blob: 264d818e57587b96634685ae4db44a6b6d2122d5 [file] [log] [blame]
diff --git a/package/kernel/mac80211/Makefile b/package/kernel/mac80211/Makefile
index a7472ee7..f06c889b 100644
--- a/package/kernel/mac80211/Makefile
+++ b/package/kernel/mac80211/Makefile
@@ -20,6 +20,7 @@ PKG_SOURCE:=backports-$(PKG_VERSION).tar.xz
PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/backports-$(PKG_VERSION)
PKG_BUILD_PARALLEL:=1
+SOURCE_PATH:=./src
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_DRIVERS = \
@@ -72,6 +73,10 @@ config-y:= \
WLAN_VENDOR_ST \
WLAN_VENDOR_TI \
WLAN_VENDOR_ZYDAS \
+ MAC80211_DEBUG_MENU \
+ MAC80211_MLME_DEBUG \
+ MAC80211_STA_DEBUG \
+ MAC80211_HT_DEBUG \
config-$(call config_package,cfg80211) += CFG80211
config-$(CONFIG_PACKAGE_CFG80211_TESTMODE) += NL80211_TESTMODE
@@ -297,6 +302,8 @@ define Build/Prepare
mkdir -p $(PKG_BUILD_DIR)
$(PKG_UNPACK)
$(Build/Patch)
+ $(CP) $(SOURCE_PATH)/net $(PKG_BUILD_DIR) 2>/dev/null || :
+ $(CP) $(SOURCE_PATH)/include $(PKG_BUILD_DIR) 2>/dev/null || :
rm -rf \
$(PKG_BUILD_DIR)/include/linux/ssb \
$(PKG_BUILD_DIR)/include/linux/bcma \
diff --git a/package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh b/package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh
index 5aaba9af..e6e9e540 100644
--- a/package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh
+++ b/package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh
@@ -27,6 +27,7 @@ drv_mac80211_init_device_config() {
config_add_string path phy 'macaddr:macaddr'
config_add_string tx_burst
+ config_add_int mbssid mu_onoff sr_enable sr_enhanced rnr
config_add_string distance
config_add_int beacon_int chanbw frag rts
config_add_int rxantenna txantenna antenna_gain txpower min_tx_power
@@ -53,7 +54,10 @@ drv_mac80211_init_device_config() {
he_spr_sr_control \
he_spr_psr_enabled \
he_bss_color_enabled \
- he_twt_required
+ he_twt_required \
+ he_twt_responder \
+ etxbfen \
+ itxbfen
config_add_int \
beamformer_antennas \
beamformee_antennas \
@@ -140,13 +144,11 @@ mac80211_hostapd_setup_base() {
[ -n "$acs_exclude_dfs" ] && [ "$acs_exclude_dfs" -gt 0 ] &&
append base_cfg "acs_exclude_dfs=1" "$N"
- json_get_vars noscan ht_coex min_tx_power:0 tx_burst
+ json_get_vars noscan ht_coex min_tx_power:0 tx_burst mbssid mu_onoff rnr
+ json_get_vars etxbfen:1 itxbfen:0
json_get_values ht_capab_list ht_capab
json_get_values channel_list channels
- [ "$auto_channel" = 0 ] && [ -z "$channel_list" ] && \
- channel_list="$channel"
-
[ "$min_tx_power" -gt 0 ] && append base_cfg "min_tx_power=$min_tx_power"
set_default noscan 0
@@ -160,8 +162,8 @@ mac80211_hostapd_setup_base() {
ieee80211n=1
ht_capab=
case "$htmode" in
- VHT20|HT20|HE20) ;;
- HT40*|VHT40|VHT80|VHT160|HE40|HE80|HE160)
+ VHT20|HT20|HE20|EHT20) ;;
+ HT40*|VHT40|VHT80|VHT160|HE40*|HE80|HE160|EHT40*|EHT80|EHT160|EHT320*)
case "$hwmode" in
a)
case "$(( (($channel / 4) + $chan_ofs) % 2 ))" in
@@ -171,8 +173,22 @@ mac80211_hostapd_setup_base() {
;;
*)
case "$htmode" in
- HT40+) ht_capab="[HT40+]";;
- HT40-) ht_capab="[HT40-]";;
+ HT40+|HE40+|EHT40+)
+ if [ "$channel" -gt 9 ]; then
+ echo "Could not set the center freq with this HT mode setting"
+ return 1
+ else
+ ht_capab="[HT40+]"
+ fi
+ ;;
+ HT40-|HE40-|EHT40-)
+ if [ "$channel" -lt 5 ]; then
+ echo "Could not set the center freq with this HT mode setting"
+ return 1
+ else
+ ht_capab="[HT40-]"
+ fi
+ ;;
*)
if [ "$channel" -lt 7 ]; then
ht_capab="[HT40+]"
@@ -205,7 +221,7 @@ mac80211_hostapd_setup_base() {
dsss_cck_40:1
ht_cap_mask=0
