1 /*
2 * WPA Supplicant - background scan and roaming module: learn
3 * Copyright (c) 2009-2010, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "includes.h"
10
11 #include "common.h"
12 #include "eloop.h"
13 #include "list.h"
14 #include "common/ieee802_11_defs.h"
15 #include "drivers/driver.h"
16 #include "config_ssid.h"
17 #include "wpa_supplicant_i.h"
18 #include "driver_i.h"
19 #include "scan.h"
20 #include "bgscan.h"
21
22 struct bgscan_learn_bss {
23 struct dl_list list;
24 u8 bssid[ETH_ALEN];
25 int freq;
26 u8 *neigh; /* num_neigh * ETH_ALEN buffer */
27 size_t num_neigh;
28 };
29
30 struct bgscan_learn_data {
31 struct wpa_supplicant *wpa_s;
32 const struct wpa_ssid *ssid;
33 int scan_interval;
34 int signal_threshold;
35 int short_interval; /* use if signal < threshold */
36 int long_interval; /* use if signal > threshold */
37 struct os_reltime last_bgscan;
38 char *fname;
39 struct dl_list bss;
40 int *supp_freqs;
41 int probe_idx;
42 };
43
44
bss_free(struct bgscan_learn_bss * bss)45 static void bss_free(struct bgscan_learn_bss *bss)
46 {
47 os_free(bss->neigh);
48 os_free(bss);
49 }
50
51
bssid_in_array(u8 * array,size_t array_len,const u8 * bssid)52 static int bssid_in_array(u8 *array, size_t array_len, const u8 *bssid)
53 {
54 size_t i;
55
56 if (array == NULL || array_len == 0)
57 return 0;
58
59 for (i = 0; i < array_len; i++) {
60 if (ether_addr_equal(array + i * ETH_ALEN, bssid))
61 return 1;
62 }
63
64 return 0;
65 }
66
67
bgscan_learn_add_neighbor(struct bgscan_learn_bss * bss,const u8 * bssid)68 static void bgscan_learn_add_neighbor(struct bgscan_learn_bss *bss,
69 const u8 *bssid)
70 {
71 u8 *n;
72
73 if (ether_addr_equal(bss->bssid, bssid))
74 return;
75 if (bssid_in_array(bss->neigh, bss->num_neigh, bssid))
76 return;
77
78 n = os_realloc_array(bss->neigh, bss->num_neigh + 1, ETH_ALEN);
79 if (n == NULL)
80 return;
81
82 os_memcpy(n + bss->num_neigh * ETH_ALEN, bssid, ETH_ALEN);
83 bss->neigh = n;
84 bss->num_neigh++;
85 }
86
87
bgscan_learn_get_bss(struct bgscan_learn_data * data,const u8 * bssid)88 static struct bgscan_learn_bss * bgscan_learn_get_bss(
89 struct bgscan_learn_data *data, const u8 *bssid)
90 {
91 struct bgscan_learn_bss *bss;
92
93 dl_list_for_each(bss, &data->bss, struct bgscan_learn_bss, list) {
94 if (ether_addr_equal(bss->bssid, bssid))
95 return bss;
96 }
97 return NULL;
98 }
99
100
bgscan_learn_load(struct bgscan_learn_data * data)101 static int bgscan_learn_load(struct bgscan_learn_data *data)
102 {
103 FILE *f;
104 char buf[128];
105 struct bgscan_learn_bss *bss;
106
107 if (data->fname == NULL)
108 return 0;
109
110 f = fopen(data->fname, "r");
111 if (f == NULL)
112 return 0;
113
114 wpa_printf(MSG_DEBUG, "bgscan learn: Loading data from %s",
115 data->fname);
116
117 if (fgets(buf, sizeof(buf), f) == NULL ||
118 os_strncmp(buf, "wpa_supplicant-bgscan-learn\n", 28) != 0) {
119 wpa_printf(MSG_INFO, "bgscan learn: Invalid data file %s",
120 data->fname);
121 fclose(f);
122 return -1;
123 }
124
125 while (fgets(buf, sizeof(buf), f)) {
126 if (os_strncmp(buf, "BSS ", 4) == 0) {
127 bss = os_zalloc(sizeof(*bss));
128 if (!bss)
129 continue;
130 if (hwaddr_aton(buf + 4, bss->bssid) < 0) {
131 bss_free(bss);
132 continue;
133 }
134 bss->freq = atoi(buf + 4 + 18);
135 dl_list_add(&data->bss, &bss->list);
136 wpa_printf(MSG_DEBUG, "bgscan learn: Loaded BSS "
137 "entry: " MACSTR " freq=%d",
138 MAC2STR(bss->bssid), bss->freq);
139 }
140
