I'm teaching my ath10k port to communicate up the per-rate / channel width
information I get from the firmware.
The HT40 flag field should just be retired and instead moved to use the
PHY bandwidth field.
* ic_freq is the centre of the primary channel, not the centre of the
HT40/HT80/etc channel. Add a method to access that.
* Add a method to access the centre of the primary channel, including
knowing the centre of the 5/10/20/40/80, versus the primary channel.
Ie, it's the centre of the 40, 80, 160MHz channel.
* Add a method to access the centre frequency of the secondary 80MHz
channel - we don't support VHT yet, but when we do.
* Add methods to access the current channel and the per-dev desired
channel. Ideally drivers that do full offload with a per-vap channel
configuration should use the vap channel, NOT ic_curchan.
Non-offload drivers that require net80211 to change the channel should
be accessing ic_curchan.
TODO:
* drink real coffee before committing in the morning, or there's a high
risk of more obviously self-evident commits being turned into attempts
at humour.
Reported by: cem, Coverity CID 1366219
This just stores pointers to the IE; it doesn't yet parse anything.
Note: it blows out the size of ieee80211_node, so this will require
ye olde kernel/modules recompile.
* Pepper comments around which describe what state(s) we're in when faking
up 11n nodes.
* By default don't fake it up as 11n until we properly negotiate the 11n
capabilities using probe request/response frames.
* Send a probe request with our HT information, as the 802.11-2012 spec
suggests.
* Reassociate with the driver if we've been promoted.
This is done because although learning a peer via beacons can learn 11n
state, learning peers via hearing probe frames and broadcast frames
does not. Thus, sometimes you end up with an 11n peer in the peer
table and sometimes you don't.
Note that the probe request/response exchange may not actually succeed.
Ideally we'd put the peer into some blocking state until we've exchanged
probe request/reponse to learn capabilities, or we timeout and just
stay non-11n.
This is more an experiment to get 11n IBSS nodes actually discovering
each other and be able to transmit. There are other issues that creep
up which I'll attempt to address in future commits.
Tested:
* AR9380 NICs in 11n mode.
Reviewed by: avos
Differential Revision: https://reviews.freebsd.org/D8365
* teach the crypto modules about receive offload - although I have
to do some further reviewing in places where we /can't/ have an RX key
* teach the RX data path about receive offload encryption - check the flag,
handle NULL key, do decap and checking as appropriate.
Tested:
* iwn(4), STA mode
* ath(4), STA and AP mode
* ath10k port, STA mode (hardware encryption)
Reviewed by: avos
Differential Revision: https://reviews.freebsd.org/D8533
If full-offload scan is used, the NIC driver (or rather the firmware of
the NIC) should take care of interrupting and continuing the background
scan. So net80211 should ignore the vap->iv_bgscanidle setting then, instead
the NIC driver might look at this setting and pass it on to the firmware
in some way if possible.
Since full-offload scans won't be explicitly interrupted by net80211, it
also doesn't really make sense to check the vap->iv_bgscanidle condition
in that case, before starting a background scan. If the NIC driver
advertises background scan support and full-offload scanning, the firmware
should be able to execute that scan without interfering too much with our
data traffic.
Reviewed by: adrian, avos
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D8539
The 802.11-2012 specification notes that a subset of IEs should be present
in IBSS probe requests. This is what (initially) allows nodes to discover
that other nodes are 11n capable. Notably - HTCAP, but not HTINFO.
This isn't everything required to reliably enable 11n between net80211
peers; there's more work to come.
Tested:
* AR9380, IBSS+11n mode
Unfortunately (sigh) some firmware doesn't provide the RX BA starting point,
so we need to cope and set a "close enough" sequence number so we (hopefully!)
don't discard frames as duplicates.
Tested:
* QCA9880v2, athp driver (under development), STA mode
Also - allow driver specific bits to be added, rather than just net80211.
This still isn't as useful as it should be by default; it needs to
be a standalone struct/instance so it can be done before net80211
registration occurs, and it can log per-device items.
But, it's getting there.
* extend the keycache flag word to be 32 bits, not 16 bits
* add new key flags for transmit:
+ IEEE80211_KEY_NOIV: Don't insert IV in the payload when transmitting data frames;
+ IEEE80211_KEY_NOIVMGT: Don't insert IV in the payload when transmitting MIC frames;
+ IEEE80211_KEY_NOMIC: Don't insert MIC in the payload when transmitting data frames;
+ IEEE80211_KEY_NOMICMGT: don't insert MIC in the payload when transmitting management
frames.
* teach ieee80211_crypto_demic() about hardware decrypted frames:
+ if frames are hardware decrypted and the frame has failed MIC, treat it as a
michael failure.
+ if frames are hardware decrypted and the frame has stripped MIC, we can't check the
MIC in the payload - we don't have anything to compare it against.
This is only part of the work required to successfully transmit/receive
hardware crypto frames such as the qualcomm atheros 11ac offload chips.
There will be further work in the transmit and receive path before this
can be done by default.
Reviewed by: avos
Differential Revision: https://reviews.freebsd.org/D8364
This is a very simple addition to the net80211 scan support.
It doesn't implement a replacement scan interface - it just disables
the pieces that we should disable to make this lifecycle a bit
more managable.
There's more work to come before full scan offload support is available
but it should be good enough for driver work.
* add a flag to say "full offload"
* don't do probe requests when scanning full-offload - firmware can do that
* don't do powersave transitions and buffering - firmware can do that
tested:
* iwm(4) - STA mode
* ath10k port (local, not in freebsd-head yet)
Reviewed by: avos
Differential Revision: https://reviews.freebsd.org/D8262
to ieee80211_add_rx_params() + drop last (ieee80211_rx_stats) parameter
Note: there is an additional check for ieee80211_get_rx_params()
return value (which does not exist in the original diff).
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D8207
There are a variety of more interesting RX statistics that we should
keep track of but we don't. This is a starting point for adding more
information.
Specifically:
* now the RX rate information and some of the packet status is
passed up;
* The 32 bit or 64 bit TSF is passed up;
* the PHY mode is passed up;
* the "I'm decap'ed AMSDU!" state is passed up;
* number of RX chains is bumped to 4.
This is all mostly a placeholder for getting the data into the RX status
before we pass it up to net80211 - unfortunately we don't yet enforce
that drivers provide it, nor do we pass the provided info back up the
stack so anyone can use the data.
We're going to need to use some of this data moving forward.
Notably, now that some hardware can do AMSDU decap for us (the intel iwm
driver can do it when we flip it on; the ath10k port I'm doing does
it for us) then we need to pass it up through the stack so the duplicate
RX sequence numbers and crypto/IV details don't cause the packet to
be dropped and/or counted against a replay counter.
It's also the beginning of being able to do more interesting node
accounting in net80211. Specifically, once drivers start populating
per-packet rate information, AMPDU information, timestamps, etc,
we can start providing histograms of rate-versus-RSSI, account
for receive time spent per node and other such interesting things.
(Note: I'm also hoping to include ranging and RTT information for
future chipset support; and it's likely going to include it in
this kind of fashion.)
Replace various void * / int argument combinations with common structures:
- ieee80211_ratectl_tx_status for *_tx_complete();
- ieee80211_ratectl_tx_stats for *_tx_update();
While here, improve amrr_tx_update() for a bit:
1. In case, if receiver is not known (typical for Ralink USB drivers),
refresh Tx rate for all nodes on the interface.
2. There was a misuse:
- otus(4) sends non-decreasing counters (as originally intended);
- but ural(4), rum(4) and run(4) are using 'read & clear' registers
to obtain statistics for some period of time (and those 'last period'
values are used as arguments for tx_update()). If arguments are not big
enough, they are just discarded after the next call.
Fix: move counting into *_tx_update()
(now otus(4) will zero out all node counters after every tx_update() call)
Tested with:
- Intel 3945BG (wpi(4)), STA mode.
- WUSB54GC (rum(4)), STA / HOSTAP mode.
- RTL8188EU (urtwn(4)), STA mode.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D8037
- Add a counter into 'struct ieee80211_node_table' to save current number
of allocated nodes.
(allows to remove array overflow checking in ieee80211_iterate_nodes()).
- Add ieee80211_iterate_nodes_vap() function; unlike non-vap version,
it iterates on nodes for specified vap only.
In addition to the above:
- Remove ieee80211_iterate_nt(); it is not used by drivers / net80211
outside ieee80211_iterate_nodes() function + cannot be separated due
to structural changes in code.
Since size of 'struct ieee80211_node_table' (part of ieee80211com,
which is a part of driver's softc) is changed all wireless drivers /
kernel need to be recompiled.
Tested with wpi(4), STA mode.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D7996
Restore pre-r300383 behavior when a frame is sent:
- stop scan;
- send frame;
- when beacon arrives and our bit in TIM is not set - restart the scan.
NOTE:
Ideally, this should introduce new interface (ieee80211_pause_anyscan());
however, since ieee80211_cancel_anyscan() is not used by drivers and only
called by ieee80211_start_pkt() the current patch overrides it's behavior
instead.
Tested with Intel 3945BG, STA mode
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D7979
The adhoc probe/beacon input path was creating nodes for all SSIDs.
This wasn't a problem when the NICs were configured to only process
frames for the current BSSID, but that didn't allow IBSS merges.
Once avos and I flipped on "beacons from all BSSIDs" to allow for
correct IBSS merging, we found this interesting behaviour.
This adds a check against the current SSID.
* If there's no VAP SSID, allow anything
* If there's a VAP SSID, check if the incoming frame has a suitable
SSID and if so, allow it.
This prevents nodes being created for other SSIDs in probe and beacon
frames - ie, beacons overlapping IBSSes with different SSIDs, and
probe requests from arbitrary devices.
Tested:
* AR9380, IBSS mode, both local and other IBSSes.
Reviewed by: avos
Differential Revision: https://reviews.freebsd.org/D7959
IBSS negotiation is a subset of the STA/AP negotiation. We always have a
current channel, so base the HT capabilities on the current channel.
This is then put into IBSS probe requests to inform peers of our
11n capabilities.
Add IEEE80211_KEY_SWCRYPT / IEEE80211_KEY_SWMIC bits to the
IEEE80211_KEY_DEVICE mask - as a result, those bits will be preserved
during group key handshake.
A driver can override them in iv_key_alloc() for some keys in case
when hardware crypto support is not possible. As an example:
- multi-vap without multicast key search support;
- IBSS RSN for devices w/ fixed storage for group keys;
Tested with RTL8188EU (AP, sw crypto) and
RTL8821AU (STA, sw crypto for group keys + hw crypto for pairwise keys)
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D7901
- Add few checks for group/pairwise ciphers into
ieee80211_parse_{wpa,rsn}().
- Split error code and cipher value in wpa_cipher() / rsn_cipher(); current
hack with (1 << 32) does not work - it's 1, not 0 (detected by CSA).
- Return IEEE80211_REASON_UNSUPP_RSN_IE_VERSION instead of
IEEE80211_REASON_IE_INVALID when version field is not equal to RSN_VERSION.
Tested with wpi(4) / urtwn(4) (HOSTAP mode).
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D7887
In case if there is already running interface, a second non-sta
interface will omit scanning, going directly to RUN state. Handle
this case for adhoc mode appropriately.
Tested with RTL8821AU, 2 vaps in IBSS mode.
Uses of commas instead of a semicolons can easily go undetected. The comma
can serve as a statement separator but this shouldn't be abused when
statements are meant to be standalone.
Detected with devel/coccinelle following a hint from DragonFlyBSD.
MFC after: 1 month
turn them into a shared definition.
Set M_MCAST/M_BCAST appropriately upon packet reception in net80211, just
before they are delivered up to the ethernet stack.
Submitted by: rstone
Add new lock for stageq (part of ieee80211_superg structure) and
ni_tx_superg (part of ieee80211_node structure);
drop com_lock protection where it is used to protect them.
While here, drop duplicate OPACKETS counter incrementation.
ni_tx_ampdu is not protected with it (however, it is also used without
locking in other places; probably, it requires some other solution
to be thread-safe).
Tested with RTL8188CUS (AP) and RTL8188EU (STA).
NOTE: Since this change breaks KBI, all wireless drivers need to be
recompiled.
Reviewed by: adrian
Approved by: re (gjb)
Differential Revision: https://reviews.freebsd.org/D6958
avos@ pointed out to me that this broke IBSS merging because the rest of
the input path no longer was called for non-IBSS frames.
I committed a change to not input non-IBSS frames, which stopped
nodes being created for BSSes that weren't ours. Unfortunately
thta stopped the input path for non-IBSS frames in general,
so the management input path didn't work.
So, I'll revert this until I come up with a better solution.
(Hopefully before 11.)
Reviewed by: avos
Approved by: re (gjb)
Drop scan generation number and node table scan lock - the only place
where ni_scangen is checked is in ieee80211_timeout_stations() (and it
is used to prevent duplicate checking of the same node); node scan lock
protects only this variable + node table scan generation number.
This will fix (at least) next LOR (hostap mode):
lock order reversal:
1st 0xc175f84c urtwm0_scan_loc (urtwm0_scan_loc) @ /usr/src/sys/modules/wlan/../../net80211/ieee80211_node.c:2019
2nd 0xc175e018 urtwm0_com_lock (urtwm0_com_lock) @ /usr/src/sys/modules/wlan/../../net80211/ieee80211_node.c:2693
stack backtrace:
#0 0xa070d1c5 at witness_debugger+0x75
#1 0xa070d0f6 at witness_checkorder+0xd46
#2 0xa0694cce at __mtx_lock_flags+0x9e
#3 0xb03ad9ef at ieee80211_node_leave+0x12f
#4 0xb03afd13 at ieee80211_timeout_stations+0x483
#5 0xb03aa1c2 at ieee80211_node_timeout+0x42
#6 0xa06c6fa1 at softclock_call_cc+0x1e1
#7 0xa06c7518 at softclock+0xc8
#8 0xa06789ae at intr_event_execute_handlers+0x8e
#9 0xa0678fa0 at ithread_loop+0x90
#10 0xa0675fbe at fork_exit+0x7e
#11 0xa08af910 at fork_trampoline+0x8
In addition to the above:
* switch to ieee80211_iterate_nodes();
* do not assert that node table lock is held, while calling node_age();
that's not really needed (there are no resources, which can be protected
by this lock) + this fixes LOR/deadlock between ieee80211_timeout_stations()
and ieee80211_set_tim() (easy to reproduce in HOSTAP mode while
sending something to an STA with enabled power management).
Tested:
* (avos) urtwn0, hostap mode
* (adrian) AR9380, STA mode
* (adrian) AR9380, AR9331, AR9580, hostap mode
Notes:
* This changes the net80211 internals, so you have to recompile all of it
and the wifi drivers.
Submitted by: avos
Approved by: re (delphij)
Differential Revision: https://reviews.freebsd.org/D6833
Do not try to pass such frames; a correct frame cannot be smaller than
(the corresponding) header size.
(for wpi(4) an additional check was added in r289012).
PR: 144987
Remove 'if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1);' from raw xmit
and apbridge path; it will be incremented by ieee80211_tx_complete()
after packet transmission.
Noticed by: Imre Vadasz <imre@vdsz.com>
- Assign frame sequence/fragment number before frame concatenation;
otherwise, frame header pointer (wh) will be invalid.
- Move this code block upper and eliminate duplicate 'lwh = mtod()'
assignment.
Tested with wpi(4) (transmitter) (STA mode) and urtwn(4) (receiver)
(HOSTAP mode).
Change default regulatory domain from DEBUG (no limitations;
exposes all device channels) to FCC; as a result, newly created wireless
interface with default settings will have less chances to violate
country-specific regulations.
This change will not affect drivers with pre-initialized regdomain
structure (currentry ath(4) and mwl(4)); in that case, the default
channel list must correspond to the default regdomain / country setting.
You can switch to another regdomain / country via corresponding
ifconfig(8) options; the driver must implement ic_getradiocaps()
method to restore full channel list.
Full country / regdomain list may be obtained via
'ifconfig <iface> list countries' command.
Example: change country to Germany:
ifconfig wlan0 down # all wlans on the device must be down
ifconfig wlan0 country DE
ifconfig wlan0 up
# wpa_supplicant(8), dhclient(8) etc
At the creation time:
ifconfig wlan0 create wlandev wpi0 country DE
To make changes permanent add the following line to the rc.conf(5):
create_args_wlan0="country DE"
Tested with
- Intel 3945BG (wpi(4)).
- WUSB54GC (rum(4)).
Reviewed by: adrian
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D6228
wpa_supplicant(8) expects to see 'scan complete' event after every
scan command; in case, when event is not sent it will hang for
indefinite time.
PR: 209198
Do not try to start a scan when interface is not running.
How-to-reproduce:
1) ifconfig wlan0 create wlandev urtwn0
2) wlandebug -i wlan0 state
3) ifconfig wlan0 scan
ieee80211.c:
add_chanlist(): 'error' variable will be uninitialized if
no channels were passed; return '0' instead.
ieee80211_action.c:
ieee80211_send_action_register(): drop 'break' after 'return'.
ieee80211_crypto_none.c:
none_encap(): 'keyid' is not used in non-debug builds; hide it
behind IEEE80211_DEBUG ifdef.
ieee80211_freebsd.c:
Staticize global 'ieee80211_debug' variable (used only in this
file).
ieee80211_hostap.c:
Fix a comment (associatio -> association).
ieee80211_ht.c:
ieee80211_setup_htrates(): initialize 'maxunequalmcs' to 0 to mute
compiler warning.
ieee80211_hwmp.c:
hwmp_recv_preq(): copy 'prep' between conditional blocks to fix
-Wshadow warning.
ieee80211_mesh.c:
mesh_newstate(): remove duplicate 'ni' definition.
mesh_recv_group_data(): fix -Wempty-body warning in non-debug
builds.
ieee80211_phy.c:
ieee80211_compute_duration(): remove 'break' after panic() call.
ieee80211_scan_sta.c:
Hide some TDMA-specific macros under IEEE80211_SUPPORT_TDMA ifdef
adhoc_pick_bss(): remove 'ic' pointer redefinition.
ieee80211_sta.c:
sta_beacon_miss(): remove 'ic' pointer redefinition.
ieee80211_superg.c:
superg_ioctl_set80211(): drop unreachable return.
Tested with clang 3.8.0, gcc 4.6.4 and gcc 5.3.0.
Replace ifnet list lookup (which is broken since r287197, because
IFT_IEEE80211 type is not used anymore) with iteration on
ieee80211com list.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D6419
again hopefully.
Rather than blindly removing a supposedly unused variable as reported by
the Clang Static Analyzer, inspect the code and hide them with proper
#ifdefs as they are used in certain conditional parts of the code.
This change adds few methods for net80211 channel table setup:
- ieee80211_add_channel()
- ieee80211_add_channel_ht40()
(primarily for drivers, that parse EEPROM to get channel list -
they will allow to hide implementation details).
- ieee80211_add_channel_list_2ghz()
- ieee80211_add_channel_list_5ghz()
(mostly as a replacement for ieee80211_init_channels() - they will allow
to specify non-default channel list; may be used in ic_getradiocaps()).
Tested with wpi(4) (add_channel) and rum(4) (add_channel_list_2ghz).
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D6124
We don't have a separate bss node; instead we dup the first node we saw
and turn that into the BSS node. This means that action frames from
that node would be rejected.
So, check that the node is the bss node /and/ the MAC doesn't match ni_macaddr.
That's the "right" way for now to verify it's an unknown node.
This fixes handling action frames in adhoc mode, which includes negotiating
11n aggregation via ADDBA/DELBA.
This by itself isn't enough to correctly create 11n adhoc networks; but
it is required for aggregation to be negotiated.
Tested:
* AR9380, 11n adhoc mode
* broadcom 11ac adhoc (vendor platform)
Sponsored by: Eva Automation, Inc.
This is in preparation for exposing configuring STBC flags up to ifconfig
so STBC TX/RX can be configured at runtime.
* Set the FHT_STBC flags for TX/RX if the HT capabilitiex exist
* Clear the RX STBC HT capability flag when creating a HTCAP IE, so
we only announce it if it's configured in the FHT flags.
Tested:
* AR9331 (carambola2), AP/STA modes
rounddown2 tends to produce longer lines than the original code
and when the code has a high indentation level it was not really
advantageous to do the replacement.
This tries to strike a balance between readability using the macros
and flexibility of having the expressions, so not everything is
converted.
ieee80211_scan_done().
Refresh comments that reference scan_next() method
(does not exist since r191746) + fix spelling of 'current'.
Differential Revision: https://reviews.freebsd.org/D5137
- Allow to enable/disable promiscuous mode when:
* interface is not a member of bridge, or;
* request was issued by user (ifconfig wlan0 promisc), or;
* interface is in MONITOR or AHDEMO mode.
- Drop local workarounds in mwl(4) and malo(4).
Tested with:
- Intel 3945BG, STA mode;
- RTL8188CUS, MONITOR mode;
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D5472
Hide subtype mask/shift (which is used for index calculation
in ieee80211_mgt_subtype_name[] array) in function call.
Tested with RTL8188CUS, STA mode.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D5369
le*dec / le*enc functions.
Replace net80211 specific macros with system-wide bytestream
encoding/decoding functions:
- LE_READ_2 -> le16dec
- LE_READ_4 -> le32dec
- LE_WRITE_2 -> le16enc
- LE_WRITE_4 -> le32enc
+ drop ieee80211_input.h include, where it was included for these
operations only.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D6030
Although we correctly (now!) calculate the right A-MPDU parameters, the
ioctl() has some faulty logic for choosing which to display. The BSS
params are what were advertised to us, and we would have chosen the
lower of theirs/ours when advertising the HT bits back at them.
So, we /should/ track and fix that so we display the correct A-MPDU
density and size.
However, since I'm a forgetful type, and I don't want to have to re-learn
that this is wrong, drop in a comment so I or someone else fixes it.
Or, when I discover this again in 4 years, I don't have to go digging
too much to remember.
I was seeing the stack constantly attempt to renegotiate A-MPDU TX
even after 3 failures. My hunch is that the direct ticks comparison
is failing around the ticks wrap-around point.
This failure shouldn't /really/ happen normally, but it turns out being
the IBSS master node on FreeBSD doesn't quite setup 11n right, so
negotiating A-MPDU TX fails.
It's 2016 and vendors (including us!) still have 802.11n TX/RX sequence
handling bugs. It's suboptimal, but I'd rather see us default to handling
things in a sensible way.
So, just delete the #ifdef'ed code for now. I'll leave the option in
so it doesn't break existing configurations.
This all started because I've started getting reports about urtwn not
working after I enabled 802.11n support, and it's because the ARM kernel
configs don't include A-MPDU RX aging.
This makes it easier to track which node is having what done do it
during normal use.
This is likely the eighth time I've done this since I started doing
net80211 development, so I think it's about time I just committed it.
The ath(4) driver now sees beacons and management frames for different
BSSIDs in IBSS mode, which is a problem when you're in a very busy
IBSS environment.
So, expose this function so drivers can use it to check if the current
RX node is actually for a BSS we need to pay attention to or not.
PR: kern/208644
Sponsored by: Eva Automation. Inc.
This prevents nodes being created for peers on BSSes that are not our own.
(Ie, same channel, IBSS, but different BSS.)
The "IBSS merge" thing was fixed by me enabling "see all beacons" in
the ath(4) driver a few months ago. Trouble is, we now need the filtering
again.
Tested:
* ath(4), IBSS, on a very busy IBSS channel with lots (> 15) IBSS networks.
PR: kern/208643
Sponsored by: Eva Automation, Inc.
A-MSDU is another 11n aggregation mechanism where multiple ethernet
frames get LLC encapsulated (so they have a length field), padded,
and put in a single MPDU (802.11 MAC frame.) This means it gets sent
out as a single frame, with a single seqno, it's acked as one frame, etc.
It turns out that, hah, atheros fast frames is almost but not quite
like this, so I'm reusing all of the current superg/fast-frames stuff
in order to actually transmit A-MSDU. Yes, this means that A-MSDU
frames are also only aggregated two at a time, so it's not necessarily
a huge win, but it's better than nothing.
This doesn't do anything by default - the driver needs to say it does
A-MSDU as well as set the AMSDU software TX capability so this code path
gets exercised.
For now, the only driver that enables this is urtwn. I'll enable it
for rsu at some point soon.
Tested:
* Add an amsdu encap path to aggregate two frames, same as the
fast-frames path.
* Always do the superg init/teardown and node init/teardown stuff,
regardless of whether the nodes are doing fast-frames (the ATH
capability stuff.) That way we can reuse it for amsdu.
* Don't do AMSDU for multicast/broadcast and EAPOL frames.
* If we're doing A-MPDU, then don't bother doing FF/A-MSDU.
We can likely do both together, but I don't want to change
behaviour.
* Teach the fast frames approx txtime logic to support the 11n
rates. But, since we don't currently have a full "current rate"
support, assume it's HT20, long-gi, etc. That way we overshoot
on the TX time estimation, so we're always inside the requirements.
(And we only aggregate two frames for now, so we're not really
going to exceed that.)
* Drop the maximum FF age default down to 2ms, otherwise we end up
with some very annoyingly large latencies.
TODO:
* We only aggregate two ethernet frames, so I'm not checking the max
A-MSDU size. But when it comes time to support >2 frames, we should
obey that.
Tested:
* urtwn(4)
* begin moving the 11n macros out of ieee80211_phy.c and
into a header so they can be used elsewhere.
* rename some of them into the IEEE80211_* namespace.
* convert HT_RC_2_MCS() to work with three-stream rates.
do software A-MSDU encapsulation.
Right now there's AMSDU TX/RX capability bits and they're mostly
unused, however I'd like to maintain those as the general configuration,
not also "please software encap AMSDU." For platforms that can do
A-MSDU in firmware (iwn, iwm, etc) then their init paths can read
this flag to configure A-MSDU.
It turns out that these will clash very annoyingly with the linux
macros in the linuxkpi layer, so let the wookie^Wlinux win.
The only user that I can find is ath(4), so fix it there too.
It turns out that madwifi actually has the basics for uAPSD implemented
but it was never ported to FreeBSD. I may eventually port most of the
pieces; I'll see how it goes!
Obtained from: Madwifi
This is a subset of what's in the linux 802.11ac implementation.
I've verified that the bits that mention an 802.11ac draft are
still the same in 802.11ac-2013 and noted it accordingly.
This is for the most part one big no-op.
Obtained from: 802.11ac-2013.pdf
* Implement a new ratectl method, which defaults to returning nothing;
* Add a top level sysctl (net.wlan.X.rate_stats) to extract it;
* Add ratectl info for the 'amrr' module.
Tested:
* urtwn(4), STA mode
Differential Revision: https://reviews.freebsd.org/D5630
This displays the IE names in ifconfig but it doesn't yet decode things.
Submitted by: Idwer Vollering <vidwer@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3782
For hz=1000 any number, greater than 4194 causes integer overflow;
this change casts the number to uint64_t before operating with it.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D5268
This warning is irrelevant, since user can execute
'ifconfig wlan0 down' (or turn off card via rfkill switch) at any time.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D5511
m is not guaranteed to be valid after m_cat() returns. The effects of this
are most noticeable when INVARIANTS is enabled, since m's header length
field is given a value of 0xdeadc0de by the trash dtor.
Reviewed by: glebius
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D5497
Drivers should set their own filters via ic_scan_start()/ic_scan_end()
callbacks; and we don't need frames other than beacons or probe responses.
(Note: this was a noop since r287197 due to promiscuous mode with bridge
workaround)
Tested with Intel 3945BG, RTL8188EU and WUSB54GC in HOSTAP mode.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D5474
- In case, when we are doing <smth> -> INIT (FEXT_REINIT) -> <smth2>
state transition, cancel_scan() may be called in the first transition.
Reenqueue second state transition, so things will be executed in order.
- Discard any AUTH+ state transition request when INIT -> SCAN
transition is not done.
- Allow to track discarded state transitions via 'state' debugging
category.
Tested with:
* RTL8188EU, HOSTAP mode.
* RTL8188CUS, STA mode.
* Intel 3945BG, IBSS and STA modes.
PR: 197498
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D5482
- Pass scan state and additional internal flags as a parameters.
- Add locked version.
Tested with:
* Intel 3945BG, STA mode.
* RTL8188EU, STA mode.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D5148
transmitted
- Use M_TXCB mechanism to report about null data frame transmission.
- Increase timeout from 1 to 10 ms (the previous one may be not enough
for non-empty queue).
Tested with:
* Intel 3945BG, STA mode.
* RTL8188CUS, STA mode.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D5147
scan_curchan_task() functions)
(This part should fix the problem, described in
https://lists.freebsd.org/pipermail/freebsd-wireless/2016-January/006420.html)
- Rename ss_scan_task into ss_scan_start (better describes it's
current purpose)
- Utilize taskqueue_*_timeout() functions instead of current mechanism:
* reschedule scan_curchan_task() via taskqueue_enqueue_timeout()
for every 'maxdwell' msecs (will replace infinite loop + sleeping
for 'maxdwell' period via cv_wait());
* rerun the task immediately when an external event occurs
(instead of waking it up via cv_signal())
Also, use mtx_sleep() to wait for null frame transmission
(allows to drop conditional variable).
Tested with:
* Intel 3945BG, STA mode;
* RTL8188EU, STA mode.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D5145
All callers of ieee80211_promisc()/ieee80211_allmulti()
(ieee80211_vap_detach(), ieee80211_ioctl(), ap_start() and ap_end())
already hold the com_lock while calling them.
Tested with RTL8188EU, STA mode.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D5475
Remove duplicate 'ni->ni_associd = 0' assignment from
ieee80211_node_leave(), since it breaks iv_set_tim() in
ic->ic_node_cleanup() (associd is cleared right after this call).
Tested with RTL8188EU (HOSTAP mode) and
WUSB54GC (STA mode, with powersaving enabled).
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D5398
- Add definitions for Timing Advertisement and Control Wrapper frames.
- Refresh ieee80211_mgt_subtype_name and ieee80211_ctl_subtype_name
arrays.
- Count Timing Advertisement frames as discarded management frames in all
modes.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D5331
Use malloc(9) for
- struct ieee80211req_wpaie2 (518 bytes, used in
ieee80211_ioctl_getwpaie())
- struct ieee80211_scan_req (128 bytes, used in setmlme_assoc_adhoc()
and ieee80211_ioctl_scanreq())
Also, drop __noinline workarounds; stack overflow is not reproducible
with recent compilers.
Tested with Clang 3.7.1, GCC 4.2.1 (from 9.3-RELEASE) and 4.9.4
(with -fstack-usage flag)
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D5041
Do not duplicate code between IEEE80211_IOC_WPAIE and IEEE80211_IOC_WPAIE2
switch cases.
Approved by: adrian (mentor)
Differential Revision: D5041 (part)
we're assuming hz=1000 and not gracefully handling when it isn't.
The math involved will return 0 for hz < 1000, which it is on some
platforms and on DragonflyBSD.
This doesn't fix it, it:
* converts one manual use over to use the macro, and
* comments where it needs some thought/fixing.
I'll think about this a bit more before fixing it.
Submitted by: imre@vdsz.com
- Add IEEE80211_GET_SLOTTIME(ic) macro.
- Use predefined macroses to set slot time.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D4044
wpa_supplicant actually calls the wpa ioctl with cipher 0 as part
of the teardown process and this returns an ioctl error.
It's required as part of the (hopefully!) upcoming encrypted
IBSS support which does indeed do the above as part of interface
setup and then exits ungracefully when it gets an ioctl error.
(I'll fix wpa_supplicant in a later commit as part of other work.)
I've seen some cases where we get stuck in a loop constantly trying to
negotiate A-MPDU TX which is definitely not supposed to happen.
This will let me see if it's something funky with the retry count or
not.
This call may be used when device cannot continue to operate normally
(e.g., throws firmware error, watchdog timer expires)
and need to be restarted.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D3998
This doesn't free the mbuf upon error; the driver ic_raw_xmit method is still
doing that.
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3774
Move error handling into ieee80211_parent_xmitpkt() instead of spreading it
between functions.
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3772
* Create ieee80211_free_mbuf() which frees a list of mbufs.
* Use it in the fragment transmit path and ath / uath transmit paths.
* Call it in xmit_pkt() if the transmission fails; otherwise fragments
may be leaked.
This should be a big no-op.
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3769
The MAC can be fetched from the key struct.
I added the ndis updates to make it compile.
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3657
This can be used to update IV state for the caller without adding
information to the mbuf. Some hardware (eg rum) apparently requires
bits of this.
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3638
field and into a separate fast-frames staging pointer in ieee80211_node.
The A-MPDU TX path allows txa_private to be used by drivers. So it will
clash with any attempt to use fast-frames. Now, fast-frames is not really
anything special - it's just a custom ethernet frame type that contains
two MSDUs into one MPDU. So all the NIC has to support doing is transmitting
up to a 4KiB frame with an arbitrary ethertype and bam! Fast-frames.
However, using txa_private means we can /either/ do fast-frames or A-MPDU TX,
so fast frames has been turned off in the Atheros HAL for 11n chipsets.
This is a bit silly - it actually means that 802.11 performance to/from
11abg Atheros chips is actually better than between an 11abg atheros device
and an 11n Atheros device.
So:
* create a new mbuf staging queue for fast frames. It only queues a single
frame in the staging queue (and there's a top-level ic staging queue
used for expiry/tracking) so it's just an mbuf pointer per TID.
* Still use the ampdu TX packet counter to determine whether to do
aggregation or not. It'll double count if we start doing both A-MPDU TX
and fast frames, but that's not all that important right now.
* Initialise the pps tracker so ticks isn't zero. This ensures that
fast-frames actually gets used - without it, the ticks math overflows
and the pps math always sets txa_pps=0. This is the same bug that
plagued A-MPDU TX starting logic.
This actually allows fast-frames transmit to occur between the AR9331
(in 11n HT/20 mode) and AR9170 (if_otus) in 11bg mode.
Now, this is a great big no-op on atheros 11n hardware, so don't worry.
It may mean you start seeing more reliable fast-frames transmission on
11abg hardware which may expose some more amusing bugs.
TODO:
* further testing and debugging of all of this before flipping on
fast-frames in if_ath (for 11n) and if_otus.
in the superg fast-frames code.
This harks back to an earlier commit (r280349) where I found that
initialising the pps code with ticks=0 would cause hilariously bad
hz ticks wraparound failures, leading to never actually aggregating
traffic. This is still true for the superg path and so I have to
do the same thing there.
This is a big no-op; a subsequent commit will flip this on so it
works with the fast-frames transmit path.
Tested:
* AR9170, otus(4) - STA mode, 11bg operation
* AR9331, AP mode
net80211 receive path. This allows drivers (notably USB right now, but
anything/everything!) to optionally defer bulk RX of 802.11 frames until
/outside/ of the driver lock(s), rather than doing:
UNLOCK(sc);
ieee80211_input*()
LOCK(sc);
.. which is really stupid.
The existing API is maintaned - if ieee80211_input() / ieee80211_input_all()
is called then the RSSI/NF values are used. If the MIMO versions are called
with a given rx status pointer then it's used. Else, it'll use whatever
is in the RX mbuf tag.
Some fullmac devices may rely on the stack starting it but not doing it.
Whilst here, remove a duplicate LE_* macro definition, thanks to
Andriy Voskoboinyk <s3erios@gmail.com>.
for re-ordering.
Devices like if_rsu don't pass through action/management frames but do send
firmware commands to inform us of things. One of those notifications is
the RX A-MPDU negotiated parameters.
connectivity interact with the net80211 stack.
Historical background: originally wireless devices created an interface,
just like Ethernet devices do. Name of an interface matched the name of
the driver that created. Later, wlan(4) layer was introduced, and the
wlanX interfaces become the actual interface, leaving original ones as
"a parent interface" of wlanX. Kernelwise, the KPI between net80211 layer
and a driver became a mix of methods that pass a pointer to struct ifnet
as identifier and methods that pass pointer to struct ieee80211com. From
user point of view, the parent interface just hangs on in the ifconfig
list, and user can't do anything useful with it.
Now, the struct ifnet goes away. The struct ieee80211com is the only
KPI between a device driver and net80211. Details:
- The struct ieee80211com is embedded into drivers softc.
- Packets are sent via new ic_transmit method, which is very much like
the previous if_transmit.
- Bringing parent up/down is done via new ic_parent method, which notifies
driver about any changes: number of wlan(4) interfaces, number of them
in promisc or allmulti state.
- Device specific ioctls (if any) are received on new ic_ioctl method.
- Packets/errors accounting are done by the stack. In certain cases, when
driver experiences errors and can not attribute them to any specific
interface, driver updates ic_oerrors or ic_ierrors counters.
Details on interface configuration with new world order:
- A sequence of commands needed to bring up wireless DOESN"T change.
- /etc/rc.conf parameters DON'T change.
- List of devices that can be used to create wlan(4) interfaces is
now provided by net.wlan.devices sysctl.
Most drivers in this change were converted by me, except of wpi(4),
that was done by Andriy Voskoboinyk. Big thanks to Kevin Lo for testing
changes to at least 8 drivers. Thanks to pluknet@, Oliver Hartmann,
Olivier Cochard, gjb@, mmoll@, op@ and lev@, who also participated in
testing.
Reviewed by: adrian
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
is configured on a channel that isn't valid in the new operating mode.
This isn't strictly true - it should find the first channel that is
available for the given operating mode.
However, I think defaulting to the first channel is fine - it's typically
available for all modes.
If someone would like to correctly implement this feature - try to
find a channel that is valid for the given operating mode and error
out if we can't find one.
This prevents various NICs (eg wpi(4)) from throwing a firmware error.
Tested:
* ath(4), STA/AP mode
* iwn(4), STA/adhoc mode
PR: kern/202502
Submitted by: Andriy Voskoboinyk <s3erios@gmail.com>
* 286410
* 286413
* 286416
The initial commit broke a variety of debug and features that aren't
in the GENERIC kernels but are enabled in other platforms.
with the net80211 stack.
Historical background: originally wireless devices created an interface,
just like Ethernet devices do. Name of an interface matched the name of
the driver that created. Later, wlan(4) layer was introduced, and the
wlanX interfaces become the actual interface, leaving original ones as
"a parent interface" of wlanX. Kernelwise, the KPI between net80211 layer
and a driver became a mix of methods that pass a pointer to struct ifnet
as identifier and methods that pass pointer to struct ieee80211com. From
user point of view, the parent interface just hangs on in the ifconfig
list, and user can't do anything useful with it.
Now, the struct ifnet goes away. The struct ieee80211com is the only
KPI between a device driver and net80211. Details:
- The struct ieee80211com is embedded into drivers softc.
- Packets are sent via new ic_transmit method, which is very much like
the previous if_transmit.
- Bringing parent up/down is done via new ic_parent method, which notifies
driver about any changes: number of wlan(4) interfaces, number of them
in promisc or allmulti state.
- Device specific ioctls (if any) are received on new ic_ioctl method.
- Packets/errors accounting are done by the stack. In certain cases, when
driver experiences errors and can not attribute them to any specific
interface, driver updates ic_oerrors or ic_ierrors counters.
Details on interface configuration with new world order:
- A sequence of commands needed to bring up wireless DOESN"T change.
- /etc/rc.conf parameters DON'T change.
- List of devices that can be used to create wlan(4) interfaces is
now provided by net.wlan.devices sysctl.
Most drivers in this change were converted by me, except of wpi(4),
that was done by Andriy Voskoboinyk. Big thanks to Kevin Lo for testing
changes to at least 8 drivers. Thanks to Olivier Cochard, gjb@, mmoll@,
op@ and lev@, who also participated in testing. Details here:
https://wiki.freebsd.org/projects/ifnet/net80211
Still, drivers: ndis, wtap, mwl, ipw, bwn, wi, upgt, uath were not
tested. Changes to mwl, ipw, bwn, wi, upgt are trivial and chances
of problems are low. The wtap wasn't compilable even before this change.
But the ndis driver is complex, and it is likely to be broken with this
commit. Help with testing and debugging it is appreciated.
Differential Revision: D2655, D2740
Sponsored by: Nginx, Inc.
Sponsored by: Netflix
In order for drivers to provide an alternate set of scan methods,
these have to finally use an indirection table and all of the calls
in ieee80211_scan.c need to use said table.
For all existing drivers - this is basically a glorified, KBI-breaking
functional no-op.
This is also not the final form - too much functionality is currently
hiding in ieee80211_scan_sw.c that should be in ieee80211_scan.c.
That'll be the target of some follow-up commits.
Note:
* You have to recompile your kernel/drivers after this - the net80211 KBI has
changed.
* I'm not yet planning on bumping any versioning - I have a few more things
to shuffle around.
Tested:
* urtwn(4) - STA mode
* Intel 7260 in local repo - overriding the methods and table at
attach time has the desired effect (ie, all the methods are called,
but nothing is ever performed.)
The intel 7260 driver under development requires this - the scans come
in as normal frames but with the frequency provided. The correct method
is to have the driver provide flags (so we can determine if it's 11b
or 11g); this will have to do in the meantime.
Without this, the channel found is 11b, and no ERP (ie "11g") bits
are negotiated with the AP.
This allows the 7260 in 2ghz mode to operate in 11bg, rather than
just 11b.
Tested:
* intel 7260 driver, 11bg channels
with the transmit params.
This allows raw 802.11 frames to be queued in the driver if necessary,
rather than requiring it to be direct-dispatched into the hardware.
Tested:
* ath(4), STA mode
* iwn(4), STA mode
MFC after: 2 weeks
Sponsored by: Norse Corp, Inc.
802.11 mbufs.
The raw transmit path currently doesn't make it easy to queue
these frames:
* there's no node reference stored in the mbuf, like for the normal
path, and
* the bpf supplied raw transmit parameters (rate, rts/cts, etc)
are passed in as an argument, not as an mbuf tag.
In order to support driver queuing of these frames, we need to
be able to put the above into the mbuf before the driver gets it,
so the driver /can/ put it into a queue if needed.
Use an mbuf tag and for now just verbatim copy the bpf parameters
into it. Later on it may grow to include more options but this
will do for now.
Why would you want to queue raw frames? Well, in the case of
iwn(4), we can't send the firmware frames to transmit before
we hear a beacon - the firmware will consider passive channels
as unavailable until it hears a beacon. The firmware "passive"
channel state is cleared upon each RXON command, which is sent to
update association status. So, when we attempt association and
authorisation, the RXON command causes the firmware to clear out
what it's already seen, and so we have to wait for a beacon before
we can transmit.
Before people get overly excited - this alone doesn't "fix" 5GHz
operation - it just makes it (more) possible.
The aim here is to convert all the drivers over to use a raw_xmit()
API that doesn't include the node and params - instead they'd get
those from the mbuf. Then raw_xmit() becomes just a side-channel
version of the normal transmit path for management traffic.
MFC after: 2 weeks
Sponsored by: Norse Corp, Inc.
RTM_IEEE80211_RADIO routing messages, broadcast them on all vap interfaces
instead of sending them on parent.
Reviewed by: adrian
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
DragonflyBSD uses the FreeBSD wireless stack and drivers. Their malloc()
API is named differently, so they don't have userland/kernel symbol
clashes like we do (think libuinet.)
