From ecd77dece937865000c3aa233b19b48eb1ebfee5 Mon Sep 17 00:00:00 2001 From: Arturo Buzarra Date: Wed, 20 Dec 2023 16:38:21 +0100 Subject: [PATCH] firmware-murata: update firmware binaries to version imx-kirkstone-hedorah_r1.0 This commit updates the required firmware binaries for Bluetooth and Wireless interfaces, hostapd and wpa_supplicant recipes based on the Cypress Linux WiFi Driver (FMAC) release v5.15.58-2023_1128 (Wireless firmware v13.10.246.334). This change also includes a custom defconfig file for the hostapd and wpa_supplicant recipes including the changes from the patches and the Digi customizations. Also are updated the Murata firmware repositories to match with the latest Murata release imx-kirkstone-hedorah_r1.0, which is based in the same Cypress Linux Wifi Driver release v5.15.58-2023_1128. https://onedigi.atlassian.net/browse/DEL-8667 Signed-off-by: Arturo Buzarra --- .../firmware-murata-infineon.bb | 22 +- .../hostapd/hostapd/ccmp1/defconfig | 421 ++++++++++ ...connection-authorized-in-EVENT_ASSOC.patch | 2 +- ...OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch | 2 +- ...k-SAE-authentication-offload-support.patch | 2 +- ...n-connect-for-SAE-authenticat.murata.patch | 2 +- ...4-way-handshake-offload-for-WPA-WPA2.patch | 2 +- ...y-handshake-offload-for-WPA-WPA2-PSK.patch | 2 +- ...SAE-authentication-offload-in-AP-mod.patch | 2 +- ...AE-authentication-offload-in-AP-mode.patch | 2 +- ...config_base-Add-Infineon-default-con.patch | 2 +- ...x-to-check-Invalid-GTK-IE-length-in-.patch | 2 +- ...UTH_EARLY_SET-flags-and-codes.murata.patch | 2 +- ...t-WPA-Versions-for-FT-SAE-key-manage.patch | 2 +- ...WPA_KEY_MGMT_FT-for-eapol-off.murata.patch | 2 +- ...-deauth-for-PMKSA-caching-dis.murata.patch | 2 +- ...tion-issue-through-supplicant.murata.patch | 2 +- ...cating-STA-if-the-reason-for-freeing.patch | 2 +- .../0022-wpa_supplicant-support-bgscan.patch | 2 +- ...ate-interface-to-support-driv.murata.patch | 2 +- ...cmd-create-wl_do_cmd-as-an-entry-doi.patch | 2 +- ...cmd-create-ops-table-to-do-wl-comman.patch | 2 +- ...-wl-cmd-add-more-compile-flag.murata.patch | 2 +- ...027-Fix-dpp-config-parameter-setting.patch | 2 +- ...ilure-of-dpp-configurator-exchange-f.patch | 2 +- ...SUITEB192-and-SUITEB-compile-options.patch | 2 +- ..._EDIT-option-for-enrollee-plus-respo.patch | 2 +- ...-disconnect-after-PMKSA-cache-expire.patch | 2 +- ...et-PMKSA-to-driver-while-key-mgmt-is.patch | 2 +- ...N_FLAG_COLOCATED_6GHZ-in-scan.murata.patch | 2 +- .../0037-Enabling-OWE-in-wpa_supplicant.patch | 2 +- ...39-FT-Sync-nl80211-ext-feature-index.patch | 2 +- ...e-a-vendor-header-for-vendor-NL-ifac.patch | 2 +- ...TWT-setup-request-handling-to.murata.patch | 2 +- ...TWT-Teardown-request-handling.murata.patch | 2 +- ...e-TWT-of-a-session-using-offs.murata.patch | 2 +- ...ailed-when-PMK-lifetime-is-set-to-1.patch} | 2 +- ...cli-mbo-command-by-IFX-vendorID.digi.patch | 381 +++++++++ ...-support-to-be-enabled-with-bui.digi.patch | 48 ++ ...able-4-way-handshake-offload-for-DPP.patch | 31 + ...cli-wnm_maxilde-command-by-IFX-.digi.patch | 283 +++++++ ...ntent-of-nl80211_copy.h-for-BSS_COLO.patch | 170 ++++ ...nl_connect-socket-while-WPA_DRIVER_F.patch | 37 + ...E-compile-option-for-hostapd-executi.patch | 31 + ...PP2.0-and-add-pfs-init-flow-on-EVENT.patch | 232 ++++++ ...vent-invalid-akm-key-mgmt-when-MFP-r.patch | 31 + ...and-encryption-parameters-while.digi.patch | 49 ++ .../hostapd/hostapd_%.bbappend | 14 +- .../wpa-supplicant/ccmp1/defconfig | 655 +++++++++++++++ ...upport-4-way-handshake-offload-for-F.patch | 2 +- ...otify-Neighbor-Report-for-driver-tri.patch | 2 +- ...connection-authorized-in-EVENT_ASSOC.patch | 2 +- ...dd-PMKSA-cache-for-802.1X-4-way-hand.patch | 2 +- ...OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch | 2 +- ...k-SAE-authentication-offload-support.patch | 2 +- ...sword-on-connect-for-SAE-authenticat.patch | 2 +- ...4-way-handshake-offload-for-WPA-WPA2.patch | 2 +- ...y-handshake-offload-for-WPA-WPA2-PSK.patch | 2 +- ...SAE-authentication-offload-in-AP-mod.patch | 2 +- ...AE-authentication-offload-in-AP-mode.patch | 2 +- ...dition-test-for-AKM-type-DPP-offload.patch | 2 +- ...config_base-Add-Infineon-default-con.patch | 2 +- ...x-to-check-Invalid-GTK-IE-length-in-.patch | 2 +- ...UTH_EARLY_SET-flags-and-codes.murata.patch | 2 +- ...t-WPA-Versions-for-FT-SAE-key-manage.patch | 2 +- ...upport-WPA_KEY_MGMT_FT-for-eapol-off.patch | 2 +- ...uppress-deauth-for-PMKSA-caching-dis.patch | 2 +- ...tion-issue-through-supplicant.murata.patch | 2 +- ...ache-after-receiving-specific-deauth.patch | 2 +- ...cating-STA-if-the-reason-for-freeing.patch | 2 +- .../0022-wpa_supplicant-support-bgscan.patch | 2 +- ...ate-interface-to-support-driv.murata.patch | 2 +- ...cmd-create-wl_do_cmd-as-an-entry-doi.patch | 2 +- ...cmd-create-ops-table-to-do-wl-comman.patch | 2 +- ...pstream-wl-cmd-add-more-compile-flag.patch | 2 +- ...027-Fix-dpp-config-parameter-setting.patch | 2 +- ...ilure-of-dpp-configurator-exchange-f.patch | 2 +- ...SUITEB192-and-SUITEB-compile-options.patch | 2 +- ..._EDIT-option-for-enrollee-plus-respo.patch | 2 +- ...trigger-failed-once-GC-invited-by-GO.patch | 2 +- ...-disconnect-after-PMKSA-cache-expire.patch | 2 +- ...-Add-support-for-beacon-loss-roaming.patch | 2 +- ...et-PMKSA-to-driver-while-key-mgmt-is.patch | 2 +- ...211_SCAN_FLAG_COLOCATED_6GHZ-in-scan.patch | 2 +- ...to-disable-6-GHz-collocated-scanning.patch | 2 +- .../0037-Enabling-OWE-in-wpa_supplicant.patch | 2 +- ...8-Add-link-loss-timer-on-beacon-loss.patch | 2 +- ...39-FT-Sync-nl80211-ext-feature-index.patch | 2 +- ...e-a-vendor-header-for-vendor-NL-ifac.patch | 2 +- ...ffload-TWT-setup-request-handling-to.patch | 2 +- ...ffload-TWT-Teardown-request-handling.patch | 2 +- ...onfigure-TWT-of-a-session-using-offs.patch | 2 +- ...ult-TWT-session-in-the-STA-after-ass.patch | 2 +- ...-parameters-exponent-and-mantissa-pa.patch | 2 +- ...sending-open-auth-instead-of-SAE-aut.patch | 2 +- ...AMOFFLOAD-raises-portValid-too-early.patch | 54 -- ...ailed-when-PMK-lifetime-is-set-to-1.patch} | 4 +- ...m-p2p_add_group-command-unification.patch} | 4 +- ...-wpa_cli-mbo-command-by-IFX-vendorID.patch | 765 ++++++++++++++++++ ...Sv1.3-support-to-be-enabled-with-bui.patch | 94 +++ .../0051-Enabling-TLS-v1.3-by-default.patch | 27 + ...able-4-way-handshake-offload-for-DPP.patch | 31 + ...-wpa_cli-wnm_maxilde-command-by-IFX-.patch | 382 +++++++++ ...ntent-of-nl80211_copy.h-for-BSS_COLO.patch | 170 ++++ ...nl_connect-socket-while-WPA_DRIVER_F.patch | 37 + ...E-compile-option-for-hostapd-executi.patch | 31 + ...PP2.0-and-add-pfs-init-flow-on-EVENT.patch | 232 ++++++ ...vent-invalid-akm-key-mgmt-when-MFP-r.patch | 31 + ...tion-and-encryption-parameters-while.patch | 70 ++ ...onfigurable-link_loss-parameter-for-.patch | 117 +++ .../wpa-supplicant/wpa-supplicant_%.bbappend | 19 +- 111 files changed, 4479 insertions(+), 156 deletions(-) create mode 100644 meta-digi-dey/recipes-connectivity/hostapd/hostapd/ccmp1/defconfig rename meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/{0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch => 0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch} (97%) create mode 100644 meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.digi.patch create mode 100644 meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.digi.patch create mode 100644 meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0052-Disable-4-way-handshake-offload-for-DPP.patch create mode 100644 meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.digi.patch create mode 100644 meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch create mode 100644 meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch create mode 100644 meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch create mode 100644 meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch create mode 100644 meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch create mode 100644 meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0059-Reset-authentication-and-encryption-parameters-while.digi.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/ccmp1/defconfig delete mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0047-Fix-ROAMOFFLOAD-raises-portValid-too-early.patch rename meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/{0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch => 0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch} (94%) rename meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/{0049-non-upstream-p2p_add_group-command-unification.patch => 0048-non-upstream-p2p_add_group-command-unification.patch} (95%) create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0051-Enabling-TLS-v1.3-by-default.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0052-Disable-4-way-handshake-offload-for-DPP.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0059-Reset-authentication-and-encryption-parameters-while.patch create mode 100644 meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0060-brcmfmac-add-a-configurable-link_loss-parameter-for-.patch diff --git a/meta-digi-arm/recipes-bsp/firmware-murata-infineon/firmware-murata-infineon.bb b/meta-digi-arm/recipes-bsp/firmware-murata-infineon/firmware-murata-infineon.bb index 3d44a8620..4377c33f2 100644 --- a/meta-digi-arm/recipes-bsp/firmware-murata-infineon/firmware-murata-infineon.bb +++ b/meta-digi-arm/recipes-bsp/firmware-murata-infineon/firmware-murata-infineon.bb @@ -1,4 +1,4 @@ -# Copyright (C) 2022,2023 Digi International. +# Copyright (C) 2022,2024 Digi International Inc. SUMMARY = "Murata Infineon firmware binaries" SECTION = "base" @@ -6,19 +6,19 @@ LICENSE = "CYPRESS-EULA" LIC_FILES_CHKSUM = "file://${S}/cyw-bt-patch/LICENCE.cypress;md5=cbc5f665d04f741f1e006d2096236ba7" SRC_URI = " \ - git://github.com/murata-wireless/cyw-fmac-fw;protocol=http;branch=fafnir;destsuffix=cyw-fmac-fw;name=cyw-fmac-fw \ - git://github.com/murata-wireless/cyw-fmac-nvram;protocol=http;branch=fafnir;destsuffix=cyw-fmac-nvram;name=cyw-fmac-nvram \ - git://github.com/murata-wireless/cyw-bt-patch;protocol=http;branch=master;destsuffix=cyw-bt-patch;name=cyw-bt-patch \ - git://github.com/murata-wireless/cyw-fmac-utils-imx32;protocol=http;branch=fafnir;destsuffix=cyw-fmac-utils-imx32;name=cyw-fmac-utils-imx32 \ - git://github.com/murata-wireless/cyw-fmac-utils-imx64;protocol=http;branch=fafnir;destsuffix=cyw-fmac-utils-imx64;name=cyw-fmac-utils-imx64 \ + git://github.com/murata-wireless/cyw-fmac-fw;protocol=http;branch=hedorah;destsuffix=cyw-fmac-fw;name=cyw-fmac-fw \ + git://github.com/murata-wireless/cyw-fmac-nvram;protocol=http;branch=hedorah;destsuffix=cyw-fmac-nvram;name=cyw-fmac-nvram \ + git://github.com/murata-wireless/cyw-bt-patch;protocol=http;branch=mickledore-hedorah;destsuffix=cyw-bt-patch;name=cyw-bt-patch \ + git://github.com/murata-wireless/cyw-fmac-utils-imx32;protocol=http;branch=master;destsuffix=cyw-fmac-utils-imx32;name=cyw-fmac-utils-imx32 \ + git://github.com/murata-wireless/cyw-fmac-utils-imx64;protocol=http;branch=master;destsuffix=cyw-fmac-utils-imx64;name=cyw-fmac-utils-imx64 \ file://cyfmac4373-sdio_US.clm_blob \ " -SRCREV_cyw-fmac-fw="1f83e807b8187508c811a7d91a353a768fef2d37" -SRCREV_cyw-fmac-nvram="303acf1b04441f62fbc48d278a70a099fabacb4a" -SRCREV_cyw-bt-patch="9d24c254dae92af99ddfd661a4ea30af69190038" -SRCREV_cyw-fmac-utils-imx32="e248804b6ba386fedcd462ddd9394f42f73a17af" -SRCREV_cyw-fmac-utils-imx64="1bc78d68f9609290b2f6578516011c57691f7815" +SRCREV_cyw-fmac-fw="db8deb03b8d24e5069ac4581d1c35b767012e926" +SRCREV_cyw-fmac-nvram="9b7d93eb3e13b2d2ed8ce3a01338ceb54151b77a" +SRCREV_cyw-bt-patch="3275a7036dd0d6eacecccccc760b7e7fe91a9e32" +SRCREV_cyw-fmac-utils-imx32="fcdd231e9bb23db3c93c10e5dff43a1182f220c5" +SRCREV_cyw-fmac-utils-imx64="52cc4cc6be8629781014505aa276b67e18cf6e8d" SRCREV_default = "${AUTOREV}" diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/ccmp1/defconfig b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/ccmp1/defconfig new file mode 100644 index 000000000..8bc9c7f9f --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/ccmp1/defconfig @@ -0,0 +1,421 @@ +# Example hostapd build time configuration +# +# This file lists the configuration options that are used when building the +# hostapd binary. All lines starting with # are ignored. Configuration option +# lines must be commented out complete, if they are not to be included, i.e., +# just setting VARIABLE=n is not disabling that variable. +# +# This file is included in Makefile, so variables like CFLAGS and LIBS can also +# be modified from here. In most cass, these lines should use += in order not +# to override previous values of the variables. + +# Driver interface for Host AP driver +CONFIG_DRIVER_HOSTAP=y + +# Driver interface for wired authenticator +#CONFIG_DRIVER_WIRED=y + +# Driver interface for drivers using the nl80211 kernel interface +CONFIG_DRIVER_NL80211=y + +# QCA vendor extensions to nl80211 +#CONFIG_DRIVER_NL80211_QCA=y + +CONFIG_DRIVER_BRCM_WL=y + +# driver_nl80211.c requires libnl. If you are compiling it yourself +# you may need to point hostapd to your version of libnl. +# +#CFLAGS += -I$ +#LIBS += -L$ + +# Use libnl v2.0 (or 3.0) libraries. +#CONFIG_LIBNL20=y + +# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored) +CONFIG_LIBNL32=y + + +# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) +#CONFIG_DRIVER_BSD=y +#CFLAGS += -I/usr/local/include +#LIBS += -L/usr/local/lib +#LIBS_p += -L/usr/local/lib +#LIBS_c += -L/usr/local/lib + +# Driver interface for no driver (e.g., RADIUS server only) +#CONFIG_DRIVER_NONE=y + +# WPA2/IEEE 802.11i RSN pre-authentication +CONFIG_RSN_PREAUTH=y + +# Support Operating Channel Validation +#CONFIG_OCV=y + +# Integrated EAP server +CONFIG_EAP=y + +# EAP Re-authentication Protocol (ERP) in integrated EAP server +CONFIG_ERP=y + +# EAP-MD5 for the integrated EAP server +CONFIG_EAP_MD5=y + +# EAP-TLS for the integrated EAP server +CONFIG_EAP_TLS=y + +# EAP-MSCHAPv2 for the integrated EAP server +CONFIG_EAP_MSCHAPV2=y + +# EAP-PEAP for the integrated EAP server +CONFIG_EAP_PEAP=y + +# EAP-GTC for the integrated EAP server +CONFIG_EAP_GTC=y + +# EAP-TTLS for the integrated EAP server +CONFIG_EAP_TTLS=y + +# EAP-SIM for the integrated EAP server +#CONFIG_EAP_SIM=y + +# EAP-AKA for the integrated EAP server +#CONFIG_EAP_AKA=y + +# EAP-AKA' for the integrated EAP server +# This requires CONFIG_EAP_AKA to be enabled, too. +#CONFIG_EAP_AKA_PRIME=y + +# EAP-PAX for the integrated EAP server +#CONFIG_EAP_PAX=y + +# EAP-PSK for the integrated EAP server (this is _not_ needed for WPA-PSK) +#CONFIG_EAP_PSK=y + +# EAP-pwd for the integrated EAP server (secure authentication with a password) +#CONFIG_EAP_PWD=y + +# EAP-SAKE for the integrated EAP server +#CONFIG_EAP_SAKE=y + +# EAP-GPSK for the integrated EAP server +#CONFIG_EAP_GPSK=y +# Include support for optional SHA256 cipher suite in EAP-GPSK +#CONFIG_EAP_GPSK_SHA256=y + +# EAP-FAST for the integrated EAP server +#CONFIG_EAP_FAST=y + +# EAP-TEAP for the integrated EAP server +# Note: The current EAP-TEAP implementation is experimental and should not be +# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number +# of conflicting statements and missing details and the implementation has +# vendor specific workarounds for those and as such, may not interoperate with +# any other implementation. This should not be used for anything else than +# experimentation and interoperability testing until those issues has been +# resolved. +#CONFIG_EAP_TEAP=y + +# Wi-Fi Protected Setup (WPS) +#CONFIG_WPS=y +# Enable UPnP support for external WPS Registrars +#CONFIG_WPS_UPNP=y +# Enable WPS support with NFC config method +#CONFIG_WPS_NFC=y + +# EAP-IKEv2 +#CONFIG_EAP_IKEV2=y + +# Trusted Network Connect (EAP-TNC) +#CONFIG_EAP_TNC=y + +# EAP-EKE for the integrated EAP server +#CONFIG_EAP_EKE=y + +# PKCS#12 (PFX) support (used to read private key and certificate file from +# a file that usually has extension .p12 or .pfx) +CONFIG_PKCS12=y + +# RADIUS authentication server. This provides access to the integrated EAP +# server from external hosts using RADIUS. +#CONFIG_RADIUS_SERVER=y + +# Build IPv6 support for RADIUS operations +CONFIG_IPV6=y + +# IEEE Std 802.11r-2008 (Fast BSS Transition) +#CONFIG_IEEE80211R=y + +# Use the hostapd's IEEE 802.11 authentication (ACL), but without +# the IEEE 802.11 Management capability (e.g., FreeBSD/net80211) +#CONFIG_DRIVER_RADIUS_ACL=y + +# Wireless Network Management (IEEE Std 802.11v-2011) +# Note: This is experimental and not complete implementation. +#CONFIG_WNM=y + +# IEEE 802.11ac (Very High Throughput) support +CONFIG_IEEE80211AC=y + +# IEEE 802.11ax HE support +# Note: This is experimental and work in progress. The definitions are still +# subject to change and this should not be expected to interoperate with the +# final IEEE 802.11ax version. +#CONFIG_IEEE80211AX=y + +# Remove debugging code that is printing out debug messages to stdout. +# This can be used to reduce the size of the hostapd considerably if debugging +# code is not needed. +#CONFIG_NO_STDOUT_DEBUG=y + +# Add support for writing debug log to a file: -f /tmp/hostapd.log +# Disabled by default. +#CONFIG_DEBUG_FILE=y + +# Send debug messages to syslog instead of stdout +#CONFIG_DEBUG_SYSLOG=y + +# Add support for sending all debug messages (regardless of debug verbosity) +# to the Linux kernel tracing facility. This helps debug the entire stack by +# making it easy to record everything happening from the driver up into the +# same file, e.g., using trace-cmd. +#CONFIG_DEBUG_LINUX_TRACING=y + +# Remove support for RADIUS accounting +#CONFIG_NO_ACCOUNTING=y + +# Remove support for RADIUS +#CONFIG_NO_RADIUS=y + +# Remove support for VLANs +#CONFIG_NO_VLAN=y + +# Enable support for fully dynamic VLANs. This enables hostapd to +# automatically create bridge and VLAN interfaces if necessary. +#CONFIG_FULL_DYNAMIC_VLAN=y + +# Use netlink-based kernel API for VLAN operations instead of ioctl() +# Note: This requires libnl 3.1 or newer. +#CONFIG_VLAN_NETLINK=y + +# Remove support for dumping internal state through control interface commands +# This can be used to reduce binary size at the cost of disabling a debugging +# option. +#CONFIG_NO_DUMP_STATE=y + +# Enable tracing code for developer debugging +# This tracks use of memory allocations and other registrations and reports +# incorrect use with a backtrace of call (or allocation) location. +#CONFIG_WPA_TRACE=y +# For BSD, comment out these. +#LIBS += -lexecinfo +#LIBS_p += -lexecinfo +#LIBS_c += -lexecinfo + +# Use libbfd to get more details for developer debugging +# This enables use of libbfd to get more detailed symbols for the backtraces +# generated by CONFIG_WPA_TRACE=y. +#CONFIG_WPA_TRACE_BFD=y +# For BSD, comment out these. +#LIBS += -lbfd -liberty -lz +#LIBS_p += -lbfd -liberty -lz +#LIBS_c += -lbfd -liberty -lz + +# hostapd depends on strong random number generation being available from the +# operating system. os_get_random() function is used to fetch random data when +# needed, e.g., for key generation. On Linux and BSD systems, this works by +# reading /dev/urandom. It should be noted that the OS entropy pool needs to be +# properly initialized before hostapd is started. This is important especially +# on embedded devices that do not have a hardware random number generator and +# may by default start up with minimal entropy available for random number +# generation. +# +# As a safety net, hostapd is by default trying to internally collect +# additional entropy for generating random data to mix in with the data +# fetched from the OS. This by itself is not considered to be very strong, but +# it may help in cases where the system pool is not initialized properly. +# However, it is very strongly recommended that the system pool is initialized +# with enough entropy either by using hardware assisted random number +# generator or by storing state over device reboots. +# +# hostapd can be configured to maintain its own entropy store over restarts to +# enhance random number generation. This is not perfect, but it is much more +# secure than using the same sequence of random numbers after every reboot. +# This can be enabled with -e command line option. The specified +# file needs to be readable and writable by hostapd. +# +# If the os_get_random() is known to provide strong random data (e.g., on +# Linux/BSD, the board in question is known to have reliable source of random +# data from /dev/urandom), the internal hostapd random pool can be disabled. +# This will save some in binary size and CPU use. However, this should only be +# considered for builds that are known to be used on devices that meet the +# requirements described above. +#CONFIG_NO_RANDOM_POOL=y + +# Should we attempt to use the getrandom(2) call that provides more reliable +# yet secure randomness source than /dev/random on Linux 3.17 and newer. +# Requires glibc 2.25 to build, falls back to /dev/random if unavailable. +#CONFIG_GETRANDOM=y + +# Should we use poll instead of select? Select is used by default. +#CONFIG_ELOOP_POLL=y + +# Should we use epoll instead of select? Select is used by default. +#CONFIG_ELOOP_EPOLL=y + +# Should we use kqueue instead of select? Select is used by default. +#CONFIG_ELOOP_KQUEUE=y + +# Select TLS implementation +# openssl = OpenSSL (default) +# gnutls = GnuTLS +# internal = Internal TLSv1 implementation (experimental) +# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental) +# none = Empty template +CONFIG_TLS=openssl +CONFIG_TLS_ADD_DL=y + +# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1) +# can be enabled to get a stronger construction of messages when block ciphers +# are used. +#CONFIG_TLSV11=y + +# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2) +# can be enabled to enable use of stronger crypto algorithms. +#CONFIG_TLSV12=y + +# Select which ciphers to use by default with OpenSSL if the user does not +# specify them. +#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW" + +# If CONFIG_TLS=internal is used, additional library and include paths are +# needed for LibTomMath. Alternatively, an integrated, minimal version of +# LibTomMath can be used. See beginning of libtommath.c for details on benefits +# and drawbacks of this option. +#CONFIG_INTERNAL_LIBTOMMATH=y +#ifndef CONFIG_INTERNAL_LIBTOMMATH +#LTM_PATH=/usr/src/libtommath-0.39 +#CFLAGS += -I$(LTM_PATH) +#LIBS += -L$(LTM_PATH) +#LIBS_p += -L$(LTM_PATH) +#endif +# At the cost of about 4 kB of additional binary size, the internal LibTomMath +# can be configured to include faster routines for exptmod, sqr, and div to +# speed up DH and RSA calculation considerably +#CONFIG_INTERNAL_LIBTOMMATH_FAST=y + +# Interworking (IEEE 802.11u) +# This can be used to enable functionality to improve interworking with +# external networks. +#CONFIG_INTERWORKING=y + +# Hotspot 2.0 +#CONFIG_HS20=y + +# Enable SQLite database support in hlr_auc_gw, EAP-SIM DB, and eap_user_file +#CONFIG_SQLITE=y + +# Enable Fast Session Transfer (FST) +#CONFIG_FST=y + +# Enable CLI commands for FST testing +#CONFIG_FST_TEST=y + +# Testing options +# This can be used to enable some testing options (see also the example +# configuration file) that are really useful only for testing clients that +# connect to this hostapd. These options allow, for example, to drop a +# certain percentage of probe requests or auth/(re)assoc frames. +# +#CONFIG_TESTING_OPTIONS=y + +# Automatic Channel Selection +# This will allow hostapd to pick the channel automatically when channel is set +# to "acs_survey" or "0". Eventually, other ACS algorithms can be added in +# similar way. +# +# Automatic selection is currently only done through initialization, later on +# we hope to do background checks to keep us moving to more ideal channels as +# time goes by. ACS is currently only supported through the nl80211 driver and +# your driver must have survey dump capability that is filled by the driver +# during scanning. +# +# You can customize the ACS survey algorithm with the hostapd.conf variable +# acs_num_scans. +# +# Supported ACS drivers: +# * ath9k +# * ath5k +# * ath10k +# +# For more details refer to: +# https://wireless.wiki.kernel.org/en/users/documentation/acs +# +#CONFIG_ACS=y + +# Multiband Operation support +# These extensions facilitate efficient use of multiple frequency bands +# available to the AP and the devices that may associate with it. +#CONFIG_MBO=y + +# Client Taxonomy +# Has the AP retain the Probe Request and (Re)Association Request frames from +# a client, from which a signature can be produced which can identify the model +# of client device like "Nexus 6P" or "iPhone 5s". +#CONFIG_TAXONOMY=y + +# Fast Initial Link Setup (FILS) (IEEE 802.11ai) +#CONFIG_FILS=y +# FILS shared key authentication with PFS +#CONFIG_FILS_SK_PFS=y + +# Include internal line edit mode in hostapd_cli. This can be used to provide +# limited command line editing and history support. +#CONFIG_WPA_CLI_EDIT=y + +# Opportunistic Wireless Encryption (OWE) +# Experimental implementation of draft-harkins-owe-07.txt +CONFIG_OWE=y + +# Airtime policy support +#CONFIG_AIRTIME_POLICY=y + +# Override default value for the wpa_disable_eapol_key_retries configuration +# parameter. See that parameter in hostapd.conf for more details. +#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1 + +# Wired equivalent privacy (WEP) +# WEP is an obsolete cryptographic data confidentiality algorithm that is not +# considered secure. It should not be used for anything anymore. The +# functionality needed to use WEP is available in the current hostapd +# release under this optional build parameter. This functionality is subject to +# be completely removed in a future release. +#CONFIG_WEP=y + +# Remove all TKIP functionality +# TKIP is an old cryptographic data confidentiality algorithm that is not +# considered secure. It should not be used anymore. For now, the default hostapd +# build includes this to allow mixed mode WPA+WPA2 networks to be enabled, but +# that functionality is subject to be removed in the future. +#CONFIG_NO_TKIP=y + +# Pre-Association Security Negotiation (PASN) +# Experimental implementation based on IEEE P802.11z/D2.6 and the protocol +# design is still subject to change. As such, this should not yet be enabled in +# production use. +# This requires CONFIG_IEEE80211W=y to be enabled, too. +#CONFIG_PASN=y + +# Simultaneous Authentication of Equals (SAE), WPA3-Personal +CONFIG_SAE=y + +# Set SAE Auth status early +CONFIG_WPA3_SAE_AUTH_EARLY_SET=y + +# Device Provisioning Protocol (DPP) (also known as Wi-Fi Easy Connect) +CONFIG_DPP=y +# DPP version 2 support +CONFIG_DPP2=y +# DPP version 3 support (experimental and still changing; do not enable for +# production use) +#CONFIG_DPP3=y diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0003-nl80211-Report-connection-authorized-in-EVENT_ASSOC.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0003-nl80211-Report-connection-authorized-in-EVENT_ASSOC.patch index 8de33d112..b203b71df 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0003-nl80211-Report-connection-authorized-in-EVENT_ASSOC.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0003-nl80211-Report-connection-authorized-in-EVENT_ASSOC.patch @@ -1,7 +1,7 @@ From 21271c00b29db8c178aa704daaf665967e141d47 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 29 Oct 2019 15:55:21 +0800 -Subject: [PATCH 03/49] nl80211: Report connection authorized in EVENT_ASSOC +Subject: [PATCH 03/60] nl80211: Report connection authorized in EVENT_ASSOC When roaming in a network that requires 802.1X authentication, device driver could set the authorized flag if 4-way handshake offload or FT diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0005-OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0005-OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch index 879bc9ba7..8517fbf02 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0005-OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0005-OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch @@ -1,7 +1,7 @@ From 78e7373ad2cf51a881a12e55c3db01580932539e Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Fri, 8 Nov 2019 13:23:05 -0600 -Subject: [PATCH 05/49] OpenSSL: Fix build with OpenSSL 1.0.1 +Subject: [PATCH 05/60] OpenSSL: Fix build with OpenSSL 1.0.1 The openssl_debug_dump_certificate_chains() implementation used SSL_CERT_SET_FIRST and SSL_CERT_SET_NEXT, which were added in OpenSSL diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0006-nl80211-Check-SAE-authentication-offload-support.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0006-nl80211-Check-SAE-authentication-offload-support.patch index 9be859305..297791252 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0006-nl80211-Check-SAE-authentication-offload-support.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0006-nl80211-Check-SAE-authentication-offload-support.patch @@ -1,7 +1,7 @@ From f6eed1d9e56502fd8cbab309e94f9787795c3e35 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 29 Oct 2019 17:13:27 +0800 -Subject: [PATCH 06/49] nl80211: Check SAE authentication offload support +Subject: [PATCH 06/60] nl80211: Check SAE authentication offload support Set WPA_DRIVER_FLAGS2_SAE_OFFLOAD flag if driver indicates SAE authentication offload support. diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0007-SAE-Pass-SAE-password-on-connect-for-SAE-authenticat.murata.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0007-SAE-Pass-SAE-password-on-connect-for-SAE-authenticat.murata.patch index 16d2d8ced..7f6a98dec 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0007-SAE-Pass-SAE-password-on-connect-for-SAE-authenticat.murata.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0007-SAE-Pass-SAE-password-on-connect-for-SAE-authenticat.murata.patch @@ -1,7 +1,7 @@ From 417097c87d7027ad319d7e8c9931deb666779533 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 29 Oct 2019 17:22:18 +0800 -Subject: [PATCH 07/49] SAE: Pass SAE password on connect for SAE +Subject: [PATCH 07/60] SAE: Pass SAE password on connect for SAE authentication offload support Pass SAE password on connect if driver advertises SAE authentication diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0008-nl80211-Support-4-way-handshake-offload-for-WPA-WPA2.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0008-nl80211-Support-4-way-handshake-offload-for-WPA-WPA2.patch index 43b4e31f3..2bffa1708 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0008-nl80211-Support-4-way-handshake-offload-for-WPA-WPA2.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0008-nl80211-Support-4-way-handshake-offload-for-WPA-WPA2.patch @@ -1,7 +1,7 @@ From 0bdd3f507d5dc92e42c72df7f4b79ffdab514fe1 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 10 Dec 2019 14:02:39 -0600 -Subject: [PATCH 08/49] nl80211: Support 4-way handshake offload for +Subject: [PATCH 08/60] nl80211: Support 4-way handshake offload for WPA/WPA2-PSK in AP mode If driver advertises support for WPA/WPA2-PSK 4-way handshake offload in diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0009-AP-Support-4-way-handshake-offload-for-WPA-WPA2-PSK.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0009-AP-Support-4-way-handshake-offload-for-WPA-WPA2-PSK.patch index 654fad8e6..442b1a6e7 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0009-AP-Support-4-way-handshake-offload-for-WPA-WPA2-PSK.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0009-AP-Support-4-way-handshake-offload-for-WPA-WPA2-PSK.patch @@ -1,7 +1,7 @@ From 2f8529ec491389bdb41911edcf084bc643d7c9ee Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 10 Dec 2019 14:03:57 -0600 -Subject: [PATCH 09/49] AP: Support 4-way handshake offload for WPA/WPA2-PSK +Subject: [PATCH 09/60] AP: Support 4-way handshake offload for WPA/WPA2-PSK Add support for WPA/WPA2-PSK 4-way handshake offload in AP mode. In this case, the 4-way handshake is handled by driver instead of user space. diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0010-nl80211-Support-SAE-authentication-offload-in-AP-mod.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0010-nl80211-Support-SAE-authentication-offload-in-AP-mod.patch index 1a3eef521..2d1636e0a 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0010-nl80211-Support-SAE-authentication-offload-in-AP-mod.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0010-nl80211-Support-SAE-authentication-offload-in-AP-mod.patch @@ -1,7 +1,7 @@ From 89d2f8b07c948cc5fbe8767948128f487eae2ed5 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 10 Dec 2019 14:05:16 -0600 -Subject: [PATCH 10/49] nl80211: Support SAE authentication offload in AP mode +Subject: [PATCH 10/60] nl80211: Support SAE authentication offload in AP mode If driver advertises support for SAE authentication offload, pass SAE password in NL80211_CMD_NEW_BEACON command for AP mode. diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0011-SAE-Support-SAE-authentication-offload-in-AP-mode.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0011-SAE-Support-SAE-authentication-offload-in-AP-mode.patch index 6667844f7..2ec008ea6 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0011-SAE-Support-SAE-authentication-offload-in-AP-mode.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0011-SAE-Support-SAE-authentication-offload-in-AP-mode.patch @@ -1,7 +1,7 @@ From dfa364f9970f1d88782cc9a9b7292afadbf2358b Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 10 Dec 2019 14:06:20 -0600 -Subject: [PATCH 11/49] SAE: Support SAE authentication offload in AP mode +Subject: [PATCH 11/60] SAE: Support SAE authentication offload in AP mode Add support for SAE authentication offload in AP mode. In this case, the SAE authentication process is handled by driver instead of user space. diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0013-non-upstream-defconfig_base-Add-Infineon-default-con.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0013-non-upstream-defconfig_base-Add-Infineon-default-con.patch index dff70c0d3..6e99d6fa9 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0013-non-upstream-defconfig_base-Add-Infineon-default-con.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0013-non-upstream-defconfig_base-Add-Infineon-default-con.patch @@ -1,7 +1,7 @@ From 69d18183a1df9e72371e33937c91af5b5b79a110 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Mon, 2 Aug 2021 14:15:06 -0500 -Subject: [PATCH 13/49] non-upstream: defconfig_base: Add Infineon default +Subject: [PATCH 13/60] non-upstream: defconfig_base: Add Infineon default configuration Add Infineon default configuration files (defconfig_base). diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0014-CVE_2019_9501-Fix-to-check-Invalid-GTK-IE-length-in-.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0014-CVE_2019_9501-Fix-to-check-Invalid-GTK-IE-length-in-.patch index 1cc5dc822..6be08c05c 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0014-CVE_2019_9501-Fix-to-check-Invalid-GTK-IE-length-in-.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0014-CVE_2019_9501-Fix-to-check-Invalid-GTK-IE-length-in-.patch @@ -1,7 +1,7 @@ From 28c5794ff336f3ec29be79197198071be9add4ac Mon Sep 17 00:00:00 2001 From: Suresh Sanaboina Date: Tue, 1 Feb 2022 13:02:07 +0000 -Subject: [PATCH 14/49] [CVE_2019_9501] Fix to check Invalid GTK IE length in +Subject: [PATCH 14/60] [CVE_2019_9501] Fix to check Invalid GTK IE length in M3 at STA --- diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0015-Add-CONFIG_WPA3_SAE_AUTH_EARLY_SET-flags-and-codes.murata.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0015-Add-CONFIG_WPA3_SAE_AUTH_EARLY_SET-flags-and-codes.murata.patch index eb24cd711..edb1d3d63 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0015-Add-CONFIG_WPA3_SAE_AUTH_EARLY_SET-flags-and-codes.murata.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0015-Add-CONFIG_WPA3_SAE_AUTH_EARLY_SET-flags-and-codes.murata.patch @@ -1,7 +1,7 @@ From ab61a3dd6d968c62b407c170079a236194357931 Mon Sep 17 00:00:00 2001 From: Danny Chiu Date: Thu, 4 Nov 2021 02:44:17 -0500 -Subject: [PATCH 15/49] Add CONFIG_WPA3_SAE_AUTH_EARLY_SET flags and codes +Subject: [PATCH 15/60] Add CONFIG_WPA3_SAE_AUTH_EARLY_SET flags and codes Enable this flags allow the AP to set authorization to firmware earier as the SAE confirm from is ok. --- diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0016-SAE-Set-the-right-WPA-Versions-for-FT-SAE-key-manage.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0016-SAE-Set-the-right-WPA-Versions-for-FT-SAE-key-manage.patch index 6843ed4ee..add017ef6 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0016-SAE-Set-the-right-WPA-Versions-for-FT-SAE-key-manage.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0016-SAE-Set-the-right-WPA-Versions-for-FT-SAE-key-manage.patch @@ -1,7 +1,7 @@ From 32ee9150ccf3f6c242ba2809aab9b9e115a9d1b5 Mon Sep 17 00:00:00 2001 From: Darren Li Date: Fri, 26 Nov 2021 02:09:03 -0600 -Subject: [PATCH 16/49] SAE: Set the right WPA Versions for FT-SAE key +Subject: [PATCH 16/60] SAE: Set the right WPA Versions for FT-SAE key management Set the right WPA Versions for FT-SAE key management diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0017-wpa_supplicant-Support-WPA_KEY_MGMT_FT-for-eapol-off.murata.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0017-wpa_supplicant-Support-WPA_KEY_MGMT_FT-for-eapol-off.murata.patch index f4f9aede6..0d9433088 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0017-wpa_supplicant-Support-WPA_KEY_MGMT_FT-for-eapol-off.murata.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0017-wpa_supplicant-Support-WPA_KEY_MGMT_FT-for-eapol-off.murata.patch @@ -1,7 +1,7 @@ From 6fa06f214ba1cfc4e80dc7413874175146b9c2a5 Mon Sep 17 00:00:00 2001 From: Chien-Chia Chen Date: Tue, 23 Nov 2021 21:29:08 -0600 -Subject: [PATCH 17/49] wpa_supplicant: Support WPA_KEY_MGMT_FT for eapol +Subject: [PATCH 17/60] wpa_supplicant: Support WPA_KEY_MGMT_FT for eapol offloading and driver base roaming Add WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK / WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X / diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0018-wpa_supplicant-suppress-deauth-for-PMKSA-caching-dis.murata.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0018-wpa_supplicant-suppress-deauth-for-PMKSA-caching-dis.murata.patch index ce6cb5754..61d629a09 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0018-wpa_supplicant-suppress-deauth-for-PMKSA-caching-dis.murata.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0018-wpa_supplicant-suppress-deauth-for-PMKSA-caching-dis.murata.patch @@ -1,7 +1,7 @@ From 9af850cef2007cabe1bbffad3ef1d2b13396832d Mon Sep 17 00:00:00 2001 From: Darren Li Date: Tue, 22 Feb 2022 00:34:47 -0600 -Subject: [PATCH 18/49] wpa_supplicant: suppress deauth for PMKSA caching +Subject: [PATCH 18/60] wpa_supplicant: suppress deauth for PMKSA caching disabled wpa_supplicant: Need a command/parameter suppress deauth for PMKSA caching disabled diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0019-Fix-for-PMK-expiration-issue-through-supplicant.murata.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0019-Fix-for-PMK-expiration-issue-through-supplicant.murata.patch index 213edd2c2..dd57edbf4 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0019-Fix-for-PMK-expiration-issue-through-supplicant.murata.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0019-Fix-for-PMK-expiration-issue-through-supplicant.murata.patch @@ -1,7 +1,7 @@ From 5604eb8aaf8382376e6511850e70b66c6e2a22b8 Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Sun, 13 Feb 2022 21:34:09 -0600 -Subject: [PATCH 19/49] Fix for PMK expiration issue through supplicant +Subject: [PATCH 19/60] Fix for PMK expiration issue through supplicant Description : Sending Deauth from AP once PMK timeout occurs, So that STA will initiate the Auth process. diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0021-Avoid-deauthenticating-STA-if-the-reason-for-freeing.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0021-Avoid-deauthenticating-STA-if-the-reason-for-freeing.patch index bb1b85bf7..6521a585f 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0021-Avoid-deauthenticating-STA-if-the-reason-for-freeing.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0021-Avoid-deauthenticating-STA-if-the-reason-for-freeing.patch @@ -1,7 +1,7 @@ From ed487600a81fa99688201a50176072555c90e690 Mon Sep 17 00:00:00 2001 From: Gokul Sivakumar Date: Mon, 25 Apr 2022 18:35:14 +0530 -Subject: [PATCH 21/49] Avoid deauthenticating STA if the reason for freeing +Subject: [PATCH 21/60] Avoid deauthenticating STA if the reason for freeing PMK entry isn't expiry The PMK cache entry for a STA in the SoftAP managed by wpa_supplicant diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0022-wpa_supplicant-support-bgscan.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0022-wpa_supplicant-support-bgscan.patch index 6899b06f4..0842fe358 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0022-wpa_supplicant-support-bgscan.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0022-wpa_supplicant-support-bgscan.patch @@ -1,7 +1,7 @@ From cfa528ffe320ac638ca72e87751f76444669c48e Mon Sep 17 00:00:00 2001 From: Ian Lin Date: Fri, 20 May 2022 03:00:37 -0500 -Subject: [PATCH 22/49] wpa_supplicant: support bgscan +Subject: [PATCH 22/60] wpa_supplicant: support bgscan Modify defconfig_base to support bgscan feature diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0023-non-upstream-wl-cmd-create-interface-to-support-driv.murata.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0023-non-upstream-wl-cmd-create-interface-to-support-driv.murata.patch index 066799a9f..d1fb3194d 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0023-non-upstream-wl-cmd-create-interface-to-support-driv.murata.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0023-non-upstream-wl-cmd-create-interface-to-support-driv.murata.patch @@ -1,7 +1,7 @@ From 1cfe2ac93a1b50a6fd2f6d0022ece6e0f2a91259 Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Sun, 10 Apr 2022 22:10:51 -0500 -Subject: [PATCH 23/49] non-upstream: wl-cmd: create interface to support +Subject: [PATCH 23/60] non-upstream: wl-cmd: create interface to support driver priv command 1. Create "wl" command interface to set/get driver information diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0024-non-upstream-wl-cmd-create-wl_do_cmd-as-an-entry-doi.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0024-non-upstream-wl-cmd-create-wl_do_cmd-as-an-entry-doi.patch index cdc0e9b2b..acce18fe6 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0024-non-upstream-wl-cmd-create-wl_do_cmd-as-an-entry-doi.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0024-non-upstream-wl-cmd-create-wl_do_cmd-as-an-entry-doi.patch @@ -1,7 +1,7 @@ From ea5cd91f744dc3c5ebf8e5b8cf1746bec41c1d19 Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Tue, 26 Apr 2022 03:02:12 -0500 -Subject: [PATCH 24/49] non-upstream: wl-cmd: create wl_do_cmd as an entry +Subject: [PATCH 24/60] non-upstream: wl-cmd: create wl_do_cmd as an entry doing wl commands Create wl_do_cmd as an entry doing wl commands diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0025-non-upstream-wl-cmd-create-ops-table-to-do-wl-comman.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0025-non-upstream-wl-cmd-create-ops-table-to-do-wl-comman.patch index c9037f18e..1a6279412 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0025-non-upstream-wl-cmd-create-ops-table-to-do-wl-comman.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0025-non-upstream-wl-cmd-create-ops-table-to-do-wl-comman.patch @@ -1,7 +1,7 @@ From 05b1387d4dc2e74a02cf524733d809acc4fd46fb Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Wed, 27 Apr 2022 22:50:25 -0500 -Subject: [PATCH 25/49] non-upstream: wl-cmd: create ops table to do wl +Subject: [PATCH 25/60] non-upstream: wl-cmd: create ops table to do wl commands Creeate wl_cmds to handle wl commands diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0026-non-upstream-wl-cmd-add-more-compile-flag.murata.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0026-non-upstream-wl-cmd-add-more-compile-flag.murata.patch index 0f7410345..7943e7ec9 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0026-non-upstream-wl-cmd-add-more-compile-flag.murata.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0026-non-upstream-wl-cmd-add-more-compile-flag.murata.patch @@ -1,7 +1,7 @@ From a6028c58032672f86c9fe87ba3abbd31c79166e3 Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Wed, 25 May 2022 19:12:47 -0500 -Subject: [PATCH 26/49] non-upstream: wl-cmd: add more compile flag +Subject: [PATCH 26/60] non-upstream: wl-cmd: add more compile flag add more CONFIG_DRIVER_BRCM_WL to separeta this feature diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0027-Fix-dpp-config-parameter-setting.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0027-Fix-dpp-config-parameter-setting.patch index 894a71616..8d66427e5 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0027-Fix-dpp-config-parameter-setting.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0027-Fix-dpp-config-parameter-setting.patch @@ -1,7 +1,7 @@ From e2fb675883cf00992ce51e91a3e2055c898ae3e6 Mon Sep 17 00:00:00 2001 From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" Date: Mon, 20 Jun 2022 05:57:46 +0000 -Subject: [PATCH 27/49] Fix dpp config parameter setting +Subject: [PATCH 27/60] Fix dpp config parameter setting --- src/common/dpp.c | 7 ++++--- diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0028-DPP-Resolving-failure-of-dpp-configurator-exchange-f.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0028-DPP-Resolving-failure-of-dpp-configurator-exchange-f.patch index 4d8448982..b9bdaf617 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0028-DPP-Resolving-failure-of-dpp-configurator-exchange-f.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0028-DPP-Resolving-failure-of-dpp-configurator-exchange-f.patch @@ -1,7 +1,7 @@ From b19b6f1165800106ccd941b6042ea804bfa95d5f Mon Sep 17 00:00:00 2001 From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" Date: Thu, 30 Jun 2022 08:01:45 +0000 -Subject: [PATCH 28/49] DPP: Resolving failure of dpp configurator exchange for +Subject: [PATCH 28/60] DPP: Resolving failure of dpp configurator exchange for configurator plus initiator in AP role with fmac --- diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0029-Enabling-SUITEB192-and-SUITEB-compile-options.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0029-Enabling-SUITEB192-and-SUITEB-compile-options.patch index 49c53d64b..2adecd704 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0029-Enabling-SUITEB192-and-SUITEB-compile-options.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0029-Enabling-SUITEB192-and-SUITEB-compile-options.patch @@ -1,7 +1,7 @@ From 7d621a129690b061afd61e8bd21d9b816f09d8ac Mon Sep 17 00:00:00 2001 From: Carter Chen Date: Mon, 4 Jul 2022 02:19:48 -0500 -Subject: [PATCH 29/49] Enabling SUITEB192 and SUITEB compile options +Subject: [PATCH 29/60] Enabling SUITEB192 and SUITEB compile options Enabling the compile options for SUITEB and SUITEB-192 related configurations and wpa_cli commands. diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0030-DPP-Enabling-CLI_EDIT-option-for-enrollee-plus-respo.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0030-DPP-Enabling-CLI_EDIT-option-for-enrollee-plus-respo.patch index ea78e16dd..aa98785fa 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0030-DPP-Enabling-CLI_EDIT-option-for-enrollee-plus-respo.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0030-DPP-Enabling-CLI_EDIT-option-for-enrollee-plus-respo.patch @@ -1,7 +1,7 @@ From 621de92cbd36719e3febe385411a65ccfa646344 Mon Sep 17 00:00:00 2001 From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" Date: Fri, 22 Jul 2022 07:52:30 +0000 -Subject: [PATCH 30/49] DPP: Enabling CLI_EDIT option for enrollee plus +Subject: [PATCH 30/60] DPP: Enabling CLI_EDIT option for enrollee plus responder in STA role with fmac --- diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0032-non-upstream-SAE-disconnect-after-PMKSA-cache-expire.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0032-non-upstream-SAE-disconnect-after-PMKSA-cache-expire.patch index 3381303ca..d14dfdfcc 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0032-non-upstream-SAE-disconnect-after-PMKSA-cache-expire.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0032-non-upstream-SAE-disconnect-after-PMKSA-cache-expire.patch @@ -1,7 +1,7 @@ From 65ed1eadc11b838a4ba223648bfd3d87bf492319 Mon Sep 17 00:00:00 2001 From: Ian Lin Date: Mon, 18 Jul 2022 00:49:49 -0500 -Subject: [PATCH 32/49] non-upstream: SAE: disconnect after PMKSA cache expire +Subject: [PATCH 32/60] non-upstream: SAE: disconnect after PMKSA cache expire If the dot11RSNAConfigPMKLifetime is set, skip the flow of postponing the expiration in b0f457b6 and run disconnect flow. diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0034-wpa_supplicant-Set-PMKSA-to-driver-while-key-mgmt-is.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0034-wpa_supplicant-Set-PMKSA-to-driver-while-key-mgmt-is.patch index 743a338bb..bcd9b3132 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0034-wpa_supplicant-Set-PMKSA-to-driver-while-key-mgmt-is.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0034-wpa_supplicant-Set-PMKSA-to-driver-while-key-mgmt-is.patch @@ -1,7 +1,7 @@ From da53435d4d11db827e3661be372e7b9773eaa842 Mon Sep 17 00:00:00 2001 From: JasonHuang Date: Thu, 8 Sep 2022 03:26:23 -0500 -Subject: [PATCH 34/49] wpa_supplicant: Set PMKSA to driver while key mgmt is +Subject: [PATCH 34/60] wpa_supplicant: Set PMKSA to driver while key mgmt is FT When the fast roaming is determined by the firmware, the diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0035-nl80211-Set-NL80211_SCAN_FLAG_COLOCATED_6GHZ-in-scan.murata.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0035-nl80211-Set-NL80211_SCAN_FLAG_COLOCATED_6GHZ-in-scan.murata.patch index 3d0ad0b00..7bb5525d1 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0035-nl80211-Set-NL80211_SCAN_FLAG_COLOCATED_6GHZ-in-scan.murata.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0035-nl80211-Set-NL80211_SCAN_FLAG_COLOCATED_6GHZ-in-scan.murata.patch @@ -1,7 +1,7 @@ From 2173b4648a59f7ab499b7974189f2ba025b6a25e Mon Sep 17 00:00:00 2001 From: Tova Mussai Date: Sun, 24 Apr 2022 12:57:52 +0300 -Subject: [PATCH 35/49] nl80211: Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in scan +Subject: [PATCH 35/60] nl80211: Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in scan Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in the scan parameters to enable scanning for co-located APs discovered based on neighbor reports from diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0037-Enabling-OWE-in-wpa_supplicant.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0037-Enabling-OWE-in-wpa_supplicant.patch index 27e02add8..f95ebd8a2 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0037-Enabling-OWE-in-wpa_supplicant.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0037-Enabling-OWE-in-wpa_supplicant.patch @@ -1,7 +1,7 @@ From 4a920e2446cff3f215614d63798e675bb5e25549 Mon Sep 17 00:00:00 2001 From: Carter Chen Date: Wed, 19 Oct 2022 03:29:39 -0500 -Subject: [PATCH 37/49] Enabling OWE in wpa_supplicant +Subject: [PATCH 37/60] Enabling OWE in wpa_supplicant Enabling the compile options for OWE. diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0039-FT-Sync-nl80211-ext-feature-index.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0039-FT-Sync-nl80211-ext-feature-index.patch index 91ecd85cf..691ca6e7b 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0039-FT-Sync-nl80211-ext-feature-index.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0039-FT-Sync-nl80211-ext-feature-index.patch @@ -1,7 +1,7 @@ From 7076f7634cc9d7a88f009c448ada307841b42a2a Mon Sep 17 00:00:00 2001 From: JasonHuang Date: Sun, 30 Oct 2022 21:58:34 -0500 -Subject: [PATCH 39/49] FT: Sync nl80211 ext feature index +Subject: [PATCH 39/60] FT: Sync nl80211 ext feature index The backports-5.15.58 has been used. Supplicant should sync the nl80211_ext_feature_index with backports to avoid unexpected fail. diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0040-nl80211-Introduce-a-vendor-header-for-vendor-NL-ifac.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0040-nl80211-Introduce-a-vendor-header-for-vendor-NL-ifac.patch index 4aa8a8767..66df83dbc 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0040-nl80211-Introduce-a-vendor-header-for-vendor-NL-ifac.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0040-nl80211-Introduce-a-vendor-header-for-vendor-NL-ifac.patch @@ -1,7 +1,7 @@ From 62c82984916623e6e00053dcb148de71d24bdaf5 Mon Sep 17 00:00:00 2001 From: Gokul Sivakumar Date: Mon, 11 Jul 2022 11:15:25 +0530 -Subject: [PATCH 40/49] nl80211: Introduce a vendor header for vendor NL iface +Subject: [PATCH 40/60] nl80211: Introduce a vendor header for vendor NL iface to DRV with OUI_IFX So far, the proprietary configurations are done either through the private diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0041-add-support-to-offload-TWT-setup-request-handling-to.murata.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0041-add-support-to-offload-TWT-setup-request-handling-to.murata.patch index cff1286f3..31e38916e 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0041-add-support-to-offload-TWT-setup-request-handling-to.murata.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0041-add-support-to-offload-TWT-setup-request-handling-to.murata.patch @@ -1,7 +1,7 @@ From 013beb7bc5036bf627fce3707a7a83344ffa05aa Mon Sep 17 00:00:00 2001 From: Gokul Sivakumar Date: Mon, 11 Jul 2022 11:16:37 +0530 -Subject: [PATCH 41/49] add support to offload TWT setup request handling to +Subject: [PATCH 41/60] add support to offload TWT setup request handling to the Firmware With "TWT_SETUP" control sock cmd interface currently available in the diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0042-add-support-to-offload-TWT-Teardown-request-handling.murata.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0042-add-support-to-offload-TWT-Teardown-request-handling.murata.patch index 9a97f17fb..18354c584 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0042-add-support-to-offload-TWT-Teardown-request-handling.murata.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0042-add-support-to-offload-TWT-Teardown-request-handling.murata.patch @@ -1,7 +1,7 @@ From 9a87c940340e1c665ce7172e7df147d53d1daabe Mon Sep 17 00:00:00 2001 From: Gokul Sivakumar Date: Mon, 11 Jul 2022 11:16:50 +0530 -Subject: [PATCH 42/49] add support to offload TWT Teardown request handling to +Subject: [PATCH 42/60] add support to offload TWT Teardown request handling to the Firmware With "TWT_TEARDOWN" control sock cmd interface currently available in the diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.murata.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.murata.patch index 6d5492898..1e221d156 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.murata.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.murata.patch @@ -1,7 +1,7 @@ From e03937fecb74cf50d70721ea2a0b14fa5e12153a Mon Sep 17 00:00:00 2001 From: Gokul Sivakumar Date: Mon, 11 Jul 2022 11:17:04 +0530 -Subject: [PATCH 43/49] Add support to configure TWT of a session using offset +Subject: [PATCH 43/60] Add support to configure TWT of a session using offset in microseconds Introduce a new cmd line argument "twt_offset=" in the existing list diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch similarity index 97% rename from meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch rename to meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch index de1124705..aa615dcdf 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch @@ -1,7 +1,7 @@ From 897917008b37a16985d0f1ae9d768c6450741574 Mon Sep 17 00:00:00 2001 From: Owen Huang Date: Wed, 30 Nov 2022 01:35:58 -0600 -Subject: [PATCH 48/49] Fix associating failed when PMK lifetime is set to 1 +Subject: [PATCH 48/60] Fix associating failed when PMK lifetime is set to 1 In WPA3 11.1 STAUT server certificate validation test * set dot11RSNAConfigPMKLifetime to 1 diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.digi.