Commit | Line | Data |
---|---|---|
b8695a8f JB |
1 | /* |
2 | * HT handling | |
3 | * | |
4 | * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi> | |
5 | * Copyright 2002-2005, Instant802 Networks, Inc. | |
6 | * Copyright 2005-2006, Devicescape Software, Inc. | |
7 | * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> | |
8 | * Copyright 2007, Michael Wu <flamingice@sourmilk.net> | |
a93e3644 | 9 | * Copyright 2007-2010, Intel Corporation |
b8695a8f JB |
10 | * |
11 | * This program is free software; you can redistribute it and/or modify | |
12 | * it under the terms of the GNU General Public License version 2 as | |
13 | * published by the Free Software Foundation. | |
14 | */ | |
15 | ||
73a72a81 JB |
16 | /** |
17 | * DOC: RX A-MPDU aggregation | |
18 | * | |
19 | * Aggregation on the RX side requires only implementing the | |
20 | * @ampdu_action callback that is invoked to start/stop any | |
21 | * block-ack sessions for RX aggregation. | |
22 | * | |
23 | * When RX aggregation is started by the peer, the driver is | |
24 | * notified via @ampdu_action function, with the | |
25 | * %IEEE80211_AMPDU_RX_START action, and may reject the request | |
26 | * in which case a negative response is sent to the peer, if it | |
27 | * accepts it a positive response is sent. | |
28 | * | |
29 | * While the session is active, the device/driver are required | |
30 | * to de-aggregate frames and pass them up one by one to mac80211, | |
31 | * which will handle the reorder buffer. | |
32 | * | |
33 | * When the aggregation session is stopped again by the peer or | |
34 | * ourselves, the driver's @ampdu_action function will be called | |
35 | * with the action %IEEE80211_AMPDU_RX_STOP. In this case, the | |
36 | * call must not fail. | |
37 | */ | |
38 | ||
b8695a8f | 39 | #include <linux/ieee80211.h> |
5a0e3ad6 | 40 | #include <linux/slab.h> |
bc3b2d7f | 41 | #include <linux/export.h> |
b8695a8f JB |
42 | #include <net/mac80211.h> |
43 | #include "ieee80211_i.h" | |
24487981 | 44 | #include "driver-ops.h" |
b8695a8f | 45 | |
a87f736d JB |
46 | static void ieee80211_free_tid_rx(struct rcu_head *h) |
47 | { | |
48 | struct tid_ampdu_rx *tid_rx = | |
49 | container_of(h, struct tid_ampdu_rx, rcu_head); | |
50 | int i; | |
51 | ||
d72308bf SG |
52 | del_timer_sync(&tid_rx->reorder_timer); |
53 | ||
a87f736d JB |
54 | for (i = 0; i < tid_rx->buf_size; i++) |
55 | dev_kfree_skb(tid_rx->reorder_buf[i]); | |
56 | kfree(tid_rx->reorder_buf); | |
57 | kfree(tid_rx->reorder_time); | |
58 | kfree(tid_rx); | |
59 | } | |
60 | ||
7c3b1dd8 | 61 | void ___ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid, |
53f73c09 | 62 | u16 initiator, u16 reason, bool tx) |
b8695a8f | 63 | { |
d75636ef | 64 | struct ieee80211_local *local = sta->local; |
098a6070 | 65 | struct tid_ampdu_rx *tid_rx; |
b8695a8f | 66 | |
a93e3644 | 67 | lockdep_assert_held(&sta->ampdu_mlme.mtx); |
098a6070 | 68 | |
40b275b6 JB |
69 | tid_rx = rcu_dereference_protected(sta->ampdu_mlme.tid_rx[tid], |
70 | lockdep_is_held(&sta->ampdu_mlme.mtx)); | |
