Merge "Add sanity check for mac address & WPS device type"
diff --git a/hostapd/Android.bp b/hostapd/Android.bp
index 2a25208..3194d36 100644
--- a/hostapd/Android.bp
+++ b/hostapd/Android.bp
@@ -318,3 +318,9 @@
],
}
+
+// This manifest can used by a vendor apex module for hostapd as well.
+filegroup {
+ name: "android.hardware.wifi.hostapd.xml",
+ srcs: ["android.hardware.wifi.hostapd.xml"],
+}
diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c
index 52dc8df..d6fd792 100644
--- a/src/common/ieee802_11_common.c
+++ b/src/common/ieee802_11_common.c
@@ -312,10 +312,14 @@
elems->pasn_params_len = elen;
break;
case WLAN_EID_EXT_EHT_CAPABILITIES:
+ if (elen < EHT_CAPABILITIES_IE_MIN_LEN)
+ break;
elems->eht_capabilities = pos;
elems->eht_capabilities_len = elen;
break;
case WLAN_EID_EXT_EHT_OPERATION:
+ if (elen < EHT_OPERATION_IE_MIN_LEN)
+ break;
elems->eht_operation = pos;
elems->eht_operation_len = elen;
break;
@@ -2851,6 +2855,7 @@
struct supported_chan_width supported_width;
supported_width.is_160_supported = 0;
supported_width.is_80p80_supported = 0;
+ supported_width.is_320_supported = 0;
if (elems == NULL)
return supported_width;
@@ -2858,6 +2863,8 @@
(struct ieee80211_vht_capabilities *) elems->vht_capabilities;
struct ieee80211_he_capabilities *hecaps =
(struct ieee80211_he_capabilities *) elems->he_capabilities;
+ struct ieee80211_eht_capabilities *ehtcaps =
+ (struct ieee80211_eht_capabilities *) elems->eht_capabilities;
if (vhtcaps) {
le32 vht_capabilities_info =
@@ -2875,8 +2882,16 @@
if (channel_width_set & HE_PHYCAP_CHANNEL_WIDTH_SET_80PLUS80MHZ_IN_5G)
supported_width.is_80p80_supported = 1;
}
- wpa_printf(MSG_DEBUG, " IE indicate 160 supported: %u, 80+80 supported: %u",
- supported_width.is_160_supported, supported_width.is_80p80_supported);
+ if (ehtcaps) {
+ if (ehtcaps->phy_cap[EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_IDX] &
+ EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_MASK)
+ supported_width.is_320_supported = 1;
+ }
+ wpa_printf(MSG_DEBUG,
+ " IE indicates 320 supported: %u, 160 supported: %u, 80+80 supported: %u",
+ supported_width.is_320_supported,
+ supported_width.is_160_supported,
+ supported_width.is_80p80_supported);
return supported_width;
}
@@ -2986,6 +3001,39 @@
return channel_width;
}
+/* Parse EHT operation IE to get EHT operation channel width */
+static enum chan_width get_eht_operation_channel_width(
+ struct ieee80211_eht_operation *eht_oper,
+ int eht_oper_len)
+{
+ enum chan_width channel_width = CHAN_WIDTH_UNKNOWN;
+ if (!(eht_oper->oper_params & EHT_OPER_INFO_PRESENT) ||
+ eht_oper_len < (EHT_OPERATION_IE_MIN_LEN + EHT_OPER_INFO_MIN_LEN))
+ return channel_width;
+
+ switch (eht_oper->oper_info.control & EHT_OPER_CHANNEL_WIDTH_MASK) {
+ case EHT_OPER_CHANNEL_WIDTH_20MHZ:
+ channel_width = CHAN_WIDTH_20;
+ break;
+ case EHT_OPER_CHANNEL_WIDTH_40MHZ:
