xref: /freebsd/sys/net80211/ieee80211_ioctl.h (revision 9162f64b58d01ec01481d60b6cdc06ffd8e8c7fc)
1 /*-
2  * Copyright (c) 2001 Atsushi Onoe
3  * Copyright (c) 2002-2009 Sam Leffler, Errno Consulting
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25  *
26  * $FreeBSD$
27  */
28 #ifndef _NET80211_IEEE80211_IOCTL_H_
29 #define _NET80211_IEEE80211_IOCTL_H_
30 
31 /*
32  * IEEE 802.11 ioctls.
33  */
34 #include <net80211/_ieee80211.h>
35 #include <net80211/ieee80211.h>
36 #include <net80211/ieee80211_crypto.h>
37 
38 /*
39  * Per/node (station) statistics.
40  */
41 struct ieee80211_nodestats {
42 	uint32_t	ns_rx_data;		/* rx data frames */
43 	uint32_t	ns_rx_mgmt;		/* rx management frames */
44 	uint32_t	ns_rx_ctrl;		/* rx control frames */
45 	uint32_t	ns_rx_ucast;		/* rx unicast frames */
46 	uint32_t	ns_rx_mcast;		/* rx multi/broadcast frames */
47 	uint64_t	ns_rx_bytes;		/* rx data count (bytes) */
48 	uint64_t	ns_rx_beacons;		/* rx beacon frames */
49 	uint32_t	ns_rx_proberesp;	/* rx probe response frames */
50 
51 	uint32_t	ns_rx_dup;		/* rx discard 'cuz dup */
52 	uint32_t	ns_rx_noprivacy;	/* rx w/ wep but privacy off */
53 	uint32_t	ns_rx_wepfail;		/* rx wep processing failed */
54 	uint32_t	ns_rx_demicfail;	/* rx demic failed */
55 	uint32_t	ns_rx_decap;		/* rx decapsulation failed */
56 	uint32_t	ns_rx_defrag;		/* rx defragmentation failed */
57 	uint32_t	ns_rx_disassoc;		/* rx disassociation */
58 	uint32_t	ns_rx_deauth;		/* rx deauthentication */
59 	uint32_t	ns_rx_action;		/* rx action */
60 	uint32_t	ns_rx_decryptcrc;	/* rx decrypt failed on crc */
61 	uint32_t	ns_rx_unauth;		/* rx on unauthorized port */
62 	uint32_t	ns_rx_unencrypted;	/* rx unecrypted w/ privacy */
63 	uint32_t	ns_rx_drop;		/* rx discard other reason */
64 
65 	uint32_t	ns_tx_data;		/* tx data frames */
66 	uint32_t	ns_tx_mgmt;		/* tx management frames */
67 	uint32_t	ns_tx_ucast;		/* tx unicast frames */
68 	uint32_t	ns_tx_mcast;		/* tx multi/broadcast frames */
69 	uint64_t	ns_tx_bytes;		/* tx data count (bytes) */
70 	uint32_t	ns_tx_probereq;		/* tx probe request frames */
71 
72 	uint32_t	ns_tx_novlantag;	/* tx discard 'cuz no tag */
73 	uint32_t	ns_tx_vlanmismatch;	/* tx discard 'cuz bad tag */
74 
75 	uint32_t	ns_ps_discard;		/* ps discard 'cuz of age */
76 
77 	/* MIB-related state */
78 	uint32_t	ns_tx_assoc;		/* [re]associations */
79 	uint32_t	ns_tx_assoc_fail;	/* [re]association failures */
80 	uint32_t	ns_tx_auth;		/* [re]authentications */
81 	uint32_t	ns_tx_auth_fail;	/* [re]authentication failures*/
82 	uint32_t	ns_tx_deauth;		/* deauthentications */
83 	uint32_t	ns_tx_deauth_code;	/* last deauth reason */
84 	uint32_t	ns_tx_disassoc;		/* disassociations */
85 	uint32_t	ns_tx_disassoc_code;	/* last disassociation reason */
86 };
87 
88 /*
89  * Summary statistics.
90  */
91 struct ieee80211_stats {
92 	uint32_t	is_rx_badversion;	/* rx frame with bad version */
93 	uint32_t	is_rx_tooshort;		/* rx frame too short */
94 	uint32_t	is_rx_wrongbss;		/* rx from wrong bssid */
95 	uint32_t	is_rx_dup;		/* rx discard 'cuz dup */
96 	uint32_t	is_rx_wrongdir;		/* rx w/ wrong direction */
97 	uint32_t	is_rx_mcastecho;	/* rx discard 'cuz mcast echo */
98 	uint32_t	is_rx_notassoc;		/* rx discard 'cuz sta !assoc */
99 	uint32_t	is_rx_noprivacy;	/* rx w/ wep but privacy off */
100 	uint32_t	is_rx_unencrypted;	/* rx w/o wep and privacy on */
101 	uint32_t	is_rx_wepfail;		/* rx wep processing failed */
102 	uint32_t	is_rx_decap;		/* rx decapsulation failed */
103 	uint32_t	is_rx_mgtdiscard;	/* rx discard mgt frames */
104 	uint32_t	is_rx_ctl;		/* rx discard ctrl frames */
105 	uint32_t	is_rx_beacon;		/* rx beacon frames */
106 	uint32_t	is_rx_rstoobig;		/* rx rate set truncated */
107 	uint32_t	is_rx_elem_missing;	/* rx required element missing*/
108 	uint32_t	is_rx_elem_toobig;	/* rx element too big */
109 	uint32_t	is_rx_elem_toosmall;	/* rx element too small */
110 	uint32_t	is_rx_elem_unknown;	/* rx element unknown */
111 	uint32_t	is_rx_badchan;		/* rx frame w/ invalid chan */
112 	uint32_t	is_rx_chanmismatch;	/* rx frame chan mismatch */
113 	uint32_t	is_rx_nodealloc;	/* rx frame dropped */
114 	uint32_t	is_rx_ssidmismatch;	/* rx frame ssid mismatch  */
115 	uint32_t	is_rx_auth_unsupported;	/* rx w/ unsupported auth alg */
116 	uint32_t	is_rx_auth_fail;	/* rx sta auth failure */
117 	uint32_t	is_rx_auth_countermeasures;/* rx auth discard 'cuz CM */
118 	uint32_t	is_rx_assoc_bss;	/* rx assoc from wrong bssid */
119 	uint32_t	is_rx_assoc_notauth;	/* rx assoc w/o auth */
120 	uint32_t	is_rx_assoc_capmismatch;/* rx assoc w/ cap mismatch */
121 	uint32_t	is_rx_assoc_norate;	/* rx assoc w/ no rate match */
122 	uint32_t	is_rx_assoc_badwpaie;	/* rx assoc w/ bad WPA IE */
123 	uint32_t	is_rx_deauth;		/* rx deauthentication */
124 	uint32_t	is_rx_disassoc;		/* rx disassociation */
125 	uint32_t	is_rx_badsubtype;	/* rx frame w/ unknown subtype*/
126 	uint32_t	is_rx_nobuf;		/* rx failed for lack of buf */
127 	uint32_t	is_rx_decryptcrc;	/* rx decrypt failed on crc */
128 	uint32_t	is_rx_ahdemo_mgt;	/* rx discard ahdemo mgt frame*/
129 	uint32_t	is_rx_bad_auth;		/* rx bad auth request */
130 	uint32_t	is_rx_unauth;		/* rx on unauthorized port */
131 	uint32_t	is_rx_badkeyid;		/* rx w/ incorrect keyid */
132 	uint32_t	is_rx_ccmpreplay;	/* rx seq# violation (CCMP) */
133 	uint32_t	is_rx_ccmpformat;	/* rx format bad (CCMP) */
134 	uint32_t	is_rx_ccmpmic;		/* rx MIC check failed (CCMP) */
135 	uint32_t	is_rx_tkipreplay;	/* rx seq# violation (TKIP) */
136 	uint32_t	is_rx_tkipformat;	/* rx format bad (TKIP) */
137 	uint32_t	is_rx_tkipmic;		/* rx MIC check failed (TKIP) */
138 	uint32_t	is_rx_tkipicv;		/* rx ICV check failed (TKIP) */
139 	uint32_t	is_rx_badcipher;	/* rx failed 'cuz key type */
140 	uint32_t	is_rx_nocipherctx;	/* rx failed 'cuz key !setup */
141 	uint32_t	is_rx_acl;		/* rx discard 'cuz acl policy */
142 	uint32_t	is_tx_nobuf;		/* tx failed for lack of buf */
143 	uint32_t	is_tx_nonode;		/* tx failed for no node */
144 	uint32_t	is_tx_unknownmgt;	/* tx of unknown mgt frame */
145 	uint32_t	is_tx_badcipher;	/* tx failed 'cuz key type */
146 	uint32_t	is_tx_nodefkey;		/* tx failed 'cuz no defkey */
147 	uint32_t	is_tx_noheadroom;	/* tx failed 'cuz no space */
148 	uint32_t	is_tx_fragframes;	/* tx frames fragmented */
149 	uint32_t	is_tx_frags;		/* tx fragments created */
150 	uint32_t	is_scan_active;		/* active scans started */
151 	uint32_t	is_scan_passive;	/* passive scans started */
152 	uint32_t	is_node_timeout;	/* nodes timed out inactivity */
153 	uint32_t	is_crypto_nomem;	/* no memory for crypto ctx */
154 	uint32_t	is_crypto_tkip;		/* tkip crypto done in s/w */
155 	uint32_t	is_crypto_tkipenmic;	/* tkip en-MIC done in s/w */
156 	uint32_t	is_crypto_tkipdemic;	/* tkip de-MIC done in s/w */
157 	uint32_t	is_crypto_tkipcm;	/* tkip counter measures */
158 	uint32_t	is_crypto_ccmp;		/* ccmp crypto done in s/w */
159 	uint32_t	is_crypto_wep;		/* wep crypto done in s/w */
160 	uint32_t	is_crypto_setkey_cipher;/* cipher rejected key */
161 	uint32_t	is_crypto_setkey_nokey;	/* no key index for setkey */
162 	uint32_t	is_crypto_delkey;	/* driver key delete failed */
163 	uint32_t	is_crypto_badcipher;	/* unknown cipher */
164 	uint32_t	is_crypto_nocipher;	/* cipher not available */
165 	uint32_t	is_crypto_attachfail;	/* cipher attach failed */
166 	uint32_t	is_crypto_swfallback;	/* cipher fallback to s/w */
167 	uint32_t	is_crypto_keyfail;	/* driver key alloc failed */
