Line data Source code
1 : /*
2 : * wpa_supplicant - Off-channel Action frame TX/RX
3 : * Copyright (c) 2009-2010, Atheros Communications
4 : * Copyright (c) 2011, Qualcomm Atheros
5 : *
6 : * This software may be distributed under the terms of the BSD license.
7 : * See README for more details.
8 : */
9 :
10 : #include "includes.h"
11 :
12 : #include "common.h"
13 : #include "utils/eloop.h"
14 : #include "wpa_supplicant_i.h"
15 : #include "driver_i.h"
16 : #include "offchannel.h"
17 :
18 :
19 :
20 : static struct wpa_supplicant *
21 1047 : wpas_get_tx_interface(struct wpa_supplicant *wpa_s, const u8 *src)
22 : {
23 : struct wpa_supplicant *iface;
24 :
25 1047 : if (os_memcmp(src, wpa_s->own_addr, ETH_ALEN) == 0)
26 1047 : return wpa_s;
27 :
28 : /*
29 : * Try to find a group interface that matches with the source address.
30 : */
31 0 : iface = wpa_s->global->ifaces;
32 0 : while (iface) {
33 0 : if (os_memcmp(wpa_s->pending_action_src,
34 : iface->own_addr, ETH_ALEN) == 0)
35 0 : break;
36 0 : iface = iface->next;
37 : }
38 0 : if (iface) {
39 0 : wpa_printf(MSG_DEBUG, "P2P: Use group interface %s "
40 : "instead of interface %s for Action TX",
41 0 : iface->ifname, wpa_s->ifname);
42 0 : return iface;
43 : }
44 :
45 0 : return wpa_s;
46 : }
47 :
48 :
49 1095 : static void wpas_send_action_cb(void *eloop_ctx, void *timeout_ctx)
50 : {
51 1095 : struct wpa_supplicant *wpa_s = eloop_ctx;
52 : struct wpa_supplicant *iface;
53 : int res;
54 : int without_roc;
55 :
56 1095 : without_roc = wpa_s->pending_action_without_roc;
57 1095 : wpa_s->pending_action_without_roc = 0;
58 1095 : wpa_printf(MSG_DEBUG, "Off-channel: Send Action callback "
59 : "(without_roc=%d pending_action_tx=%p)",
60 : without_roc, wpa_s->pending_action_tx);
61 :
62 1095 : if (wpa_s->pending_action_tx == NULL)
63 1088 : return;
64 :
65 : /*
66 : * This call is likely going to be on the P2P device instance if the
67 : * driver uses a separate interface for that purpose. However, some
68 : * Action frames are actually sent within a P2P Group and when that is
69 : * the case, we need to follow power saving (e.g., GO buffering the
70 : * frame for a client in PS mode or a client following the advertised
71 : * NoA from its GO). To make that easier for the driver, select the
72 : * correct group interface here.
73 : */
74 7 : iface = wpas_get_tx_interface(wpa_s, wpa_s->pending_action_src);
75 :
76 7 : if (wpa_s->off_channel_freq != wpa_s->pending_action_freq &&
77 0 : wpa_s->pending_action_freq != 0 &&
78 0 : wpa_s->pending_action_freq != iface->assoc_freq) {
79 0 : wpa_printf(MSG_DEBUG, "Off-channel: Pending Action frame TX "
80 : "waiting for another freq=%u (off_channel_freq=%u "
81 : "assoc_freq=%u)",
82 : wpa_s->pending_action_freq,
83 : wpa_s->off_channel_freq,
84 : iface->assoc_freq);
85 0 : if (without_roc && wpa_s->off_channel_freq == 0) {
86 : /*
87 : * We may get here if wpas_send_action() found us to be
88 : * on the correct channel, but remain-on-channel cancel
89 : * event was received before getting here.
