ieee80211_node.c revision 1.44
1 /* $NetBSD: ieee80211_node.c,v 1.44 2005/09/25 00:03:06 dyoung Exp $ */ 2 /*- 3 * Copyright (c) 2001 Atsushi Onoe 4 * Copyright (c) 2002-2005 Sam Leffler, Errno Consulting 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. The name of the author may not be used to endorse or promote products 16 * derived from this software without specific prior written permission. 17 * 18 * Alternatively, this software may be distributed under the terms of the 19 * GNU General Public License ("GPL") version 2 as published by the Free 20 * Software Foundation. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34 #include <sys/cdefs.h> 35 #ifdef __FreeBSD__ 36 __FBSDID("$FreeBSD: src/sys/net80211/ieee80211_node.c,v 1.48 2005/07/06 01:51:44 sam Exp $"); 37 #endif 38 #ifdef __NetBSD__ 39 __KERNEL_RCSID(0, "$NetBSD: ieee80211_node.c,v 1.44 2005/09/25 00:03:06 dyoung Exp $"); 40 #endif 41 42 #include "opt_inet.h" 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/mbuf.h> 47 #include <sys/malloc.h> 48 #include <sys/kernel.h> 49 50 #include <sys/socket.h> 51 #include <sys/sockio.h> 52 #include <sys/endian.h> 53 #include <sys/errno.h> 54 #include <sys/proc.h> 55 #include <sys/sysctl.h> 56 57 #include <net/if.h> 58 #include <net/if_media.h> 59 #include <net/if_arp.h> 60 #include <net/if_ether.h> 61 #include <net/if_llc.h> 62 63 #include <net80211/ieee80211_netbsd.h> 64 #include <net80211/ieee80211_var.h> 65 66 #include <net/bpf.h> 67 68 #ifdef INET 69 #include <netinet/in.h> 70 #include <net/if_ether.h> 71 #endif 72 73 /* 74 * Association id's are managed with a bit vector. 75 */ 76 #define IEEE80211_AID_SET(b, w) \ 77 ((w)[IEEE80211_AID(b) / 32] |= (1 << (IEEE80211_AID(b) % 32))) 78 #define IEEE80211_AID_CLR(b, w) \ 79 ((w)[IEEE80211_AID(b) / 32] &= ~(1 << (IEEE80211_AID(b) % 32))) 80 #define IEEE80211_AID_ISSET(b, w) \ 81 ((w)[IEEE80211_AID(b) / 32] & (1 << (IEEE80211_AID(b) % 32))) 82 83 static struct ieee80211_node *node_alloc(struct ieee80211_node_table *); 84 static void node_cleanup(struct ieee80211_node *); 85 static void node_free(struct ieee80211_node *); 86 static u_int8_t node_getrssi(const struct ieee80211_node *); 87 88 static void ieee80211_setup_node(struct ieee80211_node_table *, 89 struct ieee80211_node *, const u_int8_t *); 90 static void _ieee80211_free_node(struct ieee80211_node *); 91 static void ieee80211_free_allnodes(struct ieee80211_node_table *); 92 93 static void ieee80211_timeout_scan_candidates(struct ieee80211_node_table *); 94 static void ieee80211_timeout_stations(struct ieee80211_node_table *); 95 96 static void ieee80211_set_tim(struct ieee80211com *, 97 struct ieee80211_node *, int set); 98 99 static void ieee80211_node_table_init(struct ieee80211com *ic, 100 struct ieee80211_node_table *nt, const char *name, int inact, 101 void (*timeout)(struct ieee80211_node_table *)); 102 static void ieee80211_node_table_cleanup(struct ieee80211_node_table *nt); 103 104 MALLOC_DEFINE(M_80211_NODE, "80211node", "802.11 node state"); 105 106 void 107 ieee80211_node_attach(struct ieee80211com *ic) 108 { 109 110 ieee80211_node_table_init(ic, &ic->ic_sta, "station", 111 IEEE80211_INACT_INIT, ieee80211_timeout_stations); 112 ieee80211_node_table_init(ic, &ic->ic_scan, "scan", 113 IEEE80211_INACT_SCAN, ieee80211_timeout_scan_candidates); 114 115 ic->ic_node_alloc = node_alloc; 116 ic->ic_node_free = node_free; 117 ic->ic_node_cleanup = node_cleanup; 118 ic->ic_node_getrssi = node_getrssi; 119 120 /* default station inactivity timer setings */ 121 ic->ic_inact_init = IEEE80211_INACT_INIT; 122 ic->ic_inact_auth = IEEE80211_INACT_AUTH; 123 ic->ic_inact_run = IEEE80211_INACT_RUN; 124 ic->ic_inact_probe = IEEE80211_INACT_PROBE; 125 126 /* XXX defer */ 127 if (ic->ic_max_aid == 0) 128 ic->ic_max_aid = IEEE80211_AID_DEF; 129 else if (ic->ic_max_aid > IEEE80211_AID_MAX) 130 ic->ic_max_aid = IEEE80211_AID_MAX; 131 MALLOC(ic->ic_aid_bitmap, u_int32_t *, 132 howmany(ic->ic_max_aid, 32) * sizeof(u_int32_t), 133 M_DEVBUF, M_NOWAIT | M_ZERO); 134 if (ic->ic_aid_bitmap == NULL) { 135 /* XXX no way to recover */ 136 printf("%s: no memory for AID bitmap!\n", __func__); 137 ic->ic_max_aid = 0; 138 } 139 140 /* XXX defer until using hostap/ibss mode */ 141 ic->ic_tim_len = howmany(ic->ic_max_aid, 8) * sizeof(u_int8_t); 142 MALLOC(ic->ic_tim_bitmap, u_int8_t *, ic->ic_tim_len, 143 M_DEVBUF, M_NOWAIT | M_ZERO); 144 if (ic->ic_tim_bitmap == NULL) { 145 /* XXX no way to recover */ 146 printf("%s: no memory for TIM bitmap!\n", __func__); 147 } 148 ic->ic_set_tim = ieee80211_set_tim; /* NB: driver should override */ 149 } 150 151 void 152 ieee80211_node_lateattach(struct ieee80211com *ic) 153 { 154 struct ieee80211_node *ni; 155 struct ieee80211_rsnparms *rsn; 156 157 ni = ieee80211_alloc_node(&ic->ic_scan, ic->ic_myaddr); 158 IASSERT(ni != NULL, ("unable to setup inital BSS node")); 159 /* 160 * Setup "global settings" in the bss node so that 161 * each new station automatically inherits them. 162 */ 163 rsn = &ni->ni_rsn; 164 /* WEP, TKIP, and AES-CCM are always supported */ 165 rsn->rsn_ucastcipherset |= 1<<IEEE80211_CIPHER_WEP; 166 rsn->rsn_ucastcipherset |= 1<<IEEE80211_CIPHER_TKIP; 167 rsn->rsn_ucastcipherset |= 1<<IEEE80211_CIPHER_AES_CCM; 168 if (ic->ic_caps & IEEE80211_C_AES) 169 rsn->rsn_ucastcipherset |= 1<<IEEE80211_CIPHER_AES_OCB; 170 if (ic->ic_caps & IEEE80211_C_CKIP) 171 rsn->rsn_ucastcipherset |= 1<<IEEE80211_CIPHER_CKIP; 172 /* 173 * Default unicast cipher to WEP for 802.1x use. If 174 * WPA is enabled the management code will set these 175 * values to reflect. 176 */ 177 rsn->rsn_ucastcipher = IEEE80211_CIPHER_WEP; 178 rsn->rsn_ucastkeylen = 104 / NBBY; 179 /* 180 * WPA says the multicast cipher is the lowest unicast 181 * cipher supported. But we skip WEP which would 182 * otherwise be used based on this criteria. 183 */ 184 rsn->rsn_mcastcipher = IEEE80211_CIPHER_TKIP; 185 rsn->rsn_mcastkeylen = 128 / NBBY; 186 187 /* 188 * We support both WPA-PSK and 802.1x; the one used 189 * is determined by the authentication mode and the 190 * setting of the PSK state. 191 */ 192 rsn->rsn_keymgmtset = WPA_ASE_8021X_UNSPEC | WPA_ASE_8021X_PSK; 193 rsn->rsn_keymgmt = WPA_ASE_8021X_PSK; 194 195 ic->ic_bss = ieee80211_ref_node(ni); /* hold reference */ 196 ic->ic_auth = ieee80211_authenticator_get(ni->ni_authmode); 197 } 198 199 void 200 ieee80211_node_detach(struct ieee80211com *ic) 201 { 202 203 if (ic->ic_bss != NULL) { 204 ieee80211_free_node(ic->ic_bss); 205 ic->ic_bss = NULL; 206 } 207 ieee80211_node_table_cleanup(&ic->ic_scan); 208 ieee80211_node_table_cleanup(&ic->ic_sta); 209 if (ic->ic_aid_bitmap != NULL) { 210 FREE(ic->ic_aid_bitmap, M_DEVBUF); 211 ic->ic_aid_bitmap = NULL; 212 } 213 if (ic->ic_tim_bitmap != NULL) { 214 FREE(ic->ic_tim_bitmap, M_DEVBUF); 215 ic->ic_tim_bitmap = NULL; 216 } 217 } 218 219 /* 220 * Port authorize/unauthorize interfaces for use by an authenticator. 221 */ 222 223 void 224 ieee80211_node_authorize(struct ieee80211com *ic, struct ieee80211_node *ni) 225 { 226 ni->ni_flags |= IEEE80211_NODE_AUTH; 227 ni->ni_inact_reload = ic->ic_inact_run; 228 } 229 230 void 231 ieee80211_node_unauthorize(struct ieee80211com *ic, struct ieee80211_node *ni) 232 { 233 ni->ni_flags &= ~IEEE80211_NODE_AUTH; 234 } 235 236 /* 237 * Set/change the channel. The rate set is also updated as 238 * to insure a consistent view by drivers. 239 */ 240 static __inline void 241 ieee80211_set_chan(struct ieee80211com *ic, 242 struct ieee80211_node *ni, struct ieee80211_channel *chan) 243 { 244 ni->ni_chan = chan; 245 ni->ni_rates = ic->ic_sup_rates[ieee80211_chan2mode(ic, chan)]; 246 } 247 248 /* 249 * AP scanning support. 