168 	uint32_t	is_crypto_enmicfail;	/* en-MIC failed */
169 	uint32_t	is_ibss_capmismatch;	/* merge failed-cap mismatch */
170 	uint32_t	is_ibss_norate;		/* merge failed-rate mismatch */
171 	uint32_t	is_ps_unassoc;		/* ps-poll for unassoc. sta */
172 	uint32_t	is_ps_badaid;		/* ps-poll w/ incorrect aid */
173 	uint32_t	is_ps_qempty;		/* ps-poll w/ nothing to send */
174 	uint32_t	is_ff_badhdr;		/* fast frame rx'd w/ bad hdr */
175 	uint32_t	is_ff_tooshort;		/* fast frame rx decap error */
176 	uint32_t	is_ff_split;		/* fast frame rx split error */
177 	uint32_t	is_ff_decap;		/* fast frames decap'd */
178 	uint32_t	is_ff_encap;		/* fast frames encap'd for tx */
179 	uint32_t	is_rx_badbintval;	/* rx frame w/ bogus bintval */
180 	uint32_t	is_rx_demicfail;	/* rx demic failed */
181 	uint32_t	is_rx_defrag;		/* rx defragmentation failed */
182 	uint32_t	is_rx_mgmt;		/* rx management frames */
183 	uint32_t	is_rx_action;		/* rx action mgt frames */
184 	uint32_t	is_amsdu_tooshort;	/* A-MSDU rx decap error */
185 	uint32_t	is_amsdu_split;		/* A-MSDU rx split error */
186 	uint32_t	is_amsdu_decap;		/* A-MSDU decap'd */
187 	uint32_t	is_amsdu_encap;		/* A-MSDU encap'd for tx */
188 	uint32_t	is_ampdu_bar_bad;	/* A-MPDU BAR out of window */
189 	uint32_t	is_ampdu_bar_oow;	/* A-MPDU BAR before ADDBA */
190 	uint32_t	is_ampdu_bar_move;	/* A-MPDU BAR moved window */
191 	uint32_t	is_ampdu_bar_rx;	/* A-MPDU BAR frames handled */
192 	uint32_t	is_ampdu_rx_flush;	/* A-MPDU frames flushed */
193 	uint32_t	is_ampdu_rx_oor;	/* A-MPDU frames out-of-order */
194 	uint32_t	is_ampdu_rx_copy;	/* A-MPDU frames copied down */
195 	uint32_t	is_ampdu_rx_drop;	/* A-MPDU frames dropped */
196 	uint32_t	is_tx_badstate;		/* tx discard state != RUN */
197 	uint32_t	is_tx_notassoc;		/* tx failed, sta not assoc */
198 	uint32_t	is_tx_classify;		/* tx classification failed */
199 	uint32_t	is_dwds_mcast;		/* discard mcast over dwds */
200 	uint32_t	is_dwds_qdrop;		/* dwds pending frame q full */
201 	uint32_t	is_ht_assoc_nohtcap;	/* non-HT sta rejected */
202 	uint32_t	is_ht_assoc_downgrade;	/* HT sta forced to legacy */
203 	uint32_t	is_ht_assoc_norate;	/* HT assoc w/ rate mismatch */
204 	uint32_t	is_ampdu_rx_age;	/* A-MPDU sent up 'cuz of age */
205 	uint32_t	is_ampdu_rx_move;	/* A-MPDU MSDU moved window */
206 	uint32_t	is_addba_reject;	/* ADDBA reject 'cuz disabled */
207 	uint32_t	is_addba_norequest;	/* ADDBA response w/o ADDBA */
208 	uint32_t	is_addba_badtoken;	/* ADDBA response w/ wrong
209 						   dialogtoken */
210 	uint32_t	is_addba_badpolicy;	/* ADDBA resp w/ wrong policy */
211 	uint32_t	is_ampdu_stop;		/* A-MPDU stream stopped */
212 	uint32_t	is_ampdu_stop_failed;	/* A-MPDU stream not running */
213 	uint32_t	is_ampdu_rx_reorder;	/* A-MPDU held for rx reorder */
214 	uint32_t	is_scan_bg;		/* background scans started */
215 	uint8_t		is_rx_deauth_code;	/* last rx'd deauth reason */
216 	uint8_t		is_rx_disassoc_code;	/* last rx'd disassoc reason */
217 	uint8_t		is_rx_authfail_code;	/* last rx'd auth fail reason */
218 	uint32_t	is_beacon_miss;		/* beacon miss notification */
219 	uint32_t	is_rx_badstate;		/* rx discard state != RUN */
220 	uint32_t	is_spare[12];
221 };
222 
223 /*
224  * Max size of optional information elements.  We artificially
225  * constrain this; it's limited only by the max frame size (and
226  * the max parameter size of the wireless extensions).
227  */
228 #define	IEEE80211_MAX_OPT_IE	256
229 
230 /*
231  * WPA/RSN get/set key request.  Specify the key/cipher
232  * type and whether the key is to be used for sending and/or
233  * receiving.  The key index should be set only when working
234  * with global keys (use IEEE80211_KEYIX_NONE for ``no index'').
235  * Otherwise a unicast/pairwise key is specified by the bssid
236  * (on a station) or mac address (on an ap).  They key length
237  * must include any MIC key data; otherwise it should be no
238  * more than IEEE80211_KEYBUF_SIZE.
239  */
240 struct ieee80211req_key {
241 	uint8_t		ik_type;	/* key/cipher type */
242 	uint8_t		ik_pad;
243 	uint16_t	ik_keyix;	/* key index */
244 	uint8_t		ik_keylen;	/* key length in bytes */
245 	uint8_t		ik_flags;
246 /* NB: IEEE80211_KEY_XMIT and IEEE80211_KEY_RECV defined elsewhere */
247 #define	IEEE80211_KEY_DEFAULT	0x80	/* default xmit key */
248 	uint8_t		ik_macaddr[IEEE80211_ADDR_LEN];
249 	uint64_t	ik_keyrsc;	/* key receive sequence counter */
250 	uint64_t	ik_keytsc;	/* key transmit sequence counter */
251 	uint8_t		ik_keydata[IEEE80211_KEYBUF_SIZE+IEEE80211_MICBUF_SIZE];
252 };
253 
254 /*
255  * Delete a key either by index or address.  Set the index
256  * to IEEE80211_KEYIX_NONE when deleting a unicast key.
257  */
258 struct ieee80211req_del_key {
259 	uint8_t		idk_keyix;	/* key index */
260 	uint8_t		idk_macaddr[IEEE80211_ADDR_LEN];
261 };
262 
263 /*
264  * MLME state manipulation request.  IEEE80211_MLME_ASSOC
265  * only makes sense when operating as a station.  The other
266  * requests can be used when operating as a station or an
267  * ap (to effect a station).
268  */
269 struct ieee80211req_mlme {
270 	uint8_t		im_op;		/* operation to perform */
271 #define	IEEE80211_MLME_ASSOC		1	/* associate station */
272 #define	IEEE80211_MLME_DISASSOC		2	/* disassociate station */
273 #define	IEEE80211_MLME_DEAUTH		3	/* deauthenticate station */
274 #define	IEEE80211_MLME_AUTHORIZE	4	/* authorize station */
275 #define	IEEE80211_MLME_UNAUTHORIZE	5	/* unauthorize station */
276 #define	IEEE80211_MLME_AUTH		6	/* authenticate station */
277 	uint8_t		im_ssid_len;	/* length of optional ssid */
278 	uint16_t	im_reason;	/* 802.11 reason code */
279 	uint8_t		im_macaddr[IEEE80211_ADDR_LEN];
280 	uint8_t		im_ssid[IEEE80211_NWID_LEN];
281 };
282 
283 /*
284  * MAC ACL operations.
285  */
286 enum {
287 	IEEE80211_MACCMD_POLICY_OPEN	= 0,	/* set policy: no ACL's */
288 	IEEE80211_MACCMD_POLICY_ALLOW	= 1,	/* set policy: allow traffic */
289 	IEEE80211_MACCMD_POLICY_DENY	= 2,	/* set policy: deny traffic */
290 	IEEE80211_MACCMD_FLUSH		= 3,	/* flush ACL database */
291 	IEEE80211_MACCMD_DETACH		= 4,	/* detach ACL policy */
292 	IEEE80211_MACCMD_POLICY		= 5,	/* get ACL policy */
293 	IEEE80211_MACCMD_LIST		= 6,	/* get ACL database */
294 	IEEE80211_MACCMD_POLICY_RADIUS	= 7,	/* set policy: RADIUS managed */
295 };
296 
297 struct ieee80211req_maclist {
298 	uint8_t		ml_macaddr[IEEE80211_ADDR_LEN];
299 };
300 
301 /*
302  * Set the active channel list.  Note this list is
303  * intersected with the available channel list in
304  * calculating the set of channels actually used in
305  * scanning.
306  */
307 struct ieee80211req_chanlist {
308 	uint8_t		ic_channels[IEEE80211_CHAN_BYTES];
309 };
310 
311 /*
312  * Get the active channel list info.
313  */
314 struct ieee80211req_chaninfo {
315 	u_int	ic_nchans;
316 	struct ieee80211_channel ic_chans[IEEE80211_CHAN_MAX];
317 };
318 
319 /*
320  * Retrieve the WPA/RSN information element for an associated station.
321  */
322 struct ieee80211req_wpaie {	/* old version w/ only one ie */
323 	uint8_t		wpa_macaddr[IEEE80211_ADDR_LEN];
324 	uint8_t		wpa_ie[IEEE80211_MAX_OPT_IE];
325 };
326 struct ieee80211req_wpaie2 {
327 	uint8_t		wpa_macaddr[IEEE80211_ADDR_LEN];
328 	uint8_t		wpa_ie[IEEE80211_MAX_OPT_IE];
329 	uint8_t		rsn_ie[IEEE80211_MAX_OPT_IE];
330 };
331 
332 /*
333  * Retrieve per-node statistics.
334  */
335 struct ieee80211req_sta_stats {
336 	union {
337 		/* NB: explicitly force 64-bit alignment */
338 		uint8_t		macaddr[IEEE80211_ADDR_LEN];
339 		uint64_t	pad;
340 	} is_u;
341 	struct ieee80211_nodestats is_stats;
342 };
343 
344 /*
345  * Station information block; the mac address is used
346  * to retrieve other data like stats, unicast key, etc.
347  */
348 struct ieee80211req_sta_info {
349 	uint16_t	isi_len;		/* total length (mult of 4) */
350 	uint16_t	isi_ie_off;		/* offset to IE data */
351 	uint16_t	isi_ie_len;		/* IE length */
352 	uint16_t	isi_freq;		/* MHz */
353 	uint32_t	isi_flags;		/* channel flags */
354 	uint16_t	isi_state;		/* state flags */
355 	uint8_t		isi_authmode;		/* authentication algorithm */
356 	int8_t		isi_rssi;		/* receive signal strength */
357 	int8_t		isi_noise;		/* noise floor */
358 	uint8_t		isi_capinfo;		/* capabilities */
359 	uint8_t		isi_erp;		/* ERP element */
360 	uint8_t		isi_macaddr[IEEE80211_ADDR_LEN];
361 	uint8_t		isi_nrates;
362 						/* negotiated rates */
363 	uint8_t		isi_rates[IEEE80211_RATE_MAXSIZE];
364 	uint8_t		isi_txrate;		/* legacy/IEEE rate or MCS */
365 	uint16_t	isi_associd;		/* assoc response */
366 	uint16_t	isi_txpower;		/* current tx power */
367 	uint16_t	isi_vlan;		/* vlan tag */
368 	/* NB: [IEEE80211_NONQOS_TID] holds seq#'s for non-QoS stations */
369 	uint16_t	isi_txseqs[IEEE80211_TID_SIZE];/* tx seq #/TID */
370 	uint16_t	isi_rxseqs[IEEE80211_TID_SIZE];/* rx seq#/TID */
371 	uint16_t	isi_inact;		/* inactivity timer */
372 	uint16_t	isi_txmbps;		/* current tx rate in .5 Mb/s */
373 	uint32_t	isi_jointime;		/* time of assoc/join */
374 	struct ieee80211_mimo_info isi_mimo;	/* MIMO info for 11n sta's */
375 	/* XXX frag state? */
376 	/* variable length IE data */
377 };
378 
379 /*
380  * Retrieve per-station information; to retrieve all
381  * specify a mac address of ff:ff:ff:ff:ff:ff.
