1. 26 1月, 2019 2 次提交
    • L
      nl80211: Allow set/del pmksa operations for AP · 6c900360
      Liangwei Dong 提交于
      Host drivers may offload authentication to the user space
      through the commit ("cfg80211: Authentication offload to
      user space in AP mode").
      
      This interface can be used to implement SAE by having the
      userspace do authentication/PMKID key derivation and driver
      handle the association.
      
      A step ahead, this interface can get further optimized if the
      PMKID is passed to the host driver and also have it respond to
      the association request by the STA on a valid PMKID.
      
      This commit enables the userspace to pass the PMKID to the host
      drivers through the set/del pmksa operations in AP mode.
      
      Set/Del pmksa is now restricted to STA/P2P client mode only and
      thus the drivers might not expect them in any other(AP) mode.
      
      This commit also introduces a feature flag
      NL80211_EXT_FEATURE_AP_PMKSA_CACHING (johannes: renamed) to
      maintain the backward compatibility of such an expectation by
      the host drivers. These operations are allowed in AP mode only
      when the drivers advertize the capability through this flag.
      Signed-off-by: NLiangwei Dong <liangwei@codeaurora.org>
      Signed-off-by: NSrinivas Dasari <dasaris@codeaurora.org>
      [rename flag to NL80211_EXT_FEATURE_AP_PMKSA_CACHING]
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      6c900360
    • S
      cfg80211: Authentication offload to user space in AP mode · fe494370
      Srinivas Dasari 提交于
      commit 40cbfa90 ("cfg80211/nl80211: Optional authentication
      offload to userspace")' introduced authentication offload to user
      space by the host drivers in station mode. This commit extends
      the same for the AP mode too.
      
      Extend NL80211_ATTR_EXTERNAL_AUTH_SUPPORT to also claim the
      support of external authentication from the user space in AP mode.
      A new flag parameter is introduced in cfg80211_ap_settings to
      intend the same while "start ap".
      
      Host driver to use NL80211_CMD_FRAME interface to transmit and
      receive the authentication frames to / from the user space.
      
      Host driver to indicate the flag NL80211_RXMGMT_FLAG_EXTERNAL_AUTH
      while sending the authentication frame to the user space. This
      intends to the user space that the driver wishes it to process
      the authentication frame for certain protocols, though it had
      initially advertised the support for SME functionality.
      
      User space shall accordingly do the authentication and indicate
      its final status through the command NL80211_CMD_EXTERNAL_AUTH.
      Allow the command even if userspace doesn't include the attribute
      NL80211_ATTR_SSID for AP interface.
      
      Host driver shall continue with the association sequence and
      indicate the STA connection status through cfg80211_new_sta.
      
      To facilitate the host drivers in AP mode for matching the pmkid
      by the stations during the association, NL80211_CMD_EXTERNAL_AUTH
      is also enhanced to include the pmkid to drivers after
      the authentication.
      This pmkid can also be used in the STA mode to include in the
      association request.
      