250 */ 251 252 #ifdef IEEE80211_DEBUG 253 static void 254 dump_chanlist(const u_char chans[]) 255 { 256 const char *sep; 257 int i; 258 259 sep = " "; 260 for (i = 0; i < IEEE80211_CHAN_MAX; i++) 261 if (isset(chans, i)) { 262 printf("%s%u", sep, i); 263 sep = ", "; 264 } 265 } 266 #endif /* IEEE80211_DEBUG */ 267 268 /* 269 * Initialize the channel set to scan based on the 270 * of available channels and the current PHY mode. 271 */ 272 static void 273 ieee80211_reset_scan(struct ieee80211com *ic) 274 { 275 276 /* XXX ic_des_chan should be handled with ic_chan_active */ 277 if (ic->ic_des_chan != IEEE80211_CHAN_ANYC) { 278 memset(ic->ic_chan_scan, 0, sizeof(ic->ic_chan_scan)); 279 setbit(ic->ic_chan_scan, 280 ieee80211_chan2ieee(ic, ic->ic_des_chan)); 281 } else 282 memcpy(ic->ic_chan_scan, ic->ic_chan_active, 283 sizeof(ic->ic_chan_active)); 284 /* NB: hack, setup so next_scan starts with the first channel */ 285 if (ic->ic_bss->ni_chan == IEEE80211_CHAN_ANYC) 286 ieee80211_set_chan(ic, ic->ic_bss, 287 &ic->ic_channels[IEEE80211_CHAN_MAX]); 288 #ifdef IEEE80211_DEBUG 289 if (ieee80211_msg_scan(ic)) { 290 printf("%s: scan set:", __func__); 291 dump_chanlist(ic->ic_chan_scan); 292 printf(" start chan %u\n", 293 ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan)); 294 } 295 #endif /* IEEE80211_DEBUG */ 296 } 297 298 /* 299 * Begin an active scan. 300 */ 301 void 302 ieee80211_begin_scan(struct ieee80211com *ic, int reset) 303 { 304 305 ic->ic_scan.nt_scangen++; 306 /* 307 * In all but hostap mode scanning starts off in 308 * an active mode before switching to passive. 309 */ 310 if (ic->ic_opmode != IEEE80211_M_HOSTAP) { 311 ic->ic_flags |= IEEE80211_F_ASCAN; 312 ic->ic_stats.is_scan_active++; 313 } else 314 ic->ic_stats.is_scan_passive++; 315 IEEE80211_DPRINTF(ic, IEEE80211_MSG_SCAN, 316 "begin %s scan in %s mode, scangen %u\n", 317 (ic->ic_flags & IEEE80211_F_ASCAN) ? "active" : "passive", 318 ieee80211_phymode_name[ic->ic_curmode], ic->ic_scan.nt_scangen); 319 /* 320 * Clear scan state and flush any previously seen AP's. 321 */ 322 ieee80211_reset_scan(ic); 323 if (reset) 324 ieee80211_free_allnodes(&ic->ic_scan); 325 326 ic->ic_flags |= IEEE80211_F_SCAN; 327 328 /* Scan the next channel. */ 329 ieee80211_next_scan(ic); 330 } 331 332 /* 333 * Switch to the next channel marked for scanning. 334 */ 335 int 336 ieee80211_next_scan(struct ieee80211com *ic) 337 { 338 struct ieee80211_channel *chan; 339 340 /* 341 * Insure any previous mgt frame timeouts don't fire. 342 * This assumes the driver does the right thing in 343 * flushing anything queued in the driver and below. 344 */ 345 ic->ic_mgt_timer = 0; 346 347 chan = ic->ic_bss->ni_chan; 348 do { 349 if (++chan > &ic->ic_channels[IEEE80211_CHAN_MAX]) 350 chan = &ic->ic_channels[0]; 351 if (isset(ic->ic_chan_scan, ieee80211_chan2ieee(ic, chan))) { 352 clrbit(ic->ic_chan_scan, ieee80211_chan2ieee(ic, chan)); 353 IEEE80211_DPRINTF(ic, IEEE80211_MSG_SCAN, 354 "%s: chan %d->%d\n", __func__, 355 ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan), 356 ieee80211_chan2ieee(ic, chan)); 357 ieee80211_set_chan(ic, ic->ic_bss, chan); 358 #ifdef notyet 359 /* XXX driver state change */ 360 /* 361 * Scan next channel. If doing an active scan 362 * and the channel is not marked passive-only 363 * then send a probe request. Otherwise just 364 * listen for beacons on the channel. 365 */ 366 if ((ic->ic_flags & IEEE80211_F_ASCAN) && 367 (ni->ni_chan->ic_flags & IEEE80211_CHAN_PASSIVE) == 0) { 368 IEEE80211_SEND_MGMT(ic, ni, 369 IEEE80211_FC0_SUBTYPE_PROBE_REQ, 0); 370 } 371 #else 372 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 373 #endif 374 return 1; 375 } 376 } while (chan != ic->ic_bss->ni_chan); 377 ieee80211_end_scan(ic); 378 return 0; 379 } 380 381 static __inline void 382 copy_bss(struct ieee80211_node *nbss, const struct ieee80211_node *obss) 383 { 384 /* propagate useful state */ 385 nbss->ni_authmode = obss->ni_authmode; 386 nbss->ni_txpower = obss->ni_txpower; 387 nbss->ni_vlan = obss->ni_vlan; 388 nbss->ni_rsn = obss->ni_rsn; 389 /* XXX statistics? */ 390 } 391 392 void 393 ieee80211_create_ibss(struct ieee80211com* ic, struct ieee80211_channel *chan) 394 { 395 struct ieee80211_node_table *nt; 396 struct ieee80211_node *ni; 397 398 IEEE80211_DPRINTF(ic, IEEE80211_MSG_SCAN, 399 "%s: creating ibss\n", __func__); 400 401 /* 402 * Create the station/neighbor table. Note that for adhoc 403 * mode we make the initial inactivity timer longer since 404 * we create nodes only through discovery and they typically 405 * are long-lived associations. 406 */ 407 nt = &ic->ic_sta; 408 IEEE80211_NODE_LOCK(nt); 409 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 410 nt->nt_name = "station"; 411 nt->nt_inact_init = ic->ic_inact_init; 412 } else { 413 nt->nt_name = "neighbor"; 414 nt->nt_inact_init = ic->ic_inact_run; 415 } 416 IEEE80211_NODE_UNLOCK(nt); 417 418 ni = ieee80211_alloc_node(nt, ic->ic_myaddr); 419 if (ni == NULL) { 420 /* XXX recovery? */ 421 return; 422 } 423 IEEE80211_ADDR_COPY(ni->ni_bssid, ic->ic_myaddr); 424 ni->ni_esslen = ic->ic_des_esslen; 425 memcpy(ni->ni_essid, ic->ic_des_essid, ni->ni_esslen); 426 copy_bss(ni, ic->ic_bss); 427 ni->ni_intval = ic->ic_lintval; 428 if (ic->ic_flags & IEEE80211_F_PRIVACY) 429 ni->ni_capinfo |= IEEE80211_CAPINFO_PRIVACY; 430 if (ic->ic_phytype == IEEE80211_T_FH) { 431 ni->ni_fhdwell = 200; /* XXX */ 432 ni->ni_fhindex = 1; 433 } 434 if (ic->ic_opmode == IEEE80211_M_IBSS) { 435 ic->ic_flags |= IEEE80211_F_SIBSS; 436 ni->ni_capinfo |= IEEE80211_CAPINFO_IBSS; /* XXX */ 437 if (ic->ic_flags & IEEE80211_F_DESBSSID) 438 IEEE80211_ADDR_COPY(ni->ni_bssid, ic->ic_des_bssid); 439 else 440 ni->ni_bssid[0] |= 0x02; /* local bit for IBSS */ 441 } 442 /* 443 * Fix the channel and related attributes. 444 */ 445 ieee80211_set_chan(ic, ni, chan); 446 ic->ic_curmode = ieee80211_chan2mode(ic, chan); 447 /* 448 * Do mode-specific rate setup. 449 */ 450 if (ic->ic_curmode == IEEE80211_MODE_11G) { 451 /* 452 * Use a mixed 11b/11g rate set. 453 */ 454 ieee80211_set11gbasicrates(&ni->ni_rates, IEEE80211_MODE_11G); 455 } else if (ic->ic_curmode == IEEE80211_MODE_11B) { 456 /* 457 * Force pure 11b rate set. 458 */ 459 ieee80211_set11gbasicrates(&ni->ni_rates, IEEE80211_MODE_11B); 460 } 461 462 (void) ieee80211_sta_join(ic, ieee80211_ref_node(ni)); 463 } 464 465 void 466 ieee80211_reset_bss(struct ieee80211com *ic) 467 { 468 struct ieee80211_node *ni, *obss; 469 470 ieee80211_node_table_reset(&ic->ic_scan); 471 ieee80211_node_table_reset(&ic->ic_sta); 472 473 ni = ieee80211_alloc_node(&ic->ic_scan, ic->ic_myaddr); 474 IASSERT(ni != NULL, ("unable to setup inital BSS node")); 475 obss = ic->ic_bss; 476 ic->ic_bss = ieee80211_ref_node(ni); 477 if (obss != NULL) { 478 copy_bss(ni, obss); 479 ni->ni_intval = ic->ic_lintval; 480 ieee80211_free_node(obss); 481 } 482 } 483 484 static int 485 ieee80211_match_bss(struct ieee80211com *ic, struct ieee80211_node *ni) 486 { 487 u_int8_t rate; 488 int fail; 489 490 fail = 0; 491 if (isclr(ic->ic_chan_active, ieee80211_chan2ieee(ic, ni->ni_chan))) 492 fail |= 0x01; 493 if (ic->ic_des_chan != IEEE80211_CHAN_ANYC && 494 ni->ni_chan != ic->ic_des_chan) 495 fail |= 0x01; 496 if (ic->ic_opmode == IEEE80211_M_IBSS) { 497 if ((ni->ni_capinfo & IEEE80211_CAPINFO_IBSS) == 0) 498 fail |= 0x02; 499 } else { 500 if ((ni->ni_capinfo & IEEE80211_CAPINFO_ESS) == 0) 501 fail |= 0x02; 502 } 503 if (ic->ic_flags & IEEE80211_F_PRIVACY) { 504 if ((ni->ni_capinfo & IEEE80211_CAPINFO_PRIVACY) == 0) 505 fail |= 0x04; 506 } else { 507 /* XXX does this mean privacy is supported or required? */ 508 if (ni->ni_capinfo & IEEE80211_CAPINFO_PRIVACY) 509 fail |= 0x04; 510 } 511 rate = ieee80211_fix_rate(ic, ni, 512 IEEE80211_F_DONEGO | IEEE80211_F_DOFRATE); 513 if (rate & IEEE80211_RATE_BASIC) 514 fail |= 0x08; 515 if (ic->ic_des_esslen != 0 && 516 (ni->ni_esslen != ic->ic_des_esslen || 517 memcmp(ni->ni_essid, ic->ic_des_essid, ic->ic_des_esslen) != 0)) 518 fail |= 0x10; 519 if ((ic->ic_flags & IEEE80211_F_DESBSSID) && 520 !IEEE80211_ADDR_EQ(ic->ic_des_bssid, ni->ni_bssid)) 521 fail |= 0x20; 522 #ifdef IEEE80211_DEBUG 523 if (ieee80211_msg_scan(ic)) { 524 printf(" %c %s", fail ? '-' : '+', 525 ether_sprintf(ni->ni_macaddr)); 526 printf(" %s%c", ether_sprintf(ni->ni_bssid), 527 fail & 0x20 ? '!' : ' '); 528 printf(" %3d%c", ieee80211_chan2ieee(ic, ni->ni_chan), 529 fail & 0x01 ? '!' : ' '); 530 printf(" %+4d", ni->ni_rssi); 531 printf(" %2dM%c", (rate & IEEE80211_RATE_VAL) / 2, 532 fail & 0x08 ? '!' : ' '); 533 printf(" %4s%c", 534 (ni->ni_capinfo & IEEE80211_CAPINFO_ESS) ? "ess" : 535 (ni->ni_capinfo & IEEE80211_CAPINFO_IBSS) ? "ibss" : 536 "????", 537 fail & 0x02 ? '!' : ' '); 538 printf(" %3s%c ", 539 (ni->ni_capinfo & IEEE80211_CAPINFO_PRIVACY) ? 