90 : */
91 0 : wpa_printf(MSG_DEBUG, "Off-channel: Schedule "
92 : "remain-on-channel to send Action frame");
93 0 : if (wpa_drv_remain_on_channel(
94 : wpa_s, wpa_s->pending_action_freq, 200) <
95 : 0) {
96 0 : wpa_printf(MSG_DEBUG, "Off-channel: Failed to "
97 : "request driver to remain on "
98 : "channel (%u MHz) for Action Frame "
99 : "TX", wpa_s->pending_action_freq);
100 : } else {
101 0 : wpa_s->off_channel_freq = 0;
102 0 : wpa_s->roc_waiting_drv_freq =
103 0 : wpa_s->pending_action_freq;
104 : }
105 : }
106 0 : return;
107 : }
108 :
109 42 : wpa_printf(MSG_DEBUG, "Off-channel: Sending pending Action frame to "
110 : MACSTR " using interface %s",
111 42 : MAC2STR(wpa_s->pending_action_dst), iface->ifname);
112 21 : res = wpa_drv_send_action(iface, wpa_s->pending_action_freq, 0,
113 7 : wpa_s->pending_action_dst,
114 7 : wpa_s->pending_action_src,
115 7 : wpa_s->pending_action_bssid,
116 7 : wpabuf_head(wpa_s->pending_action_tx),
117 7 : wpabuf_len(wpa_s->pending_action_tx),
118 : wpa_s->pending_action_no_cck);
119 7 : if (res) {
120 0 : wpa_printf(MSG_DEBUG, "Off-channel: Failed to send the "
121 : "pending Action frame");
122 : /*
123 : * Use fake TX status event to allow state machines to
124 : * continue.
125 : */
126 0 : offchannel_send_action_tx_status(
127 0 : wpa_s, wpa_s->pending_action_dst,
128 0 : wpabuf_head(wpa_s->pending_action_tx),
129 0 : wpabuf_len(wpa_s->pending_action_tx),
130 : OFFCHANNEL_SEND_ACTION_FAILED);
131 : }
132 : }
133 :
134 :
135 : /**
136 : * offchannel_send_action_tx_status - TX status callback
137 : * @wpa_s: Pointer to wpa_supplicant data
138 : * @dst: Destination MAC address of the transmitted Action frame
139 : * @data: Transmitted frame payload
140 : * @data_len: Length of @data in bytes
141 : * @result: TX status
142 : *
143 : * This function is called whenever the driver indicates a TX status event for
144 : * a frame sent by offchannel_send_action() using wpa_drv_send_action().
145 : */
146 1086 : void offchannel_send_action_tx_status(
147 : struct wpa_supplicant *wpa_s, const u8 *dst, const u8 *data,
148 : size_t data_len, enum offchannel_send_action_result result)
149 : {
150 1086 : if (wpa_s->pending_action_tx == NULL) {
151 48 : wpa_printf(MSG_DEBUG, "Off-channel: Ignore Action TX status - "
152 : "no pending operation");
153 48 : return;
154 : }
155 :
156 1038 : if (os_memcmp(dst, wpa_s->pending_action_dst, ETH_ALEN) != 0) {
157 0 : wpa_printf(MSG_DEBUG, "Off-channel: Ignore Action TX status - "
158 : "unknown destination address");
159 0 : return;
160 : }
161 :
162 : /* Accept report only if the contents of the frame matches */
163 2075 : if (data_len - wpabuf_len(wpa_s->pending_action_tx) != 24 ||
164 1037 : os_memcmp(data + 24, wpabuf_head(wpa_s->pending_action_tx),
165 : wpabuf_len(wpa_s->pending_action_tx)) != 0) {
166 1 : wpa_printf(MSG_DEBUG, "Off-channel: Ignore Action TX status - "
167 : "mismatching contents with pending frame");
168 1 : wpa_hexdump(MSG_MSGDUMP, "TX status frame data",
169 : data, data_len);
170 1 : wpa_hexdump_buf(MSG_MSGDUMP, "Pending TX frame",
