Cross Reference: /freebsd-11-stable/sys/net80211/ieee80211_scan

Deleted Added

sdiff udiff text old ( 184205 ) new ( 184210 )

full compact

ieee80211_scan_sta.c (184205)	ieee80211_scan_sta.c (184210)
1/- 2 Copyright (c) 2002-2008 Sam Leffler, Errno Consulting 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26#include <sys/cdefs.h>	1/- 2 Copyright (c) 2002-2008 Sam Leffler, Errno Consulting 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26#include <sys/cdefs.h>
27__FBSDID("$FreeBSD: head/sys/net80211/ieee80211_scan_sta.c 184205 2008-10-23 15:53:51Z des $");	27__FBSDID("$FreeBSD: head/sys/net80211/ieee80211_scan_sta.c 184210 2008-10-23 19:57:13Z des $");
28 29/* 30 * IEEE 802.11 station scanning support. 31 / 32#include "opt_wlan.h" 33 34#include <sys/param.h> 35#include <sys/systm.h> 36#include <sys/kernel.h> 37#include <sys/module.h> 38 39#include <sys/socket.h> 40 41#include <net/if.h> 42#include <net/if_media.h> 43#include <net/ethernet.h> 44 45#include <net80211/ieee80211_var.h> 46#include <net80211/ieee80211_input.h> 47#include <net80211/ieee80211_regdomain.h> 48 49#include <net/bpf.h> 50 51/ 52 * Parameters for managing cache entries: 53 * 54 * o a station with STA_FAILS_MAX failures is not considered 55 * when picking a candidate 56 * o a station that hasn't had an update in STA_PURGE_SCANS 57 * (background) scans is discarded 58 * o after STA_FAILS_AGE seconds we clear the failure count 59 / 60#define STA_FAILS_MAX 2 / assoc failures before ignored / 61#define STA_FAILS_AGE (260) /* time before clearing fails (secs) / 62#define STA_PURGE_SCANS 2 / age for purging entries (scans) / 63 64/ XXX tunable / 65#define STA_RSSI_MIN 8 / min acceptable rssi / 66#define STA_RSSI_MAX 40 / max rssi for comparison / 67 68struct sta_entry { 69 struct ieee80211_scan_entry base; 70 TAILQ_ENTRY(sta_entry) se_list; 71 LIST_ENTRY(sta_entry) se_hash; 72 uint8_t se_fails; / failure to associate count / 73 uint8_t se_seen; / seen during current scan / 74 uint8_t se_notseen; / not seen in previous scans / 75 uint8_t se_flags; 76#define STA_SSID_MATCH 0x01 77#define STA_BSSID_MATCH 0x02 78 uint32_t se_avgrssi; / LPF rssi state / 79 unsigned long se_lastupdate; / time of last update / 80 unsigned long se_lastfail; / time of last failure / 81 unsigned long se_lastassoc; / time of last association / 82 u_int se_scangen; / iterator scan gen# / 83 u_int se_countrygen; / gen# of last cc notify / 84}; 85 86#define STA_HASHSIZE 32 87/ simple hash is enough for variation of macaddr / 88#define STA_HASH(addr) \ 89 (((const uint8_t )(addr))[IEEE80211_ADDR_LEN - 1] % STA_HASHSIZE) 90 91struct sta_table { 92 struct mtx st_lock; /* on scan table / 93 TAILQ_HEAD(, sta_entry) st_entry; / all entries / 94 LIST_HEAD(, sta_entry) st_hash[STA_HASHSIZE]; 95 struct mtx st_scanlock; / on st_scaniter / 96 u_int st_scaniter; / gen# for iterator / 97 u_int st_scangen; / scan generation # / 98 int st_newscan; 99 / ap-related state / 100* int st_maxrssi[IEEE80211_CHAN_MAX]; 101}; 102 103static void sta_flush_table(struct sta_table ); 104/ 105 * match_bss returns a bitmask describing if an entry is suitable 106 * for use. If non-zero the entry was deemed not suitable and it's 107 * contents explains why. The following flags are or'd to to this 108 * mask and can be used to figure out why the entry was rejected. 109 / 110#define MATCH_CHANNEL 0x001 / channel mismatch / 111#define MATCH_CAPINFO 0x002 / capabilities mismatch, e.g. no ess / 112#define MATCH_PRIVACY 0x004 / privacy mismatch / 113#define MATCH_RATE 0x008 / rate set mismatch / 114#define MATCH_SSID 0x010 / ssid mismatch / 115#define MATCH_BSSID 0x020 / bssid mismatch / 116#define MATCH_FAILS 0x040 / too many failed auth attempts / 117#define MATCH_NOTSEEN 0x080 / not seen in recent scans / 118#define MATCH_RSSI 0x100 / rssi deemed too low to use / 119#define MATCH_CC 0x200 / country code mismatch / 120static int match_bss(struct ieee80211vap , 121 const struct ieee80211_scan_state , struct sta_entry , int); 122static void adhoc_age(struct ieee80211_scan_state ); 123* 124static __inline int 125isocmp(const uint8_t cc1[], const uint8_t cc2[]) 126{ 127 return (cc1[0] == cc2[0] && cc1[1] == cc2[1]); 128} 129 130/* number of references from net80211 layer / 131static int nrefs = 0; 132* 133/* 134 * Attach prior to any scanning work. 135 / 136static int 137sta_attach(struct ieee80211_scan_state ss) 138{ 139 struct sta_table st; 140*	28 29/* 30 * IEEE 802.11 station scanning support. 31 / 32#include "opt_wlan.h" 33 34#include <sys/param.h> 35#include <sys/systm.h> 36#include <sys/kernel.h> 37#include <sys/module.h> 38 39#include <sys/socket.h> 40 41#include <net/if.h> 42#include <net/if_media.h> 43#include <net/ethernet.h> 44 45#include <net80211/ieee80211_var.h> 46#include <net80211/ieee80211_input.h> 47#include <net80211/ieee80211_regdomain.h> 48 49#include <net/bpf.h> 50 51/ 52 * Parameters for managing cache entries: 53 * 54 * o a station with STA_FAILS_MAX failures is not considered 55 * when picking a candidate 56 * o a station that hasn't had an update in STA_PURGE_SCANS 57 * (background) scans is discarded 58 * o after STA_FAILS_AGE seconds we clear the failure count 59 / 60#define STA_FAILS_MAX 2 / assoc failures before ignored / 61#define STA_FAILS_AGE (260) /* time before clearing fails (secs) / 62#define STA_PURGE_SCANS 2 / age for purging entries (scans) / 63 64/ XXX tunable / 65#define STA_RSSI_MIN 8 / min acceptable rssi / 66#define STA_RSSI_MAX 40 / max rssi for comparison / 67 68struct sta_entry { 69 struct ieee80211_scan_entry base; 70 TAILQ_ENTRY(sta_entry) se_list; 71 LIST_ENTRY(sta_entry) se_hash; 72 uint8_t se_fails; / failure to associate count / 73 uint8_t se_seen; / seen during current scan / 74 uint8_t se_notseen; / not seen in previous scans / 75 uint8_t se_flags; 76#define STA_SSID_MATCH 0x01 77#define STA_BSSID_MATCH 0x02 78 uint32_t se_avgrssi; / LPF rssi state / 79 unsigned long se_lastupdate; / time of last update / 80 unsigned long se_lastfail; / time of last failure / 81 unsigned long se_lastassoc; / time of last association / 82 u_int se_scangen; / iterator scan gen# / 83 u_int se_countrygen; / gen# of last cc notify / 84}; 85 86#define STA_HASHSIZE 32 87/ simple hash is enough for variation of macaddr / 88#define STA_HASH(addr) \ 89 (((const uint8_t )(addr))[IEEE80211_ADDR_LEN - 1] % STA_HASHSIZE) 90 91struct sta_table { 92 struct mtx st_lock; /* on scan table / 93 TAILQ_HEAD(, sta_entry) st_entry; / all entries / 94 LIST_HEAD(, sta_entry) st_hash[STA_HASHSIZE]; 95 struct mtx st_scanlock; / on st_scaniter / 96 u_int st_scaniter; / gen# for iterator / 97 u_int st_scangen; / scan generation # / 98 int st_newscan; 99 / ap-related state / 100* int st_maxrssi[IEEE80211_CHAN_MAX]; 101}; 102 103static void sta_flush_table(struct sta_table ); 104/ 105 * match_bss returns a bitmask describing if an entry is suitable 106 * for use. If non-zero the entry was deemed not suitable and it's 107 * contents explains why. The following flags are or'd to to this 108 * mask and can be used to figure out why the entry was rejected. 109 / 110#define MATCH_CHANNEL 0x001 / channel mismatch / 111#define MATCH_CAPINFO 0x002 / capabilities mismatch, e.g. no ess / 112#define MATCH_PRIVACY 0x004 / privacy mismatch / 113#define MATCH_RATE 0x008 / rate set mismatch / 114#define MATCH_SSID 0x010 / ssid mismatch / 115#define MATCH_BSSID 0x020 / bssid mismatch / 116#define MATCH_FAILS 0x040 / too many failed auth attempts / 117#define MATCH_NOTSEEN 0x080 / not seen in recent scans / 118#define MATCH_RSSI 0x100 / rssi deemed too low to use / 119#define MATCH_CC 0x200 / country code mismatch / 120static int match_bss(struct ieee80211vap , 121 const struct ieee80211_scan_state , struct sta_entry , int); 122static void adhoc_age(struct ieee80211_scan_state ); 123* 124static __inline int 125isocmp(const uint8_t cc1[], const uint8_t cc2[]) 126{ 127 return (cc1[0] == cc2[0] && cc1[1] == cc2[1]); 128} 129 130/* number of references from net80211 layer / 131static int nrefs = 0; 132* 133/* 134 * Attach prior to any scanning work. 135 / 136static int 137sta_attach(struct ieee80211_scan_state ss) 138{ 139 struct sta_table st; 140*
141 st = malloc(sizeof(struct sta_table),	141 MALLOC(st, struct sta_table *, sizeof(struct sta_table),
142 M_80211_SCAN, M_NOWAIT \| M_ZERO); 143 if (st == NULL) 144 return 0; 145 mtx_init(&st->st_lock, "scantable", "802.11 scan table", MTX_DEF); 146 mtx_init(&st->st_scanlock, "scangen", "802.11 scangen", MTX_DEF); 147 TAILQ_INIT(&st->st_entry); 148 ss->ss_priv = st; 149 nrefs++; /* NB: we assume caller locking / 150* return 1; 151} 152 153/* 154 * Cleanup any private state. 155 / 156static int 157sta_detach(struct ieee80211_scan_state ss) 158{ 159 struct sta_table st = ss->ss_priv; 160* 161 if (st != NULL) { 162 sta_flush_table(st); 163 mtx_destroy(&st->st_lock); 164 mtx_destroy(&st->st_scanlock);	142 M_80211_SCAN, M_NOWAIT \| M_ZERO); 143 if (st == NULL) 144 return 0; 145 mtx_init(&st->st_lock, "scantable", "802.11 scan table", MTX_DEF); 146 mtx_init(&st->st_scanlock, "scangen", "802.11 scangen", MTX_DEF); 147 TAILQ_INIT(&st->st_entry); 148 ss->ss_priv = st; 149 nrefs++; /* NB: we assume caller locking / 150* return 1; 151} 152 153/* 154 * Cleanup any private state. 155 / 156static int 157sta_detach(struct ieee80211_scan_state ss) 158{ 159 struct sta_table st = ss->ss_priv; 160* 161 if (st != NULL) { 162 sta_flush_table(st); 163 mtx_destroy(&st->st_lock); 164 mtx_destroy(&st->st_scanlock);
165 free(st, M_80211_SCAN);	165 FREE(st, M_80211_SCAN);
166 KASSERT(nrefs > 0, ("imbalanced attach/detach")); 167 nrefs--; /* NB: we assume caller locking / 168* } 169 return 1; 170} 171 172/* 173 * Flush all per-scan state. 174 / 175static int 176sta_flush(struct ieee80211_scan_state ss) 177{ 178 struct sta_table st = ss->ss_priv; 179* 180 mtx_lock(&st->st_lock); 181 sta_flush_table(st); 182 mtx_unlock(&st->st_lock); 183 ss->ss_last = 0; 184 return 0; 185} 186 187/* 188 * Flush all entries in the scan cache. 189 / 190static void 191sta_flush_table(struct sta_table st) 192{ 193 struct sta_entry se, next; 194 195 TAILQ_FOREACH_SAFE(se, &st->st_entry, se_list, next) { 196 TAILQ_REMOVE(&st->st_entry, se, se_list); 197 LIST_REMOVE(se, se_hash); 198 ieee80211_ies_cleanup(&se->base.se_ies);	166 KASSERT(nrefs > 0, ("imbalanced attach/detach")); 167 nrefs--; /* NB: we assume caller locking / 168* } 169 return 1; 170} 171 172/* 173 * Flush all per-scan state. 174 / 175static int 176sta_flush(struct ieee80211_scan_state ss) 177{ 178 struct sta_table st = ss->ss_priv; 179* 180 mtx_lock(&st->st_lock); 181 sta_flush_table(st); 182 mtx_unlock(&st->st_lock); 183 ss->ss_last = 0; 184 return 0; 185} 186 187/* 188 * Flush all entries in the scan cache. 189 / 190static void 191sta_flush_table(struct sta_table st) 192{ 193 struct sta_entry se, next; 194 195 TAILQ_FOREACH_SAFE(se, &st->st_entry, se_list, next) { 196 TAILQ_REMOVE(&st->st_entry, se, se_list); 197 LIST_REMOVE(se, se_hash); 198 ieee80211_ies_cleanup(&se->base.se_ies);
199 free(se, M_80211_SCAN);	199 FREE(se, M_80211_SCAN);
200 } 201 memset(st->st_maxrssi, 0, sizeof(st->st_maxrssi)); 202} 203 204/* 205 * Process a beacon or probe response frame; create an 206 * entry in the scan cache or update any previous entry. 207 / 208static int 209sta_add(struct ieee80211_scan_state ss, 210 const struct ieee80211_scanparams sp, 211* const struct ieee80211_frame wh, 212* int subtype, int rssi, int noise, int rstamp) 213{ 214#define ISPROBE(_st) ((_st) == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 215#define PICK1ST(_ss) \ 216 ((ss->ss_flags & (IEEE80211_SCAN_PICK1ST \| IEEE80211_SCAN_GOTPICK)) == \ 217 IEEE80211_SCAN_PICK1ST) 218 struct sta_table st = ss->ss_priv; 219* const uint8_t macaddr = wh->i_addr2; 220* struct ieee80211vap vap = ss->ss_vap; 221* struct ieee80211com ic = vap->iv_ic; 222* struct sta_entry se; 223* struct ieee80211_scan_entry ise; 224* int hash; 225 226 hash = STA_HASH(macaddr); 227 228 mtx_lock(&st->st_lock); 229 LIST_FOREACH(se, &st->st_hash[hash], se_hash) 230 if (IEEE80211_ADDR_EQ(se->base.se_macaddr, macaddr)) 231 goto found;	200 } 201 memset(st->st_maxrssi, 0, sizeof(st->st_maxrssi)); 202} 203 204/* 205 * Process a beacon or probe response frame; create an 206 * entry in the scan cache or update any previous entry. 207 / 208static int 209sta_add(struct ieee80211_scan_state ss, 210 const struct ieee80211_scanparams sp, 211* const struct ieee80211_frame wh, 212* int subtype, int rssi, int noise, int rstamp) 213{ 214#define ISPROBE(_st) ((_st) == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 215#define PICK1ST(_ss) \ 216 ((ss->ss_flags & (IEEE80211_SCAN_PICK1ST \| IEEE80211_SCAN_GOTPICK)) == \ 217 IEEE80211_SCAN_PICK1ST) 218 struct sta_table st = ss->ss_priv; 219* const uint8_t macaddr = wh->i_addr2; 220* struct ieee80211vap vap = ss->ss_vap; 221* struct ieee80211com ic = vap->iv_ic; 222* struct sta_entry se; 223* struct ieee80211_scan_entry ise; 224* int hash; 225 226 hash = STA_HASH(macaddr); 227 228 mtx_lock(&st->st_lock); 229 LIST_FOREACH(se, &st->st_hash[hash], se_hash) 230 if (IEEE80211_ADDR_EQ(se->base.se_macaddr, macaddr)) 231 goto found;
