FreeBSD kernel WLAN code
ieee80211_sta.c
Go to the documentation of this file.
1/*-
2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3 *
4 * Copyright (c) 2007-2008 Sam Leffler, Errno Consulting
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28#include <sys/cdefs.h>
29#ifdef __FreeBSD__
30__FBSDID("$FreeBSD$");
31#endif
32
33/*
34 * IEEE 802.11 Station mode support.
35 */
36#include "opt_inet.h"
37#include "opt_wlan.h"
38
39#include <sys/param.h>
40#include <sys/systm.h>
41#include <sys/mbuf.h>
42#include <sys/malloc.h>
43#include <sys/kernel.h>
44
45#include <sys/socket.h>
46#include <sys/sockio.h>
47#include <sys/endian.h>
48#include <sys/errno.h>
49#include <sys/proc.h>
50#include <sys/sysctl.h>
51
52#include <net/if.h>
53#include <net/if_media.h>
54#include <net/if_llc.h>
55#include <net/if_dl.h>
56#include <net/if_var.h>
57#include <net/ethernet.h>
58
59#include <net/bpf.h>
60
61#include <net80211/ieee80211_var.h>
62#include <net80211/ieee80211_sta.h>
63#include <net80211/ieee80211_input.h>
64#ifdef IEEE80211_SUPPORT_SUPERG
65#include <net80211/ieee80211_superg.h>
66#endif
67#include <net80211/ieee80211_ratectl.h>
68#include <net80211/ieee80211_sta.h>
69#include <net80211/ieee80211_vht.h>
70
71#define IEEE80211_RATE2MBS(r) (((r) & IEEE80211_RATE_VAL) / 2)
72
73static void sta_vattach(struct ieee80211vap *);
74static void sta_beacon_miss(struct ieee80211vap *);
75static int sta_newstate(struct ieee80211vap *, enum ieee80211_state, int);
76static int sta_input(struct ieee80211_node *, struct mbuf *,
77 const struct ieee80211_rx_stats *, int, int);
78static void sta_recv_mgmt(struct ieee80211_node *, struct mbuf *,
79 int subtype, const struct ieee80211_rx_stats *, int rssi, int nf);
80static void sta_recv_ctl(struct ieee80211_node *, struct mbuf *, int subtype);
81
82void
83ieee80211_sta_attach(struct ieee80211com *ic)
84{
85 ic->ic_vattach[IEEE80211_M_STA] = sta_vattach;
86}
87
88void
89ieee80211_sta_detach(struct ieee80211com *ic)
90{
91}
92
93static void
94sta_vdetach(struct ieee80211vap *vap)
95{
96}
97
98static void
99sta_vattach(struct ieee80211vap *vap)
100{
101 vap->iv_newstate = sta_newstate;
102 vap->iv_input = sta_input;
103 vap->iv_recv_mgmt = sta_recv_mgmt;
104 vap->iv_recv_ctl = sta_recv_ctl;
105 vap->iv_opdetach = sta_vdetach;
106 vap->iv_bmiss = sta_beacon_miss;
107}
108
109/*
110 * Handle a beacon miss event. The common code filters out
111 * spurious events that can happen when scanning and/or before
112 * reaching RUN state.
113 */
114static void
115sta_beacon_miss(struct ieee80211vap *vap)
116{
117 struct ieee80211com *ic = vap->iv_ic;
118
119 IEEE80211_LOCK_ASSERT(ic);
120
121 KASSERT((ic->ic_flags & IEEE80211_F_SCAN) == 0, ("scanning"));
122 KASSERT(vap->iv_state >= IEEE80211_S_RUN,
123 ("wrong state %s", ieee80211_state_name[vap->iv_state]));
124
125 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE | IEEE80211_MSG_DEBUG,
126 "beacon miss, mode %s state %s\n",
127 ieee80211_opmode_name[vap->iv_opmode],
128 ieee80211_state_name[vap->iv_state]);
129
130 if (vap->iv_state == IEEE80211_S_CSA) {
131 /*
132 * A Channel Switch is pending; assume we missed the
133 * beacon that would've completed the process and just
134 * force the switch. If we made a mistake we'll not
135 * find the AP on the new channel and fall back to a
136 * normal scan.
137 */
138 ieee80211_csa_completeswitch(ic);
139 return;
140 }
141 if (++vap->iv_bmiss_count < vap->iv_bmiss_max) {
142 /*
143 * Send a directed probe req before falling back to a
144 * scan; if we receive a response ic_bmiss_count will
145 * be reset. Some cards mistakenly report beacon miss
146 * so this avoids the expensive scan if the ap is
147 * still there.
148 */
149 ieee80211_send_probereq(vap->iv_bss, vap->iv_myaddr,
150 vap->iv_bss->ni_bssid, vap->iv_bss->ni_bssid,
151 vap->iv_bss->ni_essid, vap->iv_bss->ni_esslen);
152 return;
153 }
154
155 callout_stop(&vap->iv_swbmiss);
156 vap->iv_bmiss_count = 0;
157 vap->iv_stats.is_beacon_miss++;
158 if (vap->iv_roaming == IEEE80211_ROAMING_AUTO) {
159#ifdef IEEE80211_SUPPORT_SUPERG
160
161 /*
162 * If we receive a beacon miss interrupt when using
163 * dynamic turbo, attempt to switch modes before
164 * reassociating.
165 */
166 if (IEEE80211_ATH_CAP(vap, vap->iv_bss, IEEE80211_NODE_TURBOP))
167 ieee80211_dturbo_switch(vap,
168 ic->ic_bsschan->ic_flags ^ IEEE80211_CHAN_TURBO);
169#endif
170 /*
171 * Try to reassociate before scanning for a new ap.
172 */
173 ieee80211_new_state(vap, IEEE80211_S_ASSOC, 1);
174 } else {
175 /*
176 * Somebody else is controlling state changes (e.g.
177 * a user-mode app) don't do anything that would
178 * confuse them; just drop into scan mode so they'll
179 * notified of the state change and given control.
180 */
181 ieee80211_new_state(vap, IEEE80211_S_SCAN, 0);
182 }
183}
184
185/*
186 * Handle deauth with reason. We retry only for
187 * the cases where we might succeed. Otherwise
188 * we downgrade the ap and scan.
189 */
190static void
191sta_authretry(struct ieee80211vap *vap, struct ieee80211_node *ni, int reason)
192{
193 switch (reason) {
194 case IEEE80211_STATUS_SUCCESS: /* NB: MLME assoc */
195 case IEEE80211_STATUS_TIMEOUT:
196 case IEEE80211_REASON_ASSOC_EXPIRE:
197 case IEEE80211_REASON_NOT_AUTHED:
198 case IEEE80211_REASON_NOT_ASSOCED:
199 case IEEE80211_REASON_ASSOC_LEAVE:
200 case IEEE80211_REASON_ASSOC_NOT_AUTHED:
201 IEEE80211_SEND_MGMT(ni, IEEE80211_FC0_SUBTYPE_AUTH, 1);
202 break;
203 default:
204 ieee80211_scan_assoc_fail(vap, vap->iv_bss->ni_macaddr, reason);
205 if (vap->iv_roaming == IEEE80211_ROAMING_AUTO)
206 ieee80211_check_scan_current(vap);
207 break;
208 }
209}
210
211static void
212sta_swbmiss_start(struct ieee80211vap *vap)
213{
214
215 if (vap->iv_flags_ext & IEEE80211_FEXT_SWBMISS) {
216 /*
217 * Start s/w beacon miss timer for devices w/o
218 * hardware support. We fudge a bit here since
219 * we're doing this in software.
220 */
221 vap->iv_swbmiss_period = IEEE80211_TU_TO_TICKS(
222 2 * vap->iv_bmissthreshold * vap->iv_bss->ni_intval);
223 vap->iv_swbmiss_count = 0;
224 callout_reset(&vap->iv_swbmiss, vap->iv_swbmiss_period,
225 ieee80211_swbmiss, vap);
226 }
227}
228
229/*
230 * IEEE80211_M_STA vap state machine handler.
231 * This routine handles the main states in the 802.11 protocol.
232 */
233static int
234sta_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
235{
236 struct ieee80211com *ic = vap->iv_ic;
237 struct ieee80211_node *ni;
238 enum ieee80211_state ostate;
239
240 IEEE80211_LOCK_ASSERT(ic);
241
242 ostate = vap->iv_state;
243 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, "%s: %s -> %s (%d)\n",
244 __func__, ieee80211_state_name[ostate],
245 ieee80211_state_name[nstate], arg);
246 vap->iv_state = nstate; /* state transition */
247 callout_stop(&vap->iv_mgtsend); /* XXX callout_drain */
248 if (ostate != IEEE80211_S_SCAN)
249 ieee80211_cancel_scan(vap); /* background scan */
250 ni = vap->iv_bss; /* NB: no reference held */
251 if (vap->iv_flags_ext & IEEE80211_FEXT_SWBMISS)
252 callout_stop(&vap->iv_swbmiss);
253 switch (nstate) {
254 case IEEE80211_S_INIT:
255 switch (ostate) {
256 case IEEE80211_S_SLEEP:
257 /* XXX wakeup */
258 /* XXX driver hook to wakeup the hardware? */
259 case IEEE80211_S_RUN:
260 IEEE80211_SEND_MGMT(ni,
261 IEEE80211_FC0_SUBTYPE_DISASSOC,
262 IEEE80211_REASON_ASSOC_LEAVE);
263 ieee80211_sta_leave(ni);
264 break;
265 case IEEE80211_S_ASSOC:
266 IEEE80211_SEND_MGMT(ni,
267 IEEE80211_FC0_SUBTYPE_DEAUTH,
268 IEEE80211_REASON_AUTH_LEAVE);
269 break;
270 case IEEE80211_S_SCAN:
271 ieee80211_cancel_scan(vap);
272 break;
273 default:
274 break;
275 }
276 if (ostate != IEEE80211_S_INIT) {
277 /* NB: optimize INIT -> INIT case */
278 ieee80211_reset_bss(vap);
279 }
280 if (vap->iv_auth->ia_detach != NULL)
281 vap->iv_auth->ia_detach(vap);
282 break;
283 case IEEE80211_S_SCAN:
284 switch (ostate) {
285 case IEEE80211_S_INIT:
286 /*
287 * Initiate a scan. We can come here as a result
288 * of an IEEE80211_IOC_SCAN_REQ too in which case
289 * the vap will be marked with IEEE80211_FEXT_SCANREQ
290 * and the scan request parameters will be present
291 * in iv_scanreq. Otherwise we do the default.
292 */
293 if (vap->iv_flags_ext & IEEE80211_FEXT_SCANREQ) {
294 ieee80211_check_scan(vap,
295 vap->iv_scanreq_flags,
296 vap->iv_scanreq_duration,
297 vap->iv_scanreq_mindwell,
298 vap->iv_scanreq_maxdwell,
299 vap->iv_scanreq_nssid, vap->iv_scanreq_ssid);
300 vap->iv_flags_ext &= ~IEEE80211_FEXT_SCANREQ;
301 } else
302 ieee80211_check_scan_current(vap);
303 break;
304 case IEEE80211_S_SCAN:
305 case IEEE80211_S_AUTH:
306 case IEEE80211_S_ASSOC:
307 /*
308 * These can happen either because of a timeout
309 * on an assoc/auth response or because of a
310 * change in state that requires a reset. For
311 * the former we're called with a non-zero arg
312 * that is the cause for the failure; pass this
313 * to the scan code so it can update state.
314 * Otherwise trigger a new scan unless we're in
315 * manual roaming mode in which case an application
316 * must issue an explicit scan request.
317 */
318 if (arg != 0)
319 ieee80211_scan_assoc_fail(vap,
320 vap->iv_bss->ni_macaddr, arg);
321 if (vap->iv_roaming == IEEE80211_ROAMING_AUTO)
322 ieee80211_check_scan_current(vap);
323 break;
324 case IEEE80211_S_SLEEP: /* beacon miss */
325 /*
326 * XXX if in sleep we need to wakeup the hardware.
327 */
328 /* FALLTHROUGH */
329 case IEEE80211_S_RUN: /* beacon miss */
330 /*
331 * Beacon miss. Notify user space and if not
332 * under control of a user application (roaming
333 * manual) kick off a scan to re-connect.
334 */
335
336 ieee80211_sta_leave(ni);
337 if (vap->iv_roaming == IEEE80211_ROAMING_AUTO)
338 ieee80211_check_scan_current(vap);
339 break;
340 default:
341 goto invalid;
342 }
343 break;
344 case IEEE80211_S_AUTH:
345 switch (ostate) {
346 case IEEE80211_S_INIT:
347 case IEEE80211_S_SCAN:
348 IEEE80211_SEND_MGMT(ni,
349 IEEE80211_FC0_SUBTYPE_AUTH, 1);
350 break;
351 case IEEE80211_S_AUTH:
352 case IEEE80211_S_ASSOC:
353 switch (arg & 0xff) {
354 case IEEE80211_FC0_SUBTYPE_AUTH:
355 /* ??? */
356 IEEE80211_SEND_MGMT(ni,
357 IEEE80211_FC0_SUBTYPE_AUTH, 2);
358 break;
359 case IEEE80211_FC0_SUBTYPE_DEAUTH:
360 sta_authretry(vap, ni, arg>>8);
361 break;
362 }
363 break;
364 case IEEE80211_S_SLEEP:
365 case IEEE80211_S_RUN:
366 switch (arg & 0xff) {
367 case IEEE80211_FC0_SUBTYPE_AUTH:
368 IEEE80211_SEND_MGMT(ni,
369 IEEE80211_FC0_SUBTYPE_AUTH, 2);
370 vap->iv_state = IEEE80211_S_RUN; /* stay RUN */
371 break;
372 case IEEE80211_FC0_SUBTYPE_DEAUTH:
373 ieee80211_sta_leave(ni);
374 if (vap->iv_roaming == IEEE80211_ROAMING_AUTO) {
375 /* try to reauth */
376 IEEE80211_SEND_MGMT(ni,
377 IEEE80211_FC0_SUBTYPE_AUTH, 1);
378 }
379 break;
380 }
381 break;
382 default:
383 goto invalid;
384 }
385 break;
386 case IEEE80211_S_ASSOC:
387 switch (ostate) {
388 case IEEE80211_S_AUTH:
389 case IEEE80211_S_ASSOC:
390 IEEE80211_SEND_MGMT(ni,
391 IEEE80211_FC0_SUBTYPE_ASSOC_REQ, 0);
392 break;
393 case IEEE80211_S_SLEEP: /* cannot happen */
394 case IEEE80211_S_RUN:
395 ieee80211_sta_leave(ni);
396 if (vap->iv_roaming == IEEE80211_ROAMING_AUTO) {
397 IEEE80211_SEND_MGMT(ni, arg ?
398 IEEE80211_FC0_SUBTYPE_REASSOC_REQ :
399 IEEE80211_FC0_SUBTYPE_ASSOC_REQ, 0);
400 }
401 break;
402 default:
403 goto invalid;
404 }
405 break;
406 case IEEE80211_S_RUN:
407 if (vap->iv_flags & IEEE80211_F_WPA) {
408 /* XXX validate prerequisites */
409 }
410 switch (ostate) {
411 case IEEE80211_S_RUN:
412 case IEEE80211_S_CSA:
413 break;
414 case IEEE80211_S_AUTH: /* when join is done in fw */
415 case IEEE80211_S_ASSOC:
416#ifdef IEEE80211_DEBUG
417 if (ieee80211_msg_debug(vap)) {
418 ieee80211_note(vap, "%s with %s ssid ",
419 (vap->iv_opmode == IEEE80211_M_STA ?
420 "associated" : "synchronized"),
421 ether_sprintf(ni->ni_bssid));
422 ieee80211_print_essid(vap->iv_bss->ni_essid,
423 ni->ni_esslen);
424 /* XXX MCS/HT */
425 printf(" channel %d start %uMb\n",
426 ieee80211_chan2ieee(ic, ic->ic_curchan),
427 IEEE80211_RATE2MBS(ni->ni_txrate));
428 }
429#endif
430 ieee80211_scan_assoc_success(vap, ni->ni_macaddr);
431 ieee80211_notify_node_join(ni,
432 arg == IEEE80211_FC0_SUBTYPE_ASSOC_RESP);
433 break;
434 case IEEE80211_S_SLEEP:
435 /* Wake up from sleep */
436 vap->iv_sta_ps(vap, 0);
437 break;
438 default:
439 goto invalid;
440 }
441 ieee80211_sync_curchan(ic);
442 if (ostate != IEEE80211_S_RUN)
443 sta_swbmiss_start(vap);
444 /*
445 * When 802.1x is not in use mark the port authorized
446 * at this point so traffic can flow.
447 */
448 if (ni->ni_authmode != IEEE80211_AUTH_8021X)
449 ieee80211_node_authorize(ni);
450 /*
451 * Fake association when joining an existing bss.
452 *
453 * Don't do this if we're doing SLEEP->RUN.
454 */
455 if (ic->ic_newassoc != NULL && ostate != IEEE80211_S_SLEEP)
456 ic->ic_newassoc(vap->iv_bss, (ostate != IEEE80211_S_RUN));
457 break;
458 case IEEE80211_S_CSA:
459 if (ostate != IEEE80211_S_RUN)
460 goto invalid;
461 break;
462 case IEEE80211_S_SLEEP:
463 sta_swbmiss_start(vap);
464 vap->iv_sta_ps(vap, 1);
465 break;
466 default:
467 invalid:
468 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE,
469 "%s: unexpected state transition %s -> %s\n", __func__,
470 ieee80211_state_name[ostate], ieee80211_state_name[nstate]);
471 break;
472 }
473 return 0;
474}
475
476/*
477 * Return non-zero if the frame is an echo of a multicast
478 * frame sent by ourself. The dir is known to be DSTODS.
479 */
480static __inline int
481isdstods_mcastecho(struct ieee80211vap *vap, const struct ieee80211_frame *wh)
482{
483#define QWH4(wh) ((const struct ieee80211_qosframe_addr4 *)wh)
484#define WH4(wh) ((const struct ieee80211_frame_addr4 *)wh)
485 const uint8_t *sa;
486
487 KASSERT(vap->iv_opmode == IEEE80211_M_STA, ("wrong mode"));
488
489 if (!IEEE80211_IS_MULTICAST(wh->i_addr3))
490 return 0;
491 sa = IEEE80211_QOS_HAS_SEQ(wh) ? QWH4(wh)->i_addr4 : WH4(wh)->i_addr4;
492 return IEEE80211_ADDR_EQ(sa, vap->iv_myaddr);
493#undef WH4
494#undef QWH4
495}
496
497/*
498 * Return non-zero if the frame is an echo of a multicast
499 * frame sent by ourself. The dir is known to be FROMDS.
500 */
501static __inline int
502isfromds_mcastecho(struct ieee80211vap *vap, const struct ieee80211_frame *wh)
503{
504 KASSERT(vap->iv_opmode == IEEE80211_M_STA, ("wrong mode"));
505
506 if (!IEEE80211_IS_MULTICAST(wh->i_addr1))
507 return 0;
508 return IEEE80211_ADDR_EQ(wh->i_addr3, vap->iv_myaddr);
509}
510
511/*
512 * Decide if a received management frame should be
513 * printed when debugging is enabled. This filters some
514 * of the less interesting frames that come frequently
515 * (e.g. beacons).
516 */
517static __inline int
518doprint(struct ieee80211vap *vap, int subtype)
519{
520 switch (subtype) {
521 case IEEE80211_FC0_SUBTYPE_BEACON:
522 return (vap->iv_ic->ic_flags & IEEE80211_F_SCAN);
523 case IEEE80211_FC0_SUBTYPE_PROBE_REQ:
524 return 0;
525 }
526 return 1;
527}
528
529/*
530 * Process a received frame. The node associated with the sender
531 * should be supplied. If nothing was found in the node table then
532 * the caller is assumed to supply a reference to iv_bss instead.
533 * The RSSI and a timestamp are also supplied. The RSSI data is used
534 * during AP scanning to select a AP to associate with; it can have
535 * any units so long as values have consistent units and higher values
536 * mean ``better signal''. The receive timestamp is currently not used
537 * by the 802.11 layer.
538 */
539static int
540sta_input(struct ieee80211_node *ni, struct mbuf *m,
541 const struct ieee80211_rx_stats *rxs, int rssi, int nf)
542{
543 struct ieee80211vap *vap = ni->ni_vap;
544 struct ieee80211com *ic = ni->ni_ic;
545 struct ifnet *ifp = vap->iv_ifp;
546 struct ieee80211_frame *wh;
547 struct ieee80211_key *key;
548 struct ether_header *eh;
549 int hdrspace, need_tap = 1; /* mbuf need to be tapped. */
550 uint8_t dir, type, subtype, qos;
551 uint8_t *bssid;
552 int is_hw_decrypted = 0;
553 int has_decrypted = 0;
554
555 KASSERT(ni != NULL, ("%s: null node, mbuf %p", __func__, m));
556
557 /* Early init in case of early error case. */
558 type = -1;
559
560 /*
561 * Bit of a cheat here, we use a pointer for a 3-address
562 * frame format but don't reference fields past outside
563 * ieee80211_frame_min (or other shorter frames) w/o first
564 * validating the data is present.
565 */
566 wh = mtod(m, struct ieee80211_frame *);
567
568 if (m->m_pkthdr.len < 2 || m->m_pkthdr.len < ieee80211_anyhdrsize(wh)) {
569 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
570 ni->ni_macaddr, NULL,
571 "too short (1): len %u", m->m_pkthdr.len);
572 vap->iv_stats.is_rx_tooshort++;
573 goto err;
574 }
575 if ((wh->i_fc[0] & IEEE80211_FC0_VERSION_MASK) !=
576 IEEE80211_FC0_VERSION_0) {
577 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
578 ni->ni_macaddr, NULL, "wrong version, fc %02x:%02x",
579 wh->i_fc[0], wh->i_fc[1]);
580 vap->iv_stats.is_rx_badversion++;
581 goto err;
582 }
583
584 /*
585 * Some devices do hardware decryption all the way through
586 * to pretending the frame wasn't encrypted in the first place.
587 * So, tag it appropriately so it isn't discarded inappropriately.
588 */
589 if ((rxs != NULL) && (rxs->c_pktflags & IEEE80211_RX_F_DECRYPTED))
590 is_hw_decrypted = 1;
591
592 if (m->m_flags & M_AMPDU_MPDU) {
593 /*
594 * Fastpath for A-MPDU reorder q resubmission. Frames
595 * w/ M_AMPDU_MPDU marked have already passed through
596 * here but were received out of order and been held on
597 * the reorder queue. When resubmitted they are marked
598 * with the M_AMPDU_MPDU flag and we can bypass most of
599 * the normal processing.
600 */
601 type = IEEE80211_FC0_TYPE_DATA;
602 dir = wh->i_fc[1] & IEEE80211_FC1_DIR_MASK;
603 subtype = IEEE80211_FC0_SUBTYPE_QOS;
604 hdrspace = ieee80211_hdrspace(ic, wh); /* XXX optimize? */
605 goto resubmit_ampdu;
606 }
607
608 ni->ni_inact = ni->ni_inact_reload;
609
610 dir = wh->i_fc[1] & IEEE80211_FC1_DIR_MASK;
611 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
612 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
613 /*
614 * Control frames are not folowing the header scheme of data and mgmt
615 * frames so we do not apply extra checks here.
616 * We probably should do checks on RA (+TA) where available for those
617 * too, but for now do not drop them.
618 */
619 if (type != IEEE80211_FC0_TYPE_CTL &&
620 (ic->ic_flags & IEEE80211_F_SCAN) == 0) {
621 bssid = wh->i_addr2;
622 if (!IEEE80211_ADDR_EQ(bssid, ni->ni_bssid)) {
623 /* not interested in */
624 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
625 bssid, NULL, "%s", "not to bss");
626 vap->iv_stats.is_rx_wrongbss++;
627 goto out;
628 }
629
630 /*
631 * Some devices may be in a promiscuous mode
632 * where they receive frames for multiple station
633 * addresses.
634 *
635 * If we receive a data frame that isn't
636 * destined to our VAP MAC, drop it.
637 *
638 * XXX TODO: This is only enforced when not scanning;
639 * XXX it assumes a software-driven scan will put the NIC
640 * XXX into a "no data frames" mode before setting this
641 * XXX flag. Otherwise it may be possible that we'll still
642 * XXX process data frames whilst scanning.
643 */
644 if ((! IEEE80211_IS_MULTICAST(wh->i_addr1))
645 && (! IEEE80211_ADDR_EQ(wh->i_addr1, IF_LLADDR(ifp)))) {
646 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
647 bssid, NULL, "not to cur sta: lladdr=%6D, addr1=%6D",
648 IF_LLADDR(ifp), ":", wh->i_addr1, ":");
649 vap->iv_stats.is_rx_wrongbss++;
650 goto out;
651 }
652
653 IEEE80211_RSSI_LPF(ni->ni_avgrssi, rssi);
654 ni->ni_noise = nf;
655 if ( IEEE80211_HAS_SEQ(type, subtype) &&
656 !IEEE80211_IS_MULTICAST(wh->i_addr1)) {
657 uint8_t tid = ieee80211_gettid(wh);
658 if (IEEE80211_QOS_HAS_SEQ(wh) &&
659 TID_TO_WME_AC(tid) >= WME_AC_VI)
660 ic->ic_wme.wme_hipri_traffic++;
661 if (! ieee80211_check_rxseq(ni, wh, bssid, rxs))
662 goto out;
663 }
664 }
665
666 switch (type) {
667 case IEEE80211_FC0_TYPE_DATA:
668 hdrspace = ieee80211_hdrspace(ic, wh);
669 if (m->m_len < hdrspace &&
670 (m = m_pullup(m, hdrspace)) == NULL) {
671 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
672 ni->ni_macaddr, NULL,
673 "data too short: expecting %u", hdrspace);
674 vap->iv_stats.is_rx_tooshort++;
675 goto out; /* XXX */
676 }
677 /*
678 * Handle A-MPDU re-ordering. If the frame is to be
679 * processed directly then ieee80211_ampdu_reorder
680 * will return 0; otherwise it has consumed the mbuf
681 * and we should do nothing more with it.
682 */
683 if ((m->m_flags & M_AMPDU) &&
684 (dir == IEEE80211_FC1_DIR_FROMDS ||
685 dir == IEEE80211_FC1_DIR_DSTODS) &&
686 ieee80211_ampdu_reorder(ni, m, rxs) != 0) {
687 m = NULL;
688 goto out;
689 }
690 resubmit_ampdu:
691 if (dir == IEEE80211_FC1_DIR_FROMDS) {
692 if ((ifp->if_flags & IFF_SIMPLEX) &&
693 isfromds_mcastecho(vap, wh)) {
694 /*
695 * In IEEE802.11 network, multicast
696 * packets sent from "me" are broadcast
697 * from the AP; silently discard for
698 * SIMPLEX interface.
699 */
700 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
701 wh, "data", "%s", "multicast echo");
702 vap->iv_stats.is_rx_mcastecho++;
703 goto out;
704 }
705 if ((vap->iv_flags & IEEE80211_F_DWDS) &&
706 IEEE80211_IS_MULTICAST(wh->i_addr1)) {
707 /*
708 * DWDS sta's must drop 3-address mcast frames
709 * as they will be sent separately as a 4-addr
710 * frame. Accepting the 3-addr frame will
711 * confuse the bridge into thinking the sending
712 * sta is located at the end of WDS link.
713 */
714 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT, wh,
715 "3-address data", "%s", "DWDS enabled");
716 vap->iv_stats.is_rx_mcastecho++;
717 goto out;
718 }
719 } else if (dir == IEEE80211_FC1_DIR_DSTODS) {
720 if ((vap->iv_flags & IEEE80211_F_DWDS) == 0) {
721 IEEE80211_DISCARD(vap,
722 IEEE80211_MSG_INPUT, wh, "4-address data",
723 "%s", "DWDS not enabled");
724 vap->iv_stats.is_rx_wrongdir++;
725 goto out;
726 }
727 if ((ifp->if_flags & IFF_SIMPLEX) &&
728 isdstods_mcastecho(vap, wh)) {
729 /*
730 * In IEEE802.11 network, multicast
731 * packets sent from "me" are broadcast
732 * from the AP; silently discard for
733 * SIMPLEX interface.
734 */
735 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT, wh,
736 "4-address data", "%s", "multicast echo");
737 vap->iv_stats.is_rx_mcastecho++;
738 goto out;
739 }
740 } else {
741 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT, wh,
742 "data", "incorrect dir 0x%x", dir);
743 vap->iv_stats.is_rx_wrongdir++;
744 goto out;
745 }
746
747 /*
748 * Handle privacy requirements for hardware decryption
749 * devices.
750 *
751 * For those devices, a handful of things happen.
752 *
753 * + If IV has been stripped, then we can't run
754 * ieee80211_crypto_decap() - none of the key
755 * + If MIC has been stripped, we can't validate
756 * MIC here.
757 * + If MIC fails, then we need to communicate a
758 * MIC failure up to the stack - but we don't know
759 * which key was used.
760 */
761
762 /*
763 * Handle privacy requirements. Note that we
764 * must not be preempted from here until after
765 * we (potentially) call ieee80211_crypto_demic;
766 * otherwise we may violate assumptions in the
767 * crypto cipher modules used to do delayed update
768 * of replay sequence numbers.
769 */
770 if (is_hw_decrypted || wh->i_fc[1] & IEEE80211_FC1_PROTECTED) {
771 if ((vap->iv_flags & IEEE80211_F_PRIVACY) == 0) {
772 /*
773 * Discard encrypted frames when privacy is off.
774 */
775 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
776 wh, "WEP", "%s", "PRIVACY off");
777 vap->iv_stats.is_rx_noprivacy++;
778 IEEE80211_NODE_STAT(ni, rx_noprivacy);
779 goto out;
780 }
781 if (ieee80211_crypto_decap(ni, m, hdrspace, &key) == 0) {
782 /* NB: stats+msgs handled in crypto_decap */
783 IEEE80211_NODE_STAT(ni, rx_wepfail);
784 goto out;
785 }
786 wh = mtod(m, struct ieee80211_frame *);
787 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED;
788 has_decrypted = 1;
789 } else {
790 /* XXX M_WEP and IEEE80211_F_PRIVACY */
791 key = NULL;
792 }
793
794 /*
795 * Save QoS bits for use below--before we strip the header.
796 */
797 if (subtype == IEEE80211_FC0_SUBTYPE_QOS)
798 qos = ieee80211_getqos(wh)[0];
799 else
800 qos = 0;
801
802 /*
803 * Next up, any fragmentation.
804 */
805 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
806 m = ieee80211_defrag(ni, m, hdrspace, has_decrypted);
807 if (m == NULL) {
808 /* Fragment dropped or frame not complete yet */
809 goto out;
810 }
811 }
812 wh = NULL; /* no longer valid, catch any uses */
813
814 /*
815 * Next strip any MSDU crypto bits.
816 *
817 * Note: we can't do MIC stripping/verification if the
818 * upper layer has stripped it. We have to check MIC
819 * ourselves. So, key may be NULL, but we have to check
820 * the RX status.
821 */
822 if (!ieee80211_crypto_demic(vap, key, m, 0)) {
823 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
824 ni->ni_macaddr, "data", "%s", "demic error");
825 vap->iv_stats.is_rx_demicfail++;
826 IEEE80211_NODE_STAT(ni, rx_demicfail);
827 goto out;
828 }
829
830 /* copy to listener after decrypt */
831 if (ieee80211_radiotap_active_vap(vap))
832 ieee80211_radiotap_rx(vap, m);
833 need_tap = 0;
834
835 /*
836 * Finally, strip the 802.11 header.
837 */
838 m = ieee80211_decap(vap, m, hdrspace, qos);
839 if (m == NULL) {
840 /* XXX mask bit to check for both */
841 /* don't count Null data frames as errors */
842 if (subtype == IEEE80211_FC0_SUBTYPE_NODATA ||
843 subtype == IEEE80211_FC0_SUBTYPE_QOS_NULL)
844 goto out;
845 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
846 ni->ni_macaddr, "data", "%s", "decap error");
847 vap->iv_stats.is_rx_decap++;
848 IEEE80211_NODE_STAT(ni, rx_decap);
849 goto err;
850 }
851 if (!(qos & IEEE80211_QOS_AMSDU))
852 eh = mtod(m, struct ether_header *);
853 else
854 eh = NULL;
855 if (!ieee80211_node_is_authorized(ni)) {
856 /*
857 * Deny any non-PAE frames received prior to
858 * authorization. For open/shared-key
859 * authentication the port is mark authorized
860 * after authentication completes. For 802.1x
861 * the port is not marked authorized by the
862 * authenticator until the handshake has completed.
863 */
864 if (eh == NULL ||
865 eh->ether_type != htons(ETHERTYPE_PAE)) {
866 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
867 ni->ni_macaddr, "data", "unauthorized or "
868 "unknown port: ether type 0x%x len %u",
869 eh == NULL ? -1 : eh->ether_type,
870 m->m_pkthdr.len);
871 vap->iv_stats.is_rx_unauth++;
872 IEEE80211_NODE_STAT(ni, rx_unauth);
873 goto err;
874 }
875 } else {
876 /*
877 * When denying unencrypted frames, discard
878 * any non-PAE frames received without encryption.
879 */
880 if ((vap->iv_flags & IEEE80211_F_DROPUNENC) &&
881 ((has_decrypted == 0) && (m->m_flags & M_WEP) == 0) &&
882 (is_hw_decrypted == 0) &&
883 (eh == NULL ||
884 eh->ether_type != htons(ETHERTYPE_PAE))) {
885 /*
886 * Drop unencrypted frames.
887 */
888 vap->iv_stats.is_rx_unencrypted++;
889 IEEE80211_NODE_STAT(ni, rx_unencrypted);
890 goto out;
891 }
892 }
893 /* XXX require HT? */
894 if (qos & IEEE80211_QOS_AMSDU) {
895 m = ieee80211_decap_amsdu(ni, m);
896 if (m == NULL)
897 return IEEE80211_FC0_TYPE_DATA;
898 } else {
899#ifdef IEEE80211_SUPPORT_SUPERG
900 m = ieee80211_decap_fastframe(vap, ni, m);
901 if (m == NULL)
902 return IEEE80211_FC0_TYPE_DATA;
903#endif
904 }
905 ieee80211_deliver_data(vap, ni, m);
906 return IEEE80211_FC0_TYPE_DATA;
907
908 case IEEE80211_FC0_TYPE_MGT:
909 vap->iv_stats.is_rx_mgmt++;
910 IEEE80211_NODE_STAT(ni, rx_mgmt);
911 if (dir != IEEE80211_FC1_DIR_NODS) {
912 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
913 wh, "data", "incorrect dir 0x%x", dir);
914 vap->iv_stats.is_rx_wrongdir++;
915 goto err;
916 }
917 if (m->m_pkthdr.len < sizeof(struct ieee80211_frame)) {
918 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
919 ni->ni_macaddr, "mgt", "too short: len %u",
920 m->m_pkthdr.len);
921 vap->iv_stats.is_rx_tooshort++;
922 goto out;
923 }
924#ifdef IEEE80211_DEBUG
925 if ((ieee80211_msg_debug(vap) && doprint(vap, subtype)) ||
926 ieee80211_msg_dumppkts(vap)) {
927 if_printf(ifp, "received %s from %s rssi %d\n",
928 ieee80211_mgt_subtype_name(subtype),
929 ether_sprintf(wh->i_addr2), rssi);
930 }
931#endif
932
933 /*
934 * Note: See above for hardware offload privacy requirements.
935 * It also applies here.
936 */
937
938 /*
939 * Again, having encrypted flag set check would be good, but
940 * then we have to also handle crypto_decap() like above.
941 */
942 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) {
943 if (subtype != IEEE80211_FC0_SUBTYPE_AUTH) {
944 /*
945 * Only shared key auth frames with a challenge
946 * should be encrypted, discard all others.
947 */
948 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
949 wh, ieee80211_mgt_subtype_name(subtype),
950 "%s", "WEP set but not permitted");
951 vap->iv_stats.is_rx_mgtdiscard++; /* XXX */
952 goto out;
953 }
954 if ((vap->iv_flags & IEEE80211_F_PRIVACY) == 0) {
955 /*
956 * Discard encrypted frames when privacy is off.
957 */
958 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
959 wh, "mgt", "%s", "WEP set but PRIVACY off");
960 vap->iv_stats.is_rx_noprivacy++;
961 goto out;
962 }
963 hdrspace = ieee80211_hdrspace(ic, wh);
964
965 /*
966 * Again, if IV/MIC was stripped, then this whole
967 * setup will fail. That's going to need some poking.
968 */
969 if (ieee80211_crypto_decap(ni, m, hdrspace, &key) == 0) {
970 /* NB: stats+msgs handled in crypto_decap */
971 goto out;
972 }
973 has_decrypted = 1;
974 wh = mtod(m, struct ieee80211_frame *);
975 wh->i_fc[1] &= ~IEEE80211_FC1_PROTECTED;
976 }
977 vap->iv_recv_mgmt(ni, m, subtype, rxs, rssi, nf);
978 goto out;
979
980 case IEEE80211_FC0_TYPE_CTL:
981 vap->iv_stats.is_rx_ctl++;
982 IEEE80211_NODE_STAT(ni, rx_ctrl);
983 vap->iv_recv_ctl(ni, m, subtype);
984 goto out;
985
986 default:
987 IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
988 wh, NULL, "bad frame type 0x%x", type);
989 /* should not come here */
990 break;
991 }
992err:
993 if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
994out:
995 if (m != NULL) {
996 if (need_tap && ieee80211_radiotap_active_vap(vap))
997 ieee80211_radiotap_rx(vap, m);
998 m_freem(m);
999 }
1000 return type;
1001}
1002
1003static void
1004sta_auth_open(struct ieee80211_node *ni, struct ieee80211_frame *wh,
1005 int rssi, int nf, uint16_t seq, uint16_t status)
1006{
1007 struct ieee80211vap *vap = ni->ni_vap;
1008
1009 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) {
1010 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_AUTH,
1011 ni->ni_macaddr, "open auth",
1012 "bad sta auth mode %u", ni->ni_authmode);
1013 vap->iv_stats.is_rx_bad_auth++; /* XXX */
1014 return;
1015 }
1016 if (vap->iv_state != IEEE80211_S_AUTH ||
1017 seq != IEEE80211_AUTH_OPEN_RESPONSE) {
1018 vap->iv_stats.is_rx_bad_auth++;
1019 return;
1020 }
1021 if (status != 0) {
1022 IEEE80211_NOTE(vap, IEEE80211_MSG_DEBUG | IEEE80211_MSG_AUTH,
1023 ni, "open auth failed (reason %d)", status);
1024 vap->iv_stats.is_rx_auth_fail++;
1025 vap->iv_stats.is_rx_authfail_code = status;
1026 ieee80211_new_state(vap, IEEE80211_S_SCAN,
1027 IEEE80211_SCAN_FAIL_STATUS);
1028 } else
1029 ieee80211_new_state(vap, IEEE80211_S_ASSOC, 0);
1030}
1031
1032static void
1033sta_auth_shared(struct ieee80211_node *ni, struct ieee80211_frame *wh,
1034 uint8_t *frm, uint8_t *efrm, int rssi, int nf,
1035 uint16_t seq, uint16_t status)
1036{
1037 struct ieee80211vap *vap = ni->ni_vap;
1038 uint8_t *challenge;
1039
1040 /*
1041 * NB: this can happen as we allow pre-shared key
1042 * authentication to be enabled w/o wep being turned
1043 * on so that configuration of these can be done
1044 * in any order. It may be better to enforce the
1045 * ordering in which case this check would just be
1046 * for sanity/consistency.
1047 */
1048 if ((vap->iv_flags & IEEE80211_F_PRIVACY) == 0) {
1049 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_AUTH,
1050 ni->ni_macaddr, "shared key auth",
1051 "%s", " PRIVACY is disabled");
1052 goto bad;
1053 }
1054 /*
1055 * Pre-shared key authentication is evil; accept
1056 * it only if explicitly configured (it is supported
1057 * mainly for compatibility with clients like OS X).
1058 */
1059 if (ni->ni_authmode != IEEE80211_AUTH_AUTO &&
1060 ni->ni_authmode != IEEE80211_AUTH_SHARED) {
1061 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_AUTH,
1062 ni->ni_macaddr, "shared key auth",
1063 "bad sta auth mode %u", ni->ni_authmode);
1064 vap->iv_stats.is_rx_bad_auth++; /* XXX maybe a unique error? */
1065 goto bad;
1066 }
1067
1068 challenge = NULL;
1069 if (frm + 1 < efrm) {
1070 if ((frm[1] + 2) > (efrm - frm)) {
1071 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_AUTH,
1072 ni->ni_macaddr, "shared key auth",
1073 "ie %d/%d too long",
1074 frm[0], (frm[1] + 2) - (efrm - frm));
1075 vap->iv_stats.is_rx_bad_auth++;
1076 goto bad;
1077 }
1078 if (*frm == IEEE80211_ELEMID_CHALLENGE)
1079 challenge = frm;
1080 frm += frm[1] + 2;
1081 }
1082 switch (seq) {
1083 case IEEE80211_AUTH_SHARED_CHALLENGE:
1084 case IEEE80211_AUTH_SHARED_RESPONSE:
1085 if (challenge == NULL) {
1086 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_AUTH,
1087 ni->ni_macaddr, "shared key auth",
1088 "%s", "no challenge");
1089 vap->iv_stats.is_rx_bad_auth++;
1090 goto bad;
1091 }
1092 if (challenge[1] != IEEE80211_CHALLENGE_LEN) {
1093 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_AUTH,
1094 ni->ni_macaddr, "shared key auth",
1095 "bad challenge len %d", challenge[1]);
1096 vap->iv_stats.is_rx_bad_auth++;
1097 goto bad;
1098 }
1099 default:
1100 break;
1101 }
1102 if (vap->iv_state != IEEE80211_S_AUTH)
1103 return;
1104 switch (seq) {
1105 case IEEE80211_AUTH_SHARED_PASS:
1106 if (ni->ni_challenge != NULL) {
1107 IEEE80211_FREE(ni->ni_challenge, M_80211_NODE);
1108 ni->ni_challenge = NULL;
1109 }
1110 if (status != 0) {
1111 IEEE80211_NOTE_FRAME(vap,
1112 IEEE80211_MSG_DEBUG | IEEE80211_MSG_AUTH, wh,
1113 "shared key auth failed (reason %d)", status);
1114 vap->iv_stats.is_rx_auth_fail++;
1115 vap->iv_stats.is_rx_authfail_code = status;
1116 return;
1117 }
1118 ieee80211_new_state(vap, IEEE80211_S_ASSOC, 0);
1119 break;
1120 case IEEE80211_AUTH_SHARED_CHALLENGE:
1121 if (!ieee80211_alloc_challenge(ni))
1122 return;
1123 /* XXX could optimize by passing recvd challenge */
1124 memcpy(ni->ni_challenge, &challenge[2], challenge[1]);
1125 IEEE80211_SEND_MGMT(ni,
1126 IEEE80211_FC0_SUBTYPE_AUTH, seq + 1);
1127 break;
1128 default:
1129 IEEE80211_DISCARD(vap, IEEE80211_MSG_AUTH,
1130 wh, "shared key auth", "bad seq %d", seq);
1131 vap->iv_stats.is_rx_bad_auth++;
1132 return;
1133 }
1134 return;
1135bad:
1136 /*
1137 * Kick the state machine. This short-circuits
1138 * using the mgt frame timeout to trigger the
1139 * state transition.
1140 */
1141 if (vap->iv_state == IEEE80211_S_AUTH)
1142 ieee80211_new_state(vap, IEEE80211_S_SCAN,
1143 IEEE80211_SCAN_FAIL_STATUS);
1144}
1145
1146/*
1147 * Parse the WME IE for QoS and U-APSD information.
1148 *
1149 * Returns -1 if the IE isn't found, 1 if it's found.
1150 */
1151int
1152ieee80211_parse_wmeie(uint8_t *frm, const struct ieee80211_frame *wh,
1153 struct ieee80211_node *ni)
1154{
1155 u_int len = frm[1];
1156
1157 ni->ni_uapsd = 0;
1158
1159 if (len < sizeof(struct ieee80211_wme_param)-2) {
1160 IEEE80211_DISCARD_IE(ni->ni_vap,
1161 IEEE80211_MSG_ELEMID | IEEE80211_MSG_WME,
1162 wh, "WME", "too short, len %u", len);
1163 return -1;
1164 }
1165
1166 ni->ni_uapsd = frm[WME_CAPINFO_IE_OFFSET];
1167
1168 IEEE80211_NOTE(ni->ni_vap, IEEE80211_MSG_POWER | IEEE80211_MSG_ASSOC,
1169 ni, "U-APSD settings from STA: 0x%02x", ni->ni_uapsd);
1170
1171 return 1;
1172}
1173
1174int
1175ieee80211_parse_wmeparams(struct ieee80211vap *vap, uint8_t *frm,
1176 const struct ieee80211_frame *wh, uint8_t *qosinfo)
1177{
1178 struct ieee80211_wme_state *wme = &vap->iv_ic->ic_wme;
1179 u_int len = frm[1], qosinfo_count;
1180 int i;
1181
1182 *qosinfo = 0;
1183
1184 if (len < sizeof(struct ieee80211_wme_param)-2) {
1185 IEEE80211_DISCARD_IE(vap,
1186 IEEE80211_MSG_ELEMID | IEEE80211_MSG_WME,
1187 wh, "WME", "too short, len %u", len);
1188 return -1;
1189 }
1190 *qosinfo = frm[__offsetof(struct ieee80211_wme_param, param_qosInfo)];
1191 qosinfo_count = *qosinfo & WME_QOSINFO_COUNT;
1192
1193 /* XXX do proper check for wraparound */
1194 if (qosinfo_count == wme->wme_wmeChanParams.cap_info)
1195 return 0;
1196 frm += __offsetof(struct ieee80211_wme_param, params_acParams);
1197 for (i = 0; i < WME_NUM_AC; i++) {
1198 struct wmeParams *wmep =
1199 &wme->wme_wmeChanParams.cap_wmeParams[i];
1200 /* NB: ACI not used */
1201 wmep->wmep_acm = _IEEE80211_MASKSHIFT(frm[0], WME_PARAM_ACM);
1202 wmep->wmep_aifsn =
1203 _IEEE80211_MASKSHIFT(frm[0], WME_PARAM_AIFSN);
1204 wmep->wmep_logcwmin =
1205 _IEEE80211_MASKSHIFT(frm[1], WME_PARAM_LOGCWMIN);
1206 wmep->wmep_logcwmax =
1207 _IEEE80211_MASKSHIFT(frm[1], WME_PARAM_LOGCWMAX);
1208 wmep->wmep_txopLimit = le16dec(frm+2);
1209 IEEE80211_DPRINTF(vap, IEEE80211_MSG_WME,
1210 "%s: WME: %d: acm=%d aifsn=%d logcwmin=%d logcwmax=%d txopLimit=%d\n",
1211 __func__,
1212 i,
1213 wmep->wmep_acm,
1214 wmep->wmep_aifsn,
1215 wmep->wmep_logcwmin,
1216 wmep->wmep_logcwmax,
1217 wmep->wmep_txopLimit);
1218 frm += 4;
1219 }
1220 wme->wme_wmeChanParams.cap_info = qosinfo_count;
1221 return 1;
1222}
1223
1224/*
1225 * Process 11h Channel Switch Announcement (CSA) ie. If this
1226 * is the first CSA then initiate the switch. Otherwise we
1227 * track state and trigger completion and/or cancel of the switch.
1228 * XXX should be public for IBSS use
1229 */
1230static void
1231ieee80211_parse_csaparams(struct ieee80211vap *vap, uint8_t *frm,
1232 const struct ieee80211_frame *wh)
1233{
1234 struct ieee80211com *ic = vap->iv_ic;
1235 const struct ieee80211_csa_ie *csa =
1236 (const struct ieee80211_csa_ie *) frm;
1237
1238 KASSERT(vap->iv_state >= IEEE80211_S_RUN,
1239 ("state %s", ieee80211_state_name[vap->iv_state]));
1240
1241 if (csa->csa_mode > 1) {
1242 IEEE80211_DISCARD_IE(vap,
1243 IEEE80211_MSG_ELEMID | IEEE80211_MSG_DOTH,
1244 wh, "CSA", "invalid mode %u", csa->csa_mode);
1245 return;
1246 }
1247 IEEE80211_LOCK(ic);
1248 if ((ic->ic_flags & IEEE80211_F_CSAPENDING) == 0) {
1249 /*
1250 * Convert the channel number to a channel reference. We
1251 * try first to preserve turbo attribute of the current
1252 * channel then fallback. Note this will not work if the
1253 * CSA specifies a channel that requires a band switch (e.g.
1254 * 11a => 11g). This is intentional as 11h is defined only
1255 * for 5GHz/11a and because the switch does not involve a
1256 * reassociation, protocol state (capabilities, negotated
1257 * rates, etc) may/will be wrong.
1258 */
1259 struct ieee80211_channel *c =
1260 ieee80211_find_channel_byieee(ic, csa->csa_newchan,
1261 (ic->ic_bsschan->ic_flags & IEEE80211_CHAN_ALLTURBO));
1262 if (c == NULL) {
1263 c = ieee80211_find_channel_byieee(ic,
1264 csa->csa_newchan,
1265 (ic->ic_bsschan->ic_flags & IEEE80211_CHAN_ALL));
1266 if (c == NULL) {
1267 IEEE80211_DISCARD_IE(vap,
1268 IEEE80211_MSG_ELEMID | IEEE80211_MSG_DOTH,
1269 wh, "CSA", "invalid channel %u",
1270 csa->csa_newchan);
1271 goto done;
1272 }
1273 }
1274#if IEEE80211_CSA_COUNT_MIN > 0
1275 if (csa->csa_count < IEEE80211_CSA_COUNT_MIN) {
1276 /*
1277 * Require at least IEEE80211_CSA_COUNT_MIN count to
1278 * reduce the risk of being redirected by a fabricated
1279 * CSA. If a valid CSA is dropped we'll still get a
1280 * beacon miss when the AP leaves the channel so we'll
1281 * eventually follow to the new channel.
1282 *
1283 * NOTE: this violates the 11h spec that states that
1284 * count may be any value and if 0 then a switch
1285 * should happen asap.
1286 */
1287 IEEE80211_DISCARD_IE(vap,
1288 IEEE80211_MSG_ELEMID | IEEE80211_MSG_DOTH,
1289 wh, "CSA", "count %u too small, must be >= %u",
1290 csa->csa_count, IEEE80211_CSA_COUNT_MIN);
1291 goto done;
1292 }
1293#endif
1294 ieee80211_csa_startswitch(ic, c, csa->csa_mode, csa->csa_count);
1295 } else {
1296 /*
1297 * Validate this ie against the initial CSA. We require
1298 * mode and channel not change and the count must be
1299 * monotonically decreasing. This may be pointless and
1300 * canceling the switch as a result may be too paranoid but
1301 * in the worst case if we drop out of CSA because of this
1302 * and the AP does move then we'll just end up taking a
1303 * beacon miss and scan to find the AP.
1304 *
1305 * XXX may want <= on count as we also process ProbeResp
1306 * frames and those may come in w/ the same count as the
1307 * previous beacon; but doing so leaves us open to a stuck
1308 * count until we add a dead-man timer
1309 */
1310 if (!(csa->csa_count < ic->ic_csa_count &&
1311 csa->csa_mode == ic->ic_csa_mode &&
1312 csa->csa_newchan == ieee80211_chan2ieee(ic, ic->ic_csa_newchan))) {
1313 IEEE80211_NOTE_FRAME(vap, IEEE80211_MSG_DOTH, wh,
1314 "CSA ie mismatch, initial ie <%d,%d,%d>, "
1315 "this ie <%d,%d,%d>", ic->ic_csa_mode,
1316 ic->ic_csa_newchan, ic->ic_csa_count,
1317 csa->csa_mode, csa->csa_newchan, csa->csa_count);
1318 ieee80211_csa_cancelswitch(ic);
1319 } else {
1320 if (csa->csa_count <= 1)
1321 ieee80211_csa_completeswitch(ic);
1322 else
1323 ic->ic_csa_count = csa->csa_count;
1324 }
1325 }
1326done:
1327 IEEE80211_UNLOCK(ic);
1328}
1329
1330/*
1331 * Return non-zero if a background scan may be continued:
1332 * o bg scan is active
1333 * o no channel switch is pending
1334 * o there has not been any traffic recently
1335 * o no full-offload scan support (no need for explicitly continuing scan then)
1336 *
1337 * Note we do not check if there is an administrative enable;
1338 * this is only done to start the scan. We assume that any
1339 * change in state will be accompanied by a request to cancel
1340 * active scans which will otherwise cause this test to fail.