+ channel_width = CHAN_WIDTH_40;
+ break;
+ case EHT_OPER_CHANNEL_WIDTH_80MHZ:
+ channel_width = CHAN_WIDTH_80;
+ break;
+ case EHT_OPER_CHANNEL_WIDTH_160MHZ:
+ channel_width = CHAN_WIDTH_160;
+ break;
+ case EHT_OPER_CHANNEL_WIDTH_320MHZ:
+ channel_width = CHAN_WIDTH_320;
+ break;
+ default:
+ break;
+ }
+ wpa_printf(MSG_DEBUG, " EHT operation CBW: %u", channel_width);
+ return channel_width;
+}
+
/* Parse HT/VHT/HE operation IEs to get operation channel width */
enum chan_width get_operation_channel_width(struct ieee802_11_elems *elems)
{
@@ -2999,7 +3047,14 @@
(struct ieee80211_vht_operation_info *) elems->vht_operation;
struct ieee80211_he_operation *he_oper =
(struct ieee80211_he_operation *) elems->he_operation;
- if (he_oper)
+ struct ieee80211_eht_operation *eht_oper =
+ (struct ieee80211_eht_operation *) elems->eht_operation;
+
+ if (eht_oper)
+ channel_width = get_eht_operation_channel_width(
+ eht_oper, elems->eht_operation_len);
+
+ if (channel_width == CHAN_WIDTH_UNKNOWN && he_oper)
channel_width = get_he_operation_channel_width(
he_oper, elems->he_operation_len);
@@ -3023,7 +3078,11 @@
enum chan_width ap_operation_chan_width,
struct supported_chan_width sta_supported_chan_width)
{
- if (ap_operation_chan_width == CHAN_WIDTH_160)
+ if (ap_operation_chan_width == CHAN_WIDTH_320 &&
+ sta_supported_chan_width.is_320_supported)
+ return CHAN_WIDTH_320;
+ if (ap_operation_chan_width == CHAN_WIDTH_160 ||
+ ap_operation_chan_width == CHAN_WIDTH_320)
return (sta_supported_chan_width.is_160_supported)
? CHAN_WIDTH_160 : CHAN_WIDTH_80;
if (ap_operation_chan_width == CHAN_WIDTH_80P80)
diff --git a/src/common/ieee802_11_common.h b/src/common/ieee802_11_common.h
index 2e81751..ff31e8d 100644
--- a/src/common/ieee802_11_common.h
+++ b/src/common/ieee802_11_common.h
@@ -351,6 +351,7 @@
struct supported_chan_width {
u8 is_160_supported;
u8 is_80p80_supported;
+ u8 is_320_supported;
};
struct supported_chan_width get_supported_channel_width(struct ieee802_11_elems *elems);
diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h
index 4345488..ec3b42b 100644
--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
@@ -2446,11 +2446,14 @@
/* IEEE P802.11be/D1.5, 9.4.2.311 - EHT Operation element */
+#define EHT_OPERATION_IE_MIN_LEN 1
+
/* Figure 9-1002b: EHT Operation Parameters field subfields */
#define EHT_OPER_INFO_PRESENT BIT(0)
#define EHT_OPER_DISABLED_SUBCHAN_BITMAP_PRESENT BIT(1)
/* Control subfield: Channel Width subfield; see Table 9-401b */
+#define EHT_OPER_CHANNEL_WIDTH_MASK 0x7
#define EHT_OPER_CHANNEL_WIDTH_20MHZ 0
#define EHT_OPER_CHANNEL_WIDTH_40MHZ 1
#define EHT_OPER_CHANNEL_WIDTH_80MHZ 2
@@ -2458,6 +2461,8 @@
#define EHT_OPER_CHANNEL_WIDTH_320MHZ 4
/* Figure 9-1002c: EHT Operation Information field format */
+#define EHT_OPER_INFO_MIN_LEN 3
+
struct ieee80211_eht_oper_info {