- for cap in $(iw phy "$phy" info | grep 'Capabilities:' | cut -d: -f2); do
+ for cap in $(iw phy "$phy" info | grep 'Capabilities: 0x' | cut -d: -f2); do
ht_cap_mask="$(($ht_cap_mask | $cap))"
done
@@ -236,8 +252,8 @@ mac80211_hostapd_setup_base() {
idx="$channel"
case "$htmode" in
- VHT20|HE20) enable_ac=1;;
- VHT40|HE40)
+ VHT20|HE20|EHT20) enable_ac=1;;
+ VHT40|HE40|EHT40)
case "$(( (($channel / 4) + $chan_ofs) % 2 ))" in
1) idx=$(($channel + 2));;
0) idx=$(($channel - 2));;
@@ -245,7 +261,7 @@ mac80211_hostapd_setup_base() {
enable_ac=1
vht_center_seg0=$idx
;;
- VHT80|HE80)
+ VHT80|HE80|EHT80)
case "$(( (($channel / 4) + $chan_ofs) % 4 ))" in
1) idx=$(($channel + 6));;
2) idx=$(($channel + 2));;
@@ -256,7 +272,7 @@ mac80211_hostapd_setup_base() {
vht_oper_chwidth=1
vht_center_seg0=$idx
;;
- VHT160|HE160)
+ VHT160|HE160|EHT160)
if [ "$band" = "6g" ]; then
case "$channel" in
1|5|9|13|17|21|25|29) idx=15;;
@@ -271,12 +287,43 @@ mac80211_hostapd_setup_base() {
case "$channel" in
36|40|44|48|52|56|60|64) idx=50;;
100|104|108|112|116|120|124|128) idx=114;;
+ 149|153|157|161|165|169|173|177) idx=163;;
esac
fi
enable_ac=1
vht_oper_chwidth=2
vht_center_seg0=$idx
;;
+ EHT320*)
+ case "$channel" in
+ 1|5|9|13|17|21|25|29) idx=31;;
+ 33|37|41|45|49|53|57|61| \
+ 65|69|73|77|81|85|89|93) idx=63;;
+ 97|101|105|109|113|117|121|125| \
+ 129|133|137|141|145|149|153|157) idx=127;;
+ 161|165|169|173|177|181|185|189| \
+ 193|197|201|205|209|213|217|221) idx=191;;
+ esac
+ if [[ "$htmode" = "EHT320-1" && "$channel" -ge "193" ]] ||
+ [[ "$htmode" = "EHT320-2" && "$channel" -le "29" ]]; then
+ echo "Could not set the center freq with this EHT setting"
+ return 1
+ elif [[ "$htmode" = "EHT320-1" && "$channel" -ge "33" ]]; then
+ if [ "$channel" -gt $idx ]; then
+ idx=$(($idx + 32))
+ else
+ idx=$(($idx - 32))
+ fi
+ fi
+ vht_oper_chwidth=2
+ if [ "$channel" -gt $idx ]; then
+ vht_center_seg0=$(($idx + 16))
+ else
+ vht_center_seg0=$(($idx - 16))
+ fi
+ eht_oper_chwidth=9
+ eht_oper_centr_freq_seg0_idx=$idx
+ ;;
esac
[ "$band" = "5g" ] && {
json_get_vars background_radar:0
@@ -286,8 +333,9 @@ mac80211_hostapd_setup_base() {
[ "$band" = "6g" ] && {
op_class=
case "$htmode" in
- HE20) op_class=131;;
- HE*) op_class=$((132 + $vht_oper_chwidth))
+ HE20|EHT20) op_class=131;;
+ EHT320*) op_class=137;;
+ HE*|EHT*) op_class=$((132 + $vht_oper_chwidth))
esac
[ -n "$op_class" ] && append base_cfg "op_class=$op_class" "$N"
}
@@ -315,7 +363,6 @@ mac80211_hostapd_setup_base() {
vht_link_adapt:3 \
vht160:2
- set_default tx_burst 2.0
append base_cfg "ieee80211ac=1" "$N"
vht_cap=0
for cap in $(iw phy "$phy" info | awk -F "[()]" '/VHT Capabilities/ { print $2 }'); do
@@ -329,6 +376,12 @@ mac80211_hostapd_setup_base() {
[ "$rx_stbc" -lt "$cap_rx_stbc" ] && cap_rx_stbc="$rx_stbc"
vht_cap="$(( ($vht_cap & ~(0x700)) | ($cap_rx_stbc << 8) ))"
+ [ "$etxbfen" -eq 0 ] && {
+ su_beamformer=0
+ su_beamformee=0
+ mu_beamformer=0
+ }
+
mac80211_add_capabilities vht_capab $vht_cap \
RXLDPC:0x10::$rxldpc \
SHORT-GI-80:0x20::$short_gi_80 \
@@ -410,7 +463,7 @@ mac80211_hostapd_setup_base() {
# 802.11ax
enable_ax=0
case "$htmode" in
- HE*) enable_ax=1 ;;
+ HE*|EHT*) enable_ax=1 ;;
esac
if [ "$enable_ax" != "0" ]; then
@@ -419,10 +472,11 @@ mac80211_hostapd_setup_base() {
he_su_beamformee:1 \
he_mu_beamformer:1 \
he_twt_required:0 \
+ he_twt_responder \
he_spr_sr_control:3 \
he_spr_psr_enabled:0 \
he_spr_non_srg_obss_pd_max_offset:0 \
- he_bss_color:128 \
+ he_bss_color \
he_bss_color_enabled:1
