This extends the NL80211_CMD_TRIGGER_SCAN command to allow applications
to specify a set of information element(s) to be added into Probe
Request frames with NL80211_ATTR_IE. This provides support for the
MLME-SCAN.request primitive parameter VendorSpecificInfo and can be
used, e.g., to implement WPS scanning.
Signed-off-by: Jouni Malinen <[email protected]>
---
include/net/cfg80211.h | 4 ++++
net/mac80211/ieee80211_i.h | 3 ++-
net/mac80211/mlme.c | 14 +++++++++-----
net/mac80211/scan.c | 3 ++-
net/wireless/nl80211.c | 21 ++++++++++++++++++++-
5 files changed, 37 insertions(+), 8 deletions(-)
--- wireless-testing.orig/include/net/cfg80211.h 2009-02-13 12:47:56.000000000 +0200
+++ wireless-testing/include/net/cfg80211.h 2009-02-13 12:48:45.000000000 +0200
@@ -525,6 +525,8 @@ struct cfg80211_ssid {
* @n_ssids: number of SSIDs
* @channels: channels to scan on.
* @n_channels: number of channels for each band
+ * @ie: optional information element(s) to add into Probe Request or %NULL
+ * @ie_len: length of ie in octets
* @wiphy: the wiphy this was for
* @ifidx: the interface index
*/
@@ -533,6 +535,8 @@ struct cfg80211_scan_request {
int n_ssids;
struct ieee80211_channel **channels;
u32 n_channels;
+ u8 *ie;
+ size_t ie_len;
/* internal */
struct wiphy *wiphy;
--- wireless-testing.orig/net/mac80211/ieee80211_i.h 2009-02-13 12:47:56.000000000 +0200
+++ wireless-testing/net/mac80211/ieee80211_i.h 2009-02-13 12:48:45.000000000 +0200
@@ -911,7 +911,8 @@ u32 ieee80211_sta_get_rates(struct ieee8
struct ieee802_11_elems *elems,
enum ieee80211_band band);
void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
- u8 *ssid, size_t ssid_len);
+ u8 *ssid, size_t ssid_len,
+ u8 *ie, size_t ie_len);
void ieee80211_send_pspoll(struct ieee80211_local *local,
struct ieee80211_sub_if_data *sdata);
--- wireless-testing.orig/net/mac80211/mlme.c 2009-02-13 12:47:56.000000000 +0200
+++ wireless-testing/net/mac80211/mlme.c 2009-02-13 12:48:45.000000000 +0200
@@ -139,7 +139,8 @@ static void add_extra_ies(struct sk_buff
/* also used by scanning code */
void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
- u8 *ssid, size_t ssid_len)
+ u8 *ssid, size_t ssid_len,
+ u8 *ie, size_t ie_len)
{
struct ieee80211_local *local = sdata->local;
struct ieee80211_supported_band *sband;
@@ -149,7 +150,7 @@ void ieee80211_send_probe_req(struct iee
int i;
skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200 +
- sdata->u.sta.ie_probereq_len);
+ ie_len + sdata->u.sta.ie_probereq_len);
if (!skb) {
printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
"request\n", sdata->dev->name);
@@ -196,6 +197,7 @@ void ieee80211_send_probe_req(struct iee
*pos = rate->bitrate / 5;
}
+ add_extra_ies(skb, ie, ie_len);
add_extra_ies(skb, sdata->u.sta.ie_probereq,
sdata->u.sta.ie_probereq_len);
@@ -891,7 +893,7 @@ static void ieee80211_direct_probe(struc
* will not answer to direct packet in unassociated state.
