Digi
/
meta-digi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

firmware-murata: update firmware binaries to version imx-kirkstone-hedorah_r1.0 

This commit updates the required firmware binaries for Bluetooth and Wireless
interfaces, hostapd and wpa_supplicant recipes based on the Cypress Linux WiFi
Driver (FMAC) release v5.15.58-2023_1128 (Wireless firmware v13.10.246.334).
This change also includes a custom defconfig file for the hostapd and
wpa_supplicant recipes including the changes from the patches and the Digi
customizations.

Also are updated the Murata firmware repositories to match with the latest
Murata release imx-kirkstone-hedorah_r1.0, which is based in the same Cypress
Linux Wifi Driver release v5.15.58-2023_1128.

https://onedigi.atlassian.net/browse/DEL-8667

Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
This commit is contained in:
Arturo Buzarra 2023-12-20 16:38:21 +01:00
parent 67be7da934
commit ecd77dece9
111 changed files with 4479 additions and 156 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
meta-digi-arm/recipes-bsp/firmware-murata-infineon/firmware-murata-infineon.bb
View File

@ -1,4 +1,4 @@
# Copyright (C) 2022,2023 Digi International.
# Copyright (C) 2022,2024 Digi International Inc.
SUMMARY = "Murata Infineon firmware binaries"
SECTION = "base"
@ -6,19 +6,19 @@ LICENSE = "CYPRESS-EULA"
LIC_FILES_CHKSUM = "file://${S}/cyw-bt-patch/LICENCE.cypress;md5=cbc5f665d04f741f1e006d2096236ba7"
SRC_URI = " \
git://github.com/murata-wireless/cyw-fmac-fw;protocol=http;branch=fafnir;destsuffix=cyw-fmac-fw;name=cyw-fmac-fw \
git://github.com/murata-wireless/cyw-fmac-nvram;protocol=http;branch=fafnir;destsuffix=cyw-fmac-nvram;name=cyw-fmac-nvram \
git://github.com/murata-wireless/cyw-bt-patch;protocol=http;branch=master;destsuffix=cyw-bt-patch;name=cyw-bt-patch \
git://github.com/murata-wireless/cyw-fmac-utils-imx32;protocol=http;branch=fafnir;destsuffix=cyw-fmac-utils-imx32;name=cyw-fmac-utils-imx32 \
git://github.com/murata-wireless/cyw-fmac-utils-imx64;protocol=http;branch=fafnir;destsuffix=cyw-fmac-utils-imx64;name=cyw-fmac-utils-imx64 \
git://github.com/murata-wireless/cyw-fmac-fw;protocol=http;branch=hedorah;destsuffix=cyw-fmac-fw;name=cyw-fmac-fw \
git://github.com/murata-wireless/cyw-fmac-nvram;protocol=http;branch=hedorah;destsuffix=cyw-fmac-nvram;name=cyw-fmac-nvram \
git://github.com/murata-wireless/cyw-bt-patch;protocol=http;branch=mickledore-hedorah;destsuffix=cyw-bt-patch;name=cyw-bt-patch \
git://github.com/murata-wireless/cyw-fmac-utils-imx32;protocol=http;branch=master;destsuffix=cyw-fmac-utils-imx32;name=cyw-fmac-utils-imx32 \
git://github.com/murata-wireless/cyw-fmac-utils-imx64;protocol=http;branch=master;destsuffix=cyw-fmac-utils-imx64;name=cyw-fmac-utils-imx64 \
file://cyfmac4373-sdio_US.clm_blob \
"
SRCREV_cyw-fmac-fw="1f83e807b8187508c811a7d91a353a768fef2d37"
SRCREV_cyw-fmac-nvram="303acf1b04441f62fbc48d278a70a099fabacb4a"
SRCREV_cyw-bt-patch="9d24c254dae92af99ddfd661a4ea30af69190038"
SRCREV_cyw-fmac-utils-imx32="e248804b6ba386fedcd462ddd9394f42f73a17af"
SRCREV_cyw-fmac-utils-imx64="1bc78d68f9609290b2f6578516011c57691f7815"
SRCREV_cyw-fmac-fw="db8deb03b8d24e5069ac4581d1c35b767012e926"
SRCREV_cyw-fmac-nvram="9b7d93eb3e13b2d2ed8ce3a01338ceb54151b77a"
SRCREV_cyw-bt-patch="3275a7036dd0d6eacecccccc760b7e7fe91a9e32"
SRCREV_cyw-fmac-utils-imx32="fcdd231e9bb23db3c93c10e5dff43a1182f220c5"
SRCREV_cyw-fmac-utils-imx64="52cc4cc6be8629781014505aa276b67e18cf6e8d"
SRCREV_default = "${AUTOREV}"

421
meta-digi-dey/recipes-connectivity/hostapd/hostapd/ccmp1/defconfig Normal file
View File

@ -0,0 +1,421 @@
# Example hostapd build time configuration
#
# This file lists the configuration options that are used when building the
# hostapd binary. All lines starting with # are ignored. Configuration option
# lines must be commented out complete, if they are not to be included, i.e.,
# just setting VARIABLE=n is not disabling that variable.
#
# This file is included in Makefile, so variables like CFLAGS and LIBS can also
# be modified from here. In most cass, these lines should use += in order not
# to override previous values of the variables.
# Driver interface for Host AP driver
CONFIG_DRIVER_HOSTAP=y
# Driver interface for wired authenticator
#CONFIG_DRIVER_WIRED=y
# Driver interface for drivers using the nl80211 kernel interface
CONFIG_DRIVER_NL80211=y
# QCA vendor extensions to nl80211
#CONFIG_DRIVER_NL80211_QCA=y
CONFIG_DRIVER_BRCM_WL=y
# driver_nl80211.c requires libnl. If you are compiling it yourself
# you may need to point hostapd to your version of libnl.
#
#CFLAGS += -I$<path to libnl include files>
#LIBS += -L$<path to libnl library files>
# Use libnl v2.0 (or 3.0) libraries.
#CONFIG_LIBNL20=y
# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored)
CONFIG_LIBNL32=y
# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
#CONFIG_DRIVER_BSD=y
#CFLAGS += -I/usr/local/include
#LIBS += -L/usr/local/lib
#LIBS_p += -L/usr/local/lib
#LIBS_c += -L/usr/local/lib
# Driver interface for no driver (e.g., RADIUS server only)
#CONFIG_DRIVER_NONE=y
# WPA2/IEEE 802.11i RSN pre-authentication
CONFIG_RSN_PREAUTH=y
# Support Operating Channel Validation
#CONFIG_OCV=y
# Integrated EAP server
CONFIG_EAP=y
# EAP Re-authentication Protocol (ERP) in integrated EAP server
CONFIG_ERP=y
# EAP-MD5 for the integrated EAP server
CONFIG_EAP_MD5=y
# EAP-TLS for the integrated EAP server
CONFIG_EAP_TLS=y
# EAP-MSCHAPv2 for the integrated EAP server
CONFIG_EAP_MSCHAPV2=y
# EAP-PEAP for the integrated EAP server
CONFIG_EAP_PEAP=y
# EAP-GTC for the integrated EAP server
CONFIG_EAP_GTC=y
# EAP-TTLS for the integrated EAP server
CONFIG_EAP_TTLS=y
# EAP-SIM for the integrated EAP server
#CONFIG_EAP_SIM=y
# EAP-AKA for the integrated EAP server
#CONFIG_EAP_AKA=y
# EAP-AKA' for the integrated EAP server
# This requires CONFIG_EAP_AKA to be enabled, too.
#CONFIG_EAP_AKA_PRIME=y
# EAP-PAX for the integrated EAP server
#CONFIG_EAP_PAX=y
# EAP-PSK for the integrated EAP server (this is _not_ needed for WPA-PSK)
#CONFIG_EAP_PSK=y
# EAP-pwd for the integrated EAP server (secure authentication with a password)
#CONFIG_EAP_PWD=y
# EAP-SAKE for the integrated EAP server
#CONFIG_EAP_SAKE=y
# EAP-GPSK for the integrated EAP server
#CONFIG_EAP_GPSK=y
# Include support for optional SHA256 cipher suite in EAP-GPSK
#CONFIG_EAP_GPSK_SHA256=y
# EAP-FAST for the integrated EAP server
#CONFIG_EAP_FAST=y
# EAP-TEAP for the integrated EAP server
# Note: The current EAP-TEAP implementation is experimental and should not be
# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
# of conflicting statements and missing details and the implementation has
# vendor specific workarounds for those and as such, may not interoperate with
# any other implementation. This should not be used for anything else than
# experimentation and interoperability testing until those issues has been
# resolved.
#CONFIG_EAP_TEAP=y
# Wi-Fi Protected Setup (WPS)
#CONFIG_WPS=y
# Enable UPnP support for external WPS Registrars
#CONFIG_WPS_UPNP=y
# Enable WPS support with NFC config method
#CONFIG_WPS_NFC=y
# EAP-IKEv2
#CONFIG_EAP_IKEV2=y
# Trusted Network Connect (EAP-TNC)
#CONFIG_EAP_TNC=y
# EAP-EKE for the integrated EAP server
#CONFIG_EAP_EKE=y
# PKCS#12 (PFX) support (used to read private key and certificate file from
# a file that usually has extension .p12 or .pfx)
CONFIG_PKCS12=y
# RADIUS authentication server. This provides access to the integrated EAP
# server from external hosts using RADIUS.
#CONFIG_RADIUS_SERVER=y
# Build IPv6 support for RADIUS operations
CONFIG_IPV6=y
# IEEE Std 802.11r-2008 (Fast BSS Transition)
#CONFIG_IEEE80211R=y
# Use the hostapd's IEEE 802.11 authentication (ACL), but without
# the IEEE 802.11 Management capability (e.g., FreeBSD/net80211)
#CONFIG_DRIVER_RADIUS_ACL=y
# Wireless Network Management (IEEE Std 802.11v-2011)
# Note: This is experimental and not complete implementation.
#CONFIG_WNM=y
# IEEE 802.11ac (Very High Throughput) support
CONFIG_IEEE80211AC=y
# IEEE 802.11ax HE support
# Note: This is experimental and work in progress. The definitions are still
# subject to change and this should not be expected to interoperate with the
# final IEEE 802.11ax version.
#CONFIG_IEEE80211AX=y
# Remove debugging code that is printing out debug messages to stdout.
# This can be used to reduce the size of the hostapd considerably if debugging
# code is not needed.
#CONFIG_NO_STDOUT_DEBUG=y
# Add support for writing debug log to a file: -f /tmp/hostapd.log
# Disabled by default.
#CONFIG_DEBUG_FILE=y
# Send debug messages to syslog instead of stdout
#CONFIG_DEBUG_SYSLOG=y
# Add support for sending all debug messages (regardless of debug verbosity)
# to the Linux kernel tracing facility. This helps debug the entire stack by
# making it easy to record everything happening from the driver up into the
# same file, e.g., using trace-cmd.
#CONFIG_DEBUG_LINUX_TRACING=y
# Remove support for RADIUS accounting
#CONFIG_NO_ACCOUNTING=y
# Remove support for RADIUS
#CONFIG_NO_RADIUS=y
# Remove support for VLANs
#CONFIG_NO_VLAN=y
# Enable support for fully dynamic VLANs. This enables hostapd to
# automatically create bridge and VLAN interfaces if necessary.
#CONFIG_FULL_DYNAMIC_VLAN=y
# Use netlink-based kernel API for VLAN operations instead of ioctl()
# Note: This requires libnl 3.1 or newer.
#CONFIG_VLAN_NETLINK=y
# Remove support for dumping internal state through control interface commands
# This can be used to reduce binary size at the cost of disabling a debugging
# option.
#CONFIG_NO_DUMP_STATE=y
# Enable tracing code for developer debugging
# This tracks use of memory allocations and other registrations and reports
# incorrect use with a backtrace of call (or allocation) location.
#CONFIG_WPA_TRACE=y
# For BSD, comment out these.
#LIBS += -lexecinfo
#LIBS_p += -lexecinfo
#LIBS_c += -lexecinfo
# Use libbfd to get more details for developer debugging
# This enables use of libbfd to get more detailed symbols for the backtraces
# generated by CONFIG_WPA_TRACE=y.
#CONFIG_WPA_TRACE_BFD=y
# For BSD, comment out these.
#LIBS += -lbfd -liberty -lz
#LIBS_p += -lbfd -liberty -lz
#LIBS_c += -lbfd -liberty -lz
# hostapd depends on strong random number generation being available from the
# operating system. os_get_random() function is used to fetch random data when
# needed, e.g., for key generation. On Linux and BSD systems, this works by
# reading /dev/urandom. It should be noted that the OS entropy pool needs to be
# properly initialized before hostapd is started. This is important especially
# on embedded devices that do not have a hardware random number generator and
# may by default start up with minimal entropy available for random number
# generation.
#
# As a safety net, hostapd is by default trying to internally collect
# additional entropy for generating random data to mix in with the data
# fetched from the OS. This by itself is not considered to be very strong, but
# it may help in cases where the system pool is not initialized properly.
# However, it is very strongly recommended that the system pool is initialized
# with enough entropy either by using hardware assisted random number
# generator or by storing state over device reboots.
#
# hostapd can be configured to maintain its own entropy store over restarts to
# enhance random number generation. This is not perfect, but it is much more
# secure than using the same sequence of random numbers after every reboot.
# This can be enabled with -e<entropy file> command line option. The specified
# file needs to be readable and writable by hostapd.
#
# If the os_get_random() is known to provide strong random data (e.g., on
# Linux/BSD, the board in question is known to have reliable source of random
# data from /dev/urandom), the internal hostapd random pool can be disabled.
# This will save some in binary size and CPU use. However, this should only be
# considered for builds that are known to be used on devices that meet the
# requirements described above.
#CONFIG_NO_RANDOM_POOL=y
# Should we attempt to use the getrandom(2) call that provides more reliable
# yet secure randomness source than /dev/random on Linux 3.17 and newer.
# Requires glibc 2.25 to build, falls back to /dev/random if unavailable.
#CONFIG_GETRANDOM=y
# Should we use poll instead of select? Select is used by default.
#CONFIG_ELOOP_POLL=y
# Should we use epoll instead of select? Select is used by default.
#CONFIG_ELOOP_EPOLL=y
# Should we use kqueue instead of select? Select is used by default.
#CONFIG_ELOOP_KQUEUE=y
# Select TLS implementation
# openssl = OpenSSL (default)
# gnutls = GnuTLS
# internal = Internal TLSv1 implementation (experimental)
# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental)
# none = Empty template
CONFIG_TLS=openssl
CONFIG_TLS_ADD_DL=y
# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
# can be enabled to get a stronger construction of messages when block ciphers
# are used.
#CONFIG_TLSV11=y
# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2)
# can be enabled to enable use of stronger crypto algorithms.
#CONFIG_TLSV12=y
# Select which ciphers to use by default with OpenSSL if the user does not
# specify them.
#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW"
# If CONFIG_TLS=internal is used, additional library and include paths are
# needed for LibTomMath. Alternatively, an integrated, minimal version of
# LibTomMath can be used. See beginning of libtommath.c for details on benefits
# and drawbacks of this option.
#CONFIG_INTERNAL_LIBTOMMATH=y
#ifndef CONFIG_INTERNAL_LIBTOMMATH
#LTM_PATH=/usr/src/libtommath-0.39
#CFLAGS += -I$(LTM_PATH)
#LIBS += -L$(LTM_PATH)
#LIBS_p += -L$(LTM_PATH)
#endif
# At the cost of about 4 kB of additional binary size, the internal LibTomMath
# can be configured to include faster routines for exptmod, sqr, and div to
# speed up DH and RSA calculation considerably
#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
# Interworking (IEEE 802.11u)
# This can be used to enable functionality to improve interworking with
# external networks.
#CONFIG_INTERWORKING=y
# Hotspot 2.0
#CONFIG_HS20=y
# Enable SQLite database support in hlr_auc_gw, EAP-SIM DB, and eap_user_file
#CONFIG_SQLITE=y
# Enable Fast Session Transfer (FST)
#CONFIG_FST=y
# Enable CLI commands for FST testing
#CONFIG_FST_TEST=y
# Testing options
# This can be used to enable some testing options (see also the example
# configuration file) that are really useful only for testing clients that
# connect to this hostapd. These options allow, for example, to drop a
# certain percentage of probe requests or auth/(re)assoc frames.
#
#CONFIG_TESTING_OPTIONS=y
# Automatic Channel Selection
# This will allow hostapd to pick the channel automatically when channel is set
# to "acs_survey" or "0". Eventually, other ACS algorithms can be added in
# similar way.
#
# Automatic selection is currently only done through initialization, later on
# we hope to do background checks to keep us moving to more ideal channels as
# time goes by. ACS is currently only supported through the nl80211 driver and
# your driver must have survey dump capability that is filled by the driver
# during scanning.
#
# You can customize the ACS survey algorithm with the hostapd.conf variable
# acs_num_scans.
#
# Supported ACS drivers:
# * ath9k
# * ath5k
# * ath10k
#
# For more details refer to:
# https://wireless.wiki.kernel.org/en/users/documentation/acs
#
#CONFIG_ACS=y
# Multiband Operation support
# These extensions facilitate efficient use of multiple frequency bands
# available to the AP and the devices that may associate with it.
#CONFIG_MBO=y
# Client Taxonomy
# Has the AP retain the Probe Request and (Re)Association Request frames from
# a client, from which a signature can be produced which can identify the model
# of client device like "Nexus 6P" or "iPhone 5s".
#CONFIG_TAXONOMY=y
# Fast Initial Link Setup (FILS) (IEEE 802.11ai)
#CONFIG_FILS=y
# FILS shared key authentication with PFS
#CONFIG_FILS_SK_PFS=y
# Include internal line edit mode in hostapd_cli. This can be used to provide
# limited command line editing and history support.
#CONFIG_WPA_CLI_EDIT=y
# Opportunistic Wireless Encryption (OWE)
# Experimental implementation of draft-harkins-owe-07.txt
CONFIG_OWE=y
# Airtime policy support
#CONFIG_AIRTIME_POLICY=y
# Override default value for the wpa_disable_eapol_key_retries configuration
# parameter. See that parameter in hostapd.conf for more details.
#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used for anything anymore. The
# functionality needed to use WEP is available in the current hostapd
# release under this optional build parameter. This functionality is subject to
# be completely removed in a future release.
#CONFIG_WEP=y
# Remove all TKIP functionality
# TKIP is an old cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used anymore. For now, the default hostapd
# build includes this to allow mixed mode WPA+WPA2 networks to be enabled, but
# that functionality is subject to be removed in the future.
#CONFIG_NO_TKIP=y
# Pre-Association Security Negotiation (PASN)
# Experimental implementation based on IEEE P802.11z/D2.6 and the protocol
# design is still subject to change. As such, this should not yet be enabled in
# production use.
# This requires CONFIG_IEEE80211W=y to be enabled, too.
#CONFIG_PASN=y
# Simultaneous Authentication of Equals (SAE), WPA3-Personal
CONFIG_SAE=y
# Set SAE Auth status early
CONFIG_WPA3_SAE_AUTH_EARLY_SET=y
# Device Provisioning Protocol (DPP) (also known as Wi-Fi Easy Connect)
CONFIG_DPP=y
# DPP version 2 support
CONFIG_DPP2=y
# DPP version 3 support (experimental and still changing; do not enable for
# production use)
#CONFIG_DPP3=y

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0003-nl80211-Report-connection-authorized-in-EVENT_ASSOC.patch
View File

@ -1,7 +1,7 @@
From 21271c00b29db8c178aa704daaf665967e141d47 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 29 Oct 2019 15:55:21 +0800
Subject: [PATCH 03/49] nl80211: Report connection authorized in EVENT_ASSOC
Subject: [PATCH 03/60] nl80211: Report connection authorized in EVENT_ASSOC
When roaming in a network that requires 802.1X authentication, device
driver could set the authorized flag if 4-way handshake offload or FT

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0005-OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch
View File

@ -1,7 +1,7 @@
From 78e7373ad2cf51a881a12e55c3db01580932539e Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Fri, 8 Nov 2019 13:23:05 -0600
Subject: [PATCH 05/49] OpenSSL: Fix build with OpenSSL 1.0.1
Subject: [PATCH 05/60] OpenSSL: Fix build with OpenSSL 1.0.1
The openssl_debug_dump_certificate_chains() implementation used
SSL_CERT_SET_FIRST and SSL_CERT_SET_NEXT, which were added in OpenSSL

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0006-nl80211-Check-SAE-authentication-offload-support.patch
View File

@ -1,7 +1,7 @@
From f6eed1d9e56502fd8cbab309e94f9787795c3e35 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 29 Oct 2019 17:13:27 +0800
Subject: [PATCH 06/49] nl80211: Check SAE authentication offload support
Subject: [PATCH 06/60] nl80211: Check SAE authentication offload support
Set WPA_DRIVER_FLAGS2_SAE_OFFLOAD flag if driver indicates SAE
authentication offload support.