he_phy_cap=$(iw phy "$phy" info | sed -n '/HE Iftypes: AP/,$p' | awk -F "[()]" '/HE PHY Capabilities/ { print $2 }' | head -1)
@@ -436,6 +490,11 @@ mac80211_hostapd_setup_base() {
append base_cfg "he_oper_centr_freq_seg0_idx=$vht_center_seg0" "$N"
}
+ [ "$etxbfen" -eq 0 ] && {
+ he_su_beamformer=0
+ he_mu_beamformer=0
+ }
+
mac80211_add_he_capabilities \
he_su_beamformer:${he_phy_cap:6:2}:0x80:$he_su_beamformer \
he_su_beamformee:${he_phy_cap:8:2}:0x1:$he_su_beamformee \
@@ -443,7 +502,14 @@ mac80211_hostapd_setup_base() {
he_spr_psr_enabled:${he_phy_cap:14:2}:0x1:$he_spr_psr_enabled \
he_twt_required:${he_mac_cap:0:2}:0x6:$he_twt_required
+ if [ -n "$he_twt_responder" ]; then
+ append base_cfg "he_twt_responder=$he_twt_responder" "$N"
+ fi
if [ "$he_bss_color_enabled" -gt 0 ]; then
+ if !([ "$he_bss_color" -gt 0 ] && [ "$he_bss_color" -le 64 ]); then
+ rand=$(head -n 1 /dev/urandom | tr -dc 0-9 | head -c 2)
+ he_bss_color=$((rand % 63 + 1))
+ fi
append base_cfg "he_bss_color=$he_bss_color" "$N"
[ "$he_spr_non_srg_obss_pd_max_offset" -gt 0 ] && { \
append base_cfg "he_spr_non_srg_obss_pd_max_offset=$he_spr_non_srg_obss_pd_max_offset" "$N"
@@ -484,12 +550,47 @@ mac80211_hostapd_setup_base() {
append base_cfg "he_mu_edca_ac_vo_timer=255" "$N"
fi
+ set_default tx_burst 2
+
+ # 802.11be
+ enable_be=0
+ case "$htmode" in
+ EHT*) enable_be=1 ;;
+ esac
+
+ if [ "$enable_be" != "0" ]; then
+ append base_cfg "ieee80211be=1" "$N"
+ if [ "$etxbfen" -eq 0 ]; then
+ append base_cfg "eht_su_beamformee=1" "$N"
+ else
+ append base_cfg "eht_su_beamformer=1" "$N"
+ append base_cfg "eht_su_beamformee=1" "$N"
+ append base_cfg "eht_mu_beamformer=1" "$N"
+ fi
+ [ "$hwmode" = "a" ] && {
+ case $htmode in
+ EHT320*)
+ append base_cfg "eht_oper_chwidth=$eht_oper_chwidth" "$N"
+ append base_cfg "eht_oper_centr_freq_seg0_idx=$eht_oper_centr_freq_seg0_idx" "$N"
+ ;;
+ *)
+ append base_cfg "eht_oper_chwidth=$vht_oper_chwidth" "$N"
+ append base_cfg "eht_oper_centr_freq_seg0_idx=$vht_center_seg0" "$N"
+ ;;
+ esac
+ }
+ fi
+
hostapd_prepare_device_config "$hostapd_conf_file" nl80211
cat >> "$hostapd_conf_file" <<EOF
${channel:+channel=$channel}
${channel_list:+chanlist=$channel_list}
${hostapd_noscan:+noscan=1}
${tx_burst:+tx_queue_data2_burst=$tx_burst}
+${mbssid:+mbssid=$mbssid}
+${mu_onoff:+mu_onoff=$mu_onoff}
+${itxbfen:+ibf_enable=$itxbfen}
+${rnr:+rnr=$rnr}
$base_cfg
EOF
@@ -517,7 +618,7 @@ mac80211_hostapd_setup_bss() {
append hostapd_cfg "wds_sta=1" "$N"
[ -n "$wds_bridge" ] && append hostapd_cfg "wds_bridge=$wds_bridge" "$N"
}
- [ "$staidx" -gt 0 -o "$start_disabled" -eq 1 ] && append hostapd_cfg "start_disabled=1" "$N"
+ [ "$start_disabled" -eq 1 ] && append hostapd_cfg "start_disabled=1" "$N"
cat >> /var/run/hostapd-$phy.conf <<EOF
$hostapd_cfg
@@ -527,6 +628,31 @@ ${max_listen_int:+max_listen_interval=$max_listen_int}
EOF
}
+mac80211_generate_mbssid_mac() {
+ local phy="$1"
+ local transmitted_bssid="$2"
+ local id="${mbssidx:-0}"
+
+ local ref="$(cat /sys/class/ieee80211/${phy}/macaddress)"
+
+ if [ -z "$transmitted_bssid" ]; then
+ transmitted_bssid=$ref
+ fi
+
+ if [ $id -eq 0 ]; then
+ echo "$transmitted_bssid"
+ return
+ fi
+
+ local oIFS="$IFS"; IFS=":"; set -- $transmitted_bssid; IFS="$oIFS"
+
+ # Calculate nontransmitted bssid
+ b6="0x$6"
+ ref_b6=$(($b6 % $max_mbssid))
+ b6=$(($b6 - $ref_b6 + ($ref_b6 + $id) % $max_mbssid))
+ printf "%s:%s:%s:%s:%s:%02x" $1 $2 $3 $4 $5 $b6
+}
+
mac80211_get_addr() {
local phy="$1"
local idx="$(($2 + 1))"
@@ -757,7 +883,19 @@ mac80211_prepare_vif() {
json_select ..
