3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-10-30 00:29:23 +01:00
Commit Graph

200 Commits

Author SHA1 Message Date
James Prestwood
885c4c9632 scan: use oper_class/channel for OWE hidden scans
If these are included in the OWE transition IE use them to scan
for the OWE hidden network.
2021-09-22 14:40:10 -05:00
James Prestwood
e798d4fe9d scan: validate OWE transition operating class/channel
If the IE's operating class and channel doesn't validate don't bother
storing the IE at all.
2021-09-22 14:39:33 -05:00
James Prestwood
22ff2a5f79 scan: use structure for OWE transition parsing
This changes scan_bss from using separate members for each
OWE transition element data type (ssid, ssid_len, and bssid)
to a structure that holds them all.

This is being done because OWE transition has option operating
class and channel bytes which will soon be parsed. This would
end up needing 5 separate members in scan_bss which is a bit
much for a single IE that needs to be parsed.

This makes checking the presense of the IE more convenient
as well since it can be done with a simple NULL pointer check
rather than having to l_memeqzero the BSSID.
2021-09-22 13:52:44 -05:00
James Prestwood
a6c4972290 scan: add scan API specifically for OWE transition networks
Specifically OWE networks with multiple open/hidden BSS's are troublesome
to scan for with the current APIs. The scan parameters are limited to a
single SSID and even if that was changed we have the potential of hitting
the max SSID's per scan limit. In all, it puts the burden onto the caller
to sort out the SSIDs/frequencies to scan for.

Rather than requiring station to handle this a new scan API was added,
scan_owe_hidden() which takes a list of open BSS's and will automatically
scan for the SSIDs in the OWE transition IE for each.

It is slightly optimized to first check if all the hidden SSID's are the
same. This is the most likely case (e.g. single pair or single network)
and a single scan command can be used. Otherwise individual scan commands
are queued for each SSID/frequency combo.
2021-09-17 17:59:43 -05:00
James Prestwood
a94c0ed29e scan: keep track of OWE Transition element 2021-09-16 11:21:32 -05:00
James Prestwood
df6221bcb2 scan: allow non-utf8 SSIDs to be scanned for
IWD has restricted SSIDs to only utf8 so they can be displayed but
with the addition of OWE transition networks this is an unneeded
restriction (for these networks). The SSID of an OWE transition
network is never displayed to the user so limiting to utf8 isn't
required.

Allow non-utf8 SSIDs to be scanned for by including the length in
the scan parameters and not relying on strlen().
2021-09-16 11:20:46 -05:00
Denis Kenzior
9d045fae0e scan: Parse network cost IE info into scan_bss 2021-09-03 16:32:51 -05:00
James Prestwood
194b4cf60e scan: set force_default_sae_group if OUI matches 2021-08-25 13:04:15 -05:00
Denis Kenzior
78b9328db6 scan: Quiet down warning
Under certain conditions, access points with very low signal could be
detected.  This signal is too low to estimate a data rate and causes
this L_WARN to fire.  Fix this by returning a -ENETUNREACH error code in
case the signal is too low for any of the supported rates.
2021-07-28 09:53:21 -05:00
Denis Kenzior
bedf2b0596 knownnetworks: Commonize parser for common settings
Some network settings keys are set / parsed in multiple files.  Add a
utility to parse all common network configuration settings in one place.

Also add some defines to make sure settings are always saved in the
expected group/key.
2021-07-27 14:02:43 -05:00
Denis Kenzior
7fafb627d8 scan: Save off RSNXE if present 2021-07-14 09:55:49 -05:00
Denis Kenzior
709b77794b scan: Use wiphy_estimate_data_rate 2021-06-01 13:41:56 -05:00
Denis Kenzior
8679b82db4 scan: Simplify parsing logic
scan_parse_result used to parse the wdev and return this to the caller
where it was compared against the expected wdev.  Simplify this by
extract the wdev first, and proceeding with the bss parsing afterwards.
2021-06-01 13:41:56 -05:00
Alvin Šipraga
38ded68a38 scan: parse NL80211_BSS_LAST_SEEN_BOOTTIME in units of nanoseconds
NL80211_BSS_LAST_SEEN_BOOTTIME is expressed in nanoseconds, while BSS
timestamps are expressed in microseconds internally. Convert the
attribute to microseconds when using it to timestamp a BSS. This makes
iwd expire absent BSSes within 30 seconds as intended.

