From patchwork Tue Aug 22 15:29:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13361085 Received: from mail-yw1-f173.google.com (mail-yw1-f173.google.com [209.85.128.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 326311CA14 for ; Tue, 22 Aug 2023 15:29:39 +0000 (UTC) Received: by mail-yw1-f173.google.com with SMTP id 00721157ae682-58d40c2debeso51765717b3.2 for ; Tue, 22 Aug 2023 08:29:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692718178; x=1693322978; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5mCmgO71zL3J90eG6tcMbRn9aHf6avy9jpnCHrt7Xvg=; b=iyjnt+22NV4Nb/W0aEcOgKgDfDwKBK83C7CAH3Fi/0HjuTmzQuVF5Zk1XUQ/GIkVe0 oSYU5ouPo+mbCiiW8cAwRyDkqMppG6TI9MpweBLMeCZ0H3VyHKJnmrYkSIjzGqIEhY53 zMnR3B9eGfke/EZm5yUtzohBwPB0FeFQ0Yg10SX3MyNzVSud3KDW2XuIxRcPJ6yExDyz 36FA6UhMH+mNCyjKyv87Hq63hU0iuWSG8+ixzYEh6YhW3NSEPbINnQ9KOiYr4XRPMjkK j4rpeX+XATADcOSyj81cLod1DGBTq/bk7ExxaRSqa5bP0d74iGBseqrZQqElHRhWN6EH WLPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692718178; x=1693322978; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5mCmgO71zL3J90eG6tcMbRn9aHf6avy9jpnCHrt7Xvg=; b=MyVdXk7v9aZpHRREBCSW6YsjwooWoIvJAsJbBj20u8iQkzUlOOdf6/zBicPJkqIhGk 48Q/sf8q2xzOs/i25dUci7rxgllGmR7pF43GyVCmBI6HzseZziL5F+SDhMhCcSvPv067 daOvYdtGzrRf611GcVyTqAhr9v6wVGZUa9HPKpiaSpWp0GZDT/wfOnd28+I0/Skrk1Jp AH2gN9BIlx8JM6XaixlyBXnNTasJSV9HkLGXUYC36zu7P5rVT/2p2T1Z+vP9PDoL4cMf LQCG+XK/A4d9bgfwVw4Mo2S9TTr3D8akfvCeQS7v4jgk+QZTpbOqeaArXy40DmwLXPzK zKkw== X-Gm-Message-State: AOJu0YyLHyHismXSIeKKNcUpNxQac8T/T3yPRAs9sEKHTJfgFZcwVfem GbF/97Ee6krctzqDa23Wobt/RLAyiFg= X-Google-Smtp-Source: AGHT+IHdofsiqoFon0PunHXtSgvxLFoO0bYnz55wQUrxKcoWiqp8jOKBEJfTGfkNGK0tFCUV5XYRXg== X-Received: by 2002:a81:6ed6:0:b0:589:8b56:15f with SMTP id j205-20020a816ed6000000b005898b56015fmr10105192ywc.24.1692718177864; Tue, 22 Aug 2023 08:29:37 -0700 (PDT) Received: from LOCLAP699.rst-01.locus (50-78-19-50-static.hfc.comcastbusiness.net. [50.78.19.50]) by smtp.gmail.com with ESMTPSA id j189-20020a816ec6000000b0058fafe95f98sm2108796ywc.114.2023.08.22.08.29.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 22 Aug 2023 08:29:37 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 1/3] ft: track FT auth/action response status Date: Tue, 22 Aug 2023 08:29:29 -0700 Message-Id: <20230822152931.276136-2-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230822152931.276136-1-prestwoj@gmail.com> References: <20230822152931.276136-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Certain return codes, though failures, can indicate that the AP is just confused or booting up and treating it as a full failure may not be the best route. For example in some production deployments if an AP is rebooted it may take some time for neighboring APs to exchange keys for current associations. If a client roams during that time it will reject saying the PMKID is invalid. Use the ft_associate call to relay this information to station to handle it rather than acting like there was no response. For now this is being hard coded to status=53, but more could be added, or the status itself could be returned if there are other specific status codes that need to be