ieee80211_hwmp.c revision 234889
1/*- 2 * Copyright (c) 2009 The FreeBSD Foundation 3 * All rights reserved. 4 * 5 * This software was developed by Rui Paulo under sponsorship from the 6 * FreeBSD Foundation. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29#include <sys/cdefs.h> 30#ifdef __FreeBSD__ 31__FBSDID("$FreeBSD: head/sys/net80211/ieee80211_hwmp.c 234889 2012-05-01 16:11:47Z monthadar $"); 32#endif 33 34/* 35 * IEEE 802.11s Hybrid Wireless Mesh Protocol, HWMP. 36 * 37 * Based on March 2009, D3.0 802.11s draft spec. 38 */ 39#include "opt_inet.h" 40#include "opt_wlan.h" 41 42#include <sys/param.h> 43#include <sys/systm.h> 44#include <sys/mbuf.h> 45#include <sys/malloc.h> 46#include <sys/kernel.h> 47 48#include <sys/socket.h> 49#include <sys/sockio.h> 50#include <sys/endian.h> 51#include <sys/errno.h> 52#include <sys/proc.h> 53#include <sys/sysctl.h> 54 55#include <net/if.h> 56#include <net/if_media.h> 57#include <net/if_llc.h> 58#include <net/ethernet.h> 59 60#include <net/bpf.h> 61 62#include <net80211/ieee80211_var.h> 63#include <net80211/ieee80211_action.h> 64#include <net80211/ieee80211_input.h> 65#include <net80211/ieee80211_mesh.h> 66 67static void hwmp_vattach(struct ieee80211vap *); 68static void hwmp_vdetach(struct ieee80211vap *); 69static int hwmp_newstate(struct ieee80211vap *, 70 enum ieee80211_state, int); 71static int hwmp_send_action(struct ieee80211_node *, 72 const uint8_t [IEEE80211_ADDR_LEN], 73 const uint8_t [IEEE80211_ADDR_LEN], 74 uint8_t *, size_t); 75static uint8_t * hwmp_add_meshpreq(uint8_t *, 76 const struct ieee80211_meshpreq_ie *); 77static uint8_t * hwmp_add_meshprep(uint8_t *, 78 const struct ieee80211_meshprep_ie *); 79static uint8_t * hwmp_add_meshperr(uint8_t *, 80 const struct ieee80211_meshperr_ie *); 81static uint8_t * hwmp_add_meshrann(uint8_t *, 82 const struct ieee80211_meshrann_ie *); 83static void hwmp_rootmode_setup(struct ieee80211vap *); 84static void hwmp_rootmode_cb(void *); 85static void hwmp_rootmode_rann_cb(void *); 86static void hwmp_recv_preq(struct ieee80211vap *, struct ieee80211_node *, 87 const struct ieee80211_frame *, 88 const struct ieee80211_meshpreq_ie *); 89static int hwmp_send_preq(struct ieee80211_node *, 90 const uint8_t [IEEE80211_ADDR_LEN], 91 const uint8_t [IEEE80211_ADDR_LEN], 92 struct ieee80211_meshpreq_ie *, 93 struct timeval *, struct timeval *); 94static void hwmp_recv_prep(struct ieee80211vap *, struct ieee80211_node *, 95 const struct ieee80211_frame *, 96 const struct ieee80211_meshprep_ie *); 97static int hwmp_send_prep(struct ieee80211_node *, 98 const uint8_t [IEEE80211_ADDR_LEN], 99 const uint8_t [IEEE80211_ADDR_LEN], 100 struct ieee80211_meshprep_ie *); 101static void hwmp_recv_perr(struct ieee80211vap *, struct ieee80211_node *, 102 const struct ieee80211_frame *, 103 const struct ieee80211_meshperr_ie *); 104static int hwmp_send_perr(struct ieee80211_node *, 105 const uint8_t [IEEE80211_ADDR_LEN], 106 const uint8_t [IEEE80211_ADDR_LEN], 107 struct ieee80211_meshperr_ie *); 108static void hwmp_recv_rann(struct ieee80211vap *, struct ieee80211_node *, 109 const struct ieee80211_frame *, 110 const struct ieee80211_meshrann_ie *); 111static int hwmp_send_rann(struct ieee80211_node *, 112 const uint8_t [IEEE80211_ADDR_LEN], 113 const uint8_t [IEEE80211_ADDR_LEN], 114 struct ieee80211_meshrann_ie *); 115static struct ieee80211_node * 116 hwmp_discover(struct ieee80211vap *, 117 const uint8_t [IEEE80211_ADDR_LEN], struct mbuf *); 118static void hwmp_peerdown(struct ieee80211_node *); 119 120static struct timeval ieee80211_hwmp_preqminint = { 0, 100000 }; 121static struct timeval ieee80211_hwmp_perrminint = { 0, 100000 }; 122 123/* unalligned little endian access */ 124#define LE_WRITE_2(p, v) do { \ 125 ((uint8_t *)(p))[0] = (v) & 0xff; \ 126 ((uint8_t *)(p))[1] = ((v) >> 8) & 0xff; \ 127} while (0) 128#define LE_WRITE_4(p, v) do { \ 129 ((uint8_t *)(p))[0] = (v) & 0xff; \ 130 ((uint8_t *)(p))[1] = ((v) >> 8) & 0xff; \ 131 ((uint8_t *)(p))[2] = ((v) >> 16) & 0xff; \ 132 ((uint8_t *)(p))[3] = ((v) >> 24) & 0xff; \ 133} while (0) 134 135 136/* NB: the Target Address set in a Proactive PREQ is the broadcast address. */ 137static const uint8_t broadcastaddr[IEEE80211_ADDR_LEN] = 138 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 139 140typedef uint32_t ieee80211_hwmp_seq; 141#define HWMP_SEQ_LT(a, b) ((int32_t)((a)-(b)) < 0) 142#define HWMP_SEQ_LEQ(a, b) ((int32_t)((a)-(b)) <= 0) 143#define HWMP_SEQ_EQ(a, b) ((int32_t)((a)-(b)) == 0) 144#define HWMP_SEQ_GT(a, b) ((int32_t)((a)-(b)) > 0) 145#define HWMP_SEQ_GEQ(a, b) ((int32_t)((a)-(b)) >= 0) 146 147#define HWMP_SEQ_MAX(a, b) (a > b ? a : b) 148 149/* 150 * Private extension of ieee80211_mesh_route. 151 */ 152struct ieee80211_hwmp_route { 153 ieee80211_hwmp_seq hr_seq; /* last HWMP seq seen from dst*/ 154 ieee80211_hwmp_seq hr_preqid; /* last PREQ ID seen from dst */ 155 ieee80211_hwmp_seq hr_origseq; /* seq. no. on our latest PREQ*/ 156 struct timeval hr_lastpreq; /* last time we sent a PREQ */ 157 int hr_preqretries; /* number of discoveries */ 158 int hr_lastdiscovery; /* last discovery in ticks */ 159}; 160struct ieee80211_hwmp_state { 161 ieee80211_hwmp_seq hs_seq; /* next seq to be used */ 162 ieee80211_hwmp_seq hs_preqid; /* next PREQ ID to be used */ 163 int hs_rootmode; /* proactive HWMP */ 164 struct timeval hs_lastperr; /* last time we sent a PERR */ 165 struct callout hs_roottimer; 166 uint8_t hs_maxhops; /* max hop count */ 167}; 168 169static SYSCTL_NODE(_net_wlan, OID_AUTO, hwmp, CTLFLAG_RD, 0, 170 "IEEE 802.11s HWMP parameters"); 171static int ieee80211_hwmp_targetonly = 0; 172SYSCTL_INT(_net_wlan_hwmp, OID_AUTO, targetonly, CTLTYPE_INT | CTLFLAG_RW, 173 &ieee80211_hwmp_targetonly, 0, "Set TO bit on generated PREQs"); 174static int ieee80211_hwmp_pathtimeout = -1; 175SYSCTL_PROC(_net_wlan_hwmp, OID_AUTO, pathlifetime, CTLTYPE_INT | CTLFLAG_RW, 176 &ieee80211_hwmp_pathtimeout, 0, ieee80211_sysctl_msecs_ticks, "I", 177 "path entry lifetime (ms)"); 178static int ieee80211_hwmp_maxpreq_retries = -1; 179SYSCTL_PROC(_net_wlan_hwmp, OID_AUTO, maxpreq_retries, CTLTYPE_INT | CTLFLAG_RW, 180 &ieee80211_hwmp_maxpreq_retries, 0, ieee80211_sysctl_msecs_ticks, "I", 181 "maximum number of preq retries"); 182static int ieee80211_hwmp_net_diameter_traversaltime = -1; 183SYSCTL_PROC(_net_wlan_hwmp, OID_AUTO, net_diameter_traversal_time, 184 CTLTYPE_INT | CTLFLAG_RW, &ieee80211_hwmp_net_diameter_traversaltime, 0, 185 ieee80211_sysctl_msecs_ticks, "I", 186 "estimate travelse time across the MBSS (ms)"); 187static int ieee80211_hwmp_roottimeout = -1; 188SYSCTL_PROC(_net_wlan_hwmp, OID_AUTO, roottimeout, CTLTYPE_INT | CTLFLAG_RW, 189 &ieee80211_hwmp_roottimeout, 0, ieee80211_sysctl_msecs_ticks, "I", 190 "root PREQ timeout (ms)"); 191static int ieee80211_hwmp_rootint = -1; 192SYSCTL_PROC(_net_wlan_hwmp, OID_AUTO, rootint, CTLTYPE_INT | CTLFLAG_RW, 193 &ieee80211_hwmp_rootint, 0, ieee80211_sysctl_msecs_ticks, "I", 194 "root interval (ms)"); 195static int ieee80211_hwmp_rannint = -1; 196SYSCTL_PROC(_net_wlan_hwmp, OID_AUTO, rannint, CTLTYPE_INT | CTLFLAG_RW, 197 &ieee80211_hwmp_rannint, 0, ieee80211_sysctl_msecs_ticks, "I", 198 "root announcement interval (ms)"); 199 200#define IEEE80211_HWMP_DEFAULT_MAXHOPS 31 201 202static ieee80211_recv_action_func hwmp_recv_action_meshpath; 203 204static struct ieee80211_mesh_proto_path mesh_proto_hwmp = { 205 .mpp_descr = "HWMP", 206 .mpp_ie = IEEE80211_MESHCONF_PATH_HWMP, 207 .mpp_discover = hwmp_discover, 208 .mpp_peerdown = hwmp_peerdown, 209 .mpp_vattach = hwmp_vattach, 210 .mpp_vdetach = hwmp_vdetach, 211 .mpp_newstate = hwmp_newstate, 212 .mpp_privlen = sizeof(struct ieee80211_hwmp_route), 213}; 214SYSCTL_PROC(_net_wlan_hwmp, OID_AUTO, inact, CTLTYPE_INT | CTLFLAG_RW, 215 &mesh_proto_hwmp.mpp_inact, 0, ieee80211_sysctl_msecs_ticks, "I", 216 "mesh route inactivity timeout (ms)"); 217 218 219static void 220ieee80211_hwmp_init(void) 221{ 222 /* Default values as per amendment */ 223 ieee80211_hwmp_pathtimeout = msecs_to_ticks(5*1000); 224 ieee80211_hwmp_roottimeout = msecs_to_ticks(5*1000); 225 ieee80211_hwmp_rootint = msecs_to_ticks(2*1000); 226 ieee80211_hwmp_rannint = msecs_to_ticks(1*1000); 227 ieee80211_hwmp_maxpreq_retries = 3; 228 /* 229 * (TU): A measurement of time equal to 1024 ��s, 230 * 500 TU is 512 ms. 231 */ 232 ieee80211_hwmp_net_diameter_traversaltime = msecs_to_ticks(512); 233 234 /* 235 * Register action frame handler. 