3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-15 16:39:24 +01:00
Commit Graph

7312 Commits

Author SHA1 Message Date
James Prestwood
c2ad0006eb ap: bail in ap_del_station if AP is going down
Caught by static analysis, if this condition is met the AP is going
down so we cannot continue further accessing the ap object.
2024-02-29 14:37:49 -06:00
James Prestwood
5fcfb430b2 ap: verify ATTR_MAC exists in NEW_STATION
Caught by static analysis, if ATTR_MAC was not in the message there
would be a memcpy with uninitialized bytes. In addition there is no
reason to memcpy twice. Instead 'mac' can be a const pointer which
both verifies it exists and removes the need for a second memcpy.
2024-02-29 14:37:42 -06:00
James Prestwood
3a17c8e3c5 nl80211util: check l_genl_attr_recurse return in extract_nested
Caught by static analysis, the recurse operation return was not being
checked.
2024-02-29 14:37:29 -06:00
James Prestwood
6febe5bed1 ap: allow va_end to get called in ap_handshake_event
Caught by static analysis, va_end was never being called since the
REKEY_COMPLETE event was returning early.
2024-02-29 14:37:19 -06:00
James Prestwood
338577bb3a ap: check that the last band_freq_attrs was set
Static analysis complains that 'last' could be NULL which is true.
This really could only happen if every frequency was disabled which
likely is impossible but in any case, check before dereferencing
the pointer.
2024-02-29 14:37:01 -06:00
James Prestwood
83c032a583 p2putil: check length of client info description
A length check was missing which could cause a out of bounds read.

Co-authored-by: Alex Radocea <alex@supernetworks.org>
2024-02-29 14:36:16 -06:00
James Prestwood
d34b4e16e0 p2putil: initialize all parsing structures to zero
Since these are all stack variables they are not zero initialized.
If parsing fails there may be invalid pointers within the structures
which can get dereferenced by p2p_clear_*
2024-02-29 14:33:23 -06:00
James Prestwood
52a47c9fd4 p2putil: fix crash/remove side effect parsing adv service info
The input queue pointer was being initialized unconditionally so if
parsing fails the out pointer is still set after the queue is
destroyed. This causes a crash during cleanup.

Instead use a temporary pointer while parsing and only after parsing
has finished do we set the out pointer.

Reported-By: Alex Radocea <alex@supernetworks.org>
2024-02-29 14:32:53 -06:00
James Prestwood
816d258cab auto-t: Add frame fuzzing test
Add a test to validate a crash found by Alex Radocea when sending
a fuzzed beacon frame.

Co-authored-by: Alex Radocea <alex@supernetworks.org>
2024-02-29 14:32:33 -06:00
James Prestwood
5067654a6d auto-t: end process_io on HUP signal, detect process crash
When HUP is received the IO read callback was never completing which
caused it to block indefinitely until waited for. This didn't matter
for most transient processes but for IWD, hostapd, wpa_supplicant
it would cause test-runner to hang if the process crashed.

Detecting a crash is somewhat hacky because we have no process
management like systemd and the return code isn't reliable as some
processes return non-zero under normal circumstances. So to detect
a crash the process output is being checked for the string:
"++++++++ backtrace ++++++++". This isn't 100% reliable obviously
since its dependent on how the binary is compiled, but even if the
crash itself isn't detected any test should still fail if written
correctly.

Doing this allows auto-tests to handle IWD crashes gracefully by
failing the test, printing the exception (event without debugging)
and continue with other tests.
2024-02-29 14:31:55 -06:00
Denis Kenzior
aef394895d netconfig: Fix copy-paste error
netconfig_domains_update() was setting dns_list instead of the domains
member.
2024-02-28 11:51:33 -06:00
James Prestwood
cdbd59103e auto-t: fix netconfig to handle resolvconf values out of order
The slaac_test was one that would occationally fail, but very rarely,
due to the resolvconf log values appearing in an unexpected order.

