4 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
5 * Copyright 2002-2005, Instant802 Networks, Inc.
6 * Copyright 2005-2006, Devicescape Software, Inc.
7 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * Copyright 2007-2009, Intel Corporation
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2 as
13 * published by the Free Software Foundation.
16 #include <linux/ieee80211.h>
17 #include <net/mac80211.h>
18 #include "ieee80211_i.h"
24 * Aggregation on the TX side requires setting the hardware flag
25 * %IEEE80211_HW_AMPDU_AGGREGATION as well as, if present, the @ampdu_queues
26 * hardware parameter to the number of hardware AMPDU queues. If there are no
27 * hardware queues then the driver will (currently) have to do all frame
30 * When TX aggregation is started by some subsystem (usually the rate control
31 * algorithm would be appropriate) by calling the
32 * ieee80211_start_tx_ba_session() function, the driver will be notified via
33 * its @ampdu_action function, with the %IEEE80211_AMPDU_TX_START action.
35 * In response to that, the driver is later required to call the
36 * ieee80211_start_tx_ba_cb() (or ieee80211_start_tx_ba_cb_irqsafe())
37 * function, which will start the aggregation session.
39 * Similarly, when the aggregation session is stopped by
40 * ieee80211_stop_tx_ba_session(), the driver's @ampdu_action function will
41 * be called with the action %IEEE80211_AMPDU_TX_STOP. In this case, the
42 * call must not fail, and the driver must later call ieee80211_stop_tx_ba_cb()
43 * (or ieee80211_stop_tx_ba_cb_irqsafe()).
46 static void ieee80211_send_addba_request(struct ieee80211_sub_if_data *sdata,
47 const u8 *da, u16 tid,
48 u8 dialog_token, u16 start_seq_num,
49 u16 agg_size, u16 timeout)
51 struct ieee80211_local *local = sdata->local;
53 struct ieee80211_mgmt *mgmt;
56 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
59 printk(KERN_ERR "%s: failed to allocate buffer "
60 "for addba request frame\n", sdata->dev->name);
63 skb_reserve(skb, local->hw.extra_tx_headroom);
64 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
66 memcpy(mgmt->da, da, ETH_ALEN);
67 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
68 if (sdata->vif.type == NL80211_IFTYPE_AP ||
69 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
70 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
71 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
72 memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
74 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
75 IEEE80211_STYPE_ACTION);
77 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
79 mgmt->u.action.category = WLAN_CATEGORY_BACK;
80 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
82 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
83 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
84 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
85 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
87 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
89 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
90 mgmt->u.action.u.addba_req.start_seq_num =
91 cpu_to_le16(start_seq_num << 4);
93 ieee80211_tx_skb(sdata, skb, 1);
96 void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn)
98 struct ieee80211_local *local = sdata->local;
100 struct ieee80211_bar *bar;
103 skb = dev_alloc_skb(sizeof(*bar) + local->hw.extra_tx_headroom);
105 printk(KERN_ERR "%s: failed to allocate buffer for "
106 "bar frame\n", sdata->dev->name);
109 skb_reserve(skb, local->hw.extra_tx_headroom);
110 bar = (struct ieee80211_bar *)skb_put(skb, sizeof(*bar));
111 memset(bar, 0, sizeof(*bar));
112 bar->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
113 IEEE80211_STYPE_BACK_REQ);
114 memcpy(bar->ra, ra, ETH_ALEN);
115 memcpy(bar->ta, sdata->dev->dev_addr, ETH_ALEN);
116 bar_control |= (u16)IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL;
117 bar_control |= (u16)IEEE80211_BAR_CTRL_CBMTID_COMPRESSED_BA;
118 bar_control |= (u16)(tid << 12);
119 bar->control = cpu_to_le16(bar_control);
120 bar->start_seq_num = cpu_to_le16(ssn);
122 ieee80211_tx_skb(sdata, skb, 0);
125 static int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
126 enum ieee80211_back_parties initiator)
128 struct ieee80211_local *local = sta->local;
132 state = &sta->ampdu_mlme.tid_state_tx[tid];
134 if (local->hw.ampdu_queues) {
137 * Stop the AC queue to avoid issues where we send
138 * unaggregated frames already before the delba.