handled. --- src/ft.c | 37 ++++++++++++++++++++++++++++--------- 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/src/ft.c b/src/ft.c index c51a1288..8dfc1cb7 100644 --- a/src/ft.c +++ b/src/ft.c @@ -58,6 +58,7 @@ struct ft_info { uint32_t frequency; uint32_t ds_frequency; uint32_t offchannel_id; + uint16_t status; struct l_timeout *timeout; struct wiphy_radio_work_item work; @@ -155,6 +156,7 @@ static bool ft_parse_authentication_resp_frame(const uint8_t *data, size_t len, if (memcmp(data + 16, addr3, 6)) return false; + /* Check Authentication algorithm number is FT (2) */ if (l_get_le16(data + 24) != 2) return false; @@ -527,8 +529,6 @@ static int ft_over_ds_parse_action_response(const uint8_t *frame, return -EINVAL; status = l_get_le16(frame + 14); - if (status != 0) - return (int)status; if (spa_out) *spa_out = spa; @@ -541,7 +541,7 @@ static int ft_over_ds_parse_action_response(const uint8_t *frame, *ies_len = frame_len - 16; } - return 0; + return (int)status; } int __ft_rx_associate(uint32_t ifindex, const uint8_t *frame, size_t frame_len) @@ -825,7 +825,7 @@ void __ft_rx_action(uint32_t ifindex, const uint8_t *frame, size_t frame_len) ret = ft_over_ds_parse_action_response(frame, frame_len, &spa, &aa, &ies, &ies_len); - if (ret != 0) { + if (ret < 0) { l_debug("Could not parse action response"); return; } @@ -836,6 +836,14 @@ void __ft_rx_action(uint32_t ifindex, const uint8_t *frame, size_t frame_len) return; } + info->status = ret; + + if (info->status != 0) { + l_debug("BSS "MAC" rejected FT action with status=%u", + MAC_STR(info->aa), info->status); + goto done; + } + if (!ft_parse_ies(info, hs, ies, ies_len)) { l_debug("Could not parse action response IEs"); goto ft_error; @@ -843,6 +851,7 @@ void __ft_rx_action(uint32_t ifindex, const uint8_t *frame, size_t frame_len) info->parsed = true; +done: l_timeout_remove(info->timeout); info->timeout = NULL; @@ -872,6 +881,7 @@ static struct ft_info *ft_info_new(struct handshake_state *hs, target_bss->rsne[1] + 2); l_getrandom(info->snonce, 32); + info->status = 0xffff; return info; } @@ -998,7 +1008,6 @@ void __ft_rx_authenticate(uint32_t ifindex, const uint8_t *frame, struct netdev *netdev = netdev_find(ifindex); struct handshake_state *hs = netdev_get_handshake(netdev); struct ft_info *info; - uint16_t status; const uint8_t *ies; size_t ies_len; @@ -1008,14 +1017,14 @@ void __ft_rx_authenticate(uint32_t ifindex, const uint8_t *frame, if (!ft_parse_authentication_resp_frame(frame, frame_len, info->spa, info->aa, info->aa, 2, - &status, &ies, &ies_len)) { + &info->status, &ies, &ies_len)) { l_debug("Could not parse auth response"); return; } - if (status != 0) { + if (info->status != 0) { l_debug("BSS "MAC" rejected FT auth with status=%u", - MAC_STR(info->aa), status); + MAC_STR(info->aa), info->status); goto cancel; } @@ -1165,10 +1174,20 @@ int ft_associate(uint32_t ifindex, const uint8_t *addr) * attempt so clear out the entry so FT-over-Air can try again. */ if (!info->parsed) { + uint16_t status = info->status; + l_queue_remove(info_list, info); ft_info_destroy(info); - return -ENOENT; + /* + * The status may have been successful but the IEs were invalid, + * treat this the same as no response. + */ + if (status == 0xffff || status == 0) + return -ENOENT; + + /* If the AP rejected for some reason, relay this to station */ + return (int)status; } ft_prepare_handshake(info, hs); From patchwork Tue Aug 22 15:29:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13361086 Received: from mail-yw1-f181.google.com (mail-yw1-f181.google.com [209.85.128.