382  */
383 struct ieee80211req_sta_req {
384 	union {
385 		/* NB: explicitly force 64-bit alignment */
386 		uint8_t		macaddr[IEEE80211_ADDR_LEN];
387 		uint64_t	pad;
388 	} is_u;
389 	struct ieee80211req_sta_info info[1];	/* variable length */
390 };
391 
392 /*
393  * Get/set per-station tx power cap.
394  */
395 struct ieee80211req_sta_txpow {
396 	uint8_t		it_macaddr[IEEE80211_ADDR_LEN];
397 	uint8_t		it_txpow;
398 };
399 
400 /*
401  * WME parameters manipulated with IEEE80211_IOC_WME_CWMIN
402  * through IEEE80211_IOC_WME_ACKPOLICY are set and return
403  * using i_val and i_len.  i_val holds the value itself.
404  * i_len specifies the AC and, as appropriate, then high bit
405  * specifies whether the operation is to be applied to the
406  * BSS or ourself.
407  */
408 #define	IEEE80211_WMEPARAM_SELF	0x0000		/* parameter applies to self */
409 #define	IEEE80211_WMEPARAM_BSS	0x8000		/* parameter applies to BSS */
410 #define	IEEE80211_WMEPARAM_VAL	0x7fff		/* parameter value */
411 
412 /*
413  * Application Information Elements can be appended to a variety
414  * of frames with the IEE80211_IOC_APPIE request.  This request
415  * piggybacks on a normal ieee80211req; the frame type is passed
416  * in i_val as the 802.11 FC0 bytes and the length of the IE data
417  * is passed in i_len.  The data is referenced in i_data.  If i_len
418  * is zero then any previously configured IE data is removed.  At
419  * most IEEE80211_MAX_APPIE data be appened.  Note that multiple
420  * IE's can be supplied; the data is treated opaquely.
421  */
422 #define	IEEE80211_MAX_APPIE	1024		/* max app IE data */
423 /*
424  * Hack: the WPA authenticator uses this mechanism to specify WPA
425  * ie's that are used instead of the ones normally constructed using
426  * the cipher state setup with separate ioctls.  This avoids issues
427  * like the authenticator ordering ie data differently than the
428  * net80211 layer and needing to keep separate state for WPA and RSN.
429  */
430 #define	IEEE80211_APPIE_WPA \
431 	(IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_BEACON | \
432 	 IEEE80211_FC0_SUBTYPE_PROBE_RESP)
433 
434 /*
435  * Station mode roaming parameters.  These are maintained
436  * per band/mode and control the roaming algorithm.
437  */
438 struct ieee80211_roamparams_req {
439 	struct ieee80211_roamparam params[IEEE80211_MODE_MAX];
440 };
441 
442 /*
443  * Transmit parameters.  These can be used to set fixed transmit
444  * rate for each operating mode when operating as client or on a
445  * per-client basis according to the capabilities of the client
446  * (e.g. an 11b client associated to an 11g ap) when operating as
447  * an ap.
448  *
449  * MCS are distinguished from legacy rates by or'ing in 0x80.
450  */
451 struct ieee80211_txparams_req {
452 	struct ieee80211_txparam params[IEEE80211_MODE_MAX];
453 };
454 
455 /*
456  * Set regulatory domain state with IEEE80211_IOC_REGDOMAIN.
457  * Note this is both the regulatory description and the channel
458  * list.  The get request for IEEE80211_IOC_REGDOMAIN returns
459  * only the regdomain info; the channel list is obtained
460  * separately with IEEE80211_IOC_CHANINFO.
461  */
462 struct ieee80211_regdomain_req {
463 	struct ieee80211_regdomain	rd;
464 	struct ieee80211req_chaninfo	chaninfo;
465 };
466 
467 /*
468  * Get driver capabilities.  Driver, hardware crypto, and
469  * HT/802.11n capabilities, and a table that describes what
470  * the radio can do.
471  */
472 struct ieee80211_devcaps_req {
473 	uint32_t	dc_drivercaps;		/* general driver caps */
474 	uint32_t	dc_cryptocaps;		/* hardware crypto support */
475 	uint32_t	dc_htcaps;		/* HT/802.11n support */
476 	struct ieee80211req_chaninfo dc_chaninfo;
477 };
478 
479 struct ieee80211_chanswitch_req {
480 	struct ieee80211_channel csa_chan;	/* new channel */
481 	int		csa_mode;		/* CSA mode */
482 	int		csa_count;		/* beacon count to switch */
483 };
484 
485 /*
486  * Get/set per-station vlan tag.
487  */
488 struct ieee80211req_sta_vlan {
489 	uint8_t		sv_macaddr[IEEE80211_ADDR_LEN];
490 	uint16_t	sv_vlan;
491 };
492 
493 #ifdef __FreeBSD__
494 /*
495  * FreeBSD-style ioctls.
