1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2001 Atsushi Onoe 5 * Copyright (c) 2002-2008 Sam Leffler, Errno Consulting 6 * Copyright (c) 2012 IEEE 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30 #include <sys/cdefs.h> 31 /* 32 * IEEE 802.11 protocol support. 33 */ 34 35 #include "opt_inet.h" 36 #include "opt_wlan.h" 37 38 #include <sys/param.h> 39 #include <sys/systm.h> 40 #include <sys/kernel.h> 41 #include <sys/malloc.h> 42 43 #include <sys/socket.h> 44 #include <sys/sockio.h> 45 46 #include <net/if.h> 47 #include <net/if_var.h> 48 #include <net/if_media.h> 49 #include <net/if_private.h> 50 #include <net/ethernet.h> /* XXX for ether_sprintf */ 51 52 #include <net80211/ieee80211_var.h> 53 #include <net80211/ieee80211_adhoc.h> 54 #include <net80211/ieee80211_sta.h> 55 #include <net80211/ieee80211_hostap.h> 56 #include <net80211/ieee80211_wds.h> 57 #ifdef IEEE80211_SUPPORT_MESH 58 #include <net80211/ieee80211_mesh.h> 59 #endif 60 #include <net80211/ieee80211_monitor.h> 61 #include <net80211/ieee80211_input.h> 62 63 /* XXX tunables */ 64 #define AGGRESSIVE_MODE_SWITCH_HYSTERESIS 3 /* pkts / 100ms */ 65 #define HIGH_PRI_SWITCH_THRESH 10 /* pkts / 100ms */ 66 67 const char *mgt_subtype_name[] = { 68 "assoc_req", "assoc_resp", "reassoc_req", "reassoc_resp", 69 "probe_req", "probe_resp", "timing_adv", "reserved#7", 70 "beacon", "atim", "disassoc", "auth", 71 "deauth", "action", "action_noack", "reserved#15" 72 }; 73 const char *ctl_subtype_name[] = { 74 "reserved#0", "reserved#1", "reserved#2", "reserved#3", 75 "reserved#4", "reserved#5", "reserved#6", "control_wrap", 76 "bar", "ba", "ps_poll", "rts", 77 "cts", "ack", "cf_end", "cf_end_ack" 78 }; 79 const char *ieee80211_opmode_name[IEEE80211_OPMODE_MAX] = { 80 "IBSS", /* IEEE80211_M_IBSS */ 81 "STA", /* IEEE80211_M_STA */ 82 "WDS", /* IEEE80211_M_WDS */ 83 "AHDEMO", /* IEEE80211_M_AHDEMO */ 84 "HOSTAP", /* IEEE80211_M_HOSTAP */ 85 "MONITOR", /* IEEE80211_M_MONITOR */ 86 "MBSS" /* IEEE80211_M_MBSS */ 87 }; 88 const char *ieee80211_state_name[IEEE80211_S_MAX] = { 89 "INIT", /* IEEE80211_S_INIT */ 90 "SCAN", /* IEEE80211_S_SCAN */ 91 "AUTH", /* IEEE80211_S_AUTH */ 92 "ASSOC", /* IEEE80211_S_ASSOC */ 93 "CAC", /* IEEE80211_S_CAC */ 94 "RUN", /* IEEE80211_S_RUN */ 95 "CSA", /* IEEE80211_S_CSA */ 96 "SLEEP", /* IEEE80211_S_SLEEP */ 97 }; 98 const char *ieee80211_wme_acnames[] = { 99 "WME_AC_BE", 100 "WME_AC_BK", 101 "WME_AC_VI", 102 "WME_AC_VO", 103 "WME_UPSD", 104 }; 105 106 /* 107 * Reason code descriptions were (mostly) obtained from 108 * IEEE Std 802.11-2012, pp. 442-445 Table 8-36. 109 */ 110 const char * 111 ieee80211_reason_to_string(uint16_t reason) 112 { 113 switch (reason) { 114 case IEEE80211_REASON_UNSPECIFIED: 115 return ("unspecified"); 116 case IEEE80211_REASON_AUTH_EXPIRE: 117 return ("previous authentication is expired"); 118 case IEEE80211_REASON_AUTH_LEAVE: 119 return ("sending STA is leaving/has left IBSS or ESS"); 120 case IEEE80211_REASON_ASSOC_EXPIRE: 121 return ("disassociated due to inactivity"); 122 case IEEE80211_REASON_ASSOC_TOOMANY: 123 return ("too many associated STAs"); 124 case IEEE80211_REASON_NOT_AUTHED: 125 return ("class 2 frame received from nonauthenticated STA"); 126 case IEEE80211_REASON_NOT_ASSOCED: 127 return ("class 3 frame received from nonassociated STA"); 128 case IEEE80211_REASON_ASSOC_LEAVE: 129 return ("sending STA is leaving/has left BSS"); 130 case IEEE80211_REASON_ASSOC_NOT_AUTHED: 131 return ("STA requesting (re)association is not authenticated"); 132 case IEEE80211_REASON_DISASSOC_PWRCAP_BAD: 133 return ("information in the Power Capability element is " 134 "unacceptable"); 135 case IEEE80211_REASON_DISASSOC_SUPCHAN_BAD: 136 return ("information in the Supported Channels element is " 137 "unacceptable"); 138 case IEEE80211_REASON_IE_INVALID: 139 return ("invalid element"); 140 case IEEE80211_REASON_MIC_FAILURE: 141 return ("MIC failure"); 142 case IEEE80211_REASON_4WAY_HANDSHAKE_TIMEOUT: 143 return ("4-Way handshake timeout"); 144 case IEEE80211_REASON_GROUP_KEY_UPDATE_TIMEOUT: 145 return ("group key update timeout"); 146 case IEEE80211_REASON_IE_IN_4WAY_DIFFERS: 147 return ("element in 4-Way handshake different from " 148 "(re)association request/probe response/beacon frame"); 149 case IEEE80211_REASON_GROUP_CIPHER_INVALID: 150 return ("invalid group cipher"); 151 case IEEE80211_REASON_PAIRWISE_CIPHER_INVALID: 152 return ("invalid pairwise cipher"); 153 case IEEE80211_REASON_AKMP_INVALID: 154 return ("invalid AKMP"); 155 case IEEE80211_REASON_UNSUPP_RSN_IE_VERSION: 156 return ("unsupported version in RSN IE"); 157 case IEEE80211_REASON_INVALID_RSN_IE_CAP: 158 return ("invalid capabilities in RSN IE"); 159 case IEEE80211_REASON_802_1X_AUTH_FAILED: 160 return ("IEEE 802.1X authentication failed"); 161 case IEEE80211_REASON_CIPHER_SUITE_REJECTED: 162 return ("cipher suite rejected because of the security " 163 "policy"); 164 case IEEE80211_REASON_UNSPECIFIED_QOS: 165 return ("unspecified (QoS-related)"); 166 case IEEE80211_REASON_INSUFFICIENT_BW: 167 return ("QoS AP lacks sufficient bandwidth for this QoS STA"); 168 case IEEE80211_REASON_TOOMANY_FRAMES: 169 return ("too many frames need to be acknowledged"); 170 case IEEE80211_REASON_OUTSIDE_TXOP: 171 return ("STA is transmitting outside the limits of its TXOPs"); 172 case IEEE80211_REASON_LEAVING_QBSS: 173 return ("requested from peer STA (the STA is " 174 "resetting/leaving the BSS)"); 175 case IEEE80211_REASON_BAD_MECHANISM: 176 return ("requested from peer STA (it does not want to use " 177 "the mechanism)"); 178 case IEEE80211_REASON_SETUP_NEEDED: 179 return ("requested from peer STA (setup is required for the " 180 "used mechanism)"); 181 case IEEE80211_REASON_TIMEOUT: 182 return ("requested from peer STA (timeout)"); 183 case IEEE80211_REASON_PEER_LINK_CANCELED: 184 return ("SME cancels the mesh peering instance (not related " 185 "to the maximum number of peer mesh STAs)"); 186 case IEEE80211_REASON_MESH_MAX_PEERS: 187 return ("maximum number of peer mesh STAs was reached"); 188 case IEEE80211_REASON_MESH_CPVIOLATION: 189 return ("the received information violates the Mesh " 190 "Configuration policy configured in the mesh STA " 191 "profile"); 192 case IEEE80211_REASON_MESH_CLOSE_RCVD: 193 return ("the mesh STA has received a Mesh Peering Close " 194 "message requesting to close the mesh peering"); 195 case IEEE80211_REASON_MESH_MAX_RETRIES: 196 return ("the mesh STA has resent dot11MeshMaxRetries Mesh " 197 "Peering Open messages, without receiving a Mesh " 198 "Peering Confirm message"); 199 case IEEE80211_REASON_MESH_CONFIRM_TIMEOUT: 200 return ("the confirmTimer for the mesh peering instance times " 201 "out"); 202 case IEEE80211_REASON_MESH_INVALID_GTK: 203 return ("the mesh STA fails to unwrap the GTK or the values " 204 "in the wrapped contents do not match"); 205 case IEEE80211_REASON_MESH_INCONS_PARAMS: 206 return ("the mesh STA receives inconsistent information about " 207 "the mesh parameters between Mesh Peering Management " 208 "frames"); 209 case IEEE80211_REASON_MESH_INVALID_SECURITY: 210 return ("the mesh STA fails the authenticated mesh peering " 211 "exchange because due to failure in selecting " 212 "pairwise/group ciphersuite"); 213 case IEEE80211_REASON_MESH_PERR_NO_PROXY: 214 return ("the mesh STA does not have proxy information for " 215 "this external destination"); 216 case IEEE80211_REASON_MESH_PERR_NO_FI: 217 return ("the mesh STA does not have forwarding information " 218 "for this destination"); 219 case IEEE80211_REASON_MESH_PERR_DEST_UNREACH: 220 return ("the mesh STA determines that the link to the next " 221 "hop of an active path in its forwarding information " 222 "is no longer usable"); 223 case IEEE80211_REASON_MESH_MAC_ALRDY_EXISTS_MBSS: 224 return ("the MAC address of the STA already exists in the " 225 "mesh BSS"); 226 case IEEE80211_REASON_MESH_CHAN_SWITCH_REG: 227 return ("the mesh STA performs channel switch to meet " 228 "regulatory requirements"); 229 case IEEE80211_REASON_MESH_CHAN_SWITCH_UNSPEC: 230 return ("the mesh STA performs channel switch with " 231 "unspecified reason"); 232 default: 233 return ("reserved/unknown"); 234 } 235 } 236 237 static void beacon_miss(void *, int); 238 static void beacon_swmiss(void *, int); 239 static void parent_updown(void *, int); 240 static void update_mcast(void *, int); 241 static void update_promisc(void *, int); 242 static void update_channel(void *, int); 243 static void update_chw(void *, int); 244 static void vap_update_wme(void *, int); 245 static void vap_update_slot(void *, int); 246 static void restart_vaps(void *, int); 247 static void vap_update_erp_protmode(void *, int); 248 static void vap_update_preamble(void *, int); 249 static void vap_update_ht_protmode(void *, int); 250 static void ieee80211_newstate_cb(void *, int); 251 static struct ieee80211_node *vap_update_bss(struct ieee80211vap *, 252 struct ieee80211_node *); 253 254 static int 255 null_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 256 const struct ieee80211_bpf_params *params) 257 { 258 259 ic_printf(ni->ni_ic, "missing ic_raw_xmit callback, drop frame\n"); 260 m_freem(m); 261 return ENETDOWN; 262 } 263 264 void 265 ieee80211_proto_attach(struct ieee80211com *ic) 266 { 267 uint8_t hdrlen; 268 269 /* override the 802.3 setting */ 270 hdrlen = ic->ic_headroom 271 + sizeof(struct ieee80211_qosframe_addr4) 272 + IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN 273 + IEEE80211_WEP_EXTIVLEN; 274 /* XXX no way to recalculate on ifdetach */ 275 #ifdef __HAIKU__ 276 if (ALIGN(hdrlen) > max_linkhdr) { 277 /* XXX sanity check... */ 278 max_linkhdr = ALIGN(hdrlen); 279 max_hdr = max_linkhdr + max_protohdr; 280 max_datalen = MHLEN - max_hdr; 281 } 282 #else 283 max_linkhdr_grow(ALIGN(hdrlen)); 284 #endif 285 //ic->ic_protmode = IEEE80211_PROT_CTSONLY; 286 287 TASK_INIT(&ic->ic_parent_task, 0, parent_updown, ic); 288 TASK_INIT(&ic->ic_mcast_task, 0, update_mcast, ic); 289 TASK_INIT(&ic->ic_promisc_task, 0, update_promisc, ic); 290 TASK_INIT(&ic->ic_chan_task, 0, update_channel, ic); 291 TASK_INIT(&ic->ic_bmiss_task, 0, beacon_miss, ic); 292 TASK_INIT(&ic->ic_chw_task, 0, update_chw, ic); 293 TASK_INIT(&ic->ic_restart_task, 0, restart_vaps, ic); 294 295 ic->ic_wme.wme_hipri_switch_hysteresis = 296 AGGRESSIVE_MODE_SWITCH_HYSTERESIS; 297 298 /* initialize management frame handlers */ 299 ic->ic_send_mgmt = ieee80211_send_mgmt; 300 ic->ic_raw_xmit = null_raw_xmit; 301 302 ieee80211_adhoc_attach(ic); 303 ieee80211_sta_attach(ic); 304 ieee80211_wds_attach(ic); 305 ieee80211_hostap_attach(ic); 306 #ifdef IEEE80211_SUPPORT_MESH 307 ieee80211_mesh_attach(ic); 308 #endif 309 ieee80211_monitor_attach(ic); 310 } 311 312 void 313 ieee80211_proto_detach(struct ieee80211com *ic) 314 { 315 ieee80211_monitor_detach(ic); 316 #ifdef IEEE80211_SUPPORT_MESH 317 ieee80211_mesh_detach(ic); 318 #endif 319 ieee80211_hostap_detach(ic); 320 ieee80211_wds_detach(ic); 321 ieee80211_adhoc_detach(ic); 322 ieee80211_sta_detach(ic); 323 } 324 325 static void 326 null_update_beacon(struct ieee80211vap *vap, int item) 327 { 328 } 329 330 void 331 ieee80211_proto_vattach(struct ieee80211vap *vap) 332 { 333 struct ieee80211com *ic = vap->iv_ic; 334 struct ifnet *ifp = vap->iv_ifp; 335 int i; 336 337 /* override the 802.3 setting */ 338 ifp->if_hdrlen = ic->ic_headroom 339 + sizeof(struct ieee80211_qosframe_addr4) 340 + IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN 341 + IEEE80211_WEP_EXTIVLEN; 342 343 vap->iv_rtsthreshold = IEEE80211_RTS_DEFAULT; 344 vap->iv_fragthreshold = IEEE80211_FRAG_DEFAULT; 345 vap->iv_bmiss_max = IEEE80211_BMISS_MAX; 346 callout_init_mtx(&vap->iv_swbmiss, IEEE80211_LOCK_OBJ(ic), 0); 347 callout_init(&vap->iv_mgtsend, 1); 348 for (i = 0; i < NET80211_IV_NSTATE_NUM; i++) 349 TASK_INIT(&vap->iv_nstate_task[i], 0, ieee80211_newstate_cb, vap); 350 TASK_INIT(&vap->iv_swbmiss_task, 0, beacon_swmiss, vap); 351 TASK_INIT(&vap->iv_wme_task, 0, vap_update_wme, vap); 352 TASK_INIT(&vap->iv_slot_task, 0, vap_update_slot, vap); 353 TASK_INIT(&vap->iv_erp_protmode_task, 0, vap_update_erp_protmode, vap); 354 TASK_INIT(&vap->iv_ht_protmode_task, 0, vap_update_ht_protmode, vap); 355 TASK_INIT(&vap->iv_preamble_task, 0, vap_update_preamble, vap); 356 /* 357 * Install default tx rate handling: no fixed rate, lowest 358 * supported rate for mgmt and multicast frames. Default 359 * max retry count. These settings can be changed by the 360 * driver and/or user applications. 361 */ 362 for (i = IEEE80211_MODE_11A; i < IEEE80211_MODE_MAX; i++) { 363 if (isclr(ic->ic_modecaps, i)) 364 continue; 365 366 const struct ieee80211_rateset *rs = &ic->ic_sup_rates[i]; 367 368 vap->iv_txparms[i].ucastrate = IEEE80211_FIXED_RATE_NONE; 369 370 /* 371 * Setting the management rate to MCS 0 assumes that the 372 * BSS Basic rate set is empty and the BSS Basic MCS set 373 * is not. 374 * 375 * Since we're not checking this, default to the lowest 376 * defined rate for this mode. 377 * 378 * At least one 11n AP (DLINK DIR-825) is reported to drop 379 * some MCS management traffic (eg BA response frames.) 380 * 381 * See also: 9.6.0 of the 802.11n-2009 specification. 382 */ 383 #ifdef NOTYET 384 if (i == IEEE80211_MODE_11NA || i == IEEE80211_MODE_11NG) { 385 vap->iv_txparms[i].mgmtrate = 0 | IEEE80211_RATE_MCS; 386 vap->iv_txparms[i].mcastrate = 0 | IEEE80211_RATE_MCS; 387 } else { 388 vap->iv_txparms[i].mgmtrate = 389 rs->rs_rates[0] & IEEE80211_RATE_VAL; 390 vap->iv_txparms[i].mcastrate = 391 rs->rs_rates[0] & IEEE80211_RATE_VAL; 392 } 393 #endif 394 vap->iv_txparms[i].mgmtrate = rs->rs_rates[0] & IEEE80211_RATE_VAL; 395 vap->iv_txparms[i].mcastrate = rs->rs_rates[0] & IEEE80211_RATE_VAL; 396 vap->iv_txparms[i].maxretry = IEEE80211_TXMAX_DEFAULT; 397 } 398 vap->iv_roaming = IEEE80211_ROAMING_AUTO; 399 400 vap->iv_update_beacon = null_update_beacon; 401 vap->iv_deliver_data = ieee80211_deliver_data; 402 vap->iv_protmode = IEEE80211_PROT_CTSONLY; 403 vap->iv_update_bss = vap_update_bss; 404 405 /* attach support for operating mode */ 406 ic->ic_vattach[vap->iv_opmode](vap); 407 } 408 409 void 410 ieee80211_proto_vdetach(struct ieee80211vap *vap) 411 { 412 #define FREEAPPIE(ie) do { \ 413 if (ie != NULL) \ 414 IEEE80211_FREE(ie, M_80211_NODE_IE); \ 415 } while (0) 416 /* 417 * Detach operating mode module. 418 */ 419 if (vap->iv_opdetach != NULL) 420 vap->iv_opdetach(vap); 421 /* 422 * This should not be needed as we detach when reseting 423 * the state but be conservative here since the 424 * authenticator may do things like spawn kernel threads. 425 */ 426 if (vap->iv_auth->ia_detach != NULL) 427 vap->iv_auth->ia_detach(vap); 428 /* 429 * Detach any ACL'ator. 430 */ 431 if (vap->iv_acl != NULL) 432 vap->iv_acl->iac_detach(vap); 433 434 FREEAPPIE(vap->iv_appie_beacon); 435 FREEAPPIE(vap->iv_appie_probereq); 436 FREEAPPIE(vap->iv_appie_proberesp); 437 FREEAPPIE(vap->iv_appie_assocreq); 438 FREEAPPIE(vap->iv_appie_assocresp); 439 FREEAPPIE(vap->iv_appie_wpa); 440 #undef FREEAPPIE 441 } 442 443 /* 444 * Simple-minded authenticator module support. 445 */ 446 447 #define IEEE80211_AUTH_MAX (IEEE80211_AUTH_WPA+1) 448 /* XXX well-known names */ 449 static const char *auth_modnames[IEEE80211_AUTH_MAX] = { 450 "wlan_internal", /* IEEE80211_AUTH_NONE */ 451 "wlan_internal", /* IEEE80211_AUTH_OPEN */ 452 "wlan_internal", /* IEEE80211_AUTH_SHARED */ 453 "wlan_xauth", /* IEEE80211_AUTH_8021X */ 454 "wlan_internal", /* IEEE80211_AUTH_AUTO */ 455 "wlan_xauth", /* IEEE80211_AUTH_WPA */ 456 }; 457 static const struct ieee80211_authenticator *authenticators[IEEE80211_AUTH_MAX]; 458 459 static const struct ieee80211_authenticator auth_internal = { 460 .ia_name = "wlan_internal", 461 .ia_attach = NULL, 462 .ia_detach = NULL, 463 .ia_node_join = NULL, 464 .ia_node_leave = NULL, 465 }; 466 467 /* 468 * Setup internal authenticators once; they are never unregistered. 469 */ 470 static void 471 ieee80211_auth_setup(void) 472 { 473 ieee80211_authenticator_register(IEEE80211_AUTH_OPEN, &auth_internal); 474 ieee80211_authenticator_register(IEEE80211_AUTH_SHARED, &auth_internal); 475 ieee80211_authenticator_register(IEEE80211_AUTH_AUTO, &auth_internal); 476 } 477 SYSINIT(wlan_auth, SI_SUB_DRIVERS, SI_ORDER_FIRST, ieee80211_auth_setup, NULL); 478 479 const struct ieee80211_authenticator * 480 ieee80211_authenticator_get(int auth) 481 { 482 if (auth >= IEEE80211_AUTH_MAX) 483 return NULL; 484 if (authenticators[auth] == NULL) 485 ieee80211_load_module(auth_modnames[auth]); 486 return authenticators[auth]; 487 } 488 489 void 490 ieee80211_authenticator_register(int type, 491 const struct ieee80211_authenticator *auth) 492 { 493 if (type >= IEEE80211_AUTH_MAX) 494 return; 495 authenticators[type] = auth; 496 } 497 498 void 499 ieee80211_authenticator_unregister(int type) 500 { 501 502 if (type >= IEEE80211_AUTH_MAX) 503 return; 504 authenticators[type] = NULL; 505 } 506 507 /* 508 * Very simple-minded ACL module support. 509 */ 510 /* XXX just one for now */ 511 static const struct ieee80211_aclator *acl = NULL; 512 513 void 514 ieee80211_aclator_register(const struct ieee80211_aclator *iac) 515 { 516 printf("wlan: %s acl policy registered\n", iac->iac_name); 517 acl = iac; 518 } 519 520 void 521 ieee80211_aclator_unregister(const struct ieee80211_aclator *iac) 522 { 523 if (acl == iac) 524 acl = NULL; 525 printf("wlan: %s acl policy unregistered\n", iac->iac_name); 526 } 527 528 const struct ieee80211_aclator * 529 ieee80211_aclator_get(const char *name) 530 { 531 if (acl == NULL) 532 ieee80211_load_module("wlan_acl"); 533 return acl != NULL && strcmp(acl->iac_name, name) == 0 ? acl : NULL; 534 } 535 536 void 537 ieee80211_print_essid(const uint8_t *essid, int len) 538 { 539 const uint8_t *p; 540 int i; 541 542 if (len > IEEE80211_NWID_LEN) 543 len = IEEE80211_NWID_LEN; 544 /* determine printable or not */ 545 for (i = 0, p = essid; i < len; i++, p++) { 546 if (*p < ' ' || *p > 0x7e) 547 break; 548 } 549 if (i == len) { 550 printf("\""); 551 for (i = 0, p = essid; i < len; i++, p++) 552 printf("%c", *p); 553 printf("\""); 554 } else { 555 printf("0x"); 556 for (i = 0, p = essid; i < len; i++, p++) 557 printf("%02x", *p); 558 } 559 } 560 561 void 562 ieee80211_dump_pkt(struct ieee80211com *ic, 563 const uint8_t *buf, int len, int rate, int rssi) 564 { 565 const struct ieee80211_frame *wh; 566 int i; 567 568 wh = (const struct ieee80211_frame *)buf; 569 switch (wh->i_fc[1] & IEEE80211_FC1_DIR_MASK) { 570 case IEEE80211_FC1_DIR_NODS: 571 printf("NODS %s", ether_sprintf(wh->i_addr2)); 572 printf("->%s", ether_sprintf(wh->i_addr1)); 573 printf("(%s)", ether_sprintf(wh->i_addr3)); 574 break; 575 case IEEE80211_FC1_DIR_TODS: 576 printf("TODS %s", ether_sprintf(wh->i_addr2)); 577 printf("->%s", ether_sprintf(wh->i_addr3)); 578 printf("(%s)", ether_sprintf(wh->i_addr1)); 579 break; 580 case IEEE80211_FC1_DIR_FROMDS: 581 printf("FRDS %s", ether_sprintf(wh->i_addr3)); 582 printf("->%s", ether_sprintf(wh->i_addr1)); 583 printf("(%s)", ether_sprintf(wh->i_addr2)); 584 break; 585 case IEEE80211_FC1_DIR_DSTODS: 586 printf("DSDS %s", ether_sprintf((const uint8_t *)&wh[1])); 587 printf("->%s", ether_sprintf(wh->i_addr3)); 588 printf("(%s", ether_sprintf(wh->i_addr2)); 589 printf("->%s)", ether_sprintf(wh->i_addr1)); 590 break; 591 } 592 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) { 593 case IEEE80211_FC0_TYPE_DATA: 594 printf(" data"); 595 break; 596 case IEEE80211_FC0_TYPE_MGT: 597 printf(" %s", ieee80211_mgt_subtype_name(wh->i_fc[0])); 598 break; 599 default: 600 printf(" type#%d", wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK); 601 break; 602 } 603 if (IEEE80211_QOS_HAS_SEQ(wh)) { 604 const struct ieee80211_qosframe *qwh = 605 (const struct ieee80211_qosframe *)buf; 606 printf(" QoS [TID %u%s]", qwh->i_qos[0] & IEEE80211_QOS_TID, 607 qwh->i_qos[0] & IEEE80211_QOS_ACKPOLICY ? " ACM" : ""); 608 } 609 if (IEEE80211_IS_PROTECTED(wh)) { 610 int off; 611 612 off = ieee80211_anyhdrspace(ic, wh); 613 printf(" WEP [IV %.02x %.02x %.02x", 614 buf[off+0], buf[off+1], buf[off+2]); 615 if (buf[off+IEEE80211_WEP_IVLEN] & IEEE80211_WEP_EXTIV) 616 printf(" %.02x %.02x %.02x", 617 buf[off+4], buf[off+5], buf[off+6]); 618 printf(" KID %u]", buf[off+IEEE80211_WEP_IVLEN] >> 6); 619 } 620 if (rate >= 0) 621 printf(" %dM", rate / 2); 622 if (rssi >= 0) 623 printf(" +%d", rssi); 624 printf("\n"); 625 if (len > 0) { 626 for (i = 0; i < len; i++) { 627 if ((i & 1) == 0) 628 printf(" "); 629 printf("%02x", buf[i]); 630 } 631 printf("\n"); 632 } 633 } 634 635 static __inline int 636 findrix(const struct ieee80211_rateset *rs, int r) 637 { 638 int i; 639 640 for (i = 0; i < rs->rs_nrates; i++) 641 if ((rs->rs_rates[i] & IEEE80211_RATE_VAL) == r) 642 return i; 643 return -1; 644 } 645 646 int 647 ieee80211_fix_rate(struct ieee80211_node *ni, 648 struct ieee80211_rateset *nrs, int flags) 649 { 650 struct ieee80211vap *vap = ni->ni_vap; 651 struct ieee80211com *ic = ni->ni_ic; 652 int i, j, rix, error; 653 int okrate, badrate, fixedrate, ucastrate; 654 const struct ieee80211_rateset *srs; 655 uint8_t r; 656 657 error = 0; 658 okrate = badrate = 0; 659 ucastrate = vap->iv_txparms[ieee80211_chan2mode(ni->ni_chan)].ucastrate; 660 if (ucastrate != IEEE80211_FIXED_RATE_NONE) { 661 /* 662 * Workaround awkwardness with fixed rate. We are called 663 * to check both the legacy rate set and the HT rate set 664 * but we must apply any legacy fixed rate check only to the 665 * legacy rate set and vice versa. We cannot tell what type 666 * of rate set we've been given (legacy or HT) but we can 667 * distinguish the fixed rate type (MCS have 0x80 set). 668 * So to deal with this the caller communicates whether to 669 * check MCS or legacy rate using the flags and we use the 670 * type of any fixed rate to avoid applying an MCS to a 671 * legacy rate and vice versa. 672 */ 673 if (ucastrate & 0x80) { 674 if (flags & IEEE80211_F_DOFRATE) 675 flags &= ~IEEE80211_F_DOFRATE; 676 } else if ((ucastrate & 0x80) == 0) { 677 if (flags & IEEE80211_F_DOFMCS) 678 flags &= ~IEEE80211_F_DOFMCS; 679 } 680 /* NB: required to make MCS match below work */ 681 ucastrate &= IEEE80211_RATE_VAL; 682 } 683 fixedrate = IEEE80211_FIXED_RATE_NONE; 684 /* 685 * XXX we are called to process both MCS and legacy rates; 686 * we must use the appropriate basic rate set or chaos will 687 * ensue; for now callers that want MCS must supply 688 * IEEE80211_F_DOBRS; at some point we'll need to split this 689 * function so there are two variants, one for MCS and one 690 * for legacy rates. 691 */ 692 if (flags & IEEE80211_F_DOBRS) 693 srs = (const struct ieee80211_rateset *) 694 ieee80211_get_suphtrates(ic, ni->ni_chan); 695 else 696 srs = ieee80211_get_suprates(ic, ni->ni_chan); 697 for (i = 0; i < nrs->rs_nrates; ) { 698 if (flags & IEEE80211_F_DOSORT) { 699 /* 700 * Sort rates. 701 */ 702 for (j = i + 1; j < nrs->rs_nrates; j++) { 703 if (IEEE80211_RV(nrs->rs_rates[i]) > 704 IEEE80211_RV(nrs->rs_rates[j])) { 705 r = nrs->rs_rates[i]; 706 nrs->rs_rates[i] = nrs->rs_rates[j]; 707 nrs->rs_rates[j] = r; 708 } 709 } 710 } 711 r = nrs->rs_rates[i] & IEEE80211_RATE_VAL; 712 badrate = r; 713 /* 714 * Check for fixed rate. 715 */ 716 if (r == ucastrate) 717 fixedrate = r; 718 /* 719 * Check against supported rates. 720 */ 721 rix = findrix(srs, r); 722 if (flags & IEEE80211_F_DONEGO) { 723 if (rix < 0) { 724 /* 725 * A rate in the node's rate set is not 726 * supported. If this is a basic rate and we 727 * are operating as a STA then this is an error. 728 * Otherwise we just discard/ignore the rate. 729 */ 730 if ((flags & IEEE80211_F_JOIN) && 731 (nrs->rs_rates[i] & IEEE80211_RATE_BASIC)) 732 error++; 733 } else if ((flags & IEEE80211_F_JOIN) == 0) { 734 /* 735 * Overwrite with the supported rate 736 * value so any basic rate bit is set. 737 */ 738 nrs->rs_rates[i] = srs->rs_rates[rix]; 739 } 740 } 741 if ((flags & IEEE80211_F_DODEL) && rix < 0) { 742 /* 743 * Delete unacceptable rates. 