void send_assoc(struct params *p)
{
union {
struct ieee80211_frame w;
char buf[2048];
} u;
struct ieee80211_frame *wh;
char *data;
int len, capinfo, lintval;
memset(&u, 0, sizeof(u));
wh = (struct ieee80211_frame*) &u.w;
fill_basic(wh, p);
wh->i_fc[0] |= IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_ASSOC_REQ;
data = (char*) (wh + 1);
/* capability */
capinfo = IEEE80211_CAPINFO_ESS;
if (p->wep_len)
capinfo |= IEEE80211_CAPINFO_PRIVACY;
*(uint16_t *)data = htole16(capinfo);
data += 2;
/* listen interval */
*(uint16_t *)data = htole16(100);
data += 2;
data = ieee80211_add_ssid(data, p->ssid, strlen(p->ssid));
*data++ = 1; /* rates */
*data++ = 4;
*data++ = 2 | 0x80;
*data++ = 4 | 0x80;
*data++ = 11;
*data++ = 22;
len = data - (char*)wh;
send_frame(p, u.buf, len);
}
/*
* Fill in probe request with the following parameters:
* TA is our vif HW address, which mac80211 ensures we have.
* Packet is broadcasted, so this is both SA and DA.
* The probe request IE is made out of two: first comes the most prioritized
* SSID if a directed scan is requested. Second comes whatever extra
* information was given to us as the scan request IE.
*/
static uint16_t
iwm_mvm_fill_probe_req(struct iwm_softc *sc, struct ieee80211_frame *frame,
const uint8_t *ta, int n_ssids, const uint8_t *ssid, int ssid_len,
const uint8_t *ie, int ie_len, int left)
{
uint8_t *pos = NULL;
/* Make sure there is enough space for the probe request,
* two mandatory IEs and the data */
left -= sizeof(*frame);
if (left < 0)
return 0;
frame->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT |
IEEE80211_FC0_SUBTYPE_PROBE_REQ;
frame->i_fc[1] = IEEE80211_FC1_DIR_NODS;
IEEE80211_ADDR_COPY(frame->i_addr1, ieee80211broadcastaddr);
IEEE80211_ADDR_COPY(frame->i_addr2, ta);
IEEE80211_ADDR_COPY(frame->i_addr3, ieee80211broadcastaddr);
/* for passive scans, no need to fill anything */
if (n_ssids == 0)
return sizeof(*frame);
/* points to the payload of the request */
pos = (uint8_t *)frame + sizeof(*frame);
/* fill in our SSID IE */
left -= ssid_len + 2;
if (left < 0)
return 0;
pos = ieee80211_add_ssid(pos, ssid, ssid_len);
if (ie && ie_len && left >= ie_len) {
memcpy(pos, ie, ie_len);
pos += ie_len;
}
return pos - (uint8_t *)frame;
}
/*
* Send a probe response frame.
* NB: for probe response, the node may not represent the peer STA.
* We could use BSS node to reduce the memory usage from temporary node.