496  */
497 /* the first member must be matched with struct ifreq */
498 struct ieee80211req {
499 	char		i_name[IFNAMSIZ];	/* if_name, e.g. "wi0" */
500 	uint16_t	i_type;			/* req type */
501 	int16_t		i_val;			/* Index or simple value */
502 	int16_t		i_len;			/* Index or simple value */
503 	void		*i_data;		/* Extra data */
504 };
505 #define	SIOCS80211		 _IOW('i', 234, struct ieee80211req)
506 #define	SIOCG80211		_IOWR('i', 235, struct ieee80211req)
507 #define	SIOCG80211STATS		_IOWR('i', 236, struct ifreq)
508 
509 #define IEEE80211_IOC_SSID		1
510 #define IEEE80211_IOC_NUMSSIDS		2
511 #define IEEE80211_IOC_WEP		3
512 #define 	IEEE80211_WEP_NOSUP	-1
513 #define 	IEEE80211_WEP_OFF	0
514 #define 	IEEE80211_WEP_ON	1
515 #define 	IEEE80211_WEP_MIXED	2
516 #define IEEE80211_IOC_WEPKEY		4
517 #define IEEE80211_IOC_NUMWEPKEYS	5
518 #define IEEE80211_IOC_WEPTXKEY		6
519 #define IEEE80211_IOC_AUTHMODE		7
520 #define IEEE80211_IOC_STATIONNAME	8
521 #define IEEE80211_IOC_CHANNEL		9
522 #define IEEE80211_IOC_POWERSAVE		10
523 #define 	IEEE80211_POWERSAVE_NOSUP	-1
524 #define 	IEEE80211_POWERSAVE_OFF		0
525 #define 	IEEE80211_POWERSAVE_CAM		1
526 #define 	IEEE80211_POWERSAVE_PSP		2
527 #define 	IEEE80211_POWERSAVE_PSP_CAM	3
528 #define 	IEEE80211_POWERSAVE_ON		IEEE80211_POWERSAVE_CAM
529 #define IEEE80211_IOC_POWERSAVESLEEP	11
530 #define	IEEE80211_IOC_RTSTHRESHOLD	12
531 #define IEEE80211_IOC_PROTMODE		13
532 #define 	IEEE80211_PROTMODE_OFF		0
533 #define 	IEEE80211_PROTMODE_CTS		1
534 #define 	IEEE80211_PROTMODE_RTSCTS	2
535 #define	IEEE80211_IOC_TXPOWER		14	/* global tx power limit */
536 #define	IEEE80211_IOC_BSSID		15
537 #define	IEEE80211_IOC_ROAMING		16	/* roaming mode */
538 #define	IEEE80211_IOC_PRIVACY		17	/* privacy invoked */
539 #define	IEEE80211_IOC_DROPUNENCRYPTED	18	/* discard unencrypted frames */
540 #define	IEEE80211_IOC_WPAKEY		19
541 #define	IEEE80211_IOC_DELKEY		20
542 #define	IEEE80211_IOC_MLME		21
543 /* 22 was IEEE80211_IOC_OPTIE, replaced by IEEE80211_IOC_APPIE */
544 /* 23 was IEEE80211_IOC_SCAN_REQ */
545 /* 24 was IEEE80211_IOC_SCAN_RESULTS */
546 #define	IEEE80211_IOC_COUNTERMEASURES	25	/* WPA/TKIP countermeasures */
547 #define	IEEE80211_IOC_WPA		26	/* WPA mode (0,1,2) */
548 #define	IEEE80211_IOC_CHANLIST		27	/* channel list */
549 #define	IEEE80211_IOC_WME		28	/* WME mode (on, off) */
550 #define	IEEE80211_IOC_HIDESSID		29	/* hide SSID mode (on, off) */
551 #define	IEEE80211_IOC_APBRIDGE		30	/* AP inter-sta bridging */
552 /* 31-35,37-38 were for WPA authenticator settings */
553 /* 36 was IEEE80211_IOC_DRIVER_CAPS */
554 #define	IEEE80211_IOC_WPAIE		39	/* WPA information element */
555 #define	IEEE80211_IOC_STA_STATS		40	/* per-station statistics */
556 #define	IEEE80211_IOC_MACCMD		41	/* MAC ACL operation */
557 #define	IEEE80211_IOC_CHANINFO		42	/* channel info list */
558 #define	IEEE80211_IOC_TXPOWMAX		43	/* max tx power for channel */
559 #define	IEEE80211_IOC_STA_TXPOW		44	/* per-station tx power limit */
560 /* 45 was IEEE80211_IOC_STA_INFO */
561 #define	IEEE80211_IOC_WME_CWMIN		46	/* WME: ECWmin */
562 #define	IEEE80211_IOC_WME_CWMAX		47	/* WME: ECWmax */
563 #define	IEEE80211_IOC_WME_AIFS		48	/* WME: AIFSN */
564 #define	IEEE80211_IOC_WME_TXOPLIMIT	49	/* WME: txops limit */
565 #define	IEEE80211_IOC_WME_ACM		50	/* WME: ACM (bss only) */
566 #define	IEEE80211_IOC_WME_ACKPOLICY	51	/* WME: ACK policy (!bss only)*/
567 #define	IEEE80211_IOC_DTIM_PERIOD	52	/* DTIM period (beacons) */
568 #define	IEEE80211_IOC_BEACON_INTERVAL	53	/* beacon interval (ms) */
569 #define	IEEE80211_IOC_ADDMAC		54	/* add sta to MAC ACL table */
570 #define	IEEE80211_IOC_DELMAC		55	/* del sta from MAC ACL table */
571 #define	IEEE80211_IOC_PUREG		56	/* pure 11g (no 11b stations) */
572 #define	IEEE80211_IOC_FF		57	/* ATH fast frames (on, off) */
573 #define	IEEE80211_IOC_TURBOP		58	/* ATH turbo' (on, off) */
574 #define	IEEE80211_IOC_BGSCAN		59	/* bg scanning (on, off) */
575 #define	IEEE80211_IOC_BGSCAN_IDLE	60	/* bg scan idle threshold */
576 #define	IEEE80211_IOC_BGSCAN_INTERVAL	61	/* bg scan interval */
577 #define	IEEE80211_IOC_SCANVALID		65	/* scan cache valid threshold */
578 /* 66-72 were IEEE80211_IOC_ROAM_* and IEEE80211_IOC_MCAST_RATE */
579 #define	IEEE80211_IOC_FRAGTHRESHOLD	73	/* tx fragmentation threshold */