140 ieee80211_stop_queue_by_reason(&local->hw,
141 local->hw.queues + sta->tid_to_tx_q[tid],
142 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
146 * Pretend the driver woke the queue, just in case
147 * it disabled it before the session was stopped.
149 ieee80211_wake_queue(
150 &local->hw, local->hw.queues + sta->tid_to_tx_q[tid]);
152 *state = HT_AGG_STATE_REQ_STOP_BA_MSK |
153 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
155 ret = local->ops->ampdu_action(&local->hw, IEEE80211_AMPDU_TX_STOP,
156 &sta->sta, tid, NULL);
158 /* HW shall not deny going back to legacy */
160 *state = HT_AGG_STATE_OPERATIONAL;
167 * After sending add Block Ack request we activated a timer until
168 * add Block Ack response will arrive from the recipient.
169 * If this timer expires sta_addba_resp_timer_expired will be executed.
171 static void sta_addba_resp_timer_expired(unsigned long data)
173 /* not an elegant detour, but there is no choice as the timer passes
174 * only one argument, and both sta_info and TID are needed, so init
175 * flow in sta_info_create gives the TID as data, while the timer_to_id
176 * array gives the sta through container_of */
177 u16 tid = *(u8 *)data;
178 struct sta_info *sta = container_of((void *)data,
179 struct sta_info, timer_to_tid[tid]);
182 state = &sta->ampdu_mlme.tid_state_tx[tid];
184 /* check if the TID waits for addBA response */
185 spin_lock_bh(&sta->lock);
186 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
187 spin_unlock_bh(&sta->lock);
188 *state = HT_AGG_STATE_IDLE;
189 #ifdef CONFIG_MAC80211_HT_DEBUG
190 printk(KERN_DEBUG "timer expired on tid %d but we are not "
191 "expecting addBA response there", tid);
196 #ifdef CONFIG_MAC80211_HT_DEBUG
197 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
200 ___ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_INITIATOR);
201 spin_unlock_bh(&sta->lock);
204 static inline int ieee80211_ac_from_tid(int tid)
206 return ieee802_1d_to_ac[tid & 7];
209 int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
211 struct ieee80211_local *local = hw_to_local(hw);
212 struct sta_info *sta;
213 struct ieee80211_sub_if_data *sdata;
215 int i, qn = -1, ret = 0;
218 if (WARN_ON(!local->ops->ampdu_action))
221 if ((tid >= STA_TID_NUM) || !(hw->flags & IEEE80211_HW_AMPDU_AGGREGATION))
224 #ifdef CONFIG_MAC80211_HT_DEBUG
225 printk(KERN_DEBUG "Open BA session requested for %pM tid %u\n",
227 #endif /* CONFIG_MAC80211_HT_DEBUG */
229 if (hw->ampdu_queues && ieee80211_ac_from_tid(tid) == 0) {
230 #ifdef CONFIG_MAC80211_HT_DEBUG
231 printk(KERN_DEBUG "rejecting on voice AC\n");
238 sta = sta_info_get(local, ra);
240 #ifdef CONFIG_MAC80211_HT_DEBUG
241 printk(KERN_DEBUG "Could not find the station\n");
248 * The aggregation code is not prepared to handle
249 * anything but STA/AP due to the BSSID handling.
250 * IBSS could work in the code but isn't supported
251 * by drivers or the standard.