This appears to be related to a typo in netconfig-commit which would
not set netconfig-domains and instead set dns_list. This was fixed
with a pending patch:

https://lore.kernel.org/iwd/20240227204242.1509980-1-denkenz@gmail.com/T/#u

But applying this now leads to testNetconfig failing slaac_test
100% of the time.

I'm not familiar enough with resolveconf to know if this test change
is ok, but based on the test behavior the expected log and disk logs
are the same, just in the incorrect order. I'm not sure if this the
log order is deterministic so instead the check now iterates the
expected log and verifies each value appears once in the resolvconf
log.

Here is an example of the expected vs disk logs after running the
test:

Expected:

-a wlan1.dns
nameserver 192.168.1.2
nameserver 3ffe:501:ffff💯:10
nameserver 3ffe:501:ffff💯:50
-a wlan1.domain
search test1
search test2

Resolvconf log:

-a wlan1.domain
search test1
search test2
-a wlan1.dns
nameserver 192.168.1.2
nameserver 3ffe:501:ffff💯:10
nameserver 3ffe:501:ffff💯:50
2024-02-28 11:50:54 -06:00
Denis Kenzior
52c6a6b8ea eap-wsc: Zero authenticator bytes to fix static analysis warning
static analysis complains that authenticator is used uninitialized.
This isn't strictly true as memory region is reserved for the
authenticator using the contents of the passed in structure.  This
region is then overwritten once the authenticator is actually computed
by authenticator_put().  Silence this warning by explicitly setting
authenticator bytes to 0.

Reviewed-by: Paul Menzel <pmenzel@molgen.mpg.de>
2024-02-28 09:13:30 -06:00
James Prestwood
42273fd122 station: warn on missing scan_bss in station_transition_start
This shouldn't be possible in theory since the roam_bss_list being
iterated is a subset of entire scan_bss list station/network has
but to be safe, and catch any issues due to future changes warn on
this condition.
2024-02-27 16:04:11 -06:00
James Prestwood
14aa333a39 crypto: fix uninitialized variable coverity warning
Same as for aes_siv_decrypt, check num_ads before calling memcpy.
2024-02-27 16:04:11 -06:00
James Prestwood
ee52968043 crypto: fix uninitialized variable coverity warning
For some encrypt operations DPP passes no AD iovecs (both are
NULL/0). But since the iovec itself is on the stack 'ad' is a
valid pointer from within aes_siv_encrypt. This causes memcpy
to be called which coverity complains about. Since the copy
length is zero it was effectively a no-op, but check num_ad to
prevent the call.
2024-02-27 14:33:33 -06:00
James Prestwood
d13af0a4a2 unit: fix memory leak in test-dpp 2024-02-27 14:33:29 -06:00
James Prestwood
9f18bf402c auto-t: add OWE test for auto default group 2024-02-27 13:55:37 -06:00
James Prestwood
9d4c34dc7a auto-t: Add test for new SAE default group behavior
Tests the 3 possible options to UseDefaultEccGroup behave as
expected:
 - When not provided use the "auto" behavior.
 - When false, always use higher order groups
 - When true, always use default group
2024-02-27 13:55:37 -06:00
James Prestwood
e296a61e3f auto-t: refactor/fix testSAE
The SAE test made some assumptions on certain conditions due to
there being no way of checking if those conditions were met
Mainly the use of H2E/hunt-and-peck.

We assumed that when we told hostapd to use H2E or hunt/peck it
would but in reality it was not. Hostapd is apparently not very
good at swapping between the two with a simple "reload" command.
Once H2E is enabled it appears that it cannot be undone.
Similarly the vendor elements seem to carry over from test to
test, and sometimes not which causes unintended behavior.

To fix this create separate APs for the specific scenario being
tested:
 - Hunt and peck
 - H2E
 - Special vendor_element simulating buggy APs

Another issue found was that if password identifies are used
hostapd automatically chooses H2E which was not intented, at
least based on the test names (in reality it wasn't causing any
problems).