171 1 : wpa_s->pending_action_tx);
172 1 : return;
173 : }
174 :
175 1037 : wpa_printf(MSG_DEBUG, "Off-channel: Delete matching pending action frame");
176 :
177 1037 : wpabuf_free(wpa_s->pending_action_tx);
178 1037 : wpa_s->pending_action_tx = NULL;
179 :
180 1037 : wpa_printf(MSG_DEBUG, "Off-channel: TX status result=%d cb=%p",
181 : result, wpa_s->pending_action_tx_status_cb);
182 :
183 1037 : if (wpa_s->pending_action_tx_status_cb) {
184 2074 : wpa_s->pending_action_tx_status_cb(
185 : wpa_s, wpa_s->pending_action_freq,
186 1037 : wpa_s->pending_action_dst, wpa_s->pending_action_src,
187 1037 : wpa_s->pending_action_bssid,
188 : data, data_len, result);
189 : }
190 : }
191 :
192 :
193 : /**
194 : * offchannel_send_action - Request off-channel Action frame TX
195 : * @wpa_s: Pointer to wpa_supplicant data
196 : * @freq: The frequency in MHz indicating the channel on which the frame is to
197 : * transmitted or 0 for the current channel (only if associated)
198 : * @dst: Action frame destination MAC address
199 : * @src: Action frame source MAC address
200 : * @bssid: Action frame BSSID
201 : * @buf: Frame to transmit starting from the Category field
202 : * @len: Length of @buf in bytes
203 : * @wait_time: Wait time for response in milliseconds
204 : * @tx_cb: Callback function for indicating TX status or %NULL for now callback
205 : * @no_cck: Whether CCK rates are to be disallowed for TX rate selection
206 : * Returns: 0 on success or -1 on failure
207 : *
208 : * This function is used to request an Action frame to be transmitted on the
209 : * current operating channel or on another channel (off-channel). The actual
210 : * frame transmission will be delayed until the driver is ready on the specified
211 : * channel. The @wait_time parameter can be used to request the driver to remain
212 : * awake on the channel to wait for a response.
213 : */
214 1040 : int offchannel_send_action(struct wpa_supplicant *wpa_s, unsigned int freq,
215 : const u8 *dst, const u8 *src, const u8 *bssid,
216 : const u8 *buf, size_t len, unsigned int wait_time,
217 : void (*tx_cb)(struct wpa_supplicant *wpa_s,
218 : unsigned int freq, const u8 *dst,
219 : const u8 *src, const u8 *bssid,
220 : const u8 *data, size_t data_len,
221 : enum offchannel_send_action_result
222 : result),
223 : int no_cck)
224 : {
225 19760 : wpa_printf(MSG_DEBUG, "Off-channel: Send action frame: freq=%d dst="
226 : MACSTR " src=" MACSTR " bssid=" MACSTR " len=%d",
227 18720 : freq, MAC2STR(dst), MAC2STR(src), MAC2STR(bssid),
228 : (int) len);
229 :
230 1040 : wpa_s->pending_action_tx_status_cb = tx_cb;
231 :
232 1040 : if (wpa_s->pending_action_tx) {
233 6 : wpa_printf(MSG_DEBUG, "Off-channel: Dropped pending Action "
234 : "frame TX to " MACSTR,
235 6 : MAC2STR(wpa_s->pending_action_dst));
236 1 : wpabuf_free(wpa_s->pending_action_tx);
237 : }
238 1040 : wpa_s->pending_action_tx = wpabuf_alloc(len);
239 1040 : if (wpa_s->pending_action_tx == NULL) {
240 0 : wpa_printf(MSG_DEBUG, "Off-channel: Failed to allocate Action "
241 : "frame TX buffer (len=%llu)",
242 : (unsigned long long) len);