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.digi.patch new file mode 100644 index 000000000..757fc0acc --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.digi.patch @@ -0,0 +1,381 @@ +From 67be9ce68d84e2800b481123a0c140e5ad912619 Mon Sep 17 00:00:00 2001 +From: Carter Chen +Date: Wed, 14 Dec 2022 01:34:23 -0600 +Subject: [PATCH 49/60] non-upstream: MBO: wpa_cli mbo command by IFX vendorID + +Signed-off-by: Carter Chen +Signed-off-by: Shelley Yang +--- + src/common/ifx_vendor.h | 52 +++++++++++ + src/drivers/driver.h | 46 ++++++++++ + src/drivers/driver_nl80211.c | 141 ++++++++++++++++++++++++++++++ + src/drivers/driver_nl80211.h | 1 + + src/drivers/driver_nl80211_capa.c | 3 + + 5 files changed, 243 insertions(+) + +diff --git a/src/common/ifx_vendor.h b/src/common/ifx_vendor.h +index aa8e83b..6cd3b87 100644 +--- a/src/common/ifx_vendor.h ++++ b/src/common/ifx_vendor.h +@@ -54,10 +54,12 @@ + * + * @IFX_VENDOR_SCMD_AMSDU: Vendor command to enable/disable AMSDU on all the TID queues + * + * @IFX_VENDOR_SCMD_TWT: Vendor subcommand to configure TWT + * Uses attributes defined in enum ifx_vendor_attr_twt. ++ * @IFX_VENDOR_SCMD_MBO: Vendor subcommand to configure MBO ++ * Uses attribute IFX_VENDOR_ATTR_MBO to configure. + * + * @IFX_VENDOR_SCMD_MAX: This acts as a the tail of cmds list. + * Make sure it located at the end of the list. + */ + enum ifx_nl80211_vendor_subcmds { +@@ -72,10 +74,12 @@ enum ifx_nl80211_vendor_subcmds { + /* Reserved 7-10 */ + IFX_VENDOR_SCMD_MUEDCA_OPT_ENABLE = 11, + IFX_VENDOR_SCMD_LDPC_CAP = 12, + IFX_VENDOR_SCMD_AMSDU = 13, + IFX_VENDOR_SCMD_TWT = 14, ++ /* Reserved 15-17 */ ++ IFX_VENDOR_SCMD_MBO = 18, + IFX_VENDOR_SCMD_MAX + }; + + /* + * enum ifx_vendor_attr - IFX nl80211 vendor attributes +@@ -94,10 +98,17 @@ enum ifx_vendor_attr { + IFX_VENDOR_ATTR_UNSPEC = 0, + /* Reserved 1-10 */ + IFX_VENDOR_ATTR_MAX = 11 + }; + ++enum ifx_vendor_attr_mbo { ++ IFX_VENDOR_ATTR_MBO_UNSPEC, ++ IFX_VENDOR_ATTR_MBO_CMD, ++ IFX_VENDOR_ATTR_MBO_PARAMS, ++ IFX_VENDOR_ATTR_MBO_MAX ++}; ++ + /* + * enum ifx_vendor_attr_twt - Attributes for the TWT vendor command + * + * @IFX_VENDOR_ATTR_TWT_UNSPEC: Reserved value 0 + * +@@ -258,6 +269,47 @@ enum ifx_twt_oper_setup_cmd_type { + IFX_TWT_OPER_SETUP_CMD_TYPE_DICTATE = 6, + IFX_TWT_OPER_SETUP_CMD_TYPE_REJECT = 7, + IFX_TWT_OPER_SETUP_CMD_TYPE_MAX = 8 + }; + ++enum ifx_mbo_config_cmd_type { ++ IFX_MBO_CONFIG_CMD_TYPE_INVALID = -1, ++ //align internal definition ++ IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF = 1, ++ IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF = 2, ++ IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF = 3, ++ IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP = 4, ++ IFX_MBO_CONFIG_CMD_DUMP_COUNTER = 5, ++ IFX_MBO_CONFIG_CMD_CLEAR_COUNTER = 6, ++ IFX_MBO_CONFIG_CMD_FORCE_ASSOC = 7, ++ IFX_MBO_CONFIG_CMD_BSSTRANS_REJ = 8, ++ IFX_MBO_CONFIG_CMD_SEND_NOTIF = 9, ++ IFX_MBO_CONFIG_CMD_CLR_CHAN_PREF = 10, ++ IFX_MBO_CONFIG_CMD_NBR_INFO_CACHE = 11, ++ IFX_MBO_CONFIG_CMD_ANQPO_SUPPORT = 12, ++ IFX_MBO_CONFIG_CMD_DBG_EVENT_CHECK = 13, ++ IFX_MBO_CONFIG_CMD_EVENT_MASK = 14, ++ IFX_MBO_CONFIG_CMD_ASSOC_DISALLOWED = 15, ++ IFX_MBO_CONFIG_CMD_CELLULAR_DATA_PREF = 16, ++ IFX_MBO_CONFIG_CMD_TYPE_MAX = 17 ++}; ++ ++enum ifx_vendor_attr_mbo_param { ++ IFX_VENDOR_ATTR_MBO_PARAM_UNSPEC, ++ IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS, ++ IFX_VENDOR_ATTR_MBO_PARAM_CHAN, ++ IFX_VENDOR_ATTR_MBO_PARAM_PREFERENCE, ++ IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE, ++ IFX_VENDOR_ATTR_MBO_PARAM_CELL_DATA_CAP, ++ IFX_VENDOR_ATTR_MBO_PARAM_COUNTERS, ++ IFX_VENDOR_ATTR_MBO_PARAM_ENABLE, ++ IFX_VENDOR_ATTR_MBO_PARAM_SUB_ELEM_TYPE, ++ IFX_VENDOR_ATTR_MBO_PARAM_BTQ_TRIG_START_OFFSET, ++ IFX_VENDOR_ATTR_MBO_PARAM_BTQ_TRIG_RSSI_DELTA, ++ IFX_VENDOR_ATTR_MBO_PARAM_ANQP_CELL_SUPP, ++ IFX_VENDOR_ATTR_MBO_PARAM_BIT_MASK, ++ IFX_VENDOR_ATTR_MBO_PARAM_ASSOC_DISALLOWED, ++ IFX_VENDOR_ATTR_MBO_PARAM_CELLULAR_DATA_PREF, ++ IFX_VENDOR_ATTR_MBO_PARAM_MAX ++}; ++ + #endif /* IFX_VENDOR_H */ +diff --git a/src/drivers/driver.h b/src/drivers/driver.h +index 23f599b..996614e 100644 +--- a/src/drivers/driver.h ++++ b/src/drivers/driver.h +@@ -2551,10 +2551,55 @@ struct drv_teardown_twt_params { + u8 flow_id; + u8 bcast_twt_id; + u8 teardown_all_twt; + }; + #endif /* CONFIG_TWT_OFFLOAD_IFX */ ++ ++struct drv_config_mbo_params { ++ u8 cmd; ++ union { ++ struct { ++ u8 op_class; ++ u8 chan; ++ u8 pref_val; ++ u8 reason; ++ } add_chan_pref; ++ struct { ++ u8 op_class; ++ u8 chan; ++ } del_chan_pref; ++ struct { ++ u8 cap; ++ } cell_data_cap; ++ struct { ++ u8 enable; ++ } force_assoc; ++ struct { ++ u8 enable; ++ u8 reason; ++ } bsstrans_reject; ++ struct { ++ u8 type; ++ } send_notif; ++ struct { ++ u8 enable; ++ u8 t_offset; ++ u8 trig_delta; ++ } nbr_info_cache; ++ struct { ++ u8 enable; ++ u8 value; ++ } anqpo_support; ++ struct { ++ u8 disallow; ++ u8 reason; ++ } assoc_disallow; ++ struct { ++ u8 pref_value; ++ } cellular_pref; ++ } u; ++}; + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + struct wpa_bss_trans_info { + u8 mbo_transition_reason; + u8 n_candidates; +@@ -4679,10 +4724,11 @@ struct wpa_driver_ops { + * teardown_twt - Teardown the already negotiated TWT session + * @params: Teardown TWT params + */ + int (*teardown_twt)(void *priv, struct drv_teardown_twt_params *params); + #endif /* CONFIG_TWT_OFFLOAD_IFX */ ++ int (*config_mbo)(void *priv, struct drv_config_mbo_params *params); + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + }; + + /** +diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c +index 3d98e59..506b1e4 100644 +--- a/src/drivers/driver_nl80211.c ++++ b/src/drivers/driver_nl80211.c +@@ -12471,10 +12471,150 @@ fail: + nl80211_nlmsg_clear(msg); + nlmsg_free(msg); + return ret; + } + #endif /* CONFIG_TWT_OFFLOAD_IFX */ ++ ++static int wpa_driver_nl80211_config_mbo(void *priv, struct drv_config_mbo_params *params) ++{ ++ struct i802_bss *bss = priv; ++ struct wpa_driver_nl80211_data *drv = bss->drv; ++ struct nl_msg *msg = NULL; ++ struct nlattr *data, *mbo_param_attrs; ++ int ret = -1; ++ ++ if (!drv->ifx_mbo_offload) ++ goto fail; ++ ++ if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || ++ nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_IFX) || ++ nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, IFX_VENDOR_SCMD_MBO)) ++ goto fail; ++ ++ data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); ++ if (!data) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_CMD, params->cmd)) ++ goto fail; ++ ++ switch (params->cmd) { ++ case IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS, ++ params->u.add_chan_pref.op_class) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CHAN, ++ params->u.add_chan_pref.chan) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_PREFERENCE, ++ params->u.add_chan_pref.pref_val) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE, ++ params->u.add_chan_pref.reason)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS, ++ params->u.del_chan_pref.op_class) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CHAN, ++ params->u.del_chan_pref.chan)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CELL_DATA_CAP, ++ params->u.cell_data_cap.cap)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_FORCE_ASSOC: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_ENABLE, ++ params->u.force_assoc.enable)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_FORCE_ASSOC msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_BSSTRANS_REJ: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_ENABLE, ++ params->u.bsstrans_reject.enable) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE, ++ params->u.bsstrans_reject.reason)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_SEND_NOTIF: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_SUB_ELEM_TYPE, ++ params->u.send_notif.type)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_FORCE_ASSOC msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF: ++ case IFX_MBO_CONFIG_CMD_DUMP_COUNTER: ++ case IFX_MBO_CONFIG_CMD_CLEAR_COUNTER: ++ wpa_printf(MSG_DEBUG, ++ "MBO config: cmd %d doesn't need extra attribute", ++ params->cmd); ++ break; ++ default: ++ break; ++ } ++ ++ nla_nest_end(msg, data); ++ ++ ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); ++ if (ret) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: Failed to invoke driver " ++ "MBO config function: %s", ++ strerror(-ret)); ++ } ++ ++ return ret; ++fail: ++ nl80211_nlmsg_clear(msg); ++ nlmsg_free(msg); ++ return ret; ++} + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + const struct wpa_driver_ops wpa_driver_nl80211_ops = { + .name = "nl80211", + .desc = "Linux nl80211/cfg80211", +@@ -12622,7 +12762,8 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = { + #ifdef CONFIG_DRIVER_NL80211_IFX + #ifdef CONFIG_TWT_OFFLOAD_IFX + .setup_twt = wpa_driver_nl80211_setup_twt, + .teardown_twt = wpa_driver_nl80211_teardown_twt, + #endif /* CONFIG_TWT_OFFLOAD_IFX */ ++ .config_mbo = wpa_driver_nl80211_config_mbo, + #endif /* CONFIG_DRIVER_NL80211_IFX */ + }; +diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h +index f681afb..6d2c094 100644 +--- a/src/drivers/driver_nl80211.h ++++ b/src/drivers/driver_nl80211.h +@@ -180,10 +180,11 @@ struct wpa_driver_nl80211_data { + unsigned int unsol_bcast_probe_resp:1; + unsigned int qca_do_acs:1; + unsigned int brcm_do_acs:1; + #ifdef CONFIG_DRIVER_NL80211_IFX + unsigned int ifx_twt_offload:1; ++ unsigned int ifx_mbo_offload:1; + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + u64 vendor_scan_cookie; + u64 remain_on_chan_cookie; + u64 send_frame_cookie; +diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c +index 19d1569..b0807a7 100644 +--- a/src/drivers/driver_nl80211_capa.c ++++ b/src/drivers/driver_nl80211_capa.c +@@ -1057,10 +1057,13 @@ static int wiphy_info_handler(struct nl_msg *msg, void *arg) + } else if (vinfo->vendor_id == OUI_IFX) { + switch (vinfo->subcmd) { + case IFX_VENDOR_SCMD_TWT: + drv->ifx_twt_offload = 1; + break; ++ case IFX_VENDOR_SCMD_MBO: ++ drv->ifx_mbo_offload = 1; ++ break; + } + #endif /* CONFIG_DRIVER_NL80211_IFX */ + } + + wpa_printf(MSG_DEBUG, "nl80211: Supported vendor command: vendor_id=0x%x subcmd=%u", diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.digi.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.digi.patch new file mode 100644 index 000000000..f54390a51 --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.digi.patch @@ -0,0 +1,48 @@ +From cfaf2f6273ddd9ac618c61bc2294fb60297100a7 Mon Sep 17 00:00:00 2001 +From: Jouni Malinen +Date: Wed, 6 Apr 2022 16:13:22 +0300 +Subject: [PATCH 50/60] EAP-TLS: Allow TLSv1.3 support to be enabled with build + config + +The default behavior in wpa_supplicant is to disable use of TLSv1.3 in +EAP-TLS unless explicitly enabled in network configuration. The new +CONFIG_EAP_TLSV1_3=y build parameter can be used to change this to +enable TLSv1.3 by default (if supported by the TLS library). + +Signed-off-by: Jouni Malinen +--- + src/eap_peer/eap_tls_common.c | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c +index c1837db..5fb8945 100644 +--- a/src/eap_peer/eap_tls_common.c ++++ b/src/eap_peer/eap_tls_common.c +@@ -192,18 +192,20 @@ static int eap_tls_params_from_conf(struct eap_sm *sm, + * TLS v1.3 changes, so disable this by default for now. */ + params->flags |= TLS_CONN_DISABLE_TLSv1_3; + } ++#ifndef EAP_TLSV1_3 + if (data->eap_type == EAP_TYPE_TLS || + data->eap_type == EAP_UNAUTH_TLS_TYPE || + data->eap_type == EAP_WFA_UNAUTH_TLS_TYPE) { + /* While the current EAP-TLS implementation is more or less +- * complete for TLS v1.3, there has been no interoperability +- * testing with other implementations, so disable for by default +- * for now until there has been chance to confirm that no +- * significant interoperability issues show up with TLS version +- * update. ++ * complete for TLS v1.3, there has been only minimal ++ * interoperability testing with other implementations, so ++ * disable it by default for now until there has been chance to ++ * confirm that no significant interoperability issues show up ++ * with TLS version update. + */ + params->flags |= TLS_CONN_DISABLE_TLSv1_3; + } ++#endif /* EAP_TLSV1_3 */ + if (phase2 && sm->use_machine_cred) { + wpa_printf(MSG_DEBUG, "TLS: using machine config options"); + eap_tls_params_from_conf2m(params, config); +-- +2.43.0 diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0052-Disable-4-way-handshake-offload-for-DPP.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0052-Disable-4-way-handshake-offload-for-DPP.patch new file mode 100644 index 000000000..14df86fa1 --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0052-Disable-4-way-handshake-offload-for-DPP.patch @@ -0,0 +1,31 @@ +From e533a201ebe00eb208509117b3b69b3e58f34633 Mon Sep 17 00:00:00 2001 +From: avishad verma +Date: Tue, 7 Mar 2023 04:44:25 -0600 +Subject: [PATCH 52/60] Disable 4-way handshake offload for DPP + +H1 combo is using internal supplicant and 4-way handshake is offloaded +to firmware for softap mode. +For DPP Softap role external supplicant will be used. + +Signed-off-by: avishad verma +--- + src/ap/wpa_auth_glue.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c +index c8dee2aef..7e3b8384f 100644 +--- a/src/ap/wpa_auth_glue.c ++++ b/src/ap/wpa_auth_glue.c +@@ -1529,6 +1529,9 @@ int hostapd_setup_wpa(struct hostapd_data *hapd) + !!(hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_PROT_RANGE_NEG); + + if (!hapd->conf->p2p && ++#ifdef CONFIG_DPP ++ (!(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP)) && ++#endif /* CONFIG_DPP */ + (hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_4WAY_HANDSHAKE_AP_PSK)) + _conf.psk_4way_hs_offload = 1; + +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.digi.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.digi.patch new file mode 100644 index 000000000..bd1ca6b57 --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.digi.patch @@ -0,0 +1,283 @@ +From 54929427eb8af4affaf8017bc8d127cc7c629581 Mon Sep 17 00:00:00 2001 +From: Shelley Yang +Date: Wed, 29 Mar 2023 03:28:59 -0500 +Subject: [PATCH 53/60] non-upstream: WNM: wpa_cli wnm_maxilde command by IFX + vendorID + +1. set +before: wl wnm_maxidle 10 1 +after: wpa_cli wnm_maxidle period=10 option=1 +2. get +before: wl wnm_maxidle +after: wpa_cli wnm_maxidle + +Fixes: SWWLAN-145213 + +Signed-off-by: Shelley Yang +--- + src/common/ifx_vendor.h | 55 ++++++++++++++++++ + src/drivers/driver.h | 7 +++ + src/drivers/driver_nl80211.c | 92 +++++++++++++++++++++++++++++++ + src/drivers/driver_nl80211.h | 1 + + src/drivers/driver_nl80211_capa.c | 3 + + 5 files changed, 158 insertions(+) + +diff --git a/src/common/ifx_vendor.h b/src/common/ifx_vendor.h +index 6cd3b87..2fed69c 100644 +--- a/src/common/ifx_vendor.h ++++ b/src/common/ifx_vendor.h +@@ -76,10 +76,11 @@ enum ifx_nl80211_vendor_subcmds { + IFX_VENDOR_SCMD_LDPC_CAP = 12, + IFX_VENDOR_SCMD_AMSDU = 13, + IFX_VENDOR_SCMD_TWT = 14, + /* Reserved 15-17 */ + IFX_VENDOR_SCMD_MBO = 18, ++ IFX_VENDOR_SCMD_WNM = 25, + IFX_VENDOR_SCMD_MAX + }; + + /* + * enum ifx_vendor_attr - IFX nl80211 vendor attributes +@@ -310,6 +311,60 @@ enum ifx_vendor_attr_mbo_param { + IFX_VENDOR_ATTR_MBO_PARAM_ASSOC_DISALLOWED, + IFX_VENDOR_ATTR_MBO_PARAM_CELLULAR_DATA_PREF, + IFX_VENDOR_ATTR_MBO_PARAM_MAX + }; + ++enum ifx_vendor_attr_wnm { ++ IFX_VENDOR_ATTR_WNM_UNSPEC, ++ IFX_VENDOR_ATTR_WNM_CMD, ++ IFX_VENDOR_ATTR_WNM_PARAMS, ++ IFX_VENDOR_ATTR_WNM_MAX ++}; ++ ++enum ifx_wnm_config_cmd_type { ++ IFX_WNM_CONFIG_CMD_TYPE_INVALID = -1, ++ //align internal definition ++ IFX_WNM_CONFIG_CMD_IOV_WNM = 1, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_MAXIDLE = 2, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TIMBC_OFFSET = 3, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_URL = 4, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_REQ = 5, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_TCLASTYPE = 6, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_PARP_DISCARD = 7, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_PARP_ALLNODE = 8, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TIMBC_SET = 9, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TIMBC_STATUS = 10, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_SET = 11, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_TERM = 12, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_SERVICE_TERM = 13, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_SLEEP_INTV = 14, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_SLEEP_MODE = 15, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_QUERY = 16, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_RESP = 17, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TCLAS_ADD = 18, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TCLAS_DEL = 19, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TCLAS_LIST = 20, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_STATUS = 21, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_KEEPALIVES_MAX_IDLE = 22, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_PM_IGNORE_BCMC = 23, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_DEPENDENCY = 24, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_ROAMTHROTTLE = 25, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_SET = 26, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_TERM = 27, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_STATUS = 28, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BTQ_NBR_ADD = 29, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BTQ_NBR_DEL = 30, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BTQ_NBR_LIST = 31, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_RSSI_RATE_MAP = 32, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_KEEPALIVE_PKT_TYPE = 33, ++ IFX_WNM_CONFIG_CMD_TYPE_MAX ++}; ++ ++enum ifx_vendor_attr_wnm_maxidle_param { ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_UNSPEC, ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_GET_INFO, ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_IDLE_PERIOD, ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_PROTECTION_OPT, ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_MAX ++}; ++ + #endif /* IFX_VENDOR_H */ +diff --git a/src/drivers/driver.h b/src/drivers/driver.h +index 996614e..d75abbd 100644 +--- a/src/drivers/driver.h ++++ b/src/drivers/driver.h +@@ -2596,10 +2596,16 @@ struct drv_config_mbo_params { + struct { + u8 pref_value; + } cellular_pref; + } u; + }; ++ ++struct drv_maxidle_wnm_params { ++ u8 get_info; ++ int period; ++ int protect; ++}; + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + struct wpa_bss_trans_info { + u8 mbo_transition_reason; + u8 n_candidates; +@@ -4725,10 +4731,11 @@ struct wpa_driver_ops { + * @params: Teardown TWT params + */ + int (*teardown_twt)(void *priv, struct drv_teardown_twt_params *params); + #endif /* CONFIG_TWT_OFFLOAD_IFX */ + int (*config_mbo)(void *priv, struct drv_config_mbo_params *params); ++ int (*maxidle_wnm)(void *priv, struct drv_maxidle_wnm_params *params); + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + }; + + /** +diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c +index 506b1e4..ed7c969 100644 +--- a/src/drivers/driver_nl80211.c ++++ b/src/drivers/driver_nl80211.c +@@ -12611,10 +12611,101 @@ static int wpa_driver_nl80211_config_mbo(void *priv, struct drv_config_mbo_param + fail: + nl80211_nlmsg_clear(msg); + nlmsg_free(msg); + return ret; + } ++ ++static int wpa_driver_nl80211_maxidle_wnm_reply_handler(struct nl_msg *msg, void *arg) ++{ ++ struct nlattr *tb_msg[NL80211_ATTR_MAX + 1]; ++ struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); ++ char *buf = arg; ++ char *data; ++ int len; ++ ++ wpa_printf(MSG_INFO, "nl80211: maxidle_wnm command reply handler"); ++ ++ nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), ++ genlmsg_attrlen(gnlh, 0), NULL); ++ ++ if (tb_msg[NL80211_ATTR_VENDOR_DATA]) { ++ data = (char *)((char *)tb_msg[NL80211_ATTR_VENDOR_DATA] + GENL_HDRLEN); ++ len = nla_len(tb_msg[NL80211_ATTR_VENDOR_DATA]); ++ os_memcpy(buf, data, len); ++ } ++ return NL_SKIP; ++} ++ ++static int wpa_driver_nl80211_config_maxidle_wnm(void *priv, struct drv_maxidle_wnm_params *params) ++{ ++ struct i802_bss *bss = priv; ++ struct wpa_driver_nl80211_data *drv = bss->drv; ++ struct nl_msg *msg = NULL; ++ struct nlattr *data, *wnm_param_attrs; ++ int ret = -1, get_period = 0; ++ ++ if (!drv->ifx_wnm_offload) ++ goto fail; ++ ++ if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || ++ nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_IFX) || ++ nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, IFX_VENDOR_SCMD_WNM)) ++ goto fail; ++ ++ data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); ++ if (!data) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_CMD, IFX_WNM_CONFIG_CMD_IOV_WNM_MAXIDLE)) ++ goto fail; ++ ++ wnm_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_WNM_PARAMS); ++ if (!wnm_param_attrs) ++ goto fail; ++ ++ if (params->get_info) { ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_GET_INFO, ++ params->get_info)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: WNM config: build msg ATTR:%d failed", ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_GET_INFO); ++ goto fail; ++ } ++ } else { ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_IDLE_PERIOD, ++ params->period) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_PROTECTION_OPT, ++ params->protect)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: WNM config: build ATTR:%d %d failed", ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_IDLE_PERIOD, ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_PROTECTION_OPT); ++ goto fail; ++ } ++ } ++ nla_nest_end(msg, wnm_param_attrs); ++ nla_nest_end(msg, data); ++ ++ if (params->get_info) ++ ret = send_and_recv_msgs(drv, msg, wpa_driver_nl80211_maxidle_wnm_reply_handler, ++ &get_period, NULL, NULL); ++ else ++ ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); ++ ++ if (ret) ++ wpa_printf(MSG_ERROR, "nl80211: WNM maxidle: Failed to invoke driver %s", ++ strerror(-ret)); ++ else ++ if (params->get_info) ++ params->period = get_period; ++ ++ return ret; ++fail: ++ nl80211_nlmsg_clear(msg); ++ nlmsg_free(msg); ++ return ret; ++} + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + const struct wpa_driver_ops wpa_driver_nl80211_ops = { + .name = "nl80211", + .desc = "Linux nl80211/cfg80211", +@@ -12763,7 +12854,8 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = { + #ifdef CONFIG_TWT_OFFLOAD_IFX + .setup_twt = wpa_driver_nl80211_setup_twt, + .teardown_twt = wpa_driver_nl80211_teardown_twt, + #endif /* CONFIG_TWT_OFFLOAD_IFX */ + .config_mbo = wpa_driver_nl80211_config_mbo, ++ .maxidle_wnm = wpa_driver_nl80211_config_maxidle_wnm, + #endif /* CONFIG_DRIVER_NL80211_IFX */ + }; +diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h +index 6d2c094..6d9945c 100644 +--- a/src/drivers/driver_nl80211.h ++++ b/src/drivers/driver_nl80211.h +@@ -181,10 +181,11 @@ struct wpa_driver_nl80211_data { + unsigned int qca_do_acs:1; + unsigned int brcm_do_acs:1; + #ifdef CONFIG_DRIVER_NL80211_IFX + unsigned int ifx_twt_offload:1; + unsigned int ifx_mbo_offload:1; ++ unsigned int ifx_wnm_offload:1; + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + u64 vendor_scan_cookie; + u64 remain_on_chan_cookie; + u64 send_frame_cookie; +diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c +index b0807a7..21b9c03 100644 +--- a/src/drivers/driver_nl80211_capa.c ++++ b/src/drivers/driver_nl80211_capa.c +@@ -1060,10 +1060,13 @@ static int wiphy_info_handler(struct nl_msg *msg, void *arg) + drv->ifx_twt_offload = 1; + break; + case IFX_VENDOR_SCMD_MBO: + drv->ifx_mbo_offload = 1; + break; ++ case IFX_VENDOR_SCMD_WNM: ++ drv->ifx_wnm_offload = 1; ++ break; + } + #endif /* CONFIG_DRIVER_NL80211_IFX */ + } + + wpa_printf(MSG_DEBUG, "nl80211: Supported vendor command: vendor_id=0x%x subcmd=%u", diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch new file mode 100644 index 000000000..0e0400b14 --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch @@ -0,0 +1,170 @@ +From b3165e0a92a3090a99ef396e77fa90b7e61d6558 Mon Sep 17 00:00:00 2001 +From: Carter Chen +Date: Wed, 3 May 2023 21:13:26 -0500 +Subject: [PATCH 54/60] brcmfmac: sync content of nl80211_copy.h for BSS_COLOR + attributes + +sync the nl80211.h as of 0d2ab3aea in brcm80211 + +Signed-off-by: Carter Chen +--- + src/drivers/driver_nl80211_event.c | 5 +++ + src/drivers/nl80211_copy.h | 56 ++++++++++++++++++++++++++++-- + 2 files changed, 59 insertions(+), 2 deletions(-) + +diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c +index fe91fff90..d3cb8d882 100644 +--- a/src/drivers/driver_nl80211_event.c ++++ b/src/drivers/driver_nl80211_event.c +@@ -172,6 +172,11 @@ static const char * nl80211_command_to_string(enum nl80211_commands cmd) + C2S(NL80211_CMD_UNPROT_BEACON) + C2S(NL80211_CMD_CONTROL_PORT_FRAME_TX_STATUS) + C2S(NL80211_CMD_SET_SAR_SPECS) ++ C2S(NL80211_CMD_OBSS_COLOR_COLLISION) ++ C2S(NL80211_CMD_COLOR_CHANGE_REQUEST) ++ C2S(NL80211_CMD_COLOR_CHANGE_STARTED) ++ C2S(NL80211_CMD_COLOR_CHANGE_ABORTED) ++ C2S(NL80211_CMD_COLOR_CHANGE_COMPLETED) + C2S(__NL80211_CMD_AFTER_LAST) + } + #undef C2S +diff --git a/src/drivers/nl80211_copy.h b/src/drivers/nl80211_copy.h +index db5b1503d..ee80ae025 100644 +--- a/src/drivers/nl80211_copy.h ++++ b/src/drivers/nl80211_copy.h +@@ -11,7 +11,7 @@ + * Copyright 2008 Jouni Malinen + * Copyright 2008 Colin McCabe + * Copyright 2015-2017 Intel Deutschland GmbH +- * Copyright (C) 2018-2020 Intel Corporation ++ * Copyright (C) 2018-2021 Intel Corporation + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above +@@ -1185,6 +1185,21 @@ + * passed using %NL80211_ATTR_SAR_SPEC. %NL80211_ATTR_WIPHY is used to + * specify the wiphy index to be applied to. + * ++ * @NL80211_CMD_OBSS_COLOR_COLLISION: This notification is sent out whenever ++ * mac80211/drv detects a bss color collision. ++ * ++ * @NL80211_CMD_COLOR_CHANGE_REQUEST: This command is used to indicate that ++ * userspace wants to change the BSS color. ++ * ++ * @NL80211_CMD_COLOR_CHANGE_STARTED: Notify userland, that a color change has ++ * started ++ * ++ * @NL80211_CMD_COLOR_CHANGE_ABORTED: Notify userland, that the color change has ++ * been aborted ++ * ++ * @NL80211_CMD_COLOR_CHANGE_COMPLETED: Notify userland that the color change ++ * has completed ++ * + * @NL80211_CMD_MAX: highest used command number + * @__NL80211_CMD_AFTER_LAST: internal use + */ +@@ -1417,6 +1432,14 @@ enum nl80211_commands { + + NL80211_CMD_SET_SAR_SPECS, + ++ NL80211_CMD_OBSS_COLOR_COLLISION, ++ ++ NL80211_CMD_COLOR_CHANGE_REQUEST, ++ ++ NL80211_CMD_COLOR_CHANGE_STARTED, ++ NL80211_CMD_COLOR_CHANGE_ABORTED, ++ NL80211_CMD_COLOR_CHANGE_COMPLETED, ++ + /* add new commands above here */ + + /* used to define NL80211_CMD_MAX below */ +@@ -2403,7 +2426,10 @@ enum nl80211_commands { + * in %NL80211_CMD_CONNECT to indicate that for 802.1X authentication it + * wants to use the supported offload of the 4-way handshake. + * @NL80211_ATTR_PMKR0_NAME: PMK-R0 Name for offloaded FT. +- * @NL80211_ATTR_PORT_AUTHORIZED: (reserved) ++ * @NL80211_ATTR_PORT_AUTHORIZED: flag attribute used in %NL80211_CMD_ROAMED ++ * notification indicating that that 802.1X authentication was done by ++ * the driver or is not needed (because roaming used the Fast Transition ++ * protocol). + * + * @NL80211_ATTR_EXTERNAL_AUTH_ACTION: Identify the requested external + * authentication operation (u32 attribute with an +@@ -2560,6 +2586,16 @@ enum nl80211_commands { + * disassoc events to indicate that an immediate reconnect to the AP + * is desired. + * ++ * @NL80211_ATTR_OBSS_COLOR_BITMAP: bitmap of the u64 BSS colors for the ++ * %NL80211_CMD_OBSS_COLOR_COLLISION event. ++ * ++ * @NL80211_ATTR_COLOR_CHANGE_COUNT: u8 attribute specifying the number of TBTT's ++ * until the color switch event. ++ * @NL80211_ATTR_COLOR_CHANGE_COLOR: u8 attribute specifying the color that we are ++ * switching to ++ * @NL80211_ATTR_COLOR_CHANGE_ELEMS: Nested set of attributes containing the IE ++ * information for the time while performing a color switch. ++ * + * @NUM_NL80211_ATTR: total number of nl80211_attrs available + * @NL80211_ATTR_MAX: highest attribute number currently defined + * @__NL80211_ATTR_AFTER_LAST: internal use +@@ -3057,6 +3093,12 @@ enum nl80211_attrs { + + NL80211_ATTR_DISABLE_HE, + ++ NL80211_ATTR_OBSS_COLOR_BITMAP, ++ ++ NL80211_ATTR_COLOR_CHANGE_COUNT, ++ NL80211_ATTR_COLOR_CHANGE_COLOR, ++ NL80211_ATTR_COLOR_CHANGE_ELEMS, ++ + /* add attributes here, update the policy in nl80211.c */ + + __NL80211_ATTR_AFTER_LAST, +@@ -3654,6 +3696,8 @@ enum nl80211_mpath_info { + * defined + * @NL80211_BAND_IFTYPE_ATTR_HE_6GHZ_CAPA: HE 6GHz band capabilities (__le16), + * given for all 6 GHz band channels ++ * @NL80211_BAND_IFTYPE_ATTR_VENDOR_ELEMS: vendor element capabilities that are ++ * advertised on this band/for this iftype (binary) + * @__NL80211_BAND_IFTYPE_ATTR_AFTER_LAST: internal use + */ + enum nl80211_band_iftype_attr { +@@ -3665,6 +3709,7 @@ enum nl80211_band_iftype_attr { + NL80211_BAND_IFTYPE_ATTR_HE_CAP_MCS_SET, + NL80211_BAND_IFTYPE_ATTR_HE_CAP_PPE, + NL80211_BAND_IFTYPE_ATTR_HE_6GHZ_CAPA, ++ NL80211_BAND_IFTYPE_ATTR_VENDOR_ELEMS, + + /* keep last */ + __NL80211_BAND_IFTYPE_ATTR_AFTER_LAST, +@@ -5950,6 +5995,9 @@ enum nl80211_feature_flags { + * frame protection for all management frames exchanged during the + * negotiation and range measurement procedure. + * ++ * @NL80211_EXT_FEATURE_BSS_COLOR: The driver supports BSS color collision ++ * detection and change announcemnts. ++ * + * @NUM_NL80211_EXT_FEATURES: number of extended features. + * @MAX_NL80211_EXT_FEATURES: highest extended feature index. + */ +@@ -6914,6 +6962,9 @@ enum nl80211_peer_measurement_ftm_capa { + * @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK: negotiate for LMR feedback. Only + * valid if either %NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED or + * %NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED is set. ++ * @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR: optional. The BSS color of the ++ * responder. Only valid if %NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED ++ * or %NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED is set. + * + * @NUM_NL80211_PMSR_FTM_REQ_ATTR: internal + * @NL80211_PMSR_FTM_REQ_ATTR_MAX: highest attribute number +@@ -6933,6 +6984,7 @@ enum nl80211_peer_measurement_ftm_req { + NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED, + NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED, + NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK, ++ NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR, + + /* keep last */ + NUM_NL80211_PMSR_FTM_REQ_ATTR, +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch new file mode 100644 index 000000000..90ac1dd4f --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch @@ -0,0 +1,37 @@ +From 2d7ff191ddcea8740b6fb48094b87de12150c88f Mon Sep 17 00:00:00 2001 +From: Carter Chen +Date: Wed, 3 May 2023 20:43:09 -0500 +Subject: [PATCH 55/60] WPA3-SAE: enable nl_connect socket while + WPA_DRIVER_FLAGS_BSS_SELECTION + +The driver-base roaming uses WPA_DRIVER_FLAGS_BSS_SELECTION flag. + +As the SAE is handled by wpa_supplicant, +the driver will report send_req of auth req frame. + +WPA3-CERT 5.8.3 connects to PSK AP first, then roaming to SAE AP. +the nl_connect needs to keep opening to listen the event for process +auth frames. + +Fixes: SWLINUX-3420 + +Signed-off-by: Carter Chen +--- + src/drivers/driver_nl80211.