540 "wep" : "no", 541 fail & 0x04 ? '!' : ' '); 542 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 543 printf("%s\n", fail & 0x10 ? "!" : ""); 544 } 545 #endif 546 return fail; 547 } 548 549 static __inline u_int8_t 550 maxrate(const struct ieee80211_node *ni) 551 { 552 const struct ieee80211_rateset *rs = &ni->ni_rates; 553 /* NB: assumes rate set is sorted (happens on frame receive) */ 554 return rs->rs_rates[rs->rs_nrates-1] & IEEE80211_RATE_VAL; 555 } 556 557 /* 558 * Compare the capabilities of two nodes and decide which is 559 * more desirable (return >0 if a is considered better). Note 560 * that we assume compatibility/usability has already been checked 561 * so we don't need to (e.g. validate whether privacy is supported). 562 * Used to select the best scan candidate for association in a BSS. 563 */ 564 static int 565 ieee80211_node_compare(struct ieee80211com *ic, 566 const struct ieee80211_node *a, 567 const struct ieee80211_node *b) 568 { 569 u_int8_t maxa, maxb; 570 u_int8_t rssia, rssib; 571 572 /* privacy support preferred */ 573 if ((a->ni_capinfo & IEEE80211_CAPINFO_PRIVACY) && 574 (b->ni_capinfo & IEEE80211_CAPINFO_PRIVACY) == 0) 575 return 1; 576 if ((a->ni_capinfo & IEEE80211_CAPINFO_PRIVACY) == 0 && 577 (b->ni_capinfo & IEEE80211_CAPINFO_PRIVACY)) 578 return -1; 579 580 rssia = ic->ic_node_getrssi(a); 581 rssib = ic->ic_node_getrssi(b); 582 if (abs(rssib - rssia) < 5) { 583 /* best/max rate preferred if signal level close enough XXX */ 584 maxa = maxrate(a); 585 maxb = maxrate(b); 586 if (maxa != maxb) 587 return maxa - maxb; 588 /* XXX use freq for channel preference */ 589 /* for now just prefer 5Ghz band to all other bands */ 590 if (IEEE80211_IS_CHAN_5GHZ(a->ni_chan) && 591 !IEEE80211_IS_CHAN_5GHZ(b->ni_chan)) 592 return 1; 593 if (!IEEE80211_IS_CHAN_5GHZ(a->ni_chan) && 594 IEEE80211_IS_CHAN_5GHZ(b->ni_chan)) 595 return -1; 596 } 597 /* all things being equal, use signal level */ 598 return rssia - rssib; 599 } 600 601 /* 602 * Mark an ongoing scan stopped. 603 */ 604 void 605 ieee80211_cancel_scan(struct ieee80211com *ic) 606 { 607 608 IEEE80211_DPRINTF(ic, IEEE80211_MSG_SCAN, "%s: end %s scan\n", 609 __func__, 610 (ic->ic_flags & IEEE80211_F_ASCAN) ? "active" : "passive"); 611 612 ic->ic_flags &= ~(IEEE80211_F_SCAN | IEEE80211_F_ASCAN); 613 } 614 615 /* 616 * Complete a scan of potential channels. 617 */ 618 void 619 ieee80211_end_scan(struct ieee80211com *ic) 620 { 621 struct ieee80211_node_table *nt = &ic->ic_scan; 622 struct ieee80211_node *ni, *selbs; 623 624 ieee80211_cancel_scan(ic); 625 ieee80211_notify_scan_done(ic); 626 627 #ifndef IEEE80211_NO_HOSTAP 628 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 629 u_int8_t maxrssi[IEEE80211_CHAN_MAX]; /* XXX off stack? */ 630 int i, bestchan; 631 u_int8_t rssi; 632 633 /* 634 * The passive scan to look for existing AP's completed, 635 * select a channel to camp on. Identify the channels 636 * that already have one or more AP's and try to locate 637 * an unoccupied one. If that fails, pick a channel that 638 * looks to be quietest. 639 */ 640 memset(maxrssi, 0, sizeof(maxrssi)); 641 IEEE80211_NODE_LOCK(nt); 642 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) { 643 rssi = ic->ic_node_getrssi(ni); 644 i = ieee80211_chan2ieee(ic, ni->ni_chan); 645 if (rssi > maxrssi[i]) 646 maxrssi[i] = rssi; 647 } 648 IEEE80211_NODE_UNLOCK(nt); 649 /* XXX select channel more intelligently */ 650 bestchan = -1; 651 for (i = 0; i < IEEE80211_CHAN_MAX; i++) 652 if (isset(ic->ic_chan_active, i)) { 653 /* 654 * If the channel is unoccupied the max rssi 655 * should be zero; just take it. Otherwise 656 * track the channel with the lowest rssi and 657 * use that when all channels appear occupied. 658 */ 659 if (maxrssi[i] == 0) { 660 bestchan = i; 661 break; 662 } 663 if (bestchan == -1 || 664 maxrssi[i] < maxrssi[bestchan]) 665 bestchan = i; 666 } 667 if (bestchan != -1) { 668 ieee80211_create_ibss(ic, &ic->ic_channels[bestchan]); 669 return; 670 } 671 /* no suitable channel, should not happen */ 672 } 673 #endif /* !IEEE80211_NO_HOSTAP */ 674 675 /* 676 * When manually sequencing the state machine; scan just once 677 * regardless of whether we have a candidate or not. The 678 * controlling application is expected to setup state and 679 * initiate an association. 680 */ 681 if (ic->ic_roaming == IEEE80211_ROAMING_MANUAL) 682 return; 683 /* 684 * Automatic sequencing; look for a candidate and 685 * if found join the network. 686 */ 687 /* NB: unlocked read should be ok */ 688 if (TAILQ_FIRST(&nt->nt_node) == NULL) { 689 IEEE80211_DPRINTF(ic, IEEE80211_MSG_SCAN, 690 "%s: no scan candidate\n", __func__); 691 notfound: 692 if (ic->ic_opmode == IEEE80211_M_IBSS && 693 (ic->ic_flags & IEEE80211_F_IBSSON) && 694 ic->ic_des_esslen != 0) { 695 ieee80211_create_ibss(ic, ic->ic_ibss_chan); 696 return; 697 } 698 /* 699 * Reset the list of channels to scan and start again. 700 */ 701 ieee80211_reset_scan(ic); 702 ic->ic_flags |= IEEE80211_F_SCAN; 703 ieee80211_next_scan(ic); 704 return; 705 } 706 selbs = NULL; 707 IEEE80211_DPRINTF(ic, IEEE80211_MSG_SCAN, "\t%s\n", 708 "macaddr bssid chan rssi rate flag wep essid"); 709 IEEE80211_NODE_LOCK(nt); 710 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) { 711 if (ni->ni_fails) { 712 /* 713 * The configuration of the access points may change 714 * during my scan. So delete the entry for the AP 715 * and retry to associate if there is another beacon. 716 */ 717 IEEE80211_DPRINTF(ic, IEEE80211_MSG_SCAN, 718 "%s: skip scan candidate %s, fails %u\n", 719 __func__, ether_sprintf(ni->ni_macaddr), 720 ni->ni_fails); 721 ni->ni_fails++; 722 #if 0 723 if (ni->ni_fails++ > 2) 724 ieee80211_free_node(ni); 725 #endif 726 continue; 727 } 728 if (ieee80211_match_bss(ic, ni) == 0) { 729 if (selbs == NULL) 730 selbs = ni; 731 else if (ieee80211_node_compare(ic, ni, selbs) > 0) 732 selbs = ni; 733 } 734 } 735 if (selbs != NULL) /* NB: grab ref while dropping lock */ 736 (void) ieee80211_ref_node(selbs); 737 IEEE80211_NODE_UNLOCK(nt); 738 if (selbs == NULL) 739 goto notfound; 740 if (!ieee80211_sta_join(ic, selbs)) { 741 ieee80211_free_node(selbs); 742 goto notfound; 743 } 744 } 745 746 /* 747 * Handle 802.11 ad hoc network merge. The 748 * convention, set by the Wireless Ethernet Compatibility Alliance 749 * (WECA), is that an 802.11 station will change its BSSID to match 750 * the "oldest" 802.11 ad hoc network, on the same channel, that 751 * has the station's desired SSID. The "oldest" 802.11 network 752 * sends beacons with the greatest TSF timestamp. 753 * 754 * The caller is assumed to validate TSF's before attempting a merge. 755 * 756 * Return !0 if the BSSID changed, 0 otherwise. 757 */ 758 int 759 ieee80211_ibss_merge(struct ieee80211com *ic, struct ieee80211_node *ni) 760 { 761 762 if (ni == ic->ic_bss || 763 IEEE80211_ADDR_EQ(ni->ni_bssid, ic->ic_bss->ni_bssid)) { 764 /* unchanged, nothing to do */ 765 return 0; 766 } 767 if (ieee80211_match_bss(ic, ni) != 0) { /* capabilities mismatch */ 768 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC, 769 "%s: merge failed, capabilities mismatch\n", __func__); 770 ic->ic_stats.is_ibss_capmismatch++; 771 return 0; 772 } 773 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC, 774 "%s: new bssid %s: %s preamble, %s slot time%s\n", __func__, 775 ether_sprintf(ni->ni_bssid), 776 ic->ic_flags&IEEE80211_F_SHPREAMBLE ? "short" : "long", 777 ic->ic_flags&IEEE80211_F_SHSLOT ? "short" : "long", 778 ic->ic_flags&IEEE80211_F_USEPROT ? ", protection" : "" 779 ); 780 return ieee80211_sta_join(ic, ieee80211_ref_node(ni)); 781 } 782 783 /* 784 * Join the specified IBSS/BSS network. The node is assumed to 785 * be passed in with a held reference. 