diff options
Diffstat (limited to 'gpxe/src/include/gpxe/ieee80211.h')
-rw-r--r-- | gpxe/src/include/gpxe/ieee80211.h | 1160 |
1 files changed, 0 insertions, 1160 deletions
diff --git a/gpxe/src/include/gpxe/ieee80211.h b/gpxe/src/include/gpxe/ieee80211.h deleted file mode 100644 index e5b10c30..00000000 --- a/gpxe/src/include/gpxe/ieee80211.h +++ /dev/null @@ -1,1160 +0,0 @@ -#ifndef _GPXE_IEEE80211_H -#define _GPXE_IEEE80211_H - -#include <gpxe/if_ether.h> /* for ETH_ALEN */ -#include <endian.h> - -/** @file - * Constants and data structures defined in IEEE 802.11, subsetted - * according to what gPXE knows how to use. - */ - -FILE_LICENCE(GPL2_OR_LATER); - -/* ---------- Maximum lengths of things ---------- */ - -/** - * @defgroup ieee80211_maxlen Maximum lengths in the 802.11 protocol - * @{ - */ - -/** Maximum length of frame payload - * - * This does not include cryptographic overhead, which can be up to 20 - * bytes, but it DOES include the 802.2 LLC/SNAP headers that are used - * on data frames (but not management frames). - */ -#define IEEE80211_MAX_DATA_LEN 2304 - -/** Length of LLC/SNAP headers on data frames */ -#define IEEE80211_LLC_HEADER_LEN 8 - -/** Maximum cryptographic overhead before encrypted data */ -#define IEEE80211_MAX_CRYPTO_HEADER 8 - -/** Maximum cryptographic overhead after encrypted data - * - * This does not count the MIC in TKIP frames, since that is - * considered to be part of the MSDU and thus contributes to the size - * of the data field. - * - * It @e does count the MIC in CCMP frames, which is considered part - * of the MPDU (outside the data field). - */ -#define IEEE80211_MAX_CRYPTO_TRAILER 8 - -/** Total maximum cryptographic overhead */ -#define IEEE80211_MAX_CRYPTO_OVERHEAD 16 - -/** Bytes of network-layer data that can go into a regular data frame */ -#define IEEE80211_MAX_FRAME_DATA 2296 - -/** Frame header length for frames we might work with - * - * QoS adds a two-byte field on top of this, and APs communicating - * with each other in Wireless Distribution System (WDS) mode add an - * extra 6-byte MAC address field, but we do not work with such - * frames. - */ -#define IEEE80211_TYP_FRAME_HEADER_LEN 24 - -/** Theoretical maximum frame header length - * - * This includes the QoS and WDS Addr4 fields that we should never - * see. - */ -#define IEEE80211_MAX_FRAME_HEADER_LEN 32 - -/** Maximum combined frame length - * - * The biggest frame will include 32 frame header bytes, 16 bytes of - * crypto overhead, and 2304 data bytes. - */ -#define IEEE80211_MAX_FRAME_LEN 2352 - -/** Maximum length of an ESSID */ -#define IEEE80211_MAX_SSID_LEN 32 - -/** @} */ - - -/* ---------- Frame Control defines ---------- */ - -/** - * @defgroup ieee80211_fc 802.11 Frame Control field bits - * @{ - */ - -/** 802.11 Frame Control field, Version bitmask */ -#define IEEE80211_FC_VERSION 0x0003 - -/** Expected value of Version bits in Frame Control */ -#define IEEE80211_THIS_VERSION 0x0000 - - -/** 802.11 Frame Control field, Frame Type bitmask */ -#define IEEE80211_FC_TYPE 0x000C - -/** Type value for management (layer-2) frames */ -#define IEEE80211_TYPE_MGMT 0x0000 - -/** Type value for control (layer-1, hardware-managed) frames */ -#define IEEE80211_TYPE_CTRL 0x0004 - -/** Type value for data frames */ -#define IEEE80211_TYPE_DATA 0x0008 - - -/** 802.11 Frame Control field, Frame Subtype bitmask */ -#define IEEE80211_FC_SUBTYPE 0x00F0 - -/** Subtype value for association-request management frames - * - * Association request frames are sent after authentication from the - * client to the Access Point to establish the client as part of the - * Access Point's network. - */ -#define IEEE80211_STYPE_ASSOC_REQ 0x0000 - -/** Subtype value for association-response management frames - * - * Association response frames are sent by the Access Point to confirm - * or deny the association requested in an association request frame. - */ -#define IEEE80211_STYPE_ASSOC_RESP 0x0010 - -/** Subtype value for reassociation-request management frames - * - * Reassociation request frames are sent by clients wishing to change - * from one Access Point to another while roaming within the same - * extended network (same ESSID). - */ -#define IEEE80211_STYPE_REASSOC_REQ 0x0020 - -/** Subtype value for reassociation-response management frames - * - * Reassociation response frames are sent by the Access Point to - * confirm or deny the swap requested in a reassociation request - * frame. - */ -#define IEEE80211_STYPE_REASSOC_RESP 0x0030 - -/** Subtype value for probe-request management frames - * - * Probe request frames are sent by clients to request that all Access - * Points on the sending channel, or all belonging to a