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0007-SAE-Pass-SAE-password-on-connect-for-SAE-authenticat.murata.patch
View File

@ -1,7 +1,7 @@
From 417097c87d7027ad319d7e8c9931deb666779533 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 29 Oct 2019 17:22:18 +0800
Subject: [PATCH 07/49] SAE: Pass SAE password on connect for SAE
Subject: [PATCH 07/60] SAE: Pass SAE password on connect for SAE
authentication offload support
Pass SAE password on connect if driver advertises SAE authentication

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0008-nl80211-Support-4-way-handshake-offload-for-WPA-WPA2.patch
View File

@ -1,7 +1,7 @@
From 0bdd3f507d5dc92e42c72df7f4b79ffdab514fe1 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 10 Dec 2019 14:02:39 -0600
Subject: [PATCH 08/49] nl80211: Support 4-way handshake offload for
Subject: [PATCH 08/60] nl80211: Support 4-way handshake offload for
WPA/WPA2-PSK in AP mode
If driver advertises support for WPA/WPA2-PSK 4-way handshake offload in

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0009-AP-Support-4-way-handshake-offload-for-WPA-WPA2-PSK.patch
View File

@ -1,7 +1,7 @@
From 2f8529ec491389bdb41911edcf084bc643d7c9ee Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 10 Dec 2019 14:03:57 -0600
Subject: [PATCH 09/49] AP: Support 4-way handshake offload for WPA/WPA2-PSK
Subject: [PATCH 09/60] AP: Support 4-way handshake offload for WPA/WPA2-PSK
Add support for WPA/WPA2-PSK 4-way handshake offload in AP mode. In this
case, the 4-way handshake is handled by driver instead of user space.

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0010-nl80211-Support-SAE-authentication-offload-in-AP-mod.patch
View File

@ -1,7 +1,7 @@
From 89d2f8b07c948cc5fbe8767948128f487eae2ed5 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 10 Dec 2019 14:05:16 -0600
Subject: [PATCH 10/49] nl80211: Support SAE authentication offload in AP mode
Subject: [PATCH 10/60] nl80211: Support SAE authentication offload in AP mode
If driver advertises support for SAE authentication offload, pass SAE
password in NL80211_CMD_NEW_BEACON command for AP mode.

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0011-SAE-Support-SAE-authentication-offload-in-AP-mode.patch
View File

@ -1,7 +1,7 @@
From dfa364f9970f1d88782cc9a9b7292afadbf2358b Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 10 Dec 2019 14:06:20 -0600
Subject: [PATCH 11/49] SAE: Support SAE authentication offload in AP mode
Subject: [PATCH 11/60] SAE: Support SAE authentication offload in AP mode
Add support for SAE authentication offload in AP mode. In this case, the
SAE authentication process is handled by driver instead of user space.

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0013-non-upstream-defconfig_base-Add-Infineon-default-con.patch
View File

@ -1,7 +1,7 @@
From 69d18183a1df9e72371e33937c91af5b5b79a110 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <chung-hsien.hsu@infineon.com>
Date: Mon, 2 Aug 2021 14:15:06 -0500
Subject: [PATCH 13/49] non-upstream: defconfig_base: Add Infineon default
Subject: [PATCH 13/60] non-upstream: defconfig_base: Add Infineon default
configuration
Add Infineon default configuration files (defconfig_base).

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0014-CVE_2019_9501-Fix-to-check-Invalid-GTK-IE-length-in-.patch
View File

@ -1,7 +1,7 @@
From 28c5794ff336f3ec29be79197198071be9add4ac Mon Sep 17 00:00:00 2001
From: Suresh Sanaboina <suresh.sanaboina@infineon.com>
Date: Tue, 1 Feb 2022 13:02:07 +0000
Subject: [PATCH 14/49] [CVE_2019_9501] Fix to check Invalid GTK IE length in
Subject: [PATCH 14/60] [CVE_2019_9501] Fix to check Invalid GTK IE length in
M3 at STA
---

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0015-Add-CONFIG_WPA3_SAE_AUTH_EARLY_SET-flags-and-codes.murata.patch
View File

@ -1,7 +1,7 @@
From ab61a3dd6d968c62b407c170079a236194357931 Mon Sep 17 00:00:00 2001
From: Danny Chiu <Danny.Chiu@infineon.com>
Date: Thu, 4 Nov 2021 02:44:17 -0500
Subject: [PATCH 15/49] Add CONFIG_WPA3_SAE_AUTH_EARLY_SET flags and codes
Subject: [PATCH 15/60] Add CONFIG_WPA3_SAE_AUTH_EARLY_SET flags and codes
Enable this flags allow the AP to set authorization to firmware earier as the SAE confirm from is ok.
---

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0016-SAE-Set-the-right-WPA-Versions-for-FT-SAE-key-manage.patch
View File

@ -1,7 +1,7 @@
From 32ee9150ccf3f6c242ba2809aab9b9e115a9d1b5 Mon Sep 17 00:00:00 2001
From: Darren Li <hsil@cypress.com>
Date: Fri, 26 Nov 2021 02:09:03 -0600
Subject: [PATCH 16/49] SAE: Set the right WPA Versions for FT-SAE key
Subject: [PATCH 16/60] SAE: Set the right WPA Versions for FT-SAE key
management
Set the right WPA Versions for FT-SAE key management

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0017-wpa_supplicant-Support-WPA_KEY_MGMT_FT-for-eapol-off.murata.patch
View File

@ -1,7 +1,7 @@
From 6fa06f214ba1cfc4e80dc7413874175146b9c2a5 Mon Sep 17 00:00:00 2001
From: Chien-Chia Chen <carella.chen@infineon.com>
Date: Tue, 23 Nov 2021 21:29:08 -0600
Subject: [PATCH 17/49] wpa_supplicant: Support WPA_KEY_MGMT_FT for eapol
Subject: [PATCH 17/60] wpa_supplicant: Support WPA_KEY_MGMT_FT for eapol
offloading and driver base roaming
Add WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK / WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X /

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0018-wpa_supplicant-suppress-deauth-for-PMKSA-caching-dis.murata.patch
View File

@ -1,7 +1,7 @@
From 9af850cef2007cabe1bbffad3ef1d2b13396832d Mon Sep 17 00:00:00 2001
From: Darren Li <hsil@cypress.com>
Date: Tue, 22 Feb 2022 00:34:47 -0600
Subject: [PATCH 18/49] wpa_supplicant: suppress deauth for PMKSA caching
Subject: [PATCH 18/60] wpa_supplicant: suppress deauth for PMKSA caching
disabled
wpa_supplicant: Need a command/parameter suppress deauth for PMKSA caching disabled

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0019-Fix-for-PMK-expiration-issue-through-supplicant.murata.patch
View File

@ -1,7 +1,7 @@
From 5604eb8aaf8382376e6511850e70b66c6e2a22b8 Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@cypress.com>
Date: Sun, 13 Feb 2022 21:34:09 -0600
Subject: [PATCH 19/49] Fix for PMK expiration issue through supplicant
Subject: [PATCH 19/60] Fix for PMK expiration issue through supplicant
Description : Sending Deauth from AP once PMK timeout occurs, So that
STA will initiate the Auth process.

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0021-Avoid-deauthenticating-STA-if-the-reason-for-freeing.patch
View File

@ -1,7 +1,7 @@
From ed487600a81fa99688201a50176072555c90e690 Mon Sep 17 00:00:00 2001
From: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
Date: Mon, 25 Apr 2022 18:35:14 +0530
Subject: [PATCH 21/49] Avoid deauthenticating STA if the reason for freeing
Subject: [PATCH 21/60] Avoid deauthenticating STA if the reason for freeing
PMK entry isn't expiry
The PMK cache entry for a STA in the SoftAP managed by wpa_supplicant

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0022-wpa_supplicant-support-bgscan.patch
View File

@ -1,7 +1,7 @@
From cfa528ffe320ac638ca72e87751f76444669c48e Mon Sep 17 00:00:00 2001
From: Ian Lin <ian.lin@infineon.com>
Date: Fri, 20 May 2022 03:00:37 -0500
Subject: [PATCH 22/49] wpa_supplicant: support bgscan
Subject: [PATCH 22/60] wpa_supplicant: support bgscan
Modify defconfig_base to support bgscan feature

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0023-non-upstream-wl-cmd-create-interface-to-support-driv.murata.patch
View File

@ -1,7 +1,7 @@
From 1cfe2ac93a1b50a6fd2f6d0022ece6e0f2a91259 Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@cypress.com>
Date: Sun, 10 Apr 2022 22:10:51 -0500
Subject: [PATCH 23/49] non-upstream: wl-cmd: create interface to support
Subject: [PATCH 23/60] non-upstream: wl-cmd: create interface to support
driver priv command
1. Create "wl" command interface to set/get driver information

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0024-non-upstream-wl-cmd-create-wl_do_cmd-as-an-entry-doi.patch
View File

@ -1,7 +1,7 @@
From ea5cd91f744dc3c5ebf8e5b8cf1746bec41c1d19 Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@infineon.com>
Date: Tue, 26 Apr 2022 03:02:12 -0500
Subject: [PATCH 24/49] non-upstream: wl-cmd: create wl_do_cmd as an entry
Subject: [PATCH 24/60] non-upstream: wl-cmd: create wl_do_cmd as an entry
doing wl commands
Create wl_do_cmd as an entry doing wl commands

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0025-non-upstream-wl-cmd-create-ops-table-to-do-wl-comman.patch
View File

@ -1,7 +1,7 @@
From 05b1387d4dc2e74a02cf524733d809acc4fd46fb Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@infineon.com>
Date: Wed, 27 Apr 2022 22:50:25 -0500
Subject: [PATCH 25/49] non-upstream: wl-cmd: create ops table to do wl
Subject: [PATCH 25/60] non-upstream: wl-cmd: create ops table to do wl
commands
Creeate wl_cmds to handle wl commands

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0026-non-upstream-wl-cmd-add-more-compile-flag.murata.patch
View File

@ -1,7 +1,7 @@
From a6028c58032672f86c9fe87ba3abbd31c79166e3 Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@infineon.com>
Date: Wed, 25 May 2022 19:12:47 -0500
Subject: [PATCH 26/49] non-upstream: wl-cmd: add more compile flag
Subject: [PATCH 26/60] non-upstream: wl-cmd: add more compile flag
add more CONFIG_DRIVER_BRCM_WL to separeta this feature

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0027-Fix-dpp-config-parameter-setting.patch
View File

@ -1,7 +1,7 @@
From e2fb675883cf00992ce51e91a3e2055c898ae3e6 Mon Sep 17 00:00:00 2001
From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" <amar.shankar@infineon.com>
Date: Mon, 20 Jun 2022 05:57:46 +0000
Subject: [PATCH 27/49] Fix dpp config parameter setting
Subject: [PATCH 27/60] Fix dpp config parameter setting
---
src/common/dpp.c | 7 ++++---

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0028-DPP-Resolving-failure-of-dpp-configurator-exchange-f.patch
View File

@ -1,7 +1,7 @@
From b19b6f1165800106ccd941b6042ea804bfa95d5f Mon Sep 17 00:00:00 2001
From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" <amar.shankar@infineon.com>
Date: Thu, 30 Jun 2022 08:01:45 +0000
Subject: [PATCH 28/49] DPP: Resolving failure of dpp configurator exchange for
Subject: [PATCH 28/60] DPP: Resolving failure of dpp configurator exchange for
configurator plus initiator in AP role with fmac
---

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0029-Enabling-SUITEB192-and-SUITEB-compile-options.patch
View File

@ -1,7 +1,7 @@
From 7d621a129690b061afd61e8bd21d9b816f09d8ac Mon Sep 17 00:00:00 2001
From: Carter Chen <carter.chen@infineon.com>
Date: Mon, 4 Jul 2022 02:19:48 -0500
Subject: [PATCH 29/49] Enabling SUITEB192 and SUITEB compile options
Subject: [PATCH 29/60] Enabling SUITEB192 and SUITEB compile options
Enabling the compile options for SUITEB and SUITEB-192 related
configurations and wpa_cli commands.

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0030-DPP-Enabling-CLI_EDIT-option-for-enrollee-plus-respo.patch
View File

@ -1,7 +1,7 @@
From 621de92cbd36719e3febe385411a65ccfa646344 Mon Sep 17 00:00:00 2001
From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" <amar.shankar@infineon.com>
Date: Fri, 22 Jul 2022 07:52:30 +0000
Subject: [PATCH 30/49] DPP: Enabling CLI_EDIT option for enrollee plus
Subject: [PATCH 30/60] DPP: Enabling CLI_EDIT option for enrollee plus
responder in STA role with fmac
---

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0032-non-upstream-SAE-disconnect-after-PMKSA-cache-expire.patch
View File

@ -1,7 +1,7 @@
From 65ed1eadc11b838a4ba223648bfd3d87bf492319 Mon Sep 17 00:00:00 2001
From: Ian Lin <ian.lin@infineon.com>
Date: Mon, 18 Jul 2022 00:49:49 -0500
Subject: [PATCH 32/49] non-upstream: SAE: disconnect after PMKSA cache expire
Subject: [PATCH 32/60] non-upstream: SAE: disconnect after PMKSA cache expire
If the dot11RSNAConfigPMKLifetime is set, skip the flow of postponing
the expiration in b0f457b6 and run disconnect flow.

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0034-wpa_supplicant-Set-PMKSA-to-driver-while-key-mgmt-is.patch
View File

@ -1,7 +1,7 @@
From da53435d4d11db827e3661be372e7b9773eaa842 Mon Sep 17 00:00:00 2001
From: JasonHuang <Jason.Huang2@infineon.com>
Date: Thu, 8 Sep 2022 03:26:23 -0500
Subject: [PATCH 34/49] wpa_supplicant: Set PMKSA to driver while key mgmt is
Subject: [PATCH 34/60] wpa_supplicant: Set PMKSA to driver while key mgmt is
FT
When the fast roaming is determined by the firmware, the

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0035-nl80211-Set-NL80211_SCAN_FLAG_COLOCATED_6GHZ-in-scan.murata.patch
View File

@ -1,7 +1,7 @@
From 2173b4648a59f7ab499b7974189f2ba025b6a25e Mon Sep 17 00:00:00 2001
From: Tova Mussai <tova.mussai@intel.com>
Date: Sun, 24 Apr 2022 12:57:52 +0300
Subject: [PATCH 35/49] nl80211: Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in scan
Subject: [PATCH 35/60] nl80211: Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in scan
Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in the scan parameters to enable
scanning for co-located APs discovered based on neighbor reports from

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0037-Enabling-OWE-in-wpa_supplicant.patch
View File

@ -1,7 +1,7 @@
From 4a920e2446cff3f215614d63798e675bb5e25549 Mon Sep 17 00:00:00 2001
From: Carter Chen <carter.chen@infineon.com>
Date: Wed, 19 Oct 2022 03:29:39 -0500
Subject: [PATCH 37/49] Enabling OWE in wpa_supplicant
Subject: [PATCH 37/60] Enabling OWE in wpa_supplicant
Enabling the compile options for OWE.

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0039-FT-Sync-nl80211-ext-feature-index.patch
View File

@ -1,7 +1,7 @@
From 7076f7634cc9d7a88f009c448ada307841b42a2a Mon Sep 17 00:00:00 2001
From: JasonHuang <Jason.Huang2@infineon.com>
Date: Sun, 30 Oct 2022 21:58:34 -0500
Subject: [PATCH 39/49] FT: Sync nl80211 ext feature index
Subject: [PATCH 39/60] FT: Sync nl80211 ext feature index
The backports-5.15.58 has been used. Supplicant should sync the
nl80211_ext_feature_index with backports to avoid unexpected fail.

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0040-nl80211-Introduce-a-vendor-header-for-vendor-NL-ifac.patch
View File

@ -1,7 +1,7 @@
From 62c82984916623e6e00053dcb148de71d24bdaf5 Mon Sep 17 00:00:00 2001
From: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
Date: Mon, 11 Jul 2022 11:15:25 +0530
Subject: [PATCH 40/49] nl80211: Introduce a vendor header for vendor NL iface
Subject: [PATCH 40/60] nl80211: Introduce a vendor header for vendor NL iface
to DRV with OUI_IFX
So far, the proprietary configurations are done either through the private

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0041-add-support-to-offload-TWT-setup-request-handling-to.murata.patch
View File

@ -1,7 +1,7 @@
From 013beb7bc5036bf627fce3707a7a83344ffa05aa Mon Sep 17 00:00:00 2001
From: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
Date: Mon, 11 Jul 2022 11:16:37 +0530
Subject: [PATCH 41/49] add support to offload TWT setup request handling to
Subject: [PATCH 41/60] add support to offload TWT setup request handling to
the Firmware
With "TWT_SETUP" control sock cmd interface currently available in the

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0042-add-support-to-offload-TWT-Teardown-request-handling.murata.patch
View File

@ -1,7 +1,7 @@
From 9a87c940340e1c665ce7172e7df147d53d1daabe Mon Sep 17 00:00:00 2001
From: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
Date: Mon, 11 Jul 2022 11:16:50 +0530
Subject: [PATCH 42/49] add support to offload TWT Teardown request handling to
Subject: [PATCH 42/60] add support to offload TWT Teardown request handling to
the Firmware
With "TWT_TEARDOWN" control sock cmd interface currently available in the

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.murata.patch
View File

@ -1,7 +1,7 @@
From e03937fecb74cf50d70721ea2a0b14fa5e12153a Mon Sep 17 00:00:00 2001
From: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
Date: Mon, 11 Jul 2022 11:17:04 +0530
Subject: [PATCH 43/49] Add support to configure TWT of a session using offset
Subject: [PATCH 43/60] Add support to configure TWT of a session using offset
in microseconds
Introduce a new cmd line argument "twt_offset=<u64>" in the existing list

2
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch → meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch
View File

@ -1,7 +1,7 @@
From 897917008b37a16985d0f1ae9d768c6450741574 Mon Sep 17 00:00:00 2001
From: Owen Huang <Owen.Huang@infineon.com>
Date: Wed, 30 Nov 2022 01:35:58 -0600
Subject: [PATCH 48/49] Fix associating failed when PMK lifetime is set to 1
Subject: [PATCH 48/60] Fix associating failed when PMK lifetime is set to 1
In WPA3 11.1 STAUT server certificate validation test
* set dot11RSNAConfigPMKLifetime to 1

381
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.digi.patch Normal file
View File