1341 */
1342static __inline int
1343contbgscan(struct ieee80211vap *vap)
1344{
1345 struct ieee80211com *ic = vap->iv_ic;
1346
1347 return ((ic->ic_flags_ext & IEEE80211_FEXT_BGSCAN) &&
1348 (ic->ic_flags & IEEE80211_F_CSAPENDING) == 0 &&
1349 !(vap->iv_flags_ext & IEEE80211_FEXT_SCAN_OFFLOAD) &&
1350 vap->iv_state == IEEE80211_S_RUN && /* XXX? */
1351 ieee80211_time_after(ticks, ic->ic_lastdata + vap->iv_bgscanidle));
1352}
1353
1354/*
1355 * Return non-zero if a backgrond scan may be started:
1356 * o bg scanning is administratively enabled
1357 * o no channel switch is pending
1358 * o we are not boosted on a dynamic turbo channel
1359 * o there has not been a scan recently
1360 * o there has not been any traffic recently (don't check if full-offload scan)
1361 */
1362static __inline int
1363startbgscan(struct ieee80211vap *vap)
1364{
1365 struct ieee80211com *ic = vap->iv_ic;
1366
1367 return ((vap->iv_flags & IEEE80211_F_BGSCAN) &&
1368 (ic->ic_flags & IEEE80211_F_CSAPENDING) == 0 &&
1369#ifdef IEEE80211_SUPPORT_SUPERG
1370 !IEEE80211_IS_CHAN_DTURBO(ic->ic_curchan) &&
1371#endif
1372 ieee80211_time_after(ticks, ic->ic_lastscan + vap->iv_bgscanintvl) &&
1373 ((vap->iv_flags_ext & IEEE80211_FEXT_SCAN_OFFLOAD) ||
1374 ieee80211_time_after(ticks, ic->ic_lastdata + vap->iv_bgscanidle)));
1375}
1376
1377#ifdef notyet
1378/*
1379 * Compare two quiet IEs and return if they are equivalent.
1380 *
1381 * The tbttcount isnt checked - that's not part of the configuration.
1382 */
1383static int
1384compare_quiet_ie(const struct ieee80211_quiet_ie *q1,
1385 const struct ieee80211_quiet_ie *q2)
1386{
1387
1388 if (q1->period != q2->period)
1389 return (0);
1390 if (le16dec(&q1->duration) != le16dec(&q2->duration))
1391 return (0);
1392 if (le16dec(&q1->offset) != le16dec(&q2->offset))
1393 return (0);
1394 return (1);
1395}
1396#endif
1397
1398static void
1399sta_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m0, int subtype,
1400 const struct ieee80211_rx_stats *rxs,
1401 int rssi, int nf)
1402{
1403#define ISREASSOC(_st) ((_st) == IEEE80211_FC0_SUBTYPE_REASSOC_RESP)
1404 struct ieee80211vap *vap = ni->ni_vap;
1405 struct ieee80211com *ic = ni->ni_ic;
1406 struct ieee80211_channel *rxchan = ic->ic_curchan;
1407 struct ieee80211_frame *wh;
1408 int ht_state_change = 0, do_ht = 0;
1409 uint8_t *frm, *efrm;
1410 uint8_t *rates, *xrates, *wme, *htcap, *htinfo;
1411 uint8_t *vhtcap, *vhtopmode;
1412 uint8_t rate;
1413 uint8_t qosinfo;
1414
1415 wh = mtod(m0, struct ieee80211_frame *);
1416 frm = (uint8_t *)&wh[1];
1417 efrm = mtod(m0, uint8_t *) + m0->m_len;
1418 switch (subtype) {
1419 case IEEE80211_FC0_SUBTYPE_PROBE_RESP:
1420 case IEEE80211_FC0_SUBTYPE_BEACON: {
1421 struct ieee80211_scanparams scan;
1422 struct ieee80211_channel *c;
1423 /*
1424 * We process beacon/probe response frames:
1425 * o when scanning, or
1426 * o station mode when associated (to collect state
1427 * updates such as 802.11g slot time)
1428 * Frames otherwise received are discarded.
1429 */
1430 if (!((ic->ic_flags & IEEE80211_F_SCAN) || ni->ni_associd)) {
1431 vap->iv_stats.is_rx_mgtdiscard++;
1432 return;
1433 }
1434
1435 /* Override RX channel as appropriate */
1436 if (rxs != NULL) {
1437 c = ieee80211_lookup_channel_rxstatus(vap, rxs);
1438 if (c != NULL)
1439 rxchan = c;
1440 }
1441
1442 /* XXX probe response in sta mode when !scanning? */
1443 if (ieee80211_parse_beacon(ni, m0, rxchan, &scan) != 0) {
1444 if (! (ic->ic_flags & IEEE80211_F_SCAN))
1445 vap->iv_stats.is_beacon_bad++;
1446 return;
1447 }
1448
1449 /*
1450 * Count frame now that we know it's to be processed.
1451 */
1452 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON) {
1453 vap->iv_stats.is_rx_beacon++; /* XXX remove */
1454 IEEE80211_NODE_STAT(ni, rx_beacons);
1455 } else
1456 IEEE80211_NODE_STAT(ni, rx_proberesp);
1457 /*
1458 * When operating in station mode, check for state updates.
1459 * Be careful to ignore beacons received while doing a
1460 * background scan. We consider only 11g/WMM stuff right now.
1461 */
1462 if (ni->ni_associd != 0 &&
1463 ((ic->ic_flags & IEEE80211_F_SCAN) == 0 ||
1464 IEEE80211_ADDR_EQ(wh->i_addr2, ni->ni_bssid))) {
1465 /* record tsf of last beacon */
1466 memcpy(ni->ni_tstamp.data, scan.tstamp,
1467 sizeof(ni->ni_tstamp));
1468 /* count beacon frame for s/w bmiss handling */
1469 vap->iv_swbmiss_count++;
1470 vap->iv_bmiss_count = 0;
1471 if (ni->ni_erp != scan.erp) {
1472 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_ASSOC,
1473 wh->i_addr2,
1474 "erp change: was 0x%x, now 0x%x",
1475 ni->ni_erp, scan.erp);
1476 if (IEEE80211_IS_CHAN_ANYG(ic->ic_curchan) &&
1477 (ni->ni_erp & IEEE80211_ERP_USE_PROTECTION))
1478 vap->iv_flags |= IEEE80211_F_USEPROT;
1479 else
1480 vap->iv_flags &= ~IEEE80211_F_USEPROT;
1481 ni->ni_erp = scan.erp;
1482 /* XXX statistic */
1483 /* driver notification */
1484 ieee80211_vap_update_erp_protmode(vap);
1485 }
1486 if ((ni->ni_capinfo ^ scan.capinfo) & IEEE80211_CAPINFO_SHORT_SLOTTIME) {
1487 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_ASSOC,
1488 wh->i_addr2,
1489 "capabilities change: was 0x%x, now 0x%x",
1490 ni->ni_capinfo, scan.capinfo);
1491 /*
1492 * NB: we assume short preamble doesn't
1493 * change dynamically
1494 */
1495 ieee80211_vap_set_shortslottime(vap,
1496 IEEE80211_IS_CHAN_A(ic->ic_bsschan) ||
1497 (scan.capinfo & IEEE80211_CAPINFO_SHORT_SLOTTIME));
1498 ni->ni_capinfo = (ni->ni_capinfo &~ IEEE80211_CAPINFO_SHORT_SLOTTIME)
1499 | (scan.capinfo & IEEE80211_CAPINFO_SHORT_SLOTTIME);
1500 /* XXX statistic */
1501 }
1502 if (scan.wme != NULL &&
1503 (ni->ni_flags & IEEE80211_NODE_QOS)) {
1504 int _retval;
1505 if ((_retval = ieee80211_parse_wmeparams(vap,
1506 scan.wme, wh, &qosinfo)) >= 0) {
1507 if (qosinfo & WME_CAPINFO_UAPSD_EN)
1508 ni->ni_flags |=
1509 IEEE80211_NODE_UAPSD;
1510 if (_retval > 0)
1511 ieee80211_wme_updateparams(vap);
1512 }
1513 } else
1514 ni->ni_flags &= ~IEEE80211_NODE_UAPSD;
1515#ifdef IEEE80211_SUPPORT_SUPERG
1516 if (scan.ath != NULL)
1517 ieee80211_parse_athparams(ni, scan.ath, wh);
1518#endif
1519 if (scan.htcap != NULL && scan.htinfo != NULL &&
1520 (vap->iv_flags_ht & IEEE80211_FHT_HT)) {
1521 /* XXX state changes? */
1522 ieee80211_ht_updateparams(ni,
1523 scan.htcap, scan.htinfo);
1524 do_ht = 1;
1525 }
1526 if (scan.vhtcap != NULL && scan.vhtopmode != NULL &&
1527 (vap->iv_flags_vht & IEEE80211_FVHT_VHT)) {
1528 /* XXX state changes? */
1529 ieee80211_vht_updateparams(ni,
1530 scan.vhtcap, scan.vhtopmode);
1531 do_ht = 1;
1532 }
1533 if (do_ht) {
1534 if (ieee80211_ht_updateparams_final(ni,
1535 scan.htcap, scan.htinfo))
1536 ht_state_change = 1;
1537 }
1538
1539 /*
1540 * If we have a quiet time IE then report it up to
1541 * the driver.
1542 *
1543 * Otherwise, inform the driver that the quiet time
1544 * IE has disappeared - only do that once rather than
1545 * spamming it each time.
1546 */
1547 if (scan.quiet) {
1548 ic->ic_set_quiet(ni, scan.quiet);
1549 ni->ni_quiet_ie_set = 1;
1550 memcpy(&ni->ni_quiet_ie, scan.quiet,
1551 sizeof(struct ieee80211_quiet_ie));
1552 } else {
1553 if (ni->ni_quiet_ie_set == 1)
1554 ic->ic_set_quiet(ni, NULL);
1555 ni->ni_quiet_ie_set = 0;
1556 bzero(&ni->ni_quiet_ie,
1557 sizeof(struct ieee80211_quiet_ie));
1558 }
1559
1560 if (scan.tim != NULL) {
1561 struct ieee80211_tim_ie *tim =
1562 (struct ieee80211_tim_ie *) scan.tim;
1563 /*
1564 * XXX Check/debug this code; see if it's about
1565 * the right time to force the VAP awake if we
1566 * receive a frame destined for us?
1567 */
1568 int aid = IEEE80211_AID(ni->ni_associd);
1569 int ix = aid / NBBY;
1570 int min = tim->tim_bitctl &~ 1;
1571 int max = tim->tim_len + min - 4;
1572 int tim_ucast = 0;
1573#ifdef __notyet__
1574 int tim_mcast = 0;
1575#endif
1576
1577 /*
1578 * Only do this for unicast traffic in the TIM
1579 * The multicast traffic notification for
1580 * the scan notification stuff should occur
1581 * differently.
1582 */
1583 if (min <= ix && ix <= max &&
1584 isset(tim->tim_bitmap - min, aid)) {
1585 tim_ucast = 1;
1586 }
1587
1588#ifdef __notyet__
1589 /*
1590 * Do a separate notification
1591 * for the multicast bit being set.
1592 */
1593 if (tim->tim_bitctl & 1) {
1594 tim_mcast = 1;
1595 }
1596#endif
1597
1598 /*
1599 * If the TIM indicates there's traffic for
1600 * us then get us out of STA mode powersave.
1601 */
1602 if (tim_ucast == 1) {
1603 /*
1604 * Wake us out of SLEEP state if we're
1605 * in it; and if we're doing bgscan
1606 * then wake us out of STA powersave.
1607 */
1608 ieee80211_sta_tim_notify(vap, 1);
1609
1610 /*
1611 * This is preventing us from
1612 * continuing a bgscan; because it
1613 * tricks the contbgscan()
1614 * routine to think there's always
1615 * traffic for us.
1616 *
1617 * I think we need both an RX and
1618 * TX ic_lastdata field.
1619 */
1620 ic->ic_lastdata = ticks;
1621 }
1622
1623 ni->ni_dtim_count = tim->tim_count;
1624 ni->ni_dtim_period = tim->tim_period;
1625 }
1626 if (scan.csa != NULL &&
1627 (vap->iv_flags & IEEE80211_F_DOTH))
1628 ieee80211_parse_csaparams(vap, scan.csa, wh);
1629 else if (ic->ic_flags & IEEE80211_F_CSAPENDING) {
1630 /*
1631 * No CSA ie or 11h disabled, but a channel
1632 * switch is pending; drop out so we aren't
1633 * stuck in CSA state. If the AP really is
1634 * moving we'll get a beacon miss and scan.
1635 */
1636 IEEE80211_LOCK(ic);
1637 ieee80211_csa_cancelswitch(ic);
1638 IEEE80211_UNLOCK(ic);
1639 }
1640 /*
1641 * If scanning, pass the info to the scan module.
1642 * Otherwise, check if it's the right time to do
1643 * a background scan. Background scanning must
1644 * be enabled and we must not be operating in the
1645 * turbo phase of dynamic turbo mode. Then,
1646 * it's been a while since the last background
1647 * scan and if no data frames have come through
1648 * recently, kick off a scan. Note that this
1649 * is the mechanism by which a background scan
1650 * is started _and_ continued each time we
1651 * return on-channel to receive a beacon from
1652 * our ap.
1653 */
1654 if (ic->ic_flags & IEEE80211_F_SCAN) {
1655 ieee80211_add_scan(vap, rxchan,
1656 &scan, wh, subtype, rssi, nf);
1657 } else if (contbgscan(vap)) {
1658 ieee80211_bg_scan(vap, 0);
1659 } else if (startbgscan(vap)) {
1660 vap->iv_stats.is_scan_bg++;
1661#if 0
1662 /* wakeup if we are sleeing */
1663 ieee80211_set_pwrsave(vap, 0);
1664#endif
1665 ieee80211_bg_scan(vap, 0);
1666 }
1667
1668 /*
1669 * Put the station to sleep if we haven't seen
1670 * traffic in a while.
1671 */
1672 IEEE80211_LOCK(ic);
1673 ieee80211_sta_ps_timer_check(vap);
1674 IEEE80211_UNLOCK(ic);
1675
1676 /*
1677 * If we've had a channel width change (eg HT20<->HT40)
1678 * then schedule a delayed driver notification.
1679 */
1680 if (ht_state_change)
1681 ieee80211_update_chw(ic);
1682 return;
1683 }
1684 /*
1685 * If scanning, just pass information to the scan module.
1686 */
1687 if (ic->ic_flags & IEEE80211_F_SCAN) {
1688 if (ic->ic_flags_ext & IEEE80211_FEXT_PROBECHAN) {
1689 /*
1690 * Actively scanning a channel marked passive;
1691 * send a probe request now that we know there
1692 * is 802.11 traffic present.
1693 *
1694 * XXX check if the beacon we recv'd gives
1695 * us what we need and suppress the probe req
1696 */
1697 ieee80211_probe_curchan(vap, 1);
1698 ic->ic_flags_ext &= ~IEEE80211_FEXT_PROBECHAN;
1699 }
1700 ieee80211_add_scan(vap, rxchan, &scan, wh,
1701 subtype, rssi, nf);
1702 return;
1703 }
1704 break;
1705 }
1706
1707 case IEEE80211_FC0_SUBTYPE_AUTH: {
1708 uint16_t algo, seq, status;
1709 /*
1710 * auth frame format
1711 * [2] algorithm
1712 * [2] sequence
1713 * [2] status
1714 * [tlv*] challenge
1715 */
1716 IEEE80211_VERIFY_LENGTH(efrm - frm, 6, return);
1717 algo = le16toh(*(uint16_t *)frm);
1718 seq = le16toh(*(uint16_t *)(frm + 2));
1719 status = le16toh(*(uint16_t *)(frm + 4));
1720 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_AUTH, wh->i_addr2,
1721 "recv auth frame with algorithm %d seq %d", algo, seq);
1722
1723 if (vap->iv_flags & IEEE80211_F_COUNTERM) {
1724 IEEE80211_DISCARD(vap,
1725 IEEE80211_MSG_AUTH | IEEE80211_MSG_CRYPTO,
1726 wh, "auth", "%s", "TKIP countermeasures enabled");
1727 vap->iv_stats.is_rx_auth_countermeasures++;
1728 if (vap->iv_opmode == IEEE80211_M_HOSTAP) {
1729 ieee80211_send_error(ni, wh->i_addr2,
1730 IEEE80211_FC0_SUBTYPE_AUTH,
1731 IEEE80211_REASON_MIC_FAILURE);
1732 }
1733 return;
1734 }
1735 if (algo == IEEE80211_AUTH_ALG_SHARED)
1736 sta_auth_shared(ni, wh, frm + 6, efrm, rssi, nf,
1737 seq, status);
1738 else if (algo == IEEE80211_AUTH_ALG_OPEN)
1739 sta_auth_open(ni, wh, rssi, nf, seq, status);
1740 else {
1741 IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
1742 wh, "auth", "unsupported alg %d", algo);
1743 vap->iv_stats.is_rx_auth_unsupported++;
1744 return;
1745 }
1746 break;
1747 }
1748
1749 case IEEE80211_FC0_SUBTYPE_ASSOC_RESP:
1750 case IEEE80211_FC0_SUBTYPE_REASSOC_RESP: {
1751 uint16_t capinfo, associd;
1752 uint16_t status;
1753
1754 if (vap->iv_state != IEEE80211_S_ASSOC) {
1755 vap->iv_stats.is_rx_mgtdiscard++;
1756 return;
1757 }
1758
1759 /*
1760 * asresp frame format
1761 * [2] capability information
1762 * [2] status
1763 * [2] association ID
1764 * [tlv] supported rates
1765 * [tlv] extended supported rates
1766 * [tlv] WME
1767 * [tlv] HT capabilities
1768 * [tlv] HT info
1769 */
1770 IEEE80211_VERIFY_LENGTH(efrm - frm, 6, return);
1771 ni = vap->iv_bss;
1772 capinfo = le16toh(*(uint16_t *)frm);
1773 frm += 2;
1774 status = le16toh(*(uint16_t *)frm);
1775 frm += 2;
1776 if (status != 0) {
1777 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_ASSOC,
1778 wh->i_addr2, "%sassoc failed (reason %d)",
1779 ISREASSOC(subtype) ? "re" : "", status);
1780 vap->iv_stats.is_rx_auth_fail++; /* XXX */
1781 return;
1782 }
1783 associd = le16toh(*(uint16_t *)frm);
1784 frm += 2;
1785
1786 rates = xrates = wme = htcap = htinfo = NULL;
1787 vhtcap = vhtopmode = NULL;
1788 while (efrm - frm > 1) {
1789 IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1] + 2, return);
1790 switch (*frm) {
1791 case IEEE80211_ELEMID_RATES:
1792 rates = frm;
1793 break;
1794 case IEEE80211_ELEMID_XRATES:
1795 xrates = frm;
1796 break;
1797 case IEEE80211_ELEMID_HTCAP:
1798 htcap = frm;
1799 break;
1800 case IEEE80211_ELEMID_HTINFO:
1801 htinfo = frm;
1802 break;
1803 case IEEE80211_ELEMID_VENDOR:
1804 if (iswmeoui(frm))
1805 wme = frm;
1806 else if (vap->iv_flags_ht & IEEE80211_FHT_HTCOMPAT) {
1807 /*
1808 * Accept pre-draft HT ie's if the
1809 * standard ones have not been seen.