232 se = malloc(sizeof(struct sta_entry),	232 MALLOC(se, struct sta_entry *, sizeof(struct sta_entry),
233 M_80211_SCAN, M_NOWAIT \| M_ZERO); 234 if (se == NULL) { 235 mtx_unlock(&st->st_lock); 236 return 0; 237 } 238 se->se_scangen = st->st_scaniter-1; 239 se->se_avgrssi = IEEE80211_RSSI_DUMMY_MARKER; 240 IEEE80211_ADDR_COPY(se->base.se_macaddr, macaddr); 241 TAILQ_INSERT_TAIL(&st->st_entry, se, se_list); 242 LIST_INSERT_HEAD(&st->st_hash[hash], se, se_hash); 243found: 244 ise = &se->base; 245 /* XXX ap beaconing multiple ssid w/ same bssid / 246* if (sp->ssid[1] != 0 && 247 (ISPROBE(subtype) \|\| ise->se_ssid[1] == 0)) 248 memcpy(ise->se_ssid, sp->ssid, 2+sp->ssid[1]); 249 KASSERT(sp->rates[1] <= IEEE80211_RATE_MAXSIZE, 250 ("rate set too large: %u", sp->rates[1])); 251 memcpy(ise->se_rates, sp->rates, 2+sp->rates[1]); 252 if (sp->xrates != NULL) { 253 /* XXX validate xrates[1] / 254* KASSERT(sp->xrates[1] <= IEEE80211_RATE_MAXSIZE, 255 ("xrate set too large: %u", sp->xrates[1])); 256 memcpy(ise->se_xrates, sp->xrates, 2+sp->xrates[1]); 257 } else 258 ise->se_xrates[1] = 0; 259 IEEE80211_ADDR_COPY(ise->se_bssid, wh->i_addr3); 260 if ((sp->status & IEEE80211_BPARSE_OFFCHAN) == 0) { 261 /* 262 * Record rssi data using extended precision LPF filter. 263 * 264 * NB: use only on-channel data to insure we get a good 265 * estimate of the signal we'll see when associated. 266 / 267* IEEE80211_RSSI_LPF(se->se_avgrssi, rssi); 268 ise->se_rssi = IEEE80211_RSSI_GET(se->se_avgrssi); 269 ise->se_noise = noise; 270 } 271 ise->se_rstamp = rstamp; 272 memcpy(ise->se_tstamp.data, sp->tstamp, sizeof(ise->se_tstamp)); 273 ise->se_intval = sp->bintval; 274 ise->se_capinfo = sp->capinfo; 275 /* 276 * Beware of overriding se_chan for frames seen 277 * off-channel; this can cause us to attempt an 278 * association on the wrong channel. 279 / 280* if (sp->status & IEEE80211_BPARSE_OFFCHAN) { 281 struct ieee80211_channel c; 282* /* 283 * Off-channel, locate the home/bss channel for the sta 284 * using the value broadcast in the DSPARMS ie. We know 285 * sp->chan has this value because it's used to calculate 286 * IEEE80211_BPARSE_OFFCHAN. 287 / 288* c = ieee80211_find_channel_byieee(ic, sp->chan, 289 ic->ic_curchan->ic_flags); 290 if (c != NULL) { 291 ise->se_chan = c; 292 } else if (ise->se_chan == NULL) { 293 /* should not happen, pick something / 294* ise->se_chan = ic->ic_curchan; 295 } 296 } else 297 ise->se_chan = ic->ic_curchan; 298 ise->se_fhdwell = sp->fhdwell; 299 ise->se_fhindex = sp->fhindex; 300 ise->se_erp = sp->erp; 301 ise->se_timoff = sp->timoff; 302 if (sp->tim != NULL) { 303 const struct ieee80211_tim_ie tim = 304* (const struct ieee80211_tim_ie ) sp->tim; 305* ise->se_dtimperiod = tim->tim_period; 306 } 307 if (sp->country != NULL) { 308 const struct ieee80211_country_ie cie = 309* (const struct ieee80211_country_ie ) sp->country; 310* /* 311 * If 11d is enabled and we're attempting to join a bss 312 * that advertises it's country code then compare our 313 * current settings to what we fetched from the country ie. 314 * If our country code is unspecified or different then 315 * dispatch an event to user space that identifies the 316 * country code so our regdomain config can be changed. 317 / 318* /* XXX only for STA mode? / 319* if ((IEEE80211_IS_CHAN_11D(ise->se_chan) \|\| 320 (vap->iv_flags_ext & IEEE80211_FEXT_DOTD)) && 321 (ic->ic_regdomain.country == CTRY_DEFAULT \|\| 322 !isocmp(cie->cc, ic->ic_regdomain.isocc))) { 323 /* only issue one notify event per scan / 324* if (se->se_countrygen != st->st_scangen) { 325 ieee80211_notify_country(vap, ise->se_bssid, 326 cie->cc); 327 se->se_countrygen = st->st_scangen; 328 } 329 } 330 ise->se_cc[0] = cie->cc[0]; 331 ise->se_cc[1] = cie->cc[1]; 332 } 333 /* NB: no need to setup ie ptrs; they are not (currently) used / 334* (void) ieee80211_ies_init(&ise->se_ies, sp->ies, sp->ies_len); 335 336 /* clear failure count after STA_FAIL_AGE passes / 337* if (se->se_fails && (ticks - se->se_lastfail) > STA_FAILS_AGEhz) { 338* se->se_fails = 0; 339 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_SCAN, macaddr, 340 "%s: fails %u", __func__, se->se_fails); 341 } 342 343 se->se_lastupdate = ticks; /* update time / 344* se->se_seen = 1; 345 se->se_notseen = 0; 346 347 if (rssi > st->st_maxrssi[sp->bchan]) 348 st->st_maxrssi[sp->bchan] = rssi; 349 350 mtx_unlock(&st->st_lock); 351 352 /* 353 * If looking for a quick choice and nothing's 354 * been found check here. 355 / 356* if (PICK1ST(ss) && match_bss(vap, ss, se, IEEE80211_MSG_SCAN) == 0) 357 ss->ss_flags \|= IEEE80211_SCAN_GOTPICK; 358 359 return 1; 360#undef PICK1ST 361#undef ISPROBE 362} 363 364/* 365 * Check if a channel is excluded by user request. 366 / 367static int 368isexcluded(struct ieee80211vap vap, const struct ieee80211_channel c) 369{ 370* return (isclr(vap->iv_ic->ic_chan_active, c->ic_ieee) \|\| 371 (vap->iv_des_chan != IEEE80211_CHAN_ANYC && 372 c->ic_freq != vap->iv_des_chan->ic_freq)); 373} 374 375static struct ieee80211_channel * 376find11gchannel(struct ieee80211com ic, int i, int freq) 377{ 378* struct ieee80211_channel c; 379* int j; 380 381 /* 382 * The normal ordering in the channel list is b channel 383 * immediately followed by g so optimize the search for 384 * this. We'll still do a full search just in case. 385 / 386* for (j = i+1; j < ic->ic_nchans; j++) { 387 c = &ic->ic_channels[j]; 388 if (c->ic_freq == freq && IEEE80211_IS_CHAN_ANYG(c)) 389 return c; 390 } 391 for (j = 0; j < i; j++) { 392 c = &ic->ic_channels[j]; 393 if (c->ic_freq == freq && IEEE80211_IS_CHAN_ANYG(c)) 394 return c; 395 } 396 return NULL; 397} 398static const u_int chanflags[IEEE80211_MODE_MAX] = { 399 IEEE80211_CHAN_B, /* IEEE80211_MODE_AUTO / 400* IEEE80211_CHAN_A, /* IEEE80211_MODE_11A / 401* IEEE80211_CHAN_B, /* IEEE80211_MODE_11B / 402* IEEE80211_CHAN_G, /* IEEE80211_MODE_11G / 403* IEEE80211_CHAN_FHSS, /* IEEE80211_MODE_FH / 404* IEEE80211_CHAN_A, /* IEEE80211_MODE_TURBO_A (check base channel)/ 405* IEEE80211_CHAN_G, /* IEEE80211_MODE_TURBO_G / 406* IEEE80211_CHAN_ST, /* IEEE80211_MODE_STURBO_A / 407* IEEE80211_CHAN_A, /* IEEE80211_MODE_11NA (check legacy) / 408* IEEE80211_CHAN_G, /* IEEE80211_MODE_11NG (check legacy) / 409}; 410* 411static void 412add_channels(struct ieee80211vap vap, 413* struct ieee80211_scan_state ss, 414* enum ieee80211_phymode mode, const uint16_t freq[], int nfreq) 415{ 416#define N(a) (sizeof(a) / sizeof(a[0])) 417 struct ieee80211com ic = vap->iv_ic; 418* struct ieee80211_channel c, cg; 419 u_int modeflags; 420 int i; 421 422 KASSERT(mode < N(chanflags), ("Unexpected mode %u", mode)); 423 modeflags = chanflags[mode]; 424 for (i = 0; i < nfreq; i++) { 425 if (ss->ss_last >= IEEE80211_SCAN_MAX) 426 break; 427 428 c = ieee80211_find_channel(ic, freq[i], modeflags); 429 if (c == NULL \|\| isexcluded(vap, c)) 430 continue; 431 if (mode == IEEE80211_MODE_AUTO) { 432 /* 433 * XXX special-case 11b/g channels so we select 434 * the g channel if both are present. 435 / 436* if (IEEE80211_IS_CHAN_B(c) && 437 (cg = find11gchannel(ic, i, c->ic_freq)) != NULL) 438 c = cg; 439 } 440 ss->ss_chans[ss->ss_last++] = c; 441 } 442#undef N 443} 444 445struct scanlist { 446 uint16_t mode; 447 uint16_t count; 448 const uint16_t list; 449}; 450* 451static int 452checktable(const struct scanlist scan, const struct ieee80211_channel c) 453{ 454 int i; 455 456 for (; scan->list != NULL; scan++) { 457 for (i = 0; i < scan->count; i++) 458 if (scan->list[i] == c->ic_freq) 459 return 1; 460 } 461 return 0; 462} 463 464static void 465sweepchannels(struct ieee80211_scan_state ss, struct ieee80211vap vap, 466 const struct scanlist table[]) 467{ 468 struct ieee80211com ic = vap->iv_ic; 469* struct ieee80211_channel c; 470* int i; 471 472 for (i = 0; i < ic->ic_nchans; i++) { 473 if (ss->ss_last >= IEEE80211_SCAN_MAX) 474 break; 475 476 c = &ic->ic_channels[i]; 477 /* 478 * Ignore dynamic turbo channels; we scan them 479 * in normal mode (i.e. not boosted). Likewise 480 * for HT channels, they get scanned using 481 * legacy rates. 482 / 483* if (IEEE80211_IS_CHAN_DTURBO(c) \|\| IEEE80211_IS_CHAN_HT(c)) 484 continue; 485 486 /* 487 * If a desired mode was specified, scan only 488 * channels that satisfy that constraint. 489 / 490* if (vap->iv_des_mode != IEEE80211_MODE_AUTO && 491 vap->iv_des_mode != ieee80211_chan2mode(c)) 492 continue; 493 494 /* 495 * Skip channels excluded by user request. 496 / 497* if (isexcluded(vap, c)) 498 continue; 499 500 /* 501 * Add the channel unless it is listed in the 502 * fixed scan order tables. This insures we 503 * don't sweep back in channels we filtered out 504 * above. 505 / 506* if (checktable(table, c)) 507 continue; 508 509 /* Add channel to scanning list. / 510* ss->ss_chans[ss->ss_last++] = c; 511 } 512} 513 514static void 515makescanlist(struct ieee80211_scan_state ss, struct ieee80211vap vap, 516 const struct scanlist table[]) 517{ 518 const struct scanlist scan; 519* enum ieee80211_phymode mode; 520 521 ss->ss_last = 0; 522 /* 523 * Use the table of ordered channels to construct the list 524 * of channels for scanning. Any channels in the ordered 525 * list not in the master list will be discarded. 526 / 527* for (scan = table; scan->list != NULL; scan++) { 528 mode = scan->mode; 529 if (vap->iv_des_mode != IEEE80211_MODE_AUTO) { 530 /* 531 * If a desired mode was specified, scan only 532 * channels that satisfy that constraint. 533 / 534* if (vap->iv_des_mode != mode) { 535 /* 536 * The scan table marks 2.4Ghz channels as b 537 * so if the desired mode is 11g, then use 538 * the 11b channel list but upgrade the mode. 539 / 540* if (vap->iv_des_mode != IEEE80211_MODE_11G \|\| 541 mode != IEEE80211_MODE_11B) 542 continue; 543 mode = IEEE80211_MODE_11G; /* upgrade / 544* } 545 } else { 546 /* 547 * This lets add_channels upgrade an 11b channel 548 * to 11g if available. 549 / 550* if (mode == IEEE80211_MODE_11B) 551 mode = IEEE80211_MODE_AUTO; 552 } 553#ifdef IEEE80211_F_XR 554 /* XR does not operate on turbo channels / 555* if ((vap->iv_flags & IEEE80211_F_XR) && 556 (mode == IEEE80211_MODE_TURBO_A \|\| 557 mode == IEEE80211_MODE_TURBO_G \|\| 558 mode == IEEE80211_MODE_STURBO_A)) 559 continue; 560#endif 561 /* 562 * Add the list of the channels; any that are not 563 * in the master channel list will be discarded. 564 / 565* add_channels(vap, ss, mode, scan->list, scan->count); 566 } 567 568 /* 569 * Add the channels from the ic that are not present 570 * in the table. 