@ -0,0 +1,381 @@
From 67be9ce68d84e2800b481123a0c140e5ad912619 Mon Sep 17 00:00:00 2001
From: Carter Chen <carter.chen@infineon.com>
Date: Wed, 14 Dec 2022 01:34:23 -0600
Subject: [PATCH 49/60] non-upstream: MBO: wpa_cli mbo command by IFX vendorID
Signed-off-by: Carter Chen <carter.chen@infineon.com>
Signed-off-by: Shelley Yang <shelley.yang@infineon.com>
---
src/common/ifx_vendor.h | 52 +++++++++++
src/drivers/driver.h | 46 ++++++++++
src/drivers/driver_nl80211.c | 141 ++++++++++++++++++++++++++++++
src/drivers/driver_nl80211.h | 1 +
src/drivers/driver_nl80211_capa.c | 3 +
5 files changed, 243 insertions(+)
diff --git a/src/common/ifx_vendor.h b/src/common/ifx_vendor.h
index aa8e83b..6cd3b87 100644
--- a/src/common/ifx_vendor.h
+++ b/src/common/ifx_vendor.h
@@ -54,10 +54,12 @@
*
* @IFX_VENDOR_SCMD_AMSDU: Vendor command to enable/disable AMSDU on all the TID queues
*
* @IFX_VENDOR_SCMD_TWT: Vendor subcommand to configure TWT
* Uses attributes defined in enum ifx_vendor_attr_twt.
+ * @IFX_VENDOR_SCMD_MBO: Vendor subcommand to configure MBO
+ * Uses attribute IFX_VENDOR_ATTR_MBO to configure.
*
* @IFX_VENDOR_SCMD_MAX: This acts as a the tail of cmds list.
* Make sure it located at the end of the list.
*/
enum ifx_nl80211_vendor_subcmds {
@@ -72,10 +74,12 @@ enum ifx_nl80211_vendor_subcmds {
/* Reserved 7-10 */
IFX_VENDOR_SCMD_MUEDCA_OPT_ENABLE = 11,
IFX_VENDOR_SCMD_LDPC_CAP = 12,
IFX_VENDOR_SCMD_AMSDU = 13,
IFX_VENDOR_SCMD_TWT = 14,
+ /* Reserved 15-17 */
+ IFX_VENDOR_SCMD_MBO = 18,
IFX_VENDOR_SCMD_MAX
};
/*
* enum ifx_vendor_attr - IFX nl80211 vendor attributes
@@ -94,10 +98,17 @@ enum ifx_vendor_attr {
IFX_VENDOR_ATTR_UNSPEC = 0,
/* Reserved 1-10 */
IFX_VENDOR_ATTR_MAX = 11
};
+enum ifx_vendor_attr_mbo {
+ IFX_VENDOR_ATTR_MBO_UNSPEC,
+ IFX_VENDOR_ATTR_MBO_CMD,
+ IFX_VENDOR_ATTR_MBO_PARAMS,
+ IFX_VENDOR_ATTR_MBO_MAX
+};
+
/*
* enum ifx_vendor_attr_twt - Attributes for the TWT vendor command
*
* @IFX_VENDOR_ATTR_TWT_UNSPEC: Reserved value 0
*
@@ -258,6 +269,47 @@ enum ifx_twt_oper_setup_cmd_type {
IFX_TWT_OPER_SETUP_CMD_TYPE_DICTATE = 6,
IFX_TWT_OPER_SETUP_CMD_TYPE_REJECT = 7,
IFX_TWT_OPER_SETUP_CMD_TYPE_MAX = 8
};
+enum ifx_mbo_config_cmd_type {
+ IFX_MBO_CONFIG_CMD_TYPE_INVALID = -1,
+ //align internal definition
+ IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF = 1,
+ IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF = 2,
+ IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF = 3,
+ IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP = 4,
+ IFX_MBO_CONFIG_CMD_DUMP_COUNTER = 5,
+ IFX_MBO_CONFIG_CMD_CLEAR_COUNTER = 6,
+ IFX_MBO_CONFIG_CMD_FORCE_ASSOC = 7,
+ IFX_MBO_CONFIG_CMD_BSSTRANS_REJ = 8,
+ IFX_MBO_CONFIG_CMD_SEND_NOTIF = 9,
+ IFX_MBO_CONFIG_CMD_CLR_CHAN_PREF = 10,
+ IFX_MBO_CONFIG_CMD_NBR_INFO_CACHE = 11,
+ IFX_MBO_CONFIG_CMD_ANQPO_SUPPORT = 12,
+ IFX_MBO_CONFIG_CMD_DBG_EVENT_CHECK = 13,
+ IFX_MBO_CONFIG_CMD_EVENT_MASK = 14,
+ IFX_MBO_CONFIG_CMD_ASSOC_DISALLOWED = 15,
+ IFX_MBO_CONFIG_CMD_CELLULAR_DATA_PREF = 16,
+ IFX_MBO_CONFIG_CMD_TYPE_MAX = 17
+};
+
+enum ifx_vendor_attr_mbo_param {
+ IFX_VENDOR_ATTR_MBO_PARAM_UNSPEC,
+ IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS,
+ IFX_VENDOR_ATTR_MBO_PARAM_CHAN,
+ IFX_VENDOR_ATTR_MBO_PARAM_PREFERENCE,
+ IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE,
+ IFX_VENDOR_ATTR_MBO_PARAM_CELL_DATA_CAP,
+ IFX_VENDOR_ATTR_MBO_PARAM_COUNTERS,
+ IFX_VENDOR_ATTR_MBO_PARAM_ENABLE,
+ IFX_VENDOR_ATTR_MBO_PARAM_SUB_ELEM_TYPE,
+ IFX_VENDOR_ATTR_MBO_PARAM_BTQ_TRIG_START_OFFSET,
+ IFX_VENDOR_ATTR_MBO_PARAM_BTQ_TRIG_RSSI_DELTA,
+ IFX_VENDOR_ATTR_MBO_PARAM_ANQP_CELL_SUPP,
+ IFX_VENDOR_ATTR_MBO_PARAM_BIT_MASK,
+ IFX_VENDOR_ATTR_MBO_PARAM_ASSOC_DISALLOWED,
+ IFX_VENDOR_ATTR_MBO_PARAM_CELLULAR_DATA_PREF,
+ IFX_VENDOR_ATTR_MBO_PARAM_MAX
+};
+
#endif /* IFX_VENDOR_H */
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 23f599b..996614e 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -2551,10 +2551,55 @@ struct drv_teardown_twt_params {
u8 flow_id;
u8 bcast_twt_id;
u8 teardown_all_twt;
};
#endif /* CONFIG_TWT_OFFLOAD_IFX */
+
+struct drv_config_mbo_params {
+ u8 cmd;
+ union {
+ struct {
+ u8 op_class;
+ u8 chan;
+ u8 pref_val;
+ u8 reason;
+ } add_chan_pref;
+ struct {
+ u8 op_class;
+ u8 chan;
+ } del_chan_pref;
+ struct {
+ u8 cap;
+ } cell_data_cap;
+ struct {
+ u8 enable;
+ } force_assoc;
+ struct {
+ u8 enable;
+ u8 reason;
+ } bsstrans_reject;
+ struct {
+ u8 type;
+ } send_notif;
+ struct {
+ u8 enable;
+ u8 t_offset;
+ u8 trig_delta;
+ } nbr_info_cache;
+ struct {
+ u8 enable;
+ u8 value;
+ } anqpo_support;
+ struct {
+ u8 disallow;
+ u8 reason;
+ } assoc_disallow;
+ struct {
+ u8 pref_value;
+ } cellular_pref;
+ } u;
+};
#endif /* CONFIG_DRIVER_NL80211_IFX */
struct wpa_bss_trans_info {
u8 mbo_transition_reason;
u8 n_candidates;
@@ -4679,10 +4724,11 @@ struct wpa_driver_ops {
* teardown_twt - Teardown the already negotiated TWT session
* @params: Teardown TWT params
*/
int (*teardown_twt)(void *priv, struct drv_teardown_twt_params *params);
#endif /* CONFIG_TWT_OFFLOAD_IFX */
+ int (*config_mbo)(void *priv, struct drv_config_mbo_params *params);
#endif /* CONFIG_DRIVER_NL80211_IFX */
};
/**
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 3d98e59..506b1e4 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -12471,10 +12471,150 @@ fail:
nl80211_nlmsg_clear(msg);
nlmsg_free(msg);
return ret;
}
#endif /* CONFIG_TWT_OFFLOAD_IFX */
+
+static int wpa_driver_nl80211_config_mbo(void *priv, struct drv_config_mbo_params *params)
+{
+ struct i802_bss *bss = priv;
+ struct wpa_driver_nl80211_data *drv = bss->drv;
+ struct nl_msg *msg = NULL;
+ struct nlattr *data, *mbo_param_attrs;
+ int ret = -1;
+
+ if (!drv->ifx_mbo_offload)
+ goto fail;
+
+ if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
+ nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_IFX) ||
+ nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, IFX_VENDOR_SCMD_MBO))
+ goto fail;
+
+ data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
+ if (!data)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_CMD, params->cmd))
+ goto fail;
+
+ switch (params->cmd) {
+ case IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS,
+ params->u.add_chan_pref.op_class) ||
+ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CHAN,
+ params->u.add_chan_pref.chan) ||
+ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_PREFERENCE,
+ params->u.add_chan_pref.pref_val) ||
+ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE,
+ params->u.add_chan_pref.reason)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS,
+ params->u.del_chan_pref.op_class) ||
+ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CHAN,
+ params->u.del_chan_pref.chan)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CELL_DATA_CAP,
+ params->u.cell_data_cap.cap)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_FORCE_ASSOC:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_ENABLE,
+ params->u.force_assoc.enable)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_FORCE_ASSOC msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_BSSTRANS_REJ:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_ENABLE,
+ params->u.bsstrans_reject.enable) ||
+ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE,
+ params->u.bsstrans_reject.reason)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_SEND_NOTIF:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_SUB_ELEM_TYPE,
+ params->u.send_notif.type)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_FORCE_ASSOC msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF:
+ case IFX_MBO_CONFIG_CMD_DUMP_COUNTER:
+ case IFX_MBO_CONFIG_CMD_CLEAR_COUNTER:
+ wpa_printf(MSG_DEBUG,
+ "MBO config: cmd %d doesn't need extra attribute",
+ params->cmd);
+ break;
+ default:
+ break;
+ }
+
+ nla_nest_end(msg, data);
+
+ ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
+ if (ret) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: Failed to invoke driver "
+ "MBO config function: %s",
+ strerror(-ret));
+ }
+
+ return ret;
+fail:
+ nl80211_nlmsg_clear(msg);
+ nlmsg_free(msg);
+ return ret;
+}
#endif /* CONFIG_DRIVER_NL80211_IFX */
const struct wpa_driver_ops wpa_driver_nl80211_ops = {
.name = "nl80211",
.desc = "Linux nl80211/cfg80211",
@@ -12622,7 +12762,8 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = {
#ifdef CONFIG_DRIVER_NL80211_IFX
#ifdef CONFIG_TWT_OFFLOAD_IFX
.setup_twt = wpa_driver_nl80211_setup_twt,
.teardown_twt = wpa_driver_nl80211_teardown_twt,
#endif /* CONFIG_TWT_OFFLOAD_IFX */
+ .config_mbo = wpa_driver_nl80211_config_mbo,
#endif /* CONFIG_DRIVER_NL80211_IFX */
};
diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h
index f681afb..6d2c094 100644
--- a/src/drivers/driver_nl80211.h
+++ b/src/drivers/driver_nl80211.h
@@ -180,10 +180,11 @@ struct wpa_driver_nl80211_data {
unsigned int unsol_bcast_probe_resp:1;
unsigned int qca_do_acs:1;
unsigned int brcm_do_acs:1;
#ifdef CONFIG_DRIVER_NL80211_IFX
unsigned int ifx_twt_offload:1;
+ unsigned int ifx_mbo_offload:1;
#endif /* CONFIG_DRIVER_NL80211_IFX */
u64 vendor_scan_cookie;
u64 remain_on_chan_cookie;
u64 send_frame_cookie;
diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index 19d1569..b0807a7 100644
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -1057,10 +1057,13 @@ static int wiphy_info_handler(struct nl_msg *msg, void *arg)
} else if (vinfo->vendor_id == OUI_IFX) {
switch (vinfo->subcmd) {
case IFX_VENDOR_SCMD_TWT:
drv->ifx_twt_offload = 1;
break;
+ case IFX_VENDOR_SCMD_MBO:
+ drv->ifx_mbo_offload = 1;
+ break;
}
#endif /* CONFIG_DRIVER_NL80211_IFX */
}
wpa_printf(MSG_DEBUG, "nl80211: Supported vendor command: vendor_id=0x%x subcmd=%u",

48
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.digi.patch Normal file
View File

@ -0,0 +1,48 @@
From cfaf2f6273ddd9ac618c61bc2294fb60297100a7 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <quic_jouni@quicinc.com>
Date: Wed, 6 Apr 2022 16:13:22 +0300
Subject: [PATCH 50/60] EAP-TLS: Allow TLSv1.3 support to be enabled with build
config
The default behavior in wpa_supplicant is to disable use of TLSv1.3 in
EAP-TLS unless explicitly enabled in network configuration. The new
CONFIG_EAP_TLSV1_3=y build parameter can be used to change this to
enable TLSv1.3 by default (if supported by the TLS library).
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
---
src/eap_peer/eap_tls_common.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c
index c1837db..5fb8945 100644
--- a/src/eap_peer/eap_tls_common.c
+++ b/src/eap_peer/eap_tls_common.c
@@ -192,18 +192,20 @@ static int eap_tls_params_from_conf(struct eap_sm *sm,
* TLS v1.3 changes, so disable this by default for now. */
params->flags |= TLS_CONN_DISABLE_TLSv1_3;
}
+#ifndef EAP_TLSV1_3
if (data->eap_type == EAP_TYPE_TLS ||
data->eap_type == EAP_UNAUTH_TLS_TYPE ||
data->eap_type == EAP_WFA_UNAUTH_TLS_TYPE) {
/* While the current EAP-TLS implementation is more or less
- * complete for TLS v1.3, there has been no interoperability
- * testing with other implementations, so disable for by default
- * for now until there has been chance to confirm that no
- * significant interoperability issues show up with TLS version
- * update.
+ * complete for TLS v1.3, there has been only minimal
+ * interoperability testing with other implementations, so
+ * disable it by default for now until there has been chance to
+ * confirm that no significant interoperability issues show up
+ * with TLS version update.
*/
params->flags |= TLS_CONN_DISABLE_TLSv1_3;
}
+#endif /* EAP_TLSV1_3 */
if (phase2 && sm->use_machine_cred) {
wpa_printf(MSG_DEBUG, "TLS: using machine config options");
eap_tls_params_from_conf2m(params, config);
--
2.43.0

31
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0052-Disable-4-way-handshake-offload-for-DPP.patch Normal file
View File

@ -0,0 +1,31 @@
From e533a201ebe00eb208509117b3b69b3e58f34633 Mon Sep 17 00:00:00 2001
From: avishad verma <avishad.verma@infineon.com>
Date: Tue, 7 Mar 2023 04:44:25 -0600
Subject: [PATCH 52/60] Disable 4-way handshake offload for DPP
H1 combo is using internal supplicant and 4-way handshake is offloaded
to firmware for softap mode.
For DPP Softap role external supplicant will be used.
Signed-off-by: avishad verma <avishad.verma@infineon.com>
---
src/ap/wpa_auth_glue.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c
index c8dee2aef..7e3b8384f 100644
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -1529,6 +1529,9 @@ int hostapd_setup_wpa(struct hostapd_data *hapd)
!!(hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_PROT_RANGE_NEG);
if (!hapd->conf->p2p &&
+#ifdef CONFIG_DPP
+ (!(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP)) &&
+#endif /* CONFIG_DPP */
(hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_4WAY_HANDSHAKE_AP_PSK))
_conf.psk_4way_hs_offload = 1;
--
2.17.1

283
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.digi.patch Normal file
View File

@ -0,0 +1,283 @@
From 54929427eb8af4affaf8017bc8d127cc7c629581 Mon Sep 17 00:00:00 2001
From: Shelley Yang <shelley.yang@infineon.com>
Date: Wed, 29 Mar 2023 03:28:59 -0500
Subject: [PATCH 53/60] non-upstream: WNM: wpa_cli wnm_maxilde command by IFX
vendorID
1. set
before: wl wnm_maxidle 10 1
after: wpa_cli wnm_maxidle period=10 option=1
2. get
before: wl wnm_maxidle
after: wpa_cli wnm_maxidle
Fixes: SWWLAN-145213
Signed-off-by: Shelley Yang <shelley.yang@infineon.com>
---
src/common/ifx_vendor.h | 55 ++++++++++++++++++
src/drivers/driver.h | 7 +++
src/drivers/driver_nl80211.c | 92 +++++++++++++++++++++++++++++++
src/drivers/driver_nl80211.h | 1 +
src/drivers/driver_nl80211_capa.c | 3 +
5 files changed, 158 insertions(+)
diff --git a/src/common/ifx_vendor.h b/src/common/ifx_vendor.h
index 6cd3b87..2fed69c 100644
--- a/src/common/ifx_vendor.h
+++ b/src/common/ifx_vendor.h
@@ -76,10 +76,11 @@ enum ifx_nl80211_vendor_subcmds {
IFX_VENDOR_SCMD_LDPC_CAP = 12,
IFX_VENDOR_SCMD_AMSDU = 13,
IFX_VENDOR_SCMD_TWT = 14,
/* Reserved 15-17 */
IFX_VENDOR_SCMD_MBO = 18,
+ IFX_VENDOR_SCMD_WNM = 25,
IFX_VENDOR_SCMD_MAX
};
/*
* enum ifx_vendor_attr - IFX nl80211 vendor attributes
@@ -310,6 +311,60 @@ enum ifx_vendor_attr_mbo_param {
IFX_VENDOR_ATTR_MBO_PARAM_ASSOC_DISALLOWED,
IFX_VENDOR_ATTR_MBO_PARAM_CELLULAR_DATA_PREF,
IFX_VENDOR_ATTR_MBO_PARAM_MAX
};
+enum ifx_vendor_attr_wnm {
+ IFX_VENDOR_ATTR_WNM_UNSPEC,
+ IFX_VENDOR_ATTR_WNM_CMD,
+ IFX_VENDOR_ATTR_WNM_PARAMS,
+ IFX_VENDOR_ATTR_WNM_MAX
+};
+
+enum ifx_wnm_config_cmd_type {
+ IFX_WNM_CONFIG_CMD_TYPE_INVALID = -1,
+ //align internal definition
+ IFX_WNM_CONFIG_CMD_IOV_WNM = 1,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_MAXIDLE = 2,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_TIMBC_OFFSET = 3,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_URL = 4,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_REQ = 5,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_TCLASTYPE = 6,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_PARP_DISCARD = 7,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_PARP_ALLNODE = 8,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_TIMBC_SET = 9,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_TIMBC_STATUS = 10,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_SET = 11,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_TERM = 12,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_SERVICE_TERM = 13,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_SLEEP_INTV = 14,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_SLEEP_MODE = 15,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_QUERY = 16,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_RESP = 17,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_TCLAS_ADD = 18,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_TCLAS_DEL = 19,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_TCLAS_LIST = 20,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_STATUS = 21,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_KEEPALIVES_MAX_IDLE = 22,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_PM_IGNORE_BCMC = 23,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_DEPENDENCY = 24,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_ROAMTHROTTLE = 25,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_SET = 26,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_TERM = 27,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_STATUS = 28,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_BTQ_NBR_ADD = 29,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_BTQ_NBR_DEL = 30,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_BTQ_NBR_LIST = 31,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_RSSI_RATE_MAP = 32,
+ IFX_WNM_CONFIG_CMD_IOV_WNM_KEEPALIVE_PKT_TYPE = 33,
+ IFX_WNM_CONFIG_CMD_TYPE_MAX
+};
+
+enum ifx_vendor_attr_wnm_maxidle_param {
+ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_UNSPEC,
+ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_GET_INFO,
+ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_IDLE_PERIOD,
+ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_PROTECTION_OPT,
+ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_MAX
+};
+
#endif /* IFX_VENDOR_H */
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 996614e..d75abbd 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -2596,10 +2596,16 @@ struct drv_config_mbo_params {
struct {
u8 pref_value;
} cellular_pref;
} u;
};
+
+struct drv_maxidle_wnm_params {
+ u8 get_info;
+ int period;
+ int protect;
+};
#endif /* CONFIG_DRIVER_NL80211_IFX */
struct wpa_bss_trans_info {
u8 mbo_transition_reason;
u8 n_candidates;
@@ -4725,10 +4731,11 @@ struct wpa_driver_ops {
* @params: Teardown TWT params
*/
int (*teardown_twt)(void *priv, struct drv_teardown_twt_params *params);
#endif /* CONFIG_TWT_OFFLOAD_IFX */
int (*config_mbo)(void *priv, struct drv_config_mbo_params *params);
+ int (*maxidle_wnm)(void *priv, struct drv_maxidle_wnm_params *params);
#endif /* CONFIG_DRIVER_NL80211_IFX */
};
/**
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 506b1e4..ed7c969 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -12611,10 +12611,101 @@ static int wpa_driver_nl80211_config_mbo(void *priv, struct drv_config_mbo_param
fail:
nl80211_nlmsg_clear(msg);
nlmsg_free(msg);
return ret;
}
+
+static int wpa_driver_nl80211_maxidle_wnm_reply_handler(struct nl_msg *msg, void *arg)
+{
+ struct nlattr *tb_msg[NL80211_ATTR_MAX + 1];
+ struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
+ char *buf = arg;
+ char *data;
+ int len;
+
+ wpa_printf(MSG_INFO, "nl80211: maxidle_wnm command reply handler");
+
+ nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
+ genlmsg_attrlen(gnlh, 0), NULL);
+
+ if (tb_msg[NL80211_ATTR_VENDOR_DATA]) {
+ data = (char *)((char *)tb_msg[NL80211_ATTR_VENDOR_DATA] + GENL_HDRLEN);
+ len = nla_len(tb_msg[NL80211_ATTR_VENDOR_DATA]);
+ os_memcpy(buf, data, len);
+ }
+ return NL_SKIP;
+}
+
+static int wpa_driver_nl80211_config_maxidle_wnm(void *priv, struct drv_maxidle_wnm_params *params)
+{
+ struct i802_bss *bss = priv;
+ struct wpa_driver_nl80211_data *drv = bss->drv;
+ struct nl_msg *msg = NULL;
+ struct nlattr *data, *wnm_param_attrs;
+ int ret = -1, get_period = 0;
+
+ if (!drv->ifx_wnm_offload)
+ goto fail;
+
+ if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
+ nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_IFX) ||
+ nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, IFX_VENDOR_SCMD_WNM))
+ goto fail;
+
+ data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
+ if (!data)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_CMD, IFX_WNM_CONFIG_CMD_IOV_WNM_MAXIDLE))
+ goto fail;
+
+ wnm_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_WNM_PARAMS);
+ if (!wnm_param_attrs)
+ goto fail;
+
+ if (params->get_info) {
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_GET_INFO,
+ params->get_info)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: WNM config: build msg ATTR:%d failed",
+ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_GET_INFO);
+ goto fail;
+ }
+ } else {
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_IDLE_PERIOD,
+ params->period) ||
+ nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_PROTECTION_OPT,
+ params->protect)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: WNM config: build ATTR:%d %d failed",
+ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_IDLE_PERIOD,
+ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_PROTECTION_OPT);
+ goto fail;
+ }
+ }
+ nla_nest_end(msg, wnm_param_attrs);
+ nla_nest_end(msg, data);
+
+ if (params->get_info)
+ ret = send_and_recv_msgs(drv, msg, wpa_driver_nl80211_maxidle_wnm_reply_handler,
+ &get_period, NULL, NULL);
+ else
+ ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
+
+ if (ret)
+ wpa_printf(MSG_ERROR, "nl80211: WNM maxidle: Failed to invoke driver %s",
+ strerror(-ret));
+ else
+ if (params->get_info)
+ params->period = get_period;
+
+ return ret;
+fail:
+ nl80211_nlmsg_clear(msg);
+ nlmsg_free(msg);
+ return ret;
+}
#endif /* CONFIG_DRIVER_NL80211_IFX */
const struct wpa_driver_ops wpa_driver_nl80211_ops = {
.name = "nl80211",
.desc = "Linux nl80211/cfg80211",
@@ -12763,7 +12854,8 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = {
#ifdef CONFIG_TWT_OFFLOAD_IFX
.setup_twt = wpa_driver_nl80211_setup_twt,
.teardown_twt = wpa_driver_nl80211_teardown_twt,
#endif /* CONFIG_TWT_OFFLOAD_IFX */
.config_mbo = wpa_driver_nl80211_config_mbo,
+ .maxidle_wnm = wpa_driver_nl80211_config_maxidle_wnm,
#endif /* CONFIG_DRIVER_NL80211_IFX */
};
diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h
index 6d2c094..6d9945c 100644
--- a/src/drivers/driver_nl80211.h
+++ b/src/drivers/driver_nl80211.h
@@ -181,10 +181,11 @@ struct wpa_driver_nl80211_data {
unsigned int qca_do_acs:1;
unsigned int brcm_do_acs:1;
#ifdef CONFIG_DRIVER_NL80211_IFX
unsigned int ifx_twt_offload:1;
unsigned int ifx_mbo_offload:1;
+ unsigned int ifx_wnm_offload:1;
#endif /* CONFIG_DRIVER_NL80211_IFX */
u64 vendor_scan_cookie;
u64 remain_on_chan_cookie;
u64 send_frame_cookie;
diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index b0807a7..21b9c03 100644
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -1060,10 +1060,13 @@ static int wiphy_info_handler(struct nl_msg *msg, void *arg)
drv->ifx_twt_offload = 1;
break;
case IFX_VENDOR_SCMD_MBO:
drv->ifx_mbo_offload = 1;
break;
+ case IFX_VENDOR_SCMD_WNM:
+ drv->ifx_wnm_offload = 1;
+ break;
}
#endif /* CONFIG_DRIVER_NL80211_IFX */
}
wpa_printf(MSG_DEBUG, "nl80211: Supported vendor command: vendor_id=0x%x subcmd=%u",