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c +index ed7c969c1..55b4d07dc 100644 +--- a/src/drivers/driver_nl80211.c ++++ b/src/drivers/driver_nl80211.c +@@ -557,6 +557,7 @@ send_and_recv_msgs_connect_handle(struct wpa_driver_nl80211_data *drv, + struct nl_sock * get_connect_handle(struct i802_bss *bss) + { + if ((bss->drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) || ++ (bss->drv->capa.flags & WPA_DRIVER_FLAGS_BSS_SELECTION) || + bss->use_nl_connect) + return bss->nl_connect; + +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch new file mode 100644 index 000000000..b7e0c451f --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch @@ -0,0 +1,31 @@ +From 8a905fcddca5936ba8873c7f0dacab7188dc6eac Mon Sep 17 00:00:00 2001 +From: Carter Chen +Date: Mon, 17 Jul 2023 22:31:46 -0500 +Subject: [PATCH 56/60] OWE AP: enable OWE compile option for hostapd executing + OWE + +Enabling OWE compile option + +Fixes: SWLINUX-3620 + +Signed-off-by: Carter Chen +--- + hostapd/defconfig_base | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hostapd/defconfig_base b/hostapd/defconfig_base +index 16e8c645a..571ab6eda 100644 +--- a/hostapd/defconfig_base ++++ b/hostapd/defconfig_base +@@ -374,7 +374,7 @@ CONFIG_WPA_CLI_EDIT=y + + # Opportunistic Wireless Encryption (OWE) + # Experimental implementation of draft-harkins-owe-07.txt +-#CONFIG_OWE=y ++CONFIG_OWE=y + + # Airtime policy support + #CONFIG_AIRTIME_POLICY=y +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch new file mode 100644 index 000000000..dc1d7eecf --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch @@ -0,0 +1,232 @@ +From 8a6154044994dbeac362d76bbe5822612af64067 Mon Sep 17 00:00:00 2001 +From: "Lin Ian (IFTW CSS ICW SW WFS 1)" +Date: Mon, 16 Oct 2023 09:18:19 +0000 +Subject: [PATCH 57/60] DPP2.0: support DPP2.0 and add pfs init flow on + EVENT_UPDATE_DH + +--- + hostapd/defconfig_base | 1 + + src/ap/drv_callbacks.c | 55 ++++++++++++++++----------- + src/ap/ieee802_11.c | 70 ++++++++++++++++++++++++++++++++++- + src/ap/ieee802_11.h | 3 ++ + wpa_supplicant/defconfig_base | 1 + + 5 files changed, 107 insertions(+), 23 deletions(-) + +diff --git a/hostapd/defconfig_base b/hostapd/defconfig_base +index 571ab6eda..eae36af0b 100644 +--- a/hostapd/defconfig_base ++++ b/hostapd/defconfig_base +@@ -406,3 +406,4 @@ CONFIG_WPA3_SAE_AUTH_EARLY_SET=y + + # Device Provisioning Protocol (DPP) + CONFIG_DPP=y ++CONFIG_DPP2=y +diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c +index a50e6f2af..989ba735d 100644 +--- a/src/ap/drv_callbacks.c ++++ b/src/ap/drv_callbacks.c +@@ -648,13 +648,12 @@ skip_wpa_check: + #endif /* CONFIG_OWE */ + + #ifdef CONFIG_DPP2 +- dpp_pfs_free(sta->dpp_pfs); +- sta->dpp_pfs = NULL; ++ if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) && ++ hapd->conf->dpp_netaccesskey && sta->wpa_sm && ++ wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP && ++ elems.owe_dh) { + +- if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) && +- hapd->conf->dpp_netaccesskey && sta->wpa_sm && +- wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP && +- elems.owe_dh) { ++ if (!sta->dpp_pfs) { + sta->dpp_pfs = dpp_pfs_init( + wpabuf_head(hapd->conf->dpp_netaccesskey), + wpabuf_len(hapd->conf->dpp_netaccesskey)); +@@ -664,19 +663,20 @@ skip_wpa_check: + /* Try to continue without PFS */ + goto pfs_fail; + } ++ } + +- if (dpp_pfs_process(sta->dpp_pfs, elems.owe_dh, +- elems.owe_dh_len) < 0) { +- dpp_pfs_free(sta->dpp_pfs); +- sta->dpp_pfs = NULL; +- reason = WLAN_REASON_UNSPECIFIED; +- goto fail; +- } ++ if (dpp_pfs_process(sta->dpp_pfs, elems.owe_dh, ++ elems.owe_dh_len) < 0) { ++ dpp_pfs_free(sta->dpp_pfs); ++ sta->dpp_pfs = NULL; ++ reason = WLAN_REASON_UNSPECIFIED; ++ goto fail; + } ++ } + +- wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ? +- sta->dpp_pfs->secret : NULL); +- pfs_fail: ++ wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ? ++ sta->dpp_pfs->secret : NULL); ++pfs_fail: + #endif /* CONFIG_DPP2 */ + + if (elems.rrm_enabled && +@@ -1792,8 +1792,9 @@ static int hostapd_notif_update_dh_ie(struct hostapd_data *hapd, + wpa_printf(MSG_DEBUG, "OWE: Peer unknown"); + return -1; + } +- if (!(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE)) { +- wpa_printf(MSG_DEBUG, "OWE: No OWE AKM configured"); ++ if (!(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && ++ !(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP)) { ++ wpa_printf(MSG_DEBUG, "OWE/DPP: No OWE/DPP AKM configured"); + status = WLAN_STATUS_AKMP_NOT_VALID; + goto err; + } +@@ -1828,9 +1829,21 @@ static int hostapd_notif_update_dh_ie(struct hostapd_data *hapd, + } + sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS | WLAN_STA_WPS2); + +- status = owe_process_rsn_ie(hapd, sta, elems.rsn_ie, +- elems.rsn_ie_len, elems.owe_dh, +- elems.owe_dh_len); ++#ifdef CONFIG_DPP2 ++ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) { ++ if (hapd->conf->dpp_netaccesskey && elems.owe_dh) ++ status = dpp_process_rsn_ie(hapd, sta, elems.rsn_ie, ++ elems.rsn_ie_len, elems.owe_dh, ++ elems.owe_dh_len); ++ else ++ status = WLAN_STATUS_UNSPECIFIED_FAILURE; ++ } else ++#endif /* CONFIG_DPP2 */ ++ { ++ status = owe_process_rsn_ie(hapd, sta, elems.rsn_ie, ++ elems.rsn_ie_len, elems.owe_dh, ++ elems.owe_dh_len); ++ } + if (status != WLAN_STATUS_SUCCESS) + ap_free_sta(hapd, sta); + +diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c +index c4f7d00cc..564815381 100644 +--- a/src/ap/ieee802_11.c ++++ b/src/ap/ieee802_11.c +@@ -4348,9 +4348,10 @@ u16 owe_validate_request(struct hostapd_data *hapd, const u8 *peer, + wpa_hexdump(MSG_DEBUG, "RSNE", rsn_ie, rsn_ie_len); + return wpa_res_to_status_code(res); + } +- if (!(data.key_mgmt & WPA_KEY_MGMT_OWE)) { ++ if (!(data.key_mgmt & WPA_KEY_MGMT_OWE) && ++ !(data.key_mgmt & WPA_KEY_MGMT_DPP)) { + wpa_printf(MSG_DEBUG, +- "OWE: Unexpected key mgmt 0x%x from " MACSTR, ++ "OWE/DPP: Unexpected key mgmt 0x%x from " MACSTR, + (unsigned int) data.key_mgmt, MAC2STR(peer)); + return WLAN_STATUS_AKMP_NOT_VALID; + } +@@ -4444,6 +4445,71 @@ end: + + #endif /* CONFIG_OWE */ + ++#ifdef CONFIG_DPP2 ++u16 dpp_process_rsn_ie(struct hostapd_data *hapd, ++ struct sta_info *sta, ++ const u8 *rsn_ie, size_t rsn_ie_len, ++ const u8 *owe_dh, size_t owe_dh_len) ++{ ++ u16 status = WLAN_STATUS_SUCCESS; ++ u8 *owe_buf, ie[256 * 2]; ++ size_t ie_len = 0; ++ enum wpa_validate_result res; ++ ++ if (!rsn_ie || rsn_ie_len < 2) { ++ wpa_printf(MSG_DEBUG, "DPP: No RSNE in (Re)AssocReq"); ++ status = WLAN_STATUS_INVALID_IE; ++ goto end; ++ } ++ ++ if (!sta->wpa_sm) ++ sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, sta->addr, ++ NULL); ++ if (!sta->wpa_sm) { ++ wpa_printf(MSG_WARNING, ++ "DPP: Failed to initialize WPA state machine"); ++ status = WLAN_STATUS_UNSPECIFIED_FAILURE; ++ goto end; ++ } ++ rsn_ie -= 2; ++ rsn_ie_len += 2; ++ res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, ++ hapd->iface->freq, rsn_ie, rsn_ie_len, ++ NULL, 0, NULL, 0, owe_dh, owe_dh_len); ++ status = wpa_res_to_status_code(res); ++ if (status != WLAN_STATUS_SUCCESS) ++ goto end; ++ ++ owe_buf = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, ie, sizeof(ie), ++ NULL, 0); ++ if (!owe_buf) { ++ status = WLAN_STATUS_UNSPECIFIED_FAILURE; ++ goto end; ++ } ++ ++ dpp_pfs_free(sta->dpp_pfs); ++ sta->dpp_pfs = NULL; ++ sta->dpp_pfs = dpp_pfs_init( ++ wpabuf_head(hapd->conf->dpp_netaccesskey), ++ wpabuf_len(hapd->conf->dpp_netaccesskey)); ++ ++ if (!sta->dpp_pfs) { ++ wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS"); ++ status = WLAN_STATUS_UNSPECIFIED_FAILURE; ++ } else { ++ os_memcpy(owe_buf, wpabuf_head(sta->dpp_pfs->ie), wpabuf_len(sta->dpp_pfs->ie)); ++ ie_len = owe_buf - ie + wpabuf_len(sta->dpp_pfs->ie); ++ } ++end: ++ wpa_printf(MSG_DEBUG, "DPP: Update status %d, ie len %d for peer " ++ MACSTR, status, (unsigned int) ie_len, ++ MAC2STR(sta->addr)); ++ hostapd_drv_update_dh_ie(hapd, sta->addr, status, ++ status == WLAN_STATUS_SUCCESS ? ie : NULL, ++ ie_len); ++ return status; ++} ++#endif /* CONFIG_DPP2 */ + + static bool check_sa_query(struct hostapd_data *hapd, struct sta_info *sta, + int reassoc) +diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h +index c59ad5e38..3042b6bac 100644 +--- a/src/ap/ieee802_11.h ++++ b/src/ap/ieee802_11.h +@@ -171,6 +171,9 @@ u8 * owe_assoc_req_process(struct hostapd_data *hapd, struct sta_info *sta, + u16 owe_process_rsn_ie(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *rsn_ie, size_t rsn_ie_len, + const u8 *owe_dh, size_t owe_dh_len); ++u16 dpp_process_rsn_ie(struct hostapd_data *hapd, struct sta_info *sta, ++ const u8 *rsn_ie, size_t rsn_ie_len, ++ const u8 *owe_dh, size_t owe_dh_len); + u16 owe_validate_request(struct hostapd_data *hapd, const u8 *peer, + const u8 *rsn_ie, size_t rsn_ie_len, + const u8 *owe_dh, size_t owe_dh_len); +diff --git a/wpa_supplicant/defconfig_base b/wpa_supplicant/defconfig_base +index 59aeae69c..f34011d84 100644 +--- a/wpa_supplicant/defconfig_base ++++ b/wpa_supplicant/defconfig_base +@@ -617,6 +617,7 @@ CONFIG_OWE=y + + # Device Provisioning Protocol (DPP) + CONFIG_DPP=y ++CONFIG_DPP2=y + + # Wired equivalent privacy (WEP) + # WEP is an obsolete cryptographic data confidentiality algorithm that is not +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch new file mode 100644 index 000000000..3928c2cae --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch @@ -0,0 +1,31 @@ +From d449e4402e4981b8c5067aaab1db34cd73e40468 Mon Sep 17 00:00:00 2001 +From: "P Rakshith (CAE 1 A)" +Date: Fri, 20 Oct 2023 08:34:04 +0000 +Subject: [PATCH 58/60] non-upstream: Prevent invalid akm key mgmt when MFP + required is set + +--- + src/ap/ap_config.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c +index 86b6e097c..a7fd85018 100644 +--- a/src/ap/ap_config.c ++++ b/src/ap/ap_config.c +@@ -1432,6 +1432,13 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss, + } + #endif /* CONFIG_FILS */ + ++ if (full_config && (bss->ieee80211w == 2) && ++ (bss->wpa_key_mgmt == (WPA_KEY_MGMT_PSK_SHA256 | WPA_KEY_MGMT_PSK))) { ++ wpa_printf(MSG_ERROR, ++ "Cannot set ieee80211w=2 along with with the selected wpa_key_mgmt"); ++ return -1; ++ } ++ + return 0; + } + +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0059-Reset-authentication-and-encryption-parameters-while.digi.patch b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0059-Reset-authentication-and-encryption-parameters-while.digi.patch new file mode 100644 index 000000000..1338294e7 --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd/murata/0059-Reset-authentication-and-encryption-parameters-while.digi.patch @@ -0,0 +1,49 @@ +From 10a78d57f331333da8aba9be83f6cafbb7a6f382 Mon Sep 17 00:00:00 2001 +From: Ian Lin +Date: Sun, 22 Oct 2023 21:19:08 -0500 +Subject: [PATCH 59/60] Reset authentication and encryption parameters while + handling roam event + +While supplicant received NL80211_CMD_ROAM event and run EVENT_ASSOC flow, +it will not reset sm->pmk in wpa_supplicant_select_config since old and new SSID are the same. +It causes using wrong pmk when roaming from WPA3 to WPA2. +So add the flow to only reset sm->pmk while handling roam event. + +Signed-off-by: Ian Lin +--- + src/drivers/driver.h | 6 ++++++ + src/drivers/driver_nl80211_event.c | 1 + + 2 files changed, 7 insertions(+) + +diff --git a/src/drivers/driver.h b/src/drivers/driver.h +index d75abbd..9ebb4b0 100644 +--- a/src/drivers/driver.h ++++ b/src/drivers/driver.h +@@ -5546,6 +5546,12 @@ union wpa_event_data { + * fils_pmkid - PMKID used or generated in FILS authentication + */ + const u8 *fils_pmkid; ++ ++ /** ++ * roam_indication - Indicate it's a roam event ++ */ ++ bool roam_indication; ++ + } assoc_info; + + /** +diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c +index d3cb8d8..6ff7479 100644 +--- a/src/drivers/driver_nl80211_event.c ++++ b/src/drivers/driver_nl80211_event.c +@@ -542,6 +542,7 @@ static void mlme_event_connect(struct wpa_driver_nl80211_data *drv, + wpa_ssid_txt(drv->ssid, + drv->ssid_len)); + } ++ event.assoc_info.roam_indication = 1; + } + } + if (resp_ie) { +-- +2.43.0 + diff --git a/meta-digi-dey/recipes-connectivity/hostapd/hostapd_%.bbappend b/meta-digi-dey/recipes-connectivity/hostapd/hostapd_%.bbappend index f3609e60c..fce26a58f 100644 --- a/meta-digi-dey/recipes-connectivity/hostapd/hostapd_%.bbappend +++ b/meta-digi-dey/recipes-connectivity/hostapd/hostapd_%.bbappend @@ -1,4 +1,4 @@ -# Copyright (C) 2016-2023 Digi International. +# Copyright (C) 2016-2024 Digi International Inc. FILESEXTRAPATHS:prepend := "${THISDIR}/${BPN}:" @@ -48,7 +48,17 @@ MURATA_COMMON_PATCHES = " \ file://murata/0041-add-support-to-offload-TWT-setup-request-handling-to.murata.patch \ file://murata/0042-add-support-to-offload-TWT-Teardown-request-handling.murata.patch \ file://murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.murata.patch \ - file://murata/0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch \ + file://murata/0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch \ + file://murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.digi.patch \ + file://murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.digi.patch \ + file://murata/0052-Disable-4-way-handshake-offload-for-DPP.patch \ + file://murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.digi.patch \ + file://murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch \ + file://murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch \ + file://murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch \ + file://murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch \ + file://murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch \ + file://murata/0059-Reset-authentication-and-encryption-parameters-while.digi.patch \ " SRC_URI:append:ccmp1 = " ${MURATA_COMMON_PATCHES}" diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/ccmp1/defconfig b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/ccmp1/defconfig new file mode 100644 index 000000000..aede2dcab --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/ccmp1/defconfig @@ -0,0 +1,655 @@ +# Example wpa_supplicant build time configuration +# +# This file lists the configuration options that are used when building the +# wpa_supplicant binary. All lines starting with # are ignored. Configuration +# option lines must be commented out complete, if they are not to be included, +# i.e., just setting VARIABLE=n is not disabling that variable. +# +# This file is included in Makefile, so variables like CFLAGS and LIBS can also +# be modified from here. In most cases, these lines should use += in order not +# to override previous values of the variables. + + +# Uncomment following two lines and fix the paths if you have installed OpenSSL +# or GnuTLS in non-default location +#CFLAGS += -I/usr/local/openssl/include +#LIBS += -L/usr/local/openssl/lib + +# Some Red Hat versions seem to include kerberos header files from OpenSSL, but +# the kerberos files are not in the default include path. Following line can be +# used to fix build issues on such systems (krb5.h not found). +#CFLAGS += -I/usr/include/kerberos + +# Driver interface for generic Linux wireless extensions +# Note: WEXT is deprecated in the current Linux kernel version and no new +# functionality is added to it. nl80211-based interface is the new +# replacement for WEXT and its use allows wpa_supplicant to properly control +# the driver to improve existing functionality like roaming and to support new +# functionality. +CONFIG_DRIVER_WEXT=y + +# Driver interface for Linux drivers using the nl80211 kernel interface +CONFIG_DRIVER_NL80211=y + +# QCA vendor extensions to nl80211 +#CONFIG_DRIVER_NL80211_QCA=y + +# Support Broadcom driver private wl command +CONFIG_DRIVER_BRCM_WL=y + +# driver_nl80211.c requires libnl. If you are compiling it yourself +# you may need to point hostapd to your version of libnl. +# +#CFLAGS += -I$ +#LIBS += -L$ + +# Use libnl v2.0 (or 3.0) libraries. +#CONFIG_LIBNL20=y + +# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored) +CONFIG_LIBNL32=y + + +# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) +#CONFIG_DRIVER_BSD=y +#CFLAGS += -I/usr/local/include +#LIBS += -L/usr/local/lib +#LIBS_p += -L/usr/local/lib +#LIBS_c += -L/usr/local/lib + +# Driver interface for Windows NDIS +#CONFIG_DRIVER_NDIS=y +#CFLAGS += -I/usr/include/w32api/ddk +#LIBS += -L/usr/local/lib +# For native build using mingw +#CONFIG_NATIVE_WINDOWS=y +# Additional directories for cross-compilation on Linux host for mingw target +#CFLAGS += -I/opt/mingw/mingw32/include/ddk +#LIBS += -L/opt/mingw/mingw32/lib +#CC=mingw32-gcc +# By default, driver_ndis uses WinPcap for low-level operations. This can be +# replaced with the following option which replaces WinPcap calls with NDISUIO. +# However, this requires that WZC is disabled (net stop wzcsvc) before starting +# wpa_supplicant. +# CONFIG_USE_NDISUIO=y + +# Driver interface for wired Ethernet drivers +#CONFIG_DRIVER_WIRED=y + +# Driver interface for MACsec capable Qualcomm Atheros drivers +#CONFIG_DRIVER_MACSEC_QCA=y + +# Driver interface for Linux MACsec drivers +#CONFIG_DRIVER_MACSEC_LINUX=y + +# Driver interface for the Broadcom RoboSwitch family +#CONFIG_DRIVER_ROBOSWITCH=y + +# Driver interface for no driver (e.g., WPS ER only) +#CONFIG_DRIVER_NONE=y + +# Solaris libraries +#LIBS += -lsocket -ldlpi -lnsl +#LIBS_c += -lsocket + +# Enable IEEE 802.1X Supplicant (automatically included if any EAP method or +# MACsec is included) +CONFIG_IEEE8021X_EAPOL=y + +# EAP-MD5 +CONFIG_EAP_MD5=y + +# EAP-MSCHAPv2 +CONFIG_EAP_MSCHAPV2=y + +# EAP-TLS +CONFIG_EAP_TLS=y +# Enable EAP-TLSv1.3 support by default (currently disabled unless explicitly +# enabled in network configuration) +CONFIG_EAP_TLSV1_3=y + +# EAL-PEAP +CONFIG_EAP_PEAP=y + +# EAP-TTLS +CONFIG_EAP_TTLS=y + +# EAP-FAST +CONFIG_EAP_FAST=y + +# EAP-TEAP +# Note: The current EAP-TEAP implementation is experimental and should not be +# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number +# of conflicting statements and missing details and the implementation has +# vendor specific workarounds for those and as such, may not interoperate with +# any other implementation. This should not be used for anything else than +# experimentation and interoperability testing until those issues has been +# resolved. +#CONFIG_EAP_TEAP=y + +# EAP-GTC +CONFIG_EAP_GTC=y + +# EAP-OTP +CONFIG_EAP_OTP=y + +# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used) +CONFIG_EAP_SIM=y + +# Enable SIM simulator (Milenage) for EAP-SIM +#CONFIG_SIM_SIMULATOR=y + +# EAP-PSK (experimental; this is _not_ needed for WPA-PSK) +CONFIG_EAP_PSK=y + +# EAP-pwd (secure authentication using only a password) +#CONFIG_EAP_PWD=y + +# EAP-PAX +#CONFIG_EAP_PAX=y + +# LEAP +CONFIG_EAP_LEAP=y + +# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used) +#CONFIG_EAP_AKA=y + +# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used). +# This requires CONFIG_EAP_AKA to be enabled, too. +#CONFIG_EAP_AKA_PRIME=y + +# Enable USIM simulator (Milenage) for EAP-AKA +#CONFIG_USIM_SIMULATOR=y + +# EAP-SAKE +#CONFIG_EAP_SAKE=y + +# EAP-GPSK +#CONFIG_EAP_GPSK=y +# Include support for optional SHA256 cipher suite in EAP-GPSK +#CONFIG_EAP_GPSK_SHA256=y + +# EAP-TNC and related Trusted Network Connect support (experimental) +#CONFIG_EAP_TNC=y + +# Wi-Fi Protected Setup (WPS) +CONFIG_WPS=y +# Enable WPS external registrar functionality +#CONFIG_WPS_ER=y +# Disable credentials for an open network by default when acting as a WPS +# registrar. +#CONFIG_WPS_REG_DISABLE_OPEN=y +# Enable WPS support with NFC config method +#CONFIG_WPS_NFC=y + +# EAP-IKEv2 +#CONFIG_EAP_IKEV2=y + +# EAP-EKE +#CONFIG_EAP_EKE=y + +# MACsec +#CONFIG_MACSEC=y + +# PKCS#12 (PFX) support (used to read private key and certificate file from +# a file that usually has extension .p12 or .pfx) +CONFIG_PKCS12=y + +# Smartcard support (i.e., private key on a smartcard), e.g., with openssl +# engine. +CONFIG_SMARTCARD=y + +# PC/SC interface for smartcards (USIM, GSM SIM) +# Enable this if EAP-SIM or EAP-AKA is included +#CONFIG_PCSC=y + +# Support HT overrides (disable HT/HT40, mask MCS rates, etc.) +#CONFIG_HT_OVERRIDES=y + +# Support VHT overrides (disable VHT, mask MCS rates, etc.) +#CONFIG_VHT_OVERRIDES=y + +# Development testing +#CONFIG_EAPOL_TEST=y + +# Select control interface backend for external programs, e.g, wpa_cli: +# unix = UNIX domain sockets (default for Linux/*BSD) +# udp = UDP sockets using localhost (127.0.0.1) +# udp6 = UDP IPv6 sockets using localhost (::1) +# named_pipe = Windows Named Pipe (default for Windows) +# udp-remote = UDP sockets with remote access (only for tests systems/purpose) +# udp6-remote = UDP IPv6 sockets with remote access (only for tests purpose) +# y = use default (backwards compatibility) +# If this option is commented out, control interface is not included in the +# build. +CONFIG_CTRL_IFACE=y + +# Include support for GNU Readline and History Libraries in wpa_cli. +# When building a wpa_cli binary for distribution, please note that these +# libraries are licensed under GPL and as such, BSD license may not apply for +# the resulting binary. +#CONFIG_READLINE=y + +# Include internal line edit mode in wpa_cli. This can be used as a replacement +# for GNU Readline to provide limited command line editing and history support. +CONFIG_WPA_CLI_EDIT=y + +# Remove debugging code that is printing out debug message to stdout. +# This can be used to reduce the size of the wpa_supplicant considerably +# if debugging code is not needed. The size reduction can be around 35% +# (e.g., 90 kB). +#CONFIG_NO_STDOUT_DEBUG=y + +# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save +# 35-50 kB in code size. +#CONFIG_NO_WPA=y + +# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support +# This option can be used to reduce code size by removing support for +# converting ASCII passphrases into PSK. If this functionality is removed, the +# PSK can only be configured as the 64-octet hexstring (e.g., from +# wpa_passphrase). This saves about 0.5 kB in code size. +#CONFIG_NO_WPA_PASSPHRASE=y + +# Simultaneous Authentication of Equals (SAE), WPA3-Personal +CONFIG_SAE=y + +# Enable WPA3-Enterprise Suite-B 192 support +CONFIG_SUITEB=y +CONFIG_SUITEB192=y + +# Set SAE Auth status early +CONFIG_WPA3_SAE_AUTH_EARLY_SET=y + +# Disable scan result processing (ap_scan=1) to save code size by about 1 kB. +# This can be used if ap_scan=1 mode is never enabled. +#CONFIG_NO_SCAN_PROCESSING=y + +# Select configuration backend: +# file = text file (e.g., wpa_supplicant.conf; note: the configuration file +# path is given on command line, not here; this option is just used to +# select the backend that allows configuration files to be used) +# winreg = Windows registry (see win_example.reg for an example) +CONFIG_BACKEND=file + +# Remove configuration write functionality (i.e., to allow the configuration +# file to be updated based on runtime configuration changes). The runtime +# configuration can still be changed, the changes are just not going to be +# persistent over restarts. This option can be used to reduce code size by +# about 3.5 kB. +#CONFIG_NO_CONFIG_WRITE=y + +# Remove support for configuration blobs to reduce code size by about 1.5 kB. +#CONFIG_NO_CONFIG_BLOBS=y + +# Select program entry point implementation: +# main = UNIX/POSIX like main() function (default) +# main_winsvc = Windows service (read parameters from registry) +# main_none = Very basic example (development use only) +#CONFIG_MAIN=main + +# Select wrapper for operating system and C library specific functions +# unix = UNIX/POSIX like systems (default) +# win32 = Windows systems +# none = Empty template +#CONFIG_OS=unix + +# Select event loop implementation +# eloop = select() loop (default) +# eloop_win = Windows events and WaitForMultipleObject() loop +#CONFIG_ELOOP=eloop + +# Should we use poll instead of select? Select is used by default. +#CONFIG_ELOOP_POLL=y + +# Should we use epoll instead of select? Select is used by default. +#CONFIG_ELOOP_EPOLL=y + +# Should we use kqueue instead of select? Select is used by default. +#CONFIG_ELOOP_KQUEUE=y + +# Select layer 2 packet implementation +# linux = Linux packet socket (default) +# pcap = libpcap/libdnet/WinPcap +# freebsd = FreeBSD libpcap +# winpcap = WinPcap with receive thread +# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y) +# none = Empty template +#CONFIG_L2_PACKET=linux + +# Disable Linux packet socket workaround applicable for station interface +# in a bridge for EAPOL frames. This should be uncommented only if the kernel +# is known to not have the regression issue in packet socket behavior with +# bridge interfaces (commit 'bridge: respect RFC2863 operational state')'). +#CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y + +# Support Operating Channel Validation +#CONFIG_OCV=y + +# Select TLS implementation +# openssl = OpenSSL (default) +# gnutls = GnuTLS +# internal = Internal TLSv1 implementation (experimental) +# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental) +# none = Empty template +#CONFIG_TLS=openssl + +# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1) +# can be enabled to get a stronger construction of messages when block ciphers +# are used. It should be noted that some existing TLS v1.0 -based +# implementation may not be compatible with TLS v1.1 message (ClientHello is +# sent prior to negotiating which version will be used) +#CONFIG_TLSV11=y + +# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2) +# can be enabled to enable use of stronger crypto algorithms. It should be +# noted that some existing TLS v1.0 -based implementation may not be compatible +# with TLS v1.2 message (ClientHello is sent prior to negotiating which version +# will be used) +#CONFIG_TLSV12=y + +# Select which ciphers to use by default with OpenSSL if the user does not +# specify them. +#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW" + +# If CONFIG_TLS=internal is used, additional library and include paths are +# needed for LibTomMath. Alternatively, an integrated, minimal version of +# LibTomMath can be used. See beginning of libtommath.c for details on benefits +# and drawbacks of this option. +#CONFIG_INTERNAL_LIBTOMMATH=y +#ifndef CONFIG_INTERNAL_LIBTOMMATH +#LTM_PATH=/usr/src/libtommath-0.39 +#CFLAGS += -I$(LTM_PATH) +#LIBS += -L$(LTM_PATH) +#LIBS_p += -L$(LTM_PATH) +#endif +# At the cost of about 4 kB of additional binary size, the internal LibTomMath +# can be configured to include faster routines for exptmod, sqr, and div to +# speed up DH and RSA calculation considerably +#CONFIG_INTERNAL_LIBTOMMATH_FAST=y + +# Include NDIS event processing through WMI into wpa_supplicant/wpasvc. +# This is only for Windows builds and requires WMI-related header files and +# WbemUuid.Lib from Platform SDK even when building with MinGW. +#CONFIG_NDIS_EVENTS_INTEGRATED=y +#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib" + +# Add support for new DBus control interface +# (fi.w1.wpa_supplicant1) +CONFIG_CTRL_IFACE_DBUS_NEW=y + +# Add introspection support for new DBus control interface +#CONFIG_CTRL_IFACE_DBUS_INTRO=y + +# Add support for loading EAP methods dynamically as shared libraries. +# When this option is enabled, each EAP method can be either included +# statically (CONFIG_EAP_=y) or dynamically (CONFIG_EAP_=dyn). +# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to +# be loaded in the beginning of the wpa_supplicant configuration file +# (see load_dynamic_eap parameter in the example file) before being used in +# the network blocks. +# +# Note that some shared parts of EAP methods are included in the main program +# and in order to be able to use dynamic EAP methods using these parts, the +# main program must have been build with the EAP method enabled (=y or =dyn). +# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries +# unless at least one of them was included in the main build to force inclusion +# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included +# in the main build to be able to load these methods dynamically. +# +# Please also note that using dynamic libraries will increase the total binary +# size. Thus, it may not be the best option for targets that have limited +# amount of memory/flash. +#CONFIG_DYNAMIC_EAP_METHODS=y + +# IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode +CONFIG_IEEE80211R=y + +# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt) +#CONFIG_DEBUG_FILE=y + +# Send debug messages to syslog instead of stdout +#CONFIG_DEBUG_SYSLOG=y +# Set syslog facility for debug messages +#CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON + +# Add support for sending all debug messages (regardless of debug verbosity) +# to the Linux kernel tracing facility. This helps debug the entire stack by +# making it easy to record everything happening from the driver up into the +# same file, e.g., using trace-cmd. +#CONFIG_DEBUG_LINUX_TRACING=y + +# Add support for writing debug log to Android logcat instead of standard +# output +#CONFIG_ANDROID_LOG=y + +# Enable privilege separation (see README 'Privilege separation' for details) +#CONFIG_PRIVSEP=y + +# Enable mitigation against certain attacks against TKIP by delaying Michael +# MIC error reports by a random amount of time between 0 and 60 seconds +#CONFIG_DELAYED_MIC_ERROR_REPORT=y + +# Enable tracing code for developer debugging +# This tracks use of memory allocations and other registrations and reports +# incorrect use with a backtrace of call (or allocation) location. +#CONFIG_WPA_TRACE=y +# For BSD, uncomment these. +#LIBS += -lexecinfo +#LIBS_p += -lexecinfo +#LIBS_c += -lexecinfo + +# Use libbfd to get more details for developer debugging +# This enables use of libbfd to get more detailed symbols for the backtraces +# generated by CONFIG_WPA_TRACE=y. +#CONFIG_WPA_TRACE_BFD=y +# For BSD, uncomment these. +#LIBS += -lbfd -liberty -lz +#LIBS_p += -lbfd -liberty -lz +#LIBS_c += -lbfd -liberty -lz + +# wpa_supplicant depends on strong random number generation being available +# from the operating system. os_get_random() function is used to fetch random +# data when needed, e.g., for key generation. On Linux and BSD systems, this +# works by reading /dev/urandom. It should be noted that the OS entropy pool +# needs to be properly initialized before wpa_supplicant is started. This is +# important especially on embedded devices that do not have a hardware random +# number generator and may by default start up with minimal entropy available +# for random number generation. +# +# As a safety net, wpa_supplicant is by default trying to internally collect +# additional entropy for generating random data to mix in with the data fetched +# from the OS. This by itself is not considered to be very strong, but it may +# help in cases where the system pool is not initialized properly. However, it +# is very strongly recommended that the system pool is initialized with enough +# entropy