- if [ -z "$macaddr" ]; then
+ if [ "$mbssid" -gt 0 ] && [ "$mode" == "ap" ]; then
+ [ "$mbssidx" -eq 0 ] && {
+ if [ -z $macaddr ]; then
+ transmitted_bssid="$(mac80211_generate_mac $phy)"
+ else
+ # uci set mac address
+ transmitted_bssid=$macaddr
+ fi
+ macidx="$(($macidx + 1))"
+ }
+ macaddr="$(mac80211_generate_mbssid_mac $phy $transmitted_bssid)"
+ mbssidx="$(($mbssidx + 1))"
+ elif [ -z "$macaddr" ]; then
macaddr="$(mac80211_generate_mac $phy)"
macidx="$(($macidx + 1))"
elif [ "$macaddr" = 'random' ]; then
@@ -1058,6 +1196,9 @@ mac80211_setup_vif() {
json_select ..
[ -n "$failed" ] || wireless_add_vif "$name" "$ifname"
+
+ echo "Setup SMP Affinity"
+ /sbin/smp-mt76.sh
}
get_freq() {
@@ -1122,6 +1263,10 @@ drv_mac80211_cleanup() {
hostapd_common_cleanup
}
+mac80211_count_ap() {
+ total_num_ap=$(($total_num_ap + 1))
+}
+
drv_mac80211_setup() {
json_select config
json_get_vars \
@@ -1129,7 +1274,8 @@ drv_mac80211_setup() {
country chanbw distance \
txpower antenna_gain \
rxantenna txantenna \
- frag rts beacon_int:100 htmode
+ frag rts beacon_int:100 htmode \
+ sr_enable sr_enhanced
json_get_values basic_rate_list basic_rate
json_get_values scan_list scan_list
json_select ..
@@ -1180,6 +1326,7 @@ drv_mac80211_setup() {
no_ap=1
macidx=0
staidx=0
+ mbssidx=0
[ -n "$chanbw" ] && {
for file in /sys/kernel/debug/ieee80211/$phy/ath9k*/chanbw /sys/kernel/debug/ieee80211/$phy/ath5k/bwmode; do
@@ -1219,6 +1366,16 @@ drv_mac80211_setup() {
for_each_interface "sta adhoc mesh" mac80211_set_noscan
[ -n "$has_ap" ] && mac80211_hostapd_setup_base "$phy"
+ total_num_ap=0
+ max_mbssid=1
+ for_each_interface "ap" mac80211_count_ap
+ total_num_ap=$(($total_num_ap - 1))
+ while [ $total_num_ap -gt 0 ]
+ do
+ total_num_ap=$(($total_num_ap >> 1))
+ max_mbssid=$(($max_mbssid << 1))
+ done
+
mac80211_prepare_iw_htmode
for_each_interface "sta adhoc mesh monitor" mac80211_prepare_vif
NEWAPLIST=
@@ -1251,6 +1408,14 @@ drv_mac80211_setup() {
if [ "$no_reload" != "0" ]; then
add_ap=1
ubus wait_for hostapd
+
+ # each phy sleeps different times to prevent for ubus race condition.
+ if [ "$phy" = "phy1" ]; then
+ sleep 1;
+ elif [ "$phy" = "phy2" ]; then
+ sleep 2;
+ fi
+
local hostapd_res="$(ubus call hostapd config_add "{\"iface\":\"$primary_ap\", \"config\":\"${hostapd_conf_file}\"}")"
ret="$?"