*/
ieee80211_send_probe_req(sdata, NULL,
- ifsta->ssid, ifsta->ssid_len);
+ ifsta->ssid, ifsta->ssid_len, NULL, 0);
mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
}
@@ -1116,7 +1118,8 @@ static void ieee80211_associated(struct
} else
ieee80211_send_probe_req(sdata, ifsta->bssid,
ifsta->ssid,
- ifsta->ssid_len);
+ ifsta->ssid_len,
+ NULL, 0);
ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
} else {
ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
@@ -1125,7 +1128,8 @@ static void ieee80211_associated(struct
ifsta->last_probe = jiffies;
ieee80211_send_probe_req(sdata, ifsta->bssid,
ifsta->ssid,
- ifsta->ssid_len);
+ ifsta->ssid_len,
+ NULL, 0);
}
}
}
--- wireless-testing.orig/net/mac80211/scan.c 2009-02-13 12:47:56.000000000 +0200
+++ wireless-testing/net/mac80211/scan.c 2009-02-13 12:48:45.000000000 +0200
@@ -367,7 +367,8 @@ void ieee80211_scan_work(struct work_str
ieee80211_send_probe_req(
sdata, NULL,
local->scan_req->ssids[i].ssid,
- local->scan_req->ssids[i].ssid_len);
+ local->scan_req->ssids[i].ssid_len,
+ local->scan_req->ie, local->scan_req->ie_len);
next_delay = IEEE80211_CHANNEL_TIME;
break;
}
--- wireless-testing.orig/net/wireless/nl80211.c 2009-02-13 12:47:56.000000000 +0200
+++ wireless-testing/net/wireless/nl80211.c 2009-02-13 12:48:45.000000000 +0200
@@ -2286,6 +2286,7 @@ static int nl80211_trigger_scan(struct s
struct wiphy *wiphy;
int err, tmp, n_ssids = 0, n_channels = 0, i;
enum ieee80211_band band;
+ size_t ie_len;
err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
if (err)
@@ -2327,9 +2328,15 @@ static int nl80211_trigger_scan(struct s
goto out_unlock;
}
+ if (info->attrs[NL80211_ATTR_IE])
+ ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
+ else
+ ie_len = 0;
+
request = kzalloc(sizeof(*request)
+ sizeof(*ssid) * n_ssids
- + sizeof(channel) * n_channels, GFP_KERNEL);
+ + sizeof(channel) * n_channels
+ + ie_len, GFP_KERNEL);
if (!request) {
err = -ENOMEM;
goto out_unlock;
@@ -2340,6 +2347,12 @@ static int nl80211_trigger_scan(struct s
if (n_ssids)
request->ssids = (void *)(request->channels + n_channels);
request->n_ssids = n_ssids;
+ if (ie_len) {
+ if (request->ssids)
+ request->ie = (void *)(request->ssids + n_ssids);
+ else
+ request->ie = (void *)(request->channels + n_channels);
+ }
if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
/* user specified, bail out if channel not found */
@@ -2380,6 +2393,12 @@ static int nl80211_trigger_scan(struct s
}
}
+ if (info->attrs[NL80211_ATTR_IE]) {
+ request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
+ memcpy(request->ie, nla_data(info->attrs[NL80211_ATTR_IE]),
+ request->ie_len);
+ }
+
request->ifidx = dev->ifindex;
request->wiphy = &drv->wiphy;
--
Jouni Malinen PGP id EFC895FA
On Sun, Feb 15, 2009 at 6:12 PM, Johannes Berg
<[email protected]> wrote:
> On Sun, 2009-02-15 at 15:09 +0200, Tomas Winkler wrote:
>
>> Status questions
>> What is the version of wpa_supplicant that supports WPS. Is wext
>> covered with IWEVGENIE?
>> Is it currently working with mac80211 based drivers?
>
> The WPS scanning might be an issue in iwlwifi because afaik the hw_scan
> callback doesn't honour any of the ways to add IEs into probe requests?
Correct I'm aware of it. Your suggestion to create mac80211/cfg
helper for construction of probe requests for HW scan usage is on the
TODO list...
Tomas
On Sun, Feb 15, 2009 at 03:09:15PM +0200, Tomas Winkler wrote:
> Status questions
> What is the version of wpa_supplicant that supports WPS. Is wext
> covered with IWEVGENIE?
wpa_supplicant 0.6.7 and newer has support for WPS, but there are some
bug fixes since then, so 0.6.8 is likely a better starting point. wext
works for most parts, but there is no support for adding WPS IE into
Probe Request with it (cfg80211/nl80211 needed for this). Anyway, that
part of the protocol is optional, so it should not cause major problems.
> Is it currently working with mac80211 based drivers?
Yes.
--
Jouni Malinen PGP id EFC895FA
On Sun, Feb 15, 2009 at 5:44 PM, Jouni Malinen <[email protected]> wrote:
> On Sun, Feb 15, 2009 at 03:09:15PM +0200, Tomas Winkler wrote:
>> Status questions
>> What is the version of wpa_supplicant that supports WPS. Is wext
>> covered with IWEVGENIE?
>
> wpa_supplicant 0.6.7 and newer has support for WPS, but there are some
> bug fixes since then, so 0.6.8 is likely a better starting point. wext
> works for most parts, but there is no support for adding WPS IE into
> Probe Request with it (cfg80211/nl80211 needed for this). Anyway, that
> part of the protocol is optional, so it should not cause major problems.
>
>> Is it currently working with mac80211 based drivers?
>
> Yes.
>
Thanks
Tomas
> --
> Jouni Malinen PGP id EFC895FA
>
On Fri, Feb 13, 2009 at 12:00:04PM +0100, Johannes Berg wrote:
> Looks like this will conflict with my ibss splitout patch?
Yeah.. Here's a compile-tested, rebased version. I'll send PATCHv2 after
having had a chance to test this more properly.
This extends the NL80211_CMD_TRIGGER_SCAN command to allow applications
to specify a set of information element(s) to be added into Probe
Request frames with NL80211_ATTR_IE. This provides support for the
MLME-SCAN.request primitive parameter VendorSpecificInfo and can be
used, e.g., to implement WPS scanning.
Signed-off-by: Jouni Malinen <[email protected]>
Acked-by: Johannes Berg <[email protected]>
---
include/net/cfg80211.h | 4 ++++
net/mac80211/ieee80211_i.h | 3 ++-
net/mac80211/mlme.c | 8 +++++---
net/mac80211/scan.c | 3 ++-
net/mac80211/util.c | 7 +++++--
net/wireless/nl80211.c | 21 ++++++++++++++++++++-
6 files changed, 38 insertions(+), 8 deletions(-)
--- wireless-testing.orig/include/net/cfg80211.h 2009-02-12 14:43:39.000000000 +0200
+++ wireless-testing/include/net/cfg80211.h 2009-02-13 13:08:37.000000000 +0200
@@ -525,6 +525,8 @@ struct cfg80211_ssid {
* @n_ssids: number of SSIDs
* @channels: channels to scan on.
* @n_channels: number of channels for each band
+ * @ie: optional information element(s) to add into Probe Request or %NULL
+ * @ie_len: length of ie in octets
* @wiphy: the wiphy this was for
* @ifidx: the interface index
*/
@@ -533,6 +535,8 @@ struct cfg80211_scan_request {
int n_ssids;
struct ieee80211_channel **channels;
u32 n_channels;
+ u8 *ie;
+ size_t ie_len;
/* internal */
struct wiphy *wiphy;
--- wireless-testing.orig/net/mac80211/scan.c 2009-02-13 13:04:17.000000000 +0200
+++ wireless-testing/net/mac80211/scan.c 2009-02-13 13:08:37.000000000 +0200
@@ -338,7 +338,8 @@ void ieee80211_scan_work(struct work_str
ieee80211_send_probe_req(
sdata, NULL,
local->scan_req->ssids[i].ssid,
- local->scan_req->ssids[i].ssid_len);
+ local->scan_req->ssids[i].ssid_len,
+ local->scan_req->ie, local->scan_req->ie_len);
next_delay = IEEE80211_CHANNEL_TIME;
break;
}
--- wireless-testing.orig/net/wireless/nl80211.c 2009-02-12 14:43:39.000000000 +0200
+++ wireless-testing/net/wireless/nl80211.c 2009-02-13 13:08:37.000000000 +0200
@@ -2286,6 +2286,7 @@ static int nl80211_trigger_scan(struct s
struct wiphy *wiphy;
int err, tmp, n_ssids = 0, n_channels = 0, i;
enum ieee80211_band band;
+ size_t ie_len;
err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
if (err)
@@ -2327,9 +2328,15 @@ static int nl80211_trigger_scan(struct s
goto out_unlock;
}
+ if (info->attrs[NL80211_ATTR_IE])
+ ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
+ else
+ ie_len = 0;
+
request = kzalloc(sizeof(*request)
+ sizeof(*ssid) * n_ssids
- + sizeof(channel) * n_channels, GFP_KERNEL);
+ + sizeof(channel) * n_channels
+ + ie_len, GFP_KERNEL);
if (!request) {
err = -ENOMEM;
goto out_unlock;
@@ -2340,6 +2347,12 @@ static int nl80211_trigger_scan(struct s
if (n_ssids)
request->ssids = (void *)(request->channels + n_channels);
request->n_ssids = n_ssids;
+ if (ie_len) {
+ if (request->ssids)
+ request->ie = (void *)(request->ssids + n_ssids);
+ else
+ request->ie = (void *)(request->channels + n_channels);
+ }
if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
/* user specified, bail out if channel not found */
@@ -2380,6 +2393,12 @@ static int nl80211_trigger_scan(struct s
}
}
+ if (info->attrs[NL80211_ATTR_IE]) {
+ request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
+ memcpy(request->ie, nla_data(info->attrs[NL80211_ATTR_IE]),
+ request->ie_len);
+ }
+
request->ifidx = dev->ifindex;
request->wiphy = &drv->wiphy;
--- wireless-testing.orig/net/mac80211/ieee80211_i.h 2009-02-13 13:11:07.000000000 +0200
+++ wireless-testing/net/mac80211/ieee80211_i.h 2009-02-13 13:11:24.000000000 +0200
@@ -1079,7 +1079,8 @@ void ieee80211_send_auth(struct ieee8021
u8 *extra, size_t extra_len,
const u8 *bssid, int encrypt);
void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
- u8 *ssid, size_t ssid_len);
+ u8 *ssid, size_t ssid_len,
+ u8 *ie, size_t ie_len);
void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
const size_t supp_rates_len,
--- wireless-testing.orig/net/mac80211/mlme.c 2009-02-13 13:10:15.000000000 +0200
+++ wireless-testing/net/mac80211/mlme.c 2009-02-13 13:10:45.000000000 +0200
@@ -716,7 +716,7 @@ static void ieee80211_direct_probe(struc
* will not answer to direct packet in unassociated state.