either by using hardware assisted random number generator or by +# storing state over device reboots. +# +# wpa_supplicant can be configured to maintain its own entropy store over +# restarts to enhance random number generation. This is not perfect, but it is +# much more secure than using the same sequence of random numbers after every +# reboot. This can be enabled with -e command line option. The +# specified file needs to be readable and writable by wpa_supplicant. +# +# If the os_get_random() is known to provide strong random data (e.g., on +# Linux/BSD, the board in question is known to have reliable source of random +# data from /dev/urandom), the internal wpa_supplicant random pool can be +# disabled. This will save some in binary size and CPU use. However, this +# should only be considered for builds that are known to be used on devices +# that meet the requirements described above. +#CONFIG_NO_RANDOM_POOL=y + +# Should we attempt to use the getrandom(2) call that provides more reliable +# yet secure randomness source than /dev/random on Linux 3.17 and newer. +# Requires glibc 2.25 to build, falls back to /dev/random if unavailable. +#CONFIG_GETRANDOM=y + +# IEEE 802.11ac (Very High Throughput) support (mainly for AP mode) +CONFIG_IEEE80211AC=y + +# Wireless Network Management (IEEE Std 802.11v-2011) +# Note: This is experimental and not complete implementation. +#CONFIG_WNM=y + +# Interworking (IEEE 802.11u) +# This can be used to enable functionality to improve interworking with +# external networks (GAS/ANQP to learn more about the networks and network +# selection based on available credentials). +#CONFIG_INTERWORKING=y + +# Hotspot 2.0 +CONFIG_HS20=y + +# Enable interface matching in wpa_supplicant +#CONFIG_MATCH_IFACE=y + +# Disable roaming in wpa_supplicant +#CONFIG_NO_ROAMING=y + +# AP mode operations with wpa_supplicant +# This can be used for controlling AP mode operations with wpa_supplicant. It +# should be noted that this is mainly aimed at simple cases like +# WPA2-Personal while more complex configurations like WPA2-Enterprise with an +# external RADIUS server can be supported with hostapd. +CONFIG_AP=y + +# P2P (Wi-Fi Direct) +# This can be used to enable P2P support in wpa_supplicant. See README-P2P for +# more information on P2P operations. +CONFIG_P2P=y + +# Enable TDLS support +#CONFIG_TDLS=y + +# Wi-Fi Display +# This can be used to enable Wi-Fi Display extensions for P2P using an external +# program to control the additional information exchanges in the messages. +#CONFIG_WIFI_DISPLAY=y + +# Autoscan +# This can be used to enable automatic scan support in wpa_supplicant. +# See wpa_supplicant.conf for more information on autoscan usage. +# +# Enabling directly a module will enable autoscan support. +# For exponential module: +#CONFIG_AUTOSCAN_EXPONENTIAL=y +# For periodic module: +#CONFIG_AUTOSCAN_PERIODIC=y + +# Password (and passphrase, etc.) backend for external storage +# These optional mechanisms can be used to add support for storing passwords +# and other secrets in external (to wpa_supplicant) location. This allows, for +# example, operating system specific key storage to be used +# +# External password backend for testing purposes (developer use) +#CONFIG_EXT_PASSWORD_TEST=y +# File-based backend to read passwords from an external file. +#CONFIG_EXT_PASSWORD_FILE=y + +# Enable Fast Session Transfer (FST) +#CONFIG_FST=y + +# Enable CLI commands for FST testing +#CONFIG_FST_TEST=y + +# OS X builds. This is only for building eapol_test. +#CONFIG_OSX=y + +# Automatic Channel Selection +# This will allow wpa_supplicant to pick the channel automatically when channel +# is set to "0". +# +# TODO: Extend parser to be able to parse "channel=acs_survey" as an alternative +# to "channel=0". This would enable us to eventually add other ACS algorithms in +# similar way. +# +# Automatic selection is currently only done through initialization, later on +# we hope to do background checks to keep us moving to more ideal channels as +# time goes by. ACS is currently only supported through the nl80211 driver and +# your driver must have survey dump capability that is filled by the driver +# during scanning. +# +# TODO: In analogy to hostapd be able to customize the ACS survey algorithm with +# a newly to create wpa_supplicant.conf variable acs_num_scans. +# +# Supported ACS drivers: +# * ath9k +# * ath5k +# * ath10k +# +# For more details refer to: +# http://wireless.kernel.org/en/users/Documentation/acs +#CONFIG_ACS=y + +# Support Multi Band Operation +#CONFIG_MBO=y + +# Fast Initial Link Setup (FILS) (IEEE 802.11ai) +#CONFIG_FILS=y +# FILS shared key authentication with PFS +#CONFIG_FILS_SK_PFS=y + +# Support RSN on IBSS networks +# This is needed to be able to use mode=1 network profile with proto=RSN and +# key_mgmt=WPA-PSK (i.e., full key management instead of WPA-None). +CONFIG_IBSS_RSN=y + +# External PMKSA cache control +# This can be used to enable control interface commands that allow the current +# PMKSA cache entries to be fetched and new entries to be added. +#CONFIG_PMKSA_CACHE_EXTERNAL=y + +# Mesh Networking (IEEE 802.11s) +#CONFIG_MESH=y + +# Background scanning modules +# These can be used to request wpa_supplicant to perform background scanning +# operations for roaming within an ESS (same SSID). See the bgscan parameter in +# the wpa_supplicant.conf file for more details. +# Periodic background scans based on signal strength +CONFIG_BGSCAN_SIMPLE=y +# Learn channels used by the network and try to avoid bgscans on other +# channels (experimental) +#CONFIG_BGSCAN_LEARN=y + +# Opportunistic Wireless Encryption (OWE) +# Experimental implementation of draft-harkins-owe-07.txt +CONFIG_OWE=y + +# Device Provisioning Protocol (DPP) (also known as Wi-Fi Easy Connect) +CONFIG_DPP=y +# DPP version 2 support +CONFIG_DPP2=y +# DPP version 3 support (experimental and still changing; do not enable for +# production use) +#CONFIG_DPP3=y + +# Wired equivalent privacy (WEP) +# WEP is an obsolete cryptographic data confidentiality algorithm that is not +# considered secure. It should not be used for anything anymore. The +# functionality needed to use WEP is available in the current wpa_supplicant +# release under this optional build parameter. This functionality is subject to +# be completely removed in a future release. +#CONFIG_WEP=y + +# Remove all TKIP functionality +# TKIP is an old cryptographic data confidentiality algorithm that is not +# considered secure. It should not be used anymore for anything else than a +# backwards compatibility option as a group cipher when connecting to APs that +# use WPA+WPA2 mixed mode. For now, the default wpa_supplicant build includes +# support for this by default, but that functionality is subject to be removed +# in the future. +#CONFIG_NO_TKIP=y + +# Pre-Association Security Negotiation (PASN) +# Experimental implementation based on IEEE P802.11z/D2.6 and the protocol +# design is still subject to change. As such, this should not yet be enabled in +# production use. +#CONFIG_PASN=y + +# Enable all IFX/Cypress changes +CONFIG_DRIVER_NL80211_IFX=y + +# Offload the TWT Session management to FW +CONFIG_TWT_OFFLOAD_IFX=y + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0001-wpa_supplicant-Support-4-way-handshake-offload-for-F.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0001-wpa_supplicant-Support-4-way-handshake-offload-for-F.patch index 1bd9705e5..7c3f860d8 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0001-wpa_supplicant-Support-4-way-handshake-offload-for-F.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0001-wpa_supplicant-Support-4-way-handshake-offload-for-F.patch @@ -1,7 +1,7 @@ From 6b4bc7fbb9be8eb668985de04eb11618f9dc1781 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 29 Oct 2019 11:32:11 +0800 -Subject: [PATCH 01/49] wpa_supplicant: Support 4-way handshake offload for +Subject: [PATCH 01/60] wpa_supplicant: Support 4-way handshake offload for FT-EAP Add support of 4-way handshake offload for FT-EAP. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0002-wpa_supplicant-Notify-Neighbor-Report-for-driver-tri.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0002-wpa_supplicant-Notify-Neighbor-Report-for-driver-tri.patch index 2b924b185..4a524b937 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0002-wpa_supplicant-Notify-Neighbor-Report-for-driver-tri.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0002-wpa_supplicant-Notify-Neighbor-Report-for-driver-tri.patch @@ -1,7 +1,7 @@ From 4d8eb3c7f31f66085dfb7f7652bf3b333d776896 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 29 Oct 2019 15:22:57 +0800 -Subject: [PATCH 02/49] wpa_supplicant: Notify Neighbor Report for +Subject: [PATCH 02/60] wpa_supplicant: Notify Neighbor Report for driver-triggered request Sending a Neighbor Report request can be triggered by either supplicant diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0003-nl80211-Report-connection-authorized-in-EVENT_ASSOC.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0003-nl80211-Report-connection-authorized-in-EVENT_ASSOC.patch index 8de33d112..b203b71df 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0003-nl80211-Report-connection-authorized-in-EVENT_ASSOC.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0003-nl80211-Report-connection-authorized-in-EVENT_ASSOC.patch @@ -1,7 +1,7 @@ From 21271c00b29db8c178aa704daaf665967e141d47 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 29 Oct 2019 15:55:21 +0800 -Subject: [PATCH 03/49] nl80211: Report connection authorized in EVENT_ASSOC +Subject: [PATCH 03/60] nl80211: Report connection authorized in EVENT_ASSOC When roaming in a network that requires 802.1X authentication, device driver could set the authorized flag if 4-way handshake offload or FT diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0004-wpa_supplicant-Add-PMKSA-cache-for-802.1X-4-way-hand.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0004-wpa_supplicant-Add-PMKSA-cache-for-802.1X-4-way-hand.patch index 0f9876dfc..bd2dacc01 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0004-wpa_supplicant-Add-PMKSA-cache-for-802.1X-4-way-hand.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0004-wpa_supplicant-Add-PMKSA-cache-for-802.1X-4-way-hand.patch @@ -1,7 +1,7 @@ From 578eb72569a03cdd608cf384911d46eb372c583e Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 29 Oct 2019 16:05:49 +0800 -Subject: [PATCH 04/49] wpa_supplicant: Add PMKSA cache for 802.1X 4-way +Subject: [PATCH 04/60] wpa_supplicant: Add PMKSA cache for 802.1X 4-way handshake Add PMKSA cache and set PMK to the driver for 802.1X 4-way handshake diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0005-OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0005-OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch index 879bc9ba7..8517fbf02 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0005-OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0005-OpenSSL-Fix-build-with-OpenSSL-1.0.1.patch @@ -1,7 +1,7 @@ From 78e7373ad2cf51a881a12e55c3db01580932539e Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Fri, 8 Nov 2019 13:23:05 -0600 -Subject: [PATCH 05/49] OpenSSL: Fix build with OpenSSL 1.0.1 +Subject: [PATCH 05/60] OpenSSL: Fix build with OpenSSL 1.0.1 The openssl_debug_dump_certificate_chains() implementation used SSL_CERT_SET_FIRST and SSL_CERT_SET_NEXT, which were added in OpenSSL diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0006-nl80211-Check-SAE-authentication-offload-support.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0006-nl80211-Check-SAE-authentication-offload-support.patch index 9be859305..297791252 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0006-nl80211-Check-SAE-authentication-offload-support.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0006-nl80211-Check-SAE-authentication-offload-support.patch @@ -1,7 +1,7 @@ From f6eed1d9e56502fd8cbab309e94f9787795c3e35 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 29 Oct 2019 17:13:27 +0800 -Subject: [PATCH 06/49] nl80211: Check SAE authentication offload support +Subject: [PATCH 06/60] nl80211: Check SAE authentication offload support Set WPA_DRIVER_FLAGS2_SAE_OFFLOAD flag if driver indicates SAE authentication offload support. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0007-SAE-Pass-SAE-password-on-connect-for-SAE-authenticat.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0007-SAE-Pass-SAE-password-on-connect-for-SAE-authenticat.patch index 4be8a4662..c446cbcff 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0007-SAE-Pass-SAE-password-on-connect-for-SAE-authenticat.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0007-SAE-Pass-SAE-password-on-connect-for-SAE-authenticat.patch @@ -1,7 +1,7 @@ From 417097c87d7027ad319d7e8c9931deb666779533 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 29 Oct 2019 17:22:18 +0800 -Subject: [PATCH 07/49] SAE: Pass SAE password on connect for SAE +Subject: [PATCH 07/60] SAE: Pass SAE password on connect for SAE authentication offload support Pass SAE password on connect if driver advertises SAE authentication diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0008-nl80211-Support-4-way-handshake-offload-for-WPA-WPA2.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0008-nl80211-Support-4-way-handshake-offload-for-WPA-WPA2.patch index 43b4e31f3..2bffa1708 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0008-nl80211-Support-4-way-handshake-offload-for-WPA-WPA2.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0008-nl80211-Support-4-way-handshake-offload-for-WPA-WPA2.patch @@ -1,7 +1,7 @@ From 0bdd3f507d5dc92e42c72df7f4b79ffdab514fe1 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 10 Dec 2019 14:02:39 -0600 -Subject: [PATCH 08/49] nl80211: Support 4-way handshake offload for +Subject: [PATCH 08/60] nl80211: Support 4-way handshake offload for WPA/WPA2-PSK in AP mode If driver advertises support for WPA/WPA2-PSK 4-way handshake offload in diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0009-AP-Support-4-way-handshake-offload-for-WPA-WPA2-PSK.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0009-AP-Support-4-way-handshake-offload-for-WPA-WPA2-PSK.patch index 654fad8e6..442b1a6e7 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0009-AP-Support-4-way-handshake-offload-for-WPA-WPA2-PSK.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0009-AP-Support-4-way-handshake-offload-for-WPA-WPA2-PSK.patch @@ -1,7 +1,7 @@ From 2f8529ec491389bdb41911edcf084bc643d7c9ee Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 10 Dec 2019 14:03:57 -0600 -Subject: [PATCH 09/49] AP: Support 4-way handshake offload for WPA/WPA2-PSK +Subject: [PATCH 09/60] AP: Support 4-way handshake offload for WPA/WPA2-PSK Add support for WPA/WPA2-PSK 4-way handshake offload in AP mode. In this case, the 4-way handshake is handled by driver instead of user space. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0010-nl80211-Support-SAE-authentication-offload-in-AP-mod.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0010-nl80211-Support-SAE-authentication-offload-in-AP-mod.patch index 1a3eef521..2d1636e0a 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0010-nl80211-Support-SAE-authentication-offload-in-AP-mod.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0010-nl80211-Support-SAE-authentication-offload-in-AP-mod.patch @@ -1,7 +1,7 @@ From 89d2f8b07c948cc5fbe8767948128f487eae2ed5 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 10 Dec 2019 14:05:16 -0600 -Subject: [PATCH 10/49] nl80211: Support SAE authentication offload in AP mode +Subject: [PATCH 10/60] nl80211: Support SAE authentication offload in AP mode If driver advertises support for SAE authentication offload, pass SAE password in NL80211_CMD_NEW_BEACON command for AP mode. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0011-SAE-Support-SAE-authentication-offload-in-AP-mode.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0011-SAE-Support-SAE-authentication-offload-in-AP-mode.patch index 6667844f7..2ec008ea6 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0011-SAE-Support-SAE-authentication-offload-in-AP-mode.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0011-SAE-Support-SAE-authentication-offload-in-AP-mode.patch @@ -1,7 +1,7 @@ From dfa364f9970f1d88782cc9a9b7292afadbf2358b Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Tue, 10 Dec 2019 14:06:20 -0600 -Subject: [PATCH 11/49] SAE: Support SAE authentication offload in AP mode +Subject: [PATCH 11/60] SAE: Support SAE authentication offload in AP mode Add support for SAE authentication offload in AP mode. In this case, the SAE authentication process is handled by driver instead of user space. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0012-DPP-Do-more-condition-test-for-AKM-type-DPP-offload.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0012-DPP-Do-more-condition-test-for-AKM-type-DPP-offload.patch index fd8a89df6..15f91ce7e 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0012-DPP-Do-more-condition-test-for-AKM-type-DPP-offload.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0012-DPP-Do-more-condition-test-for-AKM-type-DPP-offload.patch @@ -1,7 +1,7 @@ From 234dbe729a1041d93efc51b8467ac063b74b2c81 Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Mon, 18 May 2020 08:36:59 -0500 -Subject: [PATCH 12/49] DPP: Do more condition test for AKM type DPP offload. +Subject: [PATCH 12/60] DPP: Do more condition test for AKM type DPP offload. If supplicant recieves eapol frame with driver declared WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK, supplicant will check AKM type diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0013-non-upstream-defconfig_base-Add-Infineon-default-con.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0013-non-upstream-defconfig_base-Add-Infineon-default-con.patch index dff70c0d3..6e99d6fa9 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0013-non-upstream-defconfig_base-Add-Infineon-default-con.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0013-non-upstream-defconfig_base-Add-Infineon-default-con.patch @@ -1,7 +1,7 @@ From 69d18183a1df9e72371e33937c91af5b5b79a110 Mon Sep 17 00:00:00 2001 From: Chung-Hsien Hsu Date: Mon, 2 Aug 2021 14:15:06 -0500 -Subject: [PATCH 13/49] non-upstream: defconfig_base: Add Infineon default +Subject: [PATCH 13/60] non-upstream: defconfig_base: Add Infineon default configuration Add Infineon default configuration files (defconfig_base). diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0014-CVE_2019_9501-Fix-to-check-Invalid-GTK-IE-length-in-.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0014-CVE_2019_9501-Fix-to-check-Invalid-GTK-IE-length-in-.patch index 1cc5dc822..6be08c05c 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0014-CVE_2019_9501-Fix-to-check-Invalid-GTK-IE-length-in-.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0014-CVE_2019_9501-Fix-to-check-Invalid-GTK-IE-length-in-.patch @@ -1,7 +1,7 @@ From 28c5794ff336f3ec29be79197198071be9add4ac Mon Sep 17 00:00:00 2001 From: Suresh Sanaboina Date: Tue, 1 Feb 2022 13:02:07 +0000 -Subject: [PATCH 14/49] [CVE_2019_9501] Fix to check Invalid GTK IE length in +Subject: [PATCH 14/60] [CVE_2019_9501] Fix to check Invalid GTK IE length in M3 at STA --- diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0015-Add-CONFIG_WPA3_SAE_AUTH_EARLY_SET-flags-and-codes.murata.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0015-Add-CONFIG_WPA3_SAE_AUTH_EARLY_SET-flags-and-codes.murata.patch index de3a106da..d37745c0d 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0015-Add-CONFIG_WPA3_SAE_AUTH_EARLY_SET-flags-and-codes.murata.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0015-Add-CONFIG_WPA3_SAE_AUTH_EARLY_SET-flags-and-codes.murata.patch @@ -1,7 +1,7 @@ From ab61a3dd6d968c62b407c170079a236194357931 Mon Sep 17 00:00:00 2001 From: Danny Chiu Date: Thu, 4 Nov 2021 02:44:17 -0500 -Subject: [PATCH 15/49] Add CONFIG_WPA3_SAE_AUTH_EARLY_SET flags and codes +Subject: [PATCH 15/60] Add CONFIG_WPA3_SAE_AUTH_EARLY_SET flags and codes Enable this flags allow the AP to set authorization to firmware earier as the SAE confirm from is ok. --- diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0016-SAE-Set-the-right-WPA-Versions-for-FT-SAE-key-manage.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0016-SAE-Set-the-right-WPA-Versions-for-FT-SAE-key-manage.patch index 6843ed4ee..add017ef6 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0016-SAE-Set-the-right-WPA-Versions-for-FT-SAE-key-manage.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0016-SAE-Set-the-right-WPA-Versions-for-FT-SAE-key-manage.patch @@ -1,7 +1,7 @@ From 32ee9150ccf3f6c242ba2809aab9b9e115a9d1b5 Mon Sep 17 00:00:00 2001 From: Darren Li Date: Fri, 26 Nov 2021 02:09:03 -0600 -Subject: [PATCH 16/49] SAE: Set the right WPA Versions for FT-SAE key +Subject: [PATCH 16/60] SAE: Set the right WPA Versions for FT-SAE key management Set the right WPA Versions for FT-SAE key management diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0017-wpa_supplicant-Support-WPA_KEY_MGMT_FT-for-eapol-off.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0017-wpa_supplicant-Support-WPA_KEY_MGMT_FT-for-eapol-off.patch index e9a2a0c54..2b8731bc1 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0017-wpa_supplicant-Support-WPA_KEY_MGMT_FT-for-eapol-off.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0017-wpa_supplicant-Support-WPA_KEY_MGMT_FT-for-eapol-off.patch @@ -1,7 +1,7 @@ From 6fa06f214ba1cfc4e80dc7413874175146b9c2a5 Mon Sep 17 00:00:00 2001 From: Chien-Chia Chen Date: Tue, 23 Nov 2021 21:29:08 -0600 -Subject: [PATCH 17/49] wpa_supplicant: Support WPA_KEY_MGMT_FT for eapol +Subject: [PATCH 17/60] wpa_supplicant: Support WPA_KEY_MGMT_FT for eapol offloading and driver base roaming Add WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK / WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X / diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0018-wpa_supplicant-suppress-deauth-for-PMKSA-caching-dis.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0018-wpa_supplicant-suppress-deauth-for-PMKSA-caching-dis.patch index d2045f7df..629df4157 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0018-wpa_supplicant-suppress-deauth-for-PMKSA-caching-dis.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0018-wpa_supplicant-suppress-deauth-for-PMKSA-caching-dis.patch @@ -1,7 +1,7 @@ From 9af850cef2007cabe1bbffad3ef1d2b13396832d Mon Sep 17 00:00:00 2001 From: Darren Li Date: Tue, 22 Feb 2022 00:34:47 -0600 -Subject: [PATCH 18/49] wpa_supplicant: suppress deauth for PMKSA caching +Subject: [PATCH 18/60] wpa_supplicant: suppress deauth for PMKSA caching disabled wpa_supplicant: Need a command/parameter suppress deauth for PMKSA caching disabled diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0019-Fix-for-PMK-expiration-issue-through-supplicant.murata.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0019-Fix-for-PMK-expiration-issue-through-supplicant.murata.patch index 7d6f6eea7..53e0f7ec6 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0019-Fix-for-PMK-expiration-issue-through-supplicant.murata.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0019-Fix-for-PMK-expiration-issue-through-supplicant.murata.patch @@ -1,7 +1,7 @@ From 5604eb8aaf8382376e6511850e70b66c6e2a22b8 Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Sun, 13 Feb 2022 21:34:09 -0600 -Subject: [PATCH 19/49] Fix for PMK expiration issue through supplicant +Subject: [PATCH 19/60] Fix for PMK expiration issue through supplicant Description : Sending Deauth from AP once PMK timeout occurs, So that STA will initiate the Auth process. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0020-SAE-Drop-PMKSA-cache-after-receiving-specific-deauth.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0020-SAE-Drop-PMKSA-cache-after-receiving-specific-deauth.patch index 29d7da831..1f917f89b 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0020-SAE-Drop-PMKSA-cache-after-receiving-specific-deauth.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0020-SAE-Drop-PMKSA-cache-after-receiving-specific-deauth.patch @@ -1,7 +1,7 @@ From ec86cadea38b22595003865c62b5321d55831d9e Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Thu, 24 Feb 2022 03:57:22 -0600 -Subject: [PATCH 20/49] SAE: Drop PMKSA cache after receiving specific deauth +Subject: [PATCH 20/60] SAE: Drop PMKSA cache after receiving specific deauth As a STA mode, when receiving deauth frame with reason code WLAN_REASON_PREV_AUTH_NOT_VALID, it should drop its PMKSA cache. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0021-Avoid-deauthenticating-STA-if-the-reason-for-freeing.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0021-Avoid-deauthenticating-STA-if-the-reason-for-freeing.patch index bb1b85bf7..6521a585f 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0021-Avoid-deauthenticating-STA-if-the-reason-for-freeing.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0021-Avoid-deauthenticating-STA-if-the-reason-for-freeing.patch @@ -1,7 +1,7 @@ From ed487600a81fa99688201a50176072555c90e690 Mon Sep 17 00:00:00 2001 From: Gokul Sivakumar Date: Mon, 25 Apr 2022 18:35:14 +0530 -Subject: [PATCH 21/49] Avoid deauthenticating STA if the reason for freeing +Subject: [PATCH 21/60] Avoid deauthenticating STA if the reason for freeing PMK entry isn't expiry The PMK cache entry for a STA in the SoftAP managed by wpa_supplicant diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0022-wpa_supplicant-support-bgscan.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0022-wpa_supplicant-support-bgscan.patch index 6899b06f4..0842fe358 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0022-wpa_supplicant-support-bgscan.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0022-wpa_supplicant-support-bgscan.patch @@ -1,7 +1,7 @@ From cfa528ffe320ac638ca72e87751f76444669c48e Mon Sep 17 00:00:00 2001 From: Ian Lin Date: Fri, 20 May 2022 03:00:37 -0500 -Subject: [PATCH 22/49] wpa_supplicant: support bgscan +Subject: [PATCH 22/60] wpa_supplicant: support bgscan Modify defconfig_base to support bgscan feature diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0023-non-upstream-wl-cmd-create-interface-to-support-driv.murata.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0023-non-upstream-wl-cmd-create-interface-to-support-driv.murata.patch index ac051fce0..2e52fce06 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0023-non-upstream-wl-cmd-create-interface-to-support-driv.murata.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0023-non-upstream-wl-cmd-create-interface-to-support-driv.murata.patch @@ -1,7 +1,7 @@ From 1cfe2ac93a1b50a6fd2f6d0022ece6e0f2a91259 Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Sun, 10 Apr 2022 22:10:51 -0500 -Subject: [PATCH 23/49] non-upstream: wl-cmd: create interface to support +Subject: [PATCH 23/60] non-upstream: wl-cmd: create interface to support driver priv command 1. Create "wl" command interface to set/get driver information diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0024-non-upstream-wl-cmd-create-wl_do_cmd-as-an-entry-doi.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0024-non-upstream-wl-cmd-create-wl_do_cmd-as-an-entry-doi.patch index cdc0e9b2b..acce18fe6 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0024-non-upstream-wl-cmd-create-wl_do_cmd-as-an-entry-doi.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0024-non-upstream-wl-cmd-create-wl_do_cmd-as-an-entry-doi.patch @@ -1,7 +1,7 @@ From ea5cd91f744dc3c5ebf8e5b8cf1746bec41c1d19 Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Tue, 26 Apr 2022 03:02:12 -0500 -Subject: [PATCH 24/49] non-upstream: wl-cmd: create wl_do_cmd as an entry +Subject: [PATCH 24/60] non-upstream: wl-cmd: create wl_do_cmd as an entry doing wl commands Create wl_do_cmd as an entry doing wl commands diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0025-non-upstream-wl-cmd-create-ops-table-to-do-wl-comman.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0025-non-upstream-wl-cmd-create-ops-table-to-do-wl-comman.patch index c9037f18e..1a6279412 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0025-non-upstream-wl-cmd-create-ops-table-to-do-wl-comman.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0025-non-upstream-wl-cmd-create-ops-table-to-do-wl-comman.patch @@ -1,7 +1,7 @@ From 05b1387d4dc2e74a02cf524733d809acc4fd46fb Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Wed, 27 Apr 2022 22:50:25 -0500 -Subject: [PATCH 25/49] non-upstream: wl-cmd: create ops table to do wl +Subject: [PATCH 25/60] non-upstream: wl-cmd: create ops table to do wl commands Creeate wl_cmds to handle wl commands diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0026-non-upstream-wl-cmd-add-more-compile-flag.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0026-non-upstream-wl-cmd-add-more-compile-flag.patch index d5220c068..fddb5920f 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0026-non-upstream-wl-cmd-add-more-compile-flag.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0026-non-upstream-wl-cmd-add-more-compile-flag.patch @@ -1,7 +1,7 @@ From a6028c58032672f86c9fe87ba3abbd31c79166e3 Mon Sep 17 00:00:00 2001 From: Kurt Lee Date: Wed, 25 May 2022 19:12:47 -0500 -Subject: [PATCH 26/49] non-upstream: wl-cmd: add more compile flag +Subject: [PATCH 26/60] non-upstream: wl-cmd: add more compile flag add more CONFIG_DRIVER_BRCM_WL to separeta this feature diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0027-Fix-dpp-config-parameter-setting.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0027-Fix-dpp-config-parameter-setting.patch index 894a71616..8d66427e5 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0027-Fix-dpp-config-parameter-setting.