141 if (os_strncmp(buf, "NEIGHBOR ", 9) == 0) {
142 u8 addr[ETH_ALEN];
143
144 if (hwaddr_aton(buf + 9, addr) < 0)
145 continue;
146 bss = bgscan_learn_get_bss(data, addr);
147 if (bss == NULL)
148 continue;
149 if (hwaddr_aton(buf + 9 + 18, addr) < 0)
150 continue;
151
152 bgscan_learn_add_neighbor(bss, addr);
153 }
154 }
155
156 fclose(f);
157 return 0;
158 }
159
160
bgscan_learn_save(struct bgscan_learn_data * data)161 static void bgscan_learn_save(struct bgscan_learn_data *data)
162 {
163 FILE *f;
164 struct bgscan_learn_bss *bss;
165
166 if (data->fname == NULL)
167 return;
168
169 wpa_printf(MSG_DEBUG, "bgscan learn: Saving data to %s",
170 data->fname);
171
172 f = fopen(data->fname, "w");
173 if (f == NULL)
174 return;
175 fprintf(f, "wpa_supplicant-bgscan-learn\n");
176
177 dl_list_for_each(bss, &data->bss, struct bgscan_learn_bss, list) {
178 fprintf(f, "BSS " MACSTR " %d\n",
179 MAC2STR(bss->bssid), bss->freq);
180 }
181
182 dl_list_for_each(bss, &data->bss, struct bgscan_learn_bss, list) {
183 size_t i;
184 for (i = 0; i < bss->num_neigh; i++) {
185 fprintf(f, "NEIGHBOR " MACSTR " " MACSTR "\n",
186 MAC2STR(bss->bssid),
187 MAC2STR(bss->neigh + i * ETH_ALEN));
188 }
189 }
190
191 fclose(f);
192 }
193
194
in_array(int * array,int val)195 static int in_array(int *array, int val)
196 {
197 int i;
198
199 if (array == NULL)
200 return 0;
201
202 for (i = 0; array[i]; i++) {
203 if (array[i] == val)
204 return 1;
205 }
206
207 return 0;
208 }
209
210
bgscan_learn_get_freqs(struct bgscan_learn_data * data,size_t * count)211 static int * bgscan_learn_get_freqs(struct bgscan_learn_data *data,
212 size_t *count)
213 {
214 struct bgscan_learn_bss *bss;
215 int *freqs = NULL, *n;
216
217 *count = 0;
218
219 dl_list_for_each(bss, &data->bss, struct bgscan_learn_bss, list) {
220 if (in_array(freqs, bss->freq))
221 continue;
222 n = os_realloc_array(freqs, *count + 2, sizeof(int));
223 if (n == NULL)
224 return freqs;
225 freqs = n;
226 freqs[*count] = bss->freq;
227 (*count)++;
228 freqs[*count] = 0;
229 }
230
231 return freqs;
232 }
233
234
bgscan_learn_get_probe_freq(struct bgscan_learn_data * data,int * freqs,size_t count)235 static int * bgscan_learn_get_probe_freq(struct bgscan_learn_data *data,
236 int *freqs, size_t count)
237 {
238 int idx, *n;
239
240 if (data->supp_freqs == NULL)
241 return freqs;
242
243 idx = data->probe_idx;
244 do {
245 if (!in_array(freqs, data->supp_freqs[idx])) {
246 wpa_printf(MSG_DEBUG, "bgscan learn: Probe new freq "
247 "%u", data->supp_freqs[idx]);
248 data->probe_idx = idx + 1;
249 if (data->supp_freqs[data->probe_idx] == 0)
250 data->probe_idx = 0;
251 n = os_realloc_array(freqs, count + 2, sizeof(int));
252 if (n == NULL)
253 return freqs;
254 freqs = n;
255 freqs[count] = data->supp_freqs[idx];
256 count++;
257 freqs[count] = 0;
258 break;
259 }
260
261 idx++;
262 if (data->supp_freqs[idx] == 0)
263 idx = 0;
264 } while (idx != data->probe_idx);
265
266 return freqs;
267 }
268
269
bgscan_learn_timeout(void * eloop_ctx,void * timeout_ctx)270 static void bgscan_learn_timeout(void *eloop_ctx, void *timeout_ctx)
271 {
272 struct bgscan_learn_data *data = eloop_ctx;
273 struct wpa_supplicant *wpa_s = data->wpa_s;
274 struct wpa_driver_scan_params params;
275 int *freqs = NULL;
276 size_t count, i;
277 char msg[100], *pos;
278
279 os_memset(¶ms, 0, sizeof(params));
280 params.num_ssids = 1;
281 params.ssids[0].ssid = data->ssid->ssid;
