o major overhaul of the way channels are handled: channels are now
fully enumerated and uniquely identify the operating characteristics;
these changes are visible to user applications which require changes
o make scanning support independent of the state machine to enable
background scanning and roaming
o move scanning support into loadable modules based on the operating
mode to enable different policies and reduce the memory footprint
on systems w/ constrained resources
o add background scanning in station mode (no support for adhoc/ibss
mode yet)
o significantly speedup sta mode scanning with a variety of techniques
o add roaming support when background scanning is supported; for now
we use a simple algorithm to trigger a roam: we threshold the rssi
and tx rate, if either drops too low we try to roam to a new ap
o add tx fragmentation support
o add first cut at 802.11n support: this code works with forthcoming
drivers but is incomplete; it's included now to establish a baseline
for other drivers to be developed and for user applications
o adjust max_linkhdr et. al. to reflect 802.11 requirements; this eliminates
prepending mbufs for traffic generated locally
o add support for Atheros protocol extensions; mainly the fast frames
encapsulation (note this can be used with any card that can tx+rx
large frames correctly)
o add sta support for ap's that beacon both WPA1+2 support
o change all data types from bsd-style to posix-style
o propagate noise floor data from drivers to net80211 and on to user apps
o correct various issues in the sta mode state machine related to handling
authentication and association failures
o enable the addition of sta mode power save support for drivers that need
net80211 support (not in this commit)
o remove old WI compatibility ioctls (wicontrol is officially dead)
o change the data structures returned for get sta info and get scan
results so future additions will not break user apps
o fixed tx rate is now maintained internally as an ieee rate and not an
index into the rate set; this needs to be extended to deal with
multi-mode operation
o add extended channel specifications to radiotap to enable 11n sniffing
Drivers:
o ath: add support for bg scanning, tx fragmentation, fast frames,
dynamic turbo (lightly tested), 11n (sniffing only and needs
new hal)
o awi: compile tested only
o ndis: lightly tested
o ipw: lightly tested
o iwi: add support for bg scanning (well tested but may have some
rough edges)
o ral, ural, rum: add suppoort for bg scanning, calibrate rssi data
o wi: lightly tested
This work is based on contributions by Atheros, kmacy, sephe, thompsa,
mlaier, kevlo, and others. Much of the scanning work was supported by
Atheros. The 11n work was supported by Marvell.
paper over catching an error as the case was already handled, albeit
in a somewhat surprising way (the caller received zero'd data)
Submitted by: sephe
MFC after: 2 weeks
specific privilege names to a broad range of privileges. These may
require some future tweaking.
Sponsored by: nCircle Network Security, Inc.
Obtained from: TrustedBSD Project
Discussed on: arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
Alex Lyashkov <umka at sevcity dot net>,
Skip Ford <skip dot ford at verizon dot net>,
Antoine Brodin <antoine dot brodin at laposte dot net>
o change rssi to be signed in ieee80211_nodestats
o add noise floor in ieee80211_nodestats (use an implicit hole to
preserve layout); return it as zero until we can update the api's
so the driver can provide noise floor data
o add a bandaid so IEEE80211_IOC_STA_STATS works for sta mode; when
all nodes are in the station table this will no longer be needed
o fix braino in IEEE80211_IOC_STA_INFO implementation; was supposed
to take a mac address and return info for that sta or all stations
if ff:ff:ff:ff:ff was supplied--but somehow this didn't get implemented;
implement the intended semantics and leave a compat shim at the old
ioctl number for the previous api
Reviewed by: mlaier
MFC after: 3 weeks
now just make it clear station statistics (could read
a stat block and assign to caller can do partial changes)
Reviewed by: avatar (previous version)
MFC after: 1 week
o lock the list walk
o malloc a results buffer instead of copying out one result at a time
using an on-stack buffer
o fix definition of ieee80211req_scan_result so size of variable-length
information elements is large enough to hold all possible ie's
(still only return wpa+wme, at some point may return all)
o make rssi+noise data signed; they should've been so all along
o add a bit more padding for future additions while we're here
o define a new ioctl for new api and add compat code for old ioctl
under COMPAT_FREEBSD6 (temporarily enabled local to the file)
Reviewed by: Scott Long
MFC after: 2 weeks
rather than in ifindex_table[]; all (except one) accesses are
through ifp anyway. IF_LLADDR() works faster, and all (except
one) ifaddr_byindex() users were converted to use ifp->if_addr.
- Stop storing a (pointer to) Ethernet address in "struct arpcom",
and drop the IFP2ENADDR() macro; all users have been converted
to use IF_LLADDR() instead.
switching(ifconfig devX channel Y). This fix should make channel changing
works again in monitor mode.
Submitted by: sam
X-MFC-With: other ic_curchan changes
add support for getting the current policy setting and collecting
the list of mac addresses in the acl table.
Submitted by: Michal Mertl (original version)
MFC after: 2 weeks
o add ic_curchan and use it uniformly for specifying the current
channel instead of overloading ic->ic_bss->ni_chan (or in some
drivers ic_ibss_chan)
o add ieee80211_scanparams structure to encapsulate scanning-related
state captured for rx frames
o move rx beacon+probe response frame handling into separate routines
o change beacon+probe response handling to treat the scan table
more like a scan cache--look for an existing entry before adding
a new one; this combined with ic_curchan use corrects handling of
stations that were previously found at a different channel
o move adhoc neighbor discovery by beacon+probe response frames to
a new ieee80211_add_neighbor routine
Reviewed by: avatar
Tested by: avatar, Michal Mertl
MFC after: 2 weeks
IFF_DRV_RUNNING, as well as the move from ifnet.if_flags to
ifnet.if_drv_flags. Device drivers are now responsible for
synchronizing access to these flags, as they are in if_drv_flags. This
helps prevent races between the network stack and device driver in
maintaining the interface flags field.
Many __FreeBSD__ and __FreeBSD_version checks maintained and continued;
some less so.
Reviewed by: pjd, bz
MFC after: 7 days
Crypto changes:
o change driver/net80211 key_alloc api to return tx+rx key indices; a
driver can leave the rx key index set to IEEE80211_KEYIX_NONE or set
it to be the same as the tx key index (the former disables use of
the key index in building the keyix->node mapping table and is the
default setup for naive drivers by null_key_alloc)
o add cs_max_keyid to crypto state to specify the max h/w key index a
driver will return; this is used to allocate the key index mapping
table and to bounds check table loookups
o while here introduce ieee80211_keyix (finally) for the type of a h/w
key index
o change crypto notifiers for rx failures to pass the rx key index up
as appropriate (michael failure, replay, etc.)
Node table changes:
o optionally allocate a h/w key index to node mapping table for the
station table using the max key index setting supplied by drivers
(note the scan table does not get a map)
o defer node table allocation to lateattach so the driver has a chance
to set the max key id to size the key index map
o while here also defer the aid bitmap allocation
o add new ieee80211_find_rxnode_withkey api to find a sta/node entry
on frame receive with an optional h/w key index to use in checking
mapping table; also updates the map if it does a hash lookup and the
found node has a rx key index set in the unicast key; note this work
is separated from the old ieee80211_find_rxnode call so drivers do
not need to be aware of the new mechanism
o move some node table manipulation under the node table lock to close
a race on node delete
o add ieee80211_node_delucastkey to do the dirty work of deleting
unicast key state for a node (deletes any key and handles key map
references)
Ath driver:
o nuke private sc_keyixmap mechansim in favor of net80211 support
o update key alloc api
These changes close several race conditions for the ath driver operating
in ap mode. Other drivers should see no change. Station mode operation
for ath no longer uses the key index map but performance tests show no
noticeable change and this will be fixed when the scan table is eliminated
with the new scanning support.