particular - * ESSID, identify themselves by BSSID, supported transfer rates, RF - * configuration, and other capabilities. - */ -#define IEEE80211_STYPE_PROBE_REQ 0x0040 - -/** Subtype value for probe-response management frames - * - * Probe response frames are sent by Access Points in response to - * probe request frames, providing the requested information. - */ -#define IEEE80211_STYPE_PROBE_RESP 0x0050 - -/** Subtype value for beacon management frames - * - * Beacon frames are sent by Access Points at regular intervals, - * usually ten per second, on the channel on which they communicate. - * They can be used to probe passively for access points on a channel - * where local regulatory restrictions prohibit active scanning, or - * due to their regularity as a mechanism to determine the fraction of - * packets that are being dropped. - */ -#define IEEE80211_STYPE_BEACON 0x0080 - -/** Subtype value for disassociation management frames - * - * Disassociation frames are sent by either a client or an Access - * Point to unequivocally terminate the association between the two. - * They may be sent by clients upon leaving the network, or by an - * Access Point upon reconfiguration, among other reasons; they are - * usually more "polite" than deauthentication frames. - */ -#define IEEE80211_STYPE_DISASSOC 0x00A0 - -/** Subtype value for authentication management frames - * - * Authentication frames are exchanged between a client and an Access - * Point before association may be performed. Confusingly, in the most - * common authentication method (Open System) no security tokens are - * exchanged at all. Modern 802.11 security handshaking takes place - * after association. - */ -#define IEEE80211_STYPE_AUTH 0x00B0 - -/** Subtype value for deauthentication management frames - * - * Deauthentication frames are sent by either a client or an Access - * Point to terminate the authentication (and therefore also the - * association) between the two. They are generally more forceful than - * disassociation frames, sent for such reasons as a failure to - * set up security properly after associating. - */ -#define IEEE80211_STYPE_DEAUTH 0x00C0 - -/** Subtype value for action management frames - * - * Action frames are used to implement spectrum management and QoS - * features that gPXE currently does not support. - */ -#define IEEE80211_STYPE_ACTION 0x00D0 - - -/** Subtype value for RTS (request to send) control frames */ -#define IEEE80211_STYPE_RTS 0x00B0 - -/** Subtype value for CTS (clear to send) control frames */ -#define IEEE80211_STYPE_CTS 0x00C0 - -/** Subtype value for ACK (acknowledgement) control frames */ -#define IEEE80211_STYPE_ACK 0x00D0 - - -/** Subtype value for ordinary data frames, with no QoS or CF add-ons */ -#define IEEE80211_STYPE_DATA 0x0000 - -/** Subtype value for data frames containing no data */ -#define IEEE80211_STYPE_NODATA 0x0040 - - -/** 802.11 Frame Control field: To Data System flag - * - * This is set on data frames sent to an Access Point. - */ -#define IEEE80211_FC_TODS 0x0100 - -/** 802.11 Frame Control field: From Data System flag - * - * This is set on data frames sent from an Access Point. If both TODS - * and FROMDS are set, the frame header is a 4-address format used for - * inter-Access Point communication. - */ -#define IEEE80211_FC_FROMDS 0x0200 - -/** 802.11 Frame Control field: More Fragments flag */ -#define IEEE80211_FC_MORE_FRAG 0x0400 - -/** 802.11 Frame Control field: Retransmission flag */ -#define IEEE80211_FC_RETRY 0x0800 - -/** 802.11 Frame Control field: Power Managed flag - * - * This is set on any frame sent by a low-power station that will go - * into a power-saving mode immediately after this frame. Access - * Points are not allowed to act as low-power stations. - */ -#define IEEE80211_FC_PWR_MGMT 0x1000 - -/** 802.11 Frame Control field: More Data flag - * - * This is set on any frame sent by a station that has more data - * queued to be sent than is in the frame. - */ -#define IEEE80211_FC_MORE_DATA 0x2000 - -/** 802.11 Frame Control field: Protected flag - * - * This is set on frames in which data is encrypted (by any method). - */ -#define IEEE80211_FC_PROTECTED 0x4000 - -/** 802.11 Frame Control field: Ordered flag [?] */ -#define IEEE80211_FC_ORDER 0x8000 - -/** @} */ - - -/* ---------- Sequence Control defines ---------- */ - -/** - * @defgroup ieee80211_seq 802.11 Sequence Control field handling - * @{ - */ - -/** Extract sequence number from 802.11 Sequence Control field */ -#define IEEE80211_SEQNR( seq ) ( ( seq ) >> 4 ) - -/** Extract fragment number from 802.11 Sequence Control field */ -#define IEEE80211_FRAG( seq ) ( ( seq ) & 0x000F ) - -/** Make 802.11 Sequence