580 #define	IEEE80211_IOC_BURST		75	/* packet bursting */
581 #define	IEEE80211_IOC_SCAN_RESULTS	76	/* get scan results */
582 #define	IEEE80211_IOC_BMISSTHRESHOLD	77	/* beacon miss threshold */
583 #define	IEEE80211_IOC_STA_INFO		78	/* station/neighbor info */
584 #define	IEEE80211_IOC_WPAIE2		79	/* WPA+RSN info elements */
585 #define	IEEE80211_IOC_CURCHAN		80	/* current channel */
586 #define	IEEE80211_IOC_SHORTGI		81	/* 802.11n half GI */
587 #define	IEEE80211_IOC_AMPDU		82	/* 802.11n A-MPDU (on, off) */
588 #define	IEEE80211_IOC_AMPDU_LIMIT	83	/* A-MPDU length limit */
589 #define	IEEE80211_IOC_AMPDU_DENSITY	84	/* A-MPDU density */
590 #define	IEEE80211_IOC_AMSDU		85	/* 802.11n A-MSDU (on, off) */
591 #define	IEEE80211_IOC_AMSDU_LIMIT	86	/* A-MSDU length limit */
592 #define	IEEE80211_IOC_PUREN		87	/* pure 11n (no legacy sta's) */
593 #define	IEEE80211_IOC_DOTH		88	/* 802.11h (on, off) */
594 /* 89-91 were regulatory items */
595 #define	IEEE80211_IOC_HTCOMPAT		92	/* support pre-D1.10 HT ie's */
596 #define	IEEE80211_IOC_DWDS		93	/* DWDS/4-address handling */
597 #define	IEEE80211_IOC_INACTIVITY	94	/* sta inactivity handling */
598 #define	IEEE80211_IOC_APPIE		95	/* application IE's */
599 #define	IEEE80211_IOC_WPS		96	/* WPS operation */
600 #define	IEEE80211_IOC_TSN		97	/* TSN operation */
601 #define	IEEE80211_IOC_DEVCAPS		98	/* driver+device capabilities */
602 #define	IEEE80211_IOC_CHANSWITCH	99	/* start 11h channel switch */
603 #define	IEEE80211_IOC_DFS		100	/* DFS (on, off) */
604 #define	IEEE80211_IOC_DOTD		101	/* 802.11d (on, off) */
605 #define IEEE80211_IOC_HTPROTMODE	102	/* HT protection (off, rts) */
606 #define	IEEE80211_IOC_SCAN_REQ		103	/* scan w/ specified params */
607 #define	IEEE80211_IOC_SCAN_CANCEL	104	/* cancel ongoing scan */
608 #define	IEEE80211_IOC_HTCONF		105	/* HT config (off, HT20, HT40)*/
609 #define	IEEE80211_IOC_REGDOMAIN		106	/* regulatory domain info */
610 #define	IEEE80211_IOC_ROAM		107	/* roaming params en masse */
611 #define	IEEE80211_IOC_TXPARAMS		108	/* tx parameters */
612 #define	IEEE80211_IOC_STA_VLAN		109	/* per-station vlan tag */
613 #define	IEEE80211_IOC_SMPS		110	/* MIMO power save */
614 #define	IEEE80211_IOC_RIFS		111	/* RIFS config (on, off) */
615 
616 #define	IEEE80211_IOC_TDMA_SLOT		201	/* TDMA: assigned slot */
617 #define	IEEE80211_IOC_TDMA_SLOTCNT	202	/* TDMA: slots in bss */
618 #define	IEEE80211_IOC_TDMA_SLOTLEN	203	/* TDMA: slot length (usecs) */
619 #define	IEEE80211_IOC_TDMA_BINTERVAL	204	/* TDMA: beacon intvl (slots) */
620 
621 /*
622  * Parameters for controlling a scan requested with
623  * IEEE80211_IOC_SCAN_REQ.
624  *
625  * Active scans cause ProbeRequest frames to be issued for each
626  * specified ssid and, by default, a broadcast ProbeRequest frame.
627  * The set of ssid's is specified in the request.
628  *
629  * By default the scan will cause a BSS to be joined (in station/adhoc
630  * mode) or a channel to be selected for operation (hostap mode).
631  * To disable that specify IEEE80211_IOC_SCAN_NOPICK and if the
632  *
633  * If the station is currently associated to an AP then a scan request
634  * will cause the station to leave the current channel and potentially
635  * miss frames from the AP.  Alternatively the station may notify the
636  * AP that it is going into power save mode before it leaves the channel.
637  * This ensures frames for the station are buffered by the AP.  This is
638  * termed a ``bg scan'' and is requested with the IEEE80211_IOC_SCAN_BGSCAN
639  * flag.  Background scans may take longer than foreground scans and may
640  * be preempted by traffic.  If a station is not associated to an AP
641  * then a request for a background scan is automatically done in the
642  * foreground.
643  *
644  * The results of the scan request are cached by the system.  This
645  * information is aged out and/or invalidated based on events like not
646  * being able to associated to an AP.  To flush the current cache
647  * contents before doing a scan the IEEE80211_IOC_SCAN_FLUSH flag may
648  * be specified.
649  *
650  * By default the scan will be done until a suitable AP is located
651  * or a channel is found for use.  A scan can also be constrained
652  * to be done once (IEEE80211_IOC_SCAN_ONCE) or to last for no more
653  * than a specified duration.
