Line data Source code
1 : /*
2 : * hostapd / WMM (Wi-Fi Multimedia)
3 : * Copyright 2002-2003, Instant802 Networks, Inc.
4 : * Copyright 2005-2006, Devicescape Software, Inc.
5 : * Copyright (c) 2009, Jouni Malinen <j@w1.fi>
6 : *
7 : * This software may be distributed under the terms of the BSD license.
8 : * See README for more details.
9 : */
10 :
11 : #include "utils/includes.h"
12 :
13 : #include "utils/common.h"
14 : #include "common/ieee802_11_defs.h"
15 : #include "common/ieee802_11_common.h"
16 : #include "hostapd.h"
17 : #include "ieee802_11.h"
18 : #include "sta_info.h"
19 : #include "ap_config.h"
20 : #include "ap_drv_ops.h"
21 : #include "wmm.h"
22 :
23 :
24 : /* TODO: maintain separate sequence and fragment numbers for each AC
25 : * TODO: IGMP snooping to track which multicasts to forward - and use QOS-DATA
26 : * if only WMM stations are receiving a certain group */
27 :
28 :
29 47156 : static inline u8 wmm_aci_aifsn(int aifsn, int acm, int aci)
30 : {
31 : u8 ret;
32 47156 : ret = (aifsn << WMM_AC_AIFNS_SHIFT) & WMM_AC_AIFSN_MASK;
33 47156 : if (acm)
34 44 : ret |= WMM_AC_ACM;
35 47156 : ret |= (aci << WMM_AC_ACI_SHIFT) & WMM_AC_ACI_MASK;
36 47156 : return ret;
37 : }
38 :
39 :
40 47156 : static inline u8 wmm_ecw(int ecwmin, int ecwmax)
41 : {
42 94312 : return ((ecwmin << WMM_AC_ECWMIN_SHIFT) & WMM_AC_ECWMIN_MASK) |
43 47156 : ((ecwmax << WMM_AC_ECWMAX_SHIFT) & WMM_AC_ECWMAX_MASK);
44 : }
45 :
46 :
47 : /*
48 : * Add WMM Parameter Element to Beacon, Probe Response, and (Re)Association
49 : * Response frames.
50 : */
51 11890 : u8 * hostapd_eid_wmm(struct hostapd_data *hapd, u8 *eid)
52 : {
53 11890 : u8 *pos = eid;
54 11890 : struct wmm_parameter_element *wmm =
55 : (struct wmm_parameter_element *) (pos + 2);
56 : int e;
57 :
58 11890 : if (!hapd->conf->wmm_enabled)
59 101 : return eid;
60 11789 : eid[0] = WLAN_EID_VENDOR_SPECIFIC;
61 11789 : wmm->oui[0] = 0x00;
62 11789 : wmm->oui[1] = 0x50;
63 11789 : wmm->oui[2] = 0xf2;
64 11789 : wmm->oui_type = WMM_OUI_TYPE;
65 11789 : wmm->oui_subtype = WMM_OUI_SUBTYPE_PARAMETER_ELEMENT;
66 11789 : wmm->version = WMM_VERSION;
67 11789 : wmm->qos_info = hapd->parameter_set_count & 0xf;
68 :
69 14204 : if (hapd->conf->wmm_uapsd &&
70 2415 : (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD))
71 2415 : wmm->qos_info |= 0x80;
72 :
73 11789 : wmm->reserved = 0;
74 :
75 : /* fill in a parameter set record for each AC */
76 58945 : for (e = 0; e < 4; e++) {
77 47156 : struct wmm_ac_parameter *ac = &wmm->ac[e];
78 47156 : struct hostapd_wmm_ac_params *acp =
79 47156 : &hapd->iconf->wmm_ac_params[e];
80 :
81 47156 : ac->aci_aifsn = wmm_aci_aifsn(acp->aifs,
82 : acp->admission_control_mandatory,
83 : e);
84 47156 : ac->cw = wmm_ecw(acp->cwmin, acp->cwmax);
85 47156 : ac->txop_limit = host_to_le16(acp->txop_limit);
86 : }
87 :
88 11789 : pos = (u8 *) (wmm + 1);
89 11789 : eid[1] = pos - eid - 2; /* element length */
90 :
91 11789 : return pos;
92 : }
93 :
94 :
95 : /*
96 : * This function is called when a station sends an association request with
97 : * WMM info element. The function returns 1 on success or 0 on any error in WMM
98 : * element. eid does not include Element ID and Length octets.
99 : */
100 3338 : int hostapd_eid_wmm_valid(struct hostapd_data *hapd, const u8 *eid, size_t len)
101 : {
102 : struct wmm_information_element *wmm;
103 :
104 3338 : wpa_hexdump(MSG_MSGDUMP, "WMM IE", eid, len);
105 :
106 3338 : if (len < sizeof(struct wmm_information_element)) {
107 0 : wpa_printf(MSG_DEBUG, "Too short WMM IE (len=%lu)",
108 : (unsigned long) len);
109 0 : return 0;
110 : }
111 :
112 3338 : wmm = (struct wmm_information_element *) eid;
113 23366 : wpa_printf(MSG_DEBUG, "Validating WMM IE: OUI %02x:%02x:%02x "
114 : "OUI type %d OUI sub-type %d version %d QoS info 0x%x",
115 13352 : wmm->oui[0], wmm->oui[1], wmm->oui[2], wmm->oui_type,
116 10014 : wmm->oui_subtype, wmm->version, wmm->qos_info);
117 6676 : if (wmm->oui_subtype != WMM_OUI_SUBTYPE_INFORMATION_ELEMENT ||
118 3338 : wmm->version != WMM_VERSION) {
119 0 : wpa_printf(MSG_DEBUG, "Unsupported WMM IE Subtype/Version");
120 0 : return 0;
121 : }
122 :
123 3338 : return 1;
124 : }
125 :
126 :
127 4 : static void wmm_send_action(struct hostapd_data *hapd, const u8 *addr,
128 : const struct wmm_tspec_element *tspec,
129 : u8 action_code, u8 dialogue_token, u8 status_code)
130 : {
131 : u8 buf[256];
132 4 : struct ieee80211_mgmt *m = (struct ieee80211_mgmt *) buf;
133 4 : struct wmm_tspec_element *t = (struct wmm_tspec_element *)
134 : m->u.action.u.wmm_action.variable;
135 : int len;
136 :
137 4 : hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
138 : HOSTAPD_LEVEL_DEBUG,
139 : "action response - reason %d", status_code);
140 4 : os_memset(buf, 0, sizeof(buf));
141 4 : m->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
142 : WLAN_FC_STYPE_ACTION);
143 4 : os_memcpy(m->da, addr, ETH_ALEN);
144 4 : os_memcpy(m->sa, hapd->own_addr, ETH_ALEN);
145 4 : os_memcpy(m->bssid, hapd->own_addr, ETH_ALEN);
146 4 : m->u.action.category = WLAN_ACTION_WMM;
147 4 : m->u.action.u.wmm_action.action_code = action_code;
148 4 : m->u.action.u.wmm_action.dialog_token = dialogue_token;
149 4 : m->u.action.u.wmm_action.status_code = status_code;
150 4 : os_memcpy(t, tspec, sizeof(struct wmm_tspec_element));
151 4 : len = ((u8 *) (t + 1)) - buf;
152 :
153 4 : if (hostapd_drv_send_mlme(hapd, m, len, 0) < 0)
154 0 : wpa_printf(MSG_INFO, "wmm_send_action: send failed");
155 4 : }
156 :
157 :
158 4 : int wmm_process_tspec(struct wmm_tspec_element *tspec)
159 : {
160 : int medium_time, pps, duration;
161 : int up, psb, dir, tid;
162 : u16 val, surplus;
163 :
164 4 : up = (tspec->ts_info[1] >> 3) & 0x07;