1810 */
1811 if (ishtcapoui(frm)) {
1812 if (htcap == NULL)
1813 htcap = frm;
1814 } else if (ishtinfooui(frm)) {
1815 if (htinfo == NULL)
1816 htinfo = frm;
1817 }
1818 }
1819 /* XXX Atheros OUI support */
1820 break;
1821 case IEEE80211_ELEMID_VHT_CAP:
1822 vhtcap = frm;
1823 break;
1824 case IEEE80211_ELEMID_VHT_OPMODE:
1825 vhtopmode = frm;
1826 break;
1827 }
1828 frm += frm[1] + 2;
1829 }
1830
1831 IEEE80211_VERIFY_ELEMENT(rates, IEEE80211_RATE_MAXSIZE, return);
1832 if (xrates != NULL)
1833 IEEE80211_VERIFY_ELEMENT(xrates,
1834 IEEE80211_RATE_MAXSIZE - rates[1], return);
1835 rate = ieee80211_setup_rates(ni, rates, xrates,
1836 IEEE80211_F_JOIN |
1837 IEEE80211_F_DOSORT | IEEE80211_F_DOFRATE |
1838 IEEE80211_F_DONEGO | IEEE80211_F_DODEL);
1839 if (rate & IEEE80211_RATE_BASIC) {
1840 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_ASSOC,
1841 wh->i_addr2,
1842 "%sassoc failed (rate set mismatch)",
1843 ISREASSOC(subtype) ? "re" : "");
1844 vap->iv_stats.is_rx_assoc_norate++;
1845 ieee80211_new_state(vap, IEEE80211_S_SCAN,
1846 IEEE80211_SCAN_FAIL_STATUS);
1847 return;
1848 }
1849
1850 ni->ni_capinfo = capinfo;
1851 ni->ni_associd = associd;
1852 if (ni->ni_jointime == 0)
1853 ni->ni_jointime = time_uptime;
1854 if (wme != NULL &&
1855 ieee80211_parse_wmeparams(vap, wme, wh, &qosinfo) >= 0) {
1856 ni->ni_flags |= IEEE80211_NODE_QOS;
1857 ieee80211_wme_updateparams(vap);
1858 } else
1859 ni->ni_flags &= ~IEEE80211_NODE_QOS;
1860 /*
1861 * Setup HT state according to the negotiation.
1862 *
1863 * NB: shouldn't need to check if HT use is enabled but some
1864 * ap's send back HT ie's even when we don't indicate we
1865 * are HT capable in our AssocReq.
1866 */
1867 if (htcap != NULL && htinfo != NULL &&
1868 (vap->iv_flags_ht & IEEE80211_FHT_HT)) {
1869 ieee80211_ht_node_init(ni);
1870 ieee80211_ht_updateparams(ni, htcap, htinfo);
1871
1872 if ((vhtcap != NULL) && (vhtopmode != NULL) &
1873 (vap->iv_flags_vht & IEEE80211_FVHT_VHT)) {
1874 /*
1875 * Log if we get a VHT assoc/reassoc response.
1876 * We aren't ready for 2GHz VHT support.
1877 */
1878 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) {
1879 printf("%s: peer %6D: VHT on 2GHz, ignoring\n",
1880 __func__,
1881 ni->ni_macaddr,
1882 ":");
1883 } else {
1884 ieee80211_vht_node_init(ni);
1885 ieee80211_vht_updateparams(ni, vhtcap, vhtopmode);
1886 ieee80211_setup_vht_rates(ni, vhtcap, vhtopmode);
1887 }
1888 }
1889
1890 ieee80211_ht_updateparams_final(ni, htcap, htinfo);
1891 ieee80211_setup_htrates(ni, htcap,
1892 IEEE80211_F_JOIN | IEEE80211_F_DOBRS);
1893 ieee80211_setup_basic_htrates(ni, htinfo);
1894
1895 ieee80211_node_setuptxparms(ni);
1896 ieee80211_ratectl_node_init(ni);
1897 }
1898
1899 /*
1900 * Always initialise FF/superg state; we can use this
1901 * for doing A-MSDU encapsulation as well.
1902 */
1903#ifdef IEEE80211_SUPPORT_SUPERG
1904 ieee80211_ff_node_init(ni);
1905#endif
1906
1907 /*
1908 * Configure state now that we are associated.
1909 *
1910 * XXX may need different/additional driver callbacks?
1911 */
1912 if (IEEE80211_IS_CHAN_A(ic->ic_curchan) ||
1913 (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE)) {
1914 vap->iv_flags |= IEEE80211_F_SHPREAMBLE;
1915 vap->iv_flags &= ~IEEE80211_F_USEBARKER;
1916 } else {
1917 vap->iv_flags &= ~IEEE80211_F_SHPREAMBLE;
1918 vap->iv_flags |= IEEE80211_F_USEBARKER;
1919 }
1920 ieee80211_vap_set_shortslottime(vap,
1921 IEEE80211_IS_CHAN_A(ic->ic_curchan) ||
1922 (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_SLOTTIME));
1923 ieee80211_vap_update_preamble(vap);
1924 /*
1925 * Honor ERP protection.
1926 *
1927 * NB: ni_erp should zero for non-11g operation.
1928 */
1929 if (IEEE80211_IS_CHAN_ANYG(ic->ic_curchan) &&
1930 (ni->ni_erp & IEEE80211_ERP_USE_PROTECTION))
1931 vap->iv_flags |= IEEE80211_F_USEPROT;
1932 else
1933 vap->iv_flags &= ~IEEE80211_F_USEPROT;
1934 ieee80211_vap_update_erp_protmode(vap);
1935 IEEE80211_NOTE_MAC(vap,
1936 IEEE80211_MSG_ASSOC | IEEE80211_MSG_DEBUG, wh->i_addr2,
1937 "%sassoc success at aid %d: %s preamble, %s slot time%s%s%s%s%s%s%s%s%s",
1938 ISREASSOC(subtype) ? "re" : "",
1939 IEEE80211_NODE_AID(ni),
1940 vap->iv_flags&IEEE80211_F_SHPREAMBLE ? "short" : "long",
1941 vap->iv_flags&IEEE80211_F_SHSLOT ? "short" : "long",
1942 vap->iv_flags&IEEE80211_F_USEPROT ? ", protection" : "",
1943 ni->ni_flags & IEEE80211_NODE_QOS ? ", QoS" : "",
1944 ni->ni_flags & IEEE80211_NODE_HT ?
1945 (ni->ni_chw == 40 ? ", HT40" : ", HT20") : "",
1946 ni->ni_flags & IEEE80211_NODE_AMPDU ? " (+AMPDU)" : "",
1947 ni->ni_flags & IEEE80211_NODE_AMSDU ? " (+AMSDU)" : "",
1948 ni->ni_flags & IEEE80211_NODE_MIMO_RTS ? " (+SMPS-DYN)" :
1949 ni->ni_flags & IEEE80211_NODE_MIMO_PS ? " (+SMPS)" : "",
1950 ni->ni_flags & IEEE80211_NODE_RIFS ? " (+RIFS)" : "",
1951 IEEE80211_ATH_CAP(vap, ni, IEEE80211_NODE_FF) ?
1952 ", fast-frames" : "",
1953 IEEE80211_ATH_CAP(vap, ni, IEEE80211_NODE_TURBOP) ?
1954 ", turbo" : ""
1955 );
1956 ieee80211_new_state(vap, IEEE80211_S_RUN, subtype);
1957 break;
1958 }
1959
1960 case IEEE80211_FC0_SUBTYPE_DEAUTH: {
1961 uint16_t reason;
1962
1963 if (vap->iv_state == IEEE80211_S_SCAN) {
1964 vap->iv_stats.is_rx_mgtdiscard++;
1965 return;
1966 }
1967 if (!IEEE80211_ADDR_EQ(wh->i_addr1, vap->iv_myaddr)) {
1968 /* NB: can happen when in promiscuous mode */
1969 vap->iv_stats.is_rx_mgtdiscard++;
1970 break;
1971 }
1972
1973 /*
1974 * deauth frame format
1975 * [2] reason
1976 */
1977 IEEE80211_VERIFY_LENGTH(efrm - frm, 2, return);
1978 reason = le16toh(*(uint16_t *)frm);
1979
1980 vap->iv_stats.is_rx_deauth++;
1981 vap->iv_stats.is_rx_deauth_code = reason;
1982 IEEE80211_NODE_STAT(ni, rx_deauth);
1983
1984 IEEE80211_NOTE(vap, IEEE80211_MSG_AUTH, ni,
1985 "recv deauthenticate (reason: %d (%s))", reason,
1986 ieee80211_reason_to_string(reason));
1987 ieee80211_new_state(vap, IEEE80211_S_AUTH,
1988 (reason << 8) | IEEE80211_FC0_SUBTYPE_DEAUTH);
1989 break;
1990 }
1991
1992 case IEEE80211_FC0_SUBTYPE_DISASSOC: {
1993 uint16_t reason;
1994
1995 if (vap->iv_state != IEEE80211_S_RUN &&
1996 vap->iv_state != IEEE80211_S_ASSOC &&
1997 vap->iv_state != IEEE80211_S_AUTH) {
1998 vap->iv_stats.is_rx_mgtdiscard++;
1999 return;
2000 }
2001 if (!IEEE80211_ADDR_EQ(wh->i_addr1, vap->iv_myaddr)) {
2002 /* NB: can happen when in promiscuous mode */
2003 vap->iv_stats.is_rx_mgtdiscard++;
2004 break;
2005 }
2006
2007 /*
2008 * disassoc frame format
2009 * [2] reason
2010 */
2011 IEEE80211_VERIFY_LENGTH(efrm - frm, 2, return);
2012 reason = le16toh(*(uint16_t *)frm);
2013
2014 vap->iv_stats.is_rx_disassoc++;
2015 vap->iv_stats.is_rx_disassoc_code = reason;
2016 IEEE80211_NODE_STAT(ni, rx_disassoc);
2017
2018 IEEE80211_NOTE(vap, IEEE80211_MSG_ASSOC, ni,
2019 "recv disassociate (reason: %d (%s))", reason,
2020 ieee80211_reason_to_string(reason));
2021 ieee80211_new_state(vap, IEEE80211_S_ASSOC, 0);
2022 break;
2023 }
2024
2025 case IEEE80211_FC0_SUBTYPE_ACTION:
2026 case IEEE80211_FC0_SUBTYPE_ACTION_NOACK:
2027 if (!IEEE80211_ADDR_EQ(vap->iv_myaddr, wh->i_addr1) &&
2028 !IEEE80211_IS_MULTICAST(wh->i_addr1)) {
2029 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
2030 wh, NULL, "%s", "not for us");
2031 vap->iv_stats.is_rx_mgtdiscard++;
2032 } else if (vap->iv_state != IEEE80211_S_RUN) {
2033 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
2034 wh, NULL, "wrong state %s",
2035 ieee80211_state_name[vap->iv_state]);
2036 vap->iv_stats.is_rx_mgtdiscard++;
2037 } else {
2038 if (ieee80211_parse_action(ni, m0) == 0)
2039 (void)ic->ic_recv_action(ni, wh, frm, efrm);
2040 }
2041 break;
2042
2043 case IEEE80211_FC0_SUBTYPE_ASSOC_REQ:
2044 case IEEE80211_FC0_SUBTYPE_REASSOC_REQ:
2045 case IEEE80211_FC0_SUBTYPE_PROBE_REQ:
2046 case IEEE80211_FC0_SUBTYPE_TIMING_ADV:
2047 case IEEE80211_FC0_SUBTYPE_ATIM:
2048 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
2049 wh, NULL, "%s", "not handled");
2050 vap->iv_stats.is_rx_mgtdiscard++;
2051 break;
2052
2053 default:
2054 IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
2055 wh, "mgt", "subtype 0x%x not handled", subtype);
2056 vap->iv_stats.is_rx_badsubtype++;
2057 break;
2058 }
2059#undef ISREASSOC
2060}
2061
2062static void
2063sta_recv_ctl(struct ieee80211_node *ni, struct mbuf *m, int subtype)
2064{
2065 switch (subtype) {
2066 case IEEE80211_FC0_SUBTYPE_BAR:
2067 ieee80211_recv_bar(ni, m);
2068 break;
2069 }
2070}
IEEE80211_CHAN_ALL
#define IEEE80211_CHAN_ALL
Definition: _ieee80211.h:235
IEEE80211_RX_F_DECRYPTED
#define IEEE80211_RX_F_DECRYPTED
Definition: _ieee80211.h:570
IEEE80211_RATE_MAXSIZE
#define IEEE80211_RATE_MAXSIZE
Definition: _ieee80211.h:383
IEEE80211_IS_CHAN_A
#define IEEE80211_IS_CHAN_A(_c)
Definition: _ieee80211.h:245
IEEE80211_IS_CHAN_DTURBO
#define IEEE80211_IS_CHAN_DTURBO(_c)
Definition: _ieee80211.h:280
IEEE80211_ROAMING_AUTO
@ IEEE80211_ROAMING_AUTO
Definition: _ieee80211.h:133
IEEE80211_AUTH_SHARED
@ IEEE80211_AUTH_SHARED
Definition: _ieee80211.h:115
IEEE80211_AUTH_8021X
@ IEEE80211_AUTH_8021X
Definition: _ieee80211.h:116
IEEE80211_AUTH_AUTO
@ IEEE80211_AUTH_AUTO
Definition: _ieee80211.h:117
IEEE80211_IS_CHAN_2GHZ
#define IEEE80211_IS_CHAN_2GHZ(_c)
Definition: _ieee80211.h:262
IEEE80211_CHAN_ALLTURBO
#define IEEE80211_CHAN_ALLTURBO
Definition: _ieee80211.h:240
IEEE80211_CHAN_TURBO
#define IEEE80211_CHAN_TURBO
Definition: _ieee80211.h:173
IEEE80211_M_HOSTAP
@ IEEE80211_M_HOSTAP
Definition: _ieee80211.h:90
IEEE80211_M_STA
@ IEEE80211_M_STA
Definition: _ieee80211.h:87
IEEE80211_IS_CHAN_ANYG
#define IEEE80211_IS_CHAN_ANYG(_c)
Definition: _ieee80211.h:253
ieee80211_chan2ieee
int ieee80211_chan2ieee(struct ieee80211com *ic, const struct ieee80211_channel *c)
Definition: ieee80211.c:1076
ieee80211_find_channel_byieee
struct ieee80211_channel * ieee80211_find_channel_byieee(struct ieee80211com *ic, int ieee, int flags)
Definition: ieee80211.c:1763
ieee80211_lookup_channel_rxstatus
struct ieee80211_channel * ieee80211_lookup_channel_rxstatus(struct ieee80211vap *vap, const struct ieee80211_rx_stats *rxs)
Definition: ieee80211.c:1802
IEEE80211_FC0_SUBTYPE_ASSOC_REQ
#define IEEE80211_FC0_SUBTYPE_ASSOC_REQ
Definition: ieee80211.h:127
IEEE80211_FC0_SUBTYPE_ACTION
#define IEEE80211_FC0_SUBTYPE_ACTION
Definition: ieee80211.h:139
IEEE80211_FC0_TYPE_CTL
#define IEEE80211_FC0_TYPE_CTL
Definition: ieee80211.h:121
IEEE80211_AUTH_ALG_SHARED
#define IEEE80211_AUTH_ALG_SHARED
Definition: ieee80211.h:1227
WME_PARAM_LOGCWMAX
#define WME_PARAM_LOGCWMAX
Definition: ieee80211.h:310
IEEE80211_FC0_TYPE_MASK
#define IEEE80211_FC0_TYPE_MASK
Definition: ieee80211.h:118
WME_PARAM_AIFSN
#define WME_PARAM_AIFSN
Definition: ieee80211.h:306
IEEE80211_FC0_SUBTYPE_ATIM
#define IEEE80211_FC0_SUBTYPE_ATIM
Definition: ieee80211.h:135
WME_PARAM_ACM
#define WME_PARAM_ACM
Definition: ieee80211.h:304
IEEE80211_FC0_SUBTYPE_REASSOC_REQ
#define IEEE80211_FC0_SUBTYPE_REASSOC_REQ
Definition: ieee80211.h:129
WME_NUM_AC
#define WME_NUM_AC
Definition: ieee80211.h:299
IEEE80211_CSA_COUNT_MIN
#define IEEE80211_CSA_COUNT_MIN
Definition: ieee80211.h:1141
IEEE80211_FC0_SUBTYPE_PROBE_REQ
#define IEEE80211_FC0_SUBTYPE_PROBE_REQ
Definition: ieee80211.h:131
WME_AC_VI
#define WME_AC_VI
Definition: ieee80211.h:1209
IEEE80211_FC1_PROTECTED
#define IEEE80211_FC1_PROTECTED
Definition: ieee80211.h:195
IEEE80211_CAPINFO_SHORT_SLOTTIME
#define IEEE80211_CAPINFO_SHORT_SLOTTIME
Definition: ieee80211.h:577
IEEE80211_HAS_SEQ
#define IEEE80211_HAS_SEQ(type, subtype)
Definition: ieee80211.h:198
IEEE80211_FC0_SUBTYPE_ASSOC_RESP
#define IEEE80211_FC0_SUBTYPE_ASSOC_RESP
Definition: ieee80211.h:128
IEEE80211_FC0_VERSION_MASK
#define IEEE80211_FC0_VERSION_MASK
Definition: ieee80211.h:115