u8 control; /* B0..B2: Channel Width */
u8 ccfs0;
@@ -2473,6 +2478,8 @@
/* IEEE P802.11be/D1.5, 9.4.2.313 - EHT Capabilities element */
+#define EHT_CAPABILITIES_IE_MIN_LEN 11
+
/* Figure 9-1002af: EHT MAC Capabilities Information field */
#define EHT_MACCAP_EPCS_PRIO BIT(0)
#define EHT_MACCAP_OM_CONTROL BIT(1)
diff --git a/wpa_supplicant/Android.bp b/wpa_supplicant/Android.bp
index db11387..01f6662 100644
--- a/wpa_supplicant/Android.bp
+++ b/wpa_supplicant/Android.bp
@@ -67,7 +67,7 @@
defaults: ["wpa_supplicant_cflags_defaults"],
srcs: [":wpa_supplicant_srcs"],
shared_libs: [
- "android.hardware.wifi.supplicant-V1-ndk",
+ "android.hardware.wifi.supplicant-V2-ndk",
"libbase",
"libbinder_ndk",
"libc",
diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk
index 1eaebde..1da9e61 100644
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
@@ -1812,7 +1812,7 @@
LOCAL_SHARED_LIBRARIES += libdbus
endif
ifeq ($(WPA_SUPPLICANT_USE_AIDL), y)
-LOCAL_SHARED_LIBRARIES += android.hardware.wifi.supplicant-V1-ndk
+LOCAL_SHARED_LIBRARIES += android.hardware.wifi.supplicant-V2-ndk
LOCAL_SHARED_LIBRARIES += libutils libbase
LOCAL_SHARED_LIBRARIES += libbinder_ndk
LOCAL_STATIC_LIBRARIES += libwpa_aidl
@@ -1884,7 +1884,7 @@
aidl/sta_network.cpp \
aidl/supplicant.cpp
LOCAL_SHARED_LIBRARIES := \
- android.hardware.wifi.supplicant-V1-ndk \
+ android.hardware.wifi.supplicant-V2-ndk \
libbinder_ndk \
libbase \
libutils \
diff --git a/wpa_supplicant/aidl/Android.bp b/wpa_supplicant/aidl/Android.bp
index 0785fe1..24c2079 100644
--- a/wpa_supplicant/aidl/Android.bp
+++ b/wpa_supplicant/aidl/Android.bp
@@ -33,7 +33,7 @@
defaults: ["wpa_supplicant_cflags_defaults"],
soc_specific: true,
shared_libs: [
- "android.hardware.wifi.supplicant-V1-ndk",
+ "android.hardware.wifi.supplicant-V2-ndk",
"libbinder_ndk",
"libbase",
"libutils",
diff --git a/wpa_supplicant/aidl/aidl_manager.cpp b/wpa_supplicant/aidl/aidl_manager.cpp
index 1791b2b..33ad650 100644
--- a/wpa_supplicant/aidl/aidl_manager.cpp
+++ b/wpa_supplicant/aidl/aidl_manager.cpp
@@ -39,6 +39,7 @@
const std::vector<uint8_t> kZeroBssid = {0, 0, 0, 0, 0, 0};
using aidl::android::hardware::wifi::supplicant::GsmRand;
+using aidl::android::hardware::wifi::supplicant::KeyMgmtMask;
/**
* Check if the provided |wpa_supplicant| structure represents a P2P iface or
@@ -662,6 +663,8 @@
aidl_ssid.assign(
wpa_s->current_ssid->ssid,
wpa_s->current_ssid->ssid + wpa_s->current_ssid->ssid_len);
+ wpa_printf(MSG_INFO, "assoc key_mgmt 0x%x network key_mgmt 0x%x",
+ wpa_s->key_mgmt, wpa_s->current_ssid->key_mgmt);
}
std::vector<uint8_t> bssid;
// wpa_supplicant sets the |pending_bssid| field when it starts a
@@ -681,12 +684,12 @@
std::function<
ndk::ScopedAStatus(std::shared_ptr<ISupplicantStaIfaceCallback>)>
func = std::bind(
- &ISupplicantStaIfaceCallback::onStateChanged,