744 */ 745 nrs->rs_nrates--; 746 for (j = i; j < nrs->rs_nrates; j++) 747 nrs->rs_rates[j] = nrs->rs_rates[j + 1]; 748 nrs->rs_rates[j] = 0; 749 continue; 750 } 751 if (rix >= 0) 752 okrate = nrs->rs_rates[i]; 753 i++; 754 } 755 if (okrate == 0 || error != 0 || 756 ((flags & (IEEE80211_F_DOFRATE|IEEE80211_F_DOFMCS)) && 757 fixedrate != ucastrate)) { 758 IEEE80211_NOTE(vap, IEEE80211_MSG_XRATE | IEEE80211_MSG_11N, ni, 759 "%s: flags 0x%x okrate %d error %d fixedrate 0x%x " 760 "ucastrate %x\n", __func__, fixedrate, ucastrate, flags); 761 return badrate | IEEE80211_RATE_BASIC; 762 } else 763 return IEEE80211_RV(okrate); 764 } 765 766 /* 767 * Reset 11g-related state. 768 * 769 * This is for per-VAP ERP/11g state. 770 * 771 * Eventually everything in ieee80211_reset_erp() will be 772 * per-VAP and in here. 773 */ 774 void 775 ieee80211_vap_reset_erp(struct ieee80211vap *vap) 776 { 777 struct ieee80211com *ic = vap->iv_ic; 778 779 vap->iv_nonerpsta = 0; 780 vap->iv_longslotsta = 0; 781 782 vap->iv_flags &= ~IEEE80211_F_USEPROT; 783 /* 784 * Set short preamble and ERP barker-preamble flags. 785 */ 786 if (IEEE80211_IS_CHAN_A(ic->ic_curchan) || 787 (vap->iv_caps & IEEE80211_C_SHPREAMBLE)) { 788 vap->iv_flags |= IEEE80211_F_SHPREAMBLE; 789 vap->iv_flags &= ~IEEE80211_F_USEBARKER; 790 } else { 791 vap->iv_flags &= ~IEEE80211_F_SHPREAMBLE; 792 vap->iv_flags |= IEEE80211_F_USEBARKER; 793 } 794 795 /* 796 * Short slot time is enabled only when operating in 11g 797 * and not in an IBSS. We must also honor whether or not 798 * the driver is capable of doing it. 799 */ 800 ieee80211_vap_set_shortslottime(vap, 801 IEEE80211_IS_CHAN_A(ic->ic_curchan) || 802 IEEE80211_IS_CHAN_HT(ic->ic_curchan) || 803 (IEEE80211_IS_CHAN_ANYG(ic->ic_curchan) && 804 vap->iv_opmode == IEEE80211_M_HOSTAP && 805 (ic->ic_caps & IEEE80211_C_SHSLOT))); 806 } 807 808 /* 809 * Reset 11g-related state. 810 * 811 * Note this resets the global state and a caller should schedule 812 * a re-check of all the VAPs after setup to update said state. 813 */ 814 void 815 ieee80211_reset_erp(struct ieee80211com *ic) 816 { 817 #if 0 818 ic->ic_flags &= ~IEEE80211_F_USEPROT; 819 /* 820 * Set short preamble and ERP barker-preamble flags. 821 */ 822 if (IEEE80211_IS_CHAN_A(ic->ic_curchan) || 823 (ic->ic_caps & IEEE80211_C_SHPREAMBLE)) { 824 ic->ic_flags |= IEEE80211_F_SHPREAMBLE; 825 ic->ic_flags &= ~IEEE80211_F_USEBARKER; 826 } else { 827 ic->ic_flags &= ~IEEE80211_F_SHPREAMBLE; 828 ic->ic_flags |= IEEE80211_F_USEBARKER; 829 } 830 #endif 831 /* XXX TODO: schedule a new per-VAP ERP calculation */ 832 } 833 834 static struct ieee80211_node * 835 vap_update_bss(struct ieee80211vap *vap, struct ieee80211_node *ni) 836 { 837 struct ieee80211_node *obss; 838 839 IEEE80211_LOCK_ASSERT(vap->iv_ic); 840 841 obss = vap->iv_bss; 842 vap->iv_bss = ni; 843 844 return (obss); 845 } 846 847 /* 848 * Deferred slot time update. 849 * 850 * For per-VAP slot time configuration, call the VAP 851 * method if the VAP requires it. Otherwise, just call the 852 * older global method. 853 * 854 * If the per-VAP method is called then it's expected that 855 * the driver/firmware will take care of turning the per-VAP 856 * flags into slot time configuration. 857 * 858 * If the per-VAP method is not called then the global flags will be 859 * flipped into sync with the VAPs; ic_flags IEEE80211_F_SHSLOT will 860 * be set only if all of the vaps will have it set. 861 * 862 * Look at the comments for vap_update_erp_protmode() for more 863 * background; this assumes all VAPs are on the same channel. 864 */ 865 static void 866 vap_update_slot(void *arg, int npending) 867 { 868 struct ieee80211vap *vap = arg; 869 struct ieee80211com *ic = vap->iv_ic; 870 struct ieee80211vap *iv; 871 int num_shslot = 0, num_lgslot = 0; 872 873 /* 874 * Per-VAP path - we've already had the flags updated; 875 * so just notify the driver and move on. 876 */ 877 if (vap->iv_updateslot != NULL) { 878 vap->iv_updateslot(vap); 879 return; 880 } 881 882 /* 883 * Iterate over all of the VAP flags to update the 884 * global flag. 885 * 886 * If all vaps have short slot enabled then flip on 887 * short slot. If any vap has it disabled then 888 * we leave it globally disabled. This should provide 889 * correct behaviour in a multi-BSS scenario where 890 * at least one VAP has short slot disabled for some 891 * reason. 892 */ 893 IEEE80211_LOCK(ic); 894 TAILQ_FOREACH(iv, &ic->ic_vaps, iv_next) { 895 if (iv->iv_flags & IEEE80211_F_SHSLOT) 896 num_shslot++; 897 else 898 num_lgslot++; 899 } 900 901 /* 902 * It looks backwards but - if the number of short slot VAPs 903 * is zero then we're not short slot. Else, we have one 904 * or more short slot VAPs and we're checking to see if ANY 905 * of them have short slot disabled. 906 */ 907 if (num_shslot == 0) 908 ic->ic_flags &= ~IEEE80211_F_SHSLOT; 909 else if (num_lgslot == 0) 910 ic->ic_flags |= IEEE80211_F_SHSLOT; 911 IEEE80211_UNLOCK(ic); 912 913 /* 914 * Call the driver with our new global slot time flags. 915 */ 916 if (ic->ic_updateslot != NULL) 917 ic->ic_updateslot(ic); 918 } 919 920 /* 921 * Deferred ERP protmode update. 922 * 923 * This currently calculates the global ERP protection mode flag 924 * based on each of the VAPs. Any VAP with it enabled is enough 925 * for the global flag to be enabled. All VAPs with it disabled 926 * is enough for it to be disabled. 927 * 928 * This may make sense right now for the supported hardware where 929 * net80211 is controlling the single channel configuration, but 930 * offload firmware that's doing channel changes (eg off-channel 931 * TDLS, off-channel STA, off-channel P2P STA/AP) may get some 932 * silly looking flag updates. 933 * 934 * Ideally the protection mode calculation is done based on the 935 * channel, and all VAPs using that channel will inherit it. 936 * But until that's what net80211 does, this wil have to do. 937 */ 938 static void 939 vap_update_erp_protmode(void *arg, int npending) 940 { 941 struct ieee80211vap *vap = arg; 942 struct ieee80211com *ic = vap->iv_ic; 943 struct ieee80211vap *iv; 944 int enable_protmode = 0; 945 int non_erp_present = 0; 946 947 /* 948 * Iterate over all of the VAPs to calculate the overlapping 949 * ERP protection mode configuration and ERP present math. 950 * 951 * For now we assume that if a driver can handle this per-VAP 952 * then it'll ignore the ic->ic_protmode variant and instead 953 * will look at the vap related flags. 954 */ 955 IEEE80211_LOCK(ic); 956 TAILQ_FOREACH(iv, &ic->ic_vaps, iv_next) { 957 if (iv->iv_flags & IEEE80211_F_USEPROT) 958 enable_protmode = 1; 959 if (iv->iv_flags_ext & IEEE80211_FEXT_NONERP_PR) 960 non_erp_present = 1; 961 } 962 963 if (enable_protmode) 964 ic->ic_flags |= IEEE80211_F_USEPROT; 965 else 966 ic->ic_flags &= ~IEEE80211_F_USEPROT; 967 968 if (non_erp_present) 969 ic->ic_flags_ext |= IEEE80211_FEXT_NONERP_PR; 970 else 971 ic->ic_flags_ext &= ~IEEE80211_FEXT_NONERP_PR; 972 973 /* Beacon update on all VAPs */ 974 ieee80211_notify_erp_locked(ic); 975 976 IEEE80211_UNLOCK(ic); 977 978 IEEE80211_DPRINTF(vap, IEEE80211_MSG_DEBUG, 979 "%s: called; enable_protmode=%d, non_erp_present=%d\n", 980 __func__, enable_protmode, non_erp_present); 981 982 /* 983 * Now that the global configuration flags are calculated, 984 * notify the VAP about its configuration. 985 * 986 * The global flags will be used when assembling ERP IEs 987 * for multi-VAP operation, even if it's on a different 988 * channel. Yes, that's going to need fixing in the 989 * future. 990 */ 991 if (vap->iv_erp_protmode_update != NULL) 992 vap->iv_erp_protmode_update(vap); 993 } 994 995 /* 996 * Deferred ERP short preamble/barker update. 997 * 998 * All VAPs need to use short preamble for it to be globally 999 * enabled or not. 1000 * 1001 * Look at the comments for vap_update_erp_protmode() for more 1002 * background; this assumes all VAPs are on the same channel. 1003 */ 1004 static void 1005 vap_update_preamble(void *arg, int npending) 1006 { 1007 struct ieee80211vap *vap = arg; 1008 struct ieee80211com *ic = vap->iv_ic; 1009 struct ieee80211vap *iv; 1010 int barker_count = 0, short_preamble_count = 0, count = 0; 1011 1012 /* 1013 * Iterate over all of the VAPs to calculate the overlapping 1014 * short or long preamble configuration. 1015 * 1016 * For now we assume that if a driver can handle this per-VAP 1017 * then it'll ignore the ic->ic_flags variant and instead 1018 * will look at the vap related flags. 1019 */ 1020 IEEE80211_LOCK(ic); 1021 TAILQ_FOREACH(iv, &ic->ic_vaps, iv_next) { 1022 if (iv->iv_flags & IEEE80211_F_USEBARKER) 1023 barker_count++; 1024 if (iv->iv_flags & IEEE80211_F_SHPREAMBLE) 1025 short_preamble_count++; 1026 count++; 1027 } 1028 1029 /* 1030 * As with vap_update_erp_protmode(), the global flags are 1031 * currently used for beacon IEs. 1032 */ 1033 IEEE80211_DPRINTF(vap, IEEE80211_MSG_DEBUG, 1034 "%s: called; barker_count=%d, short_preamble_count=%d\n", 1035 __func__, barker_count, short_preamble_count); 1036 1037 /* 1038 * Only flip on short preamble if all of the VAPs support 1039 * it. 1040 */ 1041 if (barker_count == 0 && short_preamble_count == count) { 1042 ic->ic_flags |= IEEE80211_F_SHPREAMBLE; 1043 ic->ic_flags &= ~IEEE80211_F_USEBARKER; 1044 } else { 1045 ic->ic_flags &= ~IEEE80211_F_SHPREAMBLE; 1046 ic->ic_flags |= IEEE80211_F_USEBARKER; 1047 } 1048 IEEE80211_DPRINTF(vap, IEEE80211_MSG_DEBUG, 1049 "%s: global barker=%d preamble=%d\n", 1050 __func__, 1051 !! (ic->ic_flags & IEEE80211_F_USEBARKER), 1052 !! (ic->ic_flags & IEEE80211_F_SHPREAMBLE)); 1053 1054 /* Beacon update on all VAPs */ 1055 ieee80211_notify_erp_locked(ic); 1056 1057 IEEE80211_UNLOCK(ic); 1058 1059 /* Driver notification */ 1060 if (vap->iv_preamble_update != NULL) 1061 vap->iv_preamble_update(vap); 1062 } 1063 1064 /* 1065 * Deferred HT protmode update and beacon update. 1066 * 1067 * Look at the comments for vap_update_erp_protmode() for more 1068 * background; this assumes all VAPs are on the same channel. 1069 */ 1070 static void 1071 vap_update_ht_protmode(void *arg, int npending) 1072 { 1073 struct ieee80211vap *vap = arg; 1074 struct ieee80211vap *iv; 1075 struct ieee80211com *ic = vap->iv_ic; 1076 int num_vaps = 0, num_pure = 0; 1077 int num_optional = 0, num_ht2040 = 0, num_nonht = 0; 1078 int num_ht_sta = 0, num_ht40_sta = 0, num_sta = 0; 1079 int num_nonhtpr = 0; 1080 1081 /* 1082 * Iterate over all of the VAPs to calculate everything. 1083 * 1084 * There are a few different flags to calculate: 1085 * 1086 * + whether there's HT only or HT+legacy stations; 1087 * + whether there's HT20, HT40, or HT20+HT40 stations; 1088 * + whether the desired protection mode is mixed, pure or 1089 * one of the two above. 1090 * 1091 * For now we assume that if a driver can handle this per-VAP 1092 * then it'll ignore the ic->ic_htprotmode / ic->ic_curhtprotmode 1093 * variant and instead will look at the vap related variables. 1094 * 1095 * XXX TODO: non-greenfield STAs present (IEEE80211_HTINFO_NONGF_PRESENT) ! 