Log Wi-Fi state changes to the audit log

[corbin-phipps]

Type

• Bug fix
• Feature addition
• Feature update
• Documentation
• Build Infrastructure

Side Effects

• Breaking change
• Non-functional change

Goals

To log Wi-Fi state changes to the audit log. This is done at the neutral Ieee80211* layer in AccessPointControllerLinux for most of the Set* functions.

A debug ( AUDITD ) line is added to log which neutral type values will be attempted to be set, then after the values are set, the updated changes are validated. If successful, an info ( AUDITI ) line is added to log the successful changes. If unsuccessful (usually meaning the value retrieved by hostapd is not what was set), then a debug line is added to log the value that was retrieved.

Technical Details

• Added several AUDITD and AUDITI lines in AccessPointControllerLinux.cxx as described above.
• Added various Ieee80211*ToString() functions to Ieee80211.*xx.

Test Results

Verified that the following changes show up in the audit log:

• Setting operational state
• Setting PHY type
• Setting SSID

Have not been able to verify that setting AKM suites and pairwise cipher suites works.

Tested these changes with netremote-cli wifi ap-enable wlo1 --phy 3 --akms 1027080 --sae password, netremote-cli wifi ap-disable wlo1, and netremote-cli wifi set-ssid wlo1 netremote2-ap-wlo1.

Reviewer Focus

None.

Future Work

• Add WPA events to audit log (via OnWpaEvent callback).
• Add access point events (such as AP added, removed, etc.) to audit log (via AccessPointManager).
• Need to update HostapdBssConfiguration to use std::vector<WpaCipher for WpaPairwiseCipher and RsnPairwiseCipher. Currently, there is only a single WpaCipher for each.

Checklist

• Build target all compiles cleanly.
• clang-format and clang-tidy deltas produced no new output.
• Newly added functions include doxygen-style comment block.