IEEE80211_FC0_SUBTYPE_DEAUTH
#define IEEE80211_FC0_SUBTYPE_DEAUTH
Definition: ieee80211.h:138
WME_PARAM_LOGCWMIN
#define WME_PARAM_LOGCWMIN
Definition: ieee80211.h:308
IEEE80211_FC1_DIR_DSTODS
#define IEEE80211_FC1_DIR_DSTODS
Definition: ieee80211.h:186
IEEE80211_FC0_SUBTYPE_BAR
#define IEEE80211_FC0_SUBTYPE_BAR
Definition: ieee80211.h:143
IEEE80211_FC0_TYPE_MGT
#define IEEE80211_FC0_TYPE_MGT
Definition: ieee80211.h:120
IEEE80211_FC0_SUBTYPE_PROBE_RESP
#define IEEE80211_FC0_SUBTYPE_PROBE_RESP
Definition: ieee80211.h:132
IEEE80211_RATE_BASIC
#define IEEE80211_RATE_BASIC
Definition: ieee80211.h:1145
IEEE80211_FC0_TYPE_DATA
#define IEEE80211_FC0_TYPE_DATA
Definition: ieee80211.h:122
WME_CAPINFO_IE_OFFSET
#define WME_CAPINFO_IE_OFFSET
Definition: ieee80211.h:353
IEEE80211_IS_MULTICAST
#define IEEE80211_IS_MULTICAST(_a)
Definition: ieee80211.h:39
WME_QOSINFO_COUNT
#define WME_QOSINFO_COUNT
Definition: ieee80211.h:336
IEEE80211_QOS_HAS_SEQ
#define IEEE80211_QOS_HAS_SEQ(wh)
Definition: ieee80211.h:244
IEEE80211_AUTH_OPEN_RESPONSE
@ IEEE80211_AUTH_OPEN_RESPONSE
Definition: ieee80211.h:1232
IEEE80211_FC0_SUBTYPE_TIMING_ADV
#define IEEE80211_FC0_SUBTYPE_TIMING_ADV
Definition: ieee80211.h:133
IEEE80211_FC0_SUBTYPE_DISASSOC
#define IEEE80211_FC0_SUBTYPE_DISASSOC
Definition: ieee80211.h:136
IEEE80211_CAPINFO_SHORT_PREAMBLE
#define IEEE80211_CAPINFO_SHORT_PREAMBLE
Definition: ieee80211.h:572
TID_TO_WME_AC
#define TID_TO_WME_AC(_tid)
Definition: ieee80211.h:319
IEEE80211_FC1_DIR_NODS
#define IEEE80211_FC1_DIR_NODS
Definition: ieee80211.h:183
IEEE80211_FC1_DIR_MASK
#define IEEE80211_FC1_DIR_MASK
Definition: ieee80211.h:182
IEEE80211_FC0_VERSION_0
#define IEEE80211_FC0_VERSION_0
Definition: ieee80211.h:117
IEEE80211_AUTH_SHARED_CHALLENGE
@ IEEE80211_AUTH_SHARED_CHALLENGE
Definition: ieee80211.h:1237
IEEE80211_AUTH_SHARED_PASS
@ IEEE80211_AUTH_SHARED_PASS
Definition: ieee80211.h:1239
IEEE80211_AUTH_SHARED_RESPONSE
@ IEEE80211_AUTH_SHARED_RESPONSE
Definition: ieee80211.h:1238
IEEE80211_FC0_SUBTYPE_NODATA
#define IEEE80211_FC0_SUBTYPE_NODATA
Definition: ieee80211.h:156
IEEE80211_AUTH_ALG_OPEN
#define IEEE80211_AUTH_ALG_OPEN
Definition: ieee80211.h:1226
IEEE80211_FC0_SUBTYPE_REASSOC_RESP
#define IEEE80211_FC0_SUBTYPE_REASSOC_RESP
Definition: ieee80211.h:130
IEEE80211_FC0_SUBTYPE_QOS
#define IEEE80211_FC0_SUBTYPE_QOS
Definition: ieee80211.h:160
IEEE80211_FC1_DIR_FROMDS
#define IEEE80211_FC1_DIR_FROMDS
Definition: ieee80211.h:185
IEEE80211_FC0_SUBTYPE_ACTION_NOACK
#define IEEE80211_FC0_SUBTYPE_ACTION_NOACK
Definition: ieee80211.h:140
IEEE80211_FC0_SUBTYPE_QOS_NULL
#define IEEE80211_FC0_SUBTYPE_QOS_NULL
Definition: ieee80211.h:164
IEEE80211_STATUS_TIMEOUT
@ IEEE80211_STATUS_TIMEOUT
Definition: ieee80211.h:1309
IEEE80211_REASON_AUTH_LEAVE
@ IEEE80211_REASON_AUTH_LEAVE
Definition: ieee80211.h:1255
IEEE80211_REASON_MIC_FAILURE
@ IEEE80211_REASON_MIC_FAILURE
Definition: ieee80211.h:1265
IEEE80211_STATUS_SUCCESS
@ IEEE80211_STATUS_SUCCESS
Definition: ieee80211.h:1301
IEEE80211_REASON_ASSOC_NOT_AUTHED
@ IEEE80211_REASON_ASSOC_NOT_AUTHED
Definition: ieee80211.h:1261
IEEE80211_REASON_NOT_AUTHED
@ IEEE80211_REASON_NOT_AUTHED
Definition: ieee80211.h:1258
IEEE80211_REASON_NOT_ASSOCED
@ IEEE80211_REASON_NOT_ASSOCED
Definition: ieee80211.h:1259
IEEE80211_REASON_ASSOC_LEAVE
@ IEEE80211_REASON_ASSOC_LEAVE
Definition: ieee80211.h:1260
IEEE80211_REASON_ASSOC_EXPIRE
@ IEEE80211_REASON_ASSOC_EXPIRE
Definition: ieee80211.h:1256
IEEE80211_QOS_AMSDU
#define IEEE80211_QOS_AMSDU
Definition: ieee80211.h:226
WME_CAPINFO_UAPSD_EN
#define WME_CAPINFO_UAPSD_EN
Definition: ieee80211.h:344
IEEE80211_ELEMID_VENDOR
@ IEEE80211_ELEMID_VENDOR
Definition: ieee80211.h:980
IEEE80211_ELEMID_HTCAP
@ IEEE80211_ELEMID_HTCAP
Definition: ieee80211.h:959
IEEE80211_ELEMID_RATES
@ IEEE80211_ELEMID_RATES
Definition: ieee80211.h:936
IEEE80211_ELEMID_CHALLENGE
@ IEEE80211_ELEMID_CHALLENGE
Definition: ieee80211.h:946
IEEE80211_ELEMID_VHT_OPMODE
@ IEEE80211_ELEMID_VHT_OPMODE
Definition: ieee80211.h:1013
IEEE80211_ELEMID_XRATES
@ IEEE80211_ELEMID_XRATES
Definition: ieee80211.h:963
IEEE80211_ELEMID_HTINFO
@ IEEE80211_ELEMID_HTINFO
Definition: ieee80211.h:966
IEEE80211_ELEMID_VHT_CAP
@ IEEE80211_ELEMID_VHT_CAP
Definition: ieee80211.h:1012
IEEE80211_FC0_SUBTYPE_MASK
#define IEEE80211_FC0_SUBTYPE_MASK
Definition: ieee80211.h:124
IEEE80211_AID
#define IEEE80211_AID(b)
Definition: ieee80211.h:1379
IEEE80211_FC0_SUBTYPE_BEACON
#define IEEE80211_FC0_SUBTYPE_BEACON
Definition: ieee80211.h:134
IEEE80211_ERP_USE_PROTECTION
#define IEEE80211_ERP_USE_PROTECTION
Definition: ieee80211.h:1151
IEEE80211_FC0_SUBTYPE_AUTH
#define IEEE80211_FC0_SUBTYPE_AUTH
Definition: ieee80211.h:137
IEEE80211_CHALLENGE_LEN
#define IEEE80211_CHALLENGE_LEN
Definition: ieee80211.h:1224
ieee80211_crypto_decap
int ieee80211_crypto_decap(struct ieee80211_node *ni, struct mbuf *m, int hdrlen, struct ieee80211_key **key)
Definition: ieee80211_crypto.c:606
ieee80211_crypto_demic
int ieee80211_crypto_demic(struct ieee80211vap *vap, struct ieee80211_key *k, struct mbuf *m, int force)
Definition: ieee80211_crypto.c:701
ieee80211_notify_node_join
void ieee80211_notify_node_join(struct ieee80211_node *ni, int newassoc)
Definition: ieee80211_freebsd.c:780
ieee80211_time_after
#define ieee80211_time_after(a, b)
Definition: ieee80211_freebsd.h:273
IEEE80211_UNLOCK
#define IEEE80211_UNLOCK(_ic)
Definition: ieee80211_freebsd.h:73
M_WEP
#define M_WEP
Definition: ieee80211_freebsd.h:298
IEEE80211_FREE
#define IEEE80211_FREE
Definition: ieee80211_freebsd.h:713
IEEE80211_LOCK_ASSERT
#define IEEE80211_LOCK_ASSERT(_ic)
Definition: ieee80211_freebsd.h:74
IEEE80211_LOCK
#define IEEE80211_LOCK(_ic)
Definition: ieee80211_freebsd.h:72
M_AMPDU_MPDU
#define M_AMPDU_MPDU
Definition: ieee80211_freebsd.h:287
M_AMPDU
#define M_AMPDU
Definition: ieee80211_freebsd.h:297
ieee80211_recv_bar
void ieee80211_recv_bar(struct ieee80211_node *ni, struct mbuf *m0)
Definition: ieee80211_ht.c:1228
ieee80211_ht_updateparams_final
int ieee80211_ht_updateparams_final(struct ieee80211_node *ni, const uint8_t *htcapie, const uint8_t *htinfoie)
Definition: ieee80211_ht.c:2016
ieee80211_ht_node_init
void ieee80211_ht_node_init(struct ieee80211_node *ni)
Definition: ieee80211_ht.c:1308
ieee80211_ampdu_reorder
int ieee80211_ampdu_reorder(struct ieee80211_node *ni, struct mbuf *m, const struct ieee80211_rx_stats *rxs)
Definition: ieee80211_ht.c:1002
ieee80211_setup_htrates
int ieee80211_setup_htrates(struct ieee80211_node *ni, const uint8_t *ie, int flags)
Definition: ieee80211_ht.c:2106
ieee80211_setup_basic_htrates
void ieee80211_setup_basic_htrates(struct ieee80211_node *ni, const uint8_t *ie)
Definition: ieee80211_ht.c:2160
ieee80211_decap_amsdu
struct mbuf * ieee80211_decap_amsdu(struct ieee80211_node *ni, struct mbuf *m)
Definition: ieee80211_ht.c:471
ieee80211_ht_updateparams
void ieee80211_ht_updateparams(struct ieee80211_node *ni, const uint8_t *htcapie, const uint8_t *htinfoie)
Definition: ieee80211_ht.c:1903
ieee80211_parse_action
int ieee80211_parse_action(struct ieee80211_node *ni, struct mbuf *m)
Definition: ieee80211_input.c:784
ieee80211_send_error
void ieee80211_send_error(struct ieee80211_node *ni, const uint8_t mac[IEEE80211_ADDR_LEN], int subtype, int arg)
Definition: ieee80211_input.c:461
ieee80211_decap
struct mbuf * ieee80211_decap(struct ieee80211vap *vap, struct mbuf *m, int hdrlen, uint8_t qos)
Definition: ieee80211_input.c:312
ieee80211_deliver_data
void ieee80211_deliver_data(struct ieee80211vap *vap, struct ieee80211_node *ni, struct mbuf *m)
Definition: ieee80211_input.c:275
ieee80211_alloc_challenge
int ieee80211_alloc_challenge(struct ieee80211_node *ni)
Definition: ieee80211_input.c:493
ieee80211_setup_rates
int ieee80211_setup_rates(struct ieee80211_node *ni, const uint8_t *rates, const uint8_t *xrates, int flags)
Definition: ieee80211_input.c:425
ieee80211_parse_beacon
int ieee80211_parse_beacon(struct ieee80211_node *ni, struct mbuf *m, struct ieee80211_channel *rxchan, struct ieee80211_scanparams *scan)
Definition: ieee80211_input.c:516
ieee80211_defrag
struct mbuf * ieee80211_defrag(struct ieee80211_node *ni, struct mbuf *m, int hdrspace, int has_decrypted)
Definition: ieee80211_input.c:173
ieee80211_input.h
ieee80211_check_rxseq
static __inline int ieee80211_check_rxseq(struct ieee80211_node *ni, struct ieee80211_frame *wh, uint8_t *bssid, const struct ieee80211_rx_stats *rxs)
Definition: ieee80211_input.h:195
IEEE80211_VERIFY_ELEMENT
#define IEEE80211_VERIFY_ELEMENT(__elem, __maxlen, _action)
Definition: ieee80211_input.h:33
iswmeoui
static __inline int iswmeoui(const uint8_t *frm)
Definition: ieee80211_input.h:93
ishtinfooui
static __inline int ishtinfooui(const uint8_t *frm)
Definition: ieee80211_input.h:131
ishtcapoui
static __inline int ishtcapoui(const uint8_t *frm)
Definition: ieee80211_input.h:125
IEEE80211_VERIFY_LENGTH
#define IEEE80211_VERIFY_LENGTH(_len, _minlen, _action)
Definition: ieee80211_input.h:47
ieee80211_reset_bss
void ieee80211_reset_bss(struct ieee80211vap *vap)
Definition: ieee80211_node.c:445
ieee80211_node_setuptxparms
void ieee80211_node_setuptxparms(struct ieee80211_node *ni)
Definition: ieee80211_node.c:244
ieee80211_node_authorize
void ieee80211_node_authorize(struct ieee80211_node *ni)
Definition: ieee80211_node.c:213
ieee80211_sta_leave
void ieee80211_sta_leave(struct ieee80211_node *ni)
Definition: ieee80211_node.c:1048
ieee80211_update_chw
void ieee80211_update_chw(struct ieee80211com *ic)
Definition: ieee80211_node.c:827
ieee80211_sync_curchan
void ieee80211_sync_curchan(struct ieee80211com *ic)
Definition: ieee80211_node.c:761
IEEE80211_RSSI_LPF
#define IEEE80211_RSSI_LPF(x, y)
Definition: ieee80211_node.h:313
IEEE80211_NODE_TURBOP
#define IEEE80211_NODE_TURBOP
Definition: ieee80211_node.h:156
ieee80211_node_is_authorized
static __inline int ieee80211_node_is_authorized(const struct ieee80211_node *ni)
Definition: ieee80211_node.h:346
IEEE80211_NODE_FF
#define IEEE80211_NODE_FF
Definition: ieee80211_node.h:158
IEEE80211_NODE_MIMO_RTS
#define IEEE80211_NODE_MIMO_RTS
Definition: ieee80211_node.h:140
IEEE80211_NODE_AMSDU
#define IEEE80211_NODE_AMSDU
Definition: ieee80211_node.h:273
IEEE80211_NODE_QOS
#define IEEE80211_NODE_QOS
Definition: ieee80211_node.h:128
IEEE80211_NODE_STAT
#define IEEE80211_NODE_STAT(ni, stat)
Definition: ieee80211_node.h:288
IEEE80211_NODE_AID
#define IEEE80211_NODE_AID(ni)
Definition: ieee80211_node.h:286
IEEE80211_NODE_MIMO_PS
#define IEEE80211_NODE_MIMO_PS
Definition: ieee80211_node.h:139
IEEE80211_NODE_RIFS
#define IEEE80211_NODE_RIFS
Definition: ieee80211_node.h:141
IEEE80211_NODE_UAPSD
#define IEEE80211_NODE_UAPSD
Definition: ieee80211_node.h:149
IEEE80211_NODE_AMPDU
#define IEEE80211_NODE_AMPDU
Definition: ieee80211_node.h:271
IEEE80211_NODE_HT
#define IEEE80211_NODE_HT
Definition: ieee80211_node.h:133
ieee80211_send_probereq
int ieee80211_send_probereq(struct ieee80211_node *ni, const uint8_t sa[IEEE80211_ADDR_LEN], const uint8_t da[IEEE80211_ADDR_LEN], const uint8_t bssid[IEEE80211_ADDR_LEN], const uint8_t *ssid, size_t ssidlen)
Definition: ieee80211_output.c:2547
ieee80211_sta_tim_notify
void ieee80211_sta_tim_notify(struct ieee80211vap *vap, int set)
Definition: ieee80211_power.c:558
ieee80211_sta_ps_timer_check
void ieee80211_sta_ps_timer_check(struct ieee80211vap *vap)
Definition: ieee80211_power.c:600
ieee80211_reason_to_string
const char * ieee80211_reason_to_string(uint16_t reason)
Definition: ieee80211_proto.c:112
ieee80211_swbmiss
void ieee80211_swbmiss(void *arg)
Definition: ieee80211_proto.c:2250
ieee80211_csa_startswitch