a87f736d | 71 | |
7c3b1dd8 | 72 | if (!tid_rx) |
b8695a8f | 73 | return; |
d75636ef | 74 | |
a9b3cd7f | 75 | RCU_INIT_POINTER(sta->ampdu_mlme.tid_rx[tid], NULL); |
b8695a8f | 76 | |
b8695a8f | 77 | #ifdef CONFIG_MAC80211_HT_DEBUG |
5ccc32ff NM |
78 | printk(KERN_DEBUG |
79 | "Rx BA session stop requested for %pM tid %u %s reason: %d\n", | |
80 | sta->sta.addr, tid, | |
81 | initiator == WLAN_BACK_RECIPIENT ? "recipient" : "inititator", | |
82 | (int)reason); | |
b8695a8f JB |
83 | #endif /* CONFIG_MAC80211_HT_DEBUG */ |
84 | ||
12375ef9 | 85 | if (drv_ampdu_action(local, sta->sdata, IEEE80211_AMPDU_RX_STOP, |
0b01f030 | 86 | &sta->sta, tid, NULL, 0)) |
b8695a8f JB |
87 | printk(KERN_DEBUG "HW problem - can not stop rx " |
88 | "aggregation for tid %d\n", tid); | |
89 | ||
b8695a8f | 90 | /* check if this is a self generated aggregation halt */ |
53f73c09 | 91 | if (initiator == WLAN_BACK_RECIPIENT && tx) |
d75636ef | 92 | ieee80211_send_delba(sta->sdata, sta->sta.addr, |
a7f39f60 | 93 | tid, WLAN_BACK_RECIPIENT, reason); |
b8695a8f | 94 | |
7c3b1dd8 | 95 | del_timer_sync(&tid_rx->session_timer); |
a87f736d JB |
96 | |
97 | call_rcu(&tid_rx->rcu_head, ieee80211_free_tid_rx); | |
b8695a8f JB |
98 | } |
99 | ||
2aab4c27 | 100 | void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid, |
53f73c09 | 101 | u16 initiator, u16 reason, bool tx) |
2aab4c27 | 102 | { |
a93e3644 | 103 | mutex_lock(&sta->ampdu_mlme.mtx); |
53f73c09 | 104 | ___ieee80211_stop_rx_ba_session(sta, tid, initiator, reason, tx); |
a93e3644 | 105 | mutex_unlock(&sta->ampdu_mlme.mtx); |
2aab4c27 JB |
106 | } |
107 | ||
f41ccd71 SL |
108 | void ieee80211_stop_rx_ba_session(struct ieee80211_vif *vif, u16 ba_rx_bitmap, |
109 | const u8 *addr) | |
110 | { | |
111 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); | |
0a557ed3 | 112 | struct sta_info *sta; |
f41ccd71 SL |
113 | int i; |
114 | ||
0a557ed3 | 115 | rcu_read_lock(); |
bc192f89 | 116 | sta = sta_info_get_bss(sdata, addr); |
0a557ed3 EP |
117 | if (!sta) { |
118 | rcu_read_unlock(); | |
119 | return; | |
120 | } | |
121 | ||
f41ccd71 SL |
122 | for (i = 0; i < STA_TID_NUM; i++) |
123 | if (ba_rx_bitmap & BIT(i)) | |
124 | set_bit(i, sta->ampdu_mlme.tid_rx_stop_requested); | |
125 | ||
126 | ieee80211_queue_work(&sta->local->hw, &sta->ampdu_mlme.work); | |
0a557ed3 | 127 | rcu_read_unlock(); |
f41ccd71 SL |
128 | } |
129 | EXPORT_SYMBOL(ieee80211_stop_rx_ba_session); | |
130 | ||
b8695a8f JB |
131 | /* |
132 | * After accepting the AddBA Request we activated a timer, | |
133 | * resetting it after each frame that arrives from the originator. | |
b8695a8f JB |
134 | */ |
135 | static void sta_rx_agg_session_timer_expired(unsigned long data) | |
136 | { | |
137 | /* not an elegant detour, but there is no choice as the timer passes | |
138 | * only one argument, and various sta_info are needed here, so init | |
139 | * flow in sta_info_create gives the TID as data, while the timer_to_id | |
140 | * array gives the sta through container_of */ | |
