:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784646 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=0vY993ju; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=dDCl1PzZ; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7366DLcz20dZ for ; Tue, 23 May 2023 05:35:46 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ZcyukDeOAt7m0WcTySq2TxhEtc7MvHhzk+PXcPcZnzw=; b=0vY993ju1e5Y8e p2F6aDUUi01qp+vvjGc7eZd9mXlTthS/Pqv0VHigItFVTD2pUe4qyjQgFPATzK0KtDpzJxYXFJ6f2 6Ec/w1aodyqlALVRpsUrZluWnu2uj8JYvuBwspFUDAg733sSgQUJ/XA6E4kipt7FJ6wtySnCaBjtF PuStpvklJ8/sUbnE372AEtE1Xh3FIfVIZ5dvwl1JuhZQuvpiaAMZGgItxu7z9Hv77+NqEJTgmuBJa JTHaKQPRWgfrKyd4V8PDsc+3ztZ6qdJfBTO2vL+fQ8ZmQfR8rRe4X7EbQrXA6lMLKa/cnHGXDWJ6t cB41uljAi6qrnRSwiISg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJA-007hhC-2C; Mon, 22 May 2023 19:35:04 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ3-007hZy-2g for hostap@lists.infradead.org; Mon, 22 May 2023 19:34:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784097; x=1716320097; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=GHMr3ixwRvCbEJteQxIjQBSshArmIBa72U4gOBAn8RM=; b=dDCl1PzZYnHQGDgYr6RHtO3ICAzZUxuOl/oqqE2HBF0G2EF9syL+TyOP q3yIMaR13ldLtRSYJSuJAwCDdV9PsB7nnOIVnrmc5Qib/taoVSFOdvxTw XQD5lzasdWVccBR6LmRKM/G2AOjuoUjEHIUUBEegQHeED6sH/dbUq1rMC OR4v7X5N/66cWC3VOPPm+4mq2yWT7/wAHYC2UsAvBqyHiy/5A02ALpLbK w/lr9GtaaPSxzO3A0VlygqALSFRQhoOeJaz1ykig9rGWabbgVgLr4buJM 6jvuLZVrkru53KDQxrZke4v6u8acnNAo8LlrV8yEiz+A8kIXRlwQaFvEv Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869128" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869128" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:57 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809122" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809122" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:55 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH v2 12/44] AP: Match Rx frames against MLD address Date: Mon, 22 May 2023 22:33:40 +0300 Message-Id: <20230522193412.658666-13-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123457_903325_FC12FF48 X-CRM114-Status: GOOD ( 13.53 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Once a station is added to the underlying driver, the driver is expected to do address translation and use MLD addresses. Thus, when handling a Rx management frame, match it against the MLD address. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Once a station is added to the underlying driver, the driver is expected to do address translation and use MLD addresses. Thus, when handling a Rx management frame, match it against the MLD address. Signed-off-by: Ilan Peer --- src/ap/drv_callbacks.c | 13 +++++++++++-- src/ap/ieee802_11.c | 8 ++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c index 7da5c524cf..236a83f75f 100644 --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c @@ -1459,6 +1459,7 @@ static int hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) const u8 *bssid; struct hostapd_frame_info fi; int ret; + bool is_mld = false; #ifdef CONFIG_TESTING_OPTIONS if (hapd->ext_mgmt_frame_handling) { @@ -1480,8 +1481,16 @@ static int hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) if (bssid == NULL) return 0; - hapd = get_hapd_bssid(iface, bssid); - if (hapd == NULL) { +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && + !os_memcmp(hapd->mld_addr, bssid, ETH_ALEN)) + is_mld = true; +#endif /* CONFIG_IEEE80211BE */ + + if (!is_mld) + hapd = get_hapd_bssid(iface, bssid); + + if (!hapd) { u16 fc = le_to_host16(hdr->frame_control); /* diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index e753fbb614..c22e7cf0d5 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -5494,6 +5494,10 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, #ifdef CONFIG_MESH !(hapd->conf->mesh & MESH_ENABLED) && #endif /* CONFIG_MESH */ +#ifdef CONFIG_IEEE80211BE + !(hapd->conf->mld_ap && !os_memcmp(hapd->mld_addr, mgmt->bssid, + ETH_ALEN)) && +#endif /* CONFIG_IEEE80211BE */ os_memcmp(mgmt->bssid, hapd->own_addr, ETH_ALEN) != 0) { wpa_printf(MSG_INFO, "MGMT: BSSID=" MACSTR " not our address", MAC2STR(mgmt->bssid)); @@ -5513,6 +5517,10 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, if ((!is_broadcast_ether_addr(mgmt->da) || stype != WLAN_FC_STYPE_ACTION) && +#ifdef CONFIG_IEEE80211BE + !(hapd->conf->mld_ap && !os_memcmp(hapd->mld_addr, mgmt->bssid, + ETH_ALEN)) && +#endif /* CONFIG_IEEE80211BE */ os_memcmp(mgmt->da, hapd->own_addr, ETH_ALEN) != 0) { hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, From patchwork Mon May 22 19:33:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784650 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=uLp/y09T; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=bYvmycBj; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ73F0W0Hz20PS for ; Tue, 23 May 2023 05:35:53 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=XPURe10hppTZS0DcEivlnal+CDKFXOJD2kHeKRF9U0Y=; b=uLp/y09TJ5L9b9 JRq4hPS0ZubbgHmQVRTuAoO+SySxVu1fs45JL873xc1KrFvgX/cRUBF2RE/S9wok4a+TxXslBc5i7 +lPdz6SpBc5VxTYLOt+TigrMYzvq1FTs7VS9cSmZhhZzJivYm/fT2SdmZfl7imjkMhLpf4LG33eqN en9awJpp11RNO4PkBO2L6jtO+03Bnk2Q4zzAmlLYnmnCe80Qn7rZYm9OBwb/2PZcUVACqcx2+47Et nvXUek4HYTD2IK+Kg2wSwwkVIyZ5AHhIxdfqUbCayIntp3D+NdYZvlmC9cPeAVl1NBq+3YvRFYgoX RRq3jQyqAdk8wIsfHTtw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJC-007hiK-1g; Mon, 22 May 2023 19:35:06 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ5-007hbQ-09 for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:01 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784099; x=1716320099; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=V2EX7oSnanuYqYYSuENuBixs2j0ROb3i8Lmu3eQdQgE=; b=bYvmycBj4mZdxR3RbRlFMhSThcjjaNAX0bYqpve4kgQeptC09Ryd6nSZ JKJItURsDUPoXCmRxcdmzapOs+GTZLMRv+AAKa6BRoLk3kAlXnnE93/jX DUn8rS5DAWt4Jbw4fB8zoFTXDZ65+9vJD+d/g1ehmMTi3tJce0AnL1IbM Sb+8DgtcZW2lxRl/OZ0j0hRtmJkIeM/W83A8UhLrHiW4ml/+v177zkaDK g0fr2BKGeoelq0eyRxf8f/jdXdjDEQx/p2I080nTH9eK/3e+brUME9qe3 7f3OUKlE44ZCsv3L0ekHTVrOYzKJBe6y4YEr2SClJRL3FfCBAxcDyuUwd w==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869130" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869130" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:58 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809133" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809133" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:57 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 13/44] AP: Support building basic Multi-Link Element Date: Mon, 22 May 2023 22:33:41 +0300 Message-Id: <20230522193412.658666-14-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123459_117242_65986B68 X-CRM114-Status: GOOD ( 23.19 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Define a struct to hold MLD station info and implement publishing of the basic Multi-Link Element. Add it into beacons and probe responses. Signed-off-by: Andrei Otcheretianski --- src/ap/beacon.c | 23 ++++ src/ap/hostapd.c | 23 ++++ src/ap/hostapd.h | 3 + src/ap/ieee802_11.h | 2 + src/ap/ieee802_11_eht.c [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Define a struct to hold MLD station info and implement publishing of the basic Multi-Link Element. Add it into beacons and probe responses. Signed-off-by: Andrei Otcheretianski --- src/ap/beacon.c | 23 ++++ src/ap/hostapd.c | 23 ++++ src/ap/hostapd.h | 3 + src/ap/ieee802_11.h | 2 + src/ap/ieee802_11_eht.c | 196 +++++++++++++++++++++++++++++++++++ src/ap/sta_info.h | 34 ++++++ src/common/ieee802_11_defs.h | 10 ++ 7 files changed, 291 insertions(+) diff --git a/src/ap/beacon.c b/src/ap/beacon.c index 6253b188d1..9cfcc9c84b 100644 --- a/src/ap/beacon.c +++ b/src/ap/beacon.c @@ -605,6 +605,14 @@ static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd, buflen += 3 + sizeof(struct ieee80211_eht_operation); if (hapd->iconf->punct_bitmap) buflen += EHT_OPER_DISABLED_SUBCHAN_BITMAP_SIZE; + + /* + * TODO: multi link AP has variable length and can be + * long based on the common info and number of per + * station profiles. For now use 256. + */ + if (hapd->conf->mld_ap) + buflen += 256; } #endif /* CONFIG_IEEE80211BE */ @@ -755,6 +763,9 @@ static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd, #ifdef CONFIG_IEEE80211BE if (hapd->iconf->ieee80211be && !hapd->conf->disable_11be) { + if (hapd->conf->mld_ap) + pos = hostapd_eid_eht_basic_ml(hapd, pos, NULL, true); + pos = hostapd_eid_eht_capab(hapd, pos, IEEE80211_MODE_AP); pos = hostapd_eid_eht_operation(hapd, pos); } @@ -1711,6 +1722,14 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, tail_len += 3 + sizeof(struct ieee80211_eht_operation); if (hapd->iconf->punct_bitmap) tail_len += EHT_OPER_DISABLED_SUBCHAN_BITMAP_SIZE; + + /* + * TODO: multi link AP has variable length and can be + * long based on the common info and number of per + * station profiles. For now use 256. + */ + if (hapd->conf->mld_ap) + tail_len += 256; } #endif /* CONFIG_IEEE80211BE */ @@ -1881,6 +1900,10 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, #ifdef CONFIG_IEEE80211BE if (hapd->iconf->ieee80211be && !hapd->conf->disable_11be) { + if (hapd->conf->mld_ap) + tailpos = hostapd_eid_eht_basic_ml(hapd, tailpos, NULL, + true); + tailpos = hostapd_eid_eht_capab(hapd, tailpos, IEEE80211_MODE_AP); tailpos = hostapd_eid_eht_operation(hapd, tailpos); diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index 35b763f80b..29346bc3cd 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -4109,3 +4109,26 @@ void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx) } } #endif /* CONFIG_OCV */ + +#ifdef CONFIG_IEEE80211BE +struct hostapd_data * hostapd_mld_get_link_bss(struct hostapd_data *hapd, + u8 link_id) +{ + int i; + + for (i = 0; i < hapd->iface->interfaces->count; i++) { + struct hostapd_iface *h = hapd->iface->interfaces->iface[i]; + struct hostapd_data *h_hapd = h->bss[0]; + struct hostapd_bss_config *hconf = h_hapd->conf; + + if (!hconf->mld_ap || hconf->mld_id != hapd->conf->mld_id) + continue; + + if (h_hapd->mld_link_id == link_id) + return h_hapd; + } + + return NULL; +} + +#endif /* CONFIG_IEEE80211BE */ diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h index 1c0d99112b..ee4e0c0317 100644 --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h @@ -760,4 +760,7 @@ int hostapd_set_acl(struct hostapd_data *hapd); struct hostapd_data * hostapd_mbssid_get_tx_bss(struct hostapd_data *hapd); int hostapd_mbssid_get_bss_index(struct hostapd_data *hapd); +struct hostapd_data * hostapd_mld_get_link_bss(struct hostapd_data *hapd, + u8 link_id); + #endif /* HOSTAPD_H */ diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h index 1190a5ea86..6f18291b78 100644 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h @@ -84,6 +84,8 @@ void hostapd_get_eht_capab(struct hostapd_data *hapd, const struct ieee80211_eht_capabilities *src, struct ieee80211_eht_capabilities *dest, size_t len); +u8 *hostapd_eid_eht_basic_ml(struct hostapd_data *hapd, u8 *eid, + struct sta_info *info, bool include_mld_id); int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta); u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ht_capab); diff --git a/src/ap/ieee802_11_eht.c b/src/ap/ieee802_11_eht.c index 6ebe0f91d3..01878a0cd4 100644 --- a/src/ap/ieee802_11_eht.c +++ b/src/ap/ieee802_11_eht.c @@ -417,3 +417,199 @@ void hostapd_get_eht_capab(struct hostapd_data *hapd, os_memset(dest, 0, sizeof(*dest)); os_memcpy(dest, src, len); } + +u8 *hostapd_eid_eht_basic_ml(struct hostapd_data *hapd, u8 *eid, + struct sta_info *info, bool include_mld_id) +{ + struct wpabuf *buf; + u16 control; + u8 *pos = eid; + const u8 *ptr; + size_t len, slice_len; + u8 link_id; + u8 common_info_len; + + /* + * As the ML element can exceed the size of 244 bytes need to first + * build it and then handle defragmentation + */ + buf = wpabuf_alloc(1024); + if (!buf) + return pos; + + /* set the multi-link control field */ + control = MULTI_LINK_CONTROL_TYPE_BASIC | + BASIC_MULTI_LINK_CTRL_PRES_LINK_ID | + BASIC_MULTI_LINK_CTRL_PRES_BSS_PARAM_CH_COUNT | + BASIC_MULTI_LINK_CTRL_PRES_EML_CAPA | + BASIC_MULTI_LINK_CTRL_PRES_MLD_CAPA; + + /* + * set the basic multi-link common information. Hard code the common + * info length to 13 based on the length of the present fields: + * Length (1) + MLD address (6) + Link ID (1) + + * BSS change parameter (1) + MLD EML capabilities (2) + + * MLD MLD capabilities (2) + */ + common_info_len = 13; + + if (include_mld_id) { + control |= BASIC_MULTI_LINK_CTRL_PRES_AP_MLD_ID; + common_info_len++; + } + + wpabuf_put_le16(buf, control); + + wpabuf_put_u8(buf, common_info_len); + + /* own MLD address */ + wpabuf_put_data(buf, hapd->mld_addr, ETH_ALEN); + + /* own link ID */ + wpabuf_put_u8(buf, hapd->mld_link_id); + + /* currently hard code the BSS change parameters to 0x1 */ + wpabuf_put_u8(buf, 0x1); + + wpa_printf(MSG_DEBUG, "MLD: EML capabilities=0x%x", + hapd->iface->mld_eml_capa); + + wpabuf_put_le16(buf, hapd->iface->mld_eml_capa); + + wpa_printf(MSG_DEBUG, "MLD: MLD capabilities=0x%x", + hapd->iface->mld_mld_capa); + + wpabuf_put_le16(buf, hapd->iface->mld_mld_capa); + + if (include_mld_id) { + wpa_printf(MSG_DEBUG, "MLD: MLD ID=0x%x", hapd->conf->mld_id); + wpabuf_put_u8(buf, hapd->conf->mld_id); + } + + if (!info) + goto out; + + /* Add link info for the other links */ + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + struct mld_link_info *link = &info->mld_info.links[link_id]; + struct hostapd_data *link_bss; + + /* + * control (2) + station info length (1) + MAC address (6) + + * beacon interval (2) + TSF offset (8) + DTIM info (2) + BSS + * parameters change counter (1) + station profile length. + */ + const size_t fixed_len = 22; + size_t total_len = fixed_len + link->resp_sta_profile_len; + + /* skip the local one */ + if (link_id == hapd->mld_link_id || !link->valid) + continue; + + link_bss = hostapd_mld_get_link_bss(hapd, link_id); + if (!link_bss) { + wpa_printf(MSG_ERROR, "MLD: Couldn't find link BSS - skip it"); + continue; + } + + wpabuf_put_u8(buf, EHT_ML_SUB_ELEM_PER_STA_PROFILE); + + if (total_len <= 255) + wpabuf_put_u8(buf, total_len); + else + wpabuf_put_u8(buf, 255); + + control = (link_id & 0xf) | + EHT_PER_STA_CTRL_MAC_ADDR_PRESENT_MSK | + EHT_PER_STA_CTRL_COMPLETE_PROFILE_MSK | + EHT_PER_STA_CTRL_TSF_OFFSET_PRESENT_MSK | + EHT_PER_STA_CTRL_BEACON_INTERVAL_PRESENT_MSK | + EHT_PER_STA_CTRL_DTIM_INFO_PRESENT_MSK | + EHT_PER_STA_CTRL_BSS_PARAM_CNT_PRESENT_MSK; + + wpabuf_put_le16(buf, control); + + /* STA info length */ + wpabuf_put_u8(buf, fixed_len - 2); + wpabuf_put_data(buf, link->local_addr, ETH_ALEN); + wpabuf_put_le16(buf, link_bss->iconf->beacon_int); + + /* + * TODO: currently setting TSF offset to zero. However this + * information needs to come from the driver + */ + wpabuf_put_le32(buf, 0); + wpabuf_put_le32(buf, 0); + + wpabuf_put_le16(buf, link_bss->conf->dtim_period); + + /* TODO: currently hard code the BSS change parameters to 0x1 */ + wpabuf_put_u8(buf, 0x1); + + /* Fragment the sub element if needed */ + if (total_len <= 255) { + wpabuf_put_data(buf, link->resp_sta_profile, + link->resp_sta_profile_len); + } else { + ptr = link->resp_sta_profile; + len = link->resp_sta_profile_len; + + slice_len = 255 - fixed_len; + + wpabuf_put_data(buf, ptr, slice_len); + len -= slice_len; + ptr += slice_len; + + while (len) { + if (len <= 255) + slice_len = len; + else + slice_len = 255; + + wpabuf_put_u8(buf, EHT_ML_SUB_ELEM_FRAGMENT); + wpabuf_put_u8(buf, slice_len); + wpabuf_put_data(buf, ptr, slice_len); + + len -= slice_len; + ptr += slice_len; + } + } + } + +out: + /* start the fragmentation */ + len = wpabuf_len(buf); + ptr = wpabuf_head(buf); + + if (len <= 254) + slice_len = len; + else + slice_len = 254; + + *pos++ = WLAN_EID_EXTENSION; + *pos++ = slice_len + 1; + *pos++ = WLAN_EID_EXT_MULTI_LINK; + os_memcpy(pos, ptr, slice_len); + + ptr += slice_len; + pos += slice_len; + len -= slice_len; + + while (len) { + if (len <= 255) + slice_len = len; + else + slice_len = 255; + + *pos++ = WLAN_EID_FRAGMENT; + *pos++ = slice_len; + os_memcpy(pos, ptr, slice_len); + + ptr += slice_len; + pos += slice_len; + len -= slice_len; + } + + wpabuf_free(buf); + return pos; +} diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h index 8433ff8d60..e2b9dde876 100644 --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h @@ -69,6 +69,35 @@ struct pending_eapol_rx { enum frame_encryption encrypted; }; +#define EHT_ML_MAX_STA_PROF_LEN 1024 +struct mld_info { + bool mld_sta; + + struct ml_common_info { + u8 mld_addr[ETH_ALEN]; + u16 medium_sync_delay; + u16 eml_capa; + u16 mld_capa; + } common_info; + + struct mld_link_info { + u8 valid; + u8 local_addr[ETH_ALEN]; + u8 peer_addr[ETH_ALEN]; + + size_t nstr_bitmap_len; + u8 nstr_bitmap[2]; + + u16 capability; + + u16 status; + size_t resp_sta_profile_len; + u8 resp_sta_profile[EHT_ML_MAX_STA_PROF_LEN]; + + const u8 *rsne, *rsnxe; + } links[MAX_NUM_MLD_LINKS]; +}; + struct sta_info { struct sta_info *next; /* next entry in sta list */ struct sta_info *hnext; /* next entry in hash table list */ @@ -299,6 +328,11 @@ struct sta_info { #ifdef CONFIG_PASN struct pasn_data *pasn; #endif /* CONFIG_PASN */ + +#ifdef CONFIG_IEEE80211BE + struct mld_info mld_info; + u8 mld_assoc_link_id; +#endif /* CONFIG_IEEE80211BE */ }; diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h index b869068282..571ace2f51 100644 --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h @@ -2660,6 +2660,16 @@ struct eht_ml_basic_common_info { #define EHT_ML_MLD_CAPA_FREQ_SEP_FOR_STR_MASK 0x0f80 #define EHT_ML_MLD_CAPA_AAR_SUPP 0x1000 +#define EHT_PER_STA_CTRL_LINK_ID_MSK 0x000f +#define EHT_PER_STA_CTRL_COMPLETE_PROFILE_MSK 0x0010 +#define EHT_PER_STA_CTRL_MAC_ADDR_PRESENT_MSK 0x0020 +#define EHT_PER_STA_CTRL_BEACON_INTERVAL_PRESENT_MSK 0x0040 +#define EHT_PER_STA_CTRL_TSF_OFFSET_PRESENT_MSK 0x0080 +#define EHT_PER_STA_CTRL_DTIM_INFO_PRESENT_MSK 0x0100 +#define EHT_PER_STA_CTRL_NSTR_LINK_PAIR_PRESENT_MSK 0x0200 +#define EHT_PER_STA_CTRL_NSTR_BM_SIZE_MSK 0x0400 +#define EHT_PER_STA_CTRL_BSS_PARAM_CNT_PRESENT_MSK 0x0800 + /* IEEE P802.11be/D2.0, 9.4.2.312.2.4 - Per-STA Profile subelement format */ struct ieee80211_eht_per_sta_profile { le16 sta_control; From patchwork Mon May 22 19:33:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784651 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=tu6eJVaj; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=h4elJO8s; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ73G2R6bz20PS for ; Tue, 23 May 2023 05:35:54 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=gzkW7Ia8z7CFr58NyNYh4nMgJfIwsFLoP32bco1hDi8=; b=tu6eJVaj5PfqSy vF8EP2wvw8o2fMiqEqffmQhgAgGkZGx0ak6M94WuencLgzumaz8+xhOOmm8L+Kt/Ph7XPJ0hZGDZV V+BAr7A15TZeKveUxUqxf54OvKecQYIxqITXdJAcDu25RsPqvUV7Gwf5vSg8GsYh3zWQXW6iyQjLi RNDAFs1M3luVisDacFX76JzSfmZj8JEwBvJtEs15GOdliHsIqAYbynew5b63FA3aR1pjkwCbAUI2f Gg6hpuR1GwRh9182p+P8ZnR1uS9N2GFMF7G6X+WzWCtxbRACBUx/yOVDHwTwPgRm9e6ch2HUFPoVH i2WdOmXM5GIUVVJ0wupQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJG-007hmX-0j; Mon, 22 May 2023 19:35:10 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ6-007hZy-2M for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784100; x=1716320100; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=YowooPw7xj1qgMrnY95TvERZGMsDLP7bGu1MOHRnHwU=; b=h4elJO8szaY7Y4Tv3I9QivZaV/pRfDpHYOCTr8pF3kg5RNQl1r2C+Qzc U23C/l8XDiYxi6Khm3iQNbm4kL/HkcCJYEF6nhNrIgWdKIgWj4GTsCIb3 HQ+j63VS8Onm390xQXeELcv+HnFW4LRWuiYaWY5cmS9Uvu1sk2w8odfPI vw1ETn+k3MWgNL5XWwUxuqf0vGSfGXAoosBSxMM3fMgnW3m/HAhHthJGN 573AZYE5SXRI1I8rJcyN0u+m3HVDGk6pWbcU1kJ3F5PAwEzDQQC8puRLd vqPAFcgMVPjjQcgTAm5fREVPFWyLuq8M5ya4lzMXxDLn1ls5mPWSpflcS A==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869137" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869137" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:00 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809141" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809141" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:34:58 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH v2 14/44] AP: MLO: Handle ML element during authentication Date: Mon, 22 May 2023 22:33:42 +0300 Message-Id: <20230522193412.658666-15-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123500_827398_96A9830E X-CRM114-Status: GOOD ( 28.69 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: In case the AP is an MLD AP, parse the ML element from the authentication frame, store the relevant information, and prepare the response ML element. If the AP is not an MLD AP or the parsing of the element fails, continue the authentication flow without MLD support. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org In case the AP is an MLD AP, parse the ML element from the authentication frame, store the relevant information, and prepare the response ML element. If the AP is not an MLD AP or the parsing of the element fails, continue the authentication flow without MLD support. For SAE, it is needed to skip various fixed fields in the authentication frame. Implement it for SAE with H2E. TODO: This should be extended to other authentication algorithms which are allowed for MLD connections and have fixed fields in the authentication frames, according to table 9-69 in IEEE P802.11-REVme/D2.0. The change currently doesn't support FILS, FT etc. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 120 +++++++++++++++++++++--- src/ap/ieee802_11.h | 4 + src/ap/ieee802_11_eht.c | 196 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 306 insertions(+), 14 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index c22e7cf0d5..7eccf59bee 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -396,8 +396,26 @@ static int send_auth_reply(struct hostapd_data *hapd, struct sta_info *sta, u8 *buf; size_t rlen; int reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE; + const u8 *sa = hapd->own_addr; + struct wpabuf *ml_resp = NULL; - rlen = IEEE80211_HDRLEN + sizeof(reply->u.auth) + ies_len; +#ifdef CONFIG_IEEE80211BE + /* + * Once an non-AP MLD station is added to the driver, the addressing + * should use MLD address. Thus, use MLD address an not the + * handle the translations + */ + if (hapd->conf->mld_ap && sta && sta->mld_info.mld_sta) { + sa = hapd->mld_addr; + + ml_resp = hostapd_ml_auth_resp(hapd); + if (!ml_resp) + return -1; + } +#endif /* CONFIG_IEEE80211BE */ + + rlen = IEEE80211_HDRLEN + sizeof(reply->u.auth) + ies_len + + (ml_resp ? wpabuf_len(ml_resp) : 0); buf = os_zalloc(rlen); if (buf == NULL) return -1; @@ -406,7 +424,7 @@ static int send_auth_reply(struct hostapd_data *hapd, struct sta_info *sta, reply->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_AUTH); os_memcpy(reply->da, dst, ETH_ALEN); - os_memcpy(reply->sa, hapd->own_addr, ETH_ALEN); + os_memcpy(reply->sa, sa, ETH_ALEN); os_memcpy(reply->bssid, bssid, ETH_ALEN); reply->u.auth.auth_alg = host_to_le16(auth_alg); @@ -416,6 +434,14 @@ static int send_auth_reply(struct hostapd_data *hapd, struct sta_info *sta, if (ies && ies_len) os_memcpy(reply->u.auth.variable, ies, ies_len); +#ifdef CONFIG_IEEE80211BE + if (ml_resp) + os_memcpy(reply->u.auth.variable + ies_len, + wpabuf_head(ml_resp), wpabuf_len(ml_resp)); + + wpabuf_free(ml_resp); +#endif /* CONFIG_IEEE80211BE */ + wpa_printf(MSG_DEBUG, "authentication reply: STA=" MACSTR " auth_alg=%d auth_transaction=%d resp=%d (IE len=%lu) (dbg=%s)", MAC2STR(dst), auth_alg, auth_transaction, @@ -2747,6 +2773,8 @@ static void handle_auth(struct hostapd_data *hapd, size_t resp_ies_len = 0; u16 seq_ctrl; struct radius_sta rad_info; + const u8 *dst, *sa, *bssid; + bool mld_sta = false; if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) { wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)", @@ -2764,6 +2792,21 @@ static void handle_auth(struct hostapd_data *hapd, } #endif /* CONFIG_TESTING_OPTIONS */ + sa = mgmt->sa; +#ifdef CONFIG_IEEE80211BE + /* + * Handle MLO authentication before the station is added to hapd and the + * driver so that the station MLD address would be used in both hapd and + * the driver. + */ + sa = hostapd_process_ml_auth(hapd, mgmt, len); + if (sa) + mld_sta = true; + else + sa = mgmt->sa; +#endif /* CONFIG_IEEE80211BE */ + + auth_alg = le_to_host16(mgmt->u.auth.auth_alg); auth_transaction = le_to_host16(mgmt->u.auth.auth_transaction); status_code = le_to_host16(mgmt->u.auth.status_code); @@ -2779,7 +2822,7 @@ static void handle_auth(struct hostapd_data *hapd, wpa_printf(MSG_DEBUG, "authentication: STA=" MACSTR " auth_alg=%d " "auth_transaction=%d status_code=%d wep=%d%s " "seq_ctrl=0x%x%s%s", - MAC2STR(mgmt->sa), auth_alg, auth_transaction, + MAC2STR(sa), auth_alg, auth_transaction, status_code, !!(fc & WLAN_FC_ISWEP), challenge ? " challenge" : "", seq_ctrl, (fc & WLAN_FC_RETRY) ? " retry" : "", @@ -2845,7 +2888,16 @@ static void handle_auth(struct hostapd_data *hapd, if (os_memcmp(mgmt->sa, hapd->own_addr, ETH_ALEN) == 0) { wpa_printf(MSG_INFO, "Station " MACSTR " not allowed to authenticate", - MAC2STR(mgmt->sa)); + MAC2STR(sa)); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + + if (mld_sta && + (!os_memcmp(sa, hapd->own_addr, ETH_ALEN) || + !os_memcmp(sa, hapd->mld_addr, ETH_ALEN))) { + wpa_printf(MSG_INFO, "Station " MACSTR " not allowed to authenticate", + MAC2STR(sa)); resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } @@ -2853,7 +2905,7 @@ static void handle_auth(struct hostapd_data *hapd, if (hapd->conf->no_auth_if_seen_on) { struct hostapd_data *other; - other = sta_track_seen_on(hapd->iface, mgmt->sa, + other = sta_track_seen_on(hapd->iface, sa, hapd->conf->no_auth_if_seen_on); if (other) { u8 *pos; @@ -2862,7 +2914,7 @@ static void handle_auth(struct hostapd_data *hapd, wpa_printf(MSG_DEBUG, "%s: Reject authentication from " MACSTR " since STA has been seen on %s", - hapd->conf->iface, MAC2STR(mgmt->sa), + hapd->conf->iface, MAC2STR(sa), hapd->conf->no_auth_if_seen_on); resp = WLAN_STATUS_REJECTED_WITH_SUGGESTED_BSS_TRANSITION; @@ -2905,12 +2957,12 @@ static void handle_auth(struct hostapd_data *hapd, } } - res = ieee802_11_allowed_address(hapd, mgmt->sa, (const u8 *) mgmt, len, + res = ieee802_11_allowed_address(hapd, sa, (const u8 *) mgmt, len, &rad_info); if (res == HOSTAPD_ACL_REJECT) { wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Ignore Authentication frame from " MACSTR - " due to ACL reject", MAC2STR(mgmt->sa)); + " due to ACL reject", MAC2STR(sa)); resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } @@ -2920,7 +2972,7 @@ static void handle_auth(struct hostapd_data *hapd, #ifdef CONFIG_SAE if (auth_alg == WLAN_AUTH_SAE && !from_queue && (auth_transaction == 1 || - (auth_transaction == 2 && auth_sae_queued_addr(hapd, mgmt->sa)))) { + (auth_transaction == 2 && auth_sae_queued_addr(hapd, sa)))) { /* Handle SAE Authentication commit message through a queue to * provide more control for postponing the needed heavy * processing under a possible DoS attack scenario. In addition, @@ -2933,7 +2985,7 @@ static void handle_auth(struct hostapd_data *hapd, } #endif /* CONFIG_SAE */ - sta = ap_get_sta(hapd, mgmt->sa); + sta = ap_get_sta(hapd, sa); if (sta) { sta->flags &= ~WLAN_STA_PENDING_FILS_ERP; sta->ft_over_ds = 0; @@ -2953,7 +3005,7 @@ static void handle_auth(struct hostapd_data *hapd, sta->plink_state == PLINK_BLOCKED) { wpa_printf(MSG_DEBUG, "Mesh peer " MACSTR " is blocked - drop Authentication frame", - MAC2STR(mgmt->sa)); + MAC2STR(sa)); return; } #endif /* CONFIG_MESH */ @@ -2973,7 +3025,7 @@ static void handle_auth(struct hostapd_data *hapd, */ wpa_printf(MSG_DEBUG, "Mesh peer " MACSTR " not yet known - drop Authentication frame", - MAC2STR(mgmt->sa)); + MAC2STR(sa)); /* * Save a copy of the frame so that it can be processed * if a new peer entry is added shortly after this. @@ -2985,13 +3037,38 @@ static void handle_auth(struct hostapd_data *hapd, } #endif /* CONFIG_MESH */ - sta = ap_sta_add(hapd, mgmt->sa); + sta = ap_sta_add(hapd, sa); if (!sta) { wpa_printf(MSG_DEBUG, "ap_sta_add() failed"); resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; goto fail; } } + +#ifdef CONFIG_IEEE80211BE + if (auth_transaction == 1) { + os_memset(&sta->mld_info, 0, sizeof(sta->mld_info)); + + if (mld_sta) { + u8 link_id = hapd->mld_link_id; + + sta->mld_info.mld_sta = true; + sta->mld_assoc_link_id = link_id; + + /* + * Set the MLD address as the station address and the + * station addresses. + */ + os_memcpy(sta->mld_info.common_info.mld_addr, sa, + ETH_ALEN); + os_memcpy(sta->mld_info.links[link_id].peer_addr, + mgmt->sa, ETH_ALEN); + os_memcpy(sta->mld_info.links[link_id].local_addr, + hapd->own_addr, ETH_ALEN); + } + } +#endif /* CONFIG_IEEE80211BE */ + sta->last_seq_ctrl = seq_ctrl; sta->last_subtype = WLAN_FC_STYPE_AUTH; #ifdef CONFIG_MBO @@ -3129,7 +3206,22 @@ static void handle_auth(struct hostapd_data *hapd, } fail: - reply_res = send_auth_reply(hapd, sta, mgmt->sa, mgmt->bssid, auth_alg, + dst = mgmt->sa; + bssid = mgmt->bssid; + +#ifdef CONFIG_IEEE80211BE + /* + * Once an non-AP MLD station is added to the driver, the addressing + * should use MLD address. It is the responsibility of the driver to + * handle the translations + */ + if (hapd->conf->mld_ap && sta && sta->mld_info.mld_sta) { + dst = sta->addr; + bssid = hapd->mld_addr; + } +#endif /* CONFIG_IEEE80211BE */ + + reply_res = send_auth_reply(hapd, sta, dst, bssid, auth_alg, auth_alg == WLAN_AUTH_SAE ? auth_transaction : auth_transaction + 1, resp, resp_ies, resp_ies_len, diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h index 6f18291b78..0c0ddd631c 100644 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h @@ -86,6 +86,10 @@ void hostapd_get_eht_capab(struct hostapd_data *hapd, size_t len); u8 *hostapd_eid_eht_basic_ml(struct hostapd_data *hapd, u8 *eid, struct sta_info *info, bool include_mld_id); +struct wpabuf *hostapd_ml_auth_resp(struct hostapd_data *hapd); +const u8 *hostapd_process_ml_auth(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, + size_t len); int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta); u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ht_capab); diff --git a/src/ap/ieee802_11_eht.c b/src/ap/ieee802_11_eht.c index 01878a0cd4..cd7ca95c2e 100644 --- a/src/ap/ieee802_11_eht.c +++ b/src/ap/ieee802_11_eht.c @@ -11,6 +11,7 @@ #include "hostapd.h" #include "sta_info.h" #include "ieee802_11.h" +#include "crypto/dh_groups.h" static u16 ieee80211_eht_ppet_size(u16 ppe_thres_hdr, const u8 *phy_cap_info) @@ -613,3 +614,198 @@ out: wpabuf_free(buf); return pos; } + +struct wpabuf *hostapd_ml_auth_resp(struct hostapd_data *hapd) +{ + struct wpabuf *buf = wpabuf_alloc(12); + + if (!buf) + return NULL; + + wpabuf_put_u8(buf, WLAN_EID_EXTENSION); + wpabuf_put_u8(buf, 10); + wpabuf_put_u8(buf, WLAN_EID_EXT_MULTI_LINK); + wpabuf_put_le16(buf, MULTI_LINK_CONTROL_TYPE_BASIC); + wpabuf_put_u8(buf, ETH_ALEN + 1); + wpabuf_put_data(buf, hapd->mld_addr, ETH_ALEN); + + return buf; +} + + +static const u8 *auth_skip_fixed_fields(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, + size_t len) +{ + u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg); + u16 auth_transaction = le_to_host16(mgmt->u.auth.auth_transaction); + u16 status_code = le_to_host16(mgmt->u.auth.status_code); + const u8 *pos = mgmt->u.auth.variable; + + /* Skip fixed fields as defined in table 9-41 */ + switch (auth_alg) { + case WLAN_AUTH_OPEN: + return pos; + case WLAN_AUTH_SAE: + if (auth_transaction == 1) { + u16 group; + size_t prime_len; + struct crypto_ec *ec; + + if (status_code == WLAN_STATUS_SUCCESS) { + wpa_printf(MSG_DEBUG, + "EHT: SAE: H2E is mandatory for MLD"); + goto out; + } + + if (status_code != WLAN_STATUS_SAE_HASH_TO_ELEMENT) + return pos; + + /* H2E commit message (group, scalar, FFE) */ + if (len < 2) { + wpa_printf(MSG_DEBUG, + "EHT: SAE: Group is not present"); + return NULL; + } + + group = WPA_GET_LE16(pos); + pos += 2; + + /* TODO: how to parse when the group is unknown? */ + ec = crypto_ec_init(group); + if (!ec) { + const struct dh_group *dh = + dh_groups_get(group); + + if (!dh) { + wpa_printf(MSG_DEBUG, + "EHT: SAE: Unknown group=%u", + group); + return NULL; + } + + prime_len = dh->prime_len; + } else { + prime_len = crypto_ec_prime_len(ec); + } + + wpa_printf(MSG_DEBUG, "EHT: SAE: scalar length is %zu", + prime_len); + + /* scalar */ + pos += prime_len; + + if (ec) { + pos += prime_len * 2; + crypto_ec_deinit(ec); + } else { + pos += prime_len; + } + + if (pos - mgmt->u.auth.variable > (int)len) { + wpa_printf(MSG_DEBUG, + "EHT: SAE: frame too short"); + return NULL; + } + + wpa_hexdump(MSG_DEBUG, "EHT: SAE: remaining auth:", + pos, + (int)len - (pos - mgmt->u.auth.variable)); + } else if (auth_transaction == 2) { + struct sta_info *sta; + + if (status_code == + WLAN_STATUS_REJECTED_WITH_SUGGESTED_BSS_TRANSITION) + return pos; + + /* send confirm integer */ + pos += 2; + + /* + * At this stage we should already have an MLD station + * and actually sa, will be replaced to MLD address by + * the kernel. + */ + sta = ap_get_sta(hapd, mgmt->sa); + if (!sta) { + wpa_printf(MSG_DEBUG, + "SAE: No MLD sta for SAE confirm"); + return NULL; + } + + if (!sta->sae || sta->sae->state < SAE_COMMITTED || + !sta->sae->tmp) { + if (sta->sae) + wpa_printf(MSG_DEBUG, + "SAE: Invalid state=%u", + sta->sae ? + sta->sae->state : + SAE_NOTHING); + else + wpa_printf(MSG_DEBUG, + "SAE: state is NULL"); + return NULL; + } + + wpa_printf(MSG_DEBUG, "SAE: confirm: kck_len=%zu", + sta->sae->tmp->kck_len); + + pos += sta->sae->tmp->kck_len; + + if (pos - mgmt->u.auth.variable > (int)len) { + wpa_printf(MSG_DEBUG, + "EHT: Too short SAE AUTH frame"); + return NULL; + } + } + + return pos; + + /* TODO: support additional algorithms */ + case WLAN_AUTH_FT: + case WLAN_AUTH_FILS_SK: + case WLAN_AUTH_FILS_SK_PFS: + case WLAN_AUTH_FILS_PK: + case WLAN_AUTH_PASN: + case WLAN_AUTH_LEAP: + case WLAN_AUTH_SHARED_KEY: + default: + break; + } + +out: + wpa_printf(MSG_DEBUG, + "TODO: Auth method not supported with MLD (%d)", + auth_alg); + return NULL; +} + + +const u8 *hostapd_process_ml_auth(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, + size_t len) +{ + struct ieee802_11_elems elems; + const u8 *pos; + + if (!hapd->conf->mld_ap) + return NULL; + + len -= offsetof(struct ieee80211_mgmt, u.auth.variable); + + pos = auth_skip_fixed_fields(hapd, mgmt, len); + if (!pos) + return NULL; + + if (ieee802_11_parse_elems(pos, + (int)len - (pos - mgmt->u.auth.variable), + &elems, 0) == ParseFailed) { + wpa_printf(MSG_DEBUG, + "MLD: Failed parsing Authentication frame"); + } + + if (!elems.basic_mle || !elems.basic_mle_len) + return NULL; + + return get_basic_mle_mld_addr(elems.basic_mle, elems.basic_mle_len); +} From patchwork Mon May 22 19:33:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784649 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=z8TNiiU7; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=KG0wOvQl; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ73968S6z20PY for ; Tue, 23 May 2023 05:35:49 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ge32HOu7TZWLsw1UhuVbxMMESZV7bKSI/Fs24oL73Ck=; b=z8TNiiU7tJOX6N eD2BTEZUURZqiUTXRALob0/omb5b4MwETavAGKxzQdxR5izCsJi8r5oVM0pQEoYYR9Q1Xl8zLePLt bywTD1z5uj/6Vc8R54uy1y9xU/UnqFWwL4Q8hAVPxEsIJzRUtViKQS61Hoy+pObKuwEzLUB/Bp4+O 8tcHeTkBK4obmqDwAQgWua9VxK9A2l7zs3KtZqtP6LrBk4UUbsamb+TWndNg4ftmRkAw4Ns2SEGy3 YsCQO/B+8q0B/7TfeigSl3C4LY5obQE7xDZSmPOQm2vdHBH1+HJl5S59LSuLhnePJc+d758tm373O vBseyk8GGbgj4msz86sQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJI-007hpl-0X; Mon, 22 May 2023 19:35:12 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ7-007hbQ-3A for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784101; x=1716320101; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=/D/gx/kdaX1BFqcuozYZ99zs6FY7/1JFmeWF2uWWgbQ=; b=KG0wOvQlcm1zNbJtMIG96RLntyhUVaTdS3Er1WCH12dHsUO53r2wceyx +Lu69zPBGOJuHZbIvJLPEhRrpK7anA1zMcuMz0LI4hgASIKg+Di6wCs8v 8jQg7aVB5ibc70XZ7KxiZd0XaD22tIz/orFv9txXcEvNX5goWq6KxqvsX AfKpXVBkXG7FuxFg4eQOBOB2SW0o0s9v1qEWplbQrAyYBp8gsVe1T6SFR YPWdmYkQriRxl9kE0+/8DCbJs7DInVuyH7yFdUW++fwmwWkoR1wZ8uEes XVues+wab2gbfnDVoo1pM9a35ADqzFCOBFtUV4BtT04TgC4qtFibl5KcY A==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869142" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869142" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:01 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809147" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809147" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:00 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 15/44] AP: MLO: Add MLO information to hostapd_sta_add_params struct Date: Mon, 22 May 2023 22:33:43 +0300 Message-Id: <20230522193412.658666-16-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123502_074231_CD60E7FD X-CRM114-Status: GOOD ( 18.35 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Provide MLO information when adding new station. Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 15 ++++++++++++++- src/ap/ap_drv_ops.h | 3 ++- src/ap/ieee802_11.c | 22 +++++++++++++++++++--- src/ap/s [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Provide MLO information when adding new station. Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 15 ++++++++++++++- src/ap/ap_drv_ops.h | 3 ++- src/ap/ieee802_11.c | 22 +++++++++++++++++++--- src/ap/sta_info.c | 19 ++++++++++++++++++- 4 files changed, 53 insertions(+), 6 deletions(-) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index 3167bca786..622687befc 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -430,7 +430,7 @@ int hostapd_sta_add(struct hostapd_data *hapd, size_t eht_capab_len, const struct ieee80211_he_6ghz_band_cap *he_6ghz_capab, u32 flags, u8 qosinfo, u8 vht_opmode, int supp_p2p_ps, - int set) + int set, const u8 *link_addr, bool mld_link_sta) { struct hostapd_sta_add_params params; @@ -460,6 +460,19 @@ int hostapd_sta_add(struct hostapd_data *hapd, params.support_p2p_ps = supp_p2p_ps; params.set = set; params.mld_link_id = -1; + +#ifdef CONFIG_IEEE80211BE + /* + * for an MLD AP need to always specify to what link the station needs + * to be added + */ + if (hapd->conf->mld_ap) { + params.mld_link_id = hapd->mld_link_id; + params.mld_link_addr = link_addr; + params.mld_link_sta = mld_link_sta; + } +#endif /* CONFIG_IEEE80211BE */ + return hapd->driver->sta_add(hapd->drv_priv, ¶ms); } diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index 844d2d87ac..2aa76385e1 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -47,7 +47,8 @@ int hostapd_sta_add(struct hostapd_data *hapd, size_t eht_capab_len, const struct ieee80211_he_6ghz_band_cap *he_6ghz_capab, u32 flags, u8 qosinfo, u8 vht_opmode, int supp_p2p_ps, - int set); + int set, + const u8 *link_addr, bool mld_link_sta); int hostapd_set_privacy(struct hostapd_data *hapd, int enabled); int hostapd_set_generic_elem(struct hostapd_data *hapd, const u8 *elem, size_t elem_len); diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 7eccf59bee..7495c04d04 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -4241,6 +4241,21 @@ static int add_associated_sta(struct hostapd_data *hapd, struct ieee80211_he_capabilities he_cap; struct ieee80211_eht_capabilities eht_cap; int set = 1; + const u8 *mld_link_addr = NULL; + bool mld_link_sta = false; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && sta->mld_info.mld_sta) { + u8 mld_link_id = hapd->mld_link_id; + + mld_link_sta = sta->mld_assoc_link_id != mld_link_id; + mld_link_addr = + sta->mld_info.links[mld_link_id].peer_addr; + + if (hapd->mld_link_id != sta->mld_assoc_link_id) + set = 0; + } +#endif /* CONFIG_IEEE80211BE */ /* * Remove the STA entry to ensure the STA PS state gets cleared and @@ -4269,7 +4284,7 @@ static int add_associated_sta(struct hostapd_data *hapd, wpa_auth_sta_ft_tk_already_set(sta->wpa_sm), wpa_auth_sta_fils_tk_already_set(sta->wpa_sm)); - if (!sta->added_unassoc && + if (!mld_link_sta && !sta->added_unassoc && (!(sta->flags & WLAN_STA_AUTHORIZED) || (reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) || (!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) && @@ -4307,7 +4322,8 @@ static int add_associated_sta(struct hostapd_data *hapd, * will be set when the ACK frame for the (Re)Association Response frame * is processed (TX status driver event). */ - if (hostapd_sta_add(hapd, sta->addr, sta->aid, sta->capability, + if (hostapd_sta_add(hapd, sta->addr, + sta->aid, sta->capability, sta->supported_rates, sta->supported_rates_len, sta->listen_interval, sta->flags & WLAN_STA_HT ? &ht_cap : NULL, @@ -4319,7 +4335,7 @@ static int add_associated_sta(struct hostapd_data *hapd, sta->he_6ghz_capab, sta->flags | WLAN_STA_ASSOC, sta->qosinfo, sta->vht_opmode, sta->p2p_ie ? 1 : 0, - set)) { + set, mld_link_addr, mld_link_sta)) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE, "Could not %s STA to kernel driver", diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c index 0897bcda4d..edfda2abf1 100644 --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c @@ -1564,6 +1564,9 @@ int ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, int ap_sta_re_add(struct hostapd_data *hapd, struct sta_info *sta) { + const u8 *mld_link_addr = NULL; + bool mld_link_sta = false; + /* * If a station that is already associated to the AP, is trying to * authenticate again, remove the STA entry, in order to make sure the @@ -1571,6 +1574,19 @@ int ap_sta_re_add(struct hostapd_data *hapd, struct sta_info *sta) * this, station's added_unassoc flag is cleared once the station has * completed association. */ + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) { + u8 mld_link_id = hapd->mld_link_id; + + if (sta->mld_info.mld_sta) { + mld_link_sta = sta->mld_assoc_link_id != mld_link_id; + mld_link_addr = + sta->mld_info.links[mld_link_id].peer_addr; + } + } +#endif /* CONFIG_IEEE80211BE */ + ap_sta_set_authorized(hapd, sta, 0); hostapd_drv_sta_remove(hapd, sta->addr); sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_AUTH | WLAN_STA_AUTHORIZED); @@ -1579,7 +1595,8 @@ int ap_sta_re_add(struct hostapd_data *hapd, struct sta_info *sta) sta->supported_rates, sta->supported_rates_len, 0, NULL, NULL, NULL, 0, NULL, 0, NULL, - sta->flags, 0, 0, 0, 0)) { + sta->flags, 0, 0, 0, 0, + mld_link_addr, mld_link_sta)) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE, From patchwork Mon May 22 19:33:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784652 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=2Vu2aiDo; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=BqMgCUoY; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ73N595nz20PS for ; Tue, 23 May 2023 05:36:00 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=aLrgAYxXdKnUsP6TAfgwwOTpvWlOPHcqWq17s0hP4s8=; b=2Vu2aiDo3abE/6 mYM6drTGx0RCthaM3YoqIROEOnzs7Av9HN9scYyMt3hbdO0oFA1436zYY3GU0Df3ca+ic6XGsO6qm kb9I0t0vYOx143yWGOasiAnXlaLuW1VJcFQ+ChlKDGhmGWY1QCx2opm/gCv8AcOX6FTc80azOo/Hf 1/jqnfb+LAcnPFKOuiapU0Cx68arN63S3+Dag9c6hAWYhDg0d83ip2rZuNhqXh0LPNtY+UqRaqxJF grFKKajzM68sGQrim/Ubyy/qRbPUphuRr/3pX6FcR9FeoLUM9zhTJM8XtHTEyS7bzA7KUcQ3MGAJ8 6QXYAZqxrOR05Z6Ib7Og==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJK-007hri-1C; Mon, 22 May 2023 19:35:14 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJ9-007hZy-0l for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:04 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784103; x=1716320103; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=UdGvvn2zUrldXJwxxfksKYC7G32irJy/2BDXIBNNHwE=; b=BqMgCUoYnjOO7khG8hUCDBdf0v4E8IOux84MmE9jTD9xQg4RKbc10Z+j AWx5w6QTrYzJquvkPoowPpkpMv1NzJRTQ5EsgNKKVyuvzigj9vV/Q9atQ Log7u0ZbmTqQXuo1Ht8xXR+D1HSPYZ4YRgS8Nxkt2xQhUVIE0Ic99Fg3q LUbeiHg/ysMm3zgu5m+7lA7kYnFaYsyxe/Xtrkzp/4y7Hvm//9jqR13NL LJaGqkyAFuNHSyV/ibPlR38eFbSH/zcXSrNF0pjaS3ZoK8QdP4KuRbPFV 8/pUmKFOCCKj0qxvNVqgftYroOS+dFCjh1+tJi4AQWXRCwnbH2MOcTUp7 Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869145" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869145" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:03 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809153" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809153" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:01 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 16/44] AP: Support AID allocation for MLD Date: Mon, 22 May 2023 22:33:44 +0300 Message-Id: <20230522193412.658666-17-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123503_360934_E95350B4 X-CRM114-Status: GOOD ( 14.23 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 43 +++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 41 insertions(+), 2 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 7495c04d04..1cc42ea83c 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -3252,6 +3252,43 @@ static u8 hostapd_max_bssid_indica [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 43 +++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 41 insertions(+), 2 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 7495c04d04..1cc42ea83c 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -3252,6 +3252,43 @@ static u8 hostapd_max_bssid_indicator(struct hostapd_data *hapd) } +static u32 hostapd_get_aid_word(struct hostapd_data *hapd, + struct sta_info *sta, int i) +{ +#ifdef CONFIG_IEEE80211BE + u32 aid_word = 0; + + /* For MLD case, don't use AID's from other links */ + if (hapd->conf->mld_ap) { + int j; + + for (j = 0; j < MAX_NUM_MLD_LINKS; j++) { + struct hostapd_data *link_bss; + + if (!sta->mld_info.links[j].valid) + continue; + + link_bss = hostapd_mld_get_link_bss(hapd, j); + if (!link_bss) { + /* This shouldn't happen, just skip */ + wpa_printf(MSG_ERROR, + "Failed to get link BSS for AID"); + continue; + } + + aid_word |= link_bss->sta_aid[i]; + } + + return aid_word; + } else { + return hapd->sta_aid[i]; + } +#else + return hapd->sta_aid[i]; +#endif +} + + int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta) { int i, j = 32, aid; @@ -3266,10 +3303,12 @@ int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta) return -1; for (i = 0; i < AID_WORDS; i++) { - if (hapd->sta_aid[i] == (u32) -1) + u32 aid_word = hostapd_get_aid_word(hapd, sta, i); + + if (aid_word == (u32) -1) continue; for (j = 0; j < 32; j++) { - if (!(hapd->sta_aid[i] & BIT(j))) + if (!(aid_word & BIT(j))) break; } if (j < 32) From patchwork Mon May 22 19:33:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784653 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Q36OPB4z; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=QyqjBv3B; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ73Q1RG0z20PS for ; Tue, 23 May 2023 05:36:02 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=XEUQEHBjFVohaEStM5hbqJD5ZcrL2GxRTOKoY/8EDdU=; b=Q36OPB4zhp+j0o kuEO6LYNdoJOueG5hiUFHIVevRuR9ygPP1kJxZs1WxTtE3gSgQs3cu3eOUTgAXD9P0T+iwCX+JDqB 2a8qetarusVM9YW3I6J2jte0PTK41z1uipD8y0IaziVacpyprZDpUBNyJ0wfIdwMDFoINwtGLHq4v TdFfOSlghz92Q1ti6ek0Ry00gtPybQQGhGYmm3jEzJ7SUQ8bETGUiPWoooXQrSrmbSQH5xl6Yxpqq 1odM0luRf2YBixM3CHJF2fCzhfbdGwfVx8eOMgR3p6KqJvDw1yeEtKgbMCMob+B4cNCsK0G22LTQ1 lh7J1UV01DpceeD5q2fw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJQ-007hxx-0m; Mon, 22 May 2023 19:35:20 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJB-007hZy-00 for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:07 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784104; x=1716320104; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=o3uygeCbIEH10nyUU96UKMElk+dcseuGpmwyrXFukYc=; b=QyqjBv3BPuBrulH7qMwes/KOU5857UqkIcr/jRgj1urF0mHXByve9EGf cvDbFt3bdYF/rxYqVaKct6LziwT/DsAVpBBNBTzoiTPHtHMdIKrcfR8VS I4tIO6CUw2ixICwdR+G6Du3DkZ2viQY6eMrPU2KKfQjlN2c6Grzei8D+f Fa9+g79lT4VmjsLbDQib+YXrCxmFTrihMl5HBqHsu5NnA25IAvGJWrVC9 n4CGPiFIRRoJvWPFfO5gLNHI2yxf87+iKsk280nZK2gU3KII6FVKUDE6y lyQvWbQj341u4xqUxs310mr3xLTMCJ4cFcgtEiraQJD35NnfOdbytW3sx g==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869150" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869150" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:04 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809164" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809164" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:02 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH v2 17/44] AP: MLO: Process EHT ML element from association request Date: Mon, 22 May 2023 22:33:45 +0300 Message-Id: <20230522193412.658666-18-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123505_060109_6DD18C0D X-CRM114-Status: GOOD ( 24.83 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Implement processing of the ML element in the association request, including processing of the per station profile. After handling the basic parsing of the element, extracting the information about the requested links, handle the link specific processing for each link: Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Implement processing of the ML element in the association request, including processing of the per station profile. After handling the basic parsing of the element, extracting the information about the requested links, handle the link specific processing for each link: - Find the interface with the corresponding link ID. - Process the station profile in the interface. - Prepare the per station profile to be included in the ML element in the association response. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 265 +++++++++++++++++++++++++++++++++++- src/ap/ieee802_11.h | 4 + src/ap/ieee802_11_eht.c | 292 ++++++++++++++++++++++++++++++++++++++++ src/ap/sta_info.c | 15 +++ 4 files changed, 573 insertions(+), 3 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 1cc42ea83c..a7dccbc444 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -83,7 +83,8 @@ static void pasn_fils_auth_resp(struct hostapd_data *hapd, static void handle_auth(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len, int rssi, int from_queue); - +static int add_associated_sta(struct hostapd_data *hapd, + struct sta_info *sta, int reassoc); u8 * hostapd_eid_multi_ap(struct hostapd_data *hapd, u8 *eid) { @@ -3785,7 +3786,8 @@ static bool check_sa_query(struct hostapd_data *hapd, struct sta_info *sta, static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ies, size_t ies_len, - struct ieee802_11_elems *elems, int reassoc) + struct ieee802_11_elems *elems, int reassoc, + bool link) { int resp; const u8 *wpa_ie; @@ -3887,6 +3889,14 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, elems->eht_capabilities_len); if (resp != WLAN_STATUS_SUCCESS) return resp; + + if (!link) { + resp = hostapd_process_ml_assoc_req(hapd, + elems, + sta); + if (resp != WLAN_STATUS_SUCCESS) + return resp; + } } #endif /* CONFIG_IEEE80211BE */ @@ -4246,7 +4256,253 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, return WLAN_STATUS_UNSPECIFIED_FAILURE; } - return __check_assoc_ies(hapd, sta, ies, ies_len, &elems, reassoc); + return __check_assoc_ies(hapd, sta, ies, ies_len, &elems, reassoc, + false); +} + + +#ifdef CONFIG_IEEE80211BE + +static size_t ieee80211_ml_build_assoc_resp(struct hostapd_data *hapd, + u16 status_code, + u8 *buf, size_t buflen) +{ + u8 *p = buf; + + /* capability info */ + WPA_PUT_LE16(p, hostapd_own_capab_info(hapd)); + p += 2; + + /* status code */ + WPA_PUT_LE16(p, status_code); + p += 2; + + if (status_code != WLAN_STATUS_SUCCESS) + goto out; + + /* AID is not included */ + p = hostapd_eid_supp_rates(hapd, p); + p = hostapd_eid_ext_supp_rates(hapd, p); + p = hostapd_eid_rm_enabled_capab(hapd, p, buf + buflen - p); + p = hostapd_eid_ht_capabilities(hapd, p); + p = hostapd_eid_ht_operation(hapd, p); + + if (hapd->iconf->ieee80211ac && !hapd->conf->disable_11ac) { + p = hostapd_eid_vht_capabilities(hapd, p, 0); + p = hostapd_eid_vht_operation(hapd, p); + } + + if (hapd->iconf->ieee80211ax && !hapd->conf->disable_11ax) { + p = hostapd_eid_he_capab(hapd, p, IEEE80211_MODE_AP); + p = hostapd_eid_he_operation(hapd, p); + p = hostapd_eid_spatial_reuse(hapd, p); + p = hostapd_eid_he_mu_edca_parameter_set(hapd, p); + p = hostapd_eid_he_6ghz_band_cap(hapd, p); + if (hapd->iconf->ieee80211be && !hapd->conf->disable_11be) { + p = hostapd_eid_eht_capab(hapd, p, IEEE80211_MODE_AP); + p = hostapd_eid_eht_operation(hapd, p); + } + } + + p = hostapd_eid_ext_capab(hapd, p, false); + p = hostapd_eid_mbo(hapd, p, buf + buflen - p); + p = hostapd_eid_wmm(hapd, p); + + if (hapd->conf->assocresp_elements && + (size_t)(buf + buflen - p) >= + wpabuf_len(hapd->conf->assocresp_elements)) { + os_memcpy(p, wpabuf_head(hapd->conf->assocresp_elements), + wpabuf_len(hapd->conf->assocresp_elements)); + p += wpabuf_len(hapd->conf->assocresp_elements); + } + +out: + return p - buf; +} + + +static void ieee80211_ml_process_link(struct hostapd_data *hapd, + struct sta_info *origin_sta, + struct mld_link_info *link, + const u8 *ies, size_t ies_len, + int reassoc) +{ + struct ieee802_11_elems elems; + struct wpabuf *mlbuf = NULL; + struct sta_info *sta = NULL; + u16 status = WLAN_STATUS_SUCCESS; + + wpa_printf(MSG_INFO, "MLD: link: link_id=%u, peer=" MACSTR, + hapd->mld_link_id, MAC2STR(link->peer_addr)); + + if (ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed) { + wpa_printf(MSG_DEBUG, "MLD: link: failed parsing"); + status = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto out; + } + + sta = ap_get_sta(hapd, origin_sta->addr); + if (sta) { + wpa_printf(MSG_INFO, "MLD: link: station already exists"); + status = WLAN_STATUS_UNSPECIFIED_FAILURE; + sta = NULL; + goto out; + } + + sta = ap_sta_add(hapd, origin_sta->addr); + if (!sta) { + wpa_printf(MSG_DEBUG, "MLD: link: ap_sta_add() failed"); + status = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; + goto out; + } + + mlbuf = ieee802_11_defrag_mle(&elems, MULTI_LINK_CONTROL_TYPE_BASIC); + + if (!mlbuf) + goto out; + + if (ParseOK != ieee802_11_parse_link_assoc_req(ies, ies_len, &elems, + mlbuf, + hapd->mld_link_id, + true)) { + wpa_printf(MSG_DEBUG, "MLD: link: assoc_req parse failed"); + status = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; + goto out; + } + + sta->flags |= origin_sta->flags | WLAN_STA_ASSOC_REQ_OK; + status = __check_assoc_ies(hapd, sta, NULL, 0, &elems, reassoc, true); + if (status != WLAN_STATUS_SUCCESS) { + wpa_printf(MSG_DEBUG, "MLD: link: element check failed"); + goto out; + } + + sta->mld_info.mld_sta = true; + sta->mld_assoc_link_id = origin_sta->mld_assoc_link_id; + + os_memcpy(&sta->mld_info, &origin_sta->mld_info, sizeof(sta->mld_info)); + + /* + * Get the AID from the station on which the association was preformed, + * and mark it as used. + */ + sta->aid = origin_sta->aid; + hapd->sta_aid[(sta->aid - 1) / 32] |= BIT((sta->aid - 1) % 32); + sta->listen_interval = origin_sta->listen_interval; + update_ht_state(hapd, sta); + + /* WPA authenticator should always be the one on the original station */ + wpa_auth_sta_deinit(sta->wpa_sm); + sta->wpa_sm = NULL; + + /* + * Do not initialize the EAPOL state machine. + * TODO: maybe it is needed? + */ + sta->eapol_sm = NULL; + + wpa_printf(MSG_DEBUG, + "MLD: link=%u, association OK (aid=%u)", + hapd->mld_link_id, sta->aid); + + /* + * Get RSN and RSNXE elements for the current BSS as they are required + * by the authenticator + */ + link->rsne = hostapd_wpa_ie(hapd, WLAN_EID_RSN); + link->rsnxe = hostapd_wpa_ie(hapd, WLAN_EID_RSNX); + + sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC_REQ_OK; + + /* TODO: What other processing is required? */ + + if (add_associated_sta(hapd, sta, reassoc)) + status = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; +out: + wpabuf_free(mlbuf); + link->status = status; + + wpa_printf(MSG_DEBUG, "MLD: link: status=%u", status); + if (sta && status != WLAN_STATUS_SUCCESS) + ap_free_sta(hapd, sta); + + link->resp_sta_profile_len = + ieee80211_ml_build_assoc_resp(hapd, link->status, + link->resp_sta_profile, + sizeof(link->resp_sta_profile)); +} + +static bool hostapd_is_mld_ap(struct hostapd_data *hapd) +{ + if (!hapd->conf->mld_ap) + return false; + + if (!hapd->iface || !hapd->iface->interfaces || + hapd->iface->interfaces->count <= 1) + return false; + + return true; +} + +#endif /* CONFIG_IEEE80211BE */ + +static void hostapd_process_assoc_ml_info(struct hostapd_data *hapd, + struct sta_info *sta, + const u8 *ies, size_t ies_len, + int reassoc) +{ +#ifdef CONFIG_IEEE80211BE + u8 i, j; + + if (!hostapd_is_mld_ap(hapd)) + return; + + /* + * This is not really needed, but make the interaction with the WPA + * authenticator more consistent + */ + sta->mld_info.links[hapd->mld_link_id].rsne = + hostapd_wpa_ie(hapd, WLAN_EID_RSN); + sta->mld_info.links[hapd->mld_link_id].rsnxe = + hostapd_wpa_ie(hapd, WLAN_EID_RSNX); + + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + struct hostapd_iface *iface = NULL; + struct mld_link_info *link = &sta->mld_info.links[i]; + + if (!link->valid) + continue; + + for (j = 0; j < hapd->iface->interfaces->count; j++) { + iface = hapd->iface->interfaces->iface[j]; + + if (hapd->iface == iface) + continue; + + if (iface->bss[0]->conf->mld_ap && + hapd->conf->mld_id == iface->bss[0]->conf->mld_id && + i == iface->bss[0]->mld_link_id) + break; + } + + if (!iface || j == hapd->iface->interfaces->count) { + wpa_printf(MSG_DEBUG, + "MLD: no link match for link_id=%u", + i); + + link->status = WLAN_STATUS_UNSPECIFIED_FAILURE; + link->resp_sta_profile_len = + ieee80211_ml_build_assoc_resp(hapd, + link->status, + link->resp_sta_profile, + sizeof(link->resp_sta_profile)); + } else { + ieee80211_ml_process_link(iface->bss[0], + sta, link, + ies, ies_len, reassoc); + } + } +#endif /* CONFIG_IEEE80211BE */ } @@ -5174,6 +5430,9 @@ static void handle_assoc(struct hostapd_data *hapd, * issues with processing other non-Data Class 3 frames during this * window. */ + if (resp == WLAN_STATUS_SUCCESS) + hostapd_process_assoc_ml_info(hapd, sta, pos, left, reassoc); + if (resp == WLAN_STATUS_SUCCESS && sta && add_associated_sta(hapd, sta, reassoc)) resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h index 0c0ddd631c..2eb40a33ce 100644 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h @@ -19,6 +19,7 @@ struct ieee80211_mgmt; struct radius_sta; enum ieee80211_op_mode; enum oper_chan_width; +struct ieee802_11_elems; int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, struct hostapd_frame_info *fi); @@ -90,6 +91,9 @@ struct wpabuf *hostapd_ml_auth_resp(struct hostapd_data *hapd); const u8 *hostapd_process_ml_auth(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len); +u16 hostapd_process_ml_assoc_req(struct hostapd_data *hapd, + struct ieee802_11_elems *elems, + struct sta_info *sta); int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta); u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ht_capab); diff --git a/src/ap/ieee802_11_eht.c b/src/ap/ieee802_11_eht.c index cd7ca95c2e..12a053fa92 100644 --- a/src/ap/ieee802_11_eht.c +++ b/src/ap/ieee802_11_eht.c @@ -809,3 +809,295 @@ const u8 *hostapd_process_ml_auth(struct hostapd_data *hapd, return get_basic_mle_mld_addr(elems.basic_mle, elems.basic_mle_len); } + + +static int hostapd_mld_validate_assoc_info(struct hostapd_data *hapd, + struct mld_info *info) +{ + u8 i, link_id; + + if (!info->mld_sta) { + wpa_printf(MSG_DEBUG, "MLD: not an MLD station"); + return 0; + } + + /* + * Iterate over the link negotiated in the association request and + * validate that they are indeed valid links in the local MLD AP. + * While at it, also update the local address for the links in the + * mld_info, so it could be easily available for later flows, e.g., for + * the WPA authenticator etc. + */ + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + struct hostapd_data *other_hapd; + + if (!info->links[link_id].valid) + continue; + + for (i = 0; i < hapd->iface->interfaces->count; i++) { + other_hapd = hapd->iface->interfaces->iface[i]->bss[0]; + + if (hapd == other_hapd) + continue; + + if (other_hapd->conf->mld_ap && + other_hapd->conf->mld_id == hapd->conf->mld_id && + link_id == other_hapd->mld_link_id) + break; + } + + if (i == hapd->iface->interfaces->count && + link_id != hapd->mld_link_id) { + wpa_printf(MSG_DEBUG, "MLD: invalid link ID=%u", + link_id); + return -1; + } + + if (i < hapd->iface->interfaces->count) + os_memcpy(info->links[link_id].local_addr, + other_hapd->own_addr, + ETH_ALEN); + } + + return 0; +} + + +u16 hostapd_process_ml_assoc_req(struct hostapd_data *hapd, + struct ieee802_11_elems *elems, + struct sta_info *sta) +{ + struct wpabuf *mlbuf = ieee802_11_defrag_mle(elems, + MULTI_LINK_CONTROL_TYPE_BASIC); + struct ieee80211_eht_ml *ml; + struct eht_ml_basic_common_info *common_info; + size_t ml_len, common_info_len; + struct mld_link_info *link_info; + struct mld_info *info = &sta->mld_info; + u8 *pos; + int ret = -1; + u16 ml_control; + + if (!mlbuf) + return WLAN_STATUS_SUCCESS; + + ml = (struct ieee80211_eht_ml *)wpabuf_head(mlbuf); + ml_len = wpabuf_len(mlbuf); + + ml_control = le_to_host16(ml->ml_control); + if ((ml_control & MULTI_LINK_CONTROL_TYPE_MASK) != MULTI_LINK_CONTROL_TYPE_BASIC) { + wpa_printf(MSG_DEBUG, "MLD: Invalid ML type=%u", + ml_control & MULTI_LINK_CONTROL_TYPE_MASK); + goto out; + } + + /* common info length and MLD address must always be present */ + common_info_len = 7; + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_LINK_ID) { + wpa_printf(MSG_DEBUG, "MLD: link ID info not expected"); + goto out; + } + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_BSS_PARAM_CH_COUNT) { + wpa_printf(MSG_DEBUG, "MLD: BSS params change not expected"); + goto out; + } + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_MSD_INFO) { + wpa_printf(MSG_DEBUG, "MLD: sync delay not expected"); + goto out; + } + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_EML_CAPA) { + common_info_len += 2; + } else { + wpa_printf(MSG_DEBUG, "MLD: EML capabilities not present"); + } + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_MLD_CAPA) { + common_info_len += 2; + + } else { + wpa_printf(MSG_DEBUG, "MLD: MLD capabilities not present"); + goto out; + } + + wpa_printf(MSG_DEBUG, "MLD: expected_common_info_len=%lu", + common_info_len); + + if (sizeof(*ml) + common_info_len > ml_len) { + wpa_printf(MSG_DEBUG, "MLD: not enough bytes for common info"); + goto out; + } + + common_info = (struct eht_ml_basic_common_info *)ml->variable; + + /* common information length includes the length octet */ + if (common_info->len != common_info_len) { + wpa_printf(MSG_DEBUG, + "MLD: invalid common info len=%u", common_info->len); + goto out; + } + + pos = common_info->variable; + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_EML_CAPA) { + info->common_info.eml_capa = WPA_GET_LE16(pos); + pos += 2; + } else { + info->common_info.eml_capa = 0; + } + + info->common_info.mld_capa = WPA_GET_LE16(pos); + pos += 2; + + wpa_printf(MSG_DEBUG, + "MLD: addr=" MACSTR ", eml=0x%x, mld=0x%x", + MAC2STR(info->common_info.mld_addr), + info->common_info.eml_capa, info->common_info.mld_capa); + + + /* get the MLD Address */ + if (os_memcmp(info->common_info.mld_addr, common_info->mld_addr, + ETH_ALEN)) { + wpa_printf(MSG_DEBUG, "MLD: MLD address mismatch with auth"); + goto out; + } + + info->links[hapd->mld_link_id].valid = true; + + /* parse the link info field */ + ml_len -= (sizeof(*ml) + common_info_len); + + while (ml_len > 2) { + size_t sub_elem_len = *(pos + 1); + size_t sta_info_len; + u16 control; + + wpa_printf(MSG_DEBUG, "MLD: sub element len=%zu", + sub_elem_len); + + if (2 + sub_elem_len > ml_len) { + wpa_printf(MSG_DEBUG, + "MLD: invalid link info len: %zu %zu", + 2 + sub_elem_len, ml_len); + goto out; + } + + if (*pos == WLAN_EID_VENDOR_SPECIFIC) { + wpa_printf(MSG_DEBUG, + "MLD: skip vendor specific subelement"); + + pos += 2 + sub_elem_len; + ml_len -= 2 + sub_elem_len; + continue; + } else if (*pos != 0) { + wpa_printf(MSG_DEBUG, "MLD: invalid subelement ID=%u", + *pos); + goto out; + } + + /* skip the subelement ID and the length */ + pos += 2; + ml_len -= 2; + + /* get the station control field */ + control = WPA_GET_LE16(pos); + link_info = &info->links[control & EHT_PER_STA_CTRL_LINK_ID_MSK]; + pos += 2; + ml_len -= 2; + + if (!