170
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch Normal file
View File

@ -0,0 +1,170 @@
From b3165e0a92a3090a99ef396e77fa90b7e61d6558 Mon Sep 17 00:00:00 2001
From: Carter Chen <carter.chen@infineon.com>
Date: Wed, 3 May 2023 21:13:26 -0500
Subject: [PATCH 54/60] brcmfmac: sync content of nl80211_copy.h for BSS_COLOR
attributes
sync the nl80211.h as of 0d2ab3aea in brcm80211
Signed-off-by: Carter Chen <carter.chen@infineon.com>
---
src/drivers/driver_nl80211_event.c | 5 +++
src/drivers/nl80211_copy.h | 56 ++++++++++++++++++++++++++++--
2 files changed, 59 insertions(+), 2 deletions(-)
diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c
index fe91fff90..d3cb8d882 100644
--- a/src/drivers/driver_nl80211_event.c
+++ b/src/drivers/driver_nl80211_event.c
@@ -172,6 +172,11 @@ static const char * nl80211_command_to_string(enum nl80211_commands cmd)
C2S(NL80211_CMD_UNPROT_BEACON)
C2S(NL80211_CMD_CONTROL_PORT_FRAME_TX_STATUS)
C2S(NL80211_CMD_SET_SAR_SPECS)
+ C2S(NL80211_CMD_OBSS_COLOR_COLLISION)
+ C2S(NL80211_CMD_COLOR_CHANGE_REQUEST)
+ C2S(NL80211_CMD_COLOR_CHANGE_STARTED)
+ C2S(NL80211_CMD_COLOR_CHANGE_ABORTED)
+ C2S(NL80211_CMD_COLOR_CHANGE_COMPLETED)
C2S(__NL80211_CMD_AFTER_LAST)
}
#undef C2S
diff --git a/src/drivers/nl80211_copy.h b/src/drivers/nl80211_copy.h
index db5b1503d..ee80ae025 100644
--- a/src/drivers/nl80211_copy.h
+++ b/src/drivers/nl80211_copy.h
@@ -11,7 +11,7 @@
* Copyright 2008 Jouni Malinen <jouni.malinen@atheros.com>
* Copyright 2008 Colin McCabe <colin@cozybit.com>
* Copyright 2015-2017 Intel Deutschland GmbH
- * Copyright (C) 2018-2020 Intel Corporation
+ * Copyright (C) 2018-2021 Intel Corporation
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -1185,6 +1185,21 @@
* passed using %NL80211_ATTR_SAR_SPEC. %NL80211_ATTR_WIPHY is used to
* specify the wiphy index to be applied to.
*
+ * @NL80211_CMD_OBSS_COLOR_COLLISION: This notification is sent out whenever
+ * mac80211/drv detects a bss color collision.
+ *
+ * @NL80211_CMD_COLOR_CHANGE_REQUEST: This command is used to indicate that
+ * userspace wants to change the BSS color.
+ *
+ * @NL80211_CMD_COLOR_CHANGE_STARTED: Notify userland, that a color change has
+ * started
+ *
+ * @NL80211_CMD_COLOR_CHANGE_ABORTED: Notify userland, that the color change has
+ * been aborted
+ *
+ * @NL80211_CMD_COLOR_CHANGE_COMPLETED: Notify userland that the color change
+ * has completed
+ *
* @NL80211_CMD_MAX: highest used command number
* @__NL80211_CMD_AFTER_LAST: internal use
*/
@@ -1417,6 +1432,14 @@ enum nl80211_commands {
NL80211_CMD_SET_SAR_SPECS,
+ NL80211_CMD_OBSS_COLOR_COLLISION,
+
+ NL80211_CMD_COLOR_CHANGE_REQUEST,
+
+ NL80211_CMD_COLOR_CHANGE_STARTED,
+ NL80211_CMD_COLOR_CHANGE_ABORTED,
+ NL80211_CMD_COLOR_CHANGE_COMPLETED,
+
/* add new commands above here */
/* used to define NL80211_CMD_MAX below */
@@ -2403,7 +2426,10 @@ enum nl80211_commands {
* in %NL80211_CMD_CONNECT to indicate that for 802.1X authentication it
* wants to use the supported offload of the 4-way handshake.
* @NL80211_ATTR_PMKR0_NAME: PMK-R0 Name for offloaded FT.
- * @NL80211_ATTR_PORT_AUTHORIZED: (reserved)
+ * @NL80211_ATTR_PORT_AUTHORIZED: flag attribute used in %NL80211_CMD_ROAMED
+ * notification indicating that that 802.1X authentication was done by
+ * the driver or is not needed (because roaming used the Fast Transition
+ * protocol).
*
* @NL80211_ATTR_EXTERNAL_AUTH_ACTION: Identify the requested external
* authentication operation (u32 attribute with an
@@ -2560,6 +2586,16 @@ enum nl80211_commands {
* disassoc events to indicate that an immediate reconnect to the AP
* is desired.
*
+ * @NL80211_ATTR_OBSS_COLOR_BITMAP: bitmap of the u64 BSS colors for the
+ * %NL80211_CMD_OBSS_COLOR_COLLISION event.
+ *
+ * @NL80211_ATTR_COLOR_CHANGE_COUNT: u8 attribute specifying the number of TBTT's
+ * until the color switch event.
+ * @NL80211_ATTR_COLOR_CHANGE_COLOR: u8 attribute specifying the color that we are
+ * switching to
+ * @NL80211_ATTR_COLOR_CHANGE_ELEMS: Nested set of attributes containing the IE
+ * information for the time while performing a color switch.
+ *
* @NUM_NL80211_ATTR: total number of nl80211_attrs available
* @NL80211_ATTR_MAX: highest attribute number currently defined
* @__NL80211_ATTR_AFTER_LAST: internal use
@@ -3057,6 +3093,12 @@ enum nl80211_attrs {
NL80211_ATTR_DISABLE_HE,
+ NL80211_ATTR_OBSS_COLOR_BITMAP,
+
+ NL80211_ATTR_COLOR_CHANGE_COUNT,
+ NL80211_ATTR_COLOR_CHANGE_COLOR,
+ NL80211_ATTR_COLOR_CHANGE_ELEMS,
+
/* add attributes here, update the policy in nl80211.c */
__NL80211_ATTR_AFTER_LAST,
@@ -3654,6 +3696,8 @@ enum nl80211_mpath_info {
* defined
* @NL80211_BAND_IFTYPE_ATTR_HE_6GHZ_CAPA: HE 6GHz band capabilities (__le16),
* given for all 6 GHz band channels
+ * @NL80211_BAND_IFTYPE_ATTR_VENDOR_ELEMS: vendor element capabilities that are
+ * advertised on this band/for this iftype (binary)
* @__NL80211_BAND_IFTYPE_ATTR_AFTER_LAST: internal use
*/
enum nl80211_band_iftype_attr {
@@ -3665,6 +3709,7 @@ enum nl80211_band_iftype_attr {
NL80211_BAND_IFTYPE_ATTR_HE_CAP_MCS_SET,
NL80211_BAND_IFTYPE_ATTR_HE_CAP_PPE,
NL80211_BAND_IFTYPE_ATTR_HE_6GHZ_CAPA,
+ NL80211_BAND_IFTYPE_ATTR_VENDOR_ELEMS,
/* keep last */
__NL80211_BAND_IFTYPE_ATTR_AFTER_LAST,
@@ -5950,6 +5995,9 @@ enum nl80211_feature_flags {
* frame protection for all management frames exchanged during the
* negotiation and range measurement procedure.
*
+ * @NL80211_EXT_FEATURE_BSS_COLOR: The driver supports BSS color collision
+ * detection and change announcemnts.
+ *
* @NUM_NL80211_EXT_FEATURES: number of extended features.
* @MAX_NL80211_EXT_FEATURES: highest extended feature index.
*/
@@ -6914,6 +6962,9 @@ enum nl80211_peer_measurement_ftm_capa {
* @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK: negotiate for LMR feedback. Only
* valid if either %NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED or
* %NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED is set.
+ * @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR: optional. The BSS color of the
+ * responder. Only valid if %NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED
+ * or %NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED is set.
*
* @NUM_NL80211_PMSR_FTM_REQ_ATTR: internal
* @NL80211_PMSR_FTM_REQ_ATTR_MAX: highest attribute number
@@ -6933,6 +6984,7 @@ enum nl80211_peer_measurement_ftm_req {
NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED,
NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED,
NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK,
+ NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR,
/* keep last */
NUM_NL80211_PMSR_FTM_REQ_ATTR,
--
2.17.1

37
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch Normal file
View File

@ -0,0 +1,37 @@
From 2d7ff191ddcea8740b6fb48094b87de12150c88f Mon Sep 17 00:00:00 2001
From: Carter Chen <carter.chen@infineon.com>
Date: Wed, 3 May 2023 20:43:09 -0500
Subject: [PATCH 55/60] WPA3-SAE: enable nl_connect socket while
WPA_DRIVER_FLAGS_BSS_SELECTION
The driver-base roaming uses WPA_DRIVER_FLAGS_BSS_SELECTION flag.
As the SAE is handled by wpa_supplicant,
the driver will report send_req of auth req frame.
WPA3-CERT 5.8.3 connects to PSK AP first, then roaming to SAE AP.
the nl_connect needs to keep opening to listen the event for process
auth frames.
Fixes: SWLINUX-3420
Signed-off-by: Carter Chen <carter.chen@infineon.com>
---
src/drivers/driver_nl80211.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index ed7c969c1..55b4d07dc 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -557,6 +557,7 @@ send_and_recv_msgs_connect_handle(struct wpa_driver_nl80211_data *drv,
struct nl_sock * get_connect_handle(struct i802_bss *bss)
{
if ((bss->drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) ||
+ (bss->drv->capa.flags & WPA_DRIVER_FLAGS_BSS_SELECTION) ||
bss->use_nl_connect)
return bss->nl_connect;
--
2.17.1

31
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch Normal file
View File

@ -0,0 +1,31 @@
From 8a905fcddca5936ba8873c7f0dacab7188dc6eac Mon Sep 17 00:00:00 2001
From: Carter Chen <carter.chen@infineon.com>
Date: Mon, 17 Jul 2023 22:31:46 -0500
Subject: [PATCH 56/60] OWE AP: enable OWE compile option for hostapd executing
OWE
Enabling OWE compile option
Fixes: SWLINUX-3620
Signed-off-by: Carter Chen <carter.chen@infineon.com>
---
hostapd/defconfig_base | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hostapd/defconfig_base b/hostapd/defconfig_base
index 16e8c645a..571ab6eda 100644
--- a/hostapd/defconfig_base
+++ b/hostapd/defconfig_base
@@ -374,7 +374,7 @@ CONFIG_WPA_CLI_EDIT=y
# Opportunistic Wireless Encryption (OWE)
# Experimental implementation of draft-harkins-owe-07.txt
-#CONFIG_OWE=y
+CONFIG_OWE=y
# Airtime policy support
#CONFIG_AIRTIME_POLICY=y
--
2.17.1

232
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch Normal file
View File

@ -0,0 +1,232 @@
From 8a6154044994dbeac362d76bbe5822612af64067 Mon Sep 17 00:00:00 2001
From: "Lin Ian (IFTW CSS ICW SW WFS 1)" <ian.lin-ee@infineon.com>
Date: Mon, 16 Oct 2023 09:18:19 +0000
Subject: [PATCH 57/60] DPP2.0: support DPP2.0 and add pfs init flow on
EVENT_UPDATE_DH
---
hostapd/defconfig_base | 1 +
src/ap/drv_callbacks.c | 55 ++++++++++++++++-----------
src/ap/ieee802_11.c | 70 ++++++++++++++++++++++++++++++++++-
src/ap/ieee802_11.h | 3 ++
wpa_supplicant/defconfig_base | 1 +
5 files changed, 107 insertions(+), 23 deletions(-)
diff --git a/hostapd/defconfig_base b/hostapd/defconfig_base
index 571ab6eda..eae36af0b 100644
--- a/hostapd/defconfig_base
+++ b/hostapd/defconfig_base
@@ -406,3 +406,4 @@ CONFIG_WPA3_SAE_AUTH_EARLY_SET=y
# Device Provisioning Protocol (DPP)
CONFIG_DPP=y
+CONFIG_DPP2=y
diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c
index a50e6f2af..989ba735d 100644
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -648,13 +648,12 @@ skip_wpa_check:
#endif /* CONFIG_OWE */
#ifdef CONFIG_DPP2
- dpp_pfs_free(sta->dpp_pfs);
- sta->dpp_pfs = NULL;
+ if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) &&
+ hapd->conf->dpp_netaccesskey && sta->wpa_sm &&
+ wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP &&
+ elems.owe_dh) {
- if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) &&
- hapd->conf->dpp_netaccesskey && sta->wpa_sm &&
- wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP &&
- elems.owe_dh) {
+ if (!sta->dpp_pfs) {
sta->dpp_pfs = dpp_pfs_init(
wpabuf_head(hapd->conf->dpp_netaccesskey),
wpabuf_len(hapd->conf->dpp_netaccesskey));
@@ -664,19 +663,20 @@ skip_wpa_check:
/* Try to continue without PFS */
goto pfs_fail;
}
+ }
- if (dpp_pfs_process(sta->dpp_pfs, elems.owe_dh,
- elems.owe_dh_len) < 0) {
- dpp_pfs_free(sta->dpp_pfs);
- sta->dpp_pfs = NULL;
- reason = WLAN_REASON_UNSPECIFIED;
- goto fail;
- }
+ if (dpp_pfs_process(sta->dpp_pfs, elems.owe_dh,
+ elems.owe_dh_len) < 0) {
+ dpp_pfs_free(sta->dpp_pfs);
+ sta->dpp_pfs = NULL;
+ reason = WLAN_REASON_UNSPECIFIED;
+ goto fail;
}
+ }
- wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ?
- sta->dpp_pfs->secret : NULL);
- pfs_fail:
+ wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ?
+ sta->dpp_pfs->secret : NULL);
+pfs_fail:
#endif /* CONFIG_DPP2 */
if (elems.rrm_enabled &&
@@ -1792,8 +1792,9 @@ static int hostapd_notif_update_dh_ie(struct hostapd_data *hapd,
wpa_printf(MSG_DEBUG, "OWE: Peer unknown");
return -1;
}
- if (!(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE)) {
- wpa_printf(MSG_DEBUG, "OWE: No OWE AKM configured");
+ if (!(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) &&
+ !(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP)) {
+ wpa_printf(MSG_DEBUG, "OWE/DPP: No OWE/DPP AKM configured");
status = WLAN_STATUS_AKMP_NOT_VALID;
goto err;
}
@@ -1828,9 +1829,21 @@ static int hostapd_notif_update_dh_ie(struct hostapd_data *hapd,
}
sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS | WLAN_STA_WPS2);
- status = owe_process_rsn_ie(hapd, sta, elems.rsn_ie,
- elems.rsn_ie_len, elems.owe_dh,
- elems.owe_dh_len);
+#ifdef CONFIG_DPP2
+ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) {
+ if (hapd->conf->dpp_netaccesskey && elems.owe_dh)
+ status = dpp_process_rsn_ie(hapd, sta, elems.rsn_ie,
+ elems.rsn_ie_len, elems.owe_dh,
+ elems.owe_dh_len);
+ else
+ status = WLAN_STATUS_UNSPECIFIED_FAILURE;
+ } else
+#endif /* CONFIG_DPP2 */
+ {
+ status = owe_process_rsn_ie(hapd, sta, elems.rsn_ie,
+ elems.rsn_ie_len, elems.owe_dh,
+ elems.owe_dh_len);
+ }
if (status != WLAN_STATUS_SUCCESS)
ap_free_sta(hapd, sta);
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index c4f7d00cc..564815381 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -4348,9 +4348,10 @@ u16 owe_validate_request(struct hostapd_data *hapd, const u8 *peer,
wpa_hexdump(MSG_DEBUG, "RSNE", rsn_ie, rsn_ie_len);
return wpa_res_to_status_code(res);
}
- if (!(data.key_mgmt & WPA_KEY_MGMT_OWE)) {
+ if (!(data.key_mgmt & WPA_KEY_MGMT_OWE) &&
+ !(data.key_mgmt & WPA_KEY_MGMT_DPP)) {
wpa_printf(MSG_DEBUG,
- "OWE: Unexpected key mgmt 0x%x from " MACSTR,
+ "OWE/DPP: Unexpected key mgmt 0x%x from " MACSTR,
(unsigned int) data.key_mgmt, MAC2STR(peer));
return WLAN_STATUS_AKMP_NOT_VALID;
}
@@ -4444,6 +4445,71 @@ end:
#endif /* CONFIG_OWE */
+#ifdef CONFIG_DPP2
+u16 dpp_process_rsn_ie(struct hostapd_data *hapd,
+ struct sta_info *sta,
+ const u8 *rsn_ie, size_t rsn_ie_len,
+ const u8 *owe_dh, size_t owe_dh_len)
+{
+ u16 status = WLAN_STATUS_SUCCESS;
+ u8 *owe_buf, ie[256 * 2];
+ size_t ie_len = 0;
+ enum wpa_validate_result res;
+
+ if (!rsn_ie || rsn_ie_len < 2) {
+ wpa_printf(MSG_DEBUG, "DPP: No RSNE in (Re)AssocReq");
+ status = WLAN_STATUS_INVALID_IE;
+ goto end;
+ }
+
+ if (!sta->wpa_sm)
+ sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, sta->addr,
+ NULL);
+ if (!sta->wpa_sm) {
+ wpa_printf(MSG_WARNING,
+ "DPP: Failed to initialize WPA state machine");
+ status = WLAN_STATUS_UNSPECIFIED_FAILURE;
+ goto end;
+ }
+ rsn_ie -= 2;
+ rsn_ie_len += 2;
+ res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
+ hapd->iface->freq, rsn_ie, rsn_ie_len,
+ NULL, 0, NULL, 0, owe_dh, owe_dh_len);
+ status = wpa_res_to_status_code(res);
+ if (status != WLAN_STATUS_SUCCESS)
+ goto end;
+
+ owe_buf = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, ie, sizeof(ie),
+ NULL, 0);
+ if (!owe_buf) {
+ status = WLAN_STATUS_UNSPECIFIED_FAILURE;
+ goto end;
+ }
+
+ dpp_pfs_free(sta->dpp_pfs);
+ sta->dpp_pfs = NULL;
+ sta->dpp_pfs = dpp_pfs_init(
+ wpabuf_head(hapd->conf->dpp_netaccesskey),
+ wpabuf_len(hapd->conf->dpp_netaccesskey));
+
+ if (!sta->dpp_pfs) {
+ wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
+ status = WLAN_STATUS_UNSPECIFIED_FAILURE;
+ } else {
+ os_memcpy(owe_buf, wpabuf_head(sta->dpp_pfs->ie), wpabuf_len(sta->dpp_pfs->ie));
+ ie_len = owe_buf - ie + wpabuf_len(sta->dpp_pfs->ie);
+ }
+end:
+ wpa_printf(MSG_DEBUG, "DPP: Update status %d, ie len %d for peer "
+ MACSTR, status, (unsigned int) ie_len,
+ MAC2STR(sta->addr));
+ hostapd_drv_update_dh_ie(hapd, sta->addr, status,
+ status == WLAN_STATUS_SUCCESS ? ie : NULL,
+ ie_len);
+ return status;
+}
+#endif /* CONFIG_DPP2 */
static bool check_sa_query(struct hostapd_data *hapd, struct sta_info *sta,
int reassoc)
diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h
index c59ad5e38..3042b6bac 100644
--- a/src/ap/ieee802_11.h
+++ b/src/ap/ieee802_11.h
@@ -171,6 +171,9 @@ u8 * owe_assoc_req_process(struct hostapd_data *hapd, struct sta_info *sta,
u16 owe_process_rsn_ie(struct hostapd_data *hapd, struct sta_info *sta,
const u8 *rsn_ie, size_t rsn_ie_len,
const u8 *owe_dh, size_t owe_dh_len);
+u16 dpp_process_rsn_ie(struct hostapd_data *hapd, struct sta_info *sta,
+ const u8 *rsn_ie, size_t rsn_ie_len,
+ const u8 *owe_dh, size_t owe_dh_len);
u16 owe_validate_request(struct hostapd_data *hapd, const u8 *peer,
const u8 *rsn_ie, size_t rsn_ie_len,
const u8 *owe_dh, size_t owe_dh_len);
diff --git a/wpa_supplicant/defconfig_base b/wpa_supplicant/defconfig_base
index 59aeae69c..f34011d84 100644
--- a/wpa_supplicant/defconfig_base
+++ b/wpa_supplicant/defconfig_base
@@ -617,6 +617,7 @@ CONFIG_OWE=y
# Device Provisioning Protocol (DPP)
CONFIG_DPP=y
+CONFIG_DPP2=y
# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
--
2.17.1