282 params.ssids[0].ssid_len = data->ssid->ssid_len;
283
284 /* Add OWE transition mode SSID of the current network */
285 wpa_add_owe_scan_ssid(wpa_s, ¶ms, data->ssid,
286 wpa_s->max_scan_ssids - params.num_ssids);
287
288 if (data->ssid->scan_freq)
289 params.freqs = data->ssid->scan_freq;
290 else {
291 freqs = bgscan_learn_get_freqs(data, &count);
292 wpa_printf(MSG_DEBUG, "bgscan learn: BSSes in this ESS have "
293 "been seen on %u channels", (unsigned int) count);
294 freqs = bgscan_learn_get_probe_freq(data, freqs, count);
295
296 msg[0] = '\0';
297 pos = msg;
298 for (i = 0; freqs && freqs[i]; i++) {
299 int ret;
300 ret = os_snprintf(pos, msg + sizeof(msg) - pos, " %d",
301 freqs[i]);
302 if (os_snprintf_error(msg + sizeof(msg) - pos, ret))
303 break;
304 pos += ret;
305 }
306 pos[0] = '\0';
307 wpa_printf(MSG_DEBUG, "bgscan learn: Scanning frequencies:%s",
308 msg);
309 params.freqs = freqs;
310 }
311
312 wpa_printf(MSG_DEBUG, "bgscan learn: Request a background scan");
313 if (wpa_supplicant_trigger_scan(wpa_s, ¶ms, true, false)) {
314 wpa_printf(MSG_DEBUG, "bgscan learn: Failed to trigger scan");
315 eloop_register_timeout(data->scan_interval, 0,
316 bgscan_learn_timeout, data, NULL);
317 } else
318 os_get_reltime(&data->last_bgscan);
319 os_free(freqs);
320 }
321
322
bgscan_learn_get_params(struct bgscan_learn_data * data,const char * params)323 static int bgscan_learn_get_params(struct bgscan_learn_data *data,
324 const char *params)
325 {
326 const char *pos;
327
328 data->short_interval = atoi(params);
329
330 pos = os_strchr(params, ':');
331 if (pos == NULL)
332 return 0;
333 pos++;
334 data->signal_threshold = atoi(pos);
335 pos = os_strchr(pos, ':');
336 if (pos == NULL) {
337 wpa_printf(MSG_ERROR, "bgscan learn: Missing scan interval "
338 "for high signal");
339 return -1;
340 }
341 pos++;
342 data->long_interval = atoi(pos);
343 pos = os_strchr(pos, ':');
344 if (pos) {
345 pos++;
346 data->fname = os_strdup(pos);
347 }
348
349 return 0;
350 }
351
352
bgscan_learn_get_supp_freqs(struct wpa_supplicant * wpa_s)353 static int * bgscan_learn_get_supp_freqs(struct wpa_supplicant *wpa_s)
354 {
355 struct hostapd_hw_modes *modes;
356 int i, j, *freqs = NULL, *n;
357 size_t count = 0;
358
359 modes = wpa_s->hw.modes;
360 if (modes == NULL)
361 return NULL;
362
363 for (i = 0; i < wpa_s->hw.num_modes; i++) {
364 for (j = 0; j < modes[i].num_channels; j++) {
365 if (modes[i].channels[j].flag & HOSTAPD_CHAN_DISABLED)
366 continue;
367 /* some hw modes (e.g. 11b & 11g) contain same freqs */
368 if (in_array(freqs, modes[i].channels[j].freq))
369 continue;
370 n = os_realloc_array(freqs, count + 2, sizeof(int));
371 if (n == NULL)
372 continue;
373
374 freqs = n;
375 freqs[count] = modes[i].channels[j].freq;
376 count++;
377 freqs[count] = 0;
378 }
379 }
380
381 return freqs;
382 }
383
384
bgscan_learn_init(struct wpa_supplicant * wpa_s,const char * params,const struct wpa_ssid * ssid)385 static void * bgscan_learn_init(struct wpa_supplicant *wpa_s,
386 const char *params,
387 const struct wpa_ssid *ssid)
388 {
389 struct bgscan_learn_data *data;
390
391 data = os_zalloc(sizeof(*data));
392 if (data == NULL)
393 return NULL;
394 dl_list_init(&data->bss);
395 data->wpa_s = wpa_s;
396 data->ssid = ssid;
397 if (bgscan_learn_get_params(data, params) < 0) {
398 os_free(data->fname);
399 os_free(data);
400 return NULL;
401 }
402 if (data->short_interval <= 0)
403 data->short_interval = 30;
