aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Add os_exec() helper to run external programsJouni Malinen2015-10-203-0/+68
| | | | | | Change-Id: I579af1fa8c2f85622ffddb186ba799dcb9ac4b6f Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Tested-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
* P2P: Validate SSID element length before copying itJouni Malinen2015-10-171-0/+1
| | | | | | | | | | | | | | | | | | | | | | This fixes a possible memcpy overflow for P2P dev->oper_ssid in p2p_add_device(). The length provided by the peer device (0..255 bytes) was used without proper bounds checking and that could have resulted in arbitrary data of up to 223 bytes being written beyond the end of the dev->oper_ssid[] array (of which about 150 bytes would be beyond the heap allocation) when processing a corrupted management frame for P2P peer discovery purposes. This could result in corrupted state in heap, unexpected program behavior due to corrupted P2P peer device information, denial of service due to process crash, exposure of memory contents during GO Negotiation, and potentially arbitrary code execution. Thanks to Google security team for reporting this issue and smart hardware research group of Alibaba security team for discovering it. Change-Id: I9f350f20cdd010f2c096514b245b4a901ad74e46 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
* WFD: Add support for sending Wi-Fi Display service discovery requestsJouni Malinen2012-12-144-0/+60
| | | | | | | | | | | | | | | | | wpa_cli p2p_serv_disc_req command can now be used to request WSD request to be sent to specified or all peers who support WSD. format: wifi-display <list of roles> <list of subelements> examples: p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [source] 2,3,4,5 p2p_serv_disc_req 02:01:02:03:04:05 wifi-display [pri-sink] 3 p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [sec-source] 2 p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [source+sink] 2,3,4,5 p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [source][pri-sink] 2,3,4,5 Change-Id: I14f8a92aa9a2161d7db97f5670d2dfe3b63ef1e3 Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Vishal Mahaveer <vishalm@ti.com>
* WFD: Add wfd_subelems hexdump in BSS ctrl_iface command outputJouni Malinen2012-12-141-0/+1
| | | | | | | | This makes it easier to parse the WFD subelements from scan results. Change-Id: I1ce349bb33b56470888b47a37a96e56f1e0d6342 Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Vishal Mahaveer <vishalm@ti.com>
* WFD: Add Wi-Fi Display supportJouni Malinen2012-12-1412-22/+653
| | | | | | | | | | | | | | | | | | | | This commit adds control interface commands and internal storage of Wi-Fi Display related configuration. In addition, WFD IE is now added to various P2P frames, Probe Request/Response, and (Re)Association Request/Response frames. WFD subelements from peers are stored in the P2P peer table. Following control interface commands are now available: SET wifi_display <0/1> GET wifi_display WFD_SUBELEM_SET <subelem> [hexdump of length+body] WFD_SUBELEM_GET <subelem> Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com> [vishalm@ti.com: Backported it to curent tree] Signed-off-by: Vishal Mahaveer <vishalm@ti.com> Change-Id: Ief0cd61903facd9209927d9dc84c8f093f3b6bac
* P2P: Fix broken rx action frame handling (INTERNAL-SQUASH)Eyal Shapira2012-11-132-1/+5
| | | | | | | | | | | | | | | | | | | | | | Commit "P2P: Fix duplicate handling of rx action frames" went too far and dropped any rx action frames arriving on the GO interface. It assumed that any action frames were duplicated and received on both GO interface and P2P device interface. This is wrong as some actions frames like P2P presence request are sent to the GO interface address and won't be duplicated. The root cause of the duplication lies within the Rx path in mac80211 in Johannes` patch "mac80211: accept public action frames with mismatched BSSID". When wpa_s works with a separate group interface this creates a duplicated Rx on both the P2P dev interface and the GO interface. Fix the issue by canceling the duplication in wpa_s and discarding public action frames with unmatching bssid arriving on a dedicated GO interface (This should be squashed with "P2P: Fix duplicate handling of rx action frames") Signed-off-by: Eyal Shapira <eyal@wizery.com>
* nl80211: add support for DRIVER COUNTRY commandVishal Mahaveer2012-11-111-0/+2
| | | | | | Add this for supporting country command coming as DRIVER command in Android. Signed-off-by: Vishal Mahaveer <vishalm@ti.com>