236 */ 237 ieee80211_recv_action_register(IEEE80211_ACTION_CAT_MESH, 238 IEEE80211_ACTION_MESH_HWMP, hwmp_recv_action_meshpath); 239 240 /* NB: default is 5 secs per spec */ 241 mesh_proto_hwmp.mpp_inact = msecs_to_ticks(5*1000); 242 243 /* 244 * Register HWMP. 245 */ 246 ieee80211_mesh_register_proto_path(&mesh_proto_hwmp); 247} 248SYSINIT(wlan_hwmp, SI_SUB_DRIVERS, SI_ORDER_SECOND, ieee80211_hwmp_init, NULL); 249 250void 251hwmp_vattach(struct ieee80211vap *vap) 252{ 253 struct ieee80211_hwmp_state *hs; 254 255 KASSERT(vap->iv_opmode == IEEE80211_M_MBSS, 256 ("not a mesh vap, opmode %d", vap->iv_opmode)); 257 258 hs = malloc(sizeof(struct ieee80211_hwmp_state), M_80211_VAP, 259 M_NOWAIT | M_ZERO); 260 if (hs == NULL) { 261 printf("%s: couldn't alloc HWMP state\n", __func__); 262 return; 263 } 264 hs->hs_maxhops = IEEE80211_HWMP_DEFAULT_MAXHOPS; 265 callout_init(&hs->hs_roottimer, CALLOUT_MPSAFE); 266 vap->iv_hwmp = hs; 267} 268 269void 270hwmp_vdetach(struct ieee80211vap *vap) 271{ 272 struct ieee80211_hwmp_state *hs = vap->iv_hwmp; 273 274 callout_drain(&hs->hs_roottimer); 275 free(vap->iv_hwmp, M_80211_VAP); 276 vap->iv_hwmp = NULL; 277} 278 279int 280hwmp_newstate(struct ieee80211vap *vap, enum ieee80211_state ostate, int arg) 281{ 282 enum ieee80211_state nstate = vap->iv_state; 283 struct ieee80211_hwmp_state *hs = vap->iv_hwmp; 284 285 IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE, "%s: %s -> %s (%d)\n", 286 __func__, ieee80211_state_name[ostate], 287 ieee80211_state_name[nstate], arg); 288 289 if (nstate != IEEE80211_S_RUN && ostate == IEEE80211_S_RUN) 290 callout_drain(&hs->hs_roottimer); 291 if (nstate == IEEE80211_S_RUN) 292 hwmp_rootmode_setup(vap); 293 return 0; 294} 295 296/* 297 * Verify the length of an HWMP PREQ and return the number 298 * of destinations >= 1, if verification fails -1 is returned. 299 */ 300static int 301verify_mesh_preq_len(struct ieee80211vap *vap, 302 const struct ieee80211_frame *wh, const uint8_t *iefrm) 303{ 304 int alloc_sz = -1; 305 int ndest = -1; 306 if (iefrm[2] & IEEE80211_MESHPREQ_FLAGS_AE) { 307 /* Originator External Address present */ 308 alloc_sz = IEEE80211_MESHPREQ_BASE_SZ_AE; 309 ndest = iefrm[IEEE80211_MESHPREQ_TCNT_OFFSET_AE]; 310 } else { 311 /* w/o Originator External Address */ 312 alloc_sz = IEEE80211_MESHPREQ_BASE_SZ; 313 ndest = iefrm[IEEE80211_MESHPREQ_TCNT_OFFSET]; 314 } 315 alloc_sz += ndest * IEEE80211_MESHPREQ_TRGT_SZ; 316 317 if(iefrm[1] != (alloc_sz)) { 318 IEEE80211_DISCARD(vap, 319 IEEE80211_MSG_ACTION | IEEE80211_MSG_HWMP, 320 wh, NULL, "PREQ (AE=%s) with wrong len", 321 iefrm[2] & IEEE80211_MESHPREQ_FLAGS_AE ? "1" : "0"); 322 return (-1); 323 } 324 return ndest; 325} 326 327/* 328 * Verify the length of an HWMP PREP and returns 1 on success, 329 * otherwise -1. 330 */ 331static int 332verify_mesh_prep_len(struct ieee80211vap *vap, 333 const struct ieee80211_frame *wh, const uint8_t *iefrm) 334{ 335 int alloc_sz = -1; 336 if (iefrm[2] & IEEE80211_MESHPREP_FLAGS_AE) { 337 if (iefrm[1] == IEEE80211_MESHPREP_BASE_SZ_AE) 338 alloc_sz = IEEE80211_MESHPREP_BASE_SZ_AE; 339 } else if (iefrm[1] == IEEE80211_MESHPREP_BASE_SZ) 340 alloc_sz = IEEE80211_MESHPREP_BASE_SZ; 341 if(alloc_sz < 0) { 342 IEEE80211_DISCARD(vap, 343 IEEE80211_MSG_ACTION | IEEE80211_MSG_HWMP, 344 wh, NULL, "PREP (AE=%s) with wrong len", 345 iefrm[2] & IEEE80211_MESHPREP_FLAGS_AE ? "1" : "0"); 346 return (-1); 347 } 348 return (1); 349} 350 351/* 352 * Verify the length of an HWMP PERR and return the number 353 * of destinations >= 1, if verification fails -1 is returned. 354 */ 355static int 356verify_mesh_perr_len(struct ieee80211vap *vap, 357 const struct ieee80211_frame *wh, const uint8_t *iefrm) 358{ 359 int alloc_sz = -1; 360 const uint8_t *iefrm_t = iefrm; 361 uint8_t ndest = iefrm_t[IEEE80211_MESHPERR_NDEST_OFFSET]; 362 int i; 363 364 if(ndest > IEEE80211_MESHPERR_MAXDEST) { 365 IEEE80211_DISCARD(vap, 366 IEEE80211_MSG_ACTION | IEEE80211_MSG_HWMP, 367 wh, NULL, "PERR with wrong number of destionat (>19), %u", 368 ndest); 369 return (-1); 370 } 371 372 iefrm_t += IEEE80211_MESHPERR_NDEST_OFFSET + 1; /* flag is next field */ 373 /* We need to check each destionation flag to know size */ 374 for(i = 0; i<ndest; i++) { 375 if ((*iefrm_t) & IEEE80211_MESHPERR_FLAGS_AE) 376 iefrm_t += IEEE80211_MESHPERR_DEST_SZ_AE; 377 else 378 iefrm_t += IEEE80211_MESHPERR_DEST_SZ; 379 } 380 381 alloc_sz = (iefrm_t - iefrm) - 2; /* action + code */ 382 if(alloc_sz != iefrm[1]) { 383 IEEE80211_DISCARD(vap, 384 IEEE80211_MSG_ACTION | IEEE80211_MSG_HWMP, 385 wh, NULL, "%s", "PERR with wrong len"); 386 return (-1); 387 } 388 return ndest; 389} 390 391static int 392hwmp_recv_action_meshpath(struct ieee80211_node *ni, 393 const struct ieee80211_frame *wh, 394 const uint8_t *frm, const uint8_t *efrm) 395{ 396 struct ieee80211vap *vap = ni->ni_vap; 397 struct ieee80211_meshpreq_ie *preq; 398 struct ieee80211_meshprep_ie *prep; 399 struct ieee80211_meshperr_ie *perr; 400 struct ieee80211_meshrann_ie rann; 401 const uint8_t *iefrm = frm + 2; /* action + code */ 402 const uint8_t *iefrm_t = iefrm; /* temporary pointer */ 403 int ndest = -1; 404 int found = 0; 405 406 while (efrm - iefrm > 1) { 407 IEEE80211_VERIFY_LENGTH(efrm - iefrm, iefrm[1] + 2, return 0); 408 switch (*iefrm) { 409 case IEEE80211_ELEMID_MESHPREQ: 410 { 411 int i = 0; 412 413 iefrm_t = iefrm; 414 ndest = verify_mesh_preq_len(vap, wh, iefrm_t); 415 if (ndest < 0) { 416 vap->iv_stats.is_rx_mgtdiscard++; 417 break; 418 } 419 preq = malloc(sizeof(*preq) + 420 (ndest - 1) * sizeof(*preq->preq_targets), 421 M_80211_MESH_PREQ, M_NOWAIT | M_ZERO); 422 KASSERT(preq != NULL, ("preq == NULL")); 423 424 preq->preq_ie = *iefrm_t++; 425 preq->preq_len = *iefrm_t++; 426 preq->preq_flags = *iefrm_t++; 427 preq->preq_hopcount = *iefrm_t++; 428 preq->preq_ttl = *iefrm_t++; 429 preq->preq_id = LE_READ_4(iefrm_t); iefrm_t += 4; 430 IEEE80211_ADDR_COPY(preq->preq_origaddr, iefrm_t); 431 iefrm_t += 6; 432 preq->preq_origseq = LE_READ_4(iefrm_t); iefrm_t += 4; 433 /* NB: may have Originator Proxied Address */ 434 if (preq->preq_flags & IEEE80211_MESHPREQ_FLAGS_AE) { 435 IEEE80211_ADDR_COPY( 436 preq->preq_orig_ext_addr, iefrm_t); 437 iefrm_t += 6; 438 } 439 preq->preq_lifetime = LE_READ_4(iefrm_t); iefrm_t += 4; 440 preq->preq_metric = LE_READ_4(iefrm_t); iefrm_t += 4; 441 preq->preq_tcount = *iefrm_t++; 442 443 for (i = 0; i < preq->preq_tcount; i++) { 444 preq->preq_targets[i].target_flags = *iefrm_t++; 445 IEEE80211_ADDR_COPY( 446 preq->preq_targets[i].target_addr, iefrm_t); 447 iefrm_t += 6; 448 preq->preq_targets[i].target_seq = 449 LE_READ_4(iefrm_t); 450 iefrm_t += 4; 451 } 452 453 hwmp_recv_preq(vap, ni, wh, preq); 454 free(preq, M_80211_MESH_PREQ); 455 found++; 456 break; 457 } 458 case IEEE80211_ELEMID_MESHPREP: 459 { 460 iefrm_t = iefrm; 461 ndest = verify_mesh_prep_len(vap, wh, iefrm_t); 462 if (ndest < 0) { 463 vap->iv_stats.is_rx_mgtdiscard++; 464 break; 465 } 466 prep = malloc(sizeof(*prep), 467 M_80211_MESH_PREP, M_NOWAIT | M_ZERO); 468 