786 */ 787 int 788 ieee80211_sta_join(struct ieee80211com *ic, struct ieee80211_node *selbs) 789 { 790 struct ieee80211_node *obss; 791 792 if (ic->ic_opmode == IEEE80211_M_IBSS) { 793 struct ieee80211_node_table *nt; 794 /* 795 * Delete unusable rates; we've already checked 796 * that the negotiated rate set is acceptable. 797 */ 798 ieee80211_fix_rate(ic, selbs, IEEE80211_F_DODEL); 799 /* 800 * Fillin the neighbor table; it will already 801 * exist if we are simply switching mastership. 802 * XXX ic_sta always setup so this is unnecessary? 803 */ 804 nt = &ic->ic_sta; 805 IEEE80211_NODE_LOCK(nt); 806 nt->nt_name = "neighbor"; 807 nt->nt_inact_init = ic->ic_inact_run; 808 IEEE80211_NODE_UNLOCK(nt); 809 } 810 811 /* 812 * Committed to selbs, setup state. 813 */ 814 obss = ic->ic_bss; 815 ic->ic_bss = selbs; /* NB: caller assumed to bump refcnt */ 816 if (obss != NULL) 817 ieee80211_free_node(obss); 818 /* 819 * Set the erp state (mostly the slot time) to deal with 820 * the auto-select case; this should be redundant if the 821 * mode is locked. 822 */ 823 ic->ic_curmode = ieee80211_chan2mode(ic, selbs->ni_chan); 824 ieee80211_reset_erp(ic); 825 ieee80211_wme_initparams(ic); 826 827 if (ic->ic_opmode == IEEE80211_M_STA) 828 ieee80211_new_state(ic, IEEE80211_S_AUTH, -1); 829 else 830 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 831 return 1; 832 } 833 834 /* 835 * Leave the specified IBSS/BSS network. The node is assumed to 836 * be passed in with a held reference. 837 */ 838 void 839 ieee80211_sta_leave(struct ieee80211com *ic, struct ieee80211_node *ni) 840 { 841 ic->ic_node_cleanup(ni); 842 ieee80211_notify_node_leave(ic, ni); 843 } 844 845 int 846 ieee80211_get_rate(struct ieee80211com *ic) 847 { 848 u_int8_t (*rates)[IEEE80211_RATE_MAXSIZE]; 849 int rate; 850 851 rates = &ic->ic_bss->ni_rates.rs_rates; 852 853 if (ic->ic_fixed_rate != -1) 854 rate = (*rates)[ic->ic_fixed_rate]; 855 else if (ic->ic_state == IEEE80211_S_RUN) 856 rate = (*rates)[ic->ic_bss->ni_txrate]; 857 else 858 rate = 0; 859 860 return rate & IEEE80211_RATE_VAL; 861 } 862 863 static struct ieee80211_node * 864 node_alloc(struct ieee80211_node_table *nt) 865 { 866 struct ieee80211_node *ni; 867 868 MALLOC(ni, struct ieee80211_node *, sizeof(struct ieee80211_node), 869 M_80211_NODE, M_NOWAIT | M_ZERO); 870 return ni; 871 } 872 873 /* 874 * Reclaim any resources in a node and reset any critical 875 * state. Typically nodes are free'd immediately after, 876 * but in some cases the storage may be reused so we need 877 * to insure consistent state (should probably fix that). 878 */ 879 static void 880 node_cleanup(struct ieee80211_node *ni) 881 { 882 #define N(a) (sizeof(a)/sizeof(a[0])) 883 struct ieee80211com *ic = ni->ni_ic; 884 int i, qlen; 885 886 /* NB: preserve ni_table */ 887 if (ni->ni_flags & IEEE80211_NODE_PWR_MGT) { 888 ic->ic_ps_sta--; 889 ni->ni_flags &= ~IEEE80211_NODE_PWR_MGT; 890 IEEE80211_DPRINTF(ic, IEEE80211_MSG_POWER, 891 "[%s] power save mode off, %u sta's in ps mode\n", 892 ether_sprintf(ni->ni_macaddr), ic->ic_ps_sta); 893 } 894 /* 895 * Clear AREF flag that marks the authorization refcnt bump 896 * has happened. This is probably not needed as the node 897 * should always be removed from the table so not found but 898 * do it just in case. 899 */ 900 ni->ni_flags &= ~IEEE80211_NODE_AREF; 901 902 /* 903 * Drain power save queue and, if needed, clear TIM. 904 */ 905 IEEE80211_NODE_SAVEQ_DRAIN(ni, qlen); 906 if (qlen != 0 && ic->ic_set_tim != NULL) 907 ic->ic_set_tim(ic, ni, 0); 908 909 ni->ni_associd = 0; 910 if (ni->ni_challenge != NULL) { 911 FREE(ni->ni_challenge, M_DEVBUF); 912 ni->ni_challenge = NULL; 913 } 914 /* 915 * Preserve SSID, WPA, and WME ie's so the bss node is 916 * reusable during a re-auth/re-assoc state transition. 917 * If we remove these data they will not be recreated 918 * because they come from a probe-response or beacon frame 919 * which cannot be expected prior to the association-response. 920 * This should not be an issue when operating in other modes 921 * as stations leaving always go through a full state transition 922 * which will rebuild this state. 923 * 924 * XXX does this leave us open to inheriting old state? 925 */ 926 for (i = 0; i < N(ni->ni_rxfrag); i++) 927 if (ni->ni_rxfrag[i] != NULL) { 928 m_freem(ni->ni_rxfrag[i]); 929 ni->ni_rxfrag[i] = NULL; 930 } 931 ieee80211_crypto_delkey(ic, &ni->ni_ucastkey); 932 #undef N 933 } 934 935 static void 936 node_free(struct ieee80211_node *ni) 937 { 938 struct ieee80211com *ic = ni->ni_ic; 939 940 ic->ic_node_cleanup(ni); 941 if (ni->ni_wpa_ie != NULL) 942 FREE(ni->ni_wpa_ie, M_DEVBUF); 943 if (ni->ni_wme_ie != NULL) 944 FREE(ni->ni_wme_ie, M_DEVBUF); 945 IEEE80211_NODE_SAVEQ_DESTROY(ni); 946 FREE(ni, M_80211_NODE); 947 } 948 949 static u_int8_t 950 node_getrssi(const struct ieee80211_node *ni) 951 { 952 return ni->ni_rssi; 953 } 954 955 static void 956 ieee80211_setup_node(struct ieee80211_node_table *nt, 957 struct ieee80211_node *ni, const u_int8_t *macaddr) 958 { 959 struct ieee80211com *ic = nt->nt_ic; 960 int hash; 961 962 IEEE80211_DPRINTF(ic, IEEE80211_MSG_NODE, 963 "%s %p<%s> in %s table\n", __func__, ni, 964 ether_sprintf(macaddr), nt->nt_name); 965 966 IEEE80211_ADDR_COPY(ni->ni_macaddr, macaddr); 967 hash = IEEE80211_NODE_HASH(macaddr); 968 ieee80211_node_initref(ni); /* mark referenced */ 969 ni->ni_chan = IEEE80211_CHAN_ANYC; 970 ni->ni_authmode = IEEE80211_AUTH_OPEN; 971 ni->ni_txpower = ic->ic_txpowlimit; /* max power */ 972 ieee80211_crypto_resetkey(ic, &ni->ni_ucastkey, IEEE80211_KEYIX_NONE); 973 ni->ni_inact_reload = nt->nt_inact_init; 974 ni->ni_inact = ni->ni_inact_reload; 975 IEEE80211_NODE_SAVEQ_INIT(ni, "unknown"); 976 977 IEEE80211_NODE_LOCK(nt); 978 TAILQ_INSERT_TAIL(&nt->nt_node, ni, ni_list); 979 LIST_INSERT_HEAD(&nt->nt_hash[hash], ni, ni_hash); 980 ni->ni_table = nt; 981 ni->ni_ic = ic; 982 IEEE80211_NODE_UNLOCK(nt); 983 } 984 985 struct ieee80211_node * 986 ieee80211_alloc_node(struct ieee80211_node_table *nt, const u_int8_t *macaddr) 987 { 988 struct ieee80211com *ic = nt->nt_ic; 989 struct ieee80211_node *ni; 990 991 ni = ic->ic_node_alloc(nt); 992 if (ni != NULL) 993 ieee80211_setup_node(nt, ni, macaddr); 994 else 995 ic->ic_stats.is_rx_nodealloc++; 996 return ni; 997 } 998 999 struct ieee80211_node * 1000 ieee80211_dup_bss(struct ieee80211_node_table *nt, const u_int8_t *macaddr) 1001 { 1002 struct ieee80211com *ic = nt->nt_ic; 1003 struct ieee80211_node *ni; 1004 1005 ni = ic->ic_node_alloc(nt); 1006 if (ni != NULL) { 1007 ieee80211_setup_node(nt, ni, macaddr); 1008 /* 1009 * Inherit from ic_bss. 1010 */ 1011 ni->ni_authmode = ic->ic_bss->ni_authmode; 1012 ni->ni_txpower = ic->ic_bss->ni_txpower; 1013 ni->ni_vlan = ic->ic_bss->ni_vlan; /* XXX?? */ 1014 IEEE80211_ADDR_COPY(ni->ni_bssid, ic->ic_bss->ni_bssid); 1015 ieee80211_set_chan(ic, ni, ic->ic_bss->ni_chan); 1016 ni->ni_rsn = ic->ic_bss->ni_rsn; 1017 } else 1018 ic->ic_stats.is_rx_nodealloc++; 1019 return ni; 1020 } 1021 1022 static struct ieee80211_node * 1023 #ifdef IEEE80211_DEBUG_REFCNT 1024 _ieee80211_find_node_debug(struct ieee80211_node_table *nt, 1025 const u_int8_t *macaddr, const char *func, int line) 1026 #else 1027 _ieee80211_find_node(struct ieee80211_node_table *nt, 1028 const u_int8_t *macaddr) 1029 #endif 1030 { 1031 struct ieee80211_node *ni; 1032 int hash; 1033 1034 IEEE80211_NODE_LOCK_ASSERT(nt); 1035 1036 hash = IEEE80211_NODE_HASH(macaddr); 1037 LIST_FOREACH(ni, &nt->nt_hash[hash], ni_hash) { 1038 if (IEEE80211_ADDR_EQ(ni->ni_macaddr, macaddr)) { 1039 ieee80211_ref_node(ni); /* mark referenced */ 1040 #ifdef IEEE80211_DEBUG_REFCNT 1041 IEEE80211_DPRINTF(nt->nt_ic, IEEE80211_MSG_NODE, 1042 "%s (%s:%u) %p<%s> refcnt %d\n", __func__, 1043 func, line, 1044 ni, ether_sprintf(ni->ni_macaddr), 1045 ieee80211_node_refcnt(ni)); 1046 #endif 1047 return ni; 1048 } 1049 } 1050 return NULL; 1051 } 1052 #ifdef IEEE80211_DEBUG_REFCNT 1053 #define _ieee80211_find_node(nt, mac) \ 1054 _ieee80211_find_node_debug(nt, mac, func, line) 1055 #endif 1056 1057 struct ieee80211_node * 1058 #ifdef IEEE80211_DEBUG_REFCNT 1059 ieee80211_find_node_debug(struct ieee80211_node_table *nt, 1060 const u_int8_t *macaddr, const char *func, int line) 1061 #else 1062 ieee80211_find_node(struct ieee80211_node_table *nt, const u_int8_t *macaddr) 1063 #endif 1064 { 1065 struct ieee80211_node *ni; 1066 1067 IEEE80211_NODE_LOCK(nt); 1068 ni = _ieee80211_find_node(nt, macaddr); 1069 IEEE80211_NODE_UNLOCK(nt); 1070 return ni; 1071 } 1072 1073 /* 1074 * Fake up a node; this handles node discovery in adhoc mode. 1075 * Note that for the driver's benefit we we treat this like 1076 * an association so the driver has an opportunity to setup 1077 * it's private state. 