Commit | Line | Data |
---|---|---|
b8695a8f JB |
1 | /* |
2 | * HT handling | |
3 | * | |
4 | * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi> | |
5 | * Copyright 2002-2005, Instant802 Networks, Inc. | |
6 | * Copyright 2005-2006, Devicescape Software, Inc. | |
7 | * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> | |
8 | * Copyright 2007, Michael Wu <flamingice@sourmilk.net> | |
a93e3644 | 9 | * Copyright 2007-2010, Intel Corporation |
b8695a8f JB |
10 | * |
11 | * This program is free software; you can redistribute it and/or modify | |
12 | * it under the terms of the GNU General Public License version 2 as | |
13 | * published by the Free Software Foundation. | |
14 | */ | |
15 | ||
73a72a81 JB |
16 | /** |
17 | * DOC: RX A-MPDU aggregation | |
18 | * | |
19 | * Aggregation on the RX side requires only implementing the | |
20 | * @ampdu_action callback that is invoked to start/stop any | |
21 | * block-ack sessions for RX aggregation. | |
22 | * | |
23 | * When RX aggregation is started by the peer, the driver is | |
24 | * notified via @ampdu_action function, with the | |
25 | * %IEEE80211_AMPDU_RX_START action, and may reject the request | |
26 | * in which case a negative response is sent to the peer, if it | |
27 | * accepts it a positive response is sent. | |
28 | * | |
29 | * While the session is active, the device/driver are required | |
30 | * to de-aggregate frames and pass them up one by one to mac80211, | |
31 | * which will handle the reorder buffer. | |
32 | * | |
33 | * When the aggregation session is stopped again by the peer or | |
34 | * ourselves, the driver's @ampdu_action function will be called | |
35 | * with the action %IEEE80211_AMPDU_RX_STOP. In this case, the | |
36 | * call must not fail. | |
37 | */ | |
38 | ||
b8695a8f | 39 | #include <linux/ieee80211.h> |
5a0e3ad6 | 40 | #include <linux/slab.h> |
bc3b2d7f | 41 | #include <linux/export.h> |
b8695a8f JB |
42 | #include <net/mac80211.h> |
43 | #include "ieee80211_i.h" | |
24487981 | 44 | #include "driver-ops.h" |
b8695a8f | 45 | |
a87f736d JB |
46 | static void ieee80211_free_tid_rx(struct rcu_head *h) |
47 | { | |
48 | struct tid_ampdu_rx *tid_rx = | |
49 | container_of(h, struct tid_ampdu_rx, rcu_head); | |
50 | int i; | |
51 | ||
52 | for (i = 0; i < tid_rx->buf_size; i++) | |
53 | dev_kfree_skb(tid_rx->reorder_buf[i]); | |
54 | kfree(tid_rx->reorder_buf); | |
55 | kfree(tid_rx->reorder_time); | |
56 | kfree(tid_rx); | |
57 | } | |
58 | ||
7c3b1dd8 | 59 | void ___ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid, |
53f73c09 | 60 | u16 initiator, u16 reason, bool tx) |
b8695a8f | 61 | { |
d75636ef | 62 | struct ieee80211_local *local = sta->local; |
098a6070 | 63 | struct tid_ampdu_rx *tid_rx; |
b8695a8f | 64 | |
a93e3644 | 65 | lockdep_assert_held(&sta->ampdu_mlme.mtx); |
098a6070 | 66 | |
40b275b6 JB |
67 | tid_rx = rcu_dereference_protected(sta->ampdu_mlme.tid_rx[tid], |
68 | lockdep_is_held(&sta->ampdu_mlme.mtx)); | |
a87f736d | 69 | |
7c3b1dd8 | 70 | if (!tid_rx) |
b8695a8f | 71 | return; |
d75636ef | 72 | |
a9b3cd7f | 73 | RCU_INIT_POINTER(sta->ampdu_mlme.tid_rx[tid], NULL); |
b8695a8f | 74 | |
b8695a8f JB |
75 | #ifdef CONFIG_MAC80211_HT_DEBUG |
76 | printk(KERN_DEBUG "Rx BA session stop requested for %pM tid %u\n", | |
d75636ef | 77 | sta->sta.addr, tid); |
b8695a8f JB |
78 | #endif /* CONFIG_MAC80211_HT_DEBUG */ |
79 | ||
12375ef9 | 80 | if (drv_ampdu_action(local, sta->sdata, IEEE80211_AMPDU_RX_STOP, |
0b01f030 | 81 | &sta->sta, tid, NULL, 0)) |
b8695a8f JB |
82 | printk(KERN_DEBUG "HW problem - can not stop rx " |
83 | "aggregation for tid %d\n", tid); | |
84 | ||
b8695a8f | 85 | /* check if this is a self generated aggregation halt */ |