404 if (data->long_interval <= 0)
405 data->long_interval = 30;
406
407 if (bgscan_learn_load(data) < 0) {
408 os_free(data->fname);
409 os_free(data);
410 return NULL;
411 }
412
413 wpa_printf(MSG_DEBUG, "bgscan learn: Signal strength threshold %d "
414 "Short bgscan interval %d Long bgscan interval %d",
415 data->signal_threshold, data->short_interval,
416 data->long_interval);
417
418 if (data->signal_threshold &&
419 wpa_drv_signal_monitor(wpa_s, data->signal_threshold, 4) < 0) {
420 wpa_printf(MSG_ERROR, "bgscan learn: Failed to enable "
421 "signal strength monitoring");
422 }
423
424 data->supp_freqs = bgscan_learn_get_supp_freqs(wpa_s);
425 data->scan_interval = data->short_interval;
426 if (data->signal_threshold) {
427 /* Poll for signal info to set initial scan interval */
428 struct wpa_signal_info siginfo;
429 if (wpa_drv_signal_poll(wpa_s, &siginfo) == 0 &&
430 siginfo.data.signal >= data->signal_threshold)
431 data->scan_interval = data->long_interval;
432 }
433
434 eloop_register_timeout(data->scan_interval, 0, bgscan_learn_timeout,
435 data, NULL);
436
437 /*
438 * This function is called immediately after an association, so it is
439 * reasonable to assume that a scan was completed recently. This makes
440 * us skip an immediate new scan in cases where the current signal
441 * level is below the bgscan threshold.
442 */
443 os_get_reltime(&data->last_bgscan);
444
445 return data;
446 }
447
448
bgscan_learn_deinit(void * priv)449 static void bgscan_learn_deinit(void *priv)
450 {
451 struct bgscan_learn_data *data = priv;
452 struct bgscan_learn_bss *bss, *n;
453
454 bgscan_learn_save(data);
455 eloop_cancel_timeout(bgscan_learn_timeout, data, NULL);
456 if (data->signal_threshold)
457 wpa_drv_signal_monitor(data->wpa_s, 0, 0);
458 os_free(data->fname);
459 dl_list_for_each_safe(bss, n, &data->bss, struct bgscan_learn_bss,
460 list) {
461 dl_list_del(&bss->list);
462 bss_free(bss);
463 }
464 os_free(data->supp_freqs);
465 os_free(data);
466 }
467
468
bgscan_learn_bss_match(struct bgscan_learn_data * data,struct wpa_scan_res * bss)469 static int bgscan_learn_bss_match(struct bgscan_learn_data *data,
470 struct wpa_scan_res *bss)
471 {
472 const u8 *ie;
473
474 ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
475 if (ie == NULL)
476 return 0;
477
478 if (data->ssid->ssid_len != ie[1] ||
479 os_memcmp(data->ssid->ssid, ie + 2, ie[1]) != 0)
480 return 0; /* SSID mismatch */
481
482 return 1;
483 }
484
485
bgscan_learn_notify_scan(void * priv,struct wpa_scan_results * scan_res)486 static int bgscan_learn_notify_scan(void *priv,
487 struct wpa_scan_results *scan_res)
488 {
489 struct bgscan_learn_data *data = priv;
490 size_t i, j;
491 #define MAX_BSS 50
492 u8 bssid[MAX_BSS * ETH_ALEN];
493 size_t num_bssid = 0;
494
495 wpa_printf(MSG_DEBUG, "bgscan learn: scan result notification");
496
497 eloop_cancel_timeout(bgscan_learn_timeout, data, NULL);
498 eloop_register_timeout(data->scan_interval, 0, bgscan_learn_timeout,
499 data, NULL);
500
501 for (i = 0; i < scan_res->num; i++) {
502 struct wpa_scan_res *res = scan_res->res[i];
503 if (!bgscan_learn_bss_match(data, res))
504 continue;
505
506 if (num_bssid < MAX_BSS) {
507 os_memcpy(bssid + num_bssid * ETH_ALEN, res->bssid,
508 ETH_ALEN);
509 num_bssid++;
510 }
511 }
512 wpa_printf(MSG_DEBUG, "bgscan learn: %u matching BSSes in scan "
513 "results", (unsigned int) num_bssid);
514
515 for (i = 0; i < scan_res->num; i++) {