void ieee80211_csa_startswitch(struct ieee80211com *ic, struct ieee80211_channel *c, int mode, int count)
Definition: ieee80211_proto.c:2294
ieee80211_vap_update_preamble
void ieee80211_vap_update_preamble(struct ieee80211vap *vap)
Definition: ieee80211_proto.c:1223
ieee80211_print_essid
void ieee80211_print_essid(const uint8_t *essid, int len)
Definition: ieee80211_proto.c:530
ieee80211_new_state
int ieee80211_new_state(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
Definition: ieee80211_proto.c:2758
ieee80211_state_name
const char * ieee80211_state_name[IEEE80211_S_MAX]
Definition: ieee80211_proto.c:89
ieee80211_csa_cancelswitch
void ieee80211_csa_cancelswitch(struct ieee80211com *ic)
Definition: ieee80211_proto.c:2369
ieee80211_wme_updateparams
void ieee80211_wme_updateparams(struct ieee80211vap *vap)
Definition: ieee80211_proto.c:1759
ieee80211_csa_completeswitch
void ieee80211_csa_completeswitch(struct ieee80211com *ic)
Definition: ieee80211_proto.c:2347
ieee80211_vap_update_erp_protmode
void ieee80211_vap_update_erp_protmode(struct ieee80211vap *vap)
Definition: ieee80211_proto.c:1240
ieee80211_vap_set_shortslottime
void ieee80211_vap_set_shortslottime(struct ieee80211vap *vap, int onoff)
Definition: ieee80211_proto.c:1193
ieee80211_opmode_name
const char * ieee80211_opmode_name[IEEE80211_OPMODE_MAX]
Definition: ieee80211_proto.c:80
ieee80211_dturbo_switch
void ieee80211_dturbo_switch(struct ieee80211vap *, int newflags)
IEEE80211_F_DODEL
#define IEEE80211_F_DODEL
Definition: ieee80211_proto.h:258
IEEE80211_F_DONEGO
#define IEEE80211_F_DONEGO
Definition: ieee80211_proto.h:257
IEEE80211_F_DOBRS
#define IEEE80211_F_DOBRS
Definition: ieee80211_proto.h:259
ieee80211_state
ieee80211_state
Definition: ieee80211_proto.h:37
IEEE80211_S_SLEEP
@ IEEE80211_S_SLEEP
Definition: ieee80211_proto.h:45
IEEE80211_S_CSA
@ IEEE80211_S_CSA
Definition: ieee80211_proto.h:44
IEEE80211_S_RUN
@ IEEE80211_S_RUN
Definition: ieee80211_proto.h:43
IEEE80211_S_SCAN
@ IEEE80211_S_SCAN
Definition: ieee80211_proto.h:39
IEEE80211_S_INIT
@ IEEE80211_S_INIT
Definition: ieee80211_proto.h:38
IEEE80211_S_AUTH
@ IEEE80211_S_AUTH
Definition: ieee80211_proto.h:40
IEEE80211_S_ASSOC
@ IEEE80211_S_ASSOC
Definition: ieee80211_proto.h:41
IEEE80211_F_DOSORT
#define IEEE80211_F_DOSORT
Definition: ieee80211_proto.h:255
ieee80211_gettid
static __inline uint8_t ieee80211_gettid(const struct ieee80211_frame *wh)
Definition: ieee80211_proto.h:333
IEEE80211_F_JOIN
#define IEEE80211_F_JOIN
Definition: ieee80211_proto.h:260
ieee80211_getqos
static __inline uint8_t * ieee80211_getqos(void *data)
Definition: ieee80211_proto.h:316
ieee80211_mgt_subtype_name
static __inline const char * ieee80211_mgt_subtype_name(uint8_t subtype)
Definition: ieee80211_proto.h:58
IEEE80211_SEND_MGMT
#define IEEE80211_SEND_MGMT(_ni, _type, _arg)
Definition: ieee80211_proto.h:49
ieee80211_anyhdrsize
static __inline int ieee80211_anyhdrsize(const void *data)
Definition: ieee80211_proto.h:192
IEEE80211_F_DOFRATE
#define IEEE80211_F_DOFRATE
Definition: ieee80211_proto.h:256
ieee80211_radiotap_rx
void ieee80211_radiotap_rx(struct ieee80211vap *vap0, struct mbuf *m)
Definition: ieee80211_radiotap.c:231
ieee80211_ratectl.h
ieee80211_ratectl_node_init
static __inline void ieee80211_ratectl_node_init(struct ieee80211_node *ni)
Definition: ieee80211_ratectl.h:117
ieee80211_bg_scan
int ieee80211_bg_scan(struct ieee80211vap *vap, int flags)
Definition: ieee80211_scan.c:425
ieee80211_add_scan
void ieee80211_add_scan(struct ieee80211vap *vap, struct ieee80211_channel *curchan, const struct ieee80211_scanparams *sp, const struct ieee80211_frame *wh, int subtype, int rssi, int noise)
Definition: ieee80211_scan.c:581
ieee80211_scan_assoc_fail
void ieee80211_scan_assoc_fail(struct ieee80211vap *vap, const uint8_t mac[], int reason)
Definition: ieee80211_scan.c:625
ieee80211_cancel_scan
void ieee80211_cancel_scan(struct ieee80211vap *vap)
Definition: ieee80211_scan.c:453
ieee80211_check_scan
int ieee80211_check_scan(struct ieee80211vap *vap, int flags, u_int duration, u_int mindwell, u_int maxdwell, u_int nssid, const struct ieee80211_scan_ssid ssids[])
Definition: ieee80211_scan.c:354
ieee80211_check_scan_current
int ieee80211_check_scan_current(struct ieee80211vap *vap)
Definition: ieee80211_scan.c:412
ieee80211_probe_curchan
void ieee80211_probe_curchan(struct ieee80211vap *vap, int force)
Definition: ieee80211_scan.c:517
ieee80211_scan_assoc_success
void ieee80211_scan_assoc_success(struct ieee80211vap *vap, const uint8_t mac[])
Definition: ieee80211_scan.c:610
IEEE80211_SCAN_FAIL_STATUS
@ IEEE80211_SCAN_FAIL_STATUS
Definition: ieee80211_scan.h:196
ieee80211_sta_detach
void ieee80211_sta_detach(struct ieee80211com *ic)
Definition: ieee80211_sta.c:89
WH4
#define WH4(wh)
QWH4
#define QWH4(wh)
sta_recv_mgmt
static void sta_recv_mgmt(struct ieee80211_node *, struct mbuf *, int subtype, const struct ieee80211_rx_stats *, int rssi, int nf)
Definition: ieee80211_sta.c:1399
sta_auth_shared
static void sta_auth_shared(struct ieee80211_node *ni, struct ieee80211_frame *wh, uint8_t *frm, uint8_t *efrm, int rssi, int nf, uint16_t seq, uint16_t status)
Definition: ieee80211_sta.c:1033
ieee80211_sta_attach
void ieee80211_sta_attach(struct ieee80211com *ic)
Definition: ieee80211_sta.c:83
sta_authretry
static void sta_authretry(struct ieee80211vap *vap, struct ieee80211_node *ni, int reason)
Definition: ieee80211_sta.c:191
isfromds_mcastecho
static __inline int isfromds_mcastecho(struct ieee80211vap *vap, const struct ieee80211_frame *wh)
Definition: ieee80211_sta.c:502
isdstods_mcastecho
static __inline int isdstods_mcastecho(struct ieee80211vap *vap, const struct ieee80211_frame *wh)
Definition: ieee80211_sta.c:481
sta_input
static int sta_input(struct ieee80211_node *, struct mbuf *, const struct ieee80211_rx_stats *, int, int)
Definition: ieee80211_sta.c:540
ieee80211_parse_wmeie
int ieee80211_parse_wmeie(uint8_t *frm, const struct ieee80211_frame *wh, struct ieee80211_node *ni)
Definition: ieee80211_sta.c:1152
sta_beacon_miss
static void sta_beacon_miss(struct ieee80211vap *)
Definition: ieee80211_sta.c:115
doprint
static __inline int doprint(struct ieee80211vap *vap, int subtype)
Definition: ieee80211_sta.c:518
startbgscan
static __inline int startbgscan(struct ieee80211vap *vap)
Definition: ieee80211_sta.c:1363
sta_vattach
static void sta_vattach(struct ieee80211vap *)
Definition: ieee80211_sta.c:99
IEEE80211_RATE2MBS
#define IEEE80211_RATE2MBS(r)
Definition: ieee80211_sta.c:71
__FBSDID
__FBSDID("$FreeBSD$")
sta_newstate
static int sta_newstate(struct ieee80211vap *, enum ieee80211_state, int)
Definition: ieee80211_sta.c:234
ieee80211_parse_wmeparams
int ieee80211_parse_wmeparams(struct ieee80211vap *vap, uint8_t *frm, const struct ieee80211_frame *wh, uint8_t *qosinfo)
Definition: ieee80211_sta.c:1175
ieee80211_parse_csaparams
static void ieee80211_parse_csaparams(struct ieee80211vap *vap, uint8_t *frm, const struct ieee80211_frame *wh)
Definition: ieee80211_sta.c:1231
ISREASSOC
#define ISREASSOC(_st)
sta_recv_ctl
static void sta_recv_ctl(struct ieee80211_node *, struct mbuf *, int subtype)
Definition: ieee80211_sta.c:2063
sta_swbmiss_start
static void sta_swbmiss_start(struct ieee80211vap *vap)
Definition: ieee80211_sta.c:212
contbgscan
static __inline int contbgscan(struct ieee80211vap *vap)
Definition: ieee80211_sta.c:1343
sta_vdetach
static void sta_vdetach(struct ieee80211vap *vap)
Definition: ieee80211_sta.c:94
sta_auth_open
static void sta_auth_open(struct ieee80211_node *ni, struct ieee80211_frame *wh, int rssi, int nf, uint16_t seq, uint16_t status)
Definition: ieee80211_sta.c:1004
ieee80211_sta.h
ieee80211_superg.h
ieee80211_ff_node_init
void ieee80211_ff_node_init(struct ieee80211_node *)
ieee80211_parse_athparams
int ieee80211_parse_athparams(struct ieee80211_node *, uint8_t *, const struct ieee80211_frame *)
ieee80211_decap_fastframe
static __inline struct mbuf * ieee80211_decap_fastframe(struct ieee80211vap *vap, struct ieee80211_node *ni, struct mbuf *m)
Definition: ieee80211_superg.h:150
ieee80211_var.h
IEEE80211_MSG_AUTH
#define IEEE80211_MSG_AUTH
Definition: ieee80211_var.h:987
ieee80211_radiotap_active_vap
static __inline int ieee80211_radiotap_active_vap(const struct ieee80211vap *vap)
Definition: ieee80211_var.h:835
IEEE80211_MSG_STATE
#define IEEE80211_MSG_STATE
Definition: ieee80211_var.h:990
IEEE80211_DISCARD_IE
#define IEEE80211_DISCARD_IE(_vap, _m, _wh, _type, _fmt,...)
Definition: ieee80211_var.h:1100
IEEE80211_FEXT_PROBECHAN
#define IEEE80211_FEXT_PROBECHAN
Definition: ieee80211_var.h:682
ieee80211_hdrspace
static __inline int ieee80211_hdrspace(struct ieee80211com *ic, const void *data)
Definition: ieee80211_var.h:883
IEEE80211_F_SCAN
#define IEEE80211_F_SCAN
Definition: ieee80211_var.h:623
IEEE80211_NOTE_FRAME
#define IEEE80211_NOTE_FRAME(_vap, _m, _wh, _fmt,...)
Definition: ieee80211_var.h:1094
IEEE80211_FEXT_BGSCAN
#define IEEE80211_FEXT_BGSCAN
Definition: ieee80211_var.h:667
_IEEE80211_MASKSHIFT
#define _IEEE80211_MASKSHIFT(_v, _f)
Definition: ieee80211_var.h:1019
IEEE80211_FHT_HT
#define IEEE80211_FHT_HT
Definition: ieee80211_var.h:702
IEEE80211_MSG_CRYPTO
#define IEEE80211_MSG_CRYPTO
Definition: ieee80211_var.h:981
IEEE80211_MSG_ANY
#define IEEE80211_MSG_ANY
Definition: ieee80211_var.h:1010
IEEE80211_F_COUNTERM
#define IEEE80211_F_COUNTERM
Definition: ieee80211_var.h:642
IEEE80211_F_USEBARKER
#define IEEE80211_F_USEBARKER
Definition: ieee80211_var.h:636
IEEE80211_F_SHPREAMBLE
#define IEEE80211_F_SHPREAMBLE
Definition: ieee80211_var.h:633
IEEE80211_MSG_ELEMID
#define IEEE80211_MSG_ELEMID
Definition: ieee80211_var.h:984
IEEE80211_TU_TO_TICKS
#define IEEE80211_TU_TO_TICKS(x)
Definition: ieee80211_var.h:90
IEEE80211_NOTE_MAC
#define IEEE80211_NOTE_MAC(_vap, _m, _mac, _fmt,...)
Definition: ieee80211_var.h:1095
IEEE80211_F_CSAPENDING
#define IEEE80211_F_CSAPENDING
Definition: ieee80211_var.h:637
IEEE80211_FEXT_SWBMISS
#define IEEE80211_FEXT_SWBMISS
Definition: ieee80211_var.h:674
IEEE80211_ADDR_EQ
#define IEEE80211_ADDR_EQ(a1, a2)
Definition: ieee80211_var.h:612
IEEE80211_MSG_DOTH
#define IEEE80211_MSG_DOTH
Definition: ieee80211_var.h:1001
IEEE80211_F_PRIVACY
#define IEEE80211_F_PRIVACY
Definition: ieee80211_var.h:621
IEEE80211_MSG_DEBUG
#define IEEE80211_MSG_DEBUG
Definition: ieee80211_var.h:979
IEEE80211_F_WPA
#define IEEE80211_F_WPA
Definition: ieee80211_var.h:640
IEEE80211_NOTE
#define IEEE80211_NOTE(_vap, _m, _ni, _fmt,...)
Definition: ieee80211_var.h:1093
IEEE80211_FVHT_VHT
#define IEEE80211_FVHT_VHT
Definition: ieee80211_var.h:724
IEEE80211_MSG_POWER
#define IEEE80211_MSG_POWER
Definition: ieee80211_var.h:991
IEEE80211_F_DOTH
#define IEEE80211_F_DOTH
Definition: ieee80211_var.h:646
IEEE80211_DISCARD_MAC
#define IEEE80211_DISCARD_MAC(_vap, _m, _mac, _type, _fmt,...)
Definition: ieee80211_var.h:1101
IEEE80211_FHT_HTCOMPAT
#define IEEE80211_FHT_HTCOMPAT
Definition: ieee80211_var.h:711
IEEE80211_F_DWDS
#define IEEE80211_F_DWDS
Definition: ieee80211_var.h:647
IEEE80211_MSG_WME
#define IEEE80211_MSG_WME
Definition: ieee80211_var.h:999
IEEE80211_F_USEPROT
#define IEEE80211_F_USEPROT
Definition: ieee80211_var.h:635
IEEE80211_DPRINTF
#define IEEE80211_DPRINTF(_vap, _m, _fmt,...)
Definition: ieee80211_var.h:1092
IEEE80211_FEXT_SCAN_OFFLOAD
#define IEEE80211_FEXT_SCAN_OFFLOAD
Definition: ieee80211_var.h:684
IEEE80211_ATH_CAP
#define IEEE80211_ATH_CAP(vap, ni, bit)
Definition: ieee80211_var.h:660
IEEE80211_MSG_INPUT
#define IEEE80211_MSG_INPUT
Definition: ieee80211_var.h:982
IEEE80211_F_SHSLOT
#define IEEE80211_F_SHSLOT
Definition: ieee80211_var.h:626
IEEE80211_DISCARD
#define IEEE80211_DISCARD(_vap, _m, _wh, _type, _fmt,...)