571 / 572* sweepchannels(ss, vap, table); 573} 574 575static const uint16_t rcl1[] = /* 8 FCC channel: 52, 56, 60, 64, 36, 40, 44, 48 / 576{ 5260, 5280, 5300, 5320, 5180, 5200, 5220, 5240 }; 577static const uint16_t rcl2[] = / 4 MKK channels: 34, 38, 42, 46 / 578{ 5170, 5190, 5210, 5230 }; 579static const uint16_t rcl3[] = / 2.4Ghz ch: 1,6,11,7,13 / 580{ 2412, 2437, 2462, 2442, 2472 }; 581static const uint16_t rcl4[] = / 5 FCC channel: 149, 153, 161, 165 / 582{ 5745, 5765, 5785, 5805, 5825 }; 583static const uint16_t rcl7[] = / 11 ETSI channel: 100,104,108,112,116,120,124,128,132,136,140 / 584{ 5500, 5520, 5540, 5560, 5580, 5600, 5620, 5640, 5660, 5680, 5700 }; 585static const uint16_t rcl8[] = / 2.4Ghz ch: 2,3,4,5,8,9,10,12 / 586{ 2417, 2422, 2427, 2432, 2447, 2452, 2457, 2467 }; 587static const uint16_t rcl9[] = / 2.4Ghz ch: 14 / 588{ 2484 }; 589static const uint16_t rcl10[] = / Added Korean channels 2312-2372 / 590{ 2312, 2317, 2322, 2327, 2332, 2337, 2342, 2347, 2352, 2357, 2362, 2367, 2372 }; 591static const uint16_t rcl11[] = / Added Japan channels in 4.9/5.0 spectrum / 592{ 5040, 5060, 5080, 4920, 4940, 4960, 4980 }; 593#ifdef ATH_TURBO_SCAN 594static const uint16_t rcl5[] = / 3 static turbo channels / 595{ 5210, 5250, 5290 }; 596static const uint16_t rcl6[] = / 2 static turbo channels / 597{ 5760, 5800 }; 598static const uint16_t rcl6x[] = / 4 FCC3 turbo channels / 599{ 5540, 5580, 5620, 5660 }; 600static const uint16_t rcl12[] = / 2.4Ghz Turbo channel 6 / 601{ 2437 }; 602static const uint16_t rcl13[] = / dynamic Turbo channels / 603{ 5200, 5240, 5280, 5765, 5805 }; 604#endif / ATH_TURBO_SCAN / 605* 606#define X(a) .count = sizeof(a)/sizeof(a[0]), .list = a 607 608static const struct scanlist staScanTable[] = { 609 { IEEE80211_MODE_11B, X(rcl3) }, 610 { IEEE80211_MODE_11A, X(rcl1) }, 611 { IEEE80211_MODE_11A, X(rcl2) }, 612 { IEEE80211_MODE_11B, X(rcl8) }, 613 { IEEE80211_MODE_11B, X(rcl9) }, 614 { IEEE80211_MODE_11A, X(rcl4) }, 615#ifdef ATH_TURBO_SCAN 616 { IEEE80211_MODE_STURBO_A, X(rcl5) }, 617 { IEEE80211_MODE_STURBO_A, X(rcl6) }, 618 { IEEE80211_MODE_TURBO_A, X(rcl6x) }, 619 { IEEE80211_MODE_TURBO_A, X(rcl13) }, 620#endif /* ATH_TURBO_SCAN / 621* { IEEE80211_MODE_11A, X(rcl7) }, 622 { IEEE80211_MODE_11B, X(rcl10) }, 623 { IEEE80211_MODE_11A, X(rcl11) }, 624#ifdef ATH_TURBO_SCAN 625 { IEEE80211_MODE_TURBO_G, X(rcl12) }, 626#endif /* ATH_TURBO_SCAN / 627* { .list = NULL } 628}; 629 630/* 631 * Start a station-mode scan by populating the channel list. 632 / 633static int 634sta_start(struct ieee80211_scan_state ss, struct ieee80211vap vap) 635{ 636* struct sta_table st = ss->ss_priv; 637* 638 makescanlist(ss, vap, staScanTable); 639 640 if (ss->ss_mindwell == 0) 641 ss->ss_mindwell = msecs_to_ticks(20); /* 20ms / 642* if (ss->ss_maxdwell == 0) 643 ss->ss_maxdwell = msecs_to_ticks(200); /* 200ms / 644* 645 st->st_scangen++; 646 st->st_newscan = 1; 647 648 return 0; 649} 650 651/* 652 * Restart a scan, typically a bg scan but can 653 * also be a fg scan that came up empty. 654 / 655static int 656sta_restart(struct ieee80211_scan_state ss, struct ieee80211vap vap) 657{ 658* struct sta_table st = ss->ss_priv; 659* 660 st->st_newscan = 1; 661 return 0; 662} 663 664/* 665 * Cancel an ongoing scan. 666 / 667static int 668sta_cancel(struct ieee80211_scan_state ss, struct ieee80211vap vap) 669{ 670* return 0; 671} 672 673/* unalligned little endian access / 674#define LE_READ_2(p) \ 675* ((uint16_t) \ 676 ((((const uint8_t )(p))[0] ) \| \ 677* (((const uint8_t )(p))[1] << 8))) 678* 679static int 680maxrate(const struct ieee80211_scan_entry se) 681{ 682* const struct ieee80211_ie_htcap htcap = 683* (const struct ieee80211_ie_htcap ) se->se_ies.htcap_ie; 684* int rmax, r, i; 685 uint16_t caps; 686 687 rmax = 0; 688 if (htcap != NULL) { 689 /* 690 * HT station; inspect supported MCS and then adjust 691 * rate by channel width. Could also include short GI 692 * in this if we want to be extra accurate. 693 / 694* /* XXX assumes MCS15 is max / 695* for (i = 15; i >= 0 && isclr(htcap->hc_mcsset, i); i--) 696 ; 697 if (i >= 0) { 698 caps = LE_READ_2(&htcap->hc_cap); 699 /* XXX short/long GI / 700* if (caps & IEEE80211_HTCAP_CHWIDTH40) 701 rmax = ieee80211_htrates[i].ht40_rate_400ns; 702 else 703 rmax = ieee80211_htrates[i].ht40_rate_800ns; 704 } 705 } 706 for (i = 0; i < se->se_rates[1]; i++) { 707 r = se->se_rates[2+i] & IEEE80211_RATE_VAL; 708 if (r > rmax) 709 rmax = r; 710 } 711 for (i = 0; i < se->se_xrates[1]; i++) { 712 r = se->se_xrates[2+i] & IEEE80211_RATE_VAL; 713 if (r > rmax) 714 rmax = r; 715 } 716 return rmax; 717} 718 719/* 720 * Compare the capabilities of two entries and decide which is 721 * more desirable (return >0 if a is considered better). Note 722 * that we assume compatibility/usability has already been checked 723 * so we don't need to (e.g. validate whether privacy is supported). 724 * Used to select the best scan candidate for association in a BSS. 725 / 726static int 727sta_compare(const struct sta_entry a, const struct sta_entry b) 728{ 729#define PREFER(_a,_b,_what) do { \ 730* if (((_a) ^ (_b)) & (_what)) \ 731 return ((_a) & (_what)) ? 1 : -1; \ 732} while (0) 733 int maxa, maxb; 734 int8_t rssia, rssib; 735 int weight; 736 737 /* privacy support / 738* PREFER(a->base.se_capinfo, b->base.se_capinfo, 739 IEEE80211_CAPINFO_PRIVACY); 740 741 /* compare count of previous failures / 742* weight = b->se_fails - a->se_fails; 743 if (abs(weight) > 1) 744 return weight; 745 746 /* 747 * Compare rssi. If the two are considered equivalent 748 * then fallback to other criteria. We threshold the 749 * comparisons to avoid selecting an ap purely by rssi 750 * when both values may be good but one ap is otherwise 751 * more desirable (e.g. an 11b-only ap with stronger 752 * signal than an 11g ap). 753 / 754* rssia = MIN(a->base.se_rssi, STA_RSSI_MAX); 755 rssib = MIN(b->base.se_rssi, STA_RSSI_MAX); 756 if (abs(rssib - rssia) < 5) { 757 /* best/max rate preferred if signal level close enough XXX / 758* maxa = maxrate(&a->base); 759 maxb = maxrate(&b->base); 760 if (maxa != maxb) 761 return maxa - maxb; 762 /* XXX use freq for channel preference / 763* /* for now just prefer 5Ghz band to all other bands / 764* PREFER(IEEE80211_IS_CHAN_5GHZ(a->base.se_chan), 765 IEEE80211_IS_CHAN_5GHZ(b->base.se_chan), 1); 766 } 767 /* all things being equal, use signal level / 768* return a->base.se_rssi - b->base.se_rssi; 769#undef PREFER 770} 771 772/* 773 * Check rate set suitability and return the best supported rate. 774 * XXX inspect MCS for HT 775 / 776static int 777check_rate(struct ieee80211vap vap, const struct ieee80211_scan_entry se) 778{ 779#define RV(v) ((v) & IEEE80211_RATE_VAL) 780* const struct ieee80211_rateset srs; 781* int i, j, nrs, r, okrate, badrate, fixedrate, ucastrate; 782 const uint8_t rs; 783* 784 okrate = badrate = 0; 785 786 srs = ieee80211_get_suprates(vap->iv_ic, se->se_chan); 787 nrs = se->se_rates[1]; 788 rs = se->se_rates+2; 789 /* XXX MCS / 790* ucastrate = vap->iv_txparms[ieee80211_chan2mode(se->se_chan)].ucastrate; 791 fixedrate = IEEE80211_FIXED_RATE_NONE; 792again: 793 for (i = 0; i < nrs; i++) { 794 r = RV(rs[i]); 795 badrate = r; 796 /* 797 * Check any fixed rate is included. 798 / 799* if (r == ucastrate) 800 fixedrate = r; 801 /* 802 * Check against our supported rates. 803 / 804* for (j = 0; j < srs->rs_nrates; j++) 805 if (r == RV(srs->rs_rates[j])) { 806 if (r > okrate) /* NB: track max / 807* okrate = r; 808 break; 809 } 810 811 if (j == srs->rs_nrates && (rs[i] & IEEE80211_RATE_BASIC)) { 812 /* 813 * Don't try joining a BSS, if we don't support 814 * one of its basic rates. 815 / 816* okrate = 0; 817 goto back; 818 } 819 } 820 if (rs == se->se_rates+2) { 821 /* scan xrates too; sort of an algol68-style for loop / 822* nrs = se->se_xrates[1]; 823 rs = se->se_xrates+2; 824 goto again; 825 } 826 827back: 828 if (okrate == 0 \|\| ucastrate != fixedrate) 829 return badrate \| IEEE80211_RATE_BASIC; 830 else 831 return RV(okrate); 832#undef RV 833} 834 835static int 836match_ssid(const uint8_t ie, 837* int nssid, const struct ieee80211_scan_ssid ssids[]) 838{ 839 int i; 840 841 for (i = 0; i < nssid; i++) { 842 if (ie[1] == ssids[i].len && 843 memcmp(ie+2, ssids[i].ssid, ie[1]) == 0) 844 return 1; 845 } 846 return 0; 847} 848 849/* 850 * Test a scan candidate for suitability/compatibility. 851 / 852static int 853match_bss(struct ieee80211vap vap, 854 const struct ieee80211_scan_state ss, struct sta_entry se0, 855 int debug) 856{ 857 struct ieee80211com ic = vap->iv_ic; 858* struct ieee80211_scan_entry se = &se0->base; 859* uint8_t rate; 860 int fail; 861 862 fail = 0; 863 if (isclr(ic->ic_chan_active, ieee80211_chan2ieee(ic, se->se_chan))) 864 fail \|= MATCH_CHANNEL; 865 /* 866 * NB: normally the desired mode is used to construct 867 * the channel list, but it's possible for the scan 868 * cache to include entries for stations outside this 869 * list so we check the desired mode here to weed them 870 * out. 871 / 872* if (vap->iv_des_mode != IEEE80211_MODE_AUTO && 873 (se->se_chan->ic_flags & IEEE80211_CHAN_ALLTURBO) != 874 chanflags[vap->iv_des_mode]) 875 fail \|= MATCH_CHANNEL; 876 if (vap->iv_opmode == IEEE80211_M_IBSS) { 877 if ((se->se_capinfo & IEEE80211_CAPINFO_IBSS) == 0) 878 fail \|= MATCH_CAPINFO; 879 } else { 880 if ((se->se_capinfo & IEEE80211_CAPINFO_ESS) == 0) 881 fail \|= MATCH_CAPINFO; 882 /* 883 * If 11d is enabled and we're attempting to join a bss 884 * that advertises it's country code then compare our 885 * current settings to what we fetched from the country ie. 886 * If our country code is unspecified or different then do 887 * not attempt to join the bss. We should have already 888 * dispatched an event to user space that identifies the 889 * new country code so our regdomain config should match. 890 / 891* if ((IEEE80211_IS_CHAN_11D(se->se_chan) \|\| 892 (vap->iv_flags_ext & IEEE80211_FEXT_DOTD)) && 893 se->se_cc[0] != 0 && 894 (ic->ic_regdomain.country == CTRY_DEFAULT \|\| 895 !isocmp(se->se_cc, ic->ic_regdomain.isocc))) 896 fail \|= MATCH_CC; 897 } 898 if (vap->iv_flags & IEEE80211_F_PRIVACY) { 899 if ((se->se_capinfo & IEEE80211_CAPINFO_PRIVACY) == 0) 900 fail \|= MATCH_PRIVACY; 901 } else { 902 /* XXX does this mean privacy is supported or required? / 903* if (se->se_capinfo & IEEE80211_CAPINFO_PRIVACY) 904 fail \|= MATCH_PRIVACY; 905 } 906 rate = check_rate(vap, se); 907 if (rate & IEEE80211_RATE_BASIC) 908 fail \|= MATCH_RATE; 909 if (ss->ss_nssid != 0 && 910 !match_ssid(se->se_ssid, ss->ss_nssid, ss->ss_ssid)) 911 fail \|= MATCH_SSID; 912 if ((vap->iv_flags & IEEE80211_F_DESBSSID) && 913 !IEEE80211_ADDR_EQ(vap->iv_des_bssid, se->se_bssid)) 914 fail \|= MATCH_BSSID; 915 if (se0->se_fails >= STA_FAILS_MAX) 916 fail \|= MATCH_FAILS; 917 if (se0->se_notseen >= STA_PURGE_SCANS) 918 fail \|= MATCH_NOTSEEN; 919 if (se->se_rssi < STA_RSSI_MIN) 920 fail \|= MATCH_RSSI; 921#ifdef IEEE80211_DEBUG 922 if (ieee80211_msg(vap, debug)) { 923 printf(" %c %s", 924 fail & MATCH_FAILS ? '=' : 925 fail & MATCH_NOTSEEN ? '^' : 926 fail & MATCH_CC ? '$' : 927 fail ? '-' : '+', ether_sprintf(se->se_macaddr)); 928 printf(" %s%c", ether_sprintf(se->se_bssid), 929 fail & MATCH_BSSID ? '!' : ' '); 930 printf(" %3d%c", ieee80211_chan2ieee(ic, se->se_chan), 931 fail & MATCH_CHANNEL ? '!' : ' '); 932 printf(" %+4d%c", se->se_rssi, fail & MATCH_RSSI ? '!' : ' '); 933 printf(" %2dM%c", (rate & IEEE80211_RATE_VAL) / 2, 934 fail & MATCH_RATE ? '!' : ' '); 935 printf(" %4s%c", 936 (se->se_capinfo & IEEE80211_CAPINFO_ESS) ? "ess" : 937 (se->se_capinfo & IEEE80211_CAPINFO_IBSS) ? "ibss" : 938 "????", 939 fail & MATCH_CAPINFO ? '!' : ' '); 940 printf(" %3s%c ", 941 (se->se_capinfo & IEEE80211_CAPINFO_PRIVACY) ? 942 "wep" : "no", 943 fail & MATCH_PRIVACY ? '!' : ' '); 944 ieee80211_print_essid(se->se_ssid+2, se->se_ssid[1]); 945 printf("%s\n", fail & MATCH_SSID ? "!" : ""); 946 } 947#endif 948 return fail; 949} 950 951static void 952sta_update_notseen(struct sta_table st) 953{ 954* struct sta_entry se; 955* 956 mtx_lock(&st->st_lock); 957 TAILQ_FOREACH(se, &st->st_entry, se_list) { 958 /* 959 * If seen the reset and don't bump the count; 960 * otherwise bump the ``not seen'' count. Note 961 * that this insures that stations for which we 962 * see frames while not scanning but not during 963 * this scan will not be penalized. 964 / 965* if (se->se_seen) 966 se->se_seen = 0; 967 else 968 se->se_notseen++; 969 } 970 mtx_unlock(&st->st_lock); 971} 972 973static void 974sta_dec_fails(struct sta_table st) 975{ 976* struct sta_entry se; 977* 978 mtx_lock(&st->st_lock); 979 TAILQ_FOREACH(se, &st->st_entry, se_list) 980 if (se->se_fails) 981 se->se_fails--; 982 mtx_unlock(&st->st_lock); 983} 984 985static struct sta_entry * 986select_bss(struct ieee80211_scan_state ss, struct ieee80211vap vap, int debug) 987{ 988 struct sta_table st = ss->ss_priv; 989* struct sta_entry se, selbs = NULL; 990 991 IEEE80211_DPRINTF(vap, debug, " %s\n", 992 "macaddr bssid chan rssi rate flag wep essid"); 993 mtx_lock(&st->st_lock); 994 TAILQ_FOREACH(se, &st->st_entry, se_list) { 995 if (match_bss(vap, ss, se, debug) == 0) { 996 ieee80211_ies_expand(&se->base.se_ies); 997 if (selbs == NULL) 998 selbs = se; 999 else if (sta_compare(se, selbs) > 0) 1000 selbs = se; 1001 } 1002 } 1003 mtx_unlock(&st->st_lock); 1004 1005 return selbs; 1006} 1007 1008/* 1009 * Pick an ap or ibss network to join or find a channel 1010 * to use to start an ibss network. 