Introduction 

WPS stands for Wi-Fi Protected Setup. It is a wireless network security standard that tries to make connections between a router and wireless devices faster and easier. WPS works only for wireless networks that use a password that is encrypted with the WPA Personal or WPA2 Personal security protocols. WPS doesn't work on wireless networks that are using the deprecated WEP security, which can be cracked easily by any hacker with a basic set of tools and skills.  Wi-Fi Users don't want to know the broadcasting ssid and password.

Push Button Configuration (PBC): In this method, a WPS physical button on the BPI and WPS option on the wireless client are pressed within a specific timeframe, initiating the connection without the need for entering a password.

Verifying of PBC HW button in BPI

Method 1

→ Added configurations for support of gpio_keys module and evtest  - https://github.com/rdkcentral/meta-cmf-bananapi/pull/98
→ load the gpio-key module
root@Filogic-GW:/lib/modules/5.4.271-yocto-standard/kernel/drivers/input/keyboard# modprobe gpio_keys
root@Filogic-GW:/lib/modules/5.4.271-yocto-standard/kernel/drivers/input/keyboard# dmesg | grep gpio
[  163.696818] input: gpio-keys as /devices/platform/gpio-keys/input/input0
root@Filogic-GW:/lib/modules/5.4.271-yocto-standard/kernel/drivers/input/keyboard# cat /sys/kernel/debug/gpio
gpiochip0: GPIOs 428-511, parent: platform/1001f000.pinctrl, pinctrl_moore:
 gpio-428 (                    |tx-disable          ) in  lo
 gpio-430 (                    |los                 ) in  hi IRQ
 gpio-432 (                    |asm_sel             ) in  hi
 gpio-433 (                    |pca9545_rst         ) in  hi
 gpio-441 (                    |reset               ) in  lo IRQ ACTIVE LOW
 gpio-442 (                    |wps                 ) in  hi IRQ ACTIVE LOW
 gpio-482 (                    |los                 ) in  hi IRQ
 gpio-498 (                    |tx-disable          ) in  lo
 gpio-510 (                    |mod-def0            ) in  hi IRQ ACTIVE LOW
 gpio-511 (                    |mod-def0            ) in  hi IRQ ACTIVE LOW
→ run the evtest
root@Filogic-GW:/lib/modules/5.4.271-yocto-standard/kernel/drivers/input/keyboard# evtest
No device specified, trying to scan all of /dev/input/event*
Available devices:
/dev/input/event0:      gpio-keys
Select the device event number [0-0]: 0
Input driver version is 1.0.1
Input device ID: bus 0x19 vendor 0x1 product 0x1 version 0x100
Input device name: "gpio-keys"
Supported events:
  Event type 0 (EV_SYN)
  Event type 1 (EV_KEY)
    Event code 256 (BTN_0)
    Event code 529 (KEY_WPS_BUTTON)
Properties:
Testing ... (interrupt to exit)
Event: time 1739261802.084437, type 1 (EV_KEY), code 529 (KEY_WPS_BUTTON), value 1     # when HW WPS button pushed
Event: time 1739261802.084437, -------------- SYN_REPORT ------------
Event: time 1739261802.282856, type 1 (EV_KEY), code 529 (KEY_WPS_BUTTON), value 0     # when HW WPS button released


Method 2

since buttons are associated with GPIO, we can do the export wps gpio using its number 
→ In mt7988a-bananapi-bpi-r4-nand.dts file, we can see WPS is defined with 14 
    wps {
                        label = "wps";
                        linux,code = <KEY_WPS_BUTTON>;
                        gpios = <&pio 14 GPIO_ACTIVE_LOW>;
                };
root@Filogic-GW:~# cd /sys/class/gpio/
export       gpiochip428/ unexport
→ Here by using 14+428=442, 428 (gpiochip428 refers to a GPIO controller that manages GPIO pins, starting from GPIO number 428.)
→ export the WPS pin number
root@Filogic-GW:/sys/class/gpio# echo 442 > /sys/class/gpio/export
root@Filogic-GW:/sys/class/gpio/gpio442# cat value
1
→ Whenever we press the WPS, this gpio442 value is changed to 0 
root@Filogic-GW:/sys/class/gpio/gpio442# cat value
0


WPS SM (In progress)


WPS HW button Monitor component design

Concept

Conceptual Process

When a WPS PBC request is initiated in your system:

    1. PBC Activation:
      • Your code calls the RDK-WiFi-HAL API for WPS PBC
      • The HAL communicates this to hostapd via its control interface
      • hostapd sets the access point into "WPS waiting" mode
    2. Registration Window:
      • A 2-minute window opens where the access point is receptive to WPS registration
      • The AP broadcasts its WPS capability in beacons
      • The AP listens for probe requests with WPS information elements
    3. Device Discovery:
      • When a client device (like your mobile phone) activates WPS PBC
      • It sends probe requests with WPS information elements
      • Your access point responds to these probes
    4. Credential Exchange:
      • The client and AP establish an EAP (Extensible Authentication Protocol) session
      • They perform a handshake to validate each other
      • The AP sends the encrypted network credentials to the client
      • The client configures itself with these credentials
    5. Connection Completion:
      • The client connects to the network using the received credentials
      • The AP notifies the system (through hostapd → nl80211 → RDK-WiFi-HAL) of successful registration
      • The WPS PBC mode on the AP ends

Technical Implementation Details

In your specific setup with RDK-WiFi-HAL and hostapd 2.10:

      1. RDK-WiFi-HAL WPS Functions:
        • The HAL typically provides functions like wifi_pushButtonPBC()
        • These functions handle the communication with hostapd
      2. hostapd Control Communication:
        • hostapd 2.10 provides a control interface via Unix domain sockets
        • RDK-WiFi-HAL connects to this socket and sends "WPS_PBC" commands
      3. nl80211 Commands Used:
        • hostapd uses NL80211_CMD_START_WPS with attributes:
          • NL80211_ATTR_IFINDEX: Specifies the wireless interface
          • NL80211_ATTR_WPS_MODE: Set to NL80211_WPS_PBC for push button method
      4. Event Monitoring:
        • WPS events flow back from the driver → nl80211 → hostapd → RDK-WiFi-HAL
        • These events include connection attempts, successful registrations, and timeouts

Communication Flow for WPS PBC

    1. Application Layer → RDK-WiFi-HAL:
      • Your application makes calls to the RDK-WiFi-HAL API
      • These calls are standardized functions in the HAL to trigger WPS
    2. RDK-WiFi-HAL → libhostapd:
      • The HAL translates your request into specific hostapd commands
      • It handles the complexity of connecting to and communicating with hostapd
    3. libhostapd → nl80211:
      • hostapd uses the nl80211 interface to communicate with the kernel
      • It formats the appropriate Netlink messages to trigger WPS PBC
    4. nl80211 → Driver:
      • The kernel's nl80211 subsystem passes commands to your WiFi driver
      • The driver activates the WPS PBC mode on the hardware

Datamodels


WPS Hardware Key Press in BPI

The Hardware key press is handled as a separate utility under broadband-utils repo:
https://github.com/rdkcentral/broadband-utils

In this implementation, Netlink sockets are handling the WPS Key press event (netlink-button-monitor.service) and further functionality is carried out by rbus API's which intimates OneWifi to carry out the WPS operation.
The recipe is present under:
meta-cmf-bananapi/meta-rdk-mtk-bpir4/recipes-common/rdk-wps-monitor/rdk-wps-monitor.bb

Test Results in BPI: