<net/if.h>: Do not include <net/if_var.h> for _KERNEL

* Clean up an ancient leftover: do not include <net/if_var.h> from <net/if.h>
for kernel stuffs.

* Adjust various files to include the necess

<net/if.h>: Do not include <net/if_var.h> for _KERNEL

* Clean up an ancient leftover: do not include <net/if_var.h> from <net/if.h>
for kernel stuffs.

* Adjust various files to include the necessary <net/if_var.h> header.

NOTE:
I have also tested removing the inclusion of <net/if.h> from <net/if_var.h>,
therefore add <net/if.h> inclusion for those files that need it but only
included <net/if_var.h>. For some files, the header inclusion orderings are
also adjusted.

show more ...

wlan - Sync netproto/802_11 from FreeBSD part 1/N

* Sync netproto/802_11 from FreeBSD, fbsd git dd885b9a0a0e, May 11 2016.

wlan - Update wlan from Adrian / FreeBSD

* Update the wlan infrastructure, initially working with ath.

Remove empty DragonFly CVS IDs.

Initial import of binutils 2.22 on the new vendor branch

Future versions of binutils will also reside on this branch rather
than continuing to create new binutils branches for each new version.

Adapt 802.11 generic layer to support hardware crypto other than ath(4).
More specificly, it is changed for Wifi chips from Ralink (2x61 is used
as an example here), which have following hardware cry

Adapt 802.11 generic layer to support hardware crypto other than ath(4).
More specificly, it is changed for Wifi chips from Ralink (2x61 is used
as an example here), which have following hardware crypto features. These
features are different from ath(4)'s and need special cares:
1) For TX, host does not need to insert IV and Extended IV after 802.11 MAC
header, instead, host provides them in TX descriptor.
2) For RX, IV and Extended IV will not be left in RX buffer, instead, they
are recorded in RX descriptor.
3) For RX and TKIP is used as crypto method, if the received MPDU is the
only fragment of an MSDU then MIC is stripped and hardware will verify
MIC for host.

Since these kinds of hardwares need to know IV and Extended IV,
ieee80211_crypto_iv structure is added. It can hold IV and Extended IV, and
is used to pass these two IVs to and from 802.11 generic layer. It requires
a special layout to ease crypto modules' processing, so comment is added to
make sure the structure's layout will not be changed.

To address the problems introduced by the hardware feature 1), following
changes are made:
- Add ic_getiv() interface for all crypto modules, which is (obviously) used
to get IV and extended IV from crypto module. Except that it puts IVs in
ieee80211_crypto_iv instead of TX buffer, the new interface is quite similar
to ic_encap(). Wrap ic_getiv() interface by ieee80211_crypto_getiv().
- Split ieee80211_crypto_encap() into two functions:
o ieee80211_crypto_findkey(). It is used to find the crypto key for given
MPDU and receiver.
o ieee80211_crypto_encap_withkey(). It does the real encryption work.
For Ralink's Wifi chips, this function is only called when host based
encryption is used.
After this splition, driver will have a chance to decide whether it need to
do host encryption, which could happen when there are not enough hardware
pairwise keys, or offload the encryption to hardware. ath(4) does not need
this interception, since no matter hardware encryption is used or not, host
always has to insert IVs, while for Ralink Wifi chips, IV insertion can be
done only if host encryption is to be used, for hardware encryption, they
must be set in TX descriptor.
This splition also causes another problem:
ieee80211_crypto_encap_withkey() requires a keyid (read: not key index) and
it will be too bloated to add a keyid parameter for both
ieee80211_crypto_encap_withkey() and ieee80211_crypto_findkey(), so
o Change ieee80211_key.wk_pad to ieee80211_key.wk_keyid, which is keyid for
a given key, and is set in ieee80211_crypto_resetkey(). Since
ieee80211_crypto_resetkey() will need to know internals of ieee80211com,
put it into ieee80211_crypto.c.
o Add assertion in ieee80211_crypto_findkey() to make sure that the crypto
key has correct keyid.
o Make ieee80211_crypto_encap() a wrapper of ieee80211_crypto_findkey() and
ieee80211_crypto_encap_withkey(). Old symantic of this function is still
kept.
The crypto encapsulation for Ralink Wifi chips will look like following:
...
k = ieee80211_crypto_findkey();
if (k is hardware encryption key)
k = ieee80211_crypto_getiv(k, iv);
else
k = ieee80211_crypto_encap_withkey(k);
...
- Add a crypto key flag, IEEE80211_KEY_NOHDR, to indicate that host does not
need to reserve space in TX buffer if hardware encryption is used.
- Honor IEEE80211_KEY_NOHDR in ieee80211_mbuf_adjust().
- Add an extended capability flag, IEEE80211_CEXT_CRYPTO_HDR, which is set by
driver to inform crypto module that if hardware encryption is used for a
crypto key, the key should have IEEE80211_KEY_NOHDR turned on.