*/
int
ieee80211_send_proberesp(struct ieee80211_node *ni, u_int8_t *macaddr,
const void *optie, const size_t optielen)
{
struct ieee80211vap *vap = ni->ni_vap;
struct ieee80211com *ic = ni->ni_ic;
struct ieee80211_rsnparms *rsn = &vap->iv_rsn;
wbuf_t wbuf;
struct ieee80211_frame *wh;
u_int8_t *frm;
u_int16_t capinfo;
int enable_htrates;
bool add_wpa_ie = true;
ASSERT(vap->iv_opmode == IEEE80211_M_HOSTAP || vap->iv_opmode == IEEE80211_M_IBSS ||
vap->iv_opmode == IEEE80211_M_BTAMP);
wbuf = wbuf_alloc(ic->ic_osdev, WBUF_TX_MGMT, MAX_TX_RX_PACKET_SIZE);
if (wbuf == NULL)
return -ENOMEM;
#ifdef IEEE80211_DEBUG_REFCNT
printk("%s ,line %u: increase node %p <%s> refcnt to %d\n",
__func__, __LINE__, ni, ether_sprintf(ni->ni_macaddr),
ieee80211_node_refcnt(ni));
#endif
/* setup the wireless header */
wh = (struct ieee80211_frame *)wbuf_header(wbuf);
ieee80211_send_setup(vap, ni, wh,
IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP,
vap->iv_myaddr, macaddr,
ieee80211_node_get_bssid(ni));
frm = (u_int8_t *)&wh[1];
/*
* probe response frame format
* [8] time stamp
* [2] beacon interval
* [2] cabability information
* [tlv] ssid
* [tlv] supported rates
* [tlv] parameter set (FH/DS)
* [tlv] parameter set (IBSS)
* [tlv] extended rate phy (ERP)
* [tlv] extended supported rates
* [tlv] country (if present)
* [3] power constraint
* [tlv] WPA
* [tlv] WME
* [tlv] HT Capabilities
* [tlv] HT Information
* [tlv] Atheros Advanced Capabilities
*/
OS_MEMZERO(frm, 8); /* timestamp should be filled later */
frm += 8;
*(u_int16_t *)frm = htole16(vap->iv_bss->ni_intval);
frm += 2;
if (vap->iv_opmode == IEEE80211_M_IBSS)
capinfo = IEEE80211_CAPINFO_IBSS;
else
capinfo = IEEE80211_CAPINFO_ESS;
if (IEEE80211_VAP_IS_PRIVACY_ENABLED(vap))
capinfo |= IEEE80211_CAPINFO_PRIVACY;
if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) &&
IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan))
capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE;
if (ic->ic_flags & IEEE80211_F_SHSLOT)
capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME;
if (ieee80211_ic_doth_is_set(ic) && ieee80211_vap_doth_is_set(vap))
capinfo |= IEEE80211_CAPINFO_SPECTRUM_MGMT;
*(u_int16_t *)frm = htole16(capinfo);
frm += 2;
frm = ieee80211_add_ssid(frm, vap->iv_bss->ni_essid,
vap->iv_bss->ni_esslen);
frm = ieee80211_add_rates(frm, &vap->iv_bss->ni_rates, ic);
if (!IEEE80211_IS_CHAN_FHSS(vap->iv_bsschan)) {
*frm++ = IEEE80211_ELEMID_DSPARMS;
*frm++ = 1;
*frm++ = ieee80211_chan2ieee(ic, ic->ic_curchan);
}
if (vap->iv_opmode == IEEE80211_M_IBSS) {
*frm++ = IEEE80211_ELEMID_IBSSPARMS;
*frm++ = 2;
*frm++ = 0; *frm++ = 0; /* TODO: ATIM window */
}
if (IEEE80211_IS_COUNTRYIE_ENABLED(ic)) {
frm = ieee80211_add_country(frm, vap);
}
if (ieee80211_ic_doth_is_set(ic) && ieee80211_vap_doth_is_set(vap)) {
*frm++ = IEEE80211_ELEMID_PWRCNSTR;
*frm++ = 1;
*frm++ = IEEE80211_PWRCONSTRAINT_VAL(vap);
}
#if ATH_SUPPORT_IBSS_DFS
if (vap->iv_opmode == IEEE80211_M_IBSS) {
frm = ieee80211_add_ibss_dfs(frm,vap);
}
#endif
if (IEEE80211_IS_CHAN_ANYG(ic->ic_curchan) ||
IEEE80211_IS_CHAN_11NG(ic->ic_curchan)) {
frm = ieee80211_add_erp(frm, ic);
}
/*
* check if os shim has setup RSN IE it self.