1078 */ 1079 struct ieee80211_node * 1080 ieee80211_fakeup_adhoc_node(struct ieee80211_node_table *nt, 1081 const u_int8_t macaddr[IEEE80211_ADDR_LEN]) 1082 { 1083 struct ieee80211com *ic = nt->nt_ic; 1084 struct ieee80211_node *ni; 1085 1086 ni = ieee80211_dup_bss(nt, macaddr); 1087 if (ni != NULL) { 1088 /* XXX no rate negotiation; just dup */ 1089 ni->ni_rates = ic->ic_bss->ni_rates; 1090 if (ic->ic_newassoc != NULL) 1091 ic->ic_newassoc(ic, ni, 1); 1092 /* XXX not right for 802.1x/WPA */ 1093 ieee80211_node_authorize(ic, ni); 1094 } 1095 return ni; 1096 } 1097 1098 /* 1099 * Locate the node for sender, track state, and then pass the 1100 * (referenced) node up to the 802.11 layer for its use. We 1101 * are required to pass some node so we fall back to ic_bss 1102 * when this frame is from an unknown sender. The 802.11 layer 1103 * knows this means the sender wasn't in the node table and 1104 * acts accordingly. 1105 */ 1106 struct ieee80211_node * 1107 #ifdef IEEE80211_DEBUG_REFCNT 1108 ieee80211_find_rxnode_debug(struct ieee80211com *ic, 1109 const struct ieee80211_frame_min *wh, const char *func, int line) 1110 #else 1111 ieee80211_find_rxnode(struct ieee80211com *ic, 1112 const struct ieee80211_frame_min *wh) 1113 #endif 1114 { 1115 #define IS_CTL(wh) \ 1116 ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == IEEE80211_FC0_TYPE_CTL) 1117 #define IS_PSPOLL(wh) \ 1118 ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == IEEE80211_FC0_SUBTYPE_PS_POLL) 1119 struct ieee80211_node_table *nt; 1120 struct ieee80211_node *ni; 1121 1122 /* XXX may want scanned nodes in the neighbor table for adhoc */ 1123 if (ic->ic_opmode == IEEE80211_M_STA || 1124 ic->ic_opmode == IEEE80211_M_MONITOR || 1125 (ic->ic_flags & IEEE80211_F_SCAN)) 1126 nt = &ic->ic_scan; 1127 else 1128 nt = &ic->ic_sta; 1129 /* XXX check ic_bss first in station mode */ 1130 /* XXX 4-address frames? */ 1131 IEEE80211_NODE_LOCK(nt); 1132 if (IS_CTL(wh) && !IS_PSPOLL(wh) /*&& !IS_RTS(ah)*/) 1133 ni = _ieee80211_find_node(nt, wh->i_addr1); 1134 else 1135 ni = _ieee80211_find_node(nt, wh->i_addr2); 1136 IEEE80211_NODE_UNLOCK(nt); 1137 1138 return (ni != NULL ? ni : ieee80211_ref_node(ic->ic_bss)); 1139 #undef IS_PSPOLL 1140 #undef IS_CTL 1141 } 1142 1143 /* 1144 * Return a reference to the appropriate node for sending 1145 * a data frame. This handles node discovery in adhoc networks. 1146 */ 1147 struct ieee80211_node * 1148 #ifdef IEEE80211_DEBUG_REFCNT 1149 ieee80211_find_txnode_debug(struct ieee80211com *ic, const u_int8_t *macaddr, 1150 const char *func, int line) 1151 #else 1152 ieee80211_find_txnode(struct ieee80211com *ic, const u_int8_t *macaddr) 1153 #endif 1154 { 1155 struct ieee80211_node_table *nt = &ic->ic_sta; 1156 struct ieee80211_node *ni; 1157 1158 /* 1159 * The destination address should be in the node table 1160 * unless we are operating in station mode or this is a 1161 * multicast/broadcast frame. 1162 */ 1163 if (ic->ic_opmode == IEEE80211_M_STA || IEEE80211_IS_MULTICAST(macaddr)) 1164 return ieee80211_ref_node(ic->ic_bss); 1165 1166 /* XXX can't hold lock across dup_bss 'cuz of recursive locking */ 1167 IEEE80211_NODE_LOCK(nt); 1168 ni = _ieee80211_find_node(nt, macaddr); 1169 IEEE80211_NODE_UNLOCK(nt); 1170 1171 if (ni == NULL) { 1172 if (ic->ic_opmode == IEEE80211_M_IBSS || 1173 ic->ic_opmode == IEEE80211_M_AHDEMO) { 1174 /* 1175 * In adhoc mode cons up a node for the destination. 1176 * Note that we need an additional reference for the 1177 * caller to be consistent with _ieee80211_find_node. 1178 */ 1179 ni = ieee80211_fakeup_adhoc_node(nt, macaddr); 1180 if (ni != NULL) 1181 (void) ieee80211_ref_node(ni); 1182 } else { 1183 IEEE80211_DPRINTF(ic, IEEE80211_MSG_OUTPUT, 1184 "[%s] no node, discard frame (%s)\n", 1185 ether_sprintf(macaddr), __func__); 1186 ic->ic_stats.is_tx_nonode++; 1187 } 1188 } 1189 return ni; 1190 } 1191 1192 /* 1193 * Like find but search based on the channel too. 1194 */ 1195 struct ieee80211_node * 1196 #ifdef IEEE80211_DEBUG_REFCNT 1197 ieee80211_find_node_with_channel_debug(struct ieee80211_node_table *nt, 1198 const u_int8_t *macaddr, struct ieee80211_channel *chan, 1199 const char *func, int line) 1200 #else 1201 ieee80211_find_node_with_channel(struct ieee80211_node_table *nt, 1202 const u_int8_t *macaddr, struct ieee80211_channel *chan) 1203 #endif 1204 { 1205 struct ieee80211_node *ni; 1206 int hash; 1207 1208 hash = IEEE80211_NODE_HASH(macaddr); 1209 IEEE80211_NODE_LOCK(nt); 1210 LIST_FOREACH(ni, &nt->nt_hash[hash], ni_hash) { 1211 if (IEEE80211_ADDR_EQ(ni->ni_macaddr, macaddr) && 1212 ni->ni_chan == chan) { 1213 ieee80211_ref_node(ni); /* mark referenced */ 1214 IEEE80211_DPRINTF(nt->nt_ic, IEEE80211_MSG_NODE, 1215 #ifdef IEEE80211_DEBUG_REFCNT 1216 "%s (%s:%u) %p<%s> refcnt %d\n", __func__, 1217 func, line, 1218 #else 1219 "%s %p<%s> refcnt %d\n", __func__, 1220 #endif 1221 ni, ether_sprintf(ni->ni_macaddr), 1222 ieee80211_node_refcnt(ni)); 1223 break; 1224 } 1225 } 1226 IEEE80211_NODE_UNLOCK(nt); 1227 return ni; 1228 } 1229 1230 struct ieee80211_node * 1231 ieee80211_refine_node_for_beacon(struct ieee80211com *ic, 1232 struct ieee80211_node *ni0, struct ieee80211_channel *chan, 1233 const u_int8_t *ssid) 1234 { 1235 struct ieee80211_node_table *nt = ni0->ni_table; 1236 struct ieee80211_node *best, *ni; 1237 int best_score = 0, score; 1238 1239 if (nt == NULL) 1240 return ni0; 1241 1242 best = ni0; 1243 if (ssid[1] == 0 || best->ni_esslen == 0) 1244 best_score = 1; 1245 else if (ssid[1] == best->ni_esslen && 1246 memcmp(ssid + 2, best->ni_essid, ssid[1]) == 0) 1247 best_score = 2; 1248 else 1249 best_score = 0; 1250 1251 IEEE80211_NODE_LOCK(nt); 1252 for (ni = LIST_NEXT(ni0, ni_hash); ni != NULL; 1253 ni = LIST_NEXT(ni, ni_hash)) { 1254 if (!IEEE80211_ADDR_EQ(ni->ni_macaddr, best->ni_macaddr) || 1255 ni->ni_ic != best->ni_ic || ni->ni_chan != chan) 1256 continue; 1257 1258 if (ssid[1] == 0 || ni->ni_esslen == 0) 1259 score = 1; 1260 else if (ssid[1] == ni->ni_esslen && 1261 memcmp(ssid + 2, ni->ni_essid, ssid[1]) == 0) 1262 score = 2; 1263 else 1264 continue; 1265 1266 if (score > best_score) { 1267 best = ni; 1268 best_score = score; 1269 } 1270 } 1271 IEEE80211_NODE_UNLOCK(nt); 1272 return best; 1273 } 1274 1275 /* 1276 * Like find but search based on the ssid too. 1277 */ 1278 struct ieee80211_node * 1279 #ifdef IEEE80211_DEBUG_REFCNT 1280 ieee80211_find_node_with_ssid_debug(struct ieee80211_node_table *nt, 1281 const u_int8_t *macaddr, u_int ssidlen, const u_int8_t *ssid, 1282 const char *func, int line) 1283 #else 1284 ieee80211_find_node_with_ssid(struct ieee80211_node_table *nt, 1285 const u_int8_t *macaddr, u_int ssidlen, const u_int8_t *ssid) 1286 #endif 1287 { 1288 #define MATCH_SSID(ni, ssid, ssidlen) \ 1289 (ni->ni_esslen == ssidlen && memcmp(ni->ni_essid, ssid, ssidlen) == 0) 1290 static const u_int8_t zeromac[IEEE80211_ADDR_LEN]; 1291 struct ieee80211com *ic = nt->nt_ic; 1292 struct ieee80211_node *ni; 1293 int hash; 1294 1295 IEEE80211_NODE_LOCK(nt); 1296 /* 1297 * A mac address that is all zero means match only the ssid; 1298 * otherwise we must match both. 1299 */ 1300 if (IEEE80211_ADDR_EQ(macaddr, zeromac)) { 1301 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) { 1302 if (MATCH_SSID(ni, ssid, ssidlen)) 1303 break; 1304 } 1305 } else { 1306 hash = IEEE80211_NODE_HASH(macaddr); 1307 LIST_FOREACH(ni, &nt->nt_hash[hash], ni_hash) { 1308 if (IEEE80211_ADDR_EQ(ni->ni_macaddr, macaddr) && 1309 MATCH_SSID(ni, ssid, ssidlen)) 1310 break; 1311 } 1312 } 1313 if (ni != NULL) { 1314 ieee80211_ref_node(ni); /* mark referenced */ 1315 IEEE80211_DPRINTF(ic, IEEE80211_MSG_NODE, 1316 #ifdef IEEE80211_DEBUG_REFCNT 1317 "%s (%s:%u) %p<%s> refcnt %d\n", __func__, 1318 func, line, 1319 #else 1320 "%s %p<%s> refcnt %d\n", __func__, 1321 #endif 1322 ni, ether_sprintf(ni->ni_macaddr), 1323 ieee80211_node_refcnt(ni)); 1324 } 1325 IEEE80211_NODE_UNLOCK(nt); 1326 return ni; 1327 #undef MATCH_SSID 1328 } 1329 1330 static void 1331 _ieee80211_free_node(struct ieee80211_node *ni) 1332 { 1333 struct ieee80211com *ic = ni->ni_ic; 1334 struct ieee80211_node_table *nt = ni->ni_table; 1335 1336 IEEE80211_DPRINTF(ic, IEEE80211_MSG_NODE, 1337 "%s %p<%s> in %s table\n", __func__, ni, 1338 ether_sprintf(ni->ni_macaddr), 1339 nt != NULL ? nt->nt_name : "<gone>"); 1340 1341 IEEE80211_AID_CLR(ni->ni_associd, ic->ic_aid_bitmap); 1342 if (nt != NULL) { 1343 TAILQ_REMOVE(&nt->nt_node, ni, ni_list); 1344 LIST_REMOVE(ni, ni_hash); 1345 } 1346 ic->ic_node_free(ni); 1347 } 1348 1349 void 1350 #ifdef IEEE80211_DEBUG_REFCNT 1351 ieee80211_free_node_debug(struct ieee80211_node *ni, const char *func, int line) 1352 #else 1353 ieee80211_free_node(struct ieee80211_node *ni) 1354 #endif 1355 { 1356 struct ieee80211_node_table *nt = ni->ni_table; 1357 1358 #ifdef IEEE80211_DEBUG_REFCNT 1359 IEEE80211_DPRINTF(ni->ni_ic, IEEE80211_MSG_NODE, 1360 "%s (%s:%u) %p<%s> refcnt %d\n", __func__, func, line, ni, 1361 ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni)-1); 1362 #endif 1363 if (ieee80211_node_dectestref(ni)) { 1364 /* 1365 * Beware; if the node is marked gone then it's already 1366 * been removed from the table and we cannot assume the 1367 * table still exists. Regardless, there's no need to lock 1368 * the table. 1369 */ 1370 if (ni->ni_table != NULL) { 1371 IEEE80211_NODE_LOCK(nt); 1372 _ieee80211_free_node(ni); 1373 IEEE80211_NODE_UNLOCK(nt); 1374 } else 1375 _ieee80211_free_node(ni); 1376 } 1377 } 1378 1379 /* 1380 * Reclaim a node. If this is the last reference count then 1381 * do the normal free work. Otherwise remove it from the node 1382 * table and mark it gone by clearing the back-reference. 1383 */ 1384 static void 1385 node_reclaim(struct ieee80211_node_table *nt, struct ieee80211_node *ni) 1386 { 1387 1388 IEEE80211_DPRINTF(ni->ni_ic, IEEE80211_MSG_NODE, 1389 "%s: remove %p<%s> from %s table, refcnt %d\n", 1390 __func__, ni, ether_sprintf(ni->ni_macaddr), 1391 nt->nt_name, ieee80211_node_refcnt(ni)-1); 1392 if (!ieee80211_node_dectestref(ni)) { 1393 /* 1394 * Other references are present, just remove the 1395 * node from the table so it cannot be found. When 1396 * the references are dropped storage will be 1397 * reclaimed. 1398 */ 1399 TAILQ_REMOVE(&nt->nt_node, ni, ni_list); 1400 LIST_REMOVE(ni, ni_hash); 1401 ni->ni_table = NULL; /* clear reference */ 1402 } else 1403 _ieee80211_free_node(ni); 1404 } 1405 1406 static void 1407 ieee80211_free_allnodes_locked(struct ieee80211_node_table *nt) 1408 { 1409 struct ieee80211com *ic = nt->nt_ic; 1410 struct ieee80211_node *ni; 1411 1412 IEEE80211_DPRINTF(ic, IEEE80211_MSG_NODE, 1413 "%s: free all nodes in %s table\n", __func__, nt->nt_name); 1414 1415 while ((ni = TAILQ_FIRST(&nt->nt_node)) != NULL) { 1416 if (ni->ni_associd != 0) { 1417 if (ic->ic_auth->ia_node_leave != NULL) 1418 ic->ic_auth->ia_node_leave(ic, ni); 1419 IEEE80211_AID_CLR(ni->ni_associd, ic->ic_aid_bitmap); 1420 } 1421 node_reclaim(nt, ni); 1422 } 1423 ieee80211_reset_erp(ic); 1424 } 1425 1426 static void 1427 ieee80211_free_allnodes(struct ieee80211_node_table *nt) 1428 { 1429 1430 IEEE80211_NODE_LOCK(nt); 1431 ieee80211_free_allnodes_locked(nt); 1432 IEEE80211_NODE_UNLOCK(nt); 1433 } 1434 1435 /* 1436 * Timeout entries in the scan cache. 1437 */ 1438 static void 1439 ieee80211_timeout_scan_candidates(struct ieee80211_node_table *nt) 1440 { 1441 struct ieee80211com *ic = nt->nt_ic; 1442 struct ieee80211_node *ni, *tni; 1443 1444 IEEE80211_NODE_LOCK(nt); 1445 ni = ic->ic_bss; 1446 /* XXX belongs elsewhere */ 1447 if (ni->ni_rxfrag[0] != NULL && ticks > ni->ni_rxfragstamp + hz) { 1448 m_freem(ni->ni_rxfrag[0]); 1449 ni->ni_rxfrag[0] = NULL; 1450 } 1451 TAILQ_FOREACH_SAFE(ni, &nt->nt_node, ni_list, tni) { 1452 if (ni->ni_inact && --ni->ni_inact == 0) { 1453 IEEE80211_DPRINTF(ic, IEEE80211_MSG_NODE, 1454 "[%s] scan candidate purged from cache " 1455 "(refcnt %u)\n", ether_sprintf(ni->ni_macaddr), 1456 ieee80211_node_refcnt(ni)); 1457 node_reclaim(nt, ni); 1458 } 1459 } 1460 IEEE80211_NODE_UNLOCK(nt); 1461 1462 nt->nt_inact_timer = IEEE80211_INACT_WAIT; 1463 } 1464 1465 /* 1466 * Timeout inactive stations and do related housekeeping. 1467 * Note that we cannot hold the node lock while sending a 1468 * frame as this would lead to a LOR. Instead we use a 1469 * generation number to mark nodes that we've scanned and 1470 * drop the lock and restart a scan if we have to time out 1471 * a node. Since we are single-threaded by virtue of 1472 * controlling the inactivity timer we can be sure this will 1473 * process each node only once. 1474 */ 1475 static void 1476 ieee80211_timeout_stations(struct ieee80211_node_table *nt) 1477 { 1478 struct ieee80211com *ic = nt->nt_ic; 1479 struct ieee80211_node *ni; 1480 u_int gen; 1481 1482 IEEE80211_SCAN_LOCK(nt); 1483 gen = nt->nt_scangen++; 1484 IEEE80211_DPRINTF(ic, IEEE80211_MSG_NODE, 1485 "%s: %s scangen %u\n", __func__, nt->nt_name, gen); 1486 restart: 1487 IEEE80211_NODE_LOCK(nt); 1488 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) { 1489 if (ni->ni_scangen == gen) /* previously handled */ 1490 continue; 1491 ni->ni_scangen = gen; 1492 /* 1493 * Ignore entries for which have yet to receive an 1494 * authentication frame. These are transient and 1495 * will be reclaimed when the last reference to them 1496 * goes away (when frame xmits complete). 1497 */ 1498 if ((ni->ni_flags & IEEE80211_NODE_AREF) == 0) 1499 continue; 1500 /* 1501 * Free fragment if not needed anymore 1502 * (last fragment older than 1s). 1503 * XXX doesn't belong here 1504 */ 1505 if (ni->ni_rxfrag[0] != NULL && 1506 ticks > ni->ni_rxfragstamp + hz) { 1507 m_freem(ni->ni_rxfrag[0]); 1508 ni->ni_rxfrag[0] = NULL; 1509 } 1510 /* 1511 * Special case ourself; we may be idle for extended periods 1512 * of time and regardless reclaiming our state is wrong. 1513 */ 1514 if (ni == ic->ic_bss) 1515 continue; 1516 ni->ni_inact--; 1517 if (ni->ni_associd != 0) { 1518 /* 1519 * Age frames on the power save queue. The 1520 * aging interval is 4 times the listen 1521 * interval specified by the station. This 1522 * number is factored into the age calculations 1523 * when the frame is placed on the queue. We 1524 * store ages as time differences we can check 1525 * and/or adjust only the head of the list. 1526 */ 1527 if (IEEE80211_NODE_SAVEQ_QLEN(ni) != 0) { 1528 struct mbuf *m; 1529 int discard = 0; 1530 1531 IEEE80211_NODE_SAVEQ_LOCK(ni); 1532 while (IF_POLL(&ni->ni_savedq, m) != NULL && 1533 M_AGE_GET(m) < IEEE80211_INACT_WAIT) { 1534 IEEE80211_DPRINTF(ic, IEEE80211_MSG_POWER, "[%s] discard frame, age %u\n", ether_sprintf(ni->ni_macaddr), M_AGE_GET(m));/*XXX*/ 1535 _IEEE80211_NODE_SAVEQ_DEQUEUE_HEAD(ni, m); 1536 m_freem(m); 1537 discard++; 1538 } 1539 if (m != NULL) 1540 M_AGE_SUB(m, IEEE80211_INACT_WAIT); 1541 IEEE80211_NODE_SAVEQ_UNLOCK(ni); 1542 1543 if (discard != 0) { 1544 IEEE80211_DPRINTF(ic, 1545 IEEE80211_MSG_POWER, 1546 "[%s] discard %u frames for age\n", 1547 ether_sprintf(ni->ni_macaddr), 1548 discard); 1549 IEEE80211_NODE_STAT_ADD(ni, 1550 ps_discard, discard); 1551 if (IEEE80211_NODE_SAVEQ_QLEN(ni) == 0) 1552 ic->ic_set_tim(ic, ni, 0); 1553 } 1554 } 1555 /* 1556 * Probe the station before time it out. We 1557 * send a null data frame which may not be 1558 * universally supported by drivers (need it 1559 * for ps-poll support so it should be...). 