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 69CDD1D319 for ; Tue, 22 Aug 2023 15:29:40 +0000 (UTC) Received: by mail-yw1-f181.google.com with SMTP id 00721157ae682-58d40c2debeso51765987b3.2 for ; Tue, 22 Aug 2023 08:29:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692718179; x=1693322979; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=pojhWahO9ORKZT2EB5xv1g2WbdABRaRCiXAO5Uh4gqo=; b=QC8n/MaaadpsfAGA1EubDgAzkjFUFWUD3qIi8Ps+F29EgFLP5RJmsZ6IzukAFxCzJj zobtxJxo/TugnShaA5rBIAtQwbvcsGIEC0NppL1JcgxxjPzr6inUFvwzLmW9Gc39gTvt MRjITaPZR8cDSZohqq1VmZrH7VJUA9Oeo++s2zL0kpQCzhfEZB1x6+1q7u79IuQAPARR K/tRLZKFW/8ofTeuQWs4p4T+IqG/EzLjDV8ZYyzw9ezcmHkvdyQXrIbp/vKuo7z78nwc SoKqKTwm2M/XjxmBVYUCsBkuNeL1/knsiTCfY1N/fkg/uNFbiG37zvC3eqlifzvLvb9I fgHg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692718179; x=1693322979; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pojhWahO9ORKZT2EB5xv1g2WbdABRaRCiXAO5Uh4gqo=; b=GmLjzKsm3sq6QUiK2hUI560cc1ocm1tqxWI/D623+bvZDYwkwr4zlP2BgySehbVdiz qtNux73Frq5u34zaP+pGztK+dYQjwD6ss5cr6edaOUlG8Z3nUqcJgzfEfs/AWKt28BU1 8MYzIdkm2VJEykGaV2gAnHD3Wk5OzyRFpW9bQIYtDwAYUNVgxhfBpoUg4t73ru52Lp7T 2QJVNiNSbjuQ6k4vCxG3w7NCNG+wcb9iyQfEgeKSkIYCwEvZymVkn16kIpUhAuRwjVt4 Vn/+dX8uxMr0IIIwDwkNGyoFBvPnWRoSDkojUfFywAi64xCC76yHntx4eLOXt8NQ9F6X Rp5Q== X-Gm-Message-State: AOJu0YxsEnb4dDaVHL54rGd6hdsmsz0jL5ozkDUU3uyqLzeTm0eC48oo uPxsyI8EbPDgGvZi5AE04z62unYlXUo= X-Google-Smtp-Source: AGHT+IEA98SFe7VLfAWPNU8mSPUfTzjmNUO+pmv9zB5TWDseSx8t2kr0XVkEqEN0yrLgX2TyPWzhsw== X-Received: by 2002:a81:6009:0:b0:582:5527:ddc with SMTP id u9-20020a816009000000b0058255270ddcmr9653786ywb.34.1692718179090; Tue, 22 Aug 2023 08:29:39 -0700 (PDT) Received: from LOCLAP699.rst-01.locus (50-78-19-50-static.hfc.comcastbusiness.net. [50.78.19.50]) by smtp.gmail.com with ESMTPSA id j189-20020a816ec6000000b0058fafe95f98sm2108796ywc.114.2023.08.22.08.29.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 22 Aug 2023 08:29:38 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 2/3] station: fall back to reassociation under certain FT failures Date: Tue, 22 Aug 2023 08:29:30 -0700 Message-Id: <20230822152931.276136-3-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230822152931.276136-1-prestwoj@gmail.com> References: <20230822152931.276136-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The auth/action status is now tracked in ft.c. If an AP rejects the FT attempt with "Invalid PMKID" we can now assume this AP is either mis-configured for FT or is lagging behind getting the proper keys from neighboring APs (e.g. was just rebooted). If we see this condition IWD can now fall back to reassociation in an attempt to still roam to the best candidate. The motivation behind this isn't