516 struct wpa_scan_res *res = scan_res->res[i];
517 struct bgscan_learn_bss *bss;
518
519 if (!bgscan_learn_bss_match(data, res))
520 continue;
521
522 bss = bgscan_learn_get_bss(data, res->bssid);
523 if (bss && bss->freq != res->freq) {
524 wpa_printf(MSG_DEBUG, "bgscan learn: Update BSS "
525 MACSTR " freq %d -> %d",
526 MAC2STR(res->bssid), bss->freq, res->freq);
527 bss->freq = res->freq;
528 } else if (!bss) {
529 wpa_printf(MSG_DEBUG, "bgscan learn: Add BSS " MACSTR
530 " freq=%d", MAC2STR(res->bssid), res->freq);
531 bss = os_zalloc(sizeof(*bss));
532 if (!bss)
533 continue;
534 os_memcpy(bss->bssid, res->bssid, ETH_ALEN);
535 bss->freq = res->freq;
536 dl_list_add(&data->bss, &bss->list);
537 }
538
539 for (j = 0; j < num_bssid; j++) {
540 u8 *addr = bssid + j * ETH_ALEN;
541 bgscan_learn_add_neighbor(bss, addr);
542 }
543 }
544
545 /*
546 * A more advanced bgscan could process scan results internally, select
547 * the BSS and request roam if needed. This sample uses the existing
548 * BSS/ESS selection routine. Change this to return 1 if selection is
549 * done inside the bgscan module.
550 */
551
552 return 0;
553 }
554
555
bgscan_learn_notify_beacon_loss(void * priv)556 static void bgscan_learn_notify_beacon_loss(void *priv)
557 {
558 wpa_printf(MSG_DEBUG, "bgscan learn: beacon loss");
559 /* TODO: speed up background scanning */
560 }
561
562
bgscan_learn_notify_signal_change(void * priv,int above,int current_signal,int current_noise,int current_txrate)563 static void bgscan_learn_notify_signal_change(void *priv, int above,
564 int current_signal,
565 int current_noise,
566 int current_txrate)
567 {
568 struct bgscan_learn_data *data = priv;
569 int scan = 0;
570 struct os_reltime now;
571
572 if (data->short_interval == data->long_interval ||
573 data->signal_threshold == 0)
574 return;
575
576 wpa_printf(MSG_DEBUG, "bgscan learn: signal level changed "
577 "(above=%d current_signal=%d current_noise=%d "
578 "current_txrate=%d)", above, current_signal,
579 current_noise, current_txrate);
580 if (data->scan_interval == data->long_interval && !above) {
581 wpa_printf(MSG_DEBUG, "bgscan learn: Start using short bgscan "
582 "interval");
583 data->scan_interval = data->short_interval;
584 os_get_reltime(&now);
585 if (now.sec > data->last_bgscan.sec + 1)
586 scan = 1;
587 } else if (data->scan_interval == data->short_interval && above) {
588 wpa_printf(MSG_DEBUG, "bgscan learn: Start using long bgscan "
589 "interval");
590 data->scan_interval = data->long_interval;
591 eloop_cancel_timeout(bgscan_learn_timeout, data, NULL);
592 eloop_register_timeout(data->scan_interval, 0,
593 bgscan_learn_timeout, data, NULL);
594 } else if (!above) {
595 /*
596 * Signal dropped further 4 dB. Request a new scan if we have
597 * not yet scanned in a while.
598 */
599 os_get_reltime(&now);
600 if (now.sec > data->last_bgscan.sec + 10)
601 scan = 1;
602 }
603
604 if (scan) {
605 wpa_printf(MSG_DEBUG, "bgscan learn: Trigger immediate scan");
606 eloop_cancel_timeout(bgscan_learn_timeout, data, NULL);
607 eloop_register_timeout(0, 0, bgscan_learn_timeout, data, NULL);
608 }
609 }
610
611
612 const struct bgscan_ops bgscan_learn_ops = {
613 .name = "learn",
614 .init = bgscan_learn_init,
615 .deinit = bgscan_learn_deinit,
616 .notify_scan = bgscan_learn_notify_scan,
617 .notify_beacon_loss = bgscan_learn_notify_beacon_loss,
618 .notify_signal_change = bgscan_learn_notify_signal_change,
619 };
620