1 /*
2 * WPA Supplicant - background scan and roaming module: learn
3 * Copyright (c) 2009-2010, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "includes.h"
10
11 #include "common.h"
12 #include "eloop.h"
13 #include "list.h"
14 #include "common/ieee802_11_defs.h"
15 #include "drivers/driver.h"
16 #include "config_ssid.h"
17 #include "wpa_supplicant_i.h"
18 #include "driver_i.h"
19 #include "scan.h"
20 #include "bgscan.h"
21
22 struct bgscan_learn_bss {
23 struct dl_list list;
24 u8 bssid[ETH_ALEN];
25 int freq;
26 u8 *neigh; /* num_neigh * ETH_ALEN buffer */
27 size_t num_neigh;
28 };
29
30 struct bgscan_learn_data {
31 struct wpa_supplicant *wpa_s;
32 const struct wpa_ssid *ssid;
33 int scan_interval;
34 int signal_threshold;
35 int short_interval; /* use if signal < threshold */
36 int long_interval; /* use if signal > threshold */
37 struct os_time last_bgscan;
38 char *fname;
39 struct dl_list bss;
40 int *supp_freqs;
41 int probe_idx;
42 };
43
44
bss_free(struct bgscan_learn_bss * bss)45 static void bss_free(struct bgscan_learn_bss *bss)
46 {
47 os_free(bss->neigh);
48 os_free(bss);
49 }
50
51
bssid_in_array(u8 * array,size_t array_len,const u8 * bssid)52 static int bssid_in_array(u8 *array, size_t array_len, const u8 *bssid)
53 {
54 size_t i;
55
56 if (array == NULL || array_len == 0)
57 return 0;
58
59 for (i = 0; i < array_len; i++) {
60 if (os_memcmp(array + i * ETH_ALEN, bssid, ETH_ALEN) == 0)
61 return 1;
62 }
63
64 return 0;
65 }
66
67
bgscan_learn_add_neighbor(struct bgscan_learn_bss * bss,const u8 * bssid)68 static void bgscan_learn_add_neighbor(struct bgscan_learn_bss *bss,
69 const u8 *bssid)
70 {
71 u8 *n;
72
73 if (os_memcmp(bss->bssid, bssid, ETH_ALEN) == 0)
74 return;
75 if (bssid_in_array(bss->neigh, bss->num_neigh, bssid))
76 return;
77
78 n = os_realloc_array(bss->neigh, bss->num_neigh + 1, ETH_ALEN);
79 if (n == NULL)
80 return;
81
82 os_memcpy(n + bss->num_neigh * ETH_ALEN, bssid, ETH_ALEN);
83 bss->neigh = n;
84 bss->num_neigh++;
85 }
86
87
bgscan_learn_get_bss(struct bgscan_learn_data * data,const u8 * bssid)88 static struct bgscan_learn_bss * bgscan_learn_get_bss(
89 struct bgscan_learn_data *data, const u8 *bssid)
90 {
91 struct bgscan_learn_bss *bss;
92
93 dl_list_for_each(bss, &data->bss, struct bgscan_learn_bss, list) {
94 if (os_memcmp(bss->bssid, bssid, ETH_ALEN) == 0)
95 return bss;
96 }
97 return NULL;
98 }
99
100
bgscan_learn_load(struct bgscan_learn_data * data)101 static int bgscan_learn_load(struct bgscan_learn_data *data)
102 {
103 FILE *f;
104 char buf[128];
105 struct bgscan_learn_bss *bss;
106
107 if (data->fname == NULL)
108 return 0;
109
110 f = fopen(data->fname, "r");
111 if (f == NULL)
112 return 0;
113
114 wpa_printf(MSG_DEBUG, "bgscan learn: Loading data from %s",
115 data->fname);
116
117 if (fgets(buf, sizeof(buf), f) == NULL ||
118 os_strncmp(buf, "wpa_supplicant-bgscan-learn\n", 28) != 0) {
119 wpa_printf(MSG_INFO, "bgscan learn: Invalid data file %s",
120 data->fname);
121 fclose(f);
122 return -1;
123 }
124
125 while (fgets(buf, sizeof(buf), f)) {
126 if (os_strncmp(buf, "BSS ", 4) == 0) {
127 bss = os_zalloc(sizeof(*bss));
128 if (!bss)
129 continue;
130 if (hwaddr_aton(buf + 4, bss->bssid) < 0) {
131 bss_free(bss);
132 continue;
133 }
134 bss->freq = atoi(buf + 4 + 18);
135 dl_list_add(&data->bss, &bss->list);
136 wpa_printf(MSG_DEBUG, "bgscan learn: Loaded BSS "
137 "entry: " MACSTR " freq=%d",
138 MAC2STR(bss->bssid), bss->freq);
139 }
140
141 if (os_strncmp(buf, "NEIGHBOR ", 9) == 0) {
142 u8 addr[ETH_ALEN];
143
144 if (hwaddr_aton(buf + 9, addr) < 0)
145 continue;
146 bss = bgscan_learn_get_bss(data, addr);
147 if (bss == NULL)
148 continue;
149 if (hwaddr_aton(buf + 9 + 18, addr) < 0)
150 continue;
151
152 bgscan_learn_add_neighbor(bss, addr);
153 }
154 }
155
156 fclose(f);
157 return 0;
158 }
159
160
bgscan_learn_save(struct bgscan_learn_data * data)161 static void bgscan_learn_save(struct bgscan_learn_data *data)
162 {
163 FILE *f;
164 struct bgscan_learn_bss *bss;
165
166 if (data->fname == NULL)
167 return;
168
169 wpa_printf(MSG_DEBUG, "bgscan learn: Saving data to %s",
170 data->fname);
171
172 f = fopen(data->fname, "w");
173 if (f == NULL)
174 return;
175 fprintf(f, "wpa_supplicant-bgscan-learn\n");
176
177 dl_list_for_each(bss, &data->bss, struct bgscan_learn_bss, list) {
178 fprintf(f, "BSS " MACSTR " %d\n",
179 MAC2STR(bss->bssid), bss->freq);
180 }
181
182 dl_list_for_each(bss, &data->bss, struct bgscan_learn_bss, list) {
183 size_t i;
184 for (i = 0; i < bss->num_neigh; i++) {
185 fprintf(f, "NEIGHBOR " MACSTR " " MACSTR "\n",
186 MAC2STR(bss->bssid),
187 MAC2STR(bss->neigh + i * ETH_ALEN));
188 }
189 }
190
191 fclose(f);
192 }
193
194
in_array(int * array,int val)195 static int in_array(int *array, int val)
196 {
197 int i;
198
199 if (array == NULL)
200 return 0;
201
202 for (i = 0; array[i]; i++) {
203 if (array[i] == val)
204 return 1;
205 }
206
207 return 0;
208 }
209
210
bgscan_learn_get_freqs(struct bgscan_learn_data * data,size_t * count)211 static int * bgscan_learn_get_freqs(struct bgscan_learn_data *data,
212 size_t *count)
213 {
214 struct bgscan_learn_bss *bss;
215 int *freqs = NULL, *n;
216
217 *count = 0;
218
219 dl_list_for_each(bss, &data->bss, struct bgscan_learn_bss, list) {
220 if (in_array(freqs, bss->freq))
221 continue;
222 n = os_realloc_array(freqs, *count + 2, sizeof(int));
223 if (n == NULL)
224 return freqs;
225 freqs = n;
226 freqs[*count] = bss->freq;
227 (*count)++;
228 freqs[*count] = 0;
229 }
230
231 return freqs;
232 }
233
234
bgscan_learn_get_probe_freq(struct bgscan_learn_data * data,int * freqs,size_t count)235 static int * bgscan_learn_get_probe_freq(struct bgscan_learn_data *data,
236 int *freqs, size_t count)
237 {
238 int idx, *n;
239
240 if (data->supp_freqs == NULL)
241 return freqs;
242
243 idx = data->probe_idx + 1;
244 while (idx != data->probe_idx) {
245 if (data->supp_freqs[idx] == 0)
246 idx = 0;
247 if (!in_array(freqs, data->supp_freqs[idx])) {
248 wpa_printf(MSG_DEBUG, "bgscan learn: Probe new freq "
249 "%u", data->supp_freqs[idx]);
250 data->probe_idx = idx;
251 n = os_realloc_array(freqs, count + 2, sizeof(int));
252 if (n == NULL)
253 return freqs;
254 freqs = n;
255 freqs[count] = data->supp_freqs[idx];
256 count++;
257 freqs[count] = 0;
258 break;
259 }
260
261 idx++;
262 }
263
264 return freqs;
265 }
266
267
bgscan_learn_timeout(void * eloop_ctx,void * timeout_ctx)268 static void bgscan_learn_timeout(void *eloop_ctx, void *timeout_ctx)
269 {
270 struct bgscan_learn_data *data = eloop_ctx;
271 struct wpa_supplicant *wpa_s = data->wpa_s;
272 struct wpa_driver_scan_params params;