*/
ieee80211_send_probe_req(sdata, NULL,
- ifmgd->ssid, ifmgd->ssid_len);
+ ifmgd->ssid, ifmgd->ssid_len, NULL, 0);
mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
}
@@ -946,7 +946,8 @@ static void ieee80211_associated(struct
} else
ieee80211_send_probe_req(sdata, ifmgd->bssid,
ifmgd->ssid,
- ifmgd->ssid_len);
+ ifmgd->ssid_len,
+ NULL, 0);
ifmgd->flags ^= IEEE80211_STA_PROBEREQ_POLL;
} else {
ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
@@ -955,7 +956,8 @@ static void ieee80211_associated(struct
ifmgd->last_probe = jiffies;
ieee80211_send_probe_req(sdata, ifmgd->bssid,
ifmgd->ssid,
- ifmgd->ssid_len);
+ ifmgd->ssid_len,
+ NULL, 0);
}
}
}
--- wireless-testing.orig/net/mac80211/util.c 2009-02-13 13:08:44.000000000 +0200
+++ wireless-testing/net/mac80211/util.c 2009-02-13 13:11:58.000000000 +0200
@@ -835,7 +835,8 @@ void ieee80211_send_auth(struct ieee8021
}
void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
- u8 *ssid, size_t ssid_len)
+ u8 *ssid, size_t ssid_len,
+ u8 *ie, size_t ie_len)
{
struct ieee80211_local *local = sdata->local;
struct ieee80211_supported_band *sband;
@@ -854,7 +855,7 @@ void ieee80211_send_probe_req(struct iee
}
skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200 +
- extra_preq_ie_len);
+ ie_len + extra_preq_ie_len);
if (!skb) {
printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
"request\n", sdata->dev->name);
@@ -901,6 +902,8 @@ void ieee80211_send_probe_req(struct iee
*pos = rate->bitrate / 5;
}
+ if (ie)
+ memcpy(skb_put(skb, ie_len), ie, ie_len);
if (extra_preq_ie)
memcpy(skb_put(skb, extra_preq_ie_len), extra_preq_ie,
extra_preq_ie_len);
--
Jouni Malinen PGP id EFC895FA
On Sun, 2009-02-15 at 15:09 +0200, Tomas Winkler wrote:
> Status questions
> What is the version of wpa_supplicant that supports WPS. Is wext
> covered with IWEVGENIE?
> Is it currently working with mac80211 based drivers?
The WPS scanning might be an issue in iwlwifi because afaik the hw_scan
callback doesn't honour any of the ways to add IEs into probe requests?
johannes
On Fri, 2009-02-13 at 12:53 +0200, Jouni Malinen wrote:
> This extends the NL80211_CMD_TRIGGER_SCAN command to allow applications
> to specify a set of information element(s) to be added into Probe
> Request frames with NL80211_ATTR_IE. This provides support for the
> MLME-SCAN.request primitive parameter VendorSpecificInfo and can be
> used, e.g., to implement WPS scanning.
>
> Signed-off-by: Jouni Malinen <[email protected]>
Acked-by: Johannes Berg <[email protected]>
Looks like this will conflict with my ibss splitout patch?
>
> ---
> include/net/cfg80211.h | 4 ++++
> net/mac80211/ieee80211_i.h | 3 ++-
> net/mac80211/mlme.c | 14 +++++++++-----
> net/mac80211/scan.c | 3 ++-
> net/wireless/nl80211.c | 21 ++++++++++++++++++++-
> 5 files changed, 37 insertions(+), 8 deletions(-)
>
> --- wireless-testing.orig/include/net/cfg80211.h 2009-02-13 12:47:56.000000000 +0200
> +++ wireless-testing/include/net/cfg80211.h 2009-02-13 12:48:45.000000000 +0200
> @@ -525,6 +525,8 @@ struct cfg80211_ssid {
> * @n_ssids: number of SSIDs
> * @channels: channels to scan on.