1011 / 1012static int 1013sta_pick_bss(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1014{ 1015* struct sta_table st = ss->ss_priv; 1016* struct sta_entry selbs; 1017* 1018 KASSERT(vap->iv_opmode == IEEE80211_M_STA, 1019 ("wrong mode %u", vap->iv_opmode)); 1020 1021 if (st->st_newscan) { 1022 sta_update_notseen(st); 1023 st->st_newscan = 0; 1024 } 1025 if (ss->ss_flags & IEEE80211_SCAN_NOPICK) { 1026 /* 1027 * Manual/background scan, don't select+join the 1028 * bss, just return. The scanning framework will 1029 * handle notification that this has completed. 1030 / 1031* ss->ss_flags &= ~IEEE80211_SCAN_NOPICK; 1032 return 1; 1033 } 1034 /* 1035 * Automatic sequencing; look for a candidate and 1036 * if found join the network. 1037 / 1038* /* NB: unlocked read should be ok / 1039* if (TAILQ_FIRST(&st->st_entry) == NULL) { 1040 IEEE80211_DPRINTF(vap, IEEE80211_MSG_SCAN, 1041 "%s: no scan candidate\n", __func__); 1042 if (ss->ss_flags & IEEE80211_SCAN_NOJOIN) 1043 return 0; 1044notfound: 1045 /* 1046 * If nothing suitable was found decrement 1047 * the failure counts so entries will be 1048 * reconsidered the next time around. We 1049 * really want to do this only for sta's 1050 * where we've previously had some success. 1051 / 1052* sta_dec_fails(st); 1053 st->st_newscan = 1; 1054 return 0; /* restart scan / 1055* } 1056 selbs = select_bss(ss, vap, IEEE80211_MSG_SCAN); 1057 if (ss->ss_flags & IEEE80211_SCAN_NOJOIN) 1058 return (selbs != NULL); 1059 if (selbs == NULL \|\| !ieee80211_sta_join(vap, &selbs->base)) 1060 goto notfound; 1061 return 1; /* terminate scan / 1062} 1063* 1064/* 1065 * Lookup an entry in the scan cache. We assume we're 1066 * called from the bottom half or such that we don't need 1067 * to block the bottom half so that it's safe to return 1068 * a reference to an entry w/o holding the lock on the table. 1069 / 1070static struct sta_entry 1071sta_lookup(struct sta_table st, const uint8_t macaddr[IEEE80211_ADDR_LEN]) 1072{ 1073* struct sta_entry se; 1074* int hash = STA_HASH(macaddr); 1075 1076 mtx_lock(&st->st_lock); 1077 LIST_FOREACH(se, &st->st_hash[hash], se_hash) 1078 if (IEEE80211_ADDR_EQ(se->base.se_macaddr, macaddr)) 1079 break; 1080 mtx_unlock(&st->st_lock); 1081 1082 return se; /* NB: unlocked / 1083} 1084* 1085static void 1086sta_roam_check(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1087{ 1088 struct ieee80211com ic = vap->iv_ic; 1089* struct ieee80211_node ni = vap->iv_bss; 1090* struct sta_table st = ss->ss_priv; 1091* enum ieee80211_phymode mode; 1092 struct sta_entry se, selbs; 1093 uint8_t roamRate, curRate, ucastRate; 1094 int8_t roamRssi, curRssi; 1095 1096 se = sta_lookup(st, ni->ni_macaddr); 1097 if (se == NULL) { 1098 /* XXX something is wrong / 1099* return; 1100 } 1101 1102 mode = ieee80211_chan2mode(ic->ic_bsschan); 1103 roamRate = vap->iv_roamparms[mode].rate; 1104 roamRssi = vap->iv_roamparms[mode].rssi; 1105 ucastRate = vap->iv_txparms[mode].ucastrate; 1106 /* NB: the most up to date rssi is in the node, not the scan cache / 1107* curRssi = ic->ic_node_getrssi(ni); 1108 if (ucastRate == IEEE80211_FIXED_RATE_NONE) { 1109 curRate = ni->ni_txrate; 1110 roamRate &= IEEE80211_RATE_VAL; 1111 IEEE80211_DPRINTF(vap, IEEE80211_MSG_ROAM, 1112 "%s: currssi %d currate %u roamrssi %d roamrate %u\n", 1113 __func__, curRssi, curRate, roamRssi, roamRate); 1114 } else { 1115 curRate = roamRate; /* NB: insure compare below fails / 1116* IEEE80211_DPRINTF(vap, IEEE80211_MSG_ROAM, 1117 "%s: currssi %d roamrssi %d\n", __func__, curRssi, roamRssi); 1118 } 1119 /* 1120 * Check if a new ap should be used and switch. 1121 * XXX deauth current ap 1122 / 1123* if (curRate < roamRate \|\| curRssi < roamRssi) { 1124 if (time_after(ticks, ic->ic_lastscan + vap->iv_scanvalid)) { 1125 /* 1126 * Scan cache contents are too old; force a scan now 1127 * if possible so we have current state to make a 1128 * decision with. We don't kick off a bg scan if 1129 * we're using dynamic turbo and boosted or if the 1130 * channel is busy. 1131 * XXX force immediate switch on scan complete 1132 / 1133* if (!IEEE80211_IS_CHAN_DTURBO(ic->ic_curchan) && 1134 time_after(ticks, ic->ic_lastdata + vap->iv_bgscanidle)) 1135 ieee80211_bg_scan(vap, 0); 1136 return; 1137 } 1138 se->base.se_rssi = curRssi; 1139 selbs = select_bss(ss, vap, IEEE80211_MSG_ROAM); 1140 if (selbs != NULL && selbs != se) { 1141 IEEE80211_DPRINTF(vap, 1142 IEEE80211_MSG_ROAM \| IEEE80211_MSG_DEBUG, 1143 "%s: ROAM: curRate %u, roamRate %u, " 1144 "curRssi %d, roamRssi %d\n", __func__, 1145 curRate, roamRate, curRssi, roamRssi); 1146 ieee80211_sta_join(vap, &selbs->base); 1147 } 1148 } 1149} 1150 1151/* 1152 * Age entries in the scan cache. 1153 * XXX also do roaming since it's convenient 1154 / 1155static void 1156sta_age(struct ieee80211_scan_state ss) 1157{ 1158 struct ieee80211vap vap = ss->ss_vap; 1159* 1160 adhoc_age(ss); 1161 /* 1162 * If rate control is enabled check periodically to see if 1163 * we should roam from our current connection to one that 1164 * might be better. This only applies when we're operating 1165 * in sta mode and automatic roaming is set. 1166 * XXX defer if busy 1167 * XXX repeater station 1168 * XXX do when !bgscan? 1169 / 1170* KASSERT(vap->iv_opmode == IEEE80211_M_STA, 1171 ("wrong mode %u", vap->iv_opmode)); 1172 if (vap->iv_roaming == IEEE80211_ROAMING_AUTO && 1173 (vap->iv_ic->ic_flags & IEEE80211_F_BGSCAN) && 1174 vap->iv_state >= IEEE80211_S_RUN) 1175 /* XXX vap is implicit / 1176* sta_roam_check(ss, vap); 1177} 1178 1179/* 1180 * Iterate over the entries in the scan cache, invoking 1181 * the callback function on each one. 1182 / 1183static void 1184sta_iterate(struct ieee80211_scan_state ss, 1185 ieee80211_scan_iter_func f, void arg) 1186{ 1187 struct sta_table st = ss->ss_priv; 1188* struct sta_entry se; 1189* u_int gen; 1190 1191 mtx_lock(&st->st_scanlock); 1192 gen = st->st_scaniter++; 1193restart: 1194 mtx_lock(&st->st_lock); 1195 TAILQ_FOREACH(se, &st->st_entry, se_list) { 1196 if (se->se_scangen != gen) { 1197 se->se_scangen = gen; 1198 /* update public state / 1199* se->base.se_age = ticks - se->se_lastupdate; 1200 mtx_unlock(&st->st_lock); 1201 (f)(arg, &se->base); 1202* goto restart; 1203 } 1204 } 1205 mtx_unlock(&st->st_lock); 1206 1207 mtx_unlock(&st->st_scanlock); 1208} 1209 1210static void 1211sta_assoc_fail(struct ieee80211_scan_state ss, 1212* const uint8_t macaddr[IEEE80211_ADDR_LEN], int reason) 1213{ 1214 struct sta_table st = ss->ss_priv; 1215* struct sta_entry se; 1216* 1217 se = sta_lookup(st, macaddr); 1218 if (se != NULL) { 1219 se->se_fails++; 1220 se->se_lastfail = ticks; 1221 IEEE80211_NOTE_MAC(ss->ss_vap, IEEE80211_MSG_SCAN, 1222 macaddr, "%s: reason %u fails %u", 1223 __func__, reason, se->se_fails); 1224 } 1225} 1226 1227static void 1228sta_assoc_success(struct ieee80211_scan_state ss, 1229* const uint8_t macaddr[IEEE80211_ADDR_LEN]) 1230{ 1231 struct sta_table st = ss->ss_priv; 1232* struct sta_entry se; 1233* 1234 se = sta_lookup(st, macaddr); 1235 if (se != NULL) { 1236#if 0 1237 se->se_fails = 0; 1238 IEEE80211_NOTE_MAC(ss->ss_vap, IEEE80211_MSG_SCAN, 1239 macaddr, "%s: fails %u", 1240 __func__, se->se_fails); 1241#endif 1242 se->se_lastassoc = ticks; 1243 } 1244} 1245 1246static const struct ieee80211_scanner sta_default = { 1247 .scan_name = "default", 1248 .scan_attach = sta_attach, 1249 .scan_detach = sta_detach, 1250 .scan_start = sta_start, 1251 .scan_restart = sta_restart, 1252 .scan_cancel = sta_cancel, 1253 .scan_end = sta_pick_bss, 1254 .scan_flush = sta_flush, 1255 .scan_add = sta_add, 1256 .scan_age = sta_age, 1257 .scan_iterate = sta_iterate, 1258 .scan_assoc_fail = sta_assoc_fail, 1259 .scan_assoc_success = sta_assoc_success, 1260}; 1261 1262/* 1263 * Adhoc mode-specific support. 1264 / 1265* 1266static const uint16_t adhocWorld[] = /* 36, 40, 44, 48 / 1267{ 5180, 5200, 5220, 5240 }; 1268static const uint16_t adhocFcc3[] = / 36, 40, 44, 48 145, 149, 153, 157, 161, 165 / 1269{ 5180, 5200, 5220, 5240, 5725, 5745, 5765, 5785, 5805, 5825 }; 1270static const uint16_t adhocMkk[] = / 34, 38, 42, 46 / 1271{ 5170, 5190, 5210, 5230 }; 1272static const uint16_t adhoc11b[] = / 10, 11 / 1273{ 2457, 2462 }; 1274* 1275static const struct scanlist adhocScanTable[] = { 1276 { IEEE80211_MODE_11B, X(adhoc11b) }, 1277 { IEEE80211_MODE_11A, X(adhocWorld) }, 1278 { IEEE80211_MODE_11A, X(adhocFcc3) }, 1279 { IEEE80211_MODE_11B, X(adhocMkk) }, 1280 { .list = NULL } 1281}; 1282#undef X 1283 1284/* 1285 * Start an adhoc-mode scan by populating the channel list. 1286 / 1287static int 1288adhoc_start(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1289{ 1290* struct sta_table st = ss->ss_priv; 1291* 1292 makescanlist(ss, vap, adhocScanTable); 1293 1294 if (ss->ss_mindwell == 0) 1295 ss->ss_mindwell = msecs_to_ticks(200); /* 200ms / 1296* if (ss->ss_maxdwell == 0) 1297 ss->ss_maxdwell = msecs_to_ticks(200); /* 200ms / 1298* 1299 st->st_scangen++; 1300 st->st_newscan = 1; 1301 1302 return 0; 1303} 1304 1305/* 1306 * Select a channel to start an adhoc network on. 1307 * The channel list was populated with appropriate 1308 * channels so select one that looks least occupied. 1309 / 1310static struct ieee80211_channel 1311adhoc_pick_channel(struct ieee80211_scan_state ss, int flags) 1312{ 1313* struct sta_table st = ss->ss_priv; 1314* struct sta_entry se; 1315* struct ieee80211_channel c, bestchan; 1316 int i, bestrssi, maxrssi; 1317 1318 bestchan = NULL; 1319 bestrssi = -1; 1320 1321 mtx_lock(&st->st_lock); 1322 for (i = 0; i < ss->ss_last; i++) { 1323 c = ss->ss_chans[i]; 1324 /* never consider a channel with radar / 1325* if (IEEE80211_IS_CHAN_RADAR(c)) 1326 continue; 1327 /* skip channels disallowed by regulatory settings / 1328* if (IEEE80211_IS_CHAN_NOADHOC(c)) 1329 continue; 1330 /* check channel attributes for band compatibility / 1331* if (flags != 0 && (c->ic_flags & flags) != flags) 1332 continue; 1333 maxrssi = 0; 1334 TAILQ_FOREACH(se, &st->st_entry, se_list) { 1335 if (se->base.se_chan != c) 1336 continue; 1337 if (se->base.se_rssi > maxrssi) 1338 maxrssi = se->base.se_rssi; 1339 } 1340 if (bestchan == NULL \|\| maxrssi < bestrssi) 1341 bestchan = c; 1342 } 1343 mtx_unlock(&st->st_lock); 1344 1345 return bestchan; 1346} 1347 1348/* 1349 * Pick an ibss network to join or find a channel 1350 * to use to start an ibss network. 1351 / 1352static int 1353adhoc_pick_bss(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1354{ 1355* struct sta_table st = ss->ss_priv; 1356* struct sta_entry selbs; 1357* struct ieee80211_channel chan; 1358* 1359 KASSERT(vap->iv_opmode == IEEE80211_M_IBSS \|\| 1360 vap->iv_opmode == IEEE80211_M_AHDEMO, 1361 ("wrong opmode %u", vap->iv_opmode)); 1362 1363 if (st->st_newscan) { 1364 sta_update_notseen(st); 1365 st->st_newscan = 0; 1366 } 1367 if (ss->ss_flags & IEEE80211_SCAN_NOPICK) { 1368 /* 1369 * Manual/background scan, don't select+join the 1370 * bss, just return. The scanning framework will 1371 * handle notification that this has completed. 1372 / 1373* ss->ss_flags &= ~IEEE80211_SCAN_NOPICK; 1374 return 1; 1375 } 1376 /* 1377 * Automatic sequencing; look for a candidate and 1378 * if found join the network. 1379 / 1380* /* NB: unlocked read should be ok / 1381* if (TAILQ_FIRST(&st->st_entry) == NULL) { 1382 IEEE80211_DPRINTF(vap, IEEE80211_MSG_SCAN, 1383 "%s: no scan candidate\n", __func__); 1384 if (ss->ss_flags & IEEE80211_SCAN_NOJOIN) 1385 return 0; 1386notfound: 1387 if (vap->iv_des_nssid) { 1388 /* 1389 * No existing adhoc network to join and we have 1390 * an ssid; start one up. If no channel was 1391 * specified, try to select a channel. 