3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-23 14:22:36 +01:00
Commit Graph

3571 Commits

Author SHA1 Message Date
Denis Kenzior
5e9178b9de wscutil: Avoid potential overflow
When checking that the length is valid, avoid potentially overflowing
'start + len'
2022-01-14 09:49:47 -06:00
Denis Kenzior
22faf3482c eap-ttls: Avoid potential overflow
When checking that the length is valid, avoid potentially overflowing
'start + len'
2022-01-14 09:49:47 -06:00
Denis Kenzior
01960ec66e erp: Fix comment that is > 80 chars wide 2022-01-14 09:49:47 -06:00
James Prestwood
bbfcdf0ac7 dpp: stop periodic scanning when starting DPP 2022-01-12 12:46:18 -06:00
James Prestwood
34348fcb42 scan: don't print notification if sc is not found
If this scan is not for any IWD wdev's don't print
2022-01-12 12:46:15 -06:00
James Prestwood
ceb6da81b3 dpp: support retransmitting frames with no ACK
The DPP spec says nothing about how to handle re-transmits but it
was found in testing this can happen relatively easily for a few
reasons.

If the configurator requests a channel switch but does not get onto
the new channel quick enough the enrollee may have already sent the
authenticate response and it was missed. Also by nature of how the
kernel goes offchannel there are moments in time between ROC when
the card is idle and not receiving any frames.

Only frames where there was no ACK will be retransmitted. If the
peer received the frame and dropped it resending the same frame wont
do any good.
2022-01-12 12:45:05 -06:00
James Prestwood
2435adc33b nl80211util: support ATTR_FRAME in parse_attrs() 2022-01-12 12:44:56 -06:00
James Prestwood
9aae6e2c16 dpp: pass dpp_sm to dpp_send_frame
The SM has the wdev_id already, so rather than using that or looking
up just pass the dpp_sm directly.
2022-01-12 09:38:06 -06:00
James Prestwood
fc61e5fe46 dpp: rework order of operations after being configured
Now the result is sent immediately. Prior a connect attempt or
scan could have started, potentially losing this frame. In addition
the offchannel operation is cancelled after sending the result
which will allow the subsequent connect or scan to happen much
faster since it doesn't have to wait for ROC to expire.
2022-01-12 09:33:57 -06:00
James Prestwood
94afeabc18 dpp: put no station device print behind else if
The previous (incorrect) else was removed since it ended up
printing in most cases since the if clause returned. This should
have been an else if conditional from the start and only print if the
station device was not found.
2022-01-12 09:32:37 -06:00
James Prestwood
0c8d3f106a dpp: don't send StartEnrollee reply until offchannel starts
IWD may be in the middle of some long operation, e.g. scanning.
If the URI is returned before IWD is ready, a configurator could
start sending frames and IWD either wont receive them, or will
be unable to respond quickly.
2022-01-12 09:32:13 -06:00
James Prestwood
295430a47e frame-xchg: use work priorities rather than hard coding 2022-01-11 12:38:10 -06:00
James Prestwood
ae12132495 offchannel: use work priorities rather than hard coding
The offchannel priority was also changed to zero, which matches the
priority of frames. Currently there should be no interaction between
offchannel and connect (previous offchannel priority).
2022-01-11 12:37:59 -06:00
James Prestwood
87e1045b11 netdev: use work priorities rather than hard coding 2022-01-11 12:37:44 -06:00
James Prestwood
217bb6dc65 scan: don't special case periodic scan work
Periodic scans were handled specially where they were only
started if no other requests were pending in the scan queue.
This is fine, and what we want, but this can actually be
handled automatically by nature of the wiphy work queue rather
than needing to check the request queue explicitly.

Instead we can insert periodic scans at a lower priority than
other scans. This puts them at the end of the work queue, as
well as allows future requests to jump ahead if a periodic scan
has not yet started.

