summaryrefslogtreecommitdiffstats
path: root/sys/net80211/ieee80211_output.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Fix 'ifconfig nwflags; These flags ended up overlapping with other flagsstsp2019-05-121-3/+4
| | | | | | | | | | | | in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future. Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@ ok beck@ phessler@
* On the transmit path the ethernet and ip headers might not bepatrick2019-05-101-11/+12
| | | | | | | | | | | in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it. Fixes a panic for florian@ Discussed with claudio@ ok stsp@
* MH_ALIGN -> m_align and make the spacing look the same in all three places.claudio2018-11-301-6/+6
| | | | OK bluhm@
* My previous commit broke the ramdisk build; fix itstsp2017-12-141-3/+5
|
* Stop printing debug info about stations leaving a wifi network whenstsp2017-12-141-5/+7
| | | | we aren't running in hostap or ibss mode.
* Omit the PMKID count field from RSN information elements (IE) if the PMKIDstsp2017-12-111-4/+6
| | | | | | | | | list has zero elements and PMKID would be the last field in the RSN IE. This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver. ok patrick@ phessler@
* Make ieee80211_classify() available in a header so we can make thepatrick2017-10-211-2/+1
| | | | priority visible to underlying bus protocols like bwfm(4)'s bcdc.
* Remove global counters from struct ieee80211com which track the number ofstsp2017-02-021-4/+7
| | | | | | | | | | | | | | | | | | | | | | | | | associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation. These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues. Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path. Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0"). tested by Lauri, tb@, and myself ok mpi@ tb@
* In a comment inside ieee80211_up_to_ac(), update a reference sectionstsp2017-01-311-2/+2
| | | | number from the 802.11-2007 standard to the 802.11-2012 standard.
* When telling clients which EDCA parameters to use, copy these parametersstsp2017-01-311-3/+3
| | | | | from the client parameter set, rather than from the AP parameter set. ok mpi@
* Enable ieee80211_edca_table, which was under #if 0. This table can be usedstsp2017-01-301-4/+2
| | | | | | by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
* Make the net80211 stack send EDCA parameters to the driver in hostap mode.stsp2017-01-091-2/+2
| | | | | | Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
* When acting as 11n hostap, send Microsoft WME parameters to clients sostsp2017-01-091-4/+7
| | | | | that Linux clients will decide to use 11n mode. ok phessler@
* Fix ieee80211_add_htop(), which is not yet called in active code paths.stsp2017-01-091-3/+4
| | | | | | | It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
* Call if_enqueue() and if_start() instead of dereferencing the ifpmpi2016-04-121-2/+2
| | | | | | | | | | | pointers. These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere. Prodded by a comment from jsg@. ok mikeb@, stsp@
* Define EDCA tables for 11n mode. Per 802.11-2012 they are the same asstsp2016-02-051-1/+53
| | | | | | | | | | | the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element. None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
* Store ADDBA request and response parameters in the block ack record ofstsp2016-02-051-10/+5
| | | | | | | | | | | ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places. Fixes apple airport APs. tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
* Fix the timeout value sent in ADDBA request and response frames.stsp2016-01-211-3/+3
| | | | | ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
* Remove wireless turbo mode support. It is a non-standard extensionstsp2016-01-121-14/+1
| | | | | | which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
* Initialize the A-MPDU parameters field in HT capability elements.stsp2016-01-061-2/+2
| | | | ok kettenis@
* Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n modestsp2016-01-051-23/+1
| | | | | in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
* Fix another case where the return value of ieee80211_chan2mode() wasstsp2016-01-041-3/+2
| | | | | used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
* ADDBA frames have a parameter set which we check against our own capabilitiesstsp2016-01-041-2/+6
| | | | | | but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
* 11n/HT negotiation fixes:stsp2015-12-121-7/+32
| | | | | | | | | | | | Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one. Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames. ok mpi@
* No need to include <net/if_types.h> for <net/if_vlan_var.h>mpi2015-11-241-2/+1
|
* Declare 802.11n mode and channel flags. Tweak 11n related fields in structstsp2015-11-151-3/+9
| | | | | | | ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
* Update section and table numbers inside comments in the RSN code tostsp2015-11-081-3/+3
| | | | | the 802.11-2012 standard. ok mpi@
* replace the ifqueues in net80211 with mbuf_queues.dlg2015-11-041-15/+9
| | | | | | | | the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons. tested by mpi@ and jmc@ ok mpi@
* m_freem() can handle NULL, do not check for this condition beforehands.deraadt2015-07-151-5/+3
| | | | ok stsp mpi
* Rename if_output() into if_enqueue() to avoid confusion with commentsmpi2015-06-301-2/+2
| | | | | | talking about (*ifp->if_output)(). ok claudio@, dlg@
* Use if_output() instead of rerolling it.mpi2015-05-261-27/+3
| | | | ok stsp@
* Remove some includes include-what-you-use claims don'tjsg2015-03-141-2/+1
| | | | | | | have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels. ok tedu@ deraadt@
* unifdef some more INET. v4 4life.tedu2014-12-231-7/+1
|
* remove uneeded proc.h includesjsg2014-09-141-2/+1
| | | | ok mpi@ kspillner@
* Fewer <netinet/in_systm.h> !mpi2014-07-221-2/+1
|
* Stop abusing the rcvif pointer to pass wireless nodes down to thempi2014-03-191-12/+11
| | | | | | | | | | driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9). claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie! ok claudio@, mikeb@, deraadt@
* #if 0 out the ieee80211_edca_table table to appease the LLVM warning.brad2013-12-071-1/+3
| | | | | | ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable] ok stsp@
* use the correct block ack structure when building an ADDBA response.damien2010-07-171-2/+2
|
* fix prev commit (s/ic_flags/ic_caps/).damien2009-05-241-2/+2
| | | | from dhill@
* prevent injection of raw 802.11 control frames through bpf on driversdamien2009-05-191-9/+14
| | | | | | | | | that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap). prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
* sync with 802.11w draft 8.0.damien2009-03-261-3/+5
| | | | | the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
* Fix setting of the Short Slot Time subfield of the Capability Informationdamien2009-03-061-3/+2
| | | | | | | | | | | field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary. Thanks to Adam Emanuel for spotting this.
* Block Ack agreements are unidirectional.damien2009-01-281-15/+25
| | | | | | | | | | Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too. no binary change since all this is #ifdef'ed out.
* remove ni_ba field from ieee80211_node structure as it is not used yet.damien2009-01-261-2/+3
| | | | | | | this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build. pointed out by landry@
* Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01:damien2009-01-261-49/+333
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys) Did some code cleanup too. The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler. Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
* cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.damien2008-12-021-8/+3
|
* Initial implementation of PMKSA caching and pre-authentication.damien2008-09-271-6/+14
| | | | | | | | | | | | | | | | | | This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication. Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
* Add some inline functions to test the presence of optional 802.11damien2008-09-271-2/+1
| | | | | | | | | | | | | | | | header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate. Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field). Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field. Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
* third parameter of ieee80211_get_assoc_req() is a management framedamien2008-09-031-4/+4
| | | | | | | subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
* add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack,damien2008-09-011-6/+10
| | | | | | 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.