3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-30 06:02:39 +01:00
Commit Graph

4968 Commits

Author SHA1 Message Date
Denis Kenzior
5c7f064f26 AUTHORS: Mention Alvin's contributions 2020-06-04 13:18:41 -05:00
Alvin Šipraga
cae6949ce1 scan: Do not start new requests while suspended
If scanning is suspended, have scan_common() queue its scan request
rather than issuing it immediately. This respects the assumption that
scans are not requested while sc->suspended is true.
2020-06-04 13:17:42 -05:00
James Prestwood
8b1161ec8e frame-xchg: fix bug when starting new xchg from callback
This bug is caused by the following behavior:

 1. Start a frame-xchg, wait for callback
 2. From callback start a new frame-xchg, same prefix.

The new frame-xchg request will detect that there is a duplicate watch,
which is correct behavior. It will then remove this duplicate from the
watchlist. The issue here is that we are in the watchlist notify loop
from the original xchg. This causes that loop to read from the now
freed watchlist item, causing an invalid read.

Instead of freeing the item immediately, check if the notify loop is in
progress and only set 'id' to zero and 'stale_items' to true. This will
allow the notify loop to finish, then the watchlist code will prune out
any stale items. If not in the notify loop the item can be freed as it
was before.
2020-06-04 09:36:42 -05:00
Andrew Zaborowski
1e10d13645 frame-xchg: Use frame_watch_group_match in frame_watch_group_get 2020-06-04 09:14:21 -05:00
Andrew Zaborowski
d012a7f2ac frame-xchg: Fix frame_watch_remove_by_handler for group 0
Don't match the default group's (group_id 0) wdev_id against the
provided wdev_id because the default group can be used on all wdevs and
its wdev_id is 0.  Also match individual item's wdev_id in the group to
make up for this although it normally wouldn't matter.
2020-06-04 09:13:47 -05:00
Tim Kourt
cc66050b90 auto-t: Test Agent ops 2020-05-13 05:50:45 -05:00
James Prestwood
d38bd513c9 fils: include RSNE in authenticate
802.11ai mandates that the RSN element is included during authentication
for FILS. This previously was happening by chance since supplicant_ie
was being included with CMD_AUTHENTICATE. This included more than just
the RSNE so that was removed in an earlier commit. Now FILS builds the
RSNE itself and includes this with CMD_AUTHENTICATE.
2020-05-02 20:56:13 -05:00
James Prestwood
c7a17e5987 netdev: unify ft/auth_proto authenticate builders
build_cmd_ft_authenticate and build_cmd_authenticate were virtually
identical. These have been unified into a single builder.

We were also incorrectly including ATTR_IE to every authenticate
command, which violates the spec for certain protocols, This was
removed and any auth protocols will now add any IEs that they require.
2020-05-02 20:55:42 -05:00
Tim Kourt
cbfaef09d6 auto-t: Remove bogus logic
Device object has no property named 'connected'.
client_connect has no member dev2
2020-05-02 07:03:05 -05:00
Tim Kourt
7cc8111817 auto-t: Use changed get_ordered_network API
Rely on internal scan and wait implementation of get_ordered_network
to obtain the known networks
2020-05-02 07:03:05 -05:00
Tim Kourt
ae4b361f79 auto-t: Return None instead of empty known net list
To match the original behavior of get_ordered_networks,
return None for the empty list of known networks after the scan
is complete
2020-05-02 07:03:05 -05:00
Tim Kourt
2e5f7404c0 auto-t: Rename test case to reflect its purpose 2020-05-02 07:03:05 -05:00
Tim Kourt
7f3f5c18dc auto-t: Remove unnecessary disconnect calls
With the introduction of AutoConnect=False network setting the
initial disconnect calls are no longer needed
2020-05-02 07:03:05 -05:00
James Prestwood
b600440ea2 auto-t: use scan_if_needed for testConnectAutoconnect
In certain cases the autoconnect portion of each subtest was connecting
to the network so fast that the check for obj.scanning was never successful
since IWD was already connected (and in turn not scanning). Since the
autoconnect path will wait for the device to be connected there really isn't
a reason to wait for any scanning conditions. The normal connect path does
need to wait for scanning though, and for this we can now use the new
scan_if_needed parameter to get_ordered_networks.
2020-05-02 06:40:23 -05:00
James Prestwood
da3f66ea68 auto-t: add optional scan argument to get_ordered_network(s)
There is a very common block of code inside many autotests
which goes something like:

device.scan()
condition = 'obj.scanning'
wd.wait_for_object_condition(device, condition)
condition = 'not obj.scanning'
wd.wait_for_object_condition(device, condition)
network = device.get_ordered_network('an-ssid')