1560 */ 1561 if (0 < ni->ni_inact && 1562 ni->ni_inact <= ic->ic_inact_probe) { 1563 IEEE80211_DPRINTF(ic, IEEE80211_MSG_NODE, 1564 "[%s] probe station due to inactivity\n", 1565 ether_sprintf(ni->ni_macaddr)); 1566 IEEE80211_NODE_UNLOCK(nt); 1567 ieee80211_send_nulldata(ic, ni); 1568 /* XXX stat? */ 1569 goto restart; 1570 } 1571 } 1572 if (ni->ni_inact <= 0) { 1573 IEEE80211_DPRINTF(ic, IEEE80211_MSG_NODE, 1574 "[%s] station timed out due to inactivity " 1575 "(refcnt %u)\n", ether_sprintf(ni->ni_macaddr), 1576 ieee80211_node_refcnt(ni)); 1577 /* 1578 * Send a deauthenticate frame and drop the station. 1579 * This is somewhat complicated due to reference counts 1580 * and locking. At this point a station will typically 1581 * have a reference count of 1. ieee80211_node_leave 1582 * will do a "free" of the node which will drop the 1583 * reference count. But in the meantime a reference 1584 * wil be held by the deauth frame. The actual reclaim 1585 * of the node will happen either after the tx is 1586 * completed or by ieee80211_node_leave. 1587 * 1588 * Separately we must drop the node lock before sending 1589 * in case the driver takes a lock, as this will result 1590 * in LOR between the node lock and the driver lock. 1591 */ 1592 IEEE80211_NODE_UNLOCK(nt); 1593 if (ni->ni_associd != 0) { 1594 IEEE80211_SEND_MGMT(ic, ni, 1595 IEEE80211_FC0_SUBTYPE_DEAUTH, 1596 IEEE80211_REASON_AUTH_EXPIRE); 1597 } 1598 ieee80211_node_leave(ic, ni); 1599 ic->ic_stats.is_node_timeout++; 1600 goto restart; 1601 } 1602 } 1603 IEEE80211_NODE_UNLOCK(nt); 1604 1605 IEEE80211_SCAN_UNLOCK(nt); 1606 1607 nt->nt_inact_timer = IEEE80211_INACT_WAIT; 1608 } 1609 1610 void 1611 ieee80211_iterate_nodes(struct ieee80211_node_table *nt, ieee80211_iter_func *f, void *arg) 1612 { 1613 struct ieee80211_node *ni; 1614 u_int gen; 1615 1616 IEEE80211_SCAN_LOCK(nt); 1617 gen = nt->nt_scangen++; 1618 restart: 1619 IEEE80211_NODE_LOCK(nt); 1620 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) { 1621 if (ni->ni_scangen != gen) { 1622 ni->ni_scangen = gen; 1623 (void) ieee80211_ref_node(ni); 1624 IEEE80211_NODE_UNLOCK(nt); 1625 (*f)(arg, ni); 1626 ieee80211_free_node(ni); 1627 goto restart; 1628 } 1629 } 1630 IEEE80211_NODE_UNLOCK(nt); 1631 1632 IEEE80211_SCAN_UNLOCK(nt); 1633 } 1634 1635 void 1636 ieee80211_dump_node(struct ieee80211_node_table *nt, struct ieee80211_node *ni) 1637 { 1638 printf("0x%p: mac %s refcnt %d\n", ni, 1639 ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni)); 1640 printf("\tscangen %u authmode %u flags 0x%x\n", 1641 ni->ni_scangen, ni->ni_authmode, ni->ni_flags); 1642 printf("\tassocid 0x%x txpower %u vlan %u\n", 1643 ni->ni_associd, ni->ni_txpower, ni->ni_vlan); 1644 printf("\ttxseq %u rxseq %u fragno %u rxfragstamp %u\n", 1645 ni->ni_txseqs[0], 1646 ni->ni_rxseqs[0] >> IEEE80211_SEQ_SEQ_SHIFT, 1647 ni->ni_rxseqs[0] & IEEE80211_SEQ_FRAG_MASK, 1648 ni->ni_rxfragstamp); 1649 printf("\trstamp %u rssi %u intval %u capinfo 0x%x\n", 1650 ni->ni_rstamp, ni->ni_rssi, ni->ni_intval, ni->ni_capinfo); 1651 printf("\tbssid %s essid \"%.*s\" channel %u:0x%x\n", 1652 ether_sprintf(ni->ni_bssid), 1653 ni->ni_esslen, ni->ni_essid, 1654 ni->ni_chan->ic_freq, ni->ni_chan->ic_flags); 1655 printf("\tfails %u inact %u txrate %u\n", 1656 ni->ni_fails, ni->ni_inact, ni->ni_txrate); 1657 } 1658 1659 void 1660 ieee80211_dump_nodes(struct ieee80211_node_table *nt) 1661 { 1662 ieee80211_iterate_nodes(nt, 1663 (ieee80211_iter_func *) ieee80211_dump_node, nt); 1664 } 1665 1666 /* 1667 * Handle a station joining an 11g network. 1668 */ 1669 static void 1670 ieee80211_node_join_11g(struct ieee80211com *ic, struct ieee80211_node *ni) 1671 { 1672 1673 /* 1674 * Station isn't capable of short slot time. Bump 1675 * the count of long slot time stations and disable 1676 * use of short slot time. Note that the actual switch 1677 * over to long slot time use may not occur until the 1678 * next beacon transmission (per sec. 7.3.1.4 of 11g). 1679 */ 1680 if ((ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_SLOTTIME) == 0) { 1681 ic->ic_longslotsta++; 1682 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC, 1683 "[%s] station needs long slot time, count %d\n", 1684 ether_sprintf(ni->ni_macaddr), ic->ic_longslotsta); 1685 /* XXX vap's w/ conflicting needs won't work */ 1686 ieee80211_set_shortslottime(ic, 0); 1687 } 1688 /* 1689 * If the new station is not an ERP station 1690 * then bump the counter and enable protection 1691 * if configured. 1692 */ 1693 if (!ieee80211_iserp_rateset(ic, &ni->ni_rates)) { 1694 ic->ic_nonerpsta++; 1695 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC, 1696 "[%s] station is !ERP, %d non-ERP stations associated\n", 1697 ether_sprintf(ni->ni_macaddr), ic->ic_nonerpsta); 1698 /* 1699 * If protection is configured, enable it. 1700 */ 1701 if (ic->ic_protmode != IEEE80211_PROT_NONE) { 1702 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC, 1703 "%s: enable use of protection\n", __func__); 1704 ic->ic_flags |= IEEE80211_F_USEPROT; 1705 } 1706 /* 1707 * If station does not support short preamble 1708 * then we must enable use of Barker preamble. 1709 */ 1710 if ((ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE) == 0) { 1711 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC, 1712 "[%s] station needs long preamble\n", 1713 ether_sprintf(ni->ni_macaddr)); 1714 ic->ic_flags |= IEEE80211_F_USEBARKER; 1715 ic->ic_flags &= ~IEEE80211_F_SHPREAMBLE; 1716 } 1717 } else 1718 ni->ni_flags |= IEEE80211_NODE_ERP; 1719 } 1720 1721 void 1722 ieee80211_node_join(struct ieee80211com *ic, struct ieee80211_node *ni, int resp) 1723 { 1724 int newassoc; 1725 1726 if (ni->ni_associd == 0) { 1727 u_int16_t aid; 1728 1729 /* 1730 * It would be good to search the bitmap 1731 * more efficiently, but this will do for now. 1732 */ 1733 for (aid = 1; aid < ic->ic_max_aid; aid++) { 1734 if (!IEEE80211_AID_ISSET(aid, 1735 ic->ic_aid_bitmap)) 1736 break; 1737 } 1738 if (aid >= ic->ic_max_aid) { 1739 IEEE80211_SEND_MGMT(ic, ni, resp, 1740 IEEE80211_REASON_ASSOC_TOOMANY); 1741 ieee80211_node_leave(ic, ni); 1742 return; 1743 } 1744 ni->ni_associd = aid | 0xc000; 1745 IEEE80211_AID_SET(ni->ni_associd, ic->ic_aid_bitmap); 1746 ic->ic_sta_assoc++; 1747 newassoc = 1; 1748 if (ic->ic_curmode == IEEE80211_MODE_11G || 1749 ic->ic_curmode == IEEE80211_MODE_TURBO_G) 1750 ieee80211_node_join_11g(ic, ni); 1751 } else 1752 newassoc = 0; 1753 1754 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC | IEEE80211_MSG_DEBUG, 1755 "[%s] station %sassociated at aid %d: %s preamble, %s slot time%s%s\n", 1756 ether_sprintf(ni->ni_macaddr), newassoc ? "" : "re", 1757 IEEE80211_NODE_AID(ni), 1758 ic->ic_flags & IEEE80211_F_SHPREAMBLE ? "short" : "long", 1759 ic->ic_flags & IEEE80211_F_SHSLOT ? "short" : "long", 1760 ic->ic_flags & IEEE80211_F_USEPROT ? ", protection" : "", 1761 ni->ni_flags & IEEE80211_NODE_QOS ? ", QoS" : "" 1762 ); 1763 1764 /* give driver a chance to setup state like ni_txrate */ 1765 if (ic->ic_newassoc != NULL) 1766 ic->ic_newassoc(ic, ni, newassoc); 1767 ni->ni_inact_reload = ic->ic_inact_auth; 1768 ni->ni_inact = ni->ni_inact_reload; 1769 IEEE80211_SEND_MGMT(ic, ni, resp, IEEE80211_STATUS_SUCCESS); 1770 /* tell the authenticator about new station */ 1771 if (ic->ic_auth->ia_node_join != NULL) 1772 ic->ic_auth->ia_node_join(ic, ni); 1773 ieee80211_notify_node_join(ic, ni, newassoc); 1774 } 1775 1776 /* 1777 * Handle a station leaving an 11g network. 