31
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch Normal file
View File

@ -0,0 +1,31 @@
From d449e4402e4981b8c5067aaab1db34cd73e40468 Mon Sep 17 00:00:00 2001
From: "P Rakshith (CAE 1 A)" <rakshith.p@infineon.com>
Date: Fri, 20 Oct 2023 08:34:04 +0000
Subject: [PATCH 58/60] non-upstream: Prevent invalid akm key mgmt when MFP
required is set
---
src/ap/ap_config.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index 86b6e097c..a7fd85018 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -1432,6 +1432,13 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
}
#endif /* CONFIG_FILS */
+ if (full_config && (bss->ieee80211w == 2) &&
+ (bss->wpa_key_mgmt == (WPA_KEY_MGMT_PSK_SHA256 | WPA_KEY_MGMT_PSK))) {
+ wpa_printf(MSG_ERROR,
+ "Cannot set ieee80211w=2 along with with the selected wpa_key_mgmt");
+ return -1;
+ }
+
return 0;
}
--
2.17.1

49
meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0059-Reset-authentication-and-encryption-parameters-while.digi.patch Normal file
View File

@ -0,0 +1,49 @@
From 10a78d57f331333da8aba9be83f6cafbb7a6f382 Mon Sep 17 00:00:00 2001
From: Ian Lin <ian.lin@infineon.com>
Date: Sun, 22 Oct 2023 21:19:08 -0500
Subject: [PATCH 59/60] Reset authentication and encryption parameters while
handling roam event
While supplicant received NL80211_CMD_ROAM event and run EVENT_ASSOC flow,
it will not reset sm->pmk in wpa_supplicant_select_config since old and new SSID are the same.
It causes using wrong pmk when roaming from WPA3 to WPA2.
So add the flow to only reset sm->pmk while handling roam event.
Signed-off-by: Ian Lin <ian.lin@infineon.com>
---
src/drivers/driver.h | 6 ++++++
src/drivers/driver_nl80211_event.c | 1 +
2 files changed, 7 insertions(+)
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index d75abbd..9ebb4b0 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -5546,6 +5546,12 @@ union wpa_event_data {
* fils_pmkid - PMKID used or generated in FILS authentication
*/
const u8 *fils_pmkid;
+
+ /**
+ * roam_indication - Indicate it's a roam event
+ */
+ bool roam_indication;
+
} assoc_info;
/**
diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c
index d3cb8d8..6ff7479 100644
--- a/src/drivers/driver_nl80211_event.c
+++ b/src/drivers/driver_nl80211_event.c
@@ -542,6 +542,7 @@ static void mlme_event_connect(struct wpa_driver_nl80211_data *drv,
wpa_ssid_txt(drv->ssid,
drv->ssid_len));
}
+ event.assoc_info.roam_indication = 1;
}
}
if (resp_ie) {
--
2.43.0

14
meta-digi-dey/recipes-connectivity/hostapd/hostapd_%.bbappend
View File

@ -1,4 +1,4 @@
# Copyright (C) 2016-2023 Digi International.
# Copyright (C) 2016-2024 Digi International Inc.
FILESEXTRAPATHS:prepend := "${THISDIR}/${BPN}:"
@ -48,7 +48,17 @@ MURATA_COMMON_PATCHES = " \
file://murata/0041-add-support-to-offload-TWT-setup-request-handling-to.murata.patch \
file://murata/0042-add-support-to-offload-TWT-Teardown-request-handling.murata.patch \
file://murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.murata.patch \
file://murata/0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch \
file://murata/0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch \
file://murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.digi.patch \
file://murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.digi.patch \
file://murata/0052-Disable-4-way-handshake-offload-for-DPP.patch \
file://murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.digi.patch \
file://murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch \
file://murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch \
file://murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch \
file://murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch \
file://murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch \
file://murata/0059-Reset-authentication-and-encryption-parameters-while.digi.patch \
"
SRC_URI:append:ccmp1 = " ${MURATA_COMMON_PATCHES}"

655
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/ccmp1/defconfig Normal file
View File

@ -0,0 +1,655 @@
# Example wpa_supplicant build time configuration
#
# This file lists the configuration options that are used when building the
# wpa_supplicant binary. All lines starting with # are ignored. Configuration
# option lines must be commented out complete, if they are not to be included,
# i.e., just setting VARIABLE=n is not disabling that variable.
#
# This file is included in Makefile, so variables like CFLAGS and LIBS can also
# be modified from here. In most cases, these lines should use += in order not
# to override previous values of the variables.
# Uncomment following two lines and fix the paths if you have installed OpenSSL
# or GnuTLS in non-default location
#CFLAGS += -I/usr/local/openssl/include
#LIBS += -L/usr/local/openssl/lib
# Some Red Hat versions seem to include kerberos header files from OpenSSL, but
# the kerberos files are not in the default include path. Following line can be
# used to fix build issues on such systems (krb5.h not found).
#CFLAGS += -I/usr/include/kerberos
# Driver interface for generic Linux wireless extensions
# Note: WEXT is deprecated in the current Linux kernel version and no new
# functionality is added to it. nl80211-based interface is the new
# replacement for WEXT and its use allows wpa_supplicant to properly control
# the driver to improve existing functionality like roaming and to support new
# functionality.
CONFIG_DRIVER_WEXT=y
# Driver interface for Linux drivers using the nl80211 kernel interface
CONFIG_DRIVER_NL80211=y
# QCA vendor extensions to nl80211
#CONFIG_DRIVER_NL80211_QCA=y
# Support Broadcom driver private wl command
CONFIG_DRIVER_BRCM_WL=y
# driver_nl80211.c requires libnl. If you are compiling it yourself
# you may need to point hostapd to your version of libnl.
#
#CFLAGS += -I$<path to libnl include files>
#LIBS += -L$<path to libnl library files>
# Use libnl v2.0 (or 3.0) libraries.
#CONFIG_LIBNL20=y
# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored)
CONFIG_LIBNL32=y
# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
#CONFIG_DRIVER_BSD=y
#CFLAGS += -I/usr/local/include
#LIBS += -L/usr/local/lib
#LIBS_p += -L/usr/local/lib
#LIBS_c += -L/usr/local/lib
# Driver interface for Windows NDIS
#CONFIG_DRIVER_NDIS=y
#CFLAGS += -I/usr/include/w32api/ddk
#LIBS += -L/usr/local/lib
# For native build using mingw
#CONFIG_NATIVE_WINDOWS=y
# Additional directories for cross-compilation on Linux host for mingw target
#CFLAGS += -I/opt/mingw/mingw32/include/ddk
#LIBS += -L/opt/mingw/mingw32/lib
#CC=mingw32-gcc
# By default, driver_ndis uses WinPcap for low-level operations. This can be
# replaced with the following option which replaces WinPcap calls with NDISUIO.
# However, this requires that WZC is disabled (net stop wzcsvc) before starting
# wpa_supplicant.
# CONFIG_USE_NDISUIO=y
# Driver interface for wired Ethernet drivers
#CONFIG_DRIVER_WIRED=y
# Driver interface for MACsec capable Qualcomm Atheros drivers
#CONFIG_DRIVER_MACSEC_QCA=y
# Driver interface for Linux MACsec drivers
#CONFIG_DRIVER_MACSEC_LINUX=y
# Driver interface for the Broadcom RoboSwitch family
#CONFIG_DRIVER_ROBOSWITCH=y
# Driver interface for no driver (e.g., WPS ER only)
#CONFIG_DRIVER_NONE=y
# Solaris libraries
#LIBS += -lsocket -ldlpi -lnsl
#LIBS_c += -lsocket
# Enable IEEE 802.1X Supplicant (automatically included if any EAP method or
# MACsec is included)
CONFIG_IEEE8021X_EAPOL=y
# EAP-MD5
CONFIG_EAP_MD5=y
# EAP-MSCHAPv2
CONFIG_EAP_MSCHAPV2=y
# EAP-TLS
CONFIG_EAP_TLS=y
# Enable EAP-TLSv1.3 support by default (currently disabled unless explicitly
# enabled in network configuration)
CONFIG_EAP_TLSV1_3=y
# EAL-PEAP
CONFIG_EAP_PEAP=y
# EAP-TTLS
CONFIG_EAP_TTLS=y
# EAP-FAST
CONFIG_EAP_FAST=y
# EAP-TEAP
# Note: The current EAP-TEAP implementation is experimental and should not be
# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
# of conflicting statements and missing details and the implementation has
# vendor specific workarounds for those and as such, may not interoperate with
# any other implementation. This should not be used for anything else than
# experimentation and interoperability testing until those issues has been
# resolved.
#CONFIG_EAP_TEAP=y
# EAP-GTC
CONFIG_EAP_GTC=y
# EAP-OTP
CONFIG_EAP_OTP=y
# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
CONFIG_EAP_SIM=y
# Enable SIM simulator (Milenage) for EAP-SIM
#CONFIG_SIM_SIMULATOR=y
# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
CONFIG_EAP_PSK=y
# EAP-pwd (secure authentication using only a password)
#CONFIG_EAP_PWD=y
# EAP-PAX
#CONFIG_EAP_PAX=y
# LEAP
CONFIG_EAP_LEAP=y
# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
#CONFIG_EAP_AKA=y
# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
# This requires CONFIG_EAP_AKA to be enabled, too.
#CONFIG_EAP_AKA_PRIME=y
# Enable USIM simulator (Milenage) for EAP-AKA
#CONFIG_USIM_SIMULATOR=y
# EAP-SAKE
#CONFIG_EAP_SAKE=y
# EAP-GPSK
#CONFIG_EAP_GPSK=y
# Include support for optional SHA256 cipher suite in EAP-GPSK
#CONFIG_EAP_GPSK_SHA256=y
# EAP-TNC and related Trusted Network Connect support (experimental)
#CONFIG_EAP_TNC=y
# Wi-Fi Protected Setup (WPS)
CONFIG_WPS=y
# Enable WPS external registrar functionality
#CONFIG_WPS_ER=y
# Disable credentials for an open network by default when acting as a WPS
# registrar.
#CONFIG_WPS_REG_DISABLE_OPEN=y
# Enable WPS support with NFC config method
#CONFIG_WPS_NFC=y
# EAP-IKEv2
#CONFIG_EAP_IKEV2=y
# EAP-EKE
#CONFIG_EAP_EKE=y
# MACsec
#CONFIG_MACSEC=y
# PKCS#12 (PFX) support (used to read private key and certificate file from
# a file that usually has extension .p12 or .pfx)
CONFIG_PKCS12=y
# Smartcard support (i.e., private key on a smartcard), e.g., with openssl
# engine.
CONFIG_SMARTCARD=y
# PC/SC interface for smartcards (USIM, GSM SIM)
# Enable this if EAP-SIM or EAP-AKA is included
#CONFIG_PCSC=y
# Support HT overrides (disable HT/HT40, mask MCS rates, etc.)
#CONFIG_HT_OVERRIDES=y
# Support VHT overrides (disable VHT, mask MCS rates, etc.)
#CONFIG_VHT_OVERRIDES=y
# Development testing
#CONFIG_EAPOL_TEST=y
# Select control interface backend for external programs, e.g, wpa_cli:
# unix = UNIX domain sockets (default for Linux/*BSD)
# udp = UDP sockets using localhost (127.0.0.1)
# udp6 = UDP IPv6 sockets using localhost (::1)
# named_pipe = Windows Named Pipe (default for Windows)
# udp-remote = UDP sockets with remote access (only for tests systems/purpose)
# udp6-remote = UDP IPv6 sockets with remote access (only for tests purpose)
# y = use default (backwards compatibility)
# If this option is commented out, control interface is not included in the
# build.
CONFIG_CTRL_IFACE=y
# Include support for GNU Readline and History Libraries in wpa_cli.
# When building a wpa_cli binary for distribution, please note that these
# libraries are licensed under GPL and as such, BSD license may not apply for
# the resulting binary.
#CONFIG_READLINE=y
# Include internal line edit mode in wpa_cli. This can be used as a replacement
# for GNU Readline to provide limited command line editing and history support.
CONFIG_WPA_CLI_EDIT=y
# Remove debugging code that is printing out debug message to stdout.
# This can be used to reduce the size of the wpa_supplicant considerably
# if debugging code is not needed. The size reduction can be around 35%
# (e.g., 90 kB).
#CONFIG_NO_STDOUT_DEBUG=y
# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
# 35-50 kB in code size.
#CONFIG_NO_WPA=y
# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
# This option can be used to reduce code size by removing support for
# converting ASCII passphrases into PSK. If this functionality is removed, the
# PSK can only be configured as the 64-octet hexstring (e.g., from
# wpa_passphrase). This saves about 0.5 kB in code size.
#CONFIG_NO_WPA_PASSPHRASE=y
# Simultaneous Authentication of Equals (SAE), WPA3-Personal
CONFIG_SAE=y
# Enable WPA3-Enterprise Suite-B 192 support
CONFIG_SUITEB=y
CONFIG_SUITEB192=y
# Set SAE Auth status early
CONFIG_WPA3_SAE_AUTH_EARLY_SET=y
# Disable scan result processing (ap_scan=1) to save code size by about 1 kB.
# This can be used if ap_scan=1 mode is never enabled.
#CONFIG_NO_SCAN_PROCESSING=y
# Select configuration backend:
# file = text file (e.g., wpa_supplicant.conf; note: the configuration file
# path is given on command line, not here; this option is just used to
# select the backend that allows configuration files to be used)
# winreg = Windows registry (see win_example.reg for an example)
CONFIG_BACKEND=file
# Remove configuration write functionality (i.e., to allow the configuration
# file to be updated based on runtime configuration changes). The runtime
# configuration can still be changed, the changes are just not going to be
# persistent over restarts. This option can be used to reduce code size by
# about 3.5 kB.
#CONFIG_NO_CONFIG_WRITE=y
# Remove support for configuration blobs to reduce code size by about 1.5 kB.
#CONFIG_NO_CONFIG_BLOBS=y
# Select program entry point implementation:
# main = UNIX/POSIX like main() function (default)
# main_winsvc = Windows service (read parameters from registry)
# main_none = Very basic example (development use only)
#CONFIG_MAIN=main
# Select wrapper for operating system and C library specific functions
# unix = UNIX/POSIX like systems (default)
# win32 = Windows systems
# none = Empty template
#CONFIG_OS=unix
# Select event loop implementation
# eloop = select() loop (default)
# eloop_win = Windows events and WaitForMultipleObject() loop
#CONFIG_ELOOP=eloop
# Should we use poll instead of select? Select is used by default.
#CONFIG_ELOOP_POLL=y
# Should we use epoll instead of select? Select is used by default.
#CONFIG_ELOOP_EPOLL=y
# Should we use kqueue instead of select? Select is used by default.
#CONFIG_ELOOP_KQUEUE=y
# Select layer 2 packet implementation
# linux = Linux packet socket (default)
# pcap = libpcap/libdnet/WinPcap
# freebsd = FreeBSD libpcap
# winpcap = WinPcap with receive thread
# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
# none = Empty template
#CONFIG_L2_PACKET=linux
# Disable Linux packet socket workaround applicable for station interface
# in a bridge for EAPOL frames. This should be uncommented only if the kernel
# is known to not have the regression issue in packet socket behavior with
# bridge interfaces (commit 'bridge: respect RFC2863 operational state')').
#CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y
# Support Operating Channel Validation
#CONFIG_OCV=y
# Select TLS implementation
# openssl = OpenSSL (default)
# gnutls = GnuTLS
# internal = Internal TLSv1 implementation (experimental)
# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental)
# none = Empty template
#CONFIG_TLS=openssl
# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
# can be enabled to get a stronger construction of messages when block ciphers
# are used. It should be noted that some existing TLS v1.0 -based
# implementation may not be compatible with TLS v1.1 message (ClientHello is
# sent prior to negotiating which version will be used)
#CONFIG_TLSV11=y
# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2)
# can be enabled to enable use of stronger crypto algorithms. It should be
# noted that some existing TLS v1.0 -based implementation may not be compatible
# with TLS v1.2 message (ClientHello is sent prior to negotiating which version
# will be used)
#CONFIG_TLSV12=y
# Select which ciphers to use by default with OpenSSL if the user does not
# specify them.
#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW"
# If CONFIG_TLS=internal is used, additional library and include paths are
# needed for LibTomMath. Alternatively, an integrated, minimal version of
# LibTomMath can be used. See beginning of libtommath.c for details on benefits
# and drawbacks of this option.
#CONFIG_INTERNAL_LIBTOMMATH=y
#ifndef CONFIG_INTERNAL_LIBTOMMATH
#LTM_PATH=/usr/src/libtommath-0.39
#CFLAGS += -I$(LTM_PATH)
#LIBS += -L$(LTM_PATH)
#LIBS_p += -L$(LTM_PATH)
#endif
# At the cost of about 4 kB of additional binary size, the internal LibTomMath
# can be configured to include faster routines for exptmod, sqr, and div to
# speed up DH and RSA calculation considerably
#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
# This is only for Windows builds and requires WMI-related header files and
# WbemUuid.Lib from Platform SDK even when building with MinGW.
#CONFIG_NDIS_EVENTS_INTEGRATED=y
#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
# Add support for new DBus control interface
# (fi.w1.wpa_supplicant1)
CONFIG_CTRL_IFACE_DBUS_NEW=y
# Add introspection support for new DBus control interface
#CONFIG_CTRL_IFACE_DBUS_INTRO=y
# Add support for loading EAP methods dynamically as shared libraries.
# When this option is enabled, each EAP method can be either included
# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
# be loaded in the beginning of the wpa_supplicant configuration file
# (see load_dynamic_eap parameter in the example file) before being used in
# the network blocks.
#
# Note that some shared parts of EAP methods are included in the main program
# and in order to be able to use dynamic EAP methods using these parts, the
# main program must have been build with the EAP method enabled (=y or =dyn).
# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
# unless at least one of them was included in the main build to force inclusion
# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
# in the main build to be able to load these methods dynamically.
#
# Please also note that using dynamic libraries will increase the total binary
# size. Thus, it may not be the best option for targets that have limited
# amount of memory/flash.
#CONFIG_DYNAMIC_EAP_METHODS=y
# IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode
CONFIG_IEEE80211R=y
# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
#CONFIG_DEBUG_FILE=y
# Send debug messages to syslog instead of stdout
#CONFIG_DEBUG_SYSLOG=y
# Set syslog facility for debug messages
#CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON
# Add support for sending all debug messages (regardless of debug verbosity)
# to the Linux kernel tracing facility. This helps debug the entire stack by
# making it easy to record everything happening from the driver up into the
# same file, e.g., using trace-cmd.
#CONFIG_DEBUG_LINUX_TRACING=y
# Add support for writing debug log to Android logcat instead of standard
# output
#CONFIG_ANDROID_LOG=y
# Enable privilege separation (see README 'Privilege separation' for details)
#CONFIG_PRIVSEP=y
# Enable mitigation against certain attacks against TKIP by delaying Michael
# MIC error reports by a random amount of time between 0 and 60 seconds
#CONFIG_DELAYED_MIC_ERROR_REPORT=y
# Enable tracing code for developer debugging
# This tracks use of memory allocations and other registrations and reports
# incorrect use with a backtrace of call (or allocation) location.
#CONFIG_WPA_TRACE=y
# For BSD, uncomment these.
#LIBS += -lexecinfo
#LIBS_p += -lexecinfo
#LIBS_c += -lexecinfo
# Use libbfd to get more details for developer debugging
# This enables use of libbfd to get more detailed symbols for the backtraces
# generated by CONFIG_WPA_TRACE=y.
#CONFIG_WPA_TRACE_BFD=y
# For BSD, uncomment these.
#LIBS += -lbfd -liberty -lz
#LIBS_p += -lbfd -liberty -lz
#LIBS_c += -lbfd -liberty -lz
# wpa_supplicant depends on strong random number generation being available
# from the operating system. os_get_random() function is used to fetch random
# data when needed, e.g., for key generation. On Linux and BSD systems, this
# works by reading /dev/urandom. It should be noted that the OS entropy pool
# needs to be properly initialized before wpa_supplicant is started. This is
# important especially on embedded devices that do not have a hardware random
# number generator and may by default start up with minimal entropy available
# for random number generation.
#
# As a safety net, wpa_supplicant is by default trying to internally collect
# additional entropy for generating random data to mix in with the data fetched
# from the OS. This by itself is not considered to be very strong, but it may
# help in cases where the system pool is not initialized properly. However, it
# is very strongly recommended that the system pool is initialized with enough
# entropy either by using hardware assisted random number generator or by
# storing state over device reboots.
#
# wpa_supplicant can be configured to maintain its own entropy store over
# restarts to enhance random number generation. This is not perfect, but it is
# much more secure than using the same sequence of random numbers after every
# reboot. This can be enabled with -e<entropy file> command line option. The
# specified file needs to be readable and writable by wpa_supplicant.
#
# If the os_get_random() is known to provide strong random data (e.g., on
# Linux/BSD, the board in question is known to have reliable source of random
# data from /dev/urandom), the internal wpa_supplicant random pool can be
# disabled. This will save some in binary size and CPU use. However, this
# should only be considered for builds that are known to be used on devices
# that meet the requirements described above.
#CONFIG_NO_RANDOM_POOL=y
# Should we attempt to use the getrandom(2) call that provides more reliable
# yet secure randomness source than /dev/random on Linux 3.17 and newer.
# Requires glibc 2.25 to build, falls back to /dev/random if unavailable.
#CONFIG_GETRANDOM=y
# IEEE 802.11ac (Very High Throughput) support (mainly for AP mode)
CONFIG_IEEE80211AC=y
# Wireless Network Management (IEEE Std 802.11v-2011)
# Note: This is experimental and not complete implementation.
#CONFIG_WNM=y
# Interworking (IEEE 802.11u)
# This can be used to enable functionality to improve interworking with
# external networks (GAS/ANQP to learn more about the networks and network
# selection based on available credentials).
#CONFIG_INTERWORKING=y
# Hotspot 2.0
CONFIG_HS20=y
# Enable interface matching in wpa_supplicant
#CONFIG_MATCH_IFACE=y
# Disable roaming in wpa_supplicant
#CONFIG_NO_ROAMING=y
# AP mode operations with wpa_supplicant
# This can be used for controlling AP mode operations with wpa_supplicant. It
# should be noted that this is mainly aimed at simple cases like
# WPA2-Personal while more complex configurations like WPA2-Enterprise with an
# external RADIUS server can be supported with hostapd.
CONFIG_AP=y
# P2P (Wi-Fi Direct)
# This can be used to enable P2P support in wpa_supplicant. See README-P2P for
# more information on P2P operations.
CONFIG_P2P=y
# Enable TDLS support
#CONFIG_TDLS=y
# Wi-Fi Display
# This can be used to enable Wi-Fi Display extensions for P2P using an external
# program to control the additional information exchanges in the messages.
#CONFIG_WIFI_DISPLAY=y
# Autoscan
# This can be used to enable automatic scan support in wpa_supplicant.
# See wpa_supplicant.conf for more information on autoscan usage.
#
# Enabling directly a module will enable autoscan support.
# For exponential module:
#CONFIG_AUTOSCAN_EXPONENTIAL=y
# For periodic module:
#CONFIG_AUTOSCAN_PERIODIC=y
# Password (and passphrase, etc.) backend for external storage
# These optional mechanisms can be used to add support for storing passwords
# and other secrets in external (to wpa_supplicant) location. This allows, for
# example, operating system specific key storage to be used
#
# External password backend for testing purposes (developer use)
#CONFIG_EXT_PASSWORD_TEST=y
# File-based backend to read passwords from an external file.
#CONFIG_EXT_PASSWORD_FILE=y
# Enable Fast Session Transfer (FST)
#CONFIG_FST=y
# Enable CLI commands for FST testing
#CONFIG_FST_TEST=y
# OS X builds. This is only for building eapol_test.
#CONFIG_OSX=y
# Automatic Channel Selection
# This will allow wpa_supplicant to pick the channel automatically when channel
# is set to "0".
#
# TODO: Extend parser to be able to parse "channel=acs_survey" as an alternative
# to "channel=0". This would enable us to eventually add other ACS algorithms in
# similar way.
#
# Automatic selection is currently only done through initialization, later on
# we hope to do background checks to keep us moving to more ideal channels as
# time goes by. ACS is currently only supported through the nl80211 driver and
# your driver must have survey dump capability that is filled by the driver
# during scanning.
#
# TODO: In analogy to hostapd be able to customize the ACS survey algorithm with
# a newly to create wpa_supplicant.conf variable acs_num_scans.
#
# Supported ACS drivers:
# * ath9k
# * ath5k
# * ath10k
#
# For more details refer to:
# http://wireless.kernel.org/en/users/Documentation/acs
#CONFIG_ACS=y
# Support Multi Band Operation
#CONFIG_MBO=y
# Fast Initial Link Setup (FILS) (IEEE 802.11ai)
#CONFIG_FILS=y
# FILS shared key authentication with PFS
#CONFIG_FILS_SK_PFS=y
# Support RSN on IBSS networks
# This is needed to be able to use mode=1 network profile with proto=RSN and
# key_mgmt=WPA-PSK (i.e., full key management instead of WPA-None).
CONFIG_IBSS_RSN=y
# External PMKSA cache control
# This can be used to enable control interface commands that allow the current
# PMKSA cache entries to be fetched and new entries to be added.
#CONFIG_PMKSA_CACHE_EXTERNAL=y
# Mesh Networking (IEEE 802.11s)
#CONFIG_MESH=y
# Background scanning modules
# These can be used to request wpa_supplicant to perform background scanning
# operations for roaming within an ESS (same SSID). See the bgscan parameter in
# the wpa_supplicant.conf file for more details.
# Periodic background scans based on signal strength
CONFIG_BGSCAN_SIMPLE=y
# Learn channels used by the network and try to avoid bgscans on other
# channels (experimental)
#CONFIG_BGSCAN_LEARN=y
# Opportunistic Wireless Encryption (OWE)
# Experimental implementation of draft-harkins-owe-07.txt
CONFIG_OWE=y
# Device Provisioning Protocol (DPP) (also known as Wi-Fi Easy Connect)
CONFIG_DPP=y
# DPP version 2 support
CONFIG_DPP2=y
# DPP version 3 support (experimental and still changing; do not enable for
# production use)
#CONFIG_DPP3=y
# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used for anything anymore. The
# functionality needed to use WEP is available in the current wpa_supplicant
# release under this optional build parameter. This functionality is subject to
# be completely removed in a future release.
#CONFIG_WEP=y
# Remove all TKIP functionality
# TKIP is an old cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used anymore for anything else than a
# backwards compatibility option as a group cipher when connecting to APs that
# use WPA+WPA2 mixed mode. For now, the default wpa_supplicant build includes
# support for this by default, but that functionality is subject to be removed
# in the future.
#CONFIG_NO_TKIP=y
# Pre-Association Security Negotiation (PASN)
# Experimental implementation based on IEEE P802.11z/D2.6 and the protocol
# design is still subject to change. As such, this should not yet be enabled in
# production use.
#CONFIG_PASN=y
# Enable all IFX/Cypress changes
CONFIG_DRIVER_NL80211_IFX=y
# Offload the TWT Session management to FW
CONFIG_TWT_OFFLOAD_IFX=y