243 0 : return -1;
244 : }
245 1040 : wpabuf_put_data(wpa_s->pending_action_tx, buf, len);
246 1040 : os_memcpy(wpa_s->pending_action_src, src, ETH_ALEN);
247 1040 : os_memcpy(wpa_s->pending_action_dst, dst, ETH_ALEN);
248 1040 : os_memcpy(wpa_s->pending_action_bssid, bssid, ETH_ALEN);
249 1040 : wpa_s->pending_action_freq = freq;
250 1040 : wpa_s->pending_action_no_cck = no_cck;
251 :
252 1040 : if (freq != 0 && wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX) {
253 : struct wpa_supplicant *iface;
254 :
255 1036 : iface = wpas_get_tx_interface(wpa_s,
256 1036 : wpa_s->pending_action_src);
257 1036 : wpa_s->action_tx_wait_time = wait_time;
258 :
259 3108 : return wpa_drv_send_action(
260 : iface, wpa_s->pending_action_freq,
261 1036 : wait_time, wpa_s->pending_action_dst,
262 1036 : wpa_s->pending_action_src, wpa_s->pending_action_bssid,
263 1036 : wpabuf_head(wpa_s->pending_action_tx),
264 1036 : wpabuf_len(wpa_s->pending_action_tx),
265 : wpa_s->pending_action_no_cck);
266 : }
267 :
268 4 : if (freq) {
269 : struct wpa_supplicant *tx_iface;
270 4 : tx_iface = wpas_get_tx_interface(wpa_s, src);
271 4 : if (tx_iface->assoc_freq == freq) {
272 0 : wpa_printf(MSG_DEBUG, "Off-channel: Already on "
273 : "requested channel (TX interface operating "
274 : "channel)");
275 0 : freq = 0;
276 : }
277 : }
278 :
279 4 : if (wpa_s->off_channel_freq == freq || freq == 0) {
280 2 : wpa_printf(MSG_DEBUG, "Off-channel: Already on requested "
281 : "channel; send Action frame immediately");
282 : /* TODO: Would there ever be need to extend the current
283 : * duration on the channel? */
284 2 : wpa_s->pending_action_without_roc = 1;
285 2 : eloop_cancel_timeout(wpas_send_action_cb, wpa_s, NULL);
286 2 : eloop_register_timeout(0, 0, wpas_send_action_cb, wpa_s, NULL);
287 2 : return 0;
288 : }
289 2 : wpa_s->pending_action_without_roc = 0;
290 :
291 2 : if (wpa_s->roc_waiting_drv_freq == freq) {
292 0 : wpa_printf(MSG_DEBUG, "Off-channel: Already waiting for "
293 : "driver to get to frequency %u MHz; continue "
294 : "waiting to send the Action frame", freq);
295 0 : return 0;
296 : }
297 :
298 2 : wpa_printf(MSG_DEBUG, "Off-channel: Schedule Action frame to be "
299 : "transmitted once the driver gets to the requested "
300 : "channel");
301 2 : if (wait_time > wpa_s->max_remain_on_chan)
302 0 : wait_time = wpa_s->max_remain_on_chan;
303 2 : else if (wait_time == 0)
304 0 : wait_time = 20;
305 2 : if (wpa_drv_remain_on_channel(wpa_s, freq, wait_time) < 0) {
306 0 : wpa_printf(MSG_DEBUG, "Off-channel: Failed to request driver "
307 : "to remain on channel (%u MHz) for Action "
308 : "Frame TX", freq);
309 0 : return -1;
310 : }
311 2 : wpa_s->off_channel_freq = 0;
312 2 : wpa_s->roc_waiting_drv_freq = freq;
313 :
314 2 : return 0;
315 : }
316 :
317 :
318 : /**
319 : * offchannel_send_send_action_done - Notify completion of Action frame sequence
320 : * @wpa_s: Pointer to wpa_supplicant data
321 : *
322 : * This function can be used to cancel a wait for additional response frames on
323 : * the channel that was used with offchannel_send_action().