Fixes: 454cee12d4 ("scan: Use kernel-reported time-stamp if provided")
2021-05-26 10:20:48 -05:00
James Prestwood
3fde169001 scan: rework BSS ranking
It was observed that IWD's ranking for BSS's did not always
end up with the fastest being chosen. This was due to IWD's
heavy weight on signal strength. This is a decent way of ranking
but even better is calculating a theoretical data rate which
was also done and factored in. The problem is the data rate
factor was always outdone by the signal strength.

Intead remove signal strength entirely as this is already taken
into account with the data rate calculation. This also removes
the check for rate IEs. If no IEs are found the parser will
base the data rate soley on RSSI.

There were a few other factors removed which will be added back
when ranking *networks* rather than BSS's. WPA version (or open)
was removed as well as the privacy capability. These values really
should not differ between BSS's in the same SSID and as such
should be used for network ranking instead.
2021-05-19 09:32:17 -05:00
James Prestwood
e8c87c8b42 scan: add scan_get_firmware_scan
Adds support for getting firmware scan results from the kernel.
This is intended to be used after the firmware roamed automatically
and the scan result is require for handshake initialization.

The scan 'request' is competely separate from the normal scan
queue, though scan_results, scan_request, and the scan_context
are all used for consistency and code reuse.
2021-03-15 13:14:16 -05:00
Denis Kenzior
0c0d9e5696 iwd: Use test_bit from ell 2021-03-12 13:49:23 -06:00
Denis Kenzior
f7b5bd4a79 treewide: Use ell's useful.h header 2021-03-11 21:46:09 -06:00
Alvin Šipraga
ff82133050 scan: add InitialPeriodicScanInterval setting 2021-02-12 09:57:10 -06:00
Alvin Šipraga
88f2b44bba scan: add MaximumPeriodicScanInterval setting 2021-02-12 09:57:10 -06:00
Denis Kenzior
fa9ae4acb7 scan: Put an upper bound on the scan interval 2021-02-09 09:31:05 -06:00
Denis Kenzior
fb217479d2 netdev: Scan & Retry CMD_AUTHENTICATE
Handle situations where the BSS we're trying to connect to is no longer
in the kernel scan result cache.  Normally, the kernel will re-scan the
target frequency if this happens on the CMD_CONNECT path, and retry the
connection.

Unfortunately, CMD_AUTHENTICATE path used for WPA3, OWE and FILS does
not have this scanning behavior.  CMD_AUTHENTICATE simply fails with
a -ENOENT error.  Work around this by trying a limited scan of the
target frequency and re-trying CMD_AUTHENTICATE once.
2021-02-08 11:53:29 -06:00
Denis Kenzior
454cee12d4 scan: Use kernel-reported time-stamp if provided 2021-02-03 13:35:46 -06:00
Denis Kenzior
ccbd32503b scan: Pass the frequencies scanned to notify cb 2021-02-03 13:34:44 -06:00
Denis Kenzior
f0e0060ddc scan: Make scan_freq_set_contains const-correct 2021-02-03 13:34:28 -06:00
Denis Kenzior
79928e69cb Revert "scan: Drop unused frequency list parsing"
This reverts commit 520ad56f83.
2021-02-03 13:34:23 -06:00
Denis Kenzior
304627e086 scan: Fix crash when a canceled scan gets aborted 2020-10-30 14:06:31 -05:00
Andrew Zaborowski
520ad56f83 scan: Drop unused frequency list parsing 2020-09-29 13:14:06 -05:00
Andrew Zaborowski
9335680cd8 scan: Add optional source_mac scan parameter
This is similar to randomize_mac_addr_hint but it sets a specific source
MAC address for our probe frames.
2020-09-09 13:02:02 -05:00
Denis Kenzior
b0fe62af5a scan: free wfd member
Found using lsan:

==29896==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 9 byte(s) in 1 object(s) allocated from:
    #0 0x7fcd41e0c710 in __interceptor_malloc /var/tmp/portage/sys-devel/gcc-8.2.0-r6/work/gcc-8.2.0/libsanitizer/asan/asan_malloc_linux.cc:86
    #1 0x606abd in l_malloc ell/util.c:62
    #2 0x460230 in ie_tlv_vendor_ie_concat src/ie.c:140
    #3 0x4605d1 in ie_tlv_extract_wfd_payload src/ie.c:216
    #4 0x4a8773 in scan_parse_bss_information_elements src/scan.c:1105
    #5 0x4a94a8 in scan_parse_attr_bss src/scan.c:1181
    #6 0x4a99f8 in scan_parse_result src/scan.c:1238
    #7 0x4abe4e in get_scan_callback src/scan.c:1451
    #8 0x6442d9 in process_unicast ell/genl.c:979
    #9 0x6453ff in received_data ell/genl.c:1087
    #10 0x62e1a4 in io_callback ell/io.c:126
    #11 0x628fca in l_main_iterate ell/main.c:473
    #12 0x6294e8 in l_main_run ell/main.c:520
    #13 0x629d8b in l_main_run_with_signal ell/main.c:642
    #14 0x40681b in main src/main.c:505
    #15 0x7fcd40a55bdd in __libc_start_main (/lib64/libc.so.6+0x21bdd)
2020-08-20 11:11:44 -05:00
Alvin Šipraga
bfd8cead95 treewide: guard compare functions against signed integer overflow
Besides being undefined behaviour, signed integer overflow can cause
unexpected comparison results. In the case of network_rank_compare(),
a connected network with rank INT_MAX would cause newly inserted
networks with negative rank to be inserted earlier in the ordered
network list. This is reflected in the GetOrderedMethods() DBus method
as can be seen in the following iwctl output:

  [iwd]# station wlan0 get-networks
    Network name                    Security  Signal
  ----------------------------------------------------
    BEOLAN                          8021x     **** }
    BeoBlue                         psk       ***  } all unknown,
    UI_Test_Network                 psk       ***  } hence assigned
    deneb_2G                        psk       ***  } negative rank
    BEOGUEST                        open      **** }
  > titan                           psk       ****
    Linksys05274_5GHz_dmt           psk       ****
    Lyngby-4G-4 5GHz                psk       ****
2020-08-14 10:55:30 -05:00
Andrew Zaborowski
1d852e10ad scan: Always allocate results->bss_list
Instead of creating the results->bss_list l_queue lazily, always create
one before sending the GET_SCAN command.  This is to make sure that an
empty list is passed to the scan callback (e.g. in station.c) instead of
a NULL.  Passing NULL has been causing difficult to debug crashes in
station.c, in fact I think I've been seeing them for over a year now
but can't be sure.  station_set_scan_results has been taking ownership
of the new BSS list and, if station->connected_bss was not on the list,
it would try to add it not realizing that l_queue_push_tail() was doing
nothing.  Always passing a valid list may help us prevent similar
problems in the future.

The crash might start with:
==120489== Invalid read of size 8
==120489==    at 0x425D38: network_bss_select (network.c:709)
==120489==    by 0x415BD1: station_try_next_bss (station.c:2263)
==120489==    by 0x415E31: station_retry_with_status (station.c:2323)
==120489==    by 0x415E31: station_connect_cb (station.c:2367)
==120489==    by 0x407E66: netdev_connect_failed (netdev.c:569)
==120489==    by 0x40B93D: netdev_connect_event (netdev.c:1801)
==120489==    by 0x40B93D: netdev_mlme_notify (netdev.c:3678)
2020-08-04 10:30:07 -05:00
Andrew Zaborowski
75e014f72b scan: Extract WFD IE payload into struct bss 2020-07-13 14:15:42 -05:00
James Prestwood
5f7b28d501 scan: refactor to use wiphy radio work queue
To use the wiphy radio work queue, scanning mostly remained the same.
start_next_scan_request was modified to be used as the work callback,
as well as not start the next scan if the current one was done
(since this is taken care of by wiphy work queue now). All
calls to start_next_scan_request were removed, and more or less
replaced with wiphy_radio_work_done.

scan_{suspend,resume} were both removed since radio management
priorities solve this for us. ANQP requests can be inserted ahead of
scan requests, which accomplishes the same thing.
2020-07-10 13:23:58 -05:00
Alvin Šipraga
8db4d9272a scan: refactor start_next_scan_request to not send duplicate requests
If start_scan_next_request() is called while a scan request
(NL80211_CMD_TRIGGER_SCAN) is still running, the same scan request will
be sent again. Add a check in the function to avoid sending a request if
one is already in progress. For consistency, check also that scan
results are not being requested (NL80211_CMD_GET_SCAN), before trying to
send the next scan request. Finally, remove similar checks at
start_next_scan_request() callsites to simplify the code.

This also fixes a crash that occurs if the following conditions are met:
  - the duplicated request is the only request in the scan request
    queue, and
  - both scan requests fail with an error not EBUSY.