654  */
655 struct ieee80211_scan_req {
656 	int		sr_flags;
657 #define	IEEE80211_IOC_SCAN_NOPICK	0x00001	/* scan only, no selection */
658 #define	IEEE80211_IOC_SCAN_ACTIVE	0x00002	/* active scan (probe req) */
659 #define	IEEE80211_IOC_SCAN_PICK1ST	0x00004	/* ``hey sailor'' mode */
660 #define	IEEE80211_IOC_SCAN_BGSCAN	0x00008	/* bg scan, exit ps at end */
661 #define	IEEE80211_IOC_SCAN_ONCE		0x00010	/* do one complete pass */
662 #define	IEEE80211_IOC_SCAN_NOBCAST	0x00020	/* don't send bcast probe req */
663 #define	IEEE80211_IOC_SCAN_NOJOIN	0x00040	/* no auto-sequencing */
664 #define	IEEE80211_IOC_SCAN_FLUSH	0x10000	/* flush scan cache first */
665 #define	IEEE80211_IOC_SCAN_CHECK	0x20000	/* check scan cache first */
666 	u_int		sr_duration;		/* duration (ms) */
667 #define	IEEE80211_IOC_SCAN_DURATION_MIN	1
668 #define	IEEE80211_IOC_SCAN_DURATION_MAX	0x7fffffff
669 #define	IEEE80211_IOC_SCAN_FOREVER	IEEE80211_IOC_SCAN_DURATION_MAX
670 	u_int		sr_mindwell;		/* min channel dwelltime (ms) */
671 	u_int		sr_maxdwell;		/* max channel dwelltime (ms) */
672 	int		sr_nssid;
673 #define	IEEE80211_IOC_SCAN_MAX_SSID	3
674 	struct {
675 		int	 len;				/* length in bytes */
676 		uint8_t ssid[IEEE80211_NWID_LEN];	/* ssid contents */
677 	} sr_ssid[IEEE80211_IOC_SCAN_MAX_SSID];
678 };
679 
680 /*
681  * Scan result data returned for IEEE80211_IOC_SCAN_RESULTS.
682  * Each result is a fixed size structure followed by a variable
683  * length SSID and one or more variable length information elements.
684  * The size of each variable length item is found in the fixed
685  * size structure and the entire length of the record is specified
686  * in isr_len.  Result records are rounded to a multiple of 4 bytes.
687  */
688 struct ieee80211req_scan_result {
689 	uint16_t	isr_len;		/* total length (mult of 4) */
690 	uint16_t	isr_ie_off;		/* offset to SSID+IE data */
691 	uint16_t	isr_ie_len;		/* IE length */
692 	uint16_t	isr_freq;		/* MHz */
693 	uint16_t	isr_flags;		/* channel flags */
694 	int8_t		isr_noise;
695 	int8_t		isr_rssi;
696 	uint8_t		isr_intval;		/* beacon interval */
697 	uint8_t		isr_capinfo;		/* capabilities */
698 	uint8_t		isr_erp;		/* ERP element */
699 	uint8_t		isr_bssid[IEEE80211_ADDR_LEN];
700 	uint8_t		isr_nrates;
701 	uint8_t		isr_rates[IEEE80211_RATE_MAXSIZE];
702 	uint8_t		isr_ssid_len;		/* SSID length */
703 	/* variable length SSID followed by IE data */
704 };
705 
706 /*
707  * Virtual AP cloning parameters.  The parent device must
708  * be a vap-capable device.  All parameters specified with
709  * the clone request are fixed for the lifetime of the vap.
710  *
711  * There are two flavors of WDS vaps: legacy and dynamic.
712  * Legacy WDS operation implements a static binding between
713  * two stations encapsulating traffic in 4-address frames.
714  * Dynamic WDS vaps are created when a station associates to
715  * an AP and sends a 4-address frame.  If the AP vap is
716  * configured to support WDS then this will generate an
717  * event to user programs listening on the routing socket
718  * and a Dynamic WDS vap will be created to handle traffic
719  * to/from that station.  In both cases the bssid of the
720  * peer must be specified when creating the vap.
721  *
722  * By default a vap will inherit the mac address/bssid of
723  * the underlying device.  To request a unique address the
724  * IEEE80211_CLONE_BSSID flag should be supplied.  This is
725  * meaningless for WDS vaps as they share the bssid of an
726  * AP vap that must otherwise exist.  Note that some devices
727  * may not be able to support multiple addresses.
728  *
729  * Station mode vap's normally depend on the device to notice
730  * when the AP stops sending beacon frames.  If IEEE80211_CLONE_NOBEACONS
731  * is specified the net80211 layer will do this in s/w.  This
732  * is mostly useful when setting up a WDS repeater/extender where
733  * an AP vap is combined with a sta vap and the device isn't able
734  * to track beacon frames in hardware.
735  */
736 struct ieee80211_clone_params {
737 	char	icp_parent[IFNAMSIZ];		/* parent device */
738 	uint16_t icp_opmode;			/* operating mode */
739 	uint16_t icp_flags;			/* see below */
740 	uint8_t	icp_bssid[IEEE80211_ADDR_LEN];	/* for WDS links */
741 	uint8_t	icp_macaddr[IEEE80211_ADDR_LEN];/* local address */
742 };
743 #define	IEEE80211_CLONE_BSSID		0x0001	/* allocate unique mac/bssid */
744 #define	IEEE80211_CLONE_NOBEACONS	0x0002	/* don't setup beacon timers */
745 #define	IEEE80211_CLONE_WDSLEGACY	0x0004	/* legacy WDS processing */
746 #define	IEEE80211_CLONE_MACADDR		0x0008	/* use specified mac addr */
747 #define	IEEE80211_CLONE_TDMA		0x0010	/* operate in TDMA mode */
748 #endif /* __FreeBSD__ */
749 
750 #endif /* _NET80211_IEEE80211_IOCTL_H_ */
751