53f73c09 | 86 | if (initiator == WLAN_BACK_RECIPIENT && tx) |
d75636ef JB |
87 | ieee80211_send_delba(sta->sdata, sta->sta.addr, |
88 | tid, 0, reason); | |
b8695a8f | 89 | |
7c3b1dd8 | 90 | del_timer_sync(&tid_rx->session_timer); |
2bff8ebf | 91 | del_timer_sync(&tid_rx->reorder_timer); |
a87f736d JB |
92 | |
93 | call_rcu(&tid_rx->rcu_head, ieee80211_free_tid_rx); | |
b8695a8f JB |
94 | } |
95 | ||
2aab4c27 | 96 | void __ieee80211_stop_rx_ba_session(struct sta_info *sta, u16 tid, |
53f73c09 | 97 | u16 initiator, u16 reason, bool tx) |
2aab4c27 | 98 | { |
a93e3644 | 99 | mutex_lock(&sta->ampdu_mlme.mtx); |
53f73c09 | 100 | ___ieee80211_stop_rx_ba_session(sta, tid, initiator, reason, tx); |
a93e3644 | 101 | mutex_unlock(&sta->ampdu_mlme.mtx); |
2aab4c27 JB |
102 | } |
103 | ||
f41ccd71 SL |
104 | void ieee80211_stop_rx_ba_session(struct ieee80211_vif *vif, u16 ba_rx_bitmap, |
105 | const u8 *addr) | |
106 | { | |
107 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); | |
0a557ed3 | 108 | struct sta_info *sta; |
f41ccd71 SL |
109 | int i; |
110 | ||
0a557ed3 EP |
111 | rcu_read_lock(); |
112 | sta = sta_info_get(sdata, addr); | |
113 | if (!sta) { | |
114 | rcu_read_unlock(); | |
115 | return; | |
116 | } | |
117 | ||
f41ccd71 SL |
118 | for (i = 0; i < STA_TID_NUM; i++) |
119 | if (ba_rx_bitmap & BIT(i)) | |
120 | set_bit(i, sta->ampdu_mlme.tid_rx_stop_requested); | |
121 | ||
122 | ieee80211_queue_work(&sta->local->hw, &sta->ampdu_mlme.work); | |
0a557ed3 | 123 | rcu_read_unlock(); |
f41ccd71 SL |
124 | } |
125 | EXPORT_SYMBOL(ieee80211_stop_rx_ba_session); | |
126 | ||
b8695a8f JB |
127 | /* |
128 | * After accepting the AddBA Request we activated a timer, | |
129 | * resetting it after each frame that arrives from the originator. | |
b8695a8f JB |
130 | */ |
131 | static void sta_rx_agg_session_timer_expired(unsigned long data) | |
132 | { | |
133 | /* not an elegant detour, but there is no choice as the timer passes | |
134 | * only one argument, and various sta_info are needed here, so init | |
135 | * flow in sta_info_create gives the TID as data, while the timer_to_id | |
136 | * array gives the sta through container_of */ | |
137 | u8 *ptid = (u8 *)data; | |
138 | u8 *timer_to_id = ptid - *ptid; | |
139 | struct sta_info *sta = container_of(timer_to_id, struct sta_info, | |
140 | timer_to_tid[0]); | |
141 | ||
142 | #ifdef CONFIG_MAC80211_HT_DEBUG | |
143 | printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid); | |
144 | #endif | |
7c3b1dd8 JB |
145 | set_bit(*ptid, sta->ampdu_mlme.tid_rx_timer_expired); |
146 | ieee80211_queue_work(&sta->local->hw, &sta->ampdu_mlme.work); | |
b8695a8f JB |
147 | } |
148 | ||
2bff8ebf CL |
149 | static void sta_rx_agg_reorder_timer_expired(unsigned long data) |
150 | { | |
151 | u8 *ptid = (u8 *)data; | |
152 | u8 *timer_to_id = ptid - *ptid; | |
153 | struct sta_info *sta = container_of(timer_to_id, struct sta_info, | |
154 | timer_to_tid[0]); | |
155 | ||
156 | rcu_read_lock(); | |
2bff8ebf | 157 | ieee80211_release_reorder_timeout(sta, *ptid); |
2bff8ebf CL |
158 | rcu_read_unlock(); |
159 | } | |
160 | ||
b8695a8f JB |
161 | static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid, |
162 | u8 dialog_token, u16 status, u16 policy, | |
163 | u16 buf_size, u16 timeout) | |
164 | { | |
b8695a8f JB |
165 | struct ieee80211_local *local = sdata->local; |
166 | struct sk_buff *skb; | |
167 | struct ieee80211_mgmt *mgmt; | |
168 | u16 capab; | |
169 | ||
170 | skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom); | |
d15b8459 | 171 | if (!skb) |
b8695a8f | 172 | return; |
b8695a8f JB |
173 | |
174 | skb_reserve(skb, local->hw.extra_tx_headroom); | |