253 if (sta->sdata->vif.type != NL80211_IFTYPE_STATION &&
254 sta->sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
255 sta->sdata->vif.type != NL80211_IFTYPE_AP) {
260 spin_lock_bh(&sta->lock);
264 /* we have tried too many times, receiver does not want A-MPDU */
265 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) {
270 state = &sta->ampdu_mlme.tid_state_tx[tid];
271 /* check if the TID is not in aggregation flow already */
272 if (*state != HT_AGG_STATE_IDLE) {
273 #ifdef CONFIG_MAC80211_HT_DEBUG
274 printk(KERN_DEBUG "BA request denied - session is not "
275 "idle on tid %u\n", tid);
276 #endif /* CONFIG_MAC80211_HT_DEBUG */
281 if (hw->ampdu_queues) {
282 spin_lock(&local->queue_stop_reason_lock);
283 /* reserve a new queue for this session */
284 for (i = 0; i < local->hw.ampdu_queues; i++) {
285 if (local->ampdu_ac_queue[i] < 0) {
287 local->ampdu_ac_queue[qn] =
288 ieee80211_ac_from_tid(tid);
292 spin_unlock(&local->queue_stop_reason_lock);
295 #ifdef CONFIG_MAC80211_HT_DEBUG
296 printk(KERN_DEBUG "BA request denied - "
297 "queue unavailable for tid %d\n", tid);
298 #endif /* CONFIG_MAC80211_HT_DEBUG */
304 * If we successfully allocate the session, we can't have
305 * anything going on on the queue this TID maps into, so
306 * stop it for now. This is a "virtual" stop using the same
307 * mechanism that drivers will use.
309 * XXX: queue up frames for this session in the sta_info
310 * struct instead to avoid hitting all other STAs.
312 ieee80211_stop_queue_by_reason(
313 &local->hw, hw->queues + qn,
314 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
317 /* prepare A-MPDU MLME for Tx aggregation */
318 sta->ampdu_mlme.tid_tx[tid] =
319 kmalloc(sizeof(struct tid_ampdu_tx), GFP_ATOMIC);
320 if (!sta->ampdu_mlme.tid_tx[tid]) {
321 #ifdef CONFIG_MAC80211_HT_DEBUG
323 printk(KERN_ERR "allocate tx mlme to tid %d failed\n",
327 goto err_return_queue;
331 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function =
332 sta_addba_resp_timer_expired;
333 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.data =
334 (unsigned long)&sta->timer_to_tid[tid];
335 init_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
337 /* Ok, the Addba frame hasn't been sent yet, but if the driver calls the
338 * call back right away, it must see that the flow has begun */
339 *state |= HT_ADDBA_REQUESTED_MSK;
341 start_seq_num = sta->tid_seq[tid];
343 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START,
344 &sta->sta, tid, &start_seq_num);
347 #ifdef CONFIG_MAC80211_HT_DEBUG
348 printk(KERN_DEBUG "BA request denied - HW unavailable for"
350 #endif /* CONFIG_MAC80211_HT_DEBUG */
351 *state = HT_AGG_STATE_IDLE;
354 sta->tid_to_tx_q[tid] = qn;
356 spin_unlock_bh(&sta->lock);
358 /* send an addBA request */
359 sta->ampdu_mlme.dialog_token_allocator++;
360 sta->ampdu_mlme.tid_tx[tid]->dialog_token =
361 sta->ampdu_mlme.dialog_token_allocator;
362 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num;
364 ieee80211_send_addba_request(sta->sdata, ra, tid,
365 sta->ampdu_mlme.tid_tx[tid]->dialog_token,
366 sta->ampdu_mlme.tid_tx[tid]->ssn,
368 /* activate the timer for the recipient's addBA response */
369 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires =
370 jiffies + ADDBA_RESP_INTERVAL;
371 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
372 #ifdef CONFIG_MAC80211_HT_DEBUG
373 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid);
378 kfree(sta->ampdu_mlme.tid_tx[tid]);
379 sta->ampdu_mlme.tid_tx[tid] = NULL;
382 /* We failed, so start queue again right away. */
383 ieee80211_wake_queue_by_reason(hw, hw->queues + qn,
384 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
385 /* give queue back to pool */
386 spin_lock(&local->queue_stop_reason_lock);
387 local->ampdu_ac_queue[qn] = -1;
388 spin_unlock(&local->queue_stop_reason_lock);
391 spin_unlock_bh(&sta->lock);
396 EXPORT_SYMBOL(ieee80211_start_tx_ba_session);
398 void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
400 struct ieee80211_local *local = hw_to_local(hw);
401 struct sta_info *sta;
404 if (tid >= STA_TID_NUM) {
405 #ifdef CONFIG_MAC80211_HT_DEBUG
406 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
413 sta = sta_info_get(local, ra);
416 #ifdef CONFIG_MAC80211_HT_DEBUG
417 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
422 state = &sta->ampdu_mlme.tid_state_tx[tid];
423 spin_lock_bh(&sta->lock);
425 if (WARN_ON(!(*state & HT_ADDBA_REQUESTED_MSK))) {
426 #ifdef CONFIG_MAC80211_HT_DEBUG
427 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n",
430 spin_unlock_bh(&sta->lock);
435 if (WARN_ON(*state & HT_ADDBA_DRV_READY_MSK))
438 *state |= HT_ADDBA_DRV_READY_MSK;
440 if (*state == HT_AGG_STATE_OPERATIONAL) {
441 #ifdef CONFIG_MAC80211_HT_DEBUG
442 printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid);
444 if (hw->ampdu_queues) {
446 * Wake up this queue, we stopped it earlier,
447 * this will in turn wake the entire AC.