When you see the same pattern in nearly all the tests this shows
we need a helper. Basic autotests which merely check that a
connection succeeded should not need to write the same code again
and again. This code ends up being copy-pasted which can lead to
bugs.

There is also a code pattern which attempts to get ordered
networks, and if this fails it scans and tries again. This, while
not optimal, does prevent unneeded scanning by first checking if
any networks already exist.

This patch solves both the code reuse issue as well as the recovery
if get_ordered_network(s) fails. A new optional parameter was
added to get_ordered_network(s) which is False by default. If True
get_ordered_network(s) will perform a scan if the initial call
yields no networks. Tests will now be able to simply call
get_ordered_network(s) without performing a scan before hand.
2020-05-02 06:40:23 -05:00
James Prestwood
8126899eda auto-t: change blacklist test RSSI values
These values were meant only to force IWD's BSS preference but
since the RSSI's were so low in some cases this caused a roam
immediately after connecting. This patch changes the RSSI values
to prevent a roam from happening.
2020-05-01 23:01:42 -05:00
James Prestwood
a0029f8b6e test-runner: run iwmon per-subtest
Previously iwmon was running per-test, which would jumble any subtests
together into the same log file making it hard to parse. Now create
a separate directory for each subtest and put the monitor log and
pcap there.
2020-05-01 23:01:26 -05:00
Denis Kenzior
f9f112b4f5 monitor: Prettify CQM event decoding 2020-05-01 21:40:07 -05:00
James Prestwood
3f2c84c2a2 netdev: fix segfault due to roaming before connected
In this situation the kernel is sending a low RSSI event which netdev
picks up, but since we set netdev->connected so early the event is
forwarded to station before IWD has fully connected. Station then
tries to get a neighbor report, which may fail and cause a known
frequency scan. If this is a new network the frequency scan tries to
get any known frequencies in network_info which will be unset and
cause a segfault.

This can be avoided by only sending RSSI events when netdev->operational
is set rather than netdev->connected.
2020-05-01 20:42:58 -05:00
James Prestwood
7641782924 tools: delay hwsim sending frame
Using mac80211_hwsim can sometimes result in out of order messages
coming from the kernel. Since mac80211_hwsim immediately sends out
frames and the kernel keeps command responses in a separate queue,
bad scheduling can result in these messages being out of order.
In some cases we receive Auth/Assoc frames before the response to
our original CMD_CONNECT. This causes autotests to fail randomly,
some more often than others.