* hostapd: enable dynamic modification of acl policyNadim Zubidat2012-11-062-0/+59
| | | | | | | | | add APIs for dynamically changing the macaddr_acl policy and mac addresses lists. once changed, hostapd will deauth stations which do not pass the new policy. Signed-off-by: Nadim Zubidat <nadimz@ti.com>
* P2P: cancel action frame offchan wait after recv go neg resp (UPSTREAM)Eyal Shapira2012-11-021-1/+1
| | | | | | | | | | | A wait of 200ms is configured after sending the go neg request. The go neg process can end quickly within less than 200ms. If this wait isn't canceled it can cause the beaconing of the GO to start while mac80211 is still off channel on the listen channel and this may cause beaconing on the wrong channel if oper channel is different from the listen channel. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* Revert "Add P2P IEs to probe requests only when in P2P (UPSTREAM)"Eyal Shapira2012-10-292-18/+0
| | | | | | | | | | | This is replaced by a recent patch by Jouni in the upstream: "P2P: Allow P2P functionality to be disabled per interface" This reverts commit a56f6df6f8e5dcd650893e8beb4a16a633c179d1. Conflicts: src/p2p/p2p.c
* P2P: cancel action frame offchan wait after recv go neg confEyal Shapira2012-10-241-0/+1
| | | | | | | | | | | The missing call to scan_action_done keeps us offchan on the listen channel for 250ms following sending go neg resp. In case the oper channel is different from the listen channel and we're GO a race could lead to start beaconing while offchan. This causes the beacons to go out on the listen channel instead of the oper channel. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* Revisit "nl80211: dummy DRIVER SETBAND handler"Vishal Mahaveer2012-09-281-3/+3
| | | | | | | Used the wrong string compare API before. Fix it by using the correst API. Signed-off-by: Vishal Mahaveer <vishalm@ti.com>
* nl80211: dummy DRIVER SETBAND handlerVishal Mahaveer2012-09-251-0/+3
| | | | | | | | SETBAND command is handled in wpa_supplicant_driver_cmd API. Add a dummy handler in driver_nl80211 for avoiding misleading log, "Unsupported command: SETBAND ". Signed-off-by: Vishal Mahaveer <vishalm@ti.com>
* P2P: fix oper channel selection (SQUASH)Arik Nemtsov2012-09-241-1/+2
| | | | | | | | | | | | Handles the forgotten p2p_process_go_neg_resp() case of patch: commit 66b8140a08b9f6297cd49a3428ada713bf668300 Author: Arik Nemtsov <arik@wizery.com> Date: Thu Aug 30 21:06:45 2012 +0300 P2P: always re-select oper channel if not hard coded Signed-off-by: Arik Nemtsov <arik@wizery.com>
* nl80211_copy: update from latest 12xx drv (INTERNAL)Arik Nemtsov2012-09-131-0/+26
| | | | | | add channel switch related commands and attributes Signed-off-by: Arik Nemtsov <arik@wizery.com>
* nl80211: add channel switch ability to AP & GO (INTERNAL)Victor Goldenshtein2012-09-131-4/+69
| | | | | | | | Implement AP channel switch command. Handle channel switch request and channel switch complete events. Signed-hostap: Victor Goldenshtein <victorg@ti.com>
* hostap: add channel switch ability to AP & GO (INTERNAL)Victor Goldenshtein2012-09-139-3/+150
| | | | | | | | | | | | | | | Add channel switch command and handle channel switch request/complete events. New hostapd_eid_csa() which builds the channel switch announcement IE. Add this CSA to the beacon frame prior performing a channel switch and remove it once it's completed. New EVENT_REQ_CH_SW which indicates that the driver has requested to perform a channel switch. Signed-hostap: Victor Goldenshtein <victorg@ti.com>
* hostapd: implement channel switch request drv ops (INTERNAL)Victor Goldenshtein2012-09-134-0/+55
| | | | | | New hostapd_channel_switch – to handle channel switch request. Signed-hostap: Victor Goldenshtein <victorg@ti.com>
* nl80211: make unicast RX filter always match STA iface mac (ANDROID)Eyal Shapira2012-09-131-4/+4
| | | | | | | | | | | | | | This is part of changing the RX filters configuration to being global and not dependent on the interface context. RX filter #0 should point to a filter matching any unicast frame sent to the STA (wlan0) mac. The configuration is done by querying the mac address of the interface. As we now have reconfiguration of filters done from the context of the p2p interface filter #0 would get reconfigured with the P2P dev mac. Avoid this by hard coded querying for the mac of wlan0 when creating the pattern for RX filter #0. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* nl80211: reconfigure RX filters whenever a new interface is added (ANDROID)Eyal Shapira2012-09-131-0/+35