      Also modify nl80211_external_auth to not mandate SSID in AP mode.
      Signed-off-by: NSrinivas Dasari <dasaris@codeaurora.org>
      [remove useless nla_get_flag() usage]
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      fe494370
  2. 25 1月, 2019 1 次提交
    • V
      cfg80211: Allow drivers to advertise supported AKM suites · ab4dfa20
      Veerendranath Jakkam 提交于
      There was no such capability advertisement from the driver and thus the
      current user space has to assume the driver to support all the AKMs. While
      that may be the case with some drivers (e.g., mac80211-based ones), there
      are cfg80211-based drivers that implement SME and have constraints on
      which AKMs can be supported (e.g., such drivers may need an update to
      support SAE AKM using NL80211_CMD_EXTERNAL_AUTH). Allow such drivers to
      advertise the exact set of supported AKMs so that user space tools can
      determine what network profile options should be allowed to be configured.
      Signed-off-by: NVeerendranath Jakkam <vjakkam@codeaurora.org>
      [pmsr data might be big, start a new netlink message section]
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      ab4dfa20
  3. 19 1月, 2019 3 次提交
  4. 18 12月, 2018 2 次提交
    • S
      nl80211: Add support to notify radar event info received from STA · 30c63115
      Sriram R 提交于
      Currently radar detection and corresponding channel switch is handled
      at the AP device. STA ignores these detected radar events since the
      radar signal can be seen mostly by the AP as well. But in scenarios where
      a radar signal is seen only at STA, notifying this event to the AP which
      can trigger a channel switch can be useful.
      Stations can report such radar events autonomously through Spectrum
      management (Measurement Report) action frame to its AP. The userspace on
      processing the report can notify the kernel with the use of the added
      NL80211_CMD_NOTIFY_RADAR to indicate the detected event and inturn adding
      the reported channel to NOL.
      Signed-off-by: NSriram R <srirrama@codeaurora.org>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      30c63115
    • J
      cfg80211: clarify LCI/civic location documentation · 30db641e
      Johannes Berg 提交于
      The older code and current userspace assumed that this data
      is the content of the Measurement Report element, starting
      with the Measurement Token. Clarify this in the documentation.
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      30db641e
  5. 05 12月, 2018 1 次提交
  6. 09 11月, 2018 3 次提交
    • B
      {nl,mac}80211: add dot11MeshConnectedToMeshGate to meshconf · 01d66fbd
      Bob Copeland 提交于
      When userspace is controlling mesh routing, it may have better
      knowledge about whether a mesh STA is connected to a mesh
      gate than the kernel mpath table.  Add dot11MeshConnectedToMeshGate
      to the mesh config so that such applications can explicitly
      signal that a mesh STA is connected to a gate, which will then
      be advertised in the beacon.
      Signed-off-by: NBob Copeland <bobcopeland@fb.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      01d66fbd
    • B
      {nl,mac}80211: report gate connectivity in station info · dbdaee7a
      Bob Copeland 提交于
      Capture the current state of gate connectivity from the mesh
      formation field in mesh config whenever we receive a beacon,
      and report that via GET_STATION.  This allows applications
      doing mesh peering in userspace to make peering decisions
      based on peers' current upstream connectivity.
      Signed-off-by: NBob Copeland <bobcopeland@fb.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      dbdaee7a
    • J
      cfg80211: add peer measurement with FTM initiator API · 9bb7e0f2
      Johannes Berg 提交于
      Add a new "peer measurement" API, that can be used to measure
      certain things related to a peer. Right now, only implement
      FTM (flight time measurement) over it, but the idea is that
      it'll be extensible to also support measuring the necessary
      things to calculate e.g. angle-of-arrival for WiGig.
      
      The API is structured to have a generic list of peers and
      channels to measure with/on, and then for each of those a
      set of measurements (again, only FTM right now) to perform.
      
      Results are sent to the requesting socket, including a final
      complete message.
      
      Closing the controlling netlink socket will abort a running
      measurement.
      
      v3:
       - add a bit to report "final" for partial results
       - remove list keeping etc. and just unicast out the results
         to the requester (big code reduction ...)
       - also send complete message unicast, and as a result
         remove the multicast group
       - separate out struct cfg80211_pmsr_ftm_request_peer
         from struct cfg80211_pmsr_request_peer
       - document timeout == 0 if no timeout
       - disallow setting timeout nl80211 attribute to 0,
         must not include attribute for no timeout
       - make MAC address randomization optional
       - change num bursts exponent default to 0 (1 burst, rather
         rather than the old default of 15==don't care)
      
      v4:
       - clarify NL80211_ATTR_TIMEOUT documentation
      
      v5:
       - remove unnecessary nl80211 multicast/family changes
       - remove partial results bit/flag, final is sufficient
       - add max_bursts_exponent, max_ftms_per_burst to capability
       - rename "frames per burst" -> "FTMs per burst"
      
      v6:
       - rename cfg80211_pmsr_free_wdev() to cfg80211_pmsr_wdev_down()
         and call it in leave, so the device can't go down with any
         pending measurements
      
      v7:
       - wording fixes (Lior)
       - fix ftm.max_bursts_exponent to allow having the limit of 0 (Lior)
      
      v8:
       - copyright statements
       - minor coding style fixes
       - fix error path leak
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      9bb7e0f2
  7. 12 10月, 2018 1 次提交
    • A
      nl80211: Add per peer statistics to compute FCS error rate · 0d4e14a3
      Ankita Bajaj 提交于
      Add support for drivers to report the total number of MPDUs received
      and the number of MPDUs received with an FCS error from a specific
      peer. These counters will be incremented only when the TA of the
      frame matches the MAC address of the peer irrespective of FCS
      error.
      
      It should be noted that the TA field in the frame might be corrupted
      when there is an FCS error and TA matching logic would fail in such
      cases. Hence, FCS error counter might not be fully accurate, but it can
      provide help in detecting bad RX links in significant number of cases.
      This FCS error counter without full accuracy can be used, e.g., to
      trigger a kick-out of a connected client with a bad link in AP mode to
      force such a client to roam to another AP.
      Signed-off-by: NAnkita Bajaj <bankita@codeaurora.org>
      Signed-off-by: NJouni Malinen <jouni@codeaurora.org>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      0d4e14a3
  8. 02 10月, 2018 1 次提交
  9. 05 9月, 2018 1 次提交
    • A
      nl80211: Add CAN_REPLACE_PTK0 API · 2b815b04
      Alexander Wetzel 提交于
      Drivers able to correctly replace a in-use key should set
      @NL80211_EXT_FEATURE_CAN_REPLACE_PTK0 to allow the user space (e.g.
      hostapd or wpa_supplicant) to rekey PTK keys.
      