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0027-Fix-dpp-config-parameter-setting.patch @@ -1,7 +1,7 @@ From e2fb675883cf00992ce51e91a3e2055c898ae3e6 Mon Sep 17 00:00:00 2001 From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" Date: Mon, 20 Jun 2022 05:57:46 +0000 -Subject: [PATCH 27/49] Fix dpp config parameter setting +Subject: [PATCH 27/60] Fix dpp config parameter setting --- src/common/dpp.c | 7 ++++--- diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0028-DPP-Resolving-failure-of-dpp-configurator-exchange-f.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0028-DPP-Resolving-failure-of-dpp-configurator-exchange-f.patch index 4d8448982..b9bdaf617 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0028-DPP-Resolving-failure-of-dpp-configurator-exchange-f.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0028-DPP-Resolving-failure-of-dpp-configurator-exchange-f.patch @@ -1,7 +1,7 @@ From b19b6f1165800106ccd941b6042ea804bfa95d5f Mon Sep 17 00:00:00 2001 From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" Date: Thu, 30 Jun 2022 08:01:45 +0000 -Subject: [PATCH 28/49] DPP: Resolving failure of dpp configurator exchange for +Subject: [PATCH 28/60] DPP: Resolving failure of dpp configurator exchange for configurator plus initiator in AP role with fmac --- diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0029-Enabling-SUITEB192-and-SUITEB-compile-options.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0029-Enabling-SUITEB192-and-SUITEB-compile-options.patch index 49c53d64b..2adecd704 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0029-Enabling-SUITEB192-and-SUITEB-compile-options.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0029-Enabling-SUITEB192-and-SUITEB-compile-options.patch @@ -1,7 +1,7 @@ From 7d621a129690b061afd61e8bd21d9b816f09d8ac Mon Sep 17 00:00:00 2001 From: Carter Chen Date: Mon, 4 Jul 2022 02:19:48 -0500 -Subject: [PATCH 29/49] Enabling SUITEB192 and SUITEB compile options +Subject: [PATCH 29/60] Enabling SUITEB192 and SUITEB compile options Enabling the compile options for SUITEB and SUITEB-192 related configurations and wpa_cli commands. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0030-DPP-Enabling-CLI_EDIT-option-for-enrollee-plus-respo.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0030-DPP-Enabling-CLI_EDIT-option-for-enrollee-plus-respo.patch index ea78e16dd..aa98785fa 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0030-DPP-Enabling-CLI_EDIT-option-for-enrollee-plus-respo.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0030-DPP-Enabling-CLI_EDIT-option-for-enrollee-plus-respo.patch @@ -1,7 +1,7 @@ From 621de92cbd36719e3febe385411a65ccfa646344 Mon Sep 17 00:00:00 2001 From: "Shankar Amar (CSTIPL CSS ICW SW WFS 1)" Date: Fri, 22 Jul 2022 07:52:30 +0000 -Subject: [PATCH 30/49] DPP: Enabling CLI_EDIT option for enrollee plus +Subject: [PATCH 30/60] DPP: Enabling CLI_EDIT option for enrollee plus responder in STA role with fmac --- diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0031-P2P-Fixes-Scan-trigger-failed-once-GC-invited-by-GO.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0031-P2P-Fixes-Scan-trigger-failed-once-GC-invited-by-GO.patch index 1b94e31b4..516d49a79 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0031-P2P-Fixes-Scan-trigger-failed-once-GC-invited-by-GO.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0031-P2P-Fixes-Scan-trigger-failed-once-GC-invited-by-GO.patch @@ -1,7 +1,7 @@ From a7e23d28ccd14800f0dd3f12bf0d053df6987fe7 Mon Sep 17 00:00:00 2001 From: JasonHuang Date: Tue, 19 Jul 2022 01:44:19 -0500 -Subject: [PATCH 31/49] P2P: Fixes Scan trigger failed, once GC invited by GO +Subject: [PATCH 31/60] P2P: Fixes Scan trigger failed, once GC invited by GO It's regression between 2.9 and 2.10. The 5g frequencys be repeatedly added to the list, then nl80211 driver will return diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0032-non-upstream-SAE-disconnect-after-PMKSA-cache-expire.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0032-non-upstream-SAE-disconnect-after-PMKSA-cache-expire.patch index 3381303ca..d14dfdfcc 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0032-non-upstream-SAE-disconnect-after-PMKSA-cache-expire.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0032-non-upstream-SAE-disconnect-after-PMKSA-cache-expire.patch @@ -1,7 +1,7 @@ From 65ed1eadc11b838a4ba223648bfd3d87bf492319 Mon Sep 17 00:00:00 2001 From: Ian Lin Date: Mon, 18 Jul 2022 00:49:49 -0500 -Subject: [PATCH 32/49] non-upstream: SAE: disconnect after PMKSA cache expire +Subject: [PATCH 32/60] non-upstream: SAE: disconnect after PMKSA cache expire If the dot11RSNAConfigPMKLifetime is set, skip the flow of postponing the expiration in b0f457b6 and run disconnect flow. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0033-Add-support-for-beacon-loss-roaming.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0033-Add-support-for-beacon-loss-roaming.patch index 794236c43..cec9aae8e 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0033-Add-support-for-beacon-loss-roaming.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0033-Add-support-for-beacon-loss-roaming.patch @@ -1,7 +1,7 @@ From b98919427e885679267ac811eb7e02d7209078b4 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 26 Jul 2022 17:24:49 -0400 -Subject: [PATCH 33/49] Add support for beacon loss roaming +Subject: [PATCH 33/60] Add support for beacon loss roaming --- wpa_supplicant/bgscan_learn.c | 19 ++++++++++++++++++- diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0034-wpa_supplicant-Set-PMKSA-to-driver-while-key-mgmt-is.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0034-wpa_supplicant-Set-PMKSA-to-driver-while-key-mgmt-is.patch index 743a338bb..bcd9b3132 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0034-wpa_supplicant-Set-PMKSA-to-driver-while-key-mgmt-is.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0034-wpa_supplicant-Set-PMKSA-to-driver-while-key-mgmt-is.patch @@ -1,7 +1,7 @@ From da53435d4d11db827e3661be372e7b9773eaa842 Mon Sep 17 00:00:00 2001 From: JasonHuang Date: Thu, 8 Sep 2022 03:26:23 -0500 -Subject: [PATCH 34/49] wpa_supplicant: Set PMKSA to driver while key mgmt is +Subject: [PATCH 34/60] wpa_supplicant: Set PMKSA to driver while key mgmt is FT When the fast roaming is determined by the firmware, the diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0035-nl80211-Set-NL80211_SCAN_FLAG_COLOCATED_6GHZ-in-scan.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0035-nl80211-Set-NL80211_SCAN_FLAG_COLOCATED_6GHZ-in-scan.patch index d56ee518b..cdc8aadb1 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0035-nl80211-Set-NL80211_SCAN_FLAG_COLOCATED_6GHZ-in-scan.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0035-nl80211-Set-NL80211_SCAN_FLAG_COLOCATED_6GHZ-in-scan.patch @@ -1,7 +1,7 @@ From 2173b4648a59f7ab499b7974189f2ba025b6a25e Mon Sep 17 00:00:00 2001 From: Tova Mussai Date: Sun, 24 Apr 2022 12:57:52 +0300 -Subject: [PATCH 35/49] nl80211: Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in scan +Subject: [PATCH 35/60] nl80211: Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in scan Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in the scan parameters to enable scanning for co-located APs discovered based on neighbor reports from diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0036-scan-Add-option-to-disable-6-GHz-collocated-scanning.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0036-scan-Add-option-to-disable-6-GHz-collocated-scanning.patch index 61b690c39..545510758 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0036-scan-Add-option-to-disable-6-GHz-collocated-scanning.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0036-scan-Add-option-to-disable-6-GHz-collocated-scanning.patch @@ -1,7 +1,7 @@ From d2aff0911008db10d28424ca5b8d67f852a5bf89 Mon Sep 17 00:00:00 2001 From: Ilan Peer Date: Sun, 24 Apr 2022 12:57:53 +0300 -Subject: [PATCH 36/49] scan: Add option to disable 6 GHz collocated scanning +Subject: [PATCH 36/60] scan: Add option to disable 6 GHz collocated scanning Add a parameter (non_coloc_6ghz=1) to the manual scan command to disable 6 GHz collocated scanning. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0037-Enabling-OWE-in-wpa_supplicant.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0037-Enabling-OWE-in-wpa_supplicant.patch index 27e02add8..f95ebd8a2 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0037-Enabling-OWE-in-wpa_supplicant.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0037-Enabling-OWE-in-wpa_supplicant.patch @@ -1,7 +1,7 @@ From 4a920e2446cff3f215614d63798e675bb5e25549 Mon Sep 17 00:00:00 2001 From: Carter Chen Date: Wed, 19 Oct 2022 03:29:39 -0500 -Subject: [PATCH 37/49] Enabling OWE in wpa_supplicant +Subject: [PATCH 37/60] Enabling OWE in wpa_supplicant Enabling the compile options for OWE. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0038-Add-link-loss-timer-on-beacon-loss.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0038-Add-link-loss-timer-on-beacon-loss.patch index d9b74486c..5371406e4 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0038-Add-link-loss-timer-on-beacon-loss.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0038-Add-link-loss-timer-on-beacon-loss.patch @@ -1,7 +1,7 @@ From f3695ca19a711fbfcda7233f65af13ac9e8a78f7 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 16 Aug 2022 15:00:14 -0400 -Subject: [PATCH 38/49] Add link loss timer on beacon loss +Subject: [PATCH 38/60] Add link loss timer on beacon loss --- wpa_supplicant/bgscan_learn.c | 19 +++++++++++++++++++ diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0039-FT-Sync-nl80211-ext-feature-index.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0039-FT-Sync-nl80211-ext-feature-index.patch index 91ecd85cf..691ca6e7b 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0039-FT-Sync-nl80211-ext-feature-index.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0039-FT-Sync-nl80211-ext-feature-index.patch @@ -1,7 +1,7 @@ From 7076f7634cc9d7a88f009c448ada307841b42a2a Mon Sep 17 00:00:00 2001 From: JasonHuang Date: Sun, 30 Oct 2022 21:58:34 -0500 -Subject: [PATCH 39/49] FT: Sync nl80211 ext feature index +Subject: [PATCH 39/60] FT: Sync nl80211 ext feature index The backports-5.15.58 has been used. Supplicant should sync the nl80211_ext_feature_index with backports to avoid unexpected fail. diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0040-nl80211-Introduce-a-vendor-header-for-vendor-NL-ifac.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0040-nl80211-Introduce-a-vendor-header-for-vendor-NL-ifac.patch index 4aa8a8767..66df83dbc 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0040-nl80211-Introduce-a-vendor-header-for-vendor-NL-ifac.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0040-nl80211-Introduce-a-vendor-header-for-vendor-NL-ifac.patch @@ -1,7 +1,7 @@ From 62c82984916623e6e00053dcb148de71d24bdaf5 Mon Sep 17 00:00:00 2001 From: Gokul Sivakumar Date: Mon, 11 Jul 2022 11:15:25 +0530 -Subject: [PATCH 40/49] nl80211: Introduce a vendor header for vendor NL iface +Subject: [PATCH 40/60] nl80211: Introduce a vendor header for vendor NL iface to DRV with OUI_IFX So far, the proprietary configurations are done either through the private diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0041-add-support-to-offload-TWT-setup-request-handling-to.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0041-add-support-to-offload-TWT-setup-request-handling-to.patch index 5a1d7b781..2ce12de54 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0041-add-support-to-offload-TWT-setup-request-handling-to.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0041-add-support-to-offload-TWT-setup-request-handling-to.patch @@ -1,7 +1,7 @@ From 013beb7bc5036bf627fce3707a7a83344ffa05aa Mon Sep 17 00:00:00 2001 From: Gokul Sivakumar Date: Mon, 11 Jul 2022 11:16:37 +0530 -Subject: [PATCH 41/49] add support to offload TWT setup request handling to +Subject: [PATCH 41/60] add support to offload TWT setup request handling to the Firmware With "TWT_SETUP" control sock cmd interface currently available in the diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0042-add-support-to-offload-TWT-Teardown-request-handling.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0042-add-support-to-offload-TWT-Teardown-request-handling.patch index fda44d72b..03734cdb3 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0042-add-support-to-offload-TWT-Teardown-request-handling.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0042-add-support-to-offload-TWT-Teardown-request-handling.patch @@ -1,7 +1,7 @@ From 9a87c940340e1c665ce7172e7df147d53d1daabe Mon Sep 17 00:00:00 2001 From: Gokul Sivakumar Date: Mon, 11 Jul 2022 11:16:50 +0530 -Subject: [PATCH 42/49] add support to offload TWT Teardown request handling to +Subject: [PATCH 42/60] add support to offload TWT Teardown request handling to the Firmware With "TWT_TEARDOWN" control sock cmd interface currently available in the diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.patch index 9ac59f13f..9d170f489 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0043-Add-support-to-configure-TWT-of-a-session-using-offs.patch @@ -1,7 +1,7 @@ From e03937fecb74cf50d70721ea2a0b14fa5e12153a Mon Sep 17 00:00:00 2001 From: Gokul Sivakumar Date: Mon, 11 Jul 2022 11:17:04 +0530 -Subject: [PATCH 43/49] Add support to configure TWT of a session using offset +Subject: [PATCH 43/60] Add support to configure TWT of a session using offset in microseconds Introduce a new cmd line argument "twt_offset=" in the existing list diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0044-Establish-a-Default-TWT-session-in-the-STA-after-ass.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0044-Establish-a-Default-TWT-session-in-the-STA-after-ass.patch index 027a59838..9c88182b3 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0044-Establish-a-Default-TWT-session-in-the-STA-after-ass.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0044-Establish-a-Default-TWT-session-in-the-STA-after-ass.patch @@ -1,7 +1,7 @@ From 045ff0dc8aaa1297096c7a941045c74bf1a0e7f3 Mon Sep 17 00:00:00 2001 From: Ramanathan Ramakrishnan Date: Thu, 27 Oct 2022 06:00:28 -0500 -Subject: [PATCH 44/49] Establish a Default TWT session in the STA after +Subject: [PATCH 44/60] Establish a Default TWT session in the STA after associating with the AP Add a new wpa_supplicant conf param "twt_def_algo" to set the Default/Auto diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0045-validate-the-TWT-parameters-exponent-and-mantissa-pa.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0045-validate-the-TWT-parameters-exponent-and-mantissa-pa.patch index 627f15b66..96f864a51 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0045-validate-the-TWT-parameters-exponent-and-mantissa-pa.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0045-validate-the-TWT-parameters-exponent-and-mantissa-pa.patch @@ -1,7 +1,7 @@ From ad935d3fefec7f775188d305a5bf63a64d30a065 Mon Sep 17 00:00:00 2001 From: Gokul Sivakumar Date: Fri, 11 Nov 2022 19:40:04 +0530 -Subject: [PATCH 45/49] validate the TWT parameters exponent and mantissa +Subject: [PATCH 45/60] validate the TWT parameters exponent and mantissa passed to wpa_cli The exponent is a 5 bit param and the max value is 31 (0x1F). The mantissa diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0046-Fix-for-station-sending-open-auth-instead-of-SAE-aut.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0046-Fix-for-station-sending-open-auth-instead-of-SAE-aut.patch index 21d23f945..967fcda37 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0046-Fix-for-station-sending-open-auth-instead-of-SAE-aut.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0046-Fix-for-station-sending-open-auth-instead-of-SAE-aut.patch @@ -1,7 +1,7 @@ From ed256e852f6ff9c45974128cba4d2f0fbbdece2f Mon Sep 17 00:00:00 2001 From: Ramesh Rangavittal Date: Mon, 21 Nov 2022 11:21:59 -0600 -Subject: [PATCH 46/49] Fix for station sending open auth instead of SAE auth +Subject: [PATCH 46/60] Fix for station sending open auth instead of SAE auth --- wpa_supplicant/events.c | 2 +- diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0047-Fix-ROAMOFFLOAD-raises-portValid-too-early.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0047-Fix-ROAMOFFLOAD-raises-portValid-too-early.patch deleted file mode 100644 index 5a2f6cdae..000000000 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0047-Fix-ROAMOFFLOAD-raises-portValid-too-early.patch +++ /dev/null @@ -1,54 +0,0 @@ -From a5ae9fcc3baa099a86ecd2739caadf624258a49d Mon Sep 17 00:00:00 2001 -From: Carter Chen -Date: Mon, 28 Nov 2022 21:39:48 -0600 -Subject: [PATCH 47/49] Fix ROAMOFFLOAD raises portValid too early - -1.) while WPA_DRIVER_FLAGS_ROAM_OFFLOAD flag is set, -and if the cipher_mgmt is 8021x related, -the portValid is set while get wpa_supplicant_event_assoc. - -portValid will make the state_machine of SUPP_PAE jumps AUTHENTICATING to AUTHENTICATED. - -2.) while WPA_DRIVER_FLAGS_ROAM_OFFLOAD flag is set, -the PMKCacheLifeTime and pmksa_cache_reauth timer are set while recevied -assoc response. - -3.) if the PMKCacheLifeTime is set to a small value for disable PMK -cache. the pmksa_cache_reauth will expire right away, -for example, while doing 4-way handshake, the timer has expired. - -in case the timer of pmksa_cache_reauth has expired, -if the state of SUPP_PAE is AUTHENTICATED, -eapol_sm_txStart will be called and restart the Radius handshake. - -Solution: ROAM_OFFLOAD and cipher_mgmt is FT related, such as, FT_1X or -FT_PSK. then raise portValid. - -Fixes: SWLINUX-3041 - -Signed-off-by: Carter Chen ---- - wpa_supplicant/events.c | 7 ++++--- - 1 file changed, 4 insertions(+), 3 deletions(-) - -diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c -index 975110b57..b42f758ce 100644 ---- a/wpa_supplicant/events.c -+++ b/wpa_supplicant/events.c -@@ -3425,9 +3425,10 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, - wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); - eapol_sm_notify_portValid(wpa_s->eapol, true); - eapol_sm_notify_eap_success(wpa_s->eapol, true); -- } else if (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) || -- (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS_ROAM_OFFLOAD)) && -- wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { -+ } else if (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) && -+ wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) || -+ ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS_ROAM_OFFLOAD) && -+ wpa_key_mgmt_ft(wpa_s->key_mgmt))) { - /* - * The driver will take care of RSN 4-way handshake, so we need - * to allow EAPOL supplicant to complete its work without --- -2.17.1 - diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch similarity index 94% rename from meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch rename to meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch index de1124705..150b9c057 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch @@ -1,7 +1,7 @@ -From 897917008b37a16985d0f1ae9d768c6450741574 Mon Sep 17 00:00:00 2001 +From e21ce4eefab80c4d2e8ccf3b6d29cef5af6f955b Mon Sep 17 00:00:00 2001 From: Owen Huang Date: Wed, 30 Nov 2022 01:35:58 -0600 -Subject: [PATCH 48/49] Fix associating failed when PMK lifetime is set to 1 +Subject: [PATCH 47/60] Fix associating failed when PMK lifetime is set to 1 In WPA3 11.1 STAUT server certificate validation test * set dot11RSNAConfigPMKLifetime to 1 diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0049-non-upstream-p2p_add_group-command-unification.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0048-non-upstream-p2p_add_group-command-unification.patch similarity index 95% rename from meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0049-non-upstream-p2p_add_group-command-unification.patch rename to meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0048-non-upstream-p2p_add_group-command-unification.patch index f4e0e02af..b222b47d6 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0049-non-upstream-p2p_add_group-command-unification.patch +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0048-non-upstream-p2p_add_group-command-unification.patch @@ -1,7 +1,7 @@ -From 4624039b5463b1c36fc34cd5ec517a7473981591 Mon Sep 17 00:00:00 2001 +From 34b6fcfddf0004d57c3cdb6a8179339189ff5cf7 Mon Sep 17 00:00:00 2001 From: Carter Chen Date: Thu, 8 Dec 2022 02:37:48 -0600 -Subject: [PATCH 49/49] non-upstream: p2p_add_group command unification +Subject: [PATCH 48/60] non-upstream: p2p_add_group command unification supporting specify operation group of p2p. - wpa_cli p2p_group_add freq=5180/80 diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.patch new file mode 100644 index 000000000..d4000755f --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.patch @@ -0,0 +1,765 @@ +From 67be9ce68d84e2800b481123a0c140e5ad912619 Mon Sep 17 00:00:00 2001 +From: Carter Chen +Date: Wed, 14 Dec 2022 01:34:23 -0600 +Subject: [PATCH 49/60] non-upstream: MBO: wpa_cli mbo command by IFX vendorID + +Signed-off-by: Carter Chen +Signed-off-by: Shelley Yang +--- + src/common/ifx_vendor.h | 52 ++++++++ + src/drivers/driver.h | 46 +++++++ + src/drivers/driver_nl80211.c | 141 ++++++++++++++++++++++ + src/drivers/driver_nl80211.h | 1 + + src/drivers/driver_nl80211_capa.c | 3 + + wpa_supplicant/ctrl_iface.c | 193 ++++++++++++++++++++++++++++++ + wpa_supplicant/driver_i.h | 8 ++ + wpa_supplicant/mbo.c | 119 ++++++++++++++++++ + wpa_supplicant/wpa_cli.c | 15 +++ + wpa_supplicant/wpa_supplicant_i.h | 9 ++ + 10 files changed, 587 insertions(+) + +diff --git a/src/common/ifx_vendor.h b/src/common/ifx_vendor.h +index aa8e83bc7..6cd3b874c 100644 +--- a/src/common/ifx_vendor.h ++++ b/src/common/ifx_vendor.h +@@ -56,6 +56,8 @@ + * + * @IFX_VENDOR_SCMD_TWT: Vendor subcommand to configure TWT + * Uses attributes defined in enum ifx_vendor_attr_twt. ++ * @IFX_VENDOR_SCMD_MBO: Vendor subcommand to configure MBO ++ * Uses attribute IFX_VENDOR_ATTR_MBO to configure. + * + * @IFX_VENDOR_SCMD_MAX: This acts as a the tail of cmds list. + * Make sure it located at the end of the list. +@@ -74,6 +76,8 @@ enum ifx_nl80211_vendor_subcmds { + IFX_VENDOR_SCMD_LDPC_CAP = 12, + IFX_VENDOR_SCMD_AMSDU = 13, + IFX_VENDOR_SCMD_TWT = 14, ++ /* Reserved 15-17 */ ++ IFX_VENDOR_SCMD_MBO = 18, + IFX_VENDOR_SCMD_MAX + }; + +@@ -96,6 +100,13 @@ enum ifx_vendor_attr { + IFX_VENDOR_ATTR_MAX = 11 + }; + ++enum ifx_vendor_attr_mbo { ++ IFX_VENDOR_ATTR_MBO_UNSPEC, ++ IFX_VENDOR_ATTR_MBO_CMD, ++ IFX_VENDOR_ATTR_MBO_PARAMS, ++ IFX_VENDOR_ATTR_MBO_MAX ++}; ++ + /* + * enum ifx_vendor_attr_twt - Attributes for the TWT vendor command + * +@@ -260,4 +271,45 @@ enum ifx_twt_oper_setup_cmd_type { + IFX_TWT_OPER_SETUP_CMD_TYPE_MAX = 8 + }; + ++enum ifx_mbo_config_cmd_type { ++ IFX_MBO_CONFIG_CMD_TYPE_INVALID = -1, ++ //align internal definition ++ IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF = 1, ++ IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF = 2, ++ IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF = 3, ++ IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP = 4, ++ IFX_MBO_CONFIG_CMD_DUMP_COUNTER = 5, ++ IFX_MBO_CONFIG_CMD_CLEAR_COUNTER = 6, ++ IFX_MBO_CONFIG_CMD_FORCE_ASSOC = 7, ++ IFX_MBO_CONFIG_CMD_BSSTRANS_REJ = 8, ++ IFX_MBO_CONFIG_CMD_SEND_NOTIF = 9, ++ IFX_MBO_CONFIG_CMD_CLR_CHAN_PREF = 10, ++ IFX_MBO_CONFIG_CMD_NBR_INFO_CACHE = 11, ++ IFX_MBO_CONFIG_CMD_ANQPO_SUPPORT = 12, ++ IFX_MBO_CONFIG_CMD_DBG_EVENT_CHECK = 13, ++ IFX_MBO_CONFIG_CMD_EVENT_MASK = 14, ++ IFX_MBO_CONFIG_CMD_ASSOC_DISALLOWED = 15, ++ IFX_MBO_CONFIG_CMD_CELLULAR_DATA_PREF = 16, ++ IFX_MBO_CONFIG_CMD_TYPE_MAX = 17 ++}; ++ ++enum ifx_vendor_attr_mbo_param { ++ IFX_VENDOR_ATTR_MBO_PARAM_UNSPEC, ++ IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS, ++ IFX_VENDOR_ATTR_MBO_PARAM_CHAN, ++ IFX_VENDOR_ATTR_MBO_PARAM_PREFERENCE, ++ IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE, ++ IFX_VENDOR_ATTR_MBO_PARAM_CELL_DATA_CAP, ++ IFX_VENDOR_ATTR_MBO_PARAM_COUNTERS, ++ IFX_VENDOR_ATTR_MBO_PARAM_ENABLE, ++ IFX_VENDOR_ATTR_MBO_PARAM_SUB_ELEM_TYPE, ++ IFX_VENDOR_ATTR_MBO_PARAM_BTQ_TRIG_START_OFFSET, ++ IFX_VENDOR_ATTR_MBO_PARAM_BTQ_TRIG_RSSI_DELTA, ++ IFX_VENDOR_ATTR_MBO_PARAM_ANQP_CELL_SUPP, ++ IFX_VENDOR_ATTR_MBO_PARAM_BIT_MASK, ++ IFX_VENDOR_ATTR_MBO_PARAM_ASSOC_DISALLOWED, ++ IFX_VENDOR_ATTR_MBO_PARAM_CELLULAR_DATA_PREF, ++ IFX_VENDOR_ATTR_MBO_PARAM_MAX ++}; ++ + #endif /* IFX_VENDOR_H */ +diff --git a/src/drivers/driver.h b/src/drivers/driver.h +index 23f599bef..996614ee5 100644 +--- a/src/drivers/driver.h ++++ b/src/drivers/driver.h +@@ -2553,6 +2553,51 @@ struct drv_teardown_twt_params { + u8 teardown_all_twt; + }; + #endif /* CONFIG_TWT_OFFLOAD_IFX */ ++ ++struct drv_config_mbo_params { ++ u8 cmd; ++ union { ++ struct { ++ u8 op_class; ++ u8 chan; ++ u8 pref_val; ++ u8 reason; ++ } add_chan_pref; ++ struct { ++ u8 op_class; ++ u8 chan; ++ } del_chan_pref; ++ struct { ++ u8 cap; ++ } cell_data_cap; ++ struct { ++ u8 enable; ++ } force_assoc; ++ struct { ++ u8 enable; ++ u8 reason; ++ } bsstrans_reject; ++ struct { ++ u8 type; ++ } send_notif; ++ struct { ++ u8 enable; ++ u8 t_offset; ++ u8 trig_delta; ++ } nbr_info_cache; ++ struct { ++ u8 enable; ++ u8 value; ++ } anqpo_support; ++ struct { ++ u8 disallow; ++ u8 reason; ++ } assoc_disallow; ++ struct { ++ u8 pref_value; ++ } cellular_pref; ++ } u; ++}; + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + struct wpa_bss_trans_info { +@@ -4681,6 +4726,7 @@ struct wpa_driver_ops { + */ + int (*teardown_twt)(void *priv, struct drv_teardown_twt_params *params); + #endif /* CONFIG_TWT_OFFLOAD_IFX */ ++ int (*config_mbo)(void *priv, struct drv_config_mbo_params *params); + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + }; +diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c +index 3d98e5943..506b1e406 100644 +--- a/src/drivers/driver_nl80211.c ++++ b/src/drivers/driver_nl80211.c +@@ -12473,6 +12473,146 @@ fail: + return ret; + } + #endif /* CONFIG_TWT_OFFLOAD_IFX */ ++ ++static int wpa_driver_nl80211_config_mbo(void *priv, struct drv_config_mbo_params *params) ++{ ++ struct i802_bss *bss = priv; ++ struct wpa_driver_nl80211_data *drv = bss->drv; ++ struct nl_msg *msg = NULL; ++ struct nlattr *data, *mbo_param_attrs; ++ int ret = -1; ++ ++ if (!drv->ifx_mbo_offload) ++ goto fail; ++ ++ if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || ++ nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_IFX) || ++ nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, IFX_VENDOR_SCMD_MBO)) ++ goto fail; ++ ++ data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); ++ if (!data) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_CMD, params->cmd)) ++ goto fail; ++ ++ switch (params->cmd) { ++ case IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS, ++ params->u.add_chan_pref.op_class) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CHAN, ++ params->u.add_chan_pref.chan) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_PREFERENCE, ++ params->u.add_chan_pref.pref_val) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE, ++ params->u.add_chan_pref.reason)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_OPCLASS, ++ params->u.del_chan_pref.op_class) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CHAN, ++ params->u.del_chan_pref.chan)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_CELL_DATA_CAP, ++ params->u.cell_data_cap.cap)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_FORCE_ASSOC: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_ENABLE, ++ params->u.force_assoc.enable)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_FORCE_ASSOC msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_BSSTRANS_REJ: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_ENABLE, ++ params->u.bsstrans_reject.enable) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_REASON_CODE, ++ params->u.bsstrans_reject.reason)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_SEND_NOTIF: ++ mbo_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_MBO_PARAMS); ++ if (!mbo_param_attrs) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_MBO_PARAM_SUB_ELEM_TYPE, ++ params->u.send_notif.type)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: build IFX_MBO_CONFIG_CMD_FORCE_ASSOC msg failed"); ++ goto fail; ++ } ++ nla_nest_end(msg, mbo_param_attrs); ++ break; ++ case IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF: ++ case IFX_MBO_CONFIG_CMD_DUMP_COUNTER: ++ case IFX_MBO_CONFIG_CMD_CLEAR_COUNTER: ++ wpa_printf(MSG_DEBUG, ++ "MBO config: cmd %d doesn't need extra attribute", ++ params->cmd); ++ break; ++ default: ++ break; ++ } ++ ++ nla_nest_end(msg, data); ++ ++ ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); ++ if (ret) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: MBO config: Failed to invoke driver " ++ "MBO config function: %s", ++ strerror(-ret)); ++ } ++ ++ return ret; ++fail: ++ nl80211_nlmsg_clear(msg); ++ nlmsg_free(msg); ++ return ret; ++} + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + const struct wpa_driver_ops wpa_driver_nl80211_ops = { +@@ -12624,5 +12764,6 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = { + .setup_twt = wpa_driver_nl80211_setup_twt, + .teardown_twt = wpa_driver_nl80211_teardown_twt, + #endif /* CONFIG_TWT_OFFLOAD_IFX */ ++ .config_mbo = wpa_driver_nl80211_config_mbo, + #endif /* CONFIG_DRIVER_NL80211_IFX */ + }; +diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h +index f681afb41..6d2c09477 100644 +--- a/src/drivers/driver_nl80211.h ++++ b/src/drivers/driver_nl80211.h +@@ -182,6 +182,7 @@ struct wpa_driver_nl80211_data { + unsigned int brcm_do_acs:1; + #ifdef