Add new QCA vendor attributes to get thermal level from the driver. The
driver may return thermal level when userpace requests, or send a
thermal event when thermal level changes.
Signed-off-by: Hu Wang <huw@codeaurora.org>
Add support to skip sae_pk password check under compile flag
CONFIG_TESTING_OPTIONS which allows AP to be configured with
sae_pk enabled but a password that is invalid for sae_pk.
Signed-off-by: Shaakir Mohamed <smohamed@codeaurora.org>
Skip check to mandate MFP capability for OCV enabled STA when OCV is
disabled in AP. This is to improve interoperability with STAs in which
OCV capability is advertised incorrectly without advertising MFP when
OCV is disabled in AP.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
Enhance the return values of ocv_verify_tx_params with enum to indicate
different OCI verification failures to caller.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
This was changed in the protocol design to include nonce from both
devices, so update implementation to match.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This was changed in the protocol design to allow ke derivation to use
E-nonce, so update implementation to match.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This change adds QCA_NL80211_VENDOR_SUBCMD_MBSSID_TX_VDEV_STATUS,
and enum for qca_wlan_vendor_attr_mbssid_tx_vdev_status to notify
Tx VDEV status.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Explicit configuration to enable TLS v1.0 and/or v1.1 did not work with
systemwide OpenSSL secpolicy=2 cases (e.g., Ubuntu 20.04). Allow such
systemwide configuration to be overridden if the older TLS versions have
been explicitly enabled in the network profile. The default behavior
follows the systemwide policy, but this allows compatibility with old
authentication servers without having to touch the systemwide policy.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a new vendor attribute for GPIO configuration. In addition, document
the previously defined attributes.
Signed-off-by: Chaoli Zhou <zchaoli@codeaurora.org>
Extend DPP authentication session search for the DPP_QR_CODE command to
cover the ongoing exchanges in Controller/Responder. This was previously
done for wpa_supplicant, but not for hostapd, so complete this support
on the hostapd side.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
These were not really used anymore since the AP/Relay case did not set
msg_ctx or process_conf_obj in the global DPP context. Get the
appropriate pointers more directly from the more specific data
structures instead and remove these global values.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend hostapd support for DPP Controller to cover the DPP_CONTROLLER_*
cases that were previously implemented only in wpa_supplicant. This
allows hostapd/AP to be provisioned using DPP over TCP.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Firmware statistics are received in the driver as opaque data. The host
target needs to send this opaque data to userspace wifistats
application. This new event is used to transfer this opaque data to the
application.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
If reassoc_same_bss_optim=1 is used to optimize reassociation back to
the same BSS, it was possible for sm->pmk_len to be 0 due to a
disconnection event getting processed after sending out the
reassociation request. This resulted in wpa_sm_rx_eapol() calling
wpa_mic_len() with incorrect PMK length when PMKSA caching was being
attempted. That resulted in incorrect mic_len getting determined and not
finding the correct Key Data Length field value. This could result in
failing to complete 4-way handshake successfully.
Fix this by updating the current PMK length based on the selected PMKSA
cache entry if sm->pmk_len is not set when processing EAPOL-Key msg 1/4.
Signed-off-by: Jouni Malinen <j@w1.fi>
As per RFC 8110 (Opportunistic Wireless Encryption), if the AP has the
PMK identified by the PMKID and wishes to perform PMK caching, it will
include the PMKID in the Association Response frame RSNE but does not
include the Diffie-Hellman Parameter element.
This was already addressed for most cases with owe_process_assoc_req()
not setting sta->owe_ecdh in case PMKSA caching is used. However, it was
possible to an old STA entry to maintain the initial sta->owe_ecdh value
if reassociation back to the same AP was used to initiate the PMKSA
caching attempt. Cover that case by adding an explicit check for the
time when the Association Response frame is being generated.
Signed-off-by: Chittur Subramanian Raman <craman@maxlinear.com>
SSL_add0_chain_cert() was not available in LibreSSL before version
2.9.1.
Fixes: 4b834df5e0 ("OpenSSL: Support PEM encoded chain from client_cert blob")
Signed-off-by: Jouni Malinen <j@w1.fi>
Add a new QCA vendor attribute to configure the driver/firmware to
ignore SA Query timeout. If this configuration is enabled the
driver/firmware shall not send Deauthentication frame when SA Query
times out. This is required to support STA testbed role.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
These vendor attributes for FT/OCV/SAE testing can be configured only
when the STA is in connected state. Update the documentation of the
attributes to reflect the same.
Fixes: 18f3f99ac4 ("Add vendor attributes to configure testing functionality for FT/OCV/SAE")
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
Add support to get number of MIC errors, missing MME incidents, and
packet replay incidents observed while using IGTK/BIGTK keys when PMF
and/or beacon protection features are enabled.
These counters are applicable only for STA mode and can be fetched
through the QCA_NL80211_VENDOR_SUBCMD_GET_STA_INFO vendor command.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
Add support to parse the (Re)Association Response frames to check if the
AP has accepted/declined the MSCS request in response to the
corresponding (Re)Association Request frame. AP indicates the result by
setting it in the optional MSCS Status subelement of MSCS Descriptor
element in (Re)Association Response frame.
This MSCS Status subelement is defined in the process of being added
into P802.11-REVmd/D4.0 (11-20-0516-17-000m-cr-mscs-and-cid4158).