necissarily to always force a roam, but instead to handle the case where there are no other BSS's around. Currently IWD can get into a situation where the current BSS link is very poor but the only cadidate is stuck in this state where its rejecting the PMKID. When this happens it eventually leads to a disconnect due to packet/beacon loss. Its a much better approach to at least try reassociation. --- src/station.c | 129 ++++++++++++++++++++++++++++++++------------------ 1 file changed, 82 insertions(+), 47 deletions(-) diff --git a/src/station.c b/src/station.c index 2473de2a..733b4196 100644 --- a/src/station.c +++ b/src/station.c @@ -147,15 +147,49 @@ struct roam_bss { uint8_t addr[6]; uint16_t rank; int32_t signal_strength; + bool reassoc: 1; }; -static struct roam_bss *roam_bss_from_scan_bss(const struct scan_bss *bss) +static bool station_can_fast_transition(struct handshake_state *hs, + const struct scan_bss *bss) +{ + uint16_t mdid; + + if (!hs->mde) + return false; + + if (ie_parse_mobility_domain_from_data(hs->mde, hs->mde[1] + 2, + &mdid, NULL, NULL) < 0) + return false; + + if (!(bss->mde_present && l_get_le16(bss->mde) == mdid)) + return false; + + if (hs->supplicant_ie != NULL) { + struct ie_rsn_info rsn_info; + + if (!IE_AKM_IS_FT(hs->akm_suite)) + return false; + + if (scan_bss_get_rsn_info(bss, &rsn_info) < 0) + return false; + + if (!IE_AKM_IS_FT(rsn_info.akm_suites)) + return false; + } + + return true; +} + +static struct roam_bss *roam_bss_from_scan_bss(struct handshake_state *hs, + const struct scan_bss *bss) { struct roam_bss *rbss = l_new(struct roam_bss, 1); memcpy(rbss->addr, bss->addr, 6); rbss->rank = bss->rank; rbss->signal_strength = bss->signal_strength; + rbss->reassoc = !station_can_fast_transition(hs, bss); return rbss; } @@ -1942,37 +1976,6 @@ static void station_early_neighbor_report_cb(struct netdev *netdev, int err, &station->roam_freqs); } -static bool station_can_fast_transition(struct handshake_state *hs, - struct scan_bss *bss) -{ - uint16_t mdid; - - if (!hs->mde) - return false; - - if (ie_parse_mobility_domain_from_data(hs->mde, hs->mde[1] + 2, - &mdid, NULL, NULL) < 0) - return false; - - if (!(bss->mde_present && l_get_le16(bss->mde) == mdid)) - return false; - - if (hs->supplicant_ie != NULL) { - struct ie_rsn_info rsn_info; - - if (!IE_AKM_IS_FT(hs->akm_suite)) - return false; - - if (scan_bss_get_rsn_info(bss, &rsn_info) < 0) - return false; - - if (!IE_AKM_IS_FT(rsn_info.akm_suites)) - return false; - } - - return true; -} - static void station_disconnect_on_error_cb(struct netdev *netdev, bool success, void *user_data) { @@ -2169,10 +2172,14 @@ static int station_transition_reassociate(struct station *station, if (ret < 0) return ret; + l_debug(""); + station->connected_bss = bss; station->preparing_roam = false; station_enter_state(station, STATION_STATE_ROAMING); + station_debug_event(station, "reassoc-roam"); + return 0; } @@ -2259,27 +2266,51 @@ static void station_preauthenticate_cb(struct netdev *netdev, } } -static void station_transition_start(struct station *station); +static void station_transition_start(struct station *station, bool no_ft); static bool station_ft_work_ready(struct wiphy_radio_work_item *item) { struct station *station = l_container_of(item, struct station, ft_work); - struct roam_bss *rbss = l_queue_pop_head(station->roam_bss_list); - struct scan_bss *bss = network_bss_find_by_addr( - station->connected_network, rbss->addr); + L_AUTO_FREE_VAR(struct roam_bss *, rbss) = l_queue_pop_head( + station->roam_bss_list); + struct scan_bss *bss; int ret; - l_free(rbss); + /* Already failed FT, then failed reassociation, disregard this BSS */ + if (rbss->reassoc) { + l_free(l_steal_ptr(rbss)); + + rbss = l_queue_pop_head(station->roam_bss_list); + if (!rbss) + goto assoc_failed; + } /* Very unlikely, but the BSS could have gone away */ + bss = network_bss_find_by_addr(station->connected_network, rbss->addr); if (!bss) goto try_next; ret = ft_associate(netdev_get_ifindex(station->netdev), bss->addr); - if (ret == -ENOENT) { + if (ret > 0) { + if (ret != MMPDU_STATUS_CODE_INVALID_PMKID) { + station_debug_event(station, "ft-roam-failed"); + goto try_next; + } + + rbss->reassoc = true; + + l_queue_push_head(station->roam_bss_list, rbss); + + station_debug_event(station, "ft-fallback-to-reassoc"); + + /* FT failed, attempt reassociation as a last resort */ + station_transition_start(station, true); + l_steal_ptr(rbss); + return true; + } else if (ret == -ENOENT) { station_debug_event(station, "ft-roam-failed"); try_next: - station_transition_start(station); + station_transition_start(station, false); return true; } else if (ret < 0) goto assoc_failed; @@ -2288,6 +2319,8 @@ try_next: station->preparing_roam = false; station_enter_state(station, STATION_STATE_FT_ROAMING); + station_debug_event(station, "ft-roam"); + return true; assoc_failed: @@ -2349,7 +2382,8 @@ done: } static bool station_try_next_transition(struct station *station, - struct scan_bss *bss) + struct scan_bss *bss, + bool no_ft) { struct handshake_state *hs = netdev_get_handshake(station->netdev); struct network *connected = station->connected_network; @@ -2364,7 +2398,7 @@ static bool station_try_next_transition(struct station *station, station->ap_directed_roaming = false; /* Can we use Fast Transition? */ - if (station_can_fast_transition(hs, bss)) + if (station_can_fast_transition(hs, bss) && !no_ft) return station_fast_transition(station, bss); /* Non-FT transition */ @@ -2412,7 +2446,7 @@ static bool station_try_next_transition(struct station *station, return true; } -static void station_transition_start(struct station *station) +static void station_transition_start(struct station *station, bool no_ft) { struct roam_bss *rbss; bool roaming = false; @@ -2425,7 +2459,7 @@ static void station_transition_start(struct station *station) struct scan_bss *bss = network_bss_find_by_addr( station->connected_network, rbss->addr); - roaming = station_try_next_transition(station, bss); + roaming = station_try_next_transition(station, bss, no_ft); if (roaming) break; @@ -2581,7 +2615,7 @@ static bool station_roam_scan_notify(int err, struct l_queue *bss_list, */ station_update_roam_bss(station, bss); - rbss = roam_bss_from_scan_bss(bss); + rbss = roam_bss_from_scan_bss(hs, bss); l_queue_insert(station->roam_bss_list, rbss, roam_bss_rank_compare, NULL); @@ -2600,7 +2634,7 @@ next: goto fail; } - station_transition_start(station); + station_transition_start(station, false); return true; @@ -4584,6 +4618,7 @@ static bool station_force_roam_scan_notify(int err, struct l_queue *bss_list, { struct station_roam_data *data = user_data; struct station *station = data->station; + struct handshake_state *hs = netdev_get_handshake(station->netdev); struct scan_bss *target; struct l_dbus_message *reply; @@ -4603,11 +4638,11 @@ static bool station_force_roam_scan_notify(int err, struct l_queue *bss_list, /* The various roam routines expect this to be set from scanning */ station->preparing_roam = true; l_queue_push_tail(station->roam_bss_list, - roam_bss_from_scan_bss(target)); + roam_bss_from_scan_bss(hs, target)); station_update_roam_bss(station, target); - station_transition_start(station); + station_transition_start(station, false); reply = l_dbus_message_new_method_return(data->pending); From patchwork Tue Aug 22 15:29:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13361087 Received: from mail-oi1-f174.google.com (mail-oi1-f174.google.com [209.85.167.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C87391CA14 for ; Tue, 22 Aug 2023 15:29:41 +0000 (UTC) Received: by mail-oi1-f174.google.com with SMTP id 5614622812f47-3a7d4030621so2795915b6e.3 for ; Tue, 22 Aug 2023 08:29:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1692718180; x=1693322980; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FaiQCf6vJ3cdWRNVf/xbx1j3AbvhsgUXvbvVHiZDFV0=; b=rVzJNJyUOrAbCTJSdfnfI7DwQjSFSDStEtfiFFXb7POJOpYn8IaOLYCYUchvw0GdGP oP2XLqKmIKcdZUmZ+WFuB8iEqQDH9+XrO0PAX4NtcyEHA2529jEPr84eCFiA4Mald2al ey5slNrRTWgr0pA1cARwR62XMm0CpgNbtspsfhGOyclfJuhl6zKVzq+5UCIUgssNCZro JTpb7BcFmdMMiabHUwPjLPTGK8tZgG2TAZazvXwRccVy7eZZ/Zeb2MAtJgJlJCQ+D0CA KXNPyYQ76bJIef+Pe7IfbwSD/PJl5TEsMsiJCY8vStKIS3giJDXfbY5wCXuJfnvluKVb jLsQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692718180; x=1693322980; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FaiQCf6vJ3cdWRNVf/xbx1j3AbvhsgUXvbvVHiZDFV0=; b=ko5rs6FGMXBADeIe23KnlJU35CMW9Dv7VPVaICpRoVOPjrqaZs8tmFi2vxWa1gXOn9 hvBFFmJUhx2fwQADlugCwAfBpnNYaDd9a5WQRzt99FNrpi31K6Mpo4CsFbuvPk3I3o5t pjJwZCfHs18xS82TkoAKmfr8obPkWe6hw8GLw9qs/Rcw75ENdmzjY5PxeReD6Swp5p1c oMBKt2K1S+CD9+HbEuGdL7koavLsajErxXldFKCDwpl2Jsrv8HcdJ+KZY83L5ljD2+5b SSgXY1mRhlbSH9Id9n5OKws2RuKAbMUX4VM9Yq8/kZvv594bxMxx6DJvgoLz3aF9B7DL dB5Q== X-Gm-Message-State: AOJu0YwZGd/m5EWJgeXeEMi/ToPAQcxN2UeAMRFXLMhDwufZLfdIoJlj Klrz2s1AUZBOy/MtwWe55zPFZWTV1JQ= X-Google-Smtp-Source: AGHT+IG2BlxHD/huoJxx5ZNQCHljQUlX9aQAtaW9l+WlA7r6i4HCh/AnE9mG4bPg590pcd0rG4azKg== X-Received: by 2002:a05:6358:c1d:b0:135:4c43:f4df with SMTP id f29-20020a0563580c1d00b001354c43f4dfmr5751935rwj.3.1692718180248; Tue, 22 Aug 2023 08:29:40 -0700 (PDT) Received: from LOCLAP699.rst-01.locus (50-78-19-50-static.hfc.comcastbusiness.net. [50.78.19.50]) by smtp.gmail.com with ESMTPSA id j189-20020a816ec6000000b0058fafe95f98sm2108796ywc.114.2023.08.22.08.29.