1392 / 1393* if (vap->iv_des_chan == IEEE80211_CHAN_ANYC \|\| 1394 IEEE80211_IS_CHAN_RADAR(vap->iv_des_chan)) { 1395 struct ieee80211com ic = vap->iv_ic; 1396* 1397 chan = adhoc_pick_channel(ss, 0); 1398 if (chan != NULL) 1399 chan = ieee80211_ht_adjust_channel(ic, 1400 chan, vap->iv_flags_ext); 1401 } else 1402 chan = vap->iv_des_chan; 1403 if (chan != NULL) { 1404 ieee80211_create_ibss(vap, chan); 1405 return 1; 1406 } 1407 } 1408 /* 1409 * If nothing suitable was found decrement 1410 * the failure counts so entries will be 1411 * reconsidered the next time around. We 1412 * really want to do this only for sta's 1413 * where we've previously had some success. 1414 / 1415* sta_dec_fails(st); 1416 st->st_newscan = 1; 1417 return 0; /* restart scan / 1418* } 1419 selbs = select_bss(ss, vap, IEEE80211_MSG_SCAN); 1420 if (ss->ss_flags & IEEE80211_SCAN_NOJOIN) 1421 return (selbs != NULL); 1422 if (selbs == NULL \|\| !ieee80211_sta_join(vap, &selbs->base)) 1423 goto notfound; 1424 return 1; /* terminate scan / 1425} 1426* 1427/* 1428 * Age entries in the scan cache. 1429 / 1430static void 1431adhoc_age(struct ieee80211_scan_state ss) 1432{ 1433 struct sta_table st = ss->ss_priv; 1434* struct sta_entry se, next; 1435 1436 mtx_lock(&st->st_lock); 1437 TAILQ_FOREACH_SAFE(se, &st->st_entry, se_list, next) { 1438 if (se->se_notseen > STA_PURGE_SCANS) { 1439 TAILQ_REMOVE(&st->st_entry, se, se_list); 1440 LIST_REMOVE(se, se_hash); 1441 ieee80211_ies_cleanup(&se->base.se_ies);	233 M_80211_SCAN, M_NOWAIT \| M_ZERO); 234 if (se == NULL) { 235 mtx_unlock(&st->st_lock); 236 return 0; 237 } 238 se->se_scangen = st->st_scaniter-1; 239 se->se_avgrssi = IEEE80211_RSSI_DUMMY_MARKER; 240 IEEE80211_ADDR_COPY(se->base.se_macaddr, macaddr); 241 TAILQ_INSERT_TAIL(&st->st_entry, se, se_list); 242 LIST_INSERT_HEAD(&st->st_hash[hash], se, se_hash); 243found: 244 ise = &se->base; 245 /* XXX ap beaconing multiple ssid w/ same bssid / 246* if (sp->ssid[1] != 0 && 247 (ISPROBE(subtype) \|\| ise->se_ssid[1] == 0)) 248 memcpy(ise->se_ssid, sp->ssid, 2+sp->ssid[1]); 249 KASSERT(sp->rates[1] <= IEEE80211_RATE_MAXSIZE, 250 ("rate set too large: %u", sp->rates[1])); 251 memcpy(ise->se_rates, sp->rates, 2+sp->rates[1]); 252 if (sp->xrates != NULL) { 253 /* XXX validate xrates[1] / 254* KASSERT(sp->xrates[1] <= IEEE80211_RATE_MAXSIZE, 255 ("xrate set too large: %u", sp->xrates[1])); 256 memcpy(ise->se_xrates, sp->xrates, 2+sp->xrates[1]); 257 } else 258 ise->se_xrates[1] = 0; 259 IEEE80211_ADDR_COPY(ise->se_bssid, wh->i_addr3); 260 if ((sp->status & IEEE80211_BPARSE_OFFCHAN) == 0) { 261 /* 262 * Record rssi data using extended precision LPF filter. 263 * 264 * NB: use only on-channel data to insure we get a good 265 * estimate of the signal we'll see when associated. 266 / 267* IEEE80211_RSSI_LPF(se->se_avgrssi, rssi); 268 ise->se_rssi = IEEE80211_RSSI_GET(se->se_avgrssi); 269 ise->se_noise = noise; 270 } 271 ise->se_rstamp = rstamp; 272 memcpy(ise->se_tstamp.data, sp->tstamp, sizeof(ise->se_tstamp)); 273 ise->se_intval = sp->bintval; 274 ise->se_capinfo = sp->capinfo; 275 /* 276 * Beware of overriding se_chan for frames seen 277 * off-channel; this can cause us to attempt an 278 * association on the wrong channel. 279 / 280* if (sp->status & IEEE80211_BPARSE_OFFCHAN) { 281 struct ieee80211_channel c; 282* /* 283 * Off-channel, locate the home/bss channel for the sta 284 * using the value broadcast in the DSPARMS ie. We know 285 * sp->chan has this value because it's used to calculate 286 * IEEE80211_BPARSE_OFFCHAN. 287 / 288* c = ieee80211_find_channel_byieee(ic, sp->chan, 289 ic->ic_curchan->ic_flags); 290 if (c != NULL) { 291 ise->se_chan = c; 292 } else if (ise->se_chan == NULL) { 293 /* should not happen, pick something / 294* ise->se_chan = ic->ic_curchan; 295 } 296 } else 297 ise->se_chan = ic->ic_curchan; 298 ise->se_fhdwell = sp->fhdwell; 299 ise->se_fhindex = sp->fhindex; 300 ise->se_erp = sp->erp; 301 ise->se_timoff = sp->timoff; 302 if (sp->tim != NULL) { 303 const struct ieee80211_tim_ie tim = 304* (const struct ieee80211_tim_ie ) sp->tim; 305* ise->se_dtimperiod = tim->tim_period; 306 } 307 if (sp->country != NULL) { 308 const struct ieee80211_country_ie cie = 309* (const struct ieee80211_country_ie ) sp->country; 310* /* 311 * If 11d is enabled and we're attempting to join a bss 312 * that advertises it's country code then compare our 313 * current settings to what we fetched from the country ie. 314 * If our country code is unspecified or different then 315 * dispatch an event to user space that identifies the 316 * country code so our regdomain config can be changed. 317 / 318* /* XXX only for STA mode? / 319* if ((IEEE80211_IS_CHAN_11D(ise->se_chan) \|\| 320 (vap->iv_flags_ext & IEEE80211_FEXT_DOTD)) && 321 (ic->ic_regdomain.country == CTRY_DEFAULT \|\| 322 !isocmp(cie->cc, ic->ic_regdomain.isocc))) { 323 /* only issue one notify event per scan / 324* if (se->se_countrygen != st->st_scangen) { 325 ieee80211_notify_country(vap, ise->se_bssid, 326 cie->cc); 327 se->se_countrygen = st->st_scangen; 328 } 329 } 330 ise->se_cc[0] = cie->cc[0]; 331 ise->se_cc[1] = cie->cc[1]; 332 } 333 /* NB: no need to setup ie ptrs; they are not (currently) used / 334* (void) ieee80211_ies_init(&ise->se_ies, sp->ies, sp->ies_len); 335 336 /* clear failure count after STA_FAIL_AGE passes / 337* if (se->se_fails && (ticks - se->se_lastfail) > STA_FAILS_AGEhz) { 338* se->se_fails = 0; 339 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_SCAN, macaddr, 340 "%s: fails %u", __func__, se->se_fails); 341 } 342 343 se->se_lastupdate = ticks; /* update time / 344* se->se_seen = 1; 345 se->se_notseen = 0; 346 347 if (rssi > st->st_maxrssi[sp->bchan]) 348 st->st_maxrssi[sp->bchan] = rssi; 349 350 mtx_unlock(&st->st_lock); 351 352 /* 353 * If looking for a quick choice and nothing's 354 * been found check here. 355 / 356* if (PICK1ST(ss) && match_bss(vap, ss, se, IEEE80211_MSG_SCAN) == 0) 357 ss->ss_flags \|= IEEE80211_SCAN_GOTPICK; 358 359 return 1; 360#undef PICK1ST 361#undef ISPROBE 362} 363 364/* 365 * Check if a channel is excluded by user request. 366 / 367static int 368isexcluded(struct ieee80211vap vap, const struct ieee80211_channel c) 369{ 370* return (isclr(vap->iv_ic->ic_chan_active, c->ic_ieee) \|\| 371 (vap->iv_des_chan != IEEE80211_CHAN_ANYC && 372 c->ic_freq != vap->iv_des_chan->ic_freq)); 373} 374 375static struct ieee80211_channel * 376find11gchannel(struct ieee80211com ic, int i, int freq) 377{ 378* struct ieee80211_channel c; 379* int j; 380 381 /* 382 * The normal ordering in the channel list is b channel 383 * immediately followed by g so optimize the search for 384 * this. We'll still do a full search just in case. 385 / 386* for (j = i+1; j < ic->ic_nchans; j++) { 387 c = &ic->ic_channels[j]; 388 if (c->ic_freq == freq && IEEE80211_IS_CHAN_ANYG(c)) 389 return c; 390 } 391 for (j = 0; j < i; j++) { 392 c = &ic->ic_channels[j]; 393 if (c->ic_freq == freq && IEEE80211_IS_CHAN_ANYG(c)) 394 return c; 395 } 396 return NULL; 397} 398static const u_int chanflags[IEEE80211_MODE_MAX] = { 399 IEEE80211_CHAN_B, /* IEEE80211_MODE_AUTO / 400* IEEE80211_CHAN_A, /* IEEE80211_MODE_11A / 401* IEEE80211_CHAN_B, /* IEEE80211_MODE_11B / 402* IEEE80211_CHAN_G, /* IEEE80211_MODE_11G / 403* IEEE80211_CHAN_FHSS, /* IEEE80211_MODE_FH / 404* IEEE80211_CHAN_A, /* IEEE80211_MODE_TURBO_A (check base channel)/ 405* IEEE80211_CHAN_G, /* IEEE80211_MODE_TURBO_G / 406* IEEE80211_CHAN_ST, /* IEEE80211_MODE_STURBO_A / 407* IEEE80211_CHAN_A, /* IEEE80211_MODE_11NA (check legacy) / 408* IEEE80211_CHAN_G, /* IEEE80211_MODE_11NG (check legacy) / 409}; 410* 411static void 412add_channels(struct ieee80211vap vap, 413* struct ieee80211_scan_state ss, 414* enum ieee80211_phymode mode, const uint16_t freq[], int nfreq) 415{ 416#define N(a) (sizeof(a) / sizeof(a[0])) 417 struct ieee80211com ic = vap->iv_ic; 418* struct ieee80211_channel c, cg; 419 u_int modeflags; 420 int i; 421 422 KASSERT(mode < N(chanflags), ("Unexpected mode %u", mode)); 423 modeflags = chanflags[mode]; 424 for (i = 0; i < nfreq; i++) { 425 if (ss->ss_last >= IEEE80211_SCAN_MAX) 426 break; 427 428 c = ieee80211_find_channel(ic, freq[i], modeflags); 429 if (c == NULL \|\| isexcluded(vap, c)) 430 continue; 431 if (mode == IEEE80211_MODE_AUTO) { 432 /* 433 * XXX special-case 11b/g channels so we select 434 * the g channel if both are present. 435 / 436* if (IEEE80211_IS_CHAN_B(c) && 437 (cg = find11gchannel(ic, i, c->ic_freq)) != NULL) 438 c = cg; 439 } 440 ss->ss_chans[ss->ss_last++] = c; 441 } 442#undef N 443} 444 445struct scanlist { 446 uint16_t mode; 447 uint16_t count; 448 const uint16_t list; 449}; 450* 451static int 452checktable(const struct scanlist scan, const struct ieee80211_channel c) 453{ 454 int i; 455 456 for (; scan->list != NULL; scan++) { 457 for (i = 0; i < scan->count; i++) 458 if (scan->list[i] == c->ic_freq) 459 return 1; 460 } 461 return 0; 462} 463 464static void 465sweepchannels(struct ieee80211_scan_state ss, struct ieee80211vap vap, 466 const struct scanlist table[]) 467{ 468 struct ieee80211com ic = vap->iv_ic; 469* struct ieee80211_channel c; 470* int i; 471 472 for (i = 0; i < ic->ic_nchans; i++) { 473 if (ss->ss_last >= IEEE80211_SCAN_MAX) 474 break; 475 476 c = &ic->ic_channels[i]; 477 /* 478 * Ignore dynamic turbo channels; we scan them 479 * in normal mode (i.e. not boosted). Likewise 480 * for HT channels, they get scanned using 481 * legacy rates. 482 / 483* if (IEEE80211_IS_CHAN_DTURBO(c) \|\| IEEE80211_IS_CHAN_HT(c)) 484 continue; 485 486 /* 487 * If a desired mode was specified, scan only 488 * channels that satisfy that constraint. 489 / 490* if (vap->iv_des_mode != IEEE80211_MODE_AUTO && 491 vap->iv_des_mode != ieee80211_chan2mode(c)) 492 continue; 493 494 /* 495 * Skip channels excluded by user request. 496 / 497* if (isexcluded(vap, c)) 498 continue; 499 500 /* 501 * Add the channel unless it is listed in the 502 * fixed scan order tables. This insures we 503 * don't sweep back in channels we filtered out 504 * above. 505 / 506* if (checktable(table, c)) 507 continue; 508 509 /* Add channel to scanning list. / 510* ss->ss_chans[ss->ss_last++] = c; 511 } 512} 513 514static void 515makescanlist(struct ieee80211_scan_state ss, struct ieee80211vap vap, 516 const struct scanlist table[]) 517{ 518 const struct scanlist scan; 519* enum ieee80211_phymode mode; 520 521 ss->ss_last = 0; 522 /* 523 * Use the table of ordered channels to construct the list 524 * of channels for scanning. Any channels in the ordered 525 * list not in the master list will be discarded. 526 / 527* for (scan = table; scan->list != NULL; scan++) { 528 mode = scan->mode; 529 if (vap->iv_des_mode != IEEE80211_MODE_AUTO) { 530 /* 531 * If a desired mode was specified, scan only 532 * channels that satisfy that constraint. 533 / 534* if (vap->iv_des_mode != mode) { 535 /* 536 * The scan table marks 2.4Ghz channels as b 537 * so if the desired mode is 11g, then use 538 * the 11b channel list but upgrade the mode. 539 / 540* if (vap->iv_des_mode != IEEE80211_MODE_11G \|\| 541 mode != IEEE80211_MODE_11B) 542 continue; 543 mode = IEEE80211_MODE_11G; /* upgrade / 544* } 545 } else { 546 /* 547 * This lets add_channels upgrade an 11b channel 548 * to 11g if available. 549 / 550* if (mode == IEEE80211_MODE_11B) 551 mode = IEEE80211_MODE_AUTO; 552 } 553#ifdef IEEE80211_F_XR 554 /* XR does not operate on turbo channels / 555* if ((vap->iv_flags & IEEE80211_F_XR) && 556 (mode == IEEE80211_MODE_TURBO_A \|\| 557 mode == IEEE80211_MODE_TURBO_G \|\| 558 mode == IEEE80211_MODE_STURBO_A)) 559 continue; 560#endif 561 /* 562 * Add the list of the channels; any that are not 563 * in the master channel list will be discarded. 564 / 565* add_channels(vap, ss, mode, scan->list, scan->count); 566 } 567 568 /* 569 * Add the channels from the ic that are not present 570 * in the table. 