The 802.11 subsystems – for kernel developers

Explaining wireless 802.11 networking in the Linux kernel

This documentation is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.

This documentation is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this documentation; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

For more details see the file COPYING in the source distribution of Linux.


These books attempt to give a description of the various subsystems that play a role in 802.11 wireless networking in Linux. Since these books are for kernel developers they attempts to document the structures and functions used in the kernel as well as giving a higher-level overview.

The reader is expected to be familiar with the 802.11 standard as published by the IEEE in 802.11-2007 (or possibly later versions). References to this standard will be given as "802.11-2007 8.1.5".

Table of Contents

The cfg80211 subsystem
1. Device registration
enum ieee80211_channel_flags — channel flags
struct ieee80211_channel — channel definition
enum ieee80211_rate_flags — rate flags
struct ieee80211_rate — bitrate definition
struct ieee80211_sta_ht_cap — STA's HT capabilities
struct ieee80211_supported_band — frequency band definition
enum cfg80211_signal_type — signal type
enum wiphy_params_flags — set_wiphy_params bitfield values
enum wiphy_flags — wiphy capability flags
struct wiphy — wireless hardware description
struct wireless_dev — wireless device state
wiphy_new — create a new wiphy for use with cfg80211
wiphy_register — register a wiphy with cfg80211
wiphy_unregister — deregister a wiphy from cfg80211
wiphy_free — free wiphy
wiphy_name — get wiphy name
wiphy_dev — get wiphy dev pointer
wiphy_priv — return priv from wiphy
priv_to_wiphy — return the wiphy containing the priv
set_wiphy_dev — set device pointer for wiphy
wdev_priv — return wiphy priv from wireless_dev
struct ieee80211_iface_limit — limit on certain interface types
struct ieee80211_iface_combination — possible interface combination
cfg80211_check_combinations — check interface combinations
2. Actions and configuration
struct cfg80211_ops — backend description for wireless configuration
struct vif_params — describes virtual interface parameters
struct key_params — key information
enum survey_info_flags — survey information flags
struct survey_info — channel survey response
struct cfg80211_beacon_data — beacon data
struct cfg80211_ap_settings — AP configuration
struct station_parameters — station parameters
enum rate_info_flags — bitrate info flags
struct rate_info — bitrate information
struct station_info — station information
enum monitor_flags — monitor flags
enum mpath_info_flags — mesh path information flags
struct mpath_info — mesh path information
struct bss_parameters — BSS parameters
struct ieee80211_txq_params — TX queue parameters
struct cfg80211_crypto_settings — Crypto settings
struct cfg80211_auth_request — Authentication request data
struct cfg80211_assoc_request — (Re)Association request data
struct cfg80211_deauth_request — Deauthentication request data
struct cfg80211_disassoc_request — Disassociation request data
struct cfg80211_ibss_params — IBSS parameters
struct cfg80211_connect_params — Connection parameters
struct cfg80211_pmksa — PMK Security Association
cfg80211_rx_mlme_mgmt — notification of processed MLME management frame
cfg80211_auth_timeout — notification of timed out authentication
cfg80211_rx_assoc_resp — notification of processed association response
cfg80211_assoc_timeout — notification of timed out association
cfg80211_tx_mlme_mgmt — notification of transmitted deauth/disassoc frame
cfg80211_ibss_joined — notify cfg80211 that device joined an IBSS
cfg80211_connect_result — notify cfg80211 of connection result
cfg80211_connect_bss — notify cfg80211 of connection result
cfg80211_connect_timeout — notify cfg80211 of connection timeout
cfg80211_roamed — notify cfg80211 of roaming
cfg80211_disconnected — notify cfg80211 that connection was dropped
cfg80211_ready_on_channel — notification of remain_on_channel start
cfg80211_remain_on_channel_expired — remain_on_channel duration expired
cfg80211_new_sta — notify userspace about station
cfg80211_rx_mgmt — notification of received, unprocessed management frame
cfg80211_mgmt_tx_status — notification of TX status for management frame
cfg80211_cqm_rssi_notify — connection quality monitoring rssi event
cfg80211_cqm_pktloss_notify — notify userspace about packetloss to peer
cfg80211_michael_mic_failure — notification of Michael MIC failure (TKIP)
3. Scanning and BSS list handling
struct cfg80211_ssid — SSID description
struct cfg80211_scan_request — scan request description
cfg80211_scan_done — notify that scan finished
struct cfg80211_bss — BSS description
struct cfg80211_inform_bss — BSS inform data
cfg80211_inform_bss_frame_data — inform cfg80211 of a received BSS frame
cfg80211_inform_bss_data — inform cfg80211 of a new BSS
cfg80211_unlink_bss — unlink BSS from internal data structures
cfg80211_find_ie — find information element in data
ieee80211_bss_get_ie — find IE with given ID
4. Utility functions
ieee80211_channel_to_frequency — convert channel number to frequency
ieee80211_frequency_to_channel — convert frequency to channel number
ieee80211_get_channel — get channel struct from wiphy for specified frequency
ieee80211_get_response_rate — get basic rate for a given rate