To fix this we can introduce a small delay into hwsim. Just a 1ms
delay makes the random failures disappear in the tests. This delay
is also makes hwsim more realistic since actual hardware will always
introduce some kind of delay when sending or receiving frames.
2020-05-01 20:38:15 -05:00
James Prestwood
dfb6f7f025 wiphy: restrict FT AKMs when not supported
Some full mac cards don't like being given a FT AKM when connecting.
From an API perspective this should be supported, but in practice
these cards behave differently and some do no accept FT AKMs. Until
this becomes more stable any cards not supporting Auth/Assoc commands
(full mac) will not connect using FT AKMs.
2020-05-01 19:55:18 -05:00
James Prestwood
1c75f636ed wiphy: remove useless debug prints
Several parsing functions printed the function name, which isn't
very useful to anyone.
2020-05-01 19:55:15 -05:00
James Prestwood
d12fad5eed scan: remove useless debug print
Further on in the function we still print that the scan was triggered.
2020-05-01 19:54:46 -05:00
James Prestwood
d6a3798078 manager: move debug print in dump callback
This callback gets called way to many times to have a debug print
in the location that it was. Instead only print if a NEW wiphy is
found, and also print the name/id.
2020-05-01 19:54:37 -05:00
Andrew Zaborowski
57b02108af netdev: Handle P2P-client iftype in netdev_setting_keys_failed 2020-05-01 11:40:11 -05:00
Andrew Zaborowski
7711b06b6b watchlist: Save the watchlist pointer in WATCHLIST_NOTIFY_*
Save the value of the watchlist pointer at the beginning of the
WATCHLIST_NOTIFY_* macros as if it was a function.  This will fix a
frame-xchg.c scenario in which one of the watch callback removes the
frame watch group and the memory where the watchlist pointer was
becomes unallocated but the macro still needs to access it ones or
twice while it destroys the watchlist.  Another option would be for
the pointer to be copied in frame-xchg.c itself.
2020-05-01 11:38:57 -05:00
Andrew Zaborowski
c49b724a2e p2p: Do DHCP as part of connection setup
Use netconfig.c functions to unconditionally run DHCP negotiation,
fail the connection setup if DHCP fails.  Only report connection success
after netconfig returns.
2020-05-01 11:38:43 -05:00
Andrew Zaborowski
c8edd36234 netconfig: Move EnableNetworkConfiguration check to station
Allow p2p to use netconfig even if not enabled for Infrastructure mode
connections.
2020-05-01 11:30:42 -05:00
Andrew Zaborowski
270bbbf25a test: Add a connect-p2p test script 2020-04-27 13:54:45 -05:00
Andrew Zaborowski
7a38085bf8 p2p: WSC client provisioning and connection
Add the final two steps of the connection setup, and corresponding
disconnect logic:

* the WSC connection to the GO to do the client provisioning,
* the netdev_connect call to use the provisioned credentials for the
  final WPA2 connection.
2020-04-27 13:53:15 -05:00
Andrew Zaborowski
85f09d9318 p2p: Create the P2P-Client interface
Once we've found the provisioning BSS create the P2P-Client interface
that we're going to use for the actual provisioning and the final P2P
connection.
2020-04-27 13:51:08 -05:00
Andrew Zaborowski
d77fdd087b p2p: Scan for the provision BSS
Add the next step after Provision Discovery or GO Negotiation that is
scanning for the WSC BSS that the GO has set up for client provisioning.
2020-04-27 13:49:35 -05:00
Andrew Zaborowski
ce4b1e1fcb p2p: Add the Provision Discovery frame sequence
When connecting to an existing group, use the Provision Discovery
Request/Response frame exchange before calling
p2p_start_client_provision().
2020-04-27 13:49:03 -05:00
Andrew Zaborowski
fdf2b8a94c p2p: Respond to Probe Reqs when waiting for GO negotiation
Some devices (a Wi-Fi Display dongle in my case) will send us Probe
Requests and wait for a response before they send us the GO
Negotiation Request that we're waiting for after the peer initially
replied with "Fail: Information Not Available" to our GO Negotiation
attempt.  Curiously this specific device I tested would even accept
a Probe Response with a mangled body such that the IE sequence couldn't
be parsed.
2020-04-27 13:47:42 -05:00
Andrew Zaborowski
bb4a3e8f84 p2p: Handle the Information Not Available response code
Handle the scenario where the peer's P2P state machine doesn't know
whether a connection has been authorized by the user and needs some time
to ask the user or a higher software layer whether to accept a
connection.  In that case their GO Negotiation Response to our GO
Negotiation Request will have the status code "Fail: Information Not
Available" and we need to give the peer 120s to start a new GO
Negotiation with us.  In this patch we handle the GO Negotiation
responder side where we parse the Request frame, build and send the
Response and finally parse the Confirmation.  The existing code so far
only did the initiator side.
2020-04-27 13:44:40 -05:00
Andrew Zaborowski
bff4147d52 p2p: Handle GO Negotiation Response, send Confirmation
Parse the GO Negotiation Response frame and if no errors found send the
GO Negotiation Confirmation.  If that gets ACKed wait for the GO to set
up the group.
2020-04-27 13:43:21 -05:00
Andrew Zaborowski
3ef8688df5 p2p: Build and send the GO Negotiation Request 2020-04-27 13:43:12 -05:00
Andrew Zaborowski
1675c765a3 p2p: Add the WSC interface on peer DBus objects
Add net.connman.iwd.SimpleConfiguration interfaces to peer objects on
DBus and handle method calls.  Building and transmitting the actual
action frames to start the connection sequence is done in the following
commits.
2020-04-24 22:18:52 -05:00
Andrew Zaborowski
3d4725870d p2p: Add the Listen State
Start a remain-on-channel cmd implementing the Listen State, after each
the Scan Phase implemented as an active scan.
2020-04-24 22:16:43 -05:00
Diego Santa Cruz
f0e3defa3e wired: use 802.1X-2001 instead of 802.1X-2004
For wired authentication the protocol version used in the EAPOL
packets sent by ead is fixed to 802.1X-2004 (2) but some switches
implementing only 802.1X-2001 erroneously ignore these packets.