+ &ISupplicantStaIfaceCallback::onStateChangedWithAkm,
std::placeholders::_1,
static_cast<StaIfaceCallbackState>(
wpa_s->wpa_state),
bssid, aidl_network_id, aidl_ssid,
- fils_hlp_sent);
+ fils_hlp_sent, (KeyMgmtMask) wpa_s->key_mgmt);
callWithEachStaIfaceCallback(
misc_utils::charBufToString(wpa_s->ifname), func);
return 0;
@@ -1350,14 +1353,22 @@
dev->flags |= P2P_DEV_REPORTED | P2P_DEV_REPORTED_ONCE;
}
+ P2pGroupStartedEventParams params;
+ params.groupInterfaceName = misc_utils::charBufToString(wpa_group_s->ifname);
+ params.isGroupOwner = aidl_is_go;
+ params.ssid = byteArrToVec(ssid->ssid, ssid->ssid_len);
+ params.frequencyMHz = aidl_freq;
+ params.psk = aidl_psk;
+ params.passphrase = misc_utils::charBufToString(ssid->passphrase);
+ params.isPersistent = aidl_is_persistent;
+ params.goDeviceAddress = macAddrToVec(wpa_group_s->go_dev_addr);
+ params.goInterfaceAddress = aidl_is_go ? macAddrToVec(wpa_group_s->own_addr) :
+ macAddrToVec(wpa_group_s->current_bss->bssid);
+
callWithEachP2pIfaceCallback(
misc_utils::charBufToString(wpa_s->ifname),
- std::bind(
- &ISupplicantP2pIfaceCallback::onGroupStarted,
- std::placeholders::_1, misc_utils::charBufToString(wpa_group_s->ifname),
- aidl_is_go, byteArrToVec(ssid->ssid, ssid->ssid_len),
- aidl_freq, aidl_psk, misc_utils::charBufToString(ssid->passphrase),
- macAddrToVec(wpa_group_s->go_dev_addr), aidl_is_persistent));
+ std::bind(&ISupplicantP2pIfaceCallback::onGroupStartedWithParams,
+ std::placeholders::_1, params));
}
void AidlManager::notifyP2pGroupRemoved(
diff --git a/wpa_supplicant/aidl/android.hardware.wifi.supplicant.xml b/wpa_supplicant/aidl/android.hardware.wifi.supplicant.xml
index 3dc9b02..b80dadd 100644
--- a/wpa_supplicant/aidl/android.hardware.wifi.supplicant.xml
+++ b/wpa_supplicant/aidl/android.hardware.wifi.supplicant.xml
@@ -1,6 +1,7 @@
<manifest version="1.0" type="device">
<hal format="aidl">
<name>android.hardware.wifi.supplicant</name>
+ <version>2</version>
<fqname>ISupplicant/default</fqname>
</hal>
</manifest>
diff --git a/wpa_supplicant/aidl/sta_iface.cpp b/wpa_supplicant/aidl/sta_iface.cpp
index 7a07cc1..d88f6f0 100644
--- a/wpa_supplicant/aidl/sta_iface.cpp
+++ b/wpa_supplicant/aidl/sta_iface.cpp
@@ -50,6 +50,7 @@
WIDTH_80P80 = 4,
WIDTH_5 = 5,
WIDTH_10 = 6,
+ WIDTH_320 = 7,
WIDTH_INVALID = -1
};
@@ -1747,7 +1748,9 @@
if (wpa_s->connection_set) {
capa.legacyMode = LegacyMode::UNKNOWN;
- if (wpa_s->connection_he) {
+ if (wpa_s->connection_eht) {
+ capa.technology = WifiTechnology::EHT;
+ } else if (wpa_s->connection_he) {
capa.technology = WifiTechnology::HE;
} else if (wpa_s->connection_vht) {
capa.technology = WifiTechnology::VHT;
@@ -1778,6 +1781,9 @@
case CHAN_WIDTH_80P80:
capa.channelBandwidth = WifiChannelWidthInMhz::WIDTH_80P80;
break;
+ case CHAN_WIDTH_320:
+ capa.channelBandwidth = WifiChannelWidthInMhz::WIDTH_320;
+ break;