Tested by: Michal Mertl, avatar, others
Reviewed by: avatar, others
MFC after: 2 weeks
o separate configured beacon interval from listen interval; this
avoids potential use of one value for the other (e.g. setting
powersavesleep to 0 clobbers the beacon interval used in hostap
or ibss mode)
o bounds check the beacon interval received in probe response and
beacon frames and drop frames with bogus settings; not clear
if we should instead clamp the value as any alteration would
result in mismatched sta+ap configuration and probably be more
confusing (don't want to log to the console but perhaps ok with
rate limiting)
o while here up max beacon interval to reflect WiFi standard
Noticed by: Martin <nakal@nurfuerspam.de>
MFC after: 1 week
fixes a ref cnt leak
o make unicast key handling on delete identical to set
o change legacy wep key api to reset the 802.11 state
machine for backwards compatibility
Reviewed by: avatar
Approved by: re (scottl)
struct ifnet or the layer 2 common structure it was embedded in have
been replaced with a struct ifnet pointer to be filled by a call to the
new function, if_alloc(). The layer 2 common structure is also allocated
via if_alloc() based on the interface type. It is hung off the new
struct ifnet member, if_l2com.
This change removes the size of these structures from the kernel ABI and
will allow us to better manage them as interfaces come and go.
Other changes of note:
- Struct arpcom is no longer referenced in normal interface code.
Instead the Ethernet address is accessed via the IFP2ENADDR() macro.
To enforce this ac_enaddr has been renamed to _ac_enaddr.
- The second argument to ether_ifattach is now always the mac address
from driver private storage rather than sometimes being ac_enaddr.
Reviewed by: sobomax, sam
or a bssid+ssid. This is needed for later versions of wpa_supplicant
and for forthcoming addons to wpa_supplicant.
Note this is an api change and applications must be rebuilt.
o don't pre-assign key index to the global key table entries so device
has a chance to decide what to use
o make ieee80211_crypto_newkey take the desired flags as an argument
instead of wacking the key structure directly; this eliminates a
bunch of code warts
o add a new flag IEEE80211_KEY_GROUP to indicate a key is a WPA Group
key so devices don't need to guess (temporarily add this flag in the
ioctl code until we can get wpa_supplicant+hostapd updated)
o shuffle IEEE80211_KEY_* bits to move flags used internally to the high
nibble of the flags word
Reviewed by: Tai-hwa Liang
panic with the NDISulator if you did "ifconfig ndis0 10.0.0.1/24,"
whereas "ifconfig ndis0 10.0.0.1/24 up" worked fine. The double fault
was caused by the ifconfig thread running out of kernel stack space.
(This was partly due to the NDIsulator using a couple of big buffers on
the stack, but even after fixing that the double fault persisted.)
It turns out that ndis_init() is called in both cases, but in the first
case the code path passes through ieee80211_ioctl(), and it turns out
ieee80211_ioctl() consumes a whopping 2400 bytes of stack space.
Apparently, gcc -O2 causes the ieee80211_ioctl_get80211() routine to
be inlined into ieee80211_ioctl(), and for some reason which I do not
fully understand, this causes ieee80211_ioctl() to consume an extra 2K
of stack space.
To prevent this overly agressive optimization, ieee80211_ioctl_get80211()
is now declared with __attribute__ ((noinline)). With this change,
ieee80211_ioctl() now only reserves about 200 bytes of stack instead of 2400.
here but it includes completed 802.11g, WPA, 802.11i, 802.1x, WME/WMM,
AP-side power-save, crypto plugin framework, authenticator plugin framework,
and access control plugin frameowrk.
active scan is completed just as WI_RID_READ_APS.
This fixes wicontrol -L for ath(4) and awi(4) to have results even if
the driver cannot associate any APs.
o reject scan requests for a device that isn't marked up
This fixes a problem where requesting a scan before marking the device
up would cause a panic because the current channel was set to "any" (0xffff).