KASSERT(prep != NULL, ("prep == NULL")); 469 470 prep->prep_ie = *iefrm_t++; 471 prep->prep_len = *iefrm_t++; 472 prep->prep_flags = *iefrm_t++; 473 prep->prep_hopcount = *iefrm_t++; 474 prep->prep_ttl = *iefrm_t++; 475 IEEE80211_ADDR_COPY(prep->prep_targetaddr, iefrm_t); 476 iefrm_t += 6; 477 prep->prep_targetseq = LE_READ_4(iefrm_t); iefrm_t += 4; 478 /* NB: May have Target Proxied Address */ 479 if (prep->prep_flags & IEEE80211_MESHPREP_FLAGS_AE) { 480 IEEE80211_ADDR_COPY( 481 prep->prep_target_ext_addr, iefrm_t); 482 iefrm_t += 6; 483 } 484 prep->prep_lifetime = LE_READ_4(iefrm_t); iefrm_t += 4; 485 prep->prep_metric = LE_READ_4(iefrm_t); iefrm_t += 4; 486 IEEE80211_ADDR_COPY(prep->prep_origaddr, iefrm_t); 487 iefrm_t += 6; 488 prep->prep_origseq = LE_READ_4(iefrm_t); iefrm_t += 4; 489 490 hwmp_recv_prep(vap, ni, wh, prep); 491 free(prep, M_80211_MESH_PREP); 492 found++; 493 break; 494 } 495 case IEEE80211_ELEMID_MESHPERR: 496 { 497 int i = 0; 498 499 iefrm_t = iefrm; 500 ndest = verify_mesh_perr_len(vap, wh, iefrm_t); 501 if (ndest < 0) { 502 vap->iv_stats.is_rx_mgtdiscard++; 503 break; 504 } 505 perr = malloc(sizeof(*perr) + 506 (ndest - 1) * sizeof(*perr->perr_dests), 507 M_80211_MESH_PERR, M_NOWAIT | M_ZERO); 508 KASSERT(perr != NULL, ("perr == NULL")); 509 510 perr->perr_ie = *iefrm_t++; 511 perr->perr_len = *iefrm_t++; 512 perr->perr_ttl = *iefrm_t++; 513 perr->perr_ndests = *iefrm_t++; 514 515 for (i = 0; i<perr->perr_ndests; i++) { 516 perr->perr_dests[i].dest_flags = *iefrm_t++; 517 IEEE80211_ADDR_COPY( 518 perr->perr_dests[i].dest_addr, iefrm_t); 519 iefrm_t += 6; 520 perr->perr_dests[i].dest_seq = LE_READ_4(iefrm_t); 521 iefrm_t += 4; 522 /* NB: May have Target Proxied Address */ 523 if (perr->perr_dests[i].dest_flags & 524 IEEE80211_MESHPERR_FLAGS_AE) { 525 IEEE80211_ADDR_COPY( 526 perr->perr_dests[i].dest_ext_addr, 527 iefrm_t); 528 iefrm_t += 6; 529 } 530 perr->perr_dests[i].dest_rcode = 531 LE_READ_2(iefrm_t); 532 iefrm_t += 2; 533 } 534 535 hwmp_recv_perr(vap, ni, wh, perr); 536 free(perr, M_80211_MESH_PERR); 537 found++; 538 break; 539 } 540 case IEEE80211_ELEMID_MESHRANN: 541 { 542 const struct ieee80211_meshrann_ie *mrann = 543 (const struct ieee80211_meshrann_ie *) iefrm; 544 if (mrann->rann_len != 545 sizeof(struct ieee80211_meshrann_ie) - 2) { 546 IEEE80211_DISCARD(vap, 547 IEEE80211_MSG_ACTION | IEEE80211_MSG_HWMP, 548 wh, NULL, "%s", "RAN with wrong len"); 549 vap->iv_stats.is_rx_mgtdiscard++; 550 return 1; 551 } 552 memcpy(&rann, mrann, sizeof(rann)); 553 rann.rann_seq = LE_READ_4(&mrann->rann_seq); 554 rann.rann_metric = LE_READ_4(&mrann->rann_metric); 555 hwmp_recv_rann(vap, ni, wh, &rann); 556 found++; 557 break; 558 } 559 } 560 iefrm += iefrm[1] + 2; 561 } 562 if (!found) { 563 IEEE80211_DISCARD(vap, 564 IEEE80211_MSG_ACTION | IEEE80211_MSG_HWMP, 565 wh, NULL, "%s", "PATH SEL action without IE"); 566 vap->iv_stats.is_rx_mgtdiscard++; 567 } 568 return 0; 569} 570 571static int 572hwmp_send_action(struct ieee80211_node *ni, 573 const uint8_t sa[IEEE80211_ADDR_LEN], 574 const uint8_t da[IEEE80211_ADDR_LEN], 575 uint8_t *ie, size_t len) 576{ 577 struct ieee80211vap *vap = ni->ni_vap; 578 struct ieee80211com *ic = ni->ni_ic; 579 struct ieee80211_bpf_params params; 580 struct mbuf *m; 581 uint8_t *frm; 582 583 if (vap->iv_state == IEEE80211_S_CAC) { 584 IEEE80211_NOTE(vap, IEEE80211_MSG_OUTPUT, ni, 585 "block %s frame in CAC state", "HWMP action"); 586 vap->iv_stats.is_tx_badstate++; 587 return EIO; /* XXX */ 588 } 589 590 KASSERT(ni != NULL, ("null node")); 591 /* 592 * Hold a reference on the node so it doesn't go away until after 593 * the xmit is complete all the way in the driver. On error we 594 * will remove our reference. 595 */ 596#ifdef IEEE80211_DEBUG_REFCNT 597 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE, 598 "ieee80211_ref_node (%s:%u) %p<%s> refcnt %d\n", 599 __func__, __LINE__, 600 ni, ether_sprintf(ni->ni_macaddr), 601 ieee80211_node_refcnt(ni)+1); 602#endif 603 ieee80211_ref_node(ni); 604 605 m = ieee80211_getmgtframe(&frm, 606 ic->ic_headroom + sizeof(struct ieee80211_frame), 607 sizeof(struct ieee80211_action) + len 608 ); 609 if (m == NULL) { 610 ieee80211_free_node(ni); 611 vap->iv_stats.is_tx_nobuf++; 612 return ENOMEM; 613 } 614 *frm++ = IEEE80211_ACTION_CAT_MESH; 615 *frm++ = IEEE80211_ACTION_MESH_HWMP; 616 switch (*ie) { 617 case IEEE80211_ELEMID_MESHPREQ: 618 frm = hwmp_add_meshpreq(frm, 619 (struct ieee80211_meshpreq_ie *)ie); 620 break; 621 case IEEE80211_ELEMID_MESHPREP: 622 frm = hwmp_add_meshprep(frm, 623 (struct ieee80211_meshprep_ie *)ie); 624 break; 625 case IEEE80211_ELEMID_MESHPERR: 626 frm = hwmp_add_meshperr(frm, 627 (struct ieee80211_meshperr_ie *)ie); 628 break; 629 case IEEE80211_ELEMID_MESHRANN: 630 frm = hwmp_add_meshrann(frm, 631 (struct ieee80211_meshrann_ie *)ie); 632 break; 633 } 634 635 m->m_pkthdr.len = m->m_len = frm - mtod(m, uint8_t *); 636 M_PREPEND(m, sizeof(struct ieee80211_frame), M_DONTWAIT); 637 if (m == NULL) { 638 ieee80211_free_node(ni); 639 vap->iv_stats.is_tx_nobuf++; 640 return ENOMEM; 641 } 642 ieee80211_send_setup(ni, m, 643 IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_ACTION, 644 IEEE80211_NONQOS_TID, sa, da, sa); 645 646 m->m_flags |= M_ENCAP; /* mark encapsulated */ 647 IEEE80211_NODE_STAT(ni, tx_mgmt); 648 649 memset(¶ms, 0, sizeof(params)); 650 params.ibp_pri = WME_AC_VO; 651 params.ibp_rate0 = ni->ni_txparms->mgmtrate; 652 if (IEEE80211_IS_MULTICAST(da)) 653 params.ibp_try0 = 1; 654 else 655 params.ibp_try0 = ni->ni_txparms->maxretry; 656 params.ibp_power = ni->ni_txpower; 657 return ic->ic_raw_xmit(ni, m, ¶ms); 658} 659 660#define ADDSHORT(frm, v) do { \ 661 frm[0] = (v) & 0xff; \ 662 frm[1] = (v) >> 8; \ 663 frm += 2; \ 664} while (0) 665#define ADDWORD(frm, v) do { \ 666 LE_WRITE_4(frm, v); \ 667 frm += 4; \ 668} while (0) 669/* 670 * Add a Mesh Path Request IE to a frame. 671 */ 672#define PREQ_TFLAGS(n) preq->preq_targets[n].target_flags 673#define PREQ_TADDR(n) preq->preq_targets[n].target_addr 674#define PREQ_TSEQ(n) preq->preq_targets[n].target_seq 675static uint8_t * 676hwmp_add_meshpreq(uint8_t *frm, const struct ieee80211_meshpreq_ie *preq) 677{ 678 int i; 679 680 *frm++ = IEEE80211_ELEMID_MESHPREQ; 681 *frm++ = preq->preq_len; /* len already calculated */ 682 *frm++ = preq->preq_flags; 683 *frm++ = preq->preq_hopcount; 684 *frm++ = preq->preq_ttl; 685 ADDWORD(frm, preq->preq_id); 686 IEEE80211_ADDR_COPY(frm, preq->preq_origaddr); frm += 6; 687 ADDWORD(frm, preq->preq_origseq); 688 if (preq->preq_flags & IEEE80211_MESHPREQ_FLAGS_AE) { 689 IEEE80211_ADDR_COPY(frm, preq->preq_orig_ext_addr); 690 frm += 6; 691 } 692 ADDWORD(frm, preq->preq_lifetime); 693 ADDWORD(frm, preq->preq_metric); 694 *frm++ = preq->preq_tcount; 695 for (i = 0; i < preq->preq_tcount; i++) { 696 *frm++ = PREQ_TFLAGS(i); 697 IEEE80211_ADDR_COPY(frm, PREQ_TADDR(i)); 698 frm += 6; 699 ADDWORD(frm, PREQ_TSEQ(i)); 700 } 701 return frm; 702} 703#undef PREQ_TFLAGS 704#undef PREQ_TADDR 705#undef PREQ_TSEQ 706 707/* 708 * Add a Mesh Path Reply IE to a frame. 709 */ 710static uint8_t * 711hwmp_add_meshprep(uint8_t *frm, const struct ieee80211_meshprep_ie *prep) 712{ 713 *frm++ = IEEE80211_ELEMID_MESHPREP; 714 *frm++ = prep->prep_len; /* len already calculated */ 715 *frm++ = prep->prep_flags; 716 *frm++ = prep->prep_hopcount; 717 *frm++ = prep->prep_ttl; 718 IEEE80211_ADDR_COPY(frm, prep->prep_targetaddr); frm += 6; 719 ADDWORD(frm, prep->prep_targetseq); 720 if (prep->prep_flags & IEEE80211_MESHPREP_FLAGS_AE) { 721 IEEE80211_ADDR_COPY(frm, prep->prep_target_ext_addr); 722 frm += 6; 723 } 724 ADDWORD(frm, prep->prep_lifetime); 725 ADDWORD(frm, prep->prep_metric); 726 IEEE80211_ADDR_COPY(frm, prep->prep_origaddr); frm += 6; 727 ADDWORD(frm, prep->prep_origseq); 728 return frm; 729} 730 731/* 732 * Add a Mesh Path Error IE to a frame. 