[ "$ret" != 0 -o -z "$hostapd_res" ] && {
@@ -1266,6 +1431,9 @@ drv_mac80211_setup() {
[ "${add_ap}" = 1 ] && sleep 1
for_each_interface "ap" mac80211_setup_vif
+ [ -n "$sr_enable" ] && echo "$sr_enable" > /sys/kernel/debug/ieee80211/$phy/mt76/sr_enable
+ [ -n "$sr_enhanced" ] && echo "$sr_enhanced" > /sys/kernel/debug/ieee80211/$phy/mt76/sr_enhanced_enable
+
NEWSPLIST=
NEWUMLIST=
diff --git a/package/kernel/mac80211/files/lib/wifi/mac80211.sh b/package/kernel/mac80211/files/lib/wifi/mac80211.sh
index e24a2a63..20e60688 100644
--- a/package/kernel/mac80211/files/lib/wifi/mac80211.sh
+++ b/package/kernel/mac80211/files/lib/wifi/mac80211.sh
@@ -60,6 +60,9 @@ BEGIN {
if (vht && band != "1:") mode="VHT80"
if (he) mode="HE80"
if (he && band == "1:") mode="HE20"
+ if (eht && band == "2:") mode="EHT160"
+ if (eht && band == "4:") mode="EHT320"
+ if (eht && band == "1:") mode="EHT20"
sub("\\[", "", channel)
sub("\\]", "", channel)
bands = bands band channel ":" mode " "
@@ -73,6 +76,7 @@ $1 == "Band" {
vht = ""
ht = ""
he = ""
+ eht = ""
}
$0 ~ "Capabilities:" {
@@ -87,6 +91,18 @@ $0 ~ "HE Iftypes" {
he=1
}
+$0 ~ "EHT Iftypes" {
+ eht=1
+}
+
+$0 ~ / *HE MAC Capabilities \(0x000000000000\)/ {
+ he=0
+}
+
+$0 ~ / *EHT MAC Capabilities \(0x0000\)/ {
+ eht=0
+}
+
$1 == "*" && $3 == "MHz" && $0 !~ /disabled/ && band && !channel {
channel = $4
}
@@ -120,6 +136,19 @@ get_band_defaults() {
mode_band="$band"
channel="$chan"
htmode="$mode"
+ if [ "$band" = "6g" ]
+ then
+ encryption=sae
+ key=12345678
+ sae_pwe=2
+ ieee80211w=2
+ channel=37
+ mbssid=1
+ else
+ noscan=1
+ encryption=none
+ rnr=1
+ fi
done
}
@@ -153,6 +182,10 @@ detect_mac80211() {
json_load_file /etc/board.json
+ # generate random bytes for macaddr
+ rand=$(hexdump -C /dev/urandom | head -n 1 &)
+ killall hexdump
+
for _dev in /sys/class/ieee80211/*; do
[ -e "$_dev" ] || continue
@@ -162,6 +195,13 @@ detect_mac80211() {
channel=""
htmode=""
ht_capab=""
+ encryption=""
+ noscan=""
+ key=""
+ sae_pwe=""
+ ieee80211w=""
+ mbssid=""
+ rnr=""
get_band_defaults "$dev"
@@ -196,6 +236,14 @@ detect_mac80211() {
;;
esac
+ macaddr=""
+ if (dmesg | grep -q "eeprom load fail"); then
+ for i in $(seq 2 3); do
+ macaddr=${macaddr}:$(echo $rand | cut -d ' ' -f $i)
+ done
+ macaddr="00:0$(($devidx - 1)):55:66${macaddr}"
+ fi
+
uci -q batch <<-EOF
set wireless.${name}=wifi-device
set wireless.${name}.type=mac80211
@@ -203,15 +251,40 @@ detect_mac80211() {
set wireless.${name}.channel=${channel}
set wireless.${name}.band=${mode_band}
set wireless.${name}.htmode=$htmode
- set wireless.${name}.disabled=1
+ set wireless.${name}.country='US'
+ set wireless.${name}.noscan=${noscan}
+ set wireless.${name}.disabled=0
+EOF
+ [ -n "$mbssid" ] && {
+ uci -q set wireless.${name}.mbssid=${mbssid}
+ }
+ [ -n "$rnr" ] && {
+ uci -q set wireless.${name}.rnr=${rnr}
+ }
+ uci -q batch <<-EOF
set wireless.default_${name}=wifi-iface
set wireless.default_${name}.device=${name}
set wireless.default_${name}.network=lan
set wireless.default_${name}.mode=ap
- set wireless.default_${name}.ssid=OpenWrt
- set wireless.default_${name}.encryption=none
+ set wireless.default_${name}.ssid=OpenWrt-${mode_band}
+ set wireless.default_${name}.encryption=${encryption}
EOF
+
+ # calibrated board will use eeprom macaddress, not ramdom address
+ [ -n "$macaddr" ] && {
+ uci -q set wireless.default_${name}.macaddr=${macaddr}
+ }
+
+ [ -n "$key" ] && {
+ uci -q set wireless.default_${name}.key=${key}
+ }
+ [ -n "$sae_pwe" ] && {
+ uci -q set wireless.default_${name}.sae_pwe=${sae_pwe}
+ }
+ [ -n "$ieee80211w" ] && {