1096 */ 1097 1098 IEEE80211_LOCK(ic); 1099 TAILQ_FOREACH(iv, &ic->ic_vaps, iv_next) { 1100 num_vaps++; 1101 /* overlapping BSSes advertising non-HT status present */ 1102 if (iv->iv_flags_ht & IEEE80211_FHT_NONHT_PR) 1103 num_nonht++; 1104 /* Operating mode flags */ 1105 if (iv->iv_curhtprotmode & IEEE80211_HTINFO_NONHT_PRESENT) 1106 num_nonhtpr++; 1107 switch (iv->iv_curhtprotmode & IEEE80211_HTINFO_OPMODE) { 1108 case IEEE80211_HTINFO_OPMODE_PURE: 1109 num_pure++; 1110 break; 1111 case IEEE80211_HTINFO_OPMODE_PROTOPT: 1112 num_optional++; 1113 break; 1114 case IEEE80211_HTINFO_OPMODE_HT20PR: 1115 num_ht2040++; 1116 break; 1117 } 1118 1119 IEEE80211_DPRINTF(vap, IEEE80211_MSG_11N, 1120 "%s: vap %s: nonht_pr=%d, curhtprotmode=0x%02x\n", 1121 __func__, 1122 ieee80211_get_vap_ifname(iv), 1123 !! (iv->iv_flags_ht & IEEE80211_FHT_NONHT_PR), 1124 iv->iv_curhtprotmode); 1125 1126 num_ht_sta += iv->iv_ht_sta_assoc; 1127 num_ht40_sta += iv->iv_ht40_sta_assoc; 1128 num_sta += iv->iv_sta_assoc; 1129 } 1130 1131 /* 1132 * Step 1 - if any VAPs indicate NONHT_PR set (overlapping BSS 1133 * non-HT present), set it here. This shouldn't be used by 1134 * anything but the old overlapping BSS logic so if any drivers 1135 * consume it, it's up to date. 1136 */ 1137 if (num_nonht > 0) 1138 ic->ic_flags_ht |= IEEE80211_FHT_NONHT_PR; 1139 else 1140 ic->ic_flags_ht &= ~IEEE80211_FHT_NONHT_PR; 1141 1142 /* 1143 * Step 2 - default HT protection mode to MIXED (802.11-2016 10.26.3.1.) 1144 * 1145 * + If all VAPs are PURE, we can stay PURE. 1146 * + If all VAPs are PROTOPT, we can go to PROTOPT. 1147 * + If any VAP has HT20PR then it sees at least a HT40+HT20 station. 1148 * Note that we may have a VAP with one HT20 and a VAP with one HT40; 1149 * So we look at the sum ht and sum ht40 sta counts; if we have a 1150 * HT station and the HT20 != HT40 count, we have to do HT20PR here. 1151 * Note all stations need to be HT for this to be an option. 1152 * + The fall-through is MIXED, because it means we have some odd 1153 * non HT40-involved combination of opmode and this is the most 1154 * sensible default. 1155 */ 1156 ic->ic_curhtprotmode = IEEE80211_HTINFO_OPMODE_MIXED; 1157 1158 if (num_pure == num_vaps) 1159 ic->ic_curhtprotmode = IEEE80211_HTINFO_OPMODE_PURE; 1160 1161 if (num_optional == num_vaps) 1162 ic->ic_curhtprotmode = IEEE80211_HTINFO_OPMODE_PROTOPT; 1163 1164 /* 1165 * Note: we need /a/ HT40 station somewhere for this to 1166 * be a possibility. 1167 */ 1168 if ((num_ht2040 > 0) || 1169 ((num_ht_sta > 0) && (num_ht40_sta > 0) && 1170 (num_ht_sta != num_ht40_sta))) 1171 ic->ic_curhtprotmode = IEEE80211_HTINFO_OPMODE_HT20PR; 1172 1173 /* 1174 * Step 3 - if any of the stations across the VAPs are 1175 * non-HT then this needs to be flipped back to MIXED. 1176 */ 1177 if (num_ht_sta != num_sta) 1178 ic->ic_curhtprotmode = IEEE80211_HTINFO_OPMODE_MIXED; 1179 1180 /* 1181 * Step 4 - If we see any overlapping BSS non-HT stations 1182 * via beacons then flip on NONHT_PRESENT. 1183 */ 1184 if (num_nonhtpr > 0) 1185 ic->ic_curhtprotmode |= IEEE80211_HTINFO_NONHT_PRESENT; 1186 1187 /* Notify all VAPs to potentially update their beacons */ 1188 TAILQ_FOREACH(iv, &ic->ic_vaps, iv_next) 1189 ieee80211_htinfo_notify(iv); 1190 1191 IEEE80211_UNLOCK(ic); 1192 1193 IEEE80211_DPRINTF(vap, IEEE80211_MSG_11N, 1194 "%s: global: nonht_pr=%d ht_opmode=0x%02x\n", 1195 __func__, 1196 !! (ic->ic_flags_ht & IEEE80211_FHT_NONHT_PR), 1197 ic->ic_curhtprotmode); 1198 1199 /* Driver update */ 1200 if (vap->iv_ht_protmode_update != NULL) 1201 vap->iv_ht_protmode_update(vap); 1202 } 1203 1204 /* 1205 * Set the short slot time state and notify the driver. 1206 * 1207 * This is the per-VAP slot time state. 1208 */ 1209 void 1210 ieee80211_vap_set_shortslottime(struct ieee80211vap *vap, int onoff) 1211 { 1212 struct ieee80211com *ic = vap->iv_ic; 1213 1214 /* XXX lock? */ 1215 1216 /* 1217 * Only modify the per-VAP slot time. 1218 */ 1219 if (onoff) 1220 vap->iv_flags |= IEEE80211_F_SHSLOT; 1221 else 1222 vap->iv_flags &= ~IEEE80211_F_SHSLOT; 1223 1224 IEEE80211_DPRINTF(vap, IEEE80211_MSG_DEBUG, 1225 "%s: called; onoff=%d\n", __func__, onoff); 1226 /* schedule the deferred slot flag update and update */ 1227 ieee80211_runtask(ic, &vap->iv_slot_task); 1228 } 1229 1230 /* 1231 * Update the VAP short /long / barker preamble state and 1232 * update beacon state if needed. 1233 * 1234 * For now it simply copies the global flags into the per-vap 1235 * flags and schedules the callback. Later this will support 1236 * both global and per-VAP flags, especially useful for 1237 * and STA+STA multi-channel operation (eg p2p). 1238 */ 1239 void 1240 ieee80211_vap_update_preamble(struct ieee80211vap *vap) 1241 { 1242 struct ieee80211com *ic = vap->iv_ic; 1243 1244 /* XXX lock? */ 1245 1246 IEEE80211_DPRINTF(vap, IEEE80211_MSG_DEBUG, 1247 "%s: called\n", __func__); 1248 /* schedule the deferred slot flag update and update */ 1249 ieee80211_runtask(ic, &vap->iv_preamble_task); 1250 } 1251 1252 /* 1253 * Update the VAP 11g protection mode and update beacon state 1254 * if needed. 1255 */ 1256 void 1257 ieee80211_vap_update_erp_protmode(struct ieee80211vap *vap) 1258 { 1259 struct ieee80211com *ic = vap->iv_ic; 1260 1261 /* XXX lock? */ 1262 1263 IEEE80211_DPRINTF(vap, IEEE80211_MSG_DEBUG, 1264 "%s: called\n", __func__); 1265 /* schedule the deferred slot flag update and update */ 1266 ieee80211_runtask(ic, &vap->iv_erp_protmode_task); 1267 } 1268 1269 /* 1270 * Update the VAP 11n protection mode and update beacon state 1271 * if needed. 1272 */ 1273 void 1274 ieee80211_vap_update_ht_protmode(struct ieee80211vap *vap) 1275 { 1276 struct ieee80211com *ic = vap->iv_ic; 1277 1278 /* XXX lock? */ 1279 1280 IEEE80211_DPRINTF(vap, IEEE80211_MSG_DEBUG, 1281 "%s: called\n", __func__); 1282 /* schedule the deferred protmode update */ 1283 ieee80211_runtask(ic, &vap->iv_ht_protmode_task); 1284 } 1285 1286 /* 1287 * Check if the specified rate set supports ERP. 1288 * NB: the rate set is assumed to be sorted. 1289 */ 1290 int 1291 ieee80211_iserp_rateset(const struct ieee80211_rateset *rs) 1292 { 1293 static const int rates[] = { 2, 4, 11, 22, 12, 24, 48 }; 1294 int i, j; 1295 1296 if (rs->rs_nrates < nitems(rates)) 1297 return 0; 1298 for (i = 0; i < nitems(rates); i++) { 1299 for (j = 0; j < rs->rs_nrates; j++) { 1300 int r = rs->rs_rates[j] & IEEE80211_RATE_VAL; 1301 if (rates[i] == r) 1302 goto next; 1303 if (r > rates[i]) 1304 return 0; 1305 } 1306 return 0; 1307 next: 1308 ; 1309 } 1310 return 1; 1311 } 1312 1313 /* 1314 * Mark the basic rates for the rate table based on the 1315 * operating mode. For real 11g we mark all the 11b rates 1316 * and 6, 12, and 24 OFDM. For 11b compatibility we mark only 1317 * 11b rates. There's also a pseudo 11a-mode used to mark only 1318 * the basic OFDM rates. 1319 */ 1320 static void 1321 setbasicrates(struct ieee80211_rateset *rs, 1322 enum ieee80211_phymode mode, int add) 1323 { 1324 static const struct ieee80211_rateset basic[IEEE80211_MODE_MAX] = { 1325 [IEEE80211_MODE_11A] = { 3, { 12, 24, 48 } }, 1326 [IEEE80211_MODE_11B] = { 2, { 2, 4 } }, 1327 /* NB: mixed b/g */ 1328 [IEEE80211_MODE_11G] = { 4, { 2, 4, 11, 22 } }, 1329 [IEEE80211_MODE_TURBO_A] = { 3, { 12, 24, 48 } }, 1330 [IEEE80211_MODE_TURBO_G] = { 4, { 2, 4, 11, 22 } }, 1331 [IEEE80211_MODE_STURBO_A] = { 3, { 12, 24, 48 } }, 1332 [IEEE80211_MODE_HALF] = { 3, { 6, 12, 24 } }, 1333 [IEEE80211_MODE_QUARTER] = { 3, { 3, 6, 12 } }, 1334 [IEEE80211_MODE_11NA] = { 3, { 12, 24, 48 } }, 1335 /* NB: mixed b/g */ 1336 [IEEE80211_MODE_11NG] = { 4, { 2, 4, 11, 22 } }, 1337 /* NB: mixed b/g */ 1338 [IEEE80211_MODE_VHT_2GHZ] = { 4, { 2, 4, 11, 22 } }, 1339 [IEEE80211_MODE_VHT_5GHZ] = { 3, { 12, 24, 48 } }, 1340 }; 1341 int i, j; 1342 1343 for (i = 0; i < rs->rs_nrates; i++) { 1344 if (!add) 1345 rs->rs_rates[i] &= IEEE80211_RATE_VAL; 1346 for (j = 0; j < basic[mode].rs_nrates; j++) 1347 if (basic[mode].rs_rates[j] == rs->rs_rates[i]) { 1348 rs->rs_rates[i] |= IEEE80211_RATE_BASIC; 1349 break; 1350 } 1351 } 1352 } 1353 1354 /* 1355 * Set the basic rates in a rate set. 1356 */ 1357 void 1358 ieee80211_setbasicrates(struct ieee80211_rateset *rs, 1359 enum ieee80211_phymode mode) 1360 { 1361 setbasicrates(rs, mode, 0); 1362 } 1363 1364 /* 1365 * Add basic rates to a rate set. 1366 */ 1367 void 1368 ieee80211_addbasicrates(struct ieee80211_rateset *rs, 1369 enum ieee80211_phymode mode) 1370 { 1371 setbasicrates(rs, mode, 1); 1372 } 1373 1374 /* 1375 * WME protocol support. 1376 * 1377 * The default 11a/b/g/n parameters come from the WiFi Alliance WMM 1378 * System Interopability Test Plan (v1.4, Appendix F) and the 802.11n 1379 * Draft 2.0 Test Plan (Appendix D). 1380 * 1381 * Static/Dynamic Turbo mode settings come from Atheros. 1382 */ 1383 typedef struct phyParamType { 1384 uint8_t aifsn; 1385 uint8_t logcwmin; 1386 uint8_t logcwmax; 1387 uint16_t txopLimit; 1388 uint8_t acm; 1389 } paramType; 1390 1391 static const struct phyParamType phyParamForAC_BE[IEEE80211_MODE_MAX] = { 1392 [IEEE80211_MODE_AUTO] = { 3, 4, 6, 0, 0 }, 1393 [IEEE80211_MODE_11A] = { 3, 4, 6, 0, 0 }, 1394 [IEEE80211_MODE_11B] = { 3, 4, 6, 0, 0 }, 1395 [IEEE80211_MODE_11G] = { 3, 4, 6, 0, 0 }, 1396 [IEEE80211_MODE_FH] = { 3, 4, 6, 0, 0 }, 1397 [IEEE80211_MODE_TURBO_A]= { 2, 3, 5, 0, 0 }, 1398 [IEEE80211_MODE_TURBO_G]= { 2, 3, 5, 0, 0 }, 1399 [IEEE80211_MODE_STURBO_A]={ 2, 3, 5, 0, 0 }, 1400 [IEEE80211_MODE_HALF] = { 3, 4, 6, 0, 0 }, 1401 [IEEE80211_MODE_QUARTER]= { 3, 4, 6, 0, 0 }, 1402 [IEEE80211_MODE_11NA] = { 3, 4, 6, 0, 0 }, 1403 [IEEE80211_MODE_11NG] = { 3, 4, 6, 0, 0 }, 1404 [IEEE80211_MODE_VHT_2GHZ] = { 3, 4, 6, 0, 0 }, 1405 [IEEE80211_MODE_VHT_5GHZ] = { 3, 4, 6, 0, 0 }, 1406 }; 1407 static const struct phyParamType phyParamForAC_BK[IEEE80211_MODE_MAX] = { 1408 [IEEE80211_MODE_AUTO] = { 7, 4, 10, 0, 0 }, 1409 [IEEE80211_MODE_11A] = { 7, 4, 10, 0, 0 }, 1410 [IEEE80211_MODE_11B] = { 7, 4, 10, 0, 0 }, 1411 [IEEE80211_MODE_11G] = { 7, 4, 10, 0, 0 }, 1412 [IEEE80211_MODE_FH] = { 7, 4, 10, 0, 0 }, 1413 [IEEE80211_MODE_TURBO_A]= { 7, 3, 10, 0, 0 }, 1414 [IEEE80211_MODE_TURBO_G]= { 7, 3, 10, 0, 0 }, 1415 [IEEE80211_MODE_STURBO_A]={ 7, 3, 10, 0, 0 }, 1416 [IEEE80211_MODE_HALF] = { 7, 4, 10, 0, 0 }, 1417 [IEEE80211_MODE_QUARTER]= { 7, 4, 10, 0, 0 }, 1418 [IEEE80211_MODE_11NA] = { 7, 4, 10, 0, 0 }, 1419 [IEEE80211_MODE_11NG] = { 7, 4, 10, 0, 0 }, 1420 [IEEE80211_MODE_VHT_2GHZ] = { 7, 4, 10, 0, 0 }, 1421 [IEEE80211_MODE_VHT_5GHZ] = { 7, 4, 10, 0, 0 }, 1422 }; 1423 static const struct phyParamType phyParamForAC_VI[IEEE80211_MODE_MAX] = { 1424 [IEEE80211_MODE_AUTO] = { 1, 3, 4, 94, 0 }, 1425 [IEEE80211_MODE_11A] = { 1, 3, 4, 94, 0 }, 1426 [IEEE80211_MODE_11B] = { 1, 3, 4, 188, 0 }, 1427 [IEEE80211_MODE_11G] = { 1, 3, 4, 94, 0 }, 1428 [IEEE80211_MODE_FH] = { 1, 3, 4, 188, 0 }, 1429 [IEEE80211_MODE_TURBO_A]= { 1, 2, 3, 94, 0 }, 1430 [IEEE80211_MODE_TURBO_G]= { 1, 2, 3, 94, 0 }, 1431 [IEEE80211_MODE_STURBO_A]={ 1, 2, 3, 94, 0 }, 1432 [IEEE80211_MODE_HALF] = { 1, 3, 4, 94, 0 }, 1433 [IEEE80211_MODE_QUARTER]= { 1, 3, 4, 94, 0 }, 1434 [IEEE80211_MODE_11NA] = { 1, 3, 4, 94, 0 }, 1435 [IEEE80211_MODE_11NG] = { 1, 3, 4, 94, 0 }, 1436 [IEEE80211_MODE_VHT_2GHZ] = { 1, 3, 4, 94, 0 }, 1437 [IEEE80211_MODE_VHT_5GHZ] = { 1, 3, 4, 94, 0 }, 1438 }; 1439 static const struct phyParamType phyParamForAC_VO[IEEE80211_MODE_MAX] = { 1440 [IEEE80211_MODE_AUTO] = { 1, 2, 3, 47, 0 }, 1441 [IEEE80211_MODE_11A] = { 1, 2, 3, 47, 0 }, 1442 [IEEE80211_MODE_11B] = { 1, 2, 3, 102, 0 }, 1443 [IEEE80211_MODE_11G] = { 1, 2, 3, 47, 0 }, 1444 [IEEE80211_MODE_FH] = { 1, 2, 3, 102, 0 }, 1445 [IEEE80211_MODE_TURBO_A]= { 1, 2, 2, 47, 0 }, 1446 [IEEE80211_MODE_TURBO_G]= { 1, 2, 2, 47, 0 }, 1447 [IEEE80211_MODE_STURBO_A]={ 1, 2, 2, 47, 0 }, 1448 [IEEE80211_MODE_HALF] = { 1, 2, 3, 47, 0 }, 1449 [IEEE80211_MODE_QUARTER]= { 1, 2, 3, 47, 0 }, 1450 [IEEE80211_MODE_11NA] = { 1, 2, 3, 47, 0 }, 1451 [IEEE80211_MODE_11NG] = { 1, 2, 3, 47, 0 }, 1452 [IEEE80211_MODE_VHT_2GHZ] = { 1, 2, 3, 47, 0 }, 1453 [IEEE80211_MODE_VHT_5GHZ] = { 1, 2, 3, 47, 0 }, 1454 }; 1455 1456 static const struct phyParamType bssPhyParamForAC_BE[IEEE80211_MODE_MAX] = { 1457 [IEEE80211_MODE_AUTO] = { 3, 4, 10, 0, 0 }, 1458 [IEEE80211_MODE_11A] = { 3, 4, 10, 0, 0 }, 1459 [IEEE80211_MODE_11B] = { 3, 4, 10, 0, 0 }, 1460 [IEEE80211_MODE_11G] = { 3, 4, 10, 0, 0 }, 1461 [IEEE80211_MODE_FH] = { 3, 4, 10, 0, 0 }, 1462 [IEEE80211_MODE_TURBO_A]= { 2, 3, 10, 0, 0 }, 1463 [IEEE80211_MODE_TURBO_G]= { 2, 3, 10, 0, 0 }, 1464 [IEEE80211_MODE_STURBO_A]={ 2, 3, 10, 0, 0 }, 1465 [IEEE80211_MODE_HALF] = { 3, 4, 10, 0, 0 }, 1466 [IEEE80211_MODE_QUARTER]= { 