> * @n_channels: number of channels for each band
> + * @ie: optional information element(s) to add into Probe Request or %NULL
> + * @ie_len: length of ie in octets
> * @wiphy: the wiphy this was for
> * @ifidx: the interface index
> */
> @@ -533,6 +535,8 @@ struct cfg80211_scan_request {
> int n_ssids;
> struct ieee80211_channel **channels;
> u32 n_channels;
> + u8 *ie;
> + size_t ie_len;
>
> /* internal */
> struct wiphy *wiphy;
> --- wireless-testing.orig/net/mac80211/ieee80211_i.h 2009-02-13 12:47:56.000000000 +0200
> +++ wireless-testing/net/mac80211/ieee80211_i.h 2009-02-13 12:48:45.000000000 +0200
> @@ -911,7 +911,8 @@ u32 ieee80211_sta_get_rates(struct ieee8
> struct ieee802_11_elems *elems,
> enum ieee80211_band band);
> void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
> - u8 *ssid, size_t ssid_len);
> + u8 *ssid, size_t ssid_len,
> + u8 *ie, size_t ie_len);
> void ieee80211_send_pspoll(struct ieee80211_local *local,
> struct ieee80211_sub_if_data *sdata);
>
> --- wireless-testing.orig/net/mac80211/mlme.c 2009-02-13 12:47:56.000000000 +0200
> +++ wireless-testing/net/mac80211/mlme.c 2009-02-13 12:48:45.000000000 +0200
> @@ -139,7 +139,8 @@ static void add_extra_ies(struct sk_buff
>
> /* also used by scanning code */
> void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
> - u8 *ssid, size_t ssid_len)
> + u8 *ssid, size_t ssid_len,
> + u8 *ie, size_t ie_len)
> {
> struct ieee80211_local *local = sdata->local;
> struct ieee80211_supported_band *sband;
> @@ -149,7 +150,7 @@ void ieee80211_send_probe_req(struct iee
> int i;
>
> skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200 +
> - sdata->u.sta.ie_probereq_len);
> + ie_len + sdata->u.sta.ie_probereq_len);
> if (!skb) {
> printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
> "request\n", sdata->dev->name);
> @@ -196,6 +197,7 @@ void ieee80211_send_probe_req(struct iee
> *pos = rate->bitrate / 5;
> }
>
> + add_extra_ies(skb, ie, ie_len);
> add_extra_ies(skb, sdata->u.sta.ie_probereq,
> sdata->u.sta.ie_probereq_len);
>
> @@ -891,7 +893,7 @@ static void ieee80211_direct_probe(struc
> * will not answer to direct packet in unassociated state.
> */
> ieee80211_send_probe_req(sdata, NULL,
> - ifsta->ssid, ifsta->ssid_len);
> + ifsta->ssid, ifsta->ssid_len, NULL, 0);
>
> mod_timer(&ifsta->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
> }
> @@ -1116,7 +1118,8 @@ static void ieee80211_associated(struct
> } else
> ieee80211_send_probe_req(sdata, ifsta->bssid,
> ifsta->ssid,
> - ifsta->ssid_len);
> + ifsta->ssid_len,
> + NULL, 0);
> ifsta->flags ^= IEEE80211_STA_PROBEREQ_POLL;
> } else {
> ifsta->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
> @@ -1125,7 +1128,8 @@ static void ieee80211_associated(struct
> ifsta->last_probe = jiffies;
> ieee80211_send_probe_req(sdata, ifsta->bssid,
> ifsta->ssid,
> - ifsta->ssid_len);
> + ifsta->ssid_len,
> + NULL, 0);
> }
> }
> }
> --- wireless-testing.orig/net/mac80211/scan.c 2009-02-13 12:47:56.000000000 +0200
> +++ wireless-testing/net/mac80211/scan.c 2009-02-13 12:48:45.000000000 +0200
> @@ -367,7 +367,8 @@ void ieee80211_scan_work(struct work_str
> ieee80211_send_probe_req(
> sdata, NULL,
> local->scan_req->ssids[i].ssid,
> - local->scan_req->ssids[i].ssid_len);
> + local->scan_req->ssids[i].ssid_len,