So, to make it easier for them and to port to other BSDs/other operating
systems, start hiding the malloc specific bits behind defines in
ieee80211_freebsd.h.
DragonflyBSD can now put these portability defines in their local
ieee80211_dragonflybsd.h.
This should be a great big no-op for everyone running wifi.
TODO:
* kill M_WAITOK - some platforms just don't want you to use it
* .. and/or handle it returning NULL rather than waiting forever.
* MALLOC_DEFINE() ?
* Migrate the well-known malloc names (eg M_TEMP) to net80211
namespace defines.
Smart NICs with firmware (eg wpi, iwn, the new atheros parts, the intel 7260
series, etc) support doing a lot of things in firmware. This includes but
isn't limited to things like scanning, sending probe requests and receiving
probe responses. However, net80211 doesn't know about any of this - it still
drives the whole scan/probe infrastructure itself.
In order to move towards suppoting smart NICs, the receive path needs to
know about the channel/details for each received packet. In at least
the iwn and 7260 firmware (and I believe wpi, but I haven't tried it yet)
it will do the scanning, power-save and off-channel buffering for you -
all you need to do is handle receiving beacons and probe responses on
channels that aren't what you're currently on. However the whole receive
path is peppered with ic->ic_curchan and manual scan/powersave handling.
The beacon parsing code also checks ic->ic_curchan to determine if the
received beacon is on the correct channel or not.[1]
So:
* add freq/ieee values to ieee80211_rx_stats;
* change ieee80211_parse_beacon() to accept the 'current' channel
as an argument;
* modify the iv_input() and iv_recv_mgmt() methods to include the rx_stats;
* add a new method - ieee80211_lookup_channel_rxstats() - that looks up
a channel based on the contents of ieee80211_rx_stats;
* if it exists, use it in the mgmt path to switch the current channel
(which still defaults to ic->ic_curchan) over to something determined
by rx_stats.
This is enough to kick-start scan offload support in the Intel 7260
driver that Rui/I are working on. It also is a good start for scan
offload support for a handful of existing NICs (wpi, iwn, some USB
parts) and it'll very likely dramatically improve stability/performance
there. It's not the whole thing - notably, we don't need to do powersave,
we should not scan all channels, and we should leave probe request sending
to the firmware and not do it ourselves. But, this allows for continued
development on the above features whilst actually having a somewhat
working NIC.
TODO:
* Finish tidying up how the net80211 input path works.
Right now ieee80211_input / ieee80211_input_all act as the top-level
that everything feeds into; it should change so the MIMO input routines
are those and the legacy routines are phased out.
* The band selection should be done by the driver, not by the net80211
layer.
* ieee80211_lookup_channel_rxstats() only determines 11b or 11g channels
for now - this is enough for scanning, but not 100% true in all cases.
If we ever need to handle off-channel scan support for things like
static-40MHz or static-80MHz, or turbo-G, or half/quarter rates,
then we should extend this.
[1] This is a side effect of frequency-hopping and CCK modes - you
can receive beacons when you think you're on a different channel.
In particular, CCK (which is used by the low 11b rates, eg beacons!)
is decodable from adjacent channels - just at a low SNR.
FH is a side effect of having the hardware/firmware do the frequency
hopping - it may pick up beacons transmitted from other FH networks
that are in a different phase of hopping frequencies.
ieee80211_pwrsave() can fail due to queue overflow, check its return code
and increment oerrors counter when it fails. Also handle more error cases
and update oerrors counter when we don't send mbuf due to some errors.
Return ENETDOWN when parent interface isn't ready. Update obytes and omcasts
counters in corresponding places.
PR: 184626
Differential Revision: https://reviews.freebsd.org/D2621
Reviewed by: adrian
MFC after: 1 week
years for head. However, it is continuously misused as the mpsafe argument
for callout_init(9). Deprecate the flag and clean up callout_init() calls
to make them more consistent.
Differential Revision: https://reviews.freebsd.org/D2613
Reviewed by: jhb
MFC after: 2 weeks
frames to 0
From IEEE Std. 802.11-2012, 8.3.2.1 "Data frame format", p. 415 (513):
"The Sequence Control field for QoS (+)Null frames is ignored by the receiver
upon reception."
At this moment, any <mode>_input() function interprets them as regular QoS data
frames with TID = 0. As a result, stations, that use another TX sequence for
QoS Null frames (e.g. wpi(4), where (QoS) Null frames are generated by the
firmware), may experience significant packet loss with any other NIC in hostap
mode.
Tested:
* wpi(4) (author)
* iwn(4) - Intel 5100, STA mode (me)
PR: kern/200128
Submitted by: Andriy Voskoboinyk <s3erios@gmail.com>
results.
Right now the scan infrastructure assumes the channel is under net80211
control, and that when receiving beacon frames for scanning, the
current channel is indeed what ic_curchan is set to.
But firmware NICs with firmware scan support need more than this -
they can do background scans whilst hiding the off-channel behaviour
from net80211. Ie, net80211 still thinks everything is associated
and on the main channel, but it's getting scan results from all the
background traffic.
However sta_add() pays attention to ic_curchan and discards scan
results that aren't on the right channel. CCK beacon frames can be
decoded from adjacent channels so the receive path and sta_add
discard these as appropriate. This is fine for software scanning
like for ath(4), but not for firmware NICs. So with those, the
whole concept of background firmware scanning won't work without
major hacks (eg, overriding ic_curchan before calling the beacon
input / scan add.)
As part of my scan overhaul, modify sta_add() and the scan_add()
APIs to take an explicit current channel. The normal RX path
will set it to ic_curchan so it's a no-op. However, drivers may
decide to (eventually!) override the scan method to set the
"right" current channel based on what the firmware reports the
scan state is.
So for example, iwn, rsu and other NICs will eventually do this:
* driver issues scan start firmware command;
* firmware sends a "scan start on channel X" notify;
* firmware sends a bunch of beacon RX's as part of
the scan results;
* .. and the driver will replace scan_add() curchan with channel X,
so scan results are correct.
* firmware sends a "scan start on channel Y" notify;
* firmware sends more beacons...
* .. the driver replaces scan_add() curchan with channel Y.
Note:
* Eventually, net80211 should eventually grow the idea of a per-packet
current channel. It's possible in various modes (eg WAVE, P2P, etc)
that individual frames can come in from different channels and that
is under firmware control rather than driver/net80211 control, so
we should support that.