733 */ 734#define PERR_DFLAGS(n) perr->perr_dests[n].dest_flags 735#define PERR_DADDR(n) perr->perr_dests[n].dest_addr 736#define PERR_DSEQ(n) perr->perr_dests[n].dest_seq 737#define PERR_EXTADDR(n) perr->perr_dests[n].dest_ext_addr 738#define PERR_DRCODE(n) perr->perr_dests[n].dest_rcode 739static uint8_t * 740hwmp_add_meshperr(uint8_t *frm, const struct ieee80211_meshperr_ie *perr) 741{ 742 int i; 743 744 *frm++ = IEEE80211_ELEMID_MESHPERR; 745 *frm++ = perr->perr_len; /* len already calculated */ 746 *frm++ = perr->perr_ttl; 747 *frm++ = perr->perr_ndests; 748 for (i = 0; i < perr->perr_ndests; i++) { 749 *frm++ = PERR_DFLAGS(i); 750 IEEE80211_ADDR_COPY(frm, PERR_DADDR(i)); 751 frm += 6; 752 ADDWORD(frm, PERR_DSEQ(i)); 753 if (PERR_DFLAGS(i) & IEEE80211_MESHPERR_FLAGS_AE) { 754 IEEE80211_ADDR_COPY(frm, PERR_EXTADDR(i)); 755 frm += 6; 756 } 757 ADDSHORT(frm, PERR_DRCODE(i)); 758 } 759 return frm; 760} 761#undef PERR_DFLAGS 762#undef PERR_DADDR 763#undef PERR_DSEQ 764#undef PERR_EXTADDR 765#undef PERR_DRCODE 766 767/* 768 * Add a Root Annoucement IE to a frame. 769 */ 770static uint8_t * 771hwmp_add_meshrann(uint8_t *frm, const struct ieee80211_meshrann_ie *rann) 772{ 773 *frm++ = IEEE80211_ELEMID_MESHRANN; 774 *frm++ = rann->rann_len; 775 *frm++ = rann->rann_flags; 776 *frm++ = rann->rann_hopcount; 777 *frm++ = rann->rann_ttl; 778 IEEE80211_ADDR_COPY(frm, rann->rann_addr); frm += 6; 779 ADDWORD(frm, rann->rann_seq); 780 ADDWORD(frm, rann->rann_interval); 781 ADDWORD(frm, rann->rann_metric); 782 return frm; 783} 784 785static void 786hwmp_rootmode_setup(struct ieee80211vap *vap) 787{ 788 struct ieee80211_hwmp_state *hs = vap->iv_hwmp; 789 790 switch (hs->hs_rootmode) { 791 case IEEE80211_HWMP_ROOTMODE_DISABLED: 792 callout_drain(&hs->hs_roottimer); 793 break; 794 case IEEE80211_HWMP_ROOTMODE_NORMAL: 795 case IEEE80211_HWMP_ROOTMODE_PROACTIVE: 796 callout_reset(&hs->hs_roottimer, ieee80211_hwmp_rootint, 797 hwmp_rootmode_cb, vap); 798 break; 799 case IEEE80211_HWMP_ROOTMODE_RANN: 800 callout_reset(&hs->hs_roottimer, ieee80211_hwmp_rannint, 801 hwmp_rootmode_rann_cb, vap); 802 break; 803 } 804} 805 806/* 807 * Send a broadcast Path Request to find all nodes on the mesh. We are 808 * called when the vap is configured as a HWMP root node. 809 */ 810#define PREQ_TFLAGS(n) preq.preq_targets[n].target_flags 811#define PREQ_TADDR(n) preq.preq_targets[n].target_addr 812#define PREQ_TSEQ(n) preq.preq_targets[n].target_seq 813static void 814hwmp_rootmode_cb(void *arg) 815{ 816 struct ieee80211vap *vap = (struct ieee80211vap *)arg; 817 struct ieee80211_hwmp_state *hs = vap->iv_hwmp; 818 struct ieee80211_mesh_state *ms = vap->iv_mesh; 819 struct ieee80211_meshpreq_ie preq; 820 821 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, vap->iv_bss, 822 "%s", "send broadcast PREQ"); 823 824 preq.preq_flags = 0; 825 if (ms->ms_flags & IEEE80211_MESHFLAGS_PORTAL) 826 preq.preq_flags |= IEEE80211_MESHPREQ_FLAGS_PR; 827 if (hs->hs_rootmode == IEEE80211_HWMP_ROOTMODE_PROACTIVE) 828 preq.preq_flags |= IEEE80211_MESHPREQ_FLAGS_PP; 829 preq.preq_hopcount = 0; 830 preq.preq_ttl = ms->ms_ttl; 831 preq.preq_id = ++hs->hs_preqid; 832 IEEE80211_ADDR_COPY(preq.preq_origaddr, vap->iv_myaddr); 833 preq.preq_origseq = ++hs->hs_seq; 834 preq.preq_lifetime = ticks_to_msecs(ieee80211_hwmp_roottimeout); 835 preq.preq_metric = IEEE80211_MESHLMETRIC_INITIALVAL; 836 preq.preq_tcount = 1; 837 IEEE80211_ADDR_COPY(PREQ_TADDR(0), broadcastaddr); 838 PREQ_TFLAGS(0) = IEEE80211_MESHPREQ_TFLAGS_TO | 839 IEEE80211_MESHPREQ_TFLAGS_USN; 840 PREQ_TSEQ(0) = 0; 841 vap->iv_stats.is_hwmp_rootreqs++; 842 hwmp_send_preq(vap->iv_bss, vap->iv_myaddr, broadcastaddr, &preq, 843 NULL, NULL); /* NB: we enforce rate check ourself */ 844 hwmp_rootmode_setup(vap); 845} 846#undef PREQ_TFLAGS 847#undef PREQ_TADDR 848#undef PREQ_TSEQ 849 850/* 851 * Send a Root Annoucement (RANN) to find all the nodes on the mesh. We are 852 * called when the vap is configured as a HWMP RANN root node. 853 */ 854static void 855hwmp_rootmode_rann_cb(void *arg) 856{ 857 struct ieee80211vap *vap = (struct ieee80211vap *)arg; 858 struct ieee80211_hwmp_state *hs = vap->iv_hwmp; 859 struct ieee80211_mesh_state *ms = vap->iv_mesh; 860 struct ieee80211_meshrann_ie rann; 861 862 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, vap->iv_bss, 863 "%s", "send broadcast RANN"); 864 865 rann.rann_flags = 0; 866 if (ms->ms_flags & IEEE80211_MESHFLAGS_PORTAL) 867 rann.rann_flags |= IEEE80211_MESHRANN_FLAGS_PR; 868 rann.rann_hopcount = 0; 869 rann.rann_ttl = ms->ms_ttl; 870 IEEE80211_ADDR_COPY(rann.rann_addr, vap->iv_myaddr); 871 rann.rann_seq = ++hs->hs_seq; 872 rann.rann_metric = IEEE80211_MESHLMETRIC_INITIALVAL; 873 874 vap->iv_stats.is_hwmp_rootrann++; 875 hwmp_send_rann(vap->iv_bss, vap->iv_myaddr, broadcastaddr, &rann); 876 hwmp_rootmode_setup(vap); 877} 878 879#define PREQ_TFLAGS(n) preq->preq_targets[n].target_flags 880#define PREQ_TADDR(n) preq->preq_targets[n].target_addr 881#define PREQ_TSEQ(n) preq->preq_targets[n].target_seq 882static void 883hwmp_recv_preq(struct ieee80211vap *vap, struct ieee80211_node *ni, 884 const struct ieee80211_frame *wh, const struct ieee80211_meshpreq_ie *preq) 885{ 886 struct ieee80211_mesh_state *ms = vap->iv_mesh; 887 struct ieee80211_mesh_route *rt = NULL; /* pro-active code */ 888 struct ieee80211_mesh_route *rtorig = NULL; 889 struct ieee80211_mesh_route *rtorig_ext = NULL; 890 struct ieee80211_mesh_route *rttarg = NULL; 891 struct ieee80211_hwmp_route *hrorig = NULL; 892 struct ieee80211_hwmp_route *hrtarg = NULL; 893 struct ieee80211_hwmp_state *hs = vap->iv_hwmp; 894 struct ieee80211_meshprep_ie prep; 895 ieee80211_hwmp_seq preqid; /* last seen preqid for orig */ 896 897 if (ni == vap->iv_bss || 898 ni->ni_mlstate != IEEE80211_NODE_MESH_ESTABLISHED) 899 return; 900 /* 901 * Ignore PREQs from us. Could happen because someone forward it 902 * back to us. 903 */ 904 if (IEEE80211_ADDR_EQ(vap->iv_myaddr, preq->preq_origaddr)) 905 return; 906 907 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 908 "received PREQ, orig %6D, targ(0) %6D", preq->preq_origaddr, ":", 909 PREQ_TADDR(0), ":"); 910 911 /* 912 * Acceptance criteria: (if the PREQ is not for us or not broadcast, 913 * or an external mac address not proxied by us), 914 * AND forwarding is disabled, discard this PREQ. 915 */ 916 rttarg = ieee80211_mesh_rt_find(vap, PREQ_TADDR(0)); 917 if (!(ms->ms_flags & IEEE80211_MESHFLAGS_FWD) && 918 (!IEEE80211_ADDR_EQ(vap->iv_myaddr, PREQ_TADDR(0)) || 919 !IEEE80211_IS_MULTICAST(PREQ_TADDR(0)) || 920 (rttarg != NULL && 921 rttarg->rt_flags & IEEE80211_MESHRT_FLAGS_PROXY && 922 IEEE80211_ADDR_EQ(vap->iv_myaddr, rttarg->rt_mesh_gate)))) { 923 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_HWMP, 924 preq->preq_origaddr, NULL, "%s", "not accepting PREQ"); 925 return; 926 } 927 /* 928 * Acceptance criteria: if unicast addressed 929 * AND no valid forwarding for Target of PREQ, discard this PREQ. 930 */ 931 if(rttarg != NULL) 932 hrtarg = IEEE80211_MESH_ROUTE_PRIV(rttarg, 933 struct ieee80211_hwmp_route); 934 /* Address mode: ucast */ 935 if((preq->preq_flags & IEEE80211_MESHPREQ_FLAGS_AM) == 0 && 936 rttarg == NULL && 937 !IEEE80211_ADDR_EQ(vap->iv_myaddr, PREQ_TADDR(0))) { 938 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_HWMP, 939 preq->preq_origaddr, NULL, 940 "unicast addressed PREQ of unknown target %6D", 941 PREQ_TADDR(0), ":"); 942 return; 943 } 944 945 /* PREQ ACCEPTED */ 946 947 rtorig = ieee80211_mesh_rt_find(vap, preq->preq_origaddr); 948 if (rtorig == NULL) { 949 rtorig = ieee80211_mesh_rt_add(vap, preq->preq_origaddr); 950 if (rtorig == NULL) { 951 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 952 "unable to add orig path to %6D", 953 preq->preq_origaddr, ":"); 954 vap->iv_stats.is_mesh_rtaddfailed++; 955 return; 956 } 957 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 958 "adding originator %6D", preq->preq_origaddr, ":"); 959 } 960 hrorig = IEEE80211_MESH_ROUTE_PRIV(rtorig, struct ieee80211_hwmp_route); 961 962 /* record last seen preqid */ 963 preqid = hrorig->hr_preqid; 964 hrorig->hr_preqid = HWMP_SEQ_MAX(hrorig->hr_preqid, preq->preq_id); 965 966 /* Data creation and update of forwarding information 967 * according to Table 11C-8 for originator mesh STA. 968 */ 969 if (HWMP_SEQ_GT(preq->preq_origseq, hrorig->hr_seq) || 970 (HWMP_SEQ_EQ(preq->preq_origseq, hrorig->hr_seq) && 971 preq->preq_metric < rtorig->rt_metric)) { 972 hrorig->hr_seq = preq->preq_origseq; 973 IEEE80211_ADDR_COPY(rtorig->rt_nexthop, wh->i_addr2); 974 rtorig->rt_metric = preq->preq_metric + 975 ms->ms_pmetric->mpm_metric(ni); 976 rtorig->rt_nhops = preq->preq_hopcount + 1; 977 ieee80211_mesh_rt_update(rtorig, preq->preq_lifetime); 978 /* path to orig is valid now */ 979 rtorig->rt_flags |= IEEE80211_MESHRT_FLAGS_VALID; 980 }else if ((hrtarg != NULL && 981 HWMP_SEQ_EQ(hrtarg->hr_seq, PREQ_TSEQ(0)) && 982 ((rtorig->rt_flags & IEEE80211_MESHRT_FLAGS_VALID) == 0)) || 983 preqid >= preq->preq_id) { 984 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 985 "discard PREQ from %6D, old seqno %u <= %u," 986 " or old preqid %u < %u", 987 preq->preq_origaddr, ":", 988 preq->preq_origseq, hrorig->hr_seq, 989 preq->preq_id, preqid); 990 return; 991 } 992 993 /* 994 * Forwarding information for transmitter mesh STA 995 * [OPTIONAL: if metric improved] 996 */ 997 998 /* 999 * Check if the PREQ is addressed to us. 1000 * or a Proxy currently supplied by us. 1001 */ 1002 if (IEEE80211_ADDR_EQ(vap->iv_myaddr, PREQ_TADDR(0)) || 1003 (rttarg != NULL && 1004 rttarg->rt_flags & IEEE80211_MESHRT_FLAGS_PROXY && 1005 rttarg->rt_flags & IEEE80211_MESHRT_FLAGS_VALID)) { 1006 /* 1007 * When we are the target we shall update our own HWMP seq 1008 * number with max of (current and preq->seq) + 1 1009 */ 1010 hs->hs_seq = HWMP_SEQ_MAX(hs->hs_seq, PREQ_TSEQ(0)) + 1; 1011 1012 prep.prep_flags = 0; 1013 if (rttarg != NULL && /* if NULL it means we are the target */ 1014 rttarg->rt_flags & IEEE80211_MESHRT_FLAGS_PROXY) { 1015 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1016 "reply for proxy %6D", rttarg->rt_dest, ":"); 1017 prep.prep_flags |= IEEE80211_MESHPREP_FLAGS_AE; 1018 IEEE80211_ADDR_COPY(prep.prep_target_ext_addr, 1019 rttarg->rt_dest); 1020 /* update proxy seqno to HWMP seqno */ 1021 rttarg->rt_ext_seq = hs->hs_seq; 1022 } 1023 /* 1024 * Build and send a PREP frame. 1025 */ 1026 prep.prep_hopcount = 0; 1027 prep.prep_ttl = ms->ms_ttl; 1028 IEEE80211_ADDR_COPY(prep.prep_targetaddr, vap->iv_myaddr); 1029 prep.prep_targetseq = hs->hs_seq; 1030 prep.prep_lifetime = preq->preq_lifetime; 1031 prep.prep_metric = IEEE80211_MESHLMETRIC_INITIALVAL; 1032 IEEE80211_ADDR_COPY(prep.prep_origaddr, preq->preq_origaddr); 1033 prep.prep_origseq = preq->preq_origseq; 1034 1035 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1036 "reply to %6D", preq->preq_origaddr, ":"); 1037 hwmp_send_prep(ni, vap->iv_myaddr, wh->i_addr2, &prep); 1038 return; 1039 } 1040 /* we may update our proxy information for the orig external */ 1041 else if (preq->preq_flags & IEEE80211_MESHPREQ_FLAGS_AE) { 1042 rtorig_ext = 1043 ieee80211_mesh_rt_find(vap, preq->preq_orig_ext_addr); 1044 if (rtorig_ext == NULL) { 1045 rtorig_ext = ieee80211_mesh_rt_add(vap, 1046 preq->preq_orig_ext_addr); 1047 if (rtorig_ext == NULL) { 1048 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1049 "unable to add orig ext proxy to %6D", 1050 preq->preq_orig_ext_addr, ":"); 1051 vap->iv_stats.is_mesh_rtaddfailed++; 1052 return; 1053 } 1054 IEEE80211_ADDR_COPY(rtorig_ext->rt_mesh_gate, 1055 preq->preq_origaddr); 1056 } 1057 rtorig_ext->rt_ext_seq = preq->preq_origseq; 1058 ieee80211_mesh_rt_update(rtorig_ext, preq->preq_lifetime); 1059 } 1060 /* 1061 * Proactive PREQ: reply with a proactive PREP to the 1062 * root STA if requested. 1063 */ 1064 if (IEEE80211_ADDR_EQ(PREQ_TADDR(0), broadcastaddr) && 1065 (PREQ_TFLAGS(0) & IEEE80211_MESHPREQ_TFLAGS_TO)) { 1066 uint8_t rootmac[IEEE80211_ADDR_LEN]; 1067 1068 IEEE80211_ADDR_COPY(rootmac, preq->preq_origaddr); 1069 rt = ieee80211_mesh_rt_find(vap, rootmac); 1070 if (rt == NULL) { 1071 rt = ieee80211_mesh_rt_add(vap, rootmac); 1072 if (rt == NULL) { 1073 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1074 "unable to add root mesh path to %6D", 1075 rootmac, ":"); 1076 vap->iv_stats.is_mesh_rtaddfailed++; 1077 return; 1078 } 1079 } 1080 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1081 "root mesh station @ %6D", rootmac, ":"); 1082 1083 /* 1084 * Reply with a PREP if we don't have a path to the root 1085 * or if the root sent us a proactive PREQ. 1086 */ 1087 if ((rt->rt_flags & IEEE80211_MESHRT_FLAGS_VALID) == 0 || 1088 (preq->preq_flags & IEEE80211_MESHPREQ_FLAGS_PP)) { 1089 prep.prep_flags = 0; 1090 prep.prep_hopcount = 0; 1091 prep.prep_ttl = ms->ms_ttl; 1092 IEEE80211_ADDR_COPY(prep.prep_origaddr, rootmac); 1093 prep.prep_origseq = preq->preq_origseq; 1094 prep.prep_lifetime = preq->preq_lifetime; 1095 prep.prep_metric = IEEE80211_MESHLMETRIC_INITIALVAL; 1096 IEEE80211_ADDR_COPY(prep.prep_targetaddr, 1097 vap->iv_myaddr); 1098 prep.prep_targetseq = ++hs->hs_seq; 1099 hwmp_send_prep(vap->iv_bss, vap->iv_myaddr, 1100 broadcastaddr, &prep); 1101 } 1102 } 1103 1104 /* 1105 * Forwarding and Intermediate reply for PREQs with 1 target. 1106 */ 1107 if ((preq->preq_tcount == 1) && (preq->preq_ttl > 1) && 1108 (ms->ms_flags & IEEE80211_MESHFLAGS_FWD)) { 1109 struct ieee80211_meshpreq_ie ppreq; /* propagated PREQ */ 1110 1111 memcpy(&ppreq, preq, sizeof(ppreq)); 1112 1113 /* 1114 * We have a valid route to this node. 1115 */ 1116 if (rttarg != NULL && 1117 (rttarg->rt_flags & IEEE80211_MESHRT_FLAGS_VALID)) { 1118 /* 1119 * Check if we can send an intermediate Path Reply, 1120 * i.e., Target Only bit is not set and target is not 1121 * the MAC broadcast address. 1122 */ 1123 if (!(PREQ_TFLAGS(0) & IEEE80211_MESHPREQ_TFLAGS_TO) && 1124 !IEEE80211_ADDR_EQ(PREQ_TADDR(0), broadcastaddr)) { 1125 struct ieee80211_meshprep_ie prep; 1126 1127 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1128 "intermediate reply for PREQ from %6D", 1129 preq->preq_origaddr, ":"); 1130 prep.prep_flags = 0; 1131 prep.prep_hopcount = rttarg->rt_nhops; 1132 prep.prep_ttl = ms->ms_ttl; 1133 IEEE80211_ADDR_COPY(&prep.prep_targetaddr, 1134 PREQ_TADDR(0)); 1135 prep.prep_targetseq = hrtarg->hr_seq; 1136 prep.prep_lifetime = preq->preq_lifetime; 1137 prep.prep_metric =rttarg->rt_metric; 1138 IEEE80211_ADDR_COPY(&prep.prep_origaddr, 1139 preq->preq_origaddr); 1140 prep.prep_origseq = hrorig->hr_seq; 1141 hwmp_send_prep(ni, vap->iv_myaddr, 1142 rtorig->rt_nexthop, &prep); 1143 1144 /* 1145 * Set TO and unset RF bits because we have 1146 * sent a PREP. 1147 */ 1148 ppreq.preq_targets[0].target_flags |= 1149 IEEE80211_MESHPREQ_TFLAGS_TO; 1150 } 1151 } 1152 1153 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1154 "forward PREQ from %6D", 1155 preq->preq_origaddr, ":"); 1156 ppreq.preq_hopcount += 1; 1157 ppreq.preq_ttl -= 1; 1158 ppreq.preq_metric += ms->ms_pmetric->mpm_metric(ni); 1159 1160 /* don't do PREQ ratecheck when we propagate */ 1161 hwmp_send_preq(ni, vap->iv_myaddr, broadcastaddr, 1162 &ppreq, NULL, NULL); 1163 } 1164} 1165#undef PREQ_TFLAGS 1166#undef PREQ_TADDR 1167#undef PREQ_TSEQ 1168 1169static int 1170hwmp_send_preq(struct ieee80211_node *ni, 1171 const uint8_t sa[IEEE80211_ADDR_LEN], 1172 const uint8_t da[IEEE80211_ADDR_LEN], 1173 struct ieee80211_meshpreq_ie *preq, 1174 struct timeval *last, struct timeval *minint) 1175{ 1176 1177 /* 1178 * Enforce PREQ interval. 