In this case, the first callback to scan_request_triggered() will delete
the request from the scan request queue. The second callback will find
an empty queue and consequently pass a NULL scan_request pointer to
scan_request_failed(), causing a segmentation fault.
2020-06-08 15:10:30 -05:00
Alvin Šipraga
cae6949ce1 scan: Do not start new requests while suspended
If scanning is suspended, have scan_common() queue its scan request
rather than issuing it immediately. This respects the assumption that
scans are not requested while sc->suspended is true.
2020-06-04 13:17:42 -05:00
James Prestwood
d12fad5eed scan: remove useless debug print
Further on in the function we still print that the scan was triggered.
2020-05-01 19:54:46 -05:00
Torstein Husebø
759dbdd37f treewide: fix typos 2020-01-21 16:03:28 -06:00
Denis Kenzior
d2556a48b7 scan: Fix crash when scan is triggered outside iwd
#0  0x000055555558ee5d in scan_notify (msg=0x55555560b640, user_data=0x0) at src/scan.c:1706
 #1  0x00007ffff7f2c78c in ?? () from /usr/lib/libell.so.0
 #2  0x00007ffff7f299ec in ?? () from /usr/lib/libell.so.0
 #3  0x00007ffff7f28e4a in l_main_iterate () from /usr/lib/libell.so.0
 #4  0x00007ffff7f28efc in l_main_run () from /usr/lib/libell.so.0
 #5  0x00007ffff7f290b9 in l_main_run_with_signal () from /usr/lib/libell.so.0
 #6  0x00005555555639c4 in main (argc=1, argv=0x7fffffffec18) at src/main.c:497
2019-12-02 11:02:05 -06:00
Andrew Zaborowski
becba0dd09 scan: Add scan_bss_new_from_probe_req 2019-11-21 20:51:21 -06:00
Andrew Zaborowski
1d57ec0d46 scan: Parse P2P IEs according to frame type
Save the source frame type in struct scan_bss as it may affect how some
of the data in the struct will be parsed.  Also replace the P2P IE
payload data in that struct with a union containing pre-parsed p2p
attributes corresponding to the frame type.

This means users don't have to call the parsers in p2putil.c on that
data, which wouldn't have worked anyway because those parsers assume
input is the raw IE sequence rather than just the "payload".
2019-11-21 20:51:17 -06:00
James Prestwood
27af5b715e scan: parse the scan start time
The kernel sends NL80211_ATTR_SCAN_START_TIME_TSF with CMD_TRIGGER and
RRM requires this value for beacon measurement reports.

The start time is parsed during CMD_TRIGGER and set into the scan request.
A getter was added to obtain this time value for an already triggered
scan.

After making the change, the SCAN_ABORTED case was cleaned up a bit to
remove the local scan_request usage in favor of the one used for all the
other cases.
2019-11-21 13:45:40 -06:00
James Prestwood
e92424611a scan: fix parent TSF parsing
The value coming from the kernel is in the same endianness as IWD, so
just parse it as a u64 rather than le64.
2019-11-20 20:04:30 -06:00
James Prestwood
be4ab2826f scan: parse parent TSF value in scan results
RRM can include this in measurement reports if present in scans
2019-11-15 14:28:26 -06:00
James Prestwood
dca90abdc5 scan: add duration scan_parameters
The kernel allows a scan duration and duration mandatory flag to be
set in scan requests. RRM requests can contain these values so they
have been added to scan_parameters.

Scanning with drivers which do not support EXT_FEATURE_SET_SCAN_DWELL
will not include these values in scan requests.
2019-11-15 14:11:16 -06:00
James Prestwood
4cee10ec50 scan: add scan_passive_full variant
Just like active scans, add an API for passive scans which take in
the full scan_parameters structure.
2019-11-15 14:11:16 -06:00
Tim Kourt
aea6c1ccb6 scan: Separate IE attr creation into logical block
This also introduces the max IE length check and exludes the addition
of IEs for the drivers that don't support it.
2019-11-08 21:05:51 -06:00
Tim Kourt
0490c25fde scan: Fix bit checking for interworking
The checker function will later be changed to match the bit setter.
2019-11-08 21:05:39 -06:00
Tim Kourt
48570141ba scan: Improve comment 2019-11-08 20:43:16 -06:00
Marcel Holtmann
ab5742bb32 module: Move declarations into separate header file 2019-11-07 23:40:13 +01:00