2 * Copyright (c) 2009 The FreeBSD Foundation
5 * This software was developed by Rui Paulo under sponsorship from the
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD$");
35 * IEEE 802.11s Mesh Point (MBSS) support.
37 * Based on March 2009, D3.0 802.11s draft spec.
42 #include <sys/param.h>
43 #include <sys/systm.h>
45 #include <sys/malloc.h>
46 #include <sys/kernel.h>
48 #include <sys/socket.h>
49 #include <sys/sockio.h>
50 #include <sys/endian.h>
51 #include <sys/errno.h>
53 #include <sys/sysctl.h>
56 #include <net/if_media.h>
57 #include <net/if_llc.h>
58 #include <net/ethernet.h>
60 #include <net80211/ieee80211_var.h>
61 #include <net80211/ieee80211_action.h>
62 #include <net80211/ieee80211_input.h>
63 #include <net80211/ieee80211_mesh.h>
65 static int mesh_select_proto_path(struct ieee80211vap *, const char *);
66 static int mesh_select_proto_metric(struct ieee80211vap *, const char *);
67 static void mesh_vattach(struct ieee80211vap *);
68 static int mesh_newstate(struct ieee80211vap *, enum ieee80211_state, int);
69 static void mesh_linkchange(struct ieee80211_node *,
70 enum ieee80211_mesh_mlstate);
71 static void mesh_checkid(void *, struct ieee80211_node *);
72 static uint32_t mesh_generateid(struct ieee80211vap *);
73 static int mesh_checkpseq(struct ieee80211vap *,
74 const uint8_t [IEEE80211_ADDR_LEN], uint32_t);
75 static struct ieee80211_node *
76 mesh_find_txnode(struct ieee80211vap *,
77 const uint8_t [IEEE80211_ADDR_LEN]);
78 static void mesh_forward(struct ieee80211vap *, struct mbuf *,
79 const struct ieee80211_meshcntl *);
80 static int mesh_input(struct ieee80211_node *, struct mbuf *, int, int);
81 static void mesh_recv_mgmt(struct ieee80211_node *, struct mbuf *, int,
83 static void mesh_peer_timeout_setup(struct ieee80211_node *);
84 static void mesh_peer_timeout_backoff(struct ieee80211_node *);
85 static void mesh_peer_timeout_cb(void *);
87 mesh_peer_timeout_stop(struct ieee80211_node *);
88 static int mesh_verify_meshpeerver(struct ieee80211vap *, const uint8_t *);
89 static int mesh_verify_meshid(struct ieee80211vap *, const uint8_t *);
90 static int mesh_verify_meshconf(struct ieee80211vap *, const uint8_t *);
91 static int mesh_verify_meshpeer(struct ieee80211vap *, const uint8_t *);
92 uint32_t mesh_airtime_calc(struct ieee80211_node *);
95 * Timeout values come from the specification and are in milliseconds.
97 SYSCTL_NODE(_net_wlan, OID_AUTO, mesh, CTLFLAG_RD, 0,
98 "IEEE 802.11s parameters");
99 static int ieee80211_mesh_retrytimeout = -1;
100 SYSCTL_PROC(_net_wlan_mesh, OID_AUTO, retrytimeout, CTLTYPE_INT | CTLFLAG_RW,
101 &ieee80211_mesh_retrytimeout, 0, ieee80211_sysctl_msecs_ticks, "I",
102 "Retry timeout (msec)");
103 static int ieee80211_mesh_holdingtimeout = -1;
104 SYSCTL_PROC(_net_wlan_mesh, OID_AUTO, holdingtimeout, CTLTYPE_INT | CTLFLAG_RW,
105 &ieee80211_mesh_holdingtimeout, 0, ieee80211_sysctl_msecs_ticks, "I",
106 "Holding state timeout (msec)");
107 static int ieee80211_mesh_confirmtimeout = -1;
108 SYSCTL_PROC(_net_wlan_mesh, OID_AUTO, confirmtimeout, CTLTYPE_INT | CTLFLAG_RW,
109 &ieee80211_mesh_confirmtimeout, 0, ieee80211_sysctl_msecs_ticks, "I",
110 "Confirm state timeout (msec)");
111 static int ieee80211_mesh_maxretries = 2;
112 SYSCTL_INT(_net_wlan_mesh, OID_AUTO, maxretries, CTLTYPE_INT | CTLFLAG_RW,
113 &ieee80211_mesh_maxretries, 0,
114 "Maximum retries during peer link establishment");
116 static const uint8_t broadcastaddr[IEEE80211_ADDR_LEN] =
117 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
119 static ieee80211_recv_action_func mesh_recv_action_meshpeering_open;
120 static ieee80211_recv_action_func mesh_recv_action_meshpeering_confirm;
121 static ieee80211_recv_action_func mesh_recv_action_meshpeering_close;
122 static ieee80211_recv_action_func mesh_recv_action_meshlmetric_req;
123 static ieee80211_recv_action_func mesh_recv_action_meshlmetric_rep;
125 static ieee80211_send_action_func mesh_send_action_meshpeering_open;
126 static ieee80211_send_action_func mesh_send_action_meshpeering_confirm;
127 static ieee80211_send_action_func mesh_send_action_meshpeering_close;
128 static ieee80211_send_action_func mesh_send_action_meshlink_request;
129 static ieee80211_send_action_func mesh_send_action_meshlink_reply;
131 static const struct ieee80211_mesh_proto_metric mesh_metric_airtime = {
132 .mpm_descr = "AIRTIME",
133 .mpm_ie = IEEE80211_MESHCONF_AIRTIME,
134 .mpm_metric = mesh_airtime_calc,
137 static struct ieee80211_mesh_proto_path mesh_proto_paths[4];
138 static struct ieee80211_mesh_proto_metric mesh_proto_metrics[4];
140 #define MESH_RT_LOCK(ms) mtx_lock(&(ms)->ms_rt_lock)
141 #define MESH_RT_UNLOCK(ms) mtx_unlock(&(ms)->ms_rt_lock)
143 MALLOC_DEFINE(M_80211_MESH_RT, "80211mesh", "802.11s routing table");
146 * Helper functions to manipulate the Mesh routing table.
148 struct ieee80211_mesh_route *
149 ieee80211_mesh_rt_find(struct ieee80211vap *vap,
150 const uint8_t dest[IEEE80211_ADDR_LEN])
152 struct ieee80211_mesh_state *ms = vap->iv_mesh;
153 struct ieee80211_mesh_route *rt;
156 TAILQ_FOREACH(rt, &ms->ms_routes, rt_next) {
157 if (IEEE80211_ADDR_EQ(dest, rt->rt_dest)) {
166 struct ieee80211_mesh_route *
167 ieee80211_mesh_rt_add(struct ieee80211vap *vap,
168 const uint8_t dest[IEEE80211_ADDR_LEN])
170 struct ieee80211_mesh_state *ms = vap->iv_mesh;
171 struct ieee80211_mesh_route *rt;
173 KASSERT(ieee80211_mesh_rt_find(vap, dest) == NULL,
174 ("%s: duplicate entry in the routing table", __func__));
175 KASSERT(!IEEE80211_ADDR_EQ(vap->iv_myaddr, dest),
176 ("%s: adding self to the routing table", __func__));
177 KASSERT(!IEEE80211_ADDR_EQ(broadcastaddr, dest),
178 ("%s: adding broadcast to the routing table", __func__));
180 rt = malloc(sizeof(struct ieee80211_mesh_route), M_80211_MESH_RT,
182 IEEE80211_ADDR_COPY(rt->rt_dest, dest);
183 rt->rt_priv = malloc(ms->ms_ppath->mpp_privlen, M_80211_MESH_RT,
186 TAILQ_INSERT_TAIL(&ms->ms_routes, rt, rt_next);
192 ieee80211_mesh_rt_del(struct ieee80211vap *vap,
193 const uint8_t dest[IEEE80211_ADDR_LEN])
195 struct ieee80211_mesh_state *ms = vap->iv_mesh;
196 struct ieee80211_mesh_route *rt, *next;
199 TAILQ_FOREACH_SAFE(rt, &ms->ms_routes, rt_next, next) {
200 if (IEEE80211_ADDR_EQ(rt->rt_dest, dest)) {
201 TAILQ_REMOVE(&ms->ms_routes, rt, rt_next);
202 free(rt->rt_priv, M_80211_MESH_RT);
203 free(rt, M_80211_MESH_RT);
212 ieee80211_mesh_rt_flush(struct ieee80211vap *vap)
214 struct ieee80211_mesh_state *ms = vap->iv_mesh;
215 struct ieee80211_mesh_route *rt, *next;
220 TAILQ_FOREACH_SAFE(rt, &ms->ms_routes, rt_next, next) {
221 TAILQ_REMOVE(&ms->ms_routes, rt, rt_next);
222 free(rt->rt_priv, M_80211_MESH_RT);
223 free(rt, M_80211_MESH_RT);
228 #define N(a) (sizeof(a) / sizeof(a[0]))
230 ieee80211_mesh_register_proto_path(const struct ieee80211_mesh_proto_path *mpp)
232 int i, firstempty = -1;
233 static const uint8_t emptyie[4] = { 0, 0, 0, 0 };
235 for (i = 0; i < N(mesh_proto_paths); i++) {
236 if (memcmp(mpp->mpp_ie, mesh_proto_paths[i].mpp_ie, 4) == 0)
238 if (memcmp(mesh_proto_paths[i].mpp_ie, emptyie, 4) == 0 &&
244 memcpy(&mesh_proto_paths[firstempty], mpp, sizeof(*mpp));
249 ieee80211_mesh_register_proto_metric(const struct
250 ieee80211_mesh_proto_metric *mpm)
252 int i, firstempty = -1;
253 static const uint8_t emptyie[4] = { 0, 0, 0, 0 };
255 for (i = 0; i < N(mesh_proto_metrics); i++) {
256 if (memcmp(mpm->mpm_ie, mesh_proto_metrics[i].mpm_ie, 4) == 0)
258 if (memcmp(mesh_proto_metrics[i].mpm_ie, emptyie, 4) == 0 &&
264 memcpy(&mesh_proto_metrics[firstempty], mpm, sizeof(*mpm));
269 mesh_select_proto_path(struct ieee80211vap *vap, const char *name)
271 struct ieee80211_mesh_state *ms = vap->iv_mesh;
274 for (i = 0; i < N(mesh_proto_paths); i++) {
275 if (strcasecmp(mesh_proto_paths[i].mpp_descr, name) == 0) {
276 ms->ms_ppath = &mesh_proto_paths[i];
277 if (vap->iv_state == IEEE80211_S_RUN)
278 vap->iv_newstate(vap, IEEE80211_S_INIT, 0);
286 mesh_select_proto_metric(struct ieee80211vap *vap, const char *name)
288 struct ieee80211_mesh_state *ms = vap->iv_mesh;
291 for (i = 0; i < N(mesh_proto_metrics); i++) {
292 if (strcasecmp(mesh_proto_metrics[i].mpm_descr, name) == 0) {
293 ms->ms_pmetric = &mesh_proto_metrics[i];
294 if (vap->iv_state == IEEE80211_S_RUN)
295 vap->iv_newstate(vap, IEEE80211_S_INIT, 0);
304 ieee80211_mesh_init(void)
307 memset(mesh_proto_paths, 0, sizeof(mesh_proto_paths));
308 memset(mesh_proto_metrics, 0, sizeof(mesh_proto_metrics));
311 * Setup mesh parameters that depends on the clock frequency.
313 ieee80211_mesh_retrytimeout = msecs_to_ticks(40);
314 ieee80211_mesh_holdingtimeout = msecs_to_ticks(40);
315 ieee80211_mesh_confirmtimeout = msecs_to_ticks(40);
318 * Register action frame handlers.
320 ieee80211_recv_action_register(IEEE80211_ACTION_CAT_MESHPEERING,
321 IEEE80211_ACTION_MESHPEERING_OPEN,
322 mesh_recv_action_meshpeering_open);
323 ieee80211_recv_action_register(IEEE80211_ACTION_CAT_MESHPEERING,
324 IEEE80211_ACTION_MESHPEERING_CONFIRM,
325 mesh_recv_action_meshpeering_confirm);
326 ieee80211_recv_action_register(IEEE80211_ACTION_CAT_MESHPEERING,
327 IEEE80211_ACTION_MESHPEERING_CLOSE,
328 mesh_recv_action_meshpeering_close);
329 ieee80211_recv_action_register(IEEE80211_ACTION_CAT_MESHLMETRIC,
330 IEEE80211_ACTION_MESHLMETRIC_REQ, mesh_recv_action_meshlmetric_req);
331 ieee80211_recv_action_register(IEEE80211_ACTION_CAT_MESHLMETRIC,
332 IEEE80211_ACTION_MESHLMETRIC_REP, mesh_recv_action_meshlmetric_rep);
334 ieee80211_send_action_register(IEEE80211_ACTION_CAT_MESHPEERING,
335 IEEE80211_ACTION_MESHPEERING_OPEN,
336 mesh_send_action_meshpeering_open);
337 ieee80211_send_action_register(IEEE80211_ACTION_CAT_MESHPEERING,
338 IEEE80211_ACTION_MESHPEERING_CONFIRM,
339 mesh_send_action_meshpeering_confirm);
340 ieee80211_send_action_register(IEEE80211_ACTION_CAT_MESHPEERING,
341 IEEE80211_ACTION_MESHPEERING_CLOSE,
342 mesh_send_action_meshpeering_close);
343 ieee80211_send_action_register(IEEE80211_ACTION_CAT_MESHLMETRIC,
344 IEEE80211_ACTION_MESHLMETRIC_REQ,
345 mesh_send_action_meshlink_request);
346 ieee80211_send_action_register(IEEE80211_ACTION_CAT_MESHLMETRIC,
347 IEEE80211_ACTION_MESHLMETRIC_REP,
348 mesh_send_action_meshlink_reply);
351 * Register Airtime Link Metric.
353 ieee80211_mesh_register_proto_metric(&mesh_metric_airtime);
356 SYSINIT(wlan_mesh, SI_SUB_DRIVERS, SI_ORDER_FIRST, ieee80211_mesh_init, NULL);
359 ieee80211_mesh_attach(struct ieee80211com *ic)
361 ic->ic_vattach[IEEE80211_M_MBSS] = mesh_vattach;
365 ieee80211_mesh_detach(struct ieee80211com *ic)
370 mesh_vdetach_peers(void *arg, struct ieee80211_node *ni)
372 struct ieee80211com *ic = ni->ni_ic;
375 if (ni->ni_mlstate == IEEE80211_NODE_MESH_ESTABLISHED) {
376 args[0] = ni->ni_mlpid;
377 args[1] = ni->ni_mllid;
378 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
379 ieee80211_send_action(ni,
380 IEEE80211_ACTION_CAT_MESHPEERING,
381 IEEE80211_ACTION_MESHPEERING_CLOSE,
384 callout_stop(&ni->ni_mltimer);
385 /* XXX belongs in hwmp */
386 ieee80211_ageq_drain_node(&ic->ic_stageq,
387 (void *)(uintptr_t) ieee80211_mac_hash(ic, ni->ni_macaddr));
391 mesh_vdetach(struct ieee80211vap *vap)
393 struct ieee80211_mesh_state *ms = vap->iv_mesh;
395 ieee80211_iterate_nodes(&vap->iv_ic->ic_sta, mesh_vdetach_peers,
397 ieee80211_mesh_rt_flush(vap);
398 mtx_destroy(&ms->ms_rt_lock);
399 ms->ms_ppath->mpp_vdetach(vap);
400 free(vap->iv_mesh, M_80211_VAP);
405 mesh_vattach(struct ieee80211vap *vap)
407 struct ieee80211_mesh_state *ms;
408 vap->iv_newstate = mesh_newstate;
409 vap->iv_input = mesh_input;
410 vap->iv_opdetach = mesh_vdetach;
411 vap->iv_recv_mgmt = mesh_recv_mgmt;
412 ms = malloc(sizeof(struct ieee80211_mesh_state), M_80211_VAP,
415 printf("%s: couldn't alloc MBSS state\n", __func__);
420 ms->ms_flags = (IEEE80211_MESHFLAGS_AP | IEEE80211_MESHFLAGS_FWD);
421 ms->ms_ttl = IEEE80211_MESH_DEFAULT_TTL;
422 TAILQ_INIT(&ms->ms_routes);
423 mtx_init(&ms->ms_rt_lock, "MBSS", "802.11s routing table", MTX_DEF);
424 mesh_select_proto_metric(vap, "AIRTIME");
425 KASSERT(ms->ms_pmetric, ("ms_pmetric == NULL"));
426 mesh_select_proto_path(vap, "HWMP");
427 KASSERT(ms->ms_ppath, ("ms_ppath == NULL"));
428 ms->ms_ppath->mpp_vattach(vap);
432 * IEEE80211_M_MBSS vap state machine handler.
435 mesh_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
437 struct ieee80211_mesh_state *ms = vap->iv_mesh;
438 struct ieee80211com *ic = vap->iv_ic;
439 struct ieee80211_node *ni;
440 enum ieee80211_state ostate;
442 IEEE80211_LOCK_ASSERT(ic);
444 ostate = vap->iv_state;
445 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, "%s: %s -> %s (%d)\n",
446 __func__, ieee80211_state_name[ostate],
447 ieee80211_state_name[nstate], arg);
448 vap->iv_state = nstate; /* state transition */
449 if (ostate != IEEE80211_S_SCAN)
450 ieee80211_cancel_scan(vap); /* background scan */
451 ni = vap->iv_bss; /* NB: no reference held */
452 /* Flush the routing table */
453 if (nstate != IEEE80211_S_INIT && ostate == IEEE80211_S_INIT)
454 ieee80211_mesh_rt_flush(vap);
456 case IEEE80211_S_INIT:
458 case IEEE80211_S_SCAN:
459 ieee80211_cancel_scan(vap);
461 case IEEE80211_S_CAC:
462 ieee80211_dfs_cac_stop(vap);
464 case IEEE80211_S_RUN:
465 ieee80211_iterate_nodes(&ic->ic_sta,
466 mesh_vdetach_peers, NULL);
471 if (ostate != IEEE80211_S_INIT) {
472 /* NB: optimize INIT -> INIT case */
473 ieee80211_reset_bss(vap);
476 case IEEE80211_S_SCAN:
478 case IEEE80211_S_INIT:
479 if (vap->iv_des_chan != IEEE80211_CHAN_ANYC &&
480 !IEEE80211_IS_CHAN_RADAR(vap->iv_des_chan) &&
483 * Already have a channel and a mesh ID; bypass
484 * the scan and startup immediately.
486 ieee80211_create_ibss(vap, vap->iv_des_chan);
490 * Initiate a scan. We can come here as a result
491 * of an IEEE80211_IOC_SCAN_REQ too in which case
492 * the vap will be marked with IEEE80211_FEXT_SCANREQ
493 * and the scan request parameters will be present
494 * in iv_scanreq. Otherwise we do the default.
496 if (vap->iv_flags_ext & IEEE80211_FEXT_SCANREQ) {
497 ieee80211_check_scan(vap,
498 vap->iv_scanreq_flags,
499 vap->iv_scanreq_duration,
500 vap->iv_scanreq_mindwell,
501 vap->iv_scanreq_maxdwell,
502 vap->iv_scanreq_nssid, vap->iv_scanreq_ssid);
503 vap->iv_flags_ext &= ~IEEE80211_FEXT_SCANREQ;
505 ieee80211_check_scan_current(vap);
511 case IEEE80211_S_CAC:
513 * Start CAC on a DFS channel. We come here when starting
514 * a bss on a DFS channel (see ieee80211_create_ibss).
516 ieee80211_dfs_cac_start(vap);
518 case IEEE80211_S_RUN:
520 case IEEE80211_S_INIT:
522 * Already have a channel; bypass the
523 * scan and startup immediately.
524 * Note that ieee80211_create_ibss will call
525 * back to do a RUN->RUN state change.
527 ieee80211_create_ibss(vap,
528 ieee80211_ht_adjust_channel(ic,
529 ic->ic_curchan, vap->iv_flags_ht));
530 /* NB: iv_bss is changed on return */
532 case IEEE80211_S_CAC:
534 * NB: This is the normal state change when CAC
535 * expires and no radar was detected; no need to
536 * clear the CAC timer as it's already expired.
539 case IEEE80211_S_CSA:
542 * Shorten inactivity timer of associated stations
543 * to weed out sta's that don't follow a CSA.
545 ieee80211_iterate_nodes(&ic->ic_sta, sta_csa, vap);
548 * Update bss node channel to reflect where
549 * we landed after CSA.
551 ieee80211_node_set_chan(vap->iv_bss,
552 ieee80211_ht_adjust_channel(ic, ic->ic_curchan,
553 ieee80211_htchanflags(vap->iv_bss->ni_chan)));
554 /* XXX bypass debug msgs */
556 case IEEE80211_S_SCAN:
557 case IEEE80211_S_RUN:
558 #ifdef IEEE80211_DEBUG
559 if (ieee80211_msg_debug(vap)) {
560 struct ieee80211_node *ni = vap->iv_bss;
562 "synchronized with %s meshid ",
563 ether_sprintf(ni->ni_meshid));
564 ieee80211_print_essid(ni->ni_meshid,
567 printf(" channel %d\n",
568 ieee80211_chan2ieee(ic, ic->ic_curchan));
575 ieee80211_node_authorize(vap->iv_bss);
581 /* NB: ostate not nstate */
582 ms->ms_ppath->mpp_newstate(vap, ostate, arg);
588 * Helper function to note the Mesh Peer Link FSM change.
591 mesh_linkchange(struct ieee80211_node *ni, enum ieee80211_mesh_mlstate state)
593 struct ieee80211vap *vap = ni->ni_vap;
594 struct ieee80211_mesh_state *ms = vap->iv_mesh;
595 #ifdef IEEE80211_DEBUG
596 static const char *meshlinkstates[] = {
597 [IEEE80211_NODE_MESH_IDLE] = "IDLE",
598 [IEEE80211_NODE_MESH_OPENSNT] = "OPEN SENT",
599 [IEEE80211_NODE_MESH_OPENRCV] = "OPEN RECEIVED",
600 [IEEE80211_NODE_MESH_CONFIRMRCV] = "CONFIRM RECEIVED",
601 [IEEE80211_NODE_MESH_ESTABLISHED] = "ESTABLISHED",
602 [IEEE80211_NODE_MESH_HOLDING] = "HOLDING"
605 IEEE80211_NOTE(vap, IEEE80211_MSG_MESH,
606 ni, "peer link: %s -> %s",
607 meshlinkstates[ni->ni_mlstate], meshlinkstates[state]);
609 /* track neighbor count */
610 if (state == IEEE80211_NODE_MESH_ESTABLISHED &&
611 ni->ni_mlstate != IEEE80211_NODE_MESH_ESTABLISHED) {
612 KASSERT(ms->ms_neighbors < 65535, ("neighbor count overflow"));
614 } else if (ni->ni_mlstate == IEEE80211_NODE_MESH_ESTABLISHED &&
615 state != IEEE80211_NODE_MESH_ESTABLISHED) {
616 KASSERT(ms->ms_neighbors > 0, ("neighbor count 0"));
619 ni->ni_mlstate = state;
620 if (state == IEEE80211_NODE_MESH_HOLDING)
621 ms->ms_ppath->mpp_peerdown(ni);
625 * Helper function to generate a unique local ID required for mesh
626 * peer establishment.
629 mesh_checkid(void *arg, struct ieee80211_node *ni)
633 if (*r == ni->ni_mllid)
634 *(uint16_t *)arg = 0;
638 mesh_generateid(struct ieee80211vap *vap)
644 get_random_bytes(&r, 2);
645 ieee80211_iterate_nodes(&vap->iv_ic->ic_sta, mesh_checkid, &r);
647 } while (r == 0 && maxiter > 0);
652 * Verifies if we already received this packet by checking its
656 mesh_checkpseq(struct ieee80211vap *vap,
657 const uint8_t source[IEEE80211_ADDR_LEN], uint32_t seq)
659 struct ieee80211_mesh_route *rt;
661 rt = ieee80211_mesh_rt_find(vap, source);
663 rt = ieee80211_mesh_rt_add(vap, source);
664 rt->rt_lastmseq = seq;
667 if (IEEE80211_MESH_SEQ_GEQ(rt->rt_lastmseq, seq)) {
670 rt->rt_lastmseq = seq;
676 * Iterate the routing table and locate the next hop.
678 static struct ieee80211_node *
679 mesh_find_txnode(struct ieee80211vap *vap,
680 const uint8_t dest[IEEE80211_ADDR_LEN])
682 struct ieee80211_mesh_route *rt;
684 rt = ieee80211_mesh_rt_find(vap, dest);
687 return ieee80211_find_txnode(vap, rt->rt_nexthop);
691 * Forward the specified frame.
692 * Decrement the TTL and set TA to our MAC address.
695 mesh_forward(struct ieee80211vap *vap, struct mbuf *m,
696 const struct ieee80211_meshcntl *mc)
698 struct ieee80211com *ic = vap->iv_ic;
699 struct ieee80211_mesh_state *ms = vap->iv_mesh;
700 struct ifnet *ifp = vap->iv_ifp;
701 struct ifnet *parent = ic->ic_ifp;
702 const struct ieee80211_frame *wh =
703 mtod(m, const struct ieee80211_frame *);
705 struct ieee80211_meshcntl *mccopy;
706 struct ieee80211_frame *whcopy;
707 struct ieee80211_node *ni;
710 if (mc->mc_ttl == 0) {
711 IEEE80211_NOTE_FRAME(vap, IEEE80211_MSG_MESH, wh,
712 "%s", "frame not fwd'd, ttl 0");
713 vap->iv_stats.is_mesh_fwd_ttl++;
716 if (!(ms->ms_flags & IEEE80211_MESHFLAGS_FWD)) {
717 IEEE80211_NOTE_FRAME(vap, IEEE80211_MSG_MESH, wh,
718 "%s", "frame not fwd'd, fwding disabled");
719 vap->iv_stats.is_mesh_fwd_disabled++;
722 mcopy = m_dup(m, M_DONTWAIT);
724 IEEE80211_NOTE_FRAME(vap, IEEE80211_MSG_MESH, wh,
725 "%s", "frame not fwd'd, cannot dup");
726 vap->iv_stats.is_mesh_fwd_nobuf++;
730 mcopy = m_pullup(mcopy, ieee80211_hdrspace(ic, wh) +
731 sizeof(struct ieee80211_meshcntl));
733 IEEE80211_NOTE_FRAME(vap, IEEE80211_MSG_MESH, wh,
734 "%s", "frame not fwd'd, too short");
735 vap->iv_stats.is_mesh_fwd_tooshort++;
740 whcopy = mtod(mcopy, struct ieee80211_frame *);
741 mccopy = (struct ieee80211_meshcntl *)
742 (mtod(mcopy, uint8_t *) + ieee80211_hdrspace(ic, wh));
743 /* XXX clear other bits? */
744 whcopy->i_fc[1] &= ~IEEE80211_FC1_RETRY;
745 IEEE80211_ADDR_COPY(whcopy->i_addr2, vap->iv_myaddr);
746 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) {
747 ni = ieee80211_ref_node(vap->iv_bss);
748 mcopy->m_flags |= M_MCAST;
750 ni = mesh_find_txnode(vap, whcopy->i_addr3);
752 IEEE80211_NOTE_FRAME(vap, IEEE80211_MSG_MESH, wh,
753 "%s", "frame not fwd'd, no path");
754 vap->iv_stats.is_mesh_fwd_nopath++;
758 IEEE80211_ADDR_COPY(whcopy->i_addr1, ni->ni_macaddr);
760 IEEE80211_NOTE(vap, IEEE80211_MSG_MESH, ni,
761 "fwd %s frame from %s ttl %d",
762 IEEE80211_IS_MULTICAST(wh->i_addr1) ? "mcast" : "ucast",
763 ether_sprintf(wh->i_addr3), mccopy->mc_ttl);
765 KASSERT(mccopy->mc_ttl > 0, ("%s called with wrong ttl", __func__));
768 /* XXX calculate priority so drivers can find the tx queue */
769 M_WME_SETAC(mcopy, WME_AC_BE);
771 /* XXX do we know m_nextpkt is NULL? */
772 mcopy->m_pkthdr.rcvif = (void *) ni;
773 err = parent->if_transmit(parent, mcopy);
775 /* NB: IFQ_HANDOFF reclaims mbuf */
776 ieee80211_free_node(ni);
783 mesh_input(struct ieee80211_node *ni, struct mbuf *m, int rssi, int nf)
785 #define SEQ_LEQ(a,b) ((int)((a)-(b)) <= 0)
786 #define HAS_SEQ(type) ((type & 0x4) == 0)
787 struct ieee80211vap *vap = ni->ni_vap;
788 struct ieee80211com *ic = ni->ni_ic;
789 struct ifnet *ifp = vap->iv_ifp;
790 struct ieee80211_frame *wh;
791 const struct ieee80211_meshcntl *mc;
792 int hdrspace, need_tap;
793 uint8_t dir, type, subtype, qos;
798 KASSERT(ni != NULL, ("null node"));
799 ni->ni_inact = ni->ni_inact_reload;
801 need_tap = 1; /* mbuf need to be tapped. */
802 type = -1; /* undefined */
804 if (m->m_pkthdr.len < sizeof(struct ieee80211_frame_min)) {
805 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
806 ni->ni_macaddr, NULL,
807 "too short (1): len %u", m->m_pkthdr.len);
808 vap->iv_stats.is_rx_tooshort++;
812 * Bit of a cheat here, we use a pointer for a 3-address
813 * frame format but don't reference fields past outside
814 * ieee80211_frame_min w/o first validating the data is
817 wh = mtod(m, struct ieee80211_frame *);
819 if ((wh->i_fc[0] & IEEE80211_FC0_VERSION_MASK) !=
820 IEEE80211_FC0_VERSION_0) {
821 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
822 ni->ni_macaddr, NULL, "wrong version %x", wh->i_fc[0]);
823 vap->iv_stats.is_rx_badversion++;
826 dir = wh->i_fc[1] & IEEE80211_FC1_DIR_MASK;
827 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
828 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
829 if ((ic->ic_flags & IEEE80211_F_SCAN) == 0) {
830 IEEE80211_RSSI_LPF(ni->ni_avgrssi, rssi);
833 uint8_t tid = ieee80211_gettid(wh);
835 if (IEEE80211_QOS_HAS_SEQ(wh) &&
836 TID_TO_WME_AC(tid) >= WME_AC_VI)
837 ic->ic_wme.wme_hipri_traffic++;
838 rxseq = le16toh(*(uint16_t *)wh->i_seq);
839 if ((ni->ni_flags & IEEE80211_NODE_HT) == 0 &&
840 (wh->i_fc[1] & IEEE80211_FC1_RETRY) &&
841 SEQ_LEQ(rxseq, ni->ni_rxseqs[tid])) {
842 /* duplicate, discard */
843 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
844 wh->i_addr1, "duplicate",
845 "seqno <%u,%u> fragno <%u,%u> tid %u",
846 rxseq >> IEEE80211_SEQ_SEQ_SHIFT,
847 ni->ni_rxseqs[tid] >>
848 IEEE80211_SEQ_SEQ_SHIFT,
849 rxseq & IEEE80211_SEQ_FRAG_MASK,
851 IEEE80211_SEQ_FRAG_MASK,
853 vap->iv_stats.is_rx_dup++;
854 IEEE80211_NODE_STAT(ni, rx_dup);
857 ni->ni_rxseqs[tid] = rxseq;
860 #ifdef IEEE80211_DEBUG
862 * It's easier, but too expensive, to simulate different mesh
863 * topologies by consulting the ACL policy very early, so do this
866 * NB: this check is also done upon peering link initiation.
868 if (vap->iv_acl != NULL && !vap->iv_acl->iac_check(vap, wh->i_addr2)) {
869 IEEE80211_DISCARD(vap, IEEE80211_MSG_ACL,
870 wh, NULL, "%s", "disallowed by ACL");
871 vap->iv_stats.is_rx_acl++;
876 case IEEE80211_FC0_TYPE_DATA:
877 if (ni == vap->iv_bss)
879 if (ni->ni_mlstate != IEEE80211_NODE_MESH_ESTABLISHED) {
880 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_MESH,
881 ni->ni_macaddr, NULL,
882 "peer link not yet established (%d)",
884 vap->iv_stats.is_mesh_nolink++;
887 if (dir != IEEE80211_FC1_DIR_FROMDS &&
888 dir != IEEE80211_FC1_DIR_DSTODS) {
889 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
890 wh, "data", "incorrect dir 0x%x", dir);
891 vap->iv_stats.is_rx_wrongdir++;
894 /* pull up enough to get to the mesh control */
895 hdrspace = ieee80211_hdrspace(ic, wh);
896 if (m->m_len < hdrspace + sizeof(struct ieee80211_meshcntl) &&
897 (m = m_pullup(m, hdrspace +
898 sizeof(struct ieee80211_meshcntl))) == NULL) {
899 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
900 ni->ni_macaddr, NULL,
901 "data too short: expecting %u", hdrspace);
902 vap->iv_stats.is_rx_tooshort++;
906 * Now calculate the full extent of the headers. Note
907 * ieee80211_decap will pull up anything we didn't get
908 * above when it strips the 802.11 headers.
910 mc = (const struct ieee80211_meshcntl *)
911 (mtod(m, const uint8_t *) + hdrspace);
912 hdrspace += sizeof(struct ieee80211_meshcntl) +
913 (mc->mc_flags & 3) * IEEE80211_ADDR_LEN;
914 seq = LE_READ_4(mc->mc_seq);
915 if (IEEE80211_IS_MULTICAST(wh->i_addr1))
918 addr = ((struct ieee80211_qosframe_addr4 *)wh)->i_addr4;
919 if (IEEE80211_ADDR_EQ(vap->iv_myaddr, addr)) {
920 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
921 addr, "data", "%s", "not to me");
922 vap->iv_stats.is_rx_wrongbss++; /* XXX kinda */
925 if (mesh_checkpseq(vap, addr, seq) != 0) {
926 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_MESH,
927 addr, "data", "duplicate mesh seqno %u ttl %u",
929 vap->iv_stats.is_rx_dup++;
934 * Potentially forward packet. See table s36 (p140)
935 * for the rules. XXX tap fwd'd packets not for us?
937 if (dir == IEEE80211_FC1_DIR_FROMDS ||
938 !IEEE80211_ADDR_EQ(wh->i_addr3, vap->iv_myaddr)) {
939 mesh_forward(vap, m, mc);
940 if (dir == IEEE80211_FC1_DIR_DSTODS)
942 /* NB: fall thru to deliver mcast frames locally */
946 * Save QoS bits for use below--before we strip the header.
948 if (subtype == IEEE80211_FC0_SUBTYPE_QOS) {
949 qos = (dir == IEEE80211_FC1_DIR_DSTODS) ?
950 ((struct ieee80211_qosframe_addr4 *)wh)->i_qos[0] :
951 ((struct ieee80211_qosframe *)wh)->i_qos[0];
955 * Next up, any fragmentation.
957 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
958 m = ieee80211_defrag(ni, m, hdrspace);
960 /* Fragment dropped or frame not complete yet */
964 wh = NULL; /* no longer valid, catch any uses */
966 if (ieee80211_radiotap_active_vap(vap))
967 ieee80211_radiotap_rx(vap, m);
971 * Finally, strip the 802.11 header.
973 m = ieee80211_decap(vap, m, hdrspace);
975 /* XXX mask bit to check for both */
976 /* don't count Null data frames as errors */
977 if (subtype == IEEE80211_FC0_SUBTYPE_NODATA ||
978 subtype == IEEE80211_FC0_SUBTYPE_QOS_NULL)
980 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
981 ni->ni_macaddr, "data", "%s", "decap error");
982 vap->iv_stats.is_rx_decap++;
983 IEEE80211_NODE_STAT(ni, rx_decap);
986 if (qos & IEEE80211_QOS_AMSDU) {
987 m = ieee80211_decap_amsdu(ni, m);
989 return IEEE80211_FC0_TYPE_DATA;
991 #ifdef IEEE80211_SUPPORT_SUPERG
992 m = ieee80211_decap_fastframe(vap, ni, m);
994 return IEEE80211_FC0_TYPE_DATA;
997 ieee80211_deliver_data(vap, ni, m);
999 case IEEE80211_FC0_TYPE_MGT:
1000 vap->iv_stats.is_rx_mgmt++;
1001 IEEE80211_NODE_STAT(ni, rx_mgmt);
1002 if (dir != IEEE80211_FC1_DIR_NODS) {
1003 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1004 wh, "mgt", "incorrect dir 0x%x", dir);
1005 vap->iv_stats.is_rx_wrongdir++;
1008 if (m->m_pkthdr.len < sizeof(struct ieee80211_frame)) {
1009 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
1010 ni->ni_macaddr, "mgt", "too short: len %u",
1012 vap->iv_stats.is_rx_tooshort++;
1015 #ifdef IEEE80211_DEBUG
1016 if ((ieee80211_msg_debug(vap) &&
1017 (vap->iv_ic->ic_flags & IEEE80211_F_SCAN)) ||
1018 ieee80211_msg_dumppkts(vap)) {
1019 if_printf(ifp, "received %s from %s rssi %d\n",
1020 ieee80211_mgt_subtype_name[subtype >>
1021 IEEE80211_FC0_SUBTYPE_SHIFT],
1022 ether_sprintf(wh->i_addr2), rssi);
1025 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1026 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1027 wh, NULL, "%s", "WEP set but not permitted");
1028 vap->iv_stats.is_rx_mgtdiscard++; /* XXX */
1031 vap->iv_recv_mgmt(ni, m, subtype, rssi, nf);
1033 case IEEE80211_FC0_TYPE_CTL:
1034 vap->iv_stats.is_rx_ctl++;
1035 IEEE80211_NODE_STAT(ni, rx_ctrl);
1038 IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
1039 wh, "bad", "frame type 0x%x", type);
1040 /* should not come here */
1047 if (need_tap && ieee80211_radiotap_active_vap(vap))
1048 ieee80211_radiotap_rx(vap, m);
1055 mesh_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m0, int subtype,
1058 struct ieee80211vap *vap = ni->ni_vap;
1059 struct ieee80211_mesh_state *ms = vap->iv_mesh;
1060 struct ieee80211com *ic = ni->ni_ic;
1061 struct ieee80211_frame *wh;
1062 uint8_t *frm, *efrm;
1064 wh = mtod(m0, struct ieee80211_frame *);
1065 frm = (uint8_t *)&wh[1];
1066 efrm = mtod(m0, uint8_t *) + m0->m_len;
1068 case IEEE80211_FC0_SUBTYPE_PROBE_RESP:
1069 case IEEE80211_FC0_SUBTYPE_BEACON:
1071 struct ieee80211_scanparams scan;
1073 * We process beacon/probe response
1074 * frames to discover neighbors.
1076 if (ieee80211_parse_beacon(ni, m0, &scan) != 0)
1079 * Count frame now that we know it's to be processed.
1081 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON) {
1082 vap->iv_stats.is_rx_beacon++; /* XXX remove */
1083 IEEE80211_NODE_STAT(ni, rx_beacons);
1085 IEEE80211_NODE_STAT(ni, rx_proberesp);
1087 * If scanning, just pass information to the scan module.
1089 if (ic->ic_flags & IEEE80211_F_SCAN) {
1090 if (ic->ic_flags_ext & IEEE80211_FEXT_PROBECHAN) {
1092 * Actively scanning a channel marked passive;
1093 * send a probe request now that we know there
1094 * is 802.11 traffic present.
1096 * XXX check if the beacon we recv'd gives
1097 * us what we need and suppress the probe req
1099 ieee80211_probe_curchan(vap, 1);
1100 ic->ic_flags_ext &= ~IEEE80211_FEXT_PROBECHAN;
1102 ieee80211_add_scan(vap, &scan, wh,
1107 /* The rest of this code assumes we are running */
1108 if (vap->iv_state != IEEE80211_S_RUN)
1111 * Ignore non-mesh STAs.
1114 (IEEE80211_CAPINFO_ESS|IEEE80211_CAPINFO_IBSS)) ||
1115 scan.meshid == NULL || scan.meshconf == NULL) {
1116 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1117 wh, "beacon", "%s", "not a mesh sta");
1118 vap->iv_stats.is_mesh_wrongmesh++;
1122 * Ignore STAs for other mesh networks.
1124 if (memcmp(scan.meshid+2, ms->ms_id, ms->ms_idlen) != 0 ||
1125 mesh_verify_meshconf(vap, scan.meshconf)) {
1126 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1127 wh, "beacon", "%s", "not for our mesh");
1128 vap->iv_stats.is_mesh_wrongmesh++;
1132 * Peer only based on the current ACL policy.
1134 if (vap->iv_acl != NULL &&
1135 !vap->iv_acl->iac_check(vap, wh->i_addr2)) {
1136 IEEE80211_DISCARD(vap, IEEE80211_MSG_ACL,
1137 wh, NULL, "%s", "disallowed by ACL");
1138 vap->iv_stats.is_rx_acl++;
1142 * Do neighbor discovery.
1144 if (!IEEE80211_ADDR_EQ(wh->i_addr2, ni->ni_macaddr)) {
1146 * Create a new entry in the neighbor table.
1148 ni = ieee80211_add_neighbor(vap, wh, &scan);
1151 * Automatically peer with discovered nodes if possible.
1152 * XXX backoff on repeated failure
1154 if (ni != vap->iv_bss &&
1155 (ms->ms_flags & IEEE80211_MESHFLAGS_AP) &&
1156 ni->ni_mlstate == IEEE80211_NODE_MESH_IDLE) {
1159 ni->ni_mlpid = mesh_generateid(vap);
1160 if (ni->ni_mlpid == 0)
1162 mesh_linkchange(ni, IEEE80211_NODE_MESH_OPENSNT);
1163 args[0] = ni->ni_mlpid;
1164 ieee80211_send_action(ni,
1165 IEEE80211_ACTION_CAT_MESHPEERING,
1166 IEEE80211_ACTION_MESHPEERING_OPEN, args);
1168 mesh_peer_timeout_setup(ni);
1172 case IEEE80211_FC0_SUBTYPE_PROBE_REQ:
1174 uint8_t *ssid, *meshid, *rates, *xrates;
1177 if (vap->iv_state != IEEE80211_S_RUN) {
1178 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1179 wh, NULL, "wrong state %s",
1180 ieee80211_state_name[vap->iv_state]);
1181 vap->iv_stats.is_rx_mgtdiscard++;
1184 if (IEEE80211_IS_MULTICAST(wh->i_addr2)) {
1185 /* frame must be directed */
1186 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1187 wh, NULL, "%s", "not unicast");
1188 vap->iv_stats.is_rx_mgtdiscard++; /* XXX stat */
1192 * prreq frame format
1194 * [tlv] supported rates
1195 * [tlv] extended supported rates
1198 ssid = meshid = rates = xrates = NULL;
1200 while (efrm - frm > 1) {
1201 IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1] + 2, return);
1203 case IEEE80211_ELEMID_SSID:
1206 case IEEE80211_ELEMID_RATES:
1209 case IEEE80211_ELEMID_XRATES:
1212 case IEEE80211_ELEMID_MESHID:
1218 IEEE80211_VERIFY_ELEMENT(ssid, IEEE80211_NWID_LEN, return);
1219 IEEE80211_VERIFY_ELEMENT(rates, IEEE80211_RATE_MAXSIZE, return);
1221 IEEE80211_VERIFY_ELEMENT(xrates,
1222 IEEE80211_RATE_MAXSIZE - rates[1], return);
1224 IEEE80211_VERIFY_ELEMENT(meshid,
1225 IEEE80211_MESHID_LEN, return);
1226 /* NB: meshid, not ssid */
1227 IEEE80211_VERIFY_SSID(vap->iv_bss, meshid, return);
1229 /* XXX find a better class or define it's own */
1230 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_INPUT, wh->i_addr2,
1231 "%s", "recv probe req");
1233 * Some legacy 11b clients cannot hack a complete
1234 * probe response frame. When the request includes
1235 * only a bare-bones rate set, communicate this to
1236 * the transmit side.
1238 ieee80211_send_proberesp(vap, wh->i_addr2, 0);
1241 case IEEE80211_FC0_SUBTYPE_ACTION:
1242 if (vap->iv_state != IEEE80211_S_RUN) {
1243 vap->iv_stats.is_rx_mgtdiscard++;
1247 * We received an action for an unknown neighbor.
1248 * XXX: wait for it to beacon or create ieee80211_node?
1250 if (ni == vap->iv_bss) {
1251 IEEE80211_DISCARD(vap, IEEE80211_MSG_MESH,
1252 wh, NULL, "%s", "unknown node");
1253 vap->iv_stats.is_rx_mgtdiscard++;
1257 * Discard if not for us.
1259 if (!IEEE80211_ADDR_EQ(vap->iv_myaddr, wh->i_addr1) &&
1260 !IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1261 IEEE80211_DISCARD(vap, IEEE80211_MSG_MESH,
1262 wh, NULL, "%s", "not for me");
1263 vap->iv_stats.is_rx_mgtdiscard++;
1266 /* XXX parse_action is a bit useless now */
1267 if (ieee80211_parse_action(ni, m0) == 0)
1268 ic->ic_recv_action(ni, wh, frm, efrm);
1270 case IEEE80211_FC0_SUBTYPE_AUTH:
1271 case IEEE80211_FC0_SUBTYPE_ASSOC_REQ:
1272 case IEEE80211_FC0_SUBTYPE_REASSOC_REQ:
1273 case IEEE80211_FC0_SUBTYPE_ASSOC_RESP:
1274 case IEEE80211_FC0_SUBTYPE_REASSOC_RESP:
1275 case IEEE80211_FC0_SUBTYPE_DEAUTH:
1276 case IEEE80211_FC0_SUBTYPE_DISASSOC:
1277 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1278 wh, NULL, "%s", "not handled");
1279 vap->iv_stats.is_rx_mgtdiscard++;
1282 IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
1283 wh, "mgt", "subtype 0x%x not handled", subtype);
1284 vap->iv_stats.is_rx_badsubtype++;
1290 * Parse meshpeering action ie's for open+confirm frames; the
1291 * important bits are returned in the supplied structure.
1293 static const struct ieee80211_meshpeer_ie *
1294 mesh_parse_meshpeering_action(struct ieee80211_node *ni,
1295 const struct ieee80211_frame *wh, /* XXX for VERIFY_LENGTH */
1296 const uint8_t *frm, const uint8_t *efrm,
1297 struct ieee80211_meshpeer_ie *mp)
1299 struct ieee80211vap *vap = ni->ni_vap;
1300 const struct ieee80211_meshpeer_ie *mpie;
1301 const uint8_t *meshid, *meshconf, *meshpeerver, *meshpeer;
1303 meshid = meshconf = meshpeerver = meshpeer = NULL;
1304 while (efrm - frm > 1) {
1305 IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1] + 2, return NULL);
1307 case IEEE80211_ELEMID_MESHPEERVER:
1310 case IEEE80211_ELEMID_MESHID:
1313 case IEEE80211_ELEMID_MESHCONF:
1316 case IEEE80211_ELEMID_MESHPEER:
1318 mpie = (const struct ieee80211_meshpeer_ie *) frm;
1319 memset(mp, 0, sizeof(*mp));
1320 mp->peer_subtype = mpie->peer_subtype;
1321 mp->peer_llinkid = LE_READ_2(&mpie->peer_llinkid);
1322 /* NB: peer link ID is optional on these frames */
1323 if (mpie->peer_subtype ==
1324 IEEE80211_MESH_PEER_LINK_CLOSE &&
1325 mpie->peer_len == 5) {
1326 mp->peer_linkid = 0;
1327 mp->peer_rcode = LE_READ_2(&mpie->peer_linkid);
1329 mp->peer_linkid = LE_READ_2(&mpie->peer_linkid);
1330 mp->peer_rcode = LE_READ_2(&mpie->peer_rcode);
1338 * Verify the contents of the frame. Action frames with
1339 * close subtype don't have a Mesh Configuration IE.
1340 * If if fails validation, close the peer link.
1342 KASSERT(meshpeer != NULL && mp->peer_subtype !=
1343 IEEE80211_ACTION_MESHPEERING_CLOSE, ("parsing close action"));
1345 if (mesh_verify_meshpeerver(vap, meshpeerver) ||
1346 mesh_verify_meshid(vap, meshid) ||
1347 mesh_verify_meshpeer(vap, meshpeer) ||
1348 mesh_verify_meshconf(vap, meshconf)) {
1351 IEEE80211_DISCARD(vap,
1352 IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH,
1353 wh, NULL, "%s", "not for our mesh");
1354 vap->iv_stats.is_rx_mgtdiscard++;
1355 switch (ni->ni_mlstate) {
1356 case IEEE80211_NODE_MESH_IDLE:
1357 case IEEE80211_NODE_MESH_ESTABLISHED:
1358 case IEEE80211_NODE_MESH_HOLDING:
1361 case IEEE80211_NODE_MESH_OPENSNT:
1362 case IEEE80211_NODE_MESH_OPENRCV:
1363 case IEEE80211_NODE_MESH_CONFIRMRCV:
1364 args[0] = ni->ni_mlpid;
1365 args[1] = ni->ni_mllid;
1366 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
1367 ieee80211_send_action(ni,
1368 IEEE80211_ACTION_CAT_MESHPEERING,
1369 IEEE80211_ACTION_MESHPEERING_CLOSE,
1371 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
1372 mesh_peer_timeout_setup(ni);
1377 return (const struct ieee80211_meshpeer_ie *) mp;
1381 mesh_recv_action_meshpeering_open(struct ieee80211_node *ni,
1382 const struct ieee80211_frame *wh,
1383 const uint8_t *frm, const uint8_t *efrm)
1385 struct ieee80211vap *vap = ni->ni_vap;
1386 struct ieee80211_meshpeer_ie ie;
1387 const struct ieee80211_meshpeer_ie *meshpeer;
1390 /* +2+2 for action + code + capabilites */
1391 meshpeer = mesh_parse_meshpeering_action(ni, wh, frm+2+2, efrm, &ie);
1392 if (meshpeer == NULL) {
1397 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
1398 "recv PEER OPEN, lid 0x%x", meshpeer->peer_llinkid);
1400 switch (ni->ni_mlstate) {
1401 case IEEE80211_NODE_MESH_IDLE:
1402 mesh_linkchange(ni, IEEE80211_NODE_MESH_OPENRCV);
1403 ni->ni_mllid = meshpeer->peer_llinkid;
1404 ni->ni_mlpid = mesh_generateid(vap);
1405 if (ni->ni_mlpid == 0)
1407 args[0] = ni->ni_mlpid;
1408 /* Announce we're open too... */
1409 ieee80211_send_action(ni,
1410 IEEE80211_ACTION_CAT_MESHPEERING,
1411 IEEE80211_ACTION_MESHPEERING_OPEN, args);
1412 /* ...and confirm the link. */
1413 args[0] = ni->ni_mlpid;
1414 args[1] = ni->ni_mllid;
1415 ieee80211_send_action(ni,
1416 IEEE80211_ACTION_CAT_MESHPEERING,
1417 IEEE80211_ACTION_MESHPEERING_CONFIRM,
1419 mesh_peer_timeout_setup(ni);
1421 case IEEE80211_NODE_MESH_OPENRCV:
1423 if (ni->ni_mllid != meshpeer->peer_llinkid) {
1424 args[0] = ni->ni_mllid;
1425 args[1] = ni->ni_mlpid;
1426 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
1427 ieee80211_send_action(ni,
1428 IEEE80211_ACTION_CAT_MESHPEERING,
1429 IEEE80211_ACTION_MESHPEERING_CLOSE,
1431 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
1432 mesh_peer_timeout_setup(ni);
1435 /* Duplicate open, confirm again. */
1436 args[0] = ni->ni_mlpid;
1437 args[1] = ni->ni_mllid;
1438 ieee80211_send_action(ni,
1439 IEEE80211_ACTION_CAT_MESHPEERING,
1440 IEEE80211_ACTION_MESHPEERING_CONFIRM,
1443 case IEEE80211_NODE_MESH_OPENSNT:
1444 ni->ni_mllid = meshpeer->peer_llinkid;
1445 mesh_linkchange(ni, IEEE80211_NODE_MESH_OPENRCV);
1446 args[0] = ni->ni_mlpid;
1447 args[1] = ni->ni_mllid;
1448 ieee80211_send_action(ni,
1449 IEEE80211_ACTION_CAT_MESHPEERING,
1450 IEEE80211_ACTION_MESHPEERING_CONFIRM,
1452 /* NB: don't setup/clear any timeout */
1454 case IEEE80211_NODE_MESH_CONFIRMRCV:
1455 if (ni->ni_mlpid != meshpeer->peer_linkid ||
1456 ni->ni_mllid != meshpeer->peer_llinkid) {
1457 args[0] = ni->ni_mlpid;
1458 args[1] = ni->ni_mllid;
1459 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
1460 ieee80211_send_action(ni,
1461 IEEE80211_ACTION_CAT_MESHPEERING,
1462 IEEE80211_ACTION_MESHPEERING_CLOSE,
1465 IEEE80211_NODE_MESH_HOLDING);
1466 mesh_peer_timeout_setup(ni);
1469 mesh_linkchange(ni, IEEE80211_NODE_MESH_ESTABLISHED);
1470 ni->ni_mllid = meshpeer->peer_llinkid;
1471 args[0] = ni->ni_mlpid;
1472 args[1] = ni->ni_mllid;
1473 ieee80211_send_action(ni,
1474 IEEE80211_ACTION_CAT_MESHPEERING,
1475 IEEE80211_ACTION_MESHPEERING_CONFIRM,
1477 mesh_peer_timeout_stop(ni);
1479 case IEEE80211_NODE_MESH_ESTABLISHED:
1480 if (ni->ni_mllid != meshpeer->peer_llinkid) {
1481 args[0] = ni->ni_mllid;
1482 args[1] = ni->ni_mlpid;
1483 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
1484 ieee80211_send_action(ni,
1485 IEEE80211_ACTION_CAT_MESHPEERING,
1486 IEEE80211_ACTION_MESHPEERING_CLOSE,
1488 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
1489 mesh_peer_timeout_setup(ni);
1492 args[0] = ni->ni_mlpid;
1493 args[1] = ni->ni_mllid;
1494 ieee80211_send_action(ni,
1495 IEEE80211_ACTION_CAT_MESHPEERING,
1496 IEEE80211_ACTION_MESHPEERING_CONFIRM,
1499 case IEEE80211_NODE_MESH_HOLDING:
1500 args[0] = ni->ni_mlpid;
1501 args[1] = meshpeer->peer_llinkid;
1502 args[2] = IEEE80211_REASON_MESH_MAX_RETRIES;
1503 ieee80211_send_action(ni,
1504 IEEE80211_ACTION_CAT_MESHPEERING,
1505 IEEE80211_ACTION_MESHPEERING_CLOSE,
1513 mesh_recv_action_meshpeering_confirm(struct ieee80211_node *ni,
1514 const struct ieee80211_frame *wh,
1515 const uint8_t *frm, const uint8_t *efrm)
1517 struct ieee80211vap *vap = ni->ni_vap;
1518 struct ieee80211_meshpeer_ie ie;
1519 const struct ieee80211_meshpeer_ie *meshpeer;
1522 /* +2+2+2+2 for action + code + capabilites + status code + AID */
1523 meshpeer = mesh_parse_meshpeering_action(ni, wh, frm+2+2+2+2, efrm, &ie);
1524 if (meshpeer == NULL) {
1528 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
1529 "recv PEER CONFIRM, local id 0x%x, peer id 0x%x",
1530 meshpeer->peer_llinkid, meshpeer->peer_linkid);
1532 switch (ni->ni_mlstate) {
1533 case IEEE80211_NODE_MESH_OPENRCV:
1534 mesh_linkchange(ni, IEEE80211_NODE_MESH_ESTABLISHED);
1535 mesh_peer_timeout_stop(ni);
1537 case IEEE80211_NODE_MESH_OPENSNT:
1538 mesh_linkchange(ni, IEEE80211_NODE_MESH_CONFIRMRCV);
1540 case IEEE80211_NODE_MESH_HOLDING:
1541 args[0] = ni->ni_mlpid;
1542 args[1] = meshpeer->peer_llinkid;
1543 args[2] = IEEE80211_REASON_MESH_MAX_RETRIES;
1544 ieee80211_send_action(ni,
1545 IEEE80211_ACTION_CAT_MESHPEERING,
1546 IEEE80211_ACTION_MESHPEERING_CLOSE,
1549 case IEEE80211_NODE_MESH_CONFIRMRCV:
1550 if (ni->ni_mllid != meshpeer->peer_llinkid) {
1551 args[0] = ni->ni_mlpid;
1552 args[1] = ni->ni_mllid;
1553 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
1554 ieee80211_send_action(ni,
1555 IEEE80211_ACTION_CAT_MESHPEERING,
1556 IEEE80211_ACTION_MESHPEERING_CLOSE,
1558 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
1559 mesh_peer_timeout_setup(ni);
1563 IEEE80211_DISCARD(vap,
1564 IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH,
1565 wh, NULL, "received confirm in invalid state %d",
1567 vap->iv_stats.is_rx_mgtdiscard++;
1574 mesh_recv_action_meshpeering_close(struct ieee80211_node *ni,
1575 const struct ieee80211_frame *wh,
1576 const uint8_t *frm, const uint8_t *efrm)
1580 IEEE80211_NOTE(ni->ni_vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH,
1581 ni, "%s", "recv PEER CLOSE");
1583 switch (ni->ni_mlstate) {
1584 case IEEE80211_NODE_MESH_IDLE:
1587 case IEEE80211_NODE_MESH_OPENRCV:
1588 case IEEE80211_NODE_MESH_OPENSNT:
1589 case IEEE80211_NODE_MESH_CONFIRMRCV:
1590 case IEEE80211_NODE_MESH_ESTABLISHED:
1591 args[0] = ni->ni_mlpid;
1592 args[1] = ni->ni_mllid;
1593 args[2] = IEEE80211_REASON_MESH_CLOSE_RCVD;
1594 ieee80211_send_action(ni,
1595 IEEE80211_ACTION_CAT_MESHPEERING,
1596 IEEE80211_ACTION_MESHPEERING_CLOSE,
1598 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
1599 mesh_peer_timeout_setup(ni);
1601 case IEEE80211_NODE_MESH_HOLDING:
1602 mesh_linkchange(ni, IEEE80211_NODE_MESH_IDLE);
1603 mesh_peer_timeout_setup(ni);
1610 * Link Metric handling.
1613 mesh_recv_action_meshlmetric_req(struct ieee80211_node *ni,
1614 const struct ieee80211_frame *wh,
1615 const uint8_t *frm, const uint8_t *efrm)
1619 metric = mesh_airtime_calc(ni);
1620 ieee80211_send_action(ni,
1621 IEEE80211_ACTION_CAT_MESHLMETRIC,
1622 IEEE80211_ACTION_MESHLMETRIC_REP,
1628 mesh_recv_action_meshlmetric_rep(struct ieee80211_node *ni,
1629 const struct ieee80211_frame *wh,
1630 const uint8_t *frm, const uint8_t *efrm)
1636 mesh_send_action(struct ieee80211_node *ni, struct mbuf *m)
1638 struct ieee80211_bpf_params params;
1640 memset(¶ms, 0, sizeof(params));
1641 params.ibp_pri = WME_AC_VO;
1642 params.ibp_rate0 = ni->ni_txparms->mgmtrate;
1643 /* XXX ucast/mcast */
1644 params.ibp_try0 = ni->ni_txparms->maxretry;
1645 params.ibp_power = ni->ni_txpower;
1646 return ieee80211_mgmt_output(ni, m, IEEE80211_FC0_SUBTYPE_ACTION,
1650 #define ADDSHORT(frm, v) do { \
1651 frm[0] = (v) & 0xff; \
1652 frm[1] = (v) >> 8; \
1655 #define ADDWORD(frm, v) do { \
1656 frm[0] = (v) & 0xff; \
1657 frm[1] = ((v) >> 8) & 0xff; \
1658 frm[2] = ((v) >> 16) & 0xff; \
1659 frm[3] = ((v) >> 24) & 0xff; \
1664 mesh_send_action_meshpeering_open(struct ieee80211_node *ni,
1665 int category, int action, void *args0)
1667 struct ieee80211vap *vap = ni->ni_vap;
1668 struct ieee80211com *ic = ni->ni_ic;
1669 uint16_t *args = args0;
1670 const struct ieee80211_rateset *rs;
1674 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
1675 "send PEER OPEN action: localid 0x%x", args[0]);
1677 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
1678 "ieee80211_ref_node (%s:%u) %p<%s> refcnt %d\n", __func__, __LINE__,
1679 ni, ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni)+1);
1680 ieee80211_ref_node(ni);
1682 m = ieee80211_getmgtframe(&frm,
1683 ic->ic_headroom + sizeof(struct ieee80211_frame),
1684 sizeof(uint16_t) /* action+category */
1685 + sizeof(uint16_t) /* capabilites */
1686 + sizeof(struct ieee80211_meshpeerver_ie)
1687 + 2 + IEEE80211_RATE_SIZE
1688 + 2 + (IEEE80211_RATE_MAXSIZE - IEEE80211_RATE_SIZE)
1689 + 2 + IEEE80211_MESHID_LEN
1690 + sizeof(struct ieee80211_meshconf_ie)
1691 + sizeof(struct ieee80211_meshpeer_ie)
1695 * mesh peer open action frame format:
1699 * [tlv] mesh peer protocol version
1704 * [tlv] mesh peer link mgmt
1708 ADDSHORT(frm, ieee80211_getcapinfo(vap, ni->ni_chan));
1709 frm = ieee80211_add_meshpeerver(frm, vap);
1710 rs = ieee80211_get_suprates(ic, ic->ic_curchan);
1711 frm = ieee80211_add_rates(frm, rs);
1712 frm = ieee80211_add_xrates(frm, rs);
1713 frm = ieee80211_add_meshid(frm, vap);
1714 frm = ieee80211_add_meshconf(frm, vap);
1715 frm = ieee80211_add_meshpeer(frm, IEEE80211_MESH_PEER_LINK_OPEN,
1717 m->m_pkthdr.len = m->m_len = frm - mtod(m, uint8_t *);
1718 return mesh_send_action(ni, m);
1720 vap->iv_stats.is_tx_nobuf++;
1721 ieee80211_free_node(ni);
1727 mesh_send_action_meshpeering_confirm(struct ieee80211_node *ni,
1728 int category, int action, void *args0)
1730 struct ieee80211vap *vap = ni->ni_vap;
1731 struct ieee80211com *ic = ni->ni_ic;
1732 uint16_t *args = args0;
1733 const struct ieee80211_rateset *rs;
1737 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
1738 "send PEER CONFIRM action: localid 0x%x, peerid 0x%x",
1741 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
1742 "ieee80211_ref_node (%s:%u) %p<%s> refcnt %d\n", __func__, __LINE__,
1743 ni, ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni)+1);
1744 ieee80211_ref_node(ni);
1746 m = ieee80211_getmgtframe(&frm,
1747 ic->ic_headroom + sizeof(struct ieee80211_frame),
1748 sizeof(uint16_t) /* action+category */
1749 + sizeof(uint16_t) /* capabilites */
1750 + sizeof(uint16_t) /* status code */
1751 + sizeof(uint16_t) /* AID */
1752 + sizeof(struct ieee80211_meshpeerver_ie)
1753 + 2 + IEEE80211_RATE_SIZE
1754 + 2 + (IEEE80211_RATE_MAXSIZE - IEEE80211_RATE_SIZE)
1755 + 2 + IEEE80211_MESHID_LEN
1756 + sizeof(struct ieee80211_meshconf_ie)
1757 + sizeof(struct ieee80211_meshpeer_ie)
1761 * mesh peer confirm action frame format:
1766 * [2] association id (peer ID)
1767 * [tlv] mesh peer protocol version
1772 * [tlv] mesh peer link mgmt
1776 ADDSHORT(frm, ieee80211_getcapinfo(vap, ni->ni_chan));
1777 ADDSHORT(frm, 0); /* status code */
1778 ADDSHORT(frm, args[1]); /* AID */
1779 frm = ieee80211_add_meshpeerver(frm, vap);
1780 rs = ieee80211_get_suprates(ic, ic->ic_curchan);
1781 frm = ieee80211_add_rates(frm, rs);
1782 frm = ieee80211_add_xrates(frm, rs);
1783 frm = ieee80211_add_meshid(frm, vap);
1784 frm = ieee80211_add_meshconf(frm, vap);
1785 frm = ieee80211_add_meshpeer(frm,
1786 IEEE80211_MESH_PEER_LINK_CONFIRM,
1787 args[0], args[1], 0);
1788 m->m_pkthdr.len = m->m_len = frm - mtod(m, uint8_t *);
1789 return mesh_send_action(ni, m);
1791 vap->iv_stats.is_tx_nobuf++;
1792 ieee80211_free_node(ni);
1798 mesh_send_action_meshpeering_close(struct ieee80211_node *ni,
1799 int category, int action, void *args0)
1801 struct ieee80211vap *vap = ni->ni_vap;
1802 struct ieee80211com *ic = ni->ni_ic;
1803 uint16_t *args = args0;
1807 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
1808 "send PEER CLOSE action: localid 0x%x, peerid 0x%x reason %d",
1809 args[0], args[1], args[2]);
1811 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
1812 "ieee80211_ref_node (%s:%u) %p<%s> refcnt %d\n", __func__, __LINE__,
1813 ni, ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni)+1);
1814 ieee80211_ref_node(ni);
1816 m = ieee80211_getmgtframe(&frm,
1817 ic->ic_headroom + sizeof(struct ieee80211_frame),
1818 sizeof(uint16_t) /* action+category */
1819 + sizeof(uint16_t) /* reason code */
1820 + sizeof(struct ieee80211_meshpeerver_ie)
1821 + 2 + IEEE80211_MESHID_LEN
1822 + sizeof(struct ieee80211_meshpeer_ie)
1826 * mesh peer close action frame format:
1830 * [tlv] mesh peer protocol version
1832 * [tlv] mesh peer link mgmt
1836 ADDSHORT(frm, args[2]); /* reason code */
1837 frm = ieee80211_add_meshpeerver(frm, vap);
1838 frm = ieee80211_add_meshid(frm, vap);
1839 frm = ieee80211_add_meshpeer(frm,
1840 IEEE80211_MESH_PEER_LINK_CLOSE,
1841 args[0], args[1], args[2]);
1842 m->m_pkthdr.len = m->m_len = frm - mtod(m, uint8_t *);
1843 return mesh_send_action(ni, m);
1845 vap->iv_stats.is_tx_nobuf++;
1846 ieee80211_free_node(ni);
1852 mesh_send_action_meshlink_request(struct ieee80211_node *ni,
1853 int category, int action, void *arg0)
1855 struct ieee80211vap *vap = ni->ni_vap;
1856 struct ieee80211com *ic = ni->ni_ic;
1860 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
1861 "%s", "send LINK METRIC REQUEST action");
1863 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
1864 "ieee80211_ref_node (%s:%u) %p<%s> refcnt %d\n", __func__, __LINE__,
1865 ni, ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni)+1);
1866 ieee80211_ref_node(ni);
1868 m = ieee80211_getmgtframe(&frm,
1869 ic->ic_headroom + sizeof(struct ieee80211_frame),
1870 sizeof(uint16_t) /* action+category */
1874 * mesh link metric request
1880 m->m_pkthdr.len = m->m_len = frm - mtod(m, uint8_t *);
1881 return mesh_send_action(ni, m);
1883 vap->iv_stats.is_tx_nobuf++;
1884 ieee80211_free_node(ni);
1890 mesh_send_action_meshlink_reply(struct ieee80211_node *ni,
1891 int category, int action, void *args0)
1893 struct ieee80211vap *vap = ni->ni_vap;
1894 struct ieee80211com *ic = ni->ni_ic;
1895 uint32_t *metric = args0;
1899 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
1900 "send LINK METRIC REPLY action: metric 0x%x", *metric);
1902 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
1903 "ieee80211_ref_node (%s:%u) %p<%s> refcnt %d\n", __func__, __LINE__,
1904 ni, ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni)+1);
1905 ieee80211_ref_node(ni);
1907 m = ieee80211_getmgtframe(&frm,
1908 ic->ic_headroom + sizeof(struct ieee80211_frame),
1909 sizeof(uint16_t) /* action+category */
1910 + sizeof(struct ieee80211_meshlmetric_ie)
1914 * mesh link metric reply
1917 * [tlv] mesh link metric
1921 frm = ieee80211_add_meshlmetric(frm, *metric);
1922 m->m_pkthdr.len = m->m_len = frm - mtod(m, uint8_t *);
1923 return mesh_send_action(ni, m);
1925 vap->iv_stats.is_tx_nobuf++;
1926 ieee80211_free_node(ni);
1932 mesh_peer_timeout_setup(struct ieee80211_node *ni)
1934 switch (ni->ni_mlstate) {
1935 case IEEE80211_NODE_MESH_HOLDING:
1936 ni->ni_mltval = ieee80211_mesh_holdingtimeout;
1938 case IEEE80211_NODE_MESH_CONFIRMRCV:
1939 ni->ni_mltval = ieee80211_mesh_confirmtimeout;
1941 case IEEE80211_NODE_MESH_IDLE:
1945 ni->ni_mltval = ieee80211_mesh_retrytimeout;
1949 callout_reset(&ni->ni_mltimer, ni->ni_mltval,
1950 mesh_peer_timeout_cb, ni);
1954 * Same as above but backoffs timer statisically 50%.
1957 mesh_peer_timeout_backoff(struct ieee80211_node *ni)
1962 ni->ni_mltval += r % ni->ni_mltval;
1963 callout_reset(&ni->ni_mltimer, ni->ni_mltval, mesh_peer_timeout_cb,
1967 static __inline void
1968 mesh_peer_timeout_stop(struct ieee80211_node *ni)
1970 callout_stop(&ni->ni_mltimer);
1974 * Mesh Peer Link Management FSM timeout handling.
1977 mesh_peer_timeout_cb(void *arg)
1979 struct ieee80211_node *ni = (struct ieee80211_node *)arg;
1982 IEEE80211_NOTE(ni->ni_vap, IEEE80211_MSG_MESH,
1983 ni, "mesh link timeout, state %d, retry counter %d",
1984 ni->ni_mlstate, ni->ni_mlrcnt);
1986 switch (ni->ni_mlstate) {
1987 case IEEE80211_NODE_MESH_IDLE:
1988 case IEEE80211_NODE_MESH_ESTABLISHED:
1990 case IEEE80211_NODE_MESH_OPENSNT:
1991 case IEEE80211_NODE_MESH_OPENRCV:
1992 if (ni->ni_mlrcnt == ieee80211_mesh_maxretries) {
1993 args[0] = ni->ni_mlpid;
1994 args[2] = IEEE80211_REASON_MESH_MAX_RETRIES;
1995 ieee80211_send_action(ni,
1996 IEEE80211_ACTION_CAT_MESHPEERING,
1997 IEEE80211_ACTION_MESHPEERING_CLOSE, args);
1999 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
2000 mesh_peer_timeout_setup(ni);
2002 args[0] = ni->ni_mlpid;
2003 ieee80211_send_action(ni,
2004 IEEE80211_ACTION_CAT_MESHPEERING,
2005 IEEE80211_ACTION_MESHPEERING_OPEN, args);
2007 mesh_peer_timeout_backoff(ni);
2010 case IEEE80211_NODE_MESH_CONFIRMRCV:
2011 if (ni->ni_mlrcnt == ieee80211_mesh_maxretries) {
2012 args[0] = ni->ni_mlpid;
2013 args[2] = IEEE80211_REASON_MESH_CONFIRM_TIMEOUT;
2014 ieee80211_send_action(ni,
2015 IEEE80211_ACTION_CAT_MESHPEERING,
2016 IEEE80211_ACTION_MESHPEERING_CLOSE, args);
2018 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
2019 mesh_peer_timeout_setup(ni);
2022 mesh_peer_timeout_setup(ni);
2025 case IEEE80211_NODE_MESH_HOLDING:
2026 mesh_linkchange(ni, IEEE80211_NODE_MESH_IDLE);
2032 mesh_verify_meshpeerver(struct ieee80211vap *vap, const uint8_t *ie)
2034 static const uint8_t peer[4] = IEEE80211_MESHPEERVER_PEER;
2035 const struct ieee80211_meshpeerver_ie *meshpeerver =
2036 (const struct ieee80211_meshpeerver_ie *) ie;
2038 if (meshpeerver->peerver_len !=
2039 sizeof(struct ieee80211_meshpeerver_ie) - 2)
2041 return memcmp(meshpeerver->peerver_proto, peer, 4);
2045 mesh_verify_meshid(struct ieee80211vap *vap, const uint8_t *ie)
2047 struct ieee80211_mesh_state *ms = vap->iv_mesh;
2049 if (ie == NULL || ie[1] != ms->ms_idlen)
2051 return memcmp(ms->ms_id, ie + 2, ms->ms_idlen);
2055 * Check if we are using the same algorithms for this mesh.
2058 mesh_verify_meshconf(struct ieee80211vap *vap, const uint8_t *ie)
2060 static const uint8_t null[4] = IEEE80211_MESHCONF_NULL;
2061 const struct ieee80211_meshconf_ie *meshconf =
2062 (const struct ieee80211_meshconf_ie *) ie;
2063 const struct ieee80211_mesh_state *ms = vap->iv_mesh;
2065 if (meshconf == NULL)
2067 if (meshconf->conf_ver != IEEE80211_MESHCONF_VERSION) {
2068 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2069 "wrong mesh conf version: %d\n", meshconf->conf_ver);
2072 if (memcmp(meshconf->conf_pselid, ms->ms_ppath->mpp_ie, 4) != 0) {
2073 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2074 "unknown path selection algorithm: 0x%x%x%x%x\n",
2075 meshconf->conf_pselid[0], meshconf->conf_pselid[1],
2076 meshconf->conf_pselid[2], meshconf->conf_pselid[3]);
2079 if (memcmp(meshconf->conf_pmetid, ms->ms_pmetric->mpm_ie, 4) != 0) {
2080 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2081 "unknown path metric algorithm: 0x%x%x%x%x\n",
2082 meshconf->conf_pmetid[0], meshconf->conf_pmetid[1],
2083 meshconf->conf_pmetid[2], meshconf->conf_pmetid[3]);
2086 if (memcmp(meshconf->conf_ccid, null, 4) != 0) {
2087 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2088 "unknown congestion sig algorithm: 0x%x%x%x%x\n",
2089 meshconf->conf_ccid[0], meshconf->conf_ccid[1],
2090 meshconf->conf_ccid[2], meshconf->conf_ccid[3]);
2093 if (memcmp(meshconf->conf_syncid, null, 4) != 0) {
2094 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2095 "unknown sync algorithm: 0x%x%x%x%x\n",
2096 meshconf->conf_syncid[0], meshconf->conf_syncid[1],
2097 meshconf->conf_syncid[2], meshconf->conf_syncid[3]);
2100 if (memcmp(meshconf->conf_authid, null, 4) != 0) {
2101 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2102 "unknown auth auth algorithm: 0x%x%x%x%x\n",
2103 meshconf->conf_pselid[0], meshconf->conf_pselid[1],
2104 meshconf->conf_pselid[2], meshconf->conf_pselid[3]);
2107 /* Not accepting peers */
2108 if (!(meshconf->conf_cap & IEEE80211_MESHCONF_CAP_AP)) {
2109 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2110 "not accepting peers: 0x%x\n", meshconf->conf_cap);
2117 mesh_verify_meshpeer(struct ieee80211vap *vap, const uint8_t *ie)
2119 const struct ieee80211_meshpeer_ie *meshpeer =
2120 (const struct ieee80211_meshpeer_ie *) ie;
2122 if (meshpeer == NULL)
2124 switch (meshpeer->peer_subtype) {
2125 case IEEE80211_MESH_PEER_LINK_OPEN:
2126 if (meshpeer->peer_len != 3)
2129 case IEEE80211_MESH_PEER_LINK_CONFIRM:
2130 if (meshpeer->peer_len != 5)
2133 case IEEE80211_MESH_PEER_LINK_CLOSE:
2134 if (meshpeer->peer_len < 5)
2136 if (meshpeer->peer_len == 5 && meshpeer->peer_linkid != 0)
2138 if (meshpeer->peer_rcode == 0)
2146 * Add a Mesh ID IE to a frame.
2149 ieee80211_add_meshid(uint8_t *frm, struct ieee80211vap *vap)
2151 struct ieee80211_mesh_state *ms = vap->iv_mesh;
2153 KASSERT(vap->iv_opmode == IEEE80211_M_MBSS, ("not a mbss vap"));
2155 *frm++ = IEEE80211_ELEMID_MESHID;
2156 *frm++ = ms->ms_idlen;
2157 memcpy(frm, ms->ms_id, ms->ms_idlen);
2158 return frm + ms->ms_idlen;
2162 * Add a Mesh Configuration IE to a frame.
2163 * For now just use HWMP routing, Airtime link metric, Null Congestion
2164 * Signaling, Null Sync Protocol and Null Authentication.
2167 ieee80211_add_meshconf(uint8_t *frm, struct ieee80211vap *vap)
2169 const struct ieee80211_mesh_state *ms = vap->iv_mesh;
2170 static const uint8_t null[4] = IEEE80211_MESHCONF_NULL;
2172 KASSERT(vap->iv_opmode == IEEE80211_M_MBSS, ("not a MBSS vap"));
2174 *frm++ = IEEE80211_ELEMID_MESHCONF;
2175 *frm++ = sizeof(struct ieee80211_meshconf_ie) - 2;
2176 *frm++ = IEEE80211_MESHCONF_VERSION;
2177 memcpy(frm, ms->ms_ppath->mpp_ie, 4); /* path selection */
2179 memcpy(frm, ms->ms_pmetric->mpm_ie, 4); /* link metric */
2181 /* XXX null for now */
2182 memcpy(frm, null, 4); /* congestion control */
2184 memcpy(frm, null, 4); /* sync */
2186 memcpy(frm, null, 4); /* auth */
2188 /* NB: set the number of neighbors before the rest */
2189 *frm = (ms->ms_neighbors > 15 ? 15 : ms->ms_neighbors) << 1;
2190 if (ms->ms_flags & IEEE80211_MESHFLAGS_PORTAL)
2191 *frm |= IEEE80211_MESHCONF_FORM_MP;
2193 if (ms->ms_flags & IEEE80211_MESHFLAGS_AP)
2194 *frm |= IEEE80211_MESHCONF_CAP_AP;
2195 if (ms->ms_flags & IEEE80211_MESHFLAGS_FWD)
2196 *frm |= IEEE80211_MESHCONF_CAP_FWRD;
2202 * Add a Mesh Peer Protocol IE to a frame.