141 | u8 *ptid = (u8 *)data; | |
142 | u8 *timer_to_id = ptid - *ptid; | |
143 | struct sta_info *sta = container_of(timer_to_id, struct sta_info, | |
144 | timer_to_tid[0]); | |
145 | ||
146 | #ifdef CONFIG_MAC80211_HT_DEBUG | |
147 | printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid); | |
148 | #endif | |
7c3b1dd8 JB |
149 | set_bit(*ptid, sta->ampdu_mlme.tid_rx_timer_expired); |
150 | ieee80211_queue_work(&sta->local->hw, &sta->ampdu_mlme.work); | |
b8695a8f JB |
151 | } |
152 | ||
2bff8ebf CL |
153 | static void sta_rx_agg_reorder_timer_expired(unsigned long data) |
154 | { | |
155 | u8 *ptid = (u8 *)data; | |
156 | u8 *timer_to_id = ptid - *ptid; | |
157 | struct sta_info *sta = container_of(timer_to_id, struct sta_info, | |
158 | timer_to_tid[0]); | |
159 | ||
160 | rcu_read_lock(); | |
2bff8ebf | 161 | ieee80211_release_reorder_timeout(sta, *ptid); |
2bff8ebf CL |
162 | rcu_read_unlock(); |
163 | } | |
164 | ||
b8695a8f JB |
165 | static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid, |
166 | u8 dialog_token, u16 status, u16 policy, | |
167 | u16 buf_size, u16 timeout) | |
168 | { | |
b8695a8f JB |
169 | struct ieee80211_local *local = sdata->local; |
170 | struct sk_buff *skb; | |
171 | struct ieee80211_mgmt *mgmt; | |
172 | u16 capab; | |
173 | ||
174 | skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom); | |
d15b8459 | 175 | if (!skb) |
b8695a8f | 176 | return; |
b8695a8f JB |
177 | |
178 | skb_reserve(skb, local->hw.extra_tx_headroom); | |
179 | mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); | |
180 | memset(mgmt, 0, 24); | |
181 | memcpy(mgmt->da, da, ETH_ALEN); | |
47846c9b | 182 | memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); |
8abd3f9b | 183 | if (sdata->vif.type == NL80211_IFTYPE_AP || |
ae2772b3 TP |
184 | sdata->vif.type == NL80211_IFTYPE_AP_VLAN || |
185 | sdata->vif.type == NL80211_IFTYPE_MESH_POINT) | |
47846c9b | 186 | memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN); |
46900298 JB |
187 | else if (sdata->vif.type == NL80211_IFTYPE_STATION) |
188 | memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN); | |
13c40c54 AS |
189 | else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) |
190 | memcpy(mgmt->bssid, sdata->u.ibss.bssid, ETH_ALEN); | |
46900298 | 191 | |
b8695a8f JB |
192 | mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | |
193 | IEEE80211_STYPE_ACTION); | |
194 | ||
195 | skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp)); | |
196 | mgmt->u.action.category = WLAN_CATEGORY_BACK; | |
197 | mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP; | |
198 | mgmt->u.action.u.addba_resp.dialog_token = dialog_token; | |
199 | ||
200 | capab = (u16)(policy << 1); /* bit 1 aggregation policy */ | |
201 | capab |= (u16)(tid << 2); /* bit 5:2 TID number */ | |
202 | capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */ | |
203 | ||
204 | mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab); | |
205 | mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout); | |