| | | | | | | | | | This is used to reconfigure RX filters to include a new filter whenever the P2P group interface is added. The new filter matches any unicast frame sent to a dest mac which matches the P2P group interface mac. This is important as otherwise we wouldn't allow any data frames through to this interface. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* nl80211: support configuring RX filters dynamically (ANDROID)Eyal Shapira2012-09-121-5/+128
| | | | | | | | | | | | The current RX filters are statically defined and can only be enabled or disabled by the DRIVER RX-FILTER commands. Add support to add or remove RX filters "on the fly" from within wpa_s code so we can use this to add an RX filter matching unicast packets going to the new P2P interface mac. Whenever the filters change the whole list of filters needs to be configured to the kernel. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* nl80211: make rx filters config global (ANDROID)Eyal Shapira2012-09-121-12/+24
| | | | | | | | | | | | The RX filters (wowlan) configuration is per interface but this doesn't reflect the state in the kernel where it's per hw device (effectively in Android global). In JB this is more important as wpa_s uses up to 3 different interfaces when running P2P+STA. Also, fix a minor bug in nl80211_toggle_wowlan_trigger where the wpa_s wowlan state changed even if configuring the kernel failed. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* nl80211: Remove driver specific commands not used in JB (JB)Eyal Shapira2012-09-121-99/+0
| | | | | | | | | | The following driver specific commands aren't used in JB and were replaced by other APIs: POWERMODE,GETPOWER,LINKSPEED,RSSI,RSSI-APPROX Remove code handling these commands. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* nl80211: Remove driver command DROPBCAST (ANDROID)Eyal Shapira2012-09-121-74/+0
| | | | | | | | There's no support for this in the driver for now as the relevant patches were dropped. Therefore remove relevant code in wpa_s as well. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* Make copies basic_rates list more usefulJouni Malinen2012-09-071-0/+2
| | | | | | | | | | | Commit e5693c4775bae65faa960f80889f98b0a6cb2e1c added a copy of the determined basic rate set into struct hostapd_iface, but did not actually copy the terminating -1 value. This could be problematic if something were to actually try to use this list since would be no way to know what is the last entry in the list. Fix this by copying the terminating value. Signed-hostap: Jouni Malinen <j@w1.fi>
* P2P: prefer operating channels where HT40 is possibleArik Nemtsov2012-09-041-0/+15
| | | | | | | | When no other user preference is specified, opt to use an operating channel that allows HT40 operation. This way, if driver capabilities and regulatory constraints allow, we might enjoy increased bandwidth. Signed-hostap: Arik Nemtsov <arik@wizery.com>
* P2P: always re-select oper channel if not hard codedArik Nemtsov2012-09-041-1/+16
| | | | | | | | | | | Since the operating channel is randomly set to 1/6/11 on init, which is always in the channel intersection, we were effectively ignoring the set of p2p preferred channels. Fix this by trying to get the best channel we can, unless the user hard coded the operating channel in the configuration file. Fall back to the initial randomly selected channel if a better one cannot be chosen. Signed-hostap: Arik Nemtsov <arik@wizery.com>
* P2P: Use larger GO config timeout if HT40 is usedJouni Malinen2012-09-045-3/+29
| | | | | | | Increase GO config timeout if HT40 is used since it takes some time to scan channels for coex purposes before the BSS can be started. Signed-hostap: Jouni Malinen <j@w1.fi>
* P2P: Enable 40 MHz support for autonomous P2P group additionRajkumar Manoharan2012-09-041-0/+2
| | | | | | | | Add optional "ht40" argument for p2p_group_add command to enable 40 MHz in 5GHz band. This configures the secondary channel, when HT support is enabled and if the HW supports 40 MHz channel width. Signed-hostap: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
* Remove default ACM=1 from AC_VO and AC_VIJouni Malinen2012-09-041-2/+2
| | | | | | | | | | There is no need to mandate admission control (ACM=1) by default, so clear that flag in the case the configuration file does not specify wmm_ac_{vo,vi}_acm value. This gets closer to the values mentioned in the sample hostapd.conf file and reduces the need to specify WMM parameters in the configuration file for most common use cases. Signed-hostap: Jouni Malinen <j@w1.fi>