The tests have also been improved to use hostapds "sta_status"
command which contains the group number used when authenticating,
so now that at least can be verified.
2024-02-27 13:55:37 -06:00
James Prestwood
82161909a1 auto-t: add HostapdCLI.sta_status
Gets information about a specific STA hostapd is tracking. This
object will contain detailed information such as the SAE group
number used.
2024-02-27 13:55:37 -06:00
James Prestwood
c2ef5f3f68 auto-t: add Device.event_ocurred
Checks that an event happened previously, and consumes events. This
is useful for checking that an event did not happen after some
testing operations.
2024-02-27 13:55:37 -06:00
James Prestwood
fba4ee90d0 netdev: add NETDEV_EVENT_ECC_GROUP_RETRY, handle in station
In order to complete the learned default group behavior station needs
to be aware of when an SAE/OWE connection retried. This is all
handled within netdev/sae so add a new netdev event so station can
set the appropriate network flags to prevent trying the non-default
group again.
2024-02-27 13:55:37 -06:00
James Prestwood
a559bd7c40 sae: remove sae_sm_set_force_group_19, use handshake
Use the flag set into the handshake to force the default ECC group
2024-02-27 13:55:37 -06:00
James Prestwood
988f68e916 network: set use default ECC group in handshake setup
If either the settings specify it, or the scan_bss is flagged, set
the use_default_ecc_group flag in the handshake.

This also renames the flag to cover both OWE and SAE
2024-02-27 13:55:37 -06:00
James Prestwood
b38f71f221 network: retain default ECC group for OWE after setting
There is special handling for buggy OWE APs which set a network flag
to use the default OWE group. Utilize the more persistent setting
within known-networks as well as the network object (in case there
is no profile).

This also renames the get/set APIs to be generic to ECC groups rather
than only OWE.
2024-02-27 13:55:37 -06:00
James Prestwood
3f04bc427d knownnetworks: add option to force a default ECC group
This adds the option [Settings].UseDefaultEccGroup which allows a
network profile to specify the behavior when using an ECC-based
protocol. If unset (default) IWD will learn the behavior of the
network for the lifetime of its process.

Many APs do not support group 20 which IWD tries first by default.
This leads to an initial failure followed by a retry using group 19.
This option will allow the user to configure IWD to use group 19
first or learn the network capabilities, if the authentication fails
with group 20 IWD will always use group 19 for the process lifetime.
2024-02-27 13:55:37 -06:00
James Prestwood
3ab09e0ae2 doc: Document UseDefaultEccGroup 2024-02-27 13:55:37 -06:00
Marcel Holtmann
cc0fcb2bb4 Release 2.15 2024-02-26 20:55:02 +01:00
Marcel Holtmann
b1edef3a14 build: Require at least version 0.63 when building with external ELL 2024-02-26 20:50:33 +01:00
Ram Subramanian
c0058c07bf doc: document channel field in station diagnostics 2024-02-26 09:44:38 -06:00
Ram Subramanian
9f31663e21 client: report channel if present in diag message 2024-02-26 09:44:25 -06:00
Ram Subramanian
793228028d station: add channel number to diagnostics message
As a small convenience to the user.
2024-02-26 09:44:12 -06:00
James Prestwood
d4c68d7d83 netdev: add notice events for connection timeouts
The information specific to auth/assoc/connect timeouts isn't
communicated to station so emit the notice events within netdev.
We could communicate this to station by adding separate netdev
events, but this does not seem worth it for this use case as
these notice events aren't strictly limited to station.
2024-02-22 10:15:07 -06:00
James Prestwood
77cdbd186b station: use iwd_notice for state/event information
For anyone debugging or trying to identify network infrastructure
problems the IWD DBus API isn't all that useful and ultimately
requires going through debug logs to figure out exactly what
happened. Having a concise set of debug logs containing only
relavent information would be very useful. In addition, having
some kind of syntax for these logs to be parsed by tooling could
automate these tasks.