Control field from sequence and fragment numbers */ -#define IEEE80211_MAKESEQ( seqnr, frag ) \ - ( ( ( ( seqnr ) & 0xFFF ) << 4 ) | ( ( frag ) & 0xF ) ) - -/** @} */ - - -/* ---------- Frame header formats ---------- */ - -/** - * @defgroup ieee80211_hdr 802.11 frame header formats - * @{ - */ - -/** An 802.11 data or management frame without QoS or WDS header fields */ -struct ieee80211_frame -{ - u16 fc; /**< 802.11 Frame Control field */ - u16 duration; /**< Microseconds to reserve link */ - u8 addr1[ETH_ALEN]; /**< Address 1 (immediate receiver) */ - u8 addr2[ETH_ALEN]; /**< Address 2 (immediate sender) */ - u8 addr3[ETH_ALEN]; /**< Address 3 (often "forward to") */ - u16 seq; /**< 802.11 Sequence Control field */ - u8 data[0]; /**< Beginning of frame data */ -} __attribute__((packed)); - -/** The 802.2 LLC/SNAP header sent before actual data in a data frame - * - * This header is not acknowledged in the 802.11 standard at all; it - * is treated just like data for MAC-layer purposes, including - * fragmentation and encryption. It is actually two headers - * concatenated: a three-byte 802.2 LLC header indicating Subnetwork - * Accesss Protocol (SNAP) in both source and destination Service - * Access Point (SAP) fields, and a five-byte SNAP header indicating a - * zero OUI and two-byte Ethernet protocol type field. - * - * Thus, an eight-byte header in which six of the bytes are redundant. - * Lovely, isn't it? - */ -struct ieee80211_llc_snap_header -{ - /* LLC part: */ - u8 dsap; /**< Destination SAP ID */ - u8 ssap; /**< Source SAP ID */ - u8 ctrl; /**< Control information */ - - /* SNAP part: */ - u8 oui[3]; /**< Organization code, usually 0 */ - u16 ethertype; /**< Ethernet Type field */ -} __attribute__((packed)); - -/** Value for DSAP field in 802.2 LLC header for 802.11 frames: SNAP */ -#define IEEE80211_LLC_DSAP 0xAA - -/** Value for SSAP field in 802.2 LLC header for 802.11 frames: SNAP */ -#define IEEE80211_LLC_SSAP 0xAA - -/** Value for control field in 802.2 LLC header for 802.11 frames - * - * "Unnumbered Information". - */ -#define IEEE80211_LLC_CTRL 0x03 - - -/** 16-byte RTS frame format, with abbreviated header */ -struct ieee80211_rts -{ - u16 fc; /**< 802.11 Frame Control field */ - u16 duration; /**< Microseconds to reserve link */ - u8 addr1[ETH_ALEN]; /**< Address 1 (immediate receiver) */ - u8 addr2[ETH_ALEN]; /**< Address 2 (immediate sender) */ -} __attribute__((packed)); - -/** Length of 802.11 RTS control frame */ -#define IEEE80211_RTS_LEN 16 - -/** 10-byte CTS or ACK frame format, with abbreviated header */ -struct ieee80211_cts_or_ack -{ - u16 fc; /**< 802.11 Frame Control field */ - u16 duration; /**< Microseconds to reserve link */ - u8 addr1[ETH_ALEN]; /**< Address 1 (immediate receiver) */ -} __attribute__((packed)); - -#define ieee80211_cts ieee80211_cts_or_ack -#define ieee80211_ack ieee80211_cts_or_ack - -/** Length of 802.11 CTS control frame */ -#define IEEE80211_CTS_LEN 10 - -/** Length of 802.11 ACK control frame */ -#define IEEE80211_ACK_LEN 10 - -/** @} */ - - -/* ---------- Capability bits, status and reason codes ---------- */ - -/** - * @defgroup ieee80211_capab 802.11 management frame capability field bits - * @{ - */ - -/** Set if using an Access Point (managed mode) */ -#define IEEE80211_CAPAB_MANAGED 0x0001 - -/** Set if operating in IBSS (no-AP, "Ad-Hoc") mode */ -#define IEEE80211_CAPAB_ADHOC 0x0002 - -/** Set if we support Contention-Free Period operation */ -#define IEEE80211_CAPAB_CFPOLL 0x0004 - -/** Set if we wish to be polled for Contention-Free operation */ -#define IEEE80211_CAPAB_CFPR 0x0008 - -/** Set if the network is encrypted (by any method) */ -#define IEEE80211_CAPAB_PRIVACY 0x0010 - -/** Set if PHY supports short preambles on 802.11b */ -#define IEEE80211_CAPAB_SHORT_PMBL 0x0020 - -/** Set if PHY supports PBCC modulation */ -#define IEEE80211_CAPAB_PBCC 0x0040 - -/** Set if we support Channel Agility */ -#define IEEE80211_CAPAB_CHAN_AGILITY 0x0080 - -/** Set if we support spectrum management (DFS and TPC) on the 5GHz band */ -#define IEEE80211_CAPAB_SPECTRUM_MGMT 0x0100 - -/** Set if we support Quality of Service enhancements */ -#define IEEE80211_CAPAB_QOS 0x0200 - -/** Set if PHY supports short slot time on 802.11g */ -#define IEEE80211_CAPAB_SHORT_SLOT 0x0400 - -/** Set if PHY supports APSD option */ -#define IEEE80211_CAPAB_APSD 0x0800 - -/** Set if PHY supports DSSS/OFDM modulation (one way of 802.11 b/g mixing) */ -#define IEEE80211_CAPAB_DSSS_OFDM 0x2000 - -/** Set if we support delayed block ACK */ -#define IEEE80211_CAPAB_DELAYED_BACK 0x4000 - -/** Set if we support immediate block ACK */ -#define IEEE80211_CAPAB_IMMED_BACK 0x8000 - -/** @} */ - - -/** - * @defgroup ieee80211_status 802.11 status codes - * - * These are returned to indicate an immediate denial of - * authentication or association. In gPXE, the lower 5 bits of the - * status code are encoded into the file-unique portion of an error - * code, the ERRFILE portion is always @c ERRFILE_net80211, and the - * POSIX error code is @c ECONNREFUSED for status 0-31 or @c - * EHOSTUNREACH for status 32-63. - * - * For a complete table with non-abbreviated error messages, see IEEE - * Std 802.11-2007, Table 7-23, p.94. - * - * @{ - */ - -#define IEEE80211_STATUS_SUCCESS 0 -#define IEEE80211_STATUS_FAILURE 1 -#define IEEE80211_STATUS_CAPAB_UNSUPP 10 -#define IEEE80211_STATUS_REASSOC_INVALID 11 -#define IEEE80211_STATUS_ASSOC_DENIED 12 -#define IEEE80211_STATUS_AUTH_ALGO_UNSUPP 13 -#define IEEE80211_STATUS_AUTH_SEQ_INVALID 14 -#define IEEE80211_STATUS_AUTH_CHALL_INVALID 15 -#define IEEE80211_STATUS_AUTH_TIMEOUT 16 -#define IEEE80211_STATUS_ASSOC_NO_ROOM 17 -#define IEEE80211_STATUS_ASSOC_NEED_RATE 18 -#define IEEE80211_STATUS_ASSOC_NEED_SHORT_PMBL 19 -#define IEEE80211_STATUS_ASSOC_NEED_PBCC 20 -#define IEEE80211_STATUS_ASSOC_NEED_CHAN_AGILITY 21 -#define IEEE80211_STATUS_ASSOC_NEED_SPECTRUM_MGMT 22 -#define IEEE80211_STATUS_ASSOC_BAD_POWER 23 -#define IEEE80211_STATUS_ASSOC_BAD_CHANNELS 24 -#define IEEE80211_STATUS_ASSOC_NEED_SHORT_SLOT 25 -#define IEEE80211_STATUS_ASSOC_NEED_DSSS_OFDM 26 -#define IEEE80211_STATUS_QOS_FAILURE 32 -#define IEEE80211_STATUS_QOS_NO_ROOM 33 -#define IEEE80211_STATUS_LINK_IS_HORRIBLE 34 -#define IEEE80211_STATUS_ASSOC_NEED_QOS 35 -#define IEEE80211_STATUS_REQUEST_DECLINED 37 -#define IEEE80211_STATUS_REQUEST_INVALID 38 -#define IEEE80211_STATUS_TS_NOT_CREATED_AGAIN 39 -#define IEEE80211_STATUS_INVALID_IE 40 -#define IEEE80211_STATUS_GROUP_CIPHER_INVALID 41 -#define IEEE80211_STATUS_PAIR_CIPHER_INVALID 42 -#define IEEE80211_STATUS_AKMP_INVALID 43 -#define IEEE80211_STATUS_RSN_VERSION_UNSUPP 44 -#define IEEE80211_STATUS_RSN_CAPAB_INVALID 45 -#define IEEE80211_STATUS_CIPHER_REJECTED 46 -#define IEEE80211_STATUS_TS_NOT_CREATED_WAIT 47 -#define IEEE80211_STATUS_DIRECT_LINK_FORBIDDEN 48 -#define IEEE80211_STATUS_DEST_NOT_PRESENT 49 -#define IEEE80211_STATUS_DEST_NOT_QOS 50 -#define IEEE80211_STATUS_ASSOC_LISTEN_TOO_HIGH 51 - -/** @} */ - - - -/** - * @defgroup ieee80211_reason 802.11 reason codes - * - * These are returned to indicate the reason for a deauthentication or - * disassociation sent (usually) after authentication or association - * had succeeded. In gPXE, the lower 5 bits of the reason code are - * encoded into the file-unique portion of an error code, the ERRFILE - * portion is always @c ERRFILE_net80211, and the POSIX error code is - * @c ECONNRESET for reason 0-31 or @c ENETRESET for reason 32-63. - * - * For a complete table with non-abbreviated error messages, see IEEE - * Std 802.11-2007, Table 7-22, p.92. - * - * @{ - */ - -#define IEEE80211_REASON_NONE 0 -#define IEEE80211_REASON_UNSPECIFIED 1 -#define IEEE80211_REASON_AUTH_NO_LONGER_VALID 2 -#define IEEE80211_REASON_LEAVING 3 -#define IEEE80211_REASON_INACTIVITY 4 -#define IEEE80211_REASON_OUT_OF_RESOURCES 5 -#define IEEE80211_REASON_NEED_AUTH 6 -#define IEEE80211_REASON_NEED_ASSOC 7 -#define IEEE80211_REASON_LEAVING_TO_ROAM 8 -#define IEEE80211_REASON_REASSOC_INVALID 9 -#define IEEE80211_REASON_BAD_POWER 10 -#define IEEE80211_REASON_BAD_CHANNELS 11 -#define IEEE80211_REASON_INVALID_IE 13 -#define IEEE80211_REASON_MIC_FAILURE 14 -#define IEEE80211_REASON_4WAY_TIMEOUT 15 -#define IEEE80211_REASON_GROUPKEY_TIMEOUT 16 -#define IEEE80211_REASON_4WAY_INVALID 17 -#define IEEE80211_REASON_GROUP_CIPHER_INVALID 18 -#define IEEE80211_REASON_PAIR_CIPHER_INVALID 19 -#define IEEE80211_REASON_AKMP_INVALID 20 -#define IEEE80211_REASON_RSN_VERSION_INVALID 21 -#define IEEE80211_REASON_RSN_CAPAB_INVALID 22 -#define IEEE80211_REASON_8021X_FAILURE 23 -#define IEEE80211_REASON_CIPHER_REJECTED 24 -#define IEEE80211_REASON_QOS_UNSPECIFIED 32 -#define IEEE80211_REASON_QOS_OUT_OF_RESOURCES 33 -#define IEEE80211_REASON_LINK_IS_HORRIBLE 34 -#define IEEE80211_REASON_INVALID_TXOP 35 -#define IEEE80211_REASON_REQUESTED_LEAVING 36 -#define IEEE80211_REASON_REQUESTED_NO_USE 37 -#define IEEE80211_REASON_REQUESTED_NEED_SETUP 38 -#define IEEE80211_REASON_REQUESTED_TIMEOUT 39 -#define IEEE80211_REASON_CIPHER_UNSUPPORTED 45 - -/** @} */ - -/* ---------- Information element declarations ---------- */ - -/** - * @defgroup ieee80211_ie 802.11 information elements - * - * Many management frames include a section that amounts to a - * concatenation of these information elements, so that the sender can - * choose which information to send and the receiver