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0001-wpa_supplicant-Support-4-way-handshake-offload-for-F.patch
View File

@ -1,7 +1,7 @@
From 6b4bc7fbb9be8eb668985de04eb11618f9dc1781 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 29 Oct 2019 11:32:11 +0800
Subject: [PATCH 01/49] wpa_supplicant: Support 4-way handshake offload for
Subject: [PATCH 01/60] wpa_supplicant: Support 4-way handshake offload for
FT-EAP
Add support of 4-way handshake offload for FT-EAP.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0002-wpa_supplicant-Notify-Neighbor-Report-for-driver-tri.patch
View File

@ -1,7 +1,7 @@
From 4d8eb3c7f31f66085dfb7f7652bf3b333d776896 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 29 Oct 2019 15:22:57 +0800
Subject: [PATCH 02/49] wpa_supplicant: Notify Neighbor Report for
Subject: [PATCH 02/60] wpa_supplicant: Notify Neighbor Report for
driver-triggered request
Sending a Neighbor Report request can be triggered by either supplicant

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0003-nl80211-Report-connection-authorized-in-EVENT_ASSOC.patch
View File

@ -1,7 +1,7 @@
From 21271c00b29db8c178aa704daaf665967e141d47 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 29 Oct 2019 15:55:21 +0800
Subject: [PATCH 03/49] nl80211: Report connection authorized in EVENT_ASSOC
Subject: [PATCH 03/60] nl80211: Report connection authorized in EVENT_ASSOC
When roaming in a network that requires 802.1X authentication, device
driver could set the authorized flag if 4-way handshake offload or FT

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0004-wpa_supplicant-Add-PMKSA-cache-for-802.1X-4-way-hand.patch
View File

@ -1,7 +1,7 @@
From 578eb72569a03cdd608cf384911d46eb372c583e Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 29 Oct 2019 16:05:49 +0800
Subject: [PATCH 04/49] wpa_supplicant: Add PMKSA cache for 802.1X 4-way
Subject: [PATCH 04/60] wpa_supplicant: Add PMKSA cache for 802.1X 4-way
handshake
Add PMKSA cache and set PMK to the driver for 802.1X 4-way handshake

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0005-OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch
View File

@ -1,7 +1,7 @@
From 78e7373ad2cf51a881a12e55c3db01580932539e Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Fri, 8 Nov 2019 13:23:05 -0600
Subject: [PATCH 05/49] OpenSSL: Fix build with OpenSSL 1.0.1
Subject: [PATCH 05/60] OpenSSL: Fix build with OpenSSL 1.0.1
The openssl_debug_dump_certificate_chains() implementation used
SSL_CERT_SET_FIRST and SSL_CERT_SET_NEXT, which were added in OpenSSL

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0006-nl80211-Check-SAE-authentication-offload-support.patch
View File

@ -1,7 +1,7 @@
From f6eed1d9e56502fd8cbab309e94f9787795c3e35 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 29 Oct 2019 17:13:27 +0800
Subject: [PATCH 06/49] nl80211: Check SAE authentication offload support
Subject: [PATCH 06/60] nl80211: Check SAE authentication offload support
Set WPA_DRIVER_FLAGS2_SAE_OFFLOAD flag if driver indicates SAE
authentication offload support.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0007-SAE-Pass-SAE-password-on-connect-for-SAE-authenticat.patch
View File

@ -1,7 +1,7 @@
From 417097c87d7027ad319d7e8c9931deb666779533 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 29 Oct 2019 17:22:18 +0800
Subject: [PATCH 07/49] SAE: Pass SAE password on connect for SAE
Subject: [PATCH 07/60] SAE: Pass SAE password on connect for SAE
authentication offload support
Pass SAE password on connect if driver advertises SAE authentication

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0008-nl80211-Support-4-way-handshake-offload-for-WPA-WPA2.patch
View File

@ -1,7 +1,7 @@
From 0bdd3f507d5dc92e42c72df7f4b79ffdab514fe1 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 10 Dec 2019 14:02:39 -0600
Subject: [PATCH 08/49] nl80211: Support 4-way handshake offload for
Subject: [PATCH 08/60] nl80211: Support 4-way handshake offload for
WPA/WPA2-PSK in AP mode
If driver advertises support for WPA/WPA2-PSK 4-way handshake offload in

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0009-AP-Support-4-way-handshake-offload-for-WPA-WPA2-PSK.patch
View File

@ -1,7 +1,7 @@
From 2f8529ec491389bdb41911edcf084bc643d7c9ee Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 10 Dec 2019 14:03:57 -0600
Subject: [PATCH 09/49] AP: Support 4-way handshake offload for WPA/WPA2-PSK
Subject: [PATCH 09/60] AP: Support 4-way handshake offload for WPA/WPA2-PSK
Add support for WPA/WPA2-PSK 4-way handshake offload in AP mode. In this
case, the 4-way handshake is handled by driver instead of user space.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0010-nl80211-Support-SAE-authentication-offload-in-AP-mod.patch
View File

@ -1,7 +1,7 @@
From 89d2f8b07c948cc5fbe8767948128f487eae2ed5 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 10 Dec 2019 14:05:16 -0600
Subject: [PATCH 10/49] nl80211: Support SAE authentication offload in AP mode
Subject: [PATCH 10/60] nl80211: Support SAE authentication offload in AP mode
If driver advertises support for SAE authentication offload, pass SAE
password in NL80211_CMD_NEW_BEACON command for AP mode.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0011-SAE-Support-SAE-authentication-offload-in-AP-mode.patch
View File

@ -1,7 +1,7 @@
From dfa364f9970f1d88782cc9a9b7292afadbf2358b Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
Date: Tue, 10 Dec 2019 14:06:20 -0600
Subject: [PATCH 11/49] SAE: Support SAE authentication offload in AP mode
Subject: [PATCH 11/60] SAE: Support SAE authentication offload in AP mode
Add support for SAE authentication offload in AP mode. In this case, the
SAE authentication process is handled by driver instead of user space.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0012-DPP-Do-more-condition-test-for-AKM-type-DPP-offload.patch
View File

@ -1,7 +1,7 @@
From 234dbe729a1041d93efc51b8467ac063b74b2c81 Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@cypress.com>
Date: Mon, 18 May 2020 08:36:59 -0500
Subject: [PATCH 12/49] DPP: Do more condition test for AKM type DPP offload.
Subject: [PATCH 12/60] DPP: Do more condition test for AKM type DPP offload.
If supplicant recieves eapol frame with driver declared
WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK, supplicant will check AKM type

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0013-non-upstream-defconfig_base-Add-Infineon-default-con.patch
View File

@ -1,7 +1,7 @@
From 69d18183a1df9e72371e33937c91af5b5b79a110 Mon Sep 17 00:00:00 2001
From: Chung-Hsien Hsu <chung-hsien.hsu@infineon.com>
Date: Mon, 2 Aug 2021 14:15:06 -0500
Subject: [PATCH 13/49] non-upstream: defconfig_base: Add Infineon default
Subject: [PATCH 13/60] non-upstream: defconfig_base: Add Infineon default
configuration
Add Infineon default configuration files (defconfig_base).

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0014-CVE_2019_9501-Fix-to-check-Invalid-GTK-IE-length-in-.patch
View File

@ -1,7 +1,7 @@
From 28c5794ff336f3ec29be79197198071be9add4ac Mon Sep 17 00:00:00 2001
From: Suresh Sanaboina <suresh.sanaboina@infineon.com>
Date: Tue, 1 Feb 2022 13:02:07 +0000
Subject: [PATCH 14/49] [CVE_2019_9501] Fix to check Invalid GTK IE length in
Subject: [PATCH 14/60] [CVE_2019_9501] Fix to check Invalid GTK IE length in
M3 at STA
---

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0015-Add-CONFIG_WPA3_SAE_AUTH_EARLY_SET-flags-and-codes.murata.patch
View File

@ -1,7 +1,7 @@
From ab61a3dd6d968c62b407c170079a236194357931 Mon Sep 17 00:00:00 2001
From: Danny Chiu <Danny.Chiu@infineon.com>
Date: Thu, 4 Nov 2021 02:44:17 -0500
Subject: [PATCH 15/49] Add CONFIG_WPA3_SAE_AUTH_EARLY_SET flags and codes
Subject: [PATCH 15/60] Add CONFIG_WPA3_SAE_AUTH_EARLY_SET flags and codes
Enable this flags allow the AP to set authorization to firmware earier as the SAE confirm from is ok.
---

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0016-SAE-Set-the-right-WPA-Versions-for-FT-SAE-key-manage.patch
View File

@ -1,7 +1,7 @@
From 32ee9150ccf3f6c242ba2809aab9b9e115a9d1b5 Mon Sep 17 00:00:00 2001
From: Darren Li <hsil@cypress.com>
Date: Fri, 26 Nov 2021 02:09:03 -0600
Subject: [PATCH 16/49] SAE: Set the right WPA Versions for FT-SAE key
Subject: [PATCH 16/60] SAE: Set the right WPA Versions for FT-SAE key
management
Set the right WPA Versions for FT-SAE key management

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0017-wpa_supplicant-Support-WPA_KEY_MGMT_FT-for-eapol-off.patch
View File

@ -1,7 +1,7 @@
From 6fa06f214ba1cfc4e80dc7413874175146b9c2a5 Mon Sep 17 00:00:00 2001
From: Chien-Chia Chen <carella.chen@infineon.com>
Date: Tue, 23 Nov 2021 21:29:08 -0600
Subject: [PATCH 17/49] wpa_supplicant: Support WPA_KEY_MGMT_FT for eapol
Subject: [PATCH 17/60] wpa_supplicant: Support WPA_KEY_MGMT_FT for eapol
offloading and driver base roaming
Add WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK / WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X /

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0018-wpa_supplicant-suppress-deauth-for-PMKSA-caching-dis.patch
View File

@ -1,7 +1,7 @@
From 9af850cef2007cabe1bbffad3ef1d2b13396832d Mon Sep 17 00:00:00 2001
From: Darren Li <hsil@cypress.com>
Date: Tue, 22 Feb 2022 00:34:47 -0600
Subject: [PATCH 18/49] wpa_supplicant: suppress deauth for PMKSA caching
Subject: [PATCH 18/60] wpa_supplicant: suppress deauth for PMKSA caching
disabled
wpa_supplicant: Need a command/parameter suppress deauth for PMKSA caching disabled

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0019-Fix-for-PMK-expiration-issue-through-supplicant.murata.patch
View File

@ -1,7 +1,7 @@
From 5604eb8aaf8382376e6511850e70b66c6e2a22b8 Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@cypress.com>
Date: Sun, 13 Feb 2022 21:34:09 -0600
Subject: [PATCH 19/49] Fix for PMK expiration issue through supplicant
Subject: [PATCH 19/60] Fix for PMK expiration issue through supplicant
Description : Sending Deauth from AP once PMK timeout occurs, So that
STA will initiate the Auth process.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0020-SAE-Drop-PMKSA-cache-after-receiving-specific-deauth.patch
View File

@ -1,7 +1,7 @@
From ec86cadea38b22595003865c62b5321d55831d9e Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@cypress.com>
Date: Thu, 24 Feb 2022 03:57:22 -0600
Subject: [PATCH 20/49] SAE: Drop PMKSA cache after receiving specific deauth
Subject: [PATCH 20/60] SAE: Drop PMKSA cache after receiving specific deauth
As a STA mode, when receiving deauth frame with reason code
WLAN_REASON_PREV_AUTH_NOT_VALID, it should drop its PMKSA cache.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0021-Avoid-deauthenticating-STA-if-the-reason-for-freeing.patch
View File

@ -1,7 +1,7 @@
From ed487600a81fa99688201a50176072555c90e690 Mon Sep 17 00:00:00 2001
From: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
Date: Mon, 25 Apr 2022 18:35:14 +0530
Subject: [PATCH 21/49] Avoid deauthenticating STA if the reason for freeing
Subject: [PATCH 21/60] Avoid deauthenticating STA if the reason for freeing
PMK entry isn't expiry
The PMK cache entry for a STA in the SoftAP managed by wpa_supplicant

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0022-wpa_supplicant-support-bgscan.patch
View File

@ -1,7 +1,7 @@
From cfa528ffe320ac638ca72e87751f76444669c48e Mon Sep 17 00:00:00 2001
From: Ian Lin <ian.lin@infineon.com>
Date: Fri, 20 May 2022 03:00:37 -0500
Subject: [PATCH 22/49] wpa_supplicant: support bgscan
Subject: [PATCH 22/60] wpa_supplicant: support bgscan
Modify defconfig_base to support bgscan feature

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0023-non-upstream-wl-cmd-create-interface-to-support-driv.murata.patch
View File

@ -1,7 +1,7 @@
From 1cfe2ac93a1b50a6fd2f6d0022ece6e0f2a91259 Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@cypress.com>
Date: Sun, 10 Apr 2022 22:10:51 -0500
Subject: [PATCH 23/49] non-upstream: wl-cmd: create interface to support
Subject: [PATCH 23/60] non-upstream: wl-cmd: create interface to support
driver priv command
1. Create "wl" command interface to set/get driver information

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0024-non-upstream-wl-cmd-create-wl_do_cmd-as-an-entry-doi.patch
View File

@ -1,7 +1,7 @@
From ea5cd91f744dc3c5ebf8e5b8cf1746bec41c1d19 Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@infineon.com>
Date: Tue, 26 Apr 2022 03:02:12 -0500
Subject: [PATCH 24/49] non-upstream: wl-cmd: create wl_do_cmd as an entry
Subject: [PATCH 24/60] non-upstream: wl-cmd: create wl_do_cmd as an entry
doing wl commands
Create wl_do_cmd as an entry doing wl commands

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0025-non-upstream-wl-cmd-create-ops-table-to-do-wl-comman.patch
View File

@ -1,7 +1,7 @@
From 05b1387d4dc2e74a02cf524733d809acc4fd46fb Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@infineon.com>
Date: Wed, 27 Apr 2022 22:50:25 -0500
Subject: [PATCH 25/49] non-upstream: wl-cmd: create ops table to do wl
Subject: [PATCH 25/60] non-upstream: wl-cmd: create ops table to do wl
commands
Creeate wl_cmds to handle wl commands

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0026-non-upstream-wl-cmd-add-more-compile-flag.patch
View File

@ -1,7 +1,7 @@
From a6028c58032672f86c9fe87ba3abbd31c79166e3 Mon Sep 17 00:00:00 2001
From: Kurt Lee <kurt.lee@infineon.com>
Date: Wed, 25 May 2022 19:12:47 -0500
Subject: [PATCH 26/49] non-upstream: wl-cmd: add more compile flag
Subject: [PATCH 26/60] non-upstream: wl-cmd: add more compile flag
add more CONFIG_DRIVER_BRCM_WL to separeta this feature

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0027-Fix-dpp-config-parameter-setting.patch
View File

@ -1,7 +1,7 @@
From e2fb675883cf00992ce51e91a3e2055c898ae3e6 Mon Sep 17 00:00:00 2001
From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" <amar.shankar@infineon.com>
Date: Mon, 20 Jun 2022 05:57:46 +0000
Subject: [PATCH 27/49] Fix dpp config parameter setting
Subject: [PATCH 27/60] Fix dpp config parameter setting
---
src/common/dpp.c | 7 ++++---

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0028-DPP-Resolving-failure-of-dpp-configurator-exchange-f.patch
View File

@ -1,7 +1,7 @@
From b19b6f1165800106ccd941b6042ea804bfa95d5f Mon Sep 17 00:00:00 2001
From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" <amar.shankar@infineon.com>
Date: Thu, 30 Jun 2022 08:01:45 +0000
Subject: [PATCH 28/49] DPP: Resolving failure of dpp configurator exchange for
Subject: [PATCH 28/60] DPP: Resolving failure of dpp configurator exchange for
configurator plus initiator in AP role with fmac
---

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0029-Enabling-SUITEB192-and-SUITEB-compile-options.patch
View File

@ -1,7 +1,7 @@
From 7d621a129690b061afd61e8bd21d9b816f09d8ac Mon Sep 17 00:00:00 2001
From: Carter Chen <carter.chen@infineon.com>
Date: Mon, 4 Jul 2022 02:19:48 -0500
Subject: [PATCH 29/49] Enabling SUITEB192 and SUITEB compile options
Subject: [PATCH 29/60] Enabling SUITEB192 and SUITEB compile options
Enabling the compile options for SUITEB and SUITEB-192 related
configurations and wpa_cli commands.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0030-DPP-Enabling-CLI_EDIT-option-for-enrollee-plus-respo.patch
View File