      The user space must detect a PTK rekey attempt and only go ahead with it
      when the driver has set this flag. If the driver is not supporting the
      feature the user space either must not replace the PTK key or perform a
      full re-association instead.
      
      Ignoring this flag and continuing to rekey the connection can still work
      but has to be considered insecure and broken. Depending on the driver it
      can leak clear text packets or freeze the connection and is only
      supported to allow the user space to be updated.
      Signed-off-by: NAlexander Wetzel <alexander@wetzel-home.de>
      Reviewed-by: NDenis Kenzior <denkenz@gmail.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      2b815b04
  10. 29 8月, 2018 1 次提交
    • B
      cfg80211: clarify frames covered by average ACK signal report · 9c06602b
      Balaji Pothunoori 提交于
      Modify the API to include all ACK frames in average ACK
      signal strength reporting, not just ACKs for data frames.
      Make exposing the data conditional on implementing the
      extended feature flag.
      
      This is how it was really implemented in mac80211, update
      the code there to use the new defines and clean up some of
      the setting code.
      
      Keep nl80211.h source compatibility by keeping the old names.
      Signed-off-by: NBalaji Pothunoori <bpothuno@codeaurora.org>
      [rewrite commit log, change compatibility to be old=new
       instead of the other way around, update kernel-doc,
       roll in mac80211 changes, make mac80211 depend on valid
       bit instead of HW flag]
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      9c06602b
  11. 28 8月, 2018 1 次提交
  12. 15 6月, 2018 3 次提交
  13. 23 5月, 2018 2 次提交
  14. 18 5月, 2018 1 次提交
    • E
      cfg80211: further limit wiphy names to 64 bytes · 81459649
      Eric Biggers 提交于
      wiphy names were recently limited to 128 bytes by commit a7cfebcb
      ("cfg80211: limit wiphy names to 128 bytes").  As it turns out though,
      this isn't sufficient because dev_vprintk_emit() needs the syslog header
      string "SUBSYSTEM=ieee80211\0DEVICE=+ieee80211:$devname" to fit into 128
      bytes.  This triggered the "device/subsystem name too long" WARN when
      the device name was >= 90 bytes.  As before, this was reproduced by
      syzbot by sending an HWSIM_CMD_NEW_RADIO command to the MAC80211_HWSIM
      generic netlink family.
      
      Fix it by further limiting wiphy names to 64 bytes.
      
      Reported-by: syzbot+e64565577af34b3768dc@syzkaller.appspotmail.com
      Fixes: a7cfebcb ("cfg80211: limit wiphy names to 128 bytes")
      Signed-off-by: NEric Biggers <ebiggers@google.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      81459649
  15. 08 5月, 2018 3 次提交
    • T
      cfg80211: Expose TXQ stats and parameters to userspace · 52539ca8
      Toke Høiland-Jørgensen 提交于
      This adds support for exporting the mac80211 TXQ stats via nl80211 by
      way of a nested TXQ stats attribute, as well as for configuring the
      quantum and limits that were previously only changeable through debugfs.
      
      This commit adds just the nl80211 API, a subsequent commit adds support to
      mac80211 itself.
      Signed-off-by: NToke Høiland-Jørgensen <toke@toke.dk>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      52539ca8
    • B
      cfg80211: average ack rssi support for data frames · 81d5439d
      Balaji Pothunoori 提交于
      Average ack rssi will be given to userspace via NL80211 interface
      if firmware is capable. Userspace tool ‘iw’ can process this
      information and give the output as one of the fields in
      ‘iw dev wlanX station dump’.
      
      Example output :
      
      localhost ~ #iw dev wlan-5000mhz station dump Station
      34:f3:9a:aa:3b:29 (on wlan-5000mhz)
              inactive time:  5370 ms
              rx bytes:       85321
              rx packets:     576
              tx bytes:       14225
              tx packets:     71
              tx retries:     0
              tx failed:      2
              beacon loss:    0
              rx drop misc:   0
              signal:         -54 dBm
              signal avg:     -53 dBm
              tx bitrate:     866.7 MBit/s VHT-MCS 9 80MHz short GI VHT-NSS 2
              rx bitrate:     866.7 MBit/s VHT-MCS 9 80MHz short GI VHT-NSS 2
              avg ack signal: -56 dBm
              authorized:     yes
              authenticated:  yes
              associated:     yes
              preamble:       short
              WMM/WME:        yes
              MFP:            no
              TDLS peer:      no
              DTIM period:    2
              beacon interval:100
             short preamble: yes
             short slot time:yes
             connected time: 203 seconds
      
