From patchwork Wed Feb 15 23:08:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743145 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=C5AuQkmd; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=Jb/c/3Jf; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDN02PmKz23yD for ; Thu, 16 Feb 2023 10:11:12 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=4Ix+ysNYLJ9EXw6CfcYPGElszui92zxiFsfRY8ae88U=; b=C5AuQkmdACMqZ2 CuDCN88qtYXmUjTB3uhtmC8LvkgZ62+kjmCSr/mK1zdiS7xv+gT0eym7WGd/fIBwE1WiWlAMeBcqi z27GqujjzbbIsx3UBvtZibRGS8Aci105NnCVgfYtfwMJa0VQc+f7YDNhffdQF588h9k18nwOg0oqK ielqGhsEOlKdPY8oKy0fqSb7nppNLJDa/tkgymbGn+TaQezmBLLqHZfDt5Gij/the9oS1JOuSJ1ya 4+Kow8S6RV4uclQsse7mVMx+ypKqt87U64h8Aib7ynNoDije48kuSEtAeH3teoP3BNo/NicpU0yOh CvpYceK9keKWNi7lodew==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQub-007lV1-Cz; Wed, 15 Feb 2023 23:10:05 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQtz-007lDr-3R for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:30 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502567; x=1708038567; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=UFDrkzmQdHJ7VOjiagMZoCvrT1ykk4imj0/kexIze4s=; b=Jb/c/3JfXS4r6Io/bj5VlW1sTmnSYVNVy/W3WWcTJSg9hjsehvtx5kbx Q2mE7BmWn1YucGL7ZXdmqdupNWJYE8Kpp0S5+k9scsETg3bWdtCk7vyvo oOE7hCET2auFSJDoMy3AZzsDjIw79oqand2Ti31u0u3lbkxlGdQCMjJc4 FjSHufS0oKypKlumtgO7fp4I2IXAMgSfJpebHAwauLBASDVSUjee+YMzh VOhPD60fiXc4rwYGHCglerG7cxsTO00dKCOoZdiAPKsOy19um8bXFfg9s 002ru+ZkZRtaNtDEVaqTIA6NYabTthQ2mAvPYkX2hSQ0IY1xe7/1qglHZ A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719566" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719566" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:23 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344119" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344119" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:21 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH 01/50] nl80211: Refactor i802_bss to support multiple links Date: Thu, 16 Feb 2023 01:08:15 +0200 Message-Id: <20230215230904.933291-2-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150927_279383_74C06D25 X-CRM114-Status: GOOD ( 23.99 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Refactor struct i802_bss to support multiple links as a preparation to support MLD AP. Signed-off-by: Ilan Peer --- src/drivers/driver_nl80211.c | 78 +++++++++++++++++++ src/drivers/driver_nl80211.h | 20 ++++++-- src/drivers/driver_nl80211_event.c | 8 +- [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Refactor struct i802_bss to support multiple links as a preparation to support MLD AP. Signed-off-by: Ilan Peer --- src/drivers/driver_nl80211.c | 78 +++++++++++++++++++----------- src/drivers/driver_nl80211.h | 20 ++++++-- src/drivers/driver_nl80211_event.c | 8 +-- 3 files changed, 71 insertions(+), 35 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 3f6c05c094..a3b4ab8ea4 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -273,7 +273,7 @@ void nl80211_mark_disconnected(struct wpa_driver_nl80211_data *drv) drv->associated = 0; os_memset(&drv->sta_mlo_info, 0, sizeof(drv->sta_mlo_info)); os_memset(drv->bssid, 0, ETH_ALEN); - drv->first_bss->freq = 0; + drv->first_bss->flink->freq = 0; #ifdef CONFIG_DRIVER_NL80211_QCA os_free(drv->pending_roam_data); drv->pending_roam_data = NULL; @@ -911,7 +911,7 @@ nl80211_get_wiphy_data_ap(struct i802_bss *bss) dl_list_init(&w->drvs); /* Beacon frames not supported in IEEE 802.11ad */ - if (ieee80211_freq_to_chan(bss->freq, &channel) != + if (ieee80211_freq_to_chan(bss->flink->freq, &channel) != HOSTAPD_MODE_IEEE80211AD) { w->nl_cb = nl_cb_alloc(NL_CB_DEFAULT); if (!w->nl_cb) { @@ -2230,6 +2230,7 @@ static void * wpa_driver_nl80211_drv_init(void *ctx, const char *ifname, { struct wpa_driver_nl80211_data *drv; struct i802_bss *bss; + u32 i; if (global_priv == NULL) return NULL; @@ -2308,6 +2309,17 @@ skip_wifi_status: drv->in_interface_list = 1; } + /* + * Set the default link to be the first one, and set its address to that + * of the interface + */ + bss->flink = &bss->links[0]; + bss->n_links = 1; + os_memcpy(bss->flink->addr, bss->addr, ETH_ALEN); + + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) + bss->links[i].link_id = NL80211_DRV_LINK_ID_NA; + return bss; failed: @@ -2982,8 +2994,8 @@ static int wpa_driver_nl80211_del_beacon(struct i802_bss *bss) wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)", drv->ifindex); - bss->beacon_set = 0; - bss->freq = 0; + bss->flink->beacon_set = 0; + bss->flink->freq = 0; nl80211_put_wiphy_data_ap(bss); msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON); return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); @@ -4109,10 +4121,10 @@ static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) { if (freq == 0) { wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d", - bss->freq); - freq = bss->freq; + bss->flink->freq); + freq = bss->flink->freq; } - if ((int) freq == bss->freq) + if ((int)freq == bss->flink->freq) wait_time = 0; goto send_frame_cmd; } @@ -4174,14 +4186,14 @@ static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, } if (freq == 0) { wpa_printf(MSG_DEBUG, "nl80211: send_mlme - Use bss->freq=%u", - bss->freq); - freq = bss->freq; + bss->flink->freq); + freq = bss->flink->freq; } if (drv->use_monitor && is_ap_interface(drv->nlmode)) { wpa_printf(MSG_DEBUG, "nl80211: send_frame(freq=%u bss->freq=%u) -> send_monitor", - freq, bss->freq); + freq, bss->flink->freq); return nl80211_send_monitor(drv, data, data_len, encrypt, noack); } @@ -4694,7 +4706,7 @@ static int wpa_driver_nl80211_set_ap(void *priv, struct wpa_driver_mesh_bss_params mesh_params; #endif /* CONFIG_MESH */ - beacon_set = params->reenable ? 0 : bss->beacon_set; + beacon_set = params->reenable ? 0 : bss->flink->beacon_set; wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)", beacon_set); @@ -4994,17 +5006,17 @@ static int wpa_driver_nl80211_set_ap(void *priv, wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)", ret, strerror(-ret)); } else { - bss->beacon_set = 1; + bss->flink->beacon_set = 1; nl80211_set_bss(bss, params->cts_protect, params->preamble, params->short_slot_time, params->ht_opmode, params->isolate, params->basic_rates); nl80211_set_multicast_to_unicast(bss, params->multicast_to_unicast); if (beacon_set && params->freq && - params->freq->bandwidth != bss->bandwidth) { + params->freq->bandwidth != bss->flink->bandwidth) { wpa_printf(MSG_DEBUG, "nl80211: Update BSS %s bandwidth: %d -> %d", - bss->ifname, bss->bandwidth, + bss->ifname, bss->flink->bandwidth, params->freq->bandwidth); ret = nl80211_set_channel(bss, params->freq, 1); if (ret) { @@ -5014,7 +5026,7 @@ static int wpa_driver_nl80211_set_ap(void *priv, } else { wpa_printf(MSG_DEBUG, "nl80211: Frequency set succeeded for ht2040 coex"); - bss->bandwidth = params->freq->bandwidth; + bss->flink->bandwidth = params->freq->bandwidth; } } else if (!beacon_set && params->freq) { /* @@ -5022,7 +5034,7 @@ static int wpa_driver_nl80211_set_ap(void *priv, * mode only at the point when beaconing is started, so * set the initial value here. */ - bss->bandwidth = params->freq->bandwidth; + bss->flink->bandwidth = params->freq->bandwidth; } } @@ -5172,7 +5184,7 @@ static int nl80211_set_channel(struct i802_bss *bss, ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); if (ret == 0) { - bss->freq = freq->freq; + bss->flink->freq = freq->freq; return 0; } wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): " @@ -5800,7 +5812,7 @@ static void nl80211_teardown_ap(struct i802_bss *bss) nl80211_mgmt_unsubscribe(bss, "AP teardown"); nl80211_put_wiphy_data_ap(bss); - bss->beacon_set = 0; + bss->flink->beacon_set = 0; } @@ -7738,7 +7750,7 @@ static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr, struct ieee80211_mgmt mgmt; u8 channel; - if (ieee80211_freq_to_chan(bss->freq, &channel) == + if (ieee80211_freq_to_chan(bss->flink->freq, &channel) == HOSTAPD_MODE_IEEE80211AD) { /* Deauthentication is not used in DMG/IEEE 802.11ad; * disassociate the STA instead. */ @@ -8359,12 +8371,18 @@ static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type, if (type == WPA_IF_AP_BSS && setup_ap) { struct i802_bss *new_bss = os_zalloc(sizeof(*new_bss)); + size_t i; + if (new_bss == NULL) { if (added) nl80211_remove_iface(drv, ifidx); return -1; } + /* Initialize here before any failure path */ + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) + new_bss->links[i].link_id = NL80211_DRV_LINK_ID_NA; + if (bridge && i802_check_bridge(drv, new_bss, bridge, ifname) < 0) { wpa_printf(MSG_ERROR, "nl80211: Failed to add the new " @@ -8388,7 +8406,11 @@ static int wpa_driver_nl80211_if_add(void *priv, enum wpa_driver_if_type type, new_bss->ifindex = ifidx; new_bss->drv = drv; new_bss->next = drv->first_bss->next; - new_bss->freq = drv->first_bss->freq; + new_bss->flink = &new_bss->links[0]; + new_bss->n_links = 1; + os_memcpy(new_bss->flink->addr, new_bss->addr, ETH_ALEN); + + new_bss->flink->freq = drv->first_bss->flink->freq; new_bss->ctx = bss_ctx; new_bss->added_if = added; drv->first_bss->next = new_bss; @@ -8595,8 +8617,8 @@ static int wpa_driver_nl80211_send_action(struct i802_bss *bss, struct ieee80211_hdr *hdr; int offchanok = 1; - if (is_ap_interface(drv->nlmode) && (int) freq == bss->freq && - bss->beacon_set) + if (is_ap_interface(drv->nlmode) && (int)freq == bss->flink->freq && + bss->flink->beacon_set) offchanok = 0; wpa_printf(MSG_DEBUG, "nl80211: Send Action frame (ifindex=%d, " @@ -8632,7 +8654,7 @@ static int wpa_driver_nl80211_send_action(struct i802_bss *bss, modes = nl80211_get_hw_feature_data(bss, &num_modes, &flags, &dfs_domain); if (dfs_domain != HOSTAPD_DFS_REGION_ETSI && - ieee80211_is_dfs(bss->freq, modes, num_modes)) + ieee80211_is_dfs(bss->flink->freq, modes, num_modes)) offchanok = 0; if (modes) { for (i = 0; i < num_modes; i++) { @@ -8646,7 +8668,7 @@ static int wpa_driver_nl80211_send_action(struct i802_bss *bss, if (is_ap_interface(drv->nlmode) && (!(drv->capa.flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) || - (int) freq == bss->freq || drv->device_ap_sme || + (int)freq == bss->flink->freq || drv->device_ap_sme || !drv->use_monitor)) ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len, 0, freq, no_cck, offchanok, @@ -10203,8 +10225,8 @@ static int wpa_driver_nl80211_status(void *priv, char *buf, size_t buflen) bss->ifname, bss->brname, MAC2STR(bss->addr), - bss->freq, - bss->beacon_set ? "beacon_set=1\n" : "", + bss->flink->freq, + bss->flink->beacon_set ? "beacon_set=1\n" : "", bss->added_if_into_bridge ? "added_if_into_bridge=1\n" : "", bss->already_in_bridge ? "already_in_bridge=1\n" : "", @@ -11265,7 +11287,7 @@ static int nl80211_join_mesh(struct i802_bss *bss, goto fail; } ret = 0; - drv->assoc_freq = bss->freq = params->freq.freq; + drv->assoc_freq = bss->flink->freq = params->freq.freq; wpa_printf(MSG_DEBUG, "nl80211: mesh join request send successfully"); fail: @@ -11321,7 +11343,7 @@ static int wpa_driver_nl80211_leave_mesh(void *priv) } else { wpa_printf(MSG_DEBUG, "nl80211: mesh leave request send successfully"); - drv->first_bss->freq = 0; + drv->first_bss->flink->freq = 0; } if (drv->start_mode_sta && diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h index a6cb14c5ac..45fa36a6ff 100644 --- a/src/drivers/driver_nl80211.h +++ b/src/drivers/driver_nl80211.h @@ -49,15 +49,31 @@ struct nl80211_wiphy_data { int wiphy_idx; }; +#define NL80211_DRV_LINK_ID_NA (-1) + +struct i802_link { + unsigned int beacon_set:1; + + s8 link_id; + int freq; + int bandwidth; + u8 addr[ETH_ALEN]; + void *ctx; +}; + struct i802_bss { struct wpa_driver_nl80211_data *drv; struct i802_bss *next; + + size_t n_links; + struct i802_link links[MAX_NUM_MLD_LINKS]; + struct i802_link *flink; + int ifindex; int br_ifindex; u64 wdev_id; char ifname[IFNAMSIZ + 1]; char brname[IFNAMSIZ]; - unsigned int beacon_set:1; unsigned int added_if_into_bridge:1; unsigned int already_in_bridge:1; unsigned int added_bridge:1; @@ -70,8 +86,6 @@ struct i802_bss { u8 addr[ETH_ALEN]; u8 prev_addr[ETH_ALEN]; - int freq; - int bandwidth; int if_dynamic; void *ctx; diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c index 29613161b9..3469db1c7e 100644 --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c @@ -327,7 +327,7 @@ static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv, } event.assoc_info.freq = drv->assoc_freq; - drv->first_bss->freq = drv->assoc_freq; + drv->first_bss->flink->freq = drv->assoc_freq; nl80211_parse_wmm_params(wmm, &event.assoc_info.wmm_params); @@ -852,7 +852,7 @@ static void mlme_event_connect(struct wpa_driver_nl80211_data *drv, } event.assoc_info.freq = nl80211_get_assoc_freq(drv); - drv->first_bss->freq = drv->assoc_freq; + drv->first_bss->flink->freq = drv->assoc_freq; if ((!ssid || ssid[1] == 0 || ssid[1] > 32) && (ssid_len = nl80211_get_assoc_ssid(drv, drv->ssid)) > 0) { @@ -1057,7 +1057,7 @@ static void mlme_event_ch_switch(struct wpa_driver_nl80211_data *drv, data.ch_switch.cf2 = nla_get_u32(cf2); if (finished) - bss->freq = data.ch_switch.freq; + bss->flink->freq = data.ch_switch.freq; if (link) { u8 link_id = nla_get_u8(link); @@ -1569,7 +1569,7 @@ static void mlme_event_join_ibss(struct wpa_driver_nl80211_data *drv, if (freq) { wpa_printf(MSG_DEBUG, "nl80211: IBSS on frequency %u MHz", freq); - drv->first_bss->freq = freq; + drv->first_bss->flink->freq = freq; } os_memset(&event, 0, sizeof(event)); From patchwork Wed Feb 15 23:08:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743140 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=G0jXN/pu; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=XzHRHd3O; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDML2yFkz23yD for ; Thu, 16 Feb 2023 10:10:38 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=5yE05VKeS32E5iKYm/ah8qxs3e9sxeZfvaXF7qHV204=; b=G0jXN/puaad7aT 725jvU9WKwahcQ/OJr1V+7T8faWfZIqAWQ2nmRkWLT5XSABHRijy1aminjcZZhDx8vPdCxBg7FCH9 CJbkMP6nchSjMRkKu/0zCGu5bGtY+lOgTk8Taz40XOEWJ5W1/HDBSZ11mBruPqqspwVpTNdCltSJQ HRHf2YrbWl/tRx/AMaXFP0xaMGskQraMmA74LULzFOg3Pk6YIyFuBJP7U5SF6VR3DqMmYEYVntpLt Pdq88dIjAMH5ioVzKJUdastKdaKIaMJK6nGv6RLxB15rCLghagLGeT1ipaSYPMv15CAlHUZGmI3EL wgL3tcYn0fpzsNPW8V6A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQu3-007lI9-Bc; Wed, 15 Feb 2023 23:09:31 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQty-007lDw-VN for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:28 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502566; x=1708038566; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=TGRowmjVtSWlOA6jsCdWrCvFqYfhkjIDaRlPlHDJowo=; b=XzHRHd3OqA9QwHfEj8G+RLS7gkJDJVXXdhyNC6tiHTWPrBdpjcZLpP0X fZHBYI0oHaypz8gnu80m9PauGxk0uUfAa87bVucT9VpEu8cJhhKiOphRp BqF5MUMcSvc/864acWX90ITMjzg0NXsOq4lRZ0J6JGTvRjDISDLEFWMgH zoOM/MsGmZgQi82Z9cHjqrZ7tf6ycvNlimh0jRMIsiINnQm8xbHUMWGAy yBAMHbmnWOIOVeuoU71MC3aEkbJV6CJGxIdK11LtOV8rWpxp//UNvGk20 AI0cISbMHwM3nG9PNu87FFLsA+bKJlcsIA3YvXofMwoeCuT4nW/pZEsN7 Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719571" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719571" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:25 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344126" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344126" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:23 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 02/50] driver_nl80211: Introduce and implement a callback to add MLO link Date: Thu, 16 Feb 2023 01:08:16 +0200 Message-Id: <20230215230904.933291-3-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150927_137273_5FBAEDD4 X-CRM114-Status: GOOD ( 18.32 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Add a driver callback to add a link to an AP interface. As the kernel removes all links on underline interface removal, there is currently no need to support individual link removal. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Add a driver callback to add a link to an AP interface. As the kernel removes all links on underline interface removal, there is currently no need to support individual link removal. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/drivers/driver.h | 9 +++++ src/drivers/driver_nl80211.c | 71 ++++++++++++++++++++++++++++++++++++ 2 files changed, 80 insertions(+) diff --git a/src/drivers/driver.h b/src/drivers/driver.h index cb27282aa5..a2bea930f9 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -4952,6 +4952,15 @@ struct wpa_driver_ops { const u8 *match, size_t match_len, bool multicast); #endif /* CONFIG_TESTING_OPTIONS */ + + /** + * link_add - Add a link to the interface + * @priv: Private driver interface data + * @link_id: The link ID + * @addr: The address to use for the link + * Returns: 0 on success, negative value on failure + */ + int (*link_add)(void *priv, u8 link_id, const u8 *addr); }; /** diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index a3b4ab8ea4..9a517aaa25 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -13095,6 +13095,76 @@ static int testing_nl80211_radio_disable(void *priv, int disabled) #endif /* CONFIG_TESTING_OPTIONS */ +static int nl80211_link_add(void *priv, u8 link_id, const u8 *addr) +{ + struct i802_bss *bss = priv; + struct wpa_driver_nl80211_data *drv = bss->drv; + struct nl_msg *msg; + u32 idx, i; + int ret; + + wpa_printf(MSG_DEBUG, "nl80211: MLD: add link_id=%u, addr=" MACSTR, + link_id, MAC2STR(addr)); + + if (drv->nlmode != NL80211_IFTYPE_AP) { + wpa_printf(MSG_DEBUG, + "nl80211: MLD: cannot add link to iftype=%u", + drv->nlmode); + return -EINVAL; + } + + if (bss->n_links >= MAX_NUM_MLD_LINKS) { + wpa_printf(MSG_DEBUG, "nl80211: MLD: already have n_links=%zu", + bss->n_links); + return -EINVAL; + } + + for (i = 0; i < bss->n_links; i++) { + if (bss->links[i].link_id == link_id && + bss->links[i].beacon_set) { + wpa_printf(MSG_DEBUG, + "nl80211: MLD: link already set"); + return -EINVAL; + } + } + + /* try using the first link entry, assuming it is not beaconing yet */ + if (bss->n_links == 1 && + bss->flink->link_id == NL80211_DRV_LINK_ID_NA) { + if (bss->flink->beacon_set) { + wpa_printf(MSG_DEBUG, "nl80211: BSS already beaconing"); + return -EINVAL; + } + + idx = 0; + } else { + idx = bss->n_links; + } + + msg = nl80211_drv_msg(drv, 0, NL80211_CMD_ADD_LINK); + if (!msg || + nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id) || + nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { + nlmsg_free(msg); + return -ENOBUFS; + } + + ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); + if (ret) { + wpa_printf(MSG_DEBUG, "nl80211: add link failed. ret=%d (%s)", + ret, strerror(-ret)); + return ret; + } + + bss->links[idx].link_id = link_id; + os_memcpy(bss->links[idx].addr, addr, ETH_ALEN); + + bss->n_links = idx + 1; + + wpa_printf(MSG_DEBUG, "nl80211: MLD: n_links=%zu", bss->n_links); + return 0; +} + const struct wpa_driver_ops wpa_driver_nl80211_ops = { .name = "nl80211", .desc = "Linux nl80211/cfg80211", @@ -13246,4 +13316,5 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = { .register_frame = testing_nl80211_register_frame, .radio_disable = testing_nl80211_radio_disable, #endif /* CONFIG_TESTING_OPTIONS */ + .link_add = nl80211_link_add, }; From patchwork Wed Feb 15 23:08:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743142 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=vh2RS0NU; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=Orn0/f4S; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDMp63kHz23yD for ; Thu, 16 Feb 2023 10:11:02 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=I2nMIHY0ZpUtZUxzB8EUZTG0JgUe4FaZyotpYK1Khok=; b=vh2RS0NUCkMPXX bV68OM5Mf+Hcticq4qHWaFjB9ITd+cqnC9xqfk8FG6BrN7AvzCeNwJNyuz6K9CI7rz44zWQMqLn+9 2/aP36LY5dWg1+vRY4nKjrDWMjhgoNZvv8C1oAudhc53zTnTWefarNmHISsh1DrVKHSM5Jabi+Ykm BrSwQuYegyDlv9hP3+vJx5iK4KWawlf2+ScoauQ+3YXe2V3uAHRTTsIv6n0NeFBIcr3lTITapW5CN gWYIo6qei5O84WCfcyWNU4sXl78RFUy5gNc83Mn7G4FCRQf7qTQzc+3zZSlV8a7c+lSodjRzeoERW g1zV7Qz/NQCssbKWbfcw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuK-007lPB-79; Wed, 15 Feb 2023 23:09:48 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQu0-007lDw-Ju for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:29 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502568; x=1708038568; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=kzWWJCA/hDa5quA8Z4bIT+BkW1NRiCaQz/hqPmlDhZY=; b=Orn0/f4Sr5SdGEn3PwxTzRW5PA7aQRFkAiDimSo88PdYHQuB48AFJ8ug RrMvn7kMKrM8Ok9tNBsTB1p24/u9+y30M0V1keU0kusdi2tOd4cXETWTc zLUd7Q9heUbIpnPeMp67sfZW9KOias3XYHeZUuduuUGWKpWu/YqhsH/To pr0VcSLYyr2x84sJtOmYT3ddPi+thh24Po0lCDI0LawHFD2BhONz4vUMh MR7aNy5YR1mWEGQMzFe9Y7xUSCJhTsV0PCnF7O8VQztJBfUmcVKQY+C6s ICjwyfe7h0mWqACpVU8D+UtAaL76YsgNkn9PG2CAa+xiQOPh+rwgJ9MMT A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719574" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719574" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:26 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344131" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344131" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:25 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH 03/50] driver: Add MLD link id to AP parameters Date: Thu, 16 Feb 2023 01:08:17 +0200 Message-Id: <20230215230904.933291-4-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150928_763636_BC75DB11 X-CRM114-Status: GOOD ( 10.96 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: To be used in later patches, e.g., for link tracking etc. Signed-off-by: Andrei Otcheretianski Signed-off-by: Ilan Peer --- src/ap/beacon.c | 8 ++++++++ src/drivers/driver.h | 10 ++++++++++ 2 files chan [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org To be used in later patches, e.g., for link tracking etc. Signed-off-by: Andrei Otcheretianski Signed-off-by: Ilan Peer --- src/ap/beacon.c | 8 ++++++++ src/drivers/driver.h | 10 ++++++++++ 2 files changed, 18 insertions(+) diff --git a/src/ap/beacon.c b/src/ap/beacon.c index dbc6b062b8..14cde4c584 100644 --- a/src/ap/beacon.c +++ b/src/ap/beacon.c @@ -1974,6 +1974,14 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, } } +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && hapd->iconf->ieee80211be && + !hapd->conf->disable_11be) { + params->mld_ap = true; + params->mld_link_id = hapd->conf->mld_link_id; + } +#endif /* CONFIG_IEEE80211BE */ + return 0; } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index a2bea930f9..3c5f41b087 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -1724,6 +1724,16 @@ struct wpa_driver_ap_params { * ema - Enhanced MBSSID advertisements support. */ bool ema; + + /** + * MLD AP + */ + bool mld_ap; + + /** + * Link id for MLD BSS's + */ + u8 mld_link_id; }; struct wpa_driver_mesh_bss_params { From patchwork Wed Feb 15 23:08:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743144 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=4CgQlCc8; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=BfS6nJez; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDMv2Fxgz23yD for ; Thu, 16 Feb 2023 10:11:07 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=erNgEOmQU8zVvDkws+vsQhXufs4hQirb2bidhZsGx6U=; b=4CgQlCc8M04c0p BLxQLKpvexmuigbH+PZvZNaYxJrtUsTRn0AwamU2gHwZS898E9zEbrYgJd41IPP783KHeamW8Bw2I i5DIvQtk1H8XtalZ/r/Ig1uTmxD1Qw05kEEg/GYUN/YneBuOXeL7uIQg7EmsF4arTNTzJnKdm8KiR cR8XJKLFYELlHHjjM5+UxvvhUzUg3xw7j31ITXUJmndqj/Is7dKnlBeuU2FPBqNE2Y6g8fQF+bg1O I/MbyW4GMimrNwB6hqwSL6NzIJOOy2lsHJz0P/g4IFH1xo/fTA7utvHgduyMqQbkugy4BKXnThLko qYQ7yJgtWTTKv3n+Ihpw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuS-007lRi-AI; Wed, 15 Feb 2023 23:09:56 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQu0-007lDo-Sj for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:30 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502568; x=1708038568; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=qPKrXPWDNIbs9hpHkSqB9UPLo1TBIDmMxCMvUDdTCRI=; b=BfS6nJezYVUfFQme0oeA5xkVMkOuebO480R0pJn3VjfIo+oMJcDfnPb0 ZCG9ij3VuXEYXll4MPpxG9wslm7oHOOsFUEjrNaNxOoFRIFYk/z5cYwPc j3/2cFkikdL4d8ZKYmpU2emJxewdln0p30C1LCHe3LNiRCd7Tyj6Z0MWy GYzMg8siSmHF4BtZBygdBDqbAPWjtIpQ1qLGxRvJkcFMPol1C+LSkZSjG QvdEszCNcJN2c0MyKoYxf6Z0EV7qLf03yzXLBdufP1TzzfXssptHxmHag iqwyPCf+5Zp/DR8DD4/jtAb6tAKryFLS+Xo9SFMsizGRof6Te9PgdtAUh g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719576" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719576" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:28 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344135" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344135" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:26 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 04/50] driver: Allow to provide a link ID when setting a channel Date: Thu, 16 Feb 2023 01:08:18 +0200 Message-Id: <20230215230904.933291-5-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150928_995919_88E702B8 X-CRM114-Status: GOOD ( 19.22 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer This includes: - Modifications of the driver API, to include the link ID as part of 'struct hostapd_freq_params'. - Modifications to nl80211 driver. - Modifications for the driver wrappers. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer This includes: - Modifications of the driver API, to include the link ID as part of 'struct hostapd_freq_params'. - Modifications to nl80211 driver. - Modifications for the driver wrappers. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 9 ++++++ src/drivers/driver.h | 5 ++++ src/drivers/driver_nl80211.c | 58 ++++++++++++++++++++++++++++++++++-- wpa_supplicant/driver_i.h | 7 +++++ 4 files changed, 76 insertions(+), 3 deletions(-) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index 1ffc37ff33..bd2cf7cea5 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -583,6 +583,15 @@ int hostapd_set_freq(struct hostapd_data *hapd, enum hostapd_hw_mode mode, return 0; if (hapd->driver->set_freq == NULL) return 0; + + data.link_id = -1; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + data.link_id = hapd->conf->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ + + wpa_printf(MSG_DEBUG, "hostapd_set_freq: link_id=%d", data.link_id); return hapd->driver->set_freq(hapd->drv_priv, &data); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 3c5f41b087..f2595b02a6 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -835,6 +835,11 @@ struct hostapd_freq_params { * eht_enabled - Whether EHT is enabled */ bool eht_enabled; + + /** + * if >=0 indicates the link of the MLD AP to configure. + */ + int link_id; }; /** diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 9a517aaa25..ea7d8bdf44 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -199,8 +199,6 @@ static int nl80211_put_mesh_config(struct nl_msg *msg, #endif /* CONFIG_MESH */ static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr, u16 reason); - - /* Converts nl80211_chan_width to a common format */ enum chan_width convert2width(int width) { @@ -4075,6 +4073,29 @@ int wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data *drv) } +static struct i802_link *nl80211_get_link(struct i802_bss *bss, s8 link_id) +{ + unsigned int i; + + for (i = 0; i < bss->n_links; i++) { + if (bss->links[i].link_id != link_id) + continue; + + return &bss->links[i]; + } + + return bss->flink; +} + + +static void nl80211_link_set_freq(struct i802_bss *bss, s8 link_id, int freq) +{ + struct i802_link *link = nl80211_get_link(bss, link_id); + + link->freq = freq; +} + + static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, size_t data_len, int noack, unsigned int freq, int no_cck, @@ -5161,6 +5182,26 @@ static int nl80211_put_freq_params(struct nl_msg *msg, return 0; } +static bool nl80211_link_valid(struct i802_bss *bss, s8 link_id) +{ + u32 i; + + if (link_id < 0) + return false; + + for (i = 0; i < bss->n_links; i++) { + wpa_printf(MSG_DEBUG, "nl80211: i=%u, link_Id=%u", + i, bss->links[i].link_id); + if (bss->links[i].link_id == NL80211_DRV_LINK_ID_NA) + continue; + + if (bss->links[i].link_id == link_id) + return true; + } + + return false; +} + static int nl80211_set_channel(struct i802_bss *bss, struct hostapd_freq_params *freq, int set_chan) @@ -5182,9 +5223,20 @@ static int nl80211_set_channel(struct i802_bss *bss, return -1; } + if (nl80211_link_valid(bss, freq->link_id)) { + wpa_printf(MSG_DEBUG, "nl80211: Set link_id=%u for freq", + freq->link_id); + + if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, + freq->link_id)) { + nlmsg_free(msg); + return -ENOBUFS; + } + } + ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); if (ret == 0) { - bss->flink->freq = freq->freq; + nl80211_link_set_freq(bss, freq->link_id, freq->freq); return 0; } wpa_printf(MSG_DEBUG, "nl80211: Failed to set channel (freq=%d): " diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index 5dd2a514cc..7fc9b270a8 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -60,6 +60,9 @@ static inline int wpa_drv_associate(struct wpa_supplicant *wpa_s, struct wpa_driver_associate_params *params) { if (wpa_s->driver->associate) { + if (params) + params->freq.link_id = -1; + return wpa_s->driver->associate(wpa_s->drv_priv, params); } return -1; @@ -1087,6 +1090,10 @@ static inline int wpa_drv_update_connect_params( { if (!wpa_s->driver->update_connect_params) return -1; + + if (params) + params->freq.link_id = -1; + return wpa_s->driver->update_connect_params(wpa_s->drv_priv, params, mask); } From patchwork Wed Feb 15 23:08:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743143 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=VWxADsaY; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=ZZgxi4kL; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDMr37Njz23yD for ; Thu, 16 Feb 2023 10:11:04 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=Iw+dOdHK2RQV0fmJ8Zpr6IDqFtIAaL7EPdDwMNsbf78=; b=VWxADsaYqJ8y7F J6y0vhnNg0zL77X52g/HX6fjQGOvuo6GiAhwrsXu8qA0AI/gdE2R2mUE/HmlTAeU4QbOlJw8/aPzF CDHoX1zf8zjnFo/hEqEDe1198CDPcIumigMsoCoJwbSn71sy63IOHCeph8aZTHjwbZI8sicQn/kUr 0rbc8PdduTuvZk1OYC/gYMhLV0OqYEZxshawIKmculD7iVubl2BOmq3iYVP+nynuMP0T5BRmF3WvD LXZseBpYk9MKnF6g9jM2U9PZYSSjphdMtviPkmta3CvVQTZ3C8lXo9uEld68WEVfJVfJfkIZDiooO +JJY9RGGKhG3A38toL8A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQul-007lZ9-B0; Wed, 15 Feb 2023 23:10:15 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQu2-007lDw-5W for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:31 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502570; x=1708038570; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ApDIDoHFXRRLFAVrTEjx9vIykHE+Fu1a2+bNRQG2w8s=; b=ZZgxi4kL509I+g0yyCgDL39eWQNG64HdH7AiM6RYYReTn2zfQLMob1G1 +M2+9Q1VZqiZxWjWwgTjQRXT0pkMAh6K+sIdEqiW5hg+W3Z0SCfAXyyvI iBVM49xRjKroyaoHwFDFvUY+cjZB1OxMCipH2rfCvN1Jre7kcY8rXGB06 QRQa3dotejekiOBdeBc+9vi6NhKP7TPjy+rzQMhEjYW+gCxKeqOm6gdpq GdF6W9g2ykRa/eH3WB7ZIfxUBaQ2Yb1/LAil0/76GD0wjtsIq03lEANw8 zSYL5DhZIs4vyJyIsUnDbKBKsWmkVjaEeLMl9CAfYtbx65fqYg171jbeF Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719578" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719578" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:29 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344140" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344140" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:28 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 05/50] driver_nl80211: Provide link_id in EAPOL_RX and RX_MGMT events Date: Thu, 16 Feb 2023 01:08:19 +0200 Message-Id: <20230215230904.933291-6-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150930_274370_A785523F X-CRM114-Status: GOOD ( 12.61 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- src/drivers/driver.h | 14 ++++++++++-- src/drivers/driver_nl80211_event.c | 34 +++++++++++++++++++++++------- 2 files changed [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- src/drivers/driver.h | 14 ++++++++++-- src/drivers/driver_nl80211_event.c | 34 +++++++++++++++++++++++------- 2 files changed, 38 insertions(+), 10 deletions(-) diff --git a/src/drivers/driver.h b/src/drivers/driver.h index f2595b02a6..0f225929ab 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -6111,6 +6111,12 @@ union wpa_event_data { * ssi_signal - Signal strength in dBm (or 0 if not available) */ int ssi_signal; + + /** + * link_id - MLO link on which the frame was received or -1 for + * non MLD. + */ + int link_id; } rx_mgmt; /** @@ -6211,6 +6217,7 @@ union wpa_event_data { const u8 *data; size_t data_len; enum frame_encryption encrypted; + int link_id; } eapol_rx; /** @@ -6565,12 +6572,14 @@ static inline void drv_event_eapol_rx(void *ctx, const u8 *src, const u8 *data, event.eapol_rx.data = data; event.eapol_rx.data_len = data_len; event.eapol_rx.encrypted = FRAME_ENCRYPTION_UNKNOWN; + event.eapol_rx.link_id = -1; wpa_supplicant_event(ctx, EVENT_EAPOL_RX, &event); } static inline void drv_event_eapol_rx2(void *ctx, const u8 *src, const u8 *data, - size_t data_len, - enum frame_encryption encrypted) + size_t data_len, + enum frame_encryption encrypted, + int link_id) { union wpa_event_data event; os_memset(&event, 0, sizeof(event)); @@ -6578,6 +6587,7 @@ static inline void drv_event_eapol_rx2(void *ctx, const u8 *src, const u8 *data, event.eapol_rx.data = data; event.eapol_rx.data_len = data_len; event.eapol_rx.encrypted = encrypted; + event.eapol_rx.link_id = link_id; wpa_supplicant_event(ctx, EVENT_EAPOL_RX, &event); } diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c index 3469db1c7e..4b70c3fcb6 100644 --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c @@ -1111,7 +1111,8 @@ static void mlme_timeout_event(struct wpa_driver_nl80211_data *drv, static void mlme_event_mgmt(struct i802_bss *bss, struct nlattr *freq, struct nlattr *sig, - const u8 *frame, size_t len) + const u8 *frame, size_t len, + int link_id) { struct wpa_driver_nl80211_data *drv = bss->drv; const struct ieee80211_mgmt *mgmt; @@ -1149,6 +1150,8 @@ static void mlme_event_mgmt(struct i802_bss *bss, event.rx_mgmt.frame_len = len; event.rx_mgmt.ssi_signal = ssi_signal; event.rx_mgmt.drv_priv = bss; + event.rx_mgmt.link_id = link_id; + wpa_supplicant_event(drv->ctx, EVENT_RX_MGMT, &event); } @@ -1403,12 +1406,14 @@ static void mlme_event(struct i802_bss *bss, struct nlattr *addr, struct nlattr *timed_out, struct nlattr *freq, struct nlattr *ack, struct nlattr *cookie, struct nlattr *sig, - struct nlattr *wmm, struct nlattr *req_ie) + struct nlattr *wmm, struct nlattr *req_ie, + struct nlattr *link) { struct wpa_driver_nl80211_data *drv = bss->drv; u16 stype = 0, auth_type = 0; const u8 *data; size_t len; + int link_id; if (timed_out && addr) { mlme_timeout_event(drv, cmd, addr); @@ -1422,6 +1427,11 @@ static void mlme_event(struct i802_bss *bss, return; } + if (link) + link_id = nla_get_u8(link); + else + link_id = -1; + data = nla_data(frame); len = nla_len(frame); if (len < 4 + 2 * ETH_ALEN) { @@ -1432,10 +1442,10 @@ static void mlme_event(struct i802_bss *bss, return; } wpa_printf(MSG_MSGDUMP, "nl80211: MLME event %d (%s) on %s(" MACSTR - ") A1=" MACSTR " A2=" MACSTR, cmd, + ") A1=" MACSTR " A2=" MACSTR " on link_id=%d", cmd, nl80211_command_to_string(cmd), bss->ifname, MAC2STR(bss->addr), MAC2STR(data + 4), - MAC2STR(data + 4 + ETH_ALEN)); + MAC2STR(data + 4 + ETH_ALEN), link_id); /* PASN Authentication frame can be received with a different source MAC * address. Allow NL80211_CMD_FRAME event with foreign addresses also. @@ -1489,7 +1499,7 @@ static void mlme_event(struct i802_bss *bss, break; case NL80211_CMD_FRAME: mlme_event_mgmt(bss, freq, sig, nla_data(frame), - nla_len(frame)); + nla_len(frame), link_id); break; case NL80211_CMD_FRAME_TX_STATUS: mlme_event_mgmt_tx_status(drv, cookie, nla_data(frame), @@ -3269,6 +3279,7 @@ static void nl80211_control_port_frame(struct wpa_driver_nl80211_data *drv, u8 *src_addr; u16 ethertype; enum frame_encryption encrypted; + int link_id; if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_FRAME] || @@ -3280,6 +3291,11 @@ static void nl80211_control_port_frame(struct wpa_driver_nl80211_data *drv, encrypted = nla_get_flag(tb[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]) ? FRAME_NOT_ENCRYPTED : FRAME_ENCRYPTED; + if (tb[NL80211_ATTR_MLO_LINK_ID]) + link_id = nla_get_u8(tb[NL80211_ATTR_MLO_LINK_ID]); + else + link_id = -1; + switch (ethertype) { case ETH_P_RSN_PREAUTH: wpa_printf(MSG_INFO, "nl80211: Got pre-auth frame from " @@ -3290,7 +3306,7 @@ static void nl80211_control_port_frame(struct wpa_driver_nl80211_data *drv, drv_event_eapol_rx2(drv->ctx, src_addr, nla_data(tb[NL80211_ATTR_FRAME]), nla_len(tb[NL80211_ATTR_FRAME]), - encrypted); + encrypted, link_id); break; default: wpa_printf(MSG_INFO, @@ -3540,7 +3556,8 @@ static void do_process_drv_event(struct i802_bss *bss, int cmd, tb[NL80211_ATTR_COOKIE], tb[NL80211_ATTR_RX_SIGNAL_DBM], tb[NL80211_ATTR_STA_WME], - tb[NL80211_ATTR_REQ_IE]); + tb[NL80211_ATTR_REQ_IE], + tb[NL80211_ATTR_MLO_LINK_ID]); break; case NL80211_CMD_CONNECT: case NL80211_CMD_ROAM: @@ -3766,7 +3783,8 @@ int process_bss_event(struct nl_msg *msg, void *arg) tb[NL80211_ATTR_WIPHY_FREQ], tb[NL80211_ATTR_ACK], tb[NL80211_ATTR_COOKIE], tb[NL80211_ATTR_RX_SIGNAL_DBM], - tb[NL80211_ATTR_STA_WME], NULL); + tb[NL80211_ATTR_STA_WME], NULL, + tb[NL80211_ATTR_MLO_LINK_ID]); break; case NL80211_CMD_UNEXPECTED_FRAME: nl80211_spurious_frame(bss, tb, 0); From patchwork Wed Feb 15 23:08:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743146 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=RJ7bOmpE; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=B8bPA3NR; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDN51nQ2z23yD for ; Thu, 16 Feb 2023 10:11:17 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=SSSe2F8kGZ1a+qFpP5/VvDsdlWqjwPCOhqsTpAoH0lI=; b=RJ7bOmpEOCW/pT NOO8bjBKtq0KAzNYKY+GeOb6nht7SQLmhOUuvrSQOlEAbEoxQHuDON2ULetqnC+jj/Q+6hHGtqVmU dDA8LKgvSHccr5FTtKtvUBJStdAOsZ7EnmfE0yNIO0tSbVmLi4qaL4dGWUlvFQ8sWf7yoom6iI8c2 //fNhSidYBSoaUGbnJkJWedNR7X+byt5vWBI2PyZ51PStwVuvnN+SzslOBVsHzScItNTeKixIgLbR S1mCL+C1MGJfxGZ8+KmnKLwq8n0T+liQVlA87/WtzGB5Yl4ZstZRYTCLYJk/BDYmo8asXO+QUbksa zgEFDjCGQdlAUE1ujUJw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuy-007leh-NR; Wed, 15 Feb 2023 23:10:28 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQu4-007lDw-1T for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502572; x=1708038572; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=O7CIMWgZitwiN5jTOQnP4Q6YHg+L+AMVHHlpLOTvVkg=; b=B8bPA3NRyscr2axV11BDdBEnhY4wStsYyYAS/84bYwXv/BmNVoNhdgHo kt3rTu13BbpuAxdQTcR2Z14/VFXqJNz0l9SXWIuXYNZ+LLAlzmxseQFzW RXyLjqrxI/TE2r+blU9b6Lp+CWe8lIM6TEXXQiws8gA/uX3K2Nvz92VXm BlJZ+b+9g9WU4T54DQAdHU6q8i91Qal9WswRibyT+a57UJTZ2DXjDSKNO rutXgXqP8FwxB/dPX2EjvDRQBYBwd82I6wojfbXSK3PreT6nEreUuV6JC +gFZyEK0I8ouZVrtQa5HZ53GW1yU77SamLvSKJWg+E6n8T1cNoWSl/TLH A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719581" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719581" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:31 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344145" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344145" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:30 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 06/50] driver_nl80211: Support setting up an AP on a specified link Date: Thu, 16 Feb 2023 01:08:20 +0200 Message-Id: <20230215230904.933291-7-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150932_154337_CFC08E8A X-CRM114-Status: GOOD ( 18.40 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 258 ++++++++++++++++++++ 1 file changed, 147 insertions(+), 111 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index ea7d8bdf44..282b61b673 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4711,11 +4711,118 [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 258 ++++++++++++++++++++--------------- 1 file changed, 147 insertions(+), 111 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index ea7d8bdf44..282b61b673 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4711,11 +4711,118 @@ static int nl80211_mbssid(struct nl_msg *msg, #endif /* CONFIG_IEEE80211AX */ +static int nl80211_put_freq_params(struct nl_msg *msg, + const struct hostapd_freq_params *freq) +{ + enum hostapd_hw_mode hw_mode; + int is_24ghz; + u8 channel; + + wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq); + if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq)) + return -ENOBUFS; + + wpa_printf(MSG_DEBUG, " * eht_enabled=%d", freq->eht_enabled); + wpa_printf(MSG_DEBUG, " * he_enabled=%d", freq->he_enabled); + wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled); + wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled); + wpa_printf(MSG_DEBUG, " * radar_background=%d", + freq->radar_background); + + hw_mode = ieee80211_freq_to_chan(freq->freq, &channel); + is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G || + hw_mode == HOSTAPD_MODE_IEEE80211B; + + if (freq->vht_enabled || + ((freq->he_enabled || freq->eht_enabled) && !is_24ghz)) { + enum nl80211_chan_width cw; + + wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth); + switch (freq->bandwidth) { + case 20: + cw = NL80211_CHAN_WIDTH_20; + break; + case 40: + cw = NL80211_CHAN_WIDTH_40; + break; + case 80: + if (freq->center_freq2) + cw = NL80211_CHAN_WIDTH_80P80; + else + cw = NL80211_CHAN_WIDTH_80; + break; + case 160: + cw = NL80211_CHAN_WIDTH_160; + break; + case 320: + cw = NL80211_CHAN_WIDTH_320; + break; + default: + return -EINVAL; + } + + wpa_printf(MSG_DEBUG, " * channel_width=%d", cw); + wpa_printf(MSG_DEBUG, " * center_freq1=%d", + freq->center_freq1); + wpa_printf(MSG_DEBUG, " * center_freq2=%d", + freq->center_freq2); + if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) || + nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, + freq->center_freq1) || + (freq->center_freq2 && + nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, + freq->center_freq2))) + return -ENOBUFS; + } else if (freq->ht_enabled) { + enum nl80211_channel_type ct; + + wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d", + freq->sec_channel_offset); + switch (freq->sec_channel_offset) { + case -1: + ct = NL80211_CHAN_HT40MINUS; + break; + case 1: + ct = NL80211_CHAN_HT40PLUS; + break; + default: + ct = NL80211_CHAN_HT20; + break; + } + + wpa_printf(MSG_DEBUG, " * channel_type=%d", ct); + if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct)) + return -ENOBUFS; + } else if (freq->edmg.channels && freq->edmg.bw_config) { + wpa_printf(MSG_DEBUG, + " * EDMG configuration: channels=0x%x bw_config=%d", + freq->edmg.channels, freq->edmg.bw_config); + if (nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_CHANNELS, + freq->edmg.channels) || + nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_BW_CONFIG, + freq->edmg.bw_config)) + return -1; + } else { + wpa_printf(MSG_DEBUG, " * channel_type=%d", + NL80211_CHAN_NO_HT); + if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, + NL80211_CHAN_NO_HT)) + return -ENOBUFS; + } + if (freq->radar_background && + nla_put_flag(msg, NL80211_ATTR_RADAR_BACKGROUND)) + return -ENOBUFS; + + return 0; +} + + static int wpa_driver_nl80211_set_ap(void *priv, struct wpa_driver_ap_params *params) { struct i802_bss *bss = priv; struct wpa_driver_nl80211_data *drv = bss->drv; + struct i802_link *link = bss->flink; struct nl_msg *msg; u8 cmd = NL80211_CMD_NEW_BEACON; int ret = -ENOBUFS; @@ -4727,10 +4834,27 @@ static int wpa_driver_nl80211_set_ap(void *priv, struct wpa_driver_mesh_bss_params mesh_params; #endif /* CONFIG_MESH */ - beacon_set = params->reenable ? 0 : bss->flink->beacon_set; + if (params->mld_ap) { + size_t i; + + for (i = 0; i < bss->n_links; i++) { + if (bss->links[i].link_id == params->mld_link_id) { + link = &bss->links[i]; + break; + } + } + + if (i == bss->n_links) { + wpa_printf(MSG_DEBUG, "nl80211: link not found=%u", + params->mld_link_id); + return -EINVAL; + } + } + beacon_set = params->reenable ? 0 : link->beacon_set; wpa_printf(MSG_DEBUG, "nl80211: Set beacon (beacon_set=%d)", beacon_set); + if (beacon_set) cmd = NL80211_CMD_SET_BEACON; else if (!drv->device_ap_sme && !drv->use_monitor && @@ -4759,6 +4883,23 @@ static int wpa_driver_nl80211_set_ap(void *priv, nl80211_put_dtim_period(msg, params->dtim_period) || nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) goto fail; + + if (params->mld_ap) { + wpa_printf(MSG_DEBUG, "nl80211: link_id=%u", + params->mld_link_id); + + if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, + params->mld_link_id)) + goto fail; + + if (params->freq && + nl80211_put_freq_params(msg, params->freq) < 0) + goto fail; + + nl80211_link_set_freq(bss, params->mld_link_id, + params->freq->freq); + } + if (params->proberesp && params->proberesp_len) { wpa_hexdump(MSG_DEBUG, "nl80211: proberesp (offload)", params->proberesp, params->proberesp_len); @@ -5027,17 +5168,17 @@ static int wpa_driver_nl80211_set_ap(void *priv, wpa_printf(MSG_DEBUG, "nl80211: Beacon set failed: %d (%s)", ret, strerror(-ret)); } else { - bss->flink->beacon_set = 1; + link->beacon_set = 1; nl80211_set_bss(bss, params->cts_protect, params->preamble, params->short_slot_time, params->ht_opmode, params->isolate, params->basic_rates); nl80211_set_multicast_to_unicast(bss, params->multicast_to_unicast); if (beacon_set && params->freq && - params->freq->bandwidth != bss->flink->bandwidth) { + params->freq->bandwidth != link->bandwidth) { wpa_printf(MSG_DEBUG, "nl80211: Update BSS %s bandwidth: %d -> %d", - bss->ifname, bss->flink->bandwidth, + bss->ifname, link->bandwidth, params->freq->bandwidth); ret = nl80211_set_channel(bss, params->freq, 1); if (ret) { @@ -5047,7 +5188,7 @@ static int wpa_driver_nl80211_set_ap(void *priv, } else { wpa_printf(MSG_DEBUG, "nl80211: Frequency set succeeded for ht2040 coex"); - bss->flink->bandwidth = params->freq->bandwidth; + link->bandwidth = params->freq->bandwidth; } } else if (!beacon_set && params->freq) { /* @@ -5055,7 +5196,7 @@ static int wpa_driver_nl80211_set_ap(void *priv, * mode only at the point when beaconing is started, so * set the initial value here. */ - bss->flink->bandwidth = params->freq->bandwidth; + link->bandwidth = params->freq->bandwidth; } } @@ -5077,111 +5218,6 @@ fail: } -static int nl80211_put_freq_params(struct nl_msg *msg, - const struct hostapd_freq_params *freq) -{ - enum hostapd_hw_mode hw_mode; - int is_24ghz; - u8 channel; - - wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq); - if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq)) - return -ENOBUFS; - - wpa_printf(MSG_DEBUG, " * eht_enabled=%d", freq->eht_enabled); - wpa_printf(MSG_DEBUG, " * he_enabled=%d", freq->he_enabled); - wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled); - wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled); - wpa_printf(MSG_DEBUG, " * radar_background=%d", - freq->radar_background); - - hw_mode = ieee80211_freq_to_chan(freq->freq, &channel); - is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G || - hw_mode == HOSTAPD_MODE_IEEE80211B; - - if (freq->vht_enabled || - ((freq->he_enabled || freq->eht_enabled) && !is_24ghz)) { - enum nl80211_chan_width cw; - - wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth); - switch (freq->bandwidth) { - case 20: - cw = NL80211_CHAN_WIDTH_20; - break; - case 40: - cw = NL80211_CHAN_WIDTH_40; - break; - case 80: - if (freq->center_freq2) - cw = NL80211_CHAN_WIDTH_80P80; - else - cw = NL80211_CHAN_WIDTH_80; - break; - case 160: - cw = NL80211_CHAN_WIDTH_160; - break; - case 320: - cw = NL80211_CHAN_WIDTH_320; - break; - default: - return -EINVAL; - } - - wpa_printf(MSG_DEBUG, " * channel_width=%d", cw); - wpa_printf(MSG_DEBUG, " * center_freq1=%d", - freq->center_freq1); - wpa_printf(MSG_DEBUG, " * center_freq2=%d", - freq->center_freq2); - if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) || - nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, - freq->center_freq1) || - (freq->center_freq2 && - nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, - freq->center_freq2))) - return -ENOBUFS; - } else if (freq->ht_enabled) { - enum nl80211_channel_type ct; - - wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d", - freq->sec_channel_offset); - switch (freq->sec_channel_offset) { - case -1: - ct = NL80211_CHAN_HT40MINUS; - break; - case 1: - ct = NL80211_CHAN_HT40PLUS; - break; - default: - ct = NL80211_CHAN_HT20; - break; - } - - wpa_printf(MSG_DEBUG, " * channel_type=%d", ct); - if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct)) - return -ENOBUFS; - } else if (freq->edmg.channels && freq->edmg.bw_config) { - wpa_printf(MSG_DEBUG, - " * EDMG configuration: channels=0x%x bw_config=%d", - freq->edmg.channels, freq->edmg.bw_config); - if (nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_CHANNELS, - freq->edmg.channels) || - nla_put_u8(msg, NL80211_ATTR_WIPHY_EDMG_BW_CONFIG, - freq->edmg.bw_config)) - return -1; - } else { - wpa_printf(MSG_DEBUG, " * channel_type=%d", - NL80211_CHAN_NO_HT); - if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, - NL80211_CHAN_NO_HT)) - return -ENOBUFS; - } - if (freq->radar_background && - nla_put_flag(msg, NL80211_ATTR_RADAR_BACKGROUND)) - return -ENOBUFS; - - return 0; -} - static bool nl80211_link_valid(struct i802_bss *bss, s8 link_id) { u32 i; From patchwork Wed Feb 15 23:08:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743147 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=pk4OiuMT; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=LKgY0058; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDNY4wT6z23yD for ; Thu, 16 Feb 2023 10:11:41 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=WyuOD7X1Gvs/iqyVPzukfykYxXazp05owL3NVRwW3rc=; b=pk4OiuMTgBf2gE +oB0Ea0hx8QN+uBQHqP4oA26N/6KmVmyt66CNYHGyh+twlNSibHc6n5csxVD3SlMRzVju1HfqYQZH swseZbECwwnWaHMus1IQ7bwzu+iJpb5gvJDeRwS2G2TcNi7IO9vCf+N9mXPh70RSwUBUYSsH8jG8p SR4+7EvgbLHmT8Cnq2aXM8DYahpy+HTp09PqoHySdz7m4O06O482vj7EekXXU1D0GxPy3nDVbknAE k1x8bX6TIrbuzbDYWVw6y9u17hP54Szukg+FD+rQycqoUa/crGBD+vK+Zwi+8CJ9IaM83rHTQjkJd xFMifClpzUO8znITZ+5Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvH-007lmA-7A; Wed, 15 Feb 2023 23:10:47 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQu5-007lIS-9P for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:34 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502573; x=1708038573; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=zKAvwh8sstHXqIxMlHMWsOx85avsTNuqoYP7M7rMoXM=; b=LKgY00581eJOBj1fPAlVlCaLuJbh6t3s1QdG0wm5BF/UhyKotpVBQ+Xx ejA+Dt7jCNNdk8cYOWLeVUZs7+h/CHaBldBA5xLp6YTcVADMFpQVBwGTB Xi+ioaQpKiPUIsJDhJopJBMWngvbX/mCXgU9Qys5KjpYAEhlsYMvLgI2D JXHXpoahxRtzUNsHiHI/ZXZ/5SmEV7kvQCrT3PLn4lFH3131eKANvkkNC 9XR0IcoBXPNbEgWPoCvf7WJQihFlCQ1mB9c9TcPH8xEHk06wkW9VDjt07 VEhwNsrX9uqgo6NB3lyaYtcaQvxGGdd40qhg5jl1wXqQg381MpNXNgL7Q Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719586" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719586" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:33 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344153" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344153" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:31 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 07/50] driver_nl80211: Properly stop and deinit MLO AP Date: Thu, 16 Feb 2023 01:08:21 +0200 Message-Id: <20230215230904.933291-8-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150933_417218_C9A8D99D X-CRM114-Status: GOOD ( 18.66 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Delete all the links and stop beaconing on all the links on AP deinit/stop. Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 102 ++++++++++++++++++++++++++++++++--- 1 file changed, 95 insertions(+), 7 deletions(-) Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Delete all the links and stop beaconing on all the links on AP deinit/stop. Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 102 ++++++++++++++++++++++++++++++++--- 1 file changed, 95 insertions(+), 7 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 282b61b673..0945cc9597 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -2985,21 +2985,50 @@ wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv, } -static int wpa_driver_nl80211_del_beacon(struct i802_bss *bss) +static int wpa_driver_nl80211_del_beacon(struct i802_bss *bss, + struct i802_link *link) { struct nl_msg *msg; struct wpa_driver_nl80211_data *drv = bss->drv; + if (!link->beacon_set) + return 0; + wpa_printf(MSG_DEBUG, "nl80211: Remove beacon (ifindex=%d)", drv->ifindex); - bss->flink->beacon_set = 0; - bss->flink->freq = 0; + link->beacon_set = 0; + link->freq = 0; + nl80211_put_wiphy_data_ap(bss); msg = nl80211_drv_msg(drv, 0, NL80211_CMD_DEL_BEACON); + if (!msg) + return -ENOBUFS; + + if (link->link_id != NL80211_DRV_LINK_ID_NA) { + wpa_printf(MSG_DEBUG, + "nl80211: MLD: stop beaconing on link=%u", + link->link_id); + + if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, + link->link_id)) { + nlmsg_free(msg); + return -ENOBUFS; + } + } + return send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); } +static void wpa_driver_nl80211_del_beacon_all(struct i802_bss *bss) +{ + unsigned int i; + + for (i = 0; i < bss->n_links; i++) + wpa_driver_nl80211_del_beacon(bss, &bss->links[i]); +} + + /** * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface * @bss: Pointer to private nl80211 data from wpa_driver_nl80211_init() @@ -3049,7 +3078,7 @@ static void wpa_driver_nl80211_deinit(struct i802_bss *bss) nl80211_remove_monitor_interface(drv); if (is_ap_interface(drv->nlmode)) - wpa_driver_nl80211_del_beacon(bss); + wpa_driver_nl80211_del_beacon_all(bss); if (drv->eapol_sock >= 0) { eloop_unregister_read_sock(drv->eapol_sock); @@ -8590,7 +8619,7 @@ static int wpa_driver_nl80211_if_remove(struct i802_bss *bss, wpa_printf(MSG_DEBUG, "nl80211: First BSS - reassign context"); nl80211_teardown_ap(bss); if (!bss->added_if && !drv->first_bss->next) - wpa_driver_nl80211_del_beacon(bss); + wpa_driver_nl80211_del_beacon_all(bss); nl80211_destroy_bss(bss); if (!bss->added_if) i802_set_iface_flags(bss, 0); @@ -8986,13 +9015,69 @@ fail: } +static void nl80211_remove_links(struct i802_bss *bss) +{ + struct wpa_driver_nl80211_data *drv = bss->drv; + struct nl_msg *msg; + int ret; + u8 link_id; + + while (bss->links[0].link_id != NL80211_DRV_LINK_ID_NA) { + struct i802_link *link = &bss->links[0]; + + wpa_printf(MSG_DEBUG, "nl80211: MLD: remove link_id=%u", + link->link_id); + + wpa_driver_nl80211_del_beacon(bss, link); + + link_id = link->link_id; + + /* first remove the link locally */ + if (bss->n_links == 1) { + bss->flink->link_id = NL80211_DRV_LINK_ID_NA; + os_memcpy(bss->flink->addr, bss->addr, ETH_ALEN); + } else { + struct i802_link *other = &bss->links[bss->n_links - 1]; + + os_memcpy(link, other, sizeof(*link)); + other->link_id = NL80211_DRV_LINK_ID_NA; + os_memset(other->addr, 0, ETH_ALEN); + + bss->n_links--; + } + + /* remove the link from the kernel */ + msg = nl80211_drv_msg(drv, 0, NL80211_CMD_REMOVE_LINK); + if (!msg || + nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)) { + nlmsg_free(msg); + wpa_printf(MSG_ERROR, "nl80211: remove link (%d) failed", + link_id); + return; + } + + ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); + if (ret) { + wpa_printf(MSG_ERROR, "nl80211: remove link failed. ret=%d (%s)", + ret, strerror(-ret)); + return; + } + } +} + + static int wpa_driver_nl80211_deinit_ap(void *priv) { struct i802_bss *bss = priv; struct wpa_driver_nl80211_data *drv = bss->drv; + if (!is_ap_interface(drv->nlmode)) return -1; - wpa_driver_nl80211_del_beacon(bss); + + /* stop beaconing */ + wpa_driver_nl80211_del_beacon(bss, bss->flink); + + nl80211_remove_links(bss); /* * If the P2P GO interface was dynamically added, then it is @@ -9009,9 +9094,12 @@ static int wpa_driver_nl80211_stop_ap(void *priv) { struct i802_bss *bss = priv; struct wpa_driver_nl80211_data *drv = bss->drv; + if (!is_ap_interface(drv->nlmode)) return -1; - wpa_driver_nl80211_del_beacon(bss); + + wpa_driver_nl80211_del_beacon_all(bss); + return 0; } From patchwork Wed Feb 15 23:08:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743148 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=wpdVUPxu; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=A7eQgO2z; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDP965p0z23yD for ; Thu, 16 Feb 2023 10:12:13 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=PrQIaymNZjxi4vVDL1Vlb3xncOK1jm+7A1Ovzaxgpmg=; b=wpdVUPxufchSWS MXQjo+9povSb0qSjRq7GS5I/gOOQuZ64VBUK0r7MdlpPfAfWhmhYC0wQLsPXHmiuNmvSXiXJAuAge XJzhN0SDo2c4as19tmMVR1peD+GeRYu8Bd6wpPcoDHeG2Qbim8t4gMWZZWo189aFewpVCS06Bsgw1 LAQ71ScXcZY4PMpCS+2PKKAB50EdKpXCBK4evX3CPZCqqjFPzwV7LsW07XwxxcN2diMBci7q94gu4 4oTCtKu8ygvPR0C5zFP8n92eK55qXsdzf8Y87KUOKChaVn1SCDfBBsAEBq3w1RKdurD238x4+BTIz /4oxLw+9+e7K6IaOLxDQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvz-007mBp-Az; Wed, 15 Feb 2023 23:11:31 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQu6-007lDw-HH for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:35 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502574; x=1708038574; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=vn3tfaSl5/2mfreH+MDO1HY+rSzNFWyAVjoFvqq2ubQ=; b=A7eQgO2zj5GSPh0d58YLgdUxnOpXDwlzv5yZ2TyiFhehWJ2NWeOfuTF9 aMib9Rbu9is/jl1xAYjNRFa8YnNzYk7EMBNZyIk0gI9v1UcozjbthKCG1 TMMn+NHIdOUBDjW3uHjBC3tXqdkEfFYRFliKdozGs7xasyG+O5aqSe5vl 47EuafTIp6smL+VwWtImNZsAQtv1UEm7LEZOonWcZe1xRxXGsk1GIZSIp oYt5GBNZVu742B1S6dwdKCBlHcDUFsHoxAflOYolL7Yjrn2W/mqlU0HTC pX+I9P9TWFXzstjr2Q3ZcQnk8K7pTDTT78HbIpGgrmxAYAxja1N/Vtxjj Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719588" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719588" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:34 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344157" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344157" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:33 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 08/50] AP: Add some basic MLD configuration options Date: Thu, 16 Feb 2023 01:08:22 +0200 Message-Id: <20230215230904.933291-9-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150934_633743_2AE2D933 X-CRM114-Status: GOOD ( 11.60 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- hostapd/config_file.c | 10 ++++++++++ src/ap/ap_config.h | 17 +++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 76f9cf8311..da13a87a02 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -4744,6 +4744,16 @@ static int hostapd_config_ [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- hostapd/config_file.c | 10 ++++++++++ src/ap/ap_config.h | 17 +++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 76f9cf8311..da13a87a02 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -4744,6 +4744,16 @@ static int hostapd_config_fill(struct hostapd_config *conf, conf->eht_phy_capab.su_beamformee = atoi(pos); } else if (os_strcmp(buf, "eht_mu_beamformer") == 0) { conf->eht_phy_capab.mu_beamformer = atoi(pos); + } else if (os_strcmp(buf, "mld_ap") == 0) { + bss->mld_ap = !!atoi(pos); + } else if (os_strcmp(buf, "mld_id") == 0) { + bss->mld_id = atoi(pos); + } else if (os_strcmp(buf, "mld_link_id") == 0) { + bss->mld_link_id = atoi(pos); + } else if (os_strcmp(buf, "mld_eml_capa") == 0) { + bss->mld_eml_capa = atoi(pos); + } else if (os_strcmp(buf, "mld_mld_capa") == 0) { + bss->mld_mld_capa = atoi(pos); #endif /* CONFIG_IEEE80211BE */ } else { wpa_printf(MSG_ERROR, diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h index 1631cf2aac..14253a0549 100644 --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h @@ -919,6 +919,23 @@ struct hostapd_bss_config { u8 rnr; char *config_id; bool xrates_supported; + +#ifdef CONFIG_IEEE80211BE + /* The AP is part of an MLD AP */ + u8 mld_ap; + + /* The MLD ID to which the MLD AP is affiliated with */ + u8 mld_id; + + /* The AP's link ID within the MLD AP */ + u8 mld_link_id; + + /* The AP's EML capabilities */ + u16 mld_eml_capa; + + /* The AP's MLD capabilities */ + u16 mld_mld_capa; +#endif /* CONFIG_IEEE80211BE */ }; /** From patchwork Wed Feb 15 23:08:23 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743150 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=O2ZRWPVz; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=FqZLrpq4; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDPz3N8Rz23yD for ; Thu, 16 Feb 2023 10:12:55 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=s1TvU35x5aVR1T3++BvfY0GJPdqdqLbIMvpKN0obAf8=; b=O2ZRWPVzeN6Mac nvGXCbu2nGLQDAiADLsC8BtgbVZJnWb+8/qjb1r94M6Tf4P64tmY2/OwcI3Ho8k/IgDuYrl4NZz2p 1HEQSjh74CfJTW+INJRLs22i2NRHZ3rRoMzhrYVbWZrc9JzH7SwJi3uawcIFpXIQeYxUrwmnNvlcz Yo75Tbxe7AXtiZqHTSSQs8lq2XBr7ZhBXy/t+MQR3iB+XcbkW1TrLtots0CER4izKwdCNiTuIEYD/ ai/XFyreEoWq7C0FE14d0QnCYPkbpeSJ98jCPr2vqWs2n78oelbIkBQZsnfS4p0fwY4VFFzrANCT9 whWD6+znF6ZN2ayJ/TkA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQwQ-007mPY-7c; Wed, 15 Feb 2023 23:11:58 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQu8-007lLy-Ac for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:38 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502576; x=1708038576; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=/VXzh/FLHo0f80rlmEzIpMEGvLo04e3gN4AJzugK2EY=; b=FqZLrpq4paozoW10be0cfJ0XrSpX89poBLUco7LBTktJGa6VKygYVheR f7Oyjew2AsOZOq+GmJqqHW4vsGT5Plwd2/hDqvIrLUtsLOQehxQElqCBF twhstGatUKqrmQgVof6/jrl/YXiRvwsxzVRtTw5ezKq52LluQ0NC9wxBA GvMHf08MRqK/8tA7msEkCvS1NAfF1DTnvaxSZ5LQoFB5P0zkxWk/qc1Ai Wkf3Iyg6jrNtayDlZ1hp9fgV4S+jTL5LQPAbqi2kD12+PC7r82uovfeii XOJNHg1mNh0W/jysVIEodCPxMd63rcfRDF8x/xR7ymhKXbbI0Khl7IsEp g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719592" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719592" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:35 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344168" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344168" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:34 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH 09/50] AP: Allow starting multiple interfaces within single MLD Date: Thu, 16 Feb 2023 01:08:23 +0200 Message-Id: <20230215230904.933291-10-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150936_428069_8FE3E2C8 X-CRM114-Status: GOOD ( 28.06 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add support for including multiple hostapd interfaces in the same AP MLD, i.e., all using the same underlying driver network interface. To do so, when a new hostapd interface is added, if there is already another interface using the same underlying network interface, associate the new interface with the same private data object, inste [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add support for including multiple hostapd interfaces in the same AP MLD, i.e., all using the same underlying driver network interface. To do so, when a new hostapd interface is added, if there is already another interface using the same underlying network interface, associate the new interface with the same private data object, instead of creating a new one. As some of the BSS's are non first BSS's, meaning that they reuse the drv_priv of the initial BSS, make sure not to double free it. Currently multiple BSS entries are not supported so always use bss[0] for MLD. Signed-off-by: Andrei Otcheretianski Signed-off-by: Ilan Peer --- hostapd/main.c | 84 +++++++++++++++++++++++++++++++++++++++++++++ src/ap/ap_drv_ops.h | 12 +++++++ src/ap/hostapd.c | 39 +++++++++++++++++---- src/ap/hostapd.h | 2 ++ 4 files changed, 131 insertions(+), 6 deletions(-) diff --git a/hostapd/main.c b/hostapd/main.c index ce2df81c4a..228ee44b1b 100644 --- a/hostapd/main.c +++ b/hostapd/main.c @@ -164,6 +164,59 @@ static int hostapd_driver_init(struct hostapd_iface *iface) return -1; } +#ifdef CONFIG_IEEE80211BE + if (conf->mld_ap) { + for (i = 0; i < iface->interfaces->count; i++) { + struct hostapd_iface *h = iface->interfaces->iface[i]; + struct hostapd_data *h_hapd = h->bss[0]; + struct hostapd_bss_config *hconf = h_hapd->conf; + + if (h == iface) { + wpa_printf(MSG_ERROR, "Skip own iface"); + continue; + } + + if (!hconf->mld_ap || hconf->mld_id != conf->mld_id) { + wpa_printf(MSG_ERROR, + "Skip non matching mld_id"); + continue; + } + + wpa_printf(MSG_DEBUG, "Found matching MLD iface"); + if (!h_hapd->drv_priv) { + wpa_printf(MSG_ERROR, + "Matching MLD BSS not initialized yet"); + continue; + } + + hapd->drv_priv = h_hapd->drv_priv; + + /* + * All interfaces participating in the MLD AP would have + * the same MLD address, which in the interface HW + * address, while the interface address would be + * derived from the original interface address if BSSID + * is not configured, and otherwise it would be the + * configured BSSID. + */ + os_memcpy(hapd->mld_addr, h_hapd->mld_addr, ETH_ALEN); + if (is_zero_ether_addr(b)) { + os_memcpy(hapd->own_addr, h_hapd->mld_addr, ETH_ALEN); + random_mac_addr_keep_oui(hapd->own_addr); + } else { + os_memcpy(hapd->own_addr, b, ETH_ALEN); + } + + /* + * mark the interface as a secondary interface, as this + * is needed for the de-initialization flow + */ + hapd->mld_first_bss = h_hapd; + goto setup_mld; + } + } +#endif /* CONFIG_IEEE80211BE */ + /* Initialize the driver interface */ if (!(b[0] | b[1] | b[2] | b[3] | b[4] | b[5])) b = NULL; @@ -214,6 +267,20 @@ static int hostapd_driver_init(struct hostapd_iface *iface) return -1; } +#ifdef CONFIG_IEEE80211BE + /* + * This is the first interface added to the MLD AP, so have the + * interface HW address be the MLD address and set a link address to + * this interface + */ + if (hapd->conf->mld_ap) { + os_memcpy(hapd->mld_addr, hapd->own_addr, ETH_ALEN); + random_mac_addr_keep_oui(hapd->own_addr); + } + + setup_mld: +#endif /* CONFIG_IEEE80211BE */ + if (hapd->driver->get_capa && hapd->driver->get_capa(hapd->drv_priv, &capa) == 0) { struct wowlan_triggers *triggs; @@ -246,6 +313,23 @@ static int hostapd_driver_init(struct hostapd_iface *iface) iface->ema_max_periodicity = capa.ema_max_periodicity; } +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) { + if (!(iface->drv_flags2 & WPA_DRIVER_FLAGS2_MLO)) { + wpa_printf(MSG_DEBUG, "MLD: not supported by driver"); + return -1; + } + + wpa_printf(MSG_DEBUG, + "MLD: Set link_id=%u, mld_addr=" MACSTR ", own_addr=" MACSTR, + hapd->conf->mld_link_id, + MAC2STR(hapd->mld_addr), + MAC2STR(hapd->own_addr)); + + hostapd_drv_link_add(hapd, hapd->conf->mld_link_id, + hapd->own_addr); + } +#endif /* CONFIG_IEEE80211BE */ return 0; } diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index 93b2244990..be280de218 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -435,4 +435,16 @@ hostapd_drv_register_frame(struct hostapd_data *hapd, u16 type, } #endif /* CONFIG_TESTING_OPTIONS */ +#ifdef CONFIG_IEEE80211BE +static inline int hostapd_drv_link_add(struct hostapd_data *hapd, + u8 link_id, const u8 *addr) +{ + if (!hapd->driver || !hapd->drv_priv || !hapd->driver->link_add) + return -1; + + return hapd->driver->link_add(hapd->drv_priv, link_id, addr); + +} +#endif /* CONFIG_IEEE80211BE */ + #endif /* AP_DRV_OPS */ diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index 58492e51ed..9abfb5fa5f 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -393,6 +393,25 @@ static int hostapd_broadcast_wep_set(struct hostapd_data *hapd) #endif /* CONFIG_WEP */ +static void hostapd_clear_drv_priv(struct hostapd_data *hapd) +{ + u8 i; + + for (i = 0; i < hapd->iface->interfaces->count; i++) { + struct hostapd_iface *iface = hapd->iface->interfaces->iface[i]; + + if (hapd->iface == iface) + continue; + + if (iface->bss && iface->bss[0] && + iface->bss[0]->mld_first_bss == hapd) + iface->bss[0]->drv_priv = NULL; + } + + hapd->drv_priv = NULL; +} + + void hostapd_free_hapd_data(struct hostapd_data *hapd) { os_free(hapd->probereq_cb); @@ -449,7 +468,7 @@ void hostapd_free_hapd_data(struct hostapd_data *hapd) * driver wrapper may have removed its internal instance * and hapd->drv_priv is not valid anymore. */ - hapd->drv_priv = NULL; + hostapd_clear_drv_priv(hapd); } } @@ -2780,8 +2799,9 @@ void hostapd_interface_deinit_free(struct hostapd_iface *iface) wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit", __func__, driver, drv_priv); if (driver && driver->hapd_deinit && drv_priv) { - driver->hapd_deinit(drv_priv); - iface->bss[0]->drv_priv = NULL; + if (!iface->bss[0]->mld_first_bss) + driver->hapd_deinit(drv_priv); + hostapd_clear_drv_priv(iface->bss[0]); } hostapd_interface_free(iface); } @@ -2796,13 +2816,14 @@ static void hostapd_deinit_driver(const struct wpa_driver_ops *driver, wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit", __func__, driver, drv_priv); if (driver && driver->hapd_deinit && drv_priv) { - driver->hapd_deinit(drv_priv); + if (!hapd_iface->bss[0]->mld_first_bss) + driver->hapd_deinit(drv_priv); for (j = 0; j < hapd_iface->num_bss; j++) { wpa_printf(MSG_DEBUG, "%s:bss[%d]->drv_priv=%p", __func__, (int) j, hapd_iface->bss[j]->drv_priv); if (hapd_iface->bss[j]->drv_priv == drv_priv) { - hapd_iface->bss[j]->drv_priv = NULL; + hostapd_clear_drv_priv(hapd_iface->bss[j]); hapd_iface->extended_capa = NULL; hapd_iface->extended_capa_mask = NULL; hapd_iface->extended_capa_len = 0; @@ -3143,8 +3164,14 @@ int hostapd_add_iface(struct hapd_interfaces *interfaces, char *buf) conf_file = ptr + 7; for (i = 0; i < interfaces->count; i++) { + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap = interfaces->iface[i]->conf->bss[0]->mld_ap; +#endif /* CONFIG_IEEE80211BE */ + if (!os_strcmp(interfaces->iface[i]->conf->bss[0]->iface, - buf)) { + buf) && !mld_ap) { wpa_printf(MSG_INFO, "Cannot add interface - it " "already exists"); return -1; diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h index ed2ff45877..6c0cece36e 100644 --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h @@ -174,6 +174,8 @@ struct hostapd_data { unsigned int reenable_beacon:1; u8 own_addr[ETH_ALEN]; + u8 mld_addr[ETH_ALEN]; + struct hostapd_data *mld_first_bss; int num_sta; /* number of entries in sta_list */ struct sta_info *sta_list; /* STA info list head */ From patchwork Wed Feb 15 23:08:24 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743151 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=dApa6smz; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=nJUpcI6m; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDQg00sJz23yD for ; Thu, 16 Feb 2023 10:13:30 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=D93iEouCKrvziRhL03Ox1q1NUv69o1z/vIufNGOdlnA=; b=dApa6smzFSMOGo vx2U0gyPw8BJ7JdoWIEYebDHH0ULFcNmMNQEBm63hYca6orRCajfwQ8JXXe2uNCG+yk2tLvbJ64Vk QYq3MFrlumAoTyjkJYltoURtL37PVUI5rQZZjC/Fj/ZPD20kw68G9iyZj4UDzsWe1KOdNd3nYLDeg RptC+wleKilPhiiLaaaDRe5fi29gCT6q9DtnfMEfMcBy4w9zX07PJ8LUaips+pTkWK9oteetRYE2p nn3gXCvuP9etGbd18028ZDi2xeisp5beEdzOSVptrXWoDVzBe36xe45UmjxUb4G2jLef5nNAlBvNe FoAJDw3Km3Okb3NXEo/g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQx6-007mip-W1; Wed, 15 Feb 2023 23:12:41 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuA-007lME-2Q for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:39 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502578; x=1708038578; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=4pzPquIdxTNwJSBG4tNUP+kMEGxO6DVWgW7cfcJZNfE=; b=nJUpcI6m3nDaCUsj1dH4bmWY874hgUEKy+quOWRoU1C7X53ySRYbcekE ydQaqgmRqsinoSLTFizdOyEJy3kicDTh+Dh3fRCm3guefWFjybTQRDeFg S5O2BXMYwu/g/p9YA7+NUn+hMB+51XGm2Einjllo1QYMPx+ukttGaCVIE lCHZGx2jKbIWtUicDuewoAGE8fcVQE2xH9cVrUnjGgsv6al1D/0hRKm2I M3w7aEeq5JGO9ZBqFNNkxqsWsuNCO3vqzt6SkEagAAq5zHtxhm/WYXcau 3PHqu/qxM6PVUXK5XXL6mWkfZNnVkCdaIS+s+HaZ77Xv1G9337bTG8bPP g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719595" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719595" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:37 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344174" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344174" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:36 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH 10/50] AP: Include an RNR element in beacons for MLD AP Date: Thu, 16 Feb 2023 01:08:24 +0200 Message-Id: <20230215230904.933291-11-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150938_229997_05B1157F X-CRM114-Status: GOOD ( 19.67 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer - Include RNR element in beacons of MLD APs. - Whenever a new interface is added to an MLD AP, reconfigure the beacon for all other interfaces, to allow updating their RNR element. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer - Include RNR element in beacons of MLD APs. - Whenever a new interface is added to an MLD AP, reconfigure the beacon for all other interfaces, to allow updating their RNR element. Signed-off-by: Ilan Peer --- src/ap/beacon.c | 24 ++++++---- src/ap/hostapd.c | 3 ++ src/ap/ieee802_11.c | 86 +++++++++++++++++++++++++++++------- src/common/ieee802_11_defs.h | 1 + 4 files changed, 91 insertions(+), 23 deletions(-) diff --git a/src/ap/beacon.c b/src/ap/beacon.c index 14cde4c584..c7ebc55347 100644 --- a/src/ap/beacon.c +++ b/src/ap/beacon.c @@ -2114,21 +2114,29 @@ int ieee802_11_set_beacon(struct hostapd_data *hapd) if (!iface->interfaces || iface->interfaces->count <= 1) return 0; - /* Update Beacon frames in case of 6 GHz colocation */ + /* Update Beacon frames in case of 6 GHz colocation or MLD AP */ is_6g = is_6ghz_op_class(iface->conf->op_class); for (j = 0; j < iface->interfaces->count; j++) { - struct hostapd_iface *colocated; + struct hostapd_iface *other; + bool mld_ap = false; - colocated = iface->interfaces->iface[j]; - if (colocated == iface || !colocated || !colocated->conf) + other = iface->interfaces->iface[j]; + if (other == iface || !other || !other->conf) continue; - if (is_6g == is_6ghz_op_class(colocated->conf->op_class)) +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && other->bss[0]->conf->mld_ap && + hapd->conf->mld_id == other->bss[0]->conf->mld_id) + mld_ap = true; +#endif /* CONFIG_IEEE80211BE */ + + if (is_6g == is_6ghz_op_class(other->conf->op_class) && + !mld_ap) continue; - for (i = 0; i < colocated->num_bss; i++) { - if (colocated->bss[i] && colocated->bss[i]->started) - __ieee802_11_set_beacon(colocated->bss[i]); + for (i = 0; i < other->num_bss; i++) { + if (other->bss[i] && other->bss[i]->started) + __ieee802_11_set_beacon(other->bss[i]); } } diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index 9abfb5fa5f..bd353c5523 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -2316,6 +2316,9 @@ dfs_offload: for (j = 0; j < iface->num_bss; j++) hostapd_neighbor_set_own_report(iface->bss[j]); + if (iface->interfaces && iface->interfaces->count > 1) + ieee802_11_set_beacons(iface); + return 0; fail: diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 8facad3692..5549e1094e 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -6414,6 +6414,11 @@ static size_t hostapd_eid_rnr_iface_len(struct hostapd_data *hapd, size_t total_len = 0, len = *current_len; int tbtt_count = 0; size_t i, start = 0; + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap = !!hapd->conf->mld_ap; +#endif /* CONFIG_IEEE80211BE */ while (start < hapd->iface->num_bss) { if (!len || @@ -6439,8 +6444,13 @@ static size_t hostapd_eid_rnr_iface_len(struct hostapd_data *hapd, tbtt_count >= RNR_TBTT_INFO_COUNT_MAX) break; - len += RNR_TBTT_INFO_LEN; - total_len += RNR_TBTT_INFO_LEN; + if (!mld_ap) { + len += RNR_TBTT_INFO_LEN; + total_len += RNR_TBTT_INFO_LEN; + } else { + len += RNR_TBTT_INFO_MLD_LEN; + total_len += RNR_TBTT_INFO_MLD_LEN; + } tbtt_count++; } start = i; @@ -6495,8 +6505,8 @@ static enum colocation_mode get_colocation_mode(struct hostapd_data *hapd) } -static size_t hostapd_eid_rnr_colocation_len(struct hostapd_data *hapd, - size_t *current_len) +static size_t hostapd_eid_rnr_multi_iface_len(struct hostapd_data *hapd, + size_t *current_len) { struct hostapd_iface *iface; size_t len = 0; @@ -6507,9 +6517,16 @@ static size_t hostapd_eid_rnr_colocation_len(struct hostapd_data *hapd, for (i = 0; i < hapd->iface->interfaces->count; i++) { iface = hapd->iface->interfaces->iface[i]; + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && iface->bss[0]->conf->mld_ap && + hapd->conf->mld_id == iface->bss[0]->conf->mld_id) + mld_ap = true; +#endif /* CONFIG_IEEE80211BE */ if (iface == hapd->iface || - !is_6ghz_op_class(iface->conf->op_class)) + !(is_6ghz_op_class(iface->conf->op_class) || mld_ap)) continue; len += hostapd_eid_rnr_iface_len(iface->bss[0], hapd, @@ -6524,6 +6541,11 @@ size_t hostapd_eid_rnr_len(struct hostapd_data *hapd, u32 type) { size_t total_len = 0, current_len = 0; enum colocation_mode mode = get_colocation_mode(hapd); + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap = !!hapd->conf->mld_ap; +#endif /* CONFIG_IEEE80211BE */ switch (type) { case WLAN_FC_STYPE_BEACON: @@ -6532,9 +6554,10 @@ size_t hostapd_eid_rnr_len(struct hostapd_data *hapd, u32 type) /* fallthrough */ case WLAN_FC_STYPE_PROBE_RESP: - if (mode == COLOCATED_LOWER_BAND) - total_len += hostapd_eid_rnr_colocation_len( - hapd, ¤t_len); + if (mode == COLOCATED_LOWER_BAND || mld_ap) + total_len += + hostapd_eid_rnr_multi_iface_len(hapd, + ¤t_len); if (hapd->conf->rnr && hapd->iface->num_bss > 1) total_len += hostapd_eid_rnr_iface_len(hapd, hapd, @@ -6620,6 +6643,11 @@ static u8 * hostapd_eid_rnr_iface(struct hostapd_data *hapd, size_t len = *current_len; u8 *tbtt_count_pos, *eid_start = eid, *size_offset = (eid - len) + 1; u8 tbtt_count = 0, op_class, channel, bss_param; + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap = !!hapd->conf->mld_ap; +#endif /* CONFIG_IEEE80211BE */ if (!(iface->drv_flags & WPA_DRIVER_FLAGS_AP_CSA) || !iface->freq) return eid; @@ -6642,7 +6670,12 @@ static u8 * hostapd_eid_rnr_iface(struct hostapd_data *hapd, } tbtt_count_pos = eid++; - *eid++ = RNR_TBTT_INFO_LEN; + + if (!mld_ap) + *eid++ = RNR_TBTT_INFO_LEN; + else + *eid++ = RNR_TBTT_INFO_MLD_LEN; + *eid++ = op_class; *eid++ = hapd->iconf->channel; len += RNR_TBTT_HEADER_LEN; @@ -6687,7 +6720,18 @@ static u8 * hostapd_eid_rnr_iface(struct hostapd_data *hapd, *eid++ = bss_param; *eid++ = RNR_20_MHZ_PSD_MAX_TXPOWER - 1; - len += RNR_TBTT_INFO_LEN; + + if (!mld_ap) { + len += RNR_TBTT_INFO_LEN; + } else { +#ifdef CONFIG_IEEE80211BE + *eid++ = hapd->conf->mld_id; + *eid++ = hapd->conf->mld_link_id | (1 << 4); + *eid++ = 0; + len += RNR_TBTT_INFO_MLD_LEN; +#endif /* CONFIG_IEEE80211BE */ + } + tbtt_count += 1; } @@ -6704,7 +6748,7 @@ static u8 * hostapd_eid_rnr_iface(struct hostapd_data *hapd, } -static u8 * hostapd_eid_rnr_colocation(struct hostapd_data *hapd, u8 *eid, +static u8 *hostapd_eid_rnr_multi_iface(struct hostapd_data *hapd, u8 *eid, size_t *current_len) { struct hostapd_iface *iface; @@ -6715,9 +6759,16 @@ static u8 * hostapd_eid_rnr_colocation(struct hostapd_data *hapd, u8 *eid, for (i = 0; i < hapd->iface->interfaces->count; i++) { iface = hapd->iface->interfaces->iface[i]; + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && iface->bss[0]->conf->mld_ap && + hapd->conf->mld_id == iface->bss[0]->conf->mld_id) + mld_ap = true; +#endif /* CONFIG_IEEE80211BE */ if (iface == hapd->iface || - !is_6ghz_op_class(iface->conf->op_class)) + !(is_6ghz_op_class(iface->conf->op_class) || mld_ap)) continue; eid = hostapd_eid_rnr_iface(iface->bss[0], hapd, eid, @@ -6733,6 +6784,11 @@ u8 * hostapd_eid_rnr(struct hostapd_data *hapd, u8 *eid, u32 type) u8 *eid_start = eid; size_t current_len = 0; enum colocation_mode mode = get_colocation_mode(hapd); + bool mld_ap = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap = !!hapd->conf->mld_ap; +#endif /* CONFIG_IEEE80211BE */ switch (type) { case WLAN_FC_STYPE_BEACON: @@ -6741,9 +6797,9 @@ u8 * hostapd_eid_rnr(struct hostapd_data *hapd, u8 *eid, u32 type) /* fallthrough */ case WLAN_FC_STYPE_PROBE_RESP: - if (mode == COLOCATED_LOWER_BAND) - eid = hostapd_eid_rnr_colocation(hapd, eid, - ¤t_len); + if (mode == COLOCATED_LOWER_BAND || mld_ap) + eid = hostapd_eid_rnr_multi_iface(hapd, eid, + ¤t_len); if (hapd->conf->rnr && hapd->iface->num_bss > 1) eid = hostapd_eid_rnr_iface(hapd, hapd, eid, diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h index 21b48ac523..12ddad466f 100644 --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h @@ -2418,6 +2418,7 @@ struct ieee80211_he_mu_edca_parameter_set { #define RNR_TBTT_INFO_COUNT(x) (((x) & 0xf) << 4) #define RNR_TBTT_INFO_COUNT_MAX 16 #define RNR_TBTT_INFO_LEN 13 +#define RNR_TBTT_INFO_MLD_LEN 16 #define RNR_NEIGHBOR_AP_OFFSET_UNKNOWN 255 /* Figure 9-632a - BSS Parameters subfield format */ #define RNR_BSS_PARAM_OCT_RECOMMENDED BIT(0) From patchwork Wed Feb 15 23:08:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743153 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=3ZDgI0Lx; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=ZLCe4Azf; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDRW5lngz23yD for ; Thu, 16 Feb 2023 10:14:15 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=0PuxYbE60CY56eLxW5lux3/x77SfIGZfGYQ+beXrWSM=; b=3ZDgI0Lx+1w5fI ohUNCCI5KSGIKenr+D2PdATL5xoMV3YbOQo/OFvUG4OWFLtab4t8M0KUYGQt1oyFhAqgr9Aq9UNWx vtzsRNKX4pwxY+bCeeHmXZznCuwE6kF+NixhLO5uBJF0PC1gXOZnMntVginF9v3K0/BKC8IIBz1sI ihpdwgX2tl4eggnDWTEx9cSQ+21pU9hOffgXwkVNsHu4uCu/NciKQFFcBPYDeU8qTUepqbqSePOH/ Yv6MRVyswO8UMIiPGaaLmHaR3+qyboPOB+ApEArXhf6R2tNHOASTqy9AI2l8FLs1AMbtanElOhcWE Yls/+dTO5S6L5E838voA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQxp-007n0j-Hu; Wed, 15 Feb 2023 23:13:25 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuA-007lLy-TE for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:40 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502578; x=1708038578; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=cj03XDvPG1a7kqF61KdvaYhfeUcUEfK38Dr8e6N6pko=; b=ZLCe4AzfVUpL53x+b97Q1yRLbd66WC1jr9zXF9b18q7jV55PhXD2Sl1d 8xXnTtVqWvUyiaDItIvqikywTsZ5f+AqyUzLr+ZNe9CFsOYpBFmVZdcg/ /RQT31KpvjgF147T/DLZnv7duJuYIK4JL9eaZ0ap8CWEA75JOuQ0CKUG1 YpW9bCZVZq/ke9eO71Xa6rnRmcZeJ4z7ScUwPwiJnYYBmI0KfGQ8ijro8 P/3qdfAw/7JH2XLQ2fenjhUH3YSOuw+fdI8NoQKTeZvPq75/yXJdtbnEX ZhVLzZVgnsQGfASVqYZbD28CqiO394CXfJTHRV+hfzSM2iDSlm7hSezkX Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719600" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719600" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:38 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344182" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344182" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:37 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 11/50] driver_nl80211: Select freq according to transmitting link Date: Thu, 16 Feb 2023 01:08:25 +0200 Message-Id: <20230215230904.933291-12-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150939_198505_7A458DC3 X-CRM114-Status: GOOD ( 13.54 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: In MLO, multiple BSS's can transmit on different frequencies. Select link frequencies according to the transmitter address. Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org In MLO, multiple BSS's can transmit on different frequencies. Select link frequencies according to the transmitter address. Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 0945cc9597..456556e100 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4125,6 +4125,22 @@ static void nl80211_link_set_freq(struct i802_bss *bss, s8 link_id, int freq) } +static int nl80211_get_link_freq(struct i802_bss *bss, u8 *addr) +{ + size_t i; + + for (i = 0; i < bss->n_links; i++) { + if (os_memcmp(bss->links[i].addr, addr, ETH_ALEN) == 0) { + wpa_printf(MSG_DEBUG, "nl80211: Use link freq=%d", + bss->links[i].freq); + return bss->links[i].freq; + } + } + + return bss->flink->freq; +} + + static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, size_t data_len, int noack, unsigned int freq, int no_cck, @@ -4169,13 +4185,14 @@ static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, } if (drv->device_ap_sme && is_ap_interface(drv->nlmode)) { - if (freq == 0) { - wpa_printf(MSG_DEBUG, "nl80211: Use bss->freq=%d", - bss->flink->freq); - freq = bss->flink->freq; - } - if ((int)freq == bss->flink->freq) + unsigned int link_freq = nl80211_get_link_freq(bss, mgmt->sa); + + if (!freq) + freq = link_freq; + + if (freq == link_freq) wait_time = 0; + goto send_frame_cmd; } From patchwork Wed Feb 15 23:08:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743157 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=mPFkXP37; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=ThbApGWX; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDT81RqQz23h0 for ; Thu, 16 Feb 2023 10:15:40 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=WcZTxWwYXv+h4cenrstdgKSqQpobT8oKw13iTj90Jfs=; b=mPFkXP37JCbVGg EKhLmONDxRm3HzF0uczno/95L4om8UdiIwOmOW+cd+Mkd/+G4txkmCnnGPN443aVpJseJYdJQ5HGv +aLch7JRbQmd4ql2xI2JUo4Sv6lopGPD5PglqDMYra50ClxEXziQcfRwSfKNqVyNHgeMX8cRWu/4o 6VFOFL61sCzR6jpfmKuz79uvDv3lz1Os9UWjfTi4OIveZGko/vX0T2EkjdKJxqk67fRIA76zlaL3j RaThc6GYVwSHo/nKxpmWm0EGSlLZX0MtmMLxgf5/wTMJQr8qutlocBh6jdyOQmUtmw+GK8GKdsy0Y GPDlEmyRvnNJMbaZI9hg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQz2-007nVa-Gz; Wed, 15 Feb 2023 23:14:41 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuC-007lME-Cw for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:43 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502580; x=1708038580; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=VBxi+iAIGEDpj7xVFSS8GOiJEVot24tJ1LY01ImDP6I=; b=ThbApGWXobEJHQONwO/AsB7em3nmkD5JKDSY0560IH9oJ0jnFalDz50q FbcysxktrNC+tQxQVjwMx21K4xtJhokCSz5/S2uxypo3/4n40y2D8C4t5 qlziWchKYMzEcJfALPBQ+J0/naHyDbeZVaYeDscEiknhQUjR2doGVWrpm yh3lFRLyFiuTTcGxTbFhbHxWUlO8zrk3gztIFNq8yU56gRYQdheXLKMki 5b3hPqmc0+6DKKwXQkh+dWWAguzpEG6p9cT2r+wTwSpUZBW49hFKRrIm0 znVWPVFh2Gzr4tEwFsbd2Qr8rkJLzxelQCt9ihU9Ei6du9/kSoR1eMq9U w==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719604" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719604" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:40 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344190" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344190" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:38 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 12/50] nl80211: Support adding multi link stations Date: Thu, 16 Feb 2023 01:08:26 +0200 Message-Id: <20230215230904.933291-13-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150941_673981_1FBAC6FC X-CRM114-Status: GOOD ( 17.88 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Multi link stations are represented in the kernel using a single station with multiple links and the first ADD_STA command also creates the first link. Subsequent links should be added with LINK_ADD c [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Multi link stations are represented in the kernel using a single station with multiple links and the first ADD_STA command also creates the first link. Subsequent links should be added with LINK_ADD commands. Implement this logic and provide the required MLD information per station/link. Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 1 + src/drivers/driver.h | 4 +++ src/drivers/driver_nl80211.c | 59 +++++++++++++++++++++++++++++++----- wpa_supplicant/driver_i.h | 5 ++- 4 files changed, 61 insertions(+), 8 deletions(-) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index bd2cf7cea5..cd509c90a9 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -459,6 +459,7 @@ int hostapd_sta_add(struct hostapd_data *hapd, params.qosinfo = qosinfo; params.support_p2p_ps = supp_p2p_ps; params.set = set; + params.mld_link_id = -1; return hapd->driver->sta_add(hapd->drv_priv, ¶ms); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 0f225929ab..38722f5db4 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -2416,6 +2416,10 @@ struct hostapd_sta_add_params { const u8 *supp_oper_classes; size_t supp_oper_classes_len; int support_p2p_ps; + + bool mld_link_sta; + s8 mld_link_id; + const u8 *mld_link_addr; }; struct mac_address { diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 456556e100..0987f11677 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -5385,16 +5385,29 @@ static int wpa_driver_nl80211_sta_add(void *priv, struct nl_msg *msg; struct nl80211_sta_flag_update upd; int ret = -ENOBUFS; + u8 cmd; + const char *cmd_string; if ((params->flags & WPA_STA_TDLS_PEER) && !(drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) return -EOPNOTSUPP; + if (params->mld_link_sta) { + cmd = params->set ? NL80211_CMD_MODIFY_LINK_STA : + NL80211_CMD_ADD_LINK_STA; + cmd_string = params->set ? "NL80211_CMD_MODIFY_LINK_STA" : + "NL80211_CMD_ADD_LINK_STA"; + } else { + cmd = params->set ? NL80211_CMD_SET_STATION : + NL80211_CMD_NEW_STATION; + cmd_string = params->set ? "NL80211_CMD_SET_STATION" : + "NL80211_CMD_NEW_STATION"; + } + wpa_printf(MSG_DEBUG, "nl80211: %s STA " MACSTR, - params->set ? "Set" : "Add", MAC2STR(params->addr)); - msg = nl80211_bss_msg(bss, 0, params->set ? NL80211_CMD_SET_STATION : - NL80211_CMD_NEW_STATION); - if (!msg || nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr)) + cmd_string, MAC2STR(params->addr)); + msg = nl80211_bss_msg(bss, 0, cmd); + if (!msg) goto fail; /* @@ -5612,12 +5625,44 @@ static int wpa_driver_nl80211_sta_add(void *priv, nla_nest_end(msg, wme); } + /* In case the AP is an MLD AP need to always specify the link ID */ + if (params->mld_link_id >= 0) { + wpa_printf(MSG_DEBUG, " * mld_link_id=%d", + params->mld_link_id); + if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, + params->mld_link_id)) + goto fail; + + /* + * If the link address is specified the station is a non MLD AP + * station and thus need to provide the MLD address as the + * station address, and the non MLD AP link address as the link + * address + */ + if (params->mld_link_addr) { + wpa_printf(MSG_DEBUG, " * mld_link_addr=" MACSTR, + MAC2STR(params->mld_link_addr)); + + if (nla_put(msg, NL80211_ATTR_MLD_ADDR, + ETH_ALEN, params->addr) || + nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, + params->mld_link_addr)) + goto fail; + } else { + if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, + params->addr)) + goto fail; + } + } else { + if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, params->addr)) + goto fail; + } + ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); msg = NULL; if (ret) - wpa_printf(MSG_DEBUG, "nl80211: NL80211_CMD_%s_STATION " - "result: %d (%s)", params->set ? "SET" : "NEW", ret, - strerror(-ret)); + wpa_printf(MSG_DEBUG, "nl80211: %s result: %d (%s)", + cmd_string, ret, strerror(-ret)); if (ret == -EEXIST) ret = 0; fail: diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index 7fc9b270a8..dd9858d59e 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -353,8 +353,11 @@ static inline int wpa_drv_set_ap(struct wpa_supplicant *wpa_s, static inline int wpa_drv_sta_add(struct wpa_supplicant *wpa_s, struct hostapd_sta_add_params *params) { - if (wpa_s->driver->sta_add) + if (wpa_s->driver->sta_add) { + /* Set link_id to -1 as it's needed for AP only */ + params->mld_link_id = -1; return wpa_s->driver->sta_add(wpa_s->drv_priv, params); + } return -1; } From patchwork Wed Feb 15 23:08:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743155 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=opo9pEKD; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=cNthQC3X; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDSF3h3wz23yD for ; Thu, 16 Feb 2023 10:14:53 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=jxscH/TSyxwe+z2/QQGeuweC9svXOZkK+LH/hjgrEv0=; b=opo9pEKDcSpga2 b+3ACuN7QtNf9XxnvlXinEhKMdAZey2xtQ6RtXZxXq/+ARAisaKpFq2wpJa/2Q0NyfJO3jB3b5zX8 OsPCsRE7B/yhYrCAwp2Lr79qy9LzJMWo7FyaGJfjflHSl/RYxryAK6DnrpULZTmy4X+aO1Se5gcA0 jm9EfF93CAddzoyMer9QrowdWHdekr840JklEoPAeB6xGef/z85HQXlorUbR6V/ZHaNIsdCvvmiEB wHDFc/RxXZFa3BX72rPvz0qq6ELCDO35orDJVzVRSViFL4am+zXFTFW36ShpzKquPGhI5lMs5jqjH TzFkeu96PltGDGKrvFRg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQyW-007nJP-KD; Wed, 15 Feb 2023 23:14:08 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuD-007lLy-Kw for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:42 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502581; x=1708038581; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=/1YSy/5vv29wMTzGOH/vx/rf1S+BC6KsBQ7d0O8yCNI=; b=cNthQC3X62kqH0og2wXJXMrNcEERClrYyRQQf+vt/1zTjSXpgwIP5jl+ 4uiwZTZkf1ilXNqYrEfL3SdESAR8/T6a63BYD/mAEmZy6OiBeiXFY0ORc YZyezvkNHyQHqNCybjB5guueQyo01RH6RGm6KXjsp4c1HlJpmypm9dyhC s7jWX84a5XZd8Rwk/E3SuV6dierwrtCl8fZuhpuD1DxEl7fFVgl1m1mHe VV+I6Cb8ys/DE4Lqveme9jNF7+s8MFCs+TZqs3kWJB1q/WR+Gc/fPYNC+ 2RTRu/V4vxh8mIQFzlbq+pCLFOXrfgzpkYqJV2nJN6j+5jqoLOLUvyyqL Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719610" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719610" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:41 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344199" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344199" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:40 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH 13/50] common: Split ieee8021_parse_elems() Date: Thu, 16 Feb 2023 01:08:27 +0200 Message-Id: <20230215230904.933291-14-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150941_772784_005B1E54 X-CRM114-Status: GOOD ( 12.01 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer As a preparation to parse management frames that include ML elements with per station profiles, split the function to an helper function that would not memset the elements structure. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer As a preparation to parse management frames that include ML elements with per station profiles, split the function to an helper function that would not memset the elements structure. Signed-off-by: Ilan Peer --- src/common/ieee802_11_common.