206 | mgmt->u.action.u.addba_resp.status = cpu_to_le16(status); | |
207 | ||
62ae67be | 208 | ieee80211_tx_skb(sdata, skb); |
b8695a8f JB |
209 | } |
210 | ||
211 | void ieee80211_process_addba_request(struct ieee80211_local *local, | |
212 | struct sta_info *sta, | |
213 | struct ieee80211_mgmt *mgmt, | |
214 | size_t len) | |
215 | { | |
b8695a8f JB |
216 | struct tid_ampdu_rx *tid_agg_rx; |
217 | u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status; | |
218 | u8 dialog_token; | |
219 | int ret = -EOPNOTSUPP; | |
220 | ||
221 | /* extract session parameters from addba request frame */ | |
222 | dialog_token = mgmt->u.action.u.addba_req.dialog_token; | |
223 | timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout); | |
224 | start_seq_num = | |
225 | le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4; | |
226 | ||
227 | capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab); | |
228 | ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1; | |
229 | tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2; | |
230 | buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6; | |
231 | ||
232 | status = WLAN_STATUS_REQUEST_DECLINED; | |
233 | ||
c2c98fde | 234 | if (test_sta_flag(sta, WLAN_STA_BLOCK_BA)) { |
722f069a S |
235 | #ifdef CONFIG_MAC80211_HT_DEBUG |
236 | printk(KERN_DEBUG "Suspend in progress. " | |
237 | "Denying ADDBA request\n"); | |
238 | #endif | |
239 | goto end_no_lock; | |
240 | } | |
241 | ||
b8695a8f JB |
242 | /* sanity check for incoming parameters: |
243 | * check if configuration can support the BA policy | |
244 | * and if buffer size does not exceeds max value */ | |
245 | /* XXX: check own ht delayed BA capability?? */ | |
f64f9e71 JP |
246 | if (((ba_policy != 1) && |
247 | (!(sta->sta.ht_cap.cap & IEEE80211_HT_CAP_DELAY_BA))) || | |
248 | (buf_size > IEEE80211_MAX_AMPDU_BUF)) { | |
b8695a8f JB |
249 | status = WLAN_STATUS_INVALID_QOS_PARAM; |
250 | #ifdef CONFIG_MAC80211_HT_DEBUG | |
251 | if (net_ratelimit()) | |
252 | printk(KERN_DEBUG "AddBA Req with bad params from " | |
253 | "%pM on tid %u. policy %d, buffer size %d\n", | |
254 | mgmt->sa, tid, ba_policy, | |
255 | buf_size); | |
256 | #endif /* CONFIG_MAC80211_HT_DEBUG */ | |
257 | goto end_no_lock; | |
258 | } | |
259 | /* determine default buffer size */ | |
82694f76 LC |
260 | if (buf_size == 0) |
261 | buf_size = IEEE80211_MAX_AMPDU_BUF; | |
b8695a8f | 262 | |
df6ba5d8 LC |
263 | /* make sure the size doesn't exceed the maximum supported by the hw */ |
264 | if (buf_size > local->hw.max_rx_aggregation_subframes) | |
265 | buf_size = local->hw.max_rx_aggregation_subframes; | |
b8695a8f JB |
266 | |
267 | /* examine state machine */ | |
a93e3644 | 268 | mutex_lock(&sta->ampdu_mlme.mtx); |
b8695a8f | 269 | |
a87f736d | 270 | if (sta->ampdu_mlme.tid_rx[tid]) { |
b8695a8f JB |
271 | #ifdef CONFIG_MAC80211_HT_DEBUG |
272 | if (net_ratelimit()) | |
273 | printk(KERN_DEBUG "unexpected AddBA Req from " | |
274 | "%pM on tid %u\n", | |
275 | mgmt->sa, tid); | |
276 | #endif /* CONFIG_MAC80211_HT_DEBUG */ | |