> + local->scan_req->ie, local->scan_req->ie_len);
> next_delay = IEEE80211_CHANNEL_TIME;
> break;
> }
> --- wireless-testing.orig/net/wireless/nl80211.c 2009-02-13 12:47:56.000000000 +0200
> +++ wireless-testing/net/wireless/nl80211.c 2009-02-13 12:48:45.000000000 +0200
> @@ -2286,6 +2286,7 @@ static int nl80211_trigger_scan(struct s
> struct wiphy *wiphy;
> int err, tmp, n_ssids = 0, n_channels = 0, i;
> enum ieee80211_band band;
> + size_t ie_len;
>
> err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
> if (err)
> @@ -2327,9 +2328,15 @@ static int nl80211_trigger_scan(struct s
> goto out_unlock;
> }
>
> + if (info->attrs[NL80211_ATTR_IE])
> + ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
> + else
> + ie_len = 0;
> +
> request = kzalloc(sizeof(*request)
> + sizeof(*ssid) * n_ssids
> - + sizeof(channel) * n_channels, GFP_KERNEL);
> + + sizeof(channel) * n_channels
> + + ie_len, GFP_KERNEL);
> if (!request) {
> err = -ENOMEM;
> goto out_unlock;
> @@ -2340,6 +2347,12 @@ static int nl80211_trigger_scan(struct s
> if (n_ssids)
> request->ssids = (void *)(request->channels + n_channels);
> request->n_ssids = n_ssids;
> + if (ie_len) {
> + if (request->ssids)
> + request->ie = (void *)(request->ssids + n_ssids);
> + else
> + request->ie = (void *)(request->channels + n_channels);
> + }
>
> if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
> /* user specified, bail out if channel not found */
> @@ -2380,6 +2393,12 @@ static int nl80211_trigger_scan(struct s
> }
> }
>
> + if (info->attrs[NL80211_ATTR_IE]) {
> + request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
> + memcpy(request->ie, nla_data(info->attrs[NL80211_ATTR_IE]),
> + request->ie_len);
> + }
> +
> request->ifidx = dev->ifindex;
> request->wiphy = &drv->wiphy;
>
>
On Fri, Feb 13, 2009 at 1:15 PM, Jouni Malinen <[email protected]> wrote:
> On Fri, Feb 13, 2009 at 12:00:04PM +0100, Johannes Berg wrote:
>
>> Looks like this will conflict with my ibss splitout patch?
>
> Yeah.. Here's a compile-tested, rebased version. I'll send PATCHv2 after
> having had a chance to test this more properly.
>
> This extends the NL80211_CMD_TRIGGER_SCAN command to allow applications
> to specify a set of information element(s) to be added into Probe
> Request frames with NL80211_ATTR_IE. This provides support for the
> MLME-SCAN.request primitive parameter VendorSpecificInfo and can be
> used, e.g., to implement WPS scanning.
> Signed-off-by: Jouni Malinen <[email protected]>
> Acked-by: Johannes Berg <[email protected]>
>
Status questions
What is the version of wpa_supplicant that supports WPS. Is wext
covered with IWEVGENIE?
Is it currently working with mac80211 based drivers?
Thanks
Tomas
> ---
> include/net/cfg80211.h | 4 ++++
> net/mac80211/ieee80211_i.h | 3 ++-
> net/mac80211/mlme.c | 8 +++++---
> net/mac80211/scan.c | 3 ++-
> net/mac80211/util.c | 7 +++++--
> net/wireless/nl80211.c | 21 ++++++++++++++++++++-
> 6 files changed, 38 insertions(+), 8 deletions(-)
>
> --- wireless-testing.orig/include/net/cfg80211.h 2009-02-12 14:43:39.000000000 +0200
> +++ wireless-testing/include/net/cfg80211.h 2009-02-13 13:08:37.000000000 +0200
> @@ -525,6 +525,8 @@ struct cfg80211_ssid {
> * @n_ssids: number of SSIDs
> * @channels: channels to scan on.