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
Add support to receive and process MSCS Response frames from the AP and
indicate the status to upper layers.
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
The function hostapd_event_ch_switch() derived the seg0_idx and seg1_idx
values only for the 5 GHz and 2.4 GHz bands and the 6 GHz case ended up
using incorrect calculation based on the 5 GHz channel definitions.
Fix this by adding support for 6 GHz frequencies.
Signed-off-by: Rohan <drohan@codeaurora.org>
Add a QCA vendor subcommand QCA_NL80211_VENDOR_SUBCMD_UPDATE_SSID
to update the new SSID in hostapd. NL80211_ATTR_SSID is used to encapsulate
the new SSID.
Signed-off-by: Pooventhiran G <pooventh@codeaurora.org>
Currently the driver/firmware indicates CCA busy time which includes own
TX and RX time and as such, does not allow the CCA busy time due to
other nodes to be computed. Add separate statistics to indicate own
radio TX time and own radio RX time to facilitate userspace applications
to compute CCA busy time because of traffic unintended to this device.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
All QCA_WLAN_VENDOR_ATTR_LL_STATS_CHANNEL_* attributes are also nested
within QCA_WLAN_VENDOR_ATTR_LL_STATS_CH_INFO, not only
QCA_WLAN_VENDOR_ATTR_LL_STATS_CHANNEL_INFO* attributes in the current
implementation. Fix QCA_WLAN_VENDOR_ATTR_LL_STATS_CH_INFO documentation
accordingly.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit does the following enhancements to the TWT interface:
Corrects the documentation for QCA_WLAN_TWT_SUSPEND and
QCA_WLAN_TWT_TERMINATE. Specifies that these operations carry the
parameters obtained through QCA_WLAN_VENDOR_ATTR_CONFIG_TWT_PARAMS. This
interface is very recently introduced and missed to document the same.
There are no user space or driver components using this interface yet.
Hence, enhancing/modifying the interface.
Corrects the documentation for
QCA_WLAN_VENDOR_ATTR_TWT_SETUP_WAKE_DURATION. Mentions that the units it
represent is a multiple of 256 microseconds rather than a TU. The host
driver always interpreted this as an unit in 256 microseconds and there
are no user space implementations that are impacted with this change in
the unit. Hence, modifying the documentation.
Introduces QCA_WLAN_VENDOR_ATTR_TWT_RESUME_NEXT2_TWT_SIZE, which is
similar to that of QCA_WLAN_VENDOR_ATTR_TWT_RESUME_NEXT_TWT, but carries
an offset/data of u32 size.
Introduces MAC_ADDR attribute to represent the peer for the TWT setup
and resume operations.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
While the listed unknown operating class/channel number pairs need to be
ignored, that should be done in a manner than prevents the parsed
bootstrapping info from being used as if it had no channel list (i.e.,
allowing any channel) if there are no known operating class/channel
number pairs.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend DPP authentication session search for the DPP_QR_CODE command to
cover the ongoing exchanges in Controller/Responder.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The case where mutual authentication with QR Code bootstrapping is used
with scanning of the QR Code during the exchange resulted in the
Controller closing the TCP socket too early. Fix this by leaving the
socket open while waiting for the full Authentication Response message.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend the DPP_CONTROLLER_START command to accept the optional qr=mutual
parameter similarly to the DPP_LISTEN case.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add support to configure the number of TX chains and the number of RX
chains to be used during a connection.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend dpp_control_get_auth() to find the ongoing session for enterprise
credential provisioning in cases where the Controller/Configurator
initiated the exchange. Only the other direction was supported
previously.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add an encrypted Enrollee identifier into Reconfig Announcement frames
and decrypt that on the Configurator side. The actual E-id value is
currently not used for anything, but it can be used in the future to
provide better control over reconfiguration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This was added to the protocol design to support cases where the
C-sign-key uses a different group than the netAccessKey. The Enrollee
now indicates its netAccessKey group in Reconfig Announcement and the
Configurator builds it own reconfig Connector using that group instead
of the group used for the C-sign-key.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This prevents use of a SAE-PK style password as the WPA-PSK passphrase
only if the same password is not also enabled through sae_password for
use with SAE-PK.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Introduce additional attributes for the TWT response parameters from the
host driver. Also, add ATTR_TWT_RESUME_FLOW_ID for TWT Resume request.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Update the SAE-PK implementation to match the changes in the protocol
design:
- allow only Sec values 3 and 5 and encode this as a single bit field
with multiple copies
- add a checksum character
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add override parameters to use the specified channel while populating
OCI element in EAPOL-Key group msg 2/2, FT reassoc request, FILS assoc
request and WNM sleep request frames.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
The documentation for the QCA_WLAN_VENDOR_ATTR_CONFIG_UDP_QOS_UPGRADE
attribute had incorrectly specified the value of 0 (corresponding to BE)
to disable the QoS upgrade. BK (1) is a lower priority AC compared to BE
and if BE is used to disable the upgrade, there would be no possibility
for configured UDP AC upgrade to replace BK-from-DSCP with BE. Thus,
correct this by specifying that the value of BK (1) is used to disable
this UDP AC upgrade.
Fixes: ebd5e764f9 ("Vendor attribute to configure QoS/AC upgrade for UDP frames")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
