New IOCTL interface to allow application to pass IE to be sent in Management frames

Thanks for the patch. Although your e-mail address says you're from Atheros I'd ask you to sign your patch off so that it can be committed.

Signed-off-by: pramod Developer pramod@atheros.com

Atheros Communications inc..

Sorry for knitpicking, but please sign your patch off using your real name. Please ask Kevin Yu to contact me directly at mrenzmann@otaku42.de in case you're not willing (or not allowed) to reveal your real name. Thanks.

Signed-off-by: pramod Babu Gummaraj pramod@atheros.com

Atheros Communications inc..

any reason not to apply this patch ? looks like it'll be useful

It seems there's no reason not to appply it ;)

Patch needs to be rediffed, since it does not apply cleanly against current revisions. In addition the implemented code needs to be reformatted before the changes can be committed. Defering that task for now, so the patch won't go into 0.9.1.

It would be great to get some kind of explanation regarding the meaning of the ieee80211_ioctl.h attachment...

I downloaded ieee80211_ioctl.h. It does not contained any changes. It's the same as the one in the current release.

Hi,

I'm trying to understand the status of ticket #517. This fix will help achieve certification for the Intel WiFi Simple Config reference implementation.

The last comment on the ticket says the patch would not apply correctly, and needs to be reformatted. Has this patch been included in a release? If not, do you know when it might be?

Regards, Chris Pearson

Hi Chris,

Thanks for your interest. My understanding is that this patch can be applied when someone volenteers their time to:

1. rewrite it according to the coding style required
2. test it, making sure it works as intended and introduces no regression (to best of ability)
3. apply it and close this ticket

Only the third step requires developer access to the archive, anyone with the ability to perform the first two steps is welcome to do so, and their help would be most appreciated.

Mike, aka. mrenzmann, currently has limited time to perform these things himself.

Thanks, Kel.

For my information, how will it help achieve Intel Simple COnifugration WiFi compliance?

how will it help achieve Intel Simple Configuration WiFi compliance?

Madwifi driver is used with non-Intel NICs to run WFA test cases. IE support needs to be there to pass the tests.

If it is in your companies interests to have this patch integrated, then maybe they would allow someone with time and talent to cleaup up the code so that it may be applied?

Thanks, Kel.

s/cleaup/clean/

Hmmm, I assumed that the original developer was pushing this through to release. He seems to have dropped out of the thread awhile ago -- I'll check with him to see what his plans are.

Didn't hear back from Pramod, so I assume he won't mind if I jump in here. I reformatted his patch per the coding stds, fixed a couple bugs, and rediffed the patch against a current trunk snapshot. I'm submitting it again, with the following doubts:

- Only had time to test beacon and probe response mgmt frames. Didn't regression test code for other mgmt frames (only reformatted).

- Original patch wasn't freeing the app's IE buffers pointed to by the vap. Added code to free the buffers in ath_vap_delete() -- not certain that's the right/best place to do that.

- Original patch didn't validate the app's input IE buffer, allowing app to send anything, including 802.11 exploits. Added code to validate the format of the input buffer. Going out on a limb, also added logic to prevent the app from setting "system IEs", meaning any IEE80211_ELEMID_* (except IEEE80211_ELEMID_VENDOR) that appears in the sources. I'm counting on the reviewer to yank that if it seems risk/undesirable.

Signed-off-by: Chris Pearson <Christopher.C.Pearson@intel.com>

Thanks for the new submission, Chris. On a first quick glance the patch looks good. It should be reviewed again and then be submitted to the repos. Anyone up for this? I won't be able to do that during the next weeks...

Updated patch, replaces previous attachments (iemanagement.diff and ieee80211_ioctl.h)

I just re-submitted the patch -- needed to remove a debugging statement (line 590 in old patch).

In the "madwifi-appie.2.diff". I am not able to patch the line 395,403 "last_ev = current_ev" anywhere in my "madwifi-0.9.2/ieee80211_wireless.c" file. Could anyone tell me as to where i can help myself.

Regards, Ahmed

Ahmed, the patch applies to the trunk at time of submission (9/05). It does not apply to the distribution your are using (0.9.2). I will contact you off-line to resolve this.