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c index 7741a8df8d..d1e8bae897 100644 --- a/src/common/ieee802_11_common.c +++ b/src/common/ieee802_11_common.c @@ -409,22 +409,20 @@ static int ieee802_11_parse_extension(const u8 *pos, size_t elen, /** - * ieee802_11_parse_elems - Parse information elements in management frames + * __ieee802_11_parse_elems - Parse information elements in management frames * @start: Pointer to the start of IEs * @len: Length of IE buffer in octets * @elems: Data structure for parsed elements * @show_errors: Whether to show parsing errors in debug log * Returns: Parsing result */ -ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, - struct ieee802_11_elems *elems, - int show_errors) +static ParseRes __ieee802_11_parse_elems(const u8 *start, size_t len, + struct ieee802_11_elems *elems, + int show_errors) { const struct element *elem; int unknown = 0; - os_memset(elems, 0, sizeof(*elems)); - if (!start) return ParseOK; @@ -676,6 +674,16 @@ done: } +ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, + struct ieee802_11_elems *elems, + int show_errors) +{ + os_memset(elems, 0, sizeof(*elems)); + + return __ieee802_11_parse_elems(start, len, elems, show_errors); +} + + int ieee802_11_ie_count(const u8 *ies, size_t ies_len) { const struct element *elem; From patchwork Wed Feb 15 23:08:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743158 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=q2Ak87fD; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=agkMeBNE; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDTz30bvz23h0 for ; Thu, 16 Feb 2023 10:16:23 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=gh8YycQX874TF59FgGjCpklXbkbYwTO6QMeCD3OgqoA=; b=q2Ak87fDZ9cl/b RRvRytXxHsCeaLDHLqKhTC8CNZaJF3KNJyM/y4CCbwEh7UA0t2PY/IHVSpil33un8Mx9RfRwpsyAL crDczQZiR68GQV15ADGfyqjelhVIuoWeTd8kL2YWqmp/leyTGIZjVUHR9lYlXt2EpzrJDVr0nc8H7 8JPWWeUZAgcEBaZaDJPrZS+RQ0NZAR0MpBondTpnQiKwRfdj1fHkE7EAVKvMl2nLlNny2pp3YxfEs MJUklr8JugCNTFzhUQQqC7nU+CRd5OHk80Gv5iYlHzYSsuho0wejrfHYAt0BGa7PIZrUMyHQhytE+ 7oiEtuQTpS9g3yXymeGQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQzt-007npr-PW; Wed, 15 Feb 2023 23:15:33 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuF-007lLy-2G for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:44 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502583; x=1708038583; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=8A3G+DZSO2ShEO+hqAhAbqrxV/h9x4EcgjWheMLRPrc=; b=agkMeBNE75fCCJvxt9zrsDTPZBVKi8UpxIkM+ljLk4sSzzRh5eBJ19U0 w6SaPyHh7sJ5exKo6+YqpMg3q/65hxJyDnD+z4HAOq9NAfZaLad/DDUgk +qBkhIelWrp/NwevB7eyxMzKn9KcOiRv3KUZqFCKlzNUx0AoPb0aCID5q s2wfuaRhJl88UtEOZPbCLmBxcmM9XfnJplVMC3iJ9sIPBEYqhJdEu0s2U 4zN+E/8J1RUQbzLjzi13EAbKRnbBJSGFEkJtGYpFQUQt5Rp379m3k237d pf2QOf9HktItLG4rMWb9vj3GhpWi+ldNEBV0OTURoSTdeSYD2pT8sbDPA w==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719614" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719614" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:42 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344205" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344205" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:41 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH 14/50] common: Add support for clearing elements Date: Thu, 16 Feb 2023 01:08:28 +0200 Message-Id: <20230215230904.933291-15-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150943_199557_7F91F6A0 X-CRM114-Status: GOOD ( 13.60 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer --- src/common/ieee802_11_common.c | 266 +++++++++++++++++++++++++++++++++ src/common/ieee802_11_common.h | 4 + 2 files changed, 270 insertions(+) Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer --- src/common/ieee802_11_common.c | 266 +++++++++++++++++++++++++++++++++ src/common/ieee802_11_common.h | 4 + 2 files changed, 270 insertions(+) diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c index d1e8bae897..f55eddf62e 100644 --- a/src/common/ieee802_11_common.c +++ b/src/common/ieee802_11_common.c @@ -684,6 +684,272 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, } +/** + * ieee802_11_elems_clear_ids - clear the data for the given element IDs + * + * @ids: array of element IDs for which data should be cleared. + * @num: the number of entries in the array + */ +void ieee802_11_elems_clear_ids(struct ieee802_11_elems *elems, + const u8 *ids, size_t num) +{ + size_t i; + + for (i = 0; i < num; i++) { + switch (ids[i]) { + case WLAN_EID_SSID: + elems->ssid = NULL; + elems->ssid_len = 0; + break; + case WLAN_EID_SUPP_RATES: + elems->supp_rates = NULL; + elems->supp_rates_len = 0; + break; + case WLAN_EID_DS_PARAMS: + elems->ds_params = NULL; + break; + case WLAN_EID_CHALLENGE: + elems->challenge = NULL; + elems->challenge_len = 0; + break; + case WLAN_EID_ERP_INFO: + elems->erp_info = NULL; + break; + case WLAN_EID_EXT_SUPP_RATES: + elems->ext_supp_rates = NULL; + elems->ext_supp_rates_len = 0; + break; + case WLAN_EID_RSN: + elems->rsn_ie = NULL; + elems->rsn_ie_len = 0; + break; + case WLAN_EID_RSNX: + elems->rsnxe = NULL; + elems->rsnxe_len = 0; + break; + case WLAN_EID_PWR_CAPABILITY: + elems->power_capab = NULL; + elems->power_capab_len = 0; + break; + case WLAN_EID_SUPPORTED_CHANNELS: + elems->supp_channels = NULL; + elems->supp_channels_len = 0; + break; + case WLAN_EID_MOBILITY_DOMAIN: + elems->mdie = NULL; + elems->mdie_len = 0; + break; + case WLAN_EID_FAST_BSS_TRANSITION: + elems->ftie = NULL; + elems->ftie_len = 0; + break; + case WLAN_EID_TIMEOUT_INTERVAL: + elems->timeout_int = NULL; + break; + case WLAN_EID_HT_CAP: + elems->ht_capabilities = NULL; + break; + case WLAN_EID_HT_OPERATION: + elems->ht_operation = NULL; + break; + case WLAN_EID_MESH_CONFIG: + elems->mesh_config = NULL; + elems->mesh_config_len = 0; + break; + case WLAN_EID_MESH_ID: + elems->mesh_id = NULL; + elems->mesh_id_len = 0; + break; + case WLAN_EID_PEER_MGMT: + elems->peer_mgmt = NULL; + elems->peer_mgmt_len = 0; + break; + case WLAN_EID_VHT_CAP: + elems->vht_capabilities = NULL; + break; + case WLAN_EID_VHT_OPERATION: + elems->vht_operation = NULL; + break; + case WLAN_EID_VHT_OPERATING_MODE_NOTIFICATION: + elems->vht_opmode_notif = NULL; + break; + case WLAN_EID_LINK_ID: + elems->link_id = NULL; + break; + case WLAN_EID_INTERWORKING: + elems->interworking = NULL; + elems->interworking_len = 0; + break; + case WLAN_EID_QOS_MAP_SET: + elems->qos_map_set = NULL; + elems->qos_map_set_len = 0; + break; + case WLAN_EID_EXT_CAPAB: + elems->ext_capab = NULL; + elems->ext_capab_len = 0; + break; + case WLAN_EID_BSS_MAX_IDLE_PERIOD: + elems->bss_max_idle_period = NULL; + break; + case WLAN_EID_SSID_LIST: + elems->ssid_list = NULL; + elems->ssid_list_len = 0; + break; + case WLAN_EID_AMPE: + elems->ampe = NULL; + elems->ampe_len = 0; + break; + case WLAN_EID_MIC: + elems->mic = NULL; + elems->mic_len = 0; + break; + case WLAN_EID_MULTI_BAND: + os_memset(&elems->mb_ies, 0, sizeof(elems->mb_ies)); + elems->mb_ies.nof_ies = 0; + break; + case WLAN_EID_SUPPORTED_OPERATING_CLASSES: + elems->supp_op_classes = NULL; + elems->supp_op_classes_len = 0; + break; + case WLAN_EID_RRM_ENABLED_CAPABILITIES: + elems->rrm_enabled = NULL; + elems->rrm_enabled_len = 0; + break; + case WLAN_EID_CAG_NUMBER: + elems->cag_number = NULL; + elems->cag_number_len = 0; + break; + case WLAN_EID_AP_CSN: + elems->ap_csn = NULL; + break; + case WLAN_EID_FILS_INDICATION: + elems->fils_indic = NULL; + elems->fils_indic_len = 0; + break; + case WLAN_EID_DILS: + elems->dils = NULL; + elems->dils_len = 0; + break; + case WLAN_EID_S1G_CAPABILITIES: + elems->s1g_capab = NULL; + break; + default: + break; + } + } +} + + +/** + * ieee802_11_elems_clear_ext_ids - clear the data for the given element + * extension IDs + * + * @ids: array of element extension IDs for which data should be cleared. + * @num: the number of entries in the array + */ +void ieee802_11_elems_clear_ext_ids(struct ieee802_11_elems *elems, + const u8 *ids, size_t num) +{ + size_t i; + + for (i = 0; i < num; i++) { + switch (ids[i]) { + case WLAN_EID_EXT_ASSOC_DELAY_INFO: + elems->assoc_delay_info = NULL; + break; + case WLAN_EID_EXT_FILS_REQ_PARAMS: + elems->fils_req_params = NULL; + elems->fils_req_params_len = 0; + break; + case WLAN_EID_EXT_FILS_KEY_CONFIRM: + elems->fils_key_confirm = NULL; + elems->fils_key_confirm_len = 0; + break; + case WLAN_EID_EXT_FILS_SESSION: + elems->fils_session = NULL; + break; + case WLAN_EID_EXT_FILS_HLP_CONTAINER: + elems->fils_hlp = NULL; + elems->fils_hlp_len = 0; + break; + case WLAN_EID_EXT_FILS_IP_ADDR_ASSIGN: + elems->fils_ip_addr_assign = NULL; + elems->fils_ip_addr_assign_len = 0; + break; + case WLAN_EID_EXT_KEY_DELIVERY: + elems->key_delivery = NULL; + elems->key_delivery_len = 0; + break; + case WLAN_EID_EXT_WRAPPED_DATA: + elems->wrapped_data = NULL; + elems->wrapped_data_len = 0; + break; + case WLAN_EID_EXT_FILS_PUBLIC_KEY: + elems->fils_pk = NULL; + elems->fils_pk_len = 0; + break; + case WLAN_EID_EXT_FILS_NONCE: + elems->fils_nonce = NULL; + break; + case WLAN_EID_EXT_OWE_DH_PARAM: + elems->owe_dh = NULL; + elems->owe_dh_len = 0; + break; + case WLAN_EID_EXT_PASSWORD_IDENTIFIER: + elems->password_id = NULL; + elems->password_id_len = 0; + break; + case WLAN_EID_EXT_HE_CAPABILITIES: + elems->he_capabilities = NULL; + elems->he_capabilities_len = 0; + break; + case WLAN_EID_EXT_HE_OPERATION: + elems->he_operation = NULL; + elems->he_operation_len = 0; + break; + case WLAN_EID_EXT_OCV_OCI: + elems->oci = NULL; + elems->oci_len = 0; + break; + case WLAN_EID_EXT_SHORT_SSID_LIST: + elems->short_ssid_list = NULL; + elems->short_ssid_list_len = 0; + break; + case WLAN_EID_EXT_HE_6GHZ_BAND_CAP: + elems->he_6ghz_band_cap = NULL; + break; + case WLAN_EID_EXT_PASN_PARAMS: + elems->pasn_params = NULL; + elems->pasn_params_len = 0; + break; + case WLAN_EID_EXT_MULTI_LINK: + elems->basic_mle = NULL; + elems->probe_req_mle = NULL; + elems->reconf_mle = NULL; + elems->tdls_mle = NULL; + elems->prior_access_mle = NULL; + + elems->basic_mle_len = 0; + elems->probe_req_mle_len = 0; + elems->reconf_mle_len = 0; + elems->tdls_mle_len = 0; + elems->prior_access_mle_len = 0; + break; + case WLAN_EID_EXT_EHT_CAPABILITIES: + elems->eht_capabilities = NULL; + elems->eht_capabilities_len = 0; + break; + case WLAN_EID_EXT_EHT_OPERATION: + elems->eht_operation = NULL; + elems->eht_operation_len = 0; + break; + default: + break; + } + } +} + + int ieee802_11_ie_count(const u8 *ies, size_t ies_len) { const struct element *elem; diff --git a/src/common/ieee802_11_common.h b/src/common/ieee802_11_common.h index 9a1dbdda88..f4b17a55fb 100644 --- a/src/common/ieee802_11_common.h +++ b/src/common/ieee802_11_common.h @@ -186,6 +186,10 @@ typedef enum { ParseOK = 0, ParseUnknown = 1, ParseFailed = -1 } ParseRes; ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, struct ieee802_11_elems *elems, int show_errors); +void ieee802_11_elems_clear_ids(struct ieee802_11_elems *elems, + const u8 *ids, size_t num); +void ieee802_11_elems_clear_ext_ids(struct ieee802_11_elems *elems, + const u8 *ids, size_t num); int ieee802_11_ie_count(const u8 *ies, size_t ies_len); struct wpabuf * ieee802_11_vendor_ie_concat(const u8 *ies, size_t ies_len, u32 oui_type); From patchwork Wed Feb 15 23:08:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743161 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=0t3Ht4Nx; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=IQBqtKV9; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDWM0v2Cz23h0 for ; Thu, 16 Feb 2023 10:17:35 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=FCnd6kL5IsusRROJXR/p2UZDdfqrPhdb3DM/1dtpAvc=; b=0t3Ht4NxXSAadp UlfrARD9FgcsXF0+P9RwcEvr1K/dbDuZH9AvjFmK1X523RvdZp/AE8AxEqwJTFonAkqzKVCXAU6U5 6jDW7KPr90slbPJKic+x6N8xKRr3gSLhpk1o8dDyV+urJQ3qU5Ilzx1CJdoB2yr0V0Nhdz6j8+Onk rGKXSIZGQJRMWIm3TzA5lDL/r6HHOHgkNeIit9WyORsCpCmi4Q5vck4acf7DaEk/PYMt5KMbw/4JZ d+4lDNxv8YsH3wRilsSU2OLjW5/Lk0/ATjtMJlKkLcKh1EqCM0K/LPRC/6hFD7CTqm4gnpWQ19c8n U5zIPy/RIYnlhggbVeVw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSR0t-007oBL-5T; Wed, 15 Feb 2023 23:16:35 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuH-007lLy-J4 for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:47 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502585; x=1708038585; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Ts8CcldbwfwVonul14acfb/ZzHoY4ffZdJ78NH34CjM=; b=IQBqtKV9QMdMWmCF8BLqL7vrCHMFDEcCB3KYm5V3OwMUJwYU0xxpA8KC 144mu897fZom6UwWLUOhNI90fQZQeGoJfF8dapRybozAtqLhkw4DhZUbl ucoGSHmLTZgwsqQnCjaiJuRxtCXRtOgXG9DmC3xshh3tHXsn2OP4O/cuC HVLGbno68LBkWBRAUjC2e5ITjmjid+VI1yroqyprNmMUyAtiVP60ZwE7f alpnYR6G/CZ2N4Wt1bjw1xW3AG84fqttKmtuSfnauZ4nOwyFz3fPPRCZK ZVRQykP+btHcqWx8NGqRDxsxXtM2Eeqwu8dnSk5ZUq9Ti/6WL6vjxfxK8 g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719620" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719620" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:44 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344211" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344211" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:42 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 15/50] common: Support parsing link specific association request Date: Thu, 16 Feb 2023 01:08:29 +0200 Message-Id: <20230215230904.933291-16-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150945_713678_63D010D4 X-CRM114-Status: GOOD ( 15.94 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer An association request in the context of an MLO connection can contain an ML element that holds the per station profile for the additional links negotiated. To support this, add a function to parse th [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer An association request in the context of an MLO connection can contain an ML element that holds the per station profile for the additional links negotiated. To support this, add a function to parse the per station profile. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/common/ieee802_11_common.c | 147 +++++++++++++++++++++++++++++++++ src/common/ieee802_11_common.h | 4 + 2 files changed, 151 insertions(+) diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c index f55eddf62e..0941cb9afe 100644 --- a/src/common/ieee802_11_common.c +++ b/src/common/ieee802_11_common.c @@ -950,6 +950,153 @@ void ieee802_11_elems_clear_ext_ids(struct ieee802_11_elems *elems, } +ParseRes ieee802_11_parse_link_assoc_req(const u8 *start, size_t len, + struct ieee802_11_elems *elems, + struct wpabuf *mlbuf, + u8 link_id, int show_errors) +{ + struct ieee80211_eht_ml *ml; + const u8 *pos; + ParseRes res = ParseFailed; + + pos = wpabuf_head(mlbuf); + len = wpabuf_len(mlbuf); + + /* must have control and common info length */ + if (len < sizeof(*ml) + 1 || len < sizeof(*ml) + pos[sizeof(*ml)]) + goto out; + + ml = (struct ieee80211_eht_ml *)pos; + + /* As we are interested with the Per-Sta profile, ignore other types */ + if ((le_to_host16(ml->ml_control) & MULTI_LINK_CONTROL_TYPE_MASK) != + MULTI_LINK_CONTROL_TYPE_BASIC) + goto out; + + /* skip the common info */ + len -= sizeof(*ml) + pos[sizeof(*ml)]; + pos += sizeof(*ml) + pos[sizeof(*ml)]; + + while (len > 2) { + size_t sub_elem_len = *(pos + 1); + size_t sta_info_len; + u16 link_info_control; + const u8 *non_inherit; + + wpa_printf(MSG_DEBUG, + "MLD: sub element: len=%zu, sub_elem_len=%zu", + len, sub_elem_len); + + if (2 + sub_elem_len > len) { + if (show_errors) + wpa_printf(MSG_DEBUG, + "MLD: error: len=%zu, sub_elem_len=%zu", + len, sub_elem_len); + goto out; + } + + if (*pos != 0) { + pos += 2 + sub_elem_len; + len -= 2 + sub_elem_len; + continue; + } + + if (sub_elem_len < 3) { + if (show_errors) + wpa_printf(MSG_DEBUG, + "MLD: error: sub_elem_len=%zu < 5", + sub_elem_len); + goto out; + } + + link_info_control = WPA_GET_LE16(pos + 2); + if ((link_info_control & BASIC_MLE_STA_CTRL_LINK_ID_MASK) != + link_id) { + pos += 2 + sub_elem_len; + len -= 2 + sub_elem_len; + continue; + } + + sta_info_len = *(pos + 4); + if (sub_elem_len < sta_info_len + 3) { + if (show_errors) + wpa_printf(MSG_DEBUG, + "MLD: error: sub_elem_len=%zu, sta_info_len=%zu", + sub_elem_len, sta_info_len); + goto out; + } + + pos += sta_info_len + 4; + sub_elem_len -= sta_info_len + 2; + + if (sub_elem_len < 2) { + if (show_errors) + wpa_printf(MSG_DEBUG, + "MLD: missing capability info"); + goto out; + } + + pos += 2; + sub_elem_len -= 2; + + /* handle none inheritance */ + non_inherit = get_ie_ext(pos, sub_elem_len, + WLAN_EID_EXT_NON_INHERITANCE); + if (non_inherit && non_inherit[1] > 1) { + u8 non_inherit_len = non_inherit[1] - 1; + + /* + * Do not include the none inheritance element when + * parsing below. It should be the last element in the + * sub element. + */ + sub_elem_len -= 3 + non_inherit_len; + + /* skip the ID, length and extension ID */ + non_inherit += 3; + + if (non_inherit_len < 1UL + non_inherit[0]) { + if (show_errors) + wpa_printf(MSG_DEBUG, + "MLD: invalid inheritance"); + goto out; + } + + ieee802_11_elems_clear_ids(elems, + &non_inherit[1], + non_inherit[0]); + + non_inherit_len -= 1 + non_inherit[0]; + non_inherit += 1 + non_inherit[0]; + + if (non_inherit_len < 1UL + non_inherit[0]) { + if (show_errors) + wpa_printf(MSG_DEBUG, + "MLD: invalid inheritance"); + goto out; + } + + ieee802_11_elems_clear_ext_ids(elems, + &non_inherit[1], + non_inherit[0]); + } + + wpa_printf(MSG_DEBUG, "MLD: link: sub_elem_len=%zu", + sub_elem_len); + + if (sub_elem_len) + res = __ieee802_11_parse_elems(pos, sub_elem_len, + elems, show_errors); + else + res = ParseOK; + break; + } + +out: + return res; +} + + int ieee802_11_ie_count(const u8 *ies, size_t ies_len) { const struct element *elem; diff --git a/src/common/ieee802_11_common.h b/src/common/ieee802_11_common.h index f4b17a55fb..949cab73d6 100644 --- a/src/common/ieee802_11_common.h +++ b/src/common/ieee802_11_common.h @@ -190,6 +190,10 @@ void ieee802_11_elems_clear_ids(struct ieee802_11_elems *elems, const u8 *ids, size_t num); void ieee802_11_elems_clear_ext_ids(struct ieee802_11_elems *elems, const u8 *ids, size_t num); +ParseRes ieee802_11_parse_link_assoc_req(const u8 *start, size_t len, + struct ieee802_11_elems *elems, + struct wpabuf *mlbuf, + u8 link_id, int show_errors); int ieee802_11_ie_count(const u8 *ies, size_t ies_len); struct wpabuf * ieee802_11_vendor_ie_concat(const u8 *ies, size_t ies_len, u32 oui_type); From patchwork Wed Feb 15 23:08:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743163 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=g/XMHuGz; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=buBKDMPy; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDXc4Bppz23h0 for ; Thu, 16 Feb 2023 10:18:40 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=U4If/+0FE4Zw4R3DWzjAW2Si+mYs/R+SMjT3OinqOBM=; b=g/XMHuGzd+Uyy/ lv/Z5ES3ZYYwbZe0KtNJ/v/HxQgajILVsSIY6ZOgmkK8Ai01PPfkkuxvIW/cqZ0/LJPbpg543n0hf metORNmLdGu1T9/PPdxX5NxOeaLXtQMRGLMjG/HycuoCGZ+YhNEmJTGnUE7mc0VNT9Yjzt66RrTZl cPvS8LfPION6ZeIkHKDZzkImur1y6VxNsViNLG7lrFa/S1y9Hd6Dy7rE7IBNFgaokQfhi/UOlYiQz 23F9aohAjU8GEu8MtG1gY3bta9B0norh9Y8n/3dhCd6I+AIcJxCBjs2ZbewWCTOXmpDZegjNjErc2 Prrckp/kapKsVw8l1Odg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSR1m-007oVL-7k; Wed, 15 Feb 2023 23:17:30 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuI-007lOc-FN for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502586; x=1708038586; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=jIGwmPk+7s9h5NjLeOh1/sf5G8+uFxBIoixVcpkfL5Y=; b=buBKDMPyg1tU3BlybtZJiLpTQcmaC0uusnXojNRtCGBzAii7L24t4Txm UD11gSu3DscWsk6wBCF/zG6Y09KDHSzOEhVfL2K9wtHC2uogh/KgRh1Ct uByy3+Vsjy1P1nJ0QJlB2Y1ObTfEqZmf5Cz83IakoE9wiwZr7u/Gy0AbA o+XtegG3sQa3XuX8ThS0JvsDrBwUlhXWGkqbPBF6fWffuXbm8KqdTExVT dA5ABsJLQX2VhqZGuDn+1lC0OGDnfgzKCrBETKwF/BDIBqOFVXTMJBH2d +DgIKJjDqSjQZrtt8lim05Qv/tULefMze1Okowr0uN+Y0XbQfFhX44ri2 g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719623" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719623" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:45 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344223" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344223" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:44 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 16/50] AP: Split check_assoc_ies() Date: Thu, 16 Feb 2023 01:08:30 +0200 Message-Id: <20230215230904.933291-17-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150946_621161_3C756872 X-CRM114-Status: GOOD ( 17.79 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer As a preparation for processing an association request with ML element, split the function such that the elements checking would be separate from parsing. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 146 +++++++++++++++++++++++ 1 file [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer As a preparation for processing an association request with ML element, split the function such that the elements checking would be separate from parsing. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 146 +++++++++++++++++++++++--------------------- 1 file changed, 78 insertions(+), 68 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 5549e1094e..ddf228cc3a 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -3652,40 +3652,34 @@ static bool check_sa_query(struct hostapd_data *hapd, struct sta_info *sta, } -static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, - const u8 *ies, size_t ies_len, int reassoc) +static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *ies, size_t ies_len, + struct ieee802_11_elems *elems, int reassoc) { - struct ieee802_11_elems elems; int resp; const u8 *wpa_ie; size_t wpa_ie_len; const u8 *p2p_dev_addr = NULL; - if (ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed) { - hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, - HOSTAPD_LEVEL_INFO, "Station sent an invalid " - "association request"); - return WLAN_STATUS_UNSPECIFIED_FAILURE; - } - - resp = check_ssid(hapd, sta, elems.ssid, elems.ssid_len); + resp = check_ssid(hapd, sta, elems->ssid, elems->ssid_len); if (resp != WLAN_STATUS_SUCCESS) return resp; - resp = check_wmm(hapd, sta, elems.wmm, elems.wmm_len); + resp = check_wmm(hapd, sta, elems->wmm, elems->wmm_len); if (resp != WLAN_STATUS_SUCCESS) return resp; - resp = check_ext_capab(hapd, sta, elems.ext_capab, elems.ext_capab_len); + resp = check_ext_capab(hapd, sta, elems->ext_capab, + elems->ext_capab_len); if (resp != WLAN_STATUS_SUCCESS) return resp; - resp = copy_supp_rates(hapd, sta, &elems); + resp = copy_supp_rates(hapd, sta, elems); if (resp != WLAN_STATUS_SUCCESS) return resp; - resp = check_multi_ap(hapd, sta, elems.multi_ap, elems.multi_ap_len); + resp = check_multi_ap(hapd, sta, elems->multi_ap, elems->multi_ap_len); if (resp != WLAN_STATUS_SUCCESS) return resp; - resp = copy_sta_ht_capab(hapd, sta, elems.ht_capabilities); + resp = copy_sta_ht_capab(hapd, sta, elems->ht_capabilities); if (resp != WLAN_STATUS_SUCCESS) return resp; if (hapd->iconf->ieee80211n && hapd->iconf->require_ht && @@ -3698,11 +3692,11 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, #ifdef CONFIG_IEEE80211AC if (hapd->iconf->ieee80211ac) { - resp = copy_sta_vht_capab(hapd, sta, elems.vht_capabilities); + resp = copy_sta_vht_capab(hapd, sta, elems->vht_capabilities); if (resp != WLAN_STATUS_SUCCESS) return resp; - resp = set_sta_vht_opmode(hapd, sta, elems.vht_opmode_notif); + resp = set_sta_vht_opmode(hapd, sta, elems->vht_opmode_notif); if (resp != WLAN_STATUS_SUCCESS) return resp; } @@ -3715,9 +3709,9 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, return WLAN_STATUS_ASSOC_DENIED_NO_VHT; } - if (hapd->conf->vendor_vht && !elems.vht_capabilities) { - resp = copy_sta_vendor_vht(hapd, sta, elems.vendor_vht, - elems.vendor_vht_len); + if (hapd->conf->vendor_vht && !elems->vht_capabilities) { + resp = copy_sta_vendor_vht(hapd, sta, elems->vendor_vht, + elems->vendor_vht_len); if (resp != WLAN_STATUS_SUCCESS) return resp; } @@ -3725,8 +3719,8 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, #ifdef CONFIG_IEEE80211AX if (hapd->iconf->ieee80211ax && !hapd->conf->disable_11ax) { resp = copy_sta_he_capab(hapd, sta, IEEE80211_MODE_AP, - elems.he_capabilities, - elems.he_capabilities_len); + elems->he_capabilities, + elems->he_capabilities_len); if (resp != WLAN_STATUS_SUCCESS) return resp; @@ -3747,7 +3741,7 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, return WLAN_STATUS_DENIED_HE_NOT_SUPPORTED; } resp = copy_sta_he_6ghz_capab(hapd, sta, - elems.he_6ghz_band_cap); + elems->he_6ghz_band_cap); if (resp != WLAN_STATUS_SUCCESS) return resp; } @@ -3756,17 +3750,17 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, #ifdef CONFIG_IEEE80211BE if (hapd->iconf->ieee80211be && !hapd->conf->disable_11be) { resp = copy_sta_eht_capab(hapd, sta, IEEE80211_MODE_AP, - elems.he_capabilities, - elems.he_capabilities_len, - elems.eht_capabilities, - elems.eht_capabilities_len); + elems->he_capabilities, + elems->he_capabilities_len, + elems->eht_capabilities, + elems->eht_capabilities_len); if (resp != WLAN_STATUS_SUCCESS) return resp; } #endif /* CONFIG_IEEE80211BE */ #ifdef CONFIG_P2P - if (elems.p2p) { + if (elems->p2p) { wpabuf_free(sta->p2p_ie); sta->p2p_ie = ieee802_11_vendor_ie_concat(ies, ies_len, P2P_IE_VENDOR_TYPE); @@ -3778,13 +3772,13 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, } #endif /* CONFIG_P2P */ - if ((hapd->conf->wpa & WPA_PROTO_RSN) && elems.rsn_ie) { - wpa_ie = elems.rsn_ie; - wpa_ie_len = elems.rsn_ie_len; + if ((hapd->conf->wpa & WPA_PROTO_RSN) && elems->rsn_ie) { + wpa_ie = elems->rsn_ie; + wpa_ie_len = elems->rsn_ie_len; } else if ((hapd->conf->wpa & WPA_PROTO_WPA) && - elems.wpa_ie) { - wpa_ie = elems.wpa_ie; - wpa_ie_len = elems.wpa_ie_len; + elems->wpa_ie) { + wpa_ie = elems->wpa_ie; + wpa_ie_len = elems->wpa_ie_len; } else { wpa_ie = NULL; wpa_ie_len = 0; @@ -3792,7 +3786,7 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, #ifdef CONFIG_WPS sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS | WLAN_STA_WPS2); - if (hapd->conf->wps_state && elems.wps_ie) { + if (hapd->conf->wps_state && elems->wps_ie && ies && ies_len) { wpa_printf(MSG_DEBUG, "STA included WPS IE in (Re)Association " "Request - assume WPS is used"); if (check_sa_query(hapd, sta, reassoc)) @@ -3846,10 +3840,10 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, hapd->iface->freq, wpa_ie, wpa_ie_len, - elems.rsnxe ? elems.rsnxe - 2 : NULL, - elems.rsnxe ? elems.rsnxe_len + 2 : 0, - elems.mdie, elems.mdie_len, - elems.owe_dh, elems.owe_dh_len); + elems->rsnxe ? elems->rsnxe - 2 : NULL, + elems->rsnxe ? elems->rsnxe_len + 2 : 0, + elems->mdie, elems->mdie_len, + elems->owe_dh, elems->owe_dh_len); resp = wpa_res_to_status_code(res); if (resp != WLAN_STATUS_SUCCESS) return resp; @@ -3906,7 +3900,7 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, if (hapd->conf->sae_pwe == SAE_PWE_BOTH && sta->auth_alg == WLAN_AUTH_SAE && sta->sae && !sta->sae->h2e && - ieee802_11_rsnx_capab_len(elems.rsnxe, elems.rsnxe_len, + ieee802_11_rsnx_capab_len(elems->rsnxe, elems->rsnxe_len, WLAN_RSNX_CAPAB_SAE_H2E)) { wpa_printf(MSG_INFO, "SAE: " MACSTR " indicates support for SAE H2E, but did not use it", @@ -3918,9 +3912,9 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, #ifdef CONFIG_OWE if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE && - elems.owe_dh) { - resp = owe_process_assoc_req(hapd, sta, elems.owe_dh, - elems.owe_dh_len); + elems->owe_dh) { + resp = owe_process_assoc_req(hapd, sta, elems->owe_dh, + elems->owe_dh_len); if (resp != WLAN_STATUS_SUCCESS) return resp; } @@ -3934,7 +3928,7 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) && hapd->conf->dpp_netaccesskey && sta->wpa_sm && wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP && - elems.owe_dh) { + elems->owe_dh) { sta->dpp_pfs = dpp_pfs_init( wpabuf_head(hapd->conf->dpp_netaccesskey), wpabuf_len(hapd->conf->dpp_netaccesskey)); @@ -3945,8 +3939,8 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, goto pfs_fail; } - if (dpp_pfs_process(sta->dpp_pfs, elems.owe_dh, - elems.owe_dh_len) < 0) { + if (dpp_pfs_process(sta->dpp_pfs, elems->owe_dh, + elems->owe_dh_len) < 0) { dpp_pfs_free(sta->dpp_pfs); sta->dpp_pfs = NULL; return WLAN_STATUS_UNSPECIFIED_FAILURE; @@ -3969,7 +3963,7 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, } #ifdef CONFIG_HS20 } else if (hapd->conf->osen) { - if (elems.osen == NULL) { + if (!elems->osen) { hostapd_logger( hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_INFO, @@ -3987,7 +3981,7 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, return WLAN_STATUS_UNSPECIFIED_FAILURE; } if (wpa_validate_osen(hapd->wpa_auth, sta->wpa_sm, - elems.osen - 2, elems.osen_len + 2) < 0) + elems->osen - 2, elems->osen_len + 2) < 0) return WLAN_STATUS_INVALID_IE; #endif /* CONFIG_HS20 */ } else @@ -3999,12 +3993,12 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, #ifdef CONFIG_HS20 wpabuf_free(sta->hs20_ie); - if (elems.hs20 && elems.hs20_len > 4) { + if (elems->hs20 && elems->hs20_len > 4) { int release; - sta->hs20_ie = wpabuf_alloc_copy(elems.hs20 + 4, - elems.hs20_len - 4); - release = ((elems.hs20[4] >> 4) & 0x0f) + 1; + sta->hs20_ie = wpabuf_alloc_copy(elems->hs20 + 4, + elems->hs20_len - 4); + release = ((elems->hs20[4] >> 4) & 0x0f) + 1; if (release >= 2 && !wpa_auth_uses_mfp(sta->wpa_sm) && hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { wpa_printf(MSG_DEBUG, @@ -4017,10 +4011,10 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, } wpabuf_free(sta->roaming_consortium); - if (elems.roaming_cons_sel) + if (elems->roaming_cons_sel) sta->roaming_consortium = wpabuf_alloc_copy( - elems.roaming_cons_sel + 4, - elems.roaming_cons_sel_len - 4); + elems->roaming_cons_sel + 4, + elems->roaming_cons_sel_len - 4); else sta->roaming_consortium = NULL; #endif /* CONFIG_HS20 */ @@ -4028,16 +4022,16 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, #ifdef CONFIG_FST wpabuf_free(sta->mb_ies); if (hapd->iface->fst) - sta->mb_ies = mb_ies_by_info(&elems.mb_ies); + sta->mb_ies = mb_ies_by_info(&elems->mb_ies); else sta->mb_ies = NULL; #endif /* CONFIG_FST */ #ifdef CONFIG_MBO - mbo_ap_check_sta_assoc(hapd, sta, &elems); + mbo_ap_check_sta_assoc(hapd, sta, elems); if (hapd->conf->mbo_enabled && (hapd->conf->wpa & 2) && - elems.mbo && sta->cell_capa && !(sta->flags & WLAN_STA_MFP) && + elems->mbo && sta->cell_capa && !(sta->flags & WLAN_STA_MFP) && hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { wpa_printf(MSG_INFO, "MBO: Reject WPA2 association without PMF"); @@ -4067,7 +4061,7 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, &tx_seg1_idx) < 0) return WLAN_STATUS_UNSPECIFIED_FAILURE; - res = ocv_verify_tx_params(elems.oci, elems.oci_len, &ci, + res = ocv_verify_tx_params(elems->oci, elems->oci_len, &ci, tx_chanwidth, tx_seg1_idx); if (wpa_auth_uses_ocv(sta->wpa_sm) == 2 && res == OCI_NOT_FOUND) { @@ -4086,18 +4080,18 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, } #endif /* CONFIG_FILS && CONFIG_OCV */ - ap_copy_sta_supp_op_classes(sta, elems.supp_op_classes, - elems.supp_op_classes_len); + ap_copy_sta_supp_op_classes(sta, elems->supp_op_classes, + elems->supp_op_classes_len); if ((sta->capability & WLAN_CAPABILITY_RADIO_MEASUREMENT) && - elems.rrm_enabled && - elems.rrm_enabled_len >= sizeof(sta->rrm_enabled_capa)) - os_memcpy(sta->rrm_enabled_capa, elems.rrm_enabled, + elems->rrm_enabled && + elems->rrm_enabled_len >= sizeof(sta->rrm_enabled_capa)) + os_memcpy(sta->rrm_enabled_capa, elems->rrm_enabled, sizeof(sta->rrm_enabled_capa)); - if (elems.power_capab) { - sta->min_tx_power = elems.power_capab[0]; - sta->max_tx_power = elems.power_capab[1]; + if (elems->power_capab) { + sta->min_tx_power = elems->power_capab[0]; + sta->max_tx_power = elems->power_capab[1]; sta->power_capab = 1; } else { sta->power_capab = 0; @@ -4107,6 +4101,22 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, } +static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *ies, size_t ies_len, int reassoc) +{ + struct ieee802_11_elems elems; + + if (ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed) { + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, + "Station sent an invalid association request"); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + + return __check_assoc_ies(hapd, sta, ies, ies_len, &elems, reassoc); +} + + static void send_deauth(struct hostapd_data *hapd, const u8 *addr, u16 reason_code) { From patchwork Wed Feb 15 23:08:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743165 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=NnkHX5W7; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=NYdGKuBf; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDYt0rXyz23j7 for ; Thu, 16 Feb 2023 10:19:46 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=UkzXrO6AaF60FcG2KPis1IOI5U+MhCpK+WXZ2HxqY64=; b=NnkHX5W7lkcDHH EgTmAXaslAMFg8P+hdRxZu2BHa28SJtov66zm0jXFxAMFT+X1pJDebl8fgV9bG/QgLv61i91vtI4u o7Tdk6heUYnLYz8CyWG2kTIPXlBSM+LhTs/rzGM2aRZPPUJKgp8t/VJT6xdFS+1uZoLfjr7H5A4Ri ps6l3KMqcU+C1obOBvd2DuluLqoJHKiWY13agvM0doQOTCuhUCCvIaREpRoSaMhHa9fjbUmK8hgE6 g6ouZi/c/Ko/Z5I7iTnTis4vBmC9CxB98tlgDHR9g2MuSHnl+z8q5BuGs+9CP40g5pZr+p7RVQMvI 84wA2Rv8m9dHtIUR6wZQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSR2y-007ow7-Kr; Wed, 15 Feb 2023 23:18:44 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuK-007lLy-A6 for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:49 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502588; x=1708038588; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=TII0WTItO8vjhnDaPbFzzmZW3pwFnL9lFuPoKzTdBMA=; b=NYdGKuBfpJbWUQjjISHvNj9Yv2TGIgyMQiMnABXZ2XKcVubUENGuPIL4 EK38Y3PzY2RvRiHbNqFMRrCfjoLBcscgKwR5PDYR7CHqd78jf1+yCEnVx kzxa0kEhWV+CKJOijqw5vDnOwsf7WwzNJYQ6762v3pkE2APex6zSa+Tg6 dz1L87Zm2Ear/8Eq0PUo4GFlBwcyiLw/tN3js2aCl3dNaQFJIpZg6VBKW SugalUG0E9ASzNxIzx0WY9/YgVkJ9NqTj+AQ6BuergxwmcbSkw89hk1AB //U7M50wyeWSS1EolpLITfmmO7Z7Fdh0f1yHeD3sf9dDPBnEQ2qMdva48 g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719631" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719631" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:48 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344231" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344231" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:46 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 17/50] AP: MLO: Make 802.1X SM, authserv and radius client singletons Date: Thu, 16 Feb 2023 01:08:31 +0200 Message-Id: <20230215230904.933291-18-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150948_444653_AA142AAF X-CRM114-Status: GOOD ( 16.51 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer To simplify the handling of MLD stations, assume that all interfaces/BSSs use the same 802.1X authenticator, same radius server instance and same radius client. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/authsrv.c | 38 ++++++++++++++++++++++++ src/ap/hostapd.c | 71 +++++++++ [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer To simplify the handling of MLD stations, assume that all interfaces/BSSs use the same 802.1X authenticator, same radius server instance and same radius client. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/authsrv.c | 38 ++++++++++++++++++++++++ src/ap/hostapd.c | 71 +++++++++++++++++++++++++++------------------ src/ap/ieee802_1x.c | 16 ++++++++++ 3 files changed, 97 insertions(+), 28 deletions(-) diff --git a/src/ap/authsrv.c b/src/ap/authsrv.c index 4ab2a4a601..9914ed4e12 100644 --- a/src/ap/authsrv.c +++ b/src/ap/authsrv.c @@ -106,6 +106,15 @@ static int hostapd_setup_radius_srv(struct hostapd_data *hapd) { struct radius_server_conf srv; struct hostapd_bss_config *conf = hapd->conf; + + if (hapd->mld_first_bss) { + wpa_printf(MSG_DEBUG, + "MLD: using radius_srv of first BSS"); + + hapd->radius_srv = hapd->mld_first_bss->radius_srv; + return 0; + } + os_memset(&srv, 0, sizeof(srv)); srv.client_file = conf->radius_server_clients; srv.auth_port = conf->radius_server_auth_port; @@ -238,6 +247,20 @@ static struct eap_config * authsrv_eap_config(struct hostapd_data *hapd) int authsrv_init(struct hostapd_data *hapd) { + if (hapd->mld_first_bss) { + wpa_printf(MSG_DEBUG, + "MLD: using auth_serv of first BSS"); + +#ifdef EAP_TLS_FUNCS + hapd->ssl_ctx = hapd->mld_first_bss->ssl_ctx; +#endif /* EAP_TLS_FUNCS */ + hapd->eap_cfg = hapd->mld_first_bss->eap_cfg; +#ifdef EAP_SIM_DB + hapd->eap_sim_db_priv = hapd->mld_first_bss->eap_sim_db_priv; +#endif /* EAP_SIM_DB */ + return 0; + } + #ifdef EAP_TLS_FUNCS if (hapd->conf->eap_server && (hapd->conf->ca_cert || hapd->conf->server_cert || @@ -352,6 +375,21 @@ int authsrv_init(struct hostapd_data *hapd) void authsrv_deinit(struct hostapd_data *hapd) { + if (hapd->mld_first_bss) { + wpa_printf(MSG_DEBUG, + "MLD: deinit auth_serv of non first BSS"); + + hapd->radius_srv = NULL; + hapd->eap_cfg = NULL; +#ifdef EAP_SIM_DB + hapd->eap_sim_db_priv = NULL; +#endif /* EAP_SIM_DB */ +#ifdef EAP_TLS_FUNCS + hapd->ssl_ctx = NULL; +#endif /* EAP_TLS_FUNCS */ + return; + } + #ifdef RADIUS_SERVER radius_server_deinit(hapd->radius_srv); hapd->radius_srv = NULL; diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index bd353c5523..a47acd2506 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -439,9 +439,11 @@ void hostapd_free_hapd_data(struct hostapd_data *hapd) vlan_deinit(hapd); hostapd_acl_deinit(hapd); #ifndef CONFIG_NO_RADIUS - radius_client_deinit(hapd->radius); + if (!hapd->mld_first_bss) { + radius_client_deinit(hapd->radius); + radius_das_deinit(hapd->radius_das); + } hapd->radius = NULL; - radius_das_deinit(hapd->radius_das); hapd->radius_das = NULL; #endif /* CONFIG_NO_RADIUS */ @@ -1215,6 +1217,10 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first, u8 if_addr[ETH_ALEN]; int flush_old_stations = 1; + if (hapd->mld_first_bss) + wpa_printf(MSG_DEBUG, + "MLD: %s: setting non-first BSS", __func__); + wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s), first=%d)", __func__, hapd, conf->iface, first); @@ -1373,34 +1379,43 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first, } #endif /* CONFIG_SQLITE */ - hapd->radius = radius_client_init(hapd, conf->radius); - if (hapd->radius == NULL) { - wpa_printf(MSG_ERROR, "RADIUS client initialization failed."); - return -1; - } - - if (conf->radius_das_port) { - struct radius_das_conf das_conf; - os_memset(&das_conf, 0, sizeof(das_conf)); - das_conf.port = conf->radius_das_port; - das_conf.shared_secret = conf->radius_das_shared_secret; - das_conf.shared_secret_len = - conf->radius_das_shared_secret_len; - das_conf.client_addr = &conf->radius_das_client_addr; - das_conf.time_window = conf->radius_das_time_window; - das_conf.require_event_timestamp = - conf->radius_das_require_event_timestamp; - das_conf.require_message_authenticator = - conf->radius_das_require_message_authenticator; - das_conf.ctx = hapd; - das_conf.disconnect = hostapd_das_disconnect; - das_conf.coa = hostapd_das_coa; - hapd->radius_das = radius_das_init(&das_conf); - if (hapd->radius_das == NULL) { - wpa_printf(MSG_ERROR, "RADIUS DAS initialization " - "failed."); + if (!hapd->mld_first_bss) { + hapd->radius = radius_client_init(hapd, conf->radius); + if (!hapd->radius) { + wpa_printf(MSG_ERROR, + "RADIUS client initialization failed."); return -1; } + + if (conf->radius_das_port) { + struct radius_das_conf das_conf; + + os_memset(&das_conf, 0, sizeof(das_conf)); + das_conf.port = conf->radius_das_port; + das_conf.shared_secret = conf->radius_das_shared_secret; + das_conf.shared_secret_len = + conf->radius_das_shared_secret_len; + das_conf.client_addr = &conf->radius_das_client_addr; + das_conf.time_window = conf->radius_das_time_window; + das_conf.require_event_timestamp = + conf->radius_das_require_event_timestamp; + das_conf.require_message_authenticator = + conf->radius_das_require_message_authenticator; + das_conf.ctx = hapd; + das_conf.disconnect = hostapd_das_disconnect; + das_conf.coa = hostapd_das_coa; + hapd->radius_das = radius_das_init(&das_conf); + if (!hapd->radius_das) { + wpa_printf(MSG_ERROR, + "RADIUS DAS initialization failed."); + return -1; + } + } + } else { + wpa_printf(MSG_ERROR, + "MLD: Using radius client of first BSS"); + hapd->radius = hapd->mld_first_bss->radius; + hapd->radius_das = hapd->mld_first_bss->radius_das; } #endif /* CONFIG_NO_RADIUS */ diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c index 46a47d06e7..e5bd1aba70 100644 --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c @@ -2472,6 +2472,14 @@ int ieee802_1x_init(struct hostapd_data *hapd) struct eapol_auth_config conf; struct eapol_auth_cb cb; + if (hapd->mld_first_bss) { + wpa_printf(MSG_DEBUG, + "MLD: using 802.1X SM of first BSS"); + + hapd->eapol_auth = hapd->mld_first_bss->eapol_auth; + return 0; + } + dl_list_init(&hapd->erp_keys); os_memset(&conf, 0, sizeof(conf)); @@ -2556,6 +2564,14 @@ void ieee802_1x_erp_flush(struct hostapd_data *hapd) void ieee802_1x_deinit(struct hostapd_data *hapd) { + if (hapd->mld_first_bss) { + wpa_printf(MSG_DEBUG, + "MLD: deinit 802.1X SM of non first BSS"); + + hapd->eapol_auth = NULL; + return; + } + #ifdef CONFIG_WEP eloop_cancel_timeout(ieee802_1x_rekey, hapd, NULL); #endif /* CONFIG_WEP */ From patchwork Wed Feb 15 23:08:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743166 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Vn4rx7mt; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=fESYwaLn; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDbK73wMz23yD for ; Thu, 16 Feb 2023 10:21:01 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=d5AgfwBVFnYeusE/F7yAE+Qy+YiH7uBBr/CdQzy82cI=; b=Vn4rx7mtF7fSt+ /G3Grl4pm9j8tmb9wbmKPXCU+oLtWt4UZoGGoXAkI25rvVp/gtAHc6s9+OckVsFsGvkZzPBlUhAo1 8XFx9wFErDuKa2Z/Nzrw/jODvMiAi7aBhQ2msTVpxgFOq5xdmKDLebu7TN1k5d/89/l1eLYzFx6Rc 07jSHY1DPEDQ1ldzONY5RVuWj/CFESCUbDPqgphkV+lY1aIj27q1mH/4UYCsk2catK3+O6KJ2F04/ 18fog1bx5XgXwxt1pVeK1+8QHVqDPwgWKcSVddVPTSXTrWQGf6vLsqmmZNuWh8izCHAMzklnNhU9I PhA4seRYJ/tY+xOrNdhA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSR49-007pHz-WD; Wed, 15 Feb 2023 23:19:58 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuL-007lOc-MW for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:51 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502589; x=1708038589; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=NPlgL+rltv5yQM8qnezHvW1AOk7MO+GtJ+ZndaA+RPw=; b=fESYwaLnCUOspN/pGUNchdI9V8NxymySPyHxdbkFI1Kkvs6xpSgIQxVq UQruLuCweHWgYXyAd6yTDQjCtIy58zYa5gDX52ihNEsIdg5ZJNi8Wefre wUFqhLzsVJMy/AdTVXxuCKPUzEFrSM+mwO4wA3FOq2FzD7HjWb3OG7lcX 4YhWqN6LKpRP95F8vHqVNziVYCq5SCupDwxSTq+V3XTd5aNHCAlShS+V4 ZMF+wjwIA+6+CI1pleOKwNylqxfbBl82YCDq++muQMhsdOjxocICrMj0Z PbmFC7dIBCKuoTXwyghbTS4pj7m+Z0p+tiZysO3nNKilQbaWWvE6EmdPa Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719640" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719640" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:49 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344235" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344235" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:48 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH 18/50] AP: Match Rx frames against MLD address Date: Thu, 16 Feb 2023 01:08:32 +0200 Message-Id: <20230215230904.933291-19-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150949_807519_16B5E220 X-CRM114-Status: GOOD ( 13.60 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Once a station is added to the underlying driver, the driver is expected to do address translation and use MLD addresses. Thus, when handling a Rx management frame, match it against the MLD address. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Once a station is added to the underlying driver, the driver is expected to do address translation and use MLD addresses. Thus, when handling a Rx management frame, match it against the MLD address. Signed-off-by: Ilan Peer --- src/ap/drv_callbacks.c | 13 +++++++++++-- src/ap/ieee802_11.c | 8 ++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c index 71c905ba6e..5869d71f44 100644 --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c @@ -1455,6 +1455,7 @@ static int hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) const u8 *bssid; struct hostapd_frame_info fi; int ret; + bool is_mld = false; #ifdef CONFIG_TESTING_OPTIONS if (hapd->ext_mgmt_frame_handling) { @@ -1476,8 +1477,16 @@ static int hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) if (bssid == NULL) return 0; - hapd = get_hapd_bssid(iface, bssid); - if (hapd == NULL) { +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && + !os_memcmp(hapd->mld_addr, bssid, ETH_ALEN)) + is_mld = true; +#endif /* CONFIG_IEEE80211BE */ + + if (!is_mld) + hapd = get_hapd_bssid(iface, bssid); + + if (!hapd) { u16 fc = le_to_host16(hdr->frame_control); /* diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index ddf228cc3a..acec8f7620 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -5490,6 +5490,10 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, #ifdef CONFIG_MESH !(hapd->conf->mesh & MESH_ENABLED) && #endif /* CONFIG_MESH */ +#ifdef CONFIG_IEEE80211BE + !(hapd->conf->mld_ap && !os_memcmp(hapd->mld_addr, mgmt->bssid, + ETH_ALEN)) && +#endif /* CONFIG_IEEE80211BE */ os_memcmp(mgmt->bssid, hapd->own_addr, ETH_ALEN) != 0) { wpa_printf(MSG_INFO, "MGMT: BSSID=" MACSTR " not our address", MAC2STR(mgmt->bssid)); @@ -5509,6 +5513,10 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, if ((!is_broadcast_ether_addr(mgmt->da) || stype != WLAN_FC_STYPE_ACTION) && +#ifdef CONFIG_IEEE80211BE + !(hapd->conf->mld_ap && !os_memcmp(hapd->mld_addr, mgmt->bssid, + ETH_ALEN)) && +#endif /* CONFIG_IEEE80211BE */ os_memcmp(mgmt->da, hapd->own_addr, ETH_ALEN) != 0) { hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, From patchwork Wed Feb 15 23:08:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743167 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=SPtMAfap; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=bBuIyo/d; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDcb3JZPz23yD for ; Thu, 16 Feb 2023 10:22:07 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=kCFLT316SwKje+LRvzQgd/xDEz9+YOnHY85M0Zl3s4Q=; b=SPtMAfapekS0ZM eBt7mEYPfmP6hLUT358PDE/IfB4mz1MocYUXP+WmKIIFFpg6xrrI21+HemEStRyvad9zncMtReN9O QkpSOm1O0j7Cs0O9domuYrYu06XUxQ6q2bL8+ONdtj0pnCdayiX5aDULrID+WvadsxxpbSr0XBPb5 7Tti644BiVtGOeIR4KiUPXhgmkGYK357aUdbmHqkb9o4rK1RbN1BsfKY3p4sveLw/8lrX0GHN6G8C Dj9OPxEocj7c/+oB0atBbiq/RjDW7K97OCJyU6b+zSUG/kMKkMMC+wrDj6tdoYyMPQ0NOUx0ACTEc kdCF8hZcCEi/DSbuj1Ag==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSR5I-007pea-9q; Wed, 15 Feb 2023 23:21:08 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuM-007lLy-W0 for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:52 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502590; x=1708038590; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=veDf49FSXx1C8SY7BRiuS138y5v1E2UXoxi4WNNoG4Y=; b=bBuIyo/d75HFYBgl9905n8EnlUW1kRKndONGy+Ym36Y4MBu7sM9a1sk3 1Gn56mk+m0RueC5R7tlNbkhNCTPRy2j4bSXdBCu4vX64Ct2WBPQexBc/w jsv3AdH7qi6AA9qw1kQqPWT+I9CT7md6/NOckNEgxrGXGk5WX2NFuowsE 7ZH9MkQ0pJOTDzpEZr4b9Eh/A9pN6YrYIDqtTIqhRedm9fuE5812d8V0D o3QgUX+AgFKtjgoSQvEyLpEfehPbJ3ykEK2syuSaMkPYQOc8uQ/RV2L2B x1yj2eZlZK+Rrz5qVxoQx0+K1pr1QOuMS2c3UGtQJZ4D34f4qM23E84wy g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719649" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719649" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:50 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344241" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344241" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:49 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 19/50] AP: Support building basic Multi-Link Element Date: Thu, 16 Feb 2023 01:08:33 +0200 Message-Id: <20230215230904.933291-20-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150951_134200_3B7E54F4 X-CRM114-Status: GOOD ( 21.75 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Define a struct to hold MLD station info and implement publishing of the basic Multi-Link Element. Add it into beacons and probe responses. Signed-off-by: Andrei Otcheretianski --- src/ap/beacon.c | 23 +++++ src/ap/ieee802_11.h | 2 + src/ap/ieee802_11_eht.c | 192 +++++++++++++++++++++++++++++++++++ src/ap [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Define a struct to hold MLD station info and implement publishing of the basic Multi-Link Element. Add it into beacons and probe responses. Signed-off-by: Andrei Otcheretianski --- src/ap/beacon.c | 23 +++++ src/ap/ieee802_11.h | 2 + src/ap/ieee802_11_eht.c | 192 +++++++++++++++++++++++++++++++++++ src/ap/sta_info.h | 34 +++++++ src/common/ieee802_11_defs.h | 10 ++ 5 files changed, 261 insertions(+) diff --git a/src/ap/beacon.c b/src/ap/beacon.c index c7ebc55347..94d68f6e70 100644 --- a/src/ap/beacon.c +++ b/src/ap/beacon.c @@ -585,6 +585,14 @@ static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd, if (hapd->iconf->ieee80211be && !hapd->conf->disable_11be) { buflen += hostapd_eid_eht_capab_len(hapd, IEEE80211_MODE_AP); buflen += 3 + sizeof(struct ieee80211_eht_operation); + + /* + * TODO: multi link AP has variable length and can be + * long based on the common info and number of per + * station profiles. For now use 256. + */ + if (hapd->conf->mld_ap) + buflen += 256; } #endif /* CONFIG_IEEE80211BE */ @@ -727,6 +735,9 @@ static u8 * hostapd_gen_probe_resp(struct hostapd_data *hapd, #ifdef CONFIG_IEEE80211BE if (hapd->iconf->ieee80211be && !hapd->conf->disable_11be) { + if (hapd->conf->mld_ap) + pos = hostapd_eid_eht_basic_ml(hapd, pos, NULL, true); + pos = hostapd_eid_eht_capab(hapd, pos, IEEE80211_MODE_AP); pos = hostapd_eid_eht_operation(hapd, pos); } @@ -1655,6 +1666,14 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, if (hapd->iconf->ieee80211be && !hapd->conf->disable_11be) { tail_len += hostapd_eid_eht_capab_len(hapd, IEEE80211_MODE_AP); tail_len += 3 + sizeof(struct ieee80211_eht_operation); + + /* + * TODO: multi link AP has variable length and can be + * long based on the common info and number of per + * station profiles. For now use 256. + */ + if (hapd->conf->mld_ap) + tail_len += 256; } #endif /* CONFIG_IEEE80211BE */ @@ -1825,6 +1844,10 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd, #ifdef CONFIG_IEEE80211BE if (hapd->iconf->ieee80211be && !hapd->conf->disable_11be) { + if (hapd->conf->mld_ap) + tailpos = hostapd_eid_eht_basic_ml(hapd, tailpos, NULL, + true); + tailpos = hostapd_eid_eht_capab(hapd, tailpos, IEEE80211_MODE_AP); tailpos = hostapd_eid_eht_operation(hapd, tailpos); diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h index 5f443fcb8a..a5b33e7a89 100644 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h @@ -83,6 +83,8 @@ void hostapd_get_eht_capab(struct hostapd_data *hapd, const struct ieee80211_eht_capabilities *src, struct ieee80211_eht_capabilities *dest, size_t len); +u8 *hostapd_eid_eht_basic_ml(struct hostapd_data *hapd, u8 *eid, + struct sta_info *info, bool include_mld_id); int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta); u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ht_capab); diff --git a/src/ap/ieee802_11_eht.c b/src/ap/ieee802_11_eht.c index caaadcecf0..d5d37995ce 100644 --- a/src/ap/ieee802_11_eht.c +++ b/src/ap/ieee802_11_eht.c @@ -408,3 +408,195 @@ void hostapd_get_eht_capab(struct hostapd_data *hapd, os_memset(dest, 0, sizeof(*dest)); os_memcpy(dest, src, len); } + +u8 *hostapd_eid_eht_basic_ml(struct hostapd_data *hapd, u8 *eid, + struct sta_info *info, bool include_mld_id) +{ + struct wpabuf *buf; + u16 control; + u8 *pos = eid; + const u8 *ptr; + size_t len, slice_len; + u8 link_id; + u8 common_info_len; + + /* + * As the ML element can exceed the size of 244 bytes need to first + * build it and then handle defragmentation + */ + buf = wpabuf_alloc(1024); + if (!buf) + return pos; + + /* set the multi-link control field */ + control = MULTI_LINK_CONTROL_TYPE_BASIC | + BASIC_MULTI_LINK_CTRL_PRES_LINK_ID | + BASIC_MULTI_LINK_CTRL_PRES_BSS_PARAM_CH_COUNT | + BASIC_MULTI_LINK_CTRL_PRES_EML_CAPA | + BASIC_MULTI_LINK_CTRL_PRES_MLD_CAPA; + + /* + * set the basic multi-link common information. Hard code the common + * info length to 13 based on the length of the present fields: + * Length (1) + MLD address (6) + Link ID (1) + + * BSS change parameter (1) + MLD EML capabilities (2) + + * MLD MLD capabilities (2) + */ + common_info_len = 13; + + if (include_mld_id) { + control |= BASIC_MULTI_LINK_CTRL_PRES_AP_MLD_ID; + common_info_len++; + } + + wpabuf_put_le16(buf, control); + + wpabuf_put_u8(buf, common_info_len); + + /* own MLD address */ + wpabuf_put_data(buf, hapd->mld_addr, ETH_ALEN); + + /* own link ID */ + wpabuf_put_u8(buf, hapd->conf->mld_link_id); + + /* currently hard code the BSS change parameters to 0x1 */ + wpabuf_put_u8(buf, 0x1); + + wpa_printf(MSG_DEBUG, "MLD: EML capabilities=0x%x", + hapd->conf->mld_eml_capa); + + wpabuf_put_le16(buf, hapd->conf->mld_eml_capa); + + wpa_printf(MSG_DEBUG, "MLD: MLD capabilities=0x%x", + hapd->conf->mld_mld_capa); + + wpabuf_put_le16(buf, hapd->conf->mld_mld_capa); + + if (include_mld_id) { + wpa_printf(MSG_DEBUG, "MLD: MLD ID=0x%x", hapd->conf->mld_id); + wpabuf_put_u8(buf, hapd->conf->mld_id); + } + + if (!info) + goto out; + + /* Add link info for the other links */ + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + struct mld_link_info *link = &info->mld_info.links[link_id]; + /* + * control (2) + station info length (1) + MAC address (6) + + * beacon interval (2) + TSF offset (8) + DTIM info (2) + BSS + * parameters change counter (1) + station profile length. + */ + const size_t fixed_len = 22; + size_t total_len = fixed_len + link->resp_sta_profile_len; + + /* skip the local one */ + if (link_id == hapd->conf->mld_link_id || !link->valid) + continue; + + wpabuf_put_u8(buf, EHT_ML_SUB_ELEM_PER_STA_PROFILE); + + if (total_len <= 255) + wpabuf_put_u8(buf, total_len); + else + wpabuf_put_u8(buf, 255); + + control = (link_id & 0xf) | + EHT_PER_STA_CTRL_MAC_ADDR_PRESENT_MSK | + EHT_PER_STA_CTRL_COMPLETE_PROFILE_MSK | + EHT_PER_STA_CTRL_TSF_OFFSET_PRESENT_MSK | + EHT_PER_STA_CTRL_BEACON_INTERVAL_PRESENT_MSK | + EHT_PER_STA_CTRL_DTIM_INFO_PRESENT_MSK | + EHT_PER_STA_CTRL_BSS_PARAM_CNT_PRESENT_MSK; + + wpabuf_put_le16(buf, control); + + /* STA info length */ + wpabuf_put_u8(buf, fixed_len - 2); + + wpabuf_put_data(buf, link->local_addr, ETH_ALEN); + + /* TODO: currently assume same beacon interval */ + wpabuf_put_le16(buf, hapd->iconf->beacon_int); + + /* + * TODO: currently setting TSF offset to zero. However this + * information needs to come from the driver + */ + wpabuf_put_le32(buf, 0); + wpabuf_put_le32(buf, 0); + + /* TODO: currently assume same DTIM information */ + wpabuf_put_le16(buf, hapd->conf->dtim_period); + + /* TODO: currently hard code the BSS change parameters to 0x1 */ + wpabuf_put_u8(buf, 0x1); + + /* Fragment the sub element if needed */ + if (total_len <= 255) { + wpabuf_put_data(buf, link->resp_sta_profile, + link->resp_sta_profile_len); + } else { + ptr = link->resp_sta_profile; + len = link->resp_sta_profile_len; + + slice_len = 255 - fixed_len; + + wpabuf_put_data(buf, ptr, slice_len); + len -= slice_len; + ptr += slice_len; + + while (len) { + if (len <= 255) + slice_len = len; + else + slice_len = 255; + + wpabuf_put_u8(buf, EHT_ML_SUB_ELEM_FRAGMENT); + wpabuf_put_u8(buf, slice_len); + wpabuf_put_data(buf, ptr, slice_len); + + len -= slice_len; + ptr += slice_len; + } + } + } + +out: + /* start the fragmentation */ + len = wpabuf_len(buf); + ptr = wpabuf_head(buf); + + if (len <= 254) + slice_len = len; + else + slice_len = 254; + + *pos++ = WLAN_EID_EXTENSION; + *pos++ = slice_len + 1; + *pos++ = WLAN_EID_EXT_MULTI_LINK; + os_memcpy(pos, ptr, slice_len); + + ptr += slice_len; + pos += slice_len; + len -= slice_len; + + while (len) { + if (len <= 255) + slice_len = len; + else + slice_len = 255; + + *pos++ = WLAN_EID_FRAGMENT; + *pos++ = slice_len; + os_memcpy(pos, ptr, slice_len); + + ptr += slice_len; + pos += slice_len; + len -= slice_len; + } + + wpabuf_free(buf); + return pos; +} diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h index b59b7584b3..06e68133bb 100644 --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h @@ -69,6 +69,35 @@ struct pending_eapol_rx { enum frame_encryption encrypted; }; +#define EHT_ML_MAX_STA_PROF_LEN 1024 +struct mld_info { + bool mld_sta; + + struct ml_common_info { + u8 mld_addr[ETH_ALEN]; + u16 medium_sync_delay; + u16 eml_capa; + u16 mld_capa; + } common_info; + + struct mld_link_info { + u8 valid; + u8 local_addr[ETH_ALEN]; + u8 peer_addr[ETH_ALEN]; + + size_t nstr_bitmap_len; + u8 nstr_bitmap[2]; + + u16 capability; + + u16 status; + size_t resp_sta_profile_len; + u8 resp_sta_profile[EHT_ML_MAX_STA_PROF_LEN]; + + const u8 *rsne, *rsnxe; + } links[MAX_NUM_MLD_LINKS]; +}; + struct sta_info { struct sta_info *next; /* next entry in sta list */ struct sta_info *hnext; /* next entry in hash table list */ @@ -299,6 +328,11 @@ struct sta_info { #ifdef CONFIG_PASN struct pasn_data *pasn; #endif /* CONFIG_PASN */ + +#ifdef CONFIG_IEEE80211BE + struct mld_info mld_info; + u8 mld_assoc_link_id; +#endif /* CONFIG_IEEE80211BE */ }; diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h index 12ddad466f..45f03a8351 100644 --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h @@ -2623,6 +2623,16 @@ struct eht_ml_basic_common_info { #define EHT_ML_MLD_CAPA_FREQ_SEP_FOR_STR_MASK 0x0f80 #define EHT_ML_MLD_CAPA_AAR_SUPP 0x1000 +#define EHT_PER_STA_CTRL_LINK_ID_MSK 0x000f +#define EHT_PER_STA_CTRL_COMPLETE_PROFILE_MSK 0x0010 +#define EHT_PER_STA_CTRL_MAC_ADDR_PRESENT_MSK 0x0020 +#define EHT_PER_STA_CTRL_BEACON_INTERVAL_PRESENT_MSK 0x0040 +#define EHT_PER_STA_CTRL_TSF_OFFSET_PRESENT_MSK 0x0080 +#define EHT_PER_STA_CTRL_DTIM_INFO_PRESENT_MSK 0x0100 +#define EHT_PER_STA_CTRL_NSTR_LINK_PAIR_PRESENT_MSK 0x0200 +#define EHT_PER_STA_CTRL_NSTR_BM_SIZE_MSK 0x0400 +#define EHT_PER_STA_CTRL_BSS_PARAM_CNT_PRESENT_MSK 0x0800 + /* IEEE P802.11be/D2.0, 9.4.2.312.2.4 - Per-STA Profile subelement format */ struct ieee80211_eht_per_sta_profile { le16 sta_control; From patchwork Wed Feb 15 23:08:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743168 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=bv6kMc+q; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=fVawbP84; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDfK68ggz23yD for ; Thu, 16 Feb 2023 10:23:37 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=bsYlMphp9BL1nHjP2KWo26lFUumaDdhn47Ye5NLMvhA=; b=bv6kMc+qGoifVZ uXJhDVSSjncmb1gFLYPWXNsppD77jafJQUvfSLHZKyM2h58rHK6DuNzXNNvSr+E2JMxp4Za5Nftyz KwC3U5wSDnRUQb3Gf246hQ40qDSFDFGl0L2xxYnt6joZv5xxgqLQWTjUAiOSXD/irDvOBYfjFlT1C fyo0Xr0cQaaIAr6h00TuJmwi5oEOCgzXKEEKcp6wizma7k0EkU+TcIQDmZY+oDyvjQ4MJUluP6+1w lcEg5UXuHVjejT7JGPcqCHWACbn7a8FM+zWV/Z/1O3dV2dm4dt97/5m4ChM4zWT0g7sXxxu/XqYKN etCghwTov14Q9voPSlMQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSR6X-007q25-Ug; Wed, 15 Feb 2023 23:22:26 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuO-007lOc-Ji for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502592; x=1708038592; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=nWD3FAdv5a+/7cKkbgVxgDxVmLND7uaMOIu7HS8eFdw=; b=fVawbP84Np5WpsNdpQgCQJv1Li1SlFY73Qv9vL74Q61eFM4I/9mZlcLU 9qRAsXFbAAQFSBhV/FGbZ3mhF1cZKuIaoKUfp3AM5DPa09NJtHnfI/4x8 A6PWO3kKXkDWwWHBeSHpxrTK9rUYPq6wgbUZykJlKGJVVTPaduCPMJfn9 r7t60CmAnFNMx2toeBLxyeUjFoY3rO/3A+4KgBtn3HeH9OzCkpf6H0Nbd ApYgPpZLmOdoxaT4EzH+jl2vsuxAnJTDQ+MumyR1xovf+W9DZTK9Ml1KD nzOq877s9e8VCxQdVvGl3Zy0DENTHD8qK8IoTNjlmAdXoA2axQCEWn9ob w==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719654" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719654" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:52 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344248" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344248" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:50 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH 20/50] AP: MLO: Handle ML element during authentication Date: Thu, 16 Feb 2023 01:08:34 +0200 Message-Id: <20230215230904.933291-21-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150952_812311_1977CBF4 X-CRM114-Status: GOOD ( 28.65 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: In case the AP is an MLD AP, parse the ML element from the authentication frame, store the relevant information, and prepare the response ML element. If the AP is not an MLD AP or the parsing of the element fails, continue the authentication flow without MLD support. Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org In case the AP is an MLD AP, parse the ML element from the authentication frame, store the relevant information, and prepare the response ML element. If the AP is not an MLD AP or the parsing of the element fails, continue the authentication flow without MLD support. For SAE, it is needed to skip various fixed fields in the authentication frame. Implement it for SAE with H2E. TODO: This should be extended to other authentication algorithms which are allowed for MLD connections and have fixed fields in the authentication frames, according to table 9-69 in IEEE P802.11-REVme/D2.0. The change currently doesn't support FILS, FT etc. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 120 +++++++++++++++++++++--- src/ap/ieee802_11.h | 4 + src/ap/ieee802_11_eht.c | 196 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 306 insertions(+), 14 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index acec8f7620..c964353027 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -396,8 +396,26 @@ static int send_auth_reply(struct hostapd_data *hapd, struct sta_info *sta, u8 *buf; size_t rlen; int reply_res = WLAN_STATUS_UNSPECIFIED_FAILURE; + const u8 *sa = hapd->own_addr; + struct wpabuf *ml_resp = NULL; - rlen = IEEE80211_HDRLEN + sizeof(reply->u.auth) + ies_len; +#ifdef CONFIG_IEEE80211BE + /* + * Once an non-AP MLD station is added to the driver, the addressing + * should use MLD address. Thus, use MLD address an not the + * handle the translations + */ + if (hapd->conf->mld_ap && sta && sta->mld_info.mld_sta) { + sa = hapd->mld_addr; + + ml_resp = hostapd_ml_auth_resp(hapd); + if (!ml_resp) + return -1; + } +#endif /* CONFIG_IEEE80211BE */ + + rlen = IEEE80211_HDRLEN + sizeof(reply->u.auth) + ies_len + + (ml_resp ? wpabuf_len(ml_resp) : 0); buf = os_zalloc(rlen); if (buf == NULL) return -1; @@ -406,7 +424,7 @@ static int send_auth_reply(struct hostapd_data *hapd, struct sta_info *sta, reply->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, WLAN_FC_STYPE_AUTH); os_memcpy(reply->da, dst, ETH_ALEN); - os_memcpy(reply->sa, hapd->own_addr, ETH_ALEN); + os_memcpy(reply->sa, sa, ETH_ALEN); os_memcpy(reply->bssid, bssid, ETH_ALEN); reply->u.auth.auth_alg = host_to_le16(auth_alg); @@ -416,6 +434,14 @@ static int send_auth_reply(struct hostapd_data *hapd, struct sta_info *sta, if (ies && ies_len) os_memcpy(reply->u.auth.variable, ies, ies_len); +#ifdef CONFIG_IEEE80211BE + if (ml_resp) + os_memcpy(reply->u.auth.variable + ies_len, + wpabuf_head(ml_resp), wpabuf_len(ml_resp)); + + wpabuf_free(ml_resp); +#endif /* CONFIG_IEEE80211BE */ + wpa_printf(MSG_DEBUG, "authentication reply: STA=" MACSTR " auth_alg=%d auth_transaction=%d resp=%d (IE len=%lu) (dbg=%s)", MAC2STR(dst), auth_alg, auth_transaction, @@ -2747,6 +2773,8 @@ static void handle_auth(struct hostapd_data *hapd, size_t resp_ies_len = 0; u16 seq_ctrl; struct radius_sta rad_info; + const u8 *dst, *sa, *bssid; + bool mld_sta = false; if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) { wpa_printf(MSG_INFO, "handle_auth - too short payload (len=%lu)", @@ -2764,6 +2792,21 @@ static void handle_auth(struct hostapd_data *hapd, } #endif /* CONFIG_TESTING_OPTIONS */ + sa = mgmt->sa; +#ifdef CONFIG_IEEE80211BE + /* + * Handle MLO authentication before the station is added to hapd and the + * driver so that the station MLD address would be used in both hapd and + * the driver. + */ + sa = hostapd_process_ml_auth(hapd, mgmt, len); + if (sa) + mld_sta = true; + else + sa = mgmt->sa; +#endif /* CONFIG_IEEE80211BE */ + + auth_alg = le_to_host16(mgmt->u.auth.auth_alg); auth_transaction = le_to_host16(mgmt->u.auth.auth_transaction); status_code = le_to_host16(mgmt->u.auth.status_code); @@ -2779,7 +2822,7 @@ static void handle_auth(struct hostapd_data *hapd, wpa_printf(MSG_DEBUG, "authentication: STA=" MACSTR " auth_alg=%d " "auth_transaction=%d status_code=%d wep=%d%s " "seq_ctrl=0x%x%s%s", - MAC2STR(mgmt->sa), auth_alg, auth_transaction, + MAC2STR(sa), auth_alg, auth_transaction, status_code, !!(fc & WLAN_FC_ISWEP), challenge ? " challenge" : "", seq_ctrl, (fc & WLAN_FC_RETRY) ? " retry" : "", @@ -2845,7 +2888,16 @@ static void handle_auth(struct hostapd_data *hapd, if (os_memcmp(mgmt->sa, hapd->own_addr, ETH_ALEN) == 0) { wpa_printf(MSG_INFO, "Station " MACSTR " not allowed to authenticate", - MAC2STR(mgmt->sa)); + MAC2STR(sa)); + resp = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto fail; + } + + if (mld_sta && + (!os_memcmp(sa, hapd->own_addr, ETH_ALEN) || + !os_memcmp(sa, hapd->mld_addr, ETH_ALEN))) { + wpa_printf(MSG_INFO, "Station " MACSTR " not allowed to authenticate", + MAC2STR(sa)); resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } @@ -2853,7 +2905,7 @@ static void handle_auth(struct hostapd_data *hapd, if (hapd->conf->no_auth_if_seen_on) { struct hostapd_data *other; - other = sta_track_seen_on(hapd->iface, mgmt->sa, + other = sta_track_seen_on(hapd->iface, sa, hapd->conf->no_auth_if_seen_on); if (other) { u8 *pos; @@ -2862,7 +2914,7 @@ static void handle_auth(struct hostapd_data *hapd, wpa_printf(MSG_DEBUG, "%s: Reject authentication from " MACSTR " since STA has been seen on %s", - hapd->conf->iface, MAC2STR(mgmt->sa), + hapd->conf->iface, MAC2STR(sa), hapd->conf->no_auth_if_seen_on); resp = WLAN_STATUS_REJECTED_WITH_SUGGESTED_BSS_TRANSITION; @@ -2905,12 +2957,12 @@ static void handle_auth(struct hostapd_data *hapd, } } - res = ieee802_11_allowed_address(hapd, mgmt->sa, (const u8 *) mgmt, len, + res = ieee802_11_allowed_address(hapd, sa, (const u8 *) mgmt, len, &rad_info); if (res == HOSTAPD_ACL_REJECT) { wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Ignore Authentication frame from " MACSTR - " due to ACL reject", MAC2STR(mgmt->sa)); + " due to ACL reject", MAC2STR(sa)); resp = WLAN_STATUS_UNSPECIFIED_FAILURE; goto fail; } @@ -2920,7 +2972,7 @@ static void handle_auth(struct hostapd_data *hapd, #ifdef CONFIG_SAE if (auth_alg == WLAN_AUTH_SAE && !from_queue && (auth_transaction == 1 || - (auth_transaction == 2 && auth_sae_queued_addr(hapd, mgmt->sa)))) { + (auth_transaction == 2 && auth_sae_queued_addr(hapd, sa)))) { /* Handle SAE Authentication commit message through a queue to * provide more control for postponing the needed heavy * processing under a possible DoS attack scenario. In addition, @@ -2933,7 +2985,7 @@ static void handle_auth(struct hostapd_data *hapd, } #endif /* CONFIG_SAE */ - sta = ap_get_sta(hapd, mgmt->sa); + sta = ap_get_sta(hapd, sa); if (sta) { sta->flags &= ~WLAN_STA_PENDING_FILS_ERP; sta->ft_over_ds = 0; @@ -2953,7 +3005,7 @@ static void handle_auth(struct hostapd_data *hapd, sta->plink_state == PLINK_BLOCKED) { wpa_printf(MSG_DEBUG, "Mesh peer " MACSTR " is blocked - drop Authentication frame", - MAC2STR(mgmt->sa)); + MAC2STR(sa)); return; } #endif /* CONFIG_MESH */ @@ -2973,7 +3025,7 @@ static void handle_auth(struct hostapd_data *hapd, */ wpa_printf(MSG_DEBUG, "Mesh peer " MACSTR " not yet known - drop Authentication frame", - MAC2STR(mgmt->sa)); + MAC2STR(sa)); /* * Save a copy of the frame so that it can be processed * if a new peer entry is added shortly after this. @@ -2985,13 +3037,38 @@ static void handle_auth(struct hostapd_data *hapd, } #endif /* CONFIG_MESH */ - sta = ap_sta_add(hapd, mgmt->sa); + sta = ap_sta_add(hapd, sa); if (!sta) { wpa_printf(MSG_DEBUG, "ap_sta_add() failed"); resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; goto fail; } } + +#ifdef CONFIG_IEEE80211BE + if (auth_transaction == 1) { + os_memset(&sta->mld_info, 0, sizeof(sta->mld_info)); + + if (mld_sta) { + u8 link_id = hapd->conf->mld_link_id; + + sta->mld_info.mld_sta = true; + sta->mld_assoc_link_id = link_id; + + /* + * Set the MLD address as the station address and the + * station addresses. + */ + os_memcpy(sta->mld_info.common_info.mld_addr, sa, + ETH_ALEN); + os_memcpy(sta->mld_info.links[link_id].peer_addr, + mgmt->sa, ETH_ALEN); + os_memcpy(sta->mld_info.links[link_id].local_addr, + hapd->own_addr, ETH_ALEN); + } + } +#endif /* CONFIG_IEEE80211BE */ + sta->last_seq_ctrl = seq_ctrl; sta->last_subtype = WLAN_FC_STYPE_AUTH; #ifdef CONFIG_MBO @@ -3129,7 +3206,22 @@ static void handle_auth(struct hostapd_data *hapd, } fail: - reply_res = send_auth_reply(hapd, sta, mgmt->sa, mgmt->bssid, auth_alg, + dst = mgmt->sa; + bssid = mgmt->bssid; + +#ifdef CONFIG_IEEE80211BE + /* + * Once an non-AP MLD station is added to the driver, the addressing + * should use MLD address. It is the responsibility of the driver to + * handle the translations + */ + if (hapd->conf->mld_ap && sta && sta->mld_info.mld_sta) { + dst = sta->addr; + bssid = hapd->mld_addr; + } +#endif /* CONFIG_IEEE80211BE */ + + reply_res = send_auth_reply(hapd, sta, dst, bssid, auth_alg, auth_alg == WLAN_AUTH_SAE ? auth_transaction : auth_transaction + 1, resp, resp_ies, resp_ies_len, diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h index a5b33e7a89..b39ec0cdbe 100644 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h @@ -85,6 +85,10 @@ void hostapd_get_eht_capab(struct hostapd_data *hapd, size_t len); u8 *hostapd_eid_eht_basic_ml(struct hostapd_data *hapd, u8 *eid, struct sta_info *info, bool include_mld_id); +struct wpabuf *hostapd_ml_auth_resp(struct hostapd_data *hapd); +const u8 *hostapd_process_ml_auth(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, + size_t len); int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta); u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ht_capab); diff --git a/src/ap/ieee802_11_eht.c b/src/ap/ieee802_11_eht.c index d5d37995ce..a086ed3048 100644 --- a/src/ap/ieee802_11_eht.c +++ b/src/ap/ieee802_11_eht.c @@ -11,6 +11,7 @@ #include "hostapd.h" #include "sta_info.h" #include "ieee802_11.h" +#include "crypto/dh_groups.h" static u16 ieee80211_eht_ppet_size(u16 ppe_thres_hdr, const u8 *phy_cap_info) @@ -600,3 +601,198 @@ out: wpabuf_free(buf); return pos; } + +struct wpabuf *hostapd_ml_auth_resp(struct hostapd_data *hapd) +{ + struct wpabuf *buf = wpabuf_alloc(12); + + if (!buf) + return NULL; + + wpabuf_put_u8(buf, WLAN_EID_EXTENSION); + wpabuf_put_u8(buf, 10); + wpabuf_put_u8(buf, WLAN_EID_EXT_MULTI_LINK); + wpabuf_put_le16(buf, MULTI_LINK_CONTROL_TYPE_BASIC); + wpabuf_put_u8(buf, ETH_ALEN + 1); + wpabuf_put_data(buf, hapd->mld_addr, ETH_ALEN); + + return buf; +} + + +static const u8 *auth_skip_fixed_fields(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, + size_t len) +{ + u16 auth_alg = le_to_host16(mgmt->u.auth.auth_alg); + u16 auth_transaction = le_to_host16(mgmt->u.auth.auth_transaction); + u16 status_code = le_to_host16(mgmt->u.auth.status_code); + const u8 *pos = mgmt->u.auth.variable; + + /* Skip fixed fields as defined in table 9-41 */ + switch (auth_alg) { + case WLAN_AUTH_OPEN: + return pos; + case WLAN_AUTH_SAE: + if (auth_transaction == 1) { + u16 group; + size_t prime_len; + struct crypto_ec *ec; + + if (status_code == WLAN_STATUS_SUCCESS) { + wpa_printf(MSG_DEBUG, + "EHT: SAE: H2E is mandatory for MLD"); + goto out; + } + + if (status_code != WLAN_STATUS_SAE_HASH_TO_ELEMENT) + return pos; + + /* H2E commit message (group, scalar, FFE) */ + if (len < 2) { + wpa_printf(MSG_DEBUG, + "EHT: SAE: Group is not present"); + return NULL; + } + + group = WPA_GET_LE16(pos); + pos += 2; + + /* TODO: how to parse when the group is unknown? */ + ec = crypto_ec_init(group); + if (!ec) { + const struct dh_group *dh = + dh_groups_get(group); + + if (!dh) { + wpa_printf(MSG_DEBUG, + "EHT: SAE: Unknown group=%u", + group); + return NULL; + } + + prime_len = dh->prime_len; + } else { + prime_len = crypto_ec_prime_len(ec); + } + + wpa_printf(MSG_DEBUG, "EHT: SAE: scalar length is %zu", + prime_len); + + /* scalar */ + pos += prime_len; + + if (ec) { + pos += prime_len * 2; + crypto_ec_deinit(ec); + } else { + pos += prime_len; + } + + if (pos - mgmt->u.auth.variable > (int)len) { + wpa_printf(MSG_DEBUG, + "EHT: SAE: frame too short"); + return NULL; + } + + wpa_hexdump(MSG_DEBUG, "EHT: SAE: remaining auth:", + pos, + (int)len - (pos - mgmt->u.auth.variable)); + } else if (auth_transaction == 2) { + struct sta_info *sta; + + if (status_code == + WLAN_STATUS_REJECTED_WITH_SUGGESTED_BSS_TRANSITION) + return pos; + + /* send confirm integer */ + pos += 2; + + /* + * At this stage we should already have an MLD station + * and actually sa, will be replaced to MLD address by + * the kernel. + */ + sta = ap_get_sta(hapd, mgmt->sa); + if (!sta) { + wpa_printf(MSG_DEBUG, + "SAE: No MLD sta for SAE confirm"); + return NULL; + } + + if (!sta->sae || sta->sae->state < SAE_COMMITTED || + !sta->sae->tmp) { + if (sta->sae) + wpa_printf(MSG_DEBUG, + "SAE: Invalid state=%u", + sta->sae ? + sta->sae->state : + SAE_NOTHING); + else + wpa_printf(MSG_DEBUG, + "SAE: state is NULL"); + return NULL; + } + + wpa_printf(MSG_DEBUG, "SAE: confirm: kck_len=%zu", + sta->sae->tmp->kck_len); + + pos += sta->sae->tmp->kck_len; + + if (pos - mgmt->u.auth.variable > (int)len) { + wpa_printf(MSG_DEBUG, + "EHT: Too short SAE AUTH frame"); + return NULL; + } + } + + return pos; + + /* TODO: support additional algorithms */ + case WLAN_AUTH_FT: + case WLAN_AUTH_FILS_SK: + case WLAN_AUTH_FILS_SK_PFS: + case WLAN_AUTH_FILS_PK: + case WLAN_AUTH_PASN: + case WLAN_AUTH_LEAP: + case WLAN_AUTH_SHARED_KEY: + default: + break; + } + +out: + wpa_printf(MSG_DEBUG, + "TODO: Auth method not supported with MLD (%d)", + auth_alg); + return NULL; +} + + +const u8 *hostapd_process_ml_auth(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, + size_t len) +{ + struct ieee802_11_elems elems; + const u8 *pos; + + if (!hapd->conf->mld_ap) + return NULL; + + len -= offsetof(struct ieee80211_mgmt, u.auth.variable); + + pos = auth_skip_fixed_fields(hapd, mgmt, len); + if (!pos) + return NULL; + + if (ieee802_11_parse_elems(pos, + (int)len - (pos - mgmt->u.auth.variable), + &elems, 0) == ParseFailed) { + wpa_printf(MSG_DEBUG, + "MLD: Failed parsing Authentication frame"); + } + + if (!elems.basic_mle || !elems.basic_mle_len) + return NULL; + + return get_basic_mle_mld_addr(elems.basic_mle, elems.basic_mle_len); +} From patchwork Wed Feb 15 23:08:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743169 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=uM6J+C0m; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=lxpL69Bt; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDhD2bYfz23j7 for ; Thu, 16 Feb 2023 10:25:16 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=sqni+T/B1rqbYbzJu18NgpgaehsvZwgSM3KFGh+GPtQ=; b=uM6J+C0m07PD8q B07rX7s6rQYzkqrkHZy2zmeZEHLCGMFz9MJJdIMdzB1Iu74uB2Ynxt6c6WPTwK4mASROvjHIRWG5b vUoH4M3nTPR/8X+uTIihDi+a9ZrVN0758DZOzO4GL+y1oviw2AjWHfiv5u1TglPUIDv/T3x+1tBuz uYyC0VX6TdXQw69dGV8jxXSjkM8VuDNtn1IylRljSNkq5U7KEYhSGaBv+lkheq7yPNWM9tPzxowEm KTcw1chPlY/uEi/ZD3HQUhxcpZ53oi6p1En4TRRfe7lj6aj5rJRkhmZp3O2ojqjqGULbRK6/HutNv lBhmCuhqIirSfPYxFZhA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSR8K-007qWq-H3; Wed, 15 Feb 2023 23:24:17 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuP-007lLy-Vf for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502593; x=1708038593; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=uBGWvLVpWzY/ljCGFJQZatPMpWMJ4RZ+l1DfCMdtWU8=; b=lxpL69BtxYThnrU2MrA9lyOH639Q/GZxNzT1hiFSJrFKPHDMk8jPY8Kj 9klFOA3jGCfeFTEH0j/cwz4tJpUAW40ieVWV+rjuBpFSQ8e1Jvqoxdu+Z 7eqm/Jiff8JO/6K7SaZVwLr2P27G4Zwo4chJXH+KqpwMo8bNeY/aRoJEG A5EzRmcbuJ+3S3oZhbwJtyZPE18MkehROjR2y+9PXx8volFxq5nVFLhFg VeFR9w5V0zH+Hqwpzk+2nDAwZrzjZnuaB7IkKIfGgSxI43l4tntUnV8ia 9gIVgjAxTAh/U6QdooSIljDoKsyuhxfs8JhbpKh+CIgTel4M3r2IwoWyB w==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719660" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719660" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:53 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344254" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344254" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:52 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 21/50] AP: MLO: Add MLO information to hostapd_sta_add_params struct Date: Thu, 16 Feb 2023 01:08:35 +0200 Message-Id: <20230215230904.933291-22-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150954_105300_2A3ABDA8 X-CRM114-Status: GOOD ( 18.42 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Provide MLO information when adding new station. Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 15 ++++++++++++++- src/ap/ap_drv_ops.h | 3 ++- src/ap/ieee802_11.c | 22 +++++++++++++++++++--- src/ap/s [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Provide MLO information when adding new station. Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 15 ++++++++++++++- src/ap/ap_drv_ops.h | 3 ++- src/ap/ieee802_11.c | 22 +++++++++++++++++++--- src/ap/sta_info.c | 19 ++++++++++++++++++- 4 files changed, 53 insertions(+), 6 deletions(-) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index cd509c90a9..4aaed156d0 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -430,7 +430,7 @@ int hostapd_sta_add(struct hostapd_data *hapd, size_t eht_capab_len, const struct ieee80211_he_6ghz_band_cap *he_6ghz_capab, u32 flags, u8 qosinfo, u8 vht_opmode, int supp_p2p_ps, - int set) + int set, const u8 *link_addr, bool mld_link_sta) { struct hostapd_sta_add_params params; @@ -460,6 +460,19 @@ int hostapd_sta_add(struct hostapd_data *hapd, params.support_p2p_ps = supp_p2p_ps; params.set = set; params.mld_link_id = -1; + +#ifdef CONFIG_IEEE80211BE + /* + * for an MLD AP need to always specify to what link the station needs + * to be added + */ + if (hapd->conf->mld_ap) { + params.mld_link_id = hapd->conf->mld_link_id; + params.mld_link_addr = link_addr; + params.mld_link_sta = mld_link_sta; + } +#endif /* CONFIG_IEEE80211BE */ + return hapd->driver->sta_add(hapd->drv_priv, ¶ms); } diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index be280de218..5b4b931736 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -47,7 +47,8 @@ int hostapd_sta_add(struct hostapd_data *hapd, size_t eht_capab_len, const struct ieee80211_he_6ghz_band_cap *he_6ghz_capab, u32 flags, u8 qosinfo, u8 vht_opmode, int supp_p2p_ps, - int set); + int set, + const u8 *link_addr, bool mld_link_sta); int hostapd_set_privacy(struct hostapd_data *hapd, int enabled); int hostapd_set_generic_elem(struct hostapd_data *hapd, const u8 *elem, size_t elem_len); diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index c964353027..40f9deca46 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -4239,6 +4239,21 @@ static int add_associated_sta(struct hostapd_data *hapd, struct ieee80211_he_capabilities he_cap; struct ieee80211_eht_capabilities eht_cap; int set = 1; + const u8 *mld_link_addr = NULL; + bool mld_link_sta = false; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && sta->mld_info.mld_sta) { + u8 mld_link_id = hapd->conf->mld_link_id; + + mld_link_sta = sta->mld_assoc_link_id != mld_link_id; + mld_link_addr = + sta->mld_info.links[mld_link_id].peer_addr; + + if (hapd->conf->mld_link_id != sta->mld_assoc_link_id) + set = 0; + } +#endif /* CONFIG_IEEE80211BE */ /* * Remove the STA entry to ensure the STA PS state gets cleared and @@ -4267,7 +4282,7 @@ static int add_associated_sta(struct hostapd_data *hapd, wpa_auth_sta_ft_tk_already_set(sta->wpa_sm), wpa_auth_sta_fils_tk_already_set(sta->wpa_sm)); - if (!sta->added_unassoc && + if (!mld_link_sta && !sta->added_unassoc && (!(sta->flags & WLAN_STA_AUTHORIZED) || (reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) || (!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) && @@ -4305,7 +4320,8 @@ static int add_associated_sta(struct hostapd_data *hapd, * will be set when the ACK frame for the (Re)Association Response frame * is processed (TX status driver event). */ - if (hostapd_sta_add(hapd, sta->addr, sta->aid, sta->capability, + if (hostapd_sta_add(hapd, sta->addr, + sta->aid, sta->capability, sta->supported_rates, sta->supported_rates_len, sta->listen_interval, sta->flags & WLAN_STA_HT ? &ht_cap : NULL, @@ -4317,7 +4333,7 @@ static int add_associated_sta(struct hostapd_data *hapd, sta->he_6ghz_capab, sta->flags | WLAN_STA_ASSOC, sta->qosinfo, sta->vht_opmode, sta->p2p_ie ? 1 : 0, - set)) { + set, mld_link_addr, mld_link_sta)) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE, "Could not %s STA to kernel driver", diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c index 63f514c9e8..fab1315a61 100644 --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c @@ -1563,6 +1563,9 @@ int ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, int ap_sta_re_add(struct hostapd_data *hapd, struct sta_info *sta) { + const u8 *mld_link_addr = NULL; + bool mld_link_sta = false; + /* * If a station that is already associated to the AP, is trying to * authenticate again, remove the STA entry, in order to make sure the @@ -1570,6 +1573,19 @@ int ap_sta_re_add(struct hostapd_data *hapd, struct sta_info *sta) * this, station's added_unassoc flag is cleared once the station has * completed association. */ + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) { + u8 mld_link_id = hapd->conf->mld_link_id; + + if (sta->mld_info.mld_sta) { + mld_link_sta = sta->mld_assoc_link_id != mld_link_id; + mld_link_addr = + sta->mld_info.links[mld_link_id].peer_addr; + } + } +#endif /* CONFIG_IEEE80211BE */ + ap_sta_set_authorized(hapd, sta, 0); hostapd_drv_sta_remove(hapd, sta->addr); sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_AUTH | WLAN_STA_AUTHORIZED); @@ -1578,7 +1594,8 @@ int ap_sta_re_add(struct hostapd_data *hapd, struct sta_info *sta) sta->supported_rates, sta->supported_rates_len, 0, NULL, NULL, NULL, 0, NULL, 0, NULL, - sta->flags, 0, 0, 0, 0)) { + sta->flags, 0, 0, 0, 0, + mld_link_addr, mld_link_sta)) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE, From patchwork Wed Feb 15 23:08:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743170 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=cDRZH102; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=TnwZMT/2; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDkW6Zvtz23j7 for ; Thu, 16 Feb 2023 10:27:15 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=aT4cXD4xOLUnTY8VsvWTT/EmLx4FX7RWny+jRxHQ8ss=; b=cDRZH1025yTvlg sgkhACSpxvWfRhpJxEDQK0iY0sQ2XQeF1yZXhTNqX7dqucpp8eNL/5ntFjDLB0zMJsTfARCKZc2Dd wtb4np1S4NRBbm9GG7Nbn1+DFefyMjjjLtMLdITVVbT/JmjoM+O0x+tYlzD8wtSocmDwMeyDcQ8pk QidY5/G7eoWynChqC309vgcXNIeJpQw4PSSm0eqrdrvF12QKDA6HOv7CTCj3O7HMrPdqk6VSLYO2E hB107q4NYzejn1KXRwoe9fK+AAb+P5zEVmV7mbEpmt/TZBa0bpD6aOobl12UKzNhjSEwWBzjqVR3N hxqpYfyaFip8zGJzS3AA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSR9x-007r14-Nc; Wed, 15 Feb 2023 23:25:58 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuS-007lRk-GC for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502596; x=1708038596; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=bn7DSB9P46IweZ1ybnq3OuDmiAfQtWv9dMKTUzz9FpE=; b=TnwZMT/2GdzoWuGxp4hVVyHQy7fhR4VVutOH+rUThtBu1p4GhELNn5ym OIrKm64YnmtzfP40S0IUEd/a1kdDogbIrGcrb3a78tcbU5pat4cK0WqvR aZ5kXC7dApJShFST6wT4b62JVORCC7ezuWc8JRa3MaeyEXWUSDA7vERcp VW63osIZIXI9kEriEtQ9zM94NnMybuECzZxg4ymGDf2FH/Urfl5qA4tEZ SPBfea4TcdsS8YJIgMKywEnFbvvgUnEoDXN+ikvXIoRgSnfaaSv0t5bZT jmUv4FG5ykM5CucyuCw/ZS+OqnBFp9Q7lS/7p3n4r21pv2ihigzEpoNoj A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719668" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719668" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:55 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344267" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344267" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:53 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH 22/50] AP: MLO: Process EHT ML element from association request Date: Thu, 16 Feb 2023 01:08:36 +0200 Message-Id: <20230215230904.933291-23-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150956_681197_6F3F021B X-CRM114-Status: GOOD ( 24.90 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Implement processing of the ML element in the association request, including processing of the per station profile. After handling the basic parsing of the element, extracting the information about the requested links, handle the link specific processing for each link: Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Implement processing of the ML element in the association request, including processing of the per station profile. After handling the basic parsing of the element, extracting the information about the requested links, handle the link specific processing for each link: - Find the interface with the corresponding link ID. - Process the station profile in the interface. - Prepare the per station profile to be included in the ML element in the association response. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 265 +++++++++++++++++++++++++++++++++++- src/ap/ieee802_11.h | 4 + src/ap/ieee802_11_eht.c | 292 ++++++++++++++++++++++++++++++++++++++++ src/ap/sta_info.c | 15 +++ 4 files changed, 573 insertions(+), 3 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 40f9deca46..31979dee8d 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -83,7 +83,8 @@ static void pasn_fils_auth_resp(struct hostapd_data *hapd, static void handle_auth(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len, int rssi, int from_queue); - +static int add_associated_sta(struct hostapd_data *hapd, + struct sta_info *sta, int reassoc); u8 * hostapd_eid_multi_ap(struct hostapd_data *hapd, u8 *eid) { @@ -3746,7 +3747,8 @@ static bool check_sa_query(struct hostapd_data *hapd, struct sta_info *sta, static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ies, size_t ies_len, - struct ieee802_11_elems *elems, int reassoc) + struct ieee802_11_elems *elems, int reassoc, + bool link) { int resp; const u8 *wpa_ie; @@ -3848,6 +3850,14 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, elems->eht_capabilities_len); if (resp != WLAN_STATUS_SUCCESS) return resp; + + if (!link) { + resp = hostapd_process_ml_assoc_req(hapd, + elems, + sta); + if (resp != WLAN_STATUS_SUCCESS) + return resp; + } } #endif /* CONFIG_IEEE80211BE */ @@ -4205,7 +4215,253 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, return WLAN_STATUS_UNSPECIFIED_FAILURE; } - return __check_assoc_ies(hapd, sta, ies, ies_len, &elems, reassoc); + return __check_assoc_ies(hapd, sta, ies, ies_len, &elems, reassoc, + false); +} + + +#ifdef CONFIG_IEEE80211BE + +static size_t ieee80211_ml_build_assoc_resp(struct hostapd_data *hapd, + u16 status_code, + u8 *buf, size_t buflen) +{ + u8 *p = buf; + + /* capability info */ + WPA_PUT_LE16(p, hostapd_own_capab_info(hapd)); + p += 2; + + /* status code */ + WPA_PUT_LE16(p, status_code); + p += 2; + + if (status_code != WLAN_STATUS_SUCCESS) + goto out; + + /* AID is not included */ + p = hostapd_eid_supp_rates(hapd, p); + p = hostapd_eid_ext_supp_rates(hapd, p); + p = hostapd_eid_rm_enabled_capab(hapd, p, buf + buflen - p); + p = hostapd_eid_ht_capabilities(hapd, p); + p = hostapd_eid_ht_operation(hapd, p); + + if (hapd->iconf->ieee80211ac && !hapd->conf->disable_11ac) { + p = hostapd_eid_vht_capabilities(hapd, p, 0); + p = hostapd_eid_vht_operation(hapd, p); + } + + if (hapd->iconf->ieee80211ax && !hapd->conf->disable_11ax) { + p = hostapd_eid_he_capab(hapd, p, IEEE80211_MODE_AP); + p = hostapd_eid_he_operation(hapd, p); + p = hostapd_eid_spatial_reuse(hapd, p); + p = hostapd_eid_he_mu_edca_parameter_set(hapd, p); + p = hostapd_eid_he_6ghz_band_cap(hapd, p); + if (hapd->iconf->ieee80211be && !hapd->conf->disable_11be) { + p = hostapd_eid_eht_capab(hapd, p, IEEE80211_MODE_AP); + p = hostapd_eid_eht_operation(hapd, p); + } + } + + p = hostapd_eid_ext_capab(hapd, p, false); + p = hostapd_eid_mbo(hapd, p, buf + buflen - p); + p = hostapd_eid_wmm(hapd, p); + + if (hapd->conf->assocresp_elements && + (size_t)(buf + buflen - p) >= + wpabuf_len(hapd->conf->assocresp_elements)) { + os_memcpy(p, wpabuf_head(hapd->conf->assocresp_elements), + wpabuf_len(hapd->conf->assocresp_elements)); + p += wpabuf_len(hapd->conf->assocresp_elements); + } + +out: + return p - buf; +} + + +static void ieee80211_ml_process_link(struct hostapd_data *hapd, + struct sta_info *origin_sta, + struct mld_link_info *link, + const u8 *ies, size_t ies_len, + int reassoc) +{ + struct ieee802_11_elems elems; + struct wpabuf *mlbuf = NULL; + struct sta_info *sta = NULL; + u16 status = WLAN_STATUS_SUCCESS; + + wpa_printf(MSG_INFO, "MLD: link: link_id=%u, peer=" MACSTR, + hapd->conf->mld_link_id, MAC2STR(link->peer_addr)); + + if (ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed) { + wpa_printf(MSG_DEBUG, "MLD: link: failed parsing"); + status = WLAN_STATUS_UNSPECIFIED_FAILURE; + goto out; + } + + sta = ap_get_sta(hapd, origin_sta->addr); + if (sta) { + wpa_printf(MSG_INFO, "MLD: link: station already exists"); + status = WLAN_STATUS_UNSPECIFIED_FAILURE; + sta = NULL; + goto out; + } + + sta = ap_sta_add(hapd, origin_sta->addr); + if (!sta) { + wpa_printf(MSG_DEBUG, "MLD: link: ap_sta_add() failed"); + status = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; + goto out; + } + + mlbuf = ieee802_11_defrag_mle(&elems, MULTI_LINK_CONTROL_TYPE_BASIC); + + if (!mlbuf) + goto out; + + if (ParseOK != ieee802_11_parse_link_assoc_req(ies, ies_len, &elems, + mlbuf, + hapd->conf->mld_link_id, + true)) { + wpa_printf(MSG_DEBUG, "MLD: link: assoc_req parse failed"); + status = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; + goto out; + } + + sta->flags |= origin_sta->flags | WLAN_STA_ASSOC_REQ_OK; + status = __check_assoc_ies(hapd, sta, NULL, 0, &elems, reassoc, true); + if (status != WLAN_STATUS_SUCCESS) { + wpa_printf(MSG_DEBUG, "MLD: link: element check failed"); + goto out; + } + + sta->mld_info.mld_sta = true; + sta->mld_assoc_link_id = origin_sta->mld_assoc_link_id; + + os_memcpy(&sta->mld_info, &origin_sta->mld_info, sizeof(sta->mld_info)); + + /* + * Get the AID from the station on which the association was preformed, + * and mark it as used. + */ + sta->aid = origin_sta->aid; + hapd->sta_aid[(sta->aid - 1) / 32] |= BIT((sta->aid - 1) % 32); + sta->listen_interval = origin_sta->listen_interval; + update_ht_state(hapd, sta); + + /* WPA authenticator should always be the one on the original station */ + wpa_auth_sta_deinit(sta->wpa_sm); + sta->wpa_sm = NULL; + + /* + * Do not initialize the EAPOL state machine. + * TODO: maybe it is needed? + */ + sta->eapol_sm = NULL; + + wpa_printf(MSG_DEBUG, + "MLD: link=%u, association OK (aid=%u)", + hapd->conf->mld_link_id, sta->aid); + + /* + * Get RSN and RSNXE elements for the current BSS as they are required + * by the authenticator + */ + link->rsne = hostapd_wpa_ie(hapd, WLAN_EID_RSN); + link->rsnxe = hostapd_wpa_ie(hapd, WLAN_EID_RSNX); + + sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC_REQ_OK; + + /* TODO: What other processing is required? */ + + if (add_associated_sta(hapd, sta, reassoc)) + status = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; +out: + wpabuf_free(mlbuf); + link->status = status; + + wpa_printf(MSG_DEBUG, "MLD: link: status=%u", status); + if (sta && status != WLAN_STATUS_SUCCESS) + ap_free_sta(hapd, sta); + + link->resp_sta_profile_len = + ieee80211_ml_build_assoc_resp(hapd, link->status, + link->resp_sta_profile, + sizeof(link->resp_sta_profile)); +} + +static bool hostapd_is_mld_ap(struct hostapd_data *hapd) +{ + if (!hapd->conf->mld_ap) + return false; + + if (!hapd->iface || !hapd->iface->interfaces || + hapd->iface->interfaces->count <= 1) + return false; + + return true; +} + +#endif /* CONFIG_IEEE80211BE */ + +static void hostapd_process_assoc_ml_info(struct hostapd_data *hapd, + struct sta_info *sta, + const u8 *ies, size_t ies_len, + int reassoc) +{ +#ifdef CONFIG_IEEE80211BE + u8 i, j; + + if (!hostapd_is_mld_ap(hapd)) + return; + + /* + * This is not really needed, but make the interaction with the WPA + * authenticator more consistent + */ + sta->mld_info.links[hapd->conf->mld_link_id].rsne = + hostapd_wpa_ie(hapd, WLAN_EID_RSN); + sta->mld_info.links[hapd->conf->mld_link_id].rsnxe = + hostapd_wpa_ie(hapd, WLAN_EID_RSNX); + + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + struct hostapd_iface *iface = NULL; + struct mld_link_info *link = &sta->mld_info.links[i]; + + if (!link->valid) + continue; + + for (j = 0; j < hapd->iface->interfaces->count; j++) { + iface = hapd->iface->interfaces->iface[j]; + + if (hapd->iface == iface) + continue; + + if (iface->bss[0]->conf->mld_ap && + hapd->conf->mld_id == iface->bss[0]->conf->mld_id && + i == iface->bss[0]->conf->mld_link_id) + break; + } + + if (!iface || j == hapd->iface->interfaces->count) { + wpa_printf(MSG_DEBUG, + "MLD: no link match for link_id=%u", + i); + + link->status = WLAN_STATUS_UNSPECIFIED_FAILURE; + link->resp_sta_profile_len = + ieee80211_ml_build_assoc_resp(hapd, + link->status, + link->resp_sta_profile, + sizeof(link->resp_sta_profile)); + } else { + ieee80211_ml_process_link(iface->bss[0], + sta, link, + ies, ies_len, reassoc); + } + } +#endif /* CONFIG_IEEE80211BE */ } @@ -5135,6 +5391,9 @@ static void handle_assoc(struct hostapd_data *hapd, add_associated_sta(hapd, sta, reassoc)) resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; + if (resp == WLAN_STATUS_SUCCESS) + hostapd_process_assoc_ml_info(hapd, sta, pos, left, reassoc); + #ifdef CONFIG_FILS if (sta && delay_assoc && resp == WLAN_STATUS_SUCCESS && eloop_is_timeout_registered(fils_hlp_timeout, hapd, sta) && diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h index b39ec0cdbe..022f5e9918 100644 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h @@ -18,6 +18,7 @@ struct ieee80211_vht_capabilities; struct ieee80211_mgmt; struct radius_sta; enum ieee80211_op_mode; +struct ieee802_11_elems; int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, struct hostapd_frame_info *fi); @@ -89,6 +90,9 @@ struct wpabuf *hostapd_ml_auth_resp(struct hostapd_data *hapd); const u8 *hostapd_process_ml_auth(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len); +u16 hostapd_process_ml_assoc_req(struct hostapd_data *hapd, + struct ieee802_11_elems *elems, + struct sta_info *sta); int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta); u16 copy_sta_ht_capab(struct hostapd_data *hapd, struct sta_info *sta, const u8 *ht_capab); diff --git a/src/ap/ieee802_11_eht.c b/src/ap/ieee802_11_eht.c index a086ed3048..b18e7c75db 100644 --- a/src/ap/ieee802_11_eht.c +++ b/src/ap/ieee802_11_eht.c @@ -796,3 +796,295 @@ const u8 *hostapd_process_ml_auth(struct hostapd_data *hapd, return get_basic_mle_mld_addr(elems.basic_mle, elems.basic_mle_len); } + + +static int hostapd_mld_validate_assoc_info(struct hostapd_data *hapd, + struct mld_info *info) +{ + u8 i, link_id; + + if (!info->mld_sta) { + wpa_printf(MSG_DEBUG, "MLD: not an MLD station"); + return 0; + } + + /* + * Iterate over the link negotiated in the association request and + * validate that they are indeed valid links in the local MLD AP. + * While at it, also update the local address for the links in the + * mld_info, so it could be easily available for later flows, e.g., for + * the WPA authenticator etc. + */ + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + struct hostapd_data *other_hapd; + + if (!info->links[link_id].valid) + continue; + + for (i = 0; i < hapd->iface->interfaces->count; i++) { + other_hapd = hapd->iface->interfaces->iface[i]->bss[0]; + + if (hapd == other_hapd) + continue; + + if (other_hapd->conf->mld_ap && + other_hapd->conf->mld_id == hapd->conf->mld_id && + link_id == other_hapd->conf->mld_link_id) + break; + } + + if (i == hapd->iface->interfaces->count && + link_id != hapd->conf->mld_link_id) { + wpa_printf(MSG_DEBUG, "MLD: invalid link ID=%u", + link_id); + return -1; + } + + if (i < hapd->iface->interfaces->count) + os_memcpy(info->links[link_id].local_addr, + other_hapd->own_addr, + ETH_ALEN); + } + + return 0; +} + + +u16 hostapd_process_ml_assoc_req(struct hostapd_data *hapd, + struct ieee802_11_elems *elems, + struct sta_info *sta) +{ + struct wpabuf *mlbuf = ieee802_11_defrag_mle(elems, + MULTI_LINK_CONTROL_TYPE_BASIC); + struct ieee80211_eht_ml *ml; + struct eht_ml_basic_common_info *common_info; + size_t ml_len, common_info_len; + struct mld_link_info *link_info; + struct mld_info *info = &sta->mld_info; + u8 *pos; + int ret = -1; + u16 ml_control; + + if (!mlbuf) + return WLAN_STATUS_SUCCESS; + + ml = (struct ieee80211_eht_ml *)wpabuf_head(mlbuf); + ml_len = wpabuf_len(mlbuf); + + ml_control = le_to_host16(ml->ml_control); + if ((ml_control & MULTI_LINK_CONTROL_TYPE_MASK) != MULTI_LINK_CONTROL_TYPE_BASIC) { + wpa_printf(MSG_DEBUG, "MLD: Invalid ML type=%u", + ml_control & MULTI_LINK_CONTROL_TYPE_MASK); + goto out; + } + + /* common info length and MLD address must always be present */ + common_info_len = 7; + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_LINK_ID) { + wpa_printf(MSG_DEBUG, "MLD: link ID info not expected"); + goto out; + } + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_BSS_PARAM_CH_COUNT) { + wpa_printf(MSG_DEBUG, "MLD: BSS params change not expected"); + goto out; + } + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_MSD_INFO) { + wpa_printf(MSG_DEBUG, "MLD: sync delay not expected"); + goto out; + } + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_EML_CAPA) { + common_info_len += 2; + } else { + wpa_printf(MSG_DEBUG, "MLD: EML capabilities not present"); + } + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_MLD_CAPA) { + common_info_len += 2; + + } else { + wpa_printf(MSG_DEBUG, "MLD: MLD capabilities not present"); + goto out; + } + + wpa_printf(MSG_DEBUG, "MLD: expected_common_info_len=%lu", + common_info_len); + + if (sizeof(*ml) + common_info_len > ml_len) { + wpa_printf(MSG_DEBUG, "MLD: not enough bytes for common info"); + goto out; + } + + common_info = (struct eht_ml_basic_common_info *)ml->variable; + + /* common information length includes the length octet */ + if (common_info->len != common_info_len) { + wpa_printf(MSG_DEBUG, + "MLD: invalid common info len=%u", common_info->len); + goto out; + } + + pos = common_info->variable; + + if (ml_control & BASIC_MULTI_LINK_CTRL_PRES_EML_CAPA) { + info->common_info.eml_capa = WPA_GET_LE16(pos); + pos += 2; + } else { + info->common_info.eml_capa = 0; + } + + info->common_info.mld_capa = WPA_GET_LE16(pos); + pos += 2; + + wpa_printf(MSG_DEBUG, + "MLD: addr=" MACSTR ", eml=0x%x, mld=0x%x", + MAC2STR(info->common_info.mld_addr), + info->common_info.eml_capa, info->common_info.mld_capa); + + + /* get the MLD Address */ + if (os_memcmp(info->common_info.mld_addr, common_info->mld_addr, + ETH_ALEN)) { + wpa_printf(MSG_DEBUG, "MLD: MLD address mismatch with auth"); + goto out; + } + + info->links[hapd->conf->mld_link_id].valid = true; + + /* parse the link info field */ + ml_len -= (sizeof(*ml) + common_info_len); + + while (ml_len > 2) { + size_t sub_elem_len = *(pos + 1); + size_t sta_info_len; + u16 control; + + wpa_printf(MSG_DEBUG, "MLD: sub element len=%zu", + sub_elem_len); + + if (2 + sub_elem_len > ml_len) { + wpa_printf(MSG_DEBUG, + "MLD: invalid link info len: %zu %zu", + 2 + sub_elem_len, ml_len); + goto out; + } + + if (*pos == WLAN_EID_VENDOR_SPECIFIC) { + wpa_printf(MSG_DEBUG, + "MLD: skip vendor specific subelement"); + + pos += 2 + sub_elem_len; + ml_len -= 2 + sub_elem_len; + continue; + } else if (*pos != 0) { + wpa_printf(MSG_DEBUG, "MLD: invalid subelement ID=%u", + *pos); + goto out; + } + + /* skip the subelement ID and the length */ + pos += 2; + ml_len -= 2; + + /* get the station control field */ + control = WPA_GET_LE16(pos); + link_info = &info->links[control & EHT_PER_STA_CTRL_LINK_ID_MSK]; + pos += 2; + ml_len -= 2; + + if (!(control & EHT_PER_STA_CTRL_COMPLETE_PROFILE_MSK)) { + wpa_printf(MSG_DEBUG, + "MLD: per STA complete profile expected"); + goto out; + } + + if (!(control & EHT_PER_STA_CTRL_MAC_ADDR_PRESENT_MSK)) { + wpa_printf(MSG_DEBUG, + "MLD: per STA MAC address not present"); + goto out; + } + + if ((control & (EHT_PER_STA_CTRL_BEACON_INTERVAL_PRESENT_MSK | + EHT_PER_STA_CTRL_DTIM_INFO_PRESENT_MSK))) { + wpa_printf(MSG_DEBUG, + "MLD: beacon/DTIM interval not expected"); + goto out; + } + + /* the length octet and the MAC address must be present */ + sta_info_len = 1 + ETH_ALEN; + + if (control & EHT_PER_STA_CTRL_NSTR_LINK_PAIR_PRESENT_MSK) { + if (control & EHT_PER_STA_CTRL_NSTR_BM_SIZE_MSK) + link_info->nstr_bitmap_len = 2; + else + link_info->nstr_bitmap_len = 1; + } + + sta_info_len += link_info->nstr_bitmap_len; + + if (sta_info_len > ml_len || sta_info_len != (*pos)) { + wpa_printf(MSG_DEBUG, "MLD: invalid sta info len"); + goto out; + } + + /* skip the length */ + pos++; + ml_len--; + + /* get the link address */ + os_memcpy(link_info->peer_addr, pos, ETH_ALEN); + wpa_printf(MSG_DEBUG, + "MLD: assoc: link id=%u, addr=" MACSTR, + control & EHT_PER_STA_CTRL_LINK_ID_MSK, + MAC2STR(link_info->peer_addr)); + + pos += ETH_ALEN; + ml_len -= ETH_ALEN; + + /* get the NSTR bitmap */ + if (link_info->nstr_bitmap_len) { + os_memcpy(link_info->nstr_bitmap, pos, + link_info->nstr_bitmap_len); + pos += link_info->nstr_bitmap_len; + ml_len -= link_info->nstr_bitmap_len; + } + + sub_elem_len -= sta_info_len + 2; + + wpa_printf(MSG_DEBUG, "MLD: STA profile len=%zu", + sub_elem_len); + + if (sub_elem_len > 2) + link_info->capability = WPA_GET_LE16(pos); + + pos += sub_elem_len; + ml_len -= sub_elem_len; + + wpa_printf(MSG_DEBUG, + "link ctrl=0x%x, " MACSTR ", nstr bm len=%lu", + control, MAC2STR(link_info->peer_addr), + link_info->nstr_bitmap_len); + + link_info->valid = true; + } + + if (ml_len) { + wpa_printf(MSG_DEBUG, "MLD: %zu bytes left after parsing. fail", + ml_len); + goto out; + } + + ret = hostapd_mld_validate_assoc_info(hapd, info); +out: + wpabuf_free(mlbuf); + if (ret) { + os_memset(info, 0, sizeof(*info)); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + + return WLAN_STATUS_SUCCESS; +} diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c index fab1315a61..6848aab3da 100644 --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c @@ -298,7 +298,15 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) sae_clear_retransmit_timer(hapd, sta); ieee802_1x_free_station(hapd, sta); + +#ifdef CONFIG_IEEE80211BE + if (!hapd->conf->mld_ap || + hapd->conf->mld_link_id == sta->mld_assoc_link_id) + wpa_auth_sta_deinit(sta->wpa_sm); +#else wpa_auth_sta_deinit(sta->wpa_sm); +#endif /* CONFIG_IEEE80211BE */ + rsn_preauth_free_station(hapd, sta); #ifndef CONFIG_NO_RADIUS if (hapd->radius) @@ -863,7 +871,14 @@ void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, ap_handle_timer, hapd, sta); accounting_sta_stop(hapd, sta); ieee802_1x_free_station(hapd, sta); +#ifdef CONFIG_IEEE80211BE + if (!hapd->conf->mld_ap || + hapd->conf->mld_link_id == sta->mld_assoc_link_id) + wpa_auth_sta_deinit(sta->wpa_sm); +#else wpa_auth_sta_deinit(sta->wpa_sm); +#endif /* CONFIG_IEEE80211BE */ + sta->wpa_sm = NULL; sta->disassoc_reason = reason; From patchwork Wed Feb 15 23:08:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743171 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=aAV3VJaS; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=PvydGx84; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDly2VB7z23j7 for ; Thu, 16 Feb 2023 10:28:30 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=/627F1meLJiGV367rQWNZF3PdXnEyb3iT3MOyIacbvk=; b=aAV3VJaSQsrgoM mL+T6xL94K3joIhxkgaP/luogDVulUla6I/ZL91+thcAM/RxW+zfrzFf2pbOwOHrxz9J2KY7tjTt1 sGdjAIN68Huu7nPxIY/yeLBBjUneiFgrSM4BJHVz2AOdi2vd0DRZ/9DzkcIRwSDJBRqMnMhDrScAR LkpvvHo4D171YrH/3b70Rcxp0EIxT1HQVaudXhypNCc+Eo9O05bEHUg2vpt++V90IMDYPeMFSer5V UtEvsPQa7hsudzwDMYdkdgbF3n9d3E6aWKTLeUL2jKhl/cF10xBHhVmM7zmvj0+Nj7Y8cApuajEy2 JR9kbCsQQ4UwHAaXDMkQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRBZ-007rTD-Fw; Wed, 15 Feb 2023 23:27:38 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuT-007lS9-RL for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:09:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502597; x=1708038597; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=DPj0x8KuZQPFbp4Mx0igW3h/vcUT4RZChP1pigeFjcU=; b=PvydGx84vl8UKJbRU1PvYxZ25W+eHGTxmPFGSRg5J43x1xrXq3GyQl+R AsTY1k1rgmgVfvOlQrv4f3J6c/CNLI/VBnWYOBdmxHVSvsaK9ex6O7I20 AMMXp8tyF60cKpm7POOgirk3ZOmAVARiMuuiiu4/so8ZaibdQj3eWB9d8 T9qIhv89Z1LAobsUjPyQjStAUWU/BRpEQEBnRemjZnBKhtRq+lDc0Q3Wr tjD2qApyHgbXBOzxl4TfFnLckdOd5QWHTGp5BDrZFYNuGbtqLP3mRs/vQ JlpUyFU9uO0yF1wnN8zogIdx/A+1Qnw+VGl3FxWKrgfxGWHj85WDHxsCT A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719675" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719675" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:57 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344274" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344274" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:56 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH 23/50] AP: MLO: Add ML element to association response Date: Thu, 16 Feb 2023 01:08:37 +0200 Message-Id: <20230215230904.933291-24-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150957_969807_8E90885E X-CRM114-Status: GOOD ( 11.80 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Add the full station profile to the ML element in the association response. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Add the full station profile to the ML element in the association response. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 31979dee8d..0516033b94 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -4620,6 +4620,7 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, struct ieee80211_mgmt *reply; u8 *p; u16 res = WLAN_STATUS_SUCCESS; + const u8 *sa = hapd->own_addr; buflen = sizeof(struct ieee80211_mgmt) + 1024; #ifdef CONFIG_FILS @@ -4653,9 +4654,19 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, IEEE80211_FC(WLAN_FC_TYPE_MGMT, (reassoc ? WLAN_FC_STYPE_REASSOC_RESP : WLAN_FC_STYPE_ASSOC_RESP)); + +#ifdef CONFIG_IEEE80211BE + /* + * Once an non-AP MLD station is added to the driver, the addressing + * should use MLD address. + */ + if (hapd->conf->mld_ap && sta && sta->mld_info.mld_sta) + sa = hapd->mld_addr; +#endif /* CONFIG_IEEE80211BE */ + os_memcpy(reply->da, addr, ETH_ALEN); - os_memcpy(reply->sa, hapd->own_addr, ETH_ALEN); - os_memcpy(reply->bssid, hapd->own_addr, ETH_ALEN); + os_memcpy(reply->sa, sa, ETH_ALEN); + os_memcpy(reply->bssid, sa, ETH_ALEN); send_len = IEEE80211_HDRLEN; send_len += sizeof(reply->u.assoc_resp); @@ -4791,6 +4802,8 @@ rsnxe_done: #ifdef CONFIG_IEEE80211BE if (hapd->iconf->ieee80211be && !hapd->conf->disable_11be) { + if (hapd->conf->mld_ap) + p = hostapd_eid_eht_basic_ml(hapd, p, sta, false); p = hostapd_eid_eht_capab(hapd, p, IEEE80211_MODE_AP); p = hostapd_eid_eht_operation(hapd, p); } From patchwork Wed Feb 15 23:08:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743172 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=f9/DnZyv; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=c2GeUuJr; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDnz4Yr7z23h0 for ; Thu, 16 Feb 2023 10:30:15 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=uRlNSoS9OSIcwuh5OBHpZnTvcIuoN8q0m9Ni4AoaJM0=; b=f9/DnZyv5HjK9j 98ilYfwtNySgdsssXIcR23a3ocb4zOoi0xZPdkpSqeG1dhFSOG8LYNk6TP9b7+WrRsgrLSKwkM9vJ h0izP0ulbiqvQZHXw/Fs2e5njPAQvC7YbL6kxmGtcGidN2Ie1JgHm9SridIZyhycGi/0mQ1dMTnWT X2Se+NJLp5pzTHwjLaaXKxMutKp6qOTQGwu2AUXYIhui5Yg+lq8gkc/RWbqMXP+AtKjc+jzjm5kth PkHR0PLjk08M8EhZCrJedSgp5j27gvQ/AbCl5MmHhfPn48CaMLMJazn+cPUYSPZY9AY6TNHvDzJEW R2w8Ll/uftc0NG0U4LyA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRDC-007rxH-Hu; Wed, 15 Feb 2023 23:29:19 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuV-007lSi-Hn for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:01 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502599; x=1708038599; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=pu7ZRmkEOX0Js3dJGfWluJBs/E7FyCvJanLbqGztOyQ=; b=c2GeUuJrTbUyXYFcmdGWE2kP/T+kcMrKL1ybmIpDWb5888ZGuWYEyodM NqprQVpv9Oe3vlBHtqMdpeBCAcotSnkrIHcGAWZCmalRKLVytFifdh9pS 2H3pBckIRvpHUmOHbXOnSGWahhEAtt8Axmuxzy0YxofMXcrGaVzH5MkxJ cqaC9JQFHN5BGAcjOc/o/RO0RlJpNfzcPaXeU8Hyf/qyv2SyxguSu6jIL u8hboL4v/0pKsHbUBfilMA0ZJ7/RZnWCl+SvETBS4y990bBQzZqxdsY5p nCYN4m4e5i+680spJe++2Gvifki7prY8B1f0uIj+n87vu4Icg8iIjqtGl g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719685" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719685" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:59 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344280" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344280" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:57 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 24/50] AP: MLO: Handle association callback Date: Thu, 16 Feb 2023 01:08:38 +0200 Message-Id: <20230215230904.933291-25-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_150959_696906_BD08CE34 X-CRM114-Status: GOOD ( 18.70 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Handle association request callback in the context of MLO. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 112 ++++++++++++++++++++++++++++++++++++++++++-- 1 file [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Handle association request callback in the context of MLO. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 112 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 108 insertions(+), 4 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 0516033b94..b090ee6105 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -6041,6 +6041,97 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd, } +#ifdef CONFIG_IEEE80211BE + +static void ieee80211_ml_link_sta_assoc_cb(struct hostapd_data *hapd, + struct sta_info *origin_sta, + struct sta_info *sta, + int reassoc, + struct mld_link_info *link, + int ok) +{ + if (!ok) { + hostapd_logger(hapd, link->peer_addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_DEBUG, + "did not acknowledge association response"); + sta->flags &= ~WLAN_STA_ASSOC_REQ_OK; + + /* The STA is added only in case of SUCCESS */ + if (link->status == WLAN_STATUS_SUCCESS) + hostapd_drv_sta_remove(hapd, sta->addr); + + return; + } + + if (link->status != WLAN_STATUS_SUCCESS) + return; + + sta->flags |= WLAN_STA_ASSOC; + sta->flags &= ~WLAN_STA_WNM_SLEEP_MODE; + + if (!hapd->conf->ieee802_1x && !hapd->conf->wpa) + ap_sta_set_authorized(hapd, sta, 1); + + hostapd_set_sta_flags(hapd, sta); + + /* + * TODOs: + * - 802.1X port enablement is not needed as done on the station doing + * the connection. + * - Not handling accouting + * - Need to handle VLAN configuration + */ +} + +#endif /* CONFIG_IEEE80211BE */ + + +static void hostapd_ml_handle_assoc_cb(struct hostapd_data *hapd, + struct sta_info *sta, + int reassoc, int ok) +{ +#ifdef CONFIG_IEEE80211BE + u8 i, link_id; + + if (!hostapd_is_mld_ap(hapd)) + return; + + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + struct mld_link_info *link = &sta->mld_info.links[link_id]; + + if (!link->valid) + continue; + + for (i = 0; i < hapd->iface->interfaces->count; i++) { + struct sta_info *tmp_sta; + struct hostapd_data *tmp_hapd = + hapd->iface->interfaces->iface[i]->bss[0]; + + if (tmp_hapd->conf->mld_ap || + hapd->conf->mld_id != tmp_hapd->conf->mld_id) + continue; + + for (tmp_sta = tmp_hapd->sta_list; tmp_sta; + tmp_sta = tmp_sta->next) { + if (tmp_sta == sta || + tmp_sta->mld_assoc_link_id != + sta->mld_assoc_link_id || + tmp_sta->aid != sta->aid) + continue; + + ieee80211_ml_link_sta_assoc_cb(tmp_hapd, + sta, tmp_sta, + reassoc, + link, + ok); + break; + } + } + } +#endif /* CONFIG_IEEE80211BE */ +} + + static void handle_assoc_cb(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len, int reassoc, int ok) @@ -6056,6 +6147,16 @@ static void handle_assoc_cb(struct hostapd_data *hapd, return; } +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && + hapd->conf->mld_link_id != sta->mld_assoc_link_id) { + wpa_printf(MSG_INFO, + "handle_assoc_cb: MLD: ignore on link station"); + return; + } + +#endif /* CONFIG_IEEE80211BE */ + if (len < IEEE80211_HDRLEN + (reassoc ? sizeof(mgmt->u.reassoc_resp) : sizeof(mgmt->u.assoc_resp))) { wpa_printf(MSG_INFO, @@ -6079,11 +6180,11 @@ static void handle_assoc_cb(struct hostapd_data *hapd, if (status == WLAN_STATUS_SUCCESS) hostapd_drv_sta_remove(hapd, sta->addr); - return; + goto handle_ml; } if (status != WLAN_STATUS_SUCCESS) - return; + goto handle_ml; /* Stop previous accounting session, if one is started, and allocate * new session id for the new session. */ @@ -6125,11 +6226,11 @@ static void handle_assoc_cb(struct hostapd_data *hapd, * interface selection is not going to change anymore. */ if (ap_sta_bind_vlan(hapd, sta) < 0) - return; + goto handle_ml; } else if (sta->vlan_id) { /* VLAN ID already set (e.g., by PMKSA caching), so bind STA */ if (ap_sta_bind_vlan(hapd, sta) < 0) - return; + goto handle_ml; } hostapd_set_sta_flags(hapd, sta); @@ -6193,6 +6294,9 @@ static void handle_assoc_cb(struct hostapd_data *hapd, os_free(sta->pending_eapol_rx); sta->pending_eapol_rx = NULL; } + +handle_ml: + hostapd_ml_handle_assoc_cb(hapd, sta, reassoc, ok); } From patchwork Wed Feb 15 23:08:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743173 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=pG9II6c7; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=D2lNnYAd; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDqQ5yxGz23h0 for ; Thu, 16 Feb 2023 10:31:28 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=hiV1we38ZV1LEBVbt6njrp9gfSylp3DMWML9K4oo9c8=; b=pG9II6c7uu0z+I 4eaZHLE0WtLiooeMLVx4It+8G1j2e3OBNMq2sgSlpbatFx8a/+mMcblAemYnfvFVqXIHXalXY8u1R FT/kyoX3qm69mStTadrkKQBsO9IMltOB4Xpj6DS9YFyqtAttNz1aMg8c8x7a+4dxBHlDyqIgzi8x/ jpHubl09Gv6hXFSg6G/XyeC2lZQb/d+QfM7UhUbpAnG0V/VCt/foZkqvQO8nwxRSkJlIFrzPWhRoj Qwu1mhIWJ/tfUsV6tV9Qg/m/03N264YQoB2p0MtfLUlBeH02YsOSdWqipEj9lcwdMKE0Mq288IEta fKt+UUt6a7FrNCD0kgeA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSREO-007sJY-DE; Wed, 15 Feb 2023 23:30:32 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuX-007lTE-4Y for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:02 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502601; x=1708038601; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=xq9CrsvUpKIbvVMcfWUmFBmTW5g5tPeu0lu6+8AaP80=; b=D2lNnYAdd0dT+hOJmjYtTW7ulNADFOvIs30XJgacU3v6xUUIunApvwy8 uONoAKpCq5YvzQJURCQVnEnFogwHz7u2nQ7EfJ4iPKsl59E2Vrs4UYkQi myFJXoEyoF+q2WmG6buWOMthLUcpkf/HNXFdRHnCin/BiRxLva5uFKwST snwys8RU8RJ8N+sF9jfiowvaTrA/xj/3Z+tLw0HrtOg6x1kMDfUjcpY1F K38UjFQM5bSxIf9TxwNPfiLVuRm8wXM4KWG6VXhuj3YSDxtRM+0mXuWJB Ktb/FZR6zXL0f6dluq5dg0UqhRoklz+M9SgpJLbRW6MFDz0hZOz+MhgR+ w==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719693" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719693" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:00 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344289" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344289" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:09:59 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 25/50] AP: MLO: Handle deauth/disassoc of MLD station Date: Thu, 16 Feb 2023 01:08:39 +0200 Message-Id: <20230215230904.933291-26-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151001_298353_3CD0031E X-CRM114-Status: GOOD ( 19.80 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer When a station is deauthenticated/disassociated from an MLD AP, make sure to cleanup its state from all links. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 220 +++++++++++++++++++++++++++++++++++++------- 1 file [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer When a station is deauthenticated/disassociated from an MLD AP, make sure to cleanup its state from all links. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 220 +++++++++++++++++++++++++++++++++++++------- 1 file changed, 187 insertions(+), 33 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index b090ee6105..8dba283758 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -5462,28 +5462,39 @@ static void handle_assoc(struct hostapd_data *hapd, } -static void handle_disassoc(struct hostapd_data *hapd, - const struct ieee80211_mgmt *mgmt, size_t len) +static void hostapd_deauth_sta(struct hostapd_data *hapd, + struct sta_info *sta, + const struct ieee80211_mgmt *mgmt) { - struct sta_info *sta; + wpa_msg(hapd->msg_ctx, MSG_DEBUG, + "deauthentication: STA=" MACSTR " reason_code=%d", + MAC2STR(mgmt->sa), le_to_host16(mgmt->u.deauth.reason_code)); + + ap_sta_set_authorized(hapd, sta, 0); + sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; + sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | + WLAN_STA_ASSOC_REQ_OK); + hostapd_set_sta_flags(hapd, sta); + wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_DEBUG, "deauthenticated"); + mlme_deauthenticate_indication( + hapd, sta, le_to_host16(mgmt->u.deauth.reason_code)); + sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST; + ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); + ap_free_sta(hapd, sta); +} - if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.disassoc)) { - wpa_printf(MSG_INFO, "handle_disassoc - too short payload (len=%lu)", - (unsigned long) len); - return; - } - wpa_printf(MSG_DEBUG, "disassocation: STA=" MACSTR " reason_code=%d", +static void hostapd_disassoc_sta(struct hostapd_data *hapd, + struct sta_info *sta, + const struct ieee80211_mgmt *mgmt) +{ + wpa_printf(MSG_DEBUG, + "disassocation: STA=" MACSTR " reason_code=%d", MAC2STR(mgmt->sa), le_to_host16(mgmt->u.disassoc.reason_code)); - sta = ap_get_sta(hapd, mgmt->sa); - if (sta == NULL) { - wpa_printf(MSG_INFO, "Station " MACSTR " trying to disassociate, but it is not associated", - MAC2STR(mgmt->sa)); - return; - } - ap_sta_set_authorized(hapd, sta, 0); sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); @@ -5527,6 +5538,162 @@ static void handle_disassoc(struct hostapd_data *hapd, } +#ifdef CONFIG_IEEE80211BE + +static struct sta_info * +hostapd_ml_get_assoc_sta(struct hostapd_data *hapd, + struct sta_info *sta, + struct hostapd_data **assoc_hapd) +{ + struct hostapd_data *other_hapd = NULL; + struct sta_info *tmp_sta; + u8 i; + + *assoc_hapd = hapd; + + /* The station is the one on which the association was performed */ + if (sta->mld_assoc_link_id == hapd->conf->mld_link_id) + return sta; + + /* Find the hapd with the corresponding link ID */ + for (i = 0; i < hapd->iface->interfaces->count; i++) { + other_hapd = hapd->iface->interfaces->iface[i]->bss[0]; + + if (hapd == other_hapd) + continue; + + if (other_hapd->conf->mld_ap && + hapd->conf->mld_id == other_hapd->conf->mld_id && + sta->mld_assoc_link_id == other_hapd->conf->mld_link_id) + break; + } + + if (!other_hapd || i == hapd->iface->interfaces->count) { + wpa_printf(MSG_DEBUG, + "MLD: no link match for link_id=%u", + sta->mld_assoc_link_id); + return sta; + } + + /* + * Iterate over the stations and find the one with the matching link ID + * and association ID + */ + for (tmp_sta = other_hapd->sta_list; tmp_sta; tmp_sta = tmp_sta->next) { + if (tmp_sta->mld_assoc_link_id == sta->mld_assoc_link_id && + tmp_sta->aid == sta->aid) { + *assoc_hapd = other_hapd; + return tmp_sta; + } + } + + return sta; +} + +#endif /* CONFIG_IEEE80211BE */ + + +static bool hostapd_ml_handle_disconnect(struct hostapd_data *hapd, + struct sta_info *sta, + const struct ieee80211_mgmt *mgmt, + bool disassoc) +{ +#ifdef CONFIG_IEEE80211BE + struct hostapd_data *assoc_hapd, *tmp_hapd; + struct sta_info *assoc_sta; + u8 i, link_id; + + if (!hostapd_is_mld_ap(hapd)) + return false; + + /* + * Get the station on which the association was performed, as it holds + * the information about all the other links + */ + assoc_sta = hostapd_ml_get_assoc_sta(hapd, sta, &assoc_hapd); + + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + for (i = 0; i < assoc_hapd->iface->interfaces->count; i++) { + struct sta_info *tmp_sta; + + if (!assoc_sta->mld_info.links[link_id].valid) + continue; + + tmp_hapd = + assoc_hapd->iface->interfaces->iface[i]->bss[0]; + + if (!tmp_hapd->conf->mld_ap || + assoc_hapd->conf->mld_id != tmp_hapd->conf->mld_id) + continue; + + for (tmp_sta = tmp_hapd->sta_list; tmp_sta; + tmp_sta = tmp_sta->next) { + /* + * remove the station on which the association + * was done only after all other link station + * are removed. Since there is a only a single + * station per hapd with the same association + * link simply break; + */ + if (tmp_sta == assoc_sta) + break; + + if (tmp_sta->mld_assoc_link_id != + assoc_sta->mld_assoc_link_id || + tmp_sta->aid != assoc_sta->aid) + continue; + + if (!disassoc) + hostapd_deauth_sta(tmp_hapd, tmp_sta, + mgmt); + else + hostapd_disassoc_sta(tmp_hapd, tmp_sta, + mgmt); + break; + } + } + } + + /* remove the station on which the association was performed */ + if (!disassoc) + hostapd_deauth_sta(assoc_hapd, assoc_sta, mgmt); + else + hostapd_disassoc_sta(assoc_hapd, assoc_sta, mgmt); + + return true; +#else + return false; +#endif /* CONFIG_IEEE80211BE */ +} + + +static void handle_disassoc(struct hostapd_data *hapd, + const struct ieee80211_mgmt *mgmt, size_t len) +{ + struct sta_info *sta; + + if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.disassoc)) { + wpa_printf(MSG_INFO, + "handle_disassoc - too short payload (len=%lu)", + (unsigned long) len); + return; + } + + sta = ap_get_sta(hapd, mgmt->sa); + if (!sta) { + wpa_printf(MSG_INFO, + "Station " MACSTR " trying to disassociate, but it is not associated", + MAC2STR(mgmt->sa)); + return; + } + + if (hostapd_ml_handle_disconnect(hapd, sta, mgmt, true)) + return; + + hostapd_disassoc_sta(hapd, sta, mgmt); +} + + static void handle_deauth(struct hostapd_data *hapd, const struct ieee80211_mgmt *mgmt, size_t len) { @@ -5538,10 +5705,6 @@ static void handle_deauth(struct hostapd_data *hapd, return; } - wpa_msg(hapd->msg_ctx, MSG_DEBUG, "deauthentication: STA=" MACSTR - " reason_code=%d", - MAC2STR(mgmt->sa), le_to_host16(mgmt->u.deauth.reason_code)); - /* Clear the PTKSA cache entries for PASN */ ptksa_cache_flush(hapd->ptksa, mgmt->sa, WPA_CIPHER_NONE); @@ -5553,19 +5716,10 @@ static void handle_deauth(struct hostapd_data *hapd, return; } - ap_sta_set_authorized(hapd, sta, 0); - sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; - sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | - WLAN_STA_ASSOC_REQ_OK); - hostapd_set_sta_flags(hapd, sta); - wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); - hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, - HOSTAPD_LEVEL_DEBUG, "deauthenticated"); - mlme_deauthenticate_indication( - hapd, sta, le_to_host16(mgmt->u.deauth.reason_code)); - sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST; - ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); - ap_free_sta(hapd, sta); + if (hostapd_ml_handle_disconnect(hapd, sta, mgmt, false)) + return; + + hostapd_deauth_sta(hapd, sta, mgmt); } From patchwork Wed Feb 15 23:08:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743174 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=n0dahOHY; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=DXHjw/jJ; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDrW6ntjz23h0 for ; Thu, 16 Feb 2023 10:32:27 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=5wnhSzfIx9EwGmQy+F6wsU65Rbc3gqUQmBWVkErwDMI=; b=n0dahOHYlTHFMP SfNc5UEG5UlKDezugTZqmsGoT9iSWolAuDKbU7a4m/bPJawqFLT5UcAhbd+UDVnO7ACWmN3dvSN7i bYPoBb1OJ+f816Ei6EzR5hbB1SVOsJE4q9WR/rUltXOHTRBuqIz1pfXWJloko2ORS4XxMcf16Y8UA zT1Vto/ds1ukjV7d8f/IbdUsqUX+nQPjQ+S+HAsy8rfxQiiYCgWgJq/9YhlT4RWA6yfmwdeRl5tWr g6dT5mFXToMr8580TRQNFDiue6MpKSfTLRxQYh4dyzTVvgVIuG3ZYyeyMgmuJ41IsSx5Oz5A/uhU2 5zRS3wFPQ/gHD15XzQQQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRFO-007sdo-Pw; Wed, 15 Feb 2023 23:31:35 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuY-007lSi-Gy for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:04 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502602; x=1708038602; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=JwvVbd8S3RM+GzLdn5jlC4Xi++0VlKwn8yV8iVTgl/4=; b=DXHjw/jJ7O3QFNwhjU0/4AUy9I68meTpkC7yrymWDZEg08pRDJ6O6RCu +Ds30dHEZLSlKKgMIELDBW5bJsMSVML085Olh8IMaKwaL1xVDuj4qczqE EoYyjOO2J5biHZMH9wyxWBez61RUKPbsNNL4Tac2j0HEF0tdbPXf+mwKc yUxm0Tl+cmF+0IU+RQ3ytWriSWibtYA+UUYoWVe+F3PokOT1S1r0yR5d7 lCBIVNPn/r5FqM9MeLmIGeTL2gd1oqx02GrHacqPpUdhv91M9fZHnN+n2 UKerub3yGdSfY+x7BAgA/JeSoeATw7t5ory4VpkA9w3Q1aAL144aLqQyG w==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719701" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719701" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:02 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344307" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344307" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:00 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 26/50] AP: MLO: Handle 802.1X port authorization Date: Thu, 16 Feb 2023 01:08:40 +0200 Message-Id: <20230215230904.933291-27-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151002_714869_798C8A6C X-CRM114-Status: GOOD ( 16.32 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Handle 802.1X port authorization in the context of MLO. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 2 +- src/ap/ieee802_11.h | 1 + src/ap/ieee802_1x.c | 86 [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Handle 802.1X port authorization in the context of MLO. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 2 +- src/ap/ieee802_11.h | 1 + src/ap/ieee802_1x.c | 86 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 88 insertions(+), 1 deletion(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 8dba283758..10af54b484 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -4391,7 +4391,7 @@ out: sizeof(link->resp_sta_profile)); } -static bool hostapd_is_mld_ap(struct hostapd_data *hapd) +bool hostapd_is_mld_ap(struct hostapd_data *hapd) { if (!hapd->conf->mld_ap) return false; diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h index 022f5e9918..d7420cadc9 100644 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h @@ -233,4 +233,5 @@ u8 * hostapd_eid_mbssid(struct hostapd_data *hapd, u8 *eid, u8 *end, u8 **elem_offset, const u8 *known_bss, size_t known_bss_len); +bool hostapd_is_mld_ap(struct hostapd_data *hapd); #endif /* IEEE802_11_H */ diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c index e5bd1aba70..0e3d1772a2 100644 --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c @@ -104,6 +104,90 @@ static void ieee802_1x_send(struct hostapd_data *hapd, struct sta_info *sta, } +#ifdef CONFIG_IEEE80211BE + +static void ieee802_1x_ml_set_link_sta_auth(struct hostapd_data *hapd, + struct sta_info *sta, + bool authorized) +{ + int res; + + if (sta->flags & WLAN_STA_PREAUTH) + return; + + ap_sta_set_authorized(hapd, sta, !!authorized); + res = hostapd_set_authorized(hapd, sta, !!authorized); + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X, + HOSTAPD_LEVEL_DEBUG, "%sauthorizing port", + authorized ? "" : "un"); + + if (res) { + wpa_printf(MSG_DEBUG, + "MLD: Could not set station " MACSTR " flags", + MAC2STR(sta->addr)); + } + + if (authorized) { + os_get_reltime(&sta->connected_time); + accounting_sta_start(hapd, sta); + } +} + +#endif /* CONFIG_IEEE80211BE */ + + +static void ieee802_1x_ml_set_sta_authorized(struct hostapd_data *hapd, + struct sta_info *sta, + bool authorized) +{ +#ifdef CONFIG_IEEE80211BE + u8 i, link_id; + + if (!hostapd_is_mld_ap(hapd)) + return; + + /* + * Authorizing the station should be done only in the station + * performing the association + */ + if (authorized && hapd->conf->mld_link_id != sta->mld_assoc_link_id) + return; + + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + struct mld_link_info *link = &sta->mld_info.links[link_id]; + + if (!link->valid) + continue; + + for (i = 0; i < hapd->iface->interfaces->count; i++) { + struct sta_info *tmp_sta; + struct hostapd_data *tmp_hapd = + hapd->iface->interfaces->iface[i]->bss[0]; + + if (tmp_hapd->conf->mld_ap || + hapd->conf->mld_id != tmp_hapd->conf->mld_id) + continue; + + for (tmp_sta = tmp_hapd->sta_list; tmp_sta; + tmp_sta = tmp_sta->next) { + if (tmp_sta == sta || + tmp_sta->mld_assoc_link_id != + sta->mld_assoc_link_id || + tmp_sta->aid != sta->aid) + continue; + + ieee802_1x_ml_set_link_sta_auth(tmp_hapd, + tmp_sta, + authorized); + break; + } + } + } +#endif /* CONFIG_IEEE80211BE */ +} + + + void ieee802_1x_set_sta_authorized(struct hostapd_data *hapd, struct sta_info *sta, int authorized) { @@ -134,6 +218,8 @@ void ieee802_1x_set_sta_authorized(struct hostapd_data *hapd, os_get_reltime(&sta->connected_time); accounting_sta_start(hapd, sta); } + + ieee802_1x_ml_set_sta_authorized(hapd, sta, !!authorized); } From patchwork Wed Feb 15 23:08:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743175 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=f5JnXymA; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=Hge4P5MU; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDsl13VLz23h0 for ; Thu, 16 Feb 2023 10:33:31 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=zTzBU7qFU24wWhvROTvcedZ6HLOhE7r68kus+6OZn2Y=; b=f5JnXymAdJa7VQ eSzg/L/gwFEiJKKSoiR/oZZAcAPzxYMbLmwEU6yrXZ68Wq6SEdEUXsFpWOPvAFbent6q1KKmiW/Hm OTAQzEE90W09CYkozXmh4y3q4VsOHuqV0EoWkrrNjzBpAWhMTXNv+tFgDcoqo05XbDG+jjkN0gwoX UCcZMHT5AKZDK2SeZYfVj39sbwBc7Z9DkrNY5Bx7+/aTAuPghQlRsynu12wk5aMQ7IRWQRlnrkVzx 4kSM/FbrWVctVAQhVkzGT5dlWjSr2E3MOQI47vCqTr325WEfXn03mHTb+Ak/0GbcSNm5HQL1y9bej D+PrwZHVpuUY3b5tIUtw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRGR-007sxH-1A; Wed, 15 Feb 2023 23:32:39 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQua-007lTE-4N for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:05 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502604; x=1708038604; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Fl6oCmduBPbDGDfXYvBSrPe3jFMkQC2fQpXMJm1XsiQ=; b=Hge4P5MUPGOrt/RhGWjhB1r1qYOx/8NRE2enm8QhkjxhU6X46TfraixY awrJN2GTNAEbIuK8fEKWjYx1jSIJj3zZxgjFWCMt9JAFcVJY1FWbzwl+P nQihpehiES3hS7AvjdCn8f5b7ODis32/gK6Gvk0Du4oG3p1ge7JZwxX7J Jkspfkfxo5EV0oIaSuj2SJCPeTsoA7x7I+samvcmrtijMZrl0kHNVK5OM DpASfLK8l2eShG5J2sEhhqMyR0Re06d+weSvSUOCezfcUYajH74Vtq45P asCVYrm5+l6RxqNmsmujZKW3BlKyctQr3rn9x+IPq75phg37WiuV4ESfs g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719712" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719712" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:03 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344347" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344347" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:02 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 27/50] driver: Specify link ID for 'send_mlme' and 'sta_deauth' callbacks Date: Thu, 16 Feb 2023 01:08:41 +0200 Message-Id: <20230215230904.933291-28-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151004_274443_39CF0C55 X-CRM114-Status: GOOD ( 20.60 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer So the driver would know on which link it should transmit the frames. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 20 ++++++++++++++++++-- src/drivers/driver.h | 9 ++++++- [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer So the driver would know on which link it should transmit the frames. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 20 ++++++++++++++++++-- src/drivers/driver.h | 9 ++++++--- src/drivers/driver_nl80211.c | 28 ++++++++++++++++------------ wpa_supplicant/driver_i.h | 4 ++-- 4 files changed, 42 insertions(+), 19 deletions(-) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index 4aaed156d0..33b258e6fe 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -758,20 +758,36 @@ int hostapd_drv_send_mlme(struct hostapd_data *hapd, const u16 *csa_offs, size_t csa_offs_len, int no_encrypt) { + int link_id = -1; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + link_id = hapd->conf->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ + if (!hapd->driver || !hapd->driver->send_mlme || !hapd->drv_priv) return 0; return hapd->driver->send_mlme(hapd->drv_priv, msg, len, noack, 0, - csa_offs, csa_offs_len, no_encrypt, 0); + csa_offs, csa_offs_len, no_encrypt, 0, + link_id); } int hostapd_drv_sta_deauth(struct hostapd_data *hapd, const u8 *addr, int reason) { + int link_id = -1; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + link_id = hapd->conf->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ + + if (!hapd->driver || !hapd->driver->sta_deauth || !hapd->drv_priv) return 0; return hapd->driver->sta_deauth(hapd->drv_priv, hapd->own_addr, addr, - reason); + reason, link_id); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 38722f5db4..e838b54ae0 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -3206,12 +3206,14 @@ struct wpa_driver_ops { * @no_encrypt: Do not encrypt frame even if appropriate key exists * (used only for testing purposes) * @wait: Time to wait off-channel for a response (in ms), or zero + * @link_id: Link ID to use for TX, or -1 if not set * Returns: 0 on success, -1 on failure */ int (*send_mlme)(void *priv, const u8 *data, size_t data_len, int noack, unsigned int freq, const u16 *csa_offs, size_t csa_offs_len, int no_encrypt, - unsigned int wait); + unsigned int wait, + int link_id); /** * update_ft_ies - Update FT (IEEE 802.11r) IEs @@ -3513,14 +3515,15 @@ struct wpa_driver_ops { * @priv: Private driver interface data * @own_addr: Source address and BSSID for the Deauthentication frame * @addr: MAC address of the station to deauthenticate - * @reason: Reason code for the Deauthentiation frame + * @reason: Reason code for the Deauthentication frame + * @link_id: Link ID to use for Deauthentication, or -1 if not set * Returns: 0 on success, -1 on failure * * This function requests a specific station to be deauthenticated and * a Deauthentication frame to be sent to it. */ int (*sta_deauth)(void *priv, const u8 *own_addr, const u8 *addr, - u16 reason); + u16 reason, int link_id); /** * sta_disassoc - Disassociate a station (AP only) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 0987f11677..a728799f64 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4147,7 +4147,8 @@ static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, int offchanok, unsigned int wait_time, const u16 *csa_offs, - size_t csa_offs_len, int no_encrypt) + size_t csa_offs_len, int no_encrypt, + int link_id) { struct wpa_driver_nl80211_data *drv = bss->drv; struct ieee80211_mgmt *mgmt; @@ -4155,6 +4156,7 @@ static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, u16 fc; int use_cookie = 1; int res; + struct i802_link *link = nl80211_get_link(bss, link_id); mgmt = (struct ieee80211_mgmt *) data; fc = le_to_host16(mgmt->frame_control); @@ -4253,14 +4255,14 @@ static int wpa_driver_nl80211_send_mlme(struct i802_bss *bss, const u8 *data, } if (freq == 0) { wpa_printf(MSG_DEBUG, "nl80211: send_mlme - Use bss->freq=%u", - bss->flink->freq); - freq = bss->flink->freq; + link->freq); + freq = link->freq; } if (drv->use_monitor && is_ap_interface(drv->nlmode)) { wpa_printf(MSG_DEBUG, "nl80211: send_frame(freq=%u bss->freq=%u) -> send_monitor", - freq, bss->flink->freq); + freq, link->freq); return nl80211_send_monitor(drv, data, data_len, encrypt, noack); } @@ -7922,14 +7924,15 @@ static int i802_sta_clear_stats(void *priv, const u8 *addr) static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr, - u16 reason) + u16 reason, int link_id) { struct i802_bss *bss = priv; struct wpa_driver_nl80211_data *drv = bss->drv; struct ieee80211_mgmt mgmt; u8 channel; + struct i802_link *link = nl80211_get_link(bss, link_id); - if (ieee80211_freq_to_chan(bss->flink->freq, &channel) == + if (ieee80211_freq_to_chan(link->freq, &channel) == HOSTAPD_MODE_IEEE80211AD) { /* Deauthentication is not used in DMG/IEEE 802.11ad; * disassociate the STA instead. */ @@ -7952,7 +7955,7 @@ static int i802_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr, return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt, IEEE80211_HDRLEN + sizeof(mgmt.u.deauth), 0, 0, 0, 0, - 0, NULL, 0, 0); + 0, NULL, 0, 0, -1); } @@ -7979,7 +7982,7 @@ static int i802_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr, return wpa_driver_nl80211_send_mlme(bss, (u8 *) &mgmt, IEEE80211_HDRLEN + sizeof(mgmt.u.disassoc), 0, 0, 0, 0, - 0, NULL, 0, 0); + 0, NULL, 0, 0, -1); } @@ -8851,7 +8854,7 @@ static int wpa_driver_nl80211_send_action(struct i802_bss *bss, !drv->use_monitor)) ret = wpa_driver_nl80211_send_mlme(bss, buf, 24 + data_len, 0, freq, no_cck, offchanok, - wait_time, NULL, 0, 0); + wait_time, NULL, 0, 0, -1); else ret = nl80211_send_frame_cmd(bss, freq, wait_time, buf, 24 + data_len, @@ -9943,7 +9946,7 @@ static void nl80211_send_null_frame(struct i802_bss *bss, const u8 *own_addr, os_memcpy(nulldata.hdr.IEEE80211_SA_FROMDS, own_addr, ETH_ALEN); if (wpa_driver_nl80211_send_mlme(bss, (u8 *) &nulldata, size, 0, 0, 0, - 0, 0, NULL, 0, 0) < 0) + 0, 0, NULL, 0, 0, -1) < 0) wpa_printf(MSG_DEBUG, "nl80211_send_null_frame: Failed to " "send poll frame"); } @@ -10292,12 +10295,13 @@ static int driver_nl80211_send_mlme(void *priv, const u8 *data, size_t data_len, int noack, unsigned int freq, const u16 *csa_offs, size_t csa_offs_len, - int no_encrypt, unsigned int wait) + int no_encrypt, unsigned int wait, + int link_id) { struct i802_bss *bss = priv; return wpa_driver_nl80211_send_mlme(bss, data, data_len, noack, freq, 0, 0, wait, csa_offs, - csa_offs_len, no_encrypt); + csa_offs_len, no_encrypt, link_id); } diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index dd9858d59e..f23f78064e 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -202,7 +202,7 @@ static inline int wpa_drv_sta_deauth(struct wpa_supplicant *wpa_s, if (wpa_s->driver->sta_deauth) { return wpa_s->driver->sta_deauth(wpa_s->drv_priv, wpa_s->own_addr, addr, - reason_code); + reason_code, -1); } return -1; } @@ -328,7 +328,7 @@ static inline int wpa_drv_send_mlme(struct wpa_supplicant *wpa_s, if (wpa_s->driver->send_mlme) return wpa_s->driver->send_mlme(wpa_s->drv_priv, data, data_len, noack, - freq, NULL, 0, 0, wait); + freq, NULL, 0, 0, wait, -1); return -1; } From patchwork Wed Feb 15 23:08:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743176 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=IVezU5ay; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=g3nYaNNm; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDvW2Fhjz23h0 for ; Thu, 16 Feb 2023 10:35:03 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=Lv/lTSYN5HZFdvgMovYCD4/Lf8IwZ8M+VQJxig/RaFo=; b=IVezU5ayrYEqT2 kq8CxKj5BvhBcudubZVGNxIvsEUB3lYj05KsPjyqCHx6YK/sNNG+7R5YeUBCgru5WpIg/ZX1n61TX DBHjuYqDyDN0oxwE8atS66N2RYIUzcpc29YfQbUWkuyiIatvs+Ps08WzW5jYr+PHajxmBjKXfrhYR MVIWCSdgEneMixlhZaEPq4GFjILv4XyDz0F5eYcInMAGBWfwmED0geFcb0rcgAAG80WWOPUq+u2A8 lL7DDDvnEYyQsu614+wvUboMVy2rhCw91toGHzY7CiH/++MrceqHNftlTPpQa5RECZTuiLb124U6s ef6TysTLWmF7gzGXROvg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRHp-007tN3-Qg; Wed, 15 Feb 2023 23:34:06 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQub-007lSi-Dv for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:06 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502605; x=1708038605; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=RD8M/Crs/8Y3UMgLCpCnALzk78hTwouNqURh1uIZQiE=; b=g3nYaNNmh5gtJO6ni6CVL/bonML3hg3ig0knoy4tNga3dq2DVlXI0rkk CRT8HFomXXn1d0A9SWH96zZtPEjf8cft1uwQNkzPXx0BBJaIjD2uK1Z8b iUM4Bc+vBd89zOzJxA7t6gfhhoCiyq2bqBW9JRwr17Ed0hyGd5UJVY0d9 Pp7BR1WlJH14BLf4l2rMc9NmA7OpbSqJEgBevpoHq9z0rfg3ImRm5zk4N zQPZhArCuHIMkjgZ7RPiYh9xB8+icxtW1iFFLfsFatTPh7x0MT6cKQM2a +US1Nv88Lv5qdPYshoo1AUZkhSftzojlEzROscFKbAbsXZnzsQj8xvYbI A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719719" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719719" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:05 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344372" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344372" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:03 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH 28/50] AP: Do not prune station when adding a link station Date: Thu, 16 Feb 2023 01:08:42 +0200 Message-Id: <20230215230904.933291-29-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151005_559577_4186B2B8 X-CRM114-Status: GOOD ( 13.49 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer As otherwise the original station would be pruned. Signed-off-by: Ilan Peer --- src/ap/hostapd.c | 12 +++++++++++- src/ap/hostapd.h | 3 ++- src/ap/utils.c | 14 +++++++++++++- 3 files changed, 26 insertions(+), 3 deletions(-) Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer As otherwise the original station would be pruned. Signed-off-by: Ilan Peer --- src/ap/hostapd.c | 12 +++++++++++- src/ap/hostapd.h | 3 ++- src/ap/utils.c | 14 +++++++++++++- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index a47acd2506..e9902639f0 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -3358,13 +3358,23 @@ int hostapd_remove_iface(struct hapd_interfaces *interfaces, char *buf) void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta, int reassoc) { + s8 mld_assoc_link_id = -1; + if (hapd->tkip_countermeasures) { hostapd_drv_sta_deauth(hapd, sta->addr, WLAN_REASON_MICHAEL_MIC_FAILURE); return; } - hostapd_prune_associations(hapd, sta->addr); +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && sta->mld_info.mld_sta) { + mld_assoc_link_id = sta->mld_assoc_link_id; + if (sta->mld_assoc_link_id != hapd->conf->mld_link_id) + return; + } +#endif /* CONFIG_IEEE80211BE */ + + hostapd_prune_associations(hapd, sta->addr, mld_assoc_link_id); ap_sta_clear_disconnect_timeouts(hapd, sta); sta->post_csa_sa_query = 0; diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h index 6c0cece36e..3f03b6d91a 100644 --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h @@ -712,7 +712,8 @@ int hostapd_register_probereq_cb(struct hostapd_data *hapd, const u8 *ie, size_t ie_len, int ssi_signal), void *ctx); -void hostapd_prune_associations(struct hostapd_data *hapd, const u8 *addr); +void hostapd_prune_associations(struct hostapd_data *hapd, const u8 *addr, + s8 mld_assoc_link_id); /* drv_callbacks.c (TODO: move to somewhere else?) */ void hostapd_notify_assoc_fils_finish(struct hostapd_data *hapd, diff --git a/src/ap/utils.c b/src/ap/utils.c index bedad6eb02..1c42506a9b 100644 --- a/src/ap/utils.c +++ b/src/ap/utils.c @@ -43,6 +43,7 @@ int hostapd_register_probereq_cb(struct hostapd_data *hapd, struct prune_data { struct hostapd_data *hapd; const u8 *addr; + s8 mld_assoc_link_id; }; static int prune_associations(struct hostapd_iface *iface, void *ctx) @@ -72,6 +73,12 @@ static int prune_associations(struct hostapd_iface *iface, void *ctx) if (!osta) continue; +#ifdef CONFIG_IEEE80211BE + if (data->mld_assoc_link_id >= 0 && + osta->mld_assoc_link_id == data->mld_assoc_link_id) + continue; +#endif /* CONFIG_IEEE80211BE */ + wpa_printf(MSG_INFO, "%s: Prune association for " MACSTR, ohapd->conf->iface, MAC2STR(osta->addr)); ap_sta_disassociate(ohapd, osta, WLAN_REASON_UNSPECIFIED); @@ -84,15 +91,20 @@ static int prune_associations(struct hostapd_iface *iface, void *ctx) * hostapd_prune_associations - Remove extraneous associations * @hapd: Pointer to BSS data for the most recent association * @addr: Associated STA address + * @mld_assoc_link_id: MLD link id used for association or -1 for non MLO * * This function looks through all radios and BSS's for previous * (stale) associations of STA. If any are found they are removed. */ -void hostapd_prune_associations(struct hostapd_data *hapd, const u8 *addr) +void hostapd_prune_associations(struct hostapd_data *hapd, const u8 *addr, + s8 mld_assoc_link_id) { struct prune_data data; + data.hapd = hapd; data.addr = addr; + data.mld_assoc_link_id = mld_assoc_link_id; + if (hapd->iface->interfaces && hapd->iface->interfaces->for_each_interface) hapd->iface->interfaces->for_each_interface( From patchwork Wed Feb 15 23:08:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743177 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=LrkLsRyZ; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=jpBZPdKH; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDwk14dnz23yD for ; Thu, 16 Feb 2023 10:36:06 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=9rOchnXTIAEKU8miFYzmn7eTGD2cVAJmOLm19uL32ss=; b=LrkLsRyZ373ta9 Jdd0/qpQo/2yJlOGa6cQ3rZ9y0uJcZxejzkxrA6zYit9TO00OgPiX2WolTBI/kEe+lIVTRMCwr84s YL5FsKhVHekRlWMCdQXd8SsKzp3kLRIfBW1URoJy33qaxGGG/CanmRl+tAUPGyz+eM6U0j1lmasP1 15O8mwOEEj856ks+yil8yuds4uMB4bxi1HLwqqGjgG6Xs9LLAh0ZtCvLgCaoho394BlWDXNsPtzvw qTPuU2oZWDt4Yku5Q4s5+28ANRpqAdL3bBU8+tiiOLCiKUMvK4uYXRpMa1/W8FxWy3Z3ZT8qAMM/b wewMOj2fzo+PHawVrw7w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRIx-007tkD-WE; Wed, 15 Feb 2023 23:35:16 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuc-007lTE-Pz for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:08 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502606; x=1708038606; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=djyJhVoXGodHn/Z/C3ZD+oBQXj3ZKuNTDd0osy/3Gfk=; b=jpBZPdKHv+q2GPWZGlvxTheryWO6DryaD7IfDD9OIITLMlzprtJXspRl hu9xddxt6Bli5qNtB2au4/wbGR1RnoDY/KCn4xYYXoaFPiPsRxiZ0yNJx TiwnzvXsQEJkqVK6UyZ5PtmZA4WjSB/BpH41dpiwrDCoBLEJMJptFJ2Q1 u5ugsZuqubCSqhhsbkGkqcXe84fCLugeMQv6Z+4CWwV95Z//u16hfoqg0 z9ecc6iKW2NsmssS/ArzwxE0MdbRatyb5FcHIdh+yl2WaqxZqXh4QLAlC Rio1y0LUhfMbVQbAB6LDUIjkIHU7+6p0EiOjZzZUojXXSylV4hr0HpgEw g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719728" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719728" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:06 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344413" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344413" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:05 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH 29/50] AP: Handle TX status for MLD AP Date: Thu, 16 Feb 2023 01:08:43 +0200 Message-Id: <20230215230904.933291-30-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151006_922610_EA1869D1 X-CRM114-Status: GOOD ( 11.98 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/drv_callbacks.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c index 5869d71f44..8dc4ad1ffb 100644 --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c @@ -1534,12 +1534,26 @@ static void hostapd_m [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/drv_callbacks.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c index 5869d71f44..8dc4ad1ffb 100644 --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c @@ -1534,12 +1534,26 @@ static void hostapd_mgmt_tx_cb(struct hostapd_data *hapd, const u8 *buf, size_t len, u16 stype, int ok) { struct ieee80211_hdr *hdr; - struct hostapd_data *orig_hapd = hapd; + struct hostapd_data *orig_hapd = hapd, *tmp_hapd; hdr = (struct ieee80211_hdr *) buf; - hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len)); - if (!hapd) - return; + tmp_hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len)); + if (tmp_hapd) { + hapd = tmp_hapd; + } else { + bool mld_ap_match = false; + +#ifdef CONFIG_IEEE80211BE + mld_ap_match = (hapd->conf->mld_ap && + !os_memcmp(hapd->mld_addr, + get_hdr_bssid(hdr, len), + ETH_ALEN)); +#endif /* CONFIG_IEEE80211BE */ + + if (!mld_ap_match) + return; + } + if (hapd == HAPD_BROADCAST) { if (stype != WLAN_FC_STYPE_ACTION || len <= 25 || buf[24] != WLAN_ACTION_PUBLIC) From patchwork Wed Feb 15 23:08:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743178 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ltyAsPIv; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=GJHCH/bA; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDy35Spvz23yD for ; Thu, 16 Feb 2023 10:37:15 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=I8EUN+sN6Tcp+iO0GXH0jDYocXV3tZKuZ5+NhCAfhcQ=; b=ltyAsPIv8BAviT xXtF1njFeExD8PraighV7gYh9LrB5y8ph4cBOd88zjFTKUzi+pD8Ao/EmM5Nnf4opCJ3rEtPVOezG 71+cVvdIksYxGYtvXWkdDj+6Vjex/sP6CTbY14iIZ+7P1Kckpgpxq4WMrEAOor15LGA63rID0Pfof YxciSojsBHp6ZYg0OrsX3odKIMwd2/0CnCIPkybXDJmbb/VHZChEC2ciQMsLcCWEK+7mi6RCp2aw+ lr/dORQYGQTuDkqBrPnu0K6lMuGXSG+ve1SFy2CjjtHNECz15VUUr4pMDhjxF4XJAzH6vZde+WziZ JCqmSZ//UbgGUgzKDhZA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRK3-007u5O-EE; Wed, 15 Feb 2023 23:36:23 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQue-007lWG-Sy for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:10 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502608; x=1708038608; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Rofv8IJKbFbjy+2xfBflw0Nh+OakGpsC6sWcI43mRVs=; b=GJHCH/bA0MUDeO3lCgUOaHGu4pdiNrKSXD2ei8kEjw00i29oajzDBfKW ZW4comCwmHXVNlb7VJ4bhKvrlNPwe2bGC0A7Disi+5EuBRg+nUJVhJ+Aw XLYB9M4MjV7FuQ5qbypgB+WQy0J3lbp/mRgAbZMggsj9gOH6lK0rEmACH CavyOv0+eeUP9GSKbehjhIdSuYpCKUjlmJbnD/AxvoR7GWdiTEzOnhrdD KmuGX+RjThSOJRRRqO+aKcRTdMdmM06kCYcyGJas4lMss/iG3PYIHiDqu 2EwVJ6zmFH1qdFqAzmqhG2rJOHDwDl0mQ1NU367rPUsse/J6JTl+t6iQK Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719736" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719736" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:08 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344439" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344439" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:06 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 30/50] AP: Print MLD info in STATUS command Date: Thu, 16 Feb 2023 01:08:44 +0200 Message-Id: <20230215230904.933291-31-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151009_022022_EFB190AE X-CRM114-Status: UNSURE ( 8.64 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- src/ap/ctrl_iface_ap.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/ap/ctrl_iface_ap.c b/src/ap/ctrl_iface_ap.c index 168e5f507b..bd2716e4e5 100644 --- a/src/ap/ctrl_iface_ap.c +++ b/src/ap/ctrl_iface_ap.c @@ -899,6 +899,21 @@ int hostapd_ctrl_iface_s [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- src/ap/ctrl_iface_ap.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/ap/ctrl_iface_ap.c b/src/ap/ctrl_iface_ap.c index 168e5f507b..bd2716e4e5 100644 --- a/src/ap/ctrl_iface_ap.c +++ b/src/ap/ctrl_iface_ap.c @@ -899,6 +899,21 @@ int hostapd_ctrl_iface_status(struct hostapd_data *hapd, char *buf, if (os_snprintf_error(buflen - len, ret)) return len; len += ret; +#ifdef CONFIG_IEEE80211BE + if (bss->conf->mld_ap) { + ret = os_snprintf(buf + len, buflen - len, + "mld_addr[%d]=" MACSTR "\n" + "mld_id[%d]=%d\n" + "mld_link_id[%d]=%d\n", + (int)i, MAC2STR(bss->mld_addr), + (int)i, bss->conf->mld_id, + (int)i, bss->conf->mld_link_id); + if (os_snprintf_error(buflen - len, ret)) + return len; + len += ret; + } +#endif /* CONFIG_IEEE80211BE */ + } if (hapd->conf->chan_util_avg_period) { From patchwork Wed Feb 15 23:08:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743179 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=kxUpiqfM; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=LxeXvKIm; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHDzY68BMz23yD for ; Thu, 16 Feb 2023 10:38:33 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=f9D+uG4EVC88A3lnrDEWmVdFrjy+tznF+h4Gy94dRwM=; b=kxUpiqfMdL9tT0 ZpoqwrWEWcg04N8xlh5dBJbspR5KqcvomA5RzPxjUVw9cpPQyx5pkbg2dPKw71AzqOgHOWHlyUR4O 8hYGHlUo0MuwPBF2UlDZW7LCHmf1FaC8fQm7SBOMtu7McqF9VCbgjzMzSJ/RbG6D2G/FDBs0MjDpy hyU4f5YupVTOGbznaCtdP2MNq/Lr16/znawgFGbSVyvkpQPDrLAN/E9DAtl0cvb+Y+bKopoSy0Ack YH9fw8pGPMCLSMDFmWa4gkIp8KXiku5LDQT3tv03Q0e3nFE7BxxSNAqCvrdU0X1KkBwPrBqB/taja z5VbfAVWT2oFv8XfAVBA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRLC-007uTg-EX; Wed, 15 Feb 2023 23:37:34 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQug-007lWY-80 for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:12 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502610; x=1708038610; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=pGef5zVl6Nyjei0CSmqDpIRU7uNjUF/XUiAHYH7sc2I=; b=LxeXvKIm91IX7IG7v+7rltfXEDu3Eo6if/WDZBr/Zb0d9e+YGh0qrAEl a0xw0BjlBFtVcdDWScrlKY0ii98mVXBOZJXUdhkovHySCKJIEFTHwG2oV nqHOi3pVn2ljERzoTt6MsmoJY+eNVL6/MMgfopYhYW9T3Tr8ERWSB2gFk g5zroWxg0HKdDw8+1Ym181zX6wfAHYoorruiMrnJm4gCDMKxugPeDtPT6 zh6Iuz7NDOZLPXRQzV34QUrsMU9XIcdk861wTIZ/xustNykMzKZdeuQgz eG00zhu+/XjHrF5pub0w6LMAvZcKhW3F5Xv4A5VN7IfK4crGc12jRDqbs Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719742" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719742" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:09 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344446" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344446" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:08 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 31/50] AP/wpa_supplicant/driver: Add link id to send eapol callbacks Date: Thu, 16 Feb 2023 01:08:45 +0200 Message-Id: <20230215230904.933291-32-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151010_363701_A238D85E X-CRM114-Status: GOOD ( 19.48 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: EAPOL frames may need to be transmitted from the link address and not MLD address. For example, in case of authentication between MLD AP and legacy STA. Add link_id parameter to eapol send API's. Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.h | 4 ++-- src/ap/ieee802_1x.c | 7 ++++++- src/ap/wpa_auth_glue.c | 15 +++++++++++++-- src/drivers/driver.h [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org EAPOL frames may need to be transmitted from the link address and not MLD address. For example, in case of authentication between MLD AP and legacy STA. Add link_id parameter to eapol send API's. Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.h | 4 ++-- src/ap/ieee802_1x.c | 7 ++++++- src/ap/wpa_auth_glue.c | 15 +++++++++++++-- src/drivers/driver.h | 6 ++++-- src/drivers/driver_nl80211.c | 12 ++++++++---- wpa_supplicant/driver_i.h | 9 +++++---- wpa_supplicant/ibss_rsn.c | 4 ++-- wpa_supplicant/wpas_glue.c | 2 +- 8 files changed, 41 insertions(+), 18 deletions(-) diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index 5b4b931736..29a6bdd770 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -195,13 +195,13 @@ static inline int hostapd_drv_sta_remove(struct hostapd_data *hapd, static inline int hostapd_drv_hapd_send_eapol(struct hostapd_data *hapd, const u8 *addr, const u8 *data, size_t data_len, int encrypt, - u32 flags) + u32 flags, int link_id) { if (hapd->driver == NULL || hapd->driver->hapd_send_eapol == NULL) return 0; return hapd->driver->hapd_send_eapol(hapd->drv_priv, addr, data, data_len, encrypt, - hapd->own_addr, flags); + hapd->own_addr, flags, link_id); } static inline int hostapd_drv_read_sta_data( diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c index 0e3d1772a2..c6cbf76a25 100644 --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c @@ -95,9 +95,14 @@ static void ieee802_1x_send(struct hostapd_data *hapd, struct sta_info *sta, if (sta->flags & WLAN_STA_PREAUTH) { rsn_preauth_send(hapd, sta, buf, len); } else { + int link = -1; + +#ifdef CONFIG_IEEE80211BE + link = hapd->conf->mld_ap ? hapd->conf->mld_link_id : -1; +#endif /* CONFIG_IEEE80211BE */ hostapd_drv_hapd_send_eapol( hapd, sta->addr, buf, len, - encrypt, hostapd_sta_flags_to_drv(sta->flags)); + encrypt, hostapd_sta_flags_to_drv(sta->flags), link); } os_free(buf); diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index a87d2f3899..9090ba7840 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -522,6 +522,11 @@ int hostapd_wpa_auth_send_eapol(void *ctx, const u8 *addr, struct hostapd_data *hapd = ctx; struct sta_info *sta; u32 flags = 0; + int link = -1; + +#ifdef CONFIG_IEEE80211BE + link = hapd->conf->mld_ap ? hapd->conf->mld_link_id : -1; +#endif #ifdef CONFIG_TESTING_OPTIONS if (hapd->ext_eapol_frame_io) { @@ -539,11 +544,17 @@ int hostapd_wpa_auth_send_eapol(void *ctx, const u8 *addr, #endif /* CONFIG_TESTING_OPTIONS */ sta = ap_get_sta(hapd, addr); - if (sta) + if (sta) { flags = hostapd_sta_flags_to_drv(sta->flags); +#ifdef CONFIG_IEEE80211BE + if (sta->mld_info.mld_sta && + (sta->flags & WLAN_STA_AUTHORIZED)) + link = -1; +#endif + } return hostapd_drv_hapd_send_eapol(hapd, addr, data, data_len, - encrypt, flags); + encrypt, flags, link); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index e838b54ae0..af59510c7b 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -3475,6 +3475,7 @@ struct wpa_driver_ops { * @buf: Frame payload starting from IEEE 802.1X header * @len: Frame payload length * @no_encrypt: Do not encrypt frame + * @link_id: Link ID to use for TX, or -1 if not set * * Returns 0 on success, else an error * @@ -3492,7 +3493,7 @@ struct wpa_driver_ops { */ int (*tx_control_port)(void *priv, const u8 *dest, u16 proto, const u8 *buf, size_t len, - int no_encrypt); + int no_encrypt, int link_id); /** * hapd_send_eapol - Send an EAPOL packet (AP only) @@ -3503,12 +3504,13 @@ struct wpa_driver_ops { * @encrypt: Whether the frame should be encrypted * @own_addr: Source MAC address * @flags: WPA_STA_* flags for the destination station + * @link_id: Link ID to use for TX, or -1 if not set * * Returns: 0 on success, -1 on failure */ int (*hapd_send_eapol)(void *priv, const u8 *addr, const u8 *data, size_t data_len, int encrypt, - const u8 *own_addr, u32 flags); + const u8 *own_addr, u32 flags, int link_id); /** * sta_deauth - Deauthenticate a station (AP only) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index a728799f64..112e59530e 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -5999,7 +5999,7 @@ static void nl80211_teardown_ap(struct i802_bss *bss) static int nl80211_tx_control_port(void *priv, const u8 *dest, u16 proto, const u8 *buf, size_t len, - int no_encrypt) + int no_encrypt, int link_id) { struct nl80211_ack_ext_arg ext_arg; struct i802_bss *bss = priv; @@ -6018,7 +6018,9 @@ static int nl80211_tx_control_port(void *priv, const u8 *dest, nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dest) || nla_put(msg, NL80211_ATTR_FRAME, len, buf) || (no_encrypt && - nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))) { + nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)) || + (link_id != NL80211_DRV_LINK_ID_NA && + nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))) { nlmsg_free(msg); return -ENOBUFS; } @@ -6076,7 +6078,8 @@ static const u8 rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 }; static int wpa_driver_nl80211_hapd_send_eapol( void *priv, const u8 *addr, const u8 *data, - size_t data_len, int encrypt, const u8 *own_addr, u32 flags) + size_t data_len, int encrypt, const u8 *own_addr, u32 flags, + int link_id) { struct i802_bss *bss = priv; struct wpa_driver_nl80211_data *drv = bss->drv; @@ -6091,7 +6094,8 @@ static int wpa_driver_nl80211_hapd_send_eapol( if (drv->control_port_ap && (drv->capa.flags & WPA_DRIVER_FLAGS_CONTROL_PORT)) return nl80211_tx_control_port(bss, addr, ETH_P_EAPOL, - data, data_len, !encrypt); + data, data_len, !encrypt, + link_id); if (drv->device_ap_sme || !drv->use_monitor) return nl80211_send_eapol_data(bss, addr, data, data_len); diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index f23f78064e..d6d4d5429b 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -372,23 +372,24 @@ static inline int wpa_drv_sta_remove(struct wpa_supplicant *wpa_s, static inline int wpa_drv_tx_control_port(struct wpa_supplicant *wpa_s, const u8 *dest, u16 proto, const u8 *buf, size_t len, - int no_encrypt) + int no_encrypt, int link_id) { if (!wpa_s->driver->tx_control_port) return -1; return wpa_s->driver->tx_control_port(wpa_s->drv_priv, dest, proto, - buf, len, no_encrypt); + buf, len, no_encrypt, link_id); } static inline int wpa_drv_hapd_send_eapol(struct wpa_supplicant *wpa_s, const u8 *addr, const u8 *data, size_t data_len, int encrypt, - const u8 *own_addr, u32 flags) + const u8 *own_addr, u32 flags, + int link_id) { if (wpa_s->driver->hapd_send_eapol) return wpa_s->driver->hapd_send_eapol(wpa_s->drv_priv, addr, data, data_len, encrypt, - own_addr, flags); + own_addr, flags, link_id); return -1; } diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c index 5b31f7bb0e..65284ab913 100644 --- a/wpa_supplicant/ibss_rsn.c +++ b/wpa_supplicant/ibss_rsn.c @@ -73,7 +73,7 @@ static int supp_ether_send(void *ctx, const u8 *dest, u16 proto, const u8 *buf, if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) return wpa_drv_tx_control_port(wpa_s, dest, proto, buf, len, - !encrypt); + !encrypt, -1); if (wpa_s->l2) return l2_packet_send(wpa_s->l2, dest, proto, buf, len); @@ -303,7 +303,7 @@ static int auth_send_eapol(void *ctx, const u8 *addr, const u8 *data, if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) return wpa_drv_tx_control_port(wpa_s, addr, ETH_P_EAPOL, - data, data_len, !encrypt); + data, data_len, !encrypt, -1); if (wpa_s->l2) return l2_packet_send(wpa_s->l2, addr, ETH_P_EAPOL, data, diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index e5a4053c83..262147ab18 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -118,7 +118,7 @@ int wpa_ether_send(struct wpa_supplicant *wpa_s, const u8 *dest, wpa_sm_has_ptk_installed(wpa_s->wpa); return wpa_drv_tx_control_port(wpa_s, dest, proto, buf, len, - !encrypt); + !encrypt, -1); } if (wpa_s->l2) { From patchwork Wed Feb 15 23:08:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743180 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=pFpKjyMH; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=OsV1mJLH; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHF0r1qcbz23yD for ; Thu, 16 Feb 2023 10:39:40 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=laojAgLiaFcEwTcr7FI2izJn7DlXKteAbWL36IGEOvA=; b=pFpKjyMHn7/qwG XpZ7oiN+VIAdnQoDXg3E8kf3D7f0cwCU9WD3bNPIvWrsIfhELY+9w/Uyp2bTMsvjyS9A/Qhr5+snY Z+kOg63NJCxOrlVC58t2YfH+eawuF+17fq6e+HLChrnVvH5TzAy01e7h8kBfrRHMaPprSDqA4whkn fTWvsmmVPE/01vAE7dr8kFuUGOf0AZLtELffXsdtUER/SAi1CWP8MElyU/He8XYOejtj+HRvW6lzP X9RqbuXZIiVfhZmTg7CRjom93muqqRt+I+flNw06evbrHH+og4ye6IIeqSS1kP6YN497otEi/Bx18 /pAlSqJA9sB8FiCtGKCA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRMO-007ut0-5X; Wed, 15 Feb 2023 23:38:48 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuh-007lWG-GA for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:13 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502611; x=1708038611; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=yTLO27Bj24G2Z/Q25bDRzRbi505yfQ/7ZWnZJLq5AWY=; b=OsV1mJLHGo7JMX4sq0zLax3IDnmT83brQPhgNWWxqUr8Vbi9Jzz5MY4t uK692EYpPCr/St/z4+S4hqGVk6XOF2epZKRrSEZsQdYl8cjLoDAYJRxm0 Myxt2i4mKmt0HCf4i0OpUr1yxXxrMFZWxEr1zPolMfL+KqE15ZAkdMMHi dksN1Ud3BoO0fkmhDddxUeYKQih/+BxZUFCkQXuxluoDsaEC+e92AY+OV w3ziWPYCrsjLdw+g5r2uXyg4eF1R78YyoDS5YPi0bbVY8JakRfxJe6zWO bDB4sXvGuN8oB0Dj3/38XBXbHnc3lgOBys4fs3JBKs05BgeQQ4L0M7w7B Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719746" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719746" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:11 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344456" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344456" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:09 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH 32/50] AP: Provide the link ID for an MLD setting when setting VLAN Date: Thu, 16 Feb 2023 01:08:46 +0200 Message-Id: <20230215230904.933291-33-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151011_641621_0010FD35 X-CRM114-Status: GOOD ( 16.77 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer This required modification to the driver interface and driver nl80211. Signed-off-by: Ilan Peer --- src/ap/ap_drv_ops.h | 5 +++-- src/ap/sta_info.c | 9 ++++++++- src/drivers/driver.h | 3 ++- src/drivers/driver_nl80211.c | 13 ++++++++----- 4 files ch [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer This required modification to the driver interface and driver nl80211. Signed-off-by: Ilan Peer --- src/ap/ap_drv_ops.h | 5 +++-- src/ap/sta_info.c | 9 ++++++++- src/drivers/driver.h | 3 ++- src/drivers/driver_nl80211.c | 13 ++++++++----- 4 files changed, 21 insertions(+), 9 deletions(-) diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index 29a6bdd770..2cd327a047 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -168,12 +168,13 @@ static inline int hostapd_drv_set_countermeasures(struct hostapd_data *hapd, static inline int hostapd_drv_set_sta_vlan(const char *ifname, struct hostapd_data *hapd, - const u8 *addr, int vlan_id) + const u8 *addr, int vlan_id, + s8 link_id) { if (hapd->driver == NULL || hapd->driver->set_sta_vlan == NULL) return 0; return hapd->driver->set_sta_vlan(hapd->drv_priv, addr, ifname, - vlan_id); + vlan_id, link_id); } static inline int hostapd_drv_get_inact_sec(struct hostapd_data *hapd, diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c index 6848aab3da..43af479043 100644 --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c @@ -1083,6 +1083,12 @@ int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta) struct hostapd_vlan *vlan = NULL; int ret; int old_vlanid = sta->vlan_id_bound; + s8 mld_link_id = -1; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + mld_link_id = hapd->conf->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ if ((sta->flags & WLAN_STA_WDS) && sta->vlan_id == 0) { wpa_printf(MSG_DEBUG, @@ -1140,7 +1146,8 @@ skip_counting: if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); - ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); + ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id, + mld_link_id); if (ret < 0) { hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "could not bind the STA " diff --git a/src/drivers/driver.h b/src/drivers/driver.h index af59510c7b..f545dd47c6 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -3719,6 +3719,7 @@ struct wpa_driver_ops { * @ifname: Interface (main or virtual BSS or VLAN) * @addr: MAC address of the associated station * @vlan_id: VLAN ID + * @link_id: The link ID or -1 for non-MLO * Returns: 0 on success, -1 on failure * * This function is used to bind a station to a specific virtual @@ -3728,7 +3729,7 @@ struct wpa_driver_ops { * domains to be used with a single BSS. */ int (*set_sta_vlan)(void *priv, const u8 *addr, const char *ifname, - int vlan_id); + int vlan_id, s8 link_id); /** * commit - Optional commit changes handler (AP only) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 112e59530e..6177482813 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -7872,7 +7872,7 @@ fail: static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr, - const char *ifname, int vlan_id) + const char *ifname, int vlan_id, s8 link_id) { struct wpa_driver_nl80211_data *drv = bss->drv; struct nl_msg *msg; @@ -7886,6 +7886,8 @@ static int i802_set_sta_vlan(struct i802_bss *bss, const u8 *addr, nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || (vlan_id && (drv->capa.flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD) && nla_put_u16(msg, NL80211_ATTR_VLAN_ID, vlan_id)) || + (link_id >= 0 && nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, + link_id)) || nla_put_u32(msg, NL80211_ATTR_STA_VLAN, if_nametoindex(ifname))) { nlmsg_free(msg); return -ENOBUFS; @@ -8144,7 +8146,7 @@ static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val, wpa_printf(MSG_ERROR, "nl80211: Failed to set WDS STA " "interface %s up", name); } - return i802_set_sta_vlan(priv, addr, name, 0); + return i802_set_sta_vlan(priv, addr, name, 0, -1); } else { if (bridge_ifname && linux_br_del_if(drv->global->ioctl_sock, bridge_ifname, @@ -8153,7 +8155,7 @@ static int i802_set_wds_sta(void *priv, const u8 *addr, int aid, int val, "nl80211: Failed to remove interface %s from bridge %s: %s", name, bridge_ifname, strerror(errno)); - i802_set_sta_vlan(priv, addr, bss->ifname, 0); + i802_set_sta_vlan(priv, addr, bss->ifname, 0, -1); nl80211_remove_iface(drv, if_nametoindex(name)); os_memset(&event, 0, sizeof(event)); event.wds_sta_interface.sta_addr = addr; @@ -10317,10 +10319,11 @@ static int driver_nl80211_sta_remove(void *priv, const u8 *addr) static int driver_nl80211_set_sta_vlan(void *priv, const u8 *addr, - const char *ifname, int vlan_id) + const char *ifname, int vlan_id, + s8 link_id) { struct i802_bss *bss = priv; - return i802_set_sta_vlan(bss, addr, ifname, vlan_id); + return i802_set_sta_vlan(bss, addr, ifname, vlan_id, link_id); } From patchwork Wed Feb 15 23:08:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743181 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=qzyKVaem; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=Bq6CcZdR; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHF1x3VJBz23j7 for ; Thu, 16 Feb 2023 10:40:37 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=BCEgOOya9HD2saZfxaevRHTW8q0COoS0dqSKXd6WiLU=; b=qzyKVaemT75247 G1M5+yFpmfA40PDzs6nepwCAL3+lrvhEtcuPwA1vP6tT9o4bmuyzBisK9JiqPwbaBx6uY/v1tiWrn CqjlJ0F7RxIMccL99QDte0Wi2h2juBN1ze+uDn7FMgpn2HCpJyzhcLDfotgHhSkwGZD9lAvFVTqDD Dk5f3Qa//blauPJjDKuIsVs0K1JMVO5Bb7/L/owogyNPDrbKnbjLQ9jN6gyvVry18XE3RloBzS0dQ ZcgmldAeC2s6ReXXdLRc98QixO/MJDKmHBBcyeNUF1g+3jRekjtGLXj7Y7Vv/a/2QCO6KZySap/vy UeNCoUuHeMN4OUwIC2iQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRNL-007vBe-05; Wed, 15 Feb 2023 23:39:47 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQui-007lWY-Vu for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:14 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502612; x=1708038612; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=qsMjPWkLhkmAx8fD66eaFnt50GhQP/6LG3C8jss7UjE=; b=Bq6CcZdRJfvsyX6CRjZZLZfPaS0GDhpzVfegs0UR7m0bW5ESzg+fp2Gw K3Wkukwa/ezpgZ6Fb+NnA6HY/AXFY5fC/AKln/ED4zyq5izZwFf/xZMk3 elT5cjB1oiSNddiHbO6kYnNOLNGk/AHG3MgGZ0S3+95Rg/WrfayNoLg3o 8PSqUTwmgtYvy46YOhqTzqY3oIp+kXGfgF7+6w2H5XEWI3iEAxslhlAa6 3K+59kDYOpAaDHDE5CQbJmIto31moaPFW9BwmzLUsaz86cyw+o4OoqrAb ACPpf9itJ82OAg0zpcgueZpzXfC3Ohp6frOLw1VRTZW4V+yloj2zCuxMF A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719750" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719750" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:12 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344463" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344463" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:11 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH 33/50] AP/driver: Add link id to the set_tx_queue_params() callback Date: Thu, 16 Feb 2023 01:08:47 +0200 Message-Id: <20230215230904.933291-34-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151013_151045_21702811 X-CRM114-Status: GOOD ( 13.62 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/ap_drv_ops.c | 11 ++++++++++- src/drivers/driver.h | 4 +++- src/drivers/driver_nl80211.c | 7 ++++++- 3 files changed, 19 insertions(+), 3 dele [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/ap_drv_ops.c | 11 ++++++++++- src/drivers/driver.h | 4 +++- src/drivers/driver_nl80211.c | 7 ++++++- 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index 33b258e6fe..37c145f0a0 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -657,10 +657,19 @@ int hostapd_set_country(struct hostapd_data *hapd, const char *country) int hostapd_set_tx_queue_params(struct hostapd_data *hapd, int queue, int aifs, int cw_min, int cw_max, int burst_time) { + int link_id = -1; + if (hapd->driver == NULL || hapd->driver->set_tx_queue_params == NULL) return 0; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + link_id = hapd->conf->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ + return hapd->driver->set_tx_queue_params(hapd->drv_priv, queue, aifs, - cw_min, cw_max, burst_time); + cw_min, cw_max, burst_time, + link_id); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index f545dd47c6..3b87376936 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -3674,9 +3674,11 @@ struct wpa_driver_ops { * @cw_min: cwMin * @cw_max: cwMax * @burst_time: Maximum length for bursting in 0.1 msec units + * @link_id: Link ID to use, or -1 for non MLD. */ int (*set_tx_queue_params)(void *priv, int queue, int aifs, int cw_min, - int cw_max, int burst_time); + int cw_max, int burst_time, + int link_id); /** * if_add - Add a virtual interface diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 6177482813..90758d8d91 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -7806,7 +7806,8 @@ static int i802_read_sta_data(struct i802_bss *bss, static int i802_set_tx_queue_params(void *priv, int queue, int aifs, - int cw_min, int cw_max, int burst_time) + int cw_min, int cw_max, int burst_time, + int link_id) { struct i802_bss *bss = priv; struct wpa_driver_nl80211_data *drv = bss->drv; @@ -7858,6 +7859,10 @@ static int i802_set_tx_queue_params(void *priv, int queue, int aifs, nla_nest_end(msg, txq); + if (link_id >= 0 && + nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)) + goto fail; + res = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); wpa_printf(MSG_DEBUG, "nl80211: TX queue param set: queue=%d aifs=%d cw_min=%d cw_max=%d burst_time=%d --> res=%d", From patchwork Wed Feb 15 23:08:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743182 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=4MvlUbx/; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=BTgEDhyV; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHF3F5632z23j7 for ; Thu, 16 Feb 2023 10:41:45 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=d/YCR/qeQUzhdpaterB120z1gbMlGgcWO1/6ZrxI85c=; b=4MvlUbx/oqYSVi sZ+FXmWDhN/JZvJOYatLPNTMRg8bDLYtvvjp0VEEPW5mT/6Fge31wydJxH2/vmvzCGJtv0I7DcSJg f24pmefTJgoYatNjdoueSi987yLfm5WIo2bSbC5nrs3c7MPEFeT9GzjhJNWhWXEZBok8GgHihy6XV I0myKL9aKW6tOUmO13CQHgmfPvESiEljwIFXKN+Z5UmITMYfUon5MP9Tdz1XsczjDzuded+T/9qfO urcurf0949n9fydN4TNZwoSeYR1aZNYvk2GUBHWRLaZKocFKYY8xMUTZbACcbvtbSLKM+QyN89/R/ pce46t33ZUtNuTaMl7Rg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSROI-007vVc-Vr; Wed, 15 Feb 2023 23:40:47 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQuk-007lWG-3s for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:15 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502614; x=1708038614; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=EKTiiq4sZjP1+NOfKtyxbxfOSrCdqdQ+TwkjfpPLW8A=; b=BTgEDhyVjq42G5G6RZlOJUx/QC0fL3tErmE+71F91LEKN7Q1YRNyBs0K 8GFIV9Mpjm11xQ9ASgWxZ11+NA4MspeLh4lyZ1ayCIVmcu4++PXxwx9w2 RYJN3khzLOetFbBXAUQtAHWdQPz0UVb+JBv5OIdwiwgW8i0NaSuPuePz/ tH2s9hVQJuGaD/z3TBzkzds9xGYOKqPZyvD9fPoCB96SUs5l9oHp3Rn0v 2LYlTijv9d3jWRtZlTDWfZU5Zy/r2PtdKoXU2Uropua38eyYoR4v01/Pl KzOCsx8W31XPOWyMWwtG/1TTqEp6rXKgnV2i3Mwup+RaNQ7bJM3qxyL0r w==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719759" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719759" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:13 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344473" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344473" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:12 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 34/50] driver_nl80211: use frequency to determine mld link for MLME events Date: Thu, 16 Feb 2023 01:08:48 +0200 Message-Id: <20230215230904.933291-35-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151014_256436_15CF5737 X-CRM114-Status: GOOD ( 16.18 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: As link_id isn't always available. Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 2 +- src/drivers/driver_nl80211.h | 1 + src/drivers/driver_nl80211_event.c | 30 ++++++++++++++ [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org As link_id isn't always available. Signed-off-by: Andrei Otcheretianski --- src/drivers/driver_nl80211.c | 2 +- src/drivers/driver_nl80211.h | 1 + src/drivers/driver_nl80211_event.c | 30 +++++++++++++++++++++++++----- 3 files changed, 27 insertions(+), 6 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 90758d8d91..cf8e1723a0 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -4102,7 +4102,7 @@ int wpa_driver_nl80211_authenticate_retry(struct wpa_driver_nl80211_data *drv) } -static struct i802_link *nl80211_get_link(struct i802_bss *bss, s8 link_id) +struct i802_link *nl80211_get_link(struct i802_bss *bss, s8 link_id) { unsigned int i; diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h index 45fa36a6ff..51fa6bfa6e 100644 --- a/src/drivers/driver_nl80211.h +++ b/src/drivers/driver_nl80211.h @@ -315,6 +315,7 @@ int process_bss_event(struct nl_msg *msg, void *arg); const char * nl80211_iftype_str(enum nl80211_iftype mode); void nl80211_restore_ap_mode(struct i802_bss *bss); +struct i802_link *nl80211_get_link(struct i802_bss *bss, s8 link_id); #ifdef ANDROID int android_nl_socket_set_nonblocking(struct nl_sock *handle); diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c index 4b70c3fcb6..372e622535 100644 --- a/src/drivers/driver_nl80211_event.c +++ b/src/drivers/driver_nl80211_event.c @@ -1401,6 +1401,20 @@ static void mlme_event_unprot_beacon(struct wpa_driver_nl80211_data *drv, } +static struct i802_link *nl80211_get_mld_link_by_freq(struct i802_bss *bss, u32 freq) +{ + unsigned int i; + + for (i = 0; i < bss->n_links; i++) { + if ((u32)bss->links[i].freq == freq && + bss->links[i].link_id != -1) + return &bss->links[i]; + } + + return NULL; +} + + static void mlme_event(struct i802_bss *bss, enum nl80211_commands cmd, struct nlattr *frame, struct nlattr *addr, struct nlattr *timed_out, @@ -1413,7 +1427,8 @@ static void mlme_event(struct i802_bss *bss, u16 stype = 0, auth_type = 0; const u8 *data; size_t len; - int link_id; + int link_id = -1; + struct i802_link *mld_link = NULL; if (timed_out && addr) { mlme_timeout_event(drv, cmd, addr); @@ -1427,10 +1442,14 @@ static void mlme_event(struct i802_bss *bss, return; } + /* get the mld link either by link id or freq */ if (link) - link_id = nla_get_u8(link); - else - link_id = -1; + mld_link = nl80211_get_link(bss, nla_get_u8(link)); + else if (freq) + mld_link = nl80211_get_mld_link_by_freq(bss, nla_get_u32(freq)); + + if (mld_link) + link_id = mld_link->link_id; data = nla_data(frame); len = nla_len(frame); @@ -1473,7 +1492,8 @@ static void mlme_event(struct i802_bss *bss, os_memcmp(bss->addr, data + 4 + ETH_ALEN, ETH_ALEN) != 0 && (is_zero_ether_addr(drv->first_bss->prev_addr) || os_memcmp(bss->prev_addr, data + 4 + ETH_ALEN, - ETH_ALEN) != 0)) { + ETH_ALEN) != 0) && + (!mld_link || os_memcmp(mld_link->addr, data + 4, ETH_ALEN) != 0)) { wpa_printf(MSG_MSGDUMP, "nl80211: %s: Ignore MLME frame event " "for foreign address", bss->ifname); return; From patchwork Wed Feb 15 23:08:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743183 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=wogME8KQ; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=n/Uehtp3; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHF4C0hmsz23j7 for ; Thu, 16 Feb 2023 10:42:35 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=riNIU6yZ4mXHKFgOxFcJpzaDf6WlSS7TTlVfxHAR3T8=; b=wogME8KQ5+y/BY XLmJp+72jE2xIAfFAWwm8rF80MGPtcbrEJdUJM2xX4vDgIgVRrQDqNn/KQbqhz7Pu1/isVYjp54qu Ol2ONTzk92BWsnY88e5bn25xeZYjj3WNzCgCD8SchVzmdTAMw9UuHnHz0mz7rnax+vo28Gmh4K6Mr sp9IQeHZHa6jOKr/pdeHgg7PK/5FeRU0hWVaBsTA8an90AfEmhfOjDQlxv5WwSo5/p39fGXv+54v5 uFA0aPKcX+bex9E9GgFThqlkWeFSfq/nk0LMtiq3+GH1CfjeC9KMmCixczj/8dG6jWBzwGJUCdMzj wpF8rydGTwoEFdyPakAw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRPC-007vmv-JF; Wed, 15 Feb 2023 23:41:42 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQul-007lWY-G8 for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:16 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502615; x=1708038615; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=OcI2v4txTVFA1+lsSDEktLPN3AUldWNBdRviDxswIjU=; b=n/Uehtp3TahK+7CzH9k9qTOslCWd8mPQufCi6LwxKo2SA+AHPLaP2M+L PcOXOW5UF9lVPM9kOdda10dn1RXd+jN6auw9CQofNhE7UDHNeq2r7ptHX sDvytKyXng2D68McRItRlNWnJoDV59WuhsIUWGoHXDVhXG50t17qwckIz w1+jbG+agArbpXrS9KtCqWnPyMRs2O+XAr4YrWfrNo1c2gYF9L6Y5L1tK AJC5Mi2lZm0AQghXLLNmZ2Dpbfn5NdA0AQw2XU7RqVIc2Q2DvPsmmKRnZ V+4hTx7tFl2s5mS2OFJdwqoXktEcuQlGAWSUqfynR9zpM5dcuIIawUtCo Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719765" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719765" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:15 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344480" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344480" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:14 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 35/50] AP: Forward link specific events Date: Thu, 16 Feb 2023 01:08:49 +0200 Message-Id: <20230215230904.933291-36-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151015_641034_650EC9DF X-CRM114-Status: GOOD ( 14.34 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Process management and EAPOL frames on the correct link. Signed-off-by: Andrei Otcheretianski --- src/ap/drv_callbacks.c | 51 ++++++++++++++++++++++++++++++++++++++---- 1 file changed, 47 insertions(+), 4 deletions(-) Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Process management and EAPOL frames on the correct link. Signed-off-by: Andrei Otcheretianski --- src/ap/drv_callbacks.c | 51 ++++++++++++++++++++++++++++++++++++++---- 1 file changed, 47 insertions(+), 4 deletions(-) diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c index 8dc4ad1ffb..78b4f7a8df 100644 --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c @@ -1412,6 +1412,35 @@ static void hostapd_action_rx(struct hostapd_data *hapd, #endif /* NEED_AP_MLME */ +#ifdef CONFIG_IEEE80211BE +static struct hostapd_data *switch_link_hapd(struct hostapd_data *hapd, int link_id) +{ + if (hapd->conf->mld_ap && link_id >= 0) { + int i; + + for (i = 0; i < hapd->iface->interfaces->count; i++) { + struct hostapd_iface *h = hapd->iface->interfaces->iface[i]; + struct hostapd_data *h_hapd = h->bss[0]; + struct hostapd_bss_config *hconf = h_hapd->conf; + + if (h == hapd->iface) + continue; + + if (!hconf->mld_ap || hconf->mld_id != hapd->conf->mld_id) { + wpa_printf(MSG_ERROR, + "Skip non matching mld_id"); + continue; + } + + if (hconf->mld_link_id == link_id) + return h_hapd; + } + } + return hapd; +} +#endif /* CONFIG_IEEE80211BE */ + + #ifdef NEED_AP_MLME #define HAPD_BROADCAST ((struct hostapd_data *) -1) @@ -1450,13 +1479,19 @@ static void hostapd_rx_from_unknown_sta(struct hostapd_data *hapd, static int hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) { - struct hostapd_iface *iface = hapd->iface; + struct hostapd_iface *iface; const struct ieee80211_hdr *hdr; const u8 *bssid; struct hostapd_frame_info fi; int ret; bool is_mld = false; +#ifdef CONFIG_IEEE80211BE + hapd = switch_link_hapd(hapd, rx_mgmt->link_id); +#endif /* CONFIG_IEEE80211BE */ + + iface = hapd->iface; + #ifdef CONFIG_TESTING_OPTIONS if (hapd->ext_mgmt_frame_handling) { size_t hex_len = 2 * rx_mgmt->frame_len + 1; @@ -1596,12 +1631,19 @@ static int hostapd_event_new_sta(struct hostapd_data *hapd, const u8 *addr) static void hostapd_event_eapol_rx(struct hostapd_data *hapd, const u8 *src, const u8 *data, size_t data_len, - enum frame_encryption encrypted) + enum frame_encryption encrypted, + int link_id) { - struct hostapd_iface *iface = hapd->iface; + struct hostapd_iface *iface; struct sta_info *sta; size_t j; +#ifdef CONFIG_IEEE80211BE + hapd = switch_link_hapd(hapd, link_id); +#endif /* CONFIG_IEEE80211BE */ + + iface = hapd->iface; + for (j = 0; j < iface->num_bss; j++) { sta = ap_get_sta(iface->bss[j], src); if (sta && sta->flags & WLAN_STA_ASSOC) { @@ -2003,7 +2045,8 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, hostapd_event_eapol_rx(hapd, data->eapol_rx.src, data->eapol_rx.data, data->eapol_rx.data_len, - data->eapol_rx.encrypted); + data->eapol_rx.encrypted, + data->eapol_rx.link_id); break; case EVENT_ASSOC: if (!data) From patchwork Wed Feb 15 23:08:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743184 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=2smdsXJS; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=M9EuvgU7; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHF6C1g4Nz23j7 for ; Thu, 16 Feb 2023 10:44:19 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=qO0B4FoxAJn8WN3S+jHi+ExcqlmM4hiM8j/vKW5aJJE=; b=2smdsXJSUI203Y RJjk3SQk5DIlIsH6J441Lqo+jfNDBYzIgcTDx4kbIyYZrPB/OZoPrybIw1sZvkUPeqNPmGG1u5E3H lTp6kB+zMWnPm2/tUoNMN8JysLro/hq+GpgfhEMYTU0eyBwBABfaa0sXlRcEf/qD1Lt+7ZmmpMWM5 HjjnwvwhstAamVohs7QZUQCWv8Yt5LhoHw3EuG/sG8DuJdpjeygM16ecF9hHeg02Y7VPzrhgTnydo INjsht1FE1o03YSw4429ygVN5oDr9OA/5Ni+U+ycjS1KbbXvrONg9+NY9L3OlqeYbKM4nHdakqZkE BLUoHUGGSzEFPlapoUrw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRQR-007wAq-47; Wed, 15 Feb 2023 23:42:59 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQun-007laj-Tq for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:21 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502617; x=1708038617; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=+fBdRIyuXyIBIXemXu6WwFuLBL0sPhDjVdjBqw5iPaQ=; b=M9EuvgU7IkX+Oy2xYYD4QT3Sk5FZmCoy9DAVqoC8CE6xXaonqfDxLsBG ASBjTW/ROlYI0KmKFrndROy8h09YQZ/FD+rO/W4v8QPo9vlp5iS2WnN4l E0Al/upkhoMIr9mnSGzU2sUZcBlbbGFpHT2DZ/MZJ49V/+qZp3rLGDE5z 10xnUaeO3X1fQZfsgPdIYEcnDy3KrT0y4ZIq1io93+nG2eBzsGwybwYqs ssi8ttG75Vv7lqkFm53ID2NBo951mxhW1Qn5m4FA7traMceM0FwfbfujB q+ixLhUpKGOHZbJe9oQeW+YjUR8BB07O35Tx6tauiRwyMTVZgy/jBQdLT g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719774" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719774" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:17 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344487" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344487" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:15 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 36/50] WPA_AUTH: MLO: Add functions to get the AA and SPA Date: Thu, 16 Feb 2023 01:08:50 +0200 Message-Id: <20230215230904.933291-37-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151018_113164_4957ECD0 X-CRM114-Status: GOOD ( 21.39 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer As a preparation to use AP MLD address and non-AP MLD address in the WPA authenticator state machine, add utility functions to get the current AA and SPA. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 249 ++++++++++++++++++++++++++++ 1 file [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer As a preparation to use AP MLD address and non-AP MLD address in the WPA authenticator state machine, add utility functions to get the current AA and SPA. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 249 ++++++++++++++++++++++++++++------------------ 1 file changed, 154 insertions(+), 95 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index c49cdaa67a..a9227a4f15 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -34,9 +34,21 @@ #include "wpa_auth_i.h" #include "wpa_auth_ie.h" +static const u8 *wpa_auth_get_aa(struct wpa_state_machine *sm) +{ + return sm->wpa_auth->addr; +} + + +static const u8 *wpa_auth_get_spa(struct wpa_state_machine *sm) +{ + return sm->addr; +} + + #define STATE_MACHINE_DATA struct wpa_state_machine #define STATE_MACHINE_DEBUG_PREFIX "WPA" -#define STATE_MACHINE_ADDR sm->addr +#define STATE_MACHINE_ADDR wpa_auth_get_spa(sm) static void wpa_send_eapol_timeout(void *eloop_ctx, void *timeout_ctx); @@ -376,7 +388,8 @@ static void wpa_rekey_ptk(void *eloop_ctx, void *timeout_ctx) struct wpa_authenticator *wpa_auth = eloop_ctx; struct wpa_state_machine *sm = timeout_ctx; - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "rekeying PTK"); + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, + "rekeying PTK"); wpa_request_new_ptk(sm); wpa_sm_step(sm); } @@ -386,7 +399,8 @@ void wpa_auth_set_ptk_rekey_timer(struct wpa_state_machine *sm) { if (sm && sm->wpa_auth->conf.wpa_ptk_rekey) { wpa_printf(MSG_DEBUG, "WPA: Start PTK rekeying timer for " - MACSTR " (%d seconds)", MAC2STR(sm->addr), + MACSTR " (%d seconds)", + MAC2STR(wpa_auth_get_spa(sm)), sm->wpa_auth->conf.wpa_ptk_rekey); eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm); eloop_register_timeout(sm->wpa_auth->conf.wpa_ptk_rekey, 0, @@ -693,7 +707,7 @@ int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth, #ifdef CONFIG_IEEE80211R_AP if (sm->ft_completed) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "FT authentication already completed - do not start 4-way handshake"); /* Go to PTKINITDONE state to allow GTK rekeying */ sm->wpa_ptk_state = WPA_PTK_PTKINITDONE; @@ -704,7 +718,7 @@ int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth, #ifdef CONFIG_FILS if (sm->fils_completed) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "FILS authentication already completed - do not start 4-way handshake"); /* Go to PTKINITDONE state to allow GTK rekeying */ sm->wpa_ptk_state = WPA_PTK_PTKINITDONE; @@ -719,7 +733,7 @@ int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth, return wpa_sm_step(sm); } - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "start authentication"); sm->started = 1; @@ -753,7 +767,8 @@ static void wpa_free_sta_sm(struct wpa_state_machine *sm) MACSTR " (bit %u)", sm->ip_addr[0], sm->ip_addr[1], sm->ip_addr[2], sm->ip_addr[3], - MAC2STR(sm->addr), sm->ip_addr_bit); + MAC2STR(wpa_auth_get_spa(sm)), + sm->ip_addr_bit); bitfield_clear(sm->wpa_auth->ip_pool, sm->ip_addr_bit); } #endif /* CONFIG_P2P */ @@ -785,7 +800,7 @@ void wpa_auth_sta_deinit(struct wpa_state_machine *sm) wpa_auth = sm->wpa_auth; if (wpa_auth->conf.wpa_strict_rekey && sm->has_GTK) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "strict rekeying - force GTK rekey since STA is leaving"); if (eloop_deplete_timeout(0, 500000, wpa_rekey_gtk, wpa_auth, NULL) == -1) @@ -805,7 +820,7 @@ void wpa_auth_sta_deinit(struct wpa_state_machine *sm) * Freeing will be completed in the end of wpa_sm_step(). */ wpa_printf(MSG_DEBUG, "WPA: Registering pending STA state machine deinit for " - MACSTR, MAC2STR(sm->addr)); + MACSTR, MAC2STR(wpa_auth_get_spa(sm))); sm->pending_deinit = 1; } else wpa_free_sta_sm(sm); @@ -820,7 +835,7 @@ static void wpa_request_new_ptk(struct wpa_state_machine *sm) if (!sm->use_ext_key_id && sm->wpa_auth->conf.wpa_deny_ptk0_rekey) { wpa_printf(MSG_INFO, "WPA: PTK0 rekey not allowed, disconnect " MACSTR, - MAC2STR(sm->addr)); + MAC2STR(wpa_auth_get_spa(sm))); sm->Disconnect = true; /* Try to encourage the STA to reconnect */ sm->disconnect_reason = @@ -918,18 +933,19 @@ static int wpa_receive_error_report(struct wpa_authenticator *wpa_auth, struct wpa_state_machine *sm, int group) { /* Supplicant reported a Michael MIC error */ - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "received EAPOL-Key Error Request (STA detected Michael MIC failure (group=%d))", group); if (group && wpa_auth->conf.wpa_group != WPA_CIPHER_TKIP) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "ignore Michael MIC failure report since group cipher is not TKIP"); } else if (!group && sm->pairwise != WPA_CIPHER_TKIP) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "ignore Michael MIC failure report since pairwise cipher is not TKIP"); } else { - if (wpa_auth_mic_failure_report(wpa_auth, sm->addr) > 0) + if (wpa_auth_mic_failure_report(wpa_auth, + wpa_auth_get_spa(sm)) > 0) return 1; /* STA entry was removed */ sm->dot11RSNAStatsTKIPRemoteMICFailures++; wpa_auth->dot11RSNAStatsTKIPRemoteMICFailures++; @@ -1077,7 +1093,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, key_data_length = WPA_GET_BE16(mic + mic_len); wpa_printf(MSG_DEBUG, "WPA: Received EAPOL-Key from " MACSTR " key_info=0x%x type=%u mic_len=%zu key_data_length=%u", - MAC2STR(sm->addr), key_info, key->type, + MAC2STR(wpa_auth_get_spa(sm)), key_info, key->type, mic_len, key_data_length); wpa_hexdump(MSG_MSGDUMP, "WPA: EAPOL-Key header (ending before Key MIC)", @@ -1152,7 +1168,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, if (wpa_use_cmac(sm->wpa_key_mgmt) && !wpa_use_akm_defined(sm->wpa_key_mgmt) && ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) { - wpa_auth_logger(wpa_auth, sm->addr, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_WARNING, "advertised support for AES-128-CMAC, but did not use it"); return; @@ -1161,7 +1177,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, if (!wpa_use_cmac(sm->wpa_key_mgmt) && !wpa_use_akm_defined(sm->wpa_key_mgmt) && ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { - wpa_auth_logger(wpa_auth, sm->addr, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_WARNING, "did not use HMAC-SHA1-AES with CCMP/GCMP"); return; @@ -1170,7 +1186,8 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, if (wpa_use_akm_defined(sm->wpa_key_mgmt) && ver != WPA_KEY_INFO_TYPE_AKM_DEFINED) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_WARNING, "did not use EAPOL-Key descriptor version 0 as required for AKM-defined cases"); return; } @@ -1180,7 +1197,8 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, if (sm->req_replay_counter_used && os_memcmp(key->replay_counter, sm->req_replay_counter, WPA_REPLAY_COUNTER_LEN) <= 0) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_WARNING, "received EAPOL-Key request with replayed counter"); return; } @@ -1203,7 +1221,8 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, * pending requests, so allow the SNonce to be updated * even if we have already sent out EAPOL-Key 3/4. */ - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "Process SNonce update from STA based on retransmitted EAPOL-Key 1/4"); sm->update_snonce = 1; os_memcpy(sm->alt_SNonce, sm->SNonce, WPA_NONCE_LEN); @@ -1223,7 +1242,8 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, * there was two EAPOL-Key 2/4 messages and they had * different SNonce values. */ - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "Try to process received EAPOL-Key 4/4 based on old Replay Counter and SNonce from an earlier EAPOL-Key 1/4"); goto continue_processing; } @@ -1232,11 +1252,13 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, wpa_replay_counter_valid(sm->prev_key_replay, key->replay_counter) && sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING) { - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "ignore retransmitted EAPOL-Key %s - SNonce did not change", msgtxt); } else { - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "received EAPOL-Key %s with unexpected replay counter", msgtxt); } @@ -1256,7 +1278,7 @@ continue_processing: #ifdef CONFIG_FILS if (sm->wpa == WPA_VERSION_WPA2 && mic_len == 0 && !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "WPA: Encr Key Data bit not set even though AEAD cipher is supposed to be used - drop frame"); return; } @@ -1268,7 +1290,8 @@ continue_processing: sm->wpa_ptk_state != WPA_PTK_PTKCALCNEGOTIATING && (!sm->update_snonce || sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING)) { - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "received EAPOL-Key msg 2/4 in invalid state (%d) - dropped", sm->wpa_ptk_state); return; @@ -1295,7 +1318,8 @@ continue_processing: case PAIRWISE_4: if (sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING || !sm->PTK_valid) { - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "received EAPOL-Key msg 4/4 in invalid state (%d) - dropped", sm->wpa_ptk_state); return; @@ -1304,7 +1328,8 @@ continue_processing: case GROUP_2: if (sm->wpa_ptk_group_state != WPA_PTK_GROUP_REKEYNEGOTIATING || !sm->PTK_valid) { - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "received EAPOL-Key msg 2/2 in invalid state (%d) - dropped", sm->wpa_ptk_group_state); return; @@ -1314,18 +1339,18 @@ continue_processing: break; } - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "received EAPOL-Key frame (%s)", msgtxt); if (key_info & WPA_KEY_INFO_ACK) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "received invalid EAPOL-Key: Key Ack set"); return; } if (!wpa_key_mgmt_fils(sm->wpa_key_mgmt) && !(key_info & WPA_KEY_INFO_MIC)) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "received invalid EAPOL-Key: Key MIC not set"); return; } @@ -1333,7 +1358,7 @@ continue_processing: #ifdef CONFIG_FILS if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) && (key_info & WPA_KEY_INFO_MIC)) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "received invalid EAPOL-Key: Key MIC set"); return; } @@ -1346,7 +1371,8 @@ continue_processing: data, data_len) && (msg != PAIRWISE_4 || !sm->alt_snonce_valid || wpa_try_alt_snonce(sm, data, data_len))) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "received EAPOL-Key with invalid MIC"); #ifdef TEST_FUZZ wpa_printf(MSG_INFO, @@ -1359,7 +1385,8 @@ continue_processing: if (!mic_len && wpa_aead_decrypt(sm, &sm->PTK, data, data_len, &key_data_length) < 0) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "received EAPOL-Key with invalid MIC"); #ifdef TEST_FUZZ wpa_printf(MSG_INFO, @@ -1383,7 +1410,8 @@ continue_processing: os_memcpy(sm->req_replay_counter, key->replay_counter, WPA_REPLAY_COUNTER_LEN); } else { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "received EAPOL-Key request with invalid MIC"); return; } @@ -1399,7 +1427,8 @@ continue_processing: !(key_info & WPA_KEY_INFO_KEY_TYPE)) > 0) return; /* STA entry was removed */ } else if (key_info & WPA_KEY_INFO_KEY_TYPE) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "received EAPOL-Key Request for new 4-Way Handshake"); wpa_request_new_ptk(sm); } else if (key_data_length > 0 && @@ -1407,7 +1436,8 @@ continue_processing: &kde) == 0 && kde.mac_addr) { } else { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "received EAPOL-Key Request for GTK rekeying"); eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL); if (wpa_auth_gtk_rekey_in_process(wpa_auth)) @@ -1518,7 +1548,8 @@ static void wpa_send_eapol_timeout(void *eloop_ctx, void *timeout_ctx) } sm->pending_1_of_4_timeout = 0; - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "EAPOL-Key timeout"); + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, + "EAPOL-Key timeout"); sm->TimeoutEvt = true; wpa_sm_step(sm); } @@ -1710,7 +1741,8 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, if (key_info & WPA_KEY_INFO_MIC) { if (!sm->PTK_valid || !mic_len) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "PTK not valid when sending EAPOL-Key frame"); os_free(hdr); return; @@ -1726,7 +1758,8 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, if (!pairwise && conf->corrupt_gtk_rekey_mic_probability > 0.0 && drand48() < conf->corrupt_gtk_rekey_mic_probability) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "Corrupting group EAPOL-Key Key MIC"); key_mic[0]++; } @@ -1851,7 +1884,7 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event) if (!sm) return -1; - wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "event %d notification", event); switch (event) { @@ -1911,7 +1944,7 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event) sm->wpa_auth->conf.wpa_deny_ptk0_rekey) { wpa_printf(MSG_INFO, "WPA: PTK0 rekey not allowed, disconnect " - MACSTR, MAC2STR(sm->addr)); + MACSTR, MAC2STR(wpa_auth_get_spa(sm))); sm->Disconnect = true; /* Try to encourage the STA to reconnect */ sm->disconnect_reason = @@ -2158,7 +2191,8 @@ SM_STATE(WPA_PTK, INITPMK) sm->disconnect_reason = WLAN_REASON_INVALID_PMKID; return; #endif /* CONFIG_DPP */ - } else if (wpa_auth_get_msk(sm->wpa_auth, sm->addr, msk, &len) == 0) { + } else if (wpa_auth_get_msk(sm->wpa_auth, wpa_auth_get_spa(sm), + msk, &len) == 0) { unsigned int pmk_len; if (wpa_key_mgmt_sha384(sm->wpa_key_mgmt)) @@ -2266,7 +2300,7 @@ SM_STATE(WPA_PTK, PTKSTART) return; } - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "sending 1/4 msg of 4-Way Handshake"); /* * For infrastructure BSS cases, it is better for the AP not to include @@ -2345,8 +2379,10 @@ SM_STATE(WPA_PTK, PTKSTART) * Calculate PMKID since no PMKSA cache entry was * available with pre-calculated PMKID. */ - rsn_pmkid(sm->PMK, sm->pmk_len, sm->wpa_auth->addr, - sm->addr, &pmkid[2 + RSN_SELECTOR_LEN], + rsn_pmkid(sm->PMK, sm->pmk_len, + wpa_auth_get_aa(sm), + wpa_auth_get_spa(sm), &pmkid[2 + + RSN_SELECTOR_LEN], sm->wpa_key_mgmt); wpa_hexdump(MSG_DEBUG, "RSN: Message 1/4 PMKID derived from PMK", @@ -2388,7 +2424,8 @@ static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce, ret = wpa_pmk_r1_to_ptk(sm->pmk_r1, sm->pmk_r1_len, sm->SNonce, sm->ANonce, - sm->addr, sm->wpa_auth->addr, + wpa_auth_get_spa(sm), + wpa_auth_get_aa(sm), sm->pmk_r1_name, ptk, ptk_name, sm->wpa_key_mgmt, sm->pairwise, kdk_len); @@ -2428,9 +2465,9 @@ static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *snonce, if (force_sha256) akmp |= WPA_KEY_MGMT_PSK_SHA256; ret = wpa_pmk_to_ptk(pmk, pmk_len, "Pairwise key expansion", - sm->wpa_auth->addr, sm->addr, sm->ANonce, - snonce, ptk, akmp, sm->pairwise, z, z_len, - kdk_len); + wpa_auth_get_aa(sm), wpa_auth_get_spa(sm), + sm->ANonce, snonce, ptk, akmp, + sm->pairwise, z, z_len, kdk_len); if (ret) { wpa_printf(MSG_DEBUG, "WPA: PTK derivation failed"); @@ -2471,7 +2508,8 @@ int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk, else kdk_len = 0; - res = fils_pmk_to_ptk(pmk, pmk_len, sm->addr, sm->wpa_auth->addr, + res = fils_pmk_to_ptk(pmk, pmk_len, wpa_auth_get_spa(sm), + wpa_auth_get_aa(sm), snonce, anonce, dhss, dhss_len, &sm->PTK, ick, &ick_len, sm->wpa_key_mgmt, sm->pairwise, @@ -2505,7 +2543,7 @@ int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk, conf->mobility_domain, conf->r0_key_holder, conf->r0_key_holder_len, - sm->addr, pmk_r0, pmk_r0_name, + wpa_auth_get_spa(sm), pmk_r0, pmk_r0_name, sm->wpa_key_mgmt) < 0) return -1; @@ -2513,7 +2551,8 @@ int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk, forced_memzero(fils_ft, sizeof(fils_ft)); res = wpa_derive_pmk_r1_name(pmk_r0_name, conf->r1_key_holder, - sm->addr, sm->pmk_r1_name, + wpa_auth_get_spa(sm), + sm->pmk_r1_name, fils_ft_len); forced_memzero(pmk_r0, PMK_LEN_MAX); if (res < 0) @@ -2525,7 +2564,8 @@ int fils_auth_pmk_to_ptk(struct wpa_state_machine *sm, const u8 *pmk, #endif /* CONFIG_IEEE80211R_AP */ res = fils_key_auth_sk(ick, ick_len, snonce, anonce, - sm->addr, sm->wpa_auth->addr, + wpa_auth_get_spa(sm), + wpa_auth_get_aa(sm), g_sta ? wpabuf_head(g_sta) : NULL, g_sta ? wpabuf_len(g_sta) : 0, g_ap ? wpabuf_head(g_ap) : NULL, @@ -2560,7 +2600,7 @@ static int wpa_aead_decrypt(struct wpa_state_machine *sm, struct wpa_ptk *ptk, key_data_len = WPA_GET_BE16(pos); if (key_data_len < AES_BLOCK_SIZE || key_data_len > buf_len - sizeof(*hdr) - sizeof(*key) - 2) { - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "No room for AES-SIV data in the frame"); return -1; } @@ -2576,7 +2616,7 @@ static int wpa_aead_decrypt(struct wpa_state_machine *sm, struct wpa_ptk *ptk, aad_len[0] = pos - buf; if (aes_siv_decrypt(ptk->kek, ptk->kek_len, pos, key_data_len, 1, aad, aad_len, tmp) < 0) { - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "Invalid AES-SIV data in the frame"); bin_clear_free(tmp, key_data_len); return -1; @@ -3174,7 +3214,8 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) } if (!ok) { - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "invalid MIC in msg 2/4 of 4-Way Handshake"); if (psk_found) wpa_auth_psk_failure_report(sm->wpa_auth, sm->addr); @@ -3195,7 +3236,7 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) goto out; if (wpa_parse_kde_ies(key_data, key_data_length, &kde) < 0) { - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "received EAPOL-Key msg 2/4 with invalid Key Data contents"); goto out; } @@ -3213,7 +3254,7 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) if (!sm->wpa_ie || wpa_compare_rsn_ie(ft, sm->wpa_ie, sm->wpa_ie_len, eapol_key_ie, eapol_key_ie_len)) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "WPA IE from (Re)AssocReq did not match with msg 2/4"); if (sm->wpa_ie) { wpa_hexdump(MSG_DEBUG, "WPA IE in AssocReq", @@ -3231,7 +3272,7 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) (sm->rsnxe && kde.rsnxe && (sm->rsnxe_len != kde.rsnxe_len || os_memcmp(sm->rsnxe, kde.rsnxe, sm->rsnxe_len) != 0))) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "RSNXE from (Re)AssocReq did not match the one in EAPOL-Key msg 2/4"); wpa_hexdump(MSG_DEBUG, "RSNXE in AssocReq", sm->rsnxe, sm->rsnxe_len); @@ -3250,7 +3291,8 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) enum oci_verify_result res; if (wpa_channel_info(wpa_auth, &ci) != 0) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "Failed to get channel info to validate received OCI in EAPOL-Key 2/4"); goto out; } @@ -3265,17 +3307,20 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) tx_chanwidth, tx_seg1_idx); if (wpa_auth_uses_ocv(sm) == 2 && res == OCI_NOT_FOUND) { /* Work around misbehaving STAs */ - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "Disable OCV with a STA that does not send OCI"); wpa_auth_set_ocv(sm, 0); } else if (res != OCI_SUCCESS) { - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "OCV