To address the problems introduced by the hardware feature 2), following
changes are made:
- Add ic_update() interface for all crypto modules, which is used to update
crypto modules' internal state according to the IVs passed in. Except that
it peeks at the passed in ieee80211_crypto_iv instead of RX buffer, it acts
similarly to ic_decap(). Wrap ic_update() interface by
ieee80211_crypto_update(). ieee80211_crypto_update() also locates the crypto
key for given MPDU and sender.
- Add ieee80211_input_withiv(), which accepts an ieee80211_crypto_iv 'iv'
parameter in addition to the original ieee80211_input() parameters. If 'iv'
parameter is NULL, old ieee80211_input() behaviour is used, if 'iv' is not
NULL, ieee80211_crypto_update() will be called instead of
ieee80211_crypto_decap(). ath(4) does not require this special processing,
since no matter hardware encryption is used or not, IVs are always in RX
buffer, but for Wifi chips from Ralink, we will have to explicitly pass the
recorded IVs in RX descriptor down to crypto modules.
- Change ieee80211_input() to call ieee80211_input_withiv() with NULL 'iv'.
Old symantic of this function is still kept.

To address the problems introduced by the hardware feature 3), following
changes are made:
- Add a key flag, IEEE80211_KEY_NOMIC, to give hint to TKIP crypto module that
hardware will strip TKIP MIC.
- Honor IEEE80211_KEY_NOMIC in tkip_demic().
- Add an extended capability flag, IEEE80211_CEXT_STRIP_MIC, which is set by
driver to inform crypto module that if hardware TKIP MIC is used for a
crypto key, then the key should have IEEE80211_KEY_NOMIC turned on.

show more ...

none_funcname() -> none_crypto_funcname()

Now more ieee80211_xxx_none.c can be added without duplicated(confusing)
function names.

Sync 802.11 support with FreeBSD6:
"it includes completed 802.11g, WPA, 802.11i, 802.1x, WME/WMM, AP-side
power-save, crypto plugin framework, authenticator plugin framework,
and access

Sync 802.11 support with FreeBSD6:
"it includes completed 802.11g, WPA, 802.11i, 802.1x, WME/WMM, AP-side
power-save, crypto plugin framework, authenticator plugin framework,
and access control plugin frameowrk."

Reoriganize the layout of netproto/802_11: put generic 802.11 layer, crypto
modules, authentication module and access control module into their own
directories. Header files are still in their original place.

Nuke all of the mutexing in generic 802.11, reorganize ieee80211_node table
scanning a little bit.

Rename FreeBSD's m_append() to ieee80211_mbuf_append(), rename FreeBSD's
m_unshare() to ieee80211_mbuf_clone() and put them into
netproto/802_11/wlan/ieee80211_dragonly.c
They are not generic enough for public using, at least for now.
Pointed-out-by: hsu

Expose ieee80211_add_{ssid, xrates, rates}() which are used by acx(4)

Keep using opencrypto's AES implmentation for 802.11 CCMP crypto module


Sync ifconfig(8)'s 802.11 support with FreeBSD6


Update acx(4) and ndis(4) for the new 802.11 support

Sync iwi(4), ipw(4), wi(4) and ray(4) with FreeBSD6

For iwi(4):
- Fix ieee80211_node leakage
- Use a bitmap instead of FreeBSD's "unit number alloctor" to allocate IBSS node


Add generic 802.11 layer and crypto modules into GENERIC and LINT,
authentication module and access module are only added to LINT

Unhook awi(4) from GENERIC and LINT temporarily, since as of this commit it
is broken :( It will be fixed sometime later.


Thank Sam Leffler and many other people for their work on 802.11 support.

Thank Andrew Atrens and Adrian Michael Nida for submitting the patch.

Thank all the people that helped testing 802.11 patches for this commit


Based-on-Patch-Submitted-by:
Andrew Atrens <atrens@nortelnetworks.com>
Adrian Michael Nida <nida@musc.edu>

Tested-by:
Thomas Schlesinger <schlesinger@netcologne.de>
Johannes Hofmann <Johannes.Hofmann@gmx.de>
Andrew Thompson <andrew@hijacked.us>
Erik Wikström <erik-wikstrom@telia.com>

show more ...

First pass at converting the net80211 infrastrcture from FreeBSD.