175 | mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24); | |
176 | memset(mgmt, 0, 24); | |
177 | memcpy(mgmt->da, da, ETH_ALEN); | |
47846c9b | 178 | memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN); |
8abd3f9b JB |
179 | if (sdata->vif.type == NL80211_IFTYPE_AP || |
180 | sdata->vif.type == NL80211_IFTYPE_AP_VLAN) | |
47846c9b | 181 | memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN); |
46900298 JB |
182 | else if (sdata->vif.type == NL80211_IFTYPE_STATION) |
183 | memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN); | |
184 | ||
b8695a8f JB |
185 | mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | |
186 | IEEE80211_STYPE_ACTION); | |
187 | ||
188 | skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp)); | |
189 | mgmt->u.action.category = WLAN_CATEGORY_BACK; | |
190 | mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP; | |
191 | mgmt->u.action.u.addba_resp.dialog_token = dialog_token; | |
192 | ||
193 | capab = (u16)(policy << 1); /* bit 1 aggregation policy */ | |
194 | capab |= (u16)(tid << 2); /* bit 5:2 TID number */ | |
195 | capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */ | |
196 | ||
197 | mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab); | |
198 | mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout); | |
199 | mgmt->u.action.u.addba_resp.status = cpu_to_le16(status); | |
200 | ||
62ae67be | 201 | ieee80211_tx_skb(sdata, skb); |
b8695a8f JB |
202 | } |
203 | ||
204 | void ieee80211_process_addba_request(struct ieee80211_local *local, | |
205 | struct sta_info *sta, | |
206 | struct ieee80211_mgmt *mgmt, | |
207 | size_t len) | |
208 | { | |
b8695a8f JB |
209 | struct tid_ampdu_rx *tid_agg_rx; |
210 | u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status; | |
211 | u8 dialog_token; | |
212 | int ret = -EOPNOTSUPP; | |
213 | ||
214 | /* extract session parameters from addba request frame */ | |
215 | dialog_token = mgmt->u.action.u.addba_req.dialog_token; | |
216 | timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout); | |
217 | start_seq_num = | |
218 | le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4; | |
219 | ||
220 | capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab); | |
221 | ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1; | |
222 | tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2; | |
223 | buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6; | |
224 | ||
225 | status = WLAN_STATUS_REQUEST_DECLINED; | |
226 | ||
c2c98fde | 227 | if (test_sta_flag(sta, WLAN_STA_BLOCK_BA)) { |
722f069a S |
228 | #ifdef CONFIG_MAC80211_HT_DEBUG |
229 | printk(KERN_DEBUG "Suspend in progress. " | |
230 | "Denying ADDBA request\n"); | |
231 | #endif | |
232 | goto end_no_lock; | |
233 | } | |
234 | ||
b8695a8f JB |
235 | /* sanity check for incoming parameters: |
236 | * check if configuration can support the BA policy | |
237 | * and if buffer size does not exceeds max value */ | |
238 | /* XXX: check own ht delayed BA capability?? */ | |
f64f9e71 JP |
239 | if (((ba_policy != 1) && |
240 | (!(sta->sta.ht_cap.cap & IEEE80211_HT_CAP_DELAY_BA))) || | |
241 | (buf_size > IEEE80211_MAX_AMPDU_BUF)) { | |
b8695a8f JB |
242 | status = WLAN_STATUS_INVALID_QOS_PARAM; |
243 | #ifdef CONFIG_MAC80211_HT_DEBUG | |
244 | if (net_ratelimit()) | |
245 | printk(KERN_DEBUG "AddBA Req with bad params from " | |
246 | "%pM on tid %u. policy %d, buffer size %d\n", | |
247 | mgmt->sa, tid, ba_policy, | |
248 | buf_size); | |
249 | #endif /* CONFIG_MAC80211_HT_DEBUG */ | |
250 | goto end_no_lock; | |
251 | } | |
252 | /* determine default buffer size */ | |
82694f76 LC |
253 | if (buf_size == 0) |
254 | buf_size = IEEE80211_MAX_AMPDU_BUF; | |
b8695a8f | 255 | |