(control & EHT_PER_STA_CTRL_COMPLETE_PROFILE_MSK)) { + wpa_printf(MSG_DEBUG, + "MLD: per STA complete profile expected"); + goto out; + } + + if (!(control & EHT_PER_STA_CTRL_MAC_ADDR_PRESENT_MSK)) { + wpa_printf(MSG_DEBUG, + "MLD: per STA MAC address not present"); + goto out; + } + + if ((control & (EHT_PER_STA_CTRL_BEACON_INTERVAL_PRESENT_MSK | + EHT_PER_STA_CTRL_DTIM_INFO_PRESENT_MSK))) { + wpa_printf(MSG_DEBUG, + "MLD: beacon/DTIM interval not expected"); + goto out; + } + + /* the length octet and the MAC address must be present */ + sta_info_len = 1 + ETH_ALEN; + + if (control & EHT_PER_STA_CTRL_NSTR_LINK_PAIR_PRESENT_MSK) { + if (control & EHT_PER_STA_CTRL_NSTR_BM_SIZE_MSK) + link_info->nstr_bitmap_len = 2; + else + link_info->nstr_bitmap_len = 1; + } + + sta_info_len += link_info->nstr_bitmap_len; + + if (sta_info_len > ml_len || sta_info_len != (*pos)) { + wpa_printf(MSG_DEBUG, "MLD: invalid sta info len"); + goto out; + } + + /* skip the length */ + pos++; + ml_len--; + + /* get the link address */ + os_memcpy(link_info->peer_addr, pos, ETH_ALEN); + wpa_printf(MSG_DEBUG, + "MLD: assoc: link id=%u, addr=" MACSTR, + control & EHT_PER_STA_CTRL_LINK_ID_MSK, + MAC2STR(link_info->peer_addr)); + + pos += ETH_ALEN; + ml_len -= ETH_ALEN; + + /* get the NSTR bitmap */ + if (link_info->nstr_bitmap_len) { + os_memcpy(link_info->nstr_bitmap, pos, + link_info->nstr_bitmap_len); + pos += link_info->nstr_bitmap_len; + ml_len -= link_info->nstr_bitmap_len; + } + + sub_elem_len -= sta_info_len + 2; + + wpa_printf(MSG_DEBUG, "MLD: STA profile len=%zu", + sub_elem_len); + + if (sub_elem_len > 2) + link_info->capability = WPA_GET_LE16(pos); + + pos += sub_elem_len; + ml_len -= sub_elem_len; + + wpa_printf(MSG_DEBUG, + "link ctrl=0x%x, " MACSTR ", nstr bm len=%lu", + control, MAC2STR(link_info->peer_addr), + link_info->nstr_bitmap_len); + + link_info->valid = true; + } + + if (ml_len) { + wpa_printf(MSG_DEBUG, "MLD: %zu bytes left after parsing. fail", + ml_len); + goto out; + } + + ret = hostapd_mld_validate_assoc_info(hapd, info); +out: + wpabuf_free(mlbuf); + if (ret) { + os_memset(info, 0, sizeof(*info)); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + + return WLAN_STATUS_SUCCESS; +} diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c index edfda2abf1..61116cff96 100644 --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c @@ -298,7 +298,15 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) sae_clear_retransmit_timer(hapd, sta); ieee802_1x_free_station(hapd, sta); + +#ifdef CONFIG_IEEE80211BE + if (!hapd->conf->mld_ap || !sta->mld_info.mld_sta || + hapd->mld_link_id == sta->mld_assoc_link_id) + wpa_auth_sta_deinit(sta->wpa_sm); +#else wpa_auth_sta_deinit(sta->wpa_sm); +#endif /* CONFIG_IEEE80211BE */ + rsn_preauth_free_station(hapd, sta); #ifndef CONFIG_NO_RADIUS if (hapd->radius) @@ -863,7 +871,14 @@ void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, ap_handle_timer, hapd, sta); accounting_sta_stop(hapd, sta); ieee802_1x_free_station(hapd, sta); +#ifdef CONFIG_IEEE80211BE + if (!hapd->conf->mld_ap || + hapd->mld_link_id == sta->mld_assoc_link_id) + wpa_auth_sta_deinit(sta->wpa_sm); +#else wpa_auth_sta_deinit(sta->wpa_sm); +#endif /* CONFIG_IEEE80211BE */ + sta->wpa_sm = NULL; sta->disassoc_reason = reason; From patchwork Mon May 22 19:33:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784654 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=sBf/d/3X; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=KrQK4Htm; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ73V2WfJz20PS for ; Tue, 23 May 2023 05:36:06 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=qJVDoXMN/0WffMGxHjTswIF28CDpzZsFbTmvgaMMi90=; b=sBf/d/3XEduVqG lV9KYRY2Wz5DK1vzv8oJXu7Y4gGgFmWssCRDpHucskzeMu5KB4XfZwK9WYREgHGNLItc5bfyPgvUS CRlO/D8sZgvLrwUKrz0eb39IenaTodNEW/Mv/8nhPnSrmvp39iHls61zOJkRKEfu2EuTlgf7SSxBx LYnyMSKM5uvnuLFooTkoL65URWqtN/yl1YSh4lHpket2MrzXdK6yzMUYvRpdlqnutOU0nVn2URCLz QgOc2GwGoLm1brDrP0onHIOCTst7Zbvdntl+t7Bgivj1c9WqdrXWh4+feJughUvc/FPlIwGx3lIHI /Mj38Q9chQYLqR3gigqg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJT-007i2F-1P; Mon, 22 May 2023 19:35:23 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJC-007hix-2W for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:08 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784106; x=1716320106; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=+IdXudNTUyPqyjvvJOX4wWJ1no0828TwzHUeD3HCapQ=; b=KrQK4HtmlpaPOAvnCCiUWmj8blQVhBoy8q0fj1y0NCVmAUpZ91cmEuC2 PjxZ/wBRg/uo2GgsvAGWTvwDoKF8em6NX4v5n5uytVpOl22ZA5TpcChUp mlcNbGY03lrJhz2NQvSmfc4hDB3tzLRpjalH7tjlXIWT4y6Gf8OAEfpIn xbvEU7eY+8XZ+beZMpFuyc/NLBU1UBoKyUJMDQa49rJCSuz1otH6OEyIJ ktDh9MXaOw09+eHg8OJfwbiAuiOZRijQurwiNEgmHiqAf2rLbtdXIg9gE ELTSd6zgZ5zrIdskwCFA4JC2XAEWpVPKmRAeKljMZa16y9KISEWXvvNMI Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869153" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869153" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:06 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809186" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809186" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:04 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH v2 18/44] AP: MLO: Add ML element to association response Date: Mon, 22 May 2023 22:33:46 +0300 Message-Id: <20230522193412.658666-19-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123506_872101_8454370E X-CRM114-Status: GOOD ( 11.53 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add the full station profile to the ML element in the association response. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add the full station profile to the ML element in the association response. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index a7dccbc444..9c06a47980 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -4661,6 +4661,7 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, struct ieee80211_mgmt *reply; u8 *p; u16 res = WLAN_STATUS_SUCCESS; + const u8 *sa = hapd->own_addr; buflen = sizeof(struct ieee80211_mgmt) + 1024; #ifdef CONFIG_FILS @@ -4696,9 +4697,19 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, IEEE80211_FC(WLAN_FC_TYPE_MGMT, (reassoc ? WLAN_FC_STYPE_REASSOC_RESP : WLAN_FC_STYPE_ASSOC_RESP)); + +#ifdef CONFIG_IEEE80211BE + /* + * Once an non-AP MLD station is added to the driver, the addressing + * should use MLD address. + */ + if (hapd->conf->mld_ap && sta && sta->mld_info.mld_sta) + sa = hapd->mld_addr; +#endif /* CONFIG_IEEE80211BE */ + os_memcpy(reply->da, addr, ETH_ALEN); - os_memcpy(reply->sa, hapd->own_addr, ETH_ALEN); - os_memcpy(reply->bssid, hapd->own_addr, ETH_ALEN); + os_memcpy(reply->sa, sa, ETH_ALEN); + os_memcpy(reply->bssid, sa, ETH_ALEN); send_len = IEEE80211_HDRLEN; send_len += sizeof(reply->u.assoc_resp); @@ -4834,6 +4845,8 @@ rsnxe_done: #ifdef CONFIG_IEEE80211BE if (hapd->iconf->ieee80211be && !hapd->conf->disable_11be) { + if (hapd->conf->mld_ap) + p = hostapd_eid_eht_basic_ml(hapd, p, sta, false); p = hostapd_eid_eht_capab(hapd, p, IEEE80211_MODE_AP); p = hostapd_eid_eht_operation(hapd, p); } From patchwork Mon May 22 19:33:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784655 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=YpAsQHtI; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=i572lIE3; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ73b3sZkz20PS for ; Tue, 23 May 2023 05:36:11 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=L1BPMvyt6WPtNNhFsRl2xyNZ7MJifafortIKvX5I3xU=; b=YpAsQHtIMMtAB4 oycVNSQqJB1WqvnRN81oCtL5mEwc7ULR5Z0nx0J9wD5VJriipbvDLyrtWOIiGY9EeG+8ZVRCBSrd1 E6pwjgino4+scgVlgCINVPcuwzFLP+0epx4GR0ogR7956aqQUL91l1vooIg5/9gdUbhfQX43Nw1cn Fzg64rPgD/SMx/kHgg2jiIdYVYbsELtxcNIzfrv2fioWPcnWgKgOwpjLnyktPwUUwU6fdifph3jD/ toisNZBTuGW37KcECRPPygpPqVoXU1OClZAFvDu/68KooEYOp3o8wxtJ0nDLVJxtQwhRm9sA94Y/3 gXa5S6Hkyxl4SVMZFDHQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJX-007i7k-2e; Mon, 22 May 2023 19:35:27 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJE-007hZy-0n for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:09 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784108; x=1716320108; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=YoD6xEF5lpuInaAY8vz705g4MY0Q+J2tFOiejvYP8Ts=; b=i572lIE3gVTDqJ9vbMagTNv2Rm29AU7A5/MFpuGfGYN9V1GGikXrWmyY HXCXTZBCcVtjHa1LuQgCRLCiko7LNnol/C+aHgKz0+HSkmtm17d5ybIN1 zTCmlQ0p8Zh8HokTRXaATJnumkZiHEl/Kx9OeJXeFbFVfVt6V5hj1FZlu Fpbk2v3Ia4bqyVKoWoBevR63/XTyLguNBnZPArSDX/PXcoTPSd8DbjqgK K7qz39ojtTCPpAPUPrsn+5FCslZ8kfNwfAR7GWyXsbG83GDR9D3LABOE1 D2hN4AbiLkjsPwT4GTpUpRCzG0scyk66cmaqweWGEHz26ygrs4LqN6Z9l g==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869158" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869158" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:07 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809212" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809212" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:06 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH v2 19/44] AP: MLO: Handle association callback Date: Mon, 22 May 2023 22:33:47 +0300 Message-Id: <20230522193412.658666-20-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123508_303972_976BCB31 X-CRM114-Status: GOOD ( 18.84 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Handle association request callback in the context of MLO. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 112 ++++++++++++++++++++++++++++++++++++++++++-- 1 file [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Handle association request callback in the context of MLO. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 112 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 108 insertions(+), 4 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 9c06a47980..4c4351107e 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -6084,6 +6084,97 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd, } +#ifdef CONFIG_IEEE80211BE + +static void ieee80211_ml_link_sta_assoc_cb(struct hostapd_data *hapd, + struct sta_info *origin_sta, + struct sta_info *sta, + int reassoc, + struct mld_link_info *link, + int ok) +{ + if (!ok) { + hostapd_logger(hapd, link->peer_addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_DEBUG, + "did not acknowledge association response"); + sta->flags &= ~WLAN_STA_ASSOC_REQ_OK; + + /* The STA is added only in case of SUCCESS */ + if (link->status == WLAN_STATUS_SUCCESS) + hostapd_drv_sta_remove(hapd, sta->addr); + + return; + } + + if (link->status != WLAN_STATUS_SUCCESS) + return; + + sta->flags |= WLAN_STA_ASSOC; + sta->flags &= ~WLAN_STA_WNM_SLEEP_MODE; + + if (!hapd->conf->ieee802_1x && !hapd->conf->wpa) + ap_sta_set_authorized(hapd, sta, 1); + + hostapd_set_sta_flags(hapd, sta); + + /* + * TODOs: + * - 802.1X port enablement is not needed as done on the station doing + * the connection. + * - Not handling accouting + * - Need to handle VLAN configuration + */ +} + +#endif /* CONFIG_IEEE80211BE */ + + +static void hostapd_ml_handle_assoc_cb(struct hostapd_data *hapd, + struct sta_info *sta, + int reassoc, int ok) +{ +#ifdef CONFIG_IEEE80211BE + u8 i, link_id; + + if (!hostapd_is_mld_ap(hapd)) + return; + + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + struct mld_link_info *link = &sta->mld_info.links[link_id]; + + if (!link->valid) + continue; + + for (i = 0; i < hapd->iface->interfaces->count; i++) { + struct sta_info *tmp_sta; + struct hostapd_data *tmp_hapd = + hapd->iface->interfaces->iface[i]->bss[0]; + + if (tmp_hapd->conf->mld_ap || + hapd->conf->mld_id != tmp_hapd->conf->mld_id) + continue; + + for (tmp_sta = tmp_hapd->sta_list; tmp_sta; + tmp_sta = tmp_sta->next) { + if (tmp_sta == sta || + tmp_sta->mld_assoc_link_id != + sta->mld_assoc_link_id || + tmp_sta->aid != sta->aid) + continue; + + ieee80211_ml_link_sta_assoc_cb(tmp_hapd, + sta, tmp_sta, + reassoc, + link, + ok); + break; + } + } + } +#endif /* CONFIG_IEEE80211BE */ +} + + static void handle_assoc_cb(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len, int reassoc, int ok) @@ -6099,6 +6190,16 @@ static void handle_assoc_cb(struct hostapd_data *hapd, return; } +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && sta->mld_info.mld_sta && + hapd->mld_link_id != sta->mld_assoc_link_id) { + wpa_printf(MSG_INFO, + "handle_assoc_cb: MLD: ignore on link station"); + return; + } + +#endif /* CONFIG_IEEE80211BE */ + if (len < IEEE80211_HDRLEN + (reassoc ? sizeof(mgmt->u.reassoc_resp) : sizeof(mgmt->u.assoc_resp))) { wpa_printf(MSG_INFO, @@ -6122,11 +6223,11 @@ static void handle_assoc_cb(struct hostapd_data *hapd, if (status == WLAN_STATUS_SUCCESS) hostapd_drv_sta_remove(hapd, sta->addr); - return; + goto handle_ml; } if (status != WLAN_STATUS_SUCCESS) - return; + goto handle_ml; /* Stop previous accounting session, if one is started, and allocate * new session id for the new session. */ @@ -6168,11 +6269,11 @@ static void handle_assoc_cb(struct hostapd_data *hapd, * interface selection is not going to change anymore. */ if (ap_sta_bind_vlan(hapd, sta) < 0) - return; + goto handle_ml; } else if (sta->vlan_id) { /* VLAN ID already set (e.g., by PMKSA caching), so bind STA */ if (ap_sta_bind_vlan(hapd, sta) < 0) - return; + goto handle_ml; } hostapd_set_sta_flags(hapd, sta); @@ -6236,6 +6337,9 @@ static void handle_assoc_cb(struct hostapd_data *hapd, os_free(sta->pending_eapol_rx); sta->pending_eapol_rx = NULL; } + +handle_ml: + hostapd_ml_handle_assoc_cb(hapd, sta, reassoc, ok); } From patchwork Mon May 22 19:33:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784657 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=yOnGkLIa; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=ObjXuwvs; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ73m5fNlz20PS for ; Tue, 23 May 2023 05:36:20 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=dynadLwiC8oNOH87xmszeVZ8+hzeGLGe+/MEJejpCdw=; b=yOnGkLIaXegpy8 k8UxGDSQQIbxeZ5mKtdZeDJY1uFjwzONgdtgW4YlvVVfewSGaPQOR8dY+aNGgCIzMYG15cakxQ0Yy GivWCKOozaRepAPBJQNnklSuIZha+p6aeC9ZQvw79vWQEhVkrzqCf1uPE4jBiFThJubuyGdcf0o/V 8gH26V4lm06raT+LVNlmd5yaHSDMWbZNGpRBMgO+/zlwv+yLDSeDRzMHCpiWMVpVs2OaMOXGjwROS p8CtQz2YPSwW0PZgW4B+svZqA661Zqw2JN/bA0FLhST6Gwy7eNxZoSovCvWAILaIX/xCP3mNMGNCA 6UOI/ZZNv1Is/5uSlI9Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJg-007iHK-0t; Mon, 22 May 2023 19:35:36 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJF-007hix-2T for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:11 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784109; x=1716320109; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=GtDkf9qgaybRhWK8jJKIygV5pMRKQpzTSdqVg4T4Lr0=; b=ObjXuwvsy8uJS9sD8uhM8njn0t/JF8aB3R1mnHVc9uzphp8BjpBkGw4p ch9OvMZGhnPDTEUnXmYkLrgW9MUOMjMO3KSc0rKgIo0BQr5YulQANgh6K 5QNSStj9oK6yugPDnwvloLSuNNluhPybpA1h5lNdMJiFmGTP7+u0qRoVz ICoFzJ2gzqS2z+yCqmpQKFwFivkyoq+ZYyHN1gpbCHvzUF0VMvFW/SVha ohyViu1WduRGiVkWR+AkgIcMwUtqBTs8Mof+77jmW9xto7ApykneWAgJr NlEcIXDLfEEnY0dMBgF8utsHrD265LB+kQqz0PNJl/LAHG8/GFzuPzgAI A==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869166" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869166" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:09 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809228" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809228" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:07 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH v2 20/44] AP: MLO: Handle deauth/disassoc of MLD station Date: Mon, 22 May 2023 22:33:48 +0300 Message-Id: <20230522193412.658666-21-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123509_858964_A60C4854 X-CRM114-Status: GOOD ( 19.83 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer When a station is deauthenticated/disassociated from an MLD AP, make sure to cleanup its state from all links. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 209 +++++++++++++++++++++++++++++++++++++------- 1 file [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer When a station is deauthenticated/disassociated from an MLD AP, make sure to cleanup its state from all links. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 209 +++++++++++++++++++++++++++++++++++++------- 1 file changed, 176 insertions(+), 33 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 4c4351107e..cb868e8671 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -5505,28 +5505,39 @@ static void handle_assoc(struct hostapd_data *hapd, } -static void handle_disassoc(struct hostapd_data *hapd, - const struct ieee80211_mgmt *mgmt, size_t len) +static void hostapd_deauth_sta(struct hostapd_data *hapd, + struct sta_info *sta, + const struct ieee80211_mgmt *mgmt) { - struct sta_info *sta; + wpa_msg(hapd->msg_ctx, MSG_DEBUG, + "deauthentication: STA=" MACSTR " reason_code=%d", + MAC2STR(mgmt->sa), le_to_host16(mgmt->u.deauth.reason_code)); + + ap_sta_set_authorized(hapd, sta, 0); + sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; + sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | + WLAN_STA_ASSOC_REQ_OK); + hostapd_set_sta_flags(hapd, sta); + wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_DEBUG, "deauthenticated"); + mlme_deauthenticate_indication( + hapd, sta, le_to_host16(mgmt->u.deauth.reason_code)); + sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST; + ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); + ap_free_sta(hapd, sta); +} - if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.disassoc)) { - wpa_printf(MSG_INFO, "handle_disassoc - too short payload (len=%lu)", - (unsigned long) len); - return; - } - wpa_printf(MSG_DEBUG, "disassocation: STA=" MACSTR " reason_code=%d", +static void hostapd_disassoc_sta(struct hostapd_data *hapd, + struct sta_info *sta, + const struct ieee80211_mgmt *mgmt) +{ + wpa_printf(MSG_DEBUG, + "disassocation: STA=" MACSTR " reason_code=%d", MAC2STR(mgmt->sa), le_to_host16(mgmt->u.disassoc.reason_code)); - sta = ap_get_sta(hapd, mgmt->sa); - if (sta == NULL) { - wpa_printf(MSG_INFO, "Station " MACSTR " trying to disassociate, but it is not associated", - MAC2STR(mgmt->sa)); - return; - } - ap_sta_set_authorized(hapd, sta, 0); sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); @@ -5570,6 +5581,151 @@ static void handle_disassoc(struct hostapd_data *hapd, } +#ifdef CONFIG_IEEE80211BE + +static struct sta_info * +hostapd_ml_get_assoc_sta(struct hostapd_data *hapd, + struct sta_info *sta, + struct hostapd_data **assoc_hapd) +{ + struct hostapd_data *other_hapd = NULL; + struct sta_info *tmp_sta; + + *assoc_hapd = hapd; + + /* The station is the one on which the association was performed */ + if (sta->mld_assoc_link_id == hapd->mld_link_id) + return sta; + + + other_hapd = hostapd_mld_get_link_bss(hapd, sta->mld_assoc_link_id); + + if (!other_hapd) { + wpa_printf(MSG_DEBUG, + "MLD: no link match for link_id=%u", + sta->mld_assoc_link_id); + return sta; + } + + /* + * Iterate over the stations and find the one with the matching link ID + * and association ID + */ + for (tmp_sta = other_hapd->sta_list; tmp_sta; tmp_sta = tmp_sta->next) { + if (tmp_sta->mld_assoc_link_id == sta->mld_assoc_link_id && + tmp_sta->aid == sta->aid) { + *assoc_hapd = other_hapd; + return tmp_sta; + } + } + + return sta; +} + +#endif /* CONFIG_IEEE80211BE */ + + +static bool hostapd_ml_handle_disconnect(struct hostapd_data *hapd, + struct sta_info *sta, + const struct ieee80211_mgmt *mgmt, + bool disassoc) +{ +#ifdef CONFIG_IEEE80211BE + struct hostapd_data *assoc_hapd, *tmp_hapd; + struct sta_info *assoc_sta; + u8 i, link_id; + + if (!hostapd_is_mld_ap(hapd)) + return false; + + /* + * Get the station on which the association was performed, as it holds + * the information about all the other links + */ + assoc_sta = hostapd_ml_get_assoc_sta(hapd, sta, &assoc_hapd); + + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + for (i = 0; i < assoc_hapd->iface->interfaces->count; i++) { + struct sta_info *tmp_sta; + + if (!assoc_sta->mld_info.links[link_id].valid) + continue; + + tmp_hapd = + assoc_hapd->iface->interfaces->iface[i]->bss[0]; + + if (!tmp_hapd->conf->mld_ap || + assoc_hapd->conf->mld_id != tmp_hapd->conf->mld_id) + continue; + + for (tmp_sta = tmp_hapd->sta_list; tmp_sta; + tmp_sta = tmp_sta->next) { + /* + * remove the station on which the association + * was done only after all other link station + * are removed. Since there is a only a single + * station per hapd with the same association + * link simply break; + */ + if (tmp_sta == assoc_sta) + break; + + if (tmp_sta->mld_assoc_link_id != + assoc_sta->mld_assoc_link_id || + tmp_sta->aid != assoc_sta->aid) + continue; + + if (!disassoc) + hostapd_deauth_sta(tmp_hapd, tmp_sta, + mgmt); + else + hostapd_disassoc_sta(tmp_hapd, tmp_sta, + mgmt); + break; + } + } + } + + /* remove the station on which the association was performed */ + if (!disassoc) + hostapd_deauth_sta(assoc_hapd, assoc_sta, mgmt); + else + hostapd_disassoc_sta(assoc_hapd, assoc_sta, mgmt); + + return true; +#else + return false; +#endif /* CONFIG_IEEE80211BE */ +} + + +static void handle_disassoc(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, size_t len) +{ + struct sta_info *sta; + + if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.disassoc)) { + wpa_printf(MSG_INFO, + "handle_disassoc - too short payload (len=%lu)", + (unsigned long) len); + return; + } + + sta = ap_get_sta(hapd, mgmt->sa); + if (!sta) { + wpa_printf(MSG_INFO, + "Station " MACSTR " trying to disassociate, but it is not associated", + MAC2STR(mgmt->sa)); + return; + } + + if (hostapd_ml_handle_disconnect(hapd, sta, mgmt, true)) + return; + + hostapd_disassoc_sta(hapd, sta, mgmt); +} + + static void handle_deauth(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len) { @@ -5581,10 +5737,6 @@ static void handle_deauth(struct hostapd_data *hapd, return; } - wpa_msg(hapd->msg_ctx, MSG_DEBUG, "deauthentication: STA=" MACSTR - " reason_code=%d", - MAC2STR(mgmt->sa), le_to_host16(mgmt->u.deauth.reason_code)); - /* Clear the PTKSA cache entries for PASN */ ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE); @@ -5596,19 +5748,10 @@ static void handle_deauth(struct hostapd_data *hapd, return; } - ap_sta_set_authorized(hapd, sta, 0); - sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; - sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | - WLAN_STA_ASSOC_REQ_OK); - hostapd_set_sta_flags(hapd, sta); - wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); - hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, - HOSTAPD_LEVEL_DEBUG, "deauthenticated"); - mlme_deauthenticate_indication( - hapd, sta, le_to_host16(mgmt->u.deauth.reason_code)); - sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST; - ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); - ap_free_sta(hapd, sta); + if (hostapd_ml_handle_disconnect(hapd, sta, mgmt, false)) + return; + + hostapd_deauth_sta(hapd, sta, mgmt); } From patchwork Mon May 22 19:33:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784656 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Cw86YT3+; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=UE5Pi3Ei; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ73l1HYHz20PS for ; Tue, 23 May 2023 05:36:19 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=DeX4WyE2860YTV5IJo4aCsO2GPVAwrZYnC7sfIVArKg=; b=Cw86YT3+pju29J BzQcB3h5f+0yqdMIGYfRP7w9vrw1zMV0oVL+E0xWTDghFZCkgCjkWeO5AEJ1GszN0AFufzR+KQL71 Lx5c6+6+d9mXkHRzaOI5u0g10GLl1LaqhHeKkaD1ApqNxOaz5YkROQpy6KW00aoaasbvsYf09YglA pNr2QFmgAYiJPtNhh8THNCBJMqh+GambAX+3kgE15yg2XRZEzcqlgdiOJLr0PPTfA3vzf7HD1Wy7/ cT9+PVynaIFpzvxC7V52cxE61pXOLMGG4yh8sfAW+3LpubAVZWR6aInr1eMqW8xzt9Wikw0PRyGep epCdzvBAEhHOXtmqP0ZQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJl-007iMS-0i; Mon, 22 May 2023 19:35:41 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJH-007hZy-0W for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:12 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784111; x=1716320111; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Wt0pN/wpFt1VX4qRP4nHwxS/uSHnn4iA+jUA57ieV+A=; b=UE5Pi3EisDr3UWCbHPuRvBig3Si5sWgRsqHFgQayEfePFO2nsZgXw1BJ 8rmTwpN7GXzK6nkrBv94XjMOzNcpSoXo9dYE6s271oGGjcxipQY5/WQSU tiqu6F2lqHJ4f9IY+Bhp0fTa+FSOeU4XQ3dzYpnu4R2r1/JC/V83AytB9 jjnNds+UlCWKCHSzgBKaIUnHNzuSMfRb4q+F+OKqVcHUeWG++YSrZjLYL VlHvP21aqxs1p/6wt8O4YWSeZeTm+U1w+eO2a1m0bhHspeq3O3IqnspcM 0CzZa5hvU6uNcVskQdkHJFj8F1GKVADnFmfLJT6/BYddjxhi8vMZTK+y3 g==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869172" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869172" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:10 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809244" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809244" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:09 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH v2 21/44] AP: MLO: Handle 802.1X port authorization Date: Mon, 22 May 2023 22:33:49 +0300 Message-Id: <20230522193412.658666-22-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123511_222493_E5B8FD44 X-CRM114-Status: GOOD ( 16.25 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Handle 802.1X port authorization in the context of MLO. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 2 +- src/ap/ieee802_11.h | 1 + src/ap/ieee802_1x.c | 86 [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Handle 802.1X port authorization in the context of MLO. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 2 +- src/ap/ieee802_11.h | 1 + src/ap/ieee802_1x.c | 86 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 88 insertions(+), 1 deletion(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index cb868e8671..43558a0e46 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -4432,7 +4432,7 @@ out: sizeof(link->resp_sta_profile)); } -static bool hostapd_is_mld_ap(struct hostapd_data *hapd) +bool hostapd_is_mld_ap(struct hostapd_data *hapd) { if (!hapd->conf->mld_ap) return false; diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h index 2eb40a33ce..cc05c98a18 100644 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h @@ -237,4 +237,5 @@ u8 * hostapd_eid_mbssid(struct hostapd_data *hapd, u8 *eid, u8 *end, void punct_update_legacy_bw(u16 bitmap, u8 pri_chan, enum oper_chan_width *width, u8 *seg0, u8 *seg1); +bool hostapd_is_mld_ap(struct hostapd_data *hapd); #endif /* IEEE802_11_H */ diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c index 274fd2f613..33d47802f6 100644 --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c @@ -104,6 +104,90 @@ static void ieee802_1x_send(struct hostapd_data *hapd, struct sta_info *sta, } +#ifdef CONFIG_IEEE80211BE + +static void ieee802_1x_ml_set_link_sta_auth(struct hostapd_data *hapd, + struct sta_info *sta, + bool authorized) +{ + int res; + + if (sta->flags & WLAN_STA_PREAUTH) + return; + + ap_sta_set_authorized(hapd, sta, !!authorized); + res = hostapd_set_authorized(hapd, sta, !!authorized); + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X, + HOSTAPD_LEVEL_DEBUG, "%sauthorizing port", + authorized ? "" : "un"); + + if (res) { + wpa_printf(MSG_DEBUG, + "MLD: Could not set station " MACSTR " flags", + MAC2STR(sta->addr)); + } + + if (authorized) { + os_get_reltime(&sta->connected_time); + accounting_sta_start(hapd, sta); + } +} + +#endif /* CONFIG_IEEE80211BE */ + + +static void ieee802_1x_ml_set_sta_authorized(struct hostapd_data *hapd, + struct sta_info *sta, + bool authorized) +{ +#ifdef CONFIG_IEEE80211BE + u8 i, link_id; + + if (!hostapd_is_mld_ap(hapd)) + return; + + /* + * Authorizing the station should be done only in the station + * performing the association + */ + if (authorized && hapd->mld_link_id != sta->mld_assoc_link_id) + return; + + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + struct mld_link_info *link = &sta->mld_info.links[link_id]; + + if (!link->valid) + continue; + + for (i = 0; i < hapd->iface->interfaces->count; i++) { + struct sta_info *tmp_sta; + struct hostapd_data *tmp_hapd = + hapd->iface->interfaces->iface[i]->bss[0]; + + if (tmp_hapd->conf->mld_ap || + hapd->conf->mld_id != tmp_hapd->conf->mld_id) + continue; + + for (tmp_sta = tmp_hapd->sta_list; tmp_sta; + tmp_sta = tmp_sta->next) { + if (tmp_sta == sta || + tmp_sta->mld_assoc_link_id != + sta->mld_assoc_link_id || + tmp_sta->aid != sta->aid) + continue; + + ieee802_1x_ml_set_link_sta_auth(tmp_hapd, + tmp_sta, + authorized); + break; + } + } + } +#endif /* CONFIG_IEEE80211BE */ +} + + + void ieee802_1x_set_sta_authorized(struct hostapd_data *hapd, struct sta_info *sta, int authorized) { @@ -134,6 +218,8 @@ void ieee802_1x_set_sta_authorized(struct hostapd_data *hapd, os_get_reltime(&sta->connected_time); accounting_sta_start(hapd, sta); } + + ieee802_1x_ml_set_sta_authorized(hapd, sta, !!authorized); } From patchwork Mon May 22 19:33:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784666 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Hjz2kjbz; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=bXHgwsOp; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ74F2QbRz20PS for ; Tue, 23 May 2023 05:36:45 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=FFdYXvoynANpn6QxT6IbU9piIkYAQvyKO/6H8fkvnNU=; b=Hjz2kjbzFKbBO2 LcZ5LC5way9mJuW/1rEC1f+qwxE9NxE+EtLX1TOJnmdYwqQ3+aG+jspPhyPcbpotHQmWGRiYxVOa4 rpYUSO/QD2qKAhD3GA0hXGDHpsz8EcioEwxWrjRXWjLkx5eTvXDIBpaGXE6SsLrw+i2hCVlMnOx0e az1D9ohHVVfzSDFQLvfJg5yGDu5Rnzz0NhvM2Y1OXmc5B4SQQgi6LGmlAJLhhP6NJny7N8RjZVc5r JdmIIGHnSqRvQHhtc/fesH7al709hNiF2y726ZrpcrC1eC3QD0qM1MjL8Tu8W6lXL54ZQnnDw2Hm9 Xw/kVpSBbwTa0iOI3ocQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJr-007iUi-2F; Mon, 22 May 2023 19:35:47 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJI-007hqY-2g for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:14 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784112; x=1716320112; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=AV3o7UDf65zi5KYYQDGmWMf4NL/AXvWt+ZhD+q3njos=; b=bXHgwsOpNWhbZ2abKSBXIYwZ1wTmAtIRvltgzhUO45wf8O+oMmI8u6iX XY/MAlBVQbQaoqoMsC/YOSKrDsy9J8toDiLFfNSKsl0qDakZ8xyMzJ67F jbuPpRHkgCZEbMS/444Xajn5aKQ7cpoCkSzNDL/sUWOU/qmBtFsHEFoQi 4WnTkpDnIsPJr0cCoyUXA5ozRYuPzcN4Vg9id3X3dRQm/EOMI7nXVhq5d CM07Gc2BVjEmKg6WE1hIO36rZoqqG1zrw6WgoDLnvy9eE/LqAqwhz0Jt1 Svkkhh5WFvBIv6/s7rcdQWuiEa51ow6q7SbqzE5dFmKeXLRFIPFX3UvVY A==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869180" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869180" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:12 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809257" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809257" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:10 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH v2 22/44] driver: Specify link ID for 'send_mlme' and 'sta_deauth' callbacks Date: Mon, 22 May 2023 22:33:50 +0300 Message-Id: <20230522193412.658666-23-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123512_891959_FCC23416 X-CRM114-Status: GOOD ( 20.63 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer So the driver would know on which link it should transmit the frames. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 20 ++++++++++++++++++-- src/drivers/driver.h | 9 ++++++- [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer So the driver would know on which link it should transmit the frames. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 20 ++++++++++++++++++-- src/drivers/driver.h | 9 ++++++--- src/drivers/driver_nl80211.c | 28 ++++++++++++++++------------ wpa_supplicant/driver_i.h | 4 ++-- 4 files changed, 42 insertions(+), 19 deletions(-) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index 622687befc..014a140efc 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -758,20 +758,36 @@ int hostapd_drv_send_mlme(struct hostapd_data *hapd, const u16 *csa_offs, size_t csa_offs_len, int no_encrypt) { + int link_id = -1; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + link_id = hapd->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ + if (!hapd->driver || !hapd->driver->send_mlme || !hapd->drv_priv) return 0; return hapd->driver->send_mlme(hapd->drv_priv, msg, len, noack, 0, - csa_offs, csa_offs_len, no_encrypt, 0); + csa_offs, csa_offs_len, no_encrypt, 0, + link_id); } int hostapd_drv_sta_deauth(struct hostapd_data *hapd, const u8 *addr, int reason) { + int link_id = -1; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + link_id = hapd->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ + + if (!hapd->driver || !hapd->driver->sta_deauth || !hapd->drv_priv) return 0; return hapd->driver->sta_deauth(hapd->drv_priv, hapd->own_addr, addr, - reason); + reason, link_id); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 42edd6b8dd..b39d04a6fd 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -3259,12 +3259,14 @@ struct wpa_driver_ops { * @no_encrypt: Do not encrypt frame even if appropriate key exists * (used only for testing purposes) * @wait: Time to wait off-channel for a response (in ms), or zero + * @link_id: Link ID to use for TX, or -1 if not set * Returns: 0 on success, -1 on failure */ int (*send_mlme)(void *priv, const u8 *data, size_t data_len, int noack, unsigned int freq, const u16 *csa_offs, size_t csa_offs_len, int no_encrypt, - unsigned int wait); + unsigned int wait, + int link_id); /** * update_ft_ies - Update FT (IEEE 802.11r) IEs @@ -3566,14 +3568,15 @@ struct wpa_driver_ops { * @priv: Private driver interface data * @own_addr: Source address and BSSID for the Deauthentication frame * @addr: MAC address of the station to deauthenticate - * @reason: Reason code for the Deauthentiation frame + * @reason: Reason code for the Deauthentication frame + * @link_id: Link ID to use for Deauthentication, or -1 if not set * Returns: 0 on success, -1 on failure * * This function requests a specific station to be deauthenticated and * a Deauthentication frame to be sent to it. */ int (*sta_deauth)(void *priv, const u8 *own_addr, const u8 *addr, - u16 reason); + u16 reason, int link_id); /** * sta_disassoc - Disassociate a station (AP only) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 53f506f9f3..cb33c92ec7 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4161,7 +4161,8 @@ static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, int offchanok, unsigned int wait_time, const u16 *csa_offs, - size_t csa_offs_len, int no_encrypt) + size_t csa_offs_len, int no_encrypt, + int link_id) { struct wpa_driver_nl80211_data *drv = bss->drv; struct ieee80211_mgmt *mgmt; @@ -4169,6 +4170,7 @@ static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, u16 fc; int use_cookie = 1; int res; + struct i802_link *link = nl80211_get_link(bss, link_id); mgmt = (struct ieee80211_mgmt *) data; fc = le_to_host16(mgmt->frame_control); @@ -4267,14 +4269,14 @@ static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, } if (freq == 0) { wpa_printf(MSG_DEBUG, "nl80211: send_mlme - Use bss->freq=%u", - bss->flink->freq); - freq = bss->flink->freq; + link->freq); + freq = link->freq; } if (drv->use_monitor && is_ap_interface(drv->nlmode)) { wpa_printf(MSG_DEBUG, "nl80211: send_frame(freq=%u bss->freq=%u) -> send_monitor", - freq, bss->flink->freq); + freq, link->freq); return nl80211_send_monitor(drv, data, data_len, encrypt, noack); } @@ -8068,14 +8070,15 @@ static int i802_sta_clear_stats(void *priv, const u8 *addr) static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr, - u16 reason) + u16 reason, int link_id) { struct i802_bss *bss = priv; struct wpa_driver_nl80211_data *drv = bss->drv; struct ieee80211_mgmt mgmt; u8 channel; + struct i802_link *link = nl80211_get_link(bss, link_id); - if (ieee80211_freq_to_chan(bss->flink->freq, &channel) == + if (ieee80211_freq_to_chan(link->freq, &channel) == HOSTAPD_MODE_IEEE80211AD) { /* Deauthentication is not used in DMG/IEEE 802.11ad; * disassociate the STA instead. */ @@ -8098,7 +8101,7 @@ static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr, return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt, IEEE80211_HDRLEN + sizeof(mgmt.u.deauth), 0, 0, 0, 0, - 0, NULL, 0, 0); + 0, NULL, 0, 0, -1); } @@ -8125,7 +8128,7 @@ static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr, return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt, IEEE80211_HDRLEN + sizeof(mgmt.u.disassoc), 0, 0, 0, 0, - 0, NULL, 0, 0); + 0, NULL, 0, 0, -1); } @@ -8997,7 +9000,7 @@ static int wpa_driver_nl80211_send_action(struct i802_bss *bss, !drv->use_monitor)) ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len, 0, freq, no_cck, offchanok, - wait_time, NULL, 0, 0); + wait_time, NULL, 0, 0, -1); else ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf, 24 + data_len, @@ -10096,7 +10099,7 @@ static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr, os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN); if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0, - 0, 0, NULL, 0, 0) < 0) + 0, 0, NULL, 0, 0, -1) < 0) wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to " "send poll frame"); } @@ -10445,12 +10448,13 @@ static int driver_nl80211_send_mlme(void *priv, const u8 *data, size_t data_len, int noack, unsigned int freq, const u16 *csa_offs, size_t csa_offs_len, - int no_encrypt, unsigned int wait) + int no_encrypt, unsigned int wait, + int link_id) { struct i802_bss *bss = priv; return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack, freq, 0, 0, wait, csa_offs, - csa_offs_len, no_encrypt); + csa_offs_len, no_encrypt, link_id); } diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index d5ec22cee1..03f413c014 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -202,7 +202,7 @@ static inline int wpa_drv_sta_deauth(struct wpa_supplicant *wpa_s, if (wpa_s->driver->sta_deauth) { return wpa_s->driver->sta_deauth(wpa_s->drv_priv, wpa_s->own_addr, addr, - reason_code); + reason_code, -1); } return -1; } @@ -328,7 +328,7 @@ static inline int wpa_drv_send_mlme(struct wpa_supplicant *wpa_s, if (wpa_s->driver->send_mlme) return wpa_s->driver->send_mlme(wpa_s->drv_priv, data, data_len, noack, - freq, NULL, 0, 0, wait); + freq, NULL, 0, 0, wait, -1); return -1; } From patchwork Mon May 22 19:33:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784660 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=irdorBpH; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=k4sNS7ov; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7402zVpz20PS for ; Tue, 23 May 2023 05:36:32 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=L2ker66e2tAZ+Et2pmsNHcPII7uwanmNOdGb9gUNqnw=; b=irdorBpHC1habm HVorpw//t2qFh0eNFgWOD7Sd6C8u8TNF8B7dh3ZPo1vRhcwV08qhQCbGEZKu5yyAq2+vL9GXIcJmt CYEb8AASq8J//0iiGd8Vp9WL7Mk9jmuLZTKALMDgQKTUXh6nl0psIVKhF3hwVZ6XlWQSx0T6xV915 zKUvGkvLy2JVQvnRLWfX4opKeHYK7IH4xRZlJPLj0IqQOqO53Mrg77CVEyxY30cWw5qiu0jtrsZGs G1xunwcIPvAY14DsAA+jxga8XHcFvPbjrsC4+RjYlP34s9H5zDIOiriSg1f+ILO9Tur4YELG5ZkuF X/MSAFiF8/YER5CuwrvA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJu-007iYF-2Q; Mon, 22 May 2023 19:35:50 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJK-007hs9-2H for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:16 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784114; x=1716320114; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5y6XaHsSCjVCqc06IOO4jMKeG4Aiu7nL8Plo1Q2LgTw=; b=k4sNS7ovhZB0faHobmREGPHkVJig1o61nqy9Nq+BwlEmnq9jQF8tcQac QwNko3ix91y/Gi1K3FoG4fJPH4Ngqyxt08oKqPZ2yBZMSHIx1ZwB+x+mJ iTdTJsAH8U7MLwQdjyKhkXve8eko1M5YXnudyzzkCRsyfyHjYePneyKXv TRQPOptNB+5fAa7jCUM5eI3rkfh1eBZkjyvc+CD8gjw+rxvXESGsjMxLH FVpHjwtfqbtvXffQC7fEZynK9mGDAKdl/Cg6EBSnnpbpOLvriWT/E+GE/ MvHX9AFfs+OsLGlFbalZgSieJiKkmw5xOrxfaRcgwRxyqnfoBDi2Hy4a/ g==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869194" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869194" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:13 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809267" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809267" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:12 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH v2 23/44] AP: Do not prune station when adding a link station Date: Mon, 22 May 2023 22:33:51 +0300 Message-Id: <20230522193412.658666-24-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123514_787555_BD377131 X-CRM114-Status: GOOD ( 13.21 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer As otherwise the original station would be pruned. Signed-off-by: Ilan Peer --- src/ap/hostapd.c | 12 +++++++++++- src/ap/hostapd.h | 3 ++- src/ap/utils.c | 14 +++++++++++++- 3 files changed, 26 insertions(+), 3 deletions(-) Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer As otherwise the original station would be pruned. Signed-off-by: Ilan Peer --- src/ap/hostapd.c | 12 +++++++++++- src/ap/hostapd.h | 3 ++- src/ap/utils.c | 14 +++++++++++++- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index 29346bc3cd..3a44b0f2dd 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -3378,13 +3378,23 @@ int hostapd_remove_iface(struct hapd_interfaces *interfaces, char *buf) void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta, int reassoc) { + s8 mld_assoc_link_id = -1; + if (hapd->tkip_countermeasures) { hostapd_drv_sta_deauth(hapd, sta->addr, WLAN_REASON_MICHAEL_MIC_FAILURE); return; } - hostapd_prune_associations(hapd, sta->addr); +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && sta->mld_info.mld_sta) { + mld_assoc_link_id = sta->mld_assoc_link_id; + if (sta->mld_assoc_link_id != hapd->mld_link_id) + return; + } +#endif /* CONFIG_IEEE80211BE */ + + hostapd_prune_associations(hapd, sta->addr, mld_assoc_link_id); ap_sta_clear_disconnect_timeouts(hapd, sta); sta->post_csa_sa_query = 0; diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h index ee4e0c0317..26d5075c99 100644 --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h @@ -718,7 +718,8 @@ int hostapd_register_probereq_cb(struct hostapd_data *hapd, const u8 *ie, size_t ie_len, int ssi_signal), void *ctx); -void hostapd_prune_associations(struct hostapd_data *hapd, const u8 *addr); +void hostapd_prune_associations(struct hostapd_data *hapd, const u8 *addr, + s8 mld_assoc_link_id); /* drv_callbacks.c (TODO: move to somewhere else?) */ void hostapd_notify_assoc_fils_finish(struct hostapd_data *hapd, diff --git a/src/ap/utils.c b/src/ap/utils.c index bedad6eb02..1c42506a9b 100644 --- a/src/ap/utils.c +++ b/src/ap/utils.c @@ -43,6 +43,7 @@ int hostapd_register_probereq_cb(struct hostapd_data *hapd, struct prune_data { struct hostapd_data *hapd; const u8 *addr; + s8 mld_assoc_link_id; }; static int prune_associations(struct hostapd_iface *iface, void *ctx) @@ -72,6 +73,12 @@ static int prune_associations(struct hostapd_iface *iface, void *ctx) if (!osta) continue; +#ifdef CONFIG_IEEE80211BE + if (data->mld_assoc_link_id >= 0 && + osta->mld_assoc_link_id == data->mld_assoc_link_id) + continue; +#endif /* CONFIG_IEEE80211BE */ + wpa_printf(MSG_INFO, "%s: Prune association for " MACSTR, ohapd->conf->iface, MAC2STR(osta->addr)); ap_sta_disassociate(ohapd, osta, WLAN_REASON_UNSPECIFIED); @@ -84,15 +91,20 @@ static int prune_associations(struct hostapd_iface *iface, void *ctx) * hostapd_prune_associations - Remove extraneous associations * @hapd: Pointer to BSS data for the most recent association * @addr: Associated STA address + * @mld_assoc_link_id: MLD link id used for association or -1 for non MLO * * This function looks through all radios and BSS's for previous * (stale) associations of STA. If any are found they are removed. */ -void hostapd_prune_associations(struct hostapd_data *hapd, const u8 *addr) +void hostapd_prune_associations(struct hostapd_data *hapd, const u8 *addr, + s8 mld_assoc_link_id) { struct prune_data data; + data.hapd = hapd; data.addr = addr; + data.mld_assoc_link_id = mld_assoc_link_id; + if (hapd->iface->interfaces && hapd->iface->interfaces->for_each_interface) hapd->iface->interfaces->for_each_interface( From patchwork Mon May 22 19:33:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784658 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=IqZvQNYO; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=NsrTeWil; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ73z2GDhz20PS for ; Tue, 23 May 2023 05:36:31 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=2RbZow5w3ddHRJF59DHJhrKHl2phY1/jUdqFtoUNxbU=; b=IqZvQNYOJy5HpQ mGzWuoLJi9jqo54qFSnPq2r6rih1EmT8sl3iChqUR4aA+1S98XTh1GAtZsuGigLSMvInv03jA2MBJ f/ekaMWeDCfC9tMdzMhosT+UqrPuaO29qj+iXAqrbhQ4jfab3lHJDPOL40ogiVU4ikL6LKzrPD3uF u2Org+mUx0zEmz3dyrNsQEoFMz3e0qi0GGpuzwxLfrRkLu4aOdM1LhFm0BPtZvfBkf7TRBDclOSyn jJDTArO5AtU3WH18m4Pmwb5kO3qF2GC4v+XdGeKgXl7Jlfc10mXq604YNB445US1QzNU1l99tkL41 UWRyz8rvaQDKv8BIlLXw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJw-007ia0-0w; Mon, 22 May 2023 19:35:52 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJL-007hqY-1U for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:18 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784115; x=1716320115; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=PX3j6w9wrl91ytaiOE895hZpDu0qK7jqFv+MFNS6hAo=; b=NsrTeWilM7I/oy0KfG6tV8ylk9t7uD4bdnGfgDZmmEEFaJmVKXIYtZgZ 0cMjAvZqBw71bJIRlLn7muOTWIL15yvxzyA4/0ycFzC8SysXB6HQRp5x1 YlnqrPD7d79bAwd1ig+bReGdzqIZyiK8nEUGvYfCDeAfJZ0e3Dt4Gxcj/ 9S982fV/kgrmSjYTwBTlUCtCPrulM0cFPm6lSnXmqnz32bJRphjitz8aX +NBzkGzkgcnIdYyAWU3B80FN53inpWcYL31NGGIvs0YtkflR6c6Yoggpr wsETydcCRNIakfNxH+7Ti+N2jfuVw6d1/gAg+bMbdiW0YcnfRg7U8WFTP Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869203" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869203" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809276" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809276" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:13 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH v2 24/44] AP: Handle TX status for MLD AP Date: Mon, 22 May 2023 22:33:52 +0300 Message-Id: <20230522193412.658666-25-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123515_512546_BB890C2B X-CRM114-Status: GOOD ( 12.64 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer This allows proper TX status handling when MLD addressing is used. Note, that the statuses are still not forwarded to the correct link BSS. This will be handled in later patches. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer This allows proper TX status handling when MLD addressing is used. Note, that the statuses are still not forwarded to the correct link BSS. This will be handled in later patches. Signed-off-by: Ilan Peer --- src/ap/drv_callbacks.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c index 236a83f75f..0281264a62 100644 --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c @@ -1538,12 +1538,26 @@ static void hostapd_mgmt_tx_cb(struct hostapd_data *hapd, const u8 *buf, size_t len, u16 stype, int ok) { struct ieee80211_hdr *hdr; - struct hostapd_data *orig_hapd = hapd; + struct hostapd_data *orig_hapd = hapd, *tmp_hapd; hdr = (struct ieee80211_hdr *) buf; - hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len)); - if (!hapd) - return; + tmp_hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len)); + if (tmp_hapd) { + hapd = tmp_hapd; + } else { + bool mld_ap_match = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap_match = (hapd->conf->mld_ap && + !os_memcmp(hapd->mld_addr, + get_hdr_bssid(hdr, len), + ETH_ALEN)); +#endif /* CONFIG_IEEE80211BE */ + + if (!mld_ap_match) + return; + } + if (hapd == HAPD_BROADCAST) { if (stype != WLAN_FC_STYPE_ACTION || len <= 25 || buf[24] != WLAN_ACTION_PUBLIC) From patchwork Mon May 22 19:33:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784659 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=3EjKqReX; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=REH8qZjK; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7405cjdz20PY for ; Tue, 23 May 2023 05:36:32 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=hwwfVPklYgQHsDNNh72uzshlq5FX19RZ4FTvzMq9Ems=; b=3EjKqReXagPvQU LmJgbXMF+/cLAx7HoWIO+ROHGLVX6jYJE0/e3YMNYFgKvbju+nNfYYW85A98stUiEFELjijXBR3vq kGEuoLS/MXauJEnjGCuyYn4IgmFIbo+32kXO8ggEUkDELtLFtQulDs0wGGifDceAMKPOMxzC6h/7w HRErt3qcaIyeW0lInxkPKVJo0DYSVVmBB5Tn9glDZ2D/SA7ogNJ4ayWHMp2/nWlesv+cBqLznxOrU 89/DNPnmHkTwArrhFH8PEyJHm9QXYS8PW0Uheo9VGBm1iptE07z3ZYkgInnfzFd/xfnFzZhPaNyOQ iKs4/yeRGvUo3ojbTrMA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJy-007ick-21; Mon, 22 May 2023 19:35:54 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJM-007hs9-2G for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:18 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784116; x=1716320116; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=82IIv7ygNCyaamIsah6lCEVaGDzBOJrCl3EKyeNoGiQ=; b=REH8qZjKOpnmb1lE2GkZZBTyg+1tDqy5ZGrtBahhEdBNPEIxagBGtcWf bzXtHR3Vtqd3m6MPezf9dOzlEyh11zQN7IZo76yDOTGGWeBYqSWlnQZTc jOH3U6b4AA8wY6NPM9UZORIzNoh5to5EqkmrkUD9MhOKX4LRwl2pU8N5B VtmOCOD/JebJj+yHAdpal3FTiMPWr88sZXwhlqjhsSjWmX5VNSBWQniOu Zh0XKU2AIWh+nlWtcPvFSGZxRzgmBLZl3VzosnPqFNjWhoPYn3KGk/XrX 1A721Z/6R6C7hC9rEQgsdhqFdGEYM3p29T3sJIshPtOTf4S7DaaDYQRWA Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869214" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869214" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:16 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809291" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809291" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:15 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 25/44] AP: Print MLD info in STATUS command Date: Mon, 22 May 2023 22:33:53 +0300 Message-Id: <20230522193412.658666-26-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123516_795297_8544F05D X-CRM114-Status: UNSURE ( 8.48 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- src/ap/ctrl_iface_ap.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/ap/ctrl_iface_ap.c b/src/ap/ctrl_iface_ap.c index 6934a732a5..3ecf65da1a 100644 --- a/src/ap/ctrl_iface_ap.c +++ b/src/ap/ctrl_iface_ap.c @@ -938,6 +938,21 @@ int hostapd_ctrl_iface_s [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- src/ap/ctrl_iface_ap.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/ap/ctrl_iface_ap.c b/src/ap/ctrl_iface_ap.c index 6934a732a5..3ecf65da1a 100644 --- a/src/ap/ctrl_iface_ap.c +++ b/src/ap/ctrl_iface_ap.c @@ -938,6 +938,21 @@ int hostapd_ctrl_iface_status(struct hostapd_data *hapd, char *buf, if (os_snprintf_error(buflen - len, ret)) return len; len += ret; +#ifdef CONFIG_IEEE80211BE + if (bss->conf->mld_ap) { + ret = os_snprintf(buf + len, buflen - len, + "mld_addr[%d]=" MACSTR "\n" + "mld_id[%d]=%d\n" + "mld_link_id[%d]=%d\n", + (int)i, MAC2STR(bss->mld_addr), + (int)i, bss->conf->mld_id, + (int)i, bss->mld_link_id); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + } +#endif /* CONFIG_IEEE80211BE */ + } if (hapd->conf->chan_util_avg_period) { From patchwork Mon May 22 19:33:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784661 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=IIl/ll1Q; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=S3slr/sG; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7425H21z20PS for ; Tue, 23 May 2023 05:36:34 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=fde9lq0jnba7pA0p4DJQ3nnStLcpQe654FaKS43S/YU=; b=IIl/ll1Qb2iiSv TJQgB3DQ5rCtSBl+fvgrdrhwJFARpQaOAqYaZrNIYWRHKPpNTOMeUKw6B0acrw9r2y61abZPj6qDQ CT/E6sEzT3Oh7riOnUBrRyHL2vNdkzMGi+EhhCHZDs3Jt4Mfxomeb3XfW0koBV0e7Wm4mDbgBPzGE hD1GTxbMUHPeCZiVBJkydSzwknre9gArt2KK3sgB5IqAcIEIiUPiGb9DlUj4i2cNaawBn41gPdVKX QySUOsBy8p9sDzjxUbFXlVP/A900S7SAYud3Ifjo2ZO12ykt7foBHBVkQI/T5DGy4FBP5MOxQXi0m i2Xiy4KbnGGJ2AGzG3LA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BK0-007iek-1A; Mon, 22 May 2023 19:35:56 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJO-007hwX-30 for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:21 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784118; x=1716320118; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=d1DhWI2DKlv3mBZhrGdQktyyZC/7iz6TtGQDinyJx2Q=; b=S3slr/sGOR+hd0NdBlHqjBB1qEonU3zRJF3Jtbdq1vaA3+hLlkKErA7a zxQIohLCqBPlW2pRKrnioEFHbZsB38wnJlSeFHxmNAaGacDt/Oveum+h6 w5yifSxmdT8oYiT2IkrRDx8EDYvsGLxhtv8799NjuxFCYpiiIoAM5DW0C iatLzx4ti+p0XPr+nmzaol7y2MZ5+jCbMlR72t2UaZW1T0HEsenMKM6Vj atHW+iLejCTaHY2cfBPO8L44w6z6ZSZ4w+9bc4j7IyQXJqh8mkqqlkyF1 lC0xZ5bE0mCMgA+PyCG+J7KDnGSGQd/xIhoNIj8jzESkRqDUb2ag0E96f w==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869226" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869226" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:18 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809305" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809305" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:16 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 26/44] AP/wpa_supplicant/driver: Add link id to send eapol callbacks Date: Mon, 22 May 2023 22:33:54 +0300 Message-Id: <20230522193412.658666-27-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123519_049642_27414E04 X-CRM114-Status: GOOD ( 19.24 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: EAPOL frames may need to be transmitted from the link address and not MLD address. For example, in case of authentication between MLD AP and legacy STA. Add link_id parameter to eapol send API's. Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.h | 4 ++-- src/ap/ieee802_1x.c | 7 ++++++- src/ap/wpa_auth_glue.c | 15 +++++++++++++-- src/drivers/driver.h [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org EAPOL frames may need to be transmitted from the link address and not MLD address. For example, in case of authentication between MLD AP and legacy STA. Add link_id parameter to eapol send API's. Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.h | 4 ++-- src/ap/ieee802_1x.c | 7 ++++++- src/ap/wpa_auth_glue.c | 15 +++++++++++++-- src/drivers/driver.h | 6 ++++-- src/drivers/driver_nl80211.c | 12 ++++++++---- wpa_supplicant/driver_i.h | 9 +++++---- wpa_supplicant/ibss_rsn.c | 4 ++-- wpa_supplicant/wpas_glue.c | 2 +- 8 files changed, 41 insertions(+), 18 deletions(-) diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index 2aa76385e1..a2c67e0446 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -201,13 +201,13 @@ static inline int hostapd_drv_sta_remove(struct hostapd_data *hapd, static inline int hostapd_drv_hapd_send_eapol(struct hostapd_data *hapd, const u8 *addr, const u8 *data, size_t data_len, int encrypt, - u32 flags) + u32 flags, int link_id) { if (hapd->driver == NULL || hapd->driver->hapd_send_eapol == NULL) return 0; return hapd->driver->hapd_send_eapol(hapd->drv_priv, addr, data, data_len, encrypt, - hapd->own_addr, flags); + hapd->own_addr, flags, link_id); } static inline int hostapd_drv_read_sta_data( diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c index 33d47802f6..bacc588de1 100644 --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c @@ -95,9 +95,14 @@ static void ieee802_1x_send(struct hostapd_data *hapd, struct sta_info *sta, if (sta->flags & WLAN_STA_PREAUTH) { rsn_preauth_send(hapd, sta, buf, len); } else { + int link = -1; + +#ifdef CONFIG_IEEE80211BE + link = hapd->conf->mld_ap ? hapd->mld_link_id : -1; +#endif /* CONFIG_IEEE80211BE */ hostapd_drv_hapd_send_eapol( hapd, sta->addr, buf, len, - encrypt, hostapd_sta_flags_to_drv(sta->flags)); + encrypt, hostapd_sta_flags_to_drv(sta->flags), link); } os_free(buf); diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index a87d2f3899..8517f6954a 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -522,6 +522,11 @@ int hostapd_wpa_auth_send_eapol(void *ctx, const u8 *addr, struct hostapd_data *hapd = ctx; struct sta_info *sta; u32 flags = 0; + int link = -1; + +#ifdef CONFIG_IEEE80211BE + link = hapd->conf->mld_ap ? hapd->mld_link_id : -1; +#endif #ifdef CONFIG_TESTING_OPTIONS if (hapd->ext_eapol_frame_io) { @@ -539,11 +544,17 @@ int hostapd_wpa_auth_send_eapol(void *ctx, const u8 *addr, #endif /* CONFIG_TESTING_OPTIONS */ sta = ap_get_sta(hapd, addr); - if (sta) + if (sta) { flags = hostapd_sta_flags_to_drv(sta->flags); +#ifdef CONFIG_IEEE80211BE + if (sta->mld_info.mld_sta && + (sta->flags & WLAN_STA_AUTHORIZED)) + link = -1; +#endif + } return hostapd_drv_hapd_send_eapol(hapd, addr, data, data_len, - encrypt, flags); + encrypt, flags, link); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index b39d04a6fd..785ffd8e80 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -3528,6 +3528,7 @@ struct wpa_driver_ops { * @buf: Frame payload starting from IEEE 802.1X header * @len: Frame payload length * @no_encrypt: Do not encrypt frame + * @link_id: Link ID to use for TX, or -1 if not set * * Returns 0 on success, else an error * @@ -3545,7 +3546,7 @@ struct wpa_driver_ops { */ int (*tx_control_port)(void *priv, const u8 *dest, u16 proto, const u8 *buf, size_t len, - int no_encrypt); + int no_encrypt, int link_id); /** * hapd_send_eapol - Send an EAPOL packet (AP only) @@ -3556,12 +3557,13 @@ struct wpa_driver_ops { * @encrypt: Whether the frame should be encrypted * @own_addr: Source MAC address * @flags: WPA_STA_* flags for the destination station + * @link_id: Link ID to use for TX, or -1 if not set * * Returns: 0 on success, -1 on failure */ int (*hapd_send_eapol)(void *priv, const u8 *addr, const u8 *data, size_t data_len, int encrypt, - const u8 *own_addr, u32 flags); + const u8 *own_addr, u32 flags, int link_id); /** * sta_deauth - Deauthenticate a station (AP only) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index cb33c92ec7..b6b57de00f 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -6097,7 +6097,7 @@ static void nl80211_teardown_ap(struct i802_bss *bss) static int nl80211_tx_control_port(void *priv, const u8 *dest, u16 proto, const u8 *buf, size_t len, - int no_encrypt) + int no_encrypt, int link_id) { struct nl80211_ack_ext_arg ext_arg; struct i802_bss *bss = priv; @@ -6116,7 +6116,9 @@ static int nl80211_tx_control_port(void *priv, const u8 *dest, nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dest) || nla_put(msg, NL80211_ATTR_FRAME, len, buf) || (no_encrypt && - nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))) { + nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)) || + (link_id != NL80211_DRV_LINK_ID_NA && + nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))) { nlmsg_free(msg); return -ENOBUFS; } @@ -6174,7 +6176,8 @@ static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; static int wpa_driver_nl80211_hapd_send_eapol( void *priv, const u8 *addr, const u8 *data, - size_t data_len, int encrypt, const u8 *own_addr, u32 flags) + size_t data_len, int encrypt, const u8 *own_addr, u32 flags, + int link_id) { struct i802_bss *bss = priv; struct wpa_driver_nl80211_data *drv = bss->drv; @@ -6189,7 +6192,8 @@ static int wpa_driver_nl80211_hapd_send_eapol( if (drv->control_port_ap && (drv->capa.flags & WPA_DRIVER_FLAGS_CONTROL_PORT)) return nl80211_tx_control_port(bss, addr, ETH_P_EAPOL, - data, data_len, !encrypt); + data, data_len, !encrypt, + link_id); if (drv->device_ap_sme || !drv->use_monitor) return nl80211_send_eapol_data(bss, addr, data, data_len); diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index 03f413c014..df9fd0a0f2 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -372,23 +372,24 @@ static inline int wpa_drv_sta_remove(struct wpa_supplicant *wpa_s, static inline int wpa_drv_tx_control_port(struct wpa_supplicant *wpa_s, const u8 *dest, u16 proto, const u8 *buf, size_t len, - int no_encrypt) + int no_encrypt, int link_id) { if (!wpa_s->driver->tx_control_port) return -1; return wpa_s->driver->tx_control_port(wpa_s->drv_priv, dest, proto, - buf, len, no_encrypt); + buf, len, no_encrypt, link_id); } static inline int wpa_drv_hapd_send_eapol(struct wpa_supplicant *wpa_s, const u8 *addr, const u8 *data, size_t data_len, int encrypt, - const u8 *own_addr, u32 flags) + const u8 *own_addr, u32 flags, + int link_id) { if (wpa_s->driver->hapd_send_eapol) return wpa_s->driver->hapd_send_eapol(wpa_s->drv_priv, addr, data, data_len, encrypt, - own_addr, flags); + own_addr, flags, link_id); return -1; } diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c index 5b31f7bb0e..65284ab913 100644 --- a/wpa_supplicant/ibss_rsn.c +++ b/wpa_supplicant/ibss_rsn.c @@ -73,7 +73,7 @@ static int supp_ether_send(void *ctx, const u8 *dest, u16 proto, const u8 *buf, if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) return wpa_drv_tx_control_port(wpa_s, dest, proto, buf, len, - !encrypt); + !encrypt, -1); if (wpa_s->l2) return l2_packet_send(wpa_s->l2, dest, proto, buf, len); @@ -303,7 +303,7 @@ static int auth_send_eapol(void *ctx, const u8 *addr, const u8 *data, if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) return wpa_drv_tx_control_port(wpa_s, addr, ETH_P_EAPOL, - data, data_len, !encrypt); + data, data_len, !encrypt, -1); if (wpa_s->l2) return l2_packet_send(wpa_s->l2, addr, ETH_P_EAPOL, data, diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index c4cfca50e6..d322829ad2 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -118,7 +118,7 @@ int wpa_ether_send(struct wpa_supplicant *wpa_s, const u8 *dest, wpa_sm_has_ptk_installed(wpa_s->wpa); return wpa_drv_tx_control_port(wpa_s, dest, proto, buf, len, - !encrypt); + !encrypt, -1); } if (wpa_s->l2) { From patchwork Mon May 22 19:33:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784663 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=qCohQ1RU; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=CSTIL77X; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7446hQLz20PS for ; Tue, 23 May 2023 05:36:36 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=qqYW7p01o8fmhql/Vl9O6893Jyt4No6SMt8TGahiuXY=; b=qCohQ1RUo9qaz9 fS/dXIGDkkqeMO/WYrycVUvJ/VZmZBS3KzsGnIgtQMGFpQwljRKzBJ/A/lTquQODho/dtOGvRBxDk iwEbrL0M1a6Ihv28pyg+4mf1o5fUquycM7fLZlKbN9+qohSIV+womCohKSP+e9SUXrCcprOLn6zxW UQaSQ9LE5tE0JsLnPGps71KbCLnGaNheC/RlYxNGeZvDx5LjyEm0/0mtVtF6Jl2wcl3nH9pfGPuF+ 4+wkRSmSGCmto4c+pILuCVzBAusUVwfuL51QNRhJIiHnkO9kJCkdy60IY6mS0M2AAst5bHWFnZhpt TyGGWVPyPc9wYCJrT/Gg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BK4-007ijP-0e; Mon, 22 May 2023 19:36:00 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJP-007hyQ-30 for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:22 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784119; x=1716320119; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=8oIwM86WKDCrcRPjPY03r7+5j/pJ5epjAmKUremnExA=; b=CSTIL77XXzzNFUM1ak1/28DMEX1CKLImcWgp9QnlACOYqVb7Bj+6haas ZYrQIFqIP6v7xCpsXDE1nHxRl53O0uAGT5UcZco40fKScHlKfMCRmiBJM PQxCsA/uiT+k94adUYqDIFkSIuO6JiQpiyrSRM10qK2Bak+ohdYJOiZlY Vljz470mDOrP40HjD5bg954oS62JxXgTs7WQFPulB8L07dg4v+Fyy6h7d 5HcLrWBzyGbkkSvuT7mcsLVKnQt8GWpVwwbpyljbzJQ8BZOps39cadSrf cvQIGUoSoiFMDyPb6dwK4+xJIQssphn3slIMUy3vDgvmgG3pWcrBmASx7 Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869235" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869235" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:19 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809322" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809322" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:18 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH v2 27/44] AP: Provide the link ID for an MLD setting when setting VLAN Date: Mon, 22 May 2023 22:33:55 +0300 Message-Id: <20230522193412.658666-28-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123520_009439_822FCD1B X-CRM114-Status: GOOD ( 16.70 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer This required modification to the driver interface and driver nl80211. Signed-off-by: Ilan Peer --- src/ap/ap_drv_ops.h | 5 +++-- src/ap/sta_info.c | 9 ++++++++- src/drivers/driver.h | 3 ++- src/drivers/driver_nl80211.c | 13 ++++++++----- 4 files ch [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer This required modification to the driver interface and driver nl80211. Signed-off-by: Ilan Peer --- src/ap/ap_drv_ops.h | 5 +++-- src/ap/sta_info.c | 9 ++++++++- src/drivers/driver.h | 3 ++- src/drivers/driver_nl80211.c | 13 ++++++++----- 4 files changed, 21 insertions(+), 9 deletions(-) diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index a2c67e0446..04f0dfa031 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -174,12 +174,13 @@ static inline int hostapd_drv_set_countermeasures(struct hostapd_data *hapd, static inline int hostapd_drv_set_sta_vlan(const char *ifname, struct hostapd_data *hapd, - const u8 *addr, int vlan_id) + const u8 *addr, int vlan_id, + s8 link_id) { if (hapd->driver == NULL || hapd->driver->set_sta_vlan == NULL) return 0; return hapd->driver->set_sta_vlan(hapd->drv_priv, addr, ifname, - vlan_id); + vlan_id, link_id); } static inline int hostapd_drv_get_inact_sec(struct hostapd_data *hapd, diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c index 61116cff96..5a9033fa9c 100644 --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c @@ -1083,6 +1083,12 @@ int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta) struct hostapd_vlan *vlan = NULL; int ret; int old_vlanid = sta->vlan_id_bound; + s8 mld_link_id = -1; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + mld_link_id = hapd->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ if ((sta->flags & WLAN_STA_WDS) && sta->vlan_id == 0) { wpa_printf(MSG_DEBUG, @@ -1140,7 +1146,8 @@ skip_counting: if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); - ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); + ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id, + mld_link_id); if (ret < 0) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not bind the STA " diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 785ffd8e80..41b39e7fc8 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -3772,6 +3772,7 @@ struct wpa_driver_ops { * @ifname: Interface (main or virtual BSS or VLAN) * @addr: MAC address of the associated station * @vlan_id: VLAN ID + * @link_id: The link ID or -1 for non-MLO * Returns: 0 on success, -1 on failure * * This function is used to bind a station to a specific virtual @@ -3781,7 +3782,7 @@ struct wpa_driver_ops { * domains to be used with a single BSS. */ int (*set_sta_vlan)(void *priv, const u8 *addr, const char *ifname, - int vlan_id); + int vlan_id, s8 link_id); /** * commit - Optional commit changes handler (AP only) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index b6b57de00f..1b4abe6158 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -8018,7 +8018,7 @@ fail: static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr, - const char *ifname, int vlan_id) + const char *ifname, int vlan_id, s8 link_id) { struct wpa_driver_nl80211_data *drv = bss->drv; struct nl_msg *msg; @@ -8032,6 +8032,8 @@ static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr, nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || (vlan_id && (drv->capa.flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD) && nla_put_u16(msg, NL80211_ATTR_VLAN_ID, vlan_id)) || + (link_id >= 0 && nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, + link_id)) || nla_put_u32(msg, NL80211_ATTR_STA_VLAN, if_nametoindex(ifname))) { nlmsg_free(msg); return -ENOBUFS; @@ -8290,7 +8292,7 @@ static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val, wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA " "interface %s up", name); } - return i802_set_sta_vlan(priv, addr, name, 0); + return i802_set_sta_vlan(priv, addr, name, 0, -1); } else { if (bridge_ifname && linux_br_del_if(drv->global->ioctl_sock, bridge_ifname, @@ -8299,7 +8301,7 @@ static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val, "nl80211: Failed to remove interface %s from bridge %s: %s", name, bridge_ifname, strerror(errno)); - i802_set_sta_vlan(priv, addr, bss->ifname, 0); + i802_set_sta_vlan(priv, addr, bss->ifname, 0, -1); nl80211_remove_iface(drv, if_nametoindex(name)); os_memset(&event, 0, sizeof(event)); event.wds_sta_interface.sta_addr = addr; @@ -10470,10 +10472,11 @@ static int driver_nl80211_sta_remove(void *priv, const u8 *addr) static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr, - const char *ifname, int vlan_id) + const char *ifname, int vlan_id, + s8 link_id) { struct i802_bss *bss = priv; - return i802_set_sta_vlan(bss, addr, ifname, vlan_id); + return i802_set_sta_vlan(bss, addr, ifname, vlan_id, link_id); } From patchwork Mon May 22 19:33:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784662 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=DNQVR0s4; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=nNru1AFm; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7426bBwz20PY for ; Tue, 23 May 2023 05:36:34 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=YVa8KBZpP+AvB1a1ZloM36yGqGttQ7MbD+lsKtRquu8=; b=DNQVR0s4i+3HmR V05XLLIzw6Rjmhu64iGqtjNZrRpflHLOLbs+ci7t1Fp+zVlPc9rv/iYCX0ef/tHMNepbMT7ddjHIi wt13L7TWSirrOraOCt/0nBVbwdCy8iYD81j67MzG5Vbw0YoZVNep6etAwxRBAsAWRK5BWpx0dqvWW U+COHlE6uRW33ue1Q9OsvewiGhP5xA9S6+qgPKnoJ/KNoZITOOVjhtHUufLxNoWBEDtSh4fqa2+E5 BjcIFNoreVG/xmgNFfC2puW3V4Hwt/rO9+8feWdoBGsaxvbUajx58S7ZvBE801EYfThbrBCI45tyy 98qL+2f1XbUvWMbb2zPg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BK6-007ink-30; Mon, 22 May 2023 19:36:02 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJR-007i03-0z for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:22 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784121; x=1716320121; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=rKPazbeh7QWEo1FJuCTeNhB/2YNDMBEP+lUZDiOG2Ek=; b=nNru1AFmwJsF6ay5gSkkBfy2CtdXge228OkLrONYE05eHERMAlD8irIl mY6X3uld521ycakew+st/UEcrehVxx/JggRcW06e+eBECwaHB+AA9/9S1 0KiRyuM5jJqMW78Kxmg73sc4vRdtlVKLjFtHgqvnugVsaEKxq4ai2umUG hYcaYnzzdPGTYHBm2TBpHxb2pp4sx4jHkYugdYn4xeI3O9GHc4qM7PiLC BE9gJNQKGiIrG+zgUdxUH3L6bkGRlkGdlLkLq9GG73GW/UJmywU273Mm8 Zi6v+lqdYaqADK3a64l4+DHvctupcGBCrJjD2F+y8QuCw+czpMOwePjOk A==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869244" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869244" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:20 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809328" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809328" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:19 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH v2 28/44] AP/driver: Add link id to the set_tx_queue_params() callback Date: Mon, 22 May 2023 22:33:56 +0300 Message-Id: <20230522193412.658666-29-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123521_421203_F067AE0B X-CRM114-Status: GOOD ( 13.64 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/ap_drv_ops.c | 11 ++++++++++- src/drivers/driver.h | 4 +++- src/drivers/driver_nl80211.c | 7 ++++++- 3 files changed, 19 insertions(+), 3 dele [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/ap_drv_ops.c | 11 ++++++++++- src/drivers/driver.h | 4 +++- src/drivers/driver_nl80211.c | 7 ++++++- 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index 014a140efc..cf4ff3ddd8 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -657,10 +657,19 @@ int hostapd_set_country(struct hostapd_data *hapd, const char *country) int hostapd_set_tx_queue_params(struct hostapd_data *hapd, int queue, int aifs, int cw_min, int cw_max, int burst_time) { + int link_id = -1; + if (hapd->driver == NULL || hapd->driver->set_tx_queue_params == NULL) return 0; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + link_id = hapd->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ + return hapd->driver->set_tx_queue_params(hapd->drv_priv, queue, aifs, - cw_min, cw_max, burst_time); + cw_min, cw_max, burst_time, + link_id); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 41b39e7fc8..97f270fa83 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -3727,9 +3727,11 @@ struct wpa_driver_ops { * @cw_min: cwMin * @cw_max: cwMax * @burst_time: Maximum length for bursting in 0.1 msec units + * @link_id: Link ID to use, or -1 for non MLD. */ int (*set_tx_queue_params)(void *priv, int queue, int aifs, int cw_min, - int cw_max, int burst_time); + int cw_max, int burst_time, + int link_id); /** * if_add - Add a virtual interface diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 1b4abe6158..7bacdd3f50 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -7952,7 +7952,8 @@ static int i802_read_sta_data(struct i802_bss *bss, static int i802_set_tx_queue_params(void *priv, int queue, int aifs, - int cw_min, int cw_max, int burst_time) + int cw_min, int cw_max, int burst_time, + int link_id) { struct i802_bss *bss = priv; struct wpa_driver_nl80211_data *drv = bss->drv; @@ -8004,6 +8005,10 @@ static int i802_set_tx_queue_params(void *priv, int queue, int aifs, nla_nest_end(msg, txq); + if (link_id >= 0 && + nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)) + goto fail; + res = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); wpa_printf(MSG_DEBUG, "nl80211: TX queue param set: queue=%d aifs=%d cw_min=%d cw_max=%d burst_time=%d --> res=%d", From patchwork Mon May 22 19:33:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784664 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=HjTC9pnR; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=CfjF+8xV; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ7495323z20PS for ; Tue, 23 May 2023 05:36:41 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=omtLQihtnRjMOwNOF+XDaIJRTvM18Z6rVAPbXM6toYQ=; b=HjTC9pnRuEjVQe gmvsb9/iyl3TOB7tdlpUwk9E5Dx2xsM41IRjSv4I0xPayhZPVXIlW4us7UlSqOpepeCAU2/v3t2Ub WmiAp7apaWzB/mC0bQLymQLjDFaL6Qn9l08VSE+Vv8/R6jCnC8cF+UCVxY9JgPD1c3noWCSGCuiTu C2uU2XRD7LLIdvdgWWm7EZPJgx8pIAW1j4nq0h+pGxjoKoDC3Zs8M0jHUmdOXxz4YswA4ht338YtY 7h7MR85+P1TpFBc4KhlfPizD5AMxWvNWibIz1ZeOLBTaez3s37ot8I0RfVO0W75HKu+p1W6KxTbne /KFflxrQRbSpQiW5mAxQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BK9-007iqa-0v; Mon, 22 May 2023 19:36:05 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJS-007hwX-1D for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:23 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784122; x=1716320122; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=wH7CSmgHjz0NP7FnBW8XiruOOzL1rwZkDiRRdno6DQo=; b=CfjF+8xVGpttPqYqryauZzYeBJOn38tkcpKegsWX/AqjAr70J8OGYHWy z/9aP9uuUBu4u/24nvK0pyjPZwNDeMcfJFDmX/EaAtsC39gfQ4nnCV+P3 PJHrxpyo91tV3CLkVDwv+MI5U6PygMONl5hWkniKQkFa82J2XudXQtpIz aYH8mtPUekw2MckkEyO09K+b0yh49TDrLE/CtndVf6BLYzt6SwbLQFSTk 6hG3miNzTRHQwPGdOe4pu7nv0LM+cZ+B5U/as69/w50QufVyDuYckvk1r qPml2rhvmSFOiLTJVwa2De3g0gu3ND9MvqJ8EneBpR57iO1/YpF1NxAAp g==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869254" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869254" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:22 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809333" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809333" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:20 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 29/44] driver_nl80211: use frequency to determine mld link for MLME events Date: Mon, 22 May 2023 22:33:57 +0300 Message-Id: <20230522193412.658666-30-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123522_432748_353DB77C X-CRM114-Status: GOOD ( 16.21 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: As link_id isn't always available. Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 2 +- src/drivers/driver_nl80211.h | 1 + src/drivers/driver_nl80211_event.c | 30 ++++++++++++++ [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org As link_id isn't always available. Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 2 +- src/drivers/driver_nl80211.h | 1 + src/drivers/driver_nl80211_event.c | 30 +++++++++++++++++++++++++----- 3 files changed, 27 insertions(+), 6 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 7bacdd3f50..8bb1c3f0d7 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4116,7 +4116,7 @@ int wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data *drv) } -static struct i802_link *nl80211_get_link(struct i802_bss *bss, s8 link_id) +struct i802_link *nl80211_get_link(struct i802_bss *bss, s8 link_id) { unsigned int i; diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h index ed6293bd3b..b38cd7f53a 100644 --- a/src/drivers/driver_nl80211.h +++ b/src/drivers/driver_nl80211.h @@ -319,6 +319,7 @@ int process_bss_event(struct nl_msg *msg, void *arg); const char * nl80211_iftype_str(enum nl80211_iftype mode); void nl80211_restore_ap_mode(struct i802_bss *bss); +struct i802_link *nl80211_get_link(struct i802_bss *bss, s8 link_id); #ifdef ANDROID int android_nl_socket_set_nonblocking(struct nl_sock *handle); diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c index a6f8c97ca2..838afabcc7 100644 --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c @@ -1406,6 +1406,20 @@ static void mlme_event_unprot_beacon(struct wpa_driver_nl80211_data *drv, } +static struct i802_link *nl80211_get_mld_link_by_freq(struct i802_bss *bss, u32 freq) +{ + unsigned int i; + + for (i = 0; i < bss->n_links; i++) { + if ((u32)bss->links[i].freq == freq && + bss->links[i].link_id != -1) + return &bss->links[i]; + } + + return NULL; +} + + static void mlme_event(struct i802_bss *bss, enum nl80211_commands cmd, struct nlattr *frame, struct nlattr *addr, struct nlattr *timed_out, @@ -1418,7 +1432,8 @@ static void mlme_event(struct i802_bss *bss, u16 stype = 0, auth_type = 0; const u8 *data; size_t len; - int link_id; + int link_id = -1; + struct i802_link *mld_link = NULL; if (timed_out && addr) { mlme_timeout_event(drv, cmd, addr); @@ -1432,10 +1447,14 @@ static void mlme_event(struct i802_bss *bss, return; } + /* get the mld link either by link id or freq */ if (link) - link_id = nla_get_u8(link); - else - link_id = -1; + mld_link = nl80211_get_link(bss, nla_get_u8(link)); + else if (freq) + mld_link = nl80211_get_mld_link_by_freq(bss, nla_get_u32(freq)); + + if (mld_link) + link_id = mld_link->link_id; data = nla_data(frame); len = nla_len(frame); @@ -1478,7 +1497,8 @@ static void mlme_event(struct i802_bss *bss, os_memcmp(bss->addr, data + 4 + ETH_ALEN, ETH_ALEN) != 0 && (is_zero_ether_addr(drv->first_bss->prev_addr) || os_memcmp(bss->prev_addr, data + 4 + ETH_ALEN, - ETH_ALEN) != 0)) { + ETH_ALEN) != 0) && + (!mld_link || os_memcmp(mld_link->addr, data + 4, ETH_ALEN) != 0)) { wpa_printf(MSG_MSGDUMP, "nl80211: %s: Ignore MLME frame event " "for foreign address", bss->ifname); return; From patchwork Mon May 22 19:33:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784665 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Rdetn9hJ; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=C4HyEcb8; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ74D1VMGz20PY for ; Tue, 23 May 2023 05:36:44 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=VACidUFq9jX+t/kyP6OCE5k2SvX2xKgwBjawt1Gy4HU=; b=Rdetn9hJ/F+HQl B3yapvwHSMM8IlKzPmC7N+n4uB27s9JU5nJkaeDsot1gMEDdd+bhmPECAG9YpQ8M4dSQe0EV/dnFu wmGdAbOF4qWN2QNS44bfDHhWyrczG4utgCpwLouKQ/cS61y+3lW8nZviR3zO2IslzvrApNyfoQuWU zjsJwTg3zNBH/xTRjkLCV3SfK9MR+uDKITK9869fX/69iq/B0GZlhTCHfm+jiNx+8BhEqmvTmxwMm xTNqF/B9MU5rJj57DK5f5UtVl4iUTa/vaeqncYcVerJNZuHq1sHmiv5Kkuv9jFywRUX3ovD0mlOIY VT6Y96yk74tB1jmwUz/A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BKD-007iv8-10; Mon, 22 May 2023 19:36:09 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJT-007i3B-2i for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:25 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784123; x=1716320123; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=n8PLsbrFkyoT2j400l84pLlEw+BcWqaF4rj7IK2fih8=; b=C4HyEcb8MefoSCKGQVkJKMmEag/sj5bGkcNIa9RU1hwQSbaK0lW5n7VN +w06uWM9hLJ7YoLJgBaCQnslPlZDRtHHn+5LqkCyPZ7oTkpZ49f0Gx4+p Elab6bE1DvV9Wdhpf/CBw9DhOg0uR8Mf5wYKJVMU46jnayqR0pxTqSXnx ypwhVfl43ZqqQE/PH0aHJcTwDAB+xdb1kjSleFXGPDX5Elctuz/iEbfJM g/Bmq8vtjZ4RapwbXuh13T+4ONSvsE8q08g1EjQFkn4fjr7le4rnmz3mx 2SpZ7lWQ147V0EVliNj1Z0E0YRESUKDLZxpoBewXzl9BLtbves0aK+/LU Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869272" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869272" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:23 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809356" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809356" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:21 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 30/44] AP: Forward link specific events Date: Mon, 22 May 2023 22:33:58 +0300 Message-Id: <20230522193412.658666-31-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123523_900886_008A81E7 X-CRM114-Status: GOOD ( 12.86 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Process management and EAPOL frames on the correct link. Signed-off-by: Andrei Otcheretianski --- src/ap/drv_callbacks.c | 35 +++++++++++++++++++++++++++++++---- 1 file changed, 31 insertions(+), 4 deletions(-) Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Process management and EAPOL frames on the correct link. Signed-off-by: Andrei Otcheretianski --- src/ap/drv_callbacks.c | 35 +++++++++++++++++++++++++++++++---- 1 file changed, 31 insertions(+), 4 deletions(-) diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c index 0281264a62..028fc6b536 100644 --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c @@ -1417,6 +1417,21 @@ static void hostapd_action_rx(struct hostapd_data *hapd, #ifdef NEED_AP_MLME +static struct hostapd_data *switch_link_hapd(struct hostapd_data *hapd, int link_id) +{ +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && link_id >= 0) { + struct hostapd_data *link_bss; + + link_bss = hostapd_mld_get_link_bss(hapd, (u8)link_id); + if (link_bss) + return link_bss; + } +#endif /* CONFIG_IEEE80211BE */ + + return hapd; +} + #define HAPD_BROADCAST ((struct hostapd_data *) -1) @@ -1454,13 +1469,17 @@ static void hostapd_rx_from_unknown_sta(struct hostapd_data *hapd, static int hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) { - struct hostapd_iface *iface = hapd->iface; + struct hostapd_iface *iface; const struct ieee80211_hdr *hdr; const u8 *bssid; struct hostapd_frame_info fi; int ret; bool is_mld = false; + hapd = switch_link_hapd(hapd, rx_mgmt->link_id); + + iface = hapd->iface; + #ifdef CONFIG_TESTING_OPTIONS if (hapd->ext_mgmt_frame_handling) { size_t hex_len = 2 * rx_mgmt->frame_len + 1; @@ -1600,12 +1619,19 @@ static int hostapd_event_new_sta(struct hostapd_data *hapd, const u8 *addr) static void hostapd_event_eapol_rx(struct hostapd_data *hapd, const u8 *src, const u8 *data, size_t data_len, - enum frame_encryption encrypted) + enum frame_encryption encrypted, + int link_id) { - struct hostapd_iface *iface = hapd->iface; + struct hostapd_iface *iface; struct sta_info *sta; size_t j; +#ifdef CONFIG_IEEE80211BE + hapd = switch_link_hapd(hapd, link_id); +#endif /* CONFIG_IEEE80211BE */ + + iface = hapd->iface; + for (j = 0; j < iface->num_bss; j++) { sta = ap_get_sta(iface->bss[j], src); if (sta && sta->flags & WLAN_STA_ASSOC) { @@ -2007,7 +2033,8 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, hostapd_event_eapol_rx(hapd, data->eapol_rx.src, data->eapol_rx.data, data->eapol_rx.data_len, - data->eapol_rx.encrypted); + data->eapol_rx.encrypted, + data->eapol_rx.link_id); break; case EVENT_ASSOC: if (!data) From patchwork Mon May 22 19:33:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784684 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ADc09OUX; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=H9l9LORm; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ8jM3J1Pz20Q6 for ; Tue, 23 May 2023 06:50:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=E7FJEJih0CBGuaVI00LKrUMjaumm1jEtBWUEbyZP7/Q=; b=ADc09OUXDAmO+a czV08phPv4cpwYooUV4rTUnpR1nZLyxfnRRxjsHy2IEi/uLKshfe7JlqtAnAXcsqAd/WRYlSwDVp8 975zVSOJepl2r8CwKMCgZgE5Yb0+Pm00DwFjHReXxtgMuJX11HMk1sAVO1kfQhLabPbwQ/015RwIK Ngn5IA8w9Y6zmB8U6KmBQP5nQ+R141A5dEYY2bVMUeRZyPrEzrM9w0JwXAt7rtOB1C8ijYKkyWieK Tm3eTVkWWe85v/3tzs+bD6QGte5PYZMZCWJYa2IrXL5IAAu8d4OA8Rf7VCyDEs4MrphIYai8Dxw97 4KBGa114idT7KE+mqpsQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1CTZ-007y5j-0n; Mon, 22 May 2023 20:49:53 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJW-007i5r-1W for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:31 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784126; x=1716320126; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=DiTPKQZlx/V9alXFoDNSqBh/aHrvYCqof/HAOmw6pc8=; b=H9l9LORmrpz7SlZkXOmiGQ4xVoohcJ04kD2Aedc2670YDDv+Cq5ut/Th EJn3wP847UKZyylq4YxTQeoV8jAvo43vJ1fPfD/syLemGYeGeV4pG55ON IfIcF8MSjUhK1Vhwsbt5ahrINZRqVuVhmIoUQi14ALcLhZcXZ3av1DxXg zn5+q6oBzPKtsfIZFmABzfuDOwzUdw/5lQmipuE0NUJrcE47cqbKxCnWU kxc7hNk05WGoXs5Dc0bV6aQ54HdILwt70jMMmVyzL/wkE/YJSsUiu1bH1 hCWUvMRn3cy8RP77QCkC8EEZo0bYVw0Ayp6NdzFU++du64UUIc6iHPiOM Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869300" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869300" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:25 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809378" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809378" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:23 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH v2 31/44] WPA_AUTH: MLO: Store MLO link information Date: Mon, 22 May 2023 22:33:59 +0300 Message-Id: <20230522193412.658666-32-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123526_749240_95138D4C X-CRM114-Status: GOOD ( 20.22 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 28 +++++++++-- src/ap/wpa_auth.c | 111 +++++++++++++++++ [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 28 +++++++++-- src/ap/wpa_auth.c | 111 +++++++++++++++++++++++++++++++++++++++++ src/ap/wpa_auth.h | 44 ++++++++++++++++ src/ap/wpa_auth_glue.c | 46 +++++++++++++++++ src/ap/wpa_auth_i.h | 16 ++++++ 5 files changed, 240 insertions(+), 5 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 43558a0e46..6fd9416eed 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -3968,15 +3968,33 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, wpa_ie -= 2; wpa_ie_len += 2; - if (sta->wpa_sm == NULL) + if (!sta->wpa_sm) { +#ifdef CONFIG_IEEE80211BE + struct mld_info *info = &sta->mld_info; +#endif /* CONFIG_IEEE80211BE */ + sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, sta->addr, p2p_dev_addr); - if (sta->wpa_sm == NULL) { - wpa_printf(MSG_WARNING, "Failed to initialize WPA " - "state machine"); - return WLAN_STATUS_UNSPECIFIED_FAILURE; + + if (!sta->wpa_sm) { + wpa_printf(MSG_WARNING, + "Failed to initialize WPA SM"); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + +#ifdef CONFIG_IEEE80211BE + if (info->mld_sta) { + wpa_printf(MSG_DEBUG, "MLD: used for WPA"); + + wpa_auth_set_ml_info(sta->wpa_sm, + hapd->mld_addr, + sta->mld_assoc_link_id, + info); + } +#endif /* CONFIG_IEEE80211BE */ } + wpa_auth_set_auth_alg(sta->wpa_sm, sta->auth_alg); res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, hapd->iface->freq, diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 12b49704b9..f661585611 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -33,6 +33,7 @@ #include "pmksa_cache_auth.h" #include "wpa_auth_i.h" #include "wpa_auth_ie.h" +#include "sta_info.h" #define STATE_MACHINE_DATA struct wpa_state_machine #define STATE_MACHINE_DEBUG_PREFIX "WPA" @@ -695,6 +696,7 @@ wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr, sm->wpa_auth = wpa_auth; sm->group = wpa_auth->group; wpa_group_get(sm->wpa_auth, sm->group); + sm->mld_assoc_link_id = -1; return sm; } @@ -788,6 +790,11 @@ static void wpa_free_sta_sm(struct wpa_state_machine *sm) #ifdef CONFIG_DPP2 wpabuf_clear_free(sm->dpp_z); #endif /* CONFIG_DPP2 */ + os_memset(sm->own_mld_addr, 0, sizeof(sm->own_mld_addr)); + os_memset(sm->peer_mld_addr, 0, sizeof(sm->peer_mld_addr)); + sm->mld_assoc_link_id = -1; + os_memset(sm->mld_links, 0, sizeof(sm->mld_links)); + bin_clear_free(sm, sizeof(*sm)); } @@ -3589,6 +3596,29 @@ static u8 * replace_ie(const char *name, const u8 *old_buf, size_t *len, u8 eid, } #endif /* CONFIG_TESTING_OPTIONS */ +#ifdef CONFIG_IEEE80211BE + +void wpa_auth_ml_get_rsn_info(struct wpa_authenticator *a, + struct wpa_auth_ml_link_rsn_info *info) +{ + info->rsn_ies = a->wpa_ie; + info->rsn_ies_len = a->wpa_ie_len; + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: RSN info: link_id=%u, rsn_ies_len=%u", + info->link_id, info->rsn_ies_len); +} + + +static void wpa_auth_get_ml_rsn_info(struct wpa_authenticator *wpa_auth, + struct wpa_auth_ml_rsn_info *info) +{ + if (!wpa_auth->cb->get_ml_rsn_info) + return; + + wpa_auth->cb->get_ml_rsn_info(wpa_auth->cb_ctx, info); +} +#endif /* CONFIG_IEEE80211BE */ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) { @@ -6026,3 +6056,84 @@ void wpa_auth_sta_radius_psk_resp(struct wpa_state_machine *sm, bool success) eloop_register_timeout(0, 0, wpa_sm_call_step, sm, NULL); } + + +void wpa_auth_set_ml_info(struct wpa_state_machine *sm, + const u8 *mld_addr, u8 mld_assoc_link_id, + struct mld_info *info) +{ +#ifdef CONFIG_IEEE80211BE + struct wpa_auth_ml_rsn_info ml_rsn_info; + u32 link_id, i; + + if (!info) + return; + + os_memset(sm->mld_links, 0, sizeof(sm->mld_links)); + + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, + "MLD: initialization"); + + os_memcpy(sm->own_mld_addr, mld_addr, ETH_ALEN); + os_memcpy(sm->peer_mld_addr, info->common_info.mld_addr, ETH_ALEN); + + sm->mld_assoc_link_id = mld_assoc_link_id; + + os_memset(&ml_rsn_info, 0, sizeof(ml_rsn_info)); + + for (i = 0, link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + struct mld_link_info *link = &info->links[link_id]; + struct mld_link *sm_link = &sm->mld_links[link_id]; + + sm_link->valid = link->valid; + + if (!link->valid) + continue; + + os_memcpy(sm_link->peer_addr, link->peer_addr, ETH_ALEN); + os_memcpy(sm_link->own_addr, link->local_addr, ETH_ALEN); + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: id=%u, addr=" MACSTR " peer=" MACSTR, + link_id, + MAC2STR(sm_link->own_addr), + MAC2STR(sm_link->peer_addr)); + + if (link_id != mld_assoc_link_id) + sm->n_mld_affiliated_links++; + + ml_rsn_info.links[i++].link_id = link_id; + } + + ml_rsn_info.n_mld_links = i; + + wpa_auth_get_ml_rsn_info(sm->wpa_auth, &ml_rsn_info); + + for (i = 0; i < ml_rsn_info.n_mld_links; i++) { + u8 link_id = ml_rsn_info.links[i].link_id; + struct mld_link *sm_link = &sm->mld_links[link_id]; + const u8 *rsn_ies; + u8 rsn_ies_len; + + rsn_ies = ml_rsn_info.links[i].rsn_ies; + rsn_ies_len = ml_rsn_info.links[i].rsn_ies_len; + + /* This should not really happen */ + if (!rsn_ies || rsn_ies_len < 2 || rsn_ies[0] != WLAN_EID_RSN) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: Invalid RSN element"); + continue; + } + + sm_link->rsne = rsn_ies; + sm_link->rsne_len = rsn_ies[1] + 2; + + if (rsn_ies[1] + 2UL + 2UL < rsn_ies_len && + rsn_ies[rsn_ies[1] + 2] == WLAN_EID_RSNX) { + sm_link->rsnxe = rsn_ies + 2 + rsn_ies[1]; + sm_link->rsnxe_len = sm_link->rsnxe[1] + 2; + } + } + +#endif /* CONFIG_IEEE80211BE */ +} diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h index eed016accb..fbd9d84f8b 100644 --- a/src/ap/wpa_auth.h +++ b/src/ap/wpa_auth.h @@ -15,6 +15,7 @@ #include "common/ieee802_11_defs.h" struct vlan_description; +struct mld_info; #define MAX_OWN_IE_OVERRIDE 256 @@ -288,6 +289,40 @@ typedef enum { WPA_EAPOL_keyDone, WPA_EAPOL_inc_EapolFramesTx } wpa_eapol_variable; +struct wpa_auth_ml_rsn_info { + u8 n_mld_links; + + struct wpa_auth_ml_link_rsn_info { + u8 link_id; + const u8 *rsn_ies; + u8 rsn_ies_len; + } links[MAX_NUM_MLD_LINKS]; +}; + +struct wpa_auth_ml_key_info { + u8 n_mld_links; + bool mgmt_frame_prot; + bool beacon_prot; + + struct wpa_auth_ml_link_key_info { + u8 link_id; + + u8 gtkidx; + u8 gtk_len; + u8 pn[6]; + const u8 *gtk; + + u8 igtkidx; + u8 igtk_len; + const u8 *igtk; + u8 ipn[6]; + + u8 bigtkidx; + const u8 *bigtk; + u8 bipn[6]; + } links[MAX_NUM_MLD_LINKS]; +}; + struct wpa_auth_callbacks { void (*logger)(void *ctx, const u8 *addr, logger_level level, const char *txt); @@ -355,6 +390,9 @@ struct wpa_auth_callbacks { int (*set_ltf_keyseed)(void *ctx, const u8 *addr, const u8 *ltf_keyseed, size_t ltf_keyseed_len); #endif /* CONFIG_PASN */ +#ifdef CONFIG_IEEE80211BE + int (*get_ml_rsn_info)(void *ctx, struct wpa_auth_ml_rsn_info *info); +#endif /* CONFIG_IEEE80211BE */ }; struct wpa_authenticator * wpa_init(const u8 *addr, @@ -593,4 +631,10 @@ void wpa_auth_set_ocv_override_freq(struct wpa_authenticator *wpa_auth, void wpa_auth_sta_radius_psk_resp(struct wpa_state_machine *sm, bool success); +void wpa_auth_set_ml_info(struct wpa_state_machine *sm, + const u8 *mld_addr, + u8 mld_assoc_link_id, + struct mld_info *info); +void wpa_auth_ml_get_rsn_info(struct wpa_authenticator *a, + struct wpa_auth_ml_link_rsn_info *info); #endif /* WPA_AUTH_H */ diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index 8517f6954a..236f2f6001 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -1496,6 +1496,49 @@ static int hostapd_set_ltf_keyseed(void *ctx, const u8 *peer_addr, } #endif /* CONFIG_PASN */ +#ifdef CONFIG_IEEE80211BE + +static int hostapd_wpa_auth_get_ml_rsn_info(void *ctx, + struct wpa_auth_ml_rsn_info *info) +{ + struct hostapd_data *hapd = ctx; + u8 i, j; + + wpa_printf(MSG_DEBUG, "WPA_AUTH: MLD: get RSN info CB: n_mld_links=%u", + info->n_mld_links); + + if (!hapd->conf->mld_ap || !hapd->iface || !hapd->iface->interfaces) + return -1; + + for (i = 0; i < info->n_mld_links; i++) { + u8 link_id = info->links[i].link_id; + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: get link RSN CB: link_id=%u", + link_id); + + for (j = 0; j < hapd->iface->interfaces->count; j++) { + struct hostapd_iface *iface = + hapd->iface->interfaces->iface[j]; + + if (!iface->bss[0]->conf->mld_ap || + hapd->conf->mld_id != iface->bss[0]->conf->mld_id || + link_id != iface->bss[0]->mld_link_id) + continue; + + wpa_auth_ml_get_rsn_info(iface->bss[0]->wpa_auth, + &info->links[i]); + break; + } + + if (j == hapd->iface->interfaces->count) + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: link=%u not found", link_id); + } + + return 0; +} +#endif /* CONFIG_IEEE80211BE */ int hostapd_setup_wpa(struct hostapd_data *hapd) { @@ -1546,6 +1589,9 @@ int hostapd_setup_wpa(struct hostapd_data *hapd) #ifdef CONFIG_PASN .set_ltf_keyseed = hostapd_set_ltf_keyseed, #endif /* CONFIG_PASN */ +#ifdef CONFIG_IEEE80211BE + .get_ml_rsn_info = hostapd_wpa_auth_get_ml_rsn_info, +#endif /* CONFIG_IEEE80211BE */ }; const u8 *wpa_ie; size_t wpa_ie_len; diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h index d401550c7a..e0f2d6fa4b 100644 --- a/src/ap/wpa_auth_i.h +++ b/src/ap/wpa_auth_i.h @@ -172,6 +172,22 @@ struct wpa_state_machine { void *eapol_status_cb_ctx1; void *eapol_status_cb_ctx2; #endif /* CONFIG_TESTING_OPTIONS */ + + u8 own_mld_addr[ETH_ALEN]; + u8 peer_mld_addr[ETH_ALEN]; + s8 mld_assoc_link_id; + u8 n_mld_affiliated_links; + + struct mld_link { + bool valid; + u8 peer_addr[ETH_ALEN]; + u8 own_addr[ETH_ALEN]; + + const u8 *rsne; + const u8 *rsnxe; + u8 rsne_len; + u8 rsnxe_len; + } mld_links[MAX_NUM_MLD_LINKS]; }; From patchwork Mon May 22 19:34:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784689 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ABNQUo7o; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=QZAALV8b; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ8jM3pXGz20f8 for ; Tue, 23 May 2023 06:50:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=YPGfRcHTpZgbbys1GhCqHs2dEyM5o4VrlsCaRdBwOls=; b=ABNQUo7oTjUH+E lbcCv6T028t4u2s/GLSOXGaad2cStrHj2DTx6eS46mnSC/D8LGoDwkebYON31Fv3w3jkndYMSD99Y 3pjArGXt777vqH4ZAqtpho+wEl5NZ3qDo513JwmnyN0U7JiLxwl8CbAxeLr+TwnpawT9wQyQ0xq9+ rTwxsRJ3snweMUT5Q0G7/JtMLbq+fY9sLWMAZ8J2yF1ra42ZkQErrvV9oQHKTtnB3gxDfxDF0gpMW A+jriX5+dr1wR4qoRi72a2VZouRMp+xIIN2HmqhzYJBNR+B0ygqb9ix4HUmO7B4kuBu/LdxKZPe3K U0uR2fa33RVpG/chfdEg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1CTY-007y5R-0y; Mon, 22 May 2023 20:49:52 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJX-007i7A-0t for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:29 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784127; x=1716320127; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Zfe6ge/lX7W8b4bdghf8utjRlgtUGxLnk/vPVSkA9eM=; b=QZAALV8bgGGzH5h85LURkc3/4blJ7g/ze0XLhI5agoSqeEtW8/75+KHO 8bUTy83ajpxDGs7YDWfqOcSf2I9Q3jfDu0XR70YpwWnQ46ZoEOxIg10HR H0TmadrRIDdqltYwc+6fyLL1R7Na/nlhcmisIm89mkGu5+Esrpz1jMpd6 fovVJpjlLuXsQpMU1yrnX2esf75WflsGuKtIpurwC30A/WQry68durZnR jlFyulAmzjjgfHNiSY44zxrfP8kkVM5mL4h29X2kWOVJBOlemNOpoajvo QEqsBgFQpsfHal5iH2M8GAHrKd/WoUzAZQl/vZ3VhiHlqNXuZxlCE+LsA w==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869312" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869312" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:26 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809393" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809393" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:24 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH v2 32/44] WPA_AUTH: MLO: Add MAC KDE to 1st message in 4-way handshake Date: Mon, 22 May 2023 22:34:00 +0300 Message-Id: <20230522193412.658666-33-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123527_371289_6AB84D9C X-CRM114-Status: GOOD ( 11.70 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 26 +++++++++++++++++++++----- 1 file changed, 21 insertion [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index f661585611..a5ec013b02 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -2291,8 +2291,9 @@ SM_STATE(WPA_PTK, INITPSK) SM_STATE(WPA_PTK, PTKSTART) { - u8 buf[2 + RSN_SELECTOR_LEN + PMKID_LEN], *pmkid = NULL; - size_t pmkid_len = 0; + u8 buf[2 * (2 + RSN_SELECTOR_LEN) + PMKID_LEN + ETH_ALEN]; + u8 *pmkid = NULL; + size_t kde_len = 0; u16 key_info; SM_ENTRY_MA(WPA_PTK, PTKSTART, wpa_ptk); @@ -2330,7 +2331,7 @@ SM_STATE(WPA_PTK, PTKSTART) wpa_key_mgmt_sae(sm->wpa_key_mgmt)) && sm->wpa_key_mgmt != WPA_KEY_MGMT_OSEN) { pmkid = buf; - pmkid_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN; + kde_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN; pmkid[0] = WLAN_EID_VENDOR_SPECIFIC; pmkid[1] = RSN_SELECTOR_LEN + PMKID_LEN; RSN_SELECTOR_PUT(&pmkid[2], RSN_KEY_DATA_PMKID); @@ -2398,12 +2399,27 @@ SM_STATE(WPA_PTK, PTKSTART) } } if (!pmkid) - pmkid_len = 0; + kde_len = 0; + +#ifdef CONFIG_IEEE80211BE + if (sm->mld_assoc_link_id >= 0) { + wpa_printf(MSG_DEBUG, + "RSN: MLD: Adding MAC Address KDE: kde_len=%zu", + kde_len); + + wpa_add_kde(buf + kde_len, RSN_KEY_DATA_MAC_ADDR, + sm->own_mld_addr, ETH_ALEN, NULL, 0); + + kde_len += 2 + RSN_SELECTOR_LEN + ETH_ALEN; + } +#endif /* CONFIG_IEEE80211BE */ + key_info = WPA_KEY_INFO_ACK | WPA_KEY_INFO_KEY_TYPE; if (sm->pairwise_set && sm->wpa != WPA_VERSION_WPA) key_info |= WPA_KEY_INFO_SECURE; + wpa_send_eapol(sm->wpa_auth, sm, key_info, NULL, - sm->ANonce, pmkid, pmkid_len, 0, 0); + sm->ANonce, buf, kde_len, 0, 0); } From patchwork Mon May 22 19:34:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784690 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=MpaBMFsw; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=haf1WzWf; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ8jM34xtz20PY for ; Tue, 23 May 2023 06:50:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=2DLbSdavG7xjoWazkgqEt92sqmgu6IY6CMHZQ6qHYXc=; b=MpaBMFswt6cSXb UMpLWkudRHNg0SDmK34MNww20EhI+ClGXVoKBN2srHdlcsySvZUTcqvSb8ERHgsyaGtbToM1QHJWX utx7D9w7lb+9Ji91T1BSvGA23HsyNEQGce0MDl781RXGXYWA05pN5EVBlU0vSdz3pWm1Pcjon7Nvn 4/eT3vXGX148XrowWlEoiv7XwO/sA/opLXGL+7DoNAymEShic8kf/3EmZwJ/XO5I94u951Filg/UX S4g/egyzm9TdGnh9R0yalwsh69HjkvscXYwK7v1eoP9xzuaek5teI8tjfRLox+gjeqiotTCSdMpgV GdJSBegvq0SPMvqeEfBg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1CTa-007y6E-0q; Mon, 22 May 2023 20:49:54 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJY-007i8w-23 for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:31 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784128; x=1716320128; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=4ccc+OsSZnIld9Xd5BseKntAkhIjnkmzaQeBnx9NyXQ=; b=haf1WzWfX8+815KIbz/XAqgqAZEJ7RwHkqfnbqs7Wyjiy2lFoEJvHgtH 5sgJekokwpTU4K0HbF9bjUWdQfoz6FSURLlbMGvmn+nT3LRTvIISiNzsn pP2IWvGQ9R732etJobBXUN2syag10mjsD8V0ym4xAdlJWCaufGuAKyI95 axdtMO6cc/9kWzILjOwj1Vy7+ydAgmoKgNa0mBuKZw9GOmdVGQ45ZzQAS Cn9Z1JHC8VYS/WLp58/e9Yd5WsJGO7NhEt+PddiKqk6iQ1cJuC9lVKL6a UkPSTQuI1PKowYCwhFAv3f/4DkJDTOuLozBGNz6lcf9iYmKn/o9483M0g Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869314" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869314" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809400" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809400" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:26 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH v2 33/44] WPA_AUTH: MLO: Validate MLO KDEs in 2nd message of 4-way handshake Date: Mon, 22 May 2023 22:34:01 +0300 Message-Id: <20230522193412.658666-34-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123528_703412_F5BCDE8F X-CRM114-Status: GOOD ( 16.64 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 71 +++++++++++++++++++++++++++++++++++++++++ src/common/wp [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 71 +++++++++++++++++++++++++++++++++++++++++ src/common/wpa_common.h | 3 ++ 2 files changed, 74 insertions(+) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index a5ec013b02..e0f3c30186 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -3128,6 +3128,71 @@ int get_sta_tx_parameters(struct wpa_state_machine *sm, int ap_max_chanwidth, #endif /* CONFIG_OCV */ +static int wpa_auth_validate_ml_kdes_m2(struct wpa_state_machine *sm, + struct wpa_eapol_ie_parse *kde) +{ +#ifdef CONFIG_IEEE80211BE + u8 i, n_links = 0; + + if (sm->mld_assoc_link_id < 0) + return 0; + + /* MLD MAC address must be the same */ + if (!kde->mac_addr || + os_memcmp(kde->mac_addr, sm->peer_mld_addr, ETH_ALEN)) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: invalid MLD address"); + return -1; + } + + /* Find matching link ID and the MAC address for each link */ + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + if (!(kde->valid_mlo_links & BIT(i))) + continue; + + /* + * Each entry should contain the link information and the MAC + * address + */ + if (kde->mlo_link_len[i] != 7) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: invalid MLO link KDE len=%zu", + kde->mlo_link_len[i]); + return -1; + } + + if (!sm->mld_links[i].valid || i == sm->mld_assoc_link_id) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: invalid link id=%u", i); + return -1; + } + + if (os_memcmp(sm->mld_links[i].peer_addr, + kde->mlo_link[i] + 1, + ETH_ALEN)) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: invalid MAC address=" MACSTR, + MAC2STR(kde->mlo_link[i] + 1)); + return -1; + } + + n_links++; + } + + /* Must have the same number of MLO links (excluding the local one) */ + if (n_links != sm->n_mld_affiliated_links) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: expecting %u mld links in m2, but got %u", + sm->n_mld_affiliated_links, n_links); + return -1; + } + +#endif /* CONFIG_IEEE80211BE */ + + return 0; +} + + SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) { struct wpa_authenticator *wpa_auth = sm->wpa_auth; @@ -3398,6 +3463,12 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) } #endif /* CONFIG_DPP2 */ + if (wpa_auth_validate_ml_kdes_m2(sm, &kde) < 0) { + wpa_sta_disconnect(wpa_auth, sm->addr, + WLAN_REASON_PREV_AUTH_NOT_VALID); + return; + } + #ifdef CONFIG_IEEE80211R_AP if (sm->wpa == WPA_VERSION_WPA2 && wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { /* diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h index 05b1a8a05a..e4b4c3489b 100644 --- a/src/common/wpa_common.h +++ b/src/common/wpa_common.h @@ -152,6 +152,9 @@ WPA_CIPHER_BIP_CMAC_256) #define RSN_NUM_REPLAY_COUNTERS_4 2 #define RSN_NUM_REPLAY_COUNTERS_16 3 +#define RSN_KEY_DATA_MLO_LINK_INFO_LINK_ID_MASK 0x0f +#define RSN_KEY_DATA_MLO_LINK_INFO_RSNE_PRESENT 0x10 +#define RSN_KEY_DATA_MLO_LINK_INFO_RSNXE_PRESENT 0x20 #ifdef _MSC_VER #pragma pack(push, 1) From patchwork Mon May 22 19:34:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784688 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ynJj6JaQ; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=DEWr6rD+; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ8jM43Pbz20fC for ; Tue, 23 May 2023 06:50:31 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=FdwsQHEdz4TTskQcPomkBmnqLD06ou+FtmMJTRlIZw0=; b=ynJj6JaQ1FU2IK 65hlnFl3YNmzljAM/779QXSUMKli4Dj4T9p8UjfFXxUAwBeQRcDcrxiPSXAAsQrfU6q1C7jOgd5xc GGC++N24MMaQJxlYkXaT4G5TfoK2uLtxmNyJjT9ZZ2Y1RWt7HObkfyaWzl03Qu9bNOElO4KFfHuBp tSukz1uXVON3P1b6kBfLRnngdv0cl9DW7+fbKSh5SndkOC0Ft4h9u05jW5CrUF/oynQbLpTWpTGgz KCnPwtK6IeHNxxPGmKSnhZkzk+abxtGBaMmNofPZUVGL8JNfGzQwnIJ1ubV7X7vuoUFJMfZUx5DxQ spMV+2bAa6vehPJdPtKA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1CTb-007y6S-0j; Mon, 22 May 2023 20:49:55 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJa-007i7A-0A for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784130; x=1716320130; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=wDJt3WGG9twl5KuZ5U/C3ZXmGNo/+e+3kOX96tweTPM=; b=DEWr6rD+Jo00g/mkBgE3Ss+089sMzmp/WeEpk57gpLeEwO9Z/NzApeWo +6ZCno0fv8eJE0yeezl1pXR0Dwz2AUUg4IM62eAhwywbEUVo7KYQ+/AcJ +Cl2UYBJfmihB5zxhggM3/m+HCSy1F76C3pD4/bOgEjG/LWcOMChp+zu/ I7FUAAd/AykoOeQ6qZnFDcvEaOX/9PnTvjZQNES5FfzMPSbbNy8grSFfs eJ5hipqQZYFhvLLv/LHCzTDQDVVKUAzqz1/umzndg4oJxnBZmdGLCZ9CM OYa0rcEXzqFcLZbPmINAfJGe9ZrGg6SdxshSNwMq3B93wnGNZYiqakeOy w==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869329" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869329" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:29 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809413" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809413" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:27 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH v2 34/44] WPA_AUTH: MLO: Add MLO KDEs to message 3 of the 4-way handshake Date: Mon, 22 May 2023 22:34:02 +0300 Message-Id: <20230522193412.658666-35-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123530_256500_4608070D X-CRM114-Status: GOOD ( 22.25 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 342 ++++++++++++++++++++++++++++++++++++++++- src/ap/wpa_a [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 342 ++++++++++++++++++++++++++++++++++++++++- src/ap/wpa_auth.h | 4 + src/ap/wpa_auth_glue.c | 46 ++++++ 3 files changed, 389 insertions(+), 3 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index e0f3c30186..81fb1aee35 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -3563,6 +3563,11 @@ static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos) if (!sm->mgmt_frame_prot) return pos; +#ifdef CONFIG_IEEE80211BE + if (sm->mld_assoc_link_id >= 0) + return pos; +#endif /* CONFIG_IEEE80211BE */ + igtk.keyid[0] = gsm->GN_igtk; igtk.keyid[1] = 0; if (gsm->wpa_group_state != WPA_GROUP_SETKEYSDONE || @@ -3705,8 +3710,329 @@ static void wpa_auth_get_ml_rsn_info(struct wpa_authenticator *wpa_auth, wpa_auth->cb->get_ml_rsn_info(wpa_auth->cb_ctx, info); } + + +void wpa_auth_ml_get_info(struct wpa_authenticator *a, + struct wpa_auth_ml_link_key_info *info, + bool mgmt_frame_prot, bool beacon_prot) +{ + struct wpa_group *gsm = a->group; + u8 rsc[WPA_KEY_RSC_LEN]; + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: get info: link_id=%u, mgmt=%u, beacon=%u", + info->link_id, mgmt_frame_prot, beacon_prot); + + info->gtkidx = gsm->GN & 0x03; + info->gtk = gsm->GTK[gsm->GN - 1]; + info->gtk_len = gsm->GTK_len; + + if (wpa_auth_get_seqnum(a, NULL, gsm->GN, rsc) < 0) + os_memset(info->pn, 0, sizeof(info->pn)); + else + os_memcpy(info->pn, rsc, sizeof(info->pn)); + + if (!mgmt_frame_prot) + return; + + info->igtkidx = gsm->GN_igtk; + info->igtk = gsm->IGTK[gsm->GN_igtk - 4]; + info->igtk_len = wpa_cipher_key_len(a->conf.group_mgmt_cipher); + + if (wpa_auth_get_seqnum(a, NULL, gsm->GN_igtk, rsc) < 0) + os_memset(info->ipn, 0, sizeof(info->ipn)); + else + os_memcpy(info->ipn, rsc, sizeof(info->ipn)); + + if (!beacon_prot) + return; + + info->bigtkidx = gsm->GN_bigtk; + info->bigtk = gsm->BIGTK[gsm->GN_bigtk - 6]; + + if (wpa_auth_get_seqnum(a, NULL, gsm->GN_bigtk, rsc) < 0) + os_memset(info->bipn, 0, sizeof(info->bipn)); + else + os_memcpy(info->bipn, rsc, sizeof(info->bipn)); +} + + +static void wpa_auth_get_ml_key_info(struct wpa_authenticator *wpa_auth, + struct wpa_auth_ml_key_info *info) +{ + if (!wpa_auth->cb->get_ml_key_info) + return; + + wpa_auth->cb->get_ml_key_info(wpa_auth->cb_ctx, info); +} + + +static size_t wpa_auth_ml_group_kdes_len(struct wpa_state_machine *sm) +{ + struct wpa_group *gsm = sm->group; + size_t gtk_len = gsm->GTK_len; + size_t igtk_len = + wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher); + size_t kde_len; + u8 n_links; + + if (sm->mld_assoc_link_id < 0) + return 0; + + n_links = sm->n_mld_affiliated_links + 1; + + /* MLO GTK KDE for each link */ + kde_len = n_links * (2 + RSN_SELECTOR_LEN + 7 + gtk_len); + + if (!sm->mgmt_frame_prot) + return kde_len; + + kde_len += n_links * (2 + RSN_SELECTOR_LEN + 3 + 6 + + igtk_len); + + if (!sm->wpa_auth->conf.beacon_prot) + return kde_len; + + kde_len += n_links* (2 + RSN_SELECTOR_LEN + 3 + 6 + igtk_len); + + return kde_len; +} + + +static u8 *wpa_auth_ml_group_kdes(struct wpa_state_machine *sm, u8 *pos) +{ + struct wpa_auth_ml_key_info ml_key_info; + u8 i, link_id; + + /* first fetch the key information from all the authenticators */ + os_memset(&ml_key_info, 0, sizeof(ml_key_info)); + ml_key_info.n_mld_links = sm->n_mld_affiliated_links + 1; + + /* + * Assume that management frame protection and beacon protection are the + * same on all links + */ + ml_key_info.mgmt_frame_prot = sm->mgmt_frame_prot; + ml_key_info.beacon_prot = sm->wpa_auth->conf.beacon_prot; + + for (i = 0, link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + ml_key_info.links[i++].link_id = link_id; + } + + wpa_auth_get_ml_key_info(sm->wpa_auth, &ml_key_info); + + /* Add MLO GTK KDEs */ + for (i = 0, link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + wpa_printf(MSG_DEBUG, "RSN: MLO GTK: link=%u", link_id); + wpa_hexdump_key(MSG_DEBUG, "RSN: MLO GTK:", + ml_key_info.links[i].gtk, + ml_key_info.links[i].gtk_len); + + *pos++ = WLAN_EID_VENDOR_SPECIFIC; + *pos++ = RSN_SELECTOR_LEN + 1 + 6 + + ml_key_info.links[i].gtk_len; + + RSN_SELECTOR_PUT(pos, RSN_KEY_DATA_MLO_GTK); + pos += RSN_SELECTOR_LEN; + + *pos++ = (ml_key_info.links[i].gtkidx & 0x3) | (link_id << 4); + + os_memcpy(pos, ml_key_info.links[i].pn, 6); + pos += 6; + + os_memcpy(pos, ml_key_info.links[i].gtk, + ml_key_info.links[i].gtk_len); + pos += ml_key_info.links[i].gtk_len; + + i++; + } + + if (!sm->mgmt_frame_prot) + return pos; + + /* Add MLO IGTK KDEs */ + for (i = 0, link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + wpa_printf(MSG_DEBUG, "RSN: MLO IGTK: link=%u", link_id); + wpa_hexdump_key(MSG_DEBUG, "RSN: MLO IGTK:", + ml_key_info.links[i].igtk, + ml_key_info.links[i].igtk_len); + + *pos++ = WLAN_EID_VENDOR_SPECIFIC; + *pos++ = RSN_SELECTOR_LEN + 2 + 1 + + sizeof(ml_key_info.links[i].ipn) + + ml_key_info.links[i].igtk_len; + + RSN_SELECTOR_PUT(pos, RSN_KEY_DATA_MLO_IGTK); + pos += RSN_SELECTOR_LEN; + + /* Add the key ID */ + *pos++ = ml_key_info.links[i].igtkidx; + *pos++ = 0; + + /* Add the IPN */ + os_memcpy(pos, ml_key_info.links[i].ipn, + sizeof(ml_key_info.links[i].ipn)); + pos += sizeof(ml_key_info.links[i].ipn); + + *pos++ = ml_key_info.links[i].link_id << 4; + + os_memcpy(pos, ml_key_info.links[i].igtk, + ml_key_info.links[i].igtk_len); + pos += ml_key_info.links[i].igtk_len; + + i++; + } + + if (!sm->wpa_auth->conf.beacon_prot) + return pos; + + /* Add MLO BIGTK KDEs */ + for (i = 0, link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + wpa_printf(MSG_DEBUG, "RSN: MLO BIGTK: link=%u", link_id); + wpa_hexdump_key(MSG_DEBUG, "RSN: MLO BIGTK:", + ml_key_info.links[i].bigtk, + ml_key_info.links[i].igtk_len); + + *pos++ = WLAN_EID_VENDOR_SPECIFIC; + *pos++ = RSN_SELECTOR_LEN + 2 + 1 + + sizeof(ml_key_info.links[i].bipn) + + ml_key_info.links[i].igtk_len; + + RSN_SELECTOR_PUT(pos, RSN_KEY_DATA_MLO_BIGTK); + pos += RSN_SELECTOR_LEN; + + /* Add the key ID */ + *pos++ = ml_key_info.links[i].bigtkidx; + *pos++ = 0; + + /* Add the IPN */ + os_memcpy(pos, ml_key_info.links[i].bipn, + sizeof(ml_key_info.links[i].bipn)); + pos += sizeof(ml_key_info.links[i].bipn); + + *pos++ = ml_key_info.links[i].link_id << 4; + + os_memcpy(pos, ml_key_info.links[i].bigtk, + ml_key_info.links[i].igtk_len); + pos += ml_key_info.links[i].igtk_len; + + i++; + } + + return pos; +} + +#endif /* CONFIG_IEEE80211BE */ + +static size_t wpa_auth_ml_kdes_len(struct wpa_state_machine *sm) +{ + size_t kde_len = 0; + +#ifdef CONFIG_IEEE80211BE + u8 link_id; + + if (sm->mld_assoc_link_id < 0) + return 0; + + /* For the MAC address KDE */ + kde_len = 2 + RSN_SELECTOR_LEN + ETH_ALEN; + + /* MLO link KDE for each link */ + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + kde_len += 2 + RSN_SELECTOR_LEN + 7 + + sm->mld_links[link_id].rsne_len + + sm->mld_links[link_id].rsnxe_len; + } + + kde_len += wpa_auth_ml_group_kdes_len(sm); +#endif /* CONFIG_IEEE80211BE */ + + return kde_len; +} + + +static u8 *wpa_auth_ml_kdes(struct wpa_state_machine *sm, u8 *pos, + u8 *gtk, size_t gtk_len, int gtkidx) +{ +#ifdef CONFIG_IEEE80211BE + u8 link_id; + + if (sm->mld_assoc_link_id < 0) + return pos; + + wpa_printf(MSG_DEBUG, + "RSN: MLD: Adding MAC Address KDE"); + + pos = wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, + sm->own_mld_addr, ETH_ALEN, NULL, 0); + + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + wpa_printf(MSG_DEBUG, + "RSN: MLO Link: link=%u, len=%u", link_id, + RSN_SELECTOR_LEN + 7 + + sm->mld_links[link_id].rsne_len + + sm->mld_links[link_id].rsnxe_len); + + *pos++ = WLAN_EID_VENDOR_SPECIFIC; + *pos++ = RSN_SELECTOR_LEN + 7 + + sm->mld_links[link_id].rsne_len + + sm->mld_links[link_id].rsnxe_len; + + RSN_SELECTOR_PUT(pos, RSN_KEY_DATA_MLO_LINK); + pos += RSN_SELECTOR_LEN; + + /* add the link information */ + *pos = link_id; + + if (sm->mld_links[link_id].rsne_len) + *pos |= RSN_KEY_DATA_MLO_LINK_INFO_RSNE_PRESENT; + + if (sm->mld_links[link_id].rsnxe_len) + *pos |= RSN_KEY_DATA_MLO_LINK_INFO_RSNXE_PRESENT; + + pos++; + os_memcpy(pos, sm->mld_links[link_id].own_addr, ETH_ALEN); + pos += ETH_ALEN; + + if (sm->mld_links[link_id].rsne_len) { + os_memcpy(pos, sm->mld_links[link_id].rsne, + sm->mld_links[link_id].rsne_len); + pos += sm->mld_links[link_id].rsne_len; + } + + if (sm->mld_links[link_id].rsnxe_len) { + os_memcpy(pos, sm->mld_links[link_id].rsnxe, + sm->mld_links[link_id].rsnxe_len); + pos += sm->mld_links[link_id].rsnxe_len; + } + } + + pos = wpa_auth_ml_group_kdes(sm, pos); + #endif /* CONFIG_IEEE80211BE */ + return pos; +} + + SM_STATE(WPA_PTK, PTKINITNEGOTIATING) { u8 rsc[WPA_KEY_RSC_LEN], *_rsc, *gtk, *kde = NULL, *pos, stub_gtk[32]; @@ -3717,6 +4043,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) u8 *wpa_ie_buf = NULL, *wpa_ie_buf2 = NULL; u8 hdr[2]; struct wpa_auth_config *conf = &sm->wpa_auth->conf; + u8 is_mld = 0; SM_ENTRY_MA(WPA_PTK, PTKINITNEGOTIATING, wpa_ptk); sm->TimeoutEvt = false; @@ -3823,6 +4150,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) gtk = NULL; gtk_len = 0; _rsc = NULL; + gtkidx = 0; if (sm->rx_eapol_key_secure) { /* * It looks like Windows 7 supplicant tries to use @@ -3865,13 +4193,19 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) kde_len += 2 + RSN_SELECTOR_LEN + 2; #endif /* CONFIG_DPP2 */ + kde_len += wpa_auth_ml_kdes_len(sm); + is_mld = (sm->mld_assoc_link_id >= 0); + kde = os_malloc(kde_len); if (!kde) goto done; pos = kde; - os_memcpy(pos, wpa_ie, wpa_ie_len); - pos += wpa_ie_len; + if (!is_mld) { + os_memcpy(pos, wpa_ie, wpa_ie_len); + pos += wpa_ie_len; + } + #ifdef CONFIG_IEEE80211R_AP if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { int res; @@ -3895,7 +4229,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) pos = wpa_add_kde(pos, RSN_KEY_DATA_KEYID, hdr, 2, NULL, 0); } - if (gtk) { + if (gtk && !is_mld) { hdr[0] = gtkidx & 0x03; pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2, gtk, gtk_len); @@ -3975,6 +4309,8 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) } #endif /* CONFIG_DPP2 */ + pos = wpa_auth_ml_kdes(sm, pos, gtk, gtk_len, gtkidx); + wpa_send_eapol(sm->wpa_auth, sm, (secure ? WPA_KEY_INFO_SECURE : 0) | (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ? diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h index fbd9d84f8b..297ff9a424 100644 --- a/src/ap/wpa_auth.h +++ b/src/ap/wpa_auth.h @@ -392,6 +392,7 @@ struct wpa_auth_callbacks { #endif /* CONFIG_PASN */ #ifdef CONFIG_IEEE80211BE int (*get_ml_rsn_info)(void *ctx, struct wpa_auth_ml_rsn_info *info); + int (*get_ml_key_info)(void *ctx, struct wpa_auth_ml_key_info *info); #endif /* CONFIG_IEEE80211BE */ }; @@ -637,4 +638,7 @@ void wpa_auth_set_ml_info(struct wpa_state_machine *sm, struct mld_info *info); void wpa_auth_ml_get_rsn_info(struct wpa_authenticator *a, struct wpa_auth_ml_link_rsn_info *info); +void wpa_auth_ml_get_info(struct wpa_authenticator *a, + struct wpa_auth_ml_link_key_info *info, + bool mgmt_frame_prot, bool beacon_prot); #endif /* WPA_AUTH_H */ diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index 236f2f6001..24c501fc2c 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -1538,8 +1538,53 @@ static int hostapd_wpa_auth_get_ml_rsn_info(void *ctx, return 0; } + + +static int hostapd_wpa_auth_get_ml_key_info(void *ctx, + struct wpa_auth_ml_key_info *info) +{ + struct hostapd_data *hapd = ctx; + u8 i, j; + + wpa_printf(MSG_DEBUG, "WPA_AUTH: MLD: get key info CB: n_mld_links=%u", + info->n_mld_links); + + if (!hapd->conf->mld_ap || !hapd->iface || !hapd->iface->interfaces) + return -1; + + for (i = 0; i < info->n_mld_links; i++) { + u8 link_id = info->links[i].link_id; + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: get link info CB: link_id=%u", + link_id); + + for (j = 0; j < hapd->iface->interfaces->count; j++) { + struct hostapd_iface *iface = + hapd->iface->interfaces->iface[j]; + + if (!iface->bss[0]->conf->mld_ap || + hapd->conf->mld_id != iface->bss[0]->conf->mld_id || + link_id != iface->bss[0]->mld_link_id) + continue; + + wpa_auth_ml_get_info(iface->bss[0]->wpa_auth, + &info->links[i], + info->mgmt_frame_prot, + info->beacon_prot); + break; + } + + if (j == hapd->iface->interfaces->count) + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: link=%u not found", link_id); + } + + return 0; +} #endif /* CONFIG_IEEE80211BE */ + int hostapd_setup_wpa(struct hostapd_data *hapd) { struct wpa_auth_config _conf; @@ -1591,6 +1636,7 @@ int hostapd_setup_wpa(struct hostapd_data *hapd) #endif /* CONFIG_PASN */ #ifdef CONFIG_IEEE80211BE .get_ml_rsn_info = hostapd_wpa_auth_get_ml_rsn_info, + .get_ml_key_info = hostapd_wpa_auth_get_ml_key_info, #endif /* CONFIG_IEEE80211BE */ }; const u8 *wpa_ie; From patchwork Mon May 22 19:34:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784682 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=uUjO9rNo; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=EDq/rJFA; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ8jM3ygkz20fB for ; Tue, 23 May 2023 06:50:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ohr9bZSSX5Jhn2GU7QnA798dNahKbAY2egmNYDG7kmc=; b=uUjO9rNoSji5pf No1n9nowhCw4+t5eIGO6j8RwnAPpqt4Ae7AzohJOdcaO0w3VgS+uNd1EJR8qHi6uzWp0XsQhPfOAh tFyMc1ulWU29Ie6M1VsmDmICVtWF75WUQn/2qI6FpCrBmas6Dl+sLYdXHP7ePjVUBB+Fm3TAjSmcU zJSCrKYOTsziu3yn8nSQmLesle8Y12eEiORl+RpWsYcTOg+sEUnmOzl8c4tzZfitzxVVE5ySQy2b3 hQloNkeN3+KBhkyHscN4JdJOTh0WGBT+IJWIjZjmBVAuCwsh8QOL7kowwrzwGme+9x1Nm3Bg+xUkk M4KKB+VB329jS8KNTaFQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1CTd-007y7P-34; Mon, 22 May 2023 20:49:57 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJd-007iDo-02 for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:34 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784132; x=1716320132; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5ssyYWX28ahRwi7j/mRLcmF401eqRB5MBHf6MaYCQ8M=; b=EDq/rJFAoSCWG6GfXYO1jaFBRltPov/SG2MER16AL4ST02eMjhZW/l9p hZ8WIpbi107S8B7frjUQ794fDCz60j2oetcQ5cFIjRhiK3CyvmKSy6aXY z4ILOScRAunYI8RUo440D9BzvhoWt2hs0in73WMOvAGGRx7zGP2ciG/NI gHqnesK+nWa2AdV7juUETPj4EujfxM1CCU41aTY3ksfWP9aqzd1uV3RVM m1n5oBxDuvhCwsqPiCmBzVIYNh8FyHp6XgInuCiyEhq8fxieheE8m1ueT qsJRNkTuvBZ3KvpCYDA7AOlq1+QNrmvrjZRiuiC5zg95/8IqLP7Dec1Dw A==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869333" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869333" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:31 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809426" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809426" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:29 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH v2 35/44] WPA_AUTH: MLO: Validate MLO KDEs in 4th message of 4-way handshake Date: Mon, 22 May 2023 22:34:03 +0300 Message-Id: <20230522193412.658666-36-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123533_116974_834A1AB7 X-CRM114-Status: GOOD ( 15.39 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 67 insertions(+), 1 deletion(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 81fb1aee35..3c9a2568bf 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -1080,9 +1080,15 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, const u8 *key_data; size_t keyhdrlen, mic_len; u8 *mic; + u8 is_mld = 0; if (!wpa_auth || !wpa_auth->conf.wpa || !sm) return; + +#ifdef CONFIG_IEEE80211BE + is_mld = (sm->mld_assoc_link_id >= 0); +#endif /* CONFIG_IEEE80211BE */ + wpa_hexdump(MSG_MSGDUMP, "WPA: RX EAPOL data", data, data_len); mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len); @@ -1160,7 +1166,8 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, msgtxt = "2/2 Group"; } else if (key_data_length == 0 || (mic_len == 0 && (key_info & WPA_KEY_INFO_ENCR_KEY_DATA) && - key_data_length == AES_BLOCK_SIZE)) { + key_data_length == AES_BLOCK_SIZE) || + (is_mld && (key_info & WPA_KEY_INFO_SECURE))) { msg = PAIRWISE_4; msgtxt = "4/4 Pairwise"; } else { @@ -4324,11 +4331,70 @@ done: os_free(wpa_ie_buf2); } +static int wpa_auth_validate_ml_kdes_m4(struct wpa_state_machine *sm) +{ +#ifdef CONFIG_IEEE80211BE + struct ieee802_1x_hdr *hdr; + struct wpa_eapol_key *key; + struct wpa_eapol_ie_parse kde; + const u8 *key_data, *mic; + u16 key_data_length; + size_t mic_len; + + if (sm->mld_assoc_link_id < 0) + return 0; + + /* + * Note: last_rx_eapol_key length fields have already been validated in + * wpa_receive(). + */ + mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len); + + hdr = (struct ieee802_1x_hdr *)sm->last_rx_eapol_key; + key = (struct wpa_eapol_key *)((void *)(hdr + 1)); + mic = (u8 *)(key + 1); + key_data = mic + mic_len + 2; + key_data_length = WPA_GET_BE16(mic + mic_len); + if (key_data_length > sm->last_rx_eapol_key_len - sizeof(*hdr) - + sizeof(*key) - mic_len - 2) + return -1; + + if (wpa_parse_kde_ies(key_data, key_data_length, &kde) < 0) { + wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, + "received EAPOL-Key msg 4/4 with invalid Key Data contents"); + return -1; + } + + /* MLD MAC address must be the same */ + if (!kde.mac_addr || + os_memcmp(kde.mac_addr, sm->peer_mld_addr, ETH_ALEN)) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: invalid MLD address in msg 4/4"); + return -1; + } + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: MLD address in message 4/4: " MACSTR, + MAC2STR(kde.mac_addr)); + +#endif /* CONFIG_IEEE80211BE */ + + return 0; +} + SM_STATE(WPA_PTK, PTKINITDONE) { SM_ENTRY_MA(WPA_PTK, PTKINITDONE, wpa_ptk); sm->EAPOLKeyReceived = false; + + if (wpa_auth_validate_ml_kdes_m4(sm) < 0) { + wpa_sta_disconnect(sm->wpa_auth, sm->addr, + WLAN_REASON_PREV_AUTH_NOT_VALID); + return; + } + if (sm->Pair) { enum wpa_alg alg = wpa_cipher_to_alg(sm->pairwise); int klen = wpa_cipher_key_len(sm->pairwise); From patchwork Mon May 22 19:34:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784691 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=QXmBKBcN; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=JQ5/0R0i; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ8jM4wWxz20fF for ; Tue, 23 May 2023 06:50:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=YeB/+9QlqhWT0WgzY2UvH4eDMRJ2sSxpDeId3OqvcA4=; b=QXmBKBcNsQlUjZ JvNomnKolcMDskt6sgVYXI6Dr8E7at46Y4qX23NSO77661DpSf/LX13xvR1aNz/q/hDAZLuczYnMk fW91N1Z/NLImGbTBa/NjilGVjHZk0+9HIDdCWsw4mqhh//vohjRrheg9DUgZN24iWTKpiWZJKCx6b CcPfNKuwC5/F8fhxEhLhXnQy1afuEV1QEbar9lR4+MyDLnSMCs3eGWHlkW04In75PsUKyvH2/k8Cl 36krM2aJU+6MFji/Xzjb4GDtT3mnr7BbN20MEmZxI+vzl34KkJH9kSQ9hCasPgxuikoVap7gaC2ek T8c0uralZmjjPa6nmFhw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1CTc-007y76-37; Mon, 22 May 2023 20:49:56 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJd-007i7A-0W for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:35 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784133; x=1716320133; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=8qo2iKg17tMr+vQ5/xUOVYRWpcIMTAa6xo9iKwzppVo=; b=JQ5/0R0i8glofARq0EI5xg6Mzsl6/vtoBOE2L7WrN2upo/JFrIoxwnrk PBJR4cSeRsrvdm8l/roaK4W1L1/XQ5sFK5FCuul4tYSbbOCwpiTl+ZjAs p/u3Dj8o3ho8APLej3fq92mLl9JDPRt+U8one2Vk/31QuAbCS6LUq3K2V 4zVCLopHSGOEtAOWUxPCS28H8YXk0JvIwVKPcM9zX0GXNS62WKOwphLXV h7Ja0dG1r8QWjXh9IqSUYVXKF9zVcFbp6/Hy5uY62S7lo9vdOqUpmYVpr ZwM+9+L2hZ6DngUoWQFaYkmtOG5zhDPFJGJxR1j+7Nf/sfbzxZOy7ES6J Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869337" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869337" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:32 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809430" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809430" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:31 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH v2 36/44] WPA_AUTH: MLO: Add MLO KDEs to message 1 of the group handshake Date: Mon, 22 May 2023 22:34:04 +0300 Message-Id: <20230522193412.658666-37-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123533_234688_657FF87B X-CRM114-Status: GOOD ( 12.77 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/wpa_auth.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 3c9a2568bf..5f17b5dcab 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -4631,11 +4631,16 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/wpa_auth.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 3c9a2568bf..5f17b5dcab 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -4631,11 +4631,16 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) { u8 rsc[WPA_KEY_RSC_LEN]; struct wpa_group *gsm = sm->group; - const u8 *kde; + const u8 *kde = NULL; u8 *kde_buf = NULL, *pos, hdr[2]; size_t kde_len = 0; u8 *gtk, stub_gtk[32]; struct wpa_auth_config *conf = &sm->wpa_auth->conf; + u8 is_mld = 0; + +#ifdef CONFIG_IEEE80211BE + is_mld = (sm->mld_assoc_link_id >= 0); +#endif /* CONFIG_IEEE80211BE */ SM_ENTRY_MA(WPA_PTK_GROUP, REKEYNEGOTIATING, wpa_ptk_group); @@ -4670,7 +4675,8 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) return; gtk = stub_gtk; } - if (sm->wpa == WPA_VERSION_WPA2) { + + if (sm->wpa == WPA_VERSION_WPA2 && !is_mld) { kde_len = 2 + RSN_SELECTOR_LEN + 2 + gsm->GTK_len + ieee80211w_kde_len(sm) + ocv_oci_len(sm); kde_buf = os_malloc(kde_len); @@ -4689,6 +4695,19 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) return; } kde_len = pos - kde; + } else if (sm->wpa == WPA_VERSION_WPA2) { +#ifdef CONFIG_IEEE80211BE + kde_len = wpa_auth_ml_group_kdes_len(sm); + + if (kde_len) { + kde_buf = os_malloc(kde_len); + if (!kde_buf) + return; + + kde = pos = kde_buf; + wpa_auth_ml_group_kdes(sm, pos); + } +#endif /* CONFIG_IEEE80211BE */ } else { kde = gtk; kde_len = gsm->GTK_len; From patchwork Mon May 22 19:34:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784685 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=SiPIeHnW; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=ZiUr17O4; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ8jM50CTz20fG for ; Tue, 23 May 2023 06:50:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=v+5u9/lKWu6UZrN7ieZtb9jrnB1vXs/TA8x3BXnCSXY=; b=SiPIeHnWIW0Yvf NYUEqw+aLM8bzyS+u7yWOejp+DgXlUo0MHhwyLeQ2KLe/CoxusSa8TDpN2EukQ9oQ0wWTVx0Of/1V 1ipzuEtYbye5LoNeR5OW2nt3cXT86bWDp+x13NqQtDreEpPjggdnw/ofBy0aJMkOK644aAlqF21DO TLlgjaDxAtdj2c6xVRGseDoWMTqYKGnVmQQT2FXfzDfI99I4oBTmDeEL5eqmqsWK2Uup3gD3ASZ3R A3p1C9XWRmkTgH9TQe8q9Z8whbhACvZJnwawogCN9t70YeCbKmOPzwG+YdopPsf1KTs/YMLOOB5rl QZU17tZ0FjPhb/W/RA5w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1CTe-007y7e-39; Mon, 22 May 2023 20:49:59 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJf-007iDo-00 for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:36 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784134; x=1716320134; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=AJjzkZIn5FbwPKd14HyUF8RVBiCt6iYKY44yCSPx8wY=; b=ZiUr17O4hu1LUEqgyi6lBX+PnwoAsU2NtYEh+ihq55w0ds8dFwTaKE4V gfqvXePw2mgi5Xg8FV1wkALno/Z06vyjcM9tdPTSH7obzXxVGA3BJwj/L j/4zRQUfB73VK10z/kGKoFmF+pwjPe42DaoNkeSQ2mscd6Btr+4qXs/HI QkC36FhOZtjhEp5iwF9rxaD4MDxMLU4vWd+WKAw08Lh+10/o1jFwJuRE5 ew92Nuqo8zo3YoQIFsTsPNhCtAiUM//Qh9qu0EmyjR6PAWap8k/zY/mIe KeP/NVOA9gD++vY6ZhR6t///pgsVD6pbVtsyL3V/5tr2M/jYua16HFr41 g==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869339" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869339" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:33 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809434" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809434" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:32 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH v2 37/44] WPA_AUTH: MLO: Get the correct AA and SPA based on MLD operation Date: Mon, 22 May 2023 22:34:05 +0300 Message-Id: <20230522193412.658666-38-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123535_088121_6A4C7405 X-CRM114-Status: UNSURE ( 7.60 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/wpa_auth.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 5f17b5dcab..2ad5cf8a72 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -35,6 +35,21 @@ #include "wpa_auth_ie.h" #include "sta_info.h" Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/wpa_auth.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 5f17b5dcab..2ad5cf8a72 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -35,6 +35,21 @@ #include "wpa_auth_ie.h" #include "sta_info.h" + +static const u8 *wpa_auth_get_aa(struct wpa_state_machine *sm) +{ + return (sm && sm->mld_assoc_link_id >= 0) ? + sm->own_mld_addr : sm->wpa_auth->addr; +} + + +static const u8 *wpa_auth_get_spa(struct wpa_state_machine *sm) +{ + return sm->mld_assoc_link_id >= 0 ? + sm->peer_mld_addr : sm->addr; +} + + #define STATE_MACHINE_DATA struct wpa_state_machine #define STATE_MACHINE_DEBUG_PREFIX "WPA" #define STATE_MACHINE_ADDR wpa_auth_get_spa(sm) From patchwork Mon May 22 19:34:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784687 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=wHvT2qmE; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=QvRq4ytT; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ8jM3Y05z20dh for ; Tue, 23 May 2023 06:50:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=OSjxLszjF3xPEBLwALGKA79a4mZnRIMzlBp7xkqH37E=; b=wHvT2qmEKo4mAS vrF/dlgPTwGQxxfHMJCiWo6dhX+QQ426bWs3sl2fyDXL/KflXNtQsdLgqOK2MucRZd4H+OpkfPNvB 4FA+K2TOtudnSxWZS1LYNgIdwJFRM+YR0gQyLyzupLesOtuLszLYrEpobx8uucFgJXYs7goZN5r1a 0eDD0RF6JRclfO7TyTr0cdOn1AKRKHN5VIIWy8X6QKnl0nzqyFIwKN92AwnrxCnH1YsSIp9Rx8eIS 6jxCSMvukdska1mGPAol/u3YFuM1mOCPx55mjwcRWrxsLjkaw5w1XP18x9VWSpBlaIPXOjabyugY7 sjkq7i2g802v92mZ3Qrw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1CTg-007y7x-05; Mon, 22 May 2023 20:50:00 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJf-007i7A-2K for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:37 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784135; x=1716320135; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=mFhOayiVomG8SjXkIvsm++2S3QbZqCanKbykeq/VgYk=; b=QvRq4ytTqGiIX0KjiTKwoEeAsRPJ59JrZYDk1ZRzjNp9RRsePO8QpFLv 5TReyTVuEfLjqixv61vc7K06SvcIIBqMbmr280YDxbZszfUepyKIDyPIh TLhV//FKQ95eMDuVCtFr1VtkM26pXr46/biYvXjeCtFjgIYUk6gBOxo5u yR7rsnPhVhVabqqAEhA8pWAXcTaPA7w4BBW7tFJvIbBTMmE+Am3BZaO62 hu1kOlvzOCDSckcSQrUnKz36+ijNNGXGWvBbfniGTBGS08R6RhGF+S4Bz J3fs3NDjEdQZqM9MKV4KvB/v/u3mLu6lmeHaua7JF4BFf8nioyCfV0LkX w==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869343" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869343" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:35 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809442" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809442" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:33 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH v2 38/44] AP: Specify the link ID for set_key() callback Date: Mon, 22 May 2023 22:34:06 +0300 Message-Id: <20230522193412.658666-39-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123535_846656_D6FAEB42 X-CRM114-Status: GOOD ( 11.22 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer If the AP is part of a MLD AP specify the link ID in the set key parameters. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 5 +++++ src/ap/wpa_auth.c | 24 ++++++ [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer If the AP is part of a MLD AP specify the link ID in the set key parameters. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 5 +++++ src/ap/wpa_auth.c | 24 ++++++------------------ 2 files changed, 11 insertions(+), 18 deletions(-) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index cf4ff3ddd8..399ca7abc6 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -758,6 +758,11 @@ int hostapd_drv_set_key(const char *ifname, struct hostapd_data *hapd, params.key_flag = key_flag; params.link_id = -1; +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && !(key_flag & KEY_FLAG_PAIRWISE)) + params.link_id = hapd->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ + return hapd->driver->set_key(hapd->drv_priv, ¶ms); } diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 2ad5cf8a72..0003be1e4c 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -36,20 +36,6 @@ #include "sta_info.h" -static const u8 *wpa_auth_get_aa(struct wpa_state_machine *sm) -{ - return (sm && sm->mld_assoc_link_id >= 0) ? - sm->own_mld_addr : sm->wpa_auth->addr; -} - - -static const u8 *wpa_auth_get_spa(struct wpa_state_machine *sm) -{ - return sm->mld_assoc_link_id >= 0 ? - sm->peer_mld_addr : sm->addr; -} - - #define STATE_MACHINE_DATA struct wpa_state_machine #define STATE_MACHINE_DEBUG_PREFIX "WPA" #define STATE_MACHINE_ADDR wpa_auth_get_spa(sm) @@ -98,15 +84,17 @@ static const int dot11RSNAConfigPMKReauthThreshold = 70; static const int dot11RSNAConfigSATimeout = 60; -static const u8 * wpa_auth_get_aa(const struct wpa_state_machine *sm) +static const u8 * wpa_auth_get_aa(struct wpa_state_machine *sm) { - return sm->wpa_auth->addr; + return (sm && sm->mld_assoc_link_id >= 0) ? + sm->own_mld_addr : sm->wpa_auth->addr; } -static const u8 * wpa_auth_get_spa(const struct wpa_state_machine *sm) +static const u8 * wpa_auth_get_spa(struct wpa_state_machine *sm) { - return sm->addr; + return sm->mld_assoc_link_id >= 0 ? + sm->peer_mld_addr : sm->addr; } From patchwork Mon May 22 19:34:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784667 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ISdO26SW; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=UDydaZkO; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ74K4Y7Lz20PY for ; Tue, 23 May 2023 05:36:49 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=+K9LbrXc/UuUE4uiQy5Q99HNWdG7quQXt5DtSp98//Q=; b=ISdO26SWEL1QFz Suk2SKRvbRlUKlhqBkJ7FyfBdsihKhM6Hn8H1O5zx+zQPGcMFUWuEnVTu3RnO9SilsCFjcyyUUCWo BR4XZgrAPE+B9o3noIubbZwBwQcHn3sy6JLNWVK5Z+g/Z98zemf/cBqhnFFxa8OMpoe5+422cpILy T5nKENGAtAE9r+TPID+oxeVxQ5fdBQzyr2GW7HBVbGzNLEnWL0BnqsC4hAlaXOsrQpEIgsGWdGcOz OPKzLpkbHpJKUksxzHYodXJ+r5iDeQBvEzwc63TDwtfbkT6uLaIN23+X4InwY0R7IufUcSFufbd5s 08tXtvN83ycPwo9Vta/g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1BKG-007j1j-2U; Mon, 22 May 2023 19:36:12 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJh-007iDo-0x for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:38 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784137; x=1716320137; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=8PNcrNsm+mQRx007SmbUnH7f6nBMIcph025Pcsedgj8=; b=UDydaZkOklJvcbtnXmaUGorovFOUudgJJ8AzznAXJlqjhBCkPlmgcHEz Oq/IpwV9lK3OxAvwL4m+MS5hocmJIu1ha+CiQyiyylLgYcufCEwiq/gQ/ ZUIxE7A3GRB+Dw0YyBSwxI9o2r4R1v3wNd8rcHjd7IjvjNSyRiHsU+7G2 RFhfmQoOTa9TMzBwQ2MrSd0dguWeDJ408+jcm+iase+ixX945xnP4NhZw JUONMzs53Jn7NWKj85Pqjy3haCulSooXm8QNLt5Q6TAanCPo3KGDUIOTq Zk1Z44pXzva2pl08ocibvj38wb03rS0lp/rY63G9CxJCJE4ya351g1Lp/ Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869347" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869347" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:37 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809451" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809451" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:35 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 39/44] AP: Use MLD address for SAE commit derivation Date: Mon, 22 May 2023 22:34:07 +0300 Message-Id: <20230522193412.658666-40-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123537_366810_C261FE5C X-CRM114-Status: GOOD ( 11.41 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 6fd9416eed..d387921d87 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -600,12 +600,18 @@ static struct wpabuf * auth_build_s [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 6fd9416eed..d387921d87 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -600,12 +600,18 @@ static struct wpabuf * auth_build_sae_commit(struct hostapd_data *hapd, int use_pt = 0; struct sae_pt *pt = NULL; const struct sae_pk *pk = NULL; + u8 *own_addr = hapd->own_addr; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && sta->mld_info.mld_sta) + own_addr = hapd->mld_addr; +#endif if (sta->sae->tmp) { rx_id = sta->sae->tmp->pw_id; use_pt = sta->sae->h2e; #ifdef CONFIG_SAE_PK - os_memcpy(sta->sae->tmp->own_addr, hapd->own_addr, ETH_ALEN); + os_memcpy(sta->sae->tmp->own_addr, own_addr, ETH_ALEN); os_memcpy(sta->sae->tmp->peer_addr, sta->addr, ETH_ALEN); #endif /* CONFIG_SAE_PK */ } @@ -625,12 +631,12 @@ static struct wpabuf * auth_build_sae_commit(struct hostapd_data *hapd, } if (update && use_pt && - sae_prepare_commit_pt(sta->sae, pt, hapd->own_addr, sta->addr, + sae_prepare_commit_pt(sta->sae, pt, own_addr, sta->addr, NULL, pk) < 0) return NULL; if (update && !use_pt && - sae_prepare_commit(hapd->own_addr, sta->addr, + sae_prepare_commit(own_addr, sta->addr, (u8 *) password, os_strlen(password), sta->sae) < 0) { wpa_printf(MSG_DEBUG, "SAE: Could not pick PWE"); From patchwork Mon May 22 19:34:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784686 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=YkXjyGBG; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=DNMmxyHE; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ8jM3vDYz20f9 for ; Tue, 23 May 2023 06:50:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=FCTg1q6Sru4+v7AbMCEmeVlYOZ9InOhu1ds2ZoXhhCQ=; b=YkXjyGBGGEnhc1 DNlwnYP4baUlpzNJG2jAezP2DOXkMjVG9NlTwwkqY5WgKWC5wTzqRAFVVf0wzt2e8hBeAq7dY30a8 9+DLE07pv2/y1E4fWsiXixj6UykmA5nqJwJUcbgKQS8EibMqEoRzVq5d4lqteeBkfYvkOHnpHzYbn 4AUbtWnLMtxuP2EgLlWi1vY7hTwcuWtAuRZAcTUxw9ki13psTFgHtuvF2jHJIModq8jANF16VVFAQ X3qZ5rfTEBarVhk+JN4L3kqjliMwYqfdfLeZbQ2Gz9M64M2rW1wbktPrxraeWNm1KhzCQez9QjGxw SSw1Vs+LGV0oBnNeE+qw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1CTh-007y8S-1Q; Mon, 22 May 2023 20:50:01 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJi-007i7A-21 for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:40 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784138; x=1716320138; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=MYFhiu34fw8s/ViY1Y4DVUTJkUa4TGAfYbF0J+aY/XE=; b=DNMmxyHElSOixvNlI2e3wTayLQuj+GE09kz4BXDLASD6lZioD9Fm5FAs YO5/gMeIgtTj/DKH2nqdvQ/TfZSHd6J//1yzJnIsI18R5LcGCzVSeXbLM dUoVFLxapGGDrFzd/xkyZdlZAleIGNNnuvPYDWAExRWSxQkpyXiLTbxvl Vo0d0E6mrruKs+aZKiITGawPRc8H7MPRS4AHOVUIzPWdpcyHNI43FtueO 3fNEMtpD5jiMimJsbkCOqfOVV+1vZPNUf5MUBWFl1eCaNRB791J5eeWOC DJ3ZvnlpkQYUXkGUsjttnfOhEZhOMQRSvJSPONDOt5gyR4tBFWA1XjSct A==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869354" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869354" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:38 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809456" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809456" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:36 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 40/44] AP: Don't process SAE/OWE assoc info on MLD links Date: Mon, 22 May 2023 22:34:08 +0300 Message-Id: <20230522193412.658666-41-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123538_699857_3D8F356D X-CRM114-Status: GOOD ( 13.85 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Only the main link handles SAE authentication, skip it on other links. Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 91 ++++++++++++++++++++++++ 1 file changed, 48 insertions(+), 43 deletions(-) Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Only the main link handles SAE authentication, skip it on other links. Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 91 ++++++++++++++++++++++++--------------------- 1 file changed, 48 insertions(+), 43 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index d387921d87..15c0a2b246 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -4037,55 +4037,60 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, } #endif /* CONFIG_IEEE80211R_AP */ + if (!link) { #ifdef CONFIG_SAE - if (wpa_auth_uses_sae(sta->wpa_sm) && sta->sae && - sta->sae->state == SAE_ACCEPTED) - wpa_auth_add_sae_pmkid(sta->wpa_sm, sta->sae->pmkid); - - if (wpa_auth_uses_sae(sta->wpa_sm) && - sta->auth_alg == WLAN_AUTH_OPEN) { - struct rsn_pmksa_cache_entry *sa; - sa = wpa_auth_sta_get_pmksa(sta->wpa_sm); - if (!sa || !wpa_key_mgmt_sae(sa->akmp)) { - wpa_printf(MSG_DEBUG, - "SAE: No PMKSA cache entry found for " - MACSTR, MAC2STR(sta->addr)); - return WLAN_STATUS_INVALID_PMKID; + if (wpa_auth_uses_sae(sta->wpa_sm) && sta->sae && + sta->sae->state == SAE_ACCEPTED) + wpa_auth_add_sae_pmkid(sta->wpa_sm, + sta->sae->pmkid); + + if (wpa_auth_uses_sae(sta->wpa_sm) && + sta->auth_alg == WLAN_AUTH_OPEN) { + struct rsn_pmksa_cache_entry *sa; + sa = wpa_auth_sta_get_pmksa(sta->wpa_sm); + if (!sa || !wpa_key_mgmt_sae(sa->akmp)) { + wpa_printf(MSG_DEBUG, + "SAE: No PMKSA cache entry found for " + MACSTR, MAC2STR(sta->addr)); + return WLAN_STATUS_INVALID_PMKID; + } + wpa_printf(MSG_DEBUG, "SAE: " MACSTR + " using PMKSA caching", MAC2STR(sta->addr)); + } else if (wpa_auth_uses_sae(sta->wpa_sm) && + sta->auth_alg != WLAN_AUTH_SAE && + !(sta->auth_alg == WLAN_AUTH_FT && + wpa_auth_uses_ft_sae(sta->wpa_sm))) { + wpa_printf(MSG_DEBUG, "SAE: " MACSTR + " tried to use SAE AKM after non-SAE auth_alg %u", + MAC2STR(sta->addr), sta->auth_alg); + return WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG; + } + + if (hapd->conf->sae_pwe == SAE_PWE_BOTH && + sta->auth_alg == WLAN_AUTH_SAE && + sta->sae && !sta->sae->h2e && + ieee802_11_rsnx_capab_len(elems->rsnxe, + elems->rsnxe_len, + WLAN_RSNX_CAPAB_SAE_H2E)) { + wpa_printf(MSG_INFO, "SAE: " MACSTR + " indicates support for SAE H2E, but did not use it", + MAC2STR(sta->addr)); + return WLAN_STATUS_UNSPECIFIED_FAILURE; } - wpa_printf(MSG_DEBUG, "SAE: " MACSTR - " using PMKSA caching", MAC2STR(sta->addr)); - } else if (wpa_auth_uses_sae(sta->wpa_sm) && - sta->auth_alg != WLAN_AUTH_SAE && - !(sta->auth_alg == WLAN_AUTH_FT && - wpa_auth_uses_ft_sae(sta->wpa_sm))) { - wpa_printf(MSG_DEBUG, "SAE: " MACSTR " tried to use " - "SAE AKM after non-SAE auth_alg %u", - MAC2STR(sta->addr), sta->auth_alg); - return WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG; - } - - if (hapd->conf->sae_pwe == SAE_PWE_BOTH && - sta->auth_alg == WLAN_AUTH_SAE && - sta->sae && !sta->sae->h2e && - ieee802_11_rsnx_capab_len(elems->rsnxe, elems->rsnxe_len, - WLAN_RSNX_CAPAB_SAE_H2E)) { - wpa_printf(MSG_INFO, "SAE: " MACSTR - " indicates support for SAE H2E, but did not use it", - MAC2STR(sta->addr)); - return WLAN_STATUS_UNSPECIFIED_FAILURE; - } #endif /* CONFIG_SAE */ #ifdef CONFIG_OWE - if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && - wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE && - elems->owe_dh) { - resp = owe_process_assoc_req(hapd, sta, elems->owe_dh, - elems->owe_dh_len); - if (resp != WLAN_STATUS_SUCCESS) - return resp; - } + if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && + wpa_auth_sta_key_mgmt(sta->wpa_sm) == + WPA_KEY_MGMT_OWE && elems->owe_dh) { + resp = owe_process_assoc_req(hapd, sta, + elems->owe_dh, + elems->owe_dh_len); + if (resp != WLAN_STATUS_SUCCESS) + return resp; + } #endif /* CONFIG_OWE */ + } #ifdef CONFIG_DPP2 dpp_pfs_free(sta->dpp_pfs); From patchwork Mon May 22 19:34:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784692 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=jJVLixuK; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=gNg6Trsx; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ8jM3mzpz20dy for ; Tue, 23 May 2023 06:50:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=nDWcqINckMChy5rSUSS58+K7p1J/EovsvLODDsq2dFA=; b=jJVLixuKGuJlHc w7kMWFQBAtCX1lccvfPYku7KPqi5+15SC97n0nTx6T67lb+HMG4fGWVI3TJ3/7DBuC9dsgP81yQSk c7zkap9yGVow4VXuxMnPN4kNTr8r2vcliT2Ch720sOB8cRVNUHA053I0b0V++pK5kn9iFK0/unv05 Or8hY343NuN/Wk+xiohh448nqsok9gTGhgnO5RHOMqvDE4gty80txr5wAUhwWmG9y1Ms+Brsn62zK O3muJrgh4cP0Wn7I7q5PgSldig/wWmhhqwv3P5zrOTejNpYaTbt8Nhjdh4cah9qjAM/FCqeCL9UeG hVPVteVi2brUHR5cA1lw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1CTi-007y98-1V; Mon, 22 May 2023 20:50:02 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJj-007iDo-2q for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:41 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784139; x=1716320139; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=rPvg+b6dkogg9/mWfSdU+mOCwqeiDdcFqU3Ic6s1H58=; b=gNg6TrsxM0C/jiJDh+EBOIVMqUbYYULGPC3fZ8xXTMqfz6iHRUPCUMlW NsjfAwq3mC36xttLPi2f8pxl6yNrt04sDd/h8whMyjk3INNn7nVOsP9+q yz0qdVF7BHRChGOsfFSe4UQgKuRRKgQNVsHTUbbfMkLRw2gTyKcG8RDiQ 56IwWlj+4nQLfAGV7DO3p4r66k7dwD0RyhLWn1NotW30YmTfZpEwAlnKe dvRqEXepEDHKA04BUP1gW54zyRsq9e9XfSt77CQuaNrE46/EfBxDYnsEY KrK7amXEMGgoDo+TSI2gsE9iAw2AQpozNpIom+cTCCcDUfiqOEWgVtXfN A==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869363" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869363" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:39 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809462" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809462" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:38 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 41/44] AP: Use MLD address for traffic tests Date: Mon, 22 May 2023 22:34:09 +0300 Message-Id: <20230522193412.658666-42-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123539_977496_78C9DA11 X-CRM114-Status: GOOD ( 10.42 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: In case of MLD use the MLD address. Signed-off-by: Andrei Otcheretianski --- hostapd/ctrl_iface.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c index b5a1c8a5d6..f90eb22c45 100644 --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c @@ -1836,6 +1836,7 @@ static int hostapd_ctrl_iface_d [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org In case of MLD use the MLD address. Signed-off-by: Andrei Otcheretianski --- hostapd/ctrl_iface.