571 / 572* sweepchannels(ss, vap, table); 573} 574 575static const uint16_t rcl1[] = /* 8 FCC channel: 52, 56, 60, 64, 36, 40, 44, 48 / 576{ 5260, 5280, 5300, 5320, 5180, 5200, 5220, 5240 }; 577static const uint16_t rcl2[] = / 4 MKK channels: 34, 38, 42, 46 / 578{ 5170, 5190, 5210, 5230 }; 579static const uint16_t rcl3[] = / 2.4Ghz ch: 1,6,11,7,13 / 580{ 2412, 2437, 2462, 2442, 2472 }; 581static const uint16_t rcl4[] = / 5 FCC channel: 149, 153, 161, 165 / 582{ 5745, 5765, 5785, 5805, 5825 }; 583static const uint16_t rcl7[] = / 11 ETSI channel: 100,104,108,112,116,120,124,128,132,136,140 / 584{ 5500, 5520, 5540, 5560, 5580, 5600, 5620, 5640, 5660, 5680, 5700 }; 585static const uint16_t rcl8[] = / 2.4Ghz ch: 2,3,4,5,8,9,10,12 / 586{ 2417, 2422, 2427, 2432, 2447, 2452, 2457, 2467 }; 587static const uint16_t rcl9[] = / 2.4Ghz ch: 14 / 588{ 2484 }; 589static const uint16_t rcl10[] = / Added Korean channels 2312-2372 / 590{ 2312, 2317, 2322, 2327, 2332, 2337, 2342, 2347, 2352, 2357, 2362, 2367, 2372 }; 591static const uint16_t rcl11[] = / Added Japan channels in 4.9/5.0 spectrum / 592{ 5040, 5060, 5080, 4920, 4940, 4960, 4980 }; 593#ifdef ATH_TURBO_SCAN 594static const uint16_t rcl5[] = / 3 static turbo channels / 595{ 5210, 5250, 5290 }; 596static const uint16_t rcl6[] = / 2 static turbo channels / 597{ 5760, 5800 }; 598static const uint16_t rcl6x[] = / 4 FCC3 turbo channels / 599{ 5540, 5580, 5620, 5660 }; 600static const uint16_t rcl12[] = / 2.4Ghz Turbo channel 6 / 601{ 2437 }; 602static const uint16_t rcl13[] = / dynamic Turbo channels / 603{ 5200, 5240, 5280, 5765, 5805 }; 604#endif / ATH_TURBO_SCAN / 605* 606#define X(a) .count = sizeof(a)/sizeof(a[0]), .list = a 607 608static const struct scanlist staScanTable[] = { 609 { IEEE80211_MODE_11B, X(rcl3) }, 610 { IEEE80211_MODE_11A, X(rcl1) }, 611 { IEEE80211_MODE_11A, X(rcl2) }, 612 { IEEE80211_MODE_11B, X(rcl8) }, 613 { IEEE80211_MODE_11B, X(rcl9) }, 614 { IEEE80211_MODE_11A, X(rcl4) }, 615#ifdef ATH_TURBO_SCAN 616 { IEEE80211_MODE_STURBO_A, X(rcl5) }, 617 { IEEE80211_MODE_STURBO_A, X(rcl6) }, 618 { IEEE80211_MODE_TURBO_A, X(rcl6x) }, 619 { IEEE80211_MODE_TURBO_A, X(rcl13) }, 620#endif /* ATH_TURBO_SCAN / 621* { IEEE80211_MODE_11A, X(rcl7) }, 622 { IEEE80211_MODE_11B, X(rcl10) }, 623 { IEEE80211_MODE_11A, X(rcl11) }, 624#ifdef ATH_TURBO_SCAN 625 { IEEE80211_MODE_TURBO_G, X(rcl12) }, 626#endif /* ATH_TURBO_SCAN / 627* { .list = NULL } 628}; 629 630/* 631 * Start a station-mode scan by populating the channel list. 632 / 633static int 634sta_start(struct ieee80211_scan_state ss, struct ieee80211vap vap) 635{ 636* struct sta_table st = ss->ss_priv; 637* 638 makescanlist(ss, vap, staScanTable); 639 640 if (ss->ss_mindwell == 0) 641 ss->ss_mindwell = msecs_to_ticks(20); /* 20ms / 642* if (ss->ss_maxdwell == 0) 643 ss->ss_maxdwell = msecs_to_ticks(200); /* 200ms / 644* 645 st->st_scangen++; 646 st->st_newscan = 1; 647 648 return 0; 649} 650 651/* 652 * Restart a scan, typically a bg scan but can 653 * also be a fg scan that came up empty. 654 / 655static int 656sta_restart(struct ieee80211_scan_state ss, struct ieee80211vap vap) 657{ 658* struct sta_table st = ss->ss_priv; 659* 660 st->st_newscan = 1; 661 return 0; 662} 663 664/* 665 * Cancel an ongoing scan. 666 / 667static int 668sta_cancel(struct ieee80211_scan_state ss, struct ieee80211vap vap) 669{ 670* return 0; 671} 672 673/* unalligned little endian access / 674#define LE_READ_2(p) \ 675* ((uint16_t) \ 676 ((((const uint8_t )(p))[0] ) \| \ 677* (((const uint8_t )(p))[1] << 8))) 678* 679static int 680maxrate(const struct ieee80211_scan_entry se) 681{ 682* const struct ieee80211_ie_htcap htcap = 683* (const struct ieee80211_ie_htcap ) se->se_ies.htcap_ie; 684* int rmax, r, i; 685 uint16_t caps; 686 687 rmax = 0; 688 if (htcap != NULL) { 689 /* 690 * HT station; inspect supported MCS and then adjust 691 * rate by channel width. Could also include short GI 692 * in this if we want to be extra accurate. 693 / 694* /* XXX assumes MCS15 is max / 695* for (i = 15; i >= 0 && isclr(htcap->hc_mcsset, i); i--) 696 ; 697 if (i >= 0) { 698 caps = LE_READ_2(&htcap->hc_cap); 699 /* XXX short/long GI / 700* if (caps & IEEE80211_HTCAP_CHWIDTH40) 701 rmax = ieee80211_htrates[i].ht40_rate_400ns; 702 else 703 rmax = ieee80211_htrates[i].ht40_rate_800ns; 704 } 705 } 706 for (i = 0; i < se->se_rates[1]; i++) { 707 r = se->se_rates[2+i] & IEEE80211_RATE_VAL; 708 if (r > rmax) 709 rmax = r; 710 } 711 for (i = 0; i < se->se_xrates[1]; i++) { 712 r = se->se_xrates[2+i] & IEEE80211_RATE_VAL; 713 if (r > rmax) 714 rmax = r; 715 } 716 return rmax; 717} 718 719/* 720 * Compare the capabilities of two entries and decide which is 721 * more desirable (return >0 if a is considered better). Note 722 * that we assume compatibility/usability has already been checked 723 * so we don't need to (e.g. validate whether privacy is supported). 724 * Used to select the best scan candidate for association in a BSS. 725 / 726static int 727sta_compare(const struct sta_entry a, const struct sta_entry b) 728{ 729#define PREFER(_a,_b,_what) do { \ 730* if (((_a) ^ (_b)) & (_what)) \ 731 return ((_a) & (_what)) ? 1 : -1; \ 732} while (0) 733 int maxa, maxb; 734 int8_t rssia, rssib; 735 int weight; 736 737 /* privacy support / 738* PREFER(a->base.se_capinfo, b->base.se_capinfo, 739 IEEE80211_CAPINFO_PRIVACY); 740 741 /* compare count of previous failures / 742* weight = b->se_fails - a->se_fails; 743 if (abs(weight) > 1) 744 return weight; 745 746 /* 747 * Compare rssi. If the two are considered equivalent 748 * then fallback to other criteria. We threshold the 749 * comparisons to avoid selecting an ap purely by rssi 750 * when both values may be good but one ap is otherwise 751 * more desirable (e.g. an 11b-only ap with stronger 752 * signal than an 11g ap). 753 / 754* rssia = MIN(a->base.se_rssi, STA_RSSI_MAX); 755 rssib = MIN(b->base.se_rssi, STA_RSSI_MAX); 756 if (abs(rssib - rssia) < 5) { 757 /* best/max rate preferred if signal level close enough XXX / 758* maxa = maxrate(&a->base); 759 maxb = maxrate(&b->base); 760 if (maxa != maxb) 761 return maxa - maxb; 762 /* XXX use freq for channel preference / 763* /* for now just prefer 5Ghz band to all other bands / 764* PREFER(IEEE80211_IS_CHAN_5GHZ(a->base.se_chan), 765 IEEE80211_IS_CHAN_5GHZ(b->base.se_chan), 1); 766 } 767 /* all things being equal, use signal level / 768* return a->base.se_rssi - b->base.se_rssi; 769#undef PREFER 770} 771 772/* 773 * Check rate set suitability and return the best supported rate. 774 * XXX inspect MCS for HT 775 / 776static int 777check_rate(struct ieee80211vap vap, const struct ieee80211_scan_entry se) 778{ 779#define RV(v) ((v) & IEEE80211_RATE_VAL) 780* const struct ieee80211_rateset srs; 781* int i, j, nrs, r, okrate, badrate, fixedrate, ucastrate; 782 const uint8_t rs; 783* 784 okrate = badrate = 0; 785 786 srs = ieee80211_get_suprates(vap->iv_ic, se->se_chan); 787 nrs = se->se_rates[1]; 788 rs = se->se_rates+2; 789 /* XXX MCS / 790* ucastrate = vap->iv_txparms[ieee80211_chan2mode(se->se_chan)].ucastrate; 791 fixedrate = IEEE80211_FIXED_RATE_NONE; 792again: 793 for (i = 0; i < nrs; i++) { 794 r = RV(rs[i]); 795 badrate = r; 796 /* 797 * Check any fixed rate is included. 798 / 799* if (r == ucastrate) 800 fixedrate = r; 801 /* 802 * Check against our supported rates. 803 / 804* for (j = 0; j < srs->rs_nrates; j++) 805 if (r == RV(srs->rs_rates[j])) { 806 if (r > okrate) /* NB: track max / 807* okrate = r; 808 break; 809 } 810 811 if (j == srs->rs_nrates && (rs[i] & IEEE80211_RATE_BASIC)) { 812 /* 813 * Don't try joining a BSS, if we don't support 814 * one of its basic rates. 815 / 816* okrate = 0; 817 goto back; 818 } 819 } 820 if (rs == se->se_rates+2) { 821 /* scan xrates too; sort of an algol68-style for loop / 822* nrs = se->se_xrates[1]; 823 rs = se->se_xrates+2; 824 goto again; 825 } 826 827back: 828 if (okrate == 0 \|\| ucastrate != fixedrate) 829 return badrate \| IEEE80211_RATE_BASIC; 830 else 831 return RV(okrate); 832#undef RV 833} 834 835static int 836match_ssid(const uint8_t ie, 837* int nssid, const struct ieee80211_scan_ssid ssids[]) 838{ 839 int i; 840 841 for (i = 0; i < nssid; i++) { 842 if (ie[1] == ssids[i].len && 843 memcmp(ie+2, ssids[i].ssid, ie[1]) == 0) 844 return 1; 845 } 846 return 0; 847} 848 849/* 850 * Test a scan candidate for suitability/compatibility. 851 / 852static int 853match_bss(struct ieee80211vap vap, 854 const struct ieee80211_scan_state ss, struct sta_entry se0, 855 int debug) 856{ 857 struct ieee80211com ic = vap->iv_ic; 858* struct ieee80211_scan_entry se = &se0->base; 859* uint8_t rate; 860 int fail; 861 862 fail = 0; 863 if (isclr(ic->ic_chan_active, ieee80211_chan2ieee(ic, se->se_chan))) 864 fail \|= MATCH_CHANNEL; 865 /* 866 * NB: normally the desired mode is used to construct 867 * the channel list, but it's possible for the scan 868 * cache to include entries for stations outside this 869 * list so we check the desired mode here to weed them 870 * out. 871 / 872* if (vap->iv_des_mode != IEEE80211_MODE_AUTO && 873 (se->se_chan->ic_flags & IEEE80211_CHAN_ALLTURBO) != 874 chanflags[vap->iv_des_mode]) 875 fail \|= MATCH_CHANNEL; 876 if (vap->iv_opmode == IEEE80211_M_IBSS) { 877 if ((se->se_capinfo & IEEE80211_CAPINFO_IBSS) == 0) 878 fail \|= MATCH_CAPINFO; 879 } else { 880 if ((se->se_capinfo & IEEE80211_CAPINFO_ESS) == 0) 881 fail \|= MATCH_CAPINFO; 882 /* 883 * If 11d is enabled and we're attempting to join a bss 884 * that advertises it's country code then compare our 885 * current settings to what we fetched from the country ie. 886 * If our country code is unspecified or different then do 887 * not attempt to join the bss. We should have already 888 * dispatched an event to user space that identifies the 889 * new country code so our regdomain config should match. 890 / 891* if ((IEEE80211_IS_CHAN_11D(se->se_chan) \|\| 892 (vap->iv_flags_ext & IEEE80211_FEXT_DOTD)) && 893 se->se_cc[0] != 0 && 894 (ic->ic_regdomain.country == CTRY_DEFAULT \|\| 895 !isocmp(se->se_cc, ic->ic_regdomain.isocc))) 896 fail \|= MATCH_CC; 897 } 898 if (vap->iv_flags & IEEE80211_F_PRIVACY) { 899 if ((se->se_capinfo & IEEE80211_CAPINFO_PRIVACY) == 0) 900 fail \|= MATCH_PRIVACY; 901 } else { 902 /* XXX does this mean privacy is supported or required? / 903* if (se->se_capinfo & IEEE80211_CAPINFO_PRIVACY) 904 fail \|= MATCH_PRIVACY; 905 } 906 rate = check_rate(vap, se); 907 if (rate & IEEE80211_RATE_BASIC) 908 fail \|= MATCH_RATE; 909 if (ss->ss_nssid != 0 && 910 !match_ssid(se->se_ssid, ss->ss_nssid, ss->ss_ssid)) 911 fail \|= MATCH_SSID; 912 if ((vap->iv_flags & IEEE80211_F_DESBSSID) && 913 !IEEE80211_ADDR_EQ(vap->iv_des_bssid, se->se_bssid)) 914 fail \|= MATCH_BSSID; 915 if (se0->se_fails >= STA_FAILS_MAX) 916 fail \|= MATCH_FAILS; 917 if (se0->se_notseen >= STA_PURGE_SCANS) 918 fail \|= MATCH_NOTSEEN; 919 if (se->se_rssi < STA_RSSI_MIN) 920 fail \|= MATCH_RSSI; 921#ifdef IEEE80211_DEBUG 922 if (ieee80211_msg(vap, debug)) { 923 printf(" %c %s", 924 fail & MATCH_FAILS ? '=' : 925 fail & MATCH_NOTSEEN ? '^' : 926 fail & MATCH_CC ? '$' : 927 fail ? '-' : '+', ether_sprintf(se->se_macaddr)); 928 printf(" %s%c", ether_sprintf(se->se_bssid), 929 fail & MATCH_BSSID ? '!' : ' '); 930 printf(" %3d%c", ieee80211_chan2ieee(ic, se->se_chan), 931 fail & MATCH_CHANNEL ? '!' : ' '); 932 printf(" %+4d%c", se->se_rssi, fail & MATCH_RSSI ? '!' : ' '); 933 printf(" %2dM%c", (rate & IEEE80211_RATE_VAL) / 2, 934 fail & MATCH_RATE ? '!' : ' '); 935 printf(" %4s%c", 936 (se->se_capinfo & IEEE80211_CAPINFO_ESS) ? "ess" : 937 (se->se_capinfo & IEEE80211_CAPINFO_IBSS) ? "ibss" : 938 "????", 939 fail & MATCH_CAPINFO ? '!' : ' '); 940 printf(" %3s%c ", 941 (se->se_capinfo & IEEE80211_CAPINFO_PRIVACY) ? 942 "wep" : "no", 943 fail & MATCH_PRIVACY ? '!' : ' '); 944 ieee80211_print_essid(se->se_ssid+2, se->se_ssid[1]); 945 printf("%s\n", fail & MATCH_SSID ? "!" : ""); 946 } 947#endif 948 return fail; 949} 950 951static void 952sta_update_notseen(struct sta_table st) 953{ 954* struct sta_entry se; 955* 956 mtx_lock(&st->st_lock); 957 TAILQ_FOREACH(se, &st->st_entry, se_list) { 958 /* 959 * If seen the reset and don't bump the count; 960 * otherwise bump the ``not seen'' count. Note 961 * that this insures that stations for which we 962 * see frames while not scanning but not during 963 * this scan will not be penalized. 