Enable beacon protection only when driver indicates support
Enabling beacon protection will cause STA connection/AP setup failures if the driver doesn't support beacon protection. To avoid this, check the driver capability before enabling beacon protection. This commit also adds a capability flag to indicate beacon protection support in client mode only. Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
This commit is contained in:
Veerendranath Jakkam
Jouni Malinen
parent
9d99814e22
commit
d36d4209fd
8 changed files with 30 additions and 8 deletions
|
|
@ -1786,7 +1786,8 @@ own_ip_addr=127.0.0.1
|
|||
#group_mgmt_cipher=AES-128-CMAC
|
||||
|
||||
# Beacon Protection (management frame protection for Beacon frames)
|
||||
# This depends on management frame protection being enabled (ieee80211w != 0).
|
||||
# This depends on management frame protection being enabled (ieee80211w != 0)
|
||||
# and beacon protection support indication from the driver.
|
||||
# 0 = disabled (default)
|
||||
# 1 = enabled
|
||||
#beacon_prot=0
|
||||
|
|
|
|||
|
|
@ -425,7 +425,9 @@ static void hostapd_ext_capab_byte(struct hostapd_data *hapd, u8 *pos, int idx)
|
|||
* Identifiers Used Exclusively */
|
||||
}
|
||||
#endif /* CONFIG_SAE */
|
||||
if (hapd->conf->beacon_prot)
|
||||
if (hapd->conf->beacon_prot &&
|
||||
(hapd->iface->drv_flags &
|
||||
WPA_DRIVER_FLAGS_BEACON_PROTECTION))
|
||||
*pos |= 0x10; /* Bit 84 - Beacon Protection Enabled */
|
||||
break;
|
||||
case 11: /* Bits 88-95 */
|
||||
|
|
@ -494,7 +496,8 @@ u8 * hostapd_eid_ext_capab(struct hostapd_data *hapd, u8 *eid)
|
|||
hostapd_sae_pw_id_in_use(hapd->conf))
|
||||
len = 11;
|
||||
#endif /* CONFIG_SAE */
|
||||
if (len < 11 && hapd->conf->beacon_prot)
|
||||
if (len < 11 && hapd->conf->beacon_prot &&
|
||||
(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_BEACON_PROTECTION))
|
||||
len = 11;
|
||||
#ifdef CONFIG_SAE_PK
|
||||
if (len < 12 && hapd->conf->wpa &&
|
||||
|
|
|
|||
|
|
@ -169,7 +169,9 @@ static int ieee802_11_send_wnmsleep_resp(struct hostapd_data *hapd,
|
|||
pos += igtk_elem_len;
|
||||
wpa_printf(MSG_DEBUG, "Pass 4 igtk_len = %d",
|
||||
(int) igtk_elem_len);
|
||||
if (hapd->conf->beacon_prot) {
|
||||
if (hapd->conf->beacon_prot &&
|
||||
(hapd->iface->drv_flags &
|
||||
WPA_DRIVER_FLAGS_BEACON_PROTECTION)) {
|
||||
res = wpa_wnmsleep_bigtk_subelem(sta->wpa_sm, pos);
|
||||
if (res < 0)
|
||||
goto fail;
|
||||
|
|
@ -537,7 +539,8 @@ static void wnm_beacon_protection_failure(struct hostapd_data *hapd,
|
|||
{
|
||||
struct sta_info *sta;
|
||||
|
||||
if (!hapd->conf->beacon_prot)
|
||||
if (!hapd->conf->beacon_prot ||
|
||||
!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_BEACON_PROTECTION))
|
||||
return;
|
||||
|
||||
sta = ap_get_sta(hapd, addr);
|
||||
|
|
|
|||
|
|
@ -1512,6 +1512,9 @@ int hostapd_setup_wpa(struct hostapd_data *hapd)
|
|||
else
|
||||
_conf.extended_key_id = 0;
|
||||
|
||||
if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_BEACON_PROTECTION))
|
||||
_conf.beacon_prot = 0;
|
||||
|
||||
_conf.secure_ltf =
|
||||
!!(hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_SEC_LTF);
|
||||
_conf.secure_rtt =
|
||||
|
|
|
|||
|
|
@ -2013,6 +2013,8 @@ struct wpa_driver_capa {
|
|||
#define WPA_DRIVER_FLAGS2_PROT_RANGE_NEG 0x0000000000000010ULL
|
||||
/** Driver supports Beacon frame TX rate configuration (HE rates) */
|
||||
#define WPA_DRIVER_FLAGS2_BEACON_RATE_HE 0x0000000000000020ULL
|
||||
/** Driver supports Beacon protection only in client mode */
|
||||
#define WPA_DRIVER_FLAGS2_BEACON_PROTECTION_CLIENT 0x0000000000000040ULL
|
||||
u64 flags2;
|
||||
|
||||
#define FULL_AP_CLIENT_STATE_SUPP(drv_flags) \
|
||||
|
|
|
|||
|
|
@ -656,6 +656,10 @@ static void wiphy_info_ext_feature_flags(struct wiphy_info_data *info,
|
|||
if (ext_feature_isset(ext_features, len,
|
||||
NL80211_EXT_FEATURE_UNSOL_BCAST_PROBE_RESP))
|
||||
info->drv->unsol_bcast_probe_resp = 1;
|
||||
|
||||
if (ext_feature_isset(ext_features, len,
|
||||
NL80211_EXT_FEATURE_BEACON_PROTECTION_CLIENT))
|
||||
capa->flags2 |= WPA_DRIVER_FLAGS2_BEACON_PROTECTION_CLIENT;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1492,8 +1492,11 @@ fast_reauth=1
|
|||
# 2: do not allow PFS to be used
|
||||
#dpp_pfs=0
|
||||
|
||||
# Whether Beacon protection is enabled
|
||||
# This depends on management frame protection (ieee80211w) being enabled.
|
||||
# Whether beacon protection is enabled
|
||||
# This depends on management frame protection (ieee80211w) being enabled and
|
||||
# beacon protection support indication from the driver.
|
||||
# 0 = disabled (default)
|
||||
# 1 = enabled
|
||||
#beacon_prot=0
|
||||
|
||||
# OWE DH Group
|
||||
|
|
|
|||
|
|
@ -1473,7 +1473,10 @@ void wpa_supplicant_rsn_supp_set_config(struct wpa_supplicant *wpa_s,
|
|||
conf.fils_cache_id =
|
||||
wpa_bss_get_fils_cache_id(wpa_s->current_bss);
|
||||
#endif /* CONFIG_FILS */
|
||||
conf.beacon_prot = ssid->beacon_prot;
|
||||
if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_BEACON_PROTECTION) ||
|
||||
(wpa_s->drv_flags2 &
|
||||
WPA_DRIVER_FLAGS2_BEACON_PROTECTION_CLIENT))
|
||||
conf.beacon_prot = ssid->beacon_prot;
|
||||
}
|
||||
#ifdef CONFIG_PASN
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
|
|
|
|||
Loading…
Reference in a new issue