119 lines
5.5 KiB
Plaintext
119 lines
5.5 KiB
Plaintext
|
|
IWD
|
|
===
|
|
|
|
- IWD will start a scheduled scan to the interface if the hardware supports
|
|
that feature. If the iwd closes or dies so that the kernel netlink socket
|
|
is closed, then the scheduled scan is cancelled automatically if the kernel
|
|
supports this. This is done by giving NL80211_ATTR_SOCKET_OWNER netlink
|
|
attribute when initiating the scheduled scan.
|
|
|
|
- IWD contains a network object that will contain a list of BSS that have the
|
|
same SSID and security setting. From user point of view, we will connect to
|
|
a certain SSID instead of connecting directly to a BSS. IWD will then pick
|
|
the best BSS automatically from the BSS list when connecting to a SSID.
|
|
The "best" BSS in this context is the BSS that has the highest signal strength.
|
|
|
|
- IWD uses the DBus agent interface to query information from the user.
|
|
The information asked include things like passphrase etc. The user can
|
|
register only one agent to iwd. If the user does not respond in timely
|
|
manner to the query, then the pending user request is cancelled after a
|
|
timeout. The pending user request is also cancelled if user disconnects a
|
|
pending connection attempt.
|
|
|
|
- IWD supports the full RSN 4-Way Handshake for PTK generation. Support for
|
|
handling the optional (second) RSN element from the AP is included.
|
|
|
|
- IWD supports Pre-authentication from 802.11-2007. If the currently
|
|
connected AP supports pre-authentication and iwd determines that a roam is
|
|
required, then the pre-authentication process is kicked off. This is done
|
|
using the current connection, running 802.1X over 0x88c7 protocol. This results
|
|
in the creation of a new PMK which is cached by both the target and iwd. iwd
|
|
can then roam onto the target AP using the cached PMK.
|
|
|
|
- IWD supports Fast Transitions for fast roaming between access points. Only
|
|
FT-over-Air (fastest option) is currently supported by iwd. Whenever iwd
|
|
determines that a roam is required and a suitable target that supports fast
|
|
transitions is available, iwd roams to the target AP using FT automatically.
|
|
|
|
- IWD supports Radio Resource Management from 802.11k. In particular iwd
|
|
can request and utilize Neighbor Reports. When iwd determines that a roam
|
|
is required, iwd will try to obtain a Neighbor Report from the currently
|
|
connected AP (using a special Action frame). This enables iwd to optimize
|
|
the list of channels to scan in order to find a suitable target for roaming
|
|
much quicker.
|
|
|
|
- IWD supports receiving and generating SA Query action frames. If there is a
|
|
spoofed disassociate frame, IWD will generate a SA Query frame to ask the AP if
|
|
the disassociate frame was valid. The alternate case is if the AP receives
|
|
an (re)associate frame while the STA is still connected. In this case the AP
|
|
will send an SA Query frame, which IWD will respond to if it is still connected.
|
|
|
|
- IWD supports Opportunistic Wireless Encryption (OWE). This allows encryption
|
|
on open networks, by using ECDH to negotiate a PMK.
|
|
|
|
- IWD supports the following EAP methods:
|
|
- EAP-SIM
|
|
- EAP-AKA
|
|
- EAP-AKA'
|
|
- EAP-GTC
|
|
- EAP-MD5
|
|
- EAP-MSCHAPV2
|
|
- EAP-TLS
|
|
- EAP-WSC
|
|
- EAP-PEAP
|
|
- EAP-TTLS
|
|
|
|
- In addition to the default station mode, IWD supports:
|
|
- AdHoc (IBSS) - Both unicast and multicast traffic is supported.
|
|
- Access Point - Both unicast and multicast traffic is supported. AP
|
|
mode does not yet support EAP methods.
|
|
|
|
- IWD supports SAE (Simultaneous Authentication of Equals). SAE is required for
|
|
the WPA3 certification. SAE uses a Diffie-Hellman key exchange to produce the
|
|
PMK that's used in the 4-way handshake. Support for hybrid WPA3/WPA2 AP's is
|
|
also implemented, where WPA3 is preferred.
|
|
|
|
Wireless monitor
|
|
================
|
|
|
|
Netlink monitor interface is created if it does not exist
|
|
|
|
The iwmon utility automates netlink monitor creation by by using RTNL
|
|
to find an existing netlink monitor interface, and in case it does not
|
|
exist, create a new one. By default the netlink monitor interface is
|
|
named 'nlmon'. Another name can be given with the '--interface'
|
|
command line option.
|
|
|
|
Once iwmon terminates, the netlink monitor interface is removed (in
|
|
case iwmon created it).
|
|
|
|
|
|
HWSIM
|
|
=====
|
|
|
|
The radio id from kernel mac80211_hwsim module is parsed properly in
|
|
hwsim. The radio id is not returned as HWSIM_ATTR_RADIO_ID but instead
|
|
it is returned in error message. If the error code > 0, then that means
|
|
the radio id. If the error code < 0, then that indicates a real error.
|
|
|
|
The hwsim uses new HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE flag attribute to
|
|
tell the kernel that when the hwsim process dies, the radios it created
|
|
should be removed. For testing tools it is beneficial if the newly
|
|
created radio could be bound to the lifetime of the netlink socket.
|
|
Alternatively, using the hwsim '-k (--keep)' command line option instructs
|
|
hwsim to not destroy the created radio automatically.
|
|
|
|
The hwsim is using HWSIM_CMD_NEW_RADIO to create a new radio. When the
|
|
radio has been created, the kernel will return the used radio id and
|
|
parameters in a HWSIM_CMD_NEW_RADIO multicast event that is sent in
|
|
"config" netlink multicast group. The command HWSIM_CMD_DEL_RADIO is sent
|
|
by kernel when a hwsim radio is deleted. In this case the deleted
|
|
radio id is sent to "config" netlink multicast group.
|
|
|
|
hwsim can list radios by sending a HWSIM_CMD_GET_RADIO with the attribute
|
|
HWSIM_ATTR_RADIO_ID containing the desired radio id. If no radio id is
|
|
given on the command line, a dump of all radios is requested from the
|
|
kernel. The attributes returned are identical to those sent to the
|
|
'config' multicast group when creating a radio.
|