df6ba5d8 LC |
256 | /* make sure the size doesn't exceed the maximum supported by the hw */ |
257 | if (buf_size > local->hw.max_rx_aggregation_subframes) | |
258 | buf_size = local->hw.max_rx_aggregation_subframes; | |
b8695a8f JB |
259 | |
260 | /* examine state machine */ | |
a93e3644 | 261 | mutex_lock(&sta->ampdu_mlme.mtx); |
b8695a8f | 262 | |
a87f736d | 263 | if (sta->ampdu_mlme.tid_rx[tid]) { |
b8695a8f JB |
264 | #ifdef CONFIG_MAC80211_HT_DEBUG |
265 | if (net_ratelimit()) | |
266 | printk(KERN_DEBUG "unexpected AddBA Req from " | |
267 | "%pM on tid %u\n", | |
268 | mgmt->sa, tid); | |
269 | #endif /* CONFIG_MAC80211_HT_DEBUG */ | |
15b4d843 AN |
270 | |
271 | /* delete existing Rx BA session on the same tid */ | |
272 | ___ieee80211_stop_rx_ba_session(sta, tid, WLAN_BACK_RECIPIENT, | |
273 | WLAN_STATUS_UNSPECIFIED_QOS, | |
274 | false); | |
b8695a8f JB |
275 | } |
276 | ||
277 | /* prepare A-MPDU MLME for Rx aggregation */ | |
dd318575 | 278 | tid_agg_rx = kmalloc(sizeof(struct tid_ampdu_rx), GFP_KERNEL); |
d15b8459 | 279 | if (!tid_agg_rx) |
b8695a8f | 280 | goto end; |
b8695a8f | 281 | |
2bff8ebf CL |
282 | spin_lock_init(&tid_agg_rx->reorder_lock); |
283 | ||
a87f736d JB |
284 | /* rx timer */ |
285 | tid_agg_rx->session_timer.function = sta_rx_agg_session_timer_expired; | |
286 | tid_agg_rx->session_timer.data = (unsigned long)&sta->timer_to_tid[tid]; | |
287 | init_timer(&tid_agg_rx->session_timer); | |
b8695a8f | 288 | |
2bff8ebf CL |
289 | /* rx reorder timer */ |
290 | tid_agg_rx->reorder_timer.function = sta_rx_agg_reorder_timer_expired; | |
291 | tid_agg_rx->reorder_timer.data = (unsigned long)&sta->timer_to_tid[tid]; | |
292 | init_timer(&tid_agg_rx->reorder_timer); | |
293 | ||
b8695a8f JB |
294 | /* prepare reordering buffer */ |
295 | tid_agg_rx->reorder_buf = | |
dd318575 | 296 | kcalloc(buf_size, sizeof(struct sk_buff *), GFP_KERNEL); |
4d050f1d | 297 | tid_agg_rx->reorder_time = |
dd318575 | 298 | kcalloc(buf_size, sizeof(unsigned long), GFP_KERNEL); |
4d050f1d | 299 | if (!tid_agg_rx->reorder_buf || !tid_agg_rx->reorder_time) { |
4d050f1d JM |
300 | kfree(tid_agg_rx->reorder_buf); |
301 | kfree(tid_agg_rx->reorder_time); | |
a87f736d | 302 | kfree(tid_agg_rx); |
b8695a8f JB |
303 | goto end; |
304 | } | |
305 | ||
12375ef9 | 306 | ret = drv_ampdu_action(local, sta->sdata, IEEE80211_AMPDU_RX_START, |
0b01f030 | 307 | &sta->sta, tid, &start_seq_num, 0); |
b8695a8f JB |
308 | #ifdef CONFIG_MAC80211_HT_DEBUG |
309 | printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret); | |
310 | #endif /* CONFIG_MAC80211_HT_DEBUG */ | |
311 | ||
312 | if (ret) { | |
313 | kfree(tid_agg_rx->reorder_buf); | |
a87f736d | 314 | kfree(tid_agg_rx->reorder_time); |
b8695a8f | 315 | kfree(tid_agg_rx); |
b8695a8f JB |
316 | goto end; |
317 | } | |
318 | ||
a87f736d | 319 | /* update data */ |
b8695a8f JB |
320 | tid_agg_rx->dialog_token = dialog_token; |
321 | tid_agg_rx->ssn = start_seq_num; | |
322 | tid_agg_rx->head_seq_num = start_seq_num; | |
323 | tid_agg_rx->buf_size = buf_size; | |
324 | tid_agg_rx->timeout = timeout; | |
325 | tid_agg_rx->stored_mpdu_num = 0; | |
326 | status = WLAN_STATUS_SUCCESS; | |
a87f736d JB |
327 | |
328 | /* activate it for RX */ | |
a9b3cd7f | 329 | RCU_INIT_POINTER(sta->ampdu_mlme.tid_rx[tid], tid_agg_rx); |
f955ebb4 JB |
330 | |
331 | if (timeout) | |
332 | mod_timer(&tid_agg_rx->session_timer, TU_TO_EXP_TIME(timeout)); | |
333 | ||
b8695a8f | 334 | end: |
a93e3644 | 335 | mutex_unlock(&sta->ampdu_mlme.mtx); |
b8695a8f JB |
336 | |
337 | end_no_lock: | |
338 | ieee80211_send_addba_resp(sta->sdata, sta->sta.addr, tid, | |
339 | dialog_token, status, 1, buf_size, timeout); | |
340 | } |