165 4 : psb = (tspec->ts_info[1] >> 2) & 0x01;
166 4 : dir = (tspec->ts_info[0] >> 5) & 0x03;
167 4 : tid = (tspec->ts_info[0] >> 1) & 0x0f;
168 4 : wpa_printf(MSG_DEBUG, "WMM: TS Info: UP=%d PSB=%d Direction=%d TID=%d",
169 : up, psb, dir, tid);
170 4 : val = le_to_host16(tspec->nominal_msdu_size);
171 4 : wpa_printf(MSG_DEBUG, "WMM: Nominal MSDU Size: %d%s",
172 4 : val & 0x7fff, val & 0x8000 ? " (fixed)" : "");
173 4 : wpa_printf(MSG_DEBUG, "WMM: Mean Data Rate: %u bps",
174 : le_to_host32(tspec->mean_data_rate));
175 4 : wpa_printf(MSG_DEBUG, "WMM: Minimum PHY Rate: %u bps",
176 : le_to_host32(tspec->minimum_phy_rate));
177 4 : val = le_to_host16(tspec->surplus_bandwidth_allowance);
178 4 : wpa_printf(MSG_DEBUG, "WMM: Surplus Bandwidth Allowance: %u.%04u",
179 4 : val >> 13, 10000 * (val & 0x1fff) / 0x2000);
180 :
181 4 : val = le_to_host16(tspec->nominal_msdu_size);
182 4 : if (val == 0) {
183 0 : wpa_printf(MSG_DEBUG, "WMM: Invalid Nominal MSDU Size (0)");
184 0 : return WMM_ADDTS_STATUS_INVALID_PARAMETERS;
185 : }
186 : /* pps = Ceiling((Mean Data Rate / 8) / Nominal MSDU Size) */
187 4 : pps = ((le_to_host32(tspec->mean_data_rate) / 8) + val - 1) / val;
188 4 : wpa_printf(MSG_DEBUG, "WMM: Packets-per-second estimate for TSPEC: %d",
189 : pps);
190 :
191 4 : if (le_to_host32(tspec->minimum_phy_rate) < 1000000) {
192 0 : wpa_printf(MSG_DEBUG, "WMM: Too small Minimum PHY Rate");
193 0 : return WMM_ADDTS_STATUS_INVALID_PARAMETERS;
194 : }
195 :
196 12 : duration = (le_to_host16(tspec->nominal_msdu_size) & 0x7fff) * 8 /
197 8 : (le_to_host32(tspec->minimum_phy_rate) / 1000000) +
198 : 50 /* FIX: proper SIFS + ACK duration */;
199 :
200 : /* unsigned binary number with an implicit binary point after the
201 : * leftmost 3 bits, i.e., 0x2000 = 1.0 */
202 4 : surplus = le_to_host16(tspec->surplus_bandwidth_allowance);
203 4 : if (surplus <= 0x2000) {
204 0 : wpa_printf(MSG_DEBUG, "WMM: Surplus Bandwidth Allowance not "
205 : "greater than unity");
206 0 : return WMM_ADDTS_STATUS_INVALID_PARAMETERS;
207 : }
208 :
209 4 : medium_time = surplus * pps * duration / 0x2000;
210 4 : wpa_printf(MSG_DEBUG, "WMM: Estimated medium time: %u", medium_time);
211 :
212 : /*
213 : * TODO: store list of granted (and still active) TSPECs and check
214 : * whether there is available medium time for this request. For now,
215 : * just refuse requests that would by themselves take very large
216 : * portion of the available bandwidth.