Definition: ieee80211_var.h:1099
ieee80211_msg_dumppkts
#define ieee80211_msg_dumppkts(_vap)
Definition: ieee80211_var.h:1096
IEEE80211_F_BGSCAN
#define IEEE80211_F_BGSCAN
Definition: ieee80211_var.h:630
IEEE80211_FEXT_SCANREQ
#define IEEE80211_FEXT_SCANREQ
Definition: ieee80211_var.h:670
IEEE80211_MSG_ASSOC
#define IEEE80211_MSG_ASSOC
Definition: ieee80211_var.h:986
IEEE80211_F_DROPUNENC
#define IEEE80211_F_DROPUNENC
Definition: ieee80211_var.h:641
ieee80211_vht_node_init
void ieee80211_vht_node_init(struct ieee80211_node *ni)
Definition: ieee80211_vht.c:224
ieee80211_setup_vht_rates
void ieee80211_setup_vht_rates(struct ieee80211_node *ni, const uint8_t *vhtcap_ie, const uint8_t *vhtop_ie)
Definition: ieee80211_vht.c:293
ieee80211_vht_updateparams
int ieee80211_vht_updateparams(struct ieee80211_node *ni, const uint8_t *vhtcap_ie, const uint8_t *vhtop_ie)
Definition: ieee80211_vht.c:280
ieee80211_vht.h
chanAccParams::cap_wmeParams
struct wmeParams cap_wmeParams[WME_NUM_AC]
Definition: ieee80211_proto.h:281
ieee80211_authenticator::ia_detach
void(* ia_detach)(struct ieee80211vap *)
Definition: ieee80211_proto.h:219
ieee80211_channel
Definition: _ieee80211.h:140
ieee80211_channel::ic_flags
uint32_t ic_flags
Definition: _ieee80211.h:141
ieee80211_csa_ie
Definition: ieee80211.h:1128
ieee80211_csa_ie::csa_count
uint8_t csa_count
Definition: ieee80211.h:1133
ieee80211_csa_ie::csa_mode
uint8_t csa_mode
Definition: ieee80211.h:1131
ieee80211_csa_ie::csa_newchan
uint8_t csa_newchan
Definition: ieee80211.h:1132
ieee80211_frame
Definition: ieee80211.h:67
ieee80211_frame::i_addr1
uint8_t i_addr1[IEEE80211_ADDR_LEN]
Definition: ieee80211.h:70
ieee80211_frame::i_addr2
uint8_t i_addr2[IEEE80211_ADDR_LEN]
Definition: ieee80211.h:71
ieee80211_frame::i_fc
uint8_t i_fc[2]
Definition: ieee80211.h:68
ieee80211_frame::i_addr3
uint8_t i_addr3[IEEE80211_ADDR_LEN]
Definition: ieee80211.h:72
ieee80211_key
Definition: ieee80211_crypto.h:76
ieee80211_node
Definition: ieee80211_node.h:119
ieee80211_node::ni_flags
u_int ni_flags
Definition: ieee80211_node.h:126
ieee80211_node::ni_challenge
uint32_t * ni_challenge
Definition: ieee80211_node.h:165
ieee80211_node::ni_ic
struct ieee80211com * ni_ic
Definition: ieee80211_node.h:121
ieee80211_node::ni_quiet_ie
struct ieee80211_quiet_ie ni_quiet_ie
Definition: ieee80211_node.h:258
ieee80211_node::ni_macaddr
uint8_t ni_macaddr[IEEE80211_ADDR_LEN]
Definition: ieee80211_node.h:187
ieee80211_node::ni_authmode
uint8_t ni_authmode
Definition: ieee80211_node.h:153
ieee80211_node::ni_erp
uint16_t ni_erp
Definition: ieee80211_node.h:203
ieee80211_node::ni_esslen
uint8_t ni_esslen
Definition: ieee80211_node.h:197
ieee80211_node::ni_bssid
uint8_t ni_bssid[IEEE80211_ADDR_LEN]
Definition: ieee80211_node.h:188
ieee80211_node::ni_uapsd
uint8_t ni_uapsd
Definition: ieee80211_node.h:261
ieee80211_node::ni_inact_reload
short ni_inact_reload
Definition: ieee80211_node.h:248
ieee80211_node::ni_vap
struct ieee80211vap * ni_vap
Definition: ieee80211_node.h:120
ieee80211_node::ni_jointime
uint32_t ni_jointime
Definition: ieee80211_node.h:164
ieee80211_node::ni_intval
uint16_t ni_intval
Definition: ieee80211_node.h:195
ieee80211_node::ni_quiet_ie_set
uint32_t ni_quiet_ie_set
Definition: ieee80211_node.h:257
ieee80211_node::ni_capinfo
uint16_t ni_capinfo
Definition: ieee80211_node.h:196
ieee80211_node::ni_dtim_period
uint8_t ni_dtim_period
Definition: ieee80211_node.h:205
ieee80211_node::data
uint8_t data[8]
Definition: ieee80211_node.h:192
ieee80211_node::ni_txrate
int ni_txrate
Definition: ieee80211_node.h:249
ieee80211_node::ni_dtim_count
uint8_t ni_dtim_count
Definition: ieee80211_node.h:206
ieee80211_node::ni_noise
int8_t ni_noise
Definition: ieee80211_node.h:177
ieee80211_node::ni_tstamp
union ieee80211_node::@24 ni_tstamp
ieee80211_node::ni_chw
uint8_t ni_chw
Definition: ieee80211_node.h:227
ieee80211_node::ni_inact
short ni_inact
Definition: ieee80211_node.h:247
ieee80211_node::ni_avgrssi
uint32_t ni_avgrssi
Definition: ieee80211_node.h:176
ieee80211_node::ni_chan
struct ieee80211_channel * ni_chan
Definition: ieee80211_node.h:200
ieee80211_node::ni_associd
uint16_t ni_associd
Definition: ieee80211_node.h:150
ieee80211_node::ni_essid
uint8_t ni_essid[IEEE80211_NWID_LEN]
Definition: ieee80211_node.h:198
ieee80211_quiet_ie
Definition: ieee80211.h:1116
ieee80211_quiet_ie::offset
uint16_t offset
Definition: ieee80211.h:1122
ieee80211_quiet_ie::period
uint8_t period
Definition: ieee80211.h:1120
ieee80211_quiet_ie::duration
uint16_t duration
Definition: ieee80211.h:1121
ieee80211_rx_stats
Definition: _ieee80211.h:592
ieee80211_rx_stats::c_pktflags
uint32_t c_pktflags
Definition: _ieee80211.h:594
ieee80211_scanparams
Definition: ieee80211_scan.h:225
ieee80211_scanparams::vhtopmode
uint8_t * vhtopmode
Definition: ieee80211_scan.h:256
ieee80211_scanparams::quiet
uint8_t * quiet
Definition: ieee80211_scan.h:252
ieee80211_scanparams::htinfo
uint8_t * htinfo
Definition: ieee80211_scan.h:248
ieee80211_scanparams::capinfo
uint16_t capinfo
Definition: ieee80211_scan.h:231
ieee80211_scanparams::vhtcap
uint8_t * vhtcap
Definition: ieee80211_scan.h:255
ieee80211_scanparams::tstamp
uint8_t * tstamp
Definition: ieee80211_scan.h:238
ieee80211_scanparams::erp
uint16_t erp
Definition: ieee80211_scan.h:232
ieee80211_scanparams::ath
uint8_t * ath
Definition: ieee80211_scan.h:249
ieee80211_scanparams::wme
uint8_t * wme
Definition: ieee80211_scan.h:246
ieee80211_scanparams::htcap
uint8_t * htcap
Definition: ieee80211_scan.h:247
ieee80211_scanparams::csa
uint8_t * csa
Definition: ieee80211_scan.h:251
ieee80211_scanparams::tim
uint8_t * tim
Definition: ieee80211_scan.h:237
ieee80211_stats::is_rx_tooshort
uint32_t is_rx_tooshort
Definition: ieee80211_ioctl.h:101
ieee80211_stats::is_rx_badversion
uint32_t is_rx_badversion
Definition: ieee80211_ioctl.h:100
ieee80211_stats::is_rx_deauth
uint32_t is_rx_deauth
Definition: ieee80211_ioctl.h:131
ieee80211_stats::is_rx_auth_unsupported
uint32_t is_rx_auth_unsupported
Definition: ieee80211_ioctl.h:123
ieee80211_stats::is_rx_beacon
uint32_t is_rx_beacon
Definition: ieee80211_ioctl.h:113
ieee80211_stats::is_rx_unauth
uint32_t is_rx_unauth
Definition: ieee80211_ioctl.h:138
ieee80211_stats::is_rx_badsubtype
uint32_t is_rx_badsubtype
Definition: ieee80211_ioctl.h:133
ieee80211_stats::is_scan_bg
uint32_t is_scan_bg
Definition: ieee80211_ioctl.h:222
ieee80211_stats::is_rx_bad_auth
uint32_t is_rx_bad_auth
Definition: ieee80211_ioctl.h:137
ieee80211_stats::is_rx_ctl
uint32_t is_rx_ctl
Definition: ieee80211_ioctl.h:112
ieee80211_stats::is_rx_disassoc
uint32_t is_rx_disassoc
Definition: ieee80211_ioctl.h:132
ieee80211_stats::is_rx_mgtdiscard
uint32_t is_rx_mgtdiscard
Definition: ieee80211_ioctl.h:111
ieee80211_stats::is_rx_mcastecho
uint32_t is_rx_mcastecho
Definition: ieee80211_ioctl.h:105
ieee80211_stats::is_rx_auth_fail
uint32_t is_rx_auth_fail
Definition: ieee80211_ioctl.h:124
ieee80211_stats::is_rx_demicfail
uint32_t is_rx_demicfail
Definition: ieee80211_ioctl.h:188
ieee80211_stats::is_rx_mgmt
uint32_t is_rx_mgmt
Definition: ieee80211_ioctl.h:190
ieee80211_stats::is_rx_wrongbss
uint32_t is_rx_wrongbss
Definition: ieee80211_ioctl.h:102
ieee80211_stats::is_rx_auth_countermeasures
uint32_t is_rx_auth_countermeasures
Definition: ieee80211_ioctl.h:125
ieee80211_stats::is_beacon_bad
uint32_t is_beacon_bad
Definition: ieee80211_ioctl.h:250
ieee80211_stats::is_rx_wrongdir
uint32_t is_rx_wrongdir
Definition: ieee80211_ioctl.h:104
ieee80211_stats::is_rx_disassoc_code
uint8_t is_rx_disassoc_code
Definition: ieee80211_ioctl.h:224
ieee80211_stats::is_rx_decap
uint32_t is_rx_decap
Definition: ieee80211_ioctl.h:110
ieee80211_stats::is_rx_assoc_norate
uint32_t is_rx_assoc_norate
Definition: ieee80211_ioctl.h:129
ieee80211_stats::is_rx_deauth_code
uint8_t is_rx_deauth_code
Definition: ieee80211_ioctl.h:223
ieee80211_stats::is_rx_authfail_code
uint8_t is_rx_authfail_code
Definition: ieee80211_ioctl.h:225
ieee80211_stats::is_beacon_miss
uint32_t is_beacon_miss
Definition: ieee80211_ioctl.h:226
ieee80211_stats::is_rx_noprivacy
uint32_t is_rx_noprivacy
Definition: ieee80211_ioctl.h:107
ieee80211_stats::is_rx_unencrypted
uint32_t is_rx_unencrypted
Definition: ieee80211_ioctl.h:108
ieee80211_tim_ie
Definition: ieee80211.h:1017
ieee80211_tim_ie::tim_period
uint8_t tim_period
Definition: ieee80211.h:1021
ieee80211_tim_ie::tim_bitmap
uint8_t tim_bitmap[1]
Definition: ieee80211.h:1023
ieee80211_tim_ie::tim_count
uint8_t tim_count
Definition: ieee80211.h:1020
ieee80211_tim_ie::tim_bitctl
uint8_t tim_bitctl
Definition: ieee80211.h:1022
ieee80211_tim_ie::tim_len
uint8_t tim_len
Definition: ieee80211.h:1019
ieee80211_wme_param
Definition: ieee80211.h:328
ieee80211_wme_state
Definition: ieee80211_proto.h:284
ieee80211_wme_state::wme_wmeChanParams
struct chanAccParams wme_wmeChanParams
Definition: ieee80211_proto.h:292
ieee80211_wme_state::wme_hipri_traffic
u_int wme_hipri_traffic
Definition: ieee80211_proto.h:287
ieee80211com::ic_bsschan
struct ieee80211_channel * ic_bsschan
Definition: ieee80211_var.h:210
ieee80211com::ic_csa_newchan
struct ieee80211_channel * ic_csa_newchan
Definition: ieee80211_var.h:217
ieee80211com::ic_flags_ext
uint32_t ic_flags_ext
Definition: ieee80211_var.h:162
ieee80211com::ic_flags
uint32_t ic_flags
Definition: ieee80211_var.h:161
ieee80211com::ic_vattach
ieee80211vap_attach ic_vattach[IEEE80211_OPMODE_MAX]
Definition: ieee80211_var.h:274
ieee80211com::ic_set_quiet
int(* ic_set_quiet)(struct ieee80211_node *, u_int8_t *quiet_elm)
Definition: ieee80211_var.h:283
ieee80211com::ic_wme
struct ieee80211_wme_state ic_wme
Definition: ieee80211_var.h:234
ieee80211com::ic_recv_action
int(* ic_recv_action)(struct ieee80211_node *, const struct ieee80211_frame *, const uint8_t *frm, const uint8_t *efrm)
Definition: ieee80211_var.h:347
ieee80211com::ic_csa_count
short ic_csa_count
Definition: ieee80211_var.h:219
ieee80211com::ic_curchan
struct ieee80211_channel * ic_curchan
Definition: ieee80211_var.h:208
ieee80211com::ic_newassoc
void(* ic_newassoc)(struct ieee80211_node *, int)
Definition: ieee80211_var.h:303
ieee80211vap::iv_ic
struct ieee80211com * iv_ic
Definition: ieee80211_var.h:399
ieee80211vap::iv_bss
struct ieee80211_node * iv_bss
Definition: ieee80211_var.h:487
ieee80211vap::iv_bmissthreshold
uint8_t iv_bmissthreshold
Definition: ieee80211_var.h:454
ieee80211vap::iv_roaming
enum ieee80211_roamingmode iv_roaming
Definition: ieee80211_var.h:451
ieee80211vap::iv_opmode
enum ieee80211_opmode iv_opmode
Definition: ieee80211_var.h:414
ieee80211vap::iv_swbmiss_count
uint16_t iv_swbmiss_count
Definition: ieee80211_var.h:457
ieee80211vap::iv_myaddr
uint8_t iv_myaddr[IEEE80211_ADDR_LEN]
Definition: ieee80211_var.h:401
ieee80211vap::iv_flags_ht
uint32_t iv_flags_ht
Definition: ieee80211_var.h:407
ieee80211vap::iv_bgscanidle
u_int iv_bgscanidle
Definition: ieee80211_var.h:441
ieee80211vap::iv_stats
struct ieee80211_stats iv_stats
Definition: ieee80211_var.h:403
ieee80211vap::iv_recv_mgmt
void(* iv_recv_mgmt)(struct ieee80211_node *, struct mbuf *, int, const struct ieee80211_rx_stats *, int, int)
Definition: ieee80211_var.h:538
ieee80211vap::iv_scanreq_mindwell
u_int iv_scanreq_mindwell
Definition: ieee80211_var.h:445
ieee80211vap::iv_auth
const struct ieee80211_authenticator * iv_auth
Definition: ieee80211_var.h:518
ieee80211vap::iv_flags
uint32_t iv_flags
Definition: ieee80211_var.h:405
ieee80211vap::iv_bmiss_count
uint8_t iv_bmiss_count
Definition: ieee80211_var.h:455
ieee80211vap::iv_flags_vht
uint32_t iv_flags_vht
Definition: ieee80211_var.h:428
ieee80211vap::iv_flags_ext
uint32_t iv_flags_ext
Definition: ieee80211_var.h:406
ieee80211vap::iv_state
enum ieee80211_state iv_state
Definition: ieee80211_var.h:415
ieee80211vap::iv_scanreq_maxdwell
u_int iv_scanreq_maxdwell
Definition: ieee80211_var.h:446
ieee80211vap::iv_opdetach
void(* iv_opdetach)(struct ieee80211vap *)
Definition: ieee80211_var.h:532
ieee80211vap::iv_scanreq_flags
uint16_t iv_scanreq_flags
Definition: ieee80211_var.h:447
ieee80211vap::iv_bmiss
void(* iv_bmiss)(struct ieee80211vap *)
Definition: ieee80211_var.h:552
ieee80211vap::iv_swbmiss
struct callout iv_swbmiss
Definition: ieee80211_var.h:459
ieee80211vap::iv_recv_ctl
void(* iv_recv_ctl)(struct ieee80211_node *, struct mbuf *, int)
Definition: ieee80211_var.h:542
ieee80211vap::iv_input
int(* iv_input)(struct ieee80211_node *, struct mbuf *, const struct ieee80211_rx_stats *, int, int)
Definition: ieee80211_var.h:534
ieee80211vap::iv_bgscanintvl
u_int iv_bgscanintvl
Definition: ieee80211_var.h:442
ieee80211vap::iv_scanreq_ssid
struct ieee80211_scan_ssid iv_scanreq_ssid[IEEE80211_SCAN_MAX_SSID]
Definition: ieee80211_var.h:449
ieee80211vap::iv_ifp
struct ifnet * iv_ifp
Definition: ieee80211_var.h:393
ieee80211vap::iv_sta_ps
void(* iv_sta_ps)(struct ieee80211vap *, int)
Definition: ieee80211_var.h:561
ieee80211vap::iv_mgtsend
struct callout iv_mgtsend
Definition: ieee80211_var.h:420
ieee80211vap::iv_swbmiss_period
uint16_t iv_swbmiss_period
Definition: ieee80211_var.h:458
ieee80211vap::iv_scanreq_duration
u_int iv_scanreq_duration
Definition: ieee80211_var.h:444
ieee80211vap::iv_scanreq_nssid
uint8_t iv_scanreq_nssid
Definition: ieee80211_var.h:448
ieee80211vap::iv_newstate
int(* iv_newstate)(struct ieee80211vap *, enum ieee80211_state, int)
Definition: ieee80211_var.h:566
wmeParams::wmep_acm
uint8_t wmep_acm
Definition: ieee80211_proto.h:269
wmeParams::wmep_logcwmax
uint8_t wmep_logcwmax
Definition: ieee80211_proto.h:272
wmeParams::wmep_txopLimit
uint8_t wmep_txopLimit
Definition: ieee80211_proto.h:273
wmeParams::wmep_aifsn
uint8_t wmep_aifsn
Definition: ieee80211_proto.h:270
wmeParams::wmep_logcwmin
uint8_t wmep_logcwmin
Definition: ieee80211_proto.h:271