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 22 Aug 2023 08:29:39 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 3/3] auto-t: add fallback to reassociate test Date: Tue, 22 Aug 2023 08:29:31 -0700 Message-Id: <20230822152931.276136-4-prestwoj@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230822152931.276136-1-prestwoj@gmail.com> References: <20230822152931.276136-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Tests that IWD falls back to reassociation if FT fails with status 53. --- autotests/testPSK-roam/failed_roam_test.py | 70 +++++++++++++++++++++- autotests/testPSK-roam/ft-psk-ccmp-1.conf | 1 + autotests/testPSK-roam/ft-psk-ccmp-2.conf | 1 + autotests/testPSK-roam/ft-psk-ccmp-3.conf | 1 + 4 files changed, 70 insertions(+), 3 deletions(-) diff --git a/autotests/testPSK-roam/failed_roam_test.py b/autotests/testPSK-roam/failed_roam_test.py index eda2b4e2..74c10ffc 100644 --- a/autotests/testPSK-roam/failed_roam_test.py +++ b/autotests/testPSK-roam/failed_roam_test.py @@ -41,18 +41,22 @@ class Test(unittest.TestCase): self.assertRaises(Exception, testutil.test_ifaces_connected, (prev.ifname, device.name, True, True)) - # FT-over-Air failure, should stay connected def test_ft_over_air_failure(self): + self.rule2.enabled = True + self.rule3.enabled = True + self.bss_hostapd[0].set_value('wpa_key_mgmt', 'FT-PSK') self.bss_hostapd[0].set_value('ft_over_ds', '0') self.bss_hostapd[0].reload() self.bss_hostapd[0].wait_for_event("AP-ENABLED") + self.bss_hostapd[0].set_value('ft_psk_generate_local', '1') self.bss_hostapd[1].set_value('wpa_key_mgmt', 'FT-PSK') self.bss_hostapd[1].set_value('ft_over_ds', '0') self.bss_hostapd[1].reload() self.bss_hostapd[1].wait_for_event("AP-ENABLED") + self.bss_hostapd[1].set_value('ft_psk_generate_local', '1') wd = IWD(True) @@ -70,9 +74,60 @@ class Test(unittest.TestCase): self.rule0.enabled = False # IWD should then try BSS 2, and succeed + device.wait_for_event('ft-roam', timeout=60) self.verify_roam(wd, device, self.bss_hostapd[0], self.bss_hostapd[2]) self.bss_hostapd[2].deauthenticate(device.address) + + # FT-over-Air failure, should stay connected + def test_ft_over_air_fallback(self): + self.rule_bss0.signal = -8000 + self.rule_bss0.enabled = True + self.rule_bss1.signal = -7500 + self.rule_bss1.enabled = True + self.rule_bss2.signal = -6000 + self.rule_bss2.enabled = True + + self.bss_hostapd[0].set_value('wpa_key_mgmt', 'FT-PSK') + self.bss_hostapd[0].set_value('ft_over_ds', '0') + self.bss_hostapd[0].reload() + self.bss_hostapd[0].wait_for_event("AP-ENABLED") + self.bss_hostapd[0].set_value('ft_psk_generate_local', '1') + + self.bss_hostapd[1].set_value('wpa_key_mgmt', 'FT-PSK') + self.bss_hostapd[1].set_value('ft_over_ds', '0') + self.bss_hostapd[1].reload() + self.bss_hostapd[1].wait_for_event("AP-ENABLED") + self.bss_hostapd[1].set_value('ft_psk_generate_local', '1') + + # This will cause this BSS to reject any FT roams as its unable to + # get keys from other APs + self.bss_hostapd[2].set_value('ft_psk_generate_local', '0') + self.bss_hostapd[2].reload() + + wd = IWD(True) + + device = wd.list_devices(1)[0] + + self.connect(wd, device, self.bss_hostapd[0]) + + # IWD should connect, then attempt