+ uci -q set wireless.default_${name}.ieee80211w=${ieee80211w}
+ }
uci -q commit wireless
done
}
diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh
index bf3625c9..6ce28b4c 100644
--- a/package/network/services/hostapd/files/hostapd.sh
+++ b/package/network/services/hostapd/files/hostapd.sh
@@ -60,7 +60,14 @@ hostapd_append_wpa_key_mgmt() {
[ "${ieee80211w:-0}" -gt 0 ] && append wpa_key_mgmt "WPA-EAP-SHA256"
;;
sae)
- append wpa_key_mgmt "SAE"
+ case "$encryption" in
+ *sae-ext*)
+ append wpa_key_mgmt "SAE-EXT-KEY"
+ ;;
+ *)
+ append wpa_key_mgmt "SAE"
+ ;;
+ esac
[ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-SAE"
;;
psk-sae)
@@ -115,6 +122,7 @@ hostapd_common_add_device_config() {
config_add_int rts_threshold
config_add_int rssi_reject_assoc_rssi
config_add_int rssi_ignore_probe_request
+ config_add_int rssi_reject_assoc_timeout
config_add_int maxassoc
config_add_string acs_chan_bias
@@ -227,8 +235,10 @@ hostapd_prepare_device_config() {
hostapd_add_rate brlist "$br"
done
+ json_get_vars rssi_reject_assoc_timeout
[ -n "$rssi_reject_assoc_rssi" ] && append base_cfg "rssi_reject_assoc_rssi=$rssi_reject_assoc_rssi" "$N"
[ -n "$rssi_ignore_probe_request" ] && append base_cfg "rssi_ignore_probe_request=$rssi_ignore_probe_request" "$N"
+ [ -n "$rssi_reject_assoc_timeout" ] && append base_cfg "rssi_reject_assoc_timeout=$rssi_reject_assoc_timeout" "$N"
[ -n "$beacon_rate" ] && append base_cfg "beacon_rate=$beacon_rate" "$N"
[ -n "$rlist" ] && append base_cfg "supported_rates=$rlist" "$N"
[ -n "$brlist" ] && append base_cfg "basic_rates=$brlist" "$N"
@@ -379,6 +389,24 @@ hostapd_common_add_bss_config() {
config_add_string fils_dhcp
config_add_int ocv
+
+ config_add_int disable_eht
+ config_add_int disable_he
+ config_add_int disable_vht
+ config_add_int disable_ht
+
+ config_add_boolean beacon_prot interworking
+
+ config_add_int unsol_bcast_probe_resp_interval
+ config_add_int fils_discovery_min_interval
+ config_add_int fils_discovery_max_interval
+ config_add_boolean rnr
+
+ config_add_array sae_groups
+ config_add_array owe_groups
+ config_add_array pairwise
+ config_add_string group_cipher
+
}
hostapd_set_vlan_file() {
@@ -443,11 +471,11 @@ append_iw_nai_realm() {
}
append_iw_venue_name() {
- append bss_conf "venue_name=$1" "$N"
+ [ -n "$1" ] && append bss_conf "venue_name=$1" "$N"
}
append_iw_venue_url() {
- append bss_conf "venue_url=$1" "$N"
+ [ -n "$1" ] && append bss_conf "venue_url=$1" "$N"
}
append_hs20_oper_friendly_name() {
@@ -565,7 +593,8 @@ hostapd_set_bss_options() {
ppsk airtime_bss_weight airtime_bss_limit airtime_sta_weight \
multicast_to_unicast_all proxy_arp per_sta_vif \
eap_server eap_user_file ca_cert server_cert private_key private_key_passwd server_id \
- vendor_elements fils ocv
+ vendor_elements fils ocv unsol_bcast_probe_resp_interval fils_discovery_min_interval \
+ fils_discovery_max_interval rnr group_cipher
set_default fils 0
set_default isolate 0
@@ -793,6 +822,35 @@ hostapd_set_bss_options() {
local auth_algs="$((($auth_mode_shared << 1) | $auth_mode_open))"
append bss_conf "auth_algs=${auth_algs:-1}" "$N"
append bss_conf "wpa=$wpa" "$N"
+
+ json_get_values pairwise pairwise
+ if [ -n "$pairwise" ]; then
+ case "$pairwise" in
+ *tkip+aes|*tkip+ccmp|*aes+tkip|*ccmp+tkip)
+ wpa_cipher="CCMP TKIP"
+ ;;
+ *ccmp256)
+ wpa_cipher="CCMP-256"
+ ;;
+ *aes|*ccmp)
+ wpa_cipher="CCMP"
+ ;;
+ *tkip)
+ wpa_cipher="TKIP"
+ ;;
+ *gcmp256)
+ wpa_cipher="GCMP-256"
+ ;;
+ *gcmp)
+ wpa_cipher="GCMP"
+ ;;
+ *)
+ wpa_cipher=""
+ ;;
+ esac
+ fi
+ [ -n "$wpa_cipher" ] && wpa_pairwise="$wpa_cipher"
+