*/
IEEE80211_VAP_LOCK(vap);
if (vap->iv_app_ie[IEEE80211_FRAME_TYPE_PROBERESP].length) {
add_wpa_ie = ieee80211_check_wpaie(vap, vap->iv_app_ie[IEEE80211_FRAME_TYPE_PROBERESP].ie,
vap->iv_app_ie[IEEE80211_FRAME_TYPE_PROBERESP].length);
}
if (vap->iv_opt_ie.length) {
add_wpa_ie = ieee80211_check_wpaie(vap, vap->iv_opt_ie.ie,
vap->iv_opt_ie.length);
}
IEEE80211_VAP_UNLOCK(vap);
if (add_wpa_ie) {
if (RSN_AUTH_IS_RSNA(rsn))
frm = ieee80211_setup_rsn_ie(vap, frm);
}
#if ATH_SUPPORT_WAPI
if (RSN_AUTH_IS_WAI(rsn))
frm = ieee80211_setup_wapi_ie(vap, frm);
#endif
frm = ieee80211_add_xrates(frm, &vap->iv_bss->ni_rates, ic);
enable_htrates = ieee80211vap_htallowed(vap);
if (IEEE80211_IS_CHAN_11N(ic->ic_curchan) && enable_htrates) {
frm = ieee80211_add_htcap(frm, ni, IEEE80211_FC0_SUBTYPE_PROBE_RESP);
if (!IEEE80211_IS_HTVIE_ENABLED(ic))
frm = ieee80211_add_htcap_pre_ana(frm, ni, IEEE80211_FC0_SUBTYPE_PROBE_RESP);
frm = ieee80211_add_htinfo(frm, ni);
if (!IEEE80211_IS_HTVIE_ENABLED(ic))
frm = ieee80211_add_htinfo_pre_ana(frm, ni);
if (!(ic->ic_flags & IEEE80211_F_COEXT_DISABLE)) {
frm = ieee80211_add_obss_scan(frm, ni);
frm = ieee80211_add_extcap(frm, ni);
}
}
if (add_wpa_ie) {
if (RSN_AUTH_IS_WPA(rsn))
frm = ieee80211_setup_wpa_ie(vap, frm);
}
if (ieee80211_vap_wme_is_set(vap) &&
(vap->iv_opmode == IEEE80211_M_HOSTAP || vap->iv_opmode == IEEE80211_M_BTAMP)) /* don't support WMM in ad-hoc for now */
frm = ieee80211_add_wme_param(frm, &ic->ic_wme, IEEE80211_VAP_IS_UAPSD_ENABLED(vap));
if ((IEEE80211_IS_CHAN_11N(ic->ic_curchan)) && (IEEE80211_IS_HTVIE_ENABLED(ic)) && enable_htrates) {
frm = ieee80211_add_htcap_vendor_specific(frm, ni, IEEE80211_FC0_SUBTYPE_PROBE_RESP);
frm = ieee80211_add_htinfo_vendor_specific(frm, ni);
}
if (vap->iv_bss->ni_ath_flags) {
frm = ieee80211_add_athAdvCap(frm, vap->iv_bss->ni_ath_flags,
vap->iv_bss->ni_ath_defkeyindex);
} else {
frm = ieee80211_add_athAdvCap(frm, 0, IEEE80211_INVAL_DEFKEY);
}
/* Insert ieee80211_ie_ath_extcap IE to beacon */
if (ic->ic_ath_extcap)
frm = ieee80211_add_athextcap(frm, ic->ic_ath_extcap, ic->ic_weptkipaggr_rxdelim);
#ifdef notyet
if (ni->ni_ath_ie != NULL) /* XXX */
frm = ieee80211_add_ath(frm, ni);
#endif
IEEE80211_VAP_LOCK(vap);
if (vap->iv_opt_ie.length) {
OS_MEMCPY(frm, vap->iv_opt_ie.ie,
vap->iv_opt_ie.length);
frm += vap->iv_opt_ie.length;
}
if (vap->iv_app_ie[IEEE80211_FRAME_TYPE_PROBERESP].length) {
OS_MEMCPY(frm, vap->iv_app_ie[IEEE80211_FRAME_TYPE_PROBERESP].ie,
vap->iv_app_ie[IEEE80211_FRAME_TYPE_PROBERESP].length);
frm += vap->iv_app_ie[IEEE80211_FRAME_TYPE_PROBERESP].length;
}
/* Add the Application IE's */
frm = ieee80211_mlme_app_ie_append(vap, IEEE80211_FRAME_TYPE_PROBERESP, frm);
IEEE80211_VAP_UNLOCK(vap);
if (optie != NULL && optielen != 0) {
OS_MEMCPY(frm, optie, optielen);
frm += optielen;
}
wbuf_set_pktlen(wbuf, (frm - (u_int8_t *)wbuf_header(wbuf)));
return ieee80211_send_mgmt(vap,ni, wbuf,true);
}
static int
iwm_mvm_fill_probe_req(struct iwm_softc *sc, struct iwm_scan_probe_req *preq)
{
struct ieee80211com *ic = &sc->sc_ic;
struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps);
struct ieee80211_frame *wh = (struct ieee80211_frame *)preq->buf;
struct ieee80211_rateset *rs;
size_t remain = sizeof(preq->buf);
uint8_t *frm, *pos;
memset(preq, 0, sizeof(*preq));
/* Ensure enough space for header and SSID IE. */
if (remain < sizeof(*wh) + 2)
return ENOBUFS;
/*
* Build a probe request frame. Most of the following code is a
* copy & paste of what is done in net80211.