-- Chris

What is the purpose of the ieee80211_ioctl.h and ieee80211_beacon.c attachments(by anonymous)? They don't seem to have any relationship with this ticket. Can't those be deleted from here to avoid confusion?

They have been removed as per request.

I have the same question as ahmeduddin.f.mohmad@intel.com, as I would like to have a copy of madwifi driver to work with Intel Simple Config reference implementation, which requires the patch from this ticket.

Can Chris contact me with how I should proceed too? Or maybe post the generic solution out here in case anyone needs to know in the near future? On the other hand, I am wondering if I should try to get the trunk as of 09/2005? and how? :)

Thanks. Peng

Peng, I mailed you a patch that applies correctly to MadWifi 0.9.2. I haven't submitted it to this ticket yet because I haven't had time to test it.

-- Chris

Alternate version of patch for MadWifi 0.9.2 distro

Peng Ge tested the 0.9.2 version of the patch successfully, so I have submitted it. Thanks Peng!

This is not intended for integration into MadWifi source tree -- madwifi-appie.2.diff is the version that should be integrated to the repos. Also, my first submission of this patch (madwifi-appie.diff) is obsolete and should be removed.

-- Chris

madwifi-appie.diff removed as requested. madwifi-appie2.diff looks ready for inclusion as far as I can tell from a quick check, and IMO should go into 0.9.3.

I have this patch and the one from #925 in a working copy for the moment. Will commit them after a small amount of use, unless someone beats me to it.

@ ccpearson, if you could offer a small blurb on how to take advantage of this new feature, so that we may add it to our wiki/docs, that would be great too.

Thanks.

Committed in r1756. Thanks for following through Chris. Although, I would still like to know, in your own words how to best make use of this feature, so that it may be documented, tia.

This patch was mentioned in "Wi-Fi* Simple Config (WSC) Linux* Reference Implementation" from http-www3.intel.com/cd/ids/developer/asmo-na/eng/247741.htm

Simple Config (offical name: Wi-Fi Protected Setup) requires some special Information Elements to establish secured connection in its (app-level) protocol, therefore, this #517 patch is essential to allow WPS function properly.

I suppose in the future, some other protocols may also take advantage of this feature in the similar fashion.

Enjoy.

Following is a technical description of the patch, incorporating Peng's excellent overview. Wordsmith as you see fit.

---

This patch defines three new IOCTLs:

- IEEE80211_IOCTL_SET_APPIEBUF appends a set of custom information elements to certain outbound management frame types (beacon, probe request/response, and association request/response). The application may append a different IE set for each frame type. To stop appending custom IE's, the application may invoke the IOCTL with an empty IE set. Typically, an application would append vendor-specific IE's with ID 221. The application may not append "system IE's", meaning IE's generated or processed by the MadWifi driver itself. The IOCTL parameter is struct ieee80211req_getset_appiebuf.

- IEEE80211_IOCTL_GET_APPIEBUF enables queries the current set of custom information elements established (via IEEE80211_IOCTL_SET_APPIEBUF) for a specified management frame type. The IOCTL parameter is struct ieee80211req_getset_appiebuf.

- IEEE80211_IOCTL_FILTERFRAME sets a filter that determines which management frame types (beacon, probe request/response, assoc/reassoc request/response, auth/deauth, disassoc) MadWifi is to forward to the network interface (protocol ETH_P_80211_RAW). The IOCTL parameter is struct ieee80211req_set_filter. 'OR' the bits IEEE80211_FILTER_TYPE_*.

This patch is used by the "Wi-Fi* Simple Config (WSC) Linux* Reference Implementation" available from Intel at www3.intel.com/cd/ids/developer/asmo-na/eng/247741.htm. This patch is essential to allow the reference implementation to function properly.

Simple Config (official name: Wi-Fi Protected Setup) defines new vendor-specific information elements that enable unconfigured 802.11 stations to securely acquire network parameters, such as SSID and WPA key, with minimal user interaction.

Additionally, experimental or proprietary 802.11 management protocol extensions may exploit this feature.