@ -1,7 +1,7 @@
From 621de92cbd36719e3febe385411a65ccfa646344 Mon Sep 17 00:00:00 2001
From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" <amar.shankar@infineon.com>
Date: Fri, 22 Jul 2022 07:52:30 +0000
Subject: [PATCH 30/49] DPP: Enabling CLI_EDIT option for enrollee plus
Subject: [PATCH 30/60] DPP: Enabling CLI_EDIT option for enrollee plus
responder in STA role with fmac
---

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0031-P2P-Fixes-Scan-trigger-failed-once-GC-invited-by-GO.patch
View File

@ -1,7 +1,7 @@
From a7e23d28ccd14800f0dd3f12bf0d053df6987fe7 Mon Sep 17 00:00:00 2001
From: JasonHuang <Jason.Huang-EE@infineon.com>
Date: Tue, 19 Jul 2022 01:44:19 -0500
Subject: [PATCH 31/49] P2P: Fixes Scan trigger failed, once GC invited by GO
Subject: [PATCH 31/60] P2P: Fixes Scan trigger failed, once GC invited by GO
It's regression between 2.9 and 2.10. The 5g frequencys be
repeatedly added to the list, then nl80211 driver will return

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0032-non-upstream-SAE-disconnect-after-PMKSA-cache-expire.patch
View File

@ -1,7 +1,7 @@
From 65ed1eadc11b838a4ba223648bfd3d87bf492319 Mon Sep 17 00:00:00 2001
From: Ian Lin <ian.lin@infineon.com>
Date: Mon, 18 Jul 2022 00:49:49 -0500
Subject: [PATCH 32/49] non-upstream: SAE: disconnect after PMKSA cache expire
Subject: [PATCH 32/60] non-upstream: SAE: disconnect after PMKSA cache expire
If the dot11RSNAConfigPMKLifetime is set, skip the flow of postponing
the expiration in b0f457b6 and run disconnect flow.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0033-Add-support-for-beacon-loss-roaming.patch
View File

@ -1,7 +1,7 @@
From b98919427e885679267ac811eb7e02d7209078b4 Mon Sep 17 00:00:00 2001
From: root <root@cy-blr-au146.india.cypress.com>
Date: Tue, 26 Jul 2022 17:24:49 -0400
Subject: [PATCH 33/49] Add support for beacon loss roaming
Subject: [PATCH 33/60] Add support for beacon loss roaming
---
wpa_supplicant/bgscan_learn.c | 19 ++++++++++++++++++-

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0034-wpa_supplicant-Set-PMKSA-to-driver-while-key-mgmt-is.patch
View File

@ -1,7 +1,7 @@
From da53435d4d11db827e3661be372e7b9773eaa842 Mon Sep 17 00:00:00 2001
From: JasonHuang <Jason.Huang2@infineon.com>
Date: Thu, 8 Sep 2022 03:26:23 -0500
Subject: [PATCH 34/49] wpa_supplicant: Set PMKSA to driver while key mgmt is
Subject: [PATCH 34/60] wpa_supplicant: Set PMKSA to driver while key mgmt is
FT
When the fast roaming is determined by the firmware, the

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0035-nl80211-Set-NL80211_SCAN_FLAG_COLOCATED_6GHZ-in-scan.patch
View File

@ -1,7 +1,7 @@
From 2173b4648a59f7ab499b7974189f2ba025b6a25e Mon Sep 17 00:00:00 2001
From: Tova Mussai <tova.mussai@intel.com>
Date: Sun, 24 Apr 2022 12:57:52 +0300
Subject: [PATCH 35/49] nl80211: Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in scan
Subject: [PATCH 35/60] nl80211: Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in scan
Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in the scan parameters to enable
scanning for co-located APs discovered based on neighbor reports from

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0036-scan-Add-option-to-disable-6-GHz-collocated-scanning.patch
View File

@ -1,7 +1,7 @@
From d2aff0911008db10d28424ca5b8d67f852a5bf89 Mon Sep 17 00:00:00 2001
From: Ilan Peer <ilan.peer@intel.com>
Date: Sun, 24 Apr 2022 12:57:53 +0300
Subject: [PATCH 36/49] scan: Add option to disable 6 GHz collocated scanning
Subject: [PATCH 36/60] scan: Add option to disable 6 GHz collocated scanning
Add a parameter (non_coloc_6ghz=1) to the manual scan command to disable
6 GHz collocated scanning.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0037-Enabling-OWE-in-wpa_supplicant.patch
View File

@ -1,7 +1,7 @@
From 4a920e2446cff3f215614d63798e675bb5e25549 Mon Sep 17 00:00:00 2001
From: Carter Chen <carter.chen@infineon.com>
Date: Wed, 19 Oct 2022 03:29:39 -0500
Subject: [PATCH 37/49] Enabling OWE in wpa_supplicant
Subject: [PATCH 37/60] Enabling OWE in wpa_supplicant
Enabling the compile options for OWE.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0038-Add-link-loss-timer-on-beacon-loss.patch
View File

@ -1,7 +1,7 @@
From f3695ca19a711fbfcda7233f65af13ac9e8a78f7 Mon Sep 17 00:00:00 2001
From: root <root@cy-blr-au147.india.cypress.com>
Date: Tue, 16 Aug 2022 15:00:14 -0400
Subject: [PATCH 38/49] Add link loss timer on beacon loss
Subject: [PATCH 38/60] Add link loss timer on beacon loss
---
wpa_supplicant/bgscan_learn.c | 19 +++++++++++++++++++

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0039-FT-Sync-nl80211-ext-feature-index.patch
View File

@ -1,7 +1,7 @@
From 7076f7634cc9d7a88f009c448ada307841b42a2a Mon Sep 17 00:00:00 2001
From: JasonHuang <Jason.Huang2@infineon.com>
Date: Sun, 30 Oct 2022 21:58:34 -0500
Subject: [PATCH 39/49] FT: Sync nl80211 ext feature index
Subject: [PATCH 39/60] FT: Sync nl80211 ext feature index
The backports-5.15.58 has been used. Supplicant should sync the
nl80211_ext_feature_index with backports to avoid unexpected fail.

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0040-nl80211-Introduce-a-vendor-header-for-vendor-NL-ifac.patch
View File

@ -1,7 +1,7 @@
From 62c82984916623e6e00053dcb148de71d24bdaf5 Mon Sep 17 00:00:00 2001
From: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
Date: Mon, 11 Jul 2022 11:15:25 +0530
Subject: [PATCH 40/49] nl80211: Introduce a vendor header for vendor NL iface
Subject: [PATCH 40/60] nl80211: Introduce a vendor header for vendor NL iface
to DRV with OUI_IFX
So far, the proprietary configurations are done either through the private

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0041-add-support-to-offload-TWT-setup-request-handling-to.patch
View File

@ -1,7 +1,7 @@
From 013beb7bc5036bf627fce3707a7a83344ffa05aa Mon Sep 17 00:00:00 2001
From: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
Date: Mon, 11 Jul 2022 11:16:37 +0530
Subject: [PATCH 41/49] add support to offload TWT setup request handling to
Subject: [PATCH 41/60] add support to offload TWT setup request handling to
the Firmware
With "TWT_SETUP" control sock cmd interface currently available in the

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0042-add-support-to-offload-TWT-Teardown-request-handling.patch
View File

@ -1,7 +1,7 @@
From 9a87c940340e1c665ce7172e7df147d53d1daabe Mon Sep 17 00:00:00 2001
From: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
Date: Mon, 11 Jul 2022 11:16:50 +0530
Subject: [PATCH 42/49] add support to offload TWT Teardown request handling to
Subject: [PATCH 42/60] add support to offload TWT Teardown request handling to
the Firmware
With "TWT_TEARDOWN" control sock cmd interface currently available in the

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.patch
View File

@ -1,7 +1,7 @@
From e03937fecb74cf50d70721ea2a0b14fa5e12153a Mon Sep 17 00:00:00 2001
From: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
Date: Mon, 11 Jul 2022 11:17:04 +0530
Subject: [PATCH 43/49] Add support to configure TWT of a session using offset
Subject: [PATCH 43/60] Add support to configure TWT of a session using offset
in microseconds
Introduce a new cmd line argument "twt_offset=<u64>" in the existing list

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0044-Establish-a-Default-TWT-session-in-the-STA-after-ass.patch
View File

@ -1,7 +1,7 @@
From 045ff0dc8aaa1297096c7a941045c74bf1a0e7f3 Mon Sep 17 00:00:00 2001
From: Ramanathan Ramakrishnan <rmrk@cypress.com>
Date: Thu, 27 Oct 2022 06:00:28 -0500
Subject: [PATCH 44/49] Establish a Default TWT session in the STA after
Subject: [PATCH 44/60] Establish a Default TWT session in the STA after
associating with the AP
Add a new wpa_supplicant conf param "twt_def_algo" to set the Default/Auto

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0045-validate-the-TWT-parameters-exponent-and-mantissa-pa.patch
View File

@ -1,7 +1,7 @@
From ad935d3fefec7f775188d305a5bf63a64d30a065 Mon Sep 17 00:00:00 2001
From: Gokul Sivakumar <gokulkumar.sivakumar@infineon.com>
Date: Fri, 11 Nov 2022 19:40:04 +0530
Subject: [PATCH 45/49] validate the TWT parameters exponent and mantissa
Subject: [PATCH 45/60] validate the TWT parameters exponent and mantissa
passed to wpa_cli
The exponent is a 5 bit param and the max value is 31 (0x1F). The mantissa

2
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0046-Fix-for-station-sending-open-auth-instead-of-SAE-aut.patch
View File

@ -1,7 +1,7 @@
From ed256e852f6ff9c45974128cba4d2f0fbbdece2f Mon Sep 17 00:00:00 2001
From: Ramesh Rangavittal <ramesh.rangavittal@infineon.com>
Date: Mon, 21 Nov 2022 11:21:59 -0600
Subject: [PATCH 46/49] Fix for station sending open auth instead of SAE auth
Subject: [PATCH 46/60] Fix for station sending open auth instead of SAE auth
---
wpa_supplicant/events.c | 2 +-

54
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0047-Fix-ROAMOFFLOAD-raises-portValid-too-early.patch
View File

@ -1,54 +0,0 @@
From a5ae9fcc3baa099a86ecd2739caadf624258a49d Mon Sep 17 00:00:00 2001
From: Carter Chen <carter.chen@infineon.com>
Date: Mon, 28 Nov 2022 21:39:48 -0600
Subject: [PATCH 47/49] Fix ROAMOFFLOAD raises portValid too early
1.) while WPA_DRIVER_FLAGS_ROAM_OFFLOAD flag is set,
and if the cipher_mgmt is 8021x related,
the portValid is set while get wpa_supplicant_event_assoc.
portValid will make the state_machine of SUPP_PAE jumps AUTHENTICATING to AUTHENTICATED.
2.) while WPA_DRIVER_FLAGS_ROAM_OFFLOAD flag is set,
the PMKCacheLifeTime and pmksa_cache_reauth timer are set while recevied
assoc response.
3.) if the PMKCacheLifeTime is set to a small value for disable PMK
cache. the pmksa_cache_reauth will expire right away,
for example, while doing 4-way handshake, the timer has expired.
in case the timer of pmksa_cache_reauth has expired,
if the state of SUPP_PAE is AUTHENTICATED,
eapol_sm_txStart will be called and restart the Radius handshake.
Solution: ROAM_OFFLOAD and cipher_mgmt is FT related, such as, FT_1X or
FT_PSK. then raise portValid.
Fixes: SWLINUX-3041
Signed-off-by: Carter Chen <carter.chen@infineon.com>
---
wpa_supplicant/events.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 975110b57..b42f758ce 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -3425,9 +3425,10 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
eapol_sm_notify_portValid(wpa_s->eapol, true);
eapol_sm_notify_eap_success(wpa_s->eapol, true);
- } else if (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) ||
- (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS_ROAM_OFFLOAD)) &&
- wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
+ } else if (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
+ wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) ||
+ ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS_ROAM_OFFLOAD) &&
+ wpa_key_mgmt_ft(wpa_s->key_mgmt))) {
/*
* The driver will take care of RSN 4-way handshake, so we need
* to allow EAPOL supplicant to complete its work without
--
2.17.1

4
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch → meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch
View File

@ -1,7 +1,7 @@
From 897917008b37a16985d0f1ae9d768c6450741574 Mon Sep 17 00:00:00 2001
From e21ce4eefab80c4d2e8ccf3b6d29cef5af6f955b Mon Sep 17 00:00:00 2001
From: Owen Huang <Owen.Huang@infineon.com>
Date: Wed, 30 Nov 2022 01:35:58 -0600
Subject: [PATCH 48/49] Fix associating failed when PMK lifetime is set to 1
Subject: [PATCH 47/60] Fix associating failed when PMK lifetime is set to 1
In WPA3 11.1 STAUT server certificate validation test
* set dot11RSNAConfigPMKLifetime to 1

4
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0049-non-upstream-p2p_add_group-command-unification.patch → meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0048-non-upstream-p2p_add_group-command-unification.patch
View File

@ -1,7 +1,7 @@
From 4624039b5463b1c36fc34cd5ec517a7473981591 Mon Sep 17 00:00:00 2001
From 34b6fcfddf0004d57c3cdb6a8179339189ff5cf7 Mon Sep 17 00:00:00 2001
From: Carter Chen <carter.chen@infineon.com>
Date: Thu, 8 Dec 2022 02:37:48 -0600
Subject: [PATCH 49/49] non-upstream: p2p_add_group command unification
Subject: [PATCH 48/60] non-upstream: p2p_add_group command unification
supporting specify operation group of p2p.
- wpa_cli p2p_group_add freq=5180/80

765
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.patch Normal file
View File