1778 */ 1779 static void 1780 ieee80211_node_leave_11g(struct ieee80211com *ic, struct ieee80211_node *ni) 1781 { 1782 1783 IASSERT(ic->ic_curmode == IEEE80211_MODE_11G || 1784 ic->ic_curmode == IEEE80211_MODE_TURBO_G, 1785 ("not in 11g, curmode %x", ic->ic_curmode)); 1786 1787 /* 1788 * If a long slot station do the slot time bookkeeping. 1789 */ 1790 if ((ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_SLOTTIME) == 0) { 1791 IASSERT(ic->ic_longslotsta > 0, 1792 ("bogus long slot station count %d", ic->ic_longslotsta)); 1793 ic->ic_longslotsta--; 1794 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC, 1795 "[%s] long slot time station leaves, count now %d\n", 1796 ether_sprintf(ni->ni_macaddr), ic->ic_longslotsta); 1797 if (ic->ic_longslotsta == 0) { 1798 /* 1799 * Re-enable use of short slot time if supported 1800 * and not operating in IBSS mode (per spec). 1801 */ 1802 if ((ic->ic_caps & IEEE80211_C_SHSLOT) && 1803 ic->ic_opmode != IEEE80211_M_IBSS) { 1804 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC, 1805 "%s: re-enable use of short slot time\n", 1806 __func__); 1807 ieee80211_set_shortslottime(ic, 1); 1808 } 1809 } 1810 } 1811 /* 1812 * If a non-ERP station do the protection-related bookkeeping. 1813 */ 1814 if ((ni->ni_flags & IEEE80211_NODE_ERP) == 0) { 1815 IASSERT(ic->ic_nonerpsta > 0, 1816 ("bogus non-ERP station count %d", ic->ic_nonerpsta)); 1817 ic->ic_nonerpsta--; 1818 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC, 1819 "[%s] non-ERP station leaves, count now %d\n", 1820 ether_sprintf(ni->ni_macaddr), ic->ic_nonerpsta); 1821 if (ic->ic_nonerpsta == 0) { 1822 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC, 1823 "%s: disable use of protection\n", __func__); 1824 ic->ic_flags &= ~IEEE80211_F_USEPROT; 1825 /* XXX verify mode? */ 1826 if (ic->ic_caps & IEEE80211_C_SHPREAMBLE) { 1827 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC, 1828 "%s: re-enable use of short preamble\n", 1829 __func__); 1830 ic->ic_flags |= IEEE80211_F_SHPREAMBLE; 1831 ic->ic_flags &= ~IEEE80211_F_USEBARKER; 1832 } 1833 } 1834 } 1835 } 1836 1837 /* 1838 * Handle bookkeeping for station deauthentication/disassociation 1839 * when operating as an ap. 1840 */ 1841 void 1842 ieee80211_node_leave(struct ieee80211com *ic, struct ieee80211_node *ni) 1843 { 1844 struct ieee80211_node_table *nt = ni->ni_table; 1845 1846 IEEE80211_DPRINTF(ic, IEEE80211_MSG_ASSOC | IEEE80211_MSG_DEBUG, 1847 "[%s] station with aid %d leaves\n", 1848 ether_sprintf(ni->ni_macaddr), IEEE80211_NODE_AID(ni)); 1849 1850 IASSERT(ic->ic_opmode == IEEE80211_M_HOSTAP || 1851 ic->ic_opmode == IEEE80211_M_IBSS || 1852 ic->ic_opmode == IEEE80211_M_AHDEMO, 1853 ("unexpected operating mode %u", ic->ic_opmode)); 1854 /* 1855 * If node wasn't previously associated all 1856 * we need to do is reclaim the reference. 1857 */ 1858 /* XXX ibss mode bypasses 11g and notification */ 1859 if (ni->ni_associd == 0) 1860 goto done; 1861 /* 1862 * Tell the authenticator the station is leaving. 1863 * Note that we must do this before yanking the 1864 * association id as the authenticator uses the 1865 * associd to locate it's state block. 1866 */ 1867 if (ic->ic_auth->ia_node_leave != NULL) 1868 ic->ic_auth->ia_node_leave(ic, ni); 1869 IEEE80211_AID_CLR(ni->ni_associd, ic->ic_aid_bitmap); 1870 ni->ni_associd = 0; 1871 ic->ic_sta_assoc--; 1872 1873 if (ic->ic_curmode == IEEE80211_MODE_11G || 1874 ic->ic_curmode == IEEE80211_MODE_TURBO_G) 1875 ieee80211_node_leave_11g(ic, ni); 1876 /* 1877 * Cleanup station state. In particular clear various 1878 * state that might otherwise be reused if the node 1879 * is reused before the reference count goes to zero 1880 * (and memory is reclaimed). 1881 */ 1882 ieee80211_sta_leave(ic, ni); 1883 done: 1884 /* 1885 * Remove the node from any table it's recorded in and 1886 * drop the caller's reference. Removal from the table 1887 * is important to insure the node is not reprocessed 1888 * for inactivity. 1889 */ 1890 if (nt != NULL) { 1891 IEEE80211_NODE_LOCK(nt); 1892 node_reclaim(nt, ni); 1893 IEEE80211_NODE_UNLOCK(nt); 1894 } else 1895 ieee80211_free_node(ni); 1896 } 1897 1898 u_int8_t 1899 ieee80211_getrssi(struct ieee80211com *ic) 1900 { 1901 #define NZ(x) ((x) == 0 ? 1 : (x)) 1902 struct ieee80211_node_table *nt = &ic->ic_sta; 1903 u_int32_t rssi_samples, rssi_total; 1904 struct ieee80211_node *ni; 1905 1906 rssi_total = 0; 1907 rssi_samples = 0; 1908 switch (ic->ic_opmode) { 1909 case IEEE80211_M_IBSS: /* average of all ibss neighbors */ 1910 /* XXX locking */ 1911 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) 1912 if (ni->ni_capinfo & IEEE80211_CAPINFO_IBSS) { 1913 rssi_samples++; 1914 rssi_total += ic->ic_node_getrssi(ni); 1915 } 1916 break; 1917 case IEEE80211_M_AHDEMO: /* average of all neighbors */ 1918 /* XXX locking */ 1919 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) { 1920 rssi_samples++; 1921 rssi_total += ic->ic_node_getrssi(ni); 1922 } 1923 break; 1924 case IEEE80211_M_HOSTAP: /* average of all associated stations */ 1925 #ifndef IEEE80211_NO_HOSTAP 1926 /* XXX locking */ 1927 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) 1928 if (IEEE80211_AID(ni->ni_associd) != 0) { 1929 rssi_samples++; 1930 rssi_total += ic->ic_node_getrssi(ni); 1931 } 1932 #endif /* !IEEE80211_NO_HOSTAP */ 1933 break; 1934 case IEEE80211_M_MONITOR: /* XXX */ 1935 case IEEE80211_M_STA: /* use stats from associated ap */ 1936 default: 1937 if (ic->ic_bss != NULL) 1938 rssi_total = ic->ic_node_getrssi(ic->ic_bss); 1939 rssi_samples = 1; 1940 break; 1941 } 1942 return rssi_total / NZ(rssi_samples); 1943 #undef NZ 1944 } 1945 1946 /* 1947 * Indicate whether there are frames queued for a station in power-save mode. 1948 */ 1949 static void 1950 ieee80211_set_tim(struct ieee80211com *ic, struct ieee80211_node *ni, int set) 1951 { 1952 u_int16_t aid; 1953 1954 IASSERT(ic->ic_opmode == IEEE80211_M_HOSTAP || 1955 ic->ic_opmode == IEEE80211_M_IBSS, 1956 ("operating mode %u", ic->ic_opmode)); 1957 1958 aid = IEEE80211_AID(ni->ni_associd); 1959 IASSERT(aid < ic->ic_max_aid, 1960 ("bogus aid %u, max %u", aid, ic->ic_max_aid)); 1961 1962 IEEE80211_BEACON_LOCK(ic); 1963 if (set != (isset(ic->ic_tim_bitmap, aid) != 0)) { 1964 if (set) { 1965 setbit(ic->ic_tim_bitmap, aid); 1966 ic->ic_ps_pending++; 1967 } else { 1968 clrbit(ic->ic_tim_bitmap, aid); 1969 ic->ic_ps_pending--; 1970 } 1971 ic->ic_flags |= IEEE80211_F_TIMUPDATE; 1972 } 1973 IEEE80211_BEACON_UNLOCK(ic); 1974 } 1975 1976 /* 1977 * Node table support. 1978 */ 1979 1980 static void 1981 ieee80211_node_table_init(struct ieee80211com *ic, 1982 struct ieee80211_node_table *nt, 1983 const char *name, int inact, 1984 void (*timeout)(struct ieee80211_node_table *)) 1985 { 1986 1987 IEEE80211_DPRINTF(ic, IEEE80211_MSG_NODE, 1988 "%s %s table, inact %u\n", __func__, name, inact); 1989 1990 nt->nt_ic = ic; 1991 /* XXX need unit */ 1992 IEEE80211_NODE_LOCK_INIT(nt, ic->ic_ifp->if_xname); 1993 IEEE80211_SCAN_LOCK_INIT(nt, ic->ic_ifp->if_xname); 1994 TAILQ_INIT(&nt->nt_node); 1995 nt->nt_name = name; 1996 nt->nt_scangen = 1; 1997 nt->nt_inact_init = inact; 1998 nt->nt_timeout = timeout; 1999 } 2000 2001 void 2002 ieee80211_node_table_reset(struct ieee80211_node_table *nt) 2003 { 2004 2005 IEEE80211_DPRINTF(nt->nt_ic, IEEE80211_MSG_NODE, 2006 "%s %s table\n", __func__, nt->nt_name); 2007 2008 IEEE80211_NODE_LOCK(nt); 2009 nt->nt_inact_timer = 0; 2010 ieee80211_free_allnodes_locked(nt); 2011 IEEE80211_NODE_UNLOCK(nt); 2012 } 2013 2014 static void 2015 ieee80211_node_table_cleanup(struct ieee80211_node_table *nt) 2016 { 2017 2018 IEEE80211_DPRINTF(nt->nt_ic, IEEE80211_MSG_NODE, 2019 "%s %s table\n", __func__, nt->nt_name); 2020 2021 ieee80211_free_allnodes_locked(nt); 2022 IEEE80211_SCAN_LOCK_DESTROY(nt); 2023 IEEE80211_NODE_LOCK_DESTROY(nt); 2024 } 2025
Indexes created Tue Sep 23 23:09:58 GMT 2025