1179 * NB: Proactive ROOT PREQs rate is handled by cb task. 1180 */ 1181 if (last != NULL && minint != NULL) { 1182 if (ratecheck(last, minint) == 0) 1183 return EALREADY; /* XXX: we should postpone */ 1184 getmicrouptime(last); 1185 } 1186 1187 /* 1188 * mesh preq action frame format 1189 * [6] da 1190 * [6] sa 1191 * [6] addr3 = sa 1192 * [1] action 1193 * [1] category 1194 * [tlv] mesh path request 1195 */ 1196 preq->preq_ie = IEEE80211_ELEMID_MESHPREQ; 1197 preq->preq_len = (preq->preq_flags & IEEE80211_MESHPREQ_FLAGS_AE ? 1198 IEEE80211_MESHPREQ_BASE_SZ_AE : IEEE80211_MESHPREQ_BASE_SZ) + 1199 preq->preq_tcount * IEEE80211_MESHPREQ_TRGT_SZ; 1200 return hwmp_send_action(ni, sa, da, (uint8_t *)preq, preq->preq_len+2); 1201} 1202 1203static void 1204hwmp_recv_prep(struct ieee80211vap *vap, struct ieee80211_node *ni, 1205 const struct ieee80211_frame *wh, const struct ieee80211_meshprep_ie *prep) 1206{ 1207#define IS_PROXY(rt) (rt->rt_flags & IEEE80211_MESHRT_FLAGS_PROXY) 1208#define PROXIED_BY_US(rt) \ 1209 (IEEE80211_ADDR_EQ(vap->iv_myaddr, rt->rt_mesh_gate)) 1210 struct ieee80211_mesh_state *ms = vap->iv_mesh; 1211 struct ieee80211_hwmp_state *hs = vap->iv_hwmp; 1212 struct ieee80211_mesh_route *rt = NULL; 1213 struct ieee80211_mesh_route *rtorig = NULL; 1214 struct ieee80211_mesh_route *rtext = NULL; 1215 struct ieee80211_hwmp_route *hr; 1216 struct ieee80211com *ic = vap->iv_ic; 1217 struct ifnet *ifp = vap->iv_ifp; 1218 struct mbuf *m, *next; 1219 uint32_t metric = 0; 1220 const uint8_t *addr; 1221 1222 if (ni == vap->iv_bss || 1223 ni->ni_mlstate != IEEE80211_NODE_MESH_ESTABLISHED) 1224 return; 1225 1226 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1227 "received PREP, orig %6D, targ %6D", prep->prep_origaddr, ":", 1228 prep->prep_targetaddr, ":"); 1229 1230 /* 1231 * Acceptance criteria: (If the corresponding PREP was not generated 1232 * by us OR not generated by an external mac that is not proxied by us) 1233 * AND forwarding is disabled, discard this PREP. 1234 */ 1235 rtorig = ieee80211_mesh_rt_find(vap, prep->prep_origaddr); 1236 if ((!IEEE80211_ADDR_EQ(vap->iv_myaddr, prep->prep_origaddr) || 1237 (rtorig != NULL && IS_PROXY(rtorig) && !PROXIED_BY_US(rtorig))) && 1238 !(ms->ms_flags & IEEE80211_MESHFLAGS_FWD)){ 1239 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1240 "discard PREP, orig(%6D) not proxied or generated by us", 1241 prep->prep_origaddr, ":"); 1242 return; 1243 } 1244 1245 /* PREP ACCEPTED */ 1246 1247 /* 1248 * If accepted shall create or update the active forwarding information 1249 * it maintains for the target mesh STA of the PREP (according to the 1250 * rules defined in 13.10.8.4). If the conditions for creating or 1251 * updating the forwarding information have not been met in those 1252 * rules, no further steps are applied to the PREP. 1253 * [OPTIONAL]: update forwarding information to TA if metric improves. 1254 */ 1255 rt = ieee80211_mesh_rt_find(vap, prep->prep_targetaddr); 1256 if (rt == NULL) { 1257 rt = ieee80211_mesh_rt_add(vap, prep->prep_targetaddr); 1258 if (rt == NULL) { 1259 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1260 "unable to add PREP path to %6D", 1261 prep->prep_targetaddr, ":"); 1262 vap->iv_stats.is_mesh_rtaddfailed++; 1263 return; 1264 } 1265 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1266 "adding target %6D", prep->prep_targetaddr, ":"); 1267 } 1268 hr = IEEE80211_MESH_ROUTE_PRIV(rt, struct ieee80211_hwmp_route); 1269 /* update path metric */ 1270 metric = prep->prep_metric + ms->ms_pmetric->mpm_metric(ni); 1271 if ((rt->rt_flags & IEEE80211_MESHRT_FLAGS_VALID)) { 1272 if (HWMP_SEQ_LT(prep->prep_targetseq, hr->hr_seq)) { 1273 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1274 "discard PREP from %6D, old seq no %u < %u", 1275 prep->prep_targetaddr, ":", 1276 prep->prep_targetseq, hr->hr_seq); 1277 return; 1278 } else if (HWMP_SEQ_LEQ(prep->prep_targetseq, hr->hr_seq) && 1279 metric > rt->rt_metric) { 1280 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1281 "discard PREP from %6D, new metric %u > %u", 1282 prep->prep_targetaddr, ":", 1283 prep->prep_metric, rt->rt_metric); 1284 return; 1285 } 1286 } 1287 1288 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1289 "%s path to %6D, hopcount %d:%d metric %d:%d", 1290 rt->rt_flags & IEEE80211_MESHRT_FLAGS_VALID ? 1291 "prefer" : "update", 1292 prep->prep_targetaddr, ":", 1293 rt->rt_nhops, prep->prep_hopcount, 1294 rt->rt_metric, metric); 1295 1296 hr->hr_seq = prep->prep_targetseq; 1297 hr->hr_preqretries = 0; 1298 IEEE80211_ADDR_COPY(rt->rt_nexthop, ni->ni_macaddr); 1299 rt->rt_metric = metric; 1300 rt->rt_nhops = prep->prep_hopcount + 1; 1301 ieee80211_mesh_rt_update(rt, prep->prep_lifetime); 1302 rt->rt_flags |= IEEE80211_MESHRT_FLAGS_VALID; /* mark valid */ 1303 1304 /* 1305 * If it's NOT for us, propagate the PREP 1306 */ 1307 if (!IEEE80211_ADDR_EQ(vap->iv_myaddr, prep->prep_origaddr) && 1308 prep->prep_ttl > 1 && 1309 prep->prep_hopcount < hs->hs_maxhops) { 1310 struct ieee80211_meshprep_ie pprep; /* propagated PREP */ 1311 /* 1312 * NB: We should already have setup the path to orig 1313 * mesh STA when we propagated PREQ to target mesh STA, 1314 * no PREP is generated without a corresponding PREQ. 1315 * XXX: for now just ignore. 1316 */ 1317 if (rtorig == NULL) { 1318 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1319 "received PREP for an unknown orig(%6D)", 1320 prep->prep_origaddr, ":"); 1321 return; 1322 } 1323 1324 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1325 "propagate PREP from %6D", 1326 prep->prep_targetaddr, ":"); 1327 1328 memcpy(&pprep, prep, sizeof(pprep)); 1329 pprep.prep_hopcount += 1; 1330 pprep.prep_ttl -= 1; 1331 pprep.prep_metric += ms->ms_pmetric->mpm_metric(ni); 1332 hwmp_send_prep(ni, vap->iv_myaddr, rtorig->rt_nexthop, &pprep); 1333 1334 /* precursor list for the Target Mesh STA Address is updated */ 1335 } 1336 1337 /* 1338 * Check if we received a PREP w/ AE and store target external address. 1339 * We may store target external address if recevied PREP w/ AE 1340 * and we are not final destination 1341 */ 1342 if (prep->prep_flags & IEEE80211_MESHPREP_FLAGS_AE) { 1343 rtext = ieee80211_mesh_rt_find(vap, 1344 prep->prep_target_ext_addr); 1345 if (rtext == NULL) { 1346 rtext = ieee80211_mesh_rt_add(vap, 1347 prep->prep_target_ext_addr); 1348 if (rtext == NULL) { 1349 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1350 "unable to add PREP path to proxy %6D", 1351 prep->prep_targetaddr, ":"); 1352 vap->iv_stats.is_mesh_rtaddfailed++; 1353 return; 1354 } 1355 } 1356 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1357 "%s path to %6D, hopcount %d:%d metric %d:%d", 1358 rtext->rt_flags & IEEE80211_MESHRT_FLAGS_VALID ? 1359 "prefer" : "update", 1360 prep->prep_target_ext_addr, ":", 1361 rtext->rt_nhops, prep->prep_hopcount, 1362 rtext->rt_metric, metric); 1363 1364 rtext->rt_flags = IEEE80211_MESHRT_FLAGS_PROXY | 1365 IEEE80211_MESHRT_FLAGS_VALID; 1366 IEEE80211_ADDR_COPY(rtext->rt_dest, 1367 prep->prep_target_ext_addr); 1368 IEEE80211_ADDR_COPY(rtext->rt_mesh_gate, 1369 prep->prep_targetaddr); 1370 IEEE80211_ADDR_COPY(rtext->rt_nexthop, wh->i_addr2); 1371 rtext->rt_metric = metric; 1372 rtext->rt_lifetime = prep->prep_lifetime; 1373 rtext->rt_nhops = prep->prep_hopcount + 1; 1374 rtext->rt_ext_seq = prep->prep_origseq; /* new proxy seq */ 1375 /* 1376 * XXX: proxy entries have no HWMP priv data, 1377 * nullify them to be sure? 1378 */ 1379 } 1380 /* 1381 * Check for frames queued awaiting path discovery. 