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c index b5a1c8a5d6..f90eb22c45 100644 --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c @@ -1836,6 +1836,7 @@ static int hostapd_ctrl_iface_data_test_config(struct hostapd_data *hapd, int enabled = atoi(cmd); char *pos; const char *ifname; + const u8 *addr = hapd->own_addr; if (!enabled) { if (hapd->l2_test) { @@ -1856,7 +1857,11 @@ static int hostapd_ctrl_iface_data_test_config(struct hostapd_data *hapd, else ifname = hapd->conf->iface; - hapd->l2_test = l2_packet_init(ifname, hapd->own_addr, +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + addr = hapd->mld_addr; +#endif /* CONFIG_IEEE80211BE */ + hapd->l2_test = l2_packet_init(ifname, addr, ETHERTYPE_IP, hostapd_data_test_rx, hapd, 1); if (hapd->l2_test == NULL) From patchwork Mon May 22 19:34:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784683 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=neOtkae5; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=QDWkAmbR; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQ8jM4DyRz20fD for ; Tue, 23 May 2023 06:50:30 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=47T7yMBLpv3Pf1CMHO5H4I30BaZJNcSIF/duNUSijh8=; b=neOtkae57CNXtl xuNgjj1is/1SsvhgS1jj6rZ19ZcDt8ofDEvyMwXH2vxrnpihJK3Gi2/4IKwaBe/7NStQqWxRO4Gjl 6UpGnNPRYNa/RROaCf4wujlNGxNyMIFB2CzHona93CT182KIiIuQYIlxk62uxsPuviEHhZFC6XYQ2 1huBfI/rxuWKBBMm5KwPh438mv9wuANSwypZu/lxKWtkkFavdpLw05dEo0td8YvZra3IH75SoEJjH nS/FHO06dhSeKYFyoKLntd2jsMQ1ZCs5/EJZefs7GnPvk2UNd2ZkmF77EqJEFr6ULyd7xcZnJXZ0w GYpu/2ePN1nYtJUzn7gQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1CTj-007yAA-1w; Mon, 22 May 2023 20:50:03 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJl-007i7A-0m for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:42 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784141; x=1716320141; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=z0KObb/1MuTM/nZ6aXzc/7aMhLLeSKCz3fDu0KBPiNY=; b=QDWkAmbRwbMprTO3xK8DZ5/y/7kRcojelJdiEVsmk63Jv2Np9U1tGB9L DOLUU7OAjVSu37pHEv4ijPxcTKKi3aQTqhnT1kRTDNVK2VB+XQiI4ITJe D5gxaRXwKxaNS02viBJBZ3jNj8aQ/uWt/B/bi4fekT128R0NP2bYfEa1o XSuvu/jfBPhE4AvVg1w5JRfy6gp+ObniLVxOEvReRo/i7NojhOJbLsHej bS1tb99pJ98T+YRamU7iN2boov7bqAh+VS7qDbqrmthEJfFaxs7xnyVZ9 FVtZkfuPusLo4yFyR5FR+Ku6MkGHMcDFpwbOdlO2bmALryEdR6Q6OFj5c w==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869373" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869373" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:40 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809469" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809469" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:39 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 42/44] AP: Forward EAPOL frames and status to correct BSS Date: Mon, 22 May 2023 22:34:10 +0300 Message-Id: <20230522193412.658666-43-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123541_312486_99BF434D X-CRM114-Status: GOOD ( 17.47 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: In case of MLO AP and legacy client, make sure EAPOL frames and EAPOL TX status are processed on the correct BSS. Signed-off-by: Andrei Otcheretianski --- src/ap/drv_callbacks.c | 77 ++++++++++++++++++++++++++++++++ src/drivers/driver.h | 3 ++ 2 files changed, 63 insert [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org In case of MLO AP and legacy client, make sure EAPOL frames and EAPOL TX status are processed on the correct BSS. Signed-off-by: Andrei Otcheretianski --- src/ap/drv_callbacks.c | 77 ++++++++++++++++++++++++++++++++---------- src/drivers/driver.h | 3 ++ 2 files changed, 63 insertions(+), 17 deletions(-) diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c index 028fc6b536..95b45f374c 100644 --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c @@ -1554,10 +1554,19 @@ static int hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) static void hostapd_mgmt_tx_cb(struct hostapd_data *hapd, const u8 *buf, - size_t len, u16 stype, int ok) + size_t len, u16 stype, int ok, int link_id) { struct ieee80211_hdr *hdr; - struct hostapd_data *orig_hapd = hapd, *tmp_hapd; + struct hostapd_data *orig_hapd, *tmp_hapd; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && link_id != -1) { + tmp_hapd = hostapd_mld_get_link_bss(hapd, link_id); + if (tmp_hapd) + hapd = tmp_hapd; + } +#endif /* CONFIG_IEEE80211BE */ + orig_hapd = hapd; hdr = (struct ieee80211_hdr *) buf; tmp_hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len)); @@ -1617,28 +1626,59 @@ static int hostapd_event_new_sta(struct hostapd_data *hapd, const u8 *addr) } +static struct hostapd_data *hostapd_find_by_sta(struct hostapd_iface *iface, + const u8 *src) +{ + struct sta_info *sta; + size_t j; + for (j = 0; j < iface->num_bss; j++) { + sta = ap_get_sta(iface->bss[j], src); + if (sta && sta->flags & WLAN_STA_ASSOC) + return iface->bss[j]; + } + + return NULL; +} + + static void hostapd_event_eapol_rx(struct hostapd_data *hapd, const u8 *src, const u8 *data, size_t data_len, enum frame_encryption encrypted, int link_id) { - struct hostapd_iface *iface; - struct sta_info *sta; - size_t j; - #ifdef CONFIG_IEEE80211BE - hapd = switch_link_hapd(hapd, link_id); -#endif /* CONFIG_IEEE80211BE */ - - iface = hapd->iface; + if (link_id != -1) { + struct hostapd_data *h_hapd; + + hapd = switch_link_hapd(hapd, link_id); + h_hapd = hostapd_find_by_sta(hapd->iface, src); + if (h_hapd) + hapd = h_hapd; + } else if (hapd->conf->mld_ap) { + int i; + + /* Search for STA on other MLO BSS's */ + for (i = 0; i < hapd->iface->interfaces->count; i++) { + struct hostapd_iface *h = + hapd->iface->interfaces->iface[i]; + struct hostapd_data *h_hapd = h->bss[0]; + struct hostapd_bss_config *hconf = h_hapd->conf; + + if (!hconf->mld_ap || hconf->mld_id != hapd->conf->mld_id) + continue; - for (j = 0; j < iface->num_bss; j++) { - sta = ap_get_sta(iface->bss[j], src); - if (sta && sta->flags & WLAN_STA_ASSOC) { - hapd = iface->bss[j]; - break; + h_hapd = hostapd_find_by_sta(h, src); + if (h_hapd) { + hapd = h_hapd; + break; + } } + } else { + hapd = hostapd_find_by_sta(hapd->iface, src); } +#else /* CONFIG_IEEE80211BE */ + hapd = hostapd_find_by_sta(hapd->iface, src); +#endif /* CONFIG_IEEE80211BE */ ieee802_1x_receive(hapd, src, data, data_len, encrypted); } @@ -1981,7 +2021,8 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, hostapd_mgmt_tx_cb(hapd, data->tx_status.data, data->tx_status.data_len, data->tx_status.stype, - data->tx_status.ack); + data->tx_status.ack, + data->tx_status.link_id); break; case WLAN_FC_TYPE_DATA: hostapd_tx_status(hapd, data->tx_status.dst, @@ -1992,7 +2033,9 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, } break; case EVENT_EAPOL_TX_STATUS: - hostapd_eapol_tx_status(hapd, data->eapol_tx_status.dst, + hostapd_eapol_tx_status(switch_link_hapd(hapd, + data->eapol_tx_status.link_id), + data->eapol_tx_status.dst, data->eapol_tx_status.data, data->eapol_tx_status.data_len, data->eapol_tx_status.ack); diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 97f270fa83..6a8f0a786c 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -6161,6 +6161,7 @@ union wpa_event_data { const u8 *data; size_t data_len; int ack; + int link_id; } tx_status; /** @@ -6378,6 +6379,7 @@ union wpa_event_data { * @data: Data starting with IEEE 802.1X header (!) * @data_len: Length of data * @ack: Indicates ack or lost frame + * @link_id: MLD link id used to transmit the frame or -1 for non MLO * * This corresponds to hapd_send_eapol if the frame sent * there isn't just reported as EVENT_TX_STATUS. @@ -6387,6 +6389,7 @@ union wpa_event_data { const u8 *data; int data_len; int ack; + int link_id; } eapol_tx_status; /** From patchwork Mon May 22 19:34:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784710 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=NL+MXhal; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=RCaqz2Zw; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQBMx0PnWz20PY for ; Tue, 23 May 2023 08:05:31 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=CNk1aQo2iRiiETFO9eOoTegNN0aVbFnTzyZHtJ4c8pM=; b=NL+MXhalg95cJs snx3UfsDnTlGe54MaOU+9B7T9a0WM0yp8S8k5G/D80waEAgNkBchFSGW6lowrwYQst/j3C5gSy69B IvdCi24S4jh5NAl12BI8oJKM4dSwqoPSiccrT/vsTqv+O2X/0843VynNm429DRt9Pp+pUYFqaBJ99 Ec/SAgubtyUhqCMZr0gX8jlEQ3Oc8y+hbAcQ2p7U3tyByF2UvKi2t/KD5QC2byMYNC0z4+4bfWIpg +EZj6tT49nw7bonXTBj1JFxPCvkbBqp7KWJifpCQihKH91ENhDJ4dsL+alwyrpKUjeIYRVGjZ5VTl pT54uvKD80/VY0s4fzHg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1De8-008B60-1i; Mon, 22 May 2023 22:04:52 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJm-007iDo-1b for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:43 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784142; x=1716320142; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=iE5hZ4HcvTzyCuEnwRkCQ60q5QzoM7zLq+qtjZfPzA8=; b=RCaqz2Zw0Jn8ikAGurN5ijP5OqqpVQfYV19qzN53qNqHx+WtjOUCzpkf cG27SnC76nNKFU6i+vk4SIlq0FoIoDg6kJozake8XeBNR1AIWxyvHSwkN ww6CROE4ihcamZVW2Qelm5F0VRngEZ1aDyG8KrmRn9T6Z4OOTvl4ekTLm 1nsPgOgwv7nMsBhz+v1yKDSH6as5iIepY5xDNhzbrETmDDharrtRavAW6 KOzJ1uiJsrr8tcYI7XO/0yTfxRUjkvlUTkLwdevJF3STbboJGRA9KMDag TBtsj+xhRcA+iJLmRcv/BKWIz3YLkQBGysHGHL7YPbFxe0EgnYUaOIenU g==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869378" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869378" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:42 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809474" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809474" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:40 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 43/44] driver_nl80211: Store and report link id for MLO control frames Date: Mon, 22 May 2023 22:34:11 +0300 Message-Id: <20230522193412.658666-44-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123542_585145_99C6335A X-CRM114-Status: GOOD ( 11.85 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Since there's only one instance of i802_bss for all BSS's in MLO AP, link id is needed to forward the status to the correct BSS. Store the link id when transmitting EAPOL frames over control interface [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Since there's only one instance of i802_bss for all BSS's in MLO AP, link id is needed to forward the status to the correct BSS. Store the link id when transmitting EAPOL frames over control interface and report it in TX status. Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 7 +++++-- src/drivers/driver_nl80211.h | 2 ++ src/drivers/driver_nl80211_event.c | 5 +++++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 8bb1c3f0d7..b0e5b945f0 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4281,8 +4281,8 @@ static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, noack); } - if (noack || WLAN_FC_GET_TYPE(fc) != WLAN_FC_TYPE_MGMT || - WLAN_FC_GET_STYPE(fc) != WLAN_FC_STYPE_ACTION) + if ((noack || WLAN_FC_GET_TYPE(fc) != WLAN_FC_TYPE_MGMT || + WLAN_FC_GET_STYPE(fc) != WLAN_FC_STYPE_ACTION) && link_id == -1) use_cookie = 0; send_frame_cmd: #ifdef CONFIG_TESTING_OPTIONS @@ -4302,6 +4302,8 @@ send_frame_cmd: res = nl80211_send_frame_cmd(bss, freq, wait_time, data, data_len, use_cookie, no_cck, noack, offchanok, csa_offs, csa_offs_len); + if (!res) + drv->send_frame_link_id = link_id; return res; } @@ -6138,6 +6140,7 @@ static int nl80211_tx_control_port(void *priv, const u8 *dest, "nl80211: tx_control_port cookie=0x%llx", (long long unsigned int) cookie); drv->eapol_tx_cookie = cookie; + drv->eapol_tx_link_id = link_id; } return ret; diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h index b38cd7f53a..ba1e6c5ccf 100644 --- a/src/drivers/driver_nl80211.h +++ b/src/drivers/driver_nl80211.h @@ -206,10 +206,12 @@ struct wpa_driver_nl80211_data { u64 vendor_scan_cookie; u64 remain_on_chan_cookie; u64 send_frame_cookie; + int send_frame_link_id; #define MAX_SEND_FRAME_COOKIES 20 u64 send_frame_cookies[MAX_SEND_FRAME_COOKIES]; unsigned int num_send_frame_cookies; u64 eapol_tx_cookie; + int eapol_tx_link_id; unsigned int last_mgmt_freq; diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c index 838afabcc7..e1bc5f7370 100644 --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c @@ -1219,6 +1219,8 @@ static void mlme_event_mgmt_tx_status(struct wpa_driver_nl80211_data *drv, event.tx_status.data = frame; event.tx_status.data_len = len; event.tx_status.ack = ack != NULL; + event.tx_status.link_id = cookie_val == drv->send_frame_cookie ? + drv->send_frame_link_id : -1; wpa_supplicant_event(drv->ctx, EVENT_TX_STATUS, &event); } @@ -3375,6 +3377,9 @@ nl80211_control_port_frame_tx_status(struct wpa_driver_nl80211_data *drv, event.eapol_tx_status.data = frame + ETH_HLEN; event.eapol_tx_status.data_len = len - ETH_HLEN; event.eapol_tx_status.ack = ack != NULL; + event.eapol_tx_status.link_id = nla_get_u64(cookie) == drv->eapol_tx_cookie ? + drv->eapol_tx_link_id : -1; + wpa_supplicant_event(drv->ctx, EVENT_EAPOL_TX_STATUS, &event); } From patchwork Mon May 22 19:34:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1784709 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=qJHK5TLn; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=k6pUnteo; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QQBMx1jX5z20Q6 for ; Tue, 23 May 2023 08:05:31 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=F8dgbCw2kvZjbaXCdU56oeNC/Xfceyfty/vjRrvQneQ=; b=qJHK5TLnLSBkf7 ZxtMVYMiA6F2tQEO3KIdxErfb5GktuGPmAToqCzcH57v1VixAonb3Qhgj7uqCL+W2d7IAyAIfKHzz hP1sGaqnYBCe81h+OoN6Toc7PrqYPZ1J097XiuWG8BJGDrDu9+L5oDAF9id5HIsAOoBSHKWx5wNMN x/3jYAiWfh+QmqdfPPCgQI+TRudulb8O0nrMjq+5/dnchFFpIMsLll/o46EzbYoeLzQk6lEN9AznA dOPzKQEOMB3gQHpfjlF9siFV0u3IQ9ekOan3o1nDhnhRFo0HoVNtXeQpl48aQAmPJDmP/xMFf57Qf fgueEhJSwZsuZExOkeKw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q1DeA-008B6t-0N; Mon, 22 May 2023 22:04:54 +0000 Received: from mga04.intel.com ([192.55.52.120]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q1BJo-007iR4-1e for hostap@lists.infradead.org; Mon, 22 May 2023 19:35:47 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684784144; x=1716320144; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=YtvQCVJUIsmDD+a9UTP3UW7vDEeHRrL9d4Bk9JzcpyU=; b=k6pUnteo8lw+/dyAuimfahkLQhT8KPc/6S2meodD6OZyaWMzphN9Ytt/ ZFbg8MUlhk+eUdFQ8OTwpuK4lxCQVBVVThHJ4j/MQLMJkItafD0O0SH44 eseWkpgnR3f7ALG0hs4nTOUS1ZdQEgRQH+uf1Dwv0+X0XQzQfB2+OM5c3 E0z5dvQGmKK4jsQOA+C4FxYpCbYD8kfq86pJfQ0j8RdLZL2jDBtwF5DHj 4U91LZUJ+Eb13dXHi2AlliRrmjSiPwNz5N3pgPgHOZC/3ul6w3xPSZ8Mf EKEhgOxDPUTgXwMP0dRRKV/D8pcz6L0XMvJwMtjrOyr/DtuNWNry23wwc Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="351869383" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="351869383" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:43 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10718"; a="827809480" X-IronPort-AV: E=Sophos;i="6.00,184,1681196400"; d="scan'208";a="827809480" Received: from ghorst-mobl3.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.149.56]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2023 12:35:42 -0700 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH v2 44/44] tests: Add basic MLD hwsim tests Date: Mon, 22 May 2023 22:34:12 +0300 Message-Id: <20230522193412.658666-45-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230522193412.658666-1-andrei.otcheretianski@intel.com> References: <20230522193412.658666-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230522_123544_613839_A2444140 X-CRM114-Status: GOOD ( 14.55 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- tests/hwsim/example-hostapd.config | 1 + tests/hwsim/hostapd.py | 77 +++++++- tests/hwsim/hwsim.py | 11 +- tests/hwsim/test_e [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [192.55.52.120 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- tests/hwsim/example-hostapd.config | 1 + tests/hwsim/hostapd.py | 77 +++++++- tests/hwsim/hwsim.py | 11 +- tests/hwsim/test_eht.py | 293 +++++++++++++++++++++++++++++ 4 files changed, 375 insertions(+), 7 deletions(-) diff --git a/tests/hwsim/example-hostapd.config b/tests/hwsim/example-hostapd.config index 5b7130fdcd..e6f91fe388 100644 --- a/tests/hwsim/example-hostapd.config +++ b/tests/hwsim/example-hostapd.config @@ -117,3 +117,4 @@ CONFIG_DPP2=y CONFIG_WEP=y CONFIG_PASN=y CONFIG_AIRTIME_POLICY=y +CONFIG_IEEE80211BE=y diff --git a/tests/hwsim/hostapd.py b/tests/hwsim/hostapd.py index 77b210b6e6..e47aa146db 100644 --- a/tests/hwsim/hostapd.py +++ b/tests/hwsim/hostapd.py @@ -101,6 +101,11 @@ class HostapdGlobal: if not ignore_error: raise Exception("Could not add hostapd BSS") + def add_link(self, ifname, confname): + res = self.request("ADD " + ifname + " config=" + confname) + if "OK" not in res: + raise Exception("Could not add hostapd link") + def remove(self, ifname): self.request("REMOVE " + ifname, timeout=30) @@ -141,13 +146,13 @@ class HostapdGlobal: self.host.send_file(src, dst) class Hostapd: - def __init__(self, ifname, bssidx=0, hostname=None, port=8877): + def __init__(self, ifname, bssidx=0, hostname=None, ctrl=hapd_ctrl, port=8877): self.hostname = hostname self.host = remotehost.Host(hostname, ifname) self.ifname = ifname if hostname is None: - self.ctrl = wpaspy.Ctrl(os.path.join(hapd_ctrl, ifname)) - self.mon = wpaspy.Ctrl(os.path.join(hapd_ctrl, ifname)) + self.ctrl = wpaspy.Ctrl(os.path.join(ctrl, ifname)) + self.mon = wpaspy.Ctrl(os.path.join(ctrl, ifname)) self.dbg = ifname else: self.ctrl = wpaspy.Ctrl(hostname, port) @@ -156,6 +161,7 @@ class Hostapd: self.mon.attach() self.bssid = None self.bssidx = bssidx + self.mld_addr = None def cmd_execute(self, cmd_array, shell=False): if self.hostname is None: @@ -184,8 +190,15 @@ class Hostapd: self.bssid = self.get_status_field('bssid[%d]' % self.bssidx) return self.bssid + def own_mld_addr(self): + if self.mld_addr is None: + self.mld_addr = self.get_status_field('mld_addr[%d]' % self.bssidx) + return self.mld_addr + def get_addr(self, group=False): - return self.own_addr() + if self.own_mld_addr() is None: + return self.own_addr() + return self.own_mld_addr() def request(self, cmd): logger.debug(self.dbg + ": CTRL: " + cmd) @@ -682,6 +695,33 @@ def add_iface(apdev, confname): raise Exception("Could not ping hostapd") return hapd +def add_mld_link(apdev, params): + if isinstance(apdev, dict): + ifname = apdev['ifname'] + try: + hostname = apdev['hostname'] + port = apdev['port'] + logger.info("Adding link on: " + hostname + "/" + port + " ifname=" + ifname) + except: + logger.info("Adding link on: ifname=" + ifname) + hostname = None + port = 8878 + else: + ifname = apdev + logger.info("Adding link on: ifname=" + ifname) + hostname = None + port = 8878 + + hapd_global = HostapdGlobal(apdev) + confname, ctrl_iface = cfg_mld_link_file(ifname, params) + hapd_global.send_file(confname, confname) + hapd_global.add_link(ifname, confname) + port = hapd_global.get_ctrl_iface_port(ifname) + hapd = Hostapd(ifname, hostname=hostname, ctrl=ctrl_iface, port=port) + if not hapd.ping(): + raise Exception("Could not ping hostapd") + return hapd + def remove_bss(apdev, ifname=None): if ifname == None: ifname = apdev['ifname'] @@ -904,3 +944,32 @@ def cfg_file(apdev, conf, ifname=None): return fname return conf + +idx = 0 +def cfg_mld_link_file(ifname, params): + global idx + ctrl_iface="/var/run/hostapd" + conf = "link-%d.conf" % idx + + fd, fname = tempfile.mkstemp(dir='/tmp', prefix=conf + '-') + f = os.fdopen(fd, 'w') + + if idx != 0: + ctrl_iface="/var/run/hostapd_%d" % idx + + f.write("ctrl_interface=%s\n" % ctrl_iface) + f.write("driver=nl80211\n") + f.write("ieee80211n=1\n") + f.write("ieee80211ac=1\n") + f.write("ieee80211ax=1\n") + f.write("ieee80211be=1\n") + f.write("interface=%s\n" % ifname) + f.write("mld_ap=1\n") + f.write("mld_id=0\n") + + for k, v in list(params.items()): + f.write("{}={}\n".format(k,v)) + + idx = idx + 1 + + return fname, ctrl_iface \ No newline at end of file diff --git a/tests/hwsim/hwsim.py b/tests/hwsim/hwsim.py index bc8aabdd49..5b1f858c95 100644 --- a/tests/hwsim/hwsim.py +++ b/tests/hwsim/hwsim.py @@ -17,6 +17,7 @@ HWSIM_ATTR_CHANNELS = 9 HWSIM_ATTR_RADIO_ID = 10 HWSIM_ATTR_SUPPORT_P2P_DEVICE = 14 HWSIM_ATTR_USE_CHANCTX = 15 +HWSIM_ATTR_MLO_SUPPORT = 25 # the controller class class HWSimController(object): @@ -25,7 +26,7 @@ class HWSimController(object): self._fid = netlink.genl_controller.get_family_id(b'MAC80211_HWSIM') def create_radio(self, n_channels=None, use_chanctx=False, - use_p2p_device=False): + use_p2p_device=False, use_mlo=False): attrs = [] if n_channels: attrs.append(netlink.U32Attr(HWSIM_ATTR_CHANNELS, n_channels)) @@ -33,6 +34,8 @@ class HWSimController(object): attrs.append(netlink.FlagAttr(HWSIM_ATTR_USE_CHANCTX)) if use_p2p_device: attrs.append(netlink.FlagAttr(HWSIM_ATTR_SUPPORT_P2P_DEVICE)) + if use_mlo: + attrs.append(netlink.FlagAttr(HWSIM_ATTR_MLO_SUPPORT)) msg = netlink.GenlMessage(self._fid, HWSIM_CMD_CREATE_RADIO, flags=netlink.NLM_F_REQUEST | @@ -50,17 +53,19 @@ class HWSimController(object): class HWSimRadio(object): def __init__(self, n_channels=None, use_chanctx=False, - use_p2p_device=False): + use_p2p_device=False, use_mlo=False): self._controller = HWSimController() self._n_channels = n_channels self._use_chanctx = use_chanctx self._use_p2p_dev = use_p2p_device + self._use_mlo = use_mlo def __enter__(self): self._radio_id = self._controller.create_radio( n_channels=self._n_channels, use_chanctx=self._use_chanctx, - use_p2p_device=self._use_p2p_dev) + use_p2p_device=self._use_p2p_dev, + use_mlo=self._use_mlo) if self._radio_id < 0: raise Exception("Failed to create radio (err:%d)" % self._radio_id) try: diff --git a/tests/hwsim/test_eht.py b/tests/hwsim/test_eht.py index ebc846c0d4..17b52ba049 100644 --- a/tests/hwsim/test_eht.py +++ b/tests/hwsim/test_eht.py @@ -6,6 +6,57 @@ import hostapd from utils import * +from hwsim import HWSimRadio +import hwsim_utils +from wpasupplicant import WpaSupplicant +import re + +def _eht_verify_wifi_version(dev): + status = dev.get_status() + logger.info("station status: " + str(status)) + + if 'wifi_generation' not in status: + raise Exception("Missing wifi_generation information") + if status['wifi_generation'] != "7": + raise Exception("Unexpected wifi_generation value: " + status['wifi_generation']) + +def _eht_verify_status(wpas, hapd, freq, bw, is_ht=False, is_vht=False, mld=False): + status = hapd.get_status() + + logger.info("hostapd STATUS: " + str(status)) + if is_ht and status["ieee80211n"] != "1": + raise Exception("Unexpected STATUS ieee80211n value") + if is_vht and status["ieee80211ac"] != "1": + raise Exception("Unexpected STATUS ieee80211ac value") + if status["ieee80211ax"] != "1": + raise Exception("Unexpected STATUS ieee80211ax value") + if status["ieee80211be"] != "1": + raise Exception("Unexpected STATUS ieee80211be value") + + sta = hapd.get_sta(wpas.own_addr()) + logger.info("hostapd STA: " + str(sta)) + if is_ht and "[HT]" not in sta['flags']: + raise Exception("Missing STA flag: HT") + if is_vht and "[VHT]" not in sta['flags']: + raise Exception("Missing STA flag: VHT") + if "[HE]" not in sta['flags']: + raise Exception("Missing STA flag: HE") + if "[EHT]" not in sta['flags']: + raise Exception("Missing STA flag: EHT") + + sig = wpas.request("SIGNAL_POLL").splitlines() + + # TODO: with MLD connection, signal poll logic is still not implemented. + # While mac80211 maintains the station using the MLD address, the information + # is maintained in the link stations, but it is not sent to user space yet. + if not mld: + if "FREQUENCY=%s" % freq not in sig: + raise Exception("Unexpected SIGNAL_POLL value(1): " + str(sig)) + if "WIDTH=%s MHz" % bw not in sig: + raise Exception("Unexpected SIGNAL_POLL value(2): " + str(sig)) + +def _test_traffic(wpas, hapd): + hwsim_utils.test_connectivity(wpas, hapd) def test_eht_open(dev, apdev): """EHT AP with open mode configuration""" @@ -118,3 +169,245 @@ def test_eht_sae_mlo(dev, apdev): finally: dev[0].set("sae_groups", "") dev[0].set("sae_pwe", "0") + +def _eht_mld_enable_ap(iface, params): + hapd = hostapd.add_mld_link(iface, params) + hapd.enable() + + ev = hapd.wait_event(["AP-ENABLED", "AP-DISABLED"], timeout=1) + if ev is None: + raise Exception("AP startup timed out") + if "AP-ENABLED" not in ev: + raise Exception("AP startup failed") + + return hapd + +def eht_mld_ap_wpa2_params(ssid, passphrase=None, key_mgmt="WPA-PSK-SHA256", mfp="2", pwe=None, + beacon_prot="1"): + params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase, wpa_key_mgmt=key_mgmt, ieee80211w=mfp) + + params['ieee80211n'] = '1' + params['ieee80211ax'] = '1' + params['ieee80211be'] = '1' + params['channel'] = '1' + params['hw_mode'] = 'g' + params['group_mgmt_cipher'] = "AES-128-CMAC" + params['beacon_prot'] = beacon_prot + + if pwe is not None: + params['sae_pwe'] = pwe + + return params + +def test_eht_mld_discovery(dev, apdev): + """EHT MLD AP discovery""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + ssid = "mld_ap" + link0_params = {"ssid": ssid, + "hw_mode": "g", + "channel": "1"} + link1_params = {"ssid": ssid, + "hw_mode": "g", + "channel": "2"} + + hapd0 = _eht_mld_enable_ap(hapd_iface, link0_params) + hapd1 = _eht_mld_enable_ap(hapd_iface, link1_params) + + res = wpas.request("SCAN freq=2412,2417") + if "FAIL" in res: + raise Exception("Failed to start scan") + + ev = wpas.wait_event(["CTRL-EVENT-SCAN-STARTED"]) + if ev is None: + raise Exception("Scan did not start") + + ev = wpas.wait_event(["CTRL-EVENT-SCAN-RESULTS"]) + if ev is None: + raise Exception("Scan did not complete") + + logger.info("Scan done") + + rnr_pattern = re.compile(".*ap_info.*, mld ID=0, link ID=", re.MULTILINE) + ml_pattern = re.compile(".*multi-link:.*, MLD ID=0x0", re.MULTILINE) + + bss = wpas.request("BSS " + hapd0.own_addr()) + logger.info("BSS 0: " + str(bss)) + + if rnr_pattern.search(bss) is None: + raise Exception("RNR element not found for first link") + + if ml_pattern.search(bss) is None: + raise Exception("ML element not found for first link") + + bss = wpas.request("BSS " + hapd1.own_addr()) + logger.info("BSS 1: " + str(bss)) + + if rnr_pattern.search(bss) is None: + raise Exception("RNR element not found for second link") + + if ml_pattern.search(bss) is None: + raise Exception("ML element not found for second link") + +def _eht_mld_owe_two_links(dev, apdev): + with HWSimRadio(use_mlo=True) as (hapd0_radio, hapd0_iface), \ + HWSimRadio(use_mlo=True) as (hapd1_radio, hapd1_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + ssid = "mld_ap_owe_two_link" + params = eht_mld_ap_wpa2_params(ssid, key_mgmt="OWE", mfp="2") + + hapd0 = _eht_mld_enable_ap(hapd0_iface, params) + + params['channel'] = '6' + + hapd1 = _eht_mld_enable_ap(hapd0_iface, params) + # check legacy client connection + dev[0].connect(ssid, scan_freq="2437", key_mgmt="OWE", ieee80211w="2") + wpas.connect(ssid, scan_freq="2412 2437", key_mgmt="OWE", ieee80211w="2") + + _eht_verify_status(wpas, hapd0, 2412, 20, is_ht=True, mld=True) + _eht_verify_wifi_version(wpas) + _test_traffic(wpas, hapd0) + _test_traffic(wpas, hapd1) + +def test_eht_mld_owe_two_links(dev, apdev): + """EHT MLD AP with MLD client OWE connection using two links""" + _eht_mld_owe_two_links(dev, apdev) + +def test_eht_mld_sae_single_link(dev, apdev): + """EHT MLD AP with MLD client SAE H2E connection using single link""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + passphrase = 'qwertyuiop' + ssid = "mld_ap_sae_single_link" + params = eht_mld_ap_wpa2_params(ssid, passphrase, key_mgmt="SAE", mfp="2", pwe='2') + + hapd0 = _eht_mld_enable_ap(hapd_iface, params) + + wpas.set("sae_pwe", "1") + wpas.connect(ssid, sae_password=passphrase, scan_freq="2412", key_mgmt="SAE", ieee80211w="2") + + _eht_verify_status(wpas, hapd0, 2412, 20, is_ht=True, mld=True) + _eht_verify_wifi_version(wpas) + _test_traffic(wpas, hapd0) + +def _test_eht_mld_sae_two_links(dev, apdev, beacon_prot="1"): + """EHT MLD AP with MLD client SAE H2E connection using two links""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + passphrase = 'qwertyuiop' + ssid = "mld_ap_sae_two_link" + params = eht_mld_ap_wpa2_params(ssid, passphrase, + key_mgmt="SAE", mfp="2", pwe='1', beacon_prot=beacon_prot) + + hapd0 = _eht_mld_enable_ap(hapd_iface, params) + + params['channel'] = '6' + + hapd1 = _eht_mld_enable_ap(hapd_iface, params) + + wpas.set("sae_pwe", "1") + wpas.connect(ssid, sae_password=passphrase, scan_freq="2412 2437", + key_mgmt="SAE", ieee80211w="2", beacon_prot="1") + + _eht_verify_status(wpas, hapd0, 2412, 20, is_ht=True, mld=True) + _eht_verify_wifi_version(wpas) + _test_traffic(wpas, hapd0) + _test_traffic(wpas, hapd1) + +def test_eht_mld_sae_two_links(dev, apdev): + """EHT MLD AP with MLD client SAE H2E connection using two links""" + _test_eht_mld_sae_two_links(dev, apdev) + +def test_eht_mld_sae_two_links_no_beacon_prot(dev, apdev): + """EHT MLD AP with MLD client SAE H2E connection using two links and no beacon protection""" + _test_eht_mld_sae_two_links(dev, apdev, beacon_prot="0") + +def test_eht_mld_sae_ext_one_link(dev, apdev): + """EHT MLD AP with MLD client SAE-EXT H2E connection using single link""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + passphrase = 'qwertyuiop' + ssid = "mld_ap_sae_ext_single_link" + params = eht_mld_ap_wpa2_params(ssid, passphrase, key_mgmt="SAE-EXT-KEY") + + hapd0 = _eht_mld_enable_ap(hapd_iface, params) + + wpas.connect(ssid, sae_password=passphrase, scan_freq="2412", key_mgmt="SAE-EXT-KEY", + ieee80211w="2") + + _eht_verify_status(wpas, hapd0, 2412, 20, is_ht=True, mld=True) + _eht_verify_wifi_version(wpas) + _test_traffic(wpas, hapd0) + +def test_eht_mld_sae_ext_two_links(dev, apdev): + """EHT MLD AP with MLD client SAE-EXT H2E connection using two links""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + passphrase = 'qwertyuiop' + ssid = "mld_ap_sae_two_link" + params = eht_mld_ap_wpa2_params(ssid, passphrase, key_mgmt="SAE-EXT-KEY") + + hapd0 = _eht_mld_enable_ap(hapd_iface, params) + + params['channel'] = '6' + + hapd1 = _eht_mld_enable_ap(hapd_iface, params) + + wpas.connect(ssid, sae_password=passphrase, scan_freq="2412 2437", + key_mgmt="SAE-EXT-KEY", ieee80211w="2") + + _eht_verify_status(wpas, hapd0, 2412, 20, is_ht=True, mld=True) + _eht_verify_wifi_version(wpas) + _test_traffic(wpas, hapd0) + _test_traffic(wpas, hapd1) + +def test_eht_mld_sae_legacy_client(dev, apdev): + """EHT MLD AP with legacy client SAE H2E connection""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface): + passphrase = 'qwertyuiop' + ssid = "mld_ap_sae_two_link" + params = eht_mld_ap_wpa2_params(ssid, passphrase, + key_mgmt="SAE", mfp="2", pwe='1') + + hapd0 = _eht_mld_enable_ap(hapd_iface, params) + + params['channel'] = '6' + + hapd1 = _eht_mld_enable_ap(hapd_iface, params) + + dev[0].set("sae_pwe", "1") + dev[0].connect(ssid, sae_password=passphrase, scan_freq="2412", + key_mgmt="SAE", ieee80211w="2", beacon_prot="1") + + _eht_verify_status(dev[0], hapd0, 2412, 20, is_ht=True) + _test_traffic(dev[0], hapd0)