* AP: configure basic rates from iface and not confArik Nemtsov2012-09-041-1/+1
| | | | | | | | | The conf doesn't contain any basic rates in some cases. Most notably, when starting a p2p GO in 5Ghz. Use the iface rates which are initialized in hostapd_prepare_rates() to the conf rates or set to default values if no conf values exist. Signed-hostap: Arik Nemtsov <arik@wizery.com>
* Add P2P IEs to probe requests only when in P2P (UPSTREAM)Eyal Shapira2012-08-132-0/+17
| | | | | | | | | | | | The current code caused P2P and consquently WPS IEs to be added to any probe as the check was for non null global->p2p. global->p2p gets set whenever P2P is initialized globally and that occurs on the first interface init. Fix this by indicating wps is in use only when in active P2P discovery or connection establishement. (i.e. not P2P_IDLE - either doing search, neg or provisioning) Signed-off-by: Eyal Shapira <eyal@wizery.com>
* WPS: fix nonce comparisons (UPSTREAM)Eyal Shapira2012-08-132-12/+12
| | | | | | | Multiple memcmps of nonces were actually comparing only the first byte instead of all 16 bytes. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* P2P: Increase GO Negotiation timeoutsJouni Malinen2012-08-122-3/+3
| | | | | | | | | | | | | | | | | | | | | | p2p_set_timeout() calls in GO Neg Req/Resp TX callbacks used timeout of 100 ms which is the value given in the P2P specification for GO Negotiation, but this was actually shorter than the wait-for-offchannel-TX value (200 ms) used for the driver call. In addition, it looks like some devices (e.g., Galaxy Nexus with JB image) can take longer time to reply to GO Negotiation Response (somewhere between 200 and 250 ms has been observed). Increase the wait-for-GO-Neg-Resp timeout from 100 ms to 200 ms if GO Negotiation Request frame was acknowledged (this matches with the offchannel wait timeout that used previously). The no-ack case is left at 100 ms since we use GO Negotiation Request frame also to discover whether the peer is on its Listen channel. Increase the wait-for-GO-Neg-Conf timeout from 100 ms to 250 ms (and increase the offchannel wait timeout to matching 250 ms) as a workaround for devices that take over 200 ms to reply to GO Negotiation Response. Signed-hostap: Jouni Malinen <j@w1.fi>
* Fix a couple memory leaksPaul Stewart2012-08-081-1/+4
| | | | | | Found using valgrind. Signed-hostap: Paul Stewart <pstew@chromium.org>
* nl80211: avoid using another interface for P2P GO (INTERNAL)Eyal Shapira2012-08-021-1/+0
| | | | | | | | | | | | | | | | | Relevant for wl6/7 only, we need to figure out the wl8 MR case. We now declare iface combinations in wlcore due to cfg80211 enforcement of that. Since we declare support for concurrent STA and P2P_GO, wpa_s would like to use another interface for GO. However, since we don't really support P2P_GO so well in MR but we do want to enable it in MR, prevent wpa_s from using P2P concurrent mode. This should be removed once we support P2P_GO properly in MR. [Arik - should be changed to a configuration parameter to wpa_s, and the current default should be preserved] Signed-off-by: Eyal Shapira <eyal@wizery.com>
* Fix a crash in WPS PBC overlap (BRCM)Eyal Shapira2012-08-021-0/+5
| | | | | | | | | | | Supposedly fixed a crash which occurs during actual PBC overlap according to BRCM commit log. (Not quite sure what's the exact cause of the crash here. However this looks like a non BRCM specific change so take it). p2p_dev_addr can be NULL in some of the calls. Might cause a problem ?) Signed-off-by: Eyal Shapira <eyal@wizery.com>
* P2P: Avoid peer expiration while connection in progress (BRCM)Eyal Shapira2012-08-021-1/+34
| | | | | | | | (This seems to be a bug fix squashed in one of the BRCM patches. Could be that the probability of this occuring once the expiration time was reduced to 30s is higher) Signed-off-by: Eyal Shapira <eyal@wizery.com>
* P2P: Improve scan results handling (BRCM)Eyal Shapira2012-08-022-0/+25
| | | | | | | | | | | Avoid reporting scan results to the application in case a P2P search is in progress as there will be many events but the scan is only done on channels 1,6,11. This may cause APs on other channels to "disappear" from the scan results. Also avoid updating P2P interfaces with STA interfaces scan results in order to avoid having results which are not on the social channels. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* P2P: Start blocked p2p find even if scan was on another interface (BRCM)Eyal Shapira2012-08-021-0/+12