*/
wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT |
IEEE80211_FC0_SUBTYPE_PROBE_REQ;
wh->i_fc[1] = IEEE80211_FC1_DIR_NODS;
IEEE80211_ADDR_COPY(wh->i_addr1, ieee80211broadcastaddr);
IEEE80211_ADDR_COPY(wh->i_addr2, vap ? vap->iv_myaddr : ic->ic_macaddr);
IEEE80211_ADDR_COPY(wh->i_addr3, ieee80211broadcastaddr);
*(uint16_t *)&wh->i_dur[0] = 0; /* filled by HW */
*(uint16_t *)&wh->i_seq[0] = 0; /* filled by HW */
frm = (uint8_t *)(wh + 1);
frm = ieee80211_add_ssid(frm, NULL, 0);
/* Tell the firmware where the MAC header is. */
preq->mac_header.offset = 0;
preq->mac_header.len = htole16(frm - (uint8_t *)wh);
remain -= frm - (uint8_t *)wh;
/* Fill in 2GHz IEs and tell firmware where they are. */
rs = &ic->ic_sup_rates[IEEE80211_MODE_11G];
if (rs->rs_nrates > IEEE80211_RATE_SIZE) {
if (remain < 4 + rs->rs_nrates)
return ENOBUFS;
} else if (remain < 2 + rs->rs_nrates) {
return ENOBUFS;
}
preq->band_data[0].offset = htole16(frm - (uint8_t *)wh);
pos = frm;
frm = ieee80211_add_rates(frm, rs);
if (rs->rs_nrates > IEEE80211_RATE_SIZE)
frm = ieee80211_add_xrates(frm, rs);
preq->band_data[0].len = htole16(frm - pos);
remain -= frm - pos;
if (iwm_mvm_rrm_scan_needed(sc)) {
if (remain < 3)
return ENOBUFS;
*frm++ = IEEE80211_ELEMID_DSPARMS;
*frm++ = 1;
*frm++ = 0;
remain -= 3;
}
if (sc->nvm_data->sku_cap_band_52GHz_enable) {
/* Fill in 5GHz IEs. */
rs = &ic->ic_sup_rates[IEEE80211_MODE_11A];
if (rs->rs_nrates > IEEE80211_RATE_SIZE) {
if (remain < 4 + rs->rs_nrates)
return ENOBUFS;
} else if (remain < 2 + rs->rs_nrates) {
return ENOBUFS;
}
preq->band_data[1].offset = htole16(frm - (uint8_t *)wh);
pos = frm;
frm = ieee80211_add_rates(frm, rs);
if (rs->rs_nrates > IEEE80211_RATE_SIZE)
frm = ieee80211_add_xrates(frm, rs);
preq->band_data[1].len = htole16(frm - pos);
remain -= frm - pos;
}
/* Send 11n IEs on both 2GHz and 5GHz bands. */
preq->common_data.offset = htole16(frm - (uint8_t *)wh);
pos = frm;
#if 0
if (ic->ic_flags & IEEE80211_F_HTON) {
if (remain < 28)
return ENOBUFS;
frm = ieee80211_add_htcaps(frm, ic);
/* XXX add WME info? */
}
#endif
preq->common_data.len = htole16(frm - pos);
return 0;
}