273 int *freqs = NULL;
274 size_t count, i;
275 char msg[100], *pos;
276
277 os_memset(¶ms, 0, sizeof(params));
278 params.num_ssids = 1;
279 params.ssids[0].ssid = data->ssid->ssid;
280 params.ssids[0].ssid_len = data->ssid->ssid_len;
281 if (data->ssid->scan_freq)
282 params.freqs = data->ssid->scan_freq;
283 else {
284 freqs = bgscan_learn_get_freqs(data, &count);
285 wpa_printf(MSG_DEBUG, "bgscan learn: BSSes in this ESS have "
286 "been seen on %u channels", (unsigned int) count);
287 freqs = bgscan_learn_get_probe_freq(data, freqs, count);
288
289 msg[0] = '\0';
290 pos = msg;
291 for (i = 0; freqs && freqs[i]; i++) {
292 int ret;
293 ret = os_snprintf(pos, msg + sizeof(msg) - pos, " %d",
294 freqs[i]);
295 if (ret < 0 || ret >= msg + sizeof(msg) - pos)
296 break;
297 pos += ret;
298 }
299 pos[0] = '\0';
300 wpa_printf(MSG_DEBUG, "bgscan learn: Scanning frequencies:%s",
301 msg);
302 params.freqs = freqs;
303 }
304
305 wpa_printf(MSG_DEBUG, "bgscan learn: Request a background scan");
306 if (wpa_supplicant_trigger_scan(wpa_s, ¶ms)) {
307 wpa_printf(MSG_DEBUG, "bgscan learn: Failed to trigger scan");
308 eloop_register_timeout(data->scan_interval, 0,
309 bgscan_learn_timeout, data, NULL);
310 } else
311 os_get_time(&data->last_bgscan);
312 os_free(freqs);
313 }
314
315
bgscan_learn_get_params(struct bgscan_learn_data * data,const char * params)316 static int bgscan_learn_get_params(struct bgscan_learn_data *data,
317 const char *params)
318 {
319 const char *pos;
320
321 if (params == NULL)
322 return 0;
323
324 data->short_interval = atoi(params);
325
326 pos = os_strchr(params, ':');
327 if (pos == NULL)
328 return 0;
329 pos++;
330 data->signal_threshold = atoi(pos);
331 pos = os_strchr(pos, ':');
332 if (pos == NULL) {
333 wpa_printf(MSG_ERROR, "bgscan learn: Missing scan interval "
334 "for high signal");
335 return -1;
336 }
337 pos++;
338 data->long_interval = atoi(pos);
339 pos = os_strchr(pos, ':');
340 if (pos) {
341 pos++;
342 data->fname = os_strdup(pos);
343 }
344
345 return 0;
346 }
347
348
bgscan_learn_get_supp_freqs(struct wpa_supplicant * wpa_s)349 static int * bgscan_learn_get_supp_freqs(struct wpa_supplicant *wpa_s)
350 {
351 struct hostapd_hw_modes *modes;
352 int i, j, *freqs = NULL, *n;
353 size_t count = 0;
354
355 modes = wpa_s->hw.modes;
356 if (modes == NULL)
357 return NULL;
358
359 for (i = 0; i < wpa_s->hw.num_modes; i++) {
360 for (j = 0; j < modes[i].num_channels; j++) {
361 if (modes[i].channels[j].flag & HOSTAPD_CHAN_DISABLED)
362 continue;
363 n = os_realloc_array(freqs, count + 2, sizeof(int));
364 if (n == NULL)
365 continue;
366
367 freqs = n;
368 freqs[count] = modes[i].channels[j].freq;
369 count++;
370 freqs[count] = 0;
371 }
372 }
373
374 return freqs;
375 }
376
377
bgscan_learn_init(struct wpa_supplicant * wpa_s,const char * params,const struct wpa_ssid * ssid)378 static void * bgscan_learn_init(struct wpa_supplicant *wpa_s,
379 const char *params,
380 const struct wpa_ssid *ssid)
381 {
382 struct bgscan_learn_data *data;
383
384 data = os_zalloc(sizeof(*data));
385 if (data == NULL)
386 return NULL;
387 dl_list_init(&data->bss);
388 data->wpa_s = wpa_s;
389 data->ssid = ssid;
390 if (bgscan_learn_get_params(data, params) < 0) {
391 os_free(data->fname);
392 os_free(data);
393 return NULL;
394 }
395 if (data->short_interval <= 0)