can ignore the - * parts it doesn't understand. Each IE contains a two-byte header, - * one byte ID and one byte length, followed by IE-specific data. The - * length does not include the two-byte header. Information elements - * are required to be sorted by ID, but gPXE does not require that in - * those it receives. - * - * This group also includes a few inline functions to simplify common - * tasks in IE processing. - * - * @{ - */ - -/** Generic 802.11 information element header */ -struct ieee80211_ie_header { - u8 id; /**< Information element ID */ - u8 len; /**< Information element length */ -} __attribute__ ((packed)); - - -/** 802.11 SSID information element */ -struct ieee80211_ie_ssid { - u8 id; /**< SSID ID: 0 */ - u8 len; /**< SSID length */ - char ssid[0]; /**< SSID data, not NUL-terminated */ -} __attribute__ ((packed)); - -/** Information element ID for SSID information element */ -#define IEEE80211_IE_SSID 0 - - -/** 802.11 rates information element - * - * The first 8 rates go in an IE of type RATES (1), and any more rates - * go in one of type EXT_RATES (50). Each rate is a byte with the low - * 7 bits equal to the rate in units of 500 kbps, and the high bit set - * if and only if the rate is "basic" (must be supported by all - * connected stations). - */ -struct ieee80211_ie_rates { - u8 id; /**< Rates ID: 1 or 50 */ - u8 len; /**< Number of rates */ - u8 rates[0]; /**< Rates data, one rate per byte */ -} __attribute__ ((packed)); - -/** Information element ID for rates information element */ -#define IEEE80211_IE_RATES 1 - -/** Information element ID for extended rates information element */ -#define IEEE80211_IE_EXT_RATES 50 - - -/** 802.11 Direct Spectrum parameter information element - * - * This just contains the channel number. It has the fancy name - * because IEEE 802.11 also defines a frequency-hopping PHY that - * changes channels at regular intervals following a predetermined - * pattern; in practice nobody uses the FH PHY. - */ -struct ieee80211_ie_ds_param { - u8 id; /**< DS parameter ID: 3 */ - u8 len; /**< DS parameter length: 1 */ - u8 current_channel; /**< Current channel number, 1-14 */ -} __attribute__ ((packed)); - -/** Information element ID for Direct Spectrum parameter information element */ -#define IEEE80211_IE_DS_PARAM 3 - - -/** 802.11 Country information element regulatory extension triplet */ -struct ieee80211_ie_country_ext_triplet { - u8 reg_ext_id; /**< Regulatory extension ID */ - u8 reg_class_id; /**< Regulatory class ID */ - u8 coverage_class; /**< Coverage class */ -} __attribute__ ((packed)); - -/** 802.11 Country information element regulatory band triplet */ -struct ieee80211_ie_country_band_triplet { - u8 first_channel; /**< Channel number for first channel in band */ - u8 nr_channels; /**< Number of contiguous channels in band */ - u8 max_txpower; /**< Maximum TX power in dBm */ -} __attribute__ ((packed)); - -/** 802.11 Country information element regulatory triplet - * - * It is a band triplet if the first byte is 200 or less, and a - * regulatory extension triplet otherwise. - */ -union ieee80211_ie_country_triplet { - /** Differentiator between band and ext triplets */ - u8 first; - - /** Information about a band of channels */ - struct ieee80211_ie_country_band_triplet band; - - /** Regulatory extension information */ - struct ieee80211_ie_country_ext_triplet ext; -}; - -/** 802.11 Country information element - * - * This contains some data about RF regulations. - */ -struct ieee80211_ie_country { - u8 id; /**< Country information ID: 7 */ - u8 len; /**< Country information length: varies */ - char name[2]; /**< ISO Alpha2 country code */ - char in_out; /**< 'I' for indoor, 'O' for outdoor */ - - /** List of regulatory triplets */ - union ieee80211_ie_country_triplet triplet[0]; -} __attribute__ ((packed)); - -/** Information element ID for Country information element */ -#define IEEE80211_IE_COUNTRY 7 - - -/** 802.11 Request information element - * - * This contains a list of information element types we would like to - * be included in probe response frames. - */ -struct ieee80211_ie_request { - u8 id; /**< Request ID: 10 */ - u8 len; /**< Number of IEs requested */ - u8 request[0]; /**< List of IEs requested */ -} __attribute__ ((packed)); - -/** Information element ID for Request information element */ -#define IEEE80211_IE_REQUEST 10 - - -/** 802.11 Challenge Text information element - * - * This is used in authentication frames under Shared Key - * authentication. - */ -struct ieee80211_ie_challenge_text { - u8 id; /**< Challenge Text ID: 16 */ - u8 len; /**< Challenge Text length: usually 128 */ - u8 challenge_text[0]; /**< Challenge Text data */ -} __attribute__ ((packed)); - -/** Information element ID for Challenge Text information element */ -#define IEEE80211_IE_CHALLENGE_TEXT 16 - - -/** 802.11 Power Constraint information element - * - * This is used to specify an additional power limitation on top of - * the Country requirements. - */ -struct ieee80211_ie_power_constraint { - u8 id; /**< Power Constraint ID: 52 */ - u8 len; /**< Power Constraint length: 1 */ - u8 power_constraint; /**< Decrease in allowed TX power, dBm */ -} __attribute__ ((packed)); - -/** Information element ID for Power Constraint information element */ -#define IEEE80211_IE_POWER_CONSTRAINT 52 - - -/** 802.11 Power Capability information element - * - * This is used in association request frames to indicate the extremes - * of our TX power abilities. It is required only if we indicate - * support for spectrum management. - */ -struct ieee80211_ie_power_capab { - u8 id; /**< Power Capability ID: 33 */ - u8 len; /**< Power Capability length: 2 */ - u8 min_txpower; /**< Minimum possible TX power, dBm */ - u8 max_txpower; /**< Maximum possible TX power, dBm */ -} __attribute__ ((packed)); - -/** Information element ID for Power Capability information element */ -#define IEEE80211_IE_POWER_CAPAB 33 - - -/** 802.11 Channels information element channel band tuple */ -struct ieee80211_ie_channels_channel_band { - u8 first_channel; /**< Channel number of first channel in band */ - u8 nr_channels; /**< Number of channels in band */ -} __attribute__ ((packed)); - -/** 802.11 Channels information element - * - * This is used in association frames to indicate the channels we can - * use. It is required only if we indicate support for spectrum - * management. - */ -struct ieee80211_ie_channels { - u8 id; /**< Channels ID: 36 */ - u8 len; /**< Channels length: 2 */ - - /** List of (start, length) channel bands we can use */ - struct ieee80211_ie_channels_channel_band channels[0]; -} __attribute__ ((packed)); - -/** Information element ID for Channels information element */ -#define IEEE80211_IE_CHANNELS 36 - - -/** 802.11 ERP Information information element - * - * This is used to communicate some PHY-level flags. - */ -struct ieee80211_ie_erp_info { - u8 id; /**< ERP Information ID: 42 */ - u8 len; /**< ERP Information length: 1 */ - u8 erp_info; /**< ERP flags */ -} __attribute__ ((packed)); - -/** Information element ID for ERP Information information element */ -#define IEEE80211_IE_ERP_INFO 42 - -/** ERP information element: Flag set if 802.11b stations are present */ -#define IEEE80211_ERP_NONERP_PRESENT 0x01 - -/** ERP information element: Flag set if CTS protection must be used */ -#define IEEE80211_ERP_USE_PROTECTION 0x02 - -/** ERP information element: Flag set if long preambles must be used */ -#define IEEE80211_ERP_BARKER_LONG 0x04 - - -/** 802.11 Robust Security Network ("WPA") information element - * - * Showing once again a striking clarity of design, the IEEE folks put - * dynamically-sized data in the middle of this structure. As such, - * the below structure definition only works for IEs we create - * ourselves, which always have one pairwise cipher and one AKM; - * received IEs should be parsed piecemeal. - * - * Also inspired was IEEE's choice of 16-bit fields to count the - * number of 4-byte elements in a structure with a maximum length of - * 255 bytes. - * - * Many fields reference a cipher or authentication-type ID; this is a - * three-byte OUI followed by one byte identifying the cipher with - * respect to that OUI. For all standard ciphers the OUI is 00:0F:AC, - * except in old-style WPA IEs encapsulated in vendor-specific IEs, - * where it's 00:50:F2. - */ -struct ieee80211_ie_rsn { - /** Information element ID */ - u8 id; - - /** Information element length */ - u8 len; - - /** RSN information element version */ - u16 version; - - /** Cipher ID for the cipher used in multicast/broadcast frames */ - u32 group_cipher; - - /** Number of unicast ciphers supported */ - u16 pairwise_count; - - /** List of cipher IDs for supported unicast frame ciphers */ - u32 pairwise_cipher[1]; - - /** Number of authentication types supported */ - u16 akm_count; - - /** List of authentication type IDs for supported types */ - u32 akm_list[1]; - - /** Security capabilities field (RSN only) */ - u16 rsn_capab; - - /** Number of PMKIDs included (present only in association frames) */ - u16 pmkid_count; - - /** List of PMKIDs included, each a 16-byte SHA1 hash */ - u8 pmkid_list[0]; -} __attribute__((packed)); - -/** Information element ID for Robust Security Network information element */ -#define IEEE80211_IE_RSN 48 - -/** Calculate necessary size of RSN information element - * - * @v npair Number