| | | | | | | | | | | | | | p2p find can now defer starting the p2p scan due to an ongoing scan on a different interface. Relying on p2p_cb_on_scan_complete which is a per interface flag is wrong here and we won't resume the p2p find in case the scan wasn't on the same interface (which is the case in Android JB). Fix this by relying on the global p2p state instead. (This description is based on analysis of the code as the original BRCM commit doesn't contain any useful information) Signed-off-by: Eyal Shapira <eyal@wizery.com>
* P2P: Decrease peer expiry time (BRCM)Eyal Shapira2012-08-021-0/+4
| | | | | | | Changed from 5 min to 30 secs probably in order to avoid stale peers appearing in the Android UI. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* nl80211: add parameter to force multi channel concurrency (BRCM)Eyal Shapira2012-08-021-0/+9
| | | | | | | Add a parameter which can be set from wpa_s commandline or conf file to force real multi channel. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* nl80211: fix extending shared_freq detection to AP/GO (BRCM)Eyal Shapira2012-08-021-0/+4
| | | | | | | | Commit d3bd0f "nl80211: Extend shared_freq to handle AP/GO mode interfaces" still discards AP/GO interfaces so effectively shared_freq won't work on AP/GO interaces like intended. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* P2P: Resolve frequency conflicts between STA and P2P (BRCM)Eyal Shapira2012-08-021-0/+4
| | | | | | | | | | | | | | Upon association check whether there's a a frequency conflict given that no support for multi channel. In case there's a freq conflict with an existing P2P_GO or P2P_CLI decide how to resolve it (which one to disable or disconnect) according to the priority configuration. Effectively on Android JB, STA is always prioritized over P2P so in case of a conflict P2P will be disconnected so that STA can associate on a different channel. Signed-off-by: Eyal Shapira <eyal@wizery.com>
* Prep work to configure a prioritized interface (BRCM)Eyal Shapira2012-08-022-0/+6
| | | | | | | | | | | Add a new configurable property which points to the interface name that should prioritized in case of resolving connection conflicts. (This appears to be prep work which doesn't get used however we include it to better align with JB) Signed-off-by: Eyal Shapira <eyal@wizery.com>
* nl80211: Use native cfg80211 sta events (BRCM)Dmitry Shmidt2012-08-021-90/+15
| | | | | | | | | | [Eyal - Keep specific BRCM specific stuff under ANDROID_BRCM_P2P_PATCH and not ANDROID_P2P which TI solution compiles with] Change-Id: I0f6222839ac87241f1bfbbb1fdc6469bf6359652 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com> Signed-off-by: Eyal Shapira <eyal@wizery.com>
* Fix p2p service discoveryIrfan Sheriff2012-08-023-3/+100
| | | | | | | - Fix listen timing to improve SD reliability - Fix SD packet scheduling Signed-off-by: Eyal Shapira <eyal@wizery.com>
* Use keystore ENGINE for private key operationsKenny Root2012-08-021-0/+9
| | | | | | | | | | | The new keystore ENGINE is usable to perform private key operations when we can't get the actual private key data. This is the case when hardware crypto is enabled: the private key never leaves the hardware. Subsequently, we need to be able to talk to OpenSSL ENGINEs that aren't PKCS#11 or OpenSC. This just changes a few #define variables to allow us to talk to our keystore engine without having one of those enabled and without using a PIN.
* nl80211_driver: add private commands to use dropbcastLuciano Coelho2012-08-021-2/+76
| | | | | | | | Add DRIVER DROPBCAST {GET,ENABLE,DISABLE} commands to show the current setting, enable and disable the feature of dropping all broadcast packets while in suspend mode. Signed-off-by: Luciano Coelho <coelho@ti.com>
* nl80211: Implement some private cmdsYotam Rubin2012-08-021-27/+29
| | | | | | | | | | | | | | | | | Implement the LINKSPEED and RSSI/RSSI-APPROX private commands. Upstream implementation sends the HANGED state event on private command failure. Unimplemented commands were sent to the driver as-is, causing the HANGED event to be sent and cause a recovery. Private command handling was modified so that only implemented commands are sent to the driver and the sending of the HANGED event was removed. [Arik - The "linkspeed" driver command incorrectly reported the rate in kbps. Fix this] Signed-off-by: Arik Nemtsov <arik@wizery.com> Signed-off-by: Yotam Rubin <yotam@wizery.com>