15b4d843 AN |
277 | |
278 | /* delete existing Rx BA session on the same tid */ | |
279 | ___ieee80211_stop_rx_ba_session(sta, tid, WLAN_BACK_RECIPIENT, | |
280 | WLAN_STATUS_UNSPECIFIED_QOS, | |
281 | false); | |
b8695a8f JB |
282 | } |
283 | ||
284 | /* prepare A-MPDU MLME for Rx aggregation */ | |
dd318575 | 285 | tid_agg_rx = kmalloc(sizeof(struct tid_ampdu_rx), GFP_KERNEL); |
d15b8459 | 286 | if (!tid_agg_rx) |
b8695a8f | 287 | goto end; |
b8695a8f | 288 | |
2bff8ebf CL |
289 | spin_lock_init(&tid_agg_rx->reorder_lock); |
290 | ||
a87f736d JB |
291 | /* rx timer */ |
292 | tid_agg_rx->session_timer.function = sta_rx_agg_session_timer_expired; | |
293 | tid_agg_rx->session_timer.data = (unsigned long)&sta->timer_to_tid[tid]; | |
294 | init_timer(&tid_agg_rx->session_timer); | |
b8695a8f | 295 | |
2bff8ebf CL |
296 | /* rx reorder timer */ |
297 | tid_agg_rx->reorder_timer.function = sta_rx_agg_reorder_timer_expired; | |
298 | tid_agg_rx->reorder_timer.data = (unsigned long)&sta->timer_to_tid[tid]; | |
299 | init_timer(&tid_agg_rx->reorder_timer); | |
300 | ||
b8695a8f JB |
301 | /* prepare reordering buffer */ |
302 | tid_agg_rx->reorder_buf = | |
dd318575 | 303 | kcalloc(buf_size, sizeof(struct sk_buff *), GFP_KERNEL); |
4d050f1d | 304 | tid_agg_rx->reorder_time = |
dd318575 | 305 | kcalloc(buf_size, sizeof(unsigned long), GFP_KERNEL); |
4d050f1d | 306 | if (!tid_agg_rx->reorder_buf || !tid_agg_rx->reorder_time) { |
4d050f1d JM |
307 | kfree(tid_agg_rx->reorder_buf); |
308 | kfree(tid_agg_rx->reorder_time); | |
a87f736d | 309 | kfree(tid_agg_rx); |
b8695a8f JB |
310 | goto end; |
311 | } | |
312 | ||
12375ef9 | 313 | ret = drv_ampdu_action(local, sta->sdata, IEEE80211_AMPDU_RX_START, |
0b01f030 | 314 | &sta->sta, tid, &start_seq_num, 0); |
b8695a8f JB |
315 | #ifdef CONFIG_MAC80211_HT_DEBUG |
316 | printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret); | |
317 | #endif /* CONFIG_MAC80211_HT_DEBUG */ | |
318 | ||
319 | if (ret) { | |
320 | kfree(tid_agg_rx->reorder_buf); | |
a87f736d | 321 | kfree(tid_agg_rx->reorder_time); |
b8695a8f | 322 | kfree(tid_agg_rx); |
b8695a8f JB |
323 | goto end; |
324 | } | |
325 | ||
a87f736d | 326 | /* update data */ |
b8695a8f JB |
327 | tid_agg_rx->dialog_token = dialog_token; |
328 | tid_agg_rx->ssn = start_seq_num; | |
329 | tid_agg_rx->head_seq_num = start_seq_num; | |
330 | tid_agg_rx->buf_size = buf_size; | |
331 | tid_agg_rx->timeout = timeout; | |
332 | tid_agg_rx->stored_mpdu_num = 0; | |
333 | status = WLAN_STATUS_SUCCESS; | |
a87f736d JB |
334 | |
335 | /* activate it for RX */ | |
cf778b00 | 336 | rcu_assign_pointer(sta->ampdu_mlme.tid_rx[tid], tid_agg_rx); |
f955ebb4 JB |
337 | |
338 | if (timeout) | |
339 | mod_timer(&tid_agg_rx->session_timer, TU_TO_EXP_TIME(timeout)); | |
340 | ||
b8695a8f | 341 | end: |
a93e3644 | 342 | mutex_unlock(&sta->ampdu_mlme.mtx); |
b8695a8f JB |
343 | |
344 | end_no_lock: | |
345 | ieee80211_send_addba_resp(sta->sdata, sta->sta.addr, tid, | |
346 | dialog_token, status, 1, buf_size, timeout); | |
347 | } |