324 : */
325 556 : void offchannel_send_action_done(struct wpa_supplicant *wpa_s)
326 : {
327 556 : wpa_printf(MSG_DEBUG, "Off-channel: Action frame sequence done "
328 : "notification");
329 556 : wpabuf_free(wpa_s->pending_action_tx);
330 556 : wpa_s->pending_action_tx = NULL;
331 1109 : if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_TX &&
332 553 : wpa_s->action_tx_wait_time)
333 553 : wpa_drv_send_action_cancel_wait(wpa_s);
334 :
335 556 : if (wpa_s->off_channel_freq || wpa_s->roc_waiting_drv_freq) {
336 108 : wpa_drv_cancel_remain_on_channel(wpa_s);
337 108 : wpa_s->off_channel_freq = 0;
338 108 : wpa_s->roc_waiting_drv_freq = 0;
339 : }
340 556 : }
341 :
342 :
343 : /**
344 : * offchannel_remain_on_channel_cb - Remain-on-channel callback function
345 : * @wpa_s: Pointer to wpa_supplicant data
346 : * @freq: Frequency (in MHz) of the selected channel
347 : * @duration: Duration of the remain-on-channel operation in milliseconds
348 : *
349 : * This function is called whenever the driver notifies beginning of a
350 : * remain-on-channel operation.
351 : */
352 1093 : void offchannel_remain_on_channel_cb(struct wpa_supplicant *wpa_s,
353 : unsigned int freq, unsigned int duration)
354 : {
355 1093 : wpa_s->roc_waiting_drv_freq = 0;
356 1093 : wpa_s->off_channel_freq = freq;
357 1093 : wpas_send_action_cb(wpa_s, NULL);
358 1093 : }
359 :
360 :
361 : /**
362 : * offchannel_cancel_remain_on_channel_cb - Remain-on-channel stopped callback
363 : * @wpa_s: Pointer to wpa_supplicant data
364 : * @freq: Frequency (in MHz) of the selected channel
365 : *
366 : * This function is called whenever the driver notifies termination of a
367 : * remain-on-channel operation.
368 : */
369 1064 : void offchannel_cancel_remain_on_channel_cb(struct wpa_supplicant *wpa_s,
370 : unsigned int freq)
371 : {
372 1064 : wpa_s->off_channel_freq = 0;
373 1064 : }
374 :
375 :
376 : /**
377 : * offchannel_pending_action_tx - Check whether there is a pending Action TX
378 : * @wpa_s: Pointer to wpa_supplicant data
379 : * Returns: Pointer to pending frame or %NULL if no pending operation
380 : *
381 : * This function can be used to check whether there is a pending Action frame TX
382 : * operation. The returned pointer should be used only for checking whether it
383 : * is %NULL (no pending frame) or to print the pointer value in debug
384 : * information (i.e., the pointer should not be dereferenced).
385 : */
386 6525 : const void * offchannel_pending_action_tx(struct wpa_supplicant *wpa_s)
387 : {
388 6525 : return wpa_s->pending_action_tx;
389 : }
390 :
391 :
392 : /**
393 : * offchannel_clear_pending_action_tx - Clear pending Action frame TX
394 : * @wpa_s: Pointer to wpa_supplicant data
395 : */
396 79 : void offchannel_clear_pending_action_tx(struct wpa_supplicant *wpa_s)
397 : {
398 79 : wpabuf_free(wpa_s->pending_action_tx);
399 79 : wpa_s->pending_action_tx = NULL;
400 79 : }
401 :
402 :
403 : /**
404 : * offchannel_deinit - Deinit off-channel operations
405 : * @wpa_s: Pointer to wpa_supplicant data
406 : *
407 : * This function is used to free up any allocated resources for off-channel
408 : * operations.
409 : */
410 78 : void offchannel_deinit(struct wpa_supplicant *wpa_s)
411 : {
412 78 : offchannel_clear_pending_action_tx(wpa_s);
413 78 : eloop_cancel_timeout(wpas_send_action_cb, wpa_s, NULL);
414 78 : }
|