964 / 965* if (se->se_seen) 966 se->se_seen = 0; 967 else 968 se->se_notseen++; 969 } 970 mtx_unlock(&st->st_lock); 971} 972 973static void 974sta_dec_fails(struct sta_table st) 975{ 976* struct sta_entry se; 977* 978 mtx_lock(&st->st_lock); 979 TAILQ_FOREACH(se, &st->st_entry, se_list) 980 if (se->se_fails) 981 se->se_fails--; 982 mtx_unlock(&st->st_lock); 983} 984 985static struct sta_entry * 986select_bss(struct ieee80211_scan_state ss, struct ieee80211vap vap, int debug) 987{ 988 struct sta_table st = ss->ss_priv; 989* struct sta_entry se, selbs = NULL; 990 991 IEEE80211_DPRINTF(vap, debug, " %s\n", 992 "macaddr bssid chan rssi rate flag wep essid"); 993 mtx_lock(&st->st_lock); 994 TAILQ_FOREACH(se, &st->st_entry, se_list) { 995 if (match_bss(vap, ss, se, debug) == 0) { 996 ieee80211_ies_expand(&se->base.se_ies); 997 if (selbs == NULL) 998 selbs = se; 999 else if (sta_compare(se, selbs) > 0) 1000 selbs = se; 1001 } 1002 } 1003 mtx_unlock(&st->st_lock); 1004 1005 return selbs; 1006} 1007 1008/* 1009 * Pick an ap or ibss network to join or find a channel 1010 * to use to start an ibss network. 1011 / 1012static int 1013sta_pick_bss(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1014{ 1015* struct sta_table st = ss->ss_priv; 1016* struct sta_entry selbs; 1017* 1018 KASSERT(vap->iv_opmode == IEEE80211_M_STA, 1019 ("wrong mode %u", vap->iv_opmode)); 1020 1021 if (st->st_newscan) { 1022 sta_update_notseen(st); 1023 st->st_newscan = 0; 1024 } 1025 if (ss->ss_flags & IEEE80211_SCAN_NOPICK) { 1026 /* 1027 * Manual/background scan, don't select+join the 1028 * bss, just return. The scanning framework will 1029 * handle notification that this has completed. 1030 / 1031* ss->ss_flags &= ~IEEE80211_SCAN_NOPICK; 1032 return 1; 1033 } 1034 /* 1035 * Automatic sequencing; look for a candidate and 1036 * if found join the network. 1037 / 1038* /* NB: unlocked read should be ok / 1039* if (TAILQ_FIRST(&st->st_entry) == NULL) { 1040 IEEE80211_DPRINTF(vap, IEEE80211_MSG_SCAN, 1041 "%s: no scan candidate\n", __func__); 1042 if (ss->ss_flags & IEEE80211_SCAN_NOJOIN) 1043 return 0; 1044notfound: 1045 /* 1046 * If nothing suitable was found decrement 1047 * the failure counts so entries will be 1048 * reconsidered the next time around. We 1049 * really want to do this only for sta's 1050 * where we've previously had some success. 1051 / 1052* sta_dec_fails(st); 1053 st->st_newscan = 1; 1054 return 0; /* restart scan / 1055* } 1056 selbs = select_bss(ss, vap, IEEE80211_MSG_SCAN); 1057 if (ss->ss_flags & IEEE80211_SCAN_NOJOIN) 1058 return (selbs != NULL); 1059 if (selbs == NULL \|\| !ieee80211_sta_join(vap, &selbs->base)) 1060 goto notfound; 1061 return 1; /* terminate scan / 1062} 1063* 1064/* 1065 * Lookup an entry in the scan cache. We assume we're 1066 * called from the bottom half or such that we don't need 1067 * to block the bottom half so that it's safe to return 1068 * a reference to an entry w/o holding the lock on the table. 1069 / 1070static struct sta_entry 1071sta_lookup(struct sta_table st, const uint8_t macaddr[IEEE80211_ADDR_LEN]) 1072{ 1073* struct sta_entry se; 1074* int hash = STA_HASH(macaddr); 1075 1076 mtx_lock(&st->st_lock); 1077 LIST_FOREACH(se, &st->st_hash[hash], se_hash) 1078 if (IEEE80211_ADDR_EQ(se->base.se_macaddr, macaddr)) 1079 break; 1080 mtx_unlock(&st->st_lock); 1081 1082 return se; /* NB: unlocked / 1083} 1084* 1085static void 1086sta_roam_check(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1087{ 1088 struct ieee80211com ic = vap->iv_ic; 1089* struct ieee80211_node ni = vap->iv_bss; 1090* struct sta_table st = ss->ss_priv; 1091* enum ieee80211_phymode mode; 1092 struct sta_entry se, selbs; 1093 uint8_t roamRate, curRate, ucastRate; 1094 int8_t roamRssi, curRssi; 1095 1096 se = sta_lookup(st, ni->ni_macaddr); 1097 if (se == NULL) { 1098 /* XXX something is wrong / 1099* return; 1100 } 1101 1102 mode = ieee80211_chan2mode(ic->ic_bsschan); 1103 roamRate = vap->iv_roamparms[mode].rate; 1104 roamRssi = vap->iv_roamparms[mode].rssi; 1105 ucastRate = vap->iv_txparms[mode].ucastrate; 1106 /* NB: the most up to date rssi is in the node, not the scan cache / 1107* curRssi = ic->ic_node_getrssi(ni); 1108 if (ucastRate == IEEE80211_FIXED_RATE_NONE) { 1109 curRate = ni->ni_txrate; 1110 roamRate &= IEEE80211_RATE_VAL; 1111 IEEE80211_DPRINTF(vap, IEEE80211_MSG_ROAM, 1112 "%s: currssi %d currate %u roamrssi %d roamrate %u\n", 1113 __func__, curRssi, curRate, roamRssi, roamRate); 1114 } else { 1115 curRate = roamRate; /* NB: insure compare below fails / 1116* IEEE80211_DPRINTF(vap, IEEE80211_MSG_ROAM, 1117 "%s: currssi %d roamrssi %d\n", __func__, curRssi, roamRssi); 1118 } 1119 /* 1120 * Check if a new ap should be used and switch. 1121 * XXX deauth current ap 1122 / 1123* if (curRate < roamRate \|\| curRssi < roamRssi) { 1124 if (time_after(ticks, ic->ic_lastscan + vap->iv_scanvalid)) { 1125 /* 1126 * Scan cache contents are too old; force a scan now 1127 * if possible so we have current state to make a 1128 * decision with. We don't kick off a bg scan if 1129 * we're using dynamic turbo and boosted or if the 1130 * channel is busy. 1131 * XXX force immediate switch on scan complete 1132 / 1133* if (!IEEE80211_IS_CHAN_DTURBO(ic->ic_curchan) && 1134 time_after(ticks, ic->ic_lastdata + vap->iv_bgscanidle)) 1135 ieee80211_bg_scan(vap, 0); 1136 return; 1137 } 1138 se->base.se_rssi = curRssi; 1139 selbs = select_bss(ss, vap, IEEE80211_MSG_ROAM); 1140 if (selbs != NULL && selbs != se) { 1141 IEEE80211_DPRINTF(vap, 1142 IEEE80211_MSG_ROAM \| IEEE80211_MSG_DEBUG, 1143 "%s: ROAM: curRate %u, roamRate %u, " 1144 "curRssi %d, roamRssi %d\n", __func__, 1145 curRate, roamRate, curRssi, roamRssi); 1146 ieee80211_sta_join(vap, &selbs->base); 1147 } 1148 } 1149} 1150 1151/* 1152 * Age entries in the scan cache. 1153 * XXX also do roaming since it's convenient 1154 / 1155static void 1156sta_age(struct ieee80211_scan_state ss) 1157{ 1158 struct ieee80211vap vap = ss->ss_vap; 1159* 1160 adhoc_age(ss); 1161 /* 1162 * If rate control is enabled check periodically to see if 1163 * we should roam from our current connection to one that 1164 * might be better. This only applies when we're operating 1165 * in sta mode and automatic roaming is set. 1166 * XXX defer if busy 1167 * XXX repeater station 1168 * XXX do when !bgscan? 1169 / 1170* KASSERT(vap->iv_opmode == IEEE80211_M_STA, 1171 ("wrong mode %u", vap->iv_opmode)); 1172 if (vap->iv_roaming == IEEE80211_ROAMING_AUTO && 1173 (vap->iv_ic->ic_flags & IEEE80211_F_BGSCAN) && 1174 vap->iv_state >= IEEE80211_S_RUN) 1175 /* XXX vap is implicit / 1176* sta_roam_check(ss, vap); 1177} 1178 1179/* 1180 * Iterate over the entries in the scan cache, invoking 1181 * the callback function on each one. 1182 / 1183static void 1184sta_iterate(struct ieee80211_scan_state ss, 1185 ieee80211_scan_iter_func f, void arg) 1186{ 1187 struct sta_table st = ss->ss_priv; 1188* struct sta_entry se; 1189* u_int gen; 1190 1191 mtx_lock(&st->st_scanlock); 1192 gen = st->st_scaniter++; 1193restart: 1194 mtx_lock(&st->st_lock); 1195 TAILQ_FOREACH(se, &st->st_entry, se_list) { 1196 if (se->se_scangen != gen) { 1197 se->se_scangen = gen; 1198 /* update public state / 1199* se->base.se_age = ticks - se->se_lastupdate; 1200 mtx_unlock(&st->st_lock); 1201 (f)(arg, &se->base); 1202* goto restart; 1203 } 1204 } 1205 mtx_unlock(&st->st_lock); 1206 1207 mtx_unlock(&st->st_scanlock); 1208} 1209 1210static void 1211sta_assoc_fail(struct ieee80211_scan_state ss, 1212* const uint8_t macaddr[IEEE80211_ADDR_LEN], int reason) 1213{ 1214 struct sta_table st = ss->ss_priv; 1215* struct sta_entry se; 1216* 1217 se = sta_lookup(st, macaddr); 1218 if (se != NULL) { 1219 se->se_fails++; 1220 se->se_lastfail = ticks; 1221 IEEE80211_NOTE_MAC(ss->ss_vap, IEEE80211_MSG_SCAN, 1222 macaddr, "%s: reason %u fails %u", 1223 __func__, reason, se->se_fails); 1224 } 1225} 1226 1227static void 1228sta_assoc_success(struct ieee80211_scan_state ss, 1229* const uint8_t macaddr[IEEE80211_ADDR_LEN]) 1230{ 1231 struct sta_table st = ss->ss_priv; 1232* struct sta_entry se; 1233* 1234 se = sta_lookup(st, macaddr); 1235 if (se != NULL) { 1236#if 0 1237 se->se_fails = 0; 1238 IEEE80211_NOTE_MAC(ss->ss_vap, IEEE80211_MSG_SCAN, 1239 macaddr, "%s: fails %u", 1240 __func__, se->se_fails); 1241#endif 1242 se->se_lastassoc = ticks; 1243 } 1244} 1245 1246static const struct ieee80211_scanner sta_default = { 1247 .scan_name = "default", 1248 .scan_attach = sta_attach, 1249 .scan_detach = sta_detach, 1250 .scan_start = sta_start, 1251 .scan_restart = sta_restart, 1252 .scan_cancel = sta_cancel, 1253 .scan_end = sta_pick_bss, 1254 .scan_flush = sta_flush, 1255 .scan_add = sta_add, 1256 .scan_age = sta_age, 1257 .scan_iterate = sta_iterate, 1258 .scan_assoc_fail = sta_assoc_fail, 1259 .scan_assoc_success = sta_assoc_success, 1260}; 1261 1262/* 1263 * Adhoc mode-specific support. 1264 / 1265* 1266static const uint16_t adhocWorld[] = /* 36, 40, 44, 48 / 1267{ 5180, 5200, 5220, 5240 }; 1268static const uint16_t adhocFcc3[] = / 36, 40, 44, 48 145, 149, 153, 157, 161, 165 / 1269{ 5180, 5200, 5220, 5240, 5725, 5745, 5765, 5785, 5805, 5825 }; 1270static const uint16_t adhocMkk[] = / 34, 38, 42, 46 / 1271{ 5170, 5190, 5210, 5230 }; 1272static const uint16_t adhoc11b[] = / 10, 11 / 1273{ 2457, 2462 }; 1274* 1275static const struct scanlist adhocScanTable[] = { 1276 { IEEE80211_MODE_11B, X(adhoc11b) }, 1277 { IEEE80211_MODE_11A, X(adhocWorld) }, 1278 { IEEE80211_MODE_11A, X(adhocFcc3) }, 1279 { IEEE80211_MODE_11B, X(adhocMkk) }, 1280 { .list = NULL } 1281}; 1282#undef X 1283 1284/* 1285 * Start an adhoc-mode scan by populating the channel list. 1286 / 1287static int 1288adhoc_start(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1289{ 1290* struct sta_table st = ss->ss_priv; 1291* 1292 makescanlist(ss, vap, adhocScanTable); 1293 1294 if (ss->ss_mindwell == 0) 1295 ss->ss_mindwell = msecs_to_ticks(200); /* 200ms / 1296* if (ss->ss_maxdwell == 0) 1297 ss->ss_maxdwell = msecs_to_ticks(200); /* 200ms / 1298* 1299 st->st_scangen++; 1300 st->st_newscan = 1; 1301 1302 return 0; 1303} 1304 1305/* 1306 * Select a channel to start an adhoc network on. 1307 * The channel list was populated with appropriate 1308 * channels so select one that looks least occupied. 1309 / 1310static struct ieee80211_channel 1311adhoc_pick_channel(struct ieee80211_scan_state ss, int flags) 1312{ 1313* struct sta_table st = ss->ss_priv; 1314* struct sta_entry se; 1315* struct ieee80211_channel c, bestchan; 1316 int i, bestrssi, maxrssi; 1317 1318 bestchan = NULL; 1319 bestrssi = -1; 1320 1321 mtx_lock(&st->st_lock); 1322 for (i = 0; i < ss->ss_last; i++) { 1323 c = ss->ss_chans[i]; 1324 /* never consider a channel with radar / 1325* if (IEEE80211_IS_CHAN_RADAR(c)) 1326 continue; 1327 /* skip channels disallowed by regulatory settings / 1328* if (IEEE80211_IS_CHAN_NOADHOC(c)) 1329 continue; 1330 /* check channel attributes for band compatibility / 1331* if (flags != 0 && (c->ic_flags & flags) != flags) 1332 continue; 1333 maxrssi = 0; 1334 TAILQ_FOREACH(se, &st->st_entry, se_list) { 1335 if (se->base.se_chan != c) 1336 continue; 1337 if (se->base.se_rssi > maxrssi) 1338 maxrssi = se->base.se_rssi; 1339 } 1340 if (bestchan == NULL \|\| maxrssi < bestrssi) 1341 bestchan = c; 1342 } 1343 mtx_unlock(&st->st_lock); 1344 1345 return bestchan; 1346} 1347 1348/* 1349 * Pick an ibss network to join or find a channel 1350 * to use to start an ibss network. 1351 / 1352static int 1353adhoc_pick_bss(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1354{ 1355* struct sta_table st = ss->ss_priv; 1356* struct sta_entry selbs; 1357* struct ieee80211_channel chan; 1358* 1359 KASSERT(vap->iv_opmode == IEEE80211_M_IBSS \|\| 1360 vap->iv_opmode == IEEE80211_M_AHDEMO, 1361 ("wrong opmode %u", vap->iv_opmode)); 1362 1363 if (st->st_newscan) { 1364 sta_update_notseen(st); 1365 st->st_newscan = 0; 1366 } 1367 if (ss->ss_flags & IEEE80211_SCAN_NOPICK) { 1368 /* 1369 * Manual/background scan, don't select+join the 1370 * bss, just return. The scanning framework will 1371 * handle notification that this has completed. 1372 / 1373* ss->ss_flags &= ~IEEE80211_SCAN_NOPICK; 1374 return 1; 1375 } 1376 /* 1377 * Automatic sequencing; look for a candidate and 1378 * if found join the network. 1379 / 1380* /* NB: unlocked read should be ok / 1381* if (TAILQ_FIRST(&st->st_entry) == NULL) { 1382 IEEE80211_DPRINTF(vap, IEEE80211_MSG_SCAN, 1383 "%s: no scan candidate\n", __func__); 1384 if (ss->ss_flags & IEEE80211_SCAN_NOJOIN) 1385 return 0; 1386notfound: 1387 if (vap->iv_des_nssid) { 1388 /* 1389 * No existing adhoc network to join and we have 1390 * an ssid; start one up. If no channel was 1391 * specified, try to select a channel. 1392 / 1393* if (vap->iv_des_chan == IEEE80211_CHAN_ANYC \|\| 1394 IEEE80211_IS_CHAN_RADAR(vap->iv_des_chan)) { 1395 struct ieee80211com ic = vap->iv_ic; 1396* 1397 chan = adhoc_pick_channel(ss, 0); 1398 if (chan != NULL) 1399 chan = ieee80211_ht_adjust_channel(ic, 1400 chan, vap->iv_flags_ext); 1401 } else 1402 chan = vap->iv_des_chan; 1403 if (chan != NULL) { 1404 ieee80211_create_ibss(vap, chan); 1405 return 1; 1406 } 1407 } 1408 /* 1409 * If nothing suitable was found decrement 1410 * the failure counts so entries will be 1411 * reconsidered the next time around. We 1412 * really want to do this only for sta's 1413 * where we've previously had some success. 1414 / 1415* sta_dec_fails(st); 1416 st->st_newscan = 1; 1417 return 0; /* restart scan / 1418* } 1419 selbs = select_bss(ss, vap, IEEE80211_MSG_SCAN); 1420 if (ss->ss_flags & IEEE80211_SCAN_NOJOIN) 1421 return (selbs != NULL); 1422 if (selbs == NULL \|\| !ieee80211_sta_join(vap, &selbs->base)) 1423 goto notfound; 1424 return 1; /* terminate scan / 1425} 1426* 1427/* 1428 * Age entries in the scan cache. 1429 / 1430static void 1431adhoc_age(struct ieee80211_scan_state ss) 1432{ 1433 struct sta_table st = ss->ss_priv; 1434* struct sta_entry se, next; 1435 1436 mtx_lock(&st->st_lock); 1437 TAILQ_FOREACH_SAFE(se, &st->st_entry, se_list, next) { 1438 if (se->se_notseen > STA_PURGE_SCANS) { 1439 TAILQ_REMOVE(&st->st_entry, se, se_list); 1440 LIST_REMOVE(se, se_hash); 1441 ieee80211_ies_cleanup(&se->base.se_ies);