Eventually, once all pending scans are done, the peridoic scan
may begin. This is no different than the preivous behavior and
avoids the need for any special checks once scan requests
complete.

One check was added to address the problem of the periodic scan
timer firing before the scan could even start. Currently this
happened to be handled fine in scan_periodic_queue, as it checks
the queue length. Since this check was removed we must see check
for this condition inside scan_periodic_timeout.
2022-01-11 12:37:13 -06:00
James Prestwood
c7a6730d28 scan: set scan priority via scan_common
This adds a priority argument to scan_common rather than hard
coding it when inserting the work item and uses the newly
defined wiphy priority for scanning.
2022-01-11 12:36:36 -06:00
James Prestwood
6e5d1a540c wiphy: define work priorities in one place
Work priority was never explicitly defined anywhere, and a module
using wiphy_radio_work APIs needed to ensure it was not inserting
at a priority that would interfere with other work.

Now all the types of work have been defined with their own priority
and future priorities can easily be added before, after, or in
between existing priorities.
2022-01-11 12:36:22 -06:00
Denis Kenzior
372a1c05e6 scan: Simplify debug statement
l_debug will already print the function name, so including it in the
printed string is redundant
2022-01-11 11:07:33 -06:00
Denis Kenzior
5cb7591bc0 treewide: Use __func__ when possible
Instead of hard-coding the function name in l_warn/l_error statements,
use '__func__'
2022-01-11 11:07:33 -06:00
Denis Kenzior
8b9442efe0 treewide: Prefer not using assignment in if 2022-01-11 11:07:33 -06:00
Denis Kenzior
6ae1917733 netdev: Make code more readable
Introduce a new 'hs' variable to make the code a bit more compact and
readable.  Avoid splitting pointer dereferences on multiple lines.
2022-01-11 11:07:33 -06:00
Denis Kenzior
073346ee37 treewide: Remove unneeded else statements
The code is more readable without the unnecessary nesting
2022-01-11 11:07:33 -06:00
Denis Kenzior
b44460464e treewide: Add () around certain macros 2022-01-11 11:07:33 -06:00
Denis Kenzior
cba19d3bf5 treewide: Remove pointless return statement 2022-01-11 11:07:33 -06:00
Denis Kenzior
fe95cbe077 treewide: Various style fixups
- Mostly problems with whitespace:
	- Use of spaces instead of tabs
	- Stray spaces before closing ')
	- Missing spaces

- Missing 'void' from function declarations & definitions that
  take no arguments.

- Wrong indentation level
2022-01-11 11:07:05 -06:00
James Prestwood
967c95829f scan: fix double space 2022-01-11 08:57:05 -06:00
Peter Seiderer
6ce41f6211 dpp: fix implicit declaration of function explicit_bzero warning
- add missing src/missing.h include for explicit_bzero, fixes uclibc
  compile/linking

Fixes:

  src/dpp.c:166:2: warning: implicit declaration of function ‘explicit_bzero’ [-Wimplicit-function-declaration]
    166 |  explicit_bzero(dpp->r_nonce, dpp->nonce_len);
        |  ^~~~~~~~~~~~~~
2022-01-10 15:43:52 -06:00
James Prestwood
82818d7454 dpp: allow config response handling without station
If the device is not in station mode DPP can still write out
the credentials and finish without attempting to connect or
scan.
2022-01-10 10:59:15 -06:00
James Prestwood
e6ecc078a1 dpp: handle CHANNEL attribute in auth request
When this attribute is included, the initiator is requesting all
future frames be sent on this channel. There is no reason for a
configurator to act on this attribute (at least for now) so the
request frame will be dropped in this case. Enrollees will act
on it by switching to the new channel and sending the authentication
response.
2022-01-10 10:59:05 -06:00
James Prestwood
235042fcd5 dpp: refactor calls to offchannel_start into common function
This will aid in channel switching during authentication by allowing
an arbitrary channel to be passed in rather than dpp->current_freq.
2022-01-10 10:58:56 -06:00
James Prestwood
39020bf14d dpp: move r_auth into dpp_sm
In order to support channel switching during authentication r_auth
needs to be held onto in dpp_sm for after the ROC call starts.
2022-01-10 10:58:47 -06:00
James Prestwood
786e36eee6 dpp: don't allow StartEnrollee while connected
While connected the driver ends up choosing quite small ROC
durations leading to excessive calls to ROC. This also will
negatively effect any wireless performance for the current
network and possibly lead to missed DPP frames.
2022-01-10 10:58:17 -06:00
James Prestwood
0f7ea99605 dpp: don't allocate transient ssid strings
These can be kept on the stack and avoid the need for
allocated memory and unneeded auto-free functionality.
2022-01-10 10:52:41 -06:00
James Prestwood
847a8ba265 dpp: memset header to fix uninitialized buffer 2022-01-07 11:49:55 -06:00
James Prestwood
226fd5c0b8 dpp: unref DPP frame if sending fails 2022-01-07 11:49:44 -06:00
James Prestwood
6a421a1254 dpp: speed up connection after being configured
Currently the enrollee relied on autoconnect to handle connecting
to the newly configured network. This usually resulted in poor
performance since periodic scans are done at large intervals apart.

Instead first check if the newly configured network is already
in IWD's network queue. If so it can be connected to immediately.
If not, a full scan must be done and results given to station.
2022-01-06 17:37:14 -06:00
James Prestwood
1ec0fd75e1 dpp: parse configuration request values
With better JSON support the configuration request object
can now be fully parsed. As stated in the previous comment
there really isn't much use from the configurator side apart
from verifying mandatory values are included.

This patch also modifies the configuration result to handle
sending non 'OK' status codes in case of JSON parsing errors.
2022-01-06 17:36:19 -06:00
James Prestwood
67ded4c2fd json: restrict json_iter_{parse,next} to objects/arrays
json_iter_parse is only meant to work on objects while
json_iter_next is only meant to work on arrays.

This adds checks in both APIs to ensure they aren't being
used incorrectly.
2022-01-06 16:43:18 -06:00
James Prestwood
1f91c03bf6 json: add NULL check for container on get_container
In case the caller just wants to check an object is iterable,
without actually iterating it.
2022-01-06 16:43:18 -06:00
James Prestwood
790d431624 json: add json_iter_get_string 2022-01-06 16:43:18 -06:00
James Prestwood
0d7482e379 json: add json_iter_get_container
This allows getting an iterator for a container nested inside
an array.
2022-01-06 16:01:39 -06:00
James Prestwood
7991c861e1 json: add support for array iteration
Arrays can now be parsed using the JSON_ARRAY type (stored in
a struct json_iter) then iterated using json_iter_next. When
iterating the type can be checked with json_iter_get_type. For
each iteration the value can be obtained using any of the type
getters (int/uint/boolean/null).
2022-01-06 15:15:06 -06:00
James Prestwood
ebed84ab55 json: increase default token size to 60 2022-01-06 14:26:09 -06:00
James Prestwood
4f1cd8af93 json: add support for primitive types
This adds support for boolean, (unsigned) integers, and
null types. JSON_PRIMITIVE should be used as the type when
parsing and the value should be struct json_iter.

Once parsed the actual value can be obtained using one of
the primitive getters. If the type does not match they will
return false.

If using JSON_OPTIONAL with JSON_PRIMITIVE the resulting
iterator can be checked with json_iter_is_valid. If false
the key/value was not found or the type was not matching.
2022-01-06 14:10:26 -06:00
James Prestwood
23a1a66aee json: fix find_object_tokens
First, this was renamed to 'count_tokens_in_container' to be
more general purpose (i.e. include future array counting).

The way the tokens are counted also changed to be more intuitive.
While the previous way was correct, it was somewhat convoluted in
how it worked (finding the next parent of the objects parent).