a roam to BSS 1, which should + # fail and cause a fallback to reassociation + device.wait_for_event('ft-fallback-to-reassoc', timeout=60) + + self.assertTrue(device.state == DeviceState.connected) + + self.verify_roam(wd, device, self.bss_hostapd[0], self.bss_hostapd[2]) + + # Trigger another roam + self.rule_bss2.signal = -8000 + + device.wait_for_event('ft-roam', timeout=60) + + # Ensure an FT roam back to a properly configured AP works. + self.verify_roam(wd, device, self.bss_hostapd[2], self.bss_hostapd[1]) + + self.bss_hostapd[1].deauthenticate(device.address) condition = 'obj.state == DeviceState.disconnected' wd.wait_for_object_condition(device, condition) @@ -85,6 +140,10 @@ class Test(unittest.TestCase): self.rule0.enabled = False self.rule1.enabled = False self.rule2.enabled = False + self.rule3.enabled = False + self.rule_bss0.enabled = False + self.rule_bss1.enabled = False + self.rule_bss2.enabled = False @classmethod def setUpClass(cls): @@ -116,13 +175,18 @@ class Test(unittest.TestCase): cls.rule2 = hwsim.rules.create() cls.rule2.source = hwsim.get_radio('rad0').addresses[0] cls.rule2.signal = -8000 - cls.rule2.enabled = True # Causes IWD to first prefer BSS 1 to roam, then BSS 2. cls.rule3 = hwsim.rules.create() cls.rule3.source = hwsim.get_radio('rad2').addresses[0] cls.rule3.signal = -7000 - cls.rule3.enabled = True + + cls.rule_bss0 = hwsim.rules.create() + cls.rule_bss0.source = hwsim.get_radio('rad0').addresses[0] + cls.rule_bss1 = hwsim.rules.create() + cls.rule_bss1.source = hwsim.get_radio('rad1').addresses[0] + cls.rule_bss2 = hwsim.rules.create() + cls.rule_bss2.source = hwsim.get_radio('rad2').addresses[0] @classmethod def tearDownClass(cls): diff --git a/autotests/testPSK-roam/ft-psk-ccmp-1.conf b/autotests/testPSK-roam/ft-psk-ccmp-1.conf index 4a2ceba5..5647c49f 100644 --- a/autotests/testPSK-roam/ft-psk-ccmp-1.conf +++ b/autotests/testPSK-roam/ft-psk-ccmp-1.conf @@ -33,6 +33,7 @@ pmk_r1_push=0 # case. Only works with FT-PSK, otherwise brctl needs to be installed and # CONFIG_BRIDGE enabled in the kernel. ft_psk_generate_local=1 +rkh_pull_timeout=50 ft_over_ds=0 ap_table_expiration_time=36000 ap_table_max_size=10 diff --git a/autotests/testPSK-roam/ft-psk-ccmp-2.conf b/autotests/testPSK-roam/ft-psk-ccmp-2.conf index a42e175d..7d4ad221 100644 --- a/autotests/testPSK-roam/ft-psk-ccmp-2.conf +++ b/autotests/testPSK-roam/ft-psk-ccmp-2.conf @@ -33,6 +33,7 @@ pmk_r1_push=0 # case. Only works with FT-PSK, otherwise brctl needs to be installed and # CONFIG_BRIDGE enabled in the kernel. ft_psk_generate_local=1 +rkh_pull_timeout=50 ft_over_ds=0 ap_table_expiration_time=36000 ap_table_max_size=10 diff --git a/autotests/testPSK-roam/ft-psk-ccmp-3.conf b/autotests/testPSK-roam/ft-psk-ccmp-3.conf index a42e175d..7d4ad221 100644 --- a/autotests/testPSK-roam/ft-psk-ccmp-3.conf +++ b/autotests/testPSK-roam/ft-psk-ccmp-3.conf @@ -33,6 +33,7 @@ pmk_r1_push=0 # case. Only works with FT-PSK, otherwise brctl needs to be installed and # CONFIG_BRIDGE enabled in the kernel. ft_psk_generate_local=1 +rkh_pull_timeout=50 ft_over_ds=0 ap_table_expiration_time=36000 ap_table_max_size=10