default:
capa.channelBandwidth = WifiChannelWidthInMhz::WIDTH_20;
break;
@@ -1817,6 +1823,12 @@
mask |= static_cast<uint32_t>(WpaDriverCapabilitiesMask::TRUST_ON_FIRST_USE);
+ mask |= static_cast<uint32_t>(WpaDriverCapabilitiesMask::SET_TLS_MINIMUM_VERSION);
+
+#ifdef EAP_TLSV1_3
+ mask |= static_cast<uint32_t>(WpaDriverCapabilitiesMask::TLS_V1_3);
+#endif
+
wpa_printf(MSG_DEBUG, "Driver capability mask: 0x%x", mask);
return {static_cast<WpaDriverCapabilitiesMask>(mask),
@@ -1930,7 +1942,23 @@
std::pair<MloLinksInfo, ndk::ScopedAStatus> StaIface::getConnectionMloLinksInfoInternal()
{
+ struct wpa_supplicant *wpa_s = retrieveIfacePtr();
MloLinksInfo linksInfo;
+ MloLink link;
+
+ if (!wpa_s->valid_links)
+ return {linksInfo, ndk::ScopedAStatus::ok()};
+
+ for (int i = 0; i < MAX_NUM_MLD_LINKS; i++) {
+ if (!(wpa_s->valid_links & BIT(i)))
+ continue;
+
+ wpa_printf(MSG_DEBUG, "Add MLO Link ID %d info", i);
+ link.linkId = i;
+ link.staLinkMacAddress.assign(wpa_s->links[i].addr, wpa_s->links[i].addr + ETH_ALEN);
+ linksInfo.links.push_back(link);
+ }
+
return {linksInfo, ndk::ScopedAStatus::ok()};
}
diff --git a/wpa_supplicant/aidl/sta_network.cpp b/wpa_supplicant/aidl/sta_network.cpp
index 61c71a1..f9f980c 100644
--- a/wpa_supplicant/aidl/sta_network.cpp
+++ b/wpa_supplicant/aidl/sta_network.cpp
@@ -871,6 +871,14 @@
&StaNetwork::setRoamingConsortiumSelectionInternal, in_selectedRcoi);
}
+::ndk::ScopedAStatus StaNetwork::setMinimumTlsVersionEapPhase1Param(
+ TlsVersion in_tlsVersion)
+{
+ return validateAndCall(
+ this, SupplicantStatusCode::FAILURE_NETWORK_INVALID,
+ &StaNetwork::setMinimumTlsVersionEapPhase1ParamInternal, in_tlsVersion);
+}
+
std::pair<uint32_t, ndk::ScopedAStatus> StaNetwork::getIdInternal()
{
return {network_id_, ndk::ScopedAStatus::ok()};
@@ -2005,10 +2013,13 @@
{
struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
int val = enable == true ? 1 : 0;
- std::string suiteb_phase1("tls_suiteb=" + std::to_string(val));
+ std::string phase1_params("tls_suiteb=" + std::to_string(val));
+ if (wpa_ssid->eap.phase1 != NULL) {
+ phase1_params.append(wpa_ssid->eap.phase1);
+ }
if (setStringKeyFieldAndResetState(
- suiteb_phase1.c_str(), &(wpa_ssid->eap.phase1), "phase1")) {
+ phase1_params.c_str(), &(wpa_ssid->eap.phase1), "phase1")) {
return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
}
return ndk::ScopedAStatus::ok();
@@ -2597,6 +2608,41 @@
#endif
}
+ndk::ScopedAStatus StaNetwork::setMinimumTlsVersionEapPhase1ParamInternal(TlsVersion tlsVersion)
+{
+ struct wpa_ssid *wpa_ssid = retrieveNetworkPtr();
+ std::string phase1_params;
+ if (wpa_ssid->eap.phase1 != NULL) {
+ phase1_params.append(wpa_ssid->eap.phase1);
+ }
+ if (tlsVersion < TlsVersion::TLS_V1_0) {
+ return createStatus(SupplicantStatusCode::FAILURE_ARGS_INVALID);
+ }
+ // Fallback to disable lower version TLS cascadingly.