449 ieee80211_wake_queue_by_reason(hw,
450 hw->queues + sta->tid_to_tx_q[tid],
451 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
456 spin_unlock_bh(&sta->lock);
459 EXPORT_SYMBOL(ieee80211_start_tx_ba_cb);
461 void ieee80211_start_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
462 const u8 *ra, u16 tid)
464 struct ieee80211_local *local = hw_to_local(hw);
465 struct ieee80211_ra_tid *ra_tid;
466 struct sk_buff *skb = dev_alloc_skb(0);
468 if (unlikely(!skb)) {
469 #ifdef CONFIG_MAC80211_HT_DEBUG
471 printk(KERN_WARNING "%s: Not enough memory, "
472 "dropping start BA session", skb->dev->name);
476 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
477 memcpy(&ra_tid->ra, ra, ETH_ALEN);
480 skb->pkt_type = IEEE80211_ADDBA_MSG;
481 skb_queue_tail(&local->skb_queue, skb);
482 tasklet_schedule(&local->tasklet);
484 EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe);
486 int __ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
487 enum ieee80211_back_parties initiator)
492 /* check if the TID is in aggregation */
493 state = &sta->ampdu_mlme.tid_state_tx[tid];
494 spin_lock_bh(&sta->lock);
496 if (*state != HT_AGG_STATE_OPERATIONAL) {
501 #ifdef CONFIG_MAC80211_HT_DEBUG
502 printk(KERN_DEBUG "Tx BA session stop requested for %pM tid %u\n",
504 #endif /* CONFIG_MAC80211_HT_DEBUG */
506 ret = ___ieee80211_stop_tx_ba_session(sta, tid, initiator);
509 spin_unlock_bh(&sta->lock);
513 int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
515 enum ieee80211_back_parties initiator)
517 struct ieee80211_local *local = hw_to_local(hw);
518 struct sta_info *sta;
521 if (WARN_ON(!local->ops->ampdu_action))
524 if (tid >= STA_TID_NUM)
528 sta = sta_info_get(local, ra);
534 ret = __ieee80211_stop_tx_ba_session(sta, tid, initiator);
538 EXPORT_SYMBOL(ieee80211_stop_tx_ba_session);
540 void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
542 struct ieee80211_local *local = hw_to_local(hw);
543 struct sta_info *sta;
546 if (tid >= STA_TID_NUM) {
547 #ifdef CONFIG_MAC80211_HT_DEBUG
548 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
554 #ifdef CONFIG_MAC80211_HT_DEBUG
555 printk(KERN_DEBUG "Stopping Tx BA session for %pM tid %d\n",
557 #endif /* CONFIG_MAC80211_HT_DEBUG */
560 sta = sta_info_get(local, ra);
562 #ifdef CONFIG_MAC80211_HT_DEBUG
563 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
568 state = &sta->ampdu_mlme.tid_state_tx[tid];
570 /* NOTE: no need to use sta->lock in this state check, as
571 * ieee80211_stop_tx_ba_session will let only one stop call to
572 * pass through per sta/tid
574 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
575 #ifdef CONFIG_MAC80211_HT_DEBUG
576 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
582 if (*state & HT_AGG_STATE_INITIATOR_MSK)
583 ieee80211_send_delba(sta->sdata, ra, tid,
584 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);
586 spin_lock_bh(&sta->lock);
588 if (*state & HT_AGG_STATE_INITIATOR_MSK &&
591 * Wake up this queue, we stopped it earlier,
592 * this will in turn wake the entire AC.