1382 * XXX probably can tell exactly and avoid remove call 1383 * NB: hash may have false matches, if so they will get 1384 * stuck back on the stageq because there won't be 1385 * a path. 1386 */ 1387 addr = prep->prep_flags & IEEE80211_MESHPREP_FLAGS_AE ? 1388 prep->prep_target_ext_addr : prep->prep_targetaddr; 1389 m = ieee80211_ageq_remove(&ic->ic_stageq, 1390 (struct ieee80211_node *)(uintptr_t) 1391 ieee80211_mac_hash(ic, addr)); /* either dest or ext_dest */ 1392 for (; m != NULL; m = next) { 1393 next = m->m_nextpkt; 1394 m->m_nextpkt = NULL; 1395 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1396 "flush queued frame %p len %d", m, m->m_pkthdr.len); 1397 ifp->if_transmit(ifp, m); 1398 } 1399#undef IS_PROXY 1400#undef PROXIED_BY_US 1401} 1402 1403static int 1404hwmp_send_prep(struct ieee80211_node *ni, 1405 const uint8_t sa[IEEE80211_ADDR_LEN], 1406 const uint8_t da[IEEE80211_ADDR_LEN], 1407 struct ieee80211_meshprep_ie *prep) 1408{ 1409 /* NB: there's no PREP minimum interval. */ 1410 1411 /* 1412 * mesh prep action frame format 1413 * [6] da 1414 * [6] sa 1415 * [6] addr3 = sa 1416 * [1] action 1417 * [1] category 1418 * [tlv] mesh path reply 1419 */ 1420 prep->prep_ie = IEEE80211_ELEMID_MESHPREP; 1421 prep->prep_len = prep->prep_flags & IEEE80211_MESHPREP_FLAGS_AE ? 1422 IEEE80211_MESHPREP_BASE_SZ_AE : IEEE80211_MESHPREP_BASE_SZ; 1423 return hwmp_send_action(ni, sa, da, (uint8_t *)prep, 1424 prep->prep_len + 2); 1425} 1426 1427#define PERR_DFLAGS(n) perr.perr_dests[n].dest_flags 1428#define PERR_DADDR(n) perr.perr_dests[n].dest_addr 1429#define PERR_DSEQ(n) perr.perr_dests[n].dest_seq 1430#define PERR_DRCODE(n) perr.perr_dests[n].dest_rcode 1431static void 1432hwmp_peerdown(struct ieee80211_node *ni) 1433{ 1434 struct ieee80211vap *vap = ni->ni_vap; 1435 struct ieee80211_mesh_state *ms = vap->iv_mesh; 1436 struct ieee80211_meshperr_ie perr; 1437 struct ieee80211_mesh_route *rt; 1438 struct ieee80211_hwmp_route *hr; 1439 1440 rt = ieee80211_mesh_rt_find(vap, ni->ni_macaddr); 1441 if (rt == NULL) 1442 return; 1443 hr = IEEE80211_MESH_ROUTE_PRIV(rt, struct ieee80211_hwmp_route); 1444 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1445 "%s", "delete route entry"); 1446 perr.perr_ttl = ms->ms_ttl; 1447 perr.perr_ndests = 1; 1448 PERR_DFLAGS(0) = 0; 1449 if (hr->hr_seq == 0) 1450 PERR_DFLAGS(0) |= IEEE80211_MESHPERR_DFLAGS_USN; 1451 PERR_DFLAGS(0) |= IEEE80211_MESHPERR_DFLAGS_RC; 1452 IEEE80211_ADDR_COPY(PERR_DADDR(0), rt->rt_dest); 1453 PERR_DSEQ(0) = ++hr->hr_seq; 1454 PERR_DRCODE(0) = IEEE80211_REASON_MESH_PERR_DEST_UNREACH; 1455 /* NB: flush everything passing through peer */ 1456 ieee80211_mesh_rt_flush_peer(vap, ni->ni_macaddr); 1457 hwmp_send_perr(vap->iv_bss, vap->iv_myaddr, broadcastaddr, &perr); 1458} 1459#undef PERR_DFLAGS 1460#undef PERR_DADDR 1461#undef PERR_DSEQ 1462#undef PERR_DRCODE 1463 1464#define PERR_DFLAGS(n) perr->perr_dests[n].dest_flags 1465#define PERR_DADDR(n) perr->perr_dests[n].dest_addr 1466#define PERR_DSEQ(n) perr->perr_dests[n].dest_seq 1467#define PERR_DEXTADDR(n) perr->perr_dests[n].dest_ext_addr 1468#define PERR_DRCODE(n) perr->perr_dests[n].dest_rcode 1469static void 1470hwmp_recv_perr(struct ieee80211vap *vap, struct ieee80211_node *ni, 1471 const struct ieee80211_frame *wh, const struct ieee80211_meshperr_ie *perr) 1472{ 1473 struct ieee80211_mesh_state *ms = vap->iv_mesh; 1474 struct ieee80211_mesh_route *rt = NULL; 1475 struct ieee80211_mesh_route *rt_ext = NULL; 1476 struct ieee80211_hwmp_route *hr; 1477 struct ieee80211_meshperr_ie *pperr = NULL; 1478 int i, j = 0, forward = 0; 1479 1480 if (ni == vap->iv_bss || 1481 ni->ni_mlstate != IEEE80211_NODE_MESH_ESTABLISHED) 1482 return; 1483 1484 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1485 "received PERR from %6D", wh->i_addr2, ":"); 1486 1487 /* 1488 * if forwarding is true, prepare pperr 1489 */ 1490 if (ms->ms_flags & IEEE80211_MESHFLAGS_FWD) { 1491 forward = 1; 1492 pperr = malloc(sizeof(*perr) + 31*sizeof(*perr->perr_dests), 1493 M_80211_MESH_PERR, M_NOWAIT); /* XXX: magic number, 32 err dests */ 1494 } 1495 1496 /* 1497 * Acceptance criteria: check if we have forwarding information 1498 * stored about destination, and that nexthop == TA of this PERR. 1499 * NB: we also build a new PERR to propagate in case we should forward. 1500 */ 1501 for (i = 0; i < perr->perr_ndests; i++) { 1502 rt = ieee80211_mesh_rt_find(vap, PERR_DADDR(i)); 1503 if (rt == NULL || rt->rt_flags & IEEE80211_MESHRT_FLAGS_VALID) 1504 continue; 1505 if (!IEEE80211_ADDR_EQ(rt->rt_nexthop, wh->i_addr2)) 1506 continue; 1507 1508 /* found and accepted a PERR ndest element, process it... */ 1509 if (forward) 1510 memcpy(&pperr->perr_dests[j], &perr->perr_dests[i], 1511 sizeof(*perr->perr_dests)); 1512 hr = IEEE80211_MESH_ROUTE_PRIV(rt, struct ieee80211_hwmp_route); 1513 switch(PERR_DFLAGS(i)) { 1514 case (IEEE80211_REASON_MESH_PERR_NO_FI): 1515 if (PERR_DSEQ(i) == 0) { 1516 hr->hr_seq++; 1517 if (forward) { 1518 pperr->perr_dests[j].dest_seq = 1519 hr->hr_seq; 1520 } 1521 } else { 1522 hr->hr_seq = PERR_DSEQ(i); 1523 } 1524 rt->rt_flags &= ~IEEE80211_MESHRT_FLAGS_VALID; 1525 j++; 1526 break; 1527 case (IEEE80211_REASON_MESH_PERR_DEST_UNREACH): 1528 if(HWMP_SEQ_GT(PERR_DSEQ(i), hr->hr_seq)) { 1529 hr->hr_seq = PERR_DSEQ(i); 1530 rt->rt_flags &= ~IEEE80211_MESHRT_FLAGS_VALID; 1531 j++; 1532 } 1533 break; 1534 case (IEEE80211_REASON_MESH_PERR_NO_PROXY): 1535 rt_ext = ieee80211_mesh_rt_find(vap, PERR_DEXTADDR(i)); 1536 if (rt_ext != NULL) { 1537 rt_ext->rt_flags &= 1538 ~IEEE80211_MESHRT_FLAGS_VALID; 1539 j++; 1540 } 1541 break; 1542 default: 1543 IEEE80211_DISCARD(vap, IEEE80211_MSG_HWMP, wh, NULL, 1544 "PERR, unknown reason code %u\n", PERR_DFLAGS(i)); 1545 goto done; /* XXX: stats?? */ 1546 } 1547 ieee80211_mesh_rt_flush_peer(vap, rt->rt_dest); 1548 KASSERT(j < 32, ("PERR, error ndest >= 32 (%u)", j)); 1549 } 1550 if (j == 0) { 1551 IEEE80211_DISCARD(vap, IEEE80211_MSG_HWMP, wh, NULL, "%s", 1552 "PERR not accepted"); 1553 goto done; /* XXX: stats?? */ 1554 } 1555 1556 /* 1557 * Propagate the PERR if we previously found it on our routing table. 1558 */ 1559 if (forward && perr->perr_ttl > 1) { 1560 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, ni, 1561 "propagate PERR from %6D", wh->i_addr2, ":"); 1562 pperr->perr_ndests = j; 1563 pperr->perr_ttl--; 1564 hwmp_send_perr(vap->iv_bss, vap->iv_myaddr, broadcastaddr, 1565 pperr); 1566 } 1567done: 1568 if (pperr != NULL) 1569 free(pperr, M_80211_MESH_PERR); 1570} 1571#undef PERR_DFLAGS 1572#undef PEER_DADDR 1573#undef PERR_DSEQ 1574#undef PERR_DEXTADDR 1575#undef PERR_DRCODE 1576 1577static int 1578hwmp_send_perr(struct ieee80211_node *ni, 1579 const uint8_t sa[IEEE80211_ADDR_LEN], 1580 const uint8_t da[IEEE80211_ADDR_LEN], 1581 struct ieee80211_meshperr_ie *perr) 1582{ 1583 struct ieee80211_hwmp_state *hs = ni->ni_vap->iv_hwmp; 1584 int i; 1585 uint8_t length = 0; 1586 1587 /* 1588 * Enforce PERR interval. 1589 */ 1590 if (ratecheck(&hs->hs_lastperr, &ieee80211_hwmp_perrminint) == 0) 1591 return EALREADY; 1592 getmicrouptime(&hs->hs_lastperr); 1593 1594 /* 1595 * mesh perr action frame format 1596 * [6] da 1597 * [6] sa 1598 * [6] addr3 = sa 1599 * [1] action 1600 * [1] category 1601 * [tlv] mesh path error 1602 */ 1603 perr->perr_ie = IEEE80211_ELEMID_MESHPERR; 1604 length = IEEE80211_MESHPERR_BASE_SZ; 1605 for (i = 0; i<perr->perr_ndests; i++) { 1606 if (perr->perr_dests[i].dest_flags & 1607 IEEE80211_MESHPERR_FLAGS_AE) { 1608 length += IEEE80211_MESHPERR_DEST_SZ_AE; 1609 continue ; 1610 } 1611 length += IEEE80211_MESHPERR_DEST_SZ; 1612 } 1613 perr->perr_len =length; 1614 return hwmp_send_action(ni, sa, da, (uint8_t *)perr, perr->perr_len+2); 1615} 1616 1617static void 1618hwmp_recv_rann(struct ieee80211vap *vap, struct ieee80211_node *ni, 1619 const struct ieee80211_frame *wh, const struct ieee80211_meshrann_ie *rann) 1620{ 1621 struct ieee80211_mesh_state *ms = vap->iv_mesh; 1622 struct ieee80211_hwmp_state *hs = vap->iv_hwmp; 1623 struct ieee80211_mesh_route *rt = NULL; 1624 struct ieee80211_hwmp_route *hr; 1625 struct ieee80211_meshrann_ie prann; 1626 1627 if (ni == vap->iv_bss || 1628 ni->ni_mlstate != IEEE80211_NODE_MESH_ESTABLISHED || 1629 IEEE80211_ADDR_EQ(rann->rann_addr, vap->iv_myaddr)) 1630 return; 1631 1632 rt = ieee80211_mesh_rt_find(vap, rann->rann_addr); 1633 /* 1634 * Discover the path to the root mesh STA. 1635 * If we already know it, propagate the RANN element. 