+ switch (tlsVersion) {
+ case TlsVersion::TLS_V1_3:
+ phase1_params.append("tls_disable_tlsv1_2=1");
+ FALLTHROUGH_INTENDED;
+ case TlsVersion::TLS_V1_2:
+ phase1_params.append("tls_disable_tlsv1_1=1");
+ FALLTHROUGH_INTENDED;
+ case TlsVersion::TLS_V1_1:
+ phase1_params.append("tls_disable_tlsv1_0=1");
+ FALLTHROUGH_INTENDED;
+ case TlsVersion::TLS_V1_0:
+ FALLTHROUGH_INTENDED;
+ default:
+ // no restriction
+ break;
+ }
+
+ if (setStringKeyFieldAndResetState(
+ phase1_params.c_str(), &(wpa_ssid->eap.phase1), "phase1")) {
+ return createStatus(SupplicantStatusCode::FAILURE_UNKNOWN);
+ }
+ return ndk::ScopedAStatus::ok();
+}
+
} // namespace supplicant
} // namespace wifi
} // namespace hardware
diff --git a/wpa_supplicant/aidl/sta_network.h b/wpa_supplicant/aidl/sta_network.h
index 524f44a..6661130 100644
--- a/wpa_supplicant/aidl/sta_network.h
+++ b/wpa_supplicant/aidl/sta_network.h
@@ -22,6 +22,7 @@
#include <aidl/android/hardware/wifi/supplicant/NetworkResponseEapSimUmtsAuthParams.h>
#include <aidl/android/hardware/wifi/supplicant/SaeH2eMode.h>
#include <aidl/android/hardware/wifi/supplicant/DppConnectionKeys.h>
+#include <aidl/android/hardware/wifi/supplicant/TlsVersion.h>
extern "C"
{
@@ -173,6 +174,8 @@
::ndk::ScopedAStatus enableSaePkOnlyMode(bool in_enable) override;
::ndk::ScopedAStatus setRoamingConsortiumSelection(
const std::vector<uint8_t>& in_selectedRcoi) override;
+ ::ndk::ScopedAStatus setMinimumTlsVersionEapPhase1Param(
+ TlsVersion in_tlsVersion) override;
private:
// Corresponding worker functions for the AIDL methods.
@@ -302,6 +305,7 @@
ndk::ScopedAStatus enableSaePkOnlyModeInternal(bool enable);
ndk::ScopedAStatus setRoamingConsortiumSelectionInternal(
const std::vector<uint8_t>& selectedRcoi);
+ ndk::ScopedAStatus setMinimumTlsVersionEapPhase1ParamInternal(TlsVersion tlsVersion);
struct wpa_ssid* retrieveNetworkPtr();
struct wpa_supplicant* retrieveIfacePtr();
diff --git a/wpa_supplicant/android.config b/wpa_supplicant/android.config
index 52e4c04..bfdd53e 100644
--- a/wpa_supplicant/android.config
+++ b/wpa_supplicant/android.config
@@ -80,6 +80,7 @@
# EAP-TLS
CONFIG_EAP_TLS=y
+CONFIG_EAP_TLSV1_3=y
# EAL-PEAP
CONFIG_EAP_PEAP=y
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 43c9344..aa01245 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -3076,7 +3076,8 @@
get_supported_channel_width(&req_elems);
enum chan_width ap_operation_chan_width =
get_operation_channel_width(&resp_elems);
- if (wpa_s->connection_vht || wpa_s->connection_he) {
+ if (wpa_s->connection_vht || wpa_s->connection_he ||
+ wpa_s->connection_eht) {
wpa_s->connection_channel_bandwidth =
get_sta_operation_chan_width(ap_operation_chan_width,
sta_supported_chan_width);