As ead only sends EAPOL-Start and EAP-Packet packets and these have
not changed between 802.1X-2001 and 802.1X-2004 there should be
no reason to use 802.1X-2004. Hence, this changes ead to always use
802.1X-2001 (1) instead.

Switches implementing newer versions of 802.1X should not have
problems responding to packets using the original version.
2020-04-24 22:04:22 -05:00
Andrew Zaborowski
6e98d8a888 p2p: Add the Scan Phase
Add some of the Device Discovery logic and the DBus API.  Device
Discovery is documented as having three states: the Scan Phase, the Find
Phase and the Listen State.

This patch adds the Scan Phase and the next patch adds the Listen State,
which will happen sequentially in a loop until discovery is stopped.

The Find Phase, which is documented as happening at the beginning of the
Discovery Phase, is incorporated into the Scan Phases.  The difference
between the two is that Find Phase scans all of the supported channels
while the Scan Phase only scans the three "social" channels.  In
practical terms the Find Phase would discover existing groups, which may
operate on any channel, while the Scan Phase will only discover P2P
Devices -- peers that are not in a group yet.  To cover existing groups,
we add a few "non-social" channels to each of our active scans
implementing the Scan Phases.
2020-04-24 11:42:46 -05:00
Andrew Zaborowski
b43e915b98 wiphy: Track regulatory domain changes
When a new wiphy is added query its regulatory domain and listen for
nl80211 regulatory notifications to be able to provide current
regulatory country code through the new wiphy_get_reg_domain_country().
2020-04-24 11:39:00 -05:00
Andrew Zaborowski
0f3f0086ae nl80211util: Parse NL80211_ATTR_REG_ALPHA2 attrs 2020-04-24 11:38:44 -05:00
Andrew Zaborowski
59cc1e27c2 p2p: Add device enable/disable logic
Implement the Enabled property on device interface.  The P2P device is
currently disabled on startup but automatically enabling the P2P device
can be considered.
2020-04-24 11:36:54 -05:00
Andrew Zaborowski
ff65e1fd9a p2p: Add main device settings
Read WSC configuration methods and the Primary Device Type from the
config file and expose device name as a property.
2020-04-24 11:35:30 -05:00
Andrew Zaborowski
e1b1461a8e doc: List possible P2P peer category/subcategory values 2020-04-24 11:10:54 -05:00
Denis Kenzior
1277a01426 wscutil: Fix dbus string using spaces 2020-04-23 14:50:33 -05:00
Andrew Zaborowski
945abadc8a p2p: Add peer WSC device type properties 2020-04-23 14:49:24 -05:00
Denis Kenzior
46215a6624 build: Remove eap-wsc and wscutil from eap_sources
With the previous commit, wscutil now depends on ie.h.  Unfortunately,
wired also includes eap-wsc and wscutil in the build, but not ie, which
results in a link-time failure.

Fix this by droppig eap-wsc and wscutil from wired.  There's no reason
that ethernet authentication would ever use the WiFi Protected Setup
authentication.
2020-04-23 14:47:30 -05:00
Andrew Zaborowski
ed81fe1f4f wscutil: Add device type category/subcategory string api
FTR ie.h is included for @microsoft_oui
2020-04-23 14:41:17 -05:00