1636 */ 1637 if (rt == NULL) { 1638 hwmp_discover(vap, rann->rann_addr, NULL); 1639 return; 1640 } 1641 hr = IEEE80211_MESH_ROUTE_PRIV(rt, struct ieee80211_hwmp_route); 1642 if (HWMP_SEQ_GT(rann->rann_seq, hr->hr_seq)) { 1643 hr->hr_seq = rann->rann_seq; 1644 if (rann->rann_ttl > 1 && 1645 rann->rann_hopcount < hs->hs_maxhops && 1646 (ms->ms_flags & IEEE80211_MESHFLAGS_FWD)) { 1647 memcpy(&prann, rann, sizeof(prann)); 1648 prann.rann_hopcount += 1; 1649 prann.rann_ttl -= 1; 1650 prann.rann_metric += ms->ms_pmetric->mpm_metric(ni); 1651 hwmp_send_rann(vap->iv_bss, vap->iv_myaddr, 1652 broadcastaddr, &prann); 1653 } 1654 } 1655} 1656 1657static int 1658hwmp_send_rann(struct ieee80211_node *ni, 1659 const uint8_t sa[IEEE80211_ADDR_LEN], 1660 const uint8_t da[IEEE80211_ADDR_LEN], 1661 struct ieee80211_meshrann_ie *rann) 1662{ 1663 /* 1664 * mesh rann action frame format 1665 * [6] da 1666 * [6] sa 1667 * [6] addr3 = sa 1668 * [1] action 1669 * [1] category 1670 * [tlv] root annoucement 1671 */ 1672 rann->rann_ie = IEEE80211_ELEMID_MESHRANN; 1673 rann->rann_len = IEEE80211_MESHRANN_BASE_SZ; 1674 return hwmp_send_action(ni, sa, da, (uint8_t *)rann, 1675 rann->rann_len + 2); 1676} 1677 1678#define PREQ_TFLAGS(n) preq.preq_targets[n].target_flags 1679#define PREQ_TADDR(n) preq.preq_targets[n].target_addr 1680#define PREQ_TSEQ(n) preq.preq_targets[n].target_seq 1681static struct ieee80211_node * 1682hwmp_discover(struct ieee80211vap *vap, 1683 const uint8_t dest[IEEE80211_ADDR_LEN], struct mbuf *m) 1684{ 1685 struct ieee80211_hwmp_state *hs = vap->iv_hwmp; 1686 struct ieee80211_mesh_state *ms = vap->iv_mesh; 1687 struct ieee80211_mesh_route *rt = NULL; 1688 struct ieee80211_hwmp_route *hr; 1689 struct ieee80211_meshpreq_ie preq; 1690 struct ieee80211_node *ni; 1691 int sendpreq = 0; 1692 1693 KASSERT(vap->iv_opmode == IEEE80211_M_MBSS, 1694 ("not a mesh vap, opmode %d", vap->iv_opmode)); 1695 1696 KASSERT(!IEEE80211_ADDR_EQ(vap->iv_myaddr, dest), 1697 ("%s: discovering self!", __func__)); 1698 1699 ni = NULL; 1700 if (!IEEE80211_IS_MULTICAST(dest)) { 1701 rt = ieee80211_mesh_rt_find(vap, dest); 1702 if (rt == NULL) { 1703 rt = ieee80211_mesh_rt_add(vap, dest); 1704 if (rt == NULL) { 1705 IEEE80211_NOTE(vap, IEEE80211_MSG_HWMP, 1706 ni, "unable to add discovery path to %6D", 1707 dest, ":"); 1708 vap->iv_stats.is_mesh_rtaddfailed++; 1709 goto done; 1710 } 1711 } 1712 hr = IEEE80211_MESH_ROUTE_PRIV(rt, 1713 struct ieee80211_hwmp_route); 1714 if ((rt->rt_flags & IEEE80211_MESHRT_FLAGS_VALID) == 0) { 1715 if (hr->hr_lastdiscovery != 0 && 1716 (ticks - hr->hr_lastdiscovery < 1717 (ieee80211_hwmp_net_diameter_traversaltime * 2))) { 1718 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY, 1719 dest, NULL, "%s", 1720 "too frequent discovery requeust"); 1721 /* XXX: stats? */ 1722 goto done; 1723 } 1724 hr->hr_lastdiscovery = ticks; 1725 if (hr->hr_preqretries >= 1726 ieee80211_hwmp_maxpreq_retries) { 1727 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY, 1728 dest, NULL, "%s", 1729 "no valid path , max number of discovery"); 1730 vap->iv_stats.is_mesh_fwd_nopath++; 1731 goto done; 1732 } 1733 hr->hr_preqretries++; 1734 if (hr->hr_origseq == 0) 1735 hr->hr_origseq = ++hs->hs_seq; 1736 rt->rt_metric = IEEE80211_MESHLMETRIC_INITIALVAL; 1737 /* XXX: special discovery timeout, larger lifetime? */ 1738 ieee80211_mesh_rt_update(rt, 1739 ticks_to_msecs(ieee80211_hwmp_pathtimeout)); 1740 sendpreq = 1; 1741 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_HWMP, dest, 1742 "start path discovery (src %s), target seq %u", 1743 m == NULL ? "<none>" : ether_sprintf( 1744 mtod(m, struct ether_header *)->ether_shost), 1745 hr->hr_seq); 1746 /* 1747 * Try to discover the path for this node. 1748 * Group addressed PREQ Case A 1749 */ 1750 preq.preq_flags = 0; 1751 preq.preq_hopcount = 0; 1752 preq.preq_ttl = ms->ms_ttl; 1753 preq.preq_id = ++hs->hs_preqid; 1754 IEEE80211_ADDR_COPY(preq.preq_origaddr, vap->iv_myaddr); 1755 preq.preq_origseq = hr->hr_origseq; 1756 preq.preq_lifetime = 1757 ticks_to_msecs(ieee80211_hwmp_pathtimeout); 1758 preq.preq_metric = IEEE80211_MESHLMETRIC_INITIALVAL; 1759 preq.preq_tcount = 1; 1760 IEEE80211_ADDR_COPY(PREQ_TADDR(0), dest); 1761 PREQ_TFLAGS(0) = 0; 1762 if (ieee80211_hwmp_targetonly) 1763 PREQ_TFLAGS(0) |= IEEE80211_MESHPREQ_TFLAGS_TO; 1764 PREQ_TFLAGS(0) |= IEEE80211_MESHPREQ_TFLAGS_USN; 1765 PREQ_TSEQ(0) = 0; /* RESERVED when USN flag is set */ 1766 /* XXX check return value */ 1767 hwmp_send_preq(vap->iv_bss, vap->iv_myaddr, 1768 broadcastaddr, &preq, &hr->hr_lastpreq, 1769 &ieee80211_hwmp_preqminint); 1770 } 1771 if (rt->rt_flags & IEEE80211_MESHRT_FLAGS_VALID) 1772 ni = ieee80211_find_txnode(vap, rt->rt_nexthop); 1773 } else { 1774 ni = ieee80211_find_txnode(vap, dest); 1775 /* NB: if null then we leak mbuf */ 1776 KASSERT(ni != NULL, ("leak mcast frame")); 1777 return ni; 1778 } 1779done: 1780 if (ni == NULL && m != NULL) { 1781 if (sendpreq) { 1782 struct ieee80211com *ic = vap->iv_ic; 1783 /* 1784 * Queue packet for transmit when path discovery 1785 * completes. If discovery never completes the 1786 * frame will be flushed by way of the aging timer. 1787 */ 1788 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_HWMP, dest, 1789 "%s", "queue frame until path found"); 1790 m->m_pkthdr.rcvif = (void *)(uintptr_t) 1791 ieee80211_mac_hash(ic, dest); 1792 /* XXX age chosen randomly */ 1793 ieee80211_ageq_append(&ic->ic_stageq, m, 1794 IEEE80211_INACT_WAIT); 1795 } else { 1796 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_HWMP, 1797 dest, NULL, "%s", "no valid path to this node"); 1798 m_freem(m); 1799 } 1800 } 1801 return ni; 1802} 1803#undef PREQ_TFLAGS 1804#undef PREQ_TADDR 1805#undef PREQ_TSEQ 1806 1807static int 1808hwmp_ioctl_get80211(struct ieee80211vap *vap, struct ieee80211req *ireq) 1809{ 1810 struct ieee80211_hwmp_state *hs = vap->iv_hwmp; 1811 int error; 1812 1813 if (vap->iv_opmode != IEEE80211_M_MBSS) 1814 return ENOSYS; 1815 error = 0; 1816 switch (ireq->i_type) { 1817 case IEEE80211_IOC_HWMP_ROOTMODE: 1818 ireq->i_val = hs->hs_rootmode; 1819 break; 1820 case IEEE80211_IOC_HWMP_MAXHOPS: 1821 ireq->i_val = hs->hs_maxhops; 1822 break; 1823 default: 1824 return ENOSYS; 1825 } 1826 return error; 1827} 1828IEEE80211_IOCTL_GET(hwmp, hwmp_ioctl_get80211); 1829 1830static int 1831hwmp_ioctl_set80211(struct ieee80211vap *vap, struct ieee80211req *ireq) 1832{ 1833 struct ieee80211_hwmp_state *hs = vap->iv_hwmp; 1834 int error; 1835 1836 if (vap->iv_opmode != IEEE80211_M_MBSS) 1837 return ENOSYS; 1838 error = 0; 1839 switch (ireq->i_type) { 1840 case IEEE80211_IOC_HWMP_ROOTMODE: 1841 if (ireq->i_val < 0 || ireq->i_val > 3) 1842 return EINVAL; 1843 hs->hs_rootmode = ireq->i_val; 1844 hwmp_rootmode_setup(vap); 1845 break; 1846 case IEEE80211_IOC_HWMP_MAXHOPS: 1847 if (ireq->i_val <= 0 || ireq->i_val > 255) 1848 return EINVAL; 1849 hs->hs_maxhops = ireq->i_val; 1850 break; 1851 default: 1852 return ENOSYS; 1853 } 1854 return error; 1855} 1856IEEE80211_IOCTL_SET(hwmp, hwmp_ioctl_set80211); 1857