3, 4, 10, 0, 0 }, 1467 [IEEE80211_MODE_11NA] = { 3, 4, 10, 0, 0 }, 1468 [IEEE80211_MODE_11NG] = { 3, 4, 10, 0, 0 }, 1469 }; 1470 static const struct phyParamType bssPhyParamForAC_VI[IEEE80211_MODE_MAX] = { 1471 [IEEE80211_MODE_AUTO] = { 2, 3, 4, 94, 0 }, 1472 [IEEE80211_MODE_11A] = { 2, 3, 4, 94, 0 }, 1473 [IEEE80211_MODE_11B] = { 2, 3, 4, 188, 0 }, 1474 [IEEE80211_MODE_11G] = { 2, 3, 4, 94, 0 }, 1475 [IEEE80211_MODE_FH] = { 2, 3, 4, 188, 0 }, 1476 [IEEE80211_MODE_TURBO_A]= { 2, 2, 3, 94, 0 }, 1477 [IEEE80211_MODE_TURBO_G]= { 2, 2, 3, 94, 0 }, 1478 [IEEE80211_MODE_STURBO_A]={ 2, 2, 3, 94, 0 }, 1479 [IEEE80211_MODE_HALF] = { 2, 3, 4, 94, 0 }, 1480 [IEEE80211_MODE_QUARTER]= { 2, 3, 4, 94, 0 }, 1481 [IEEE80211_MODE_11NA] = { 2, 3, 4, 94, 0 }, 1482 [IEEE80211_MODE_11NG] = { 2, 3, 4, 94, 0 }, 1483 }; 1484 static const struct phyParamType bssPhyParamForAC_VO[IEEE80211_MODE_MAX] = { 1485 [IEEE80211_MODE_AUTO] = { 2, 2, 3, 47, 0 }, 1486 [IEEE80211_MODE_11A] = { 2, 2, 3, 47, 0 }, 1487 [IEEE80211_MODE_11B] = { 2, 2, 3, 102, 0 }, 1488 [IEEE80211_MODE_11G] = { 2, 2, 3, 47, 0 }, 1489 [IEEE80211_MODE_FH] = { 2, 2, 3, 102, 0 }, 1490 [IEEE80211_MODE_TURBO_A]= { 1, 2, 2, 47, 0 }, 1491 [IEEE80211_MODE_TURBO_G]= { 1, 2, 2, 47, 0 }, 1492 [IEEE80211_MODE_STURBO_A]={ 1, 2, 2, 47, 0 }, 1493 [IEEE80211_MODE_HALF] = { 2, 2, 3, 47, 0 }, 1494 [IEEE80211_MODE_QUARTER]= { 2, 2, 3, 47, 0 }, 1495 [IEEE80211_MODE_11NA] = { 2, 2, 3, 47, 0 }, 1496 [IEEE80211_MODE_11NG] = { 2, 2, 3, 47, 0 }, 1497 }; 1498 1499 static void 1500 _setifsparams(struct wmeParams *wmep, const paramType *phy) 1501 { 1502 wmep->wmep_aifsn = phy->aifsn; 1503 wmep->wmep_logcwmin = phy->logcwmin; 1504 wmep->wmep_logcwmax = phy->logcwmax; 1505 wmep->wmep_txopLimit = phy->txopLimit; 1506 } 1507 1508 static void 1509 setwmeparams(struct ieee80211vap *vap, const char *type, int ac, 1510 struct wmeParams *wmep, const paramType *phy) 1511 { 1512 wmep->wmep_acm = phy->acm; 1513 _setifsparams(wmep, phy); 1514 1515 IEEE80211_DPRINTF(vap, IEEE80211_MSG_WME, 1516 "set %s (%s) [acm %u aifsn %u logcwmin %u logcwmax %u txop %u]\n", 1517 ieee80211_wme_acnames[ac], type, 1518 wmep->wmep_acm, wmep->wmep_aifsn, wmep->wmep_logcwmin, 1519 wmep->wmep_logcwmax, wmep->wmep_txopLimit); 1520 } 1521 1522 static void 1523 ieee80211_wme_initparams_locked(struct ieee80211vap *vap) 1524 { 1525 struct ieee80211com *ic = vap->iv_ic; 1526 struct ieee80211_wme_state *wme = &ic->ic_wme; 1527 const paramType *pPhyParam, *pBssPhyParam; 1528 struct wmeParams *wmep; 1529 enum ieee80211_phymode mode; 1530 int i; 1531 1532 IEEE80211_LOCK_ASSERT(ic); 1533 1534 if ((ic->ic_caps & IEEE80211_C_WME) == 0 || ic->ic_nrunning > 1) 1535 return; 1536 1537 /* 1538 * Clear the wme cap_info field so a qoscount from a previous 1539 * vap doesn't confuse later code which only parses the beacon 1540 * field and updates hardware when said field changes. 1541 * Otherwise the hardware is programmed with defaults, not what 1542 * the beacon actually announces. 1543 * 1544 * Note that we can't ever have 0xff as an actual value; 1545 * the only valid values are 0..15. 1546 */ 1547 wme->wme_wmeChanParams.cap_info = 0xfe; 1548 1549 /* 1550 * Select mode; we can be called early in which case we 1551 * always use auto mode. We know we'll be called when 1552 * entering the RUN state with bsschan setup properly 1553 * so state will eventually get set correctly 1554 */ 1555 if (ic->ic_bsschan != IEEE80211_CHAN_ANYC) 1556 mode = ieee80211_chan2mode(ic->ic_bsschan); 1557 else 1558 mode = IEEE80211_MODE_AUTO; 1559 for (i = 0; i < WME_NUM_AC; i++) { 1560 switch (i) { 1561 case WME_AC_BK: 1562 pPhyParam = &phyParamForAC_BK[mode]; 1563 pBssPhyParam = &phyParamForAC_BK[mode]; 1564 break; 1565 case WME_AC_VI: 1566 pPhyParam = &phyParamForAC_VI[mode]; 1567 pBssPhyParam = &bssPhyParamForAC_VI[mode]; 1568 break; 1569 case WME_AC_VO: 1570 pPhyParam = &phyParamForAC_VO[mode]; 1571 pBssPhyParam = &bssPhyParamForAC_VO[mode]; 1572 break; 1573 case WME_AC_BE: 1574 default: 1575 pPhyParam = &phyParamForAC_BE[mode]; 1576 pBssPhyParam = &bssPhyParamForAC_BE[mode]; 1577 break; 1578 } 1579 wmep = &wme->wme_wmeChanParams.cap_wmeParams[i]; 1580 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 1581 setwmeparams(vap, "chan", i, wmep, pPhyParam); 1582 } else { 1583 setwmeparams(vap, "chan", i, wmep, pBssPhyParam); 1584 } 1585 wmep = &wme->wme_wmeBssChanParams.cap_wmeParams[i]; 1586 setwmeparams(vap, "bss ", i, wmep, pBssPhyParam); 1587 } 1588 /* NB: check ic_bss to avoid NULL deref on initial attach */ 1589 if (vap->iv_bss != NULL) { 1590 /* 1591 * Calculate aggressive mode switching threshold based 1592 * on beacon interval. This doesn't need locking since 1593 * we're only called before entering the RUN state at 1594 * which point we start sending beacon frames. 1595 */ 1596 wme->wme_hipri_switch_thresh = 1597 (HIGH_PRI_SWITCH_THRESH * vap->iv_bss->ni_intval) / 100; 1598 wme->wme_flags &= ~WME_F_AGGRMODE; 1599 ieee80211_wme_updateparams(vap); 1600 } 1601 } 1602 1603 void 1604 ieee80211_wme_initparams(struct ieee80211vap *vap) 1605 { 1606 struct ieee80211com *ic = vap->iv_ic; 1607 1608 IEEE80211_LOCK(ic); 1609 ieee80211_wme_initparams_locked(vap); 1610 IEEE80211_UNLOCK(ic); 1611 } 1612 1613 /* 1614 * Update WME parameters for ourself and the BSS. 1615 */ 1616 void 1617 ieee80211_wme_updateparams_locked(struct ieee80211vap *vap) 1618 { 1619 static const paramType aggrParam[IEEE80211_MODE_MAX] = { 1620 [IEEE80211_MODE_AUTO] = { 2, 4, 10, 64, 0 }, 1621 [IEEE80211_MODE_11A] = { 2, 4, 10, 64, 0 }, 1622 [IEEE80211_MODE_11B] = { 2, 5, 10, 64, 0 }, 1623 [IEEE80211_MODE_11G] = { 2, 4, 10, 64, 0 }, 1624 [IEEE80211_MODE_FH] = { 2, 5, 10, 64, 0 }, 1625 [IEEE80211_MODE_TURBO_A] = { 1, 3, 10, 64, 0 }, 1626 [IEEE80211_MODE_TURBO_G] = { 1, 3, 10, 64, 0 }, 1627 [IEEE80211_MODE_STURBO_A] = { 1, 3, 10, 64, 0 }, 1628 [IEEE80211_MODE_HALF] = { 2, 4, 10, 64, 0 }, 1629 [IEEE80211_MODE_QUARTER] = { 2, 4, 10, 64, 0 }, 1630 [IEEE80211_MODE_11NA] = { 2, 4, 10, 64, 0 }, /* XXXcheck*/ 1631 [IEEE80211_MODE_11NG] = { 2, 4, 10, 64, 0 }, /* XXXcheck*/ 1632 [IEEE80211_MODE_VHT_2GHZ] = { 2, 4, 10, 64, 0 }, /* XXXcheck*/ 1633 [IEEE80211_MODE_VHT_5GHZ] = { 2, 4, 10, 64, 0 }, /* XXXcheck*/ 1634 }; 1635 struct ieee80211com *ic = vap->iv_ic; 1636 struct ieee80211_wme_state *wme = &ic->ic_wme; 1637 const struct wmeParams *wmep; 1638 struct wmeParams *chanp, *bssp; 1639 enum ieee80211_phymode mode; 1640 int i; 1641 int do_aggrmode = 0; 1642 1643 /* 1644 * Set up the channel access parameters for the physical 1645 * device. First populate the configured settings. 1646 */ 1647 for (i = 0; i < WME_NUM_AC; i++) { 1648 chanp = &wme->wme_chanParams.cap_wmeParams[i]; 1649 wmep = &wme->wme_wmeChanParams.cap_wmeParams[i]; 1650 chanp->wmep_aifsn = wmep->wmep_aifsn; 1651 chanp->wmep_logcwmin = wmep->wmep_logcwmin; 1652 chanp->wmep_logcwmax = wmep->wmep_logcwmax; 1653 chanp->wmep_txopLimit = wmep->wmep_txopLimit; 1654 1655 chanp = &wme->wme_bssChanParams.cap_wmeParams[i]; 1656 wmep = &wme->wme_wmeBssChanParams.cap_wmeParams[i]; 1657 chanp->wmep_aifsn = wmep->wmep_aifsn; 1658 chanp->wmep_logcwmin = wmep->wmep_logcwmin; 1659 chanp->wmep_logcwmax = wmep->wmep_logcwmax; 1660 chanp->wmep_txopLimit = wmep->wmep_txopLimit; 1661 } 1662 1663 /* 1664 * Select mode; we can be called early in which case we 1665 * always use auto mode. We know we'll be called when 1666 * entering the RUN state with bsschan setup properly 1667 * so state will eventually get set correctly 1668 */ 1669 if (ic->ic_bsschan != IEEE80211_CHAN_ANYC) 1670 mode = ieee80211_chan2mode(ic->ic_bsschan); 1671 else 1672 mode = IEEE80211_MODE_AUTO; 1673 1674 /* 1675 * This implements aggressive mode as found in certain 1676 * vendors' AP's. When there is significant high 1677 * priority (VI/VO) traffic in the BSS throttle back BE 1678 * traffic by using conservative parameters. Otherwise 1679 * BE uses aggressive params to optimize performance of 1680 * legacy/non-QoS traffic. 1681 */ 1682 1683 /* Hostap? Only if aggressive mode is enabled */ 1684 if (vap->iv_opmode == IEEE80211_M_HOSTAP && 1685 (wme->wme_flags & WME_F_AGGRMODE) != 0) 1686 do_aggrmode = 1; 1687 1688 /* 1689 * Station? Only if we're in a non-QoS BSS. 1690 */ 1691 else if ((vap->iv_opmode == IEEE80211_M_STA && 1692 (vap->iv_bss->ni_flags & IEEE80211_NODE_QOS) == 0)) 1693 do_aggrmode = 1; 1694 1695 /* 1696 * IBSS? Only if we have WME enabled. 1697 */ 1698 else if ((vap->iv_opmode == IEEE80211_M_IBSS) && 1699 (vap->iv_flags & IEEE80211_F_WME)) 1700 do_aggrmode = 1; 1701 1702 /* 1703 * If WME is disabled on this VAP, default to aggressive mode 1704 * regardless of the configuration. 1705 */ 1706 if ((vap->iv_flags & IEEE80211_F_WME) == 0) 1707 do_aggrmode = 1; 1708 1709 /* XXX WDS? */ 1710 1711 /* XXX MBSS? */ 1712 1713 if (do_aggrmode) { 1714 chanp = &wme->wme_chanParams.cap_wmeParams[WME_AC_BE]; 1715 bssp = &wme->wme_bssChanParams.cap_wmeParams[WME_AC_BE]; 1716 1717 chanp->wmep_aifsn = bssp->wmep_aifsn = aggrParam[mode].aifsn; 1718 chanp->wmep_logcwmin = bssp->wmep_logcwmin = 1719 aggrParam[mode].logcwmin; 1720 chanp->wmep_logcwmax = bssp->wmep_logcwmax = 1721 aggrParam[mode].logcwmax; 1722 chanp->wmep_txopLimit = bssp->wmep_txopLimit = 1723 (vap->iv_flags & IEEE80211_F_BURST) ? 1724 aggrParam[mode].txopLimit : 0; 1725 IEEE80211_DPRINTF(vap, IEEE80211_MSG_WME, 1726 "update %s (chan+bss) [acm %u aifsn %u logcwmin %u " 1727 "logcwmax %u txop %u]\n", ieee80211_wme_acnames[WME_AC_BE], 1728 chanp->wmep_acm, chanp->wmep_aifsn, chanp->wmep_logcwmin, 1729 chanp->wmep_logcwmax, chanp->wmep_txopLimit); 1730 } 1731 1732 /* 1733 * Change the contention window based on the number of associated 1734 * stations. If the number of associated stations is 1 and 1735 * aggressive mode is enabled, lower the contention window even 1736 * further. 1737 */ 1738 if (vap->iv_opmode == IEEE80211_M_HOSTAP && 1739 vap->iv_sta_assoc < 2 && (wme->wme_flags & WME_F_AGGRMODE) != 0) { 1740 static const uint8_t logCwMin[IEEE80211_MODE_MAX] = { 1741 [IEEE80211_MODE_AUTO] = 3, 1742 [IEEE80211_MODE_11A] = 3, 1743 [IEEE80211_MODE_11B] = 4, 1744 [IEEE80211_MODE_11G] = 3, 1745 [IEEE80211_MODE_FH] = 4, 1746 [IEEE80211_MODE_TURBO_A] = 3, 1747 [IEEE80211_MODE_TURBO_G] = 3, 1748 [IEEE80211_MODE_STURBO_A] = 3, 1749 [IEEE80211_MODE_HALF] = 3, 1750 [IEEE80211_MODE_QUARTER] = 3, 1751 [IEEE80211_MODE_11NA] = 3, 1752 [IEEE80211_MODE_11NG] = 3, 1753 [IEEE80211_MODE_VHT_2GHZ] = 3, 1754 [IEEE80211_MODE_VHT_5GHZ] = 3, 1755 }; 1756 chanp = &wme->wme_chanParams.cap_wmeParams[WME_AC_BE]; 1757 bssp = &wme->wme_bssChanParams.cap_wmeParams[WME_AC_BE]; 1758 1759 chanp->wmep_logcwmin = bssp->wmep_logcwmin = logCwMin[mode]; 1760 IEEE80211_DPRINTF(vap, IEEE80211_MSG_WME, 1761 "update %s (chan+bss) logcwmin %u\n", 1762 ieee80211_wme_acnames[WME_AC_BE], chanp->wmep_logcwmin); 1763 } 1764 1765 /* schedule the deferred WME update */ 1766 ieee80211_runtask(ic, &vap->iv_wme_task); 1767 1768 IEEE80211_DPRINTF(vap, IEEE80211_MSG_WME, 1769 "%s: WME params updated, cap_info 0x%x\n", __func__, 1770 vap->iv_opmode == IEEE80211_M_STA ? 1771 wme->wme_wmeChanParams.cap_info : 1772 wme->wme_bssChanParams.cap_info); 1773 } 1774 1775 void 1776 ieee80211_wme_updateparams(struct ieee80211vap *vap) 1777 { 1778 struct ieee80211com *ic = vap->iv_ic; 1779 1780 if (ic->ic_caps & IEEE80211_C_WME) { 1781 IEEE80211_LOCK(ic); 1782 ieee80211_wme_updateparams_locked(vap); 1783 IEEE80211_UNLOCK(ic); 1784 } 1785 } 1786 1787 /* 1788 * Fetch the WME parameters for the given VAP. 1789 * 1790 * When net80211 grows p2p, etc support, this may return different 1791 * parameters for each VAP. 1792 */ 1793 void 1794 ieee80211_wme_vap_getparams(struct ieee80211vap *vap, struct chanAccParams *wp) 1795 { 1796 1797 memcpy(wp, &vap->iv_ic->ic_wme.wme_chanParams, sizeof(*wp)); 1798 } 1799 1800 /* 1801 * For NICs which only support one set of WME parameters (ie, softmac NICs) 1802 * there may be different VAP WME parameters but only one is "active". 1803 * This returns the "NIC" WME parameters for the currently active 1804 * context. 1805 */ 1806 void 1807 ieee80211_wme_ic_getparams(struct ieee80211com *ic, struct chanAccParams *wp) 1808 { 1809 1810 memcpy(wp, &ic->ic_wme.wme_chanParams, sizeof(*wp)); 1811 } 1812 1813 /* 1814 * Return whether to use QoS on a given WME queue. 1815 * 1816 * This is intended to be called from the transmit path of softmac drivers 1817 * which are setting NoAck bits in transmit descriptors. 1818 * 1819 * Ideally this would be set in some transmit field before the packet is 1820 * queued to the driver but net80211 isn't quite there yet. 1821 */ 1822 int 1823 ieee80211_wme_vap_ac_is_noack(struct ieee80211vap *vap, int ac) 1824 { 1825 /* Bounds/sanity check */ 1826 if (ac < 0 || ac >= WME_NUM_AC) 1827 return (0); 1828 1829 /* Again, there's only one global context for now */ 1830 return (!! vap->iv_ic->ic_wme.wme_chanParams.cap_wmeParams[ac].wmep_noackPolicy); 1831 } 1832 1833 static void 1834 parent_updown(void *arg, int npending) 1835 { 1836 struct ieee80211com *ic = arg; 1837 1838 ic->ic_parent(ic); 1839 } 1840 1841 static void 1842 update_mcast(void *arg, int npending) 1843 { 1844 struct ieee80211com *ic = arg; 1845 1846 ic->ic_update_mcast(ic); 1847 } 1848 1849 static void 1850 update_promisc(void *arg, int npending) 1851 { 1852 struct ieee80211com *ic = arg; 1853 1854 ic->ic_update_promisc(ic); 1855 } 1856 1857 static void 1858 update_channel(void *arg, int npending) 1859 { 1860 struct ieee80211com *ic = arg; 1861 1862 ic->ic_set_channel(ic); 1863 ieee80211_radiotap_chan_change(ic); 1864 } 1865 1866 static void 1867 update_chw(void *arg, int npending) 1868 { 1869 struct ieee80211com *ic = arg; 1870 1871 /* 1872 * XXX should we defer the channel width _config_ update until now? 1873 */ 1874 ic->ic_update_chw(ic); 1875 } 1876 1877 /* 1878 * Deferred WME parameter and beacon update. 1879 * 1880 * In preparation for per-VAP WME configuration, call the VAP 1881 * method if the VAP requires it. Otherwise, just call the 1882 * older global method. There isn't a per-VAP WME configuration 1883 * just yet so for now just use the global configuration. 1884 */ 1885 static void 1886 vap_update_wme(void *arg, int npending) 1887 { 1888 struct ieee80211vap *vap = arg; 1889 struct ieee80211com *ic = vap->iv_ic; 1890 struct ieee80211_wme_state *wme = &ic->ic_wme; 1891 1892 /* Driver update */ 1893 if (vap->iv_wme_update != NULL) 1894 vap->iv_wme_update(vap, 1895 ic->ic_wme.wme_chanParams.cap_wmeParams); 1896 else 1897 ic->ic_wme.wme_update(ic); 1898 1899 IEEE80211_LOCK(ic); 1900 /* 1901 * Arrange for the beacon update. 1902 * 1903 * XXX what about MBSS, WDS? 1904 */ 1905 if (vap->iv_opmode == IEEE80211_M_HOSTAP 1906 || vap->iv_opmode == IEEE80211_M_IBSS) { 1907 /* 1908 * Arrange for a beacon update and bump the parameter 1909 * set number so associated stations load the new values. 1910 */ 1911 wme->wme_bssChanParams.cap_info = 1912 (wme->wme_bssChanParams.cap_info+1) & WME_QOSINFO_COUNT; 1913 ieee80211_beacon_notify(vap, IEEE80211_BEACON_WME); 1914 } 1915 IEEE80211_UNLOCK(ic); 1916 } 1917 1918 static void 1919 restart_vaps(void *arg, int npending) 1920 { 1921 struct ieee80211com *ic = arg; 1922 1923 ieee80211_suspend_all(ic); 1924 ieee80211_resume_all(ic); 1925 } 1926 1927 /* 1928 * Block until the parent is in a known state. This is 1929 * used after any operations that dispatch a task (e.g. 1930 * to auto-configure the parent device up/down). 1931 */ 1932 void 1933 ieee80211_waitfor_parent(struct ieee80211com *ic) 1934 { 1935 taskqueue_block(ic->ic_tq); 1936 ieee80211_draintask(ic, &ic->ic_parent_task); 1937 ieee80211_draintask(ic, &ic->ic_mcast_task); 1938 ieee80211_draintask(ic, &ic->ic_promisc_task); 1939 ieee80211_draintask(ic, &ic->ic_chan_task); 1940 ieee80211_draintask(ic, &ic->ic_bmiss_task); 1941 ieee80211_draintask(ic, &ic->ic_chw_task); 1942 taskqueue_unblock(ic->ic_tq); 1943 } 1944 1945 /* 1946 * Check to see whether the current channel needs reset. 1947 * 1948 * Some devices don't handle being given an invalid channel 1949 * in their operating mode very well (eg wpi(4) will throw a 1950 * firmware exception.) 1951 * 1952 * Return 0 if we're ok, 1 if the channel needs to be reset. 1953 * 1954 * See PR kern/202502. 1955 */ 1956 static int 1957 ieee80211_start_check_reset_chan(struct ieee80211vap *vap) 1958 { 1959 struct ieee80211com *ic = vap->iv_ic; 1960 1961 if ((vap->iv_opmode == IEEE80211_M_IBSS && 1962 IEEE80211_IS_CHAN_NOADHOC(ic->ic_curchan)) || 1963 (vap->iv_opmode == IEEE80211_M_HOSTAP && 1964 IEEE80211_IS_CHAN_NOHOSTAP(ic->ic_curchan))) 1965 return (1); 1966 return (0); 1967 } 1968 1969 /* 1970 * Reset the curchan to a known good state. 1971 */ 1972 static void 1973 ieee80211_start_reset_chan(struct ieee80211vap *vap) 1974 { 1975 struct ieee80211com *ic = vap->iv_ic; 1976 1977 ic->ic_curchan = &ic->ic_channels[0]; 1978 } 1979 1980 /* 1981 * Start a vap running. If this is the first vap to be 1982 * set running on the underlying device then we 1983 * automatically bring the device up. 1984 */ 1985 void 1986 ieee80211_start_locked(struct ieee80211vap *vap) 1987 { 1988 struct ifnet *ifp = vap->iv_ifp; 1989 struct ieee80211com *ic = vap->iv_ic; 1990 1991 IEEE80211_LOCK_ASSERT(ic); 1992 1993 IEEE80211_DPRINTF(vap, 1994 IEEE80211_MSG_STATE | IEEE80211_MSG_DEBUG, 1995 "start running, %d vaps running\n", ic->ic_nrunning); 1996 1997 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) { 1998 /* 1999 * Mark us running. Note that it's ok to do this first; 2000 * if we need to bring the parent device up we defer that 2001 * to avoid dropping the com lock. We expect the device 2002 * to respond to being marked up by calling back into us 2003 * through ieee80211_start_all at which point we'll come 2004 * back in here and complete the work. 2005 */ 2006 ifp->if_drv_flags |= IFF_DRV_RUNNING; 2007 ieee80211_notify_ifnet_change(vap, IFF_DRV_RUNNING); 2008 2009 /* 2010 * We are not running; if this we are the first vap 2011 * to be brought up auto-up the parent if necessary. 2012 */ 2013 if (ic->ic_nrunning++ == 0) { 2014 /* reset the channel to a known good channel */ 2015 if (ieee80211_start_check_reset_chan(vap)) 2016 ieee80211_start_reset_chan(vap); 2017 2018 IEEE80211_DPRINTF(vap, 2019 IEEE80211_MSG_STATE | IEEE80211_MSG_DEBUG, 2020 "%s: up parent %s\n", __func__, ic->ic_name); 2021 ieee80211_runtask(ic, &ic->ic_parent_task); 2022 return; 2023 } 2024 } 2025 /* 2026 * If the parent is up and running, then kick the 2027 * 802.11 state machine as appropriate. 2028 */ 2029 if (vap->iv_roaming != IEEE80211_ROAMING_MANUAL) { 2030 if (vap->iv_opmode == IEEE80211_M_STA) { 2031 #if 0 2032 /* XXX bypasses scan too easily; disable for now */ 2033 /* 2034 * Try to be intelligent about clocking the state 2035 * machine. If we're currently in RUN state then 2036 * we should be able to apply any new state/parameters 2037 * simply by re-associating. Otherwise we need to 2038 * re-scan to select an appropriate ap. 2039 */ 2040 if (vap->iv_state >= IEEE80211_S_RUN) 2041 ieee80211_new_state_locked(vap, 2042 IEEE80211_S_ASSOC, 1); 2043 else 2044 #endif 2045 ieee80211_new_state_locked(vap, 2046 IEEE80211_S_SCAN, 0); 2047 } else { 2048 /* 2049 * For monitor+wds mode there's nothing to do but 2050 * start running. Otherwise if this is the first 2051 * vap to be brought up, start a scan which may be 2052 * preempted if the station is locked to a particular 2053 * channel. 2054 */ 2055 vap->iv_flags_ext |= IEEE80211_FEXT_REINIT; 2056 if (vap->iv_opmode == IEEE80211_M_MONITOR || 2057 vap->iv_opmode == IEEE80211_M_WDS) 2058 ieee80211_new_state_locked(vap, 2059 IEEE80211_S_RUN, -1); 2060 else 2061 ieee80211_new_state_locked(vap, 2062 IEEE80211_S_SCAN, 0); 2063 } 2064 } 2065 } 2066 2067 /* 2068 * Start a single vap. 2069 */ 2070 void 2071 ieee80211_init(void *arg) 2072 { 2073 struct ieee80211vap *vap = arg; 2074 2075 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE | IEEE80211_MSG_DEBUG, 2076 "%s\n", __func__); 2077 2078 IEEE80211_LOCK(vap->iv_ic); 2079 ieee80211_start_locked(vap); 2080 IEEE80211_UNLOCK(vap->iv_ic); 2081 } 2082 2083 /* 2084 * Start all runnable vap's on a device. 2085 */ 2086 void 2087 ieee80211_start_all(struct ieee80211com *ic) 2088 { 2089 struct ieee80211vap *vap; 2090 2091 IEEE80211_LOCK(ic); 2092 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) { 2093 struct ifnet *ifp = vap->iv_ifp; 2094 if (IFNET_IS_UP_RUNNING(ifp)) /* NB: avoid recursion */ 2095 ieee80211_start_locked(vap); 2096 } 2097 IEEE80211_UNLOCK(ic); 2098 } 2099 2100 /* 2101 * Stop a vap. We force it down using the state machine 2102 * then mark it's ifnet not running. If this is the last 2103 * vap running on the underlying device then we close it 2104 * too to insure it will be properly initialized when the 2105 * next vap is brought up. 2106 */ 2107 void 2108 ieee80211_stop_locked(struct ieee80211vap *vap) 2109 { 2110 struct ieee80211com *ic = vap->iv_ic; 2111 struct ifnet *ifp = vap->iv_ifp; 2112 2113 IEEE80211_LOCK_ASSERT(ic); 2114 2115 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE | IEEE80211_MSG_DEBUG, 2116 "stop running, %d vaps running\n", ic->ic_nrunning); 2117 2118 ieee80211_new_state_locked(vap, IEEE80211_S_INIT, -1); 2119 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 2120 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; /* mark us stopped */ 2121 ieee80211_notify_ifnet_change(vap, IFF_DRV_RUNNING); 2122 if (--ic->ic_nrunning == 0) { 2123 IEEE80211_DPRINTF(vap, 2124 IEEE80211_MSG_STATE | IEEE80211_MSG_DEBUG, 2125 "down parent %s\n", ic->ic_name); 2126 ieee80211_runtask(ic, &ic->ic_parent_task); 2127 } 2128 } 2129 } 2130 2131 void 2132 ieee80211_stop(struct ieee80211vap *vap) 2133 { 2134 struct ieee80211com *ic = vap->iv_ic; 2135 2136 IEEE80211_LOCK(ic); 2137 ieee80211_stop_locked(vap); 2138 IEEE80211_UNLOCK(ic); 2139 } 2140 2141 /* 2142 * Stop all vap's running on a device. 2143 */ 2144 void 2145 ieee80211_stop_all(struct ieee80211com *ic) 2146 { 2147 struct ieee80211vap *vap; 2148 2149 IEEE80211_LOCK(ic); 2150 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) { 2151 struct ifnet *ifp = vap->iv_ifp; 2152 if (IFNET_IS_UP_RUNNING(ifp)) /* NB: avoid recursion */ 2153 ieee80211_stop_locked(vap); 2154 } 2155 IEEE80211_UNLOCK(ic); 2156 2157 ieee80211_waitfor_parent(ic); 2158 } 2159 2160 /* 2161 * Stop all vap's running on a device and arrange 2162 * for those that were running to be resumed. 2163 */ 2164 void 2165 ieee80211_suspend_all(struct ieee80211com *ic) 2166 { 2167 struct ieee80211vap *vap; 2168 2169 IEEE80211_LOCK(ic); 2170 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) { 2171 struct ifnet *ifp = vap->iv_ifp; 2172 if (IFNET_IS_UP_RUNNING(ifp)) { /* NB: avoid recursion */ 2173 vap->iv_flags_ext |= IEEE80211_FEXT_RESUME; 2174 ieee80211_stop_locked(vap); 2175 } 2176 } 2177 IEEE80211_UNLOCK(ic); 2178 2179 ieee80211_waitfor_parent(ic); 2180 } 2181 2182 /* 2183 * Start all vap's marked for resume. 2184 */ 2185 void 2186 ieee80211_resume_all(struct ieee80211com *ic) 2187 { 2188 struct ieee80211vap *vap; 2189 2190 IEEE80211_LOCK(ic); 2191 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) { 2192 struct ifnet *ifp = vap->iv_ifp; 2193 if (!IFNET_IS_UP_RUNNING(ifp) && 2194 (vap->iv_flags_ext & IEEE80211_FEXT_RESUME)) { 2195 vap->iv_flags_ext &= ~IEEE80211_FEXT_RESUME; 2196 ieee80211_start_locked(vap); 2197 } 2198 } 2199 IEEE80211_UNLOCK(ic); 2200 } 2201 2202 /* 2203 * Restart all vap's running on a device. 2204 */ 2205 void 2206 ieee80211_restart_all(struct ieee80211com *ic) 2207 { 2208 /* 2209 * NB: do not use ieee80211_runtask here, we will 2210 * block & drain net80211 taskqueue. 