4 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
5 * Copyright 2002-2005, Instant802 Networks, Inc.
6 * Copyright 2005-2006, Devicescape Software, Inc.
7 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * Copyright 2007-2008, Intel Corporation
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2 as
13 * published by the Free Software Foundation.
16 #include <linux/ieee80211.h>
17 #include <net/wireless.h>
18 #include <net/mac80211.h>
19 #include "ieee80211_i.h"
23 int ieee80211_ht_cap_ie_to_ht_info(struct ieee80211_ht_cap *ht_cap_ie,
24 struct ieee80211_ht_info *ht_info)
30 memset(ht_info, 0, sizeof(*ht_info));
33 u8 ampdu_info = ht_cap_ie->ampdu_params_info;
35 ht_info->ht_supported = 1;
36 ht_info->cap = le16_to_cpu(ht_cap_ie->cap_info);
37 ht_info->ampdu_factor =
38 ampdu_info & IEEE80211_HT_CAP_AMPDU_FACTOR;
39 ht_info->ampdu_density =
40 (ampdu_info & IEEE80211_HT_CAP_AMPDU_DENSITY) >> 2;
41 memcpy(ht_info->supp_mcs_set, ht_cap_ie->supp_mcs_set, 16);
43 ht_info->ht_supported = 0;
48 int ieee80211_ht_addt_info_ie_to_ht_bss_info(
49 struct ieee80211_ht_addt_info *ht_add_info_ie,
50 struct ieee80211_ht_bss_info *bss_info)
55 memset(bss_info, 0, sizeof(*bss_info));
59 op_mode = le16_to_cpu(ht_add_info_ie->operation_mode);
61 bss_info->primary_channel = ht_add_info_ie->control_chan;
62 bss_info->bss_cap = ht_add_info_ie->ht_param;
63 bss_info->bss_op_mode = (u8)(op_mode & 0xff);
69 static void ieee80211_send_addba_request(struct ieee80211_sub_if_data *sdata,
70 const u8 *da, u16 tid,
71 u8 dialog_token, u16 start_seq_num,
72 u16 agg_size, u16 timeout)
74 struct ieee80211_local *local = sdata->local;
75 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
77 struct ieee80211_mgmt *mgmt;
80 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
83 printk(KERN_ERR "%s: failed to allocate buffer "
84 "for addba request frame\n", sdata->dev->name);
87 skb_reserve(skb, local->hw.extra_tx_headroom);
88 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
90 memcpy(mgmt->da, da, ETH_ALEN);
91 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
92 if (sdata->vif.type == NL80211_IFTYPE_AP)
93 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
95 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
97 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
98 IEEE80211_STYPE_ACTION);
100 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
102 mgmt->u.action.category = WLAN_CATEGORY_BACK;
103 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
105 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
106 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
107 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
108 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
110 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
112 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
113 mgmt->u.action.u.addba_req.start_seq_num =
114 cpu_to_le16(start_seq_num << 4);
116 ieee80211_tx_skb(sdata, skb, 0);
119 static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *da, u16 tid,
120 u8 dialog_token, u16 status, u16 policy,
121 u16 buf_size, u16 timeout)
123 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
124 struct ieee80211_local *local = sdata->local;
126 struct ieee80211_mgmt *mgmt;
129 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
132 printk(KERN_DEBUG "%s: failed to allocate buffer "
133 "for addba resp frame\n", sdata->dev->name);
137 skb_reserve(skb, local->hw.extra_tx_headroom);
138 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
140 memcpy(mgmt->da, da, ETH_ALEN);
141 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
142 if (sdata->vif.type == NL80211_IFTYPE_AP)
143 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
145 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
146 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
147 IEEE80211_STYPE_ACTION);
149 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_resp));
150 mgmt->u.action.category = WLAN_CATEGORY_BACK;
151 mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
152 mgmt->u.action.u.addba_resp.dialog_token = dialog_token;
154 capab = (u16)(policy << 1); /* bit 1 aggregation policy */
155 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
156 capab |= (u16)(buf_size << 6); /* bit 15:6 max size of aggregation */
158 mgmt->u.action.u.addba_resp.capab = cpu_to_le16(capab);
159 mgmt->u.action.u.addba_resp.timeout = cpu_to_le16(timeout);
160 mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
162 ieee80211_tx_skb(sdata, skb, 0);
165 