@ -0,0 +1,765 @@
From 67be9ce68d84e2800b481123a0c140e5ad912619 Mon Sep 17 00:00:00 2001
From: Carter Chen <carter.chen@infineon.com>
Date: Wed, 14 Dec 2022 01:34:23 -0600
Subject: [PATCH 49/60] non-upstream: MBO: wpa_cli mbo command by IFX vendorID
Signed-off-by: Carter Chen <carter.chen@infineon.com>
Signed-off-by: Shelley Yang <shelley.yang@infineon.com>
---
src/common/ifx_vendor.h | 52 ++++++++
src/drivers/driver.h | 46 +++++++
src/drivers/driver_nl80211.c | 141 ++++++++++++++++++++++
src/drivers/driver_nl80211.h | 1 +
src/drivers/driver_nl80211_capa.c | 3 +
wpa_supplicant/ctrl_iface.c | 193 ++++++++++++++++++++++++++++++
wpa_supplicant/driver_i.h | 8 ++
wpa_supplicant/mbo.c | 119 ++++++++++++++++++
wpa_supplicant/wpa_cli.c | 15 +++
wpa_supplicant/wpa_supplicant_i.h | 9 ++
10 files changed, 587 insertions(+)
diff --git a/src/common/ifx_vendor.h b/src/common/ifx_vendor.h
index aa8e83bc7..6cd3b874c 100644
--- a/src/common/ifx_vendor.h
+++ b/src/common/ifx_vendor.h
@@ -56,6 +56,8 @@
*
* @IFX_VENDOR_SCMD_TWT: Vendor subcommand to configure TWT
* Uses attributes defined in enum ifx_vendor_attr_twt.
+ * @IFX_VENDOR_SCMD_MBO: Vendor subcommand to configure MBO
+ * Uses attribute IFX_VENDOR_ATTR_MBO to configure.
*
* @IFX_VENDOR_SCMD_MAX: This acts as a the tail of cmds list.
* Make sure it located at the end of the list.
@@ -74,6 +76,8 @@ enum ifx_nl80211_vendor_subcmds {
IFX_VENDOR_SCMD_LDPC_CAP = 12,
IFX_VENDOR_SCMD_AMSDU = 13,
IFX_VENDOR_SCMD_TWT = 14,
+ /* Reserved 15-17 */
+ IFX_VENDOR_SCMD_MBO = 18,
IFX_VENDOR_SCMD_MAX
};
@@ -96,6 +100,13 @@ enum ifx_vendor_attr {
IFX_VENDOR_ATTR_MAX = 11
};
+enum ifx_vendor_attr_mbo {
+ IFX_VENDOR_ATTR_MBO_UNSPEC,
+ IFX_VENDOR_ATTR_MBO_CMD,
+ IFX_VENDOR_ATTR_MBO_PARAMS,
+ IFX_VENDOR_ATTR_MBO_MAX
+};
+
/*
* enum ifx_vendor_attr_twt - Attributes for the TWT vendor command
*
@@ -260,4 +271,45 @@ enum ifx_twt_oper_setup_cmd_type {
IFX_TWT_OPER_SETUP_CMD_TYPE_MAX = 8
};
+enum ifx_mbo_config_cmd_type {
+ IFX_MBO_CONFIG_CMD_TYPE_INVALID = -1,
+ //align internal definition
+ IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF = 1,
+ IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF = 2,
+ IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF = 3,
+ IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP = 4,
+ IFX_MBO_CONFIG_CMD_DUMP_COUNTER = 5,
+ IFX_MBO_CONFIG_CMD_CLEAR_COUNTER = 6,
+ IFX_MBO_CONFIG_CMD_FORCE_ASSOC = 7,
+ IFX_MBO_CONFIG_CMD_BSSTRANS_REJ = 8,
+ IFX_MBO_CONFIG_CMD_SEND_NOTIF = 9,
+ IFX_MBO_CONFIG_CMD_CLR_CHAN_PREF = 10,
+ IFX_MBO_CONFIG_CMD_NBR_INFO_CACHE = 11,
+ IFX_MBO_CONFIG_CMD_ANQPO_SUPPORT = 12,
+ IFX_MBO_CONFIG_CMD_DBG_EVENT_CHECK = 13,
+ IFX_MBO_CONFIG_CMD_EVENT_MASK = 14,
+ IFX_MBO_CONFIG_CMD_ASSOC_DISALLOWED = 15,
+ IFX_MBO_CONFIG_CMD_CELLULAR_DATA_PREF = 16,
+ IFX_MBO_CONFIG_CMD_TYPE_MAX = 17
+};
+
+enum ifx_vendor_attr_mbo_param {
+ IFX_VENDOR_ATTR_MBO_PARAM_UNSPEC,
+ IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS,
+ IFX_VENDOR_ATTR_MBO_PARAM_CHAN,
+ IFX_VENDOR_ATTR_MBO_PARAM_PREFERENCE,
+ IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE,
+ IFX_VENDOR_ATTR_MBO_PARAM_CELL_DATA_CAP,
+ IFX_VENDOR_ATTR_MBO_PARAM_COUNTERS,
+ IFX_VENDOR_ATTR_MBO_PARAM_ENABLE,
+ IFX_VENDOR_ATTR_MBO_PARAM_SUB_ELEM_TYPE,
+ IFX_VENDOR_ATTR_MBO_PARAM_BTQ_TRIG_START_OFFSET,
+ IFX_VENDOR_ATTR_MBO_PARAM_BTQ_TRIG_RSSI_DELTA,
+ IFX_VENDOR_ATTR_MBO_PARAM_ANQP_CELL_SUPP,
+ IFX_VENDOR_ATTR_MBO_PARAM_BIT_MASK,
+ IFX_VENDOR_ATTR_MBO_PARAM_ASSOC_DISALLOWED,
+ IFX_VENDOR_ATTR_MBO_PARAM_CELLULAR_DATA_PREF,
+ IFX_VENDOR_ATTR_MBO_PARAM_MAX
+};
+
#endif /* IFX_VENDOR_H */
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 23f599bef..996614ee5 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -2553,6 +2553,51 @@ struct drv_teardown_twt_params {
u8 teardown_all_twt;
};
#endif /* CONFIG_TWT_OFFLOAD_IFX */
+
+struct drv_config_mbo_params {
+ u8 cmd;
+ union {
+ struct {
+ u8 op_class;
+ u8 chan;
+ u8 pref_val;
+ u8 reason;
+ } add_chan_pref;
+ struct {
+ u8 op_class;
+ u8 chan;
+ } del_chan_pref;
+ struct {
+ u8 cap;
+ } cell_data_cap;
+ struct {
+ u8 enable;
+ } force_assoc;
+ struct {
+ u8 enable;
+ u8 reason;
+ } bsstrans_reject;
+ struct {
+ u8 type;
+ } send_notif;
+ struct {
+ u8 enable;
+ u8 t_offset;
+ u8 trig_delta;
+ } nbr_info_cache;
+ struct {
+ u8 enable;
+ u8 value;
+ } anqpo_support;
+ struct {
+ u8 disallow;
+ u8 reason;
+ } assoc_disallow;
+ struct {
+ u8 pref_value;
+ } cellular_pref;
+ } u;
+};
#endif /* CONFIG_DRIVER_NL80211_IFX */
struct wpa_bss_trans_info {
@@ -4681,6 +4726,7 @@ struct wpa_driver_ops {
*/
int (*teardown_twt)(void *priv, struct drv_teardown_twt_params *params);
#endif /* CONFIG_TWT_OFFLOAD_IFX */
+ int (*config_mbo)(void *priv, struct drv_config_mbo_params *params);
#endif /* CONFIG_DRIVER_NL80211_IFX */
};
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 3d98e5943..506b1e406 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -12473,6 +12473,146 @@ fail:
return ret;
}
#endif /* CONFIG_TWT_OFFLOAD_IFX */
+
+static int wpa_driver_nl80211_config_mbo(void *priv, struct drv_config_mbo_params *params)
+{
+ struct i802_bss *bss = priv;
+ struct wpa_driver_nl80211_data *drv = bss->drv;
+ struct nl_msg *msg = NULL;
+ struct nlattr *data, *mbo_param_attrs;
+ int ret = -1;
+
+ if (!drv->ifx_mbo_offload)
+ goto fail;
+
+ if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
+ nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_IFX) ||
+ nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, IFX_VENDOR_SCMD_MBO))
+ goto fail;
+
+ data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
+ if (!data)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_CMD, params->cmd))
+ goto fail;
+
+ switch (params->cmd) {
+ case IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS,
+ params->u.add_chan_pref.op_class) ||
+ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CHAN,
+ params->u.add_chan_pref.chan) ||
+ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_PREFERENCE,
+ params->u.add_chan_pref.pref_val) ||
+ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE,
+ params->u.add_chan_pref.reason)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS,
+ params->u.del_chan_pref.op_class) ||
+ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CHAN,
+ params->u.del_chan_pref.chan)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CELL_DATA_CAP,
+ params->u.cell_data_cap.cap)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_FORCE_ASSOC:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_ENABLE,
+ params->u.force_assoc.enable)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_FORCE_ASSOC msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_BSSTRANS_REJ:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_ENABLE,
+ params->u.bsstrans_reject.enable) ||
+ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE,
+ params->u.bsstrans_reject.reason)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_SEND_NOTIF:
+ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS);
+ if (!mbo_param_attrs)
+ goto fail;
+
+ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_SUB_ELEM_TYPE,
+ params->u.send_notif.type)) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_FORCE_ASSOC msg failed");
+ goto fail;
+ }
+ nla_nest_end(msg, mbo_param_attrs);
+ break;
+ case IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF:
+ case IFX_MBO_CONFIG_CMD_DUMP_COUNTER:
+ case IFX_MBO_CONFIG_CMD_CLEAR_COUNTER:
+ wpa_printf(MSG_DEBUG,
+ "MBO config: cmd %d doesn't need extra attribute",
+ params->cmd);
+ break;
+ default:
+ break;
+ }
+
+ nla_nest_end(msg, data);
+
+ ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL);
+ if (ret) {
+ wpa_printf(MSG_ERROR,
+ "nl80211: MBO config: Failed to invoke driver "
+ "MBO config function: %s",
+ strerror(-ret));
+ }
+
+ return ret;
+fail:
+ nl80211_nlmsg_clear(msg);
+ nlmsg_free(msg);
+ return ret;
+}
#endif /* CONFIG_DRIVER_NL80211_IFX */
const struct wpa_driver_ops wpa_driver_nl80211_ops = {
@@ -12624,5 +12764,6 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = {
.setup_twt = wpa_driver_nl80211_setup_twt,
.teardown_twt = wpa_driver_nl80211_teardown_twt,
#endif /* CONFIG_TWT_OFFLOAD_IFX */
+ .config_mbo = wpa_driver_nl80211_config_mbo,
#endif /* CONFIG_DRIVER_NL80211_IFX */
};
diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h
index f681afb41..6d2c09477 100644
--- a/src/drivers/driver_nl80211.h
+++ b/src/drivers/driver_nl80211.h
@@ -182,6 +182,7 @@ struct wpa_driver_nl80211_data {
unsigned int brcm_do_acs:1;
#ifdef CONFIG_DRIVER_NL80211_IFX
unsigned int ifx_twt_offload:1;
+ unsigned int ifx_mbo_offload:1;
#endif /* CONFIG_DRIVER_NL80211_IFX */
u64 vendor_scan_cookie;
diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index 19d1569bf..b0807a7fc 100644
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -1059,6 +1059,9 @@ static int wiphy_info_handler(struct nl_msg *msg, void *arg)
case IFX_VENDOR_SCMD_TWT:
drv->ifx_twt_offload = 1;
break;
+ case IFX_VENDOR_SCMD_MBO:
+ drv->ifx_mbo_offload = 1;
+ break;
}
#endif /* CONFIG_DRIVER_NL80211_IFX */
}
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index 90cc4861c..9f0149a20 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -10150,6 +10150,194 @@ static int wpas_ctrl_iface_send_twt_teardown(struct wpa_supplicant *wpa_s,
}
+#ifdef CONFIG_DRIVER_NL80211_IFX
+int wpas_config_offload_send_mbo_config(struct wpa_supplicant *wpa_s, u8 cmd_id,
+ u8 oper_class, u8 chan, u8 pref_val,
+ u8 reason_code, u8 enable, u8 notif_type,
+ u8 time_offset, u8 rssi_trig_delta,
+ bool enable_anqpo, bool enable_cell_pref,
+ u8 cell_pref_val, u8 cell_cap)
+{
+ struct drv_config_mbo_params params;
+ int ret = 0;
+
+ memset(&params, 0, sizeof(struct drv_config_mbo_params));
+
+ switch (cmd_id) {
+ case IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF:
+ if (!oper_class || !chan ||
+ (pref_val != 0 && pref_val != 1 && pref_val != 255) ||
+ reason_code > 3) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for add_chan_pref oper_class: %d "
+ "chan:%d pref_val:%d reason_code:%d",
+ oper_class, chan, pref_val, reason_code);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.add_chan_pref.op_class = oper_class;
+ params.u.add_chan_pref.chan = chan;
+ params.u.add_chan_pref.pref_val = pref_val;
+ params.u.add_chan_pref.reason = reason_code;
+ break;
+ case IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF:
+ if (!oper_class || !chan) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for del_chan_pref "
+ "oper_class: %d chan:%d",
+ oper_class, chan);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.del_chan_pref.op_class = oper_class;
+ params.u.del_chan_pref.chan = chan;
+ break;
+ case IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF:
+ case IFX_MBO_CONFIG_CMD_DUMP_COUNTER:
+ case IFX_MBO_CONFIG_CMD_CLEAR_COUNTER:
+ params.cmd = cmd_id;
+ break;
+ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP:
+ if (!cell_cap || cell_cap > 3) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for cellular_data_cap:%d",
+ cell_cap);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.cell_data_cap.cap = cell_cap;
+ break;
+ case IFX_MBO_CONFIG_CMD_FORCE_ASSOC:
+ if (enable > 1) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for force_assoc:%d",
+ enable);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.force_assoc.enable = enable;
+ break;
+ case IFX_MBO_CONFIG_CMD_BSSTRANS_REJ:
+ if (enable > 1 || reason_code > 6) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for bsstrans reject, enable:%d, reason:%d",
+ enable, reason_code);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.bsstrans_reject.enable = enable;
+ params.u.bsstrans_reject.reason = reason_code;
+ break;
+ case IFX_MBO_CONFIG_CMD_SEND_NOTIF:
+ if (notif_type != 2 && notif_type != 3) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for send notifty:%d",
+ notif_type);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.send_notif.type = notif_type;
+ break;
+ case IFX_MBO_CONFIG_CMD_NBR_INFO_CACHE:
+ case IFX_MBO_CONFIG_CMD_ANQPO_SUPPORT:
+ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_PREF:
+ default:
+ wpa_printf(MSG_DEBUG, "MBO: Unsupported cmd_id %d",
+ cmd_id);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+
+ ret = wpa_drv_config_mbo(wpa_s, &params);
+
+fail:
+ return ret;
+}
+
+static int wpas_ctrl_iface_send_mbo_config(struct wpa_supplicant *wpa_s,
+ const char *cmd)
+{
+ u8 oper_class = 0;
+ u8 chan = 0;
+ u8 pref_val = 0;
+ u8 reason_code = 0;
+ u8 cmd_id = 0;
+ u8 enable = 0;
+ u8 notif_type = 0;
+ u8 time_offset = 0;
+ u8 rssi_trig_delta = 0;
+ bool enable_anqpo = false;
+ bool enable_cell_pref = false;
+ u8 cell_pref_val = 0;
+ u8 cell_cap = 0;
+ const char *tok_s;
+
+ tok_s = os_strstr(cmd, " cmd_id=");
+ if (tok_s)
+ cmd_id = strtol(tok_s + os_strlen(" cmd_id="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " oper_class=");
+ if (tok_s)
+ oper_class = strtol(tok_s + os_strlen(" oper_class="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " pref_val=");
+ if (tok_s)
+ pref_val = strtol(tok_s + os_strlen(" pref_val="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " reason_code=");
+ if (tok_s)
+ reason_code = strtol(tok_s + os_strlen(" reason_code="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " chan=");
+ if (tok_s)
+ chan = strtol(tok_s + os_strlen(" chan="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " cell_cap=");
+ if (tok_s)
+ cell_cap = strtol(tok_s + os_strlen(" cell_cap="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " enable=");
+ if (tok_s)
+ enable = strtol(tok_s + os_strlen(" enable="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " notif_type=");
+ if (tok_s)
+ notif_type = strtol(tok_s + os_strlen(" notif_type="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " time_offset=");
+ if (tok_s)
+ time_offset = strtol(tok_s + os_strlen(" time_offset="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " rssi_trig_delta=");
+ if (tok_s)
+ rssi_trig_delta = strtol(tok_s + os_strlen(" rssi_trig_delta="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " enable_anqpo=");
+ if (tok_s)
+ enable_anqpo = strtol(tok_s + os_strlen(" enable_anqpo="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " enable_cell_pref=");
+ if (tok_s)
+ enable_cell_pref = strtol(tok_s + os_strlen(" enable_cell_pref="), NULL, 10);
+
+ tok_s = os_strstr(cmd, " cell_pref_val=");
+ if (tok_s)
+ cell_pref_val = strtol(tok_s + os_strlen(" cell_pref_val="), NULL, 10);
+
+ return wpas_config_offload_send_mbo_config(wpa_s, cmd_id, oper_class,
+ chan, pref_val, reason_code,
+ enable, notif_type, time_offset,
+ rssi_trig_delta, enable_anqpo,
+ enable_cell_pref, cell_pref_val,
+ cell_cap);
+}
+#endif /* CONFIG_DRIVER_NL80211_IFX */
static int wpas_ctrl_vendor_elem_add(struct wpa_supplicant *wpa_s, char *cmd)
{
@@ -12271,6 +12459,11 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
} else if (os_strcmp(buf, "TWT_SETUP") == 0) {
if (wpas_ctrl_iface_send_twt_setup(wpa_s, ""))
reply_len = -1;
+#ifdef CONFIG_DRIVER_NL80211_IFX
+ } else if (os_strncmp(buf, "MBO ", 4) == 0) {
+ if (wpas_ctrl_iface_send_mbo_config(wpa_s, buf + 3))
+ reply_len = -1;
+#endif /* CONFIG_DRIVER_NL80211_IFX */
} else if (os_strncmp(buf, "TWT_TEARDOWN ", 13) == 0) {
if (wpas_ctrl_iface_send_twt_teardown(wpa_s, buf + 12))
reply_len = -1;
diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h
index 9a7975a6a..2fcfa44a6 100644
--- a/wpa_supplicant/driver_i.h
+++ b/wpa_supplicant/driver_i.h
@@ -1145,6 +1145,14 @@ static inline int wpa_drv_teardown_twt(struct wpa_supplicant *wpa_s,
return wpa_s->driver->teardown_twt(wpa_s->drv_priv, params);
}
#endif /* CONFIG_TWT_OFFLOAD_IFX */
+
+static inline int wpa_drv_config_mbo(struct wpa_supplicant *wpa_s,
+ struct drv_config_mbo_params *params)
+{
+ if (!wpa_s->driver->config_mbo)
+ return -1;
+ return wpa_s->driver->config_mbo(wpa_s->drv_priv, params);
+}
#endif /* CONFIG_DRIVER_NL80211_IFX */
#endif /* DRIVER_I_H */
diff --git a/wpa_supplicant/mbo.c b/wpa_supplicant/mbo.c
index 3df86ef07..714f9ef6f 100644
--- a/wpa_supplicant/mbo.c
+++ b/wpa_supplicant/mbo.c
@@ -663,3 +663,122 @@ void mbo_parse_rx_anqp_resp(struct wpa_supplicant *wpa_s,
break;
}
}
+
+#ifdef CONFIG_DRIVER_NL80211_IFX
+int wpas_config_offload_send_mbo_config(struct wpa_supplicant *wpa_s, u8 cmd_id,
+ u8 oper_class, u8 chan, u8 pref_val,
+ u8 reason_code, u8 enable, u8 notif_type,
+ u8 time_offset, u8 rssi_trig_delta,
+ bool enable_anqpo, bool enable_cell_pref,
+ u8 cell_pref_val, u8 cell_cap)
+{
+ struct drv_config_mbo_params params;
+ int ret = 0;
+
+ memset(&params, 0, sizeof(struct drv_config_mbo_params));
+
+ switch (cmd_id) {
+ case IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF:
+ if (!oper_class || !chan ||
+ (pref_val != 0 && pref_val != 1 && pref_val != 255) ||
+ reason_code > 3) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for add_chan_pref oper_class: %d "
+ "chan:%d pref_val:%d reason_code:%d",
+ oper_class, chan, pref_val, reason_code);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.add_chan_pref.op_class = oper_class;
+ params.u.add_chan_pref.chan = chan;
+ params.u.add_chan_pref.pref_val = pref_val;
+ params.u.add_chan_pref.reason = reason;
+ break;
+ case IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF:
+ if (!oper_class || !chan) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for del_chan_pref "
+ "oper_class: %d chan:%d",
+ oper_class, chan);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.del_chan_pref.op_class = oper_class;
+ params.u.del_chan_pref.chan = chan;
+ break;
+ case IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF:
+ params.cmd = cmd_id;
+ break;
+ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP:
+ if (!cell_cap || cell_cap > 3) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for cellular_data_cap:%d",
+ cell_cap);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.cell_data_cap.cap = cell_cap;
+ break;
+ case IFX_MBO_CONFIG_CMD_DUMP_COUNTER:
+ params.cmd = cmd_id;
+ break;
+ case IFX_MBO_CONFIG_CMD_CLEAR_COUNTER:
+ params.cmd = cmd_id;
+ break;
+ case IFX_MBO_CONFIG_CMD_FORCE_ASSOC:
+ if (enable > 1) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for force_assoc:%d",
+ enable);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.force_assoc.enable = enable;
+ break;
+ case IFX_MBO_CONFIG_CMD_BSSTRANS_REJ:
+ if (enable > 1 || reason_code > 6) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for bsstrans reject, enable:%d, reason:%d",
+ enable, reason_code);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.bsstrans_reject.enable = enable;
+ params.u.bsstrans_reject.reason = reason_code;
+ break;
+ case IFX_MBO_CONFIG_CMD_SEND_NOTIF:
+ if (notif_type != 2 && notif_type != 3) {
+ wpa_printf(MSG_ERROR,
+ "MBO: incorrect parameter for send notifty:%d",
+ notif_type);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+ params.cmd = cmd_id;
+ params.u.send_notif.type = notif_type;
+ break;
+ case IFX_MBO_CONFIG_CMD_NBR_INFO_CACHE:
+ break;
+ case IFX_MBO_CONFIG_CMD_ANQPO_SUPPORT:
+ break;
+ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_PREF:
+ break;
+ default:
+ wpa_printf(MSG_DEBUG, "MBO: Unsupported cmd_id %d",
+ cmd_id);
+ ret = -EOPNOTSUPP;
+ goto fail;
+ }
+
+ ret = wpa_drv_config_mbo(wpa_s, params);
+
+fail:
+ return ret;
+}
+#endif /* CONFIG_DRIVER_NL80211_IFX */
+
diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c
index 07160b5da..3055417fe 100644
--- a/wpa_supplicant/wpa_cli.c
+++ b/wpa_supplicant/wpa_cli.c
@@ -2957,6 +2957,15 @@ static int wpa_cli_cmd_twt_teardown(struct wpa_ctrl *ctrl, int argc,
}
+#ifdef CONFIG_DRIVER_NL80211_IFX
+static int wpa_cli_cmd_mbo_config(struct wpa_ctrl *ctrl, int argc,
+ char *argv[])
+{
+ return wpa_cli_cmd(ctrl, "MBO", 0, argc, argv);
+}
+#endif /* CONFIG_DRIVER_NL80211_IFX */
+
+
static int wpa_cli_cmd_erp_flush(struct wpa_ctrl *ctrl, int argc, char *argv[])
{
return wpa_ctrl_command(ctrl, "ERP_FLUSH");
@@ -3880,8 +3889,14 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = {
},
{ "twt_teardown",
wpa_cli_cmd_twt_teardown, NULL, cli_cmd_flag_none,
+ "[cmd_id=<value>] [oper_class=0|1|255] [pref_val=0|1|255] [reason_code=<reason-u8>] [chan=<channel id>] [cell_cap=1|2] [enable=0|1] [notif_type=2|3] = Send MBO Setup frame"
+ },
+#ifdef CONFIG_DRIVER_NL80211_IFX
+ { "mbo",
+ wpa_cli_cmd_mbo_config, NULL, cli_cmd_flag_none,
"[flags=<value>] = Send TWT Teardown frame"
},
+#endif/* CONFIG_DRIVER_NL80211_IFX */
{ "erp_flush", wpa_cli_cmd_erp_flush, NULL, cli_cmd_flag_none,
"= flush ERP keys" },
{ "mac_rand_scan",
diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index 28eff55ed..553d27d2c 100644
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -1712,6 +1712,15 @@ void mbo_parse_rx_anqp_resp(struct wpa_supplicant *wpa_s,
const u8 *data, size_t slen);
void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s);
+#ifdef CONFIG_DRIVER_NL80211_IFX
+int wpas_config_offload_send_mbo_config(struct wpa_supplicant *wpa_s, u8 cmd_id,
+ u8 oper_class, u8 chan, u8 pref_val,
+ u8 reason_code, u8 enable, u8 notif_type,
+ u8 time_offset, u8 rssi_trig_delta,
+ bool enable_anqpo, bool enable_cell_pref,
+ u8 cell_pref_val, u8 cell_cap);
+#endif /* CONFIG_DRIVER_NL80211_IFX */
+
/* op_classes.c */
enum chan_allowed {
NOT_ALLOWED, NO_IR, RADAR, ALLOWED
--
2.17.1

94
meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.patch Normal file
View File

@ -0,0 +1,94 @@
From cfaf2f6273ddd9ac618c61bc2294fb60297100a7 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <quic_jouni@quicinc.com>
Date: Wed, 6 Apr 2022 16:13:22 +0300
Subject: [PATCH 50/60] EAP-TLS: Allow TLSv1.3 support to be enabled with build
config
The default behavior in wpa_supplicant is to disable use of TLSv1.3 in
EAP-TLS unless explicitly enabled in network configuration. The new
CONFIG_EAP_TLSV1_3=y build parameter can be used to change this to
enable TLSv1.3 by default (if supported by the TLS library).
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
---
src/eap_peer/eap_tls_common.c | 12 +++++++-----
wpa_supplicant/Android.mk | 3 +++
wpa_supplicant/Makefile | 3 +++
wpa_supplicant/defconfig | 3 +++
4 files changed, 16 insertions(+), 5 deletions(-)
diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c
index c1837db06..5fb894501 100644
--- a/src/eap_peer/eap_tls_common.c
+++ b/src/eap_peer/eap_tls_common.c
@@ -192,18 +192,20 @@ static int eap_tls_params_from_conf(struct eap_sm *sm,
* TLS v1.3 changes, so disable this by default for now. */
params->flags |= TLS_CONN_DISABLE_TLSv1_3;
}
+#ifndef EAP_TLSV1_3
if (data->eap_type == EAP_TYPE_TLS ||
data->eap_type == EAP_UNAUTH_TLS_TYPE ||
data->eap_type == EAP_WFA_UNAUTH_TLS_TYPE) {
/* While the current EAP-TLS implementation is more or less
- * complete for TLS v1.3, there has been no interoperability
- * testing with other implementations, so disable for by default
- * for now until there has been chance to confirm that no
- * significant interoperability issues show up with TLS version
- * update.
+ * complete for TLS v1.3, there has been only minimal
+ * interoperability testing with other implementations, so
+ * disable it by default for now until there has been chance to
+ * confirm that no significant interoperability issues show up
+ * with TLS version update.
*/
params->flags |= TLS_CONN_DISABLE_TLSv1_3;
}
+#endif /* EAP_TLSV1_3 */
if (phase2 && sm->use_machine_cred) {
wpa_printf(MSG_DEBUG, "TLS: using machine config options");
eap_tls_params_from_conf2m(params, config);
diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk
index 892cb7507..a54517eea 100644
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
@@ -482,6 +482,9 @@ OBJS += src/eap_peer/eap_tls.c
endif
TLS_FUNCS=y
CONFIG_IEEE8021X_EAPOL=y
+ifdef CONFIG_EAP_TLSV1_3
+L_CFLAGS += -DEAP_TLSV1_3
+endif
endif
ifdef CONFIG_EAP_UNAUTH_TLS
diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
index 16e484ce6..8978546c8 100644
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -484,6 +484,9 @@ OBJS += ../src/eap_peer/eap_tls.o
endif
TLS_FUNCS=y
CONFIG_IEEE8021X_EAPOL=y
+ifdef CONFIG_EAP_TLSV1_3
+CFLAGS += -DEAP_TLSV1_3
+endif
endif
ifdef CONFIG_EAP_UNAUTH_TLS
diff --git a/wpa_supplicant/defconfig b/wpa_supplicant/defconfig
index a4719dbb5..ab3fba322 100644
--- a/wpa_supplicant/defconfig
+++ b/wpa_supplicant/defconfig
@@ -101,6 +101,9 @@ CONFIG_EAP_MSCHAPV2=y
# EAP-TLS
CONFIG_EAP_TLS=y
+# Enable EAP-TLSv1.3 support by default (currently disabled unless explicitly
+# enabled in network configuration)
+#CONFIG_EAP_TLSV1_3=y
# EAL-PEAP
CONFIG_EAP_PEAP=y
--
2.17.1

Some files were not shown because too many files have changed in this diff Show More