396 data->short_interval = 30;
397 if (data->long_interval <= 0)
398 data->long_interval = 30;
399
400 if (bgscan_learn_load(data) < 0) {
401 os_free(data->fname);
402 os_free(data);
403 return NULL;
404 }
405
406 wpa_printf(MSG_DEBUG, "bgscan learn: Signal strength threshold %d "
407 "Short bgscan interval %d Long bgscan interval %d",
408 data->signal_threshold, data->short_interval,
409 data->long_interval);
410
411 if (data->signal_threshold &&
412 wpa_drv_signal_monitor(wpa_s, data->signal_threshold, 4) < 0) {
413 wpa_printf(MSG_ERROR, "bgscan learn: Failed to enable "
414 "signal strength monitoring");
415 }
416
417 data->supp_freqs = bgscan_learn_get_supp_freqs(wpa_s);
418 data->scan_interval = data->short_interval;
419 eloop_register_timeout(data->scan_interval, 0, bgscan_learn_timeout,
420 data, NULL);
421
422 /*
423 * This function is called immediately after an association, so it is
424 * reasonable to assume that a scan was completed recently. This makes
425 * us skip an immediate new scan in cases where the current signal
426 * level is below the bgscan threshold.
427 */
428 os_get_time(&data->last_bgscan);
429
430 return data;
431 }
432
433
bgscan_learn_deinit(void * priv)434 static void bgscan_learn_deinit(void *priv)
435 {
436 struct bgscan_learn_data *data = priv;
437 struct bgscan_learn_bss *bss, *n;
438
439 bgscan_learn_save(data);
440 eloop_cancel_timeout(bgscan_learn_timeout, data, NULL);
441 if (data->signal_threshold)
442 wpa_drv_signal_monitor(data->wpa_s, 0, 0);
443 os_free(data->fname);
444 dl_list_for_each_safe(bss, n, &data->bss, struct bgscan_learn_bss,
445 list) {
446 dl_list_del(&bss->list);
447 bss_free(bss);
448 }
449 os_free(data->supp_freqs);
450 os_free(data);
451 }
452
453
bgscan_learn_bss_match(struct bgscan_learn_data * data,struct wpa_scan_res * bss)454 static int bgscan_learn_bss_match(struct bgscan_learn_data *data,
455 struct wpa_scan_res *bss)
456 {
457 const u8 *ie;
458
459 ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
460 if (ie == NULL)
461 return 0;
462
463 if (data->ssid->ssid_len != ie[1] ||
464 os_memcmp(data->ssid->ssid, ie + 2, ie[1]) != 0)
465 return 0; /* SSID mismatch */
466
467 return 1;
468 }
469
470
bgscan_learn_notify_scan(void * priv,struct wpa_scan_results * scan_res)471 static int bgscan_learn_notify_scan(void *priv,
472 struct wpa_scan_results *scan_res)
473 {
474 struct bgscan_learn_data *data = priv;
475 size_t i, j;
476 #define MAX_BSS 50
477 u8 bssid[MAX_BSS * ETH_ALEN];
478 size_t num_bssid = 0;
479
480 wpa_printf(MSG_DEBUG, "bgscan learn: scan result notification");
481
482 eloop_cancel_timeout(bgscan_learn_timeout, data, NULL);
483 eloop_register_timeout(data->scan_interval, 0, bgscan_learn_timeout,
484 data, NULL);
485
486 for (i = 0; i < scan_res->num; i++) {
487 struct wpa_scan_res *res = scan_res->res[i];
488 if (!bgscan_learn_bss_match(data, res))
489 continue;
490
491 if (num_bssid < MAX_BSS) {
492 os_memcpy(bssid + num_bssid * ETH_ALEN, res->bssid,
493 ETH_ALEN);
494 num_bssid++;
495 }
496 }
497 wpa_printf(MSG_DEBUG, "bgscan learn: %u matching BSSes in scan "
498 "results", (unsigned int) num_bssid);
499
500 for (i = 0; i < scan_res->num; i++) {
501 struct wpa_scan_res *res = scan_res->res[i];
502 struct bgscan_learn_bss *bss;
503
504 if (!bgscan_learn_bss_match(data, res))