CONFIG_DRIVER_NL80211_IFX + unsigned int ifx_twt_offload:1; ++ unsigned int ifx_mbo_offload:1; + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + u64 vendor_scan_cookie; +diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c +index 19d1569bf..b0807a7fc 100644 +--- a/src/drivers/driver_nl80211_capa.c ++++ b/src/drivers/driver_nl80211_capa.c +@@ -1059,6 +1059,9 @@ static int wiphy_info_handler(struct nl_msg *msg, void *arg) + case IFX_VENDOR_SCMD_TWT: + drv->ifx_twt_offload = 1; + break; ++ case IFX_VENDOR_SCMD_MBO: ++ drv->ifx_mbo_offload = 1; ++ break; + } + #endif /* CONFIG_DRIVER_NL80211_IFX */ + } +diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c +index 90cc4861c..9f0149a20 100644 +--- a/wpa_supplicant/ctrl_iface.c ++++ b/wpa_supplicant/ctrl_iface.c +@@ -10150,6 +10150,194 @@ static int wpas_ctrl_iface_send_twt_teardown(struct wpa_supplicant *wpa_s, + } + + ++#ifdef CONFIG_DRIVER_NL80211_IFX ++int wpas_config_offload_send_mbo_config(struct wpa_supplicant *wpa_s, u8 cmd_id, ++ u8 oper_class, u8 chan, u8 pref_val, ++ u8 reason_code, u8 enable, u8 notif_type, ++ u8 time_offset, u8 rssi_trig_delta, ++ bool enable_anqpo, bool enable_cell_pref, ++ u8 cell_pref_val, u8 cell_cap) ++{ ++ struct drv_config_mbo_params params; ++ int ret = 0; ++ ++ memset(¶ms, 0, sizeof(struct drv_config_mbo_params)); ++ ++ switch (cmd_id) { ++ case IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF: ++ if (!oper_class || !chan || ++ (pref_val != 0 && pref_val != 1 && pref_val != 255) || ++ reason_code > 3) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for add_chan_pref oper_class: %d " ++ "chan:%d pref_val:%d reason_code:%d", ++ oper_class, chan, pref_val, reason_code); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.add_chan_pref.op_class = oper_class; ++ params.u.add_chan_pref.chan = chan; ++ params.u.add_chan_pref.pref_val = pref_val; ++ params.u.add_chan_pref.reason = reason_code; ++ break; ++ case IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF: ++ if (!oper_class || !chan) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for del_chan_pref " ++ "oper_class: %d chan:%d", ++ oper_class, chan); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.del_chan_pref.op_class = oper_class; ++ params.u.del_chan_pref.chan = chan; ++ break; ++ case IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF: ++ case IFX_MBO_CONFIG_CMD_DUMP_COUNTER: ++ case IFX_MBO_CONFIG_CMD_CLEAR_COUNTER: ++ params.cmd = cmd_id; ++ break; ++ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP: ++ if (!cell_cap || cell_cap > 3) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for cellular_data_cap:%d", ++ cell_cap); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.cell_data_cap.cap = cell_cap; ++ break; ++ case IFX_MBO_CONFIG_CMD_FORCE_ASSOC: ++ if (enable > 1) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for force_assoc:%d", ++ enable); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.force_assoc.enable = enable; ++ break; ++ case IFX_MBO_CONFIG_CMD_BSSTRANS_REJ: ++ if (enable > 1 || reason_code > 6) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for bsstrans reject, enable:%d, reason:%d", ++ enable, reason_code); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.bsstrans_reject.enable = enable; ++ params.u.bsstrans_reject.reason = reason_code; ++ break; ++ case IFX_MBO_CONFIG_CMD_SEND_NOTIF: ++ if (notif_type != 2 && notif_type != 3) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for send notifty:%d", ++ notif_type); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.send_notif.type = notif_type; ++ break; ++ case IFX_MBO_CONFIG_CMD_NBR_INFO_CACHE: ++ case IFX_MBO_CONFIG_CMD_ANQPO_SUPPORT: ++ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_PREF: ++ default: ++ wpa_printf(MSG_DEBUG, "MBO: Unsupported cmd_id %d", ++ cmd_id); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ ++ ret = wpa_drv_config_mbo(wpa_s, ¶ms); ++ ++fail: ++ return ret; ++} ++ ++static int wpas_ctrl_iface_send_mbo_config(struct wpa_supplicant *wpa_s, ++ const char *cmd) ++{ ++ u8 oper_class = 0; ++ u8 chan = 0; ++ u8 pref_val = 0; ++ u8 reason_code = 0; ++ u8 cmd_id = 0; ++ u8 enable = 0; ++ u8 notif_type = 0; ++ u8 time_offset = 0; ++ u8 rssi_trig_delta = 0; ++ bool enable_anqpo = false; ++ bool enable_cell_pref = false; ++ u8 cell_pref_val = 0; ++ u8 cell_cap = 0; ++ const char *tok_s; ++ ++ tok_s = os_strstr(cmd, " cmd_id="); ++ if (tok_s) ++ cmd_id = strtol(tok_s + os_strlen(" cmd_id="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " oper_class="); ++ if (tok_s) ++ oper_class = strtol(tok_s + os_strlen(" oper_class="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " pref_val="); ++ if (tok_s) ++ pref_val = strtol(tok_s + os_strlen(" pref_val="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " reason_code="); ++ if (tok_s) ++ reason_code = strtol(tok_s + os_strlen(" reason_code="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " chan="); ++ if (tok_s) ++ chan = strtol(tok_s + os_strlen(" chan="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " cell_cap="); ++ if (tok_s) ++ cell_cap = strtol(tok_s + os_strlen(" cell_cap="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " enable="); ++ if (tok_s) ++ enable = strtol(tok_s + os_strlen(" enable="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " notif_type="); ++ if (tok_s) ++ notif_type = strtol(tok_s + os_strlen(" notif_type="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " time_offset="); ++ if (tok_s) ++ time_offset = strtol(tok_s + os_strlen(" time_offset="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " rssi_trig_delta="); ++ if (tok_s) ++ rssi_trig_delta = strtol(tok_s + os_strlen(" rssi_trig_delta="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " enable_anqpo="); ++ if (tok_s) ++ enable_anqpo = strtol(tok_s + os_strlen(" enable_anqpo="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " enable_cell_pref="); ++ if (tok_s) ++ enable_cell_pref = strtol(tok_s + os_strlen(" enable_cell_pref="), NULL, 10); ++ ++ tok_s = os_strstr(cmd, " cell_pref_val="); ++ if (tok_s) ++ cell_pref_val = strtol(tok_s + os_strlen(" cell_pref_val="), NULL, 10); ++ ++ return wpas_config_offload_send_mbo_config(wpa_s, cmd_id, oper_class, ++ chan, pref_val, reason_code, ++ enable, notif_type, time_offset, ++ rssi_trig_delta, enable_anqpo, ++ enable_cell_pref, cell_pref_val, ++ cell_cap); ++} ++#endif /* CONFIG_DRIVER_NL80211_IFX */ + + static int wpas_ctrl_vendor_elem_add(struct wpa_supplicant *wpa_s, char *cmd) + { +@@ -12271,6 +12459,11 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, + } else if (os_strcmp(buf, "TWT_SETUP") == 0) { + if (wpas_ctrl_iface_send_twt_setup(wpa_s, "")) + reply_len = -1; ++#ifdef CONFIG_DRIVER_NL80211_IFX ++ } else if (os_strncmp(buf, "MBO ", 4) == 0) { ++ if (wpas_ctrl_iface_send_mbo_config(wpa_s, buf + 3)) ++ reply_len = -1; ++#endif /* CONFIG_DRIVER_NL80211_IFX */ + } else if (os_strncmp(buf, "TWT_TEARDOWN ", 13) == 0) { + if (wpas_ctrl_iface_send_twt_teardown(wpa_s, buf + 12)) + reply_len = -1; +diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h +index 9a7975a6a..2fcfa44a6 100644 +--- a/wpa_supplicant/driver_i.h ++++ b/wpa_supplicant/driver_i.h +@@ -1145,6 +1145,14 @@ static inline int wpa_drv_teardown_twt(struct wpa_supplicant *wpa_s, + return wpa_s->driver->teardown_twt(wpa_s->drv_priv, params); + } + #endif /* CONFIG_TWT_OFFLOAD_IFX */ ++ ++static inline int wpa_drv_config_mbo(struct wpa_supplicant *wpa_s, ++ struct drv_config_mbo_params *params) ++{ ++ if (!wpa_s->driver->config_mbo) ++ return -1; ++ return wpa_s->driver->config_mbo(wpa_s->drv_priv, params); ++} + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + #endif /* DRIVER_I_H */ +diff --git a/wpa_supplicant/mbo.c b/wpa_supplicant/mbo.c +index 3df86ef07..714f9ef6f 100644 +--- a/wpa_supplicant/mbo.c ++++ b/wpa_supplicant/mbo.c +@@ -663,3 +663,122 @@ void mbo_parse_rx_anqp_resp(struct wpa_supplicant *wpa_s, + break; + } + } ++ ++#ifdef CONFIG_DRIVER_NL80211_IFX ++int wpas_config_offload_send_mbo_config(struct wpa_supplicant *wpa_s, u8 cmd_id, ++ u8 oper_class, u8 chan, u8 pref_val, ++ u8 reason_code, u8 enable, u8 notif_type, ++ u8 time_offset, u8 rssi_trig_delta, ++ bool enable_anqpo, bool enable_cell_pref, ++ u8 cell_pref_val, u8 cell_cap) ++{ ++ struct drv_config_mbo_params params; ++ int ret = 0; ++ ++ memset(¶ms, 0, sizeof(struct drv_config_mbo_params)); ++ ++ switch (cmd_id) { ++ case IFX_MBO_CONFIG_CMD_ADD_CHAN_PREF: ++ if (!oper_class || !chan || ++ (pref_val != 0 && pref_val != 1 && pref_val != 255) || ++ reason_code > 3) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for add_chan_pref oper_class: %d " ++ "chan:%d pref_val:%d reason_code:%d", ++ oper_class, chan, pref_val, reason_code); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.add_chan_pref.op_class = oper_class; ++ params.u.add_chan_pref.chan = chan; ++ params.u.add_chan_pref.pref_val = pref_val; ++ params.u.add_chan_pref.reason = reason; ++ break; ++ case IFX_MBO_CONFIG_CMD_DEL_CHAN_PREF: ++ if (!oper_class || !chan) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for del_chan_pref " ++ "oper_class: %d chan:%d", ++ oper_class, chan); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.del_chan_pref.op_class = oper_class; ++ params.u.del_chan_pref.chan = chan; ++ break; ++ case IFX_MBO_CONFIG_CMD_LIST_CHAN_PREF: ++ params.cmd = cmd_id; ++ break; ++ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_CAP: ++ if (!cell_cap || cell_cap > 3) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for cellular_data_cap:%d", ++ cell_cap); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.cell_data_cap.cap = cell_cap; ++ break; ++ case IFX_MBO_CONFIG_CMD_DUMP_COUNTER: ++ params.cmd = cmd_id; ++ break; ++ case IFX_MBO_CONFIG_CMD_CLEAR_COUNTER: ++ params.cmd = cmd_id; ++ break; ++ case IFX_MBO_CONFIG_CMD_FORCE_ASSOC: ++ if (enable > 1) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for force_assoc:%d", ++ enable); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.force_assoc.enable = enable; ++ break; ++ case IFX_MBO_CONFIG_CMD_BSSTRANS_REJ: ++ if (enable > 1 || reason_code > 6) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for bsstrans reject, enable:%d, reason:%d", ++ enable, reason_code); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.bsstrans_reject.enable = enable; ++ params.u.bsstrans_reject.reason = reason_code; ++ break; ++ case IFX_MBO_CONFIG_CMD_SEND_NOTIF: ++ if (notif_type != 2 && notif_type != 3) { ++ wpa_printf(MSG_ERROR, ++ "MBO: incorrect parameter for send notifty:%d", ++ notif_type); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ params.cmd = cmd_id; ++ params.u.send_notif.type = notif_type; ++ break; ++ case IFX_MBO_CONFIG_CMD_NBR_INFO_CACHE: ++ break; ++ case IFX_MBO_CONFIG_CMD_ANQPO_SUPPORT: ++ break; ++ case IFX_MBO_CONFIG_CMD_CELLULAR_DATA_PREF: ++ break; ++ default: ++ wpa_printf(MSG_DEBUG, "MBO: Unsupported cmd_id %d", ++ cmd_id); ++ ret = -EOPNOTSUPP; ++ goto fail; ++ } ++ ++ ret = wpa_drv_config_mbo(wpa_s, params); ++ ++fail: ++ return ret; ++} ++#endif /* CONFIG_DRIVER_NL80211_IFX */ ++ +diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c +index 07160b5da..3055417fe 100644 +--- a/wpa_supplicant/wpa_cli.c ++++ b/wpa_supplicant/wpa_cli.c +@@ -2957,6 +2957,15 @@ static int wpa_cli_cmd_twt_teardown(struct wpa_ctrl *ctrl, int argc, + } + + ++#ifdef CONFIG_DRIVER_NL80211_IFX ++static int wpa_cli_cmd_mbo_config(struct wpa_ctrl *ctrl, int argc, ++ char *argv[]) ++{ ++ return wpa_cli_cmd(ctrl, "MBO", 0, argc, argv); ++} ++#endif /* CONFIG_DRIVER_NL80211_IFX */ ++ ++ + static int wpa_cli_cmd_erp_flush(struct wpa_ctrl *ctrl, int argc, char *argv[]) + { + return wpa_ctrl_command(ctrl, "ERP_FLUSH"); +@@ -3880,8 +3889,14 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = { + }, + { "twt_teardown", + wpa_cli_cmd_twt_teardown, NULL, cli_cmd_flag_none, ++ "[cmd_id=] [oper_class=0|1|255] [pref_val=0|1|255] [reason_code=] [chan=] [cell_cap=1|2] [enable=0|1] [notif_type=2|3] = Send MBO Setup frame" ++ }, ++#ifdef CONFIG_DRIVER_NL80211_IFX ++ { "mbo", ++ wpa_cli_cmd_mbo_config, NULL, cli_cmd_flag_none, + "[flags=] = Send TWT Teardown frame" + }, ++#endif/* CONFIG_DRIVER_NL80211_IFX */ + { "erp_flush", wpa_cli_cmd_erp_flush, NULL, cli_cmd_flag_none, + "= flush ERP keys" }, + { "mac_rand_scan", +diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h +index 28eff55ed..553d27d2c 100644 +--- a/wpa_supplicant/wpa_supplicant_i.h ++++ b/wpa_supplicant/wpa_supplicant_i.h +@@ -1712,6 +1712,15 @@ void mbo_parse_rx_anqp_resp(struct wpa_supplicant *wpa_s, + const u8 *data, size_t slen); + void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s); + ++#ifdef CONFIG_DRIVER_NL80211_IFX ++int wpas_config_offload_send_mbo_config(struct wpa_supplicant *wpa_s, u8 cmd_id, ++ u8 oper_class, u8 chan, u8 pref_val, ++ u8 reason_code, u8 enable, u8 notif_type, ++ u8 time_offset, u8 rssi_trig_delta, ++ bool enable_anqpo, bool enable_cell_pref, ++ u8 cell_pref_val, u8 cell_cap); ++#endif /* CONFIG_DRIVER_NL80211_IFX */ ++ + /* op_classes.c */ + enum chan_allowed { + NOT_ALLOWED, NO_IR, RADAR, ALLOWED +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.patch new file mode 100644 index 000000000..c315cf322 --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.patch @@ -0,0 +1,94 @@ +From cfaf2f6273ddd9ac618c61bc2294fb60297100a7 Mon Sep 17 00:00:00 2001 +From: Jouni Malinen +Date: Wed, 6 Apr 2022 16:13:22 +0300 +Subject: [PATCH 50/60] EAP-TLS: Allow TLSv1.3 support to be enabled with build + config + +The default behavior in wpa_supplicant is to disable use of TLSv1.3 in +EAP-TLS unless explicitly enabled in network configuration. The new +CONFIG_EAP_TLSV1_3=y build parameter can be used to change this to +enable TLSv1.3 by default (if supported by the TLS library). + +Signed-off-by: Jouni Malinen +--- + src/eap_peer/eap_tls_common.c | 12 +++++++----- + wpa_supplicant/Android.mk | 3 +++ + wpa_supplicant/Makefile | 3 +++ + wpa_supplicant/defconfig | 3 +++ + 4 files changed, 16 insertions(+), 5 deletions(-) + +diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c +index c1837db06..5fb894501 100644 +--- a/src/eap_peer/eap_tls_common.c ++++ b/src/eap_peer/eap_tls_common.c +@@ -192,18 +192,20 @@ static int eap_tls_params_from_conf(struct eap_sm *sm, + * TLS v1.3 changes, so disable this by default for now. */ + params->flags |= TLS_CONN_DISABLE_TLSv1_3; + } ++#ifndef EAP_TLSV1_3 + if (data->eap_type == EAP_TYPE_TLS || + data->eap_type == EAP_UNAUTH_TLS_TYPE || + data->eap_type == EAP_WFA_UNAUTH_TLS_TYPE) { + /* While the current EAP-TLS implementation is more or less +- * complete for TLS v1.3, there has been no interoperability +- * testing with other implementations, so disable for by default +- * for now until there has been chance to confirm that no +- * significant interoperability issues show up with TLS version +- * update. ++ * complete for TLS v1.3, there has been only minimal ++ * interoperability testing with other implementations, so ++ * disable it by default for now until there has been chance to ++ * confirm that no significant interoperability issues show up ++ * with TLS version update. + */ + params->flags |= TLS_CONN_DISABLE_TLSv1_3; + } ++#endif /* EAP_TLSV1_3 */ + if (phase2 && sm->use_machine_cred) { + wpa_printf(MSG_DEBUG, "TLS: using machine config options"); + eap_tls_params_from_conf2m(params, config); +diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk +index 892cb7507..a54517eea 100644 +--- a/wpa_supplicant/Android.mk ++++ b/wpa_supplicant/Android.mk +@@ -482,6 +482,9 @@ OBJS += src/eap_peer/eap_tls.c + endif + TLS_FUNCS=y + CONFIG_IEEE8021X_EAPOL=y ++ifdef CONFIG_EAP_TLSV1_3 ++L_CFLAGS += -DEAP_TLSV1_3 ++endif + endif + + ifdef CONFIG_EAP_UNAUTH_TLS +diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile +index 16e484ce6..8978546c8 100644 +--- a/wpa_supplicant/Makefile ++++ b/wpa_supplicant/Makefile +@@ -484,6 +484,9 @@ OBJS += ../src/eap_peer/eap_tls.o + endif + TLS_FUNCS=y + CONFIG_IEEE8021X_EAPOL=y ++ifdef CONFIG_EAP_TLSV1_3 ++CFLAGS += -DEAP_TLSV1_3 ++endif + endif + + ifdef CONFIG_EAP_UNAUTH_TLS +diff --git a/wpa_supplicant/defconfig b/wpa_supplicant/defconfig +index a4719dbb5..ab3fba322 100644 +--- a/wpa_supplicant/defconfig ++++ b/wpa_supplicant/defconfig +@@ -101,6 +101,9 @@ CONFIG_EAP_MSCHAPV2=y + + # EAP-TLS + CONFIG_EAP_TLS=y ++# Enable EAP-TLSv1.3 support by default (currently disabled unless explicitly ++# enabled in network configuration) ++#CONFIG_EAP_TLSV1_3=y + + # EAL-PEAP + CONFIG_EAP_PEAP=y +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0051-Enabling-TLS-v1.3-by-default.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0051-Enabling-TLS-v1.3-by-default.patch new file mode 100644 index 000000000..65e270a6d --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0051-Enabling-TLS-v1.3-by-default.patch @@ -0,0 +1,27 @@ +From 39e1c0d43c57f3f76ac02813caa75b7a3dfb5d69 Mon Sep 17 00:00:00 2001 +From: Carter Chen +Date: Fri, 24 Mar 2023 01:45:06 -0500 +Subject: [PATCH 51/60] Enabling TLS v1.3 by default + +Fixes: SWLINUX-3331 +--- + wpa_supplicant/defconfig_base | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/wpa_supplicant/defconfig_base b/wpa_supplicant/defconfig_base +index bfaed5d91..59aeae69c 100644 +--- a/wpa_supplicant/defconfig_base ++++ b/wpa_supplicant/defconfig_base +@@ -103,6 +103,9 @@ CONFIG_EAP_MSCHAPV2=y + + # EAP-TLS + CONFIG_EAP_TLS=y ++# Enable EAP-TLSv1.3 support by default (currently disabled unless explicitly ++# enabled in network configuration) ++CONFIG_EAP_TLSV1_3=y + + # EAL-PEAP + CONFIG_EAP_PEAP=y +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0052-Disable-4-way-handshake-offload-for-DPP.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0052-Disable-4-way-handshake-offload-for-DPP.patch new file mode 100644 index 000000000..14df86fa1 --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0052-Disable-4-way-handshake-offload-for-DPP.patch @@ -0,0 +1,31 @@ +From e533a201ebe00eb208509117b3b69b3e58f34633 Mon Sep 17 00:00:00 2001 +From: avishad verma +Date: Tue, 7 Mar 2023 04:44:25 -0600 +Subject: [PATCH 52/60] Disable 4-way handshake offload for DPP + +H1 combo is using internal supplicant and 4-way handshake is offloaded +to firmware for softap mode. +For DPP Softap role external supplicant will be used. + +Signed-off-by: avishad verma +--- + src/ap/wpa_auth_glue.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c +index c8dee2aef..7e3b8384f 100644 +--- a/src/ap/wpa_auth_glue.c ++++ b/src/ap/wpa_auth_glue.c +@@ -1529,6 +1529,9 @@ int hostapd_setup_wpa(struct hostapd_data *hapd) + !!(hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_PROT_RANGE_NEG); + + if (!hapd->conf->p2p && ++#ifdef CONFIG_DPP ++ (!(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP)) && ++#endif /* CONFIG_DPP */ + (hapd->iface->drv_flags2 & WPA_DRIVER_FLAGS2_4WAY_HANDSHAKE_AP_PSK)) + _conf.psk_4way_hs_offload = 1; + +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.patch new file mode 100644 index 000000000..62fb1ea47 --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.patch @@ -0,0 +1,382 @@ +From 54929427eb8af4affaf8017bc8d127cc7c629581 Mon Sep 17 00:00:00 2001 +From: Shelley Yang +Date: Wed, 29 Mar 2023 03:28:59 -0500 +Subject: [PATCH 53/60] non-upstream: WNM: wpa_cli wnm_maxilde command by IFX + vendorID + +1. set +before: wl wnm_maxidle 10 1 +after: wpa_cli wnm_maxidle period=10 option=1 +2. get +before: wl wnm_maxidle +after: wpa_cli wnm_maxidle + +Fixes: SWWLAN-145213 + +Signed-off-by: Shelley Yang +--- + src/common/ifx_vendor.h | 55 ++++++++++++++++++ + src/drivers/driver.h | 7 +++ + src/drivers/driver_nl80211.c | 92 +++++++++++++++++++++++++++++++ + src/drivers/driver_nl80211.h | 1 + + src/drivers/driver_nl80211_capa.c | 3 + + wpa_supplicant/ctrl_iface.c | 56 +++++++++++++++++++ + wpa_supplicant/driver_i.h | 8 +++ + wpa_supplicant/wpa_cli.c | 10 ++++ + 8 files changed, 232 insertions(+) + +diff --git a/src/common/ifx_vendor.h b/src/common/ifx_vendor.h +index 6cd3b874c..2fed69ca6 100644 +--- a/src/common/ifx_vendor.h ++++ b/src/common/ifx_vendor.h +@@ -78,6 +78,7 @@ enum ifx_nl80211_vendor_subcmds { + IFX_VENDOR_SCMD_TWT = 14, + /* Reserved 15-17 */ + IFX_VENDOR_SCMD_MBO = 18, ++ IFX_VENDOR_SCMD_WNM = 25, + IFX_VENDOR_SCMD_MAX + }; + +@@ -312,4 +313,58 @@ enum ifx_vendor_attr_mbo_param { + IFX_VENDOR_ATTR_MBO_PARAM_MAX + }; + ++enum ifx_vendor_attr_wnm { ++ IFX_VENDOR_ATTR_WNM_UNSPEC, ++ IFX_VENDOR_ATTR_WNM_CMD, ++ IFX_VENDOR_ATTR_WNM_PARAMS, ++ IFX_VENDOR_ATTR_WNM_MAX ++}; ++ ++enum ifx_wnm_config_cmd_type { ++ IFX_WNM_CONFIG_CMD_TYPE_INVALID = -1, ++ //align internal definition ++ IFX_WNM_CONFIG_CMD_IOV_WNM = 1, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_MAXIDLE = 2, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TIMBC_OFFSET = 3, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_URL = 4, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_REQ = 5, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_TCLASTYPE = 6, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_PARP_DISCARD = 7, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_PARP_ALLNODE = 8, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TIMBC_SET = 9, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TIMBC_STATUS = 10, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_SET = 11, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_TERM = 12, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_SERVICE_TERM = 13, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_SLEEP_INTV = 14, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_SLEEP_MODE = 15, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_QUERY = 16, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_RESP = 17, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TCLAS_ADD = 18, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TCLAS_DEL = 19, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TCLAS_LIST = 20, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_STATUS = 21, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_KEEPALIVES_MAX_IDLE = 22, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_PM_IGNORE_BCMC = 23, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_DMS_DEPENDENCY = 24, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_ROAMTHROTTLE = 25, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_SET = 26, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_TERM = 27, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_TFS_STATUS = 28, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BTQ_NBR_ADD = 29, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BTQ_NBR_DEL = 30, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BTQ_NBR_LIST = 31, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_BSSTRANS_RSSI_RATE_MAP = 32, ++ IFX_WNM_CONFIG_CMD_IOV_WNM_KEEPALIVE_PKT_TYPE = 33, ++ IFX_WNM_CONFIG_CMD_TYPE_MAX ++}; ++ ++enum ifx_vendor_attr_wnm_maxidle_param { ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_UNSPEC, ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_GET_INFO, ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_IDLE_PERIOD, ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_PROTECTION_OPT, ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_MAX ++}; ++ + #endif /* IFX_VENDOR_H */ +diff --git a/src/drivers/driver.h b/src/drivers/driver.h +index 996614ee5..d75abbd5e 100644 +--- a/src/drivers/driver.h ++++ b/src/drivers/driver.h +@@ -2598,6 +2598,12 @@ struct drv_config_mbo_params { + } cellular_pref; + } u; + }; ++ ++struct drv_maxidle_wnm_params { ++ u8 get_info; ++ int period; ++ int protect; ++}; + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + struct wpa_bss_trans_info { +@@ -4727,6 +4733,7 @@ struct wpa_driver_ops { + int (*teardown_twt)(void *priv, struct drv_teardown_twt_params *params); + #endif /* CONFIG_TWT_OFFLOAD_IFX */ + int (*config_mbo)(void *priv, struct drv_config_mbo_params *params); ++ int (*maxidle_wnm)(void *priv, struct drv_maxidle_wnm_params *params); + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + }; +diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c +index 506b1e406..ed7c969c1 100644 +--- a/src/drivers/driver_nl80211.c ++++ b/src/drivers/driver_nl80211.c +@@ -12613,6 +12613,97 @@ fail: + nlmsg_free(msg); + return ret; + } ++ ++static int wpa_driver_nl80211_maxidle_wnm_reply_handler(struct nl_msg *msg, void *arg) ++{ ++ struct nlattr *tb_msg[NL80211_ATTR_MAX + 1]; ++ struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); ++ char *buf = arg; ++ char *data; ++ int len; ++ ++ wpa_printf(MSG_INFO, "nl80211: maxidle_wnm command reply handler"); ++ ++ nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), ++ genlmsg_attrlen(gnlh, 0), NULL); ++ ++ if (tb_msg[NL80211_ATTR_VENDOR_DATA]) { ++ data = (char *)((char *)tb_msg[NL80211_ATTR_VENDOR_DATA] + GENL_HDRLEN); ++ len = nla_len(tb_msg[NL80211_ATTR_VENDOR_DATA]); ++ os_memcpy(buf, data, len); ++ } ++ return NL_SKIP; ++} ++ ++static int wpa_driver_nl80211_config_maxidle_wnm(void *priv, struct drv_maxidle_wnm_params *params) ++{ ++ struct i802_bss *bss = priv; ++ struct wpa_driver_nl80211_data *drv = bss->drv; ++ struct nl_msg *msg = NULL; ++ struct nlattr *data, *wnm_param_attrs; ++ int ret = -1, get_period = 0; ++ ++ if (!drv->ifx_wnm_offload) ++ goto fail; ++ ++ if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) || ++ nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_IFX) || ++ nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD, IFX_VENDOR_SCMD_WNM)) ++ goto fail; ++ ++ data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); ++ if (!data) ++ goto fail; ++ ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_CMD, IFX_WNM_CONFIG_CMD_IOV_WNM_MAXIDLE)) ++ goto fail; ++ ++ wnm_param_attrs = nla_nest_start(msg, IFX_VENDOR_ATTR_WNM_PARAMS); ++ if (!wnm_param_attrs) ++ goto fail; ++ ++ if (params->get_info) { ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_GET_INFO, ++ params->get_info)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: WNM config: build msg ATTR:%d failed", ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_GET_INFO); ++ goto fail; ++ } ++ } else { ++ if (nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_IDLE_PERIOD, ++ params->period) || ++ nla_put_u8(msg, IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_PROTECTION_OPT, ++ params->protect)) { ++ wpa_printf(MSG_ERROR, ++ "nl80211: WNM config: build ATTR:%d %d failed", ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_IDLE_PERIOD, ++ IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_PROTECTION_OPT); ++ goto fail; ++ } ++ } ++ nla_nest_end(msg, wnm_param_attrs); ++ nla_nest_end(msg, data); ++ ++ if (params->get_info) ++ ret = send_and_recv_msgs(drv, msg, wpa_driver_nl80211_maxidle_wnm_reply_handler, ++ &get_period, NULL, NULL); ++ else ++ ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); ++ ++ if (ret) ++ wpa_printf(MSG_ERROR, "nl80211: WNM maxidle: Failed to invoke driver %s", ++ strerror(-ret)); ++ else ++ if (params->get_info) ++ params->period = get_period; ++ ++ return ret; ++fail: ++ nl80211_nlmsg_clear(msg); ++ nlmsg_free(msg); ++ return ret; ++} + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + const struct wpa_driver_ops wpa_driver_nl80211_ops = { +@@ -12765,5 +12856,6 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = { + .teardown_twt = wpa_driver_nl80211_teardown_twt, + #endif /* CONFIG_TWT_OFFLOAD_IFX */ + .config_mbo = wpa_driver_nl80211_config_mbo, ++ .maxidle_wnm = wpa_driver_nl80211_config_maxidle_wnm, + #endif /* CONFIG_DRIVER_NL80211_IFX */ + }; +diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h +index 6d2c09477..6d9945c88 100644 +--- a/src/drivers/driver_nl80211.h ++++ b/src/drivers/driver_nl80211.h +@@ -183,6 +183,7 @@ struct wpa_driver_nl80211_data { + #ifdef CONFIG_DRIVER_NL80211_IFX + unsigned int ifx_twt_offload:1; + unsigned int ifx_mbo_offload:1; ++ unsigned int ifx_wnm_offload:1; + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + u64 vendor_scan_cookie; +diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c +index b0807a7fc..21b9c03ff 100644 +--- a/src/drivers/driver_nl80211_capa.c ++++ b/src/drivers/driver_nl80211_capa.c +@@ -1062,6 +1062,9 @@ static int wiphy_info_handler(struct nl_msg *msg, void *arg) + case IFX_VENDOR_SCMD_MBO: + drv->ifx_mbo_offload = 1; + break; ++ case IFX_VENDOR_SCMD_WNM: ++ drv->ifx_wnm_offload = 1; ++ break; + } + #endif /* CONFIG_DRIVER_NL80211_IFX */ + } +diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c +index 9f0149a20..d07fdb0a9 100644 +--- a/wpa_supplicant/ctrl_iface.c ++++ b/wpa_supplicant/ctrl_iface.c +@@ -10337,6 +10337,58 @@ static int wpas_ctrl_iface_send_mbo_config(struct wpa_supplicant *wpa_s, + enable_cell_pref, cell_pref_val, + cell_cap); + } ++ ++static int wpas_ctrl_iface_send_wnm_maxidle(struct wpa_supplicant *wpa_s, ++ const char *cmd, char *reply, int reply_size) ++{ ++ u8 params_check = 0; ++ int period = 0, option = 0, ret = 0; ++ const char *tok_s; ++ struct drv_maxidle_wnm_params params; ++ char *pos, *end; ++ ++ pos = reply; ++ end = pos + reply_size; ++ os_memset(¶ms, 0, sizeof(struct drv_maxidle_wnm_params)); ++ ++ if (cmd) { ++ tok_s = os_strstr(cmd, " period="); ++ if (tok_s) { ++ period = atoi(tok_s + os_strlen(" period=")); ++ params_check |= BIT(IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_IDLE_PERIOD); ++ } ++ ++ tok_s = os_strstr(cmd, " option="); ++ if (tok_s) { ++ option = atoi(tok_s + os_strlen(" option=")); ++ params_check |= BIT(IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_PROTECTION_OPT); ++ } ++ ++ if (params_check & BIT(IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_IDLE_PERIOD) && ++ params_check & BIT(IFX_VENDOR_ATTR_WNM_MAXIDLE_PARAM_PROTECTION_OPT)) { ++ params.period = period; ++ params.protect = option; ++ params.get_info = false; ++ } else { ++ wpa_printf(MSG_ERROR, "set wnm_maxidle parameters not full(%02x).