STA: Check driver capability to enable OCV when driver SME is used

When the driver SME is used, offloaded RSN handshakes like SA Query, GTK rekeying, FT authentication, etc. would fail if wpa_supplicant enables OCV in initial connection based on configuration but the driver doesn't support OCV. To avoid such failures check the driver's capability for enabling OCV when the driver SME used. This commit also adds a capability flag for indicating OCV support by the driver. Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
3 years ago · 73ebd58fc8
parent f3dfe42c7e
commit 73ebd58fc8
4 changed files with 11 additions and 2 deletions
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@ -2015,6 +2015,8 @@ struct wpa_driver_capa {
 #define WPA_DRIVER_FLAGS2_BEACON_RATE_HE	0x0000000000000020ULL
 /** Driver supports Beacon protection only in client mode */
 #define WPA_DRIVER_FLAGS2_BEACON_PROTECTION_CLIENT 0x0000000000000040ULL
+/** Driver supports Operating Channel Validation */
+#define WPA_DRIVER_FLAGS2_OCV			0x0000000000000080ULL
 	u64 flags2;

 #define FULL_AP_CLIENT_STATE_SUPP(drv_flags) \
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@ -660,6 +660,10 @@ static void wiphy_info_ext_feature_flags(struct wiphy_info_data *info,
 	if (ext_feature_isset(ext_features, len,
 			      NL80211_EXT_FEATURE_BEACON_PROTECTION_CLIENT))
 		capa->flags2 |= WPA_DRIVER_FLAGS2_BEACON_PROTECTION_CLIENT;
+
+	if (ext_feature_isset(ext_features, len,
+			      NL80211_EXT_FEATURE_OPERATING_CHANNEL_VALIDATION))
+		capa->flags2 |= WPA_DRIVER_FLAGS2_OCV;
 }


--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@ -1656,7 +1656,9 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
 	wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
 			 wpas_get_ssid_pmf(wpa_s, ssid));
 #ifdef CONFIG_OCV
-	wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
+	if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
+	    (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV))
+		wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
 #endif /* CONFIG_OCV */
 	sae_pwe = wpa_s->conf->sae_pwe;
 	if (ssid->sae_password_id && sae_pwe != 3)
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@ -991,7 +991,8 @@ fast_reauth=1
 # This is a countermeasure against multi-channel man-in-the-middle attacks.
 # Enabling this automatically also enables ieee80211w, if not yet enabled.
 # 0 = disabled (default)
-# 1 = enabled
+# 1 = enabled if wpa_supplicant's SME in use. Otherwise enabled only when the
+#     driver indicates support for operating channel validation.
 #ocv=1
 #
 # auth_alg: list of allowed IEEE 802.11 authentication algorithms