| |
| IWD |
| === |
| |
| - IWD will start a scheduled scan to the interface if the hardware supports |
| that feature. If the iwd closes or dies so that the kernel netlink socket |
| is closed, then the scheduled scan is cancelled automatically if the kernel |
| supports this. This is done by giving NL80211_ATTR_SOCKET_OWNER netlink |
| attribute when initiating the scheduled scan. |
| |
| - IWD contains a network object that will contain a list of BSS that have the |
| same SSID and security setting. From user point of view, we will connect to |
| a certain SSID instead of connecting directly to a BSS. IWD will then pick |
| the best BSS automatically from the BSS list when connecting to a SSID. |
| The "best" BSS in this context is the BSS that has the highest signal strength. |
| |
| - IWD uses the DBus agent interface to query information from the user. |
| The information asked include things like passphrase etc. The user can |
| register only one agent to iwd. If the user does not respond in timely |
| manner to the query, then the pending user request is cancelled after a |
| timeout. The pending user request is also cancelled if user disconnects a |
| pending connection attempt. |
| |
| - IWD supports the full RSN 4-Way Handshake for PTK generation. Support for |
| handling the optional (second) RSN element from the AP is included. |
| |
| - IWD supports Pre-authentication from 802.11-2007. If the currently |
| connected AP supports pre-authentication and iwd determines that a roam is |
| required, then the pre-authentication process is kicked off. This is done |
| using the current connection, running 802.1X over 0x88c7 protocol. This results |
| in the creation of a new PMK which is cached by both the target and iwd. iwd |
| can then roam onto the target AP using the cached PMK. |
| |
| - IWD supports Fast Transitions for fast roaming between access points. Only |
| FT-over-Air (fastest option) is currently supported by iwd. Whenever iwd |
| determines that a roam is required and a suitable target that supports fast |
| transitions is available, iwd roams to the target AP using FT automatically. |
| |
| - IWD supports Radio Resource Management from 802.11k. In particular iwd |
| can request and utilize Neighbor Reports. When iwd determines that a roam |
| is required, iwd will try to obtain a Neighbor Report from the currently |
| connected AP (using a special Action frame). This enables iwd to optimize |
| the list of channels to scan in order to find a suitable target for roaming |
| much quicker. |
| |
| - IWD supports receiving and generating SA Query action frames. If there is a |
| spoofed disassociate frame, IWD will generate a SA Query frame to ask the AP if |
| the disassociate frame was valid. The alternate case is if the AP receives |
| an (re)associate frame while the STA is still connected. In this case the AP |
| will send an SA Query frame, which IWD will respond to if it is still connected. |
| |
| - IWD supports Opportunistic Wireless Encryption (OWE). This allows encryption |
| on open networks, by using ECDH to negotiate a PMK. |
| |
| - IWD supports the following EAP methods: |
| - EAP-SIM |
| - EAP-AKA |
| - EAP-AKA' |
| - EAP-GTC |
| - EAP-MD5 |
| - EAP-MSCHAPV2 |
| - EAP-TLS |
| - EAP-WSC |
| - EAP-PEAP |
| - EAP-TTLS |
| |
| - In addition to the default station mode, IWD supports: |
| - AdHoc (IBSS) - Both unicast and multicast traffic is supported. |
| - Access Point - Both unicast and multicast traffic is supported. AP |
| mode does not yet support EAP methods. |
| |
| - IWD supports SAE (Simultaneous Authentication of Equals). SAE is required for |
| the WPA3 certification. SAE uses a Diffie-Hellman key exchange to produce the |
| PMK that's used in the 4-way handshake. Support for hybrid WPA3/WPA2 AP's is |
| also implemented, where WPA3 is preferred. |
| |
| Wireless monitor |
| ================ |
| |
| Netlink monitor interface is created if it does not exist |
| |
| The iwmon utility automates netlink monitor creation by by using RTNL |
| to find an existing netlink monitor interface, and in case it does not |
| exist, create a new one. By default the netlink monitor interface is |
| named 'nlmon'. Another name can be given with the '--interface' |
| command line option. |
| |
| Once iwmon terminates, the netlink monitor interface is removed (in |
| case iwmon created it). |
| |
| |
| HWSIM |
| ===== |
| |
| The radio id from kernel mac80211_hwsim module is parsed properly in |
| hwsim. The radio id is not returned as HWSIM_ATTR_RADIO_ID but instead |
| it is returned in error message. If the error code > 0, then that means |
| the radio id. If the error code < 0, then that indicates a real error. |
| |
| The hwsim uses new HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE flag attribute to |
| tell the kernel that when the hwsim process dies, the radios it created |
| should be removed. For testing tools it is beneficial if the newly |
| created radio could be bound to the lifetime of the netlink socket. |
| Alternatively, using the hwsim '-k (--keep)' command line option instructs |
| hwsim to not destroy the created radio automatically. |
| |
| The hwsim is using HWSIM_CMD_NEW_RADIO to create a new radio. When the |
| radio has been created, the kernel will return the used radio id and |
| parameters in a HWSIM_CMD_NEW_RADIO multicast event that is sent in |
| "config" netlink multicast group. The command HWSIM_CMD_DEL_RADIO is sent |
| by kernel when a hwsim radio is deleted. In this case the deleted |
| radio id is sent to "config" netlink multicast group. |
| |
| hwsim can list radios by sending a HWSIM_CMD_GET_RADIO with the attribute |
| HWSIM_ATTR_RADIO_ID containing the desired radio id. If no radio id is |
| given on the command line, a dump of all radios is requested from the |
| kernel. The attributes returned are identical to those sent to the |
| 'config' multicast group when creating a radio. |