594 ieee80211_wake_queue_by_reason(hw,
595 hw->queues + sta->tid_to_tx_q[tid],
596 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
599 *state = HT_AGG_STATE_IDLE;
600 sta->ampdu_mlme.addba_req_num[tid] = 0;
601 kfree(sta->ampdu_mlme.tid_tx[tid]);
602 sta->ampdu_mlme.tid_tx[tid] = NULL;
603 spin_unlock_bh(&sta->lock);
607 EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb);
609 void ieee80211_stop_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
610 const u8 *ra, u16 tid)
612 struct ieee80211_local *local = hw_to_local(hw);
613 struct ieee80211_ra_tid *ra_tid;
614 struct sk_buff *skb = dev_alloc_skb(0);
616 if (unlikely(!skb)) {
617 #ifdef CONFIG_MAC80211_HT_DEBUG
619 printk(KERN_WARNING "%s: Not enough memory, "
620 "dropping stop BA session", skb->dev->name);
624 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
625 memcpy(&ra_tid->ra, ra, ETH_ALEN);
628 skb->pkt_type = IEEE80211_DELBA_MSG;
629 skb_queue_tail(&local->skb_queue, skb);
630 tasklet_schedule(&local->tasklet);
632 EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb_irqsafe);
635 void ieee80211_process_addba_resp(struct ieee80211_local *local,
636 struct sta_info *sta,
637 struct ieee80211_mgmt *mgmt,
640 struct ieee80211_hw *hw = &local->hw;
642 u16 tid, start_seq_num;
645 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
646 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
648 state = &sta->ampdu_mlme.tid_state_tx[tid];
650 spin_lock_bh(&sta->lock);
652 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
653 spin_unlock_bh(&sta->lock);
657 if (mgmt->u.action.u.addba_resp.dialog_token !=
658 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
659 spin_unlock_bh(&sta->lock);
660 #ifdef CONFIG_MAC80211_HT_DEBUG
661 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
662 #endif /* CONFIG_MAC80211_HT_DEBUG */
666 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
667 #ifdef CONFIG_MAC80211_HT_DEBUG
668 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
669 #endif /* CONFIG_MAC80211_HT_DEBUG */
670 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
671 == WLAN_STATUS_SUCCESS) {
672 u8 curstate = *state;
674 *state |= HT_ADDBA_RECEIVED_MSK;
676 if (hw->ampdu_queues && *state != curstate &&
677 *state == HT_AGG_STATE_OPERATIONAL) {
679 * Wake up this queue, we stopped it earlier,
680 * this will in turn wake the entire AC.
682 ieee80211_wake_queue_by_reason(hw,
683 hw->queues + sta->tid_to_tx_q[tid],
684 IEEE80211_QUEUE_STOP_REASON_AGGREGATION);
686 sta->ampdu_mlme.addba_req_num[tid] = 0;
688 if (local->ops->ampdu_action) {
689 (void)local->ops->ampdu_action(hw,
690 IEEE80211_AMPDU_TX_RESUME,
691 &sta->sta, tid, &start_seq_num);
693 #ifdef CONFIG_MAC80211_HT_DEBUG
694 printk(KERN_DEBUG "Resuming TX aggregation for tid %d\n", tid);
695 #endif /* CONFIG_MAC80211_HT_DEBUG */
697 sta->ampdu_mlme.addba_req_num[tid]++;
698 ___ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_INITIATOR);
700 spin_unlock_bh(&sta->lock);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob