2 * Copyright (c) 2009 The FreeBSD Foundation
5 * This software was developed by Rui Paulo under sponsorship from the
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD$");
35 * IEEE 802.11s Mesh Point (MBSS) support.
37 * Based on March 2009, D3.0 802.11s draft spec.
42 #include <sys/param.h>
43 #include <sys/systm.h>
45 #include <sys/malloc.h>
46 #include <sys/kernel.h>
48 #include <sys/socket.h>
49 #include <sys/sockio.h>
50 #include <sys/endian.h>
51 #include <sys/errno.h>
53 #include <sys/sysctl.h>
56 #include <net/if_media.h>
57 #include <net/if_llc.h>
58 #include <net/ethernet.h>
60 #include <net80211/ieee80211_var.h>
61 #include <net80211/ieee80211_action.h>
62 #include <net80211/ieee80211_input.h>
63 #include <net80211/ieee80211_mesh.h>
65 static void mesh_rt_flush_invalid(struct ieee80211vap *);
66 static int mesh_select_proto_path(struct ieee80211vap *, const char *);
67 static int mesh_select_proto_metric(struct ieee80211vap *, const char *);
68 static void mesh_vattach(struct ieee80211vap *);
69 static int mesh_newstate(struct ieee80211vap *, enum ieee80211_state, int);
70 static void mesh_rt_cleanup_cb(void *);
71 static void mesh_linkchange(struct ieee80211_node *,
72 enum ieee80211_mesh_mlstate);
73 static void mesh_checkid(void *, struct ieee80211_node *);
74 static uint32_t mesh_generateid(struct ieee80211vap *);
75 static int mesh_checkpseq(struct ieee80211vap *,
76 const uint8_t [IEEE80211_ADDR_LEN], uint32_t);
77 static struct ieee80211_node *
78 mesh_find_txnode(struct ieee80211vap *,
79 const uint8_t [IEEE80211_ADDR_LEN]);
80 static void mesh_forward(struct ieee80211vap *, struct mbuf *,
81 const struct ieee80211_meshcntl *);
82 static int mesh_input(struct ieee80211_node *, struct mbuf *, int, int);
83 static void mesh_recv_mgmt(struct ieee80211_node *, struct mbuf *, int,
85 static void mesh_recv_ctl(struct ieee80211_node *, struct mbuf *, int);
86 static void mesh_peer_timeout_setup(struct ieee80211_node *);
87 static void mesh_peer_timeout_backoff(struct ieee80211_node *);
88 static void mesh_peer_timeout_cb(void *);
90 mesh_peer_timeout_stop(struct ieee80211_node *);
91 static int mesh_verify_meshid(struct ieee80211vap *, const uint8_t *);
92 static int mesh_verify_meshconf(struct ieee80211vap *, const uint8_t *);
93 static int mesh_verify_meshpeer(struct ieee80211vap *, uint8_t,
95 uint32_t mesh_airtime_calc(struct ieee80211_node *);
98 * Timeout values come from the specification and are in milliseconds.
100 static SYSCTL_NODE(_net_wlan, OID_AUTO, mesh, CTLFLAG_RD, 0,
101 "IEEE 802.11s parameters");
102 static int ieee80211_mesh_retrytimeout = -1;
103 SYSCTL_PROC(_net_wlan_mesh, OID_AUTO, retrytimeout, CTLTYPE_INT | CTLFLAG_RW,
104 &ieee80211_mesh_retrytimeout, 0, ieee80211_sysctl_msecs_ticks, "I",
105 "Retry timeout (msec)");
106 static int ieee80211_mesh_holdingtimeout = -1;
107 SYSCTL_PROC(_net_wlan_mesh, OID_AUTO, holdingtimeout, CTLTYPE_INT | CTLFLAG_RW,
108 &ieee80211_mesh_holdingtimeout, 0, ieee80211_sysctl_msecs_ticks, "I",
109 "Holding state timeout (msec)");
110 static int ieee80211_mesh_confirmtimeout = -1;
111 SYSCTL_PROC(_net_wlan_mesh, OID_AUTO, confirmtimeout, CTLTYPE_INT | CTLFLAG_RW,
112 &ieee80211_mesh_confirmtimeout, 0, ieee80211_sysctl_msecs_ticks, "I",
113 "Confirm state timeout (msec)");
114 static int ieee80211_mesh_maxretries = 2;
115 SYSCTL_INT(_net_wlan_mesh, OID_AUTO, maxretries, CTLTYPE_INT | CTLFLAG_RW,
116 &ieee80211_mesh_maxretries, 0,
117 "Maximum retries during peer link establishment");
119 static const uint8_t broadcastaddr[IEEE80211_ADDR_LEN] =
120 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
122 static ieee80211_recv_action_func mesh_recv_action_meshpeering_open;
123 static ieee80211_recv_action_func mesh_recv_action_meshpeering_confirm;
124 static ieee80211_recv_action_func mesh_recv_action_meshpeering_close;
125 static ieee80211_recv_action_func mesh_recv_action_meshlmetric;
127 static ieee80211_send_action_func mesh_send_action_meshpeering_open;
128 static ieee80211_send_action_func mesh_send_action_meshpeering_confirm;
129 static ieee80211_send_action_func mesh_send_action_meshpeering_close;
130 static ieee80211_send_action_func mesh_send_action_meshlmetric;
132 static const struct ieee80211_mesh_proto_metric mesh_metric_airtime = {
133 .mpm_descr = "AIRTIME",
134 .mpm_ie = IEEE80211_MESHCONF_METRIC_AIRTIME,
135 .mpm_metric = mesh_airtime_calc,
138 static struct ieee80211_mesh_proto_path mesh_proto_paths[4];
139 static struct ieee80211_mesh_proto_metric mesh_proto_metrics[4];
141 #define RT_ENTRY_LOCK(rt) mtx_lock(&(rt)->rt_lock)
142 #define RT_ENTRY_LOCK_ASSERT(rt) mtx_assert(&(rt)->rt_lock, MA_OWNED)
143 #define RT_ENTRY_UNLOCK(rt) mtx_unlock(&(rt)->rt_lock)
145 #define MESH_RT_LOCK(ms) mtx_lock(&(ms)->ms_rt_lock)
146 #define MESH_RT_LOCK_ASSERT(ms) mtx_assert(&(ms)->ms_rt_lock, MA_OWNED)
147 #define MESH_RT_UNLOCK(ms) mtx_unlock(&(ms)->ms_rt_lock)
149 MALLOC_DEFINE(M_80211_MESH_PREQ, "80211preq", "802.11 MESH Path Request frame");
150 MALLOC_DEFINE(M_80211_MESH_PREP, "80211prep", "802.11 MESH Path Reply frame");
151 MALLOC_DEFINE(M_80211_MESH_PERR, "80211perr", "802.11 MESH Path Error frame");
153 /* The longer one of the lifetime should be stored as new lifetime */
154 #define MESH_ROUTE_LIFETIME_MAX(a, b) (a > b ? a : b)
156 MALLOC_DEFINE(M_80211_MESH_RT, "80211mesh", "802.11s routing table");
159 * Helper functions to manipulate the Mesh routing table.
162 static struct ieee80211_mesh_route *
163 mesh_rt_find_locked(struct ieee80211_mesh_state *ms,
164 const uint8_t dest[IEEE80211_ADDR_LEN])
166 struct ieee80211_mesh_route *rt;
168 MESH_RT_LOCK_ASSERT(ms);
170 TAILQ_FOREACH(rt, &ms->ms_routes, rt_next) {
171 if (IEEE80211_ADDR_EQ(dest, rt->rt_dest))
177 static struct ieee80211_mesh_route *
178 mesh_rt_add_locked(struct ieee80211_mesh_state *ms,
179 const uint8_t dest[IEEE80211_ADDR_LEN])
181 struct ieee80211_mesh_route *rt;
183 KASSERT(!IEEE80211_ADDR_EQ(broadcastaddr, dest),
184 ("%s: adding broadcast to the routing table", __func__));
186 MESH_RT_LOCK_ASSERT(ms);
188 rt = malloc(ALIGN(sizeof(struct ieee80211_mesh_route)) +
189 ms->ms_ppath->mpp_privlen, M_80211_MESH_RT, M_NOWAIT | M_ZERO);
191 IEEE80211_ADDR_COPY(rt->rt_dest, dest);
192 rt->rt_priv = (void *)ALIGN(&rt[1]);
193 mtx_init(&rt->rt_lock, "MBSS_RT", "802.11s route entry", MTX_DEF);
194 rt->rt_updtime = ticks; /* create time */
195 TAILQ_INSERT_TAIL(&ms->ms_routes, rt, rt_next);
200 struct ieee80211_mesh_route *
201 ieee80211_mesh_rt_find(struct ieee80211vap *vap,
202 const uint8_t dest[IEEE80211_ADDR_LEN])
204 struct ieee80211_mesh_state *ms = vap->iv_mesh;
205 struct ieee80211_mesh_route *rt;
208 rt = mesh_rt_find_locked(ms, dest);
213 struct ieee80211_mesh_route *
214 ieee80211_mesh_rt_add(struct ieee80211vap *vap,
215 const uint8_t dest[IEEE80211_ADDR_LEN])
217 struct ieee80211_mesh_state *ms = vap->iv_mesh;
218 struct ieee80211_mesh_route *rt;
220 KASSERT(ieee80211_mesh_rt_find(vap, dest) == NULL,
221 ("%s: duplicate entry in the routing table", __func__));
222 KASSERT(!IEEE80211_ADDR_EQ(vap->iv_myaddr, dest),
223 ("%s: adding self to the routing table", __func__));
226 rt = mesh_rt_add_locked(ms, dest);
232 * Update the route lifetime and returns the updated lifetime.
233 * If new_lifetime is zero and route is timedout it will be invalidated.
234 * new_lifetime is in msec
237 ieee80211_mesh_rt_update(struct ieee80211_mesh_route *rt, int new_lifetime)
240 uint32_t lifetime = 0;
245 /* dont clobber a proxy entry gated by us */
246 if (rt->rt_flags & IEEE80211_MESHRT_FLAGS_PROXY && rt->rt_nhops == 0) {
248 return rt->rt_lifetime;
251 timesince = ticks_to_msecs(now - rt->rt_updtime);
252 rt->rt_updtime = now;
253 if (timesince >= rt->rt_lifetime) {
254 if (new_lifetime != 0) {
255 rt->rt_lifetime = new_lifetime;
258 rt->rt_flags &= ~IEEE80211_MESHRT_FLAGS_VALID;
262 /* update what is left of lifetime */
263 rt->rt_lifetime = rt->rt_lifetime - timesince;
264 rt->rt_lifetime = MESH_ROUTE_LIFETIME_MAX(
265 new_lifetime, rt->rt_lifetime);
267 lifetime = rt->rt_lifetime;
274 * Add a proxy route (as needed) for the specified destination.
277 ieee80211_mesh_proxy_check(struct ieee80211vap *vap,
278 const uint8_t dest[IEEE80211_ADDR_LEN])
280 struct ieee80211_mesh_state *ms = vap->iv_mesh;
281 struct ieee80211_mesh_route *rt;
284 rt = mesh_rt_find_locked(ms, dest);
286 rt = mesh_rt_add_locked(ms, dest);
288 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_MESH, dest,
289 "%s", "unable to add proxy entry");
290 vap->iv_stats.is_mesh_rtaddfailed++;
292 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_MESH, dest,
293 "%s", "add proxy entry");
294 IEEE80211_ADDR_COPY(rt->rt_mesh_gate, vap->iv_myaddr);
295 IEEE80211_ADDR_COPY(rt->rt_nexthop, vap->iv_myaddr);
296 rt->rt_flags |= IEEE80211_MESHRT_FLAGS_VALID
297 | IEEE80211_MESHRT_FLAGS_PROXY;
299 } else if ((rt->rt_flags & IEEE80211_MESHRT_FLAGS_VALID) == 0) {
300 KASSERT(rt->rt_flags & IEEE80211_MESHRT_FLAGS_PROXY,
301 ("no proxy flag for poxy entry"));
302 struct ieee80211com *ic = vap->iv_ic;
304 * Fix existing entry created by received frames from
305 * stations that have some memory of dest. We also
306 * flush any frames held on the staging queue; delivering
307 * them is too much trouble right now.
309 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_MESH, dest,
310 "%s", "fix proxy entry");
311 IEEE80211_ADDR_COPY(rt->rt_nexthop, vap->iv_myaddr);
312 rt->rt_flags |= IEEE80211_MESHRT_FLAGS_VALID
313 | IEEE80211_MESHRT_FLAGS_PROXY;
314 /* XXX belongs in hwmp */
315 ieee80211_ageq_drain_node(&ic->ic_stageq,
316 (void *)(uintptr_t) ieee80211_mac_hash(ic, dest));
323 mesh_rt_del(struct ieee80211_mesh_state *ms, struct ieee80211_mesh_route *rt)
325 TAILQ_REMOVE(&ms->ms_routes, rt, rt_next);
327 * Grab the lock before destroying it, to be sure no one else
328 * is holding the route.
331 mtx_destroy(&rt->rt_lock);
332 free(rt, M_80211_MESH_RT);
336 ieee80211_mesh_rt_del(struct ieee80211vap *vap,
337 const uint8_t dest[IEEE80211_ADDR_LEN])
339 struct ieee80211_mesh_state *ms = vap->iv_mesh;
340 struct ieee80211_mesh_route *rt, *next;
343 TAILQ_FOREACH_SAFE(rt, &ms->ms_routes, rt_next, next) {
344 if (IEEE80211_ADDR_EQ(rt->rt_dest, dest)) {
354 ieee80211_mesh_rt_flush(struct ieee80211vap *vap)
356 struct ieee80211_mesh_state *ms = vap->iv_mesh;
357 struct ieee80211_mesh_route *rt, *next;
362 TAILQ_FOREACH_SAFE(rt, &ms->ms_routes, rt_next, next)
368 ieee80211_mesh_rt_flush_peer(struct ieee80211vap *vap,
369 const uint8_t peer[IEEE80211_ADDR_LEN])
371 struct ieee80211_mesh_state *ms = vap->iv_mesh;
372 struct ieee80211_mesh_route *rt, *next;
375 TAILQ_FOREACH_SAFE(rt, &ms->ms_routes, rt_next, next) {
376 if (IEEE80211_ADDR_EQ(rt->rt_nexthop, peer))
383 * Flush expired routing entries, i.e. those in invalid state for
387 mesh_rt_flush_invalid(struct ieee80211vap *vap)
389 struct ieee80211_mesh_state *ms = vap->iv_mesh;
390 struct ieee80211_mesh_route *rt, *next;
395 TAILQ_FOREACH_SAFE(rt, &ms->ms_routes, rt_next, next) {
396 ieee80211_mesh_rt_update(rt, 0);
398 * NB: we check for lifetime == 0 so that we give a chance
399 * for route discovery to complete.
401 if ((rt->rt_flags & IEEE80211_MESHRT_FLAGS_VALID) == 0 &&
402 rt->rt_lifetime == 0)
408 #define N(a) (sizeof(a) / sizeof(a[0]))
410 ieee80211_mesh_register_proto_path(const struct ieee80211_mesh_proto_path *mpp)
412 int i, firstempty = -1;
414 for (i = 0; i < N(mesh_proto_paths); i++) {
415 if (strncmp(mpp->mpp_descr, mesh_proto_paths[i].mpp_descr,
416 IEEE80211_MESH_PROTO_DSZ) == 0)
418 if (!mesh_proto_paths[i].mpp_active && firstempty == -1)
423 memcpy(&mesh_proto_paths[firstempty], mpp, sizeof(*mpp));
424 mesh_proto_paths[firstempty].mpp_active = 1;
429 ieee80211_mesh_register_proto_metric(const struct
430 ieee80211_mesh_proto_metric *mpm)
432 int i, firstempty = -1;
434 for (i = 0; i < N(mesh_proto_metrics); i++) {
435 if (strncmp(mpm->mpm_descr, mesh_proto_metrics[i].mpm_descr,
436 IEEE80211_MESH_PROTO_DSZ) == 0)
438 if (!mesh_proto_metrics[i].mpm_active && firstempty == -1)
443 memcpy(&mesh_proto_metrics[firstempty], mpm, sizeof(*mpm));
444 mesh_proto_metrics[firstempty].mpm_active = 1;
449 mesh_select_proto_path(struct ieee80211vap *vap, const char *name)
451 struct ieee80211_mesh_state *ms = vap->iv_mesh;
454 for (i = 0; i < N(mesh_proto_paths); i++) {
455 if (strcasecmp(mesh_proto_paths[i].mpp_descr, name) == 0) {
456 ms->ms_ppath = &mesh_proto_paths[i];
464 mesh_select_proto_metric(struct ieee80211vap *vap, const char *name)
466 struct ieee80211_mesh_state *ms = vap->iv_mesh;
469 for (i = 0; i < N(mesh_proto_metrics); i++) {
470 if (strcasecmp(mesh_proto_metrics[i].mpm_descr, name) == 0) {
471 ms->ms_pmetric = &mesh_proto_metrics[i];
480 ieee80211_mesh_init(void)
483 memset(mesh_proto_paths, 0, sizeof(mesh_proto_paths));
484 memset(mesh_proto_metrics, 0, sizeof(mesh_proto_metrics));
487 * Setup mesh parameters that depends on the clock frequency.
489 ieee80211_mesh_retrytimeout = msecs_to_ticks(40);
490 ieee80211_mesh_holdingtimeout = msecs_to_ticks(40);
491 ieee80211_mesh_confirmtimeout = msecs_to_ticks(40);
494 * Register action frame handlers.
496 ieee80211_recv_action_register(IEEE80211_ACTION_CAT_SELF_PROT,
497 IEEE80211_ACTION_MESHPEERING_OPEN,
498 mesh_recv_action_meshpeering_open);
499 ieee80211_recv_action_register(IEEE80211_ACTION_CAT_SELF_PROT,
500 IEEE80211_ACTION_MESHPEERING_CONFIRM,
501 mesh_recv_action_meshpeering_confirm);
502 ieee80211_recv_action_register(IEEE80211_ACTION_CAT_SELF_PROT,
503 IEEE80211_ACTION_MESHPEERING_CLOSE,
504 mesh_recv_action_meshpeering_close);
505 ieee80211_recv_action_register(IEEE80211_ACTION_CAT_MESH,
506 IEEE80211_ACTION_MESH_LMETRIC, mesh_recv_action_meshlmetric);
508 ieee80211_send_action_register(IEEE80211_ACTION_CAT_SELF_PROT,
509 IEEE80211_ACTION_MESHPEERING_OPEN,
510 mesh_send_action_meshpeering_open);
511 ieee80211_send_action_register(IEEE80211_ACTION_CAT_SELF_PROT,
512 IEEE80211_ACTION_MESHPEERING_CONFIRM,
513 mesh_send_action_meshpeering_confirm);
514 ieee80211_send_action_register(IEEE80211_ACTION_CAT_SELF_PROT,
515 IEEE80211_ACTION_MESHPEERING_CLOSE,
516 mesh_send_action_meshpeering_close);
517 ieee80211_send_action_register(IEEE80211_ACTION_CAT_MESH,
518 IEEE80211_ACTION_MESH_LMETRIC,
519 mesh_send_action_meshlmetric);
522 * Register Airtime Link Metric.
524 ieee80211_mesh_register_proto_metric(&mesh_metric_airtime);
527 SYSINIT(wlan_mesh, SI_SUB_DRIVERS, SI_ORDER_FIRST, ieee80211_mesh_init, NULL);
530 ieee80211_mesh_attach(struct ieee80211com *ic)
532 ic->ic_vattach[IEEE80211_M_MBSS] = mesh_vattach;
536 ieee80211_mesh_detach(struct ieee80211com *ic)
541 mesh_vdetach_peers(void *arg, struct ieee80211_node *ni)
543 struct ieee80211com *ic = ni->ni_ic;
546 if (ni->ni_mlstate == IEEE80211_NODE_MESH_ESTABLISHED) {
547 args[0] = ni->ni_mlpid;
548 args[1] = ni->ni_mllid;
549 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
550 ieee80211_send_action(ni,
551 IEEE80211_ACTION_CAT_SELF_PROT,
552 IEEE80211_ACTION_MESHPEERING_CLOSE,
555 callout_drain(&ni->ni_mltimer);
556 /* XXX belongs in hwmp */
557 ieee80211_ageq_drain_node(&ic->ic_stageq,
558 (void *)(uintptr_t) ieee80211_mac_hash(ic, ni->ni_macaddr));
562 mesh_vdetach(struct ieee80211vap *vap)
564 struct ieee80211_mesh_state *ms = vap->iv_mesh;
566 callout_drain(&ms->ms_cleantimer);
567 ieee80211_iterate_nodes(&vap->iv_ic->ic_sta, mesh_vdetach_peers,
569 ieee80211_mesh_rt_flush(vap);
570 mtx_destroy(&ms->ms_rt_lock);
571 ms->ms_ppath->mpp_vdetach(vap);
572 free(vap->iv_mesh, M_80211_VAP);
577 mesh_vattach(struct ieee80211vap *vap)
579 struct ieee80211_mesh_state *ms;
580 vap->iv_newstate = mesh_newstate;
581 vap->iv_input = mesh_input;
582 vap->iv_opdetach = mesh_vdetach;
583 vap->iv_recv_mgmt = mesh_recv_mgmt;
584 vap->iv_recv_ctl = mesh_recv_ctl;
585 ms = malloc(sizeof(struct ieee80211_mesh_state), M_80211_VAP,
588 printf("%s: couldn't alloc MBSS state\n", __func__);
593 ms->ms_flags = (IEEE80211_MESHFLAGS_AP | IEEE80211_MESHFLAGS_FWD);
594 ms->ms_ttl = IEEE80211_MESH_DEFAULT_TTL;
595 TAILQ_INIT(&ms->ms_routes);
596 mtx_init(&ms->ms_rt_lock, "MBSS", "802.11s routing table", MTX_DEF);
597 callout_init(&ms->ms_cleantimer, CALLOUT_MPSAFE);
598 mesh_select_proto_metric(vap, "AIRTIME");
599 KASSERT(ms->ms_pmetric, ("ms_pmetric == NULL"));
600 mesh_select_proto_path(vap, "HWMP");
601 KASSERT(ms->ms_ppath, ("ms_ppath == NULL"));
602 ms->ms_ppath->mpp_vattach(vap);
606 * IEEE80211_M_MBSS vap state machine handler.
609 mesh_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
611 struct ieee80211_mesh_state *ms = vap->iv_mesh;
612 struct ieee80211com *ic = vap->iv_ic;
613 struct ieee80211_node *ni;
614 enum ieee80211_state ostate;
616 IEEE80211_LOCK_ASSERT(ic);
618 ostate = vap->iv_state;
619 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, "%s: %s -> %s (%d)\n",
620 __func__, ieee80211_state_name[ostate],
621 ieee80211_state_name[nstate], arg);
622 vap->iv_state = nstate; /* state transition */
623 if (ostate != IEEE80211_S_SCAN)
624 ieee80211_cancel_scan(vap); /* background scan */
625 ni = vap->iv_bss; /* NB: no reference held */
626 if (nstate != IEEE80211_S_RUN && ostate == IEEE80211_S_RUN)
627 callout_drain(&ms->ms_cleantimer);
629 case IEEE80211_S_INIT:
631 case IEEE80211_S_SCAN:
632 ieee80211_cancel_scan(vap);
634 case IEEE80211_S_CAC:
635 ieee80211_dfs_cac_stop(vap);
637 case IEEE80211_S_RUN:
638 ieee80211_iterate_nodes(&ic->ic_sta,
639 mesh_vdetach_peers, NULL);
644 if (ostate != IEEE80211_S_INIT) {
645 /* NB: optimize INIT -> INIT case */
646 ieee80211_reset_bss(vap);
647 ieee80211_mesh_rt_flush(vap);
650 case IEEE80211_S_SCAN:
652 case IEEE80211_S_INIT:
653 if (vap->iv_des_chan != IEEE80211_CHAN_ANYC &&
654 !IEEE80211_IS_CHAN_RADAR(vap->iv_des_chan) &&
657 * Already have a channel and a mesh ID; bypass
658 * the scan and startup immediately.
660 ieee80211_create_ibss(vap, vap->iv_des_chan);
664 * Initiate a scan. We can come here as a result
665 * of an IEEE80211_IOC_SCAN_REQ too in which case
666 * the vap will be marked with IEEE80211_FEXT_SCANREQ
667 * and the scan request parameters will be present
668 * in iv_scanreq. Otherwise we do the default.
670 if (vap->iv_flags_ext & IEEE80211_FEXT_SCANREQ) {
671 ieee80211_check_scan(vap,
672 vap->iv_scanreq_flags,
673 vap->iv_scanreq_duration,
674 vap->iv_scanreq_mindwell,
675 vap->iv_scanreq_maxdwell,
676 vap->iv_scanreq_nssid, vap->iv_scanreq_ssid);
677 vap->iv_flags_ext &= ~IEEE80211_FEXT_SCANREQ;
679 ieee80211_check_scan_current(vap);
685 case IEEE80211_S_CAC:
687 * Start CAC on a DFS channel. We come here when starting
688 * a bss on a DFS channel (see ieee80211_create_ibss).
690 ieee80211_dfs_cac_start(vap);
692 case IEEE80211_S_RUN:
694 case IEEE80211_S_INIT:
696 * Already have a channel; bypass the
697 * scan and startup immediately.
698 * Note that ieee80211_create_ibss will call
699 * back to do a RUN->RUN state change.
701 ieee80211_create_ibss(vap,
702 ieee80211_ht_adjust_channel(ic,
703 ic->ic_curchan, vap->iv_flags_ht));
704 /* NB: iv_bss is changed on return */
706 case IEEE80211_S_CAC:
708 * NB: This is the normal state change when CAC
709 * expires and no radar was detected; no need to
710 * clear the CAC timer as it's already expired.
713 case IEEE80211_S_CSA:
716 * Shorten inactivity timer of associated stations
717 * to weed out sta's that don't follow a CSA.
719 ieee80211_iterate_nodes(&ic->ic_sta, sta_csa, vap);
722 * Update bss node channel to reflect where
723 * we landed after CSA.
725 ieee80211_node_set_chan(vap->iv_bss,
726 ieee80211_ht_adjust_channel(ic, ic->ic_curchan,
727 ieee80211_htchanflags(vap->iv_bss->ni_chan)));
728 /* XXX bypass debug msgs */
730 case IEEE80211_S_SCAN:
731 case IEEE80211_S_RUN:
732 #ifdef IEEE80211_DEBUG
733 if (ieee80211_msg_debug(vap)) {
734 struct ieee80211_node *ni = vap->iv_bss;
736 "synchronized with %s meshid ",
737 ether_sprintf(ni->ni_meshid));
738 ieee80211_print_essid(ni->ni_meshid,
741 printf(" channel %d\n",
742 ieee80211_chan2ieee(ic, ic->ic_curchan));
749 ieee80211_node_authorize(vap->iv_bss);
750 callout_reset(&ms->ms_cleantimer, ms->ms_ppath->mpp_inact,
751 mesh_rt_cleanup_cb, vap);
756 /* NB: ostate not nstate */
757 ms->ms_ppath->mpp_newstate(vap, ostate, arg);
762 mesh_rt_cleanup_cb(void *arg)
764 struct ieee80211vap *vap = arg;
765 struct ieee80211_mesh_state *ms = vap->iv_mesh;
767 mesh_rt_flush_invalid(vap);
768 callout_reset(&ms->ms_cleantimer, ms->ms_ppath->mpp_inact,
769 mesh_rt_cleanup_cb, vap);
774 * Helper function to note the Mesh Peer Link FSM change.
777 mesh_linkchange(struct ieee80211_node *ni, enum ieee80211_mesh_mlstate state)
779 struct ieee80211vap *vap = ni->ni_vap;
780 struct ieee80211_mesh_state *ms = vap->iv_mesh;
781 #ifdef IEEE80211_DEBUG
782 static const char *meshlinkstates[] = {
783 [IEEE80211_NODE_MESH_IDLE] = "IDLE",
784 [IEEE80211_NODE_MESH_OPENSNT] = "OPEN SENT",
785 [IEEE80211_NODE_MESH_OPENRCV] = "OPEN RECEIVED",
786 [IEEE80211_NODE_MESH_CONFIRMRCV] = "CONFIRM RECEIVED",
787 [IEEE80211_NODE_MESH_ESTABLISHED] = "ESTABLISHED",
788 [IEEE80211_NODE_MESH_HOLDING] = "HOLDING"
791 IEEE80211_NOTE(vap, IEEE80211_MSG_MESH,
792 ni, "peer link: %s -> %s",
793 meshlinkstates[ni->ni_mlstate], meshlinkstates[state]);
795 /* track neighbor count */
796 if (state == IEEE80211_NODE_MESH_ESTABLISHED &&
797 ni->ni_mlstate != IEEE80211_NODE_MESH_ESTABLISHED) {
798 KASSERT(ms->ms_neighbors < 65535, ("neighbor count overflow"));
800 ieee80211_beacon_notify(vap, IEEE80211_BEACON_MESHCONF);
801 } else if (ni->ni_mlstate == IEEE80211_NODE_MESH_ESTABLISHED &&
802 state != IEEE80211_NODE_MESH_ESTABLISHED) {
803 KASSERT(ms->ms_neighbors > 0, ("neighbor count 0"));
805 ieee80211_beacon_notify(vap, IEEE80211_BEACON_MESHCONF);
807 ni->ni_mlstate = state;
809 case IEEE80211_NODE_MESH_HOLDING:
810 ms->ms_ppath->mpp_peerdown(ni);
812 case IEEE80211_NODE_MESH_ESTABLISHED:
813 ieee80211_mesh_discover(vap, ni->ni_macaddr, NULL);
821 * Helper function to generate a unique local ID required for mesh
822 * peer establishment.
825 mesh_checkid(void *arg, struct ieee80211_node *ni)
829 if (*r == ni->ni_mllid)
830 *(uint16_t *)arg = 0;
834 mesh_generateid(struct ieee80211vap *vap)
840 get_random_bytes(&r, 2);
841 ieee80211_iterate_nodes(&vap->iv_ic->ic_sta, mesh_checkid, &r);
843 } while (r == 0 && maxiter > 0);
848 * Verifies if we already received this packet by checking its
850 * Returns 0 if the frame is to be accepted, 1 otherwise.
853 mesh_checkpseq(struct ieee80211vap *vap,
854 const uint8_t source[IEEE80211_ADDR_LEN], uint32_t seq)
856 struct ieee80211_mesh_route *rt;
858 rt = ieee80211_mesh_rt_find(vap, source);
860 rt = ieee80211_mesh_rt_add(vap, source);
862 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_MESH, source,
863 "%s", "add mcast route failed");
864 vap->iv_stats.is_mesh_rtaddfailed++;
867 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_MESH, source,
868 "add mcast route, mesh seqno %d", seq);
869 rt->rt_lastmseq = seq;
872 if (IEEE80211_MESH_SEQ_GEQ(rt->rt_lastmseq, seq)) {
875 rt->rt_lastmseq = seq;
881 * Iterate the routing table and locate the next hop.
883 static struct ieee80211_node *
884 mesh_find_txnode(struct ieee80211vap *vap,
885 const uint8_t dest[IEEE80211_ADDR_LEN])
887 struct ieee80211_mesh_route *rt;
889 rt = ieee80211_mesh_rt_find(vap, dest);
892 if ((rt->rt_flags & IEEE80211_MESHRT_FLAGS_VALID) == 0 ||
893 (rt->rt_flags & IEEE80211_MESHRT_FLAGS_PROXY)) {
894 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_MESH, dest,
895 "%s: !valid or proxy, flags 0x%x", __func__, rt->rt_flags);
899 return ieee80211_find_txnode(vap, rt->rt_nexthop);
903 * Forward the specified frame.
904 * Decrement the TTL and set TA to our MAC address.
907 mesh_forward(struct ieee80211vap *vap, struct mbuf *m,
908 const struct ieee80211_meshcntl *mc)
910 struct ieee80211com *ic = vap->iv_ic;
911 struct ieee80211_mesh_state *ms = vap->iv_mesh;
912 struct ifnet *ifp = vap->iv_ifp;
913 struct ifnet *parent = ic->ic_ifp;
914 const struct ieee80211_frame *wh =
915 mtod(m, const struct ieee80211_frame *);
917 struct ieee80211_meshcntl *mccopy;
918 struct ieee80211_frame *whcopy;
919 struct ieee80211_node *ni;
923 * mesh ttl of 1 means we are the last one receving it,
924 * according to amendment we decrement and then check if
925 * 0, if so we dont forward.
927 if (mc->mc_ttl < 1) {
928 IEEE80211_NOTE_FRAME(vap, IEEE80211_MSG_MESH, wh,
929 "%s", "frame not fwd'd, ttl 1");
930 vap->iv_stats.is_mesh_fwd_ttl++;
933 if (!(ms->ms_flags & IEEE80211_MESHFLAGS_FWD)) {
934 IEEE80211_NOTE_FRAME(vap, IEEE80211_MSG_MESH, wh,
935 "%s", "frame not fwd'd, fwding disabled");
936 vap->iv_stats.is_mesh_fwd_disabled++;
939 mcopy = m_dup(m, M_DONTWAIT);
941 IEEE80211_NOTE_FRAME(vap, IEEE80211_MSG_MESH, wh,
942 "%s", "frame not fwd'd, cannot dup");
943 vap->iv_stats.is_mesh_fwd_nobuf++;
947 mcopy = m_pullup(mcopy, ieee80211_hdrspace(ic, wh) +
948 sizeof(struct ieee80211_meshcntl));
950 IEEE80211_NOTE_FRAME(vap, IEEE80211_MSG_MESH, wh,
951 "%s", "frame not fwd'd, too short");
952 vap->iv_stats.is_mesh_fwd_tooshort++;
957 whcopy = mtod(mcopy, struct ieee80211_frame *);
958 mccopy = (struct ieee80211_meshcntl *)
959 (mtod(mcopy, uint8_t *) + ieee80211_hdrspace(ic, wh));
960 /* XXX clear other bits? */
961 whcopy->i_fc[1] &= ~IEEE80211_FC1_RETRY;
962 IEEE80211_ADDR_COPY(whcopy->i_addr2, vap->iv_myaddr);
963 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) {
964 ni = ieee80211_ref_node(vap->iv_bss);
965 mcopy->m_flags |= M_MCAST;
967 ni = mesh_find_txnode(vap, whcopy->i_addr3);
970 * [Optional] any of the following three actions:
972 * o trigger a path discovery
973 * o inform TA that meshDA is unreachable.
975 IEEE80211_NOTE_FRAME(vap, IEEE80211_MSG_MESH, wh,
976 "%s", "frame not fwd'd, no path");
977 vap->iv_stats.is_mesh_fwd_nopath++;
981 IEEE80211_ADDR_COPY(whcopy->i_addr1, ni->ni_macaddr);
983 KASSERT(mccopy->mc_ttl > 0, ("%s called with wrong ttl", __func__));
986 /* XXX calculate priority so drivers can find the tx queue */
987 M_WME_SETAC(mcopy, WME_AC_BE);
989 /* XXX do we know m_nextpkt is NULL? */
990 mcopy->m_pkthdr.rcvif = (void *) ni;
991 err = parent->if_transmit(parent, mcopy);
993 /* NB: IFQ_HANDOFF reclaims mbuf */
994 ieee80211_free_node(ni);
1000 static struct mbuf *
1001 mesh_decap(struct ieee80211vap *vap, struct mbuf *m, int hdrlen, int meshdrlen)
1003 #define WHDIR(wh) ((wh)->i_fc[1] & IEEE80211_FC1_DIR_MASK)
1004 #define MC01(mc) ((const struct ieee80211_meshcntl_ae01 *)mc)
1005 uint8_t b[sizeof(struct ieee80211_qosframe_addr4) +
1006 sizeof(struct ieee80211_meshcntl_ae10)];
1007 const struct ieee80211_qosframe_addr4 *wh;
1008 const struct ieee80211_meshcntl_ae10 *mc;
1009 struct ether_header *eh;
1013 if (m->m_len < hdrlen + sizeof(*llc) &&
1014 (m = m_pullup(m, hdrlen + sizeof(*llc))) == NULL) {
1015 IEEE80211_DPRINTF(vap, IEEE80211_MSG_ANY,
1016 "discard data frame: %s", "m_pullup failed");
1017 vap->iv_stats.is_rx_tooshort++;
1020 memcpy(b, mtod(m, caddr_t), hdrlen);
1021 wh = (const struct ieee80211_qosframe_addr4 *)&b[0];
1022 mc = (const struct ieee80211_meshcntl_ae10 *)&b[hdrlen - meshdrlen];
1023 KASSERT(WHDIR(wh) == IEEE80211_FC1_DIR_FROMDS ||
1024 WHDIR(wh) == IEEE80211_FC1_DIR_DSTODS,
1025 ("bogus dir, fc 0x%x:0x%x", wh->i_fc[0], wh->i_fc[1]));
1027 llc = (struct llc *)(mtod(m, caddr_t) + hdrlen);
1028 if (llc->llc_dsap == LLC_SNAP_LSAP && llc->llc_ssap == LLC_SNAP_LSAP &&
1029 llc->llc_control == LLC_UI && llc->llc_snap.org_code[0] == 0 &&
1030 llc->llc_snap.org_code[1] == 0 && llc->llc_snap.org_code[2] == 0 &&
1031 /* NB: preserve AppleTalk frames that have a native SNAP hdr */
1032 !(llc->llc_snap.ether_type == htons(ETHERTYPE_AARP) ||
1033 llc->llc_snap.ether_type == htons(ETHERTYPE_IPX))) {
1034 m_adj(m, hdrlen + sizeof(struct llc) - sizeof(*eh));
1037 m_adj(m, hdrlen - sizeof(*eh));
1039 eh = mtod(m, struct ether_header *);
1040 ae = mc->mc_flags & IEEE80211_MESH_AE_MASK;
1041 if (WHDIR(wh) == IEEE80211_FC1_DIR_FROMDS) {
1042 IEEE80211_ADDR_COPY(eh->ether_dhost, wh->i_addr1);
1043 if (ae == IEEE80211_MESH_AE_00) {
1044 IEEE80211_ADDR_COPY(eh->ether_shost, wh->i_addr3);
1045 } else if (ae == IEEE80211_MESH_AE_01) {
1046 IEEE80211_ADDR_COPY(eh->ether_shost,
1047 MC01(mc)->mc_addr4);
1049 IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
1050 (const struct ieee80211_frame *)wh, NULL,
1052 vap->iv_stats.is_mesh_badae++;
1057 if (ae == IEEE80211_MESH_AE_00) {
1058 IEEE80211_ADDR_COPY(eh->ether_dhost, wh->i_addr3);
1059 IEEE80211_ADDR_COPY(eh->ether_shost, wh->i_addr4);
1060 } else if (ae == IEEE80211_MESH_AE_10) {
1061 IEEE80211_ADDR_COPY(eh->ether_dhost, mc->mc_addr5);
1062 IEEE80211_ADDR_COPY(eh->ether_shost, mc->mc_addr6);
1064 IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
1065 (const struct ieee80211_frame *)wh, NULL,
1067 vap->iv_stats.is_mesh_badae++;
1072 #ifdef ALIGNED_POINTER
1073 if (!ALIGNED_POINTER(mtod(m, caddr_t) + sizeof(*eh), uint32_t)) {
1074 m = ieee80211_realign(vap, m, sizeof(*eh));
1078 #endif /* ALIGNED_POINTER */
1080 eh = mtod(m, struct ether_header *);
1081 eh->ether_type = htons(m->m_pkthdr.len - sizeof(*eh));
1089 * Return non-zero if the unicast mesh data frame should be processed
1090 * locally. Frames that are not proxy'd have our address, otherwise
1091 * we need to consult the routing table to look for a proxy entry.
1094 mesh_isucastforme(struct ieee80211vap *vap, const struct ieee80211_frame *wh,
1095 const struct ieee80211_meshcntl *mc)
1097 int ae = mc->mc_flags & 3;
1099 KASSERT((wh->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS,
1100 ("bad dir 0x%x:0x%x", wh->i_fc[0], wh->i_fc[1]));
1101 KASSERT(ae == IEEE80211_MESH_AE_00 || ae == IEEE80211_MESH_AE_10,
1103 if (ae == IEEE80211_MESH_AE_10) { /* ucast w/ proxy */
1104 const struct ieee80211_meshcntl_ae10 *mc10 =
1105 (const struct ieee80211_meshcntl_ae10 *) mc;
1106 struct ieee80211_mesh_route *rt =
1107 ieee80211_mesh_rt_find(vap, mc10->mc_addr5);
1108 /* check for proxy route to ourself */
1109 return (rt != NULL &&
1110 (rt->rt_flags & IEEE80211_MESHRT_FLAGS_PROXY));
1111 } else /* ucast w/o proxy */
1112 return IEEE80211_ADDR_EQ(wh->i_addr3, vap->iv_myaddr);
1116 * Verifies transmitter, updates lifetime, precursor list and forwards data.
1117 * > 0 means we have forwarded data and no need to process locally
1118 * == 0 means we want to process locally (and we may have forwarded data
1119 * < 0 means there was an error and data should be discarded
1122 mesh_recv_indiv_data_to_fwrd(struct ieee80211vap *vap, struct mbuf *m,
1123 struct ieee80211_frame *wh, const struct ieee80211_meshcntl *mc)
1125 struct ieee80211_qosframe_addr4 *qwh;
1126 struct ieee80211_mesh_state *ms = vap->iv_mesh;
1127 struct ieee80211_mesh_route *rt_meshda, *rt_meshsa;
1129 qwh = (struct ieee80211_qosframe_addr4 *)wh;
1133 * o verify addr2 is a legitimate transmitter
1134 * o lifetime of precursor of addr3 (addr2) is max(init, curr)
1135 * o lifetime of precursor of addr4 (nexthop) is max(init, curr)
1138 /* set lifetime of addr3 (meshDA) to initial value */
1139 rt_meshda = ieee80211_mesh_rt_find(vap, qwh->i_addr3);
1140 KASSERT(rt_meshda != NULL, ("no route"));
1141 ieee80211_mesh_rt_update(rt_meshda, ticks_to_msecs(
1142 ms->ms_ppath->mpp_inact));
1144 /* set lifetime of addr4 (meshSA) to initial value */
1145 rt_meshsa = ieee80211_mesh_rt_find(vap, qwh->i_addr4);
1146 KASSERT(rt_meshsa != NULL, ("no route"));
1147 ieee80211_mesh_rt_update(rt_meshsa, ticks_to_msecs(
1148 ms->ms_ppath->mpp_inact));
1150 mesh_forward(vap, m, mc);
1151 return (1); /* dont process locally */
1155 * Verifies transmitter, updates lifetime, precursor list and process data
1156 * locally, if data is is proxy with AE = 10 it could mean data should go
1157 * on another mesh path or data should be forwarded to the DS.
1159 * > 0 means we have forwarded data and no need to process locally
1160 * == 0 means we want to process locally (and we may have forwarded data
1161 * < 0 means there was an error and data should be discarded
1164 mesh_recv_indiv_data_to_me(struct ieee80211vap *vap, struct mbuf *m,
1165 struct ieee80211_frame *wh, const struct ieee80211_meshcntl *mc)
1167 struct ieee80211_qosframe_addr4 *qwh;
1168 const struct ieee80211_meshcntl_ae10 *mc10;
1169 struct ieee80211_mesh_state *ms = vap->iv_mesh;
1170 struct ieee80211_mesh_route *rt;
1173 qwh = (struct ieee80211_qosframe_addr4 *)wh;
1174 mc10 = (const struct ieee80211_meshcntl_ae10 *)mc;
1178 * o verify addr2 is a legitimate transmitter
1179 * o lifetime of precursor entry is max(init, curr)
1182 /* set lifetime of addr4 (meshSA) to initial value */
1183 rt = ieee80211_mesh_rt_find(vap, qwh->i_addr4);
1184 KASSERT(rt != NULL, ("no route"));
1185 ieee80211_mesh_rt_update(rt, ticks_to_msecs(ms->ms_ppath->mpp_inact));
1188 ae = mc10->mc_flags & IEEE80211_MESH_AE_MASK;
1189 KASSERT(ae == IEEE80211_MESH_AE_00 ||
1190 ae == IEEE80211_MESH_AE_10, ("bad AE %d", ae));
1191 if (ae == IEEE80211_MESH_AE_10) {
1192 if (IEEE80211_ADDR_EQ(mc10->mc_addr5, qwh->i_addr3)) {
1193 return (0); /* process locally */
1196 rt = ieee80211_mesh_rt_find(vap, mc10->mc_addr5);
1198 (rt->rt_flags & IEEE80211_MESHRT_FLAGS_VALID) &&
1199 (rt->rt_flags & IEEE80211_MESHRT_FLAGS_PROXY) == 0) {
1201 * Forward on another mesh-path, according to
1202 * amendment as specified in 9.32.4.1
1204 IEEE80211_ADDR_COPY(qwh->i_addr3, mc10->mc_addr5);
1205 mesh_forward(vap, m,
1206 (const struct ieee80211_meshcntl *)mc10);
1207 return (1); /* dont process locally */
1210 * All other cases: forward of MSDUs from the MBSS to DS indiv.
1211 * addressed according to 13.11.3.2.
1214 return (0); /* process locally */
1218 * Try to forward the group addressed data on to other mesh STAs, and
1221 * > 0 means we have forwarded data and no need to process locally
1222 * == 0 means we want to process locally (and we may have forwarded data
1223 * < 0 means there was an error and data should be discarded
1226 mesh_recv_group_data(struct ieee80211vap *vap, struct mbuf *m,
1227 struct ieee80211_frame *wh, const struct ieee80211_meshcntl *mc)
1229 #define MC01(mc) ((const struct ieee80211_meshcntl_ae01 *)mc)
1230 struct ieee80211_mesh_state *ms = vap->iv_mesh;
1232 mesh_forward(vap, m, mc);
1234 if(mc->mc_ttl > 0) {
1235 if (mc->mc_flags & IEEE80211_MESH_AE_01) {
1237 * Forward of MSDUs from the MBSS to DS group addressed
1238 * (according to 13.11.3.2)
1239 * This happens by delivering the packet, and a bridge
1240 * will sent it on another port member.
1242 if (ms->ms_flags & IEEE80211_MESHFLAGS_PORTAL &&
1243 ms->ms_flags & IEEE80211_MESHFLAGS_FWD)
1244 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_MESH,
1245 MC01(mc)->mc_addr4, "%s",
1246 "forward from MBSS to the DS");
1249 return (0); /* process locally */
1254 mesh_input(struct ieee80211_node *ni, struct mbuf *m, int rssi, int nf)
1256 #define HAS_SEQ(type) ((type & 0x4) == 0)
1257 #define MC01(mc) ((const struct ieee80211_meshcntl_ae01 *)mc)
1258 #define MC10(mc) ((const struct ieee80211_meshcntl_ae10 *)mc)
1259 struct ieee80211vap *vap = ni->ni_vap;
1260 struct ieee80211com *ic = ni->ni_ic;
1261 struct ifnet *ifp = vap->iv_ifp;
1262 struct ieee80211_frame *wh;
1263 const struct ieee80211_meshcntl *mc;
1264 int hdrspace, meshdrlen, need_tap, error;
1265 uint8_t dir, type, subtype, ae;
1267 const uint8_t *addr;
1269 ieee80211_seq rxseq;
1271 KASSERT(ni != NULL, ("null node"));
1272 ni->ni_inact = ni->ni_inact_reload;
1274 need_tap = 1; /* mbuf need to be tapped. */
1275 type = -1; /* undefined */
1277 if (m->m_pkthdr.len < sizeof(struct ieee80211_frame_min)) {
1278 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
1279 ni->ni_macaddr, NULL,
1280 "too short (1): len %u", m->m_pkthdr.len);
1281 vap->iv_stats.is_rx_tooshort++;
1285 * Bit of a cheat here, we use a pointer for a 3-address
1286 * frame format but don't reference fields past outside
1287 * ieee80211_frame_min w/o first validating the data is
1290 wh = mtod(m, struct ieee80211_frame *);
1292 if ((wh->i_fc[0] & IEEE80211_FC0_VERSION_MASK) !=
1293 IEEE80211_FC0_VERSION_0) {
1294 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
1295 ni->ni_macaddr, NULL, "wrong version %x", wh->i_fc[0]);
1296 vap->iv_stats.is_rx_badversion++;
1299 dir = wh->i_fc[1] & IEEE80211_FC1_DIR_MASK;
1300 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
1301 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
1302 if ((ic->ic_flags & IEEE80211_F_SCAN) == 0) {
1303 IEEE80211_RSSI_LPF(ni->ni_avgrssi, rssi);
1305 if (HAS_SEQ(type)) {
1306 uint8_t tid = ieee80211_gettid(wh);
1308 if (IEEE80211_QOS_HAS_SEQ(wh) &&
1309 TID_TO_WME_AC(tid) >= WME_AC_VI)
1310 ic->ic_wme.wme_hipri_traffic++;
1311 rxseq = le16toh(*(uint16_t *)wh->i_seq);
1312 if (! ieee80211_check_rxseq(ni, wh)) {
1313 /* duplicate, discard */
1314 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
1315 wh->i_addr1, "duplicate",
1316 "seqno <%u,%u> fragno <%u,%u> tid %u",
1317 rxseq >> IEEE80211_SEQ_SEQ_SHIFT,
1318 ni->ni_rxseqs[tid] >>
1319 IEEE80211_SEQ_SEQ_SHIFT,
1320 rxseq & IEEE80211_SEQ_FRAG_MASK,
1321 ni->ni_rxseqs[tid] &
1322 IEEE80211_SEQ_FRAG_MASK,
1324 vap->iv_stats.is_rx_dup++;
1325 IEEE80211_NODE_STAT(ni, rx_dup);
1328 ni->ni_rxseqs[tid] = rxseq;
1331 #ifdef IEEE80211_DEBUG
1333 * It's easier, but too expensive, to simulate different mesh
1334 * topologies by consulting the ACL policy very early, so do this
1337 * NB: this check is also done upon peering link initiation.
1339 if (vap->iv_acl != NULL && !vap->iv_acl->iac_check(vap, wh)) {
1340 IEEE80211_DISCARD(vap, IEEE80211_MSG_ACL,
1341 wh, NULL, "%s", "disallowed by ACL");
1342 vap->iv_stats.is_rx_acl++;
1347 case IEEE80211_FC0_TYPE_DATA:
1348 if (ni == vap->iv_bss)
1350 if (ni->ni_mlstate != IEEE80211_NODE_MESH_ESTABLISHED) {
1351 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_MESH,
1352 ni->ni_macaddr, NULL,
1353 "peer link not yet established (%d)",
1355 vap->iv_stats.is_mesh_nolink++;
1358 if (dir != IEEE80211_FC1_DIR_FROMDS &&
1359 dir != IEEE80211_FC1_DIR_DSTODS) {
1360 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1361 wh, "data", "incorrect dir 0x%x", dir);
1362 vap->iv_stats.is_rx_wrongdir++;
1366 /* All Mesh data frames are QoS subtype */
1367 if (!HAS_SEQ(type)) {
1368 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1369 wh, "data", "incorrect subtype 0x%x", subtype);
1370 vap->iv_stats.is_rx_badsubtype++;
1375 * Next up, any fragmentation.
1376 * XXX: we defrag before we even try to forward,
1377 * Mesh Control field is not present in sub-sequent
1378 * fragmented frames. This is in contrast to Draft 4.0.
1380 hdrspace = ieee80211_hdrspace(ic, wh);
1381 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1382 m = ieee80211_defrag(ni, m, hdrspace);
1384 /* Fragment dropped or frame not complete yet */
1388 wh = mtod(m, struct ieee80211_frame *); /* NB: after defrag */
1391 * Now we have a complete Mesh Data frame.
1395 * Only fromDStoDS data frames use 4 address qos frames
1396 * as specified in amendment. Otherwise addr4 is located
1397 * in the Mesh Control field and a 3 address qos frame
1400 if (IEEE80211_IS_DSTODS(wh))
1401 *(uint16_t *)qos = *(uint16_t *)
1402 ((struct ieee80211_qosframe_addr4 *)wh)->i_qos;
1404 *(uint16_t *)qos = *(uint16_t *)
1405 ((struct ieee80211_qosframe *)wh)->i_qos;
1408 * NB: The mesh STA sets the Mesh Control Present
1409 * subfield to 1 in the Mesh Data frame containing
1410 * an unfragmented MSDU, an A-MSDU, or the first
1411 * fragment of an MSDU.
1412 * After defrag it should always be present.
1414 if (!(qos[1] & IEEE80211_QOS_MC)) {
1415 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_MESH,
1416 ni->ni_macaddr, NULL,
1417 "%s", "Mesh control field not present");
1418 vap->iv_stats.is_rx_elem_missing++; /* XXX: kinda */
1422 /* pull up enough to get to the mesh control */
1423 if (m->m_len < hdrspace + sizeof(struct ieee80211_meshcntl) &&
1424 (m = m_pullup(m, hdrspace +
1425 sizeof(struct ieee80211_meshcntl))) == NULL) {
1426 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
1427 ni->ni_macaddr, NULL,
1428 "data too short: expecting %u", hdrspace);
1429 vap->iv_stats.is_rx_tooshort++;
1433 * Now calculate the full extent of the headers. Note
1434 * mesh_decap will pull up anything we didn't get
1435 * above when it strips the 802.11 headers.
1437 mc = (const struct ieee80211_meshcntl *)
1438 (mtod(m, const uint8_t *) + hdrspace);
1439 ae = mc->mc_flags & IEEE80211_MESH_AE_MASK;
1440 meshdrlen = sizeof(struct ieee80211_meshcntl) +
1441 ae * IEEE80211_ADDR_LEN;
1442 hdrspace += meshdrlen;
1444 /* pull complete hdrspace = ieee80211_hdrspace + meshcontrol */
1445 if ((meshdrlen > sizeof(struct ieee80211_meshcntl)) &&
1446 (m->m_len < hdrspace) &&
1447 ((m = m_pullup(m, hdrspace)) == NULL)) {
1448 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
1449 ni->ni_macaddr, NULL,
1450 "data too short: expecting %u", hdrspace);
1451 vap->iv_stats.is_rx_tooshort++;
1454 /* XXX: are we sure there is no reallocating after m_pullup? */
1456 seq = LE_READ_4(mc->mc_seq);
1457 if (IEEE80211_IS_MULTICAST(wh->i_addr1))
1459 else if (ae == IEEE80211_MESH_AE_01)
1460 addr = MC01(mc)->mc_addr4;
1462 addr = ((struct ieee80211_qosframe_addr4 *)wh)->i_addr4;
1463 if (IEEE80211_ADDR_EQ(vap->iv_myaddr, addr)) {
1464 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
1465 addr, "data", "%s", "not to me");
1466 vap->iv_stats.is_rx_wrongbss++; /* XXX kinda */
1469 if (mesh_checkpseq(vap, addr, seq) != 0) {
1470 vap->iv_stats.is_rx_dup++;
1474 /* This code "routes" the frame to the right control path */
1475 if (!IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1476 if (IEEE80211_ADDR_EQ(vap->iv_myaddr, wh->i_addr3))
1478 mesh_recv_indiv_data_to_me(vap, m, wh, mc);
1479 else if (IEEE80211_IS_MULTICAST(wh->i_addr3))
1480 error = mesh_recv_group_data(vap, m, wh, mc);
1482 error = mesh_recv_indiv_data_to_fwrd(vap, m,
1485 error = mesh_recv_group_data(vap, m, wh, mc);
1491 if (ieee80211_radiotap_active_vap(vap))
1492 ieee80211_radiotap_rx(vap, m);
1496 * Finally, strip the 802.11 header.
1498 m = mesh_decap(vap, m, hdrspace, meshdrlen);
1500 /* XXX mask bit to check for both */
1501 /* don't count Null data frames as errors */
1502 if (subtype == IEEE80211_FC0_SUBTYPE_NODATA ||
1503 subtype == IEEE80211_FC0_SUBTYPE_QOS_NULL)
1505 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
1506 ni->ni_macaddr, "data", "%s", "decap error");
1507 vap->iv_stats.is_rx_decap++;
1508 IEEE80211_NODE_STAT(ni, rx_decap);
1511 if (qos[0] & IEEE80211_QOS_AMSDU) {
1512 m = ieee80211_decap_amsdu(ni, m);
1514 return IEEE80211_FC0_TYPE_DATA;
1516 ieee80211_deliver_data(vap, ni, m);
1518 case IEEE80211_FC0_TYPE_MGT:
1519 vap->iv_stats.is_rx_mgmt++;
1520 IEEE80211_NODE_STAT(ni, rx_mgmt);
1521 if (dir != IEEE80211_FC1_DIR_NODS) {
1522 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1523 wh, "mgt", "incorrect dir 0x%x", dir);
1524 vap->iv_stats.is_rx_wrongdir++;
1527 if (m->m_pkthdr.len < sizeof(struct ieee80211_frame)) {
1528 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY,
1529 ni->ni_macaddr, "mgt", "too short: len %u",
1531 vap->iv_stats.is_rx_tooshort++;
1534 #ifdef IEEE80211_DEBUG
1535 if ((ieee80211_msg_debug(vap) &&
1536 (vap->iv_ic->ic_flags & IEEE80211_F_SCAN)) ||
1537 ieee80211_msg_dumppkts(vap)) {
1538 if_printf(ifp, "received %s from %s rssi %d\n",
1539 ieee80211_mgt_subtype_name[subtype >>
1540 IEEE80211_FC0_SUBTYPE_SHIFT],
1541 ether_sprintf(wh->i_addr2), rssi);
1544 if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
1545 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1546 wh, NULL, "%s", "WEP set but not permitted");
1547 vap->iv_stats.is_rx_mgtdiscard++; /* XXX */
1550 vap->iv_recv_mgmt(ni, m, subtype, rssi, nf);
1552 case IEEE80211_FC0_TYPE_CTL:
1553 vap->iv_stats.is_rx_ctl++;
1554 IEEE80211_NODE_STAT(ni, rx_ctrl);
1557 IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
1558 wh, "bad", "frame type 0x%x", type);
1559 /* should not come here */
1566 if (need_tap && ieee80211_radiotap_active_vap(vap))
1567 ieee80211_radiotap_rx(vap, m);
1577 mesh_recv_mgmt(struct ieee80211_node *ni, struct mbuf *m0, int subtype,
1580 struct ieee80211vap *vap = ni->ni_vap;
1581 struct ieee80211_mesh_state *ms = vap->iv_mesh;
1582 struct ieee80211com *ic = ni->ni_ic;
1583 struct ieee80211_frame *wh;
1584 struct ieee80211_mesh_route *rt;
1585 uint8_t *frm, *efrm;
1587 wh = mtod(m0, struct ieee80211_frame *);
1588 frm = (uint8_t *)&wh[1];
1589 efrm = mtod(m0, uint8_t *) + m0->m_len;
1591 case IEEE80211_FC0_SUBTYPE_PROBE_RESP:
1592 case IEEE80211_FC0_SUBTYPE_BEACON:
1594 struct ieee80211_scanparams scan;
1596 * We process beacon/probe response
1597 * frames to discover neighbors.
1599 if (ieee80211_parse_beacon(ni, m0, &scan) != 0)
1602 * Count frame now that we know it's to be processed.
1604 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON) {
1605 vap->iv_stats.is_rx_beacon++; /* XXX remove */
1606 IEEE80211_NODE_STAT(ni, rx_beacons);
1608 IEEE80211_NODE_STAT(ni, rx_proberesp);
1610 * If scanning, just pass information to the scan module.
1612 if (ic->ic_flags & IEEE80211_F_SCAN) {
1613 if (ic->ic_flags_ext & IEEE80211_FEXT_PROBECHAN) {
1615 * Actively scanning a channel marked passive;
1616 * send a probe request now that we know there
1617 * is 802.11 traffic present.
1619 * XXX check if the beacon we recv'd gives
1620 * us what we need and suppress the probe req
1622 ieee80211_probe_curchan(vap, 1);
1623 ic->ic_flags_ext &= ~IEEE80211_FEXT_PROBECHAN;
1625 ieee80211_add_scan(vap, &scan, wh,
1630 /* The rest of this code assumes we are running */
1631 if (vap->iv_state != IEEE80211_S_RUN)
1634 * Ignore non-mesh STAs.
1637 (IEEE80211_CAPINFO_ESS|IEEE80211_CAPINFO_IBSS)) ||
1638 scan.meshid == NULL || scan.meshconf == NULL) {
1639 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1640 wh, "beacon", "%s", "not a mesh sta");
1641 vap->iv_stats.is_mesh_wrongmesh++;
1645 * Ignore STAs for other mesh networks.
1647 if (memcmp(scan.meshid+2, ms->ms_id, ms->ms_idlen) != 0 ||
1648 mesh_verify_meshconf(vap, scan.meshconf)) {
1649 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1650 wh, "beacon", "%s", "not for our mesh");
1651 vap->iv_stats.is_mesh_wrongmesh++;
1655 * Peer only based on the current ACL policy.
1657 if (vap->iv_acl != NULL && !vap->iv_acl->iac_check(vap, wh)) {
1658 IEEE80211_DISCARD(vap, IEEE80211_MSG_ACL,
1659 wh, NULL, "%s", "disallowed by ACL");
1660 vap->iv_stats.is_rx_acl++;
1664 * Do neighbor discovery.
1666 if (!IEEE80211_ADDR_EQ(wh->i_addr2, ni->ni_macaddr)) {
1668 * Create a new entry in the neighbor table.
1670 ni = ieee80211_add_neighbor(vap, wh, &scan);
1673 * Automatically peer with discovered nodes if possible.
1674 * XXX backoff on repeated failure
1676 if (ni != vap->iv_bss &&
1677 (ms->ms_flags & IEEE80211_MESHFLAGS_AP)) {
1678 switch (ni->ni_mlstate) {
1679 case IEEE80211_NODE_MESH_IDLE:
1683 ni->ni_mlpid = mesh_generateid(vap);
1684 if (ni->ni_mlpid == 0)
1686 mesh_linkchange(ni, IEEE80211_NODE_MESH_OPENSNT);
1687 args[0] = ni->ni_mlpid;
1688 ieee80211_send_action(ni,
1689 IEEE80211_ACTION_CAT_SELF_PROT,
1690 IEEE80211_ACTION_MESHPEERING_OPEN, args);
1692 mesh_peer_timeout_setup(ni);
1695 case IEEE80211_NODE_MESH_ESTABLISHED:
1698 * Valid beacon from a peer mesh STA
1701 rt = ieee80211_mesh_rt_find(vap, wh->i_addr2);
1703 ieee80211_mesh_rt_update(rt,
1705 ms->ms_ppath->mpp_inact));
1715 case IEEE80211_FC0_SUBTYPE_PROBE_REQ:
1717 uint8_t *ssid, *meshid, *rates, *xrates;
1720 if (vap->iv_state != IEEE80211_S_RUN) {
1721 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1722 wh, NULL, "wrong state %s",
1723 ieee80211_state_name[vap->iv_state]);
1724 vap->iv_stats.is_rx_mgtdiscard++;
1727 if (IEEE80211_IS_MULTICAST(wh->i_addr2)) {
1728 /* frame must be directed */
1729 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1730 wh, NULL, "%s", "not unicast");
1731 vap->iv_stats.is_rx_mgtdiscard++; /* XXX stat */
1735 * prreq frame format
1737 * [tlv] supported rates
1738 * [tlv] extended supported rates
1741 ssid = meshid = rates = xrates = NULL;
1743 while (efrm - frm > 1) {
1744 IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1] + 2, return);
1746 case IEEE80211_ELEMID_SSID:
1749 case IEEE80211_ELEMID_RATES:
1752 case IEEE80211_ELEMID_XRATES:
1755 case IEEE80211_ELEMID_MESHID:
1761 IEEE80211_VERIFY_ELEMENT(ssid, IEEE80211_NWID_LEN, return);
1762 IEEE80211_VERIFY_ELEMENT(rates, IEEE80211_RATE_MAXSIZE, return);
1764 IEEE80211_VERIFY_ELEMENT(xrates,
1765 IEEE80211_RATE_MAXSIZE - rates[1], return);
1766 if (meshid != NULL) {
1767 IEEE80211_VERIFY_ELEMENT(meshid,
1768 IEEE80211_MESHID_LEN, return);
1769 /* NB: meshid, not ssid */
1770 IEEE80211_VERIFY_SSID(vap->iv_bss, meshid, return);
1773 /* XXX find a better class or define it's own */
1774 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_INPUT, wh->i_addr2,
1775 "%s", "recv probe req");
1777 * Some legacy 11b clients cannot hack a complete
1778 * probe response frame. When the request includes
1779 * only a bare-bones rate set, communicate this to
1780 * the transmit side.
1782 ieee80211_send_proberesp(vap, wh->i_addr2, 0);
1786 case IEEE80211_FC0_SUBTYPE_ACTION:
1787 case IEEE80211_FC0_SUBTYPE_ACTION_NOACK:
1788 if (ni == vap->iv_bss) {
1789 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1790 wh, NULL, "%s", "unknown node");
1791 vap->iv_stats.is_rx_mgtdiscard++;
1792 } else if (!IEEE80211_ADDR_EQ(vap->iv_myaddr, wh->i_addr1) &&
1793 !IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1794 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1795 wh, NULL, "%s", "not for us");
1796 vap->iv_stats.is_rx_mgtdiscard++;
1797 } else if (vap->iv_state != IEEE80211_S_RUN) {
1798 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1799 wh, NULL, "wrong state %s",
1800 ieee80211_state_name[vap->iv_state]);
1801 vap->iv_stats.is_rx_mgtdiscard++;
1803 if (ieee80211_parse_action(ni, m0) == 0)
1804 (void)ic->ic_recv_action(ni, wh, frm, efrm);
1808 case IEEE80211_FC0_SUBTYPE_ASSOC_REQ:
1809 case IEEE80211_FC0_SUBTYPE_ASSOC_RESP:
1810 case IEEE80211_FC0_SUBTYPE_REASSOC_REQ:
1811 case IEEE80211_FC0_SUBTYPE_REASSOC_RESP:
1812 case IEEE80211_FC0_SUBTYPE_ATIM:
1813 case IEEE80211_FC0_SUBTYPE_DISASSOC:
1814 case IEEE80211_FC0_SUBTYPE_AUTH:
1815 case IEEE80211_FC0_SUBTYPE_DEAUTH:
1816 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
1817 wh, NULL, "%s", "not handled");
1818 vap->iv_stats.is_rx_mgtdiscard++;
1822 IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
1823 wh, "mgt", "subtype 0x%x not handled", subtype);
1824 vap->iv_stats.is_rx_badsubtype++;
1830 mesh_recv_ctl(struct ieee80211_node *ni, struct mbuf *m, int subtype)
1834 case IEEE80211_FC0_SUBTYPE_BAR:
1835 ieee80211_recv_bar(ni, m);
1841 * Parse meshpeering action ie's for MPM frames
1843 static const struct ieee80211_meshpeer_ie *
1844 mesh_parse_meshpeering_action(struct ieee80211_node *ni,
1845 const struct ieee80211_frame *wh, /* XXX for VERIFY_LENGTH */
1846 const uint8_t *frm, const uint8_t *efrm,
1847 struct ieee80211_meshpeer_ie *mp, uint8_t subtype)
1849 struct ieee80211vap *vap = ni->ni_vap;
1850 const struct ieee80211_meshpeer_ie *mpie;
1852 const uint8_t *meshid, *meshconf, *meshpeer;
1853 uint8_t sendclose = 0; /* 1 = MPM frame rejected, close will be sent */
1855 meshid = meshconf = meshpeer = NULL;
1856 while (efrm - frm > 1) {
1857 IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1] + 2, return NULL);
1859 case IEEE80211_ELEMID_MESHID:
1862 case IEEE80211_ELEMID_MESHCONF:
1865 case IEEE80211_ELEMID_MESHPEER:
1867 mpie = (const struct ieee80211_meshpeer_ie *) frm;
1868 memset(mp, 0, sizeof(*mp));
1869 mp->peer_len = mpie->peer_len;
1870 mp->peer_proto = LE_READ_2(&mpie->peer_proto);
1871 mp->peer_llinkid = LE_READ_2(&mpie->peer_llinkid);
1873 case IEEE80211_ACTION_MESHPEERING_CONFIRM:
1875 LE_READ_2(&mpie->peer_linkid);
1877 case IEEE80211_ACTION_MESHPEERING_CLOSE:
1878 /* NB: peer link ID is optional */
1879 if (mpie->peer_len ==
1880 (IEEE80211_MPM_BASE_SZ + 2)) {
1881 mp->peer_linkid = 0;
1883 LE_READ_2(&mpie->peer_linkid);
1886 LE_READ_2(&mpie->peer_linkid);
1888 LE_READ_2(&mpie->peer_rcode);
1898 * Verify the contents of the frame.
1899 * If it fails validation, close the peer link.
1901 if (mesh_verify_meshpeer(vap, subtype, (const uint8_t *)mp)) {
1903 IEEE80211_DISCARD(vap,
1904 IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH,
1905 wh, NULL, "%s", "MPM validation failed");
1908 /* If meshid is not the same reject any frames type. */
1909 if (sendclose == 0 && mesh_verify_meshid(vap, meshid)) {
1911 IEEE80211_DISCARD(vap,
1912 IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH,
1913 wh, NULL, "%s", "not for our mesh");
1914 if (subtype == IEEE80211_ACTION_MESHPEERING_CLOSE) {
1916 * Standard not clear about this, if we dont ignore
1917 * there will be an endless loop between nodes sending
1918 * CLOSE frames between each other with wrong meshid.
1919 * Discard and timers will bring FSM to IDLE state.
1926 * Close frames are accepted if meshid is the same.
1927 * Verify the other two types.
1929 if (sendclose == 0 && subtype != IEEE80211_ACTION_MESHPEERING_CLOSE &&
1930 mesh_verify_meshconf(vap, meshconf)) {
1932 IEEE80211_DISCARD(vap,
1933 IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH,
1934 wh, NULL, "%s", "configuration missmatch");
1938 vap->iv_stats.is_rx_mgtdiscard++;
1939 switch (ni->ni_mlstate) {
1940 case IEEE80211_NODE_MESH_IDLE:
1941 case IEEE80211_NODE_MESH_ESTABLISHED:
1942 case IEEE80211_NODE_MESH_HOLDING:
1945 case IEEE80211_NODE_MESH_OPENSNT:
1946 case IEEE80211_NODE_MESH_OPENRCV:
1947 case IEEE80211_NODE_MESH_CONFIRMRCV:
1948 args[0] = ni->ni_mlpid;
1949 args[1] = ni->ni_mllid;
1950 /* Reason codes for rejection */
1952 case IEEE80211_ACTION_MESHPEERING_OPEN:
1953 args[2] = IEEE80211_REASON_MESH_CPVIOLATION;
1955 case IEEE80211_ACTION_MESHPEERING_CONFIRM:
1956 args[2] = IEEE80211_REASON_MESH_INCONS_PARAMS;
1959 ieee80211_send_action(ni,
1960 IEEE80211_ACTION_CAT_SELF_PROT,
1961 IEEE80211_ACTION_MESHPEERING_CLOSE,
1963 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
1964 mesh_peer_timeout_setup(ni);
1970 return (const struct ieee80211_meshpeer_ie *) mp;
1974 mesh_recv_action_meshpeering_open(struct ieee80211_node *ni,
1975 const struct ieee80211_frame *wh,
1976 const uint8_t *frm, const uint8_t *efrm)
1978 struct ieee80211vap *vap = ni->ni_vap;
1979 struct ieee80211_mesh_state *ms = vap->iv_mesh;
1980 struct ieee80211_meshpeer_ie ie;
1981 const struct ieee80211_meshpeer_ie *meshpeer;
1984 /* +2+2 for action + code + capabilites */
1985 meshpeer = mesh_parse_meshpeering_action(ni, wh, frm+2+2, efrm, &ie,
1986 IEEE80211_ACTION_MESHPEERING_OPEN);
1987 if (meshpeer == NULL) {
1992 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
1993 "recv PEER OPEN, lid 0x%x", meshpeer->peer_llinkid);
1995 switch (ni->ni_mlstate) {
1996 case IEEE80211_NODE_MESH_IDLE:
1997 /* Reject open request if reached our maximum neighbor count */
1998 if (ms->ms_neighbors >= IEEE80211_MESH_MAX_NEIGHBORS) {
1999 args[0] = meshpeer->peer_llinkid;
2001 args[2] = IEEE80211_REASON_MESH_MAX_PEERS;
2002 ieee80211_send_action(ni,
2003 IEEE80211_ACTION_CAT_SELF_PROT,
2004 IEEE80211_ACTION_MESHPEERING_CLOSE,
2006 /* stay in IDLE state */
2009 /* Open frame accepted */
2010 mesh_linkchange(ni, IEEE80211_NODE_MESH_OPENRCV);
2011 ni->ni_mllid = meshpeer->peer_llinkid;
2012 ni->ni_mlpid = mesh_generateid(vap);
2013 if (ni->ni_mlpid == 0)
2015 args[0] = ni->ni_mlpid;
2016 /* Announce we're open too... */
2017 ieee80211_send_action(ni,
2018 IEEE80211_ACTION_CAT_SELF_PROT,
2019 IEEE80211_ACTION_MESHPEERING_OPEN, args);
2020 /* ...and confirm the link. */
2021 args[0] = ni->ni_mlpid;
2022 args[1] = ni->ni_mllid;
2023 ieee80211_send_action(ni,
2024 IEEE80211_ACTION_CAT_SELF_PROT,
2025 IEEE80211_ACTION_MESHPEERING_CONFIRM,
2027 mesh_peer_timeout_setup(ni);
2029 case IEEE80211_NODE_MESH_OPENRCV:
2031 if (ni->ni_mllid != meshpeer->peer_llinkid) {
2032 args[0] = ni->ni_mllid;
2033 args[1] = ni->ni_mlpid;
2034 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
2035 ieee80211_send_action(ni,
2036 IEEE80211_ACTION_CAT_SELF_PROT,
2037 IEEE80211_ACTION_MESHPEERING_CLOSE,
2039 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
2040 mesh_peer_timeout_setup(ni);
2043 /* Duplicate open, confirm again. */
2044 args[0] = ni->ni_mlpid;
2045 args[1] = ni->ni_mllid;
2046 ieee80211_send_action(ni,
2047 IEEE80211_ACTION_CAT_SELF_PROT,
2048 IEEE80211_ACTION_MESHPEERING_CONFIRM,
2051 case IEEE80211_NODE_MESH_OPENSNT:
2052 ni->ni_mllid = meshpeer->peer_llinkid;
2053 mesh_linkchange(ni, IEEE80211_NODE_MESH_OPENRCV);
2054 args[0] = ni->ni_mlpid;
2055 args[1] = ni->ni_mllid;
2056 ieee80211_send_action(ni,
2057 IEEE80211_ACTION_CAT_SELF_PROT,
2058 IEEE80211_ACTION_MESHPEERING_CONFIRM,
2060 /* NB: don't setup/clear any timeout */
2062 case IEEE80211_NODE_MESH_CONFIRMRCV:
2063 if (ni->ni_mlpid != meshpeer->peer_linkid ||
2064 ni->ni_mllid != meshpeer->peer_llinkid) {
2065 args[0] = ni->ni_mlpid;
2066 args[1] = ni->ni_mllid;
2067 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
2068 ieee80211_send_action(ni,
2069 IEEE80211_ACTION_CAT_SELF_PROT,
2070 IEEE80211_ACTION_MESHPEERING_CLOSE,
2073 IEEE80211_NODE_MESH_HOLDING);
2074 mesh_peer_timeout_setup(ni);
2077 mesh_linkchange(ni, IEEE80211_NODE_MESH_ESTABLISHED);
2078 ni->ni_mllid = meshpeer->peer_llinkid;
2079 args[0] = ni->ni_mlpid;
2080 args[1] = ni->ni_mllid;
2081 ieee80211_send_action(ni,
2082 IEEE80211_ACTION_CAT_SELF_PROT,
2083 IEEE80211_ACTION_MESHPEERING_CONFIRM,
2085 mesh_peer_timeout_stop(ni);
2087 case IEEE80211_NODE_MESH_ESTABLISHED:
2088 if (ni->ni_mllid != meshpeer->peer_llinkid) {
2089 args[0] = ni->ni_mllid;
2090 args[1] = ni->ni_mlpid;
2091 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
2092 ieee80211_send_action(ni,
2093 IEEE80211_ACTION_CAT_SELF_PROT,
2094 IEEE80211_ACTION_MESHPEERING_CLOSE,
2096 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
2097 mesh_peer_timeout_setup(ni);
2100 args[0] = ni->ni_mlpid;
2101 args[1] = ni->ni_mllid;
2102 ieee80211_send_action(ni,
2103 IEEE80211_ACTION_CAT_SELF_PROT,
2104 IEEE80211_ACTION_MESHPEERING_CONFIRM,
2107 case IEEE80211_NODE_MESH_HOLDING:
2108 args[0] = ni->ni_mlpid;
2109 args[1] = meshpeer->peer_llinkid;
2110 /* Standard not clear about what the reaason code should be */
2111 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
2112 ieee80211_send_action(ni,
2113 IEEE80211_ACTION_CAT_SELF_PROT,
2114 IEEE80211_ACTION_MESHPEERING_CLOSE,
2122 mesh_recv_action_meshpeering_confirm(struct ieee80211_node *ni,
2123 const struct ieee80211_frame *wh,
2124 const uint8_t *frm, const uint8_t *efrm)
2126 struct ieee80211vap *vap = ni->ni_vap;
2127 struct ieee80211_meshpeer_ie ie;
2128 const struct ieee80211_meshpeer_ie *meshpeer;
2131 /* +2+2+2+2 for action + code + capabilites + status code + AID */
2132 meshpeer = mesh_parse_meshpeering_action(ni, wh, frm+2+2+2+2, efrm, &ie,
2133 IEEE80211_ACTION_MESHPEERING_CONFIRM);
2134 if (meshpeer == NULL) {
2138 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
2139 "recv PEER CONFIRM, local id 0x%x, peer id 0x%x",
2140 meshpeer->peer_llinkid, meshpeer->peer_linkid);
2142 switch (ni->ni_mlstate) {
2143 case IEEE80211_NODE_MESH_OPENRCV:
2144 mesh_linkchange(ni, IEEE80211_NODE_MESH_ESTABLISHED);
2145 mesh_peer_timeout_stop(ni);
2147 case IEEE80211_NODE_MESH_OPENSNT:
2148 mesh_linkchange(ni, IEEE80211_NODE_MESH_CONFIRMRCV);
2149 mesh_peer_timeout_setup(ni);
2151 case IEEE80211_NODE_MESH_HOLDING:
2152 args[0] = ni->ni_mlpid;
2153 args[1] = meshpeer->peer_llinkid;
2154 /* Standard not clear about what the reaason code should be */
2155 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
2156 ieee80211_send_action(ni,
2157 IEEE80211_ACTION_CAT_SELF_PROT,
2158 IEEE80211_ACTION_MESHPEERING_CLOSE,
2161 case IEEE80211_NODE_MESH_CONFIRMRCV:
2162 if (ni->ni_mllid != meshpeer->peer_llinkid) {
2163 args[0] = ni->ni_mlpid;
2164 args[1] = ni->ni_mllid;
2165 args[2] = IEEE80211_REASON_PEER_LINK_CANCELED;
2166 ieee80211_send_action(ni,
2167 IEEE80211_ACTION_CAT_SELF_PROT,
2168 IEEE80211_ACTION_MESHPEERING_CLOSE,
2170 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
2171 mesh_peer_timeout_setup(ni);
2175 IEEE80211_DISCARD(vap,
2176 IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH,
2177 wh, NULL, "received confirm in invalid state %d",
2179 vap->iv_stats.is_rx_mgtdiscard++;
2186 mesh_recv_action_meshpeering_close(struct ieee80211_node *ni,
2187 const struct ieee80211_frame *wh,
2188 const uint8_t *frm, const uint8_t *efrm)
2190 struct ieee80211_meshpeer_ie ie;
2191 const struct ieee80211_meshpeer_ie *meshpeer;
2194 /* +2 for action + code */
2195 meshpeer = mesh_parse_meshpeering_action(ni, wh, frm+2, efrm, &ie,
2196 IEEE80211_ACTION_MESHPEERING_CLOSE);
2197 if (meshpeer == NULL) {
2202 * XXX: check reason code, for example we could receive
2203 * IEEE80211_REASON_MESH_MAX_PEERS then we should not attempt
2207 IEEE80211_NOTE(ni->ni_vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH,
2208 ni, "%s", "recv PEER CLOSE");
2210 switch (ni->ni_mlstate) {
2211 case IEEE80211_NODE_MESH_IDLE:
2214 case IEEE80211_NODE_MESH_OPENRCV:
2215 case IEEE80211_NODE_MESH_OPENSNT:
2216 case IEEE80211_NODE_MESH_CONFIRMRCV:
2217 case IEEE80211_NODE_MESH_ESTABLISHED:
2218 args[0] = ni->ni_mlpid;
2219 args[1] = ni->ni_mllid;
2220 args[2] = IEEE80211_REASON_MESH_CLOSE_RCVD;
2221 ieee80211_send_action(ni,
2222 IEEE80211_ACTION_CAT_SELF_PROT,
2223 IEEE80211_ACTION_MESHPEERING_CLOSE,
2225 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
2226 mesh_peer_timeout_setup(ni);
2228 case IEEE80211_NODE_MESH_HOLDING:
2229 mesh_linkchange(ni, IEEE80211_NODE_MESH_IDLE);
2230 mesh_peer_timeout_stop(ni);
2237 * Link Metric handling.
2240 mesh_recv_action_meshlmetric(struct ieee80211_node *ni,
2241 const struct ieee80211_frame *wh,
2242 const uint8_t *frm, const uint8_t *efrm)
2244 const struct ieee80211_meshlmetric_ie *ie =
2245 (const struct ieee80211_meshlmetric_ie *)
2246 (frm+2); /* action + code */
2247 struct ieee80211_meshlmetric_ie lm_rep;
2249 if (ie->lm_flags & IEEE80211_MESH_LMETRIC_FLAGS_REQ) {
2250 lm_rep.lm_flags = 0;
2251 lm_rep.lm_metric = mesh_airtime_calc(ni);
2252 ieee80211_send_action(ni,
2253 IEEE80211_ACTION_CAT_MESH,
2254 IEEE80211_ACTION_MESH_LMETRIC,
2257 /* XXX: else do nothing for now */
2262 mesh_send_action(struct ieee80211_node *ni, struct mbuf *m)
2264 struct ieee80211_bpf_params params;
2266 memset(¶ms, 0, sizeof(params));
2267 params.ibp_pri = WME_AC_VO;
2268 params.ibp_rate0 = ni->ni_txparms->mgmtrate;
2269 /* XXX ucast/mcast */
2270 params.ibp_try0 = ni->ni_txparms->maxretry;
2271 params.ibp_power = ni->ni_txpower;
2272 return ieee80211_mgmt_output(ni, m, IEEE80211_FC0_SUBTYPE_ACTION,
2276 #define ADDSHORT(frm, v) do { \
2277 frm[0] = (v) & 0xff; \
2278 frm[1] = (v) >> 8; \
2281 #define ADDWORD(frm, v) do { \
2282 frm[0] = (v) & 0xff; \
2283 frm[1] = ((v) >> 8) & 0xff; \
2284 frm[2] = ((v) >> 16) & 0xff; \
2285 frm[3] = ((v) >> 24) & 0xff; \
2290 mesh_send_action_meshpeering_open(struct ieee80211_node *ni,
2291 int category, int action, void *args0)
2293 struct ieee80211vap *vap = ni->ni_vap;
2294 struct ieee80211com *ic = ni->ni_ic;
2295 uint16_t *args = args0;
2296 const struct ieee80211_rateset *rs;
2300 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
2301 "send PEER OPEN action: localid 0x%x", args[0]);
2303 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
2304 "ieee80211_ref_node (%s:%u) %p<%s> refcnt %d\n", __func__, __LINE__,
2305 ni, ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni)+1);
2306 ieee80211_ref_node(ni);
2308 m = ieee80211_getmgtframe(&frm,
2309 ic->ic_headroom + sizeof(struct ieee80211_frame),
2310 sizeof(uint16_t) /* action+category */
2311 + sizeof(uint16_t) /* capabilites */
2312 + 2 + IEEE80211_RATE_SIZE
2313 + 2 + (IEEE80211_RATE_MAXSIZE - IEEE80211_RATE_SIZE)
2314 + 2 + IEEE80211_MESHID_LEN
2315 + sizeof(struct ieee80211_meshconf_ie)
2316 + sizeof(struct ieee80211_meshpeer_ie)
2320 * mesh peer open action frame format:
2328 * [tlv] mesh peer link mgmt
2332 ADDSHORT(frm, ieee80211_getcapinfo(vap, ni->ni_chan));
2333 rs = ieee80211_get_suprates(ic, ic->ic_curchan);
2334 frm = ieee80211_add_rates(frm, rs);
2335 frm = ieee80211_add_xrates(frm, rs);
2336 frm = ieee80211_add_meshid(frm, vap);
2337 frm = ieee80211_add_meshconf(frm, vap);
2338 frm = ieee80211_add_meshpeer(frm, IEEE80211_ACTION_MESHPEERING_OPEN,
2340 m->m_pkthdr.len = m->m_len = frm - mtod(m, uint8_t *);
2341 return mesh_send_action(ni, m);
2343 vap->iv_stats.is_tx_nobuf++;
2344 ieee80211_free_node(ni);
2350 mesh_send_action_meshpeering_confirm(struct ieee80211_node *ni,
2351 int category, int action, void *args0)
2353 struct ieee80211vap *vap = ni->ni_vap;
2354 struct ieee80211com *ic = ni->ni_ic;
2355 uint16_t *args = args0;
2356 const struct ieee80211_rateset *rs;
2360 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
2361 "send PEER CONFIRM action: localid 0x%x, peerid 0x%x",
2364 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
2365 "ieee80211_ref_node (%s:%u) %p<%s> refcnt %d\n", __func__, __LINE__,
2366 ni, ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni)+1);
2367 ieee80211_ref_node(ni);
2369 m = ieee80211_getmgtframe(&frm,
2370 ic->ic_headroom + sizeof(struct ieee80211_frame),
2371 sizeof(uint16_t) /* action+category */
2372 + sizeof(uint16_t) /* capabilites */
2373 + sizeof(uint16_t) /* status code */
2374 + sizeof(uint16_t) /* AID */
2375 + 2 + IEEE80211_RATE_SIZE
2376 + 2 + (IEEE80211_RATE_MAXSIZE - IEEE80211_RATE_SIZE)
2377 + 2 + IEEE80211_MESHID_LEN
2378 + sizeof(struct ieee80211_meshconf_ie)
2379 + sizeof(struct ieee80211_meshpeer_ie)
2383 * mesh peer confirm action frame format:
2388 * [2] association id (peer ID)
2393 * [tlv] mesh peer link mgmt
2397 ADDSHORT(frm, ieee80211_getcapinfo(vap, ni->ni_chan));
2398 ADDSHORT(frm, 0); /* status code */
2399 ADDSHORT(frm, args[1]); /* AID */
2400 rs = ieee80211_get_suprates(ic, ic->ic_curchan);
2401 frm = ieee80211_add_rates(frm, rs);
2402 frm = ieee80211_add_xrates(frm, rs);
2403 frm = ieee80211_add_meshid(frm, vap);
2404 frm = ieee80211_add_meshconf(frm, vap);
2405 frm = ieee80211_add_meshpeer(frm,
2406 IEEE80211_ACTION_MESHPEERING_CONFIRM,
2407 args[0], args[1], 0);
2408 m->m_pkthdr.len = m->m_len = frm - mtod(m, uint8_t *);
2409 return mesh_send_action(ni, m);
2411 vap->iv_stats.is_tx_nobuf++;
2412 ieee80211_free_node(ni);
2418 mesh_send_action_meshpeering_close(struct ieee80211_node *ni,
2419 int category, int action, void *args0)
2421 struct ieee80211vap *vap = ni->ni_vap;
2422 struct ieee80211com *ic = ni->ni_ic;
2423 uint16_t *args = args0;
2427 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH, ni,
2428 "send PEER CLOSE action: localid 0x%x, peerid 0x%x reason %d",
2429 args[0], args[1], args[2]);
2431 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
2432 "ieee80211_ref_node (%s:%u) %p<%s> refcnt %d\n", __func__, __LINE__,
2433 ni, ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni)+1);
2434 ieee80211_ref_node(ni);
2436 m = ieee80211_getmgtframe(&frm,
2437 ic->ic_headroom + sizeof(struct ieee80211_frame),
2438 sizeof(uint16_t) /* action+category */
2439 + sizeof(uint16_t) /* reason code */
2440 + 2 + IEEE80211_MESHID_LEN
2441 + sizeof(struct ieee80211_meshpeer_ie)
2445 * mesh peer close action frame format:
2449 * [tlv] mesh peer link mgmt
2453 frm = ieee80211_add_meshid(frm, vap);
2454 frm = ieee80211_add_meshpeer(frm,
2455 IEEE80211_ACTION_MESHPEERING_CLOSE,
2456 args[0], args[1], args[2]);
2457 m->m_pkthdr.len = m->m_len = frm - mtod(m, uint8_t *);
2458 return mesh_send_action(ni, m);
2460 vap->iv_stats.is_tx_nobuf++;
2461 ieee80211_free_node(ni);
2467 mesh_send_action_meshlmetric(struct ieee80211_node *ni,
2468 int category, int action, void *arg0)
2470 struct ieee80211vap *vap = ni->ni_vap;
2471 struct ieee80211com *ic = ni->ni_ic;
2472 struct ieee80211_meshlmetric_ie *ie = arg0;
2476 if (ie->lm_flags & IEEE80211_MESH_LMETRIC_FLAGS_REQ) {
2477 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH,
2478 ni, "%s", "send LINK METRIC REQUEST action");
2480 IEEE80211_NOTE(vap, IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH,
2481 ni, "send LINK METRIC REPLY action: metric 0x%x",
2484 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
2485 "ieee80211_ref_node (%s:%u) %p<%s> refcnt %d\n", __func__, __LINE__,
2486 ni, ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni)+1);
2487 ieee80211_ref_node(ni);
2489 m = ieee80211_getmgtframe(&frm,
2490 ic->ic_headroom + sizeof(struct ieee80211_frame),
2491 sizeof(uint16_t) + /* action+category */
2492 sizeof(struct ieee80211_meshlmetric_ie)
2499 * [tlv] mesh link metric
2503 frm = ieee80211_add_meshlmetric(frm,
2504 ie->lm_flags, ie->lm_metric);
2505 m->m_pkthdr.len = m->m_len = frm - mtod(m, uint8_t *);
2506 return mesh_send_action(ni, m);
2508 vap->iv_stats.is_tx_nobuf++;
2509 ieee80211_free_node(ni);
2515 mesh_peer_timeout_setup(struct ieee80211_node *ni)
2517 switch (ni->ni_mlstate) {
2518 case IEEE80211_NODE_MESH_HOLDING:
2519 ni->ni_mltval = ieee80211_mesh_holdingtimeout;
2521 case IEEE80211_NODE_MESH_CONFIRMRCV:
2522 ni->ni_mltval = ieee80211_mesh_confirmtimeout;
2524 case IEEE80211_NODE_MESH_IDLE:
2528 ni->ni_mltval = ieee80211_mesh_retrytimeout;
2532 callout_reset(&ni->ni_mltimer, ni->ni_mltval,
2533 mesh_peer_timeout_cb, ni);
2537 * Same as above but backoffs timer statisically 50%.
2540 mesh_peer_timeout_backoff(struct ieee80211_node *ni)
2545 ni->ni_mltval += r % ni->ni_mltval;
2546 callout_reset(&ni->ni_mltimer, ni->ni_mltval, mesh_peer_timeout_cb,
2550 static __inline void
2551 mesh_peer_timeout_stop(struct ieee80211_node *ni)
2553 callout_drain(&ni->ni_mltimer);
2557 * Mesh Peer Link Management FSM timeout handling.
2560 mesh_peer_timeout_cb(void *arg)
2562 struct ieee80211_node *ni = (struct ieee80211_node *)arg;
2565 IEEE80211_NOTE(ni->ni_vap, IEEE80211_MSG_MESH,
2566 ni, "mesh link timeout, state %d, retry counter %d",
2567 ni->ni_mlstate, ni->ni_mlrcnt);
2569 switch (ni->ni_mlstate) {
2570 case IEEE80211_NODE_MESH_IDLE:
2571 case IEEE80211_NODE_MESH_ESTABLISHED:
2573 case IEEE80211_NODE_MESH_OPENSNT:
2574 case IEEE80211_NODE_MESH_OPENRCV:
2575 if (ni->ni_mlrcnt == ieee80211_mesh_maxretries) {
2576 args[0] = ni->ni_mlpid;
2577 args[2] = IEEE80211_REASON_MESH_MAX_RETRIES;
2578 ieee80211_send_action(ni,
2579 IEEE80211_ACTION_CAT_SELF_PROT,
2580 IEEE80211_ACTION_MESHPEERING_CLOSE, args);
2582 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
2583 mesh_peer_timeout_setup(ni);
2585 args[0] = ni->ni_mlpid;
2586 ieee80211_send_action(ni,
2587 IEEE80211_ACTION_CAT_SELF_PROT,
2588 IEEE80211_ACTION_MESHPEERING_OPEN, args);
2590 mesh_peer_timeout_backoff(ni);
2593 case IEEE80211_NODE_MESH_CONFIRMRCV:
2594 args[0] = ni->ni_mlpid;
2595 args[2] = IEEE80211_REASON_MESH_CONFIRM_TIMEOUT;
2596 ieee80211_send_action(ni,
2597 IEEE80211_ACTION_CAT_SELF_PROT,
2598 IEEE80211_ACTION_MESHPEERING_CLOSE, args);
2599 mesh_linkchange(ni, IEEE80211_NODE_MESH_HOLDING);
2600 mesh_peer_timeout_setup(ni);
2602 case IEEE80211_NODE_MESH_HOLDING:
2603 mesh_linkchange(ni, IEEE80211_NODE_MESH_IDLE);
2609 mesh_verify_meshid(struct ieee80211vap *vap, const uint8_t *ie)
2611 struct ieee80211_mesh_state *ms = vap->iv_mesh;
2613 if (ie == NULL || ie[1] != ms->ms_idlen)
2615 return memcmp(ms->ms_id, ie + 2, ms->ms_idlen);
2619 * Check if we are using the same algorithms for this mesh.
2622 mesh_verify_meshconf(struct ieee80211vap *vap, const uint8_t *ie)
2624 const struct ieee80211_meshconf_ie *meshconf =
2625 (const struct ieee80211_meshconf_ie *) ie;
2626 const struct ieee80211_mesh_state *ms = vap->iv_mesh;
2628 if (meshconf == NULL)
2630 if (meshconf->conf_pselid != ms->ms_ppath->mpp_ie) {
2631 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2632 "unknown path selection algorithm: 0x%x\n",
2633 meshconf->conf_pselid);
2636 if (meshconf->conf_pmetid != ms->ms_pmetric->mpm_ie) {
2637 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2638 "unknown path metric algorithm: 0x%x\n",
2639 meshconf->conf_pmetid);
2642 if (meshconf->conf_ccid != 0) {
2643 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2644 "unknown congestion control algorithm: 0x%x\n",
2645 meshconf->conf_ccid);
2648 if (meshconf->conf_syncid != IEEE80211_MESHCONF_SYNC_NEIGHOFF) {
2649 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2650 "unknown sync algorithm: 0x%x\n",
2651 meshconf->conf_syncid);
2654 if (meshconf->conf_authid != 0) {
2655 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2656 "unknown auth auth algorithm: 0x%x\n",
2657 meshconf->conf_pselid);
2660 /* Not accepting peers */
2661 if (!(meshconf->conf_cap & IEEE80211_MESHCONF_CAP_AP)) {
2662 IEEE80211_DPRINTF(vap, IEEE80211_MSG_MESH,
2663 "not accepting peers: 0x%x\n", meshconf->conf_cap);
2670 mesh_verify_meshpeer(struct ieee80211vap *vap, uint8_t subtype,
2673 const struct ieee80211_meshpeer_ie *meshpeer =
2674 (const struct ieee80211_meshpeer_ie *) ie;
2676 if (meshpeer == NULL ||
2677 meshpeer->peer_len < IEEE80211_MPM_BASE_SZ ||
2678 meshpeer->peer_len > IEEE80211_MPM_MAX_SZ)
2680 if (meshpeer->peer_proto != IEEE80211_MPPID_MPM) {
2681 IEEE80211_DPRINTF(vap,
2682 IEEE80211_MSG_ACTION | IEEE80211_MSG_MESH,
2683 "Only MPM protocol is supported (proto: 0x%02X)",
2684 meshpeer->peer_proto);
2688 case IEEE80211_ACTION_MESHPEERING_OPEN:
2689 if (meshpeer->peer_len != IEEE80211_MPM_BASE_SZ)
2692 case IEEE80211_ACTION_MESHPEERING_CONFIRM:
2693 if (meshpeer->peer_len != IEEE80211_MPM_BASE_SZ + 2)
2696 case IEEE80211_ACTION_MESHPEERING_CLOSE:
2697 if (meshpeer->peer_len < IEEE80211_MPM_BASE_SZ + 2)
2699 if (meshpeer->peer_len == (IEEE80211_MPM_BASE_SZ + 2) &&
2700 meshpeer->peer_linkid != 0)
2702 if (meshpeer->peer_rcode == 0)
2710 * Add a Mesh ID IE to a frame.