[ -n "$wpa_pairwise" ] && append bss_conf "wpa_pairwise=$wpa_pairwise" "$N"
set_default wps_pushbutton 0
@@ -844,7 +902,7 @@ hostapd_set_bss_options() {
}
append bss_conf "ssid=$ssid" "$N"
- [ -n "$network_bridge" ] && append bss_conf "bridge=$network_bridge${N}wds_bridge=" "$N"
+ [ -n "$network_bridge" ] && append bss_conf "bridge=$network_bridge${N}wds_bridge=$network_bridge" "$N"
[ -n "$network_ifname" ] && append bss_conf "snoop_iface=$network_ifname" "$N"
[ -n "$iapp_interface" ] && {
local ifname
@@ -957,6 +1015,8 @@ hostapd_set_bss_options() {
fi
if [ "$wpa" -ge "2" ]; then
+ json_get_values sae_groups sae_groups
+ json_get_values owe_groups owe_groups
if [ -n "$network_bridge" -a "$rsn_preauth" = 1 ]; then
set_default auth_cache 1
append bss_conf "rsn_preauth=1" "$N"
@@ -975,17 +1035,42 @@ hostapd_set_bss_options() {
append bss_conf "okc=$auth_cache" "$N"
[ "$auth_cache" = 0 -a "$fils" = 0 ] && append bss_conf "disable_pmksa_caching=1" "$N"
+ [ -z "$group_cipher" ] && group_cipher="$wpa_cipher"
+
+ if [ -n "$sae_groups" -o -n "$owe_groups" ]; then
+ case "$auth_type" in
+ sae*)
+ append bss_conf "sae_groups=$sae_groups" "$N"
+ append bss_conf "group_cipher=$group_cipher" "$N"
+ ;;
+ owe)
+ append bss_conf "owe_groups=$owe_groups" "$N"
+ append bss_conf "group_cipher=$group_cipher" "$N"
+ ;;
+ esac
+ fi
+
# RSN -> allow management frame protection
case "$ieee80211w" in
[012])
- json_get_vars ieee80211w_mgmt_cipher ieee80211w_max_timeout ieee80211w_retry_timeout
+ json_get_vars ieee80211w_mgmt_cipher ieee80211w_max_timeout ieee80211w_retry_timeout beacon_prot
append bss_conf "ieee80211w=$ieee80211w" "$N"
[ "$ieee80211w" -gt "0" ] && {
+ case "$group_cipher" in
+ CCMP*)
+ ieee80211w_mgmt_cipher="AES-128-CMAC"
+ ;;
+ GCMP-256)
+ [[ "$encryption" != "*owe*" ]] && ieee80211w_mgmt_cipher="BIP-GMAC-256"
+ ;;
+ esac
if [ "$auth_type" = "eap192" ]; then
append bss_conf "group_mgmt_cipher=BIP-GMAC-256" "$N"
else
append bss_conf "group_mgmt_cipher=${ieee80211w_mgmt_cipher:-AES-128-CMAC}" "$N"
fi
+ [ -n "$beacon_prot" ] && \
+ append bss_conf "beacon_prot=$beacon_prot" "$N"
[ -n "$ieee80211w_max_timeout" ] && \
append bss_conf "assoc_sa_query_max_timeout=$ieee80211w_max_timeout" "$N"
[ -n "$ieee80211w_retry_timeout" ] && \
@@ -1050,9 +1135,10 @@ hostapd_set_bss_options() {
json_get_vars iw_roaming_consortium iw_domain_name iw_anqp_3gpp_cell_net iw_nai_realm
json_get_vars iw_anqp_elem iw_qos_map_set iw_ipaddr_type_availability iw_gas_address3
json_get_vars iw_venue_name iw_venue_url
+ json_get_vars interworking
set_default iw_enabled 0
- if [ "$iw_enabled" = "1" ]; then
+ if [ "$iw_enabled" = "1" ] || [ "$interworking" = "1" ]; then
append bss_conf "interworking=1" "$N"
set_default iw_internet 1
set_default iw_asra 0
@@ -1159,6 +1245,22 @@ hostapd_set_bss_options() {
append bss_conf "$val" "$N"
done
+ if [ "$unsol_bcast_probe_resp_interval" -gt 0 ]; then
+ append bss_conf "unsol_bcast_probe_resp_interval=$unsol_bcast_probe_resp_interval" "$N"
+ fi
+
+ if [ -n "$fils_discovery_min_interval" ]; then
+ append bss_conf "fils_discovery_min_interval=$fils_discovery_min_interval" "$N"
+ fi
+
+ if [ -n "$fils_discovery_max_interval" ]; then
+ append bss_conf "fils_discovery_max_interval=$fils_discovery_max_interval" "$N"
+ fi
+
+ if [ -n "$rnr" ]; then
+ append bss_conf "rnr=$rnr" "$N"
+ fi
+
bss_md5sum="$(echo $bss_conf | md5sum | cut -d" " -f1)"
append bss_conf "config_id=$bss_md5sum" "$N"
@@ -1249,6 +1351,7 @@ wpa_supplicant_prepare_interface() {
country_str="country=$country"
}
+ local tx_queue_data2_burst="tx_queue_data2_burst=0"
multiap_flag_file="${_config}.is_multiap"