failed: %s", ocv_errorstr); if (wpa_auth->conf.msg_ctx) wpa_msg(wpa_auth->conf.msg_ctx, MSG_INFO, OCV_FAILURE "addr=" MACSTR " frame=eapol-key-m2 error=%s", - MAC2STR(sm->addr), ocv_errorstr); + MAC2STR(wpa_auth_get_spa(sm)), + ocv_errorstr); goto out; } } @@ -3304,7 +3349,8 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) MACSTR " (bit %u)", sm->ip_addr[0], sm->ip_addr[1], sm->ip_addr[2], sm->ip_addr[3], - MAC2STR(sm->addr), sm->ip_addr_bit); + MAC2STR(wpa_auth_get_spa(sm)), + sm->ip_addr_bit); } } #endif /* CONFIG_P2P */ @@ -3335,7 +3381,8 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) */ if (os_memcmp_const(sm->sup_pmk_r1_name, sm->pmk_r1_name, WPA_PMK_NAME_LEN) != 0) { - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "PMKR1Name mismatch in FT 4-way handshake"); wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name from Supplicant", @@ -3604,7 +3651,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) wpa_ie = wpa_ie_buf; } #endif /* CONFIG_TESTING_OPTIONS */ - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "sending 3/4 msg of 4-Way Handshake"); if (sm->wpa == WPA_VERSION_WPA2) { if (sm->use_ext_key_id && sm->TimeoutCtr == 1 && @@ -3666,7 +3713,8 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) * by setting the Secure bit here even in the case of * WPA if the supplicant used it first. */ - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "STA used Secure bit in WPA msg 2/4 - set Secure for 3/4 as workaround"); secure = 1; } @@ -3892,14 +3940,14 @@ SM_STATE(WPA_PTK, PTKINITDONE) sm->PInitAKeys = true; else sm->has_GTK = true; - wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "pairwise key handshake completed (%s)", sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN"); wpa_msg(sm->wpa_auth->conf.msg_ctx, MSG_INFO, "EAPOL-4WAY-HS-COMPLETED " MACSTR, MAC2STR(sm->addr)); #ifdef CONFIG_IEEE80211R_AP - wpa_ft_push_pmk_r1(sm->wpa_auth, sm->addr); + wpa_ft_push_pmk_r1(sm->wpa_auth, wpa_auth_get_spa(sm)); #endif /* CONFIG_IEEE80211R_AP */ sm->ptkstart_without_success = 0; @@ -3915,7 +3963,7 @@ SM_STEP(WPA_PTK) SM_ENTER(WPA_PTK, INITIALIZE); else if (sm->Disconnect /* || FIX: dot11RSNAConfigSALifetime timeout */) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "WPA_PTK: sm->Disconnect"); SM_ENTER(WPA_PTK, DISCONNECT); } @@ -3964,7 +4012,8 @@ SM_STEP(WPA_PTK) #endif /* CONFIG_DPP */ } else { wpa_auth->dot11RSNA4WayHandshakeFailures++; - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "INITPMK - keyAvailable = false"); SM_ENTER(WPA_PTK, DISCONNECT); } @@ -3983,7 +4032,8 @@ SM_STEP(WPA_PTK) "INITPSK: No PSK yet available for STA - use RADIUS later"); SM_ENTER(WPA_PTK, PTKSTART); } else { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "no PSK configured for the STA"); wpa_auth->dot11RSNA4WayHandshakeFailures++; SM_ENTER(WPA_PTK, DISCONNECT); @@ -3995,7 +4045,8 @@ SM_STEP(WPA_PTK) SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING); else if (sm->TimeoutCtr > conf->wpa_pairwise_update_count) { wpa_auth->dot11RSNA4WayHandshakeFailures++; - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "PTKSTART: Retry limit %u reached", conf->wpa_pairwise_update_count); sm->disconnect_reason = @@ -4027,7 +4078,8 @@ SM_STEP(WPA_PTK) (conf->wpa_disable_eapol_key_retries && sm->TimeoutCtr > 1)) { wpa_auth->dot11RSNA4WayHandshakeFailures++; - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "PTKINITNEGOTIATING: Retry limit %u reached", conf->wpa_pairwise_update_count); sm->disconnect_reason = @@ -4084,7 +4136,7 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) os_memset(rsc, 0, WPA_KEY_RSC_LEN); if (gsm->wpa_group_state == WPA_GROUP_SETKEYSDONE) wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc); - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "sending 1/2 msg of Group Key Handshake"); gtk = gsm->GTK[gsm->GN - 1]; @@ -4165,7 +4217,7 @@ SM_STATE(WPA_PTK_GROUP, REKEYESTABLISHED) return; if (wpa_parse_kde_ies(key_data, key_data_length, &kde) < 0) { - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "received EAPOL-Key group msg 2/2 with invalid Key Data contents"); return; } @@ -4176,7 +4228,8 @@ SM_STATE(WPA_PTK_GROUP, REKEYESTABLISHED) int tx_seg1_idx; if (wpa_channel_info(wpa_auth, &ci) != 0) { - wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "Failed to get channel info to validate received OCI in EAPOL-Key group 2/2"); return; } @@ -4190,13 +4243,15 @@ SM_STATE(WPA_PTK_GROUP, REKEYESTABLISHED) if (ocv_verify_tx_params(kde.oci, kde.oci_len, &ci, tx_chanwidth, tx_seg1_idx) != OCI_SUCCESS) { - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, "OCV failed: %s", ocv_errorstr); if (wpa_auth->conf.msg_ctx) wpa_msg(wpa_auth->conf.msg_ctx, MSG_INFO, OCV_FAILURE "addr=" MACSTR " frame=eapol-key-g2 error=%s", - MAC2STR(sm->addr), ocv_errorstr); + MAC2STR(wpa_auth_get_spa(sm)), + ocv_errorstr); return; } } @@ -4207,7 +4262,7 @@ SM_STATE(WPA_PTK_GROUP, REKEYESTABLISHED) sm->GUpdateStationKeys = false; sm->GTimeoutCtr = 0; /* FIX: MLME.SetProtection.Request(TA, Tx_Rx) */ - wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "group key handshake completed (%s)", sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN"); sm->has_GTK = true; @@ -4222,7 +4277,7 @@ SM_STATE(WPA_PTK_GROUP, KEYERROR) sm->GUpdateStationKeys = false; sm->Disconnect = true; sm->disconnect_reason = WLAN_REASON_GROUP_KEY_UPDATE_TIMEOUT; - wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO, + wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO, "group key handshake failed (%s) after %u tries", sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN", sm->wpa_auth->conf.wpa_group_update_count); @@ -4335,7 +4390,8 @@ static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx) return 0; if (sm->wpa_ptk_state != WPA_PTK_PTKINITDONE) { - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "Not in PTKINITDONE; skip Group Key update"); sm->GUpdateStationKeys = false; return 0; @@ -4346,7 +4402,8 @@ static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx) * Since we clear the GKeyDoneStations before the loop, the * station needs to be counted here anyway. */ - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "GUpdateStationKeys was already set when marking station for GTK rekeying"); } @@ -4580,7 +4637,7 @@ static int wpa_group_disconnect_cb(struct wpa_state_machine *sm, void *ctx) if (sm->group == ctx) { wpa_printf(MSG_DEBUG, "WPA: Mark STA " MACSTR " for disconnection due to fatal failure", - MAC2STR(sm->addr)); + MAC2STR(wpa_auth_get_spa(sm))); sm->Disconnect = true; } @@ -4673,7 +4730,7 @@ static int wpa_sm_step(struct wpa_state_machine *sm) if (sm->pending_deinit) { wpa_printf(MSG_DEBUG, "WPA: Completing pending STA state machine deinit for " - MACSTR, MAC2STR(sm->addr)); + MACSTR, MAC2STR(wpa_auth_get_spa(sm))); wpa_free_sta_sm(sm); return 1; } @@ -5009,7 +5066,8 @@ int wpa_auth_pmksa_add(struct wpa_state_machine *sm, const u8 *pmk, wpa_hexdump_key(MSG_DEBUG, "RSN: Cache PMK", pmk, pmk_len); if (pmksa_cache_auth_add(sm->wpa_auth->pmksa, pmk, pmk_len, NULL, sm->PTK.kck, sm->PTK.kck_len, - sm->wpa_auth->addr, sm->addr, session_timeout, + wpa_auth_get_aa(sm), + wpa_auth_get_spa(sm), session_timeout, eapol, sm->wpa_key_mgmt)) return 0; @@ -5027,8 +5085,7 @@ int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth, wpa_hexdump_key(MSG_DEBUG, "RSN: Cache PMK from preauth", pmk, len); if (pmksa_cache_auth_add(wpa_auth->pmksa, pmk, len, NULL, - NULL, 0, - wpa_auth->addr, + NULL, 0, wpa_auth->addr, sta_addr, session_timeout, eapol, WPA_KEY_MGMT_IEEE8021X)) return 0; @@ -5071,7 +5128,8 @@ int wpa_auth_pmksa_add2(struct wpa_authenticator *wpa_auth, const u8 *addr, wpa_hexdump_key(MSG_DEBUG, "RSN: Cache PMK (2)", pmk, PMK_LEN); if (pmksa_cache_auth_add(wpa_auth->pmksa, pmk, pmk_len, pmkid, - NULL, 0, wpa_auth->addr, addr, session_timeout, + NULL, 0, wpa_auth->addr, addr, + session_timeout, NULL, akmp)) return 0; @@ -5419,7 +5477,7 @@ int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id) wpa_printf(MSG_DEBUG, "WPA: Moving STA " MACSTR " to use group state machine for VLAN ID %d", - MAC2STR(sm->addr), vlan_id); + MAC2STR(wpa_auth_get_spa(sm)), vlan_id); wpa_group_get(sm->wpa_auth, group); wpa_group_put(sm->wpa_auth, sm->group); @@ -5435,7 +5493,7 @@ void wpa_auth_eapol_key_tx_status(struct wpa_authenticator *wpa_auth, if (!wpa_auth || !sm) return; wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key TX status for STA " MACSTR - " ack=%d", MAC2STR(sm->addr), ack); + " ack=%d", MAC2STR(wpa_auth_get_spa(sm)), ack); if (sm->pending_1_of_4_timeout && ack) { /* * Some deployed supplicant implementations update their SNonce @@ -5633,7 +5691,7 @@ int wpa_auth_resend_m1(struct wpa_state_machine *sm, int change_anonce, anonce = anonce_buf; } - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "sending 1/4 msg of 4-Way Handshake (TESTING)"); wpa_send_eapol(sm->wpa_auth, sm, WPA_KEY_INFO_ACK | WPA_KEY_INFO_KEY_TYPE, NULL, @@ -5675,7 +5733,7 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm, wpa_ie = wpa_ie + wpa_ie[1] + 2; wpa_ie_len = wpa_ie[1] + 2; } - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "sending 3/4 msg of 4-Way Handshake (TESTING)"); if (sm->wpa == WPA_VERSION_WPA2) { /* WPA2 send GTK in the 4-way handshake */ @@ -5700,7 +5758,8 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm, * by setting the Secure bit here even in the case of * WPA if the supplicant used it first. */ - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), + LOGGER_DEBUG, "STA used Secure bit in WPA msg 2/4 - set Secure for 3/4 as workaround"); secure = 1; } @@ -5837,7 +5896,7 @@ int wpa_auth_resend_group_m1(struct wpa_state_machine *sm, /* Send EAPOL(1, 1, 1, !Pair, G, RSC, GNonce, MIC(PTK), GTK[GN]) */ os_memset(rsc, 0, WPA_KEY_RSC_LEN); /* Use 0 RSC */ - wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG, + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, "sending 1/2 msg of Group Key Handshake (TESTING)"); gtk = gsm->GTK[gsm->GN - 1]; From patchwork Wed Feb 15 23:08:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743185 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=DS9RBh5A; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=H+7wuBip; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHF7807Rsz23h0 for ; Thu, 16 Feb 2023 10:45:08 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=qKdoGxbk+c5D4QJh4UHTW3kAgXw6bjA7eDmHUmaATKY=; b=DS9RBh5AI+5JSg zpqxnL18jg4KHCXOJBDSsPFuyVZR1f9lNK3Fi+s8WCZLYf7z8Q7g4p8zkWMvSWO046xFUdGPYGowG 6ugpkPXfbKzfSKiNdGSIRpAuAZODhCSW4GjKUR/mnMfeOHs74KcpTiPHERFhrPZYvF+fp1Axtbw71 Ua+ZEwsiFbSo2SHP2Aao7TEOvivOruxoPlIjnyff432MJh5foeIHvCXDJqaU0fzdmDLKyjRpYdL9R VViFTh8/+cUnR8hNi48KJS4qQhBtICAEMCH7oVcCcROADzEn+8UUv/y1J3e7NQuSTGpJsYkV/sMfp bJ8wg9j6tZQpeDasdIXA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRRb-007wZP-No; Wed, 15 Feb 2023 23:44:12 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvC-007ljz-Bl for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:44 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502642; x=1708038642; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=cpSUWz+rB6oEKqoPnpLTZmF/R9To+U0xQghpGfAJw9U=; b=H+7wuBipUy7v0vZpJ4O98LRC104xiGOp0TSdoBQiaQuYkgm8Hu9VFKvh b/G4f+1252SFG2hllAFbMBcg8YU36T7aIrmFthcAAjicdMnsNbMI9Vilc TvAGKLDTX23nH51I8mdEXFxz0ZOOiWIYyuKtk+5qFvI8NU/yRh6P6ynBg g1YnK9B3DC7Lh6u6Ayk2dJtBovNISx4yikMfklmyhm+CdAEyQwS8ArtI7 /8wIFct1nP3NDFXI2dfwffoejULGkwu1RoqsElqkiI+Iw0PDNnafrGg+c fE05S8MOOZUl25NJTKpcPpHfOFXnsYjSSI0kmiKbRvf32k2BxJZVH81Cj A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719786" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719786" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:19 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344496" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344496" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:17 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH 37/50] WPA_AUTH: MLO: Store MLO link information Date: Thu, 16 Feb 2023 01:08:51 +0200 Message-Id: <20230215230904.933291-38-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151042_537130_F4980781 X-CRM114-Status: GOOD ( 20.29 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 28 +++++++++-- src/ap/wpa_auth.c | 111 +++++++++++++++++ [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 28 +++++++++-- src/ap/wpa_auth.c | 111 +++++++++++++++++++++++++++++++++++++++++ src/ap/wpa_auth.h | 44 ++++++++++++++++ src/ap/wpa_auth_glue.c | 46 +++++++++++++++++ src/ap/wpa_auth_i.h | 16 ++++++ 5 files changed, 240 insertions(+), 5 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 10af54b484..c302f01804 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -3929,15 +3929,33 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, wpa_ie -= 2; wpa_ie_len += 2; - if (sta->wpa_sm == NULL) + if (!sta->wpa_sm) { +#ifdef CONFIG_IEEE80211BE + struct mld_info *info = &sta->mld_info; +#endif /* CONFIG_IEEE80211BE */ + sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, sta->addr, p2p_dev_addr); - if (sta->wpa_sm == NULL) { - wpa_printf(MSG_WARNING, "Failed to initialize WPA " - "state machine"); - return WLAN_STATUS_UNSPECIFIED_FAILURE; + + if (!sta->wpa_sm) { + wpa_printf(MSG_WARNING, + "Failed to initialize WPA SM"); + return WLAN_STATUS_UNSPECIFIED_FAILURE; + } + +#ifdef CONFIG_IEEE80211BE + if (info->mld_sta) { + wpa_printf(MSG_DEBUG, "MLD: used for WPA"); + + wpa_auth_set_ml_info(sta->wpa_sm, + hapd->mld_addr, + sta->mld_assoc_link_id, + info); + } +#endif /* CONFIG_IEEE80211BE */ } + wpa_auth_set_auth_alg(sta->wpa_sm, sta->auth_alg); res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, hapd->iface->freq, diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index a9227a4f15..a1e5d9bb52 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -33,6 +33,7 @@ #include "pmksa_cache_auth.h" #include "wpa_auth_i.h" #include "wpa_auth_ie.h" +#include "sta_info.h" static const u8 *wpa_auth_get_aa(struct wpa_state_machine *sm) { @@ -694,6 +695,7 @@ wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr, sm->wpa_auth = wpa_auth; sm->group = wpa_auth->group; wpa_group_get(sm->wpa_auth, sm->group); + sm->mld_assoc_link_id = -1; return sm; } @@ -787,6 +789,11 @@ static void wpa_free_sta_sm(struct wpa_state_machine *sm) #ifdef CONFIG_DPP2 wpabuf_clear_free(sm->dpp_z); #endif /* CONFIG_DPP2 */ + os_memset(sm->own_mld_addr, 0, sizeof(sm->own_mld_addr)); + os_memset(sm->peer_mld_addr, 0, sizeof(sm->peer_mld_addr)); + sm->mld_assoc_link_id = -1; + os_memset(sm->mld_links, 0, sizeof(sm->mld_links)); + bin_clear_free(sm, sizeof(*sm)); } @@ -3587,6 +3594,29 @@ static u8 * replace_ie(const char *name, const u8 *old_buf, size_t *len, u8 eid, } #endif /* CONFIG_TESTING_OPTIONS */ +#ifdef CONFIG_IEEE80211BE + +void wpa_auth_ml_get_rsn_info(struct wpa_authenticator *a, + struct wpa_auth_ml_link_rsn_info *info) +{ + info->rsn_ies = a->wpa_ie; + info->rsn_ies_len = a->wpa_ie_len; + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: RSN info: link_id=%u, rsn_ies_len=%u", + info->link_id, info->rsn_ies_len); +} + + +static void wpa_auth_get_ml_rsn_info(struct wpa_authenticator *wpa_auth, + struct wpa_auth_ml_rsn_info *info) +{ + if (!wpa_auth->cb->get_ml_rsn_info) + return; + + wpa_auth->cb->get_ml_rsn_info(wpa_auth->cb_ctx, info); +} +#endif /* CONFIG_IEEE80211BE */ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) { @@ -6024,3 +6054,84 @@ void wpa_auth_sta_radius_psk_resp(struct wpa_state_machine *sm, bool success) eloop_register_timeout(0, 0, wpa_sm_call_step, sm, NULL); } + + +void wpa_auth_set_ml_info(struct wpa_state_machine *sm, + const u8 *mld_addr, u8 mld_assoc_link_id, + struct mld_info *info) +{ +#ifdef CONFIG_IEEE80211BE + struct wpa_auth_ml_rsn_info ml_rsn_info; + u32 link_id, i; + + if (!info) + return; + + os_memset(sm->mld_links, 0, sizeof(sm->mld_links)); + + wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, + "MLD: initialization"); + + os_memcpy(sm->own_mld_addr, mld_addr, ETH_ALEN); + os_memcpy(sm->peer_mld_addr, info->common_info.mld_addr, ETH_ALEN); + + sm->mld_assoc_link_id = mld_assoc_link_id; + + os_memset(&ml_rsn_info, 0, sizeof(ml_rsn_info)); + + for (i = 0, link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + struct mld_link_info *link = &info->links[link_id]; + struct mld_link *sm_link = &sm->mld_links[link_id]; + + sm_link->valid = link->valid; + + if (!link->valid) + continue; + + os_memcpy(sm_link->peer_addr, link->peer_addr, ETH_ALEN); + os_memcpy(sm_link->own_addr, link->local_addr, ETH_ALEN); + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: id=%u, addr=" MACSTR " peer=" MACSTR, + link_id, + MAC2STR(sm_link->own_addr), + MAC2STR(sm_link->peer_addr)); + + if (link_id != mld_assoc_link_id) + sm->n_mld_affiliated_links++; + + ml_rsn_info.links[i++].link_id = link_id; + } + + ml_rsn_info.n_mld_links = i; + + wpa_auth_get_ml_rsn_info(sm->wpa_auth, &ml_rsn_info); + + for (i = 0; i < ml_rsn_info.n_mld_links; i++) { + u8 link_id = ml_rsn_info.links[i].link_id; + struct mld_link *sm_link = &sm->mld_links[link_id]; + const u8 *rsn_ies; + u8 rsn_ies_len; + + rsn_ies = ml_rsn_info.links[i].rsn_ies; + rsn_ies_len = ml_rsn_info.links[i].rsn_ies_len; + + /* This should not really happen */ + if (!rsn_ies || rsn_ies_len < 2 || rsn_ies[0] != WLAN_EID_RSN) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: Invalid RSN element"); + continue; + } + + sm_link->rsne = rsn_ies; + sm_link->rsne_len = rsn_ies[1] + 2; + + if (rsn_ies[1] + 2UL + 2UL < rsn_ies_len && + rsn_ies[rsn_ies[1] + 2] == WLAN_EID_RSNX) { + sm_link->rsnxe = rsn_ies + 2 + rsn_ies[1]; + sm_link->rsnxe_len = sm_link->rsnxe[1] + 2; + } + } + +#endif /* CONFIG_IEEE80211BE */ +} diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h index eed016accb..fbd9d84f8b 100644 --- a/src/ap/wpa_auth.h +++ b/src/ap/wpa_auth.h @@ -15,6 +15,7 @@ #include "common/ieee802_11_defs.h" struct vlan_description; +struct mld_info; #define MAX_OWN_IE_OVERRIDE 256 @@ -288,6 +289,40 @@ typedef enum { WPA_EAPOL_keyDone, WPA_EAPOL_inc_EapolFramesTx } wpa_eapol_variable; +struct wpa_auth_ml_rsn_info { + u8 n_mld_links; + + struct wpa_auth_ml_link_rsn_info { + u8 link_id; + const u8 *rsn_ies; + u8 rsn_ies_len; + } links[MAX_NUM_MLD_LINKS]; +}; + +struct wpa_auth_ml_key_info { + u8 n_mld_links; + bool mgmt_frame_prot; + bool beacon_prot; + + struct wpa_auth_ml_link_key_info { + u8 link_id; + + u8 gtkidx; + u8 gtk_len; + u8 pn[6]; + const u8 *gtk; + + u8 igtkidx; + u8 igtk_len; + const u8 *igtk; + u8 ipn[6]; + + u8 bigtkidx; + const u8 *bigtk; + u8 bipn[6]; + } links[MAX_NUM_MLD_LINKS]; +}; + struct wpa_auth_callbacks { void (*logger)(void *ctx, const u8 *addr, logger_level level, const char *txt); @@ -355,6 +390,9 @@ struct wpa_auth_callbacks { int (*set_ltf_keyseed)(void *ctx, const u8 *addr, const u8 *ltf_keyseed, size_t ltf_keyseed_len); #endif /* CONFIG_PASN */ +#ifdef CONFIG_IEEE80211BE + int (*get_ml_rsn_info)(void *ctx, struct wpa_auth_ml_rsn_info *info); +#endif /* CONFIG_IEEE80211BE */ }; struct wpa_authenticator * wpa_init(const u8 *addr, @@ -593,4 +631,10 @@ void wpa_auth_set_ocv_override_freq(struct wpa_authenticator *wpa_auth, void wpa_auth_sta_radius_psk_resp(struct wpa_state_machine *sm, bool success); +void wpa_auth_set_ml_info(struct wpa_state_machine *sm, + const u8 *mld_addr, + u8 mld_assoc_link_id, + struct mld_info *info); +void wpa_auth_ml_get_rsn_info(struct wpa_authenticator *a, + struct wpa_auth_ml_link_rsn_info *info); #endif /* WPA_AUTH_H */ diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index 9090ba7840..e15013c11b 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -1496,6 +1496,49 @@ static int hostapd_set_ltf_keyseed(void *ctx, const u8 *peer_addr, } #endif /* CONFIG_PASN */ +#ifdef CONFIG_IEEE80211BE + +static int hostapd_wpa_auth_get_ml_rsn_info(void *ctx, + struct wpa_auth_ml_rsn_info *info) +{ + struct hostapd_data *hapd = ctx; + u8 i, j; + + wpa_printf(MSG_DEBUG, "WPA_AUTH: MLD: get RSN info CB: n_mld_links=%u", + info->n_mld_links); + + if (!hapd->conf->mld_ap || !hapd->iface || !hapd->iface->interfaces) + return -1; + + for (i = 0; i < info->n_mld_links; i++) { + u8 link_id = info->links[i].link_id; + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: get link RSN CB: link_id=%u", + link_id); + + for (j = 0; j < hapd->iface->interfaces->count; j++) { + struct hostapd_iface *iface = + hapd->iface->interfaces->iface[j]; + + if (!iface->bss[0]->conf->mld_ap || + hapd->conf->mld_id != iface->bss[0]->conf->mld_id || + link_id != iface->bss[0]->conf->mld_link_id) + continue; + + wpa_auth_ml_get_rsn_info(iface->bss[0]->wpa_auth, + &info->links[i]); + break; + } + + if (j == hapd->iface->interfaces->count) + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: link=%u not found", link_id); + } + + return 0; +} +#endif /* CONFIG_IEEE80211BE */ int hostapd_setup_wpa(struct hostapd_data *hapd) { @@ -1546,6 +1589,9 @@ int hostapd_setup_wpa(struct hostapd_data *hapd) #ifdef CONFIG_PASN .set_ltf_keyseed = hostapd_set_ltf_keyseed, #endif /* CONFIG_PASN */ +#ifdef CONFIG_IEEE80211BE + .get_ml_rsn_info = hostapd_wpa_auth_get_ml_rsn_info, +#endif /* CONFIG_IEEE80211BE */ }; const u8 *wpa_ie; size_t wpa_ie_len; diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h index f3cb9be31f..c3f1c19e9d 100644 --- a/src/ap/wpa_auth_i.h +++ b/src/ap/wpa_auth_i.h @@ -172,6 +172,22 @@ struct wpa_state_machine { void *eapol_status_cb_ctx1; void *eapol_status_cb_ctx2; #endif /* CONFIG_TESTING_OPTIONS */ + + u8 own_mld_addr[ETH_ALEN]; + u8 peer_mld_addr[ETH_ALEN]; + s8 mld_assoc_link_id; + u8 n_mld_affiliated_links; + + struct mld_link { + bool valid; + u8 peer_addr[ETH_ALEN]; + u8 own_addr[ETH_ALEN]; + + const u8 *rsne; + const u8 *rsnxe; + u8 rsne_len; + u8 rsnxe_len; + } mld_links[MAX_NUM_MLD_LINKS]; }; From patchwork Wed Feb 15 23:08:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743186 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Aes4kZLu; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=oH39sC2Z; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHF8X4NRnz23h0 for ; Thu, 16 Feb 2023 10:46:20 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=4LuTxv5PKxWD9jSjCQfuDqkviEfqclH9DnpKVuymgRs=; b=Aes4kZLuwSDEGY cSZEp0mLSrIYkrlDDuQ/ccbe8wEJAMv9lzaqK0J6TShX4seEqyrIMbY+8pj+VUFDq8G2ziLC0fNcJ ClmvEu917EnL4UpMqkdf+FZT/580b8wXvg2G7gn0YTHF4LW/MNcMe/QobLfdOAklUwd+Pbr73g7It m4hnHrciQElrDJ60ccQb7f9mUrLgKrekn9H0CjTe+Cm6avA47pVxoxJCqpYagQsLFSF3/x140o+HD om5BHi19ePPP9AjHD4hLGq7DTZRtzR+IJ1CAu3KoraglPXZuJGSONMpuZhsYNBXnPVxHMdtlV9G11 5JACuOs5AhHB/0leSDTA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRSa-007wxQ-OF; Wed, 15 Feb 2023 23:45:13 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvE-007ll5-Eq for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:46 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502644; x=1708038644; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=QM9uk4k90Kk0x2vfs9PUfuF+CR2QOZtGWkBk+kEvfUo=; b=oH39sC2ZDwDDUsuMAFJFG8EQswZI4QWhGnU/JPRgfJXxOImWrp4Pdu+Z DW42Ya/0Tw7VV0gS46y9E/unuaxwnJexTGjNNJUbk8VwBn/IX8QhO/+2e +TwOX69N9M9K4I5lG3XwWzloYiedC8DXcM+I7NF2kUWT8vMNmmXE9BMOd 79aqjTRtO70m4lJIVX9mSl61F0bLjLRb7pz94LT9o94ZFyEAeIq2ObbEA bq9kCXZSAq1cJevRWE2STuJIRa1/rpcVlPpYxkdcOWlPQDfQ18viQN8qJ WXoKwTgME9wnLbgwt1gvFrHj9JYodCMe41HJPYQLNNw6LL+gbv+j13iHU g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719790" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719790" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:20 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344510" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344510" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:19 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 38/50] WPA_AUTH: MLO: Add MAC KDE to 1st message in 4-way handshake Date: Thu, 16 Feb 2023 01:08:52 +0200 Message-Id: <20230215230904.933291-39-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151044_972479_B5FC8912 X-CRM114-Status: GOOD ( 11.89 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 26 +++++++++++++++++++++----- 1 file changed, 21 insertion [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index a1e5d9bb52..011a49007d 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -2290,8 +2290,9 @@ SM_STATE(WPA_PTK, INITPSK) SM_STATE(WPA_PTK, PTKSTART) { - u8 buf[2 + RSN_SELECTOR_LEN + PMKID_LEN], *pmkid = NULL; - size_t pmkid_len = 0; + u8 buf[2 * (2 + RSN_SELECTOR_LEN) + PMKID_LEN + ETH_ALEN]; + u8 *pmkid = NULL; + size_t kde_len = 0; u16 key_info; SM_ENTRY_MA(WPA_PTK, PTKSTART, wpa_ptk); @@ -2329,7 +2330,7 @@ SM_STATE(WPA_PTK, PTKSTART) wpa_key_mgmt_sae(sm->wpa_key_mgmt)) && sm->wpa_key_mgmt != WPA_KEY_MGMT_OSEN) { pmkid = buf; - pmkid_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN; + kde_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN; pmkid[0] = WLAN_EID_VENDOR_SPECIFIC; pmkid[1] = RSN_SELECTOR_LEN + PMKID_LEN; RSN_SELECTOR_PUT(&pmkid[2], RSN_KEY_DATA_PMKID); @@ -2397,12 +2398,27 @@ SM_STATE(WPA_PTK, PTKSTART) } } if (!pmkid) - pmkid_len = 0; + kde_len = 0; + +#ifdef CONFIG_IEEE80211BE + if (sm->mld_assoc_link_id >= 0) { + wpa_printf(MSG_DEBUG, + "RSN: MLD: Adding MAC Address KDE: kde_len=%zu", + kde_len); + + wpa_add_kde(buf + kde_len, RSN_KEY_DATA_MAC_ADDR, + sm->own_mld_addr, ETH_ALEN, NULL, 0); + + kde_len += 2 + RSN_SELECTOR_LEN + ETH_ALEN; + } +#endif /* CONFIG_IEEE80211BE */ + key_info = WPA_KEY_INFO_ACK | WPA_KEY_INFO_KEY_TYPE; if (sm->pairwise_set && sm->wpa != WPA_VERSION_WPA) key_info |= WPA_KEY_INFO_SECURE; + wpa_send_eapol(sm->wpa_auth, sm, key_info, NULL, - sm->ANonce, pmkid, pmkid_len, 0, 0); + sm->ANonce, buf, kde_len, 0, 0); } From patchwork Wed Feb 15 23:08:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743187 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=nmo9zHmp; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=cAxRFTeM; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFBM0bmrz23h0 for ; Thu, 16 Feb 2023 10:47:55 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=wpxL8Uc3owWvdZbro02cD8bNy1a5o+rg5IdxnHk2Bxo=; b=nmo9zHmpGW2Ry8 4irxISap3hYZzTTjyJ1Lniq3YxZTBBbA39/J4M9zxZsBuknVt9c7dKCvgmOE6IpkSh7emyo/Uhjwe BOpgrdDOUoDwknVGDkwiWRBTAzMtw3LpTeqQ15XhkAIGMolLV8cvIpQIoX3zY/hOmaRV8UUeT523I 510c8YBK7h7d93hJ6x8NxMEwDEzDatZtoZaZEYGvkcsWAvXQuuEL5sgYQj9PfEN9FkSsiXB5YyUtx dstJDnKhdfxZ6DwogaDl0hQG6sVYFMepNBkSQcHrFMzQc/CcEPb3n28RbZsyakIXfjviC/wRiuVZj +RaOiYkkUSnpxRYyLZPA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRTj-007xNE-Aq; Wed, 15 Feb 2023 23:46:23 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvF-007ljz-Jm for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:47 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502645; x=1708038645; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=WeQRjNCBAxkkQvpyLn8baSaj4J7q4O3N6ITlRcmOl34=; b=cAxRFTeMIYT8XGRPm5o7tWXb0peUTJ1eOHGXN5c17UbGqT9h3NL4GHKM 83PeBhiN/l10SbgQ/Byx/XreOUNQgG5YBbGzi7UXonR4rzoPKIzh8V00U 4WUQijWpuhwhOljdSu1Kcmz3jq9H7qH1/27Ax++g+6F2tCjtdiodYjtl1 yvky+wOfCgojK+shIEcPq39B3WiZB2wpHHzJVTyDPL+uItJ/oocFW/U3z KeHyude9kaDf89hty+biSQt004oaJmGpqi4wvoao3UuOBpYgupY1LzWbt i68PqD6nLkFihRQO0qPTqg6aw+HMRPlb1htlggYKIlDYHe8tfgez6YTvQ A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719795" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719795" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:22 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344517" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344517" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:20 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 39/50] WPA_AUTH: MLO: Validate MLO KDEs in 2nd message of 4-way handshake Date: Thu, 16 Feb 2023 01:08:53 +0200 Message-Id: <20230215230904.933291-40-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151045_813393_E792049C X-CRM114-Status: GOOD ( 16.72 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 71 +++++++++++++++++++++++++++++++++++++++++ src/common/wp [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 71 +++++++++++++++++++++++++++++++++++++++++ src/common/wpa_common.h | 3 ++ 2 files changed, 74 insertions(+) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 011a49007d..6a12b2d3e5 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -3126,6 +3126,71 @@ int get_sta_tx_parameters(struct wpa_state_machine *sm, int ap_max_chanwidth, #endif /* CONFIG_OCV */ +static int wpa_auth_validate_ml_kdes_m2(struct wpa_state_machine *sm, + struct wpa_eapol_ie_parse *kde) +{ +#ifdef CONFIG_IEEE80211BE + u8 i, n_links = 0; + + if (sm->mld_assoc_link_id < 0) + return 0; + + /* MLD MAC address must be the same */ + if (!kde->mac_addr || + os_memcmp(kde->mac_addr, sm->peer_mld_addr, ETH_ALEN)) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: invalid MLD address"); + return -1; + } + + /* Find matching link ID and the MAC address for each link */ + for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { + if (!(kde->valid_mlo_links & BIT(i))) + continue; + + /* + * Each entry should contain the link information and the MAC + * address + */ + if (kde->mlo_link_len[i] != 7) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: invalid MLO link KDE len=%zu", + kde->mlo_link_len[i]); + return -1; + } + + if (!sm->mld_links[i].valid || i == sm->mld_assoc_link_id) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: invalid link id=%u", i); + return -1; + } + + if (os_memcmp(sm->mld_links[i].peer_addr, + kde->mlo_link[i] + 1, + ETH_ALEN)) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: invalid MAC address=" MACSTR, + MAC2STR(kde->mlo_link[i] + 1)); + return -1; + } + + n_links++; + } + + /* Must have the same number of MLO links (excluding the local one) */ + if (n_links != sm->n_mld_affiliated_links) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: expecting %u mld links in m2, but got %u", + sm->n_mld_affiliated_links, n_links); + return -1; + } + +#endif /* CONFIG_IEEE80211BE */ + + return 0; +} + + SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) { struct wpa_authenticator *wpa_auth = sm->wpa_auth; @@ -3396,6 +3461,12 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING) } #endif /* CONFIG_DPP2 */ + if (wpa_auth_validate_ml_kdes_m2(sm, &kde) < 0) { + wpa_sta_disconnect(wpa_auth, sm->addr, + WLAN_REASON_PREV_AUTH_NOT_VALID); + return; + } + #ifdef CONFIG_IEEE80211R_AP if (sm->wpa == WPA_VERSION_WPA2 && wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { /* diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h index 05b1a8a05a..e4b4c3489b 100644 --- a/src/common/wpa_common.h +++ b/src/common/wpa_common.h @@ -152,6 +152,9 @@ WPA_CIPHER_BIP_CMAC_256) #define RSN_NUM_REPLAY_COUNTERS_4 2 #define RSN_NUM_REPLAY_COUNTERS_16 3 +#define RSN_KEY_DATA_MLO_LINK_INFO_LINK_ID_MASK 0x0f +#define RSN_KEY_DATA_MLO_LINK_INFO_RSNE_PRESENT 0x10 +#define RSN_KEY_DATA_MLO_LINK_INFO_RSNXE_PRESENT 0x20 #ifdef _MSC_VER #pragma pack(push, 1) From patchwork Wed Feb 15 23:08:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743192 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=Ps26WyHG; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=BmqzaPsi; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFDp3dbsz23h0 for ; Thu, 16 Feb 2023 10:50:02 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=SmxpaUbCrI3mlnnivCZqTEE+M5DsRa4cufeIYxMylfU=; b=Ps26WyHGRGRLk7 LEW/P1D/Yh25Rvl53HxzW9IwJyDODFlgJQ4R+aFqPfpJEuZXzO6P0DIozRXAY5vCxjiUZxo4ZSg6A reVcL2OFcAc6S6ocnlc0dk0Ku95vQiUE0ZddfGiIzNnpN9gp7j3+tW4jjTWUx6bXZFzFPwmECz3bM CXfoQskfyygD9kiWIwBrdqpfK82WLzfp8fzvE8bFH2IrEHi6GcYYETVrVPKNH3i3ef/PXBYhPjwVY vxUNK5PgmzxtBiVnOU2WCr3c6WtS+cQXn97g/e//n+Cz4KXEPcDe51VYOnOUG0gKbc3rxDTkIvcTU odsgDidsO5+7/LjqVGbw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRVt-007y83-6g; Wed, 15 Feb 2023 23:48:37 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvF-007lly-R2 for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502645; x=1708038645; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=IEMqUPCt5LXYS+P0GqkrhZ9fhZGHaqdksOT3ViHubJw=; b=BmqzaPsi4e/TV/3zyX06aCFr1PNBhWk+FuVeFfU23oZOg9ardV0iiMQv d0XzatxPmonBll4lTcxX0Z5d3G/71dWUAPcCACyssE41FqEJtP9BEXgQ5 EZivCM9bCALa/JHTDB6+m/dt0GqkTEKXNaZb13Y0KNGSlUynCNqLQhxxD hlIAkUv33DYbcfLFJrCvKNGmxgwLfyRFIApw2a6Pr1zlWztdjlJYCHaDD lXAHsFG9KbLOEhFNPxEFZkI56OMLYR9a/JBwH03x2dZsk3g0YKPm/ajDS YyMAyq6jYypZrgEb8qTN9pRdCCzGPQsHObKLJ5G7VdNDydQF1LE1y3UqE w==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719798" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719798" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:23 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344528" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344528" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:22 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski , Ilan Peer Subject: [PATCH 40/50] WPA_AUTH: MLO: Add MLO KDEs to message 3 of the 4-way handshake Date: Thu, 16 Feb 2023 01:08:54 +0200 Message-Id: <20230215230904.933291-41-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151046_021109_1C639178 X-CRM114-Status: GOOD ( 22.22 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 342 ++++++++++++++++++++++++++++++++++++++++- src/ap/wpa_a [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 342 ++++++++++++++++++++++++++++++++++++++++- src/ap/wpa_auth.h | 4 + src/ap/wpa_auth_glue.c | 46 ++++++ 3 files changed, 389 insertions(+), 3 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 6a12b2d3e5..1ffa94effc 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -3561,6 +3561,11 @@ static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos) if (!sm->mgmt_frame_prot) return pos; +#ifdef CONFIG_IEEE80211BE + if (sm->mld_assoc_link_id >= 0) + return pos; +#endif /* CONFIG_IEEE80211BE */ + igtk.keyid[0] = gsm->GN_igtk; igtk.keyid[1] = 0; if (gsm->wpa_group_state != WPA_GROUP_SETKEYSDONE || @@ -3703,8 +3708,329 @@ static void wpa_auth_get_ml_rsn_info(struct wpa_authenticator *wpa_auth, wpa_auth->cb->get_ml_rsn_info(wpa_auth->cb_ctx, info); } + + +void wpa_auth_ml_get_info(struct wpa_authenticator *a, + struct wpa_auth_ml_link_key_info *info, + bool mgmt_frame_prot, bool beacon_prot) +{ + struct wpa_group *gsm = a->group; + u8 rsc[WPA_KEY_RSC_LEN]; + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: get info: link_id=%u, mgmt=%u, beacon=%u", + info->link_id, mgmt_frame_prot, beacon_prot); + + info->gtkidx = gsm->GN & 0x03; + info->gtk = gsm->GTK[gsm->GN - 1]; + info->gtk_len = gsm->GTK_len; + + if (wpa_auth_get_seqnum(a, NULL, gsm->GN, rsc) < 0) + os_memset(info->pn, 0, sizeof(info->pn)); + else + os_memcpy(info->pn, rsc, sizeof(info->pn)); + + if (!mgmt_frame_prot) + return; + + info->igtkidx = gsm->GN_igtk; + info->igtk = gsm->IGTK[gsm->GN_igtk - 4]; + info->igtk_len = wpa_cipher_key_len(a->conf.group_mgmt_cipher); + + if (wpa_auth_get_seqnum(a, NULL, gsm->GN_igtk, rsc) < 0) + os_memset(info->ipn, 0, sizeof(info->ipn)); + else + os_memcpy(info->ipn, rsc, sizeof(info->ipn)); + + if (!beacon_prot) + return; + + info->bigtkidx = gsm->GN_bigtk; + info->bigtk = gsm->BIGTK[gsm->GN_bigtk - 6]; + + if (wpa_auth_get_seqnum(a, NULL, gsm->GN_bigtk, rsc) < 0) + os_memset(info->bipn, 0, sizeof(info->bipn)); + else + os_memcpy(info->bipn, rsc, sizeof(info->bipn)); +} + + +static void wpa_auth_get_ml_key_info(struct wpa_authenticator *wpa_auth, + struct wpa_auth_ml_key_info *info) +{ + if (!wpa_auth->cb->get_ml_key_info) + return; + + wpa_auth->cb->get_ml_key_info(wpa_auth->cb_ctx, info); +} + + +static size_t wpa_auth_ml_group_kdes_len(struct wpa_state_machine *sm) +{ + struct wpa_group *gsm = sm->group; + size_t gtk_len = gsm->GTK_len; + size_t igtk_len = + wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher); + size_t kde_len; + u8 n_links; + + if (sm->mld_assoc_link_id < 0) + return 0; + + n_links = sm->n_mld_affiliated_links + 1; + + /* MLO GTK KDE for each link */ + kde_len = n_links * (2 + RSN_SELECTOR_LEN + 7 + gtk_len); + + if (!sm->mgmt_frame_prot) + return kde_len; + + kde_len += n_links * (2 + RSN_SELECTOR_LEN + 3 + 6 + + igtk_len); + + if (!sm->wpa_auth->conf.beacon_prot) + return kde_len; + + kde_len += n_links* (2 + RSN_SELECTOR_LEN + 3 + 6 + igtk_len); + + return kde_len; +} + + +static u8 *wpa_auth_ml_group_kdes(struct wpa_state_machine *sm, u8 *pos) +{ + struct wpa_auth_ml_key_info ml_key_info; + u8 i, link_id; + + /* first fetch the key information from all the authenticators */ + os_memset(&ml_key_info, 0, sizeof(ml_key_info)); + ml_key_info.n_mld_links = sm->n_mld_affiliated_links + 1; + + /* + * Assume that management frame protection and beacon protection are the + * same on all links + */ + ml_key_info.mgmt_frame_prot = sm->mgmt_frame_prot; + ml_key_info.beacon_prot = sm->wpa_auth->conf.beacon_prot; + + for (i = 0, link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + ml_key_info.links[i++].link_id = link_id; + } + + wpa_auth_get_ml_key_info(sm->wpa_auth, &ml_key_info); + + /* Add MLO GTK KDEs */ + for (i = 0, link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + wpa_printf(MSG_DEBUG, "RSN: MLO GTK: link=%u", link_id); + wpa_hexdump_key(MSG_DEBUG, "RSN: MLO GTK:", + ml_key_info.links[i].gtk, + ml_key_info.links[i].gtk_len); + + *pos++ = WLAN_EID_VENDOR_SPECIFIC; + *pos++ = RSN_SELECTOR_LEN + 1 + 6 + + ml_key_info.links[i].gtk_len; + + RSN_SELECTOR_PUT(pos, RSN_KEY_DATA_MLO_GTK); + pos += RSN_SELECTOR_LEN; + + *pos++ = (ml_key_info.links[i].gtkidx & 0x3) | (link_id << 4); + + os_memcpy(pos, ml_key_info.links[i].pn, 6); + pos += 6; + + os_memcpy(pos, ml_key_info.links[i].gtk, + ml_key_info.links[i].gtk_len); + pos += ml_key_info.links[i].gtk_len; + + i++; + } + + if (!sm->mgmt_frame_prot) + return pos; + + /* Add MLO IGTK KDEs */ + for (i = 0, link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + wpa_printf(MSG_DEBUG, "RSN: MLO IGTK: link=%u", link_id); + wpa_hexdump_key(MSG_DEBUG, "RSN: MLO IGTK:", + ml_key_info.links[i].igtk, + ml_key_info.links[i].igtk_len); + + *pos++ = WLAN_EID_VENDOR_SPECIFIC; + *pos++ = RSN_SELECTOR_LEN + 2 + 1 + + sizeof(ml_key_info.links[i].ipn) + + ml_key_info.links[i].igtk_len; + + RSN_SELECTOR_PUT(pos, RSN_KEY_DATA_MLO_IGTK); + pos += RSN_SELECTOR_LEN; + + /* Add the key ID */ + *pos++ = ml_key_info.links[i].igtkidx; + *pos++ = 0; + + /* Add the IPN */ + os_memcpy(pos, ml_key_info.links[i].ipn, + sizeof(ml_key_info.links[i].ipn)); + pos += sizeof(ml_key_info.links[i].ipn); + + *pos++ = ml_key_info.links[i].link_id << 4; + + os_memcpy(pos, ml_key_info.links[i].igtk, + ml_key_info.links[i].igtk_len); + pos += ml_key_info.links[i].igtk_len; + + i++; + } + + if (!sm->wpa_auth->conf.beacon_prot) + return pos; + + /* Add MLO BIGTK KDEs */ + for (i = 0, link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + wpa_printf(MSG_DEBUG, "RSN: MLO BIGTK: link=%u", link_id); + wpa_hexdump_key(MSG_DEBUG, "RSN: MLO BIGTK:", + ml_key_info.links[i].bigtk, + ml_key_info.links[i].igtk_len); + + *pos++ = WLAN_EID_VENDOR_SPECIFIC; + *pos++ = RSN_SELECTOR_LEN + 2 + 1 + + sizeof(ml_key_info.links[i].bipn) + + ml_key_info.links[i].igtk_len; + + RSN_SELECTOR_PUT(pos, RSN_KEY_DATA_MLO_BIGTK); + pos += RSN_SELECTOR_LEN; + + /* Add the key ID */ + *pos++ = ml_key_info.links[i].bigtkidx; + *pos++ = 0; + + /* Add the IPN */ + os_memcpy(pos, ml_key_info.links[i].bipn, + sizeof(ml_key_info.links[i].bipn)); + pos += sizeof(ml_key_info.links[i].bipn); + + *pos++ = ml_key_info.links[i].link_id << 4; + + os_memcpy(pos, ml_key_info.links[i].bigtk, + ml_key_info.links[i].igtk_len); + pos += ml_key_info.links[i].igtk_len; + + i++; + } + + return pos; +} + +#endif /* CONFIG_IEEE80211BE */ + +static size_t wpa_auth_ml_kdes_len(struct wpa_state_machine *sm) +{ + size_t kde_len = 0; + +#ifdef CONFIG_IEEE80211BE + u8 link_id; + + if (sm->mld_assoc_link_id < 0) + return 0; + + /* For the MAC address KDE */ + kde_len = 2 + RSN_SELECTOR_LEN + ETH_ALEN; + + /* MLO link KDE for each link */ + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + kde_len += 2 + RSN_SELECTOR_LEN + 7 + + sm->mld_links[link_id].rsne_len + + sm->mld_links[link_id].rsnxe_len; + } + + kde_len += wpa_auth_ml_group_kdes_len(sm); +#endif /* CONFIG_IEEE80211BE */ + + return kde_len; +} + + +static u8 *wpa_auth_ml_kdes(struct wpa_state_machine *sm, u8 *pos, + u8 *gtk, size_t gtk_len, int gtkidx) +{ +#ifdef CONFIG_IEEE80211BE + u8 link_id; + + if (sm->mld_assoc_link_id < 0) + return pos; + + wpa_printf(MSG_DEBUG, + "RSN: MLD: Adding MAC Address KDE"); + + pos = wpa_add_kde(pos, RSN_KEY_DATA_MAC_ADDR, + sm->own_mld_addr, ETH_ALEN, NULL, 0); + + for (link_id = 0; link_id < MAX_NUM_MLD_LINKS; link_id++) { + if (!sm->mld_links[link_id].valid) + continue; + + wpa_printf(MSG_DEBUG, + "RSN: MLO Link: link=%u, len=%u", link_id, + RSN_SELECTOR_LEN + 7 + + sm->mld_links[link_id].rsne_len + + sm->mld_links[link_id].rsnxe_len); + + *pos++ = WLAN_EID_VENDOR_SPECIFIC; + *pos++ = RSN_SELECTOR_LEN + 7 + + sm->mld_links[link_id].rsne_len + + sm->mld_links[link_id].rsnxe_len; + + RSN_SELECTOR_PUT(pos, RSN_KEY_DATA_MLO_LINK); + pos += RSN_SELECTOR_LEN; + + /* add the link information */ + *pos = link_id; + + if (sm->mld_links[link_id].rsne_len) + *pos |= RSN_KEY_DATA_MLO_LINK_INFO_RSNE_PRESENT; + + if (sm->mld_links[link_id].rsnxe_len) + *pos |= RSN_KEY_DATA_MLO_LINK_INFO_RSNXE_PRESENT; + + pos++; + os_memcpy(pos, sm->mld_links[link_id].own_addr, ETH_ALEN); + pos += ETH_ALEN; + + if (sm->mld_links[link_id].rsne_len) { + os_memcpy(pos, sm->mld_links[link_id].rsne, + sm->mld_links[link_id].rsne_len); + pos += sm->mld_links[link_id].rsne_len; + } + + if (sm->mld_links[link_id].rsnxe_len) { + os_memcpy(pos, sm->mld_links[link_id].rsnxe, + sm->mld_links[link_id].rsnxe_len); + pos += sm->mld_links[link_id].rsnxe_len; + } + } + + pos = wpa_auth_ml_group_kdes(sm, pos); + #endif /* CONFIG_IEEE80211BE */ + return pos; +} + + SM_STATE(WPA_PTK, PTKINITNEGOTIATING) { u8 rsc[WPA_KEY_RSC_LEN], *_rsc, *gtk, *kde = NULL, *pos, stub_gtk[32]; @@ -3715,6 +4041,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) u8 *wpa_ie_buf = NULL, *wpa_ie_buf2 = NULL; u8 hdr[2]; struct wpa_auth_config *conf = &sm->wpa_auth->conf; + u8 is_mld = 0; SM_ENTRY_MA(WPA_PTK, PTKINITNEGOTIATING, wpa_ptk); sm->TimeoutEvt = false; @@ -3821,6 +4148,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) gtk = NULL; gtk_len = 0; _rsc = NULL; + gtkidx = 0; if (sm->rx_eapol_key_secure) { /* * It looks like Windows 7 supplicant tries to use @@ -3863,13 +4191,19 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) kde_len += 2 + RSN_SELECTOR_LEN + 2; #endif /* CONFIG_DPP2 */ + kde_len += wpa_auth_ml_kdes_len(sm); + is_mld = (sm->mld_assoc_link_id >= 0); + kde = os_malloc(kde_len); if (!kde) goto done; pos = kde; - os_memcpy(pos, wpa_ie, wpa_ie_len); - pos += wpa_ie_len; + if (!is_mld) { + os_memcpy(pos, wpa_ie, wpa_ie_len); + pos += wpa_ie_len; + } + #ifdef CONFIG_IEEE80211R_AP if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { int res; @@ -3893,7 +4227,7 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) pos = wpa_add_kde(pos, RSN_KEY_DATA_KEYID, hdr, 2, NULL, 0); } - if (gtk) { + if (gtk && !is_mld) { hdr[0] = gtkidx & 0x03; pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2, gtk, gtk_len); @@ -3973,6 +4307,8 @@ SM_STATE(WPA_PTK, PTKINITNEGOTIATING) } #endif /* CONFIG_DPP2 */ + pos = wpa_auth_ml_kdes(sm, pos, gtk, gtk_len, gtkidx); + wpa_send_eapol(sm->wpa_auth, sm, (secure ? WPA_KEY_INFO_SECURE : 0) | (wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len) ? diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h index fbd9d84f8b..297ff9a424 100644 --- a/src/ap/wpa_auth.h +++ b/src/ap/wpa_auth.h @@ -392,6 +392,7 @@ struct wpa_auth_callbacks { #endif /* CONFIG_PASN */ #ifdef CONFIG_IEEE80211BE int (*get_ml_rsn_info)(void *ctx, struct wpa_auth_ml_rsn_info *info); + int (*get_ml_key_info)(void *ctx, struct wpa_auth_ml_key_info *info); #endif /* CONFIG_IEEE80211BE */ }; @@ -637,4 +638,7 @@ void wpa_auth_set_ml_info(struct wpa_state_machine *sm, struct mld_info *info); void wpa_auth_ml_get_rsn_info(struct wpa_authenticator *a, struct wpa_auth_ml_link_rsn_info *info); +void wpa_auth_ml_get_info(struct wpa_authenticator *a, + struct wpa_auth_ml_link_key_info *info, + bool mgmt_frame_prot, bool beacon_prot); #endif /* WPA_AUTH_H */ diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index e15013c11b..d9bcea316d 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -1538,8 +1538,53 @@ static int hostapd_wpa_auth_get_ml_rsn_info(void *ctx, return 0; } + + +static int hostapd_wpa_auth_get_ml_key_info(void *ctx, + struct wpa_auth_ml_key_info *info) +{ + struct hostapd_data *hapd = ctx; + u8 i, j; + + wpa_printf(MSG_DEBUG, "WPA_AUTH: MLD: get key info CB: n_mld_links=%u", + info->n_mld_links); + + if (!hapd->conf->mld_ap || !hapd->iface || !hapd->iface->interfaces) + return -1; + + for (i = 0; i < info->n_mld_links; i++) { + u8 link_id = info->links[i].link_id; + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: get link info CB: link_id=%u", + link_id); + + for (j = 0; j < hapd->iface->interfaces->count; j++) { + struct hostapd_iface *iface = + hapd->iface->interfaces->iface[j]; + + if (!iface->bss[0]->conf->mld_ap || + hapd->conf->mld_id != iface->bss[0]->conf->mld_id || + link_id != iface->bss[0]->conf->mld_link_id) + continue; + + wpa_auth_ml_get_info(iface->bss[0]->wpa_auth, + &info->links[i], + info->mgmt_frame_prot, + info->beacon_prot); + break; + } + + if (j == hapd->iface->interfaces->count) + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: link=%u not found", link_id); + } + + return 0; +} #endif /* CONFIG_IEEE80211BE */ + int hostapd_setup_wpa(struct hostapd_data *hapd) { struct wpa_auth_config _conf; @@ -1591,6 +1636,7 @@ int hostapd_setup_wpa(struct hostapd_data *hapd) #endif /* CONFIG_PASN */ #ifdef CONFIG_IEEE80211BE .get_ml_rsn_info = hostapd_wpa_auth_get_ml_rsn_info, + .get_ml_key_info = hostapd_wpa_auth_get_ml_key_info, #endif /* CONFIG_IEEE80211BE */ }; const u8 *wpa_ie; From patchwork Wed Feb 15 23:08:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743188 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=0oS280Gj; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=XrEctn0x; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFCS68w5z23h0 for ; Thu, 16 Feb 2023 10:48:52 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=cJM871GZmyj2/oqSt11Tjgvgr+ohOR9NZwUqIN8vRS4=; b=0oS280Gjacwa5Q Bhw/cSesc+FzSqy3ebNK7t504oT/B5sRF6Ib9ED2SRMHp0W1ydbIBHbfwIRl7FWgcs0JfFt3/lI+w nFBVQnKlVAQJ+xwWzc5DA4HIW2SlJsOcN3oPBrjYTkpDMC8oV6YZINxvak61X+OI2yov0roAvptyY GDXRSyKVu5Ipd6vDdlmDQpwYHl6hps6M11sQqSRbUYVazRLfQoWG+hyQmygWHc4yBWHLkWK8V+vJU jyIrLKhQDEE06URGoEzZd4TReXhoQGHG/C0zgzDd12mMcVnMNu24szS9w1Z7jwzxpbPKWw1DTA01H qHMyyZQSm+E98PAQkCdA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRUr-007xmp-6I; Wed, 15 Feb 2023 23:47:33 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvG-007ll5-FE for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:48 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502646; x=1708038646; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=+SqtFj2kIr/RCJU5LqojfscL0O3MvMe2XNfpeLeBynU=; b=XrEctn0x3l3P0dGvAxJJqD8VOoHlwE5JToVdihe8+XALEfVR4JJoQV1T IG7pijt8x7JrYw+bXdITKmPJpdUiaaM6NnaGBCUm6ecIsrb6fPL4Wc5x8 Joz/ssG74uLA89AZKpA3dBnkTuHYymOrI3MsQ+nsiw88egDNbddrKGF/k YOTqruLmJ6dwEYAfoZI4jSIpYn/0i1J9Hd0B0AmLe4FXjq7tMpy7PygkW JN4rnOC5yshvw9s052LHgJi5JY6WFmVoSpfZYpSUMGsfo2ucMYt83LaGl z9vp7DEGdnoA4LKq3+/Gx66aICxLWf6dUiEnFjJAOZJH6Pq1fjctEnRil w==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719803" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719803" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:25 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344536" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344536" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:24 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 41/50] WPA_AUTH: MLO: Validate MLO KDEs in 4th message of 4-way handshake Date: Thu, 16 Feb 2023 01:08:55 +0200 Message-Id: <20230215230904.933291-42-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151046_617590_B0369117 X-CRM114-Status: GOOD ( 15.26 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/wpa_auth.