of pairwise ciphers supported - * @v nauth Number of authentication types supported - * @v npmkid Number of PMKIDs to include - * @v is_rsn If TRUE, calculate RSN IE size; if FALSE, calculate WPA IE size - * @ret size Necessary size of IE, including header bytes - */ -static inline size_t ieee80211_rsn_size ( int npair, int nauth, int npmkid, - int rsn_ie ) { - return 16 + 4 * ( npair + nauth ) + 16 * npmkid - 4 * ! rsn_ie; -} - -/** Make OUI plus type byte into 32-bit integer for easy comparison */ -#if __BYTE_ORDER == __BIG_ENDIAN -#define _MKOUI( a, b, c, t ) \ - ( ( ( a ) << 24 ) | ( ( b ) << 16 ) | ( ( c ) << 8 ) | ( d ) ) -#define OUI_ORG_MASK 0xFFFFFF00 -#define OUI_TYPE_MASK 0x000000FF -#else -#define _MKOUI( a, b, c, t ) \ - ( ( ( t ) << 24 ) | ( ( c ) << 16 ) | ( ( b ) << 8 ) | ( a ) ) -#define OUI_ORG_MASK 0x00FFFFFF -#define OUI_TYPE_MASK 0xFF000000 -#endif - -/** Organization part for OUIs in standard RSN IE */ -#define IEEE80211_RSN_OUI _MKOUI ( 0x00, 0x0F, 0xAC, 0 ) - -/** Organization part for OUIs in old WPA IE */ -#define IEEE80211_WPA_OUI _MKOUI ( 0x00, 0x50, 0xF2, 0 ) - -/** Old vendor-type WPA IE OUI type + subtype */ -#define IEEE80211_WPA_OUI_VEN _MKOUI ( 0x00, 0x50, 0xF2, 0x01 ) - - -/** 802.11 RSN IE: expected version number */ -#define IEEE80211_RSN_VERSION 1 - -/** 802.11 RSN IE: cipher type for 40-bit WEP */ -#define IEEE80211_RSN_CTYPE_WEP40 _MKOUI ( 0, 0, 0, 0x01 ) - -/** 802.11 RSN IE: cipher type for 104-bit WEP */ -#define IEEE80211_RSN_CTYPE_WEP104 _MKOUI ( 0, 0, 0, 0x05 ) - -/** 802.11 RSN IE: cipher type for TKIP ("WPA") */ -#define IEEE80211_RSN_CTYPE_TKIP _MKOUI ( 0, 0, 0, 0x02 ) - -/** 802.11 RSN IE: cipher type for CCMP ("WPA2") */ -#define IEEE80211_RSN_CTYPE_CCMP _MKOUI ( 0, 0, 0, 0x04 ) - -/** 802.11 RSN IE: cipher type for "use group" - * - * This can only appear as a pairwise cipher, and means unicast frames - * should be encrypted in the same way as broadcast/multicast frames. - */ -#define IEEE80211_RSN_CTYPE_USEGROUP _MKOUI ( 0, 0, 0, 0x00 ) - -/** 802.11 RSN IE: auth method type for using an 802.1X server */ -#define IEEE80211_RSN_ATYPE_8021X _MKOUI ( 0, 0, 0, 0x01 ) - -/** 802.11 RSN IE: auth method type for using a pre-shared key */ -#define IEEE80211_RSN_ATYPE_PSK _MKOUI ( 0, 0, 0, 0x02 ) - -/** 802.11 RSN IE capabilities: AP supports pre-authentication */ -#define IEEE80211_RSN_CAPAB_PREAUTH 0x001 - -/** 802.11 RSN IE capabilities: Node has conflict between TKIP and WEP - * - * This is a legacy issue; APs always set it to 0, and gPXE sets it to - * 0. - */ -#define IEEE80211_RSN_CAPAB_NO_PAIRWISE 0x002 - -/** 802.11 RSN IE capabilities: Number of PTKSA replay counters - * - * A value of 0 means one replay counter, 1 means two, 2 means four, - * and 3 means sixteen. - */ -#define IEEE80211_RSN_CAPAB_PTKSA_REPLAY 0x00C - -/** 802.11 RSN IE capabilities: Number of GTKSA replay counters - * - * A value of 0 means one replay counter, 1 means two, 2 means four, - * and 3 means sixteen. - */ -#define IEEE80211_RSN_CAPAB_GTKSA_REPLAY 0x030 - -/** 802.11 RSN IE capabilities: PeerKey Handshaking is suported */ -#define IEEE80211_RSN_CAPAB_PEERKEY 0x200 - - -/** 802.11 RSN IE capabilities: One replay counter - * - * This should be AND'ed with @c IEEE80211_RSN_CAPAB_PTKSA_REPLAY or - * @c IEEE80211_RSN_CAPAB_GTKSA_REPLAY (or both) to produce a value - * which can be OR'ed into the capabilities field. - */ -#define IEEE80211_RSN_1_CTR 0x000 - -/** 802.11 RSN IE capabilities: Two replay counters */ -#define IEEE80211_RSN_2_CTR 0x014 - -/** 802.11 RSN IE capabilities: Four replay counters */ -#define IEEE80211_RSN_4_CTR 0x028 - -/** 802.11 RSN IE capabilities: 16 replay counters */ -#define IEEE80211_RSN_16_CTR 0x03C - - -/** 802.11 Vendor Specific information element - * - * One often sees the RSN IE masquerading as vendor-specific on - * devices that were produced prior to 802.11i (the WPA amendment) - * being finalized. - */ -struct ieee80211_ie_vendor { - u8 id; /**< Vendor-specific ID: 221 */ - u8 len; /**< Vendor-specific length: variable */ - u32 oui; /**< OUI and vendor-specific type byte */ - u8 data[0]; /**< Vendor-specific data */ -} __attribute__ ((packed)); - -/** Information element ID for Vendor Specific information element */ -#define IEEE80211_IE_VENDOR 221 - - - - -/** Any 802.11 information element - * - * This is formatted for ease of use, so IEs with complex structures - * get referenced in full, while those with only one byte of data or a - * simple array are pulled in to avoid a layer of indirection like - * ie->channels.channels[0]. - */ -union ieee80211_ie -{ - /** Generic and simple information element info */ - struct { - u8 id; /**< Information element