cvs commit: src/sys/netproto/802_11 ieee80211_proto.h ieee80211_var.h src/sys/netproto/802_11/wlan ieee80211_input.c ieee80211_node.c ieee80211_output.c ieee80211_proto.c

Sepherosa Ziehau sephe at crater.dragonflybsd.org
Sat Dec 23 01:19:01 PST 2006


sephe       2006/12/23 01:14:03 PST

DragonFly src repository

  Modified files:
    sys/netproto/802_11  ieee80211_proto.h ieee80211_var.h 
    sys/netproto/802_11/wlan ieee80211_input.c ieee80211_node.c 
                             ieee80211_output.c ieee80211_proto.c 
  Log:
  Massive 802_11 XRATE bug fixing.
  
  - Correct ieee80211_fix_rate(IEEE80211_F_DODEL) operation by entering
    IEEE80211_F_DONEGO code segment but avoiding real negotiation.
  - In ieee80211_fix_rate(), remove duplicated rates if rate set is to
    be sorted.  This should be enough to protect us against maliciously
    minted 802.11 management frames which contain supported rate and
    extended supported rate ies. [*]
  - In ieee80211_sta_join(), call ieee80211_fix_rate(IEEE80211_F_DODEL),
    if the wireless NIC operates in STA mode.  So drivers can depend on
    ieee80211com.ic_bss's ni_rates even before entering RUN state, this
    is *very important* for certain driver e.g. iwi(4) [*].
  - Add ic_nbasicrates in ieee80211com, which records the number of
    basic rates in the current BSS. [1]
  - Add a new function ieee80211_copy_basicrates().  This function is
    used to propagate IEEE80211_RATE_BASIC bit from second parameter
    to the first parameter.  It will return number of basic rates in
    the second parameter.  It is called in ieee80211_sta_join() to
    properly setup basic rates in ieee80211com.ic_sup_rates and
    ieee80211com.ic_nbasicrates. [2]
  - Introduce extra parameter to ieee80211_setup_rates() and
    ieee80211_fix_rate().
    This parameter only affects how IEEE80211_F_DONEGO is done.
    Adjust IEEE80211_F_DONEGO behavior after introducing this parameter:
    If the new parameter is 1, then the negotiation is performed on the
    behalf of a STA which wants to join either an infrastructured or an
    independent BSS, and the rate set going to be negotiated is the BSS's
    supported rate set:
    o  Don't overwrite the BSS basic rate set.  So drivers and TX rate
       control algorithm can have knowledge of the BSS basic rate set and
       can do various setting accordingly.
    o  Avoid joining the BSS, if certain rates in the BSS basic rate set
       are not supported.
    If the new parameter is 0, then the negotiation is performed on the
    behalf of a HOSTAP, or a STA that already joined/started an independent
    BSS, and the rate set going to be negotiated is peer STA's supported
    rate set:
    o  Overwrite the basic rates of peer STA's supported rate set with
       basic rates in ieee80211com.ic_sup_rates, which is set up properly
       in ieee80211_sta_join() by ieee80211_copy_basicrates() (see [2]),
       so TX rate control algorithm can act accordingly.
    o  If the current operation mode is IEEE80211_M_HOSTAP, use a counter
       to bookkeep how many basic rates got overwritten during negotiation.
       If at the end of the negotiation the counter is less than
       ieee80211com.ic_nbasicrates (see [1] and [2]), then it means that
       the peer STA does not support certain rates in our basic rate set.
       This kind of STA should not be allowed to join the current BSS.
       This prevention mechanism should be more straightforword than the
       old one in ieee80211_recv_mgmt(), nuke the old prevention mechanism
       after this change.
  - In ieee80211_init_neighbor(), do full rate set negotiation, so nodes
    created by ieee80211_add_neighbor() or ieee80211_fakeup_adhoc_node(),
    will not contain rates that the wireless NIC does not support.
  - In ieee80211_{beacon,probe_resp}_alloc(), use ieee80211com.ic_sup_rates
    to setup supported rates and extended supported rates ie, instead of
    using ieee80211com.ic_bss's ni_rates.  So two 11g STAs in a 11g/11b
    mixed IBSS can comunicate with each other using OFDM rates, given proper
    protection, like RTS-CTS/CTS-to-self, is applied. [**]
  - In ieee80211_send_mgmt(), use ieee80211com.ic_sup_rates to create
    supported rates and extended supported rates ie of (re)association
    response.  So these ies are consistent with what's in beacon and probe
    response. [**]
  - In ieee80211_send_mgmt(), use ieee80211_probe_resp_alloc() to create
    frame body of probe response.
  - Add more XRATE debug messages.
  
  #
  # [*] Details:
  # http://lists.freebsd.org/pipermail/freebsd-current/2006-October/066679.html
  #
  # [**] Basic rates in ieee80211com.ic_sup_rates are set beforehand (see [2])
  #
  
  Revision  Changes    Path
  1.7       +5 -2      src/sys/netproto/802_11/ieee80211_proto.h
  1.11      +2 -1      src/sys/netproto/802_11/ieee80211_var.h
  1.13      +7 -13     src/sys/netproto/802_11/wlan/ieee80211_input.c
  1.14      +42 -14    src/sys/netproto/802_11/wlan/ieee80211_node.c
  1.11      +17 -82    src/sys/netproto/802_11/wlan/ieee80211_output.c
  1.7       +62 -14    src/sys/netproto/802_11/wlan/ieee80211_proto.c


http://www.dragonflybsd.org/cvsweb/src/sys/netproto/802_11/ieee80211_proto.h.diff?r1=1.6&r2=1.7&f=u
http://www.dragonflybsd.org/cvsweb/src/sys/netproto/802_11/ieee80211_var.h.diff?r1=1.10&r2=1.11&f=u
http://www.dragonflybsd.org/cvsweb/src/sys/netproto/802_11/wlan/ieee80211_input.c.diff?r1=1.12&r2=1.13&f=u
http://www.dragonflybsd.org/cvsweb/src/sys/netproto/802_11/wlan/ieee80211_node.c.diff?r1=1.13&r2=1.14&f=u
http://www.dragonflybsd.org/cvsweb/src/sys/netproto/802_11/wlan/ieee80211_output.c.diff?r1=1.10&r2=1.11&f=u
http://www.dragonflybsd.org/cvsweb/src/sys/netproto/802_11/wlan/ieee80211_proto.c.diff?r1=1.6&r2=1.7&f=u





More information about the Commits mailing list