ieee80211_hdrlen — get header length in bytes from frame control
ieee80211_get_hdrlen_from_skb — get header length from data
struct ieee80211_radiotap_iterator — tracks walk thru present radiotap args
5. Data path helpers
ieee80211_data_to_8023 — convert an 802.11 data frame to 802.3
ieee80211_data_from_8023 — convert an 802.3 frame to 802.11
ieee80211_amsdu_to_8023s — decode an IEEE 802.11n A-MSDU frame
cfg80211_classify8021d — determine the 802.1p/1d tag for a data frame
6. Regulatory enforcement infrastructure
regulatory_hint — driver hint to the wireless core a regulatory domain
wiphy_apply_custom_regulatory — apply a custom driver regulatory domain
freq_reg_info — get regulatory information for the given frequency
7. RFkill integration
wiphy_rfkill_set_hw_state — notify cfg80211 about hw block state
wiphy_rfkill_start_polling — start polling rfkill
wiphy_rfkill_stop_polling — stop polling rfkill
8. Test mode
cfg80211_testmode_alloc_reply_skb — allocate testmode reply
cfg80211_testmode_reply — send the reply skb
cfg80211_testmode_alloc_event_skb — allocate testmode event
cfg80211_testmode_event — send the event
The mac80211 subsystem
I. The basic mac80211 driver interface
1. Basic hardware handling
struct ieee80211_hw — hardware information and state
enum ieee80211_hw_flags — hardware flags
SET_IEEE80211_DEV — set device for 802.11 hardware
SET_IEEE80211_PERM_ADDR — set the permanent MAC address for 802.11 hardware
struct ieee80211_ops — callbacks from mac80211 to the driver
ieee80211_alloc_hw — Allocate a new hardware device
ieee80211_register_hw — Register hardware device
ieee80211_unregister_hw — Unregister a hardware device
ieee80211_free_hw — free hardware descriptor
2. PHY configuration
struct ieee80211_conf — configuration of the device
enum ieee80211_conf_flags — configuration flags
3. Virtual interfaces
struct ieee80211_vif — per-interface data
4. Receive and transmit processing
what should be here
Frame format
Packet alignment
Calling into mac80211 from interrupts
5. Frame filtering
enum ieee80211_filter_flags — hardware filter flags
6. The mac80211 workqueue
ieee80211_queue_work — add work onto the mac80211 workqueue
ieee80211_queue_delayed_work — add work onto the mac80211 workqueue
II. Advanced driver interface
7. LED support
ieee80211_get_tx_led_name — get name of TX LED
ieee80211_get_rx_led_name — get name of RX LED
ieee80211_get_assoc_led_name — get name of association LED
ieee80211_get_radio_led_name — get name of radio LED
struct ieee80211_tpt_blink — throughput blink description
enum ieee80211_tpt_led_trigger_flags — throughput trigger flags
ieee80211_create_tpt_led_trigger — create throughput LED trigger
8. Hardware crypto acceleration
enum set_key_cmd — key command
struct ieee80211_key_conf — key information
enum ieee80211_key_flags — key flags
ieee80211_get_tkip_p1k — get a TKIP phase 1 key
ieee80211_get_tkip_p1k_iv — get a TKIP phase 1 key for IV32
ieee80211_get_tkip_p2k — get a TKIP phase 2 key
9. Powersave support
10. Beacon filter support
ieee80211_beacon_loss — inform hardware does not receive beacons
11. Multiple queues and QoS support
struct ieee80211_tx_queue_params — transmit queue configuration
12. Access point mode support
support for powersaving clients
ieee80211_get_buffered_bc — accessing buffered broadcast and multicast frames
ieee80211_beacon_get — beacon generation function
ieee80211_sta_eosp — notify mac80211 about end of SP
enum ieee80211_frame_release_type — frame release reason
ieee80211_sta_ps_transition — PS transition for connected sta
ieee80211_sta_ps_transition_ni — PS transition for connected sta (in process context)
ieee80211_sta_set_buffered — inform mac80211 about driver-buffered frames
ieee80211_sta_block_awake — block station from waking up
13. Supporting multiple virtual interfaces
ieee80211_iterate_active_interfaces — iterate active interfaces
ieee80211_iterate_active_interfaces_atomic — iterate active interfaces
14. Station handling
struct ieee80211_sta — station table entry
enum sta_notify_cmd — sta notify command
ieee80211_find_sta — find a station
ieee80211_find_sta_by_ifaddr — find a station on hardware
15. Hardware scan offload
ieee80211_scan_completed — completed hardware scan
16. Aggregation
TX A-MPDU aggregation
RX A-MPDU aggregation
17. Spatial Multiplexing Powersave (SMPS)
ieee80211_request_smps — request SM PS transition
enum ieee80211_smps_mode — spatial multiplexing power save mode
III. Rate control interface
18. Rate Control API
ieee80211_start_tx_ba_session — Start a tx Block Ack session.
ieee80211_start_tx_ba_cb_irqsafe — low level driver ready to aggregate.
ieee80211_stop_tx_ba_session — Stop a Block Ack session.
ieee80211_stop_tx_ba_cb_irqsafe — low level driver ready to stop aggregate.
enum ieee80211_rate_control_changed — flags to indicate what changed
struct ieee80211_tx_rate_control — rate control information for/from RC algo
rate_control_send_low — helper for drivers for management/no-ack frames
IV. Internals
19. Key handling
Key handling basics
20. Receive processing
21. Transmit processing
22. Station info handling
Programming information
STA information lifetime rules
23. Aggregation
struct sta_ampdu_mlme — STA aggregation information.
struct tid_ampdu_tx — TID aggregation information (Tx).
struct tid_ampdu_rx — TID aggregation information (Rx).
24. Synchronisation