1442 free(se, M_80211_SCAN);	1442 FREE(se, M_80211_SCAN);
1443 } 1444 } 1445 mtx_unlock(&st->st_lock); 1446} 1447 1448static const struct ieee80211_scanner adhoc_default = { 1449 .scan_name = "default", 1450 .scan_attach = sta_attach, 1451 .scan_detach = sta_detach, 1452 .scan_start = adhoc_start, 1453 .scan_restart = sta_restart, 1454 .scan_cancel = sta_cancel, 1455 .scan_end = adhoc_pick_bss, 1456 .scan_flush = sta_flush, 1457 .scan_pickchan = adhoc_pick_channel, 1458 .scan_add = sta_add, 1459 .scan_age = adhoc_age, 1460 .scan_iterate = sta_iterate, 1461 .scan_assoc_fail = sta_assoc_fail, 1462 .scan_assoc_success = sta_assoc_success, 1463}; 1464 1465static void 1466ap_force_promisc(struct ieee80211com ic) 1467{ 1468* struct ifnet ifp = ic->ic_ifp; 1469* 1470 IEEE80211_LOCK(ic); 1471 /* set interface into promiscuous mode / 1472* ifp->if_flags \|= IFF_PROMISC; 1473 ic->ic_update_promisc(ifp); 1474 IEEE80211_UNLOCK(ic); 1475} 1476 1477static void 1478ap_reset_promisc(struct ieee80211com ic) 1479{ 1480* IEEE80211_LOCK(ic); 1481 ieee80211_syncifflag_locked(ic, IFF_PROMISC); 1482 IEEE80211_UNLOCK(ic); 1483} 1484 1485static int 1486ap_start(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1487{ 1488 struct sta_table st = ss->ss_priv; 1489* 1490 makescanlist(ss, vap, staScanTable); 1491 1492 if (ss->ss_mindwell == 0) 1493 ss->ss_mindwell = msecs_to_ticks(200); /* 200ms / 1494* if (ss->ss_maxdwell == 0) 1495 ss->ss_maxdwell = msecs_to_ticks(200); /* 200ms / 1496* 1497 st->st_scangen++; 1498 st->st_newscan = 1; 1499 1500 ap_force_promisc(vap->iv_ic); 1501 return 0; 1502} 1503 1504/* 1505 * Cancel an ongoing scan. 1506 / 1507static int 1508ap_cancel(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1509{ 1510* ap_reset_promisc(vap->iv_ic); 1511 return 0; 1512} 1513 1514/* 1515 * Pick a quiet channel to use for ap operation. 1516 / 1517static struct ieee80211_channel 1518ap_pick_channel(struct ieee80211_scan_state ss, int flags) 1519{ 1520* struct sta_table st = ss->ss_priv; 1521* struct ieee80211_channel bestchan = NULL; 1522* int i; 1523 1524 /* XXX select channel more intelligently, e.g. channel spread, power / 1525* /* NB: use scan list order to preserve channel preference / 1526* for (i = 0; i < ss->ss_last; i++) { 1527 struct ieee80211_channel chan = ss->ss_chans[i]; 1528* /* 1529 * If the channel is unoccupied the max rssi 1530 * should be zero; just take it. Otherwise 1531 * track the channel with the lowest rssi and 1532 * use that when all channels appear occupied. 1533 / 1534* if (IEEE80211_IS_CHAN_RADAR(chan)) 1535 continue; 1536 if (IEEE80211_IS_CHAN_NOHOSTAP(chan)) 1537 continue; 1538 /* check channel attributes for band compatibility / 1539* if (flags != 0 && (chan->ic_flags & flags) != flags) 1540 continue; 1541 /* XXX channel have interference / 1542* if (st->st_maxrssi[chan->ic_ieee] == 0) { 1543 /* XXX use other considerations / 1544* return chan; 1545 } 1546 if (bestchan == NULL \|\| 1547 st->st_maxrssi[chan->ic_ieee] < st->st_maxrssi[bestchan->ic_ieee]) 1548 bestchan = chan; 1549 } 1550 return bestchan; 1551} 1552 1553/* 1554 * Pick a quiet channel to use for ap operation. 1555 / 1556static int 1557ap_end(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1558{ 1559* struct ieee80211com ic = vap->iv_ic; 1560* struct ieee80211_channel bestchan; 1561* 1562 KASSERT(vap->iv_opmode == IEEE80211_M_HOSTAP, 1563 ("wrong opmode %u", vap->iv_opmode)); 1564 bestchan = ap_pick_channel(ss, 0); 1565 if (bestchan == NULL) { 1566 /* no suitable channel, should not happen / 1567* IEEE80211_DPRINTF(vap, IEEE80211_MSG_SCAN, 1568 "%s: no suitable channel! (should not happen)\n", __func__); 1569 /* XXX print something? / 1570* return 0; /* restart scan / 1571* } 1572 /* 1573 * If this is a dynamic turbo channel, start with the unboosted one. 1574 / 1575* if (IEEE80211_IS_CHAN_TURBO(bestchan)) { 1576 bestchan = ieee80211_find_channel(ic, bestchan->ic_freq, 1577 bestchan->ic_flags & ~IEEE80211_CHAN_TURBO); 1578 if (bestchan == NULL) { 1579 /* should never happen ?? / 1580* return 0; 1581 } 1582 } 1583 ap_reset_promisc(ic); 1584 if (ss->ss_flags & (IEEE80211_SCAN_NOPICK \| IEEE80211_SCAN_NOJOIN)) { 1585 /* 1586 * Manual/background scan, don't select+join the 1587 * bss, just return. The scanning framework will 1588 * handle notification that this has completed. 1589 / 1590* ss->ss_flags &= ~IEEE80211_SCAN_NOPICK; 1591 return 1; 1592 } 1593 ieee80211_create_ibss(vap, 1594 ieee80211_ht_adjust_channel(ic, bestchan, vap->iv_flags_ext)); 1595 return 1; 1596} 1597 1598static const struct ieee80211_scanner ap_default = { 1599 .scan_name = "default", 1600 .scan_attach = sta_attach, 1601 .scan_detach = sta_detach, 1602 .scan_start = ap_start, 1603 .scan_restart = sta_restart, 1604 .scan_cancel = ap_cancel, 1605 .scan_end = ap_end, 1606 .scan_flush = sta_flush, 1607 .scan_pickchan = ap_pick_channel, 1608 .scan_add = sta_add, 1609 .scan_age = adhoc_age, 1610 .scan_iterate = sta_iterate, 1611 .scan_assoc_success = sta_assoc_success, 1612 .scan_assoc_fail = sta_assoc_fail, 1613}; 1614 1615/* 1616 * Module glue. 1617 / 1618IEEE80211_SCANNER_MODULE(sta, 1); 1619IEEE80211_SCANNER_ALG(sta, IEEE80211_M_STA, sta_default); 1620IEEE80211_SCANNER_ALG(ibss, IEEE80211_M_IBSS, adhoc_default); 1621IEEE80211_SCANNER_ALG(ahdemo, IEEE80211_M_AHDEMO, adhoc_default); 1622*IEEE80211_SCANNER_ALG(ap, IEEE80211_M_HOSTAP, ap_default);	1443 } 1444 } 1445 mtx_unlock(&st->st_lock); 1446} 1447 1448static const struct ieee80211_scanner adhoc_default = { 1449 .scan_name = "default", 1450 .scan_attach = sta_attach, 1451 .scan_detach = sta_detach, 1452 .scan_start = adhoc_start, 1453 .scan_restart = sta_restart, 1454 .scan_cancel = sta_cancel, 1455 .scan_end = adhoc_pick_bss, 1456 .scan_flush = sta_flush, 1457 .scan_pickchan = adhoc_pick_channel, 1458 .scan_add = sta_add, 1459 .scan_age = adhoc_age, 1460 .scan_iterate = sta_iterate, 1461 .scan_assoc_fail = sta_assoc_fail, 1462 .scan_assoc_success = sta_assoc_success, 1463}; 1464 1465static void 1466ap_force_promisc(struct ieee80211com ic) 1467{ 1468* struct ifnet ifp = ic->ic_ifp; 1469* 1470 IEEE80211_LOCK(ic); 1471 /* set interface into promiscuous mode / 1472* ifp->if_flags \|= IFF_PROMISC; 1473 ic->ic_update_promisc(ifp); 1474 IEEE80211_UNLOCK(ic); 1475} 1476 1477static void 1478ap_reset_promisc(struct ieee80211com ic) 1479{ 1480* IEEE80211_LOCK(ic); 1481 ieee80211_syncifflag_locked(ic, IFF_PROMISC); 1482 IEEE80211_UNLOCK(ic); 1483} 1484 1485static int 1486ap_start(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1487{ 1488 struct sta_table st = ss->ss_priv; 1489* 1490 makescanlist(ss, vap, staScanTable); 1491 1492 if (ss->ss_mindwell == 0) 1493 ss->ss_mindwell = msecs_to_ticks(200); /* 200ms / 1494* if (ss->ss_maxdwell == 0) 1495 ss->ss_maxdwell = msecs_to_ticks(200); /* 200ms / 1496* 1497 st->st_scangen++; 1498 st->st_newscan = 1; 1499 1500 ap_force_promisc(vap->iv_ic); 1501 return 0; 1502} 1503 1504/* 1505 * Cancel an ongoing scan. 1506 / 1507static int 1508ap_cancel(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1509{ 1510* ap_reset_promisc(vap->iv_ic); 1511 return 0; 1512} 1513 1514/* 1515 * Pick a quiet channel to use for ap operation. 1516 / 1517static struct ieee80211_channel 1518ap_pick_channel(struct ieee80211_scan_state ss, int flags) 1519{ 1520* struct sta_table st = ss->ss_priv; 1521* struct ieee80211_channel bestchan = NULL; 1522* int i; 1523 1524 /* XXX select channel more intelligently, e.g. channel spread, power / 1525* /* NB: use scan list order to preserve channel preference / 1526* for (i = 0; i < ss->ss_last; i++) { 1527 struct ieee80211_channel chan = ss->ss_chans[i]; 1528* /* 1529 * If the channel is unoccupied the max rssi 1530 * should be zero; just take it. Otherwise 1531 * track the channel with the lowest rssi and 1532 * use that when all channels appear occupied. 1533 / 1534* if (IEEE80211_IS_CHAN_RADAR(chan)) 1535 continue; 1536 if (IEEE80211_IS_CHAN_NOHOSTAP(chan)) 1537 continue; 1538 /* check channel attributes for band compatibility / 1539* if (flags != 0 && (chan->ic_flags & flags) != flags) 1540 continue; 1541 /* XXX channel have interference / 1542* if (st->st_maxrssi[chan->ic_ieee] == 0) { 1543 /* XXX use other considerations / 1544* return chan; 1545 } 1546 if (bestchan == NULL \|\| 1547 st->st_maxrssi[chan->ic_ieee] < st->st_maxrssi[bestchan->ic_ieee]) 1548 bestchan = chan; 1549 } 1550 return bestchan; 1551} 1552 1553/* 1554 * Pick a quiet channel to use for ap operation. 1555 / 1556static int 1557ap_end(struct ieee80211_scan_state ss, struct ieee80211vap vap) 1558{ 1559* struct ieee80211com ic = vap->iv_ic; 1560* struct ieee80211_channel bestchan; 1561* 1562 KASSERT(vap->iv_opmode == IEEE80211_M_HOSTAP, 1563 ("wrong opmode %u", vap->iv_opmode)); 1564 bestchan = ap_pick_channel(ss, 0); 1565 if (bestchan == NULL) { 1566 /* no suitable channel, should not happen / 1567* IEEE80211_DPRINTF(vap, IEEE80211_MSG_SCAN, 1568 "%s: no suitable channel! (should not happen)\n", __func__); 1569 /* XXX print something? / 1570* return 0; /* restart scan / 1571* } 1572 /* 1573 * If this is a dynamic turbo channel, start with the unboosted one. 1574 / 1575* if (IEEE80211_IS_CHAN_TURBO(bestchan)) { 1576 bestchan = ieee80211_find_channel(ic, bestchan->ic_freq, 1577 bestchan->ic_flags & ~IEEE80211_CHAN_TURBO); 1578 if (bestchan == NULL) { 1579 /* should never happen ?? / 1580* return 0; 1581 } 1582 } 1583 ap_reset_promisc(ic); 1584 if (ss->ss_flags & (IEEE80211_SCAN_NOPICK \| IEEE80211_SCAN_NOJOIN)) { 1585 /* 1586 * Manual/background scan, don't select+join the 1587 * bss, just return. The scanning framework will 1588 * handle notification that this has completed. 1589 / 1590* ss->ss_flags &= ~IEEE80211_SCAN_NOPICK; 1591 return 1; 1592 } 1593 ieee80211_create_ibss(vap, 1594 ieee80211_ht_adjust_channel(ic, bestchan, vap->iv_flags_ext)); 1595 return 1; 1596} 1597 1598static const struct ieee80211_scanner ap_default = { 1599 .scan_name = "default", 1600 .scan_attach = sta_attach, 1601 .scan_detach = sta_detach, 1602 .scan_start = ap_start, 1603 .scan_restart = sta_restart, 1604 .scan_cancel = ap_cancel, 1605 .scan_end = ap_end, 1606 .scan_flush = sta_flush, 1607 .scan_pickchan = ap_pick_channel, 1608 .scan_add = sta_add, 1609 .scan_age = adhoc_age, 1610 .scan_iterate = sta_iterate, 1611 .scan_assoc_success = sta_assoc_success, 1612 .scan_assoc_fail = sta_assoc_fail, 1613}; 1614 1615/* 1616 * Module glue. 1617 / 1618IEEE80211_SCANNER_MODULE(sta, 1); 1619IEEE80211_SCANNER_ALG(sta, IEEE80211_M_STA, sta_default); 1620IEEE80211_SCANNER_ALG(ibss, IEEE80211_M_IBSS, adhoc_default); 1621IEEE80211_SCANNER_ALG(ahdemo, IEEE80211_M_AHDEMO, adhoc_default); 1622*IEEE80211_SCANNER_ALG(ap, IEEE80211_M_HOSTAP, ap_default);