ID */ - u8 len; /**< Information element data length */ - union { - char ssid[0]; /**< SSID text */ - u8 rates[0]; /**< Rates data */ - u8 request[0]; /**< Request list */ - u8 challenge_text[0]; /**< Challenge text data */ - u8 power_constraint; /**< Power constraint, dBm */ - u8 erp_info; /**< ERP information flags */ - /** List of channels */ - struct ieee80211_ie_channels_channel_band channels[0]; - }; - }; - - /** DS parameter set */ - struct ieee80211_ie_ds_param ds_param; - - /** Country information */ - struct ieee80211_ie_country country; - - /** Power capability */ - struct ieee80211_ie_power_capab power_capab; - - /** Security information */ - struct ieee80211_ie_rsn rsn; - - /** Vendor-specific */ - struct ieee80211_ie_vendor vendor; -}; - -/** Check that 802.11 information element is bounded by buffer - * - * @v ie Information element - * @v end End of buffer in which information element is stored - * @ret ok TRUE if the IE is completely contained within the buffer - */ -static inline int ieee80211_ie_bound ( union ieee80211_ie *ie, void *end ) -{ - void *iep = ie; - return ( iep + 2 <= end && iep + 2 + ie->len <= end ); -} - -/** Advance to next 802.11 information element - * - * @v ie Current information element pointer - * @v end Pointer to first byte not in information element space - * @ret next Pointer to next information element, or NULL if no more - * - * When processing received IEs, @a end should be set to the I/O - * buffer tail pointer; when marshalling IEs for sending, @a end - * should be NULL. - */ -static inline union ieee80211_ie * ieee80211_next_ie ( union ieee80211_ie *ie, - void *end ) -{ - void *next_ie_byte = ( void * ) ie + ie->len + 2; - union ieee80211_ie *next_ie = next_ie_byte; - - if ( ! end ) - return next_ie; - - if ( ieee80211_ie_bound ( next_ie, end ) ) - return next_ie; - - return NULL; -} - -/** @} */ - - -/* ---------- Management frame data formats ---------- */ - -/** - * @defgroup ieee80211_mgmt_data Management frame data payloads - * @{ - */ - -/** Beacon or probe response frame data */ -struct ieee80211_beacon_or_probe_resp -{ - /** 802.11 TSFT value at frame send */ - u64 timestamp; - - /** Interval at which beacons are sent, in units of 1024 us */ - u16 beacon_interval; - - /** Capability flags */ - u16 capability; - - /** List of information elements */ - union ieee80211_ie info_element[0]; -} __attribute__((packed)); - -#define ieee80211_beacon ieee80211_beacon_or_probe_resp -#define ieee80211_probe_resp ieee80211_beacon_or_probe_resp - -/** Disassociation or deauthentication frame data */ -struct ieee80211_disassoc_or_deauth -{ - /** Reason code */ - u16 reason; -} __attribute__((packed)); - -#define ieee80211_disassoc ieee80211_disassoc_or_deauth -#define ieee80211_deauth ieee80211_disassoc_or_deauth - -/** Association request frame data */ -struct ieee80211_assoc_req -{ - /** Capability flags */ - u16 capability; - - /** Interval at which we wake up, in units of the beacon interval */ - u16 listen_interval; - - /** List of information elements */ - union ieee80211_ie info_element[0]; -} __attribute__((packed)); - -/** Association or reassociation response frame data */ -struct ieee80211_assoc_or_reassoc_resp -{ - /** Capability flags */ - u16 capability; - - /** Status code */ - u16 status; - - /** Association ID */ - u16 aid; - - /** List of information elements */ - union ieee80211_ie info_element[0]; -} __attribute__((packed)); - -#define ieee80211_assoc_resp ieee80211_assoc_or_reassoc_resp -#define ieee80211_reassoc_resp ieee80211_assoc_or_reassoc_resp - -/** Reassociation request frame data */ -struct ieee80211_reassoc_req -{ - /** Capability flags */ - u16 capability; - - /** Interval at which we wake up, in units of the beacon interval */ - u16 listen_interval; - - /** MAC address of current Access Point */ - u8 current_addr[ETH_ALEN]; - - /** List of information elements */ - union ieee80211_ie info_element[0]; -} __attribute__((packed)); - -/** Probe request frame data */ -struct ieee80211_probe_req -{ - /** List of information elements */ - union ieee80211_ie info_element[0]; -} __attribute__((packed)); - -/** Authentication frame data */ -struct ieee80211_auth -{ - /** Authentication algorithm (Open System or Shared Key) */ - u16 algorithm; - - /** Sequence number of this frame; first from client to AP is 1 */ - u16 tx_seq; - - /** Status code */ - u16 status; - - /** List of information elements */ - union ieee80211_ie info_element[0]; -} __attribute__((packed)); - -/** Open System authentication algorithm */ -#define IEEE80211_AUTH_OPEN_SYSTEM 0 - -/** Shared Key authentication algorithm */ -#define IEEE80211_AUTH_SHARED_KEY 1 - -/** @} */ - -#endif |