\n", ++ params_check); ++ ret = -EINVAL; ++ goto fail; ++ } ++ } else { ++ params.get_info = true; ++ wpa_printf(MSG_DEBUG, "get wnm_maxidle parameters\n"); ++ } ++ ret = wpa_drv_maxidle_wnm(wpa_s, ¶ms); ++ if (cmd == NULL && !ret) { ++ ret = os_snprintf(pos, end - pos, "BSS Max Idle Period: %d\n", params.period); ++ if (os_snprintf_error(end - pos, ret)) ++ return pos - reply; ++ } ++ ++fail: ++ return ret; ++} + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + static int wpas_ctrl_vendor_elem_add(struct wpa_supplicant *wpa_s, char *cmd) +@@ -12463,6 +12515,10 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, + } else if (os_strncmp(buf, "MBO ", 4) == 0) { + if (wpas_ctrl_iface_send_mbo_config(wpa_s, buf + 3)) + reply_len = -1; ++ } else if (os_strncmp(buf, "WNM_MAXIDLE ", 12) == 0) { ++ reply_len = wpas_ctrl_iface_send_wnm_maxidle(wpa_s, buf + 11, reply, reply_size); ++ } else if (os_strcmp(buf, "WNM_MAXIDLE") == 0) { ++ reply_len = wpas_ctrl_iface_send_wnm_maxidle(wpa_s, NULL, reply, reply_size); + #endif /* CONFIG_DRIVER_NL80211_IFX */ + } else if (os_strncmp(buf, "TWT_TEARDOWN ", 13) == 0) { + if (wpas_ctrl_iface_send_twt_teardown(wpa_s, buf + 12)) +diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h +index 2fcfa44a6..fa11f72aa 100644 +--- a/wpa_supplicant/driver_i.h ++++ b/wpa_supplicant/driver_i.h +@@ -1153,6 +1153,14 @@ static inline int wpa_drv_config_mbo(struct wpa_supplicant *wpa_s, + return -1; + return wpa_s->driver->config_mbo(wpa_s->drv_priv, params); + } ++ ++static inline int wpa_drv_maxidle_wnm(struct wpa_supplicant *wpa_s, ++ struct drv_maxidle_wnm_params *params) ++{ ++ if (!wpa_s->driver->maxidle_wnm) ++ return -1; ++ return wpa_s->driver->maxidle_wnm(wpa_s->drv_priv, params); ++} + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + #endif /* DRIVER_I_H */ +diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c +index 3055417fe..8119d0865 100644 +--- a/wpa_supplicant/wpa_cli.c ++++ b/wpa_supplicant/wpa_cli.c +@@ -2963,6 +2963,12 @@ static int wpa_cli_cmd_mbo_config(struct wpa_ctrl *ctrl, int argc, + { + return wpa_cli_cmd(ctrl, "MBO", 0, argc, argv); + } ++ ++static int wpa_cli_cmd_wnm_maxidle(struct wpa_ctrl *ctrl, int argc, ++ char *argv[]) ++{ ++ return wpa_cli_cmd(ctrl, "WNM_MAXIDLE", 0, argc, argv); ++} + #endif /* CONFIG_DRIVER_NL80211_IFX */ + + +@@ -3896,6 +3902,10 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = { + wpa_cli_cmd_mbo_config, NULL, cli_cmd_flag_none, + "[flags=] = Send TWT Teardown frame" + }, ++ { "wnm_maxidle", ++ wpa_cli_cmd_wnm_maxidle, NULL, cli_cmd_flag_none, ++ "[period=] [option=]" ++ }, + #endif/* CONFIG_DRIVER_NL80211_IFX */ + { "erp_flush", wpa_cli_cmd_erp_flush, NULL, cli_cmd_flag_none, + "= flush ERP keys" }, +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch new file mode 100644 index 000000000..0e0400b14 --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch @@ -0,0 +1,170 @@ +From b3165e0a92a3090a99ef396e77fa90b7e61d6558 Mon Sep 17 00:00:00 2001 +From: Carter Chen +Date: Wed, 3 May 2023 21:13:26 -0500 +Subject: [PATCH 54/60] brcmfmac: sync content of nl80211_copy.h for BSS_COLOR + attributes + +sync the nl80211.h as of 0d2ab3aea in brcm80211 + +Signed-off-by: Carter Chen +--- + src/drivers/driver_nl80211_event.c | 5 +++ + src/drivers/nl80211_copy.h | 56 ++++++++++++++++++++++++++++-- + 2 files changed, 59 insertions(+), 2 deletions(-) + +diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c +index fe91fff90..d3cb8d882 100644 +--- a/src/drivers/driver_nl80211_event.c ++++ b/src/drivers/driver_nl80211_event.c +@@ -172,6 +172,11 @@ static const char * nl80211_command_to_string(enum nl80211_commands cmd) + C2S(NL80211_CMD_UNPROT_BEACON) + C2S(NL80211_CMD_CONTROL_PORT_FRAME_TX_STATUS) + C2S(NL80211_CMD_SET_SAR_SPECS) ++ C2S(NL80211_CMD_OBSS_COLOR_COLLISION) ++ C2S(NL80211_CMD_COLOR_CHANGE_REQUEST) ++ C2S(NL80211_CMD_COLOR_CHANGE_STARTED) ++ C2S(NL80211_CMD_COLOR_CHANGE_ABORTED) ++ C2S(NL80211_CMD_COLOR_CHANGE_COMPLETED) + C2S(__NL80211_CMD_AFTER_LAST) + } + #undef C2S +diff --git a/src/drivers/nl80211_copy.h b/src/drivers/nl80211_copy.h +index db5b1503d..ee80ae025 100644 +--- a/src/drivers/nl80211_copy.h ++++ b/src/drivers/nl80211_copy.h +@@ -11,7 +11,7 @@ + * Copyright 2008 Jouni Malinen + * Copyright 2008 Colin McCabe + * Copyright 2015-2017 Intel Deutschland GmbH +- * Copyright (C) 2018-2020 Intel Corporation ++ * Copyright (C) 2018-2021 Intel Corporation + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above +@@ -1185,6 +1185,21 @@ + * passed using %NL80211_ATTR_SAR_SPEC. %NL80211_ATTR_WIPHY is used to + * specify the wiphy index to be applied to. + * ++ * @NL80211_CMD_OBSS_COLOR_COLLISION: This notification is sent out whenever ++ * mac80211/drv detects a bss color collision. ++ * ++ * @NL80211_CMD_COLOR_CHANGE_REQUEST: This command is used to indicate that ++ * userspace wants to change the BSS color. ++ * ++ * @NL80211_CMD_COLOR_CHANGE_STARTED: Notify userland, that a color change has ++ * started ++ * ++ * @NL80211_CMD_COLOR_CHANGE_ABORTED: Notify userland, that the color change has ++ * been aborted ++ * ++ * @NL80211_CMD_COLOR_CHANGE_COMPLETED: Notify userland that the color change ++ * has completed ++ * + * @NL80211_CMD_MAX: highest used command number + * @__NL80211_CMD_AFTER_LAST: internal use + */ +@@ -1417,6 +1432,14 @@ enum nl80211_commands { + + NL80211_CMD_SET_SAR_SPECS, + ++ NL80211_CMD_OBSS_COLOR_COLLISION, ++ ++ NL80211_CMD_COLOR_CHANGE_REQUEST, ++ ++ NL80211_CMD_COLOR_CHANGE_STARTED, ++ NL80211_CMD_COLOR_CHANGE_ABORTED, ++ NL80211_CMD_COLOR_CHANGE_COMPLETED, ++ + /* add new commands above here */ + + /* used to define NL80211_CMD_MAX below */ +@@ -2403,7 +2426,10 @@ enum nl80211_commands { + * in %NL80211_CMD_CONNECT to indicate that for 802.1X authentication it + * wants to use the supported offload of the 4-way handshake. + * @NL80211_ATTR_PMKR0_NAME: PMK-R0 Name for offloaded FT. +- * @NL80211_ATTR_PORT_AUTHORIZED: (reserved) ++ * @NL80211_ATTR_PORT_AUTHORIZED: flag attribute used in %NL80211_CMD_ROAMED ++ * notification indicating that that 802.1X authentication was done by ++ * the driver or is not needed (because roaming used the Fast Transition ++ * protocol). + * + * @NL80211_ATTR_EXTERNAL_AUTH_ACTION: Identify the requested external + * authentication operation (u32 attribute with an +@@ -2560,6 +2586,16 @@ enum nl80211_commands { + * disassoc events to indicate that an immediate reconnect to the AP + * is desired. + * ++ * @NL80211_ATTR_OBSS_COLOR_BITMAP: bitmap of the u64 BSS colors for the ++ * %NL80211_CMD_OBSS_COLOR_COLLISION event. ++ * ++ * @NL80211_ATTR_COLOR_CHANGE_COUNT: u8 attribute specifying the number of TBTT's ++ * until the color switch event. ++ * @NL80211_ATTR_COLOR_CHANGE_COLOR: u8 attribute specifying the color that we are ++ * switching to ++ * @NL80211_ATTR_COLOR_CHANGE_ELEMS: Nested set of attributes containing the IE ++ * information for the time while performing a color switch. ++ * + * @NUM_NL80211_ATTR: total number of nl80211_attrs available + * @NL80211_ATTR_MAX: highest attribute number currently defined + * @__NL80211_ATTR_AFTER_LAST: internal use +@@ -3057,6 +3093,12 @@ enum nl80211_attrs { + + NL80211_ATTR_DISABLE_HE, + ++ NL80211_ATTR_OBSS_COLOR_BITMAP, ++ ++ NL80211_ATTR_COLOR_CHANGE_COUNT, ++ NL80211_ATTR_COLOR_CHANGE_COLOR, ++ NL80211_ATTR_COLOR_CHANGE_ELEMS, ++ + /* add attributes here, update the policy in nl80211.c */ + + __NL80211_ATTR_AFTER_LAST, +@@ -3654,6 +3696,8 @@ enum nl80211_mpath_info { + * defined + * @NL80211_BAND_IFTYPE_ATTR_HE_6GHZ_CAPA: HE 6GHz band capabilities (__le16), + * given for all 6 GHz band channels ++ * @NL80211_BAND_IFTYPE_ATTR_VENDOR_ELEMS: vendor element capabilities that are ++ * advertised on this band/for this iftype (binary) + * @__NL80211_BAND_IFTYPE_ATTR_AFTER_LAST: internal use + */ + enum nl80211_band_iftype_attr { +@@ -3665,6 +3709,7 @@ enum nl80211_band_iftype_attr { + NL80211_BAND_IFTYPE_ATTR_HE_CAP_MCS_SET, + NL80211_BAND_IFTYPE_ATTR_HE_CAP_PPE, + NL80211_BAND_IFTYPE_ATTR_HE_6GHZ_CAPA, ++ NL80211_BAND_IFTYPE_ATTR_VENDOR_ELEMS, + + /* keep last */ + __NL80211_BAND_IFTYPE_ATTR_AFTER_LAST, +@@ -5950,6 +5995,9 @@ enum nl80211_feature_flags { + * frame protection for all management frames exchanged during the + * negotiation and range measurement procedure. + * ++ * @NL80211_EXT_FEATURE_BSS_COLOR: The driver supports BSS color collision ++ * detection and change announcemnts. ++ * + * @NUM_NL80211_EXT_FEATURES: number of extended features. + * @MAX_NL80211_EXT_FEATURES: highest extended feature index. + */ +@@ -6914,6 +6962,9 @@ enum nl80211_peer_measurement_ftm_capa { + * @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK: negotiate for LMR feedback. Only + * valid if either %NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED or + * %NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED is set. ++ * @NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR: optional. The BSS color of the ++ * responder. Only valid if %NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED ++ * or %NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED is set. + * + * @NUM_NL80211_PMSR_FTM_REQ_ATTR: internal + * @NL80211_PMSR_FTM_REQ_ATTR_MAX: highest attribute number +@@ -6933,6 +6984,7 @@ enum nl80211_peer_measurement_ftm_req { + NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED, + NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED, + NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK, ++ NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR, + + /* keep last */ + NUM_NL80211_PMSR_FTM_REQ_ATTR, +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch new file mode 100644 index 000000000..90ac1dd4f --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch @@ -0,0 +1,37 @@ +From 2d7ff191ddcea8740b6fb48094b87de12150c88f Mon Sep 17 00:00:00 2001 +From: Carter Chen +Date: Wed, 3 May 2023 20:43:09 -0500 +Subject: [PATCH 55/60] WPA3-SAE: enable nl_connect socket while + WPA_DRIVER_FLAGS_BSS_SELECTION + +The driver-base roaming uses WPA_DRIVER_FLAGS_BSS_SELECTION flag. + +As the SAE is handled by wpa_supplicant, +the driver will report send_req of auth req frame. + +WPA3-CERT 5.8.3 connects to PSK AP first, then roaming to SAE AP. +the nl_connect needs to keep opening to listen the event for process +auth frames. + +Fixes: SWLINUX-3420 + +Signed-off-by: Carter Chen +--- + src/drivers/driver_nl80211.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c +index ed7c969c1..55b4d07dc 100644 +--- a/src/drivers/driver_nl80211.c ++++ b/src/drivers/driver_nl80211.c +@@ -557,6 +557,7 @@ send_and_recv_msgs_connect_handle(struct wpa_driver_nl80211_data *drv, + struct nl_sock * get_connect_handle(struct i802_bss *bss) + { + if ((bss->drv->capa.flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX) || ++ (bss->drv->capa.flags & WPA_DRIVER_FLAGS_BSS_SELECTION) || + bss->use_nl_connect) + return bss->nl_connect; + +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch new file mode 100644 index 000000000..b7e0c451f --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch @@ -0,0 +1,31 @@ +From 8a905fcddca5936ba8873c7f0dacab7188dc6eac Mon Sep 17 00:00:00 2001 +From: Carter Chen +Date: Mon, 17 Jul 2023 22:31:46 -0500 +Subject: [PATCH 56/60] OWE AP: enable OWE compile option for hostapd executing + OWE + +Enabling OWE compile option + +Fixes: SWLINUX-3620 + +Signed-off-by: Carter Chen +--- + hostapd/defconfig_base | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hostapd/defconfig_base b/hostapd/defconfig_base +index 16e8c645a..571ab6eda 100644 +--- a/hostapd/defconfig_base ++++ b/hostapd/defconfig_base +@@ -374,7 +374,7 @@ CONFIG_WPA_CLI_EDIT=y + + # Opportunistic Wireless Encryption (OWE) + # Experimental implementation of draft-harkins-owe-07.txt +-#CONFIG_OWE=y ++CONFIG_OWE=y + + # Airtime policy support + #CONFIG_AIRTIME_POLICY=y +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch new file mode 100644 index 000000000..dc1d7eecf --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch @@ -0,0 +1,232 @@ +From 8a6154044994dbeac362d76bbe5822612af64067 Mon Sep 17 00:00:00 2001 +From: "Lin Ian (IFTW CSS ICW SW WFS 1)" +Date: Mon, 16 Oct 2023 09:18:19 +0000 +Subject: [PATCH 57/60] DPP2.0: support DPP2.0 and add pfs init flow on + EVENT_UPDATE_DH + +--- + hostapd/defconfig_base | 1 + + src/ap/drv_callbacks.c | 55 ++++++++++++++++----------- + src/ap/ieee802_11.c | 70 ++++++++++++++++++++++++++++++++++- + src/ap/ieee802_11.h | 3 ++ + wpa_supplicant/defconfig_base | 1 + + 5 files changed, 107 insertions(+), 23 deletions(-) + +diff --git a/hostapd/defconfig_base b/hostapd/defconfig_base +index 571ab6eda..eae36af0b 100644 +--- a/hostapd/defconfig_base ++++ b/hostapd/defconfig_base +@@ -406,3 +406,4 @@ CONFIG_WPA3_SAE_AUTH_EARLY_SET=y + + # Device Provisioning Protocol (DPP) + CONFIG_DPP=y ++CONFIG_DPP2=y +diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c +index a50e6f2af..989ba735d 100644 +--- a/src/ap/drv_callbacks.c ++++ b/src/ap/drv_callbacks.c +@@ -648,13 +648,12 @@ skip_wpa_check: + #endif /* CONFIG_OWE */ + + #ifdef CONFIG_DPP2 +- dpp_pfs_free(sta->dpp_pfs); +- sta->dpp_pfs = NULL; ++ if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) && ++ hapd->conf->dpp_netaccesskey && sta->wpa_sm && ++ wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP && ++ elems.owe_dh) { + +- if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) && +- hapd->conf->dpp_netaccesskey && sta->wpa_sm && +- wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP && +- elems.owe_dh) { ++ if (!sta->dpp_pfs) { + sta->dpp_pfs = dpp_pfs_init( + wpabuf_head(hapd->conf->dpp_netaccesskey), + wpabuf_len(hapd->conf->dpp_netaccesskey)); +@@ -664,19 +663,20 @@ skip_wpa_check: + /* Try to continue without PFS */ + goto pfs_fail; + } ++ } + +- if (dpp_pfs_process(sta->dpp_pfs, elems.owe_dh, +- elems.owe_dh_len) < 0) { +- dpp_pfs_free(sta->dpp_pfs); +- sta->dpp_pfs = NULL; +- reason = WLAN_REASON_UNSPECIFIED; +- goto fail; +- } ++ if (dpp_pfs_process(sta->dpp_pfs, elems.owe_dh, ++ elems.owe_dh_len) < 0) { ++ dpp_pfs_free(sta->dpp_pfs); ++ sta->dpp_pfs = NULL; ++ reason = WLAN_REASON_UNSPECIFIED; ++ goto fail; + } ++ } + +- wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ? +- sta->dpp_pfs->secret : NULL); +- pfs_fail: ++ wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ? ++ sta->dpp_pfs->secret : NULL); ++pfs_fail: + #endif /* CONFIG_DPP2 */ + + if (elems.rrm_enabled && +@@ -1792,8 +1792,9 @@ static int hostapd_notif_update_dh_ie(struct hostapd_data *hapd, + wpa_printf(MSG_DEBUG, "OWE: Peer unknown"); + return -1; + } +- if (!(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE)) { +- wpa_printf(MSG_DEBUG, "OWE: No OWE AKM configured"); ++ if (!(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && ++ !(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP)) { ++ wpa_printf(MSG_DEBUG, "OWE/DPP: No OWE/DPP AKM configured"); + status = WLAN_STATUS_AKMP_NOT_VALID; + goto err; + } +@@ -1828,9 +1829,21 @@ static int hostapd_notif_update_dh_ie(struct hostapd_data *hapd, + } + sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS | WLAN_STA_WPS2); + +- status = owe_process_rsn_ie(hapd, sta, elems.rsn_ie, +- elems.rsn_ie_len, elems.owe_dh, +- elems.owe_dh_len); ++#ifdef CONFIG_DPP2 ++ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) { ++ if (hapd->conf->dpp_netaccesskey && elems.owe_dh) ++ status = dpp_process_rsn_ie(hapd, sta, elems.rsn_ie, ++ elems.rsn_ie_len, elems.owe_dh, ++ elems.owe_dh_len); ++ else ++ status = WLAN_STATUS_UNSPECIFIED_FAILURE; ++ } else ++#endif /* CONFIG_DPP2 */ ++ { ++ status = owe_process_rsn_ie(hapd, sta, elems.rsn_ie, ++ elems.rsn_ie_len, elems.owe_dh, ++ elems.owe_dh_len); ++ } + if (status != WLAN_STATUS_SUCCESS) + ap_free_sta(hapd, sta); + +diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c +index c4f7d00cc..564815381 100644 +--- a/src/ap/ieee802_11.c ++++ b/src/ap/ieee802_11.c +@@ -4348,9 +4348,10 @@ u16 owe_validate_request(struct hostapd_data *hapd, const u8 *peer, + wpa_hexdump(MSG_DEBUG, "RSNE", rsn_ie, rsn_ie_len); + return wpa_res_to_status_code(res); + } +- if (!(data.key_mgmt & WPA_KEY_MGMT_OWE)) { ++ if (!(data.key_mgmt & WPA_KEY_MGMT_OWE) && ++ !(data.key_mgmt & WPA_KEY_MGMT_DPP)) { + wpa_printf(MSG_DEBUG, +- "OWE: Unexpected key mgmt 0x%x from " MACSTR, ++ "OWE/DPP: Unexpected key mgmt 0x%x from " MACSTR, + (unsigned int) data.key_mgmt, MAC2STR(peer)); + return WLAN_STATUS_AKMP_NOT_VALID; + } +@@ -4444,6 +4445,71 @@ end: + + #endif /* CONFIG_OWE */ + ++#ifdef CONFIG_DPP2 ++u16 dpp_process_rsn_ie(struct hostapd_data *hapd, ++ struct sta_info *sta, ++ const u8 *rsn_ie, size_t rsn_ie_len, ++ const u8 *owe_dh, size_t owe_dh_len) ++{ ++ u16 status = WLAN_STATUS_SUCCESS; ++ u8 *owe_buf, ie[256 * 2]; ++ size_t ie_len = 0; ++ enum wpa_validate_result res; ++ ++ if (!rsn_ie || rsn_ie_len < 2) { ++ wpa_printf(MSG_DEBUG, "DPP: No RSNE in (Re)AssocReq"); ++ status = WLAN_STATUS_INVALID_IE; ++ goto end; ++ } ++ ++ if (!sta->wpa_sm) ++ sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, sta->addr, ++ NULL); ++ if (!sta->wpa_sm) { ++ wpa_printf(MSG_WARNING, ++ "DPP: Failed to initialize WPA state machine"); ++ status = WLAN_STATUS_UNSPECIFIED_FAILURE; ++ goto end; ++ } ++ rsn_ie -= 2; ++ rsn_ie_len += 2; ++ res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, ++ hapd->iface->freq, rsn_ie, rsn_ie_len, ++ NULL, 0, NULL, 0, owe_dh, owe_dh_len); ++ status = wpa_res_to_status_code(res); ++ if (status != WLAN_STATUS_SUCCESS) ++ goto end; ++ ++ owe_buf = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, ie, sizeof(ie), ++ NULL, 0); ++ if (!owe_buf) { ++ status = WLAN_STATUS_UNSPECIFIED_FAILURE; ++ goto end; ++ } ++ ++ dpp_pfs_free(sta->dpp_pfs); ++ sta->dpp_pfs = NULL; ++ sta->dpp_pfs = dpp_pfs_init( ++ wpabuf_head(hapd->conf->dpp_netaccesskey), ++ wpabuf_len(hapd->conf->dpp_netaccesskey)); ++ ++ if (!sta->dpp_pfs) { ++ wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS"); ++ status = WLAN_STATUS_UNSPECIFIED_FAILURE; ++ } else { ++ os_memcpy(owe_buf, wpabuf_head(sta->dpp_pfs->ie), wpabuf_len(sta->dpp_pfs->ie)); ++ ie_len = owe_buf - ie + wpabuf_len(sta->dpp_pfs->ie); ++ } ++end: ++ wpa_printf(MSG_DEBUG, "DPP: Update status %d, ie len %d for peer " ++ MACSTR, status, (unsigned int) ie_len, ++ MAC2STR(sta->addr)); ++ hostapd_drv_update_dh_ie(hapd, sta->addr, status, ++ status == WLAN_STATUS_SUCCESS ? ie : NULL, ++ ie_len); ++ return status; ++} ++#endif /* CONFIG_DPP2 */ + + static bool check_sa_query(struct hostapd_data *hapd, struct sta_info *sta, + int reassoc) +diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h +index c59ad5e38..3042b6bac 100644 +--- a/src/ap/ieee802_11.h ++++ b/src/ap/ieee802_11.h +@@ -171,6 +171,9 @@ u8 * owe_assoc_req_process(struct hostapd_data *hapd, struct sta_info *sta, + u16 owe_process_rsn_ie(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *rsn_ie, size_t rsn_ie_len, + const u8 *owe_dh, size_t owe_dh_len); ++u16 dpp_process_rsn_ie(struct hostapd_data *hapd, struct sta_info *sta, ++ const u8 *rsn_ie, size_t rsn_ie_len, ++ const u8 *owe_dh, size_t owe_dh_len); + u16 owe_validate_request(struct hostapd_data *hapd, const u8 *peer, + const u8 *rsn_ie, size_t rsn_ie_len, + const u8 *owe_dh, size_t owe_dh_len); +diff --git a/wpa_supplicant/defconfig_base b/wpa_supplicant/defconfig_base +index 59aeae69c..f34011d84 100644 +--- a/wpa_supplicant/defconfig_base ++++ b/wpa_supplicant/defconfig_base +@@ -617,6 +617,7 @@ CONFIG_OWE=y + + # Device Provisioning Protocol (DPP) + CONFIG_DPP=y ++CONFIG_DPP2=y + + # Wired equivalent privacy (WEP) + # WEP is an obsolete cryptographic data confidentiality algorithm that is not +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch new file mode 100644 index 000000000..3928c2cae --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch @@ -0,0 +1,31 @@ +From d449e4402e4981b8c5067aaab1db34cd73e40468 Mon Sep 17 00:00:00 2001 +From: "P Rakshith (CAE 1 A)" +Date: Fri, 20 Oct 2023 08:34:04 +0000 +Subject: [PATCH 58/60] non-upstream: Prevent invalid akm key mgmt when MFP + required is set + +--- + src/ap/ap_config.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c +index 86b6e097c..a7fd85018 100644 +--- a/src/ap/ap_config.c ++++ b/src/ap/ap_config.c +@@ -1432,6 +1432,13 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss, + } + #endif /* CONFIG_FILS */ + ++ if (full_config && (bss->ieee80211w == 2) && ++ (bss->wpa_key_mgmt == (WPA_KEY_MGMT_PSK_SHA256 | WPA_KEY_MGMT_PSK))) { ++ wpa_printf(MSG_ERROR, ++ "Cannot set ieee80211w=2 along with with the selected wpa_key_mgmt"); ++ return -1; ++ } ++ + return 0; + } + +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0059-Reset-authentication-and-encryption-parameters-while.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0059-Reset-authentication-and-encryption-parameters-while.patch new file mode 100644 index 000000000..88dbf9807 --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0059-Reset-authentication-and-encryption-parameters-while.patch @@ -0,0 +1,70 @@ +From 10a78d57f331333da8aba9be83f6cafbb7a6f382 Mon Sep 17 00:00:00 2001 +From: Ian Lin +Date: Sun, 22 Oct 2023 21:19:08 -0500 +Subject: [PATCH 59/60] Reset authentication and encryption parameters while + handling roam event + +While supplicant received NL80211_CMD_ROAM event and run EVENT_ASSOC flow, +it will not reset sm->pmk in wpa_supplicant_select_config since old and new SSID are the same. +It causes using wrong pmk when roaming from WPA3 to WPA2. +So add the flow to only reset sm->pmk while handling roam event. + +Signed-off-by: Ian Lin +--- + src/drivers/driver.h | 6 ++++++ + src/drivers/driver_nl80211_event.c | 1 + + wpa_supplicant/events.c | 9 +++++++++ + 3 files changed, 16 insertions(+) + +diff --git a/src/drivers/driver.h b/src/drivers/driver.h +index d75abbd5e..9ebb4b07f 100644 +--- a/src/drivers/driver.h ++++ b/src/drivers/driver.h +@@ -5546,6 +5546,12 @@ union wpa_event_data { + * fils_pmkid - PMKID used or generated in FILS authentication + */ + const u8 *fils_pmkid; ++ ++ /** ++ * roam_indication - Indicate it's a roam event ++ */ ++ bool roam_indication; ++ + } assoc_info; + + /** +diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c +index d3cb8d882..6ff74794c 100644 +--- a/src/drivers/driver_nl80211_event.c ++++ b/src/drivers/driver_nl80211_event.c +@@ -542,6 +542,7 @@ static void mlme_event_connect(struct wpa_driver_nl80211_data *drv, + wpa_ssid_txt(drv->ssid, + drv->ssid_len)); + } ++ event.assoc_info.roam_indication = 1; + } + } + if (resp_ie) { +diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c +index 975110b57..9abd197e7 100644 +--- a/wpa_supplicant/events.c ++++ b/wpa_supplicant/events.c +@@ -3326,6 +3326,15 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, + wpa_s, WLAN_REASON_DEAUTH_LEAVING); + return; + } ++ ++ if (data && data->assoc_info.roam_indication) { ++ if (wpa_s->current_ssid->psk_set) { ++ wpa_hexdump_key(MSG_MSGDUMP, "reset PMK from config", ++ wpa_s->current_ssid->psk, PMK_LEN); ++ wpa_sm_set_pmk(wpa_s->wpa, wpa_s->current_ssid->psk, PMK_LEN, NULL, ++ NULL); ++ } ++ } + } + + if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0060-brcmfmac-add-a-configurable-link_loss-parameter-for-.patch b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0060-brcmfmac-add-a-configurable-link_loss-parameter-for-.patch new file mode 100644 index 000000000..8db13a7fa --- /dev/null +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant/murata/0060-brcmfmac-add-a-configurable-link_loss-parameter-for-.patch @@ -0,0 +1,117 @@ +From 326cd433b6c98a757188ea84e383f58cd8be23f1 Mon Sep 17 00:00:00 2001 +From: Carter Chen +Date: Wed, 15 Nov 2023 21:09:55 -0600 +Subject: [PATCH 60/60] brcmfmac: add a configurable link_loss parameter for + bgscan modules + +add a parameter for make the 600 seconds hard coding link_loss threshold +become configurable. + +--- + wpa_supplicant/bgscan_learn.c | 16 +++++++++++++--- + wpa_supplicant/bgscan_simple.c | 16 +++++++++++++--- + 2 files changed, 26 insertions(+), 6 deletions(-) + +diff --git a/wpa_supplicant/bgscan_learn.c b/wpa_supplicant/bgscan_learn.c +index c872d8d35..8e35b6ae4 100644 +--- a/wpa_supplicant/bgscan_learn.c ++++ b/wpa_supplicant/bgscan_learn.c +@@ -42,6 +42,7 @@ struct bgscan_learn_data { + struct dl_list bss; + int *supp_freqs; + int probe_idx; ++ int link_loss_thresh_secs; + }; + + +@@ -350,6 +351,12 @@ static int bgscan_learn_get_params(struct bgscan_learn_data *data, + } + pos++; + data->long_interval = atoi(pos); ++ pos = os_strchr(pos, ':'); ++ if (pos) { ++ pos++; ++ data->link_loss_thresh_secs = atoi(pos); ++ } ++ + pos = os_strchr(pos, ':'); + if (pos) { + pos++; +@@ -420,10 +427,13 @@ static void * bgscan_learn_init(struct wpa_supplicant *wpa_s, + return NULL; + } + ++ if (data->link_loss_thresh_secs <= 0 || data->link_loss_thresh_secs >= 600) ++ data->link_loss_thresh_secs = 600; ++ + wpa_printf(MSG_DEBUG, "bgscan learn: Signal strength threshold %d " +- "Short bgscan interval %d Long bgscan interval %d", ++ "Short bgscan interval %d Long bgscan interval %d Link Lost threshold secs %d", + data->signal_threshold, data->short_interval, +- data->long_interval); ++ data->long_interval, data->link_loss_thresh_secs); + + if (data->signal_threshold && + wpa_drv_signal_monitor(wpa_s, data->signal_threshold, 4) < 0) { +@@ -571,7 +581,7 @@ static void bgscan_learn_notify_beacon_loss(void *priv) + wpa_printf(MSG_DEBUG, "bgscan learn: beacon loss"); + + wpa_printf(MSG_DEBUG, "bgscan learn: Start Link Loss timer"); +- eloop_register_timeout(BGSCAN_LEARN_LINK_LOSS_THRESH_SECS, ++ eloop_register_timeout(data->link_loss_thresh_secs, + 0, bgscan_learn_link_loss_timeout, data, NULL); + + wpa_printf(MSG_DEBUG, "bgscan learn: Flush all prev bss entries"); +diff --git a/wpa_supplicant/bgscan_simple.c b/wpa_supplicant/bgscan_simple.c +index bf9184e43..24e9f8658 100644 +--- a/wpa_supplicant/bgscan_simple.c ++++ b/wpa_supplicant/bgscan_simple.c +@@ -30,6 +30,7 @@ struct bgscan_simple_data { + int short_interval; /* use if signal < threshold */ + int long_interval; /* use if signal > threshold */ + struct os_reltime last_bgscan; ++ int link_loss_thresh_secs; + }; + + +@@ -111,6 +112,12 @@ static int bgscan_simple_get_params(struct bgscan_simple_data *data, + pos++; + data->long_interval = atoi(pos); + ++ pos = os_strchr(pos, ':'); ++ if (pos) { ++ pos++; ++ data->link_loss_thresh_secs = atoi(pos); ++ } ++ + return 0; + } + +@@ -135,10 +142,13 @@ static void * bgscan_simple_init(struct wpa_supplicant *wpa_s, + if (data->long_interval <= 0) + data->long_interval = 30; + ++ if (data->link_loss_thresh_secs <= 0 || data->link_loss_thresh_secs >= 600) ++ data->link_loss_thresh_secs = 600; ++ + wpa_printf(MSG_DEBUG, "bgscan simple: Signal strength threshold %d " +- "Short bgscan interval %d Long bgscan interval %d", ++ "Short bgscan interval %d Long bgscan interval %d Link Lost threshold secs %d", + data->signal_threshold, data->short_interval, +- data->long_interval); ++ data->long_interval, data->link_loss_thresh_secs); + + if (data->signal_threshold && + wpa_drv_signal_monitor(wpa_s, data->signal_threshold, 4) < 0) { +@@ -212,7 +222,7 @@ static void bgscan_simple_notify_beacon_loss(void *priv) + wpa_printf(MSG_DEBUG, "bgscan simple: beacon loss"); + + wpa_printf(MSG_DEBUG, "bgscan simple: Start Link Loss timer"); +- eloop_register_timeout(BGSCAN_SIMPLE_LINK_LOSS_THRESH_SECS, ++ eloop_register_timeout(data->link_loss_thresh_secs, + 0, bgscan_simple_link_loss_timeout, data, NULL); + + wpa_printf(MSG_DEBUG, "bgscan simple: Flush all prev bss entries"); +-- +2.17.1 + diff --git a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant_%.bbappend b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant_%.bbappend index 038bc5ab9..8a4f12433 100644 --- a/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant_%.bbappend +++ b/meta-digi-dey/recipes-connectivity/wpa-supplicant/wpa-supplicant_%.bbappend @@ -1,4 +1,4 @@ -# Copyright (C) 2013-2023 Digi International. +# Copyright (C) 2013-2024 Digi International Inc. FILESEXTRAPATHS:prepend := "${THISDIR}/${BPN}:" @@ -58,9 +58,20 @@ MURATA_COMMON_PATCHES = " \ file://murata/0044-Establish-a-Default-TWT-session-in-the-STA-after-ass.patch \ file://murata/0045-validate-the-TWT-parameters-exponent-and-mantissa-pa.patch \ file://murata/0046-Fix-for-station-sending-open-auth-instead-of-SAE-aut.patch \ - file://murata/0047-Fix-ROAMOFFLOAD-raises-portValid-too-early.patch \ - file://murata/0048-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch \ - file://murata/0049-non-upstream-p2p_add_group-command-unification.patch \ + file://murata/0047-Fix-associating-failed-when-PMK-lifetime-is-set-to-1.patch \ + file://murata/0048-non-upstream-p2p_add_group-command-unification.patch \ + file://murata/0049-non-upstream-MBO-wpa_cli-mbo-command-by-IFX-vendorID.patch \ + file://murata/0050-EAP-TLS-Allow-TLSv1.3-support-to-be-enabled-with-bui.patch \ + file://murata/0051-Enabling-TLS-v1.3-by-default.patch \ + file://murata/0052-Disable-4-way-handshake-offload-for-DPP.patch \ + file://murata/0053-non-upstream-WNM-wpa_cli-wnm_maxilde-command-by-IFX-.patch \ + file://murata/0054-brcmfmac-sync-content-of-nl80211_copy.h-for-BSS_COLO.patch \ + file://murata/0055-WPA3-SAE-enable-nl_connect-socket-while-WPA_DRIVER_F.patch \ + file://murata/0056-OWE-AP-enable-OWE-compile-option-for-hostapd-executi.patch \ + file://murata/0057-DPP2.0-support-DPP2.0-and-add-pfs-init-flow-on-EVENT.patch \ + file://murata/0058-non-upstream-Prevent-invalid-akm-key-mgmt-when-MFP-r.patch \ + file://murata/0059-Reset-authentication-and-encryption-parameters-while.patch \ + file://murata/0060-brcmfmac-add-a-configurable-link_loss-parameter-for-.patch \ " SRC_URI:append:ccimx6sbc = " file://wpa_supplicant_p2p.conf_atheros"