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 67 insertions(+), 1 deletion(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 1ffa94effc..67b686155b 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -1079,9 +1079,15 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, const u8 *key_data; size_t keyhdrlen, mic_len; u8 *mic; + u8 is_mld = 0; if (!wpa_auth || !wpa_auth->conf.wpa || !sm) return; + +#ifdef CONFIG_IEEE80211BE + is_mld = (sm->mld_assoc_link_id >= 0); +#endif /* CONFIG_IEEE80211BE */ + wpa_hexdump(MSG_MSGDUMP, "WPA: RX EAPOL data", data, data_len); mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len); @@ -1159,7 +1165,8 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, msgtxt = "2/2 Group"; } else if (key_data_length == 0 || (mic_len == 0 && (key_info & WPA_KEY_INFO_ENCR_KEY_DATA) && - key_data_length == AES_BLOCK_SIZE)) { + key_data_length == AES_BLOCK_SIZE) || + (is_mld && (key_info & WPA_KEY_INFO_SECURE))) { msg = PAIRWISE_4; msgtxt = "4/4 Pairwise"; } else { @@ -4322,11 +4329,70 @@ done: os_free(wpa_ie_buf2); } +static int wpa_auth_validate_ml_kdes_m4(struct wpa_state_machine *sm) +{ +#ifdef CONFIG_IEEE80211BE + struct ieee802_1x_hdr *hdr; + struct wpa_eapol_key *key; + struct wpa_eapol_ie_parse kde; + const u8 *key_data, *mic; + u16 key_data_length; + size_t mic_len; + + if (sm->mld_assoc_link_id < 0) + return 0; + + /* + * Note: last_rx_eapol_key length fields have already been validated in + * wpa_receive(). + */ + mic_len = wpa_mic_len(sm->wpa_key_mgmt, sm->pmk_len); + + hdr = (struct ieee802_1x_hdr *)sm->last_rx_eapol_key; + key = (struct wpa_eapol_key *)((void *)(hdr + 1)); + mic = (u8 *)(key + 1); + key_data = mic + mic_len + 2; + key_data_length = WPA_GET_BE16(mic + mic_len); + if (key_data_length > sm->last_rx_eapol_key_len - sizeof(*hdr) - + sizeof(*key) - mic_len - 2) + return -1; + + if (wpa_parse_kde_ies(key_data, key_data_length, &kde) < 0) { + wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), + LOGGER_INFO, + "received EAPOL-Key msg 4/4 with invalid Key Data contents"); + return -1; + } + + /* MLD MAC address must be the same */ + if (!kde.mac_addr || + os_memcmp(kde.mac_addr, sm->peer_mld_addr, ETH_ALEN)) { + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: invalid MLD address in msg 4/4"); + return -1; + } + + wpa_printf(MSG_DEBUG, + "WPA_AUTH: MLD: MLD address in message 4/4: " MACSTR, + MAC2STR(kde.mac_addr)); + +#endif /* CONFIG_IEEE80211BE */ + + return 0; +} + SM_STATE(WPA_PTK, PTKINITDONE) { SM_ENTRY_MA(WPA_PTK, PTKINITDONE, wpa_ptk); sm->EAPOLKeyReceived = false; + + if (wpa_auth_validate_ml_kdes_m4(sm) < 0) { + wpa_sta_disconnect(sm->wpa_auth, sm->addr, + WLAN_REASON_PREV_AUTH_NOT_VALID); + return; + } + if (sm->Pair) { enum wpa_alg alg = wpa_cipher_to_alg(sm->pairwise); int klen = wpa_cipher_key_len(sm->pairwise); From patchwork Wed Feb 15 23:08:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743198 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=WHl5cgab; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=UcjeYnjV; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFFv3vHpz23yD for ; Thu, 16 Feb 2023 10:50:59 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=upEYv4dQ8qh3lZSlwkP48booUjUrqLDe67QkwXjMifI=; b=WHl5cgabWDIPhi 037WpR7QWX0JARSiupWk1xOLKyftVFjtpOIHPcPtPybSkbHwOxn728LUXjBL0sD2XpPDsewog601+ QA/zNZJvCKskOpLh4mWuEZ/nVKR0b2NX/+8ZVsUb4RGNTvi8yvxT9vIQ5M3Mt8NPsR3P8Wl55lZ1N YIY9lyisyPiDskW2DbQP3Z7P6GxQZj/fSKHwAVVXedkMhrpXVQRIC7dhcUroMNd8p75GXUn4H8E+s LG2tjzTywwTla1UlG0KPSDIOsjucHwxnPeA/HtzZMF9vX1sWD+6EhTzy6zrjChW2e9BEaOMJFXeXV TDZcpiLjuQcT3hgCc6pg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRX7-007yWj-3f; Wed, 15 Feb 2023 23:49:53 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvH-007ljz-OP for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:49 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502647; x=1708038647; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=6g3+3Uoux4pF5Z/1ZMODVpJ8qyqG8IuqO/gXzkt5/+g=; b=UcjeYnjVC+RyOipKkc+lGhoShtQGBfbTYEr9UN9yPBZArnqOVBAImsE1 tGNbdObhTX+972LXyDJ83yJyhThw30OBRKRhaNJErZeqHlUUjGxh0Jpw4 bzcUTuVr3hMET8w30ty+eFzrtfnQME/H/R3wlSSjQXC8GibyBZ5vSWKOG IwMCZ0fwvaiPSXWCooyrGrhWYN3nQuozgTHGfJxNQjP1Arcn00DAl6aPD Se/yyoe8A327GVvPumjwt9aW+zt2GHwy3pnyeE3C2q/MkTE02R2BxaISM HMeF84+sSXi8klt0kwS3nXK9sjGbvcTWRgF9jcPbWPaRwNpu2M5w+Ybpo A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719808" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719808" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:28 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344543" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344543" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:25 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH 42/50] WPA_AUTH: MLO: Add MLO KDEs to message 1 of the group handshake Date: Thu, 16 Feb 2023 01:08:56 +0200 Message-Id: <20230215230904.933291-43-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151047_896213_1D626E6F X-CRM114-Status: GOOD ( 12.87 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/wpa_auth.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 67b686155b..3f64561d0b 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -4629,11 +4629,16 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/wpa_auth.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 67b686155b..3f64561d0b 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -4629,11 +4629,16 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) { u8 rsc[WPA_KEY_RSC_LEN]; struct wpa_group *gsm = sm->group; - const u8 *kde; + const u8 *kde = NULL; u8 *kde_buf = NULL, *pos, hdr[2]; size_t kde_len = 0; u8 *gtk, stub_gtk[32]; struct wpa_auth_config *conf = &sm->wpa_auth->conf; + u8 is_mld = 0; + +#ifdef CONFIG_IEEE80211BE + is_mld = (sm->mld_assoc_link_id >= 0); +#endif /* CONFIG_IEEE80211BE */ SM_ENTRY_MA(WPA_PTK_GROUP, REKEYNEGOTIATING, wpa_ptk_group); @@ -4668,7 +4673,8 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) return; gtk = stub_gtk; } - if (sm->wpa == WPA_VERSION_WPA2) { + + if (sm->wpa == WPA_VERSION_WPA2 && !is_mld) { kde_len = 2 + RSN_SELECTOR_LEN + 2 + gsm->GTK_len + ieee80211w_kde_len(sm) + ocv_oci_len(sm); kde_buf = os_malloc(kde_len); @@ -4687,6 +4693,19 @@ SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING) return; } kde_len = pos - kde; + } else if (sm->wpa == WPA_VERSION_WPA2) { +#ifdef CONFIG_IEEE80211BE + kde_len = wpa_auth_ml_group_kdes_len(sm); + + if (kde_len) { + kde_buf = os_malloc(kde_len); + if (!kde_buf) + return; + + kde = pos = kde_buf; + wpa_auth_ml_group_kdes(sm, pos); + } +#endif /* CONFIG_IEEE80211BE */ } else { kde = gtk; kde_len = gsm->GTK_len; From patchwork Wed Feb 15 23:08:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743202 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=dAAQpUZu; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=jecEZ/zK; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFGt2krPz23yD for ; Thu, 16 Feb 2023 10:51:50 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=/eSgshDU3poDXUv6OiZ2eu939V1X08vLVHriG36LuuI=; b=dAAQpUZu8XWMp3 cq+WzNnN/Z+diGaFQZHCP+XMUzLJWH4zog47uIzPxF7Y5X6lNxG2/CMBJm4m3TH3phP+FkTkgUgrw YG2G5W3ezm6xTkjZnVoyghBnRrHgct3D/mMNSxByt/VfET1PhEg/YQbD6xkBXrFWT6Mxoc31EcFz2 3t2DnueujGq4x/JGM7whF6Fn1jmQfp1LolQoT9KMHr535ytU8qrkcPJshxJxEDvWOHGmqdfxC3iPJ wGNzm+kxgPtUsfoZnayTqgpAHhw6/rzfYtHRUm0JGoEtwsR7T2QWzqJJwNL+P1W1G2CMbQauMavSL V9Wb0Va9+LaUh0CZucbA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRYB-007yvl-Aw; Wed, 15 Feb 2023 23:51:00 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvI-007ll5-DC for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:49 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502648; x=1708038648; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=tW2RpcmNIEvE6hMBuSOXZF0Nl6sMA+/y+ZLfyAjNFDs=; b=jecEZ/zKaxow+zoee9eEXZgeS8Y5wFkCRKyI+1ZhLRTWxqrb9HDzWmzj lzAnesSfOpAyU9jjH14EUv7EpIa59v+/NCHrHPnKoHIQTTqwNXpoGiKnw fj8mV/cw3KyL+CgGMDwUsJcBUp6BAMXZzyD8A/LMDyvvljo9Ap20GjdXs qTv/v0T+5icuJ8cLaEueGwd6BymFYwoGii0TfnGU1wSxyR/4CloeHvkOx QfIlTql9AZC4Pxp9XklpL24XluI9rSboS7QgDYRnCuH52SEQCJJPiXIPk EfxRYqb2kKEhQYs/IA8YB0r78hz8f6TrXvR2ZYkR1UE6e3JkMaQ05NRqr A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719809" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719809" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:28 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344554" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344554" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:27 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH 43/50] WPA_AUTH: MLO: Get the correct AA and SPA based on MLD operation Date: Thu, 16 Feb 2023 01:08:57 +0200 Message-Id: <20230215230904.933291-44-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151048_532972_A4054C4F X-CRM114-Status: UNSURE ( 9.33 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/wpa_auth.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 3f64561d0b..ee1be2782d 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -37,13 +37,15 @@ Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer Signed-off-by: Ilan Peer --- src/ap/wpa_auth.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 3f64561d0b..ee1be2782d 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -37,13 +37,15 @@ static const u8 *wpa_auth_get_aa(struct wpa_state_machine *sm) { - return sm->wpa_auth->addr; + return (sm && sm->mld_assoc_link_id >= 0) ? + sm->own_mld_addr : sm->wpa_auth->addr; } static const u8 *wpa_auth_get_spa(struct wpa_state_machine *sm) { - return sm->addr; + return sm->mld_assoc_link_id >= 0 ? + sm->peer_mld_addr : sm->addr; } From patchwork Wed Feb 15 23:08:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743203 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=4pym87Hv; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=QB+DHcBM; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFJ80NNyz23yD for ; Thu, 16 Feb 2023 10:52:56 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=og0ZOKMW6yGXF33SAI2X6gQD7YghX4p5rUcWMqJyYYg=; b=4pym87HvHQcL9r 9xrXX04vpSDVX+r4P9Jk71RvBZae70WknrTKu1DS9uEuvQ4A6EetWe+V5I4CgmlNEV5PhBrDzxDGa dza881eCbIQ03Wm5BUNpUCtjH8E+7n+L26jZDVL0UdgpUj0TYAs9fpL+FFHfwDzqEic8tXjU385XR KFyfwC2wIAJgxIOabxpJeKlqSgFG9rDFcSh7nVYYG1DAgdyqea9FrCFSeXQ1oqpG6Kj9BWRSqjfRi AlGKyGE7+e1uwJqaAinF26DbFRYbyPdLdcEf44sUZKw8ONajVlUPB3fhOnh4wUq6+/f2nNZBuzzrA 1r40uN3PFoPBibI3Pdag==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRZH-007zKs-W6; Wed, 15 Feb 2023 23:52:08 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvI-007lly-O0 for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:50 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502648; x=1708038648; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=zkVNxbUaHoRTjyF2VXGSWU/UiuuDo1gBjbh2wRGpcVY=; b=QB+DHcBMQuceuQ9LbAdppGycG0Qazk4Xh2FLg1HMMyGrT+KUYdLVs8b1 MjApOGfRICmFW2Ax/aYF+JTm/mRyHFOyi6faNUnKcru3t5Wet9uJOT7uv Cy76qOn+6VbypszmQht83SgSlAfonDyUSptLqk7E8RXNPIaBTvux3Nuxu Mp0SgSdq/i3n4igFczMH4q+2lLREOKQoMTx4mstk3W8p8usseUPEEVzxp m2EvXWYAZpAdB2tvSsMdmgCckBU1sCRcV9cNDqFeq+mGjT8mdMx63SYjj HryhBvyA6f9OXlvlnPYzKkkpopOQDI3VbF5hEQpKUxWZkS4da+JjSrxI3 w==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719817" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719817" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:30 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344563" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344563" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:28 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Ilan Peer , Andrei Otcheretianski Subject: [PATCH 44/50] AP: Specify the link ID for set_key() callback Date: Thu, 16 Feb 2023 01:08:58 +0200 Message-Id: <20230215230904.933291-45-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151048_921211_30239A0E X-CRM114-Status: UNSURE ( 9.63 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Ilan Peer If the AP is part of a MLD AP specify the link ID in the set key parameters. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 5 +++++ 1 file changed, 5 insertions(+) Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Ilan Peer If the AP is part of a MLD AP specify the link ID in the set key parameters. Signed-off-by: Ilan Peer Signed-off-by: Andrei Otcheretianski --- src/ap/ap_drv_ops.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index 37c145f0a0..b4d804196a 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -758,6 +758,11 @@ int hostapd_drv_set_key(const char *ifname, struct hostapd_data *hapd, params.key_flag = key_flag; params.link_id = -1; +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && !(key_flag & KEY_FLAG_PAIRWISE)) + params.link_id = hapd->conf->mld_link_id; +#endif /* CONFIG_IEEE80211BE */ + return hapd->driver->set_key(hapd->drv_priv, ¶ms); } From patchwork Wed Feb 15 23:08:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743205 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=1itwOm7N; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=GEtoJ83U; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFM161hVz23j7 for ; Thu, 16 Feb 2023 10:55:25 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=1wUySiVPYz7Wv6muH8ALtlNlHdaP7ZrXgC2D5Qvn1zs=; b=1itwOm7NyDnJpd E/ieFRn/A9maK2KagL+9OQRwNAVQKdIIHQrFnNNgdN9hUhI1wMS4uon3wi1NUpRDofPW7XgW+nQVs CFg9eZhcaw/mVkBjb5ryj5YjUIL+hrJwvRWAVSXsuT7GD79BGn7IuglP31E6Jj50NgkRQcMbFTh7f 38i4hsGd4GvlKSdNC/qypb67/vuJLiGni0U+bJ28szJOwdWAg3ktYptP5ClgV5qw6JAiKrYHC4Udd 6ydRsgwp89S1mSt4NHdERsHkvKu9gH7wRPvgnhfyuA81dWoh1ZdwQW1M1hAWgFWKtwXMGGGYkHhIW JIFRCsCbCR/mCRbjl5Og==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRbf-00806P-BE; Wed, 15 Feb 2023 23:54:36 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvJ-007ljz-EO for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:50 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502649; x=1708038649; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=W8ZR3aUwYRW9L8uOzyAk2e+3FgX4DS54vK5DWTRXZZA=; b=GEtoJ83UGDwdRfqbowvlfB6IogBK/tQFpSDbXbLze6B75UJLuMXHh/z/ VVsHVn9Y2tsykuyqDY5vjopOf/GrI7ZwwA4jMIlul4i9ScGnz0FA6FQjv xYH0v8CTTai7C8Xv2bWsCw+7t16PwhMrkdyCculFJVHJR9W/5pv05GbCU 1U7WempXNB1/OfVRp1x583M/U5nOYi6VRG0I46Sq9Noqzv/bTj+wLyexS qJCdP6J/qC3lwCVa6ofDBsJq2CBOpp6AJLpTjM497ZD5DCGJg2AjExuNb bxxZ6xpAmktDFzeYYPB9klvenf/hUC7CHXbKeGM4edf8HG5OxDGipyH5X A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719824" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719824" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:31 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344633" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344633" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:30 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 45/50] AP: Use MLD address for SAE commit derivation Date: Thu, 16 Feb 2023 01:08:59 +0200 Message-Id: <20230215230904.933291-46-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151049_640528_0218C7A3 X-CRM114-Status: GOOD ( 11.67 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index c302f01804..3af86e6df8 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -600,12 +600,18 @@ static struct wpabuf * auth_build_s [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index c302f01804..3af86e6df8 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -600,12 +600,18 @@ static struct wpabuf * auth_build_sae_commit(struct hostapd_data *hapd, int use_pt = 0; struct sae_pt *pt = NULL; const struct sae_pk *pk = NULL; + u8 *own_addr = hapd->own_addr; + +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap && sta->mld_info.mld_sta) + own_addr = hapd->mld_addr; +#endif if (sta->sae->tmp) { rx_id = sta->sae->tmp->pw_id; use_pt = sta->sae->h2e; #ifdef CONFIG_SAE_PK - os_memcpy(sta->sae->tmp->own_addr, hapd->own_addr, ETH_ALEN); + os_memcpy(sta->sae->tmp->own_addr, own_addr, ETH_ALEN); os_memcpy(sta->sae->tmp->peer_addr, sta->addr, ETH_ALEN); #endif /* CONFIG_SAE_PK */ } @@ -625,12 +631,12 @@ static struct wpabuf * auth_build_sae_commit(struct hostapd_data *hapd, } if (update && use_pt && - sae_prepare_commit_pt(sta->sae, pt, hapd->own_addr, sta->addr, + sae_prepare_commit_pt(sta->sae, pt, own_addr, sta->addr, NULL, pk) < 0) return NULL; if (update && !use_pt && - sae_prepare_commit(hapd->own_addr, sta->addr, + sae_prepare_commit(own_addr, sta->addr, (u8 *) password, os_strlen(password), sta->sae) < 0) { wpa_printf(MSG_DEBUG, "SAE: Could not pick PWE"); From patchwork Wed Feb 15 23:09:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743206 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=N0qUebtC; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=GiJlS62L; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFNC1P0Gz23j7 for ; Thu, 16 Feb 2023 10:56:27 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=fuTCABb8/O2u1OYu/p2taDvX6RjZ2CcDs7vO7xbJHZU=; b=N0qUebtCQrWpC2 hmDmoJwmP5zahOzUkTqm21xBEwa31lvdqf9o+UzJzdZx/NST2rCwfQL7DYsjcCEhBl/kIf7VjuEGu q7H4ut8W1Gre35jwAEJA8cs4lLL4nHqklpI7qmcWmR/e7gYtdSdN2i5ZiLkZHDP2ohVbuDKsa+2be LMNHRvxACF/77Wj/jlNT1RXuryTnRsKZ7wuzabP9jIiEKiYTNLQieBhEpD0FtbnrkjkLAkjKHTuSB /OC+O6tPMQ/ldcQ58rUd2+k4DkeIb7acsDBmRmVSmt/sDipvGFG6Rapi4zwflwNdWbGy97ywFBidF EKacOK7AXiOxND+Do44g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRcd-0080Pr-13; Wed, 15 Feb 2023 23:55:35 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvJ-007ll5-Vq for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:51 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502649; x=1708038649; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=bMRTDBV4fruS5oanukUj9EC6bFMatSuZqo1Ec9sM/gc=; b=GiJlS62Ln0zGd4NHnSaId3yYWaegcWZkbvD1jc285mClml3vihz4Gbna zhZlo/yDB8Lj4Q+NKoYvcxHPHTPeqyuijlBT6BnpV1Wwr79an2RIbTEQN BbSdoByd8IfwZDUdPpmpQGmOIEDe3oLZJ5amf9VTQ37qDafy+CVgaKqg+ IMDpPkaNS77JC+3H/1YtKGeae5Bzoe6zFWOICHqaFGVgYUtTxTL2EidWv VYaLtGsZ27+lX7qJtjNmoV3mWW0mbXyIu1BkSYnMaGdLCGVu+IsYjA0Z6 jOy5ScUX9FFP9/7bbQjn8gVIfvdzxmzaf+hKziKTKP9NJgKOOsoKzLlN5 g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719834" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719834" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:33 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344725" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344725" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:31 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 46/50] AP: Don't process SAE/OWE assoc info on MLD links Date: Thu, 16 Feb 2023 01:09:00 +0200 Message-Id: <20230215230904.933291-47-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151050_121578_7E515B95 X-CRM114-Status: GOOD ( 13.80 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Only the main link handles SAE authentication, skip it on other links. Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 91 ++++++++++++++++++++++++ 1 file changed, 48 insertions(+), 43 deletions(-) Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Only the main link handles SAE authentication, skip it on other links. Signed-off-by: Andrei Otcheretianski --- src/ap/ieee802_11.c | 91 ++++++++++++++++++++++++--------------------- 1 file changed, 48 insertions(+), 43 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 3af86e6df8..d8ed39e7f5 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -3996,55 +3996,60 @@ static int __check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, } #endif /* CONFIG_IEEE80211R_AP */ + if (!link) { #ifdef CONFIG_SAE - if (wpa_auth_uses_sae(sta->wpa_sm) && sta->sae && - sta->sae->state == SAE_ACCEPTED) - wpa_auth_add_sae_pmkid(sta->wpa_sm, sta->sae->pmkid); - - if (wpa_auth_uses_sae(sta->wpa_sm) && - sta->auth_alg == WLAN_AUTH_OPEN) { - struct rsn_pmksa_cache_entry *sa; - sa = wpa_auth_sta_get_pmksa(sta->wpa_sm); - if (!sa || !wpa_key_mgmt_sae(sa->akmp)) { - wpa_printf(MSG_DEBUG, - "SAE: No PMKSA cache entry found for " - MACSTR, MAC2STR(sta->addr)); - return WLAN_STATUS_INVALID_PMKID; + if (wpa_auth_uses_sae(sta->wpa_sm) && sta->sae && + sta->sae->state == SAE_ACCEPTED) + wpa_auth_add_sae_pmkid(sta->wpa_sm, + sta->sae->pmkid); + + if (wpa_auth_uses_sae(sta->wpa_sm) && + sta->auth_alg == WLAN_AUTH_OPEN) { + struct rsn_pmksa_cache_entry *sa; + sa = wpa_auth_sta_get_pmksa(sta->wpa_sm); + if (!sa || !wpa_key_mgmt_sae(sa->akmp)) { + wpa_printf(MSG_DEBUG, + "SAE: No PMKSA cache entry found for " + MACSTR, MAC2STR(sta->addr)); + return WLAN_STATUS_INVALID_PMKID; + } + wpa_printf(MSG_DEBUG, "SAE: " MACSTR + " using PMKSA caching", MAC2STR(sta->addr)); + } else if (wpa_auth_uses_sae(sta->wpa_sm) && + sta->auth_alg != WLAN_AUTH_SAE && + !(sta->auth_alg == WLAN_AUTH_FT && + wpa_auth_uses_ft_sae(sta->wpa_sm))) { + wpa_printf(MSG_DEBUG, "SAE: " MACSTR + " tried to use SAE AKM after non-SAE auth_alg %u", + MAC2STR(sta->addr), sta->auth_alg); + return WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG; + } + + if (hapd->conf->sae_pwe == SAE_PWE_BOTH && + sta->auth_alg == WLAN_AUTH_SAE && + sta->sae && !sta->sae->h2e && + ieee802_11_rsnx_capab_len(elems->rsnxe, + elems->rsnxe_len, + WLAN_RSNX_CAPAB_SAE_H2E)) { + wpa_printf(MSG_INFO, "SAE: " MACSTR + " indicates support for SAE H2E, but did not use it", + MAC2STR(sta->addr)); + return WLAN_STATUS_UNSPECIFIED_FAILURE; } - wpa_printf(MSG_DEBUG, "SAE: " MACSTR - " using PMKSA caching", MAC2STR(sta->addr)); - } else if (wpa_auth_uses_sae(sta->wpa_sm) && - sta->auth_alg != WLAN_AUTH_SAE && - !(sta->auth_alg == WLAN_AUTH_FT && - wpa_auth_uses_ft_sae(sta->wpa_sm))) { - wpa_printf(MSG_DEBUG, "SAE: " MACSTR " tried to use " - "SAE AKM after non-SAE auth_alg %u", - MAC2STR(sta->addr), sta->auth_alg); - return WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG; - } - - if (hapd->conf->sae_pwe == SAE_PWE_BOTH && - sta->auth_alg == WLAN_AUTH_SAE && - sta->sae && !sta->sae->h2e && - ieee802_11_rsnx_capab_len(elems->rsnxe, elems->rsnxe_len, - WLAN_RSNX_CAPAB_SAE_H2E)) { - wpa_printf(MSG_INFO, "SAE: " MACSTR - " indicates support for SAE H2E, but did not use it", - MAC2STR(sta->addr)); - return WLAN_STATUS_UNSPECIFIED_FAILURE; - } #endif /* CONFIG_SAE */ #ifdef CONFIG_OWE - if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && - wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE && - elems->owe_dh) { - resp = owe_process_assoc_req(hapd, sta, elems->owe_dh, - elems->owe_dh_len); - if (resp != WLAN_STATUS_SUCCESS) - return resp; - } + if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && + wpa_auth_sta_key_mgmt(sta->wpa_sm) == + WPA_KEY_MGMT_OWE && elems->owe_dh) { + resp = owe_process_assoc_req(hapd, sta, + elems->owe_dh, + elems->owe_dh_len); + if (resp != WLAN_STATUS_SUCCESS) + return resp; + } #endif /* CONFIG_OWE */ + } #ifdef CONFIG_DPP2 dpp_pfs_free(sta->dpp_pfs); From patchwork Wed Feb 15 23:09:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743207 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=yx8RyN+h; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=jdDaM8n6; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFPY0PbKz23j7 for ; Thu, 16 Feb 2023 10:57:37 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=oMaQJWnKGGCYhuLZJnahJ1zu/yql+sSWf2vxv3t4DGA=; b=yx8RyN+hRtGhTu Nny7YjpmIIQdS6S9qqRZlPYpMOx1T0ZtVG7OygemUEpT9lssdASKC/JwerrPpPNMqcW+/bOdm+YC2 Kj+GbN1FgpHnEPHPD3QGU7hLU2zU8d+1o3W13iDtG4Fk71/xxHX0ZUxsKKlpXNS8dH2tQoZN+2gNA QICiR6kqg3+qSFJ74r4GR/mPL+z0RnfsHj0+Bul10/gF44W3VAH4dvYQZ4VKFzJEJ4xAGQABfGLNi bGhWnoW8EcpNd8KXC4hXmnkRkIwv75um2lIQETNua/IblHVVgfDZZHHI5o0EXeCxETQuGefbqPFu0 BD7fx3VPsvucThGOyqLw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRdj-0080ms-Fg; Wed, 15 Feb 2023 23:56:43 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvK-007lly-Ij for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:51 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502650; x=1708038650; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=D6zkjJEETeSN30W6EgoDKR5flXvxaCEElTEdsZe+GlM=; b=jdDaM8n6X0ALImrqCE+xT5D4bei2SrQAuozGY1oiWAswOK/lCcQKz/6L RmelTLaxnZKEgwA2wME72aQThccj/fg6Fe7QlxbBd6PULqbs1rBk+j3l1 S9hpYjgGTcMsxcJwzI+CtofwQFL+ISRXUvatbBK0L7M+k3wgfi+8ckyYm JbhnqW8E2KjyHsWit5K4Oz6/qNd9CP0K/lh6kdRJLlJComUcYhTPvyPcR 36LKe8A6ckmLZZZ4DjgzNz2oQz3EKbSteq0XbScgLsQy3A7ervjxkfsXD Qb0FhtsVV4E58T4CKtEQLB4HGxrdsdW2g0/wBE0DaOHPm8eDvAl433Hcr Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719837" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719837" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:34 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344795" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344795" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:33 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 47/50] AP: Use MLD address for traffic tests Date: Thu, 16 Feb 2023 01:09:01 +0200 Message-Id: <20230215230904.933291-48-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151050_754130_9D125329 X-CRM114-Status: GOOD ( 10.47 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: In case of MLD use the MLD address. Signed-off-by: Andrei Otcheretianski --- hostapd/ctrl_iface.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c index 656aacc7db..dd5f4e41da 100644 --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c @@ -1835,6 +1835,7 @@ static int hostapd_ctrl_iface_d [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org In case of MLD use the MLD address. Signed-off-by: Andrei Otcheretianski --- hostapd/ctrl_iface.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c index 656aacc7db..dd5f4e41da 100644 --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c @@ -1835,6 +1835,7 @@ static int hostapd_ctrl_iface_data_test_config(struct hostapd_data *hapd, int enabled = atoi(cmd); char *pos; const char *ifname; + const u8 *addr = hapd->own_addr; if (!enabled) { if (hapd->l2_test) { @@ -1855,7 +1856,11 @@ static int hostapd_ctrl_iface_data_test_config(struct hostapd_data *hapd, else ifname = hapd->conf->iface; - hapd->l2_test = l2_packet_init(ifname, hapd->own_addr, +#ifdef CONFIG_IEEE80211BE + if (hapd->conf->mld_ap) + addr = hapd->mld_addr; +#endif /* CONFIG_IEEE80211BE */ + hapd->l2_test = l2_packet_init(ifname, addr, ETHERTYPE_IP, hostapd_data_test_rx, hapd, 1); if (hapd->l2_test == NULL) From patchwork Wed Feb 15 23:09:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743204 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ZUG6eJXN; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=WcQPSV+e; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFKT2lVjz23yD for ; Thu, 16 Feb 2023 10:54:05 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=0RozqfEFDhVoBHoJ8yVigbJDP6XSlcjgYBSDx420wkU=; b=ZUG6eJXND6/mje SBdo7DmNl0tETVG75KvihZmF0+KFLwAcr3cudIbt+AIuqUx+nuT6p4X8CtWGzuGCO3U49YPS4tHoy mdJTDpm5e1a5ylXzcvOkRPl7bcSgQLZfT1J6LKaRsa1wJqRl7XjBmESNAzzlfQgKxhDLjK/1Bphvp JJpED69hILHQf3F0vKisFGZZr5MQ+kEAIrSFQiNgFt+3aU2skv5GvD3vvAOIvzkmGhfkUFq+jhkIK RFNbfL6PB5TVUovzZeXxzBwx9JpBlko547vi37rA9Nuog5CalxGlWyggTKwCAQT7Ejrp+Nnkr9b72 OvDGyhPzejjP3xNI5Ubw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRaP-007zjF-M9; Wed, 15 Feb 2023 23:53:18 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvL-007ljz-Dm for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:52 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502651; x=1708038651; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=vJheH+05U4VSQxTSNTxY+66jnZzw9KFhPF0Nu/pigkA=; b=WcQPSV+e0+WbethSpamHWKXBh9cfPGfouJ8SawLU+6km+0Njf65DY8b3 9SGxBfsWtPbHHWZdum/0x70j4i5EAjVyHIYB9efqo/lnQv41n/HxEc2Fk gIhrLmvba6MnI5KiGUlLGLd3Gs1eOovNXLL7rMaSGl0fiNLifJVwh0YLp n8Pm713B86H986UzLWoZgb7mx62zbWtp6DjLNxDbQSSJO9AMZCaPQQ6Dw TWMoTTN54zVvO+UAO5lKTCVRjw49R17gMC3uZr9lhAxcn+/z4I+68TB5t gY7aOC1sCx8wQkD70cr7eVyO8M51El5fFfV3In4KXcOEPRva08hAuOXvk g==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719849" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719849" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:35 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344872" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344872" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:34 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 48/50] tests: Clear sae_groups in eht_sae test Date: Thu, 16 Feb 2023 01:09:02 +0200 Message-Id: <20230215230904.933291-49-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151051_588575_96F91723 X-CRM114-Status: UNSURE ( 8.17 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Otherwise subsequent tests may fail. Signed-off-by: Andrei Otcheretianski --- tests/hwsim/test_eht.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/hwsim/test_eht.py b/tests/hwsim/test_eht.py index ae078ee5b0..ebc846c0d4 100644 --- a/tests/hwsim/test_eht.py +++ b/tests/hwsim/test_eht.py @@ -90,6 +90,7 @@ def test_eht_sae(dev, a [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Otherwise subsequent tests may fail. Signed-off-by: Andrei Otcheretianski --- tests/hwsim/test_eht.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/hwsim/test_eht.py b/tests/hwsim/test_eht.py index ae078ee5b0..ebc846c0d4 100644 --- a/tests/hwsim/test_eht.py +++ b/tests/hwsim/test_eht.py @@ -90,6 +90,7 @@ def test_eht_sae(dev, apdev): pairwise="GCMP-256", group="GCMP-256", group_mgmt="BIP-GMAC-256", scan_freq="2412") finally: + dev[0].set("sae_groups", "") dev[0].set("sae_pwe", "0") def test_eht_sae_mlo(dev, apdev): @@ -115,4 +116,5 @@ def test_eht_sae_mlo(dev, apdev): if "status_code=15" not in ev: raise Exception("Unexpected authentication failure: " + ev) finally: + dev[0].set("sae_groups", "") dev[0].set("sae_pwe", "0") From patchwork Wed Feb 15 23:09:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743209 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=psV5/OAo; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=n+0xEJcO; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFQn5wR8z23j7 for ; Thu, 16 Feb 2023 10:58:41 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=tfjmhujWI//nwhqWYpwZ58dBkMwBP1i2jDy+0IsT6Ic=; b=psV5/OAosrEend vUn1YrGVAT2I5mFBNg7QhNl8amgTYRNWSjPBl7Oryvh6iRTQv0cr3FBuAWqRYUUMnFxZvq9kuizzR 9qjg+VT4lmQc0wwo/Pg5pzqF3g5ElCYTKvr45WO09oqlUSc5dnZSnSFHMCq/hL0ek5c9msyJ5VWW7 4JMf1GXwWTtmd0pzJLXg9FRBkfj3pKP/KMpkMWVMYPF+bo5enB5q1v2vlU05tXFCB3hFuse5ynM6z zkMIzb572HChT1MMrDHw+eb5mSU2U3A2GxUGTPXQ9VnJIRK35I5rW1arREey5s/9/4MnQSde3/0z7 mm3kAdrKe2isstoR52pg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRen-00815n-V5; Wed, 15 Feb 2023 23:57:50 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvL-007ll5-SN for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:53 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502651; x=1708038651; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=e1gVlpX37yvfVfGJ8ilkeMDhOMLhKK2keMTsCgZVPMs=; b=n+0xEJcO8DvHSAfd6bEUMsiV8Y3ZONhkhOFwA4HNWoqQCLpUtOq3LvRv yLedkIUCADX34Ed6lRn1TTZwuFlhlBr45gKYpjQDjI+aGVT2V5m2G+I04 Dgv7Xrn9bz3In7u/dzLqdSu4xly7SX4Utu2vxIL4d0a2zYjkPQSlK5RLy q06Ge6u/hrj8IO9YT5UCzKIDAETGubVpqlW6f+NCIDV+J5k4YTQVFu3Y9 1PsE4bJIIXC1rCuKMtBrduXZiAJqOLR6FiHV13ZqNzzN6i7xkKPVYjwfY DYfFcrMAYzlFb5TZbBB2M6UkNjxnLKdcFJaSRWOv6fVvSDOOk3Bm7JGOc A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719855" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719855" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:37 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702344965" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702344965" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:35 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Avraham Stern Subject: [PATCH 49/50] tests: Remove dynamically added hostapd interfaces Date: Thu, 16 Feb 2023 01:09:03 +0200 Message-Id: <20230215230904.933291-50-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151052_056083_01FB8F2F X-CRM114-Status: UNSURE ( 9.24 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Avraham Stern When an in interface is added dynamically to hostapd with HWSimRadio, it's not removed during device reset. This requires to manually remove it, otherwise subsequent tests may fail. Better do it durin [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Avraham Stern When an in interface is added dynamically to hostapd with HWSimRadio, it's not removed during device reset. This requires to manually remove it, otherwise subsequent tests may fail. Better do it during device reset. Signed-off-by: Avraham Stern --- tests/hwsim/run-tests.py | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/tests/hwsim/run-tests.py b/tests/hwsim/run-tests.py index 0784575f28..f63bb56776 100755 --- a/tests/hwsim/run-tests.py +++ b/tests/hwsim/run-tests.py @@ -69,13 +69,10 @@ def reset_devs(dev, apdev): try: hapd = HostapdGlobal() hapd.flush() - hapd.remove('wlan3-6') - hapd.remove('wlan3-5') - hapd.remove('wlan3-4') - hapd.remove('wlan3-3') - hapd.remove('wlan3-2') - for ap in apdev: - hapd.remove(ap['ifname']) + ifaces = hapd.request("INTERFACES").splitlines() + for iface in ifaces: + if iface.startswith("wlan"): + hapd.remove(iface) hapd.remove('as-erp') except Exception as e: logger.info("Failed to remove hostapd interface") From patchwork Wed Feb 15 23:09:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrei Otcheretianski X-Patchwork-Id: 1743210 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=yHEAb9tU; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=ckY2ilz6; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PHFSg5nr4z23h0 for ; Thu, 16 Feb 2023 11:00:19 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=EsEMMQJ/tdnVu7gTZTACOG9xSKFE4rOolb4r2ZWnNSU=; b=yHEAb9tUlgM4Gp 475ApPF0JhXGhtSAUEmQYARRObiuaQeDC7m9AeHiSGUqzxKJ83PciYhKfeHKZO7Q0Mwu4f+Pm/eX4 q8Iv3QudfejwddanGI9n32S9qtEqHthtY2EK+yqfu6XkOoWGZ3jdVJd2up9bcwL7Xo3f8AcAwlE+d 6C0IZzQhHmOxSyCVTfd6rZmq9Wqxcjt0ZzMVDUC2VAE/mUu7KLAKrxK4aeg/BiHjfg2CCwdqcZgZb s0VXm7a3h6UVhRhjv2hw1Ig/p9pW10kmVlZ5qwev9VvpvicI7XD/Jjuamgs7CIisx+9t0AdqAaDrJ 49erEUunD1959Gah3lew==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSRg8-0081Wv-Ho; Wed, 15 Feb 2023 23:59:13 +0000 Received: from mga03.intel.com ([134.134.136.65]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pSQvM-007lly-5H for hostap@lists.infradead.org; Wed, 15 Feb 2023 23:10:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676502652; x=1708038652; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=pZTVEScQq67mKw2w4swM2+JkGovGr/qQPQHgtixqzF8=; b=ckY2ilz6iQbVsekJfEpe2Ch6Eta+r+TJl36afrgzpXYd6slvvx/uJwjV ZYMZqxL34v7mKANe6YngXX9x40jS429XDGmATYYnmH51GnrnveY/WNcjS CEFMWQsrFyJWyf8CCg7T+8FpP3uBLtvia7SCYtYWVL4eb4xm/mabzZWIH mI0tb3CI8oWcpKNDdyHfmQSaE92Xhu1EyzR9Yud/SO/Okn6bgAXHCWsCq mjaDGjJX+G1MQBnyRmHYhBYdfE4HNRu4qKrfr+f3frzQwtWnJBJl5N3CF kGfpe18obAJFnlxDE8n2cVIqeno7eKTA6rP6kYc6PGUqNoM3oulohGP9x A==; X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="333719860" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="333719860" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:38 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10622"; a="702345063" X-IronPort-AV: E=Sophos;i="5.97,300,1669104000"; d="scan'208";a="702345063" Received: from zfilgut-mobl.ger.corp.intel.com (HELO aotchere-desk.intel.com) ([10.254.144.126]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2023 15:10:37 -0800 From: Andrei Otcheretianski To: hostap@lists.infradead.org Cc: Andrei Otcheretianski Subject: [PATCH 50/50] tests: Add basic MLD hwsim tests Date: Thu, 16 Feb 2023 01:09:04 +0200 Message-Id: <20230215230904.933291-51-andrei.otcheretianski@intel.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230215230904.933291-1-andrei.otcheretianski@intel.com> References: <20230215230904.933291-1-andrei.otcheretianski@intel.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230215_151052_370384_26838FEB X-CRM114-Status: GOOD ( 14.94 ) X-Spam-Score: -2.7 (--) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Andrei Otcheretianski --- tests/hwsim/example-hostapd.config | 1 + tests/hwsim/hostapd.py | 77 +++++++- tests/hwsim/hwsim.py | 11 +- tests/hwsim/test_e [...] Content analysis details: (-2.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.2 DKIMWL_WL_HIGH DKIMwl.org - High trust sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Andrei Otcheretianski --- tests/hwsim/example-hostapd.config | 1 + tests/hwsim/hostapd.py | 77 +++++++- tests/hwsim/hwsim.py | 11 +- tests/hwsim/test_eht.py | 299 +++++++++++++++++++++++++++++ 4 files changed, 381 insertions(+), 7 deletions(-) diff --git a/tests/hwsim/example-hostapd.config b/tests/hwsim/example-hostapd.config index 5b7130fdcd..e6f91fe388 100644 --- a/tests/hwsim/example-hostapd.config +++ b/tests/hwsim/example-hostapd.config @@ -117,3 +117,4 @@ CONFIG_DPP2=y CONFIG_WEP=y CONFIG_PASN=y CONFIG_AIRTIME_POLICY=y +CONFIG_IEEE80211BE=y diff --git a/tests/hwsim/hostapd.py b/tests/hwsim/hostapd.py index 77b210b6e6..e47aa146db 100644 --- a/tests/hwsim/hostapd.py +++ b/tests/hwsim/hostapd.py @@ -101,6 +101,11 @@ class HostapdGlobal: if not ignore_error: raise Exception("Could not add hostapd BSS") + def add_link(self, ifname, confname): + res = self.request("ADD " + ifname + " config=" + confname) + if "OK" not in res: + raise Exception("Could not add hostapd link") + def remove(self, ifname): self.request("REMOVE " + ifname, timeout=30) @@ -141,13 +146,13 @@ class HostapdGlobal: self.host.send_file(src, dst) class Hostapd: - def __init__(self, ifname, bssidx=0, hostname=None, port=8877): + def __init__(self, ifname, bssidx=0, hostname=None, ctrl=hapd_ctrl, port=8877): self.hostname = hostname self.host = remotehost.Host(hostname, ifname) self.ifname = ifname if hostname is None: - self.ctrl = wpaspy.Ctrl(os.path.join(hapd_ctrl, ifname)) - self.mon = wpaspy.Ctrl(os.path.join(hapd_ctrl, ifname)) + self.ctrl = wpaspy.Ctrl(os.path.join(ctrl, ifname)) + self.mon = wpaspy.Ctrl(os.path.join(ctrl, ifname)) self.dbg = ifname else: self.ctrl = wpaspy.Ctrl(hostname, port) @@ -156,6 +161,7 @@ class Hostapd: self.mon.attach() self.bssid = None self.bssidx = bssidx + self.mld_addr = None def cmd_execute(self, cmd_array, shell=False): if self.hostname is None: @@ -184,8 +190,15 @@ class Hostapd: self.bssid = self.get_status_field('bssid[%d]' % self.bssidx) return self.bssid + def own_mld_addr(self): + if self.mld_addr is None: + self.mld_addr = self.get_status_field('mld_addr[%d]' % self.bssidx) + return self.mld_addr + def get_addr(self, group=False): - return self.own_addr() + if self.own_mld_addr() is None: + return self.own_addr() + return self.own_mld_addr() def request(self, cmd): logger.debug(self.dbg + ": CTRL: " + cmd) @@ -682,6 +695,33 @@ def add_iface(apdev, confname): raise Exception("Could not ping hostapd") return hapd +def add_mld_link(apdev, params): + if isinstance(apdev, dict): + ifname = apdev['ifname'] + try: + hostname = apdev['hostname'] + port = apdev['port'] + logger.info("Adding link on: " + hostname + "/" + port + " ifname=" + ifname) + except: + logger.info("Adding link on: ifname=" + ifname) + hostname = None + port = 8878 + else: + ifname = apdev + logger.info("Adding link on: ifname=" + ifname) + hostname = None + port = 8878 + + hapd_global = HostapdGlobal(apdev) + confname, ctrl_iface = cfg_mld_link_file(ifname, params) + hapd_global.send_file(confname, confname) + hapd_global.add_link(ifname, confname) + port = hapd_global.get_ctrl_iface_port(ifname) + hapd = Hostapd(ifname, hostname=hostname, ctrl=ctrl_iface, port=port) + if not hapd.ping(): + raise Exception("Could not ping hostapd") + return hapd + def remove_bss(apdev, ifname=None): if ifname == None: ifname = apdev['ifname'] @@ -904,3 +944,32 @@ def cfg_file(apdev, conf, ifname=None): return fname return conf + +idx = 0 +def cfg_mld_link_file(ifname, params): + global idx + ctrl_iface="/var/run/hostapd" + conf = "link-%d.conf" % idx + + fd, fname = tempfile.mkstemp(dir='/tmp', prefix=conf + '-') + f = os.fdopen(fd, 'w') + + if idx != 0: + ctrl_iface="/var/run/hostapd_%d" % idx + + f.write("ctrl_interface=%s\n" % ctrl_iface) + f.write("driver=nl80211\n") + f.write("ieee80211n=1\n") + f.write("ieee80211ac=1\n") + f.write("ieee80211ax=1\n") + f.write("ieee80211be=1\n") + f.write("interface=%s\n" % ifname) + f.write("mld_ap=1\n") + f.write("mld_id=0\n") + + for k, v in list(params.items()): + f.write("{}={}\n".format(k,v)) + + idx = idx + 1 + + return fname, ctrl_iface \ No newline at end of file diff --git a/tests/hwsim/hwsim.py b/tests/hwsim/hwsim.py index bc8aabdd49..5b1f858c95 100644 --- a/tests/hwsim/hwsim.py +++ b/tests/hwsim/hwsim.py @@ -17,6 +17,7 @@ HWSIM_ATTR_CHANNELS = 9 HWSIM_ATTR_RADIO_ID = 10 HWSIM_ATTR_SUPPORT_P2P_DEVICE = 14 HWSIM_ATTR_USE_CHANCTX = 15 +HWSIM_ATTR_MLO_SUPPORT = 25 # the controller class class HWSimController(object): @@ -25,7 +26,7 @@ class HWSimController(object): self._fid = netlink.genl_controller.get_family_id(b'MAC80211_HWSIM') def create_radio(self, n_channels=None, use_chanctx=False, - use_p2p_device=False): + use_p2p_device=False, use_mlo=False): attrs = [] if n_channels: attrs.append(netlink.U32Attr(HWSIM_ATTR_CHANNELS, n_channels)) @@ -33,6 +34,8 @@ class HWSimController(object): attrs.append(netlink.FlagAttr(HWSIM_ATTR_USE_CHANCTX)) if use_p2p_device: attrs.append(netlink.FlagAttr(HWSIM_ATTR_SUPPORT_P2P_DEVICE)) + if use_mlo: + attrs.append(netlink.FlagAttr(HWSIM_ATTR_MLO_SUPPORT)) msg = netlink.GenlMessage(self._fid, HWSIM_CMD_CREATE_RADIO, flags=netlink.NLM_F_REQUEST | @@ -50,17 +53,19 @@ class HWSimController(object): class HWSimRadio(object): def __init__(self, n_channels=None, use_chanctx=False, - use_p2p_device=False): + use_p2p_device=False, use_mlo=False): self._controller = HWSimController() self._n_channels = n_channels self._use_chanctx = use_chanctx self._use_p2p_dev = use_p2p_device + self._use_mlo = use_mlo def __enter__(self): self._radio_id = self._controller.create_radio( n_channels=self._n_channels, use_chanctx=self._use_chanctx, - use_p2p_device=self._use_p2p_dev) + use_p2p_device=self._use_p2p_dev, + use_mlo=self._use_mlo) if self._radio_id < 0: raise Exception("Failed to create radio (err:%d)" % self._radio_id) try: diff --git a/tests/hwsim/test_eht.py b/tests/hwsim/test_eht.py index ebc846c0d4..58dc4bece5 100644 --- a/tests/hwsim/test_eht.py +++ b/tests/hwsim/test_eht.py @@ -6,6 +6,57 @@ import hostapd from utils import * +from hwsim import HWSimRadio +import hwsim_utils +from wpasupplicant import WpaSupplicant +import re + +def _eht_verify_wifi_version(dev): + status = dev.get_status() + logger.info("station status: " + str(status)) + + if 'wifi_generation' not in status: + raise Exception("Missing wifi_generation information") + if status['wifi_generation'] != "7": + raise Exception("Unexpected wifi_generation value: " + status['wifi_generation']) + +def _eht_verify_status(wpas, hapd, freq, bw, is_ht=False, is_vht=False, mld=False): + status = hapd.get_status() + + logger.info("hostapd STATUS: " + str(status)) + if is_ht and status["ieee80211n"] != "1": + raise Exception("Unexpected STATUS ieee80211n value") + if is_vht and status["ieee80211ac"] != "1": + raise Exception("Unexpected STATUS ieee80211ac value") + if status["ieee80211ax"] != "1": + raise Exception("Unexpected STATUS ieee80211ax value") + if status["ieee80211be"] != "1": + raise Exception("Unexpected STATUS ieee80211be value") + + sta = hapd.get_sta(wpas.own_addr()) + logger.info("hostapd STA: " + str(sta)) + if is_ht and "[HT]" not in sta['flags']: + raise Exception("Missing STA flag: HT") + if is_vht and "[VHT]" not in sta['flags']: + raise Exception("Missing STA flag: VHT") + if "[HE]" not in sta['flags']: + raise Exception("Missing STA flag: HE") + if "[EHT]" not in sta['flags']: + raise Exception("Missing STA flag: EHT") + + sig = wpas.request("SIGNAL_POLL").splitlines() + + # TODO: with MLD connection, signal poll logic is still not implemented. + # While mac80211 maintains the station using the MLD address, the information + # is maintained in the link stations, but it is not sent to user space yet. + if not mld: + if "FREQUENCY=%s" % freq not in sig: + raise Exception("Unexpected SIGNAL_POLL value(1): " + str(sig)) + if "WIDTH=%s MHz" % bw not in sig: + raise Exception("Unexpected SIGNAL_POLL value(2): " + str(sig)) + +def _test_traffic(wpas, hapd): + hwsim_utils.test_connectivity(wpas, hapd) def test_eht_open(dev, apdev): """EHT AP with open mode configuration""" @@ -118,3 +169,251 @@ def test_eht_sae_mlo(dev, apdev): finally: dev[0].set("sae_groups", "") dev[0].set("sae_pwe", "0") + +def _eht_mld_enable_ap(iface, params): + hapd = hostapd.add_mld_link(iface, params) + hapd.enable() + + ev = hapd.wait_event(["AP-ENABLED", "AP-DISABLED"], timeout=1) + if ev is None: + raise Exception("AP startup timed out") + if "AP-ENABLED" not in ev: + raise Exception("AP startup failed") + + return hapd + +def eht_mld_ap_wpa2_params(ssid, passphrase=None, key_mgmt="WPA-PSK-SHA256", mfp="2", pwe=None, + beacon_prot="1"): + params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase, wpa_key_mgmt=key_mgmt, ieee80211w=mfp) + + params['ieee80211n'] = '1' + params['ieee80211ax'] = '1' + params['ieee80211be'] = '1' + params['mld_link_id'] = '0' + params['channel'] = '1' + params['hw_mode'] = 'g' + params['group_mgmt_cipher'] = "AES-128-CMAC" + params['beacon_prot'] = beacon_prot + + if pwe is not None: + params['sae_pwe'] = pwe + + return params + +def test_eht_mld_discovery(dev, apdev): + """EHT MLD AP discovery""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + ssid = "mld_ap" + link0_params = {"ssid": ssid, + "hw_mode": "g", + "channel": "1", + "mld_link_id": "0"} + link1_params = {"ssid": ssid, + "hw_mode": "g", + "channel": "2", + "mld_link_id": "1"} + + hapd0 = _eht_mld_enable_ap(hapd_iface, link0_params) + hapd1 = _eht_mld_enable_ap(hapd_iface, link1_params) + + res = wpas.request("SCAN freq=2412,2417") + if "FAIL" in res: + raise Exception("Failed to start scan") + + ev = wpas.wait_event(["CTRL-EVENT-SCAN-STARTED"]) + if ev is None: + raise Exception("Scan did not start") + + ev = wpas.wait_event(["CTRL-EVENT-SCAN-RESULTS"]) + if ev is None: + raise Exception("Scan did not complete") + + logger.info("Scan done") + + rnr_pattern = re.compile(".*ap_info.*, mld ID=0, link ID=", re.MULTILINE) + ml_pattern = re.compile(".*multi-link:.*, MLD ID=0x0", re.MULTILINE) + + bss = wpas.request("BSS " + hapd0.own_addr()) + logger.info("BSS 0: " + str(bss)) + + if rnr_pattern.search(bss) is None: + raise Exception("RNR element not found for first link") + + if ml_pattern.search(bss) is None: + raise Exception("ML element not found for first link") + + bss = wpas.request("BSS " + hapd1.own_addr()) + logger.info("BSS 1: " + str(bss)) + + if rnr_pattern.search(bss) is None: + raise Exception("RNR element not found for second link") + + if ml_pattern.search(bss) is None: + raise Exception("ML element not found for second link") + +def _eht_mld_owe_two_links(dev, apdev): + with HWSimRadio(use_mlo=True) as (hapd0_radio, hapd0_iface), \ + HWSimRadio(use_mlo=True) as (hapd1_radio, hapd1_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + ssid = "mld_ap_owe_two_link" + params = eht_mld_ap_wpa2_params(ssid, key_mgmt="OWE", mfp="2") + + hapd0 = _eht_mld_enable_ap(hapd0_iface, params) + + params['mld_link_id'] = '1' + params['channel'] = '6' + + hapd1 = _eht_mld_enable_ap(hapd0_iface, params) + + wpas.connect(ssid, scan_freq="2412 2437", key_mgmt="OWE", ieee80211w="2") + + _eht_verify_status(wpas, hapd0, 2412, 20, is_ht=True, mld=True) + _eht_verify_wifi_version(wpas) + _test_traffic(wpas, hapd0) + _test_traffic(wpas, hapd1) + +def test_eht_mld_owe_two_links(dev, apdev): + """EHT MLD AP with MLD client OWE connection using two links""" + _eht_mld_owe_two_links(dev, apdev) + +def test_eht_mld_sae_single_link(dev, apdev): + """EHT MLD AP with MLD client SAE H2E connection using single link""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + passphrase = 'qwertyuiop' + ssid = "mld_ap_sae_single_link" + params = eht_mld_ap_wpa2_params(ssid, passphrase, key_mgmt="SAE", mfp="2", pwe='2') + + hapd0 = _eht_mld_enable_ap(hapd_iface, params) + + wpas.set("sae_pwe", "1") + wpas.connect(ssid, sae_password=passphrase, scan_freq="2412", key_mgmt="SAE", ieee80211w="2") + + _eht_verify_status(wpas, hapd0, 2412, 20, is_ht=True, mld=True) + _eht_verify_wifi_version(wpas) + _test_traffic(wpas, hapd0) + +def _test_eht_mld_sae_two_links(dev, apdev, beacon_prot="1"): + """EHT MLD AP with MLD client SAE H2E connection using two links""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + passphrase = 'qwertyuiop' + ssid = "mld_ap_sae_two_link" + params = eht_mld_ap_wpa2_params(ssid, passphrase, + key_mgmt="SAE", mfp="2", pwe='1', beacon_prot=beacon_prot) + + hapd0 = _eht_mld_enable_ap(hapd_iface, params) + + params['mld_link_id'] = '1' + params['channel'] = '6' + + hapd1 = _eht_mld_enable_ap(hapd_iface, params) + + wpas.set("sae_pwe", "1") + wpas.connect(ssid, sae_password=passphrase, scan_freq="2412 2437", + key_mgmt="SAE", ieee80211w="2", beacon_prot="1") + + _eht_verify_status(wpas, hapd0, 2412, 20, is_ht=True, mld=True) + _eht_verify_wifi_version(wpas) + _test_traffic(wpas, hapd0) + _test_traffic(wpas, hapd1) + +def test_eht_mld_sae_two_links(dev, apdev): + """EHT MLD AP with MLD client SAE H2E connection using two links""" + _test_eht_mld_sae_two_links(dev, apdev) + +def test_eht_mld_sae_two_links_no_beacon_prot(dev, apdev): + """EHT MLD AP with MLD client SAE H2E connection using two links and no beacon protection""" + _test_eht_mld_sae_two_links(dev, apdev, beacon_prot="0") + +def test_eht_mld_sae_ext_one_link(dev, apdev): + """EHT MLD AP with MLD client SAE-EXT H2E connection using single link""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + passphrase = 'qwertyuiop' + ssid = "mld_ap_sae_ext_single_link" + params = eht_mld_ap_wpa2_params(ssid, passphrase, key_mgmt="SAE-EXT-KEY") + + hapd0 = _eht_mld_enable_ap(hapd_iface, params) + + wpas.connect(ssid, sae_password=passphrase, scan_freq="2412", key_mgmt="SAE-EXT-KEY", + ieee80211w="2") + + _eht_verify_status(wpas, hapd0, 2412, 20, is_ht=True, mld=True) + _eht_verify_wifi_version(wpas) + _test_traffic(wpas, hapd0) + +def test_eht_mld_sae_ext_two_links(dev, apdev): + """EHT MLD AP with MLD client SAE-EXT H2E connection using two links""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface), \ + HWSimRadio(use_mlo=True) as (wpas_radio, wpas_iface): + + wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') + wpas.interface_add(wpas_iface) + + passphrase = 'qwertyuiop' + ssid = "mld_ap_sae_two_link" + params = eht_mld_ap_wpa2_params(ssid, passphrase, key_mgmt="SAE-EXT-KEY") + + hapd0 = _eht_mld_enable_ap(hapd_iface, params) + + params['mld_link_id'] = '1' + params['channel'] = '6' + + hapd1 = _eht_mld_enable_ap(hapd_iface, params) + + wpas.connect(ssid, sae_password=passphrase, scan_freq="2412 2437", + key_mgmt="SAE-EXT-KEY", ieee80211w="2") + + _eht_verify_status(wpas, hapd0, 2412, 20, is_ht=True, mld=True) + _eht_verify_wifi_version(wpas) + _test_traffic(wpas, hapd0) + _test_traffic(wpas, hapd1) + +def test_eht_mld_sae_legacy_client(dev, apdev): + """EHT MLD AP with legacy client SAE H2E connection""" + + with HWSimRadio(use_mlo=True) as (hapd_radio, hapd_iface): + passphrase = 'qwertyuiop' + ssid = "mld_ap_sae_two_link" + params = eht_mld_ap_wpa2_params(ssid, passphrase, + key_mgmt="SAE", mfp="2", pwe='1') + + hapd0 = _eht_mld_enable_ap(hapd_iface, params) + + params['mld_link_id'] = '1' + params['channel'] = '6' + + hapd1 = _eht_mld_enable_ap(hapd_iface, params) + + dev[0].set("sae_pwe", "1") + dev[0].connect(ssid, sae_password=passphrase, scan_freq="2412", + key_mgmt="SAE", ieee80211w="2", beacon_prot="1") + + _eht_verify_status(dev[0], hapd0, 2412, 20, is_ht=True) + _test_traffic(dev[0], hapd0)