> * @n_channels: number of channels for each band
> + * @ie: optional information element(s) to add into Probe Request or %NULL
> + * @ie_len: length of ie in octets
> * @wiphy: the wiphy this was for
> * @ifidx: the interface index
> */
> @@ -533,6 +535,8 @@ struct cfg80211_scan_request {
> int n_ssids;
> struct ieee80211_channel **channels;
> u32 n_channels;
> + u8 *ie;
> + size_t ie_len;
>
> /* internal */
> struct wiphy *wiphy;
> --- wireless-testing.orig/net/mac80211/scan.c 2009-02-13 13:04:17.000000000 +0200
> +++ wireless-testing/net/mac80211/scan.c 2009-02-13 13:08:37.000000000 +0200
> @@ -338,7 +338,8 @@ void ieee80211_scan_work(struct work_str
> ieee80211_send_probe_req(
> sdata, NULL,
> local->scan_req->ssids[i].ssid,
> - local->scan_req->ssids[i].ssid_len);
> + local->scan_req->ssids[i].ssid_len,
> + local->scan_req->ie, local->scan_req->ie_len);
> next_delay = IEEE80211_CHANNEL_TIME;
> break;
> }
> --- wireless-testing.orig/net/wireless/nl80211.c 2009-02-12 14:43:39.000000000 +0200
> +++ wireless-testing/net/wireless/nl80211.c 2009-02-13 13:08:37.000000000 +0200
> @@ -2286,6 +2286,7 @@ static int nl80211_trigger_scan(struct s
> struct wiphy *wiphy;
> int err, tmp, n_ssids = 0, n_channels = 0, i;
> enum ieee80211_band band;
> + size_t ie_len;
>
> err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
> if (err)
> @@ -2327,9 +2328,15 @@ static int nl80211_trigger_scan(struct s
> goto out_unlock;
> }
>
> + if (info->attrs[NL80211_ATTR_IE])
> + ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
> + else
> + ie_len = 0;
> +
> request = kzalloc(sizeof(*request)
> + sizeof(*ssid) * n_ssids
> - + sizeof(channel) * n_channels, GFP_KERNEL);
> + + sizeof(channel) * n_channels
> + + ie_len, GFP_KERNEL);
> if (!request) {
> err = -ENOMEM;
> goto out_unlock;
> @@ -2340,6 +2347,12 @@ static int nl80211_trigger_scan(struct s
> if (n_ssids)
> request->ssids = (void *)(request->channels + n_channels);
> request->n_ssids = n_ssids;
> + if (ie_len) {
> + if (request->ssids)
> + request->ie = (void *)(request->ssids + n_ssids);
> + else
> + request->ie = (void *)(request->channels + n_channels);
> + }
>
> if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
> /* user specified, bail out if channel not found */
> @@ -2380,6 +2393,12 @@ static int nl80211_trigger_scan(struct s
> }
> }
>
> + if (info->attrs[NL80211_ATTR_IE]) {
> + request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
> + memcpy(request->ie, nla_data(info->attrs[NL80211_ATTR_IE]),
> + request->ie_len);
> + }
> +
> request->ifidx = dev->ifindex;
> request->wiphy = &drv->wiphy;
>
> --- wireless-testing.orig/net/mac80211/ieee80211_i.h 2009-02-13 13:11:07.000000000 +0200
> +++ wireless-testing/net/mac80211/ieee80211_i.h 2009-02-13 13:11:24.000000000 +0200
> @@ -1079,7 +1079,8 @@ void ieee80211_send_auth(struct ieee8021
> u8 *extra, size_t extra_len,
> const u8 *bssid, int encrypt);
> void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
> - u8 *ssid, size_t ssid_len);
> + u8 *ssid, size_t ssid_len,
> + u8 *ie, size_t ie_len);
>
> void ieee80211_sta_def_wmm_params(struct ieee80211_sub_if_data *sdata,
> const size_t supp_rates_len,
> --- wireless-testing.orig/net/mac80211/mlme.c 2009-02-13 13:10:15.000000000 +0200
> +++ wireless-testing/net/mac80211/mlme.c 2009-02-13 13:10:45.000000000 +0200
> @@ -716,7 +716,7 @@ static void ieee80211_direct_probe(struc
> * will not answer to direct packet in unassociated state.