      Main use case is to measure the signal strength of a connected station
      to AP. Data packet transmit rates and bandwidth used by station can vary
      a lot even if the station is at fixed location, especially if the rates
      used are multi stream(2stream, 3stream) rates with different bandwidth(20/40/80 Mhz).
      These multi stream rates are sensitive and station can use different transmit power
      for each of the rate and bandwidth combinations. RSSI measured from these RX packets
      on AP will be not stable and can vary a lot with in a short time.
      Whereas 802.11 ack frames from station are sent relatively at a constant
      rate (6/12/24 Mbps) with constant bandwidth(20 Mhz).
      So average rssi of the ack packets is good and more accurate.
      Signed-off-by: NBalaji Pothunoori <bpothuno@codeaurora.org>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      81d5439d
    • H
      nl80211: Add wmm rule attribute to NL80211_CMD_GET_WIPHY dump command · 50f32718
      Haim Dreyfuss 提交于
      This will serve userspace entity to maintain its regulatory limitation.
      More specifcally APs can use this data to calculate the WMM IE when
      building: beacons, probe responses, assoc responses etc...
      Signed-off-by: NHaim Dreyfuss <haim.dreyfuss@intel.com>
      Signed-off-by: NLuca Coelho <luciano.coelho@intel.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      50f32718
  16. 19 4月, 2018 1 次提交
    • J
      cfg80211: limit wiphy names to 128 bytes · a7cfebcb
      Johannes Berg 提交于
      There's currently no limit on wiphy names, other than netlink
      message size and memory limitations, but that causes issues when,
      for example, the wiphy name is used in a uevent, e.g. in rfkill
      where we use the same name for the rfkill instance, and then the
      buffer there is "only" 2k for the environment variables.
      
      This was reported by syzkaller, which used a 4k name.
      
      Limit the name to something reasonable, I randomly picked 128.
      
      Reported-by: syzbot+230d9e642a85d3fec29c@syzkaller.appspotmail.com
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      a7cfebcb
  17. 29 3月, 2018 6 次提交
  18. 21 3月, 2018 2 次提交
  19. 19 2月, 2018 1 次提交
  20. 31 1月, 2018 3 次提交
    • T
      cfg80211: Add support to notify station's opmode change to userspace · 466b9936
      tamizhr@codeaurora.org 提交于
      ht/vht action frames will be sent to AP from station to notify
      change of its ht/vht opmode(max bandwidth, smps mode or nss) modified
      values. Currently these valuse used by driver/firmware for rate control
      algorithm. This patch introduces NL80211_CMD_STA_OPMODE_CHANGED
      command to notify those modified/current supported values(max bandwidth,
      smps mode, max nss) to userspace application. This will be useful for the
      application like steering, which closely monitoring station's capability
      changes. Since the application has taken these values during station
      association.
      Signed-off-by: NTamizh chelvam <tamizhr@codeaurora.org>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      466b9936
    • S
      cfg80211/nl80211: Optional authentication offload to userspace · 40cbfa90
      Srinivas Dasari 提交于
      This interface allows the host driver to offload the authentication to
      user space. This is exclusively defined for host drivers that do not
      define separate commands for authentication and association, but rely on
      userspace SME (e.g., in wpa_supplicant for the ~WPA_DRIVER_FLAGS_SME
      case) for the authentication to happen. This can be used to implement
      SAE without full implementation in the kernel/firmware while still being
      able to use NL80211_CMD_CONNECT with driver-based BSS selection.
      
      Host driver sends NL80211_CMD_EXTERNAL_AUTH event to start/abort
      authentication to the port on which connect is triggered and status
      of authentication is further indicated by user space to host
      driver through the same command response interface.
      
      User space entities advertise this capability through the
      NL80211_ATTR_EXTERNAL_AUTH_SUPP flag in the NL80211_CMD_CONNECT request.
      Host drivers shall look at this capability to offload the authentication.
      Signed-off-by: NSrinivas Dasari <dasaris@qti.qualcomm.com>
      Signed-off-by: NJouni Malinen <jouni@qca.qualcomm.com>
      [add socket connection ownership check]
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      40cbfa90
    • S
      nl80211: Introduce scan flags to emphasize requested scan behavior · 5037a009
      Sunil Dutt 提交于
      This commit defines new scan flags (LOW_SPAN, LOW_POWER, HIGH_LATENCY)
      to emphasize the requested scan behavior for the driver. These flags
      are optional and are mutually exclusive. The implementation of the
      respective functionality can be driver/hardware specific.
      
      These flags can be used to control the compromise between how long
      a scan takes, how much power it uses, and high accurate/complete
      the scan is in finding the BSSs.
      Signed-off-by: NSunil Dutt <usdutt@qti.qualcomm.com>
      Signed-off-by: NJouni Malinen <jouni@qca.qualcomm.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      5037a009
  21. 19 12月, 2017 1 次提交