217 : */
218 4 : if (medium_time > 750000) {
219 0 : wpa_printf(MSG_DEBUG, "WMM: Refuse TSPEC request for over "
220 : "75%% of available bandwidth");
221 0 : return WMM_ADDTS_STATUS_REFUSED;
222 : }
223 :
224 : /* Convert to 32 microseconds per second unit */
225 4 : tspec->medium_time = host_to_le16(medium_time / 32);
226 :
227 4 : return WMM_ADDTS_STATUS_ADMISSION_ACCEPTED;
228 : }
229 :
230 :
231 4 : static void wmm_addts_req(struct hostapd_data *hapd,
232 : const struct ieee80211_mgmt *mgmt,
233 : struct wmm_tspec_element *tspec, size_t len)
234 : {
235 4 : const u8 *end = ((const u8 *) mgmt) + len;
236 : int res;
237 :
238 4 : if ((const u8 *) (tspec + 1) > end) {
239 0 : wpa_printf(MSG_DEBUG, "WMM: TSPEC overflow in ADDTS Request");
240 4 : return;
241 : }
242 :
243 28 : wpa_printf(MSG_DEBUG, "WMM: ADDTS Request (Dialog Token %d) for TSPEC "
244 : "from " MACSTR,
245 4 : mgmt->u.action.u.wmm_action.dialog_token,
246 24 : MAC2STR(mgmt->sa));
247 :
248 4 : res = wmm_process_tspec(tspec);
249 4 : wpa_printf(MSG_DEBUG, "WMM: ADDTS processing result: %d", res);
250 :
251 8 : wmm_send_action(hapd, mgmt->sa, tspec, WMM_ACTION_CODE_ADDTS_RESP,
252 4 : mgmt->u.action.u.wmm_action.dialog_token, res);
253 : }
254 :
255 :
256 6 : void hostapd_wmm_action(struct hostapd_data *hapd,
257 : const struct ieee80211_mgmt *mgmt, size_t len)
258 : {
259 : int action_code;
260 6 : int left = len - IEEE80211_HDRLEN - 4;
261 6 : const u8 *pos = ((const u8 *) mgmt) + IEEE80211_HDRLEN + 4;
262 : struct ieee802_11_elems elems;
263 6 : struct sta_info *sta = ap_get_sta(hapd, mgmt->sa);
264 :
265 : /* check that the request comes from a valid station */
266 12 : if (!sta ||
267 6 : (sta->flags & (WLAN_STA_ASSOC | WLAN_STA_WMM)) !=
268 : (WLAN_STA_ASSOC | WLAN_STA_WMM)) {
269 0 : hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
270 : HOSTAPD_LEVEL_DEBUG,
271 : "wmm action received is not from associated wmm"
272 : " station");
273 : /* TODO: respond with action frame refused status code */
274 0 : return;
275 : }
276 :
277 6 : if (left < 0)
278 1 : return; /* not a valid WMM Action frame */
279 :
280 : /* extract the tspec info element */
281 5 : if (ieee802_11_parse_elems(pos, left, &elems, 1) == ParseFailed) {
282 0 : hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
283 : HOSTAPD_LEVEL_DEBUG,
284 : "hostapd_wmm_action - could not parse wmm "
285 : "action");
286 : /* TODO: respond with action frame invalid parameters status
287 : * code */
288 0 : return;
289 : }
290 :
291 10 : if (!elems.wmm_tspec ||
292 5 : elems.wmm_tspec_len != (sizeof(struct wmm_tspec_element) - 2)) {
293 0 : hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
294 : HOSTAPD_LEVEL_DEBUG,
295 : "hostapd_wmm_action - missing or wrong length "
296 : "tspec");
297 : /* TODO: respond with action frame invalid parameters status
298 : * code */
299 0 : return;
300 : }
301 :
302 : /* TODO: check the request is for an AC with ACM set, if not, refuse
303 : * request */
304 :
305 5 : action_code = mgmt->u.action.u.wmm_action.action_code;
306 5 : switch (action_code) {
307 : case WMM_ACTION_CODE_ADDTS_REQ:
308 4 : wmm_addts_req(hapd, mgmt, (struct wmm_tspec_element *)
309 4 : (elems.wmm_tspec - 2), len);
310 4 : return;
311 : #if 0
312 : /* TODO: needed for client implementation */
313 : case WMM_ACTION_CODE_ADDTS_RESP:
314 : wmm_setup_request(hapd, mgmt, len);
315 : return;
316 : /* TODO: handle station teardown requests */
317 : case WMM_ACTION_CODE_DELTS:
318 : wmm_teardown(hapd, mgmt, len);
319 : return;
320 : #endif
321 : }
322 :
323 1 : hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
324 : HOSTAPD_LEVEL_DEBUG,
325 : "hostapd_wmm_action - unknown action code %d",
326 : action_code);
327 : }
|