2211 */ 2212 taskqueue_enqueue(taskqueue_thread, &ic->ic_restart_task); 2213 } 2214 2215 void 2216 ieee80211_beacon_miss(struct ieee80211com *ic) 2217 { 2218 IEEE80211_LOCK(ic); 2219 if ((ic->ic_flags & IEEE80211_F_SCAN) == 0) { 2220 /* Process in a taskq, the handler may reenter the driver */ 2221 ieee80211_runtask(ic, &ic->ic_bmiss_task); 2222 } 2223 IEEE80211_UNLOCK(ic); 2224 } 2225 2226 static void 2227 beacon_miss(void *arg, int npending) 2228 { 2229 struct ieee80211com *ic = arg; 2230 struct ieee80211vap *vap; 2231 2232 IEEE80211_LOCK(ic); 2233 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) { 2234 /* 2235 * We only pass events through for sta vap's in RUN+ state; 2236 * may be too restrictive but for now this saves all the 2237 * handlers duplicating these checks. 2238 */ 2239 if (vap->iv_opmode == IEEE80211_M_STA && 2240 vap->iv_state >= IEEE80211_S_RUN && 2241 vap->iv_bmiss != NULL) 2242 vap->iv_bmiss(vap); 2243 } 2244 IEEE80211_UNLOCK(ic); 2245 } 2246 2247 static void 2248 beacon_swmiss(void *arg, int npending) 2249 { 2250 struct ieee80211vap *vap = arg; 2251 struct ieee80211com *ic = vap->iv_ic; 2252 2253 IEEE80211_LOCK(ic); 2254 if (vap->iv_state >= IEEE80211_S_RUN) { 2255 /* XXX Call multiple times if npending > zero? */ 2256 vap->iv_bmiss(vap); 2257 } 2258 IEEE80211_UNLOCK(ic); 2259 } 2260 2261 /* 2262 * Software beacon miss handling. Check if any beacons 2263 * were received in the last period. If not post a 2264 * beacon miss; otherwise reset the counter. 2265 */ 2266 void 2267 ieee80211_swbmiss(void *arg) 2268 { 2269 struct ieee80211vap *vap = arg; 2270 struct ieee80211com *ic = vap->iv_ic; 2271 2272 IEEE80211_LOCK_ASSERT(ic); 2273 2274 KASSERT(vap->iv_state >= IEEE80211_S_RUN, 2275 ("wrong state %d", vap->iv_state)); 2276 2277 if (ic->ic_flags & IEEE80211_F_SCAN) { 2278 /* 2279 * If scanning just ignore and reset state. If we get a 2280 * bmiss after coming out of scan because we haven't had 2281 * time to receive a beacon then we should probe the AP 2282 * before posting a real bmiss (unless iv_bmiss_max has 2283 * been artifiically lowered). A cleaner solution might 2284 * be to disable the timer on scan start/end but to handle 2285 * case of multiple sta vap's we'd need to disable the 2286 * timers of all affected vap's. 2287 */ 2288 vap->iv_swbmiss_count = 0; 2289 } else if (vap->iv_swbmiss_count == 0) { 2290 if (vap->iv_bmiss != NULL) 2291 ieee80211_runtask(ic, &vap->iv_swbmiss_task); 2292 } else 2293 vap->iv_swbmiss_count = 0; 2294 callout_reset(&vap->iv_swbmiss, vap->iv_swbmiss_period, 2295 ieee80211_swbmiss, vap); 2296 } 2297 2298 /* 2299 * Start an 802.11h channel switch. We record the parameters, 2300 * mark the operation pending, notify each vap through the 2301 * beacon update mechanism so it can update the beacon frame 2302 * contents, and then switch vap's to CSA state to block outbound 2303 * traffic. Devices that handle CSA directly can use the state 2304 * switch to do the right thing so long as they call 2305 * ieee80211_csa_completeswitch when it's time to complete the 2306 * channel change. Devices that depend on the net80211 layer can 2307 * use ieee80211_beacon_update to handle the countdown and the 2308 * channel switch. 2309 */ 2310 void 2311 ieee80211_csa_startswitch(struct ieee80211com *ic, 2312 struct ieee80211_channel *c, int mode, int count) 2313 { 2314 struct ieee80211vap *vap; 2315 2316 IEEE80211_LOCK_ASSERT(ic); 2317 2318 ic->ic_csa_newchan = c; 2319 ic->ic_csa_mode = mode; 2320 ic->ic_csa_count = count; 2321 ic->ic_flags |= IEEE80211_F_CSAPENDING; 2322 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) { 2323 if (vap->iv_opmode == IEEE80211_M_HOSTAP || 2324 vap->iv_opmode == IEEE80211_M_IBSS || 2325 vap->iv_opmode == IEEE80211_M_MBSS) 2326 ieee80211_beacon_notify(vap, IEEE80211_BEACON_CSA); 2327 /* switch to CSA state to block outbound traffic */ 2328 if (vap->iv_state == IEEE80211_S_RUN) 2329 ieee80211_new_state_locked(vap, IEEE80211_S_CSA, 0); 2330 } 2331 ieee80211_notify_csa(ic, c, mode, count); 2332 } 2333 2334 /* 2335 * Complete the channel switch by transitioning all CSA VAPs to RUN. 2336 * This is called by both the completion and cancellation functions 2337 * so each VAP is placed back in the RUN state and can thus transmit. 2338 */ 2339 static void 2340 csa_completeswitch(struct ieee80211com *ic) 2341 { 2342 struct ieee80211vap *vap; 2343 2344 ic->ic_csa_newchan = NULL; 2345 ic->ic_flags &= ~IEEE80211_F_CSAPENDING; 2346 2347 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) 2348 if (vap->iv_state == IEEE80211_S_CSA) 2349 ieee80211_new_state_locked(vap, IEEE80211_S_RUN, 0); 2350 } 2351 2352 /* 2353 * Complete an 802.11h channel switch started by ieee80211_csa_startswitch. 2354 * We clear state and move all vap's in CSA state to RUN state 2355 * so they can again transmit. 2356 * 2357 * Although this may not be completely correct, update the BSS channel 2358 * for each VAP to the newly configured channel. The setcurchan sets 2359 * the current operating channel for the interface (so the radio does 2360 * switch over) but the VAP BSS isn't updated, leading to incorrectly 2361 * reported information via ioctl. 2362 */ 2363 void 2364 ieee80211_csa_completeswitch(struct ieee80211com *ic) 2365 { 2366 struct ieee80211vap *vap; 2367 2368 IEEE80211_LOCK_ASSERT(ic); 2369 2370 KASSERT(ic->ic_flags & IEEE80211_F_CSAPENDING, ("csa not pending")); 2371 2372 ieee80211_setcurchan(ic, ic->ic_csa_newchan); 2373 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) 2374 if (vap->iv_state == IEEE80211_S_CSA) 2375 vap->iv_bss->ni_chan = ic->ic_curchan; 2376 2377 csa_completeswitch(ic); 2378 } 2379 2380 /* 2381 * Cancel an 802.11h channel switch started by ieee80211_csa_startswitch. 2382 * We clear state and move all vap's in CSA state to RUN state 2383 * so they can again transmit. 2384 */ 2385 void 2386 ieee80211_csa_cancelswitch(struct ieee80211com *ic) 2387 { 2388 IEEE80211_LOCK_ASSERT(ic); 2389 2390 csa_completeswitch(ic); 2391 } 2392 2393 /* 2394 * Complete a DFS CAC started by ieee80211_dfs_cac_start. 2395 * We clear state and move all vap's in CAC state to RUN state. 2396 */ 2397 void 2398 ieee80211_cac_completeswitch(struct ieee80211vap *vap0) 2399 { 2400 struct ieee80211com *ic = vap0->iv_ic; 2401 struct ieee80211vap *vap; 2402 2403 IEEE80211_LOCK(ic); 2404 /* 2405 * Complete CAC state change for lead vap first; then 2406 * clock all the other vap's waiting. 2407 */ 2408 KASSERT(vap0->iv_state == IEEE80211_S_CAC, 2409 ("wrong state %d", vap0->iv_state)); 2410 ieee80211_new_state_locked(vap0, IEEE80211_S_RUN, 0); 2411 2412 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) 2413 if (vap->iv_state == IEEE80211_S_CAC && vap != vap0) 2414 ieee80211_new_state_locked(vap, IEEE80211_S_RUN, 0); 2415 IEEE80211_UNLOCK(ic); 2416 } 2417 2418 /* 2419 * Force all vap's other than the specified vap to the INIT state 2420 * and mark them as waiting for a scan to complete. These vaps 2421 * will be brought up when the scan completes and the scanning vap 2422 * reaches RUN state by wakeupwaiting. 2423 */ 2424 static void 2425 markwaiting(struct ieee80211vap *vap0) 2426 { 2427 struct ieee80211com *ic = vap0->iv_ic; 2428 struct ieee80211vap *vap; 2429 2430 IEEE80211_LOCK_ASSERT(ic); 2431 2432 /* 2433 * A vap list entry can not disappear since we are running on the 2434 * taskqueue and a vap destroy will queue and drain another state 2435 * change task. 2436 */ 2437 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) { 2438 if (vap == vap0) 2439 continue; 2440 if (vap->iv_state != IEEE80211_S_INIT) { 2441 /* NB: iv_newstate may drop the lock */ 2442 vap->iv_newstate(vap, IEEE80211_S_INIT, 0); 2443 IEEE80211_LOCK_ASSERT(ic); 2444 vap->iv_flags_ext |= IEEE80211_FEXT_SCANWAIT; 2445 } 2446 } 2447 } 2448 2449 /* 2450 * Wakeup all vap's waiting for a scan to complete. This is the 2451 * companion to markwaiting (above) and is used to coordinate 2452 * multiple vaps scanning. 2453 * This is called from the state taskqueue. 2454 */ 2455 static void 2456 wakeupwaiting(struct ieee80211vap *vap0) 2457 { 2458 struct ieee80211com *ic = vap0->iv_ic; 2459 struct ieee80211vap *vap; 2460 2461 IEEE80211_LOCK_ASSERT(ic); 2462 2463 /* 2464 * A vap list entry can not disappear since we are running on the 2465 * taskqueue and a vap destroy will queue and drain another state 2466 * change task. 2467 */ 2468 TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next) { 2469 if (vap == vap0) 2470 continue; 2471 if (vap->iv_flags_ext & IEEE80211_FEXT_SCANWAIT) { 2472 vap->iv_flags_ext &= ~IEEE80211_FEXT_SCANWAIT; 2473 /* NB: sta's cannot go INIT->RUN */ 2474 /* NB: iv_newstate may drop the lock */ 2475 2476 /* 2477 * This is problematic if the interface has OACTIVE 2478 * set. Only the deferred ieee80211_newstate_cb() 2479 * will end up actually /clearing/ the OACTIVE 2480 * flag on a state transition to RUN from a non-RUN 2481 * state. 2482 * 2483 * But, we're not actually deferring this callback; 2484 * and when the deferred call occurs it shows up as 2485 * a RUN->RUN transition! So the flag isn't/wasn't 2486 * cleared! 2487 * 2488 * I'm also not sure if it's correct to actually 2489 * do the transitions here fully through the deferred 2490 * paths either as other things can be invoked as 2491 * part of that state machine. 2492 * 2493 * So just keep this in mind when looking at what 2494 * the markwaiting/wakeupwaiting routines are doing 2495 * and how they invoke vap state changes. 2496 */ 2497 2498 vap->iv_newstate(vap, 2499 vap->iv_opmode == IEEE80211_M_STA ? 2500 IEEE80211_S_SCAN : IEEE80211_S_RUN, 0); 2501 IEEE80211_LOCK_ASSERT(ic); 2502 } 2503 } 2504 } 2505 2506 static int 2507 _ieee80211_newstate_get_next_empty_slot(struct ieee80211vap *vap) 2508 { 2509 int nstate_num; 2510 2511 IEEE80211_LOCK_ASSERT(vap->iv_ic); 2512 2513 if (vap->iv_nstate_n >= NET80211_IV_NSTATE_NUM) 2514 return (-1); 2515 2516 nstate_num = vap->iv_nstate_b + vap->iv_nstate_n; 2517 nstate_num %= NET80211_IV_NSTATE_NUM; 2518 vap->iv_nstate_n++; 2519 2520 return (nstate_num); 2521 } 2522 2523 static int 2524 _ieee80211_newstate_get_next_pending_slot(struct ieee80211vap *vap) 2525 { 2526 int nstate_num; 2527 2528 IEEE80211_LOCK_ASSERT(vap->iv_ic); 2529 2530 KASSERT(vap->iv_nstate_n > 0, ("%s: vap %p iv_nstate_n %d\n", 2531 __func__, vap, vap->iv_nstate_n)); 2532 2533 nstate_num = vap->iv_nstate_b; 2534 vap->iv_nstate_b++; 2535 if (vap->iv_nstate_b >= NET80211_IV_NSTATE_NUM) 2536 vap->iv_nstate_b = 0; 2537 vap->iv_nstate_n--; 2538 2539 return (nstate_num); 2540 } 2541 2542 static int 2543 _ieee80211_newstate_get_npending(struct ieee80211vap *vap) 2544 { 2545 2546 IEEE80211_LOCK_ASSERT(vap->iv_ic); 2547 2548 return (vap->iv_nstate_n); 2549 } 2550 2551 /* 2552 * Handle post state change work common to all operating modes. 2553 */ 2554 static void 2555 ieee80211_newstate_cb(void *xvap, int npending) 2556 { 2557 struct ieee80211vap *vap = xvap; 2558 struct ieee80211com *ic = vap->iv_ic; 2559 enum ieee80211_state nstate, ostate; 2560 int arg, rc, nstate_num; 2561 2562 KASSERT(npending == 1, ("%s: vap %p with npending %d != 1\n", 2563 __func__, vap, npending)); 2564 IEEE80211_LOCK(ic); 2565 nstate_num = _ieee80211_newstate_get_next_pending_slot(vap); 2566 2567 /* 2568 * Update the historic fields for now as they are used in some 2569 * drivers and reduce code changes for now. 2570 */ 2571 vap->iv_nstate = nstate = vap->iv_nstates[nstate_num]; 2572 arg = vap->iv_nstate_args[nstate_num]; 2573 2574 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, 2575 "%s:%d: running state update %s -> %s (%d)\n", 2576 __func__, __LINE__, 2577 ieee80211_state_name[vap->iv_state], 2578 ieee80211_state_name[nstate], 2579 npending); 2580 2581 if (vap->iv_flags_ext & IEEE80211_FEXT_REINIT) { 2582 /* 2583 * We have been requested to drop back to the INIT before 2584 * proceeding to the new state. 