> */
> ieee80211_send_probe_req(sdata, NULL,
> - ifmgd->ssid, ifmgd->ssid_len);
> + ifmgd->ssid, ifmgd->ssid_len, NULL, 0);
>
> mod_timer(&ifmgd->timer, jiffies + IEEE80211_AUTH_TIMEOUT);
> }
> @@ -946,7 +946,8 @@ static void ieee80211_associated(struct
> } else
> ieee80211_send_probe_req(sdata, ifmgd->bssid,
> ifmgd->ssid,
> - ifmgd->ssid_len);
> + ifmgd->ssid_len,
> + NULL, 0);
> ifmgd->flags ^= IEEE80211_STA_PROBEREQ_POLL;
> } else {
> ifmgd->flags &= ~IEEE80211_STA_PROBEREQ_POLL;
> @@ -955,7 +956,8 @@ static void ieee80211_associated(struct
> ifmgd->last_probe = jiffies;
> ieee80211_send_probe_req(sdata, ifmgd->bssid,
> ifmgd->ssid,
> - ifmgd->ssid_len);
> + ifmgd->ssid_len,
> + NULL, 0);
> }
> }
> }
> --- wireless-testing.orig/net/mac80211/util.c 2009-02-13 13:08:44.000000000 +0200
> +++ wireless-testing/net/mac80211/util.c 2009-02-13 13:11:58.000000000 +0200
> @@ -835,7 +835,8 @@ void ieee80211_send_auth(struct ieee8021
> }
>
> void ieee80211_send_probe_req(struct ieee80211_sub_if_data *sdata, u8 *dst,
> - u8 *ssid, size_t ssid_len)
> + u8 *ssid, size_t ssid_len,
> + u8 *ie, size_t ie_len)
> {
> struct ieee80211_local *local = sdata->local;
> struct ieee80211_supported_band *sband;
> @@ -854,7 +855,7 @@ void ieee80211_send_probe_req(struct iee
> }
>
> skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*mgmt) + 200 +
> - extra_preq_ie_len);
> + ie_len + extra_preq_ie_len);
> if (!skb) {
> printk(KERN_DEBUG "%s: failed to allocate buffer for probe "
> "request\n", sdata->dev->name);
> @@ -901,6 +902,8 @@ void ieee80211_send_probe_req(struct iee
> *pos = rate->bitrate / 5;
> }
>
> + if (ie)
> + memcpy(skb_put(skb, ie_len), ie, ie_len);
> if (extra_preq_ie)
> memcpy(skb_put(skb, extra_preq_ie_len), extra_preq_ie,
> extra_preq_ie_len);
>
> --
> Jouni Malinen PGP id EFC895FA
> --
> To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
On Wed, Mar 25, 2009 at 05:38:11PM +0200, Tomas Winkler wrote:
> After reading the WPS spec again and specifically the section 10.3
> that talks about PBC, it looks like for PBC you will need to have the
> WPS IE in the Probe request for it to function correctly. So it
> doesn't look optional to mee
>
> The WPS IE in the Probe Request will indicate that the device is in
> PBC mode. The WPS IE is also used for Registrars to see if multiple
> requests were received within the PBC Monitor time.
It is not ideal to work without including the WPS IE in Probe Request,
but the Registrar should be able to do similar detection for session
overlap using M1. If you want something better, all you need to do is to
move from using WEXT to nl80211.. ;-)
The spec is somewhat unclear on this, but there are couple of places
which indicate that the WPS IE may not always be included in Probe
Request (e.g., APs must not reject WPS based on missing WPS IE in Probe
Request).
--
Jouni Malinen PGP id EFC895FA
On Sun, Feb 15, 2009 at 10:40 PM, Tomas Winkler <[email protected]> wrot=
e:
> On Sun, Feb 15, 2009 at 5:44 PM, Jouni Malinen <[email protected]> wrote:
>> On Sun, Feb 15, 2009 at 03:09:15PM +0200, Tomas Winkler wrote:
>>> Status questions
>>> What is the version of wpa_supplicant that supports WPS. =C2=A0Is w=
ext
>>> covered with IWEVGENIE?
>>
>> wpa_supplicant 0.6.7 and newer has support for WPS, but there are so=
me
>> bug fixes since then, so 0.6.8 is likely a better starting point. we=
xt
>> works for most parts, but there is no support for adding WPS IE into
>> Probe Request with it (cfg80211/nl80211 needed for this). Anyway, th=
at
>> part of the protocol is optional, so it should not cause major probl=
ems.
After reading the WPS spec again and specifically the section 10.3
that talks about PBC, it looks like for PBC you will need to have the
WPS IE in the Probe request for it to function correctly. So it
doesn't look optional to mee
The WPS IE in the Probe Request will indicate that the device is in
PBC mode. The WPS IE is also used for Registrars to see if multiple
requests were received within the PBC Monitor time.
Am I missing something ?
Quoting:
'
The Enrollee performs this scan by sending out probe requests with a
Device Password ID indicating that
the Enrollee is in PBC mode and receiving probe responses indicating a
Selected Registrar with a PBC
Device Password ID. During this scan, the Enrollee MUST abort its
connection attempt and signal a
=E2=80=9Csession overlap=E2=80=9D error to the user if it discovers mor=
e than one
Registrar in PBC mode.
=E2=80=A6..
The button press or equivalent trigger event on the Registrar causes
it to first check whether more than
one Enrollee PBC probe request has been received by the Registrar. The
Registrar must examine whether
such a request has been received within 120 seconds prior to the PBC
button press on the Registrar. This
window is called the PBC Monitor Time. If more than one Enrollee PBC
probe request has been received
within the Monitor Time interval, the Registrar MUST signal a session
overlap=E2=80=9D error
'
Thanks
Tomas