2203 * XXX: needs to grow support for Abbreviated Handshake
2206 ieee80211_add_meshpeerver(uint8_t *frm, struct ieee80211vap *vap)
2208 static struct ieee80211_meshpeerver_ie ie = {
2209 .peerver_ie = IEEE80211_ELEMID_MESHPEERVER,
2211 .peerver_proto = IEEE80211_MESHPEERVER_PEER,
2214 KASSERT(vap->iv_opmode == IEEE80211_M_MBSS, ("not a MBSS vap"));
2216 memcpy(frm, &ie, sizeof(ie));
2217 return frm + sizeof(ie);
2221 * Add a Mesh Peer Management IE to a frame.
2224 ieee80211_add_meshpeer(uint8_t *frm, uint8_t subtype, uint16_t localid,
2225 uint16_t peerid, uint16_t reason)
2227 KASSERT(localid != 0, ("localid == 0"));
2229 *frm++ = IEEE80211_ELEMID_MESHPEER;
2231 case IEEE80211_MESH_PEER_LINK_OPEN:
2232 *frm++ = 3; /* length */
2234 ADDSHORT(frm, localid); /* local ID */
2236 case IEEE80211_MESH_PEER_LINK_CONFIRM:
2237 KASSERT(peerid != 0, ("sending peer confirm without peer id"));
2238 *frm++ = 5; /* length */
2240 ADDSHORT(frm, localid); /* local ID */
2241 ADDSHORT(frm, peerid); /* peer ID */
2243 case IEEE80211_MESH_PEER_LINK_CLOSE:
2245 *frm++ = 7; /* length */
2247 *frm++ = 5; /* length */
2249 ADDSHORT(frm, localid); /* local ID */
2251 ADDSHORT(frm, peerid); /* peer ID */
2252 ADDSHORT(frm, reason);
2259 * Compute an Airtime Link Metric for the link with this node.
2261 * Based on Draft 3.0 spec (11B.10, p.149).
2264 * Max 802.11s overhead.
2266 #define IEEE80211_MESH_MAXOVERHEAD \
2267 (sizeof(struct ieee80211_qosframe_addr4) \
2268 + sizeof(struct ieee80211_meshcntl_ae11) \
2269 + sizeof(struct llc) \
2270 + IEEE80211_ADDR_LEN \
2271 + IEEE80211_WEP_IVLEN \
2272 + IEEE80211_WEP_KIDLEN \
2273 + IEEE80211_WEP_CRCLEN \
2274 + IEEE80211_WEP_MICLEN \
2275 + IEEE80211_CRC_LEN)
2277 mesh_airtime_calc(struct ieee80211_node *ni)
2280 #define S_FACTOR (2 * M_BITS)
2281 struct ieee80211com *ic = ni->ni_ic;
2282 struct ifnet *ifp = ni->ni_vap->iv_ifp;
2283 const static int nbits = 8192 << M_BITS;
2284 uint32_t overhead, rate, errrate;
2287 /* Time to transmit a frame */
2288 rate = ni->ni_txrate;
2289 overhead = ieee80211_compute_duration(ic->ic_rt,
2290 ifp->if_mtu + IEEE80211_MESH_MAXOVERHEAD, rate, 0) << M_BITS;
2291 /* Error rate in percentage */
2292 /* XXX assuming small failures are ok */
2293 errrate = (((ifp->if_oerrors +
2294 ifp->if_ierrors) / 100) << M_BITS) / 100;
2295 res = (overhead + (nbits / rate)) *
2296 ((1 << S_FACTOR) / ((1 << M_BITS) - errrate));
2298 return (uint32_t)(res >> S_FACTOR);
2304 * Add a Mesh Link Metric report IE to a frame.
2307 ieee80211_add_meshlmetric(uint8_t *frm, uint32_t metric)
2309 *frm++ = IEEE80211_ELEMID_MESHLINK;
2311 ADDWORD(frm, metric);
2318 * Initialize any mesh-specific node state.
2321 ieee80211_mesh_node_init(struct ieee80211vap *vap, struct ieee80211_node *ni)
2323 ni->ni_flags |= IEEE80211_NODE_QOS;
2324 callout_init(&ni->ni_mltimer, CALLOUT_MPSAFE);
2328 * Cleanup any mesh-specific node state.
2331 ieee80211_mesh_node_cleanup(struct ieee80211_node *ni)
2333 struct ieee80211vap *vap = ni->ni_vap;
2334 struct ieee80211_mesh_state *ms = vap->iv_mesh;
2336 callout_drain(&ni->ni_mltimer);
2337 /* NB: short-circuit callbacks after mesh_vdetach */
2338 if (vap->iv_mesh != NULL)
2339 ms->ms_ppath->mpp_peerdown(ni);
2343 ieee80211_parse_meshid(struct ieee80211_node *ni, const uint8_t *ie)
2345 ni->ni_meshidlen = ie[1];
2346 memcpy(ni->ni_meshid, ie + 2, ie[1]);
2350 * Setup mesh-specific node state on neighbor discovery.
2353 ieee80211_mesh_init_neighbor(struct ieee80211_node *ni,
2354 const struct ieee80211_frame *wh,
2355 const struct ieee80211_scanparams *sp)
2357 ieee80211_parse_meshid(ni, sp->meshid);
2361 mesh_ioctl_get80211(struct ieee80211vap *vap, struct ieee80211req *ireq)
2363 struct ieee80211_mesh_state *ms = vap->iv_mesh;
2364 uint8_t tmpmeshid[IEEE80211_NWID_LEN];
2365 struct ieee80211_mesh_route *rt;
2366 struct ieee80211req_mesh_route *imr;
2371 if (vap->iv_opmode != IEEE80211_M_MBSS)
2375 switch (ireq->i_type) {
2376 case IEEE80211_IOC_MESH_ID:
2377 ireq->i_len = ms->ms_idlen;
2378 memcpy(tmpmeshid, ms->ms_id, ireq->i_len);
2379 error = copyout(tmpmeshid, ireq->i_data, ireq->i_len);
2381 case IEEE80211_IOC_MESH_AP:
2382 ireq->i_val = (ms->ms_flags & IEEE80211_MESHFLAGS_AP) != 0;
2384 case IEEE80211_IOC_MESH_FWRD:
2385 ireq->i_val = (ms->ms_flags & IEEE80211_MESHFLAGS_FWD) != 0;
2387 case IEEE80211_IOC_MESH_TTL:
2388 ireq->i_val = ms->ms_ttl;
2390 case IEEE80211_IOC_MESH_RTCMD:
2391 switch (ireq->i_val) {
2392 case IEEE80211_MESH_RTCMD_LIST:
2395 TAILQ_FOREACH(rt, &ms->ms_routes, rt_next) {
2396 len += sizeof(*imr);
2399 if (len > ireq->i_len || ireq->i_len < sizeof(*imr)) {
2404 p = malloc(len, M_TEMP, M_NOWAIT | M_ZERO);
2409 TAILQ_FOREACH(rt, &ms->ms_routes, rt_next) {
2412 imr = (struct ieee80211req_mesh_route *)
2414 IEEE80211_ADDR_COPY(imr->imr_dest,
2416 IEEE80211_ADDR_COPY(imr->imr_nexthop,
2418 imr->imr_metric = rt->rt_metric;
2419 imr->imr_nhops = rt->rt_nhops;
2420 imr->imr_lifetime = rt->rt_lifetime;
2421 off += sizeof(*imr);
2424 error = copyout(p, (uint8_t *)ireq->i_data,
2428 case IEEE80211_MESH_RTCMD_FLUSH:
2429 case IEEE80211_MESH_RTCMD_ADD:
2430 case IEEE80211_MESH_RTCMD_DELETE:
2436 case IEEE80211_IOC_MESH_PR_METRIC:
2437 len = strlen(ms->ms_pmetric->mpm_descr);
2438 if (ireq->i_len < len)
2441 error = copyout(ms->ms_pmetric->mpm_descr,
2442 (uint8_t *)ireq->i_data, len);
2444 case IEEE80211_IOC_MESH_PR_PATH:
2445 len = strlen(ms->ms_ppath->mpp_descr);
2446 if (ireq->i_len < len)
2449 error = copyout(ms->ms_ppath->mpp_descr,
2450 (uint8_t *)ireq->i_data, len);
2458 IEEE80211_IOCTL_GET(mesh, mesh_ioctl_get80211);
2461 mesh_ioctl_set80211(struct ieee80211vap *vap, struct ieee80211req *ireq)
2463 struct ieee80211_mesh_state *ms = vap->iv_mesh;
2464 uint8_t tmpmeshid[IEEE80211_NWID_LEN];
2465 uint8_t tmpaddr[IEEE80211_ADDR_LEN];
2466 char tmpproto[IEEE80211_MESH_PROTO_DSZ];
2469 if (vap->iv_opmode != IEEE80211_M_MBSS)
2473 switch (ireq->i_type) {
2474 case IEEE80211_IOC_MESH_ID:
2475 if (ireq->i_val != 0 || ireq->i_len > IEEE80211_MESHID_LEN)
2477 error = copyin(ireq->i_data, tmpmeshid, ireq->i_len);
2480 memset(ms->ms_id, 0, IEEE80211_NWID_LEN);
2481 ms->ms_idlen = ireq->i_len;
2482 memcpy(ms->ms_id, tmpmeshid, ireq->i_len);
2484 case IEEE80211_IOC_MESH_AP:
2486 ms->ms_flags |= IEEE80211_MESHFLAGS_AP;
2488 ms->ms_flags &= ~IEEE80211_MESHFLAGS_AP;
2490 case IEEE80211_IOC_MESH_FWRD:
2492 ms->ms_flags |= IEEE80211_MESHFLAGS_FWD;
2494 ms->ms_flags &= ~IEEE80211_MESHFLAGS_FWD;
2496 case IEEE80211_IOC_MESH_TTL:
2497 ms->ms_ttl = (uint8_t) ireq->i_val;
2499 case IEEE80211_IOC_MESH_RTCMD:
2500 switch (ireq->i_val) {
2501 case IEEE80211_MESH_RTCMD_LIST:
2503 case IEEE80211_MESH_RTCMD_FLUSH:
2504 ieee80211_mesh_rt_flush(vap);
2506 case IEEE80211_MESH_RTCMD_ADD:
2507 if (IEEE80211_ADDR_EQ(vap->iv_myaddr, ireq->i_data) ||
2508 IEEE80211_ADDR_EQ(broadcastaddr, ireq->i_data))
2510 error = copyin(ireq->i_data, &tmpaddr,
2511 IEEE80211_ADDR_LEN);
2513 ieee80211_mesh_discover(vap, tmpaddr, NULL);
2515 case IEEE80211_MESH_RTCMD_DELETE:
2516 ieee80211_mesh_rt_del(vap, ireq->i_data);
2522 case IEEE80211_IOC_MESH_PR_METRIC:
2523 error = copyin(ireq->i_data, tmpproto, sizeof(tmpproto));
2525 return mesh_select_proto_metric(vap, tmpproto);
2527 case IEEE80211_IOC_MESH_PR_PATH:
2528 error = copyin(ireq->i_data, tmpproto, sizeof(tmpproto));
2530 return mesh_select_proto_path(vap, tmpproto);
2537 IEEE80211_IOCTL_SET(mesh, mesh_ioctl_set80211);
projects / FreeBSD / FreeBSD.git / blob