if [ "$multi_ap" = "1" ]; then
touch "$multiap_flag_file"
@@ -1260,6 +1363,7 @@ wpa_supplicant_prepare_interface() {
${scan_list:+freq_list=$scan_list}
$ap_scan
$country_str
+$tx_queue_data2_burst
EOF
return 0
}
@@ -1531,12 +1635,43 @@ wpa_supplicant_add_network() {
;;
esac
+ json_get_values pairwise pairwise
+ if [ -n "$pairwise" ]; then
+ case "$pairwise" in
+ *tkip+aes|*tkip+ccmp|*aes+tkip|*ccmp+tkip)
+ wpa_cipher="CCMP TKIP"
+ ;;
+ *ccmp256)
+ wpa_cipher="CCMP-256"
+ ;;
+ *aes|*ccmp)
+ wpa_cipher="CCMP"
+ ;;
+ *tkip)
+ wpa_cipher="TKIP"
+ ;;
+ *gcmp256)
+ wpa_cipher="GCMP-256"
+ ;;
+ *gcmp)
+ wpa_cipher="GCMP"
+ ;;
+ *)
+ wpa_cipher=""
+ ;;
+ esac
+ fi
+ [ -n "$wpa_cipher" ] && wpa_pairwise="$wpa_cipher"
+
[ "$wpa_cipher" = GCMP ] && {
append network_data "pairwise=GCMP" "$N$T"
append network_data "group=GCMP" "$N$T"
}
[ "$mode" = mesh ] || {
+ json_get_values sae_groups sae_groups
+ json_get_values owe_groups owe_groups
+
case "$wpa" in
1)
append network_data "proto=WPA" "$N$T"
@@ -1546,12 +1681,48 @@ wpa_supplicant_add_network() {
;;
esac
+ [ -n "$wpa_pairwise" ] && append network_data "pairwise=$wpa_pairwise" "$N$T"
+ [ -z "$group_cipher" ] && group_cipher="$wpa_cipher"
+
+ if [ -n "$sae_groups" -o -n "$owe_groups" ]; then
+ case "$auth_type" in
+ sae*)
+ echo "sae_groups=$sae_groups" >> "$_config"
+ append network_data "group=$group_cipher" "$N$T"
+ ;;
+ owe)
+ append network_data "owe_group=$owe_groups" "$N$T"
+ append network_data "group=$group_cipher" "$N$T"
+ ;;
+ esac
+ fi
+
+ # RSN -> allow management frame protection
case "$ieee80211w" in
[012])
- [ "$wpa" -ge 2 ] && append network_data "ieee80211w=$ieee80211w" "$N$T"
+ json_get_vars ieee80211w_mgmt_cipher ieee80211w_max_timeout ieee80211w_retry_timeout beacon_prot
+ append network_data "ieee80211w=$ieee80211w" "$N$T"
+ [ "$ieee80211w" -gt "0" ] && {
+ case "$group_cipher" in
+ CCMP*)
+ ieee80211w_mgmt_cipher="AES-128-CMAC"
+ ;;
+ GCMP-256)
+ [[ "$encryption" != "*owe*" ]] && ieee80211w_mgmt_cipher="BIP-GMAC-256"
+ ;;
+ esac
+ if [ "$auth_type" = "eap192" ]; then
+ append network_data "group_mgmt=BIP-GMAC-256" "$N$T"
+ else
+ append network_data "group_mgmt=${ieee80211w_mgmt_cipher:-AES-128-CMAC}" "$N$T"
+ fi
+ [ -n "$beacon_prot" ] && \
+ append network_data "beacon_prot=$beacon_prot" "$N$T"
+ }
;;
esac
}
+
[ -n "$bssid" ] && append network_data "bssid=$bssid" "$N$T"
[ -n "$beacon_int" ] && append network_data "beacon_int=$beacon_int" "$N$T"
@@ -1562,6 +1733,20 @@ wpa_supplicant_add_network() {
[ -n "$bssid_blacklist" ] && append network_data "bssid_blacklist=$bssid_blacklist" "$N$T"
[ -n "$bssid_whitelist" ] && append network_data "bssid_whitelist=$bssid_whitelist" "$N$T"
+ local disable_eht
+ local disable_he
+ local disable_vht
+ local disable_ht
+ json_get_vars disable_eht
+ json_get_vars disable_he
+ json_get_vars disable_vht
+ json_get_vars disable_ht
+
+ [ -n "$disable_eht" ] && append network_data "disable_eht=$disable_eht" "$N$T"
+ [ -n "$disable_he" ] && append network_data "disable_he=$disable_he" "$N$T"
+ [ -n "$disable_vht" ] && append network_data "disable_vht=$disable_vht" "$N$T"
+ [ -n "$disable_ht" ] && append network_data "disable_ht=$disable_ht" "$N$T"
+
[ -n "$basic_rate" ] && {
local br rate_list=
for br in $basic_rate; do
@@ -1576,6 +1761,11 @@ wpa_supplicant_add_network() {
append network_data "mcast_rate=$mc_rate" "$N$T"
}
+ if [ "$auth_type" = "sae" ]; then
+ json_get_vars sae_pwe sae_pwe
+ [ -n "$sae_pwe" ] && echo "sae_pwe=$sae_pwe" >> "$_config"
+ fi
+
if [ "$key_mgmt" = "WPS" ]; then
echo "wps_cred_processing=1" >> "$_config"
else