Instead we can use the container token itself as the parent and
begin counting tokens. When we find a token with a parent index
less than the target we have reached the end of this container.
This also works for nested containers, including arrays since we
no longer rely on a key (which an array element would not have).

For example::

{
	"first":{"foo":"bar"},
	"second":{"foo2":"bar2"}
}

index 0		<overall object>
index 1		"first"		with parent 0
index 2         {"foo":"bar"}   with parent 1

Counting tokens inside "first"'s object we have:

index 3		"foo"		with parent 2
index 4		"bar"		with parent 3

If we continue counting we reach:

index 5		"second"	with parent 0

This terminates the counting loop since the parent index is
less than '2' (the index of {"foo":"bar"} object).
2022-01-06 14:10:21 -06:00
Denis Kenzior
f05e60f338 dpp: Fix compilation on 32 bit
In file included from ./ell/ell.h:15,
                 from ../../src/dpp.c:29:
../../src/dpp.c: In function ‘authenticate_request’:
../../ell/log.h:79:22: warning: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 8 has type ‘size_t’ {aka ‘unsigned int’} [-Wformat=]
   79 |   l_log(L_LOG_DEBUG, "%s:%s() " format, __FILE__, \
      |                      ^~~~~~~~~~
../../ell/log.h:54:16: note: in definition of macro ‘l_log’
   54 |      __func__, format "\n", ##__VA_ARGS__)
      |                ^~~~~~
../../ell/log.h:103:31: note: in expansion of macro ‘L_DEBUG_SYMBOL’
  103 | #define l_debug(format, ...)  L_DEBUG_SYMBOL(__debug_desc, format, ##__VA_ARGS__)
      |                               ^~~~~~~~~~~~~~
../../src/dpp.c:1235:3: note: in expansion of macro ‘l_debug’
 1235 |   l_debug("I-Nonce has unexpected length %lu", i_nonce_len);
      |   ^~~~~~~
2022-01-05 13:50:59 -06:00
Denis Kenzior
7c30fc2cbf netdev: do not leak auth_cmd
Direct leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7fa226fbf0f8 in __interceptor_malloc (/usr/lib/gcc/x86_64-pc-linux-gnu/9.4.0/libasan.so.5+0x10c0f8)
    #1 0x688c98 in l_malloc ell/util.c:62
    #2 0x6c2b19 in msg_alloc ell/genl.c:740
    #3 0x6cb32c in l_genl_msg_new_sized ell/genl.c:1567
    #4 0x424f57 in netdev_build_cmd_authenticate src/netdev.c:3285
    #5 0x425b50 in netdev_sae_tx_authenticate src/netdev.c:3385
2021-12-23 09:58:05 -06:00
Denis Kenzior
60366346fb handshake: Do not leak vendor_ies
Direct leak of 7 byte(s) in 1 object(s) allocated from:
    #0 0x7fd748ad00f8 in __interceptor_malloc (/usr/lib/gcc/x86_64-pc-linux-gnu/9.4.0/libasan.so.5+0x10c0f8)
    #1 0x688c21 in l_malloc ell/util.c:62
    #2 0x4beec7 in handshake_state_set_vendor_ies src/handshake.c:324
    #3 0x464e4e in station_handshake_setup src/station.c:1203
    #4 0x472a2f in __station_connect_network src/station.c:2975
    #5 0x473a30 in station_connect_network src/station.c:3078
    #6 0x4ed728 in network_connect_8021x src/network.c:1497

Fixes: f24cfa481b ("handshake: Add setter for vendor IEs")
2021-12-22 21:32:18 -06:00
James Prestwood
eeab42af03 dpp: init unwrapped pointer to NULL
Fixes possible issues with auto-free on error paths
2021-12-22 17:06:16 -06:00
James Prestwood
ce9188ee35 dpp: zero nonces/keys on dpp_reset 2021-12-22 17:06:16 -06:00