2713 ieee80211_add_meshid(uint8_t *frm, struct ieee80211vap *vap)
2715 struct ieee80211_mesh_state *ms = vap->iv_mesh;
2717 KASSERT(vap->iv_opmode == IEEE80211_M_MBSS, ("not a mbss vap"));
2719 *frm++ = IEEE80211_ELEMID_MESHID;
2720 *frm++ = ms->ms_idlen;
2721 memcpy(frm, ms->ms_id, ms->ms_idlen);
2722 return frm + ms->ms_idlen;
2726 * Add a Mesh Configuration IE to a frame.
2727 * For now just use HWMP routing, Airtime link metric, Null Congestion
2728 * Signaling, Null Sync Protocol and Null Authentication.
2731 ieee80211_add_meshconf(uint8_t *frm, struct ieee80211vap *vap)
2733 const struct ieee80211_mesh_state *ms = vap->iv_mesh;
2736 KASSERT(vap->iv_opmode == IEEE80211_M_MBSS, ("not a MBSS vap"));
2738 *frm++ = IEEE80211_ELEMID_MESHCONF;
2739 *frm++ = IEEE80211_MESH_CONF_SZ;
2740 *frm++ = ms->ms_ppath->mpp_ie; /* path selection */
2741 *frm++ = ms->ms_pmetric->mpm_ie; /* link metric */
2742 *frm++ = IEEE80211_MESHCONF_CC_DISABLED;
2743 *frm++ = IEEE80211_MESHCONF_SYNC_NEIGHOFF;
2744 *frm++ = IEEE80211_MESHCONF_AUTH_DISABLED;
2745 /* NB: set the number of neighbors before the rest */
2746 *frm = (ms->ms_neighbors > IEEE80211_MESH_MAX_NEIGHBORS ?
2747 IEEE80211_MESH_MAX_NEIGHBORS : ms->ms_neighbors) << 1;
2748 if (ms->ms_flags & IEEE80211_MESHFLAGS_PORTAL)
2749 *frm |= IEEE80211_MESHCONF_FORM_MP;
2752 if (ms->ms_flags & IEEE80211_MESHFLAGS_AP)
2753 caps |= IEEE80211_MESHCONF_CAP_AP;
2754 if (ms->ms_flags & IEEE80211_MESHFLAGS_FWD)
2755 caps |= IEEE80211_MESHCONF_CAP_FWRD;
2761 * Add a Mesh Peer Management IE to a frame.
2764 ieee80211_add_meshpeer(uint8_t *frm, uint8_t subtype, uint16_t localid,
2765 uint16_t peerid, uint16_t reason)
2768 KASSERT(localid != 0, ("localid == 0"));
2770 *frm++ = IEEE80211_ELEMID_MESHPEER;
2772 case IEEE80211_ACTION_MESHPEERING_OPEN:
2773 *frm++ = IEEE80211_MPM_BASE_SZ; /* length */
2774 ADDSHORT(frm, IEEE80211_MPPID_MPM); /* proto */
2775 ADDSHORT(frm, localid); /* local ID */
2777 case IEEE80211_ACTION_MESHPEERING_CONFIRM:
2778 KASSERT(peerid != 0, ("sending peer confirm without peer id"));
2779 *frm++ = IEEE80211_MPM_BASE_SZ + 2; /* length */
2780 ADDSHORT(frm, IEEE80211_MPPID_MPM); /* proto */
2781 ADDSHORT(frm, localid); /* local ID */
2782 ADDSHORT(frm, peerid); /* peer ID */
2784 case IEEE80211_ACTION_MESHPEERING_CLOSE:
2786 *frm++ = IEEE80211_MPM_MAX_SZ; /* length */
2788 *frm++ = IEEE80211_MPM_BASE_SZ + 2; /* length */
2789 ADDSHORT(frm, IEEE80211_MPPID_MPM); /* proto */
2790 ADDSHORT(frm, localid); /* local ID */
2792 ADDSHORT(frm, peerid); /* peer ID */
2793 ADDSHORT(frm, reason);
2800 * Compute an Airtime Link Metric for the link with this node.
2802 * Based on Draft 3.0 spec (11B.10, p.149).
2805 * Max 802.11s overhead.
2807 #define IEEE80211_MESH_MAXOVERHEAD \
2808 (sizeof(struct ieee80211_qosframe_addr4) \
2809 + sizeof(struct ieee80211_meshcntl_ae10) \
2810 + sizeof(struct llc) \
2811 + IEEE80211_ADDR_LEN \
2812 + IEEE80211_WEP_IVLEN \
2813 + IEEE80211_WEP_KIDLEN \
2814 + IEEE80211_WEP_CRCLEN \
2815 + IEEE80211_WEP_MICLEN \
2816 + IEEE80211_CRC_LEN)
2818 mesh_airtime_calc(struct ieee80211_node *ni)
2821 #define S_FACTOR (2 * M_BITS)
2822 struct ieee80211com *ic = ni->ni_ic;
2823 struct ifnet *ifp = ni->ni_vap->iv_ifp;
2824 const static int nbits = 8192 << M_BITS;
2825 uint32_t overhead, rate, errrate;
2828 /* Time to transmit a frame */
2829 rate = ni->ni_txrate;
2830 overhead = ieee80211_compute_duration(ic->ic_rt,
2831 ifp->if_mtu + IEEE80211_MESH_MAXOVERHEAD, rate, 0) << M_BITS;
2832 /* Error rate in percentage */
2833 /* XXX assuming small failures are ok */
2834 errrate = (((ifp->if_oerrors +
2835 ifp->if_ierrors) / 100) << M_BITS) / 100;
2836 res = (overhead + (nbits / rate)) *
2837 ((1 << S_FACTOR) / ((1 << M_BITS) - errrate));
2839 return (uint32_t)(res >> S_FACTOR);
2845 * Add a Mesh Link Metric report IE to a frame.
2848 ieee80211_add_meshlmetric(uint8_t *frm, uint8_t flags, uint32_t metric)
2850 *frm++ = IEEE80211_ELEMID_MESHLINK;
2853 ADDWORD(frm, metric);
2860 * Initialize any mesh-specific node state.
2863 ieee80211_mesh_node_init(struct ieee80211vap *vap, struct ieee80211_node *ni)
2865 ni->ni_flags |= IEEE80211_NODE_QOS;
2866 callout_init(&ni->ni_mltimer, CALLOUT_MPSAFE);
2870 * Cleanup any mesh-specific node state.
2873 ieee80211_mesh_node_cleanup(struct ieee80211_node *ni)
2875 struct ieee80211vap *vap = ni->ni_vap;
2876 struct ieee80211_mesh_state *ms = vap->iv_mesh;
2878 callout_drain(&ni->ni_mltimer);
2879 /* NB: short-circuit callbacks after mesh_vdetach */
2880 if (vap->iv_mesh != NULL)
2881 ms->ms_ppath->mpp_peerdown(ni);
2885 ieee80211_parse_meshid(struct ieee80211_node *ni, const uint8_t *ie)
2887 ni->ni_meshidlen = ie[1];
2888 memcpy(ni->ni_meshid, ie + 2, ie[1]);
2892 * Setup mesh-specific node state on neighbor discovery.
2895 ieee80211_mesh_init_neighbor(struct ieee80211_node *ni,
2896 const struct ieee80211_frame *wh,
2897 const struct ieee80211_scanparams *sp)
2899 ieee80211_parse_meshid(ni, sp->meshid);
2903 ieee80211_mesh_update_beacon(struct ieee80211vap *vap,
2904 struct ieee80211_beacon_offsets *bo)
2906 KASSERT(vap->iv_opmode == IEEE80211_M_MBSS, ("not a MBSS vap"));
2908 if (isset(bo->bo_flags, IEEE80211_BEACON_MESHCONF)) {
2909 (void)ieee80211_add_meshconf(bo->bo_meshconf, vap);
2910 clrbit(bo->bo_flags, IEEE80211_BEACON_MESHCONF);
2915 mesh_ioctl_get80211(struct ieee80211vap *vap, struct ieee80211req *ireq)
2917 struct ieee80211_mesh_state *ms = vap->iv_mesh;
2918 uint8_t tmpmeshid[IEEE80211_NWID_LEN];
2919 struct ieee80211_mesh_route *rt;
2920 struct ieee80211req_mesh_route *imr;
2925 if (vap->iv_opmode != IEEE80211_M_MBSS)
2929 switch (ireq->i_type) {
2930 case IEEE80211_IOC_MESH_ID:
2931 ireq->i_len = ms->ms_idlen;
2932 memcpy(tmpmeshid, ms->ms_id, ireq->i_len);
2933 error = copyout(tmpmeshid, ireq->i_data, ireq->i_len);
2935 case IEEE80211_IOC_MESH_AP:
2936 ireq->i_val = (ms->ms_flags & IEEE80211_MESHFLAGS_AP) != 0;
2938 case IEEE80211_IOC_MESH_FWRD:
2939 ireq->i_val = (ms->ms_flags & IEEE80211_MESHFLAGS_FWD) != 0;
2941 case IEEE80211_IOC_MESH_TTL:
2942 ireq->i_val = ms->ms_ttl;
2944 case IEEE80211_IOC_MESH_RTCMD:
2945 switch (ireq->i_val) {
2946 case IEEE80211_MESH_RTCMD_LIST:
2949 TAILQ_FOREACH(rt, &ms->ms_routes, rt_next) {
2950 len += sizeof(*imr);
2953 if (len > ireq->i_len || ireq->i_len < sizeof(*imr)) {
2959 p = malloc(len, M_TEMP, M_NOWAIT | M_ZERO);
2964 TAILQ_FOREACH(rt, &ms->ms_routes, rt_next) {
2967 imr = (struct ieee80211req_mesh_route *)
2969 IEEE80211_ADDR_COPY(imr->imr_dest,
2971 IEEE80211_ADDR_COPY(imr->imr_nexthop,
2973 imr->imr_metric = rt->rt_metric;
2974 imr->imr_nhops = rt->rt_nhops;
2976 ieee80211_mesh_rt_update(rt, 0);
2977 imr->imr_lastmseq = rt->rt_lastmseq;
2978 imr->imr_flags = rt->rt_flags; /* last */
2979 off += sizeof(*imr);
2982 error = copyout(p, (uint8_t *)ireq->i_data,
2986 case IEEE80211_MESH_RTCMD_FLUSH:
2987 case IEEE80211_MESH_RTCMD_ADD:
2988 case IEEE80211_MESH_RTCMD_DELETE:
2994 case IEEE80211_IOC_MESH_PR_METRIC:
2995 len = strlen(ms->ms_pmetric->mpm_descr);
2996 if (ireq->i_len < len)
2999 error = copyout(ms->ms_pmetric->mpm_descr,
3000 (uint8_t *)ireq->i_data, len);
3002 case IEEE80211_IOC_MESH_PR_PATH:
3003 len = strlen(ms->ms_ppath->mpp_descr);
3004 if (ireq->i_len < len)
3007 error = copyout(ms->ms_ppath->mpp_descr,
3008 (uint8_t *)ireq->i_data, len);
3016 IEEE80211_IOCTL_GET(mesh, mesh_ioctl_get80211);
3019 mesh_ioctl_set80211(struct ieee80211vap *vap, struct ieee80211req *ireq)
3021 struct ieee80211_mesh_state *ms = vap->iv_mesh;
3022 uint8_t tmpmeshid[IEEE80211_NWID_LEN];
3023 uint8_t tmpaddr[IEEE80211_ADDR_LEN];
3024 char tmpproto[IEEE80211_MESH_PROTO_DSZ];
3027 if (vap->iv_opmode != IEEE80211_M_MBSS)
3031 switch (ireq->i_type) {
3032 case IEEE80211_IOC_MESH_ID:
3033 if (ireq->i_val != 0 || ireq->i_len > IEEE80211_MESHID_LEN)
3035 error = copyin(ireq->i_data, tmpmeshid, ireq->i_len);
3038 memset(ms->ms_id, 0, IEEE80211_NWID_LEN);
3039 ms->ms_idlen = ireq->i_len;
3040 memcpy(ms->ms_id, tmpmeshid, ireq->i_len);
3043 case IEEE80211_IOC_MESH_AP:
3045 ms->ms_flags |= IEEE80211_MESHFLAGS_AP;
3047 ms->ms_flags &= ~IEEE80211_MESHFLAGS_AP;
3050 case IEEE80211_IOC_MESH_FWRD:
3052 ms->ms_flags |= IEEE80211_MESHFLAGS_FWD;
3054 ms->ms_flags &= ~IEEE80211_MESHFLAGS_FWD;
3056 case IEEE80211_IOC_MESH_TTL:
3057 ms->ms_ttl = (uint8_t) ireq->i_val;
3059 case IEEE80211_IOC_MESH_RTCMD:
3060 switch (ireq->i_val) {
3061 case IEEE80211_MESH_RTCMD_LIST:
3063 case IEEE80211_MESH_RTCMD_FLUSH:
3064 ieee80211_mesh_rt_flush(vap);
3066 case IEEE80211_MESH_RTCMD_ADD:
3067 if (IEEE80211_ADDR_EQ(vap->iv_myaddr, ireq->i_data) ||
3068 IEEE80211_ADDR_EQ(broadcastaddr, ireq->i_data))
3070 error = copyin(ireq->i_data, &tmpaddr,
3071 IEEE80211_ADDR_LEN);
3073 ieee80211_mesh_discover(vap, tmpaddr, NULL);
3075 case IEEE80211_MESH_RTCMD_DELETE:
3076 ieee80211_mesh_rt_del(vap, ireq->i_data);
3082 case IEEE80211_IOC_MESH_PR_METRIC:
3083 error = copyin(ireq->i_data, tmpproto, sizeof(tmpproto));
3085 error = mesh_select_proto_metric(vap, tmpproto);
3090 case IEEE80211_IOC_MESH_PR_PATH:
3091 error = copyin(ireq->i_data, tmpproto, sizeof(tmpproto));
3093 error = mesh_select_proto_path(vap, tmpproto);
3103 IEEE80211_IOCTL_SET(mesh, mesh_ioctl_set80211);
projects / FreeBSD / FreeBSD.git / blob