This is being done, starting with station, by using iwd_notice
which internally uses l_notice. The use of the notice log level
(5) in IWD will be strictly for the type of messages described
above.
2024-02-22 10:15:04 -06:00
James Prestwood
98ae3d4197 doc: document use of l_log APIs
With the introduction of l_notice in IWD some guidelines need to be
set for l_info, l_warn, l_error, l_debug and l_notice.
2024-02-22 10:15:02 -06:00
James Prestwood
d8a6fb86c1 iwd: add iwd_notice for special event/state type of logging
iwd_notice is being added so modules can communicate internal
state or event information via the NOTICE log level. This log
level will be reserved in IWD for only these type of messages.

The iwd_notice macro aims to help enforce some formatting
requirements for these type of log messages. The messages
should be one or more comma-separated "key: value" pairs starting
with "event: <name>" and followed by any additional info that
pertains to that event.

iwd_notice only enforces the initial event key/value format and
additional arguments are left to the caller to be formatted
correctly.
2024-02-22 10:14:59 -06:00
James Prestwood
32f3745745 main: add runtime flag for setting the logger
The --logger,-l flag can now be used to specify the logger type.
Unset (default) will set log output to stderr as it is today. The
other valid options are "syslog" and "journal".
2024-02-22 10:14:41 -06:00
James Prestwood
c54ef5a8da auto-t: timestamp log files in test-runner
The log files become much more useful when there are timestamps
associated with each log.
2024-02-22 09:28:55 -06:00
James Prestwood
a507c08bfe auto-t: fix failed_roam_test to pass when run on its own
When running this test with others the hostapd neighbors are already
grouped which lets the test pass. On its own this does not happen
and it fails.
2024-02-22 09:28:55 -06:00
Denis Kenzior
ba5a6df2d1 wiphy: Remove basename() use
basename use is considered harmful.  There are two versions of
basename (see man 3 basename for details).  The more intuitive version,
which is currently being used inside wiphy.c, is not supported by musl
libc implementation.  Use of the libgen version is not preferred, so
drop use of basename entirely.  Since wiphy.c is the only call site of
basename() inside iwd, open code the required logic.
2024-02-14 14:50:06 -06:00
James Prestwood
6315b42861 netdev: use reason code from netdev_deauthenticate_event
The reason code was not being passed to netdev_connect_failed as
it should have been.
2024-02-13 17:00:39 -06:00
Marcel Holtmann
42b4da1be2 Release 2.14 2024-02-09 22:13:55 +01:00
Marcel Holtmann
bcfbaa096d build: Require at least version 0.62 when building with external ELL 2024-02-09 22:09:38 +01:00
James Prestwood
593c9dee6c auto-t: add netconfig timeout test
Tests that netconfig eventually times out and that IWD disconnects
2024-01-30 14:00:30 -06:00
James Prestwood
aa0a439856 netconfig: limit DHCPv4 attempts to avoid extended netconfig times
ELL now has a setting to limit the number of DHCP attempts. This
will now be set in IWD and if reached will result in a failure
event, and in turn a disconnect.

IWD will set a maximum of 4 retries which should keep the maximum
DHCP time to ~60 seconds roughly.
2024-01-30 13:59:22 -06:00
James Prestwood
1fe68aef0b station: reverse roam scan results for sorted known frequencies
The known frequency list is now a sorted list and the roam scan
results were not complying with this new requirement. The fix is
easy though since the iteration order of the scan results does
not matter (the roam candidates are inserted by rank). To fix
the known frequencies order we can simply reverse the scan results
list before iterating it.
2024-01-30 13:58:45 -06:00
James Prestwood
643503eeea netdev: make unprotected disconnect debug log more clear
The debug log was just saying "disconnect event" but we should
distinguish between unprotected and protected events.
2024-01-30 13:58:45 -06:00
James Prestwood
085a2511f6 netdev: fix setting a uint8_t with l_get_le16 2024-01-30 13:58:45 -06:00
Mathy Vanhoef
6415420f1c ap: only accept ptk 4/4 after receiving ptk 2/4
When operating as an AP, drop message 4 of the 4-way handshake if the AP
has not yet received message 2. Otherwise an attacker can skip message 2
and immediately send message 4 to bypass authentication (the AP would be
using an all-zero ptk to verify the authenticity of message 4).
2024-01-29 21:00:00 -06:00