505 continue;
506
507 bss = bgscan_learn_get_bss(data, res->bssid);
508 if (bss && bss->freq != res->freq) {
509 wpa_printf(MSG_DEBUG, "bgscan learn: Update BSS "
510 MACSTR " freq %d -> %d",
511 MAC2STR(res->bssid), bss->freq, res->freq);
512 bss->freq = res->freq;
513 } else if (!bss) {
514 wpa_printf(MSG_DEBUG, "bgscan learn: Add BSS " MACSTR
515 " freq=%d", MAC2STR(res->bssid), res->freq);
516 bss = os_zalloc(sizeof(*bss));
517 if (!bss)
518 continue;
519 os_memcpy(bss->bssid, res->bssid, ETH_ALEN);
520 bss->freq = res->freq;
521 dl_list_add(&data->bss, &bss->list);
522 }
523
524 for (j = 0; j < num_bssid; j++) {
525 u8 *addr = bssid + j * ETH_ALEN;
526 bgscan_learn_add_neighbor(bss, addr);
527 }
528 }
529
530 /*
531 * A more advanced bgscan could process scan results internally, select
532 * the BSS and request roam if needed. This sample uses the existing
533 * BSS/ESS selection routine. Change this to return 1 if selection is
534 * done inside the bgscan module.
535 */
536
537 return 0;
538 }
539
540
bgscan_learn_notify_beacon_loss(void * priv)541 static void bgscan_learn_notify_beacon_loss(void *priv)
542 {
543 wpa_printf(MSG_DEBUG, "bgscan learn: beacon loss");
544 /* TODO: speed up background scanning */
545 }
546
547
bgscan_learn_notify_signal_change(void * priv,int above,int current_signal,int current_noise,int current_txrate)548 static void bgscan_learn_notify_signal_change(void *priv, int above,
549 int current_signal,
550 int current_noise,
551 int current_txrate)
552 {
553 struct bgscan_learn_data *data = priv;
554 int scan = 0;
555 struct os_time now;
556
557 if (data->short_interval == data->long_interval ||
558 data->signal_threshold == 0)
559 return;
560
561 wpa_printf(MSG_DEBUG, "bgscan learn: signal level changed "
562 "(above=%d current_signal=%d current_noise=%d "
563 "current_txrate=%d)", above, current_signal,
564 current_noise, current_txrate);
565 if (data->scan_interval == data->long_interval && !above) {
566 wpa_printf(MSG_DEBUG, "bgscan learn: Start using short bgscan "
567 "interval");
568 data->scan_interval = data->short_interval;
569 os_get_time(&now);
570 if (now.sec > data->last_bgscan.sec + 1)
571 scan = 1;
572 } else if (data->scan_interval == data->short_interval && above) {
573 wpa_printf(MSG_DEBUG, "bgscan learn: Start using long bgscan "
574 "interval");
575 data->scan_interval = data->long_interval;
576 eloop_cancel_timeout(bgscan_learn_timeout, data, NULL);
577 eloop_register_timeout(data->scan_interval, 0,
578 bgscan_learn_timeout, data, NULL);
579 } else if (!above) {
580 /*
581 * Signal dropped further 4 dB. Request a new scan if we have
582 * not yet scanned in a while.
583 */
584 os_get_time(&now);
585 if (now.sec > data->last_bgscan.sec + 10)
586 scan = 1;
587 }
588
589 if (scan) {
590 wpa_printf(MSG_DEBUG, "bgscan learn: Trigger immediate scan");
591 eloop_cancel_timeout(bgscan_learn_timeout, data, NULL);
592 eloop_register_timeout(0, 0, bgscan_learn_timeout, data, NULL);
593 }
594 }
595
596
597 const struct bgscan_ops bgscan_learn_ops = {
598 .name = "learn",
599 .init = bgscan_learn_init,
600 .deinit = bgscan_learn_deinit,
601 .notify_scan = bgscan_learn_notify_scan,
602 .notify_beacon_loss = bgscan_learn_notify_beacon_loss,
603 .notify_signal_change = bgscan_learn_notify_signal_change,
604 };
605