2585 */ 2586 /* Deny any state changes while we are here. */ 2587 vap->iv_nstate = IEEE80211_S_INIT; 2588 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, 2589 "%s: %s -> %s arg %d -> %s arg %d\n", __func__, 2590 ieee80211_state_name[vap->iv_state], 2591 ieee80211_state_name[vap->iv_nstate], 0, 2592 ieee80211_state_name[nstate], arg); 2593 vap->iv_newstate(vap, vap->iv_nstate, 0); 2594 IEEE80211_LOCK_ASSERT(ic); 2595 vap->iv_flags_ext &= ~(IEEE80211_FEXT_REINIT | 2596 IEEE80211_FEXT_STATEWAIT); 2597 /* enqueue new state transition after cancel_scan() task */ 2598 ieee80211_new_state_locked(vap, nstate, arg); 2599 goto done; 2600 } 2601 2602 ostate = vap->iv_state; 2603 if (nstate == IEEE80211_S_SCAN && ostate != IEEE80211_S_INIT) { 2604 /* 2605 * SCAN was forced; e.g. on beacon miss. Force other running 2606 * vap's to INIT state and mark them as waiting for the scan to 2607 * complete. This insures they don't interfere with our 2608 * scanning. Since we are single threaded the vaps can not 2609 * transition again while we are executing. 2610 * 2611 * XXX not always right, assumes ap follows sta 2612 */ 2613 markwaiting(vap); 2614 } 2615 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, 2616 "%s: %s -> %s arg %d\n", __func__, 2617 ieee80211_state_name[ostate], ieee80211_state_name[nstate], arg); 2618 2619 rc = vap->iv_newstate(vap, nstate, arg); 2620 IEEE80211_LOCK_ASSERT(ic); 2621 vap->iv_flags_ext &= ~IEEE80211_FEXT_STATEWAIT; 2622 if (rc != 0) { 2623 /* State transition failed */ 2624 KASSERT(rc != EINPROGRESS, ("iv_newstate was deferred")); 2625 KASSERT(nstate != IEEE80211_S_INIT, 2626 ("INIT state change failed")); 2627 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, 2628 "%s: %s returned error %d\n", __func__, 2629 ieee80211_state_name[nstate], rc); 2630 goto done; 2631 } 2632 2633 /* 2634 * Handle the case of a RUN->RUN transition occuring when STA + AP 2635 * VAPs occur on the same radio. 2636 * 2637 * The mark and wakeup waiting routines call iv_newstate() directly, 2638 * but they do not end up deferring state changes here. 2639 * Thus, although the VAP newstate method sees a transition 2640 * of RUN->INIT->RUN, the deferred path here only sees a RUN->RUN 2641 * transition. If OACTIVE is set then it is never cleared. 2642 * 2643 * So, if we're here and the state is RUN, just clear OACTIVE. 2644 * At some point if the markwaiting/wakeupwaiting paths end up 2645 * also invoking the deferred state updates then this will 2646 * be no-op code - and also if OACTIVE is finally retired, it'll 2647 * also be no-op code. 2648 */ 2649 if (nstate == IEEE80211_S_RUN) { 2650 /* 2651 * OACTIVE may be set on the vap if the upper layer 2652 * tried to transmit (e.g. IPv6 NDP) before we reach 2653 * RUN state. Clear it and restart xmit. 2654 * 2655 * Note this can also happen as a result of SLEEP->RUN 2656 * (i.e. coming out of power save mode). 2657 * 2658 * Historically this was done only for a state change 2659 * but is needed earlier; see next comment. The 2nd half 2660 * of the work is still only done in case of an actual 2661 * state change below. 2662 */ 2663 /* 2664 * Unblock the VAP queue; a RUN->RUN state can happen 2665 * on a STA+AP setup on the AP vap. See wakeupwaiting(). 2666 */ 2667 vap->iv_ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 2668 2669 /* 2670 * XXX TODO Kick-start a VAP queue - this should be a method! 2671 */ 2672 } 2673 2674 /* No actual transition, skip post processing */ 2675 if (ostate == nstate) 2676 goto done; 2677 2678 if (nstate == IEEE80211_S_RUN) { 2679 2680 /* bring up any vaps waiting on us */ 2681 wakeupwaiting(vap); 2682 } else if (nstate == IEEE80211_S_INIT) { 2683 /* 2684 * Flush the scan cache if we did the last scan (XXX?) 2685 * and flush any frames on send queues from this vap. 2686 * Note the mgt q is used only for legacy drivers and 2687 * will go away shortly. 2688 */ 2689 ieee80211_scan_flush(vap); 2690 2691 /* 2692 * XXX TODO: ic/vap queue flush 2693 */ 2694 } 2695 done: 2696 IEEE80211_UNLOCK(ic); 2697 } 2698 2699 /* 2700 * Public interface for initiating a state machine change. 2701 * This routine single-threads the request and coordinates 2702 * the scheduling of multiple vaps for the purpose of selecting 2703 * an operating channel. Specifically the following scenarios 2704 * are handled: 2705 * o only one vap can be selecting a channel so on transition to 2706 * SCAN state if another vap is already scanning then 2707 * mark the caller for later processing and return without 2708 * doing anything (XXX? expectations by caller of synchronous operation) 2709 * o only one vap can be doing CAC of a channel so on transition to 2710 * CAC state if another vap is already scanning for radar then 2711 * mark the caller for later processing and return without 2712 * doing anything (XXX? expectations by caller of synchronous operation) 2713 * o if another vap is already running when a request is made 2714 * to SCAN then an operating channel has been chosen; bypass 2715 * the scan and just join the channel 2716 * 2717 * Note that the state change call is done through the iv_newstate 2718 * method pointer so any driver routine gets invoked. The driver 2719 * will normally call back into operating mode-specific 2720 * ieee80211_newstate routines (below) unless it needs to completely 2721 * bypass the state machine (e.g. because the firmware has it's 2722 * own idea how things should work). Bypassing the net80211 layer 2723 * is usually a mistake and indicates lack of proper integration 2724 * with the net80211 layer. 2725 */ 2726 int 2727 ieee80211_new_state_locked(struct ieee80211vap *vap, 2728 enum ieee80211_state nstate, int arg) 2729 { 2730 struct ieee80211com *ic = vap->iv_ic; 2731 struct ieee80211vap *vp; 2732 enum ieee80211_state ostate; 2733 int nrunning, nscanning, nstate_num; 2734 2735 IEEE80211_LOCK_ASSERT(ic); 2736 2737 if (vap->iv_flags_ext & IEEE80211_FEXT_STATEWAIT) { 2738 if (vap->iv_nstate == IEEE80211_S_INIT || 2739 ((vap->iv_state == IEEE80211_S_INIT || 2740 (vap->iv_flags_ext & IEEE80211_FEXT_REINIT)) && 2741 vap->iv_nstate == IEEE80211_S_SCAN && 2742 nstate > IEEE80211_S_SCAN)) { 2743 /* 2744 * XXX The vap is being stopped/started, 2745 * do not allow any other state changes 2746 * until this is completed. 2747 */ 2748 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, 2749 "%s:%d: %s -> %s (%s) transition discarded\n", 2750 __func__, __LINE__, 2751 ieee80211_state_name[vap->iv_state], 2752 ieee80211_state_name[nstate], 2753 ieee80211_state_name[vap->iv_nstate]); 2754 return -1; 2755 } 2756 } 2757 2758 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, 2759 "%s:%d: starting state update %s -> %s (%s)\n", 2760 __func__, __LINE__, 2761 ieee80211_state_name[vap->iv_state], 2762 ieee80211_state_name[vap->iv_nstate], 2763 ieee80211_state_name[nstate]); 2764 2765 nrunning = nscanning = 0; 2766 /* XXX can track this state instead of calculating */ 2767 TAILQ_FOREACH(vp, &ic->ic_vaps, iv_next) { 2768 if (vp != vap) { 2769 if (vp->iv_state >= IEEE80211_S_RUN) 2770 nrunning++; 2771 /* XXX doesn't handle bg scan */ 2772 /* NB: CAC+AUTH+ASSOC treated like SCAN */ 2773 else if (vp->iv_state > IEEE80211_S_INIT) 2774 nscanning++; 2775 } 2776 } 2777 /* 2778 * Look ahead for the "old state" at that point when the last queued 2779 * state transition is run. 2780 */ 2781 if (vap->iv_nstate_n == 0) { 2782 ostate = vap->iv_state; 2783 } else { 2784 nstate_num = (vap->iv_nstate_b + vap->iv_nstate_n - 1) % NET80211_IV_NSTATE_NUM; 2785 ostate = vap->iv_nstates[nstate_num]; 2786 } 2787 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, 2788 "%s: %s -> %s (arg %d) (nrunning %d nscanning %d)\n", __func__, 2789 ieee80211_state_name[ostate], ieee80211_state_name[nstate], arg, 2790 nrunning, nscanning); 2791 switch (nstate) { 2792 case IEEE80211_S_SCAN: 2793 if (ostate == IEEE80211_S_INIT) { 2794 /* 2795 * INIT -> SCAN happens on initial bringup. 2796 */ 2797 KASSERT(!(nscanning && nrunning), 2798 ("%d scanning and %d running", nscanning, nrunning)); 2799 if (nscanning) { 2800 /* 2801 * Someone is scanning, defer our state 2802 * change until the work has completed. 2803 */ 2804 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, 2805 "%s: defer %s -> %s\n", 2806 __func__, ieee80211_state_name[ostate], 2807 ieee80211_state_name[nstate]); 2808 vap->iv_flags_ext |= IEEE80211_FEXT_SCANWAIT; 2809 return 0; 2810 } 2811 if (nrunning) { 2812 /* 2813 * Someone is operating; just join the channel 2814 * they have chosen. 2815 */ 2816 /* XXX kill arg? */ 2817 /* XXX check each opmode, adhoc? */ 2818 if (vap->iv_opmode == IEEE80211_M_STA) 2819 nstate = IEEE80211_S_SCAN; 2820 else 2821 nstate = IEEE80211_S_RUN; 2822 #ifdef IEEE80211_DEBUG 2823 if (nstate != IEEE80211_S_SCAN) { 2824 IEEE80211_DPRINTF(vap, 2825 IEEE80211_MSG_STATE, 2826 "%s: override, now %s -> %s\n", 2827 __func__, 2828 ieee80211_state_name[ostate], 2829 ieee80211_state_name[nstate]); 2830 } 2831 #endif 2832 } 2833 } 2834 break; 2835 case IEEE80211_S_RUN: 2836 if (vap->iv_opmode == IEEE80211_M_WDS && 2837 (vap->iv_flags_ext & IEEE80211_FEXT_WDSLEGACY) && 2838 nscanning) { 2839 /* 2840 * Legacy WDS with someone else scanning; don't 2841 * go online until that completes as we should 2842 * follow the other vap to the channel they choose. 2843 */ 2844 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, 2845 "%s: defer %s -> %s (legacy WDS)\n", __func__, 2846 ieee80211_state_name[ostate], 2847 ieee80211_state_name[nstate]); 2848 vap->iv_flags_ext |= IEEE80211_FEXT_SCANWAIT; 2849 return 0; 2850 } 2851 if (vap->iv_opmode == IEEE80211_M_HOSTAP && 2852 IEEE80211_IS_CHAN_DFS(ic->ic_bsschan) && 2853 (vap->iv_flags_ext & IEEE80211_FEXT_DFS) && 2854 !IEEE80211_IS_CHAN_CACDONE(ic->ic_bsschan)) { 2855 /* 2856 * This is a DFS channel, transition to CAC state 2857 * instead of RUN. This allows us to initiate 2858 * Channel Availability Check (CAC) as specified 2859 * by 11h/DFS. 2860 */ 2861 nstate = IEEE80211_S_CAC; 2862 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, 2863 "%s: override %s -> %s (DFS)\n", __func__, 2864 ieee80211_state_name[ostate], 2865 ieee80211_state_name[nstate]); 2866 } 2867 break; 2868 case IEEE80211_S_INIT: 2869 /* cancel any scan in progress */ 2870 ieee80211_cancel_scan(vap); 2871 if (ostate == IEEE80211_S_INIT ) { 2872 /* XXX don't believe this */ 2873 /* INIT -> INIT. nothing to do */ 2874 vap->iv_flags_ext &= ~IEEE80211_FEXT_SCANWAIT; 2875 } 2876 /* fall thru... */ 2877 default: 2878 break; 2879 } 2880 /* 2881 * Defer the state change to a thread. 2882 * We support up-to NET80211_IV_NSTATE_NUM pending state changes 2883 * using a separate task for each. Otherwise, if we enqueue 2884 * more than one state change they will be folded together, 2885 * npedning will be > 1 and we may run then out of sequence with 2886 * other events. 2887 * This is kind-of a hack after 10 years but we know how to provoke 2888 * these cases now (and seen them in the wild). 2889 */ 2890 nstate_num = _ieee80211_newstate_get_next_empty_slot(vap); 2891 if (nstate_num == -1) { 2892 /* 2893 * This is really bad and we should just go kaboom. 2894 * Instead drop it. No one checks the return code anyway. 2895 */ 2896 ic_printf(ic, "%s:%d: pending %s -> %s (now to %s) " 2897 "transition lost. %d/%d pending state changes:\n", 2898 __func__, __LINE__, 2899 ieee80211_state_name[vap->iv_state], 2900 ieee80211_state_name[vap->iv_nstate], 2901 ieee80211_state_name[nstate], 2902 _ieee80211_newstate_get_npending(vap), 2903 NET80211_IV_NSTATE_NUM); 2904 2905 return (EAGAIN); 2906 } 2907 vap->iv_nstates[nstate_num] = nstate; 2908 vap->iv_nstate_args[nstate_num] = arg; 2909 vap->iv_flags_ext |= IEEE80211_FEXT_STATEWAIT; 2910 ieee80211_runtask(ic, &vap->iv_nstate_task[nstate_num]); 2911 return EINPROGRESS; 2912 } 2913 2914 int 2915 ieee80211_new_state(struct ieee80211vap *vap, 2916 enum ieee80211_state nstate, int arg) 2917 { 2918 struct ieee80211com *ic = vap->iv_ic; 2919 int rc; 2920 2921 IEEE80211_LOCK(ic); 2922 rc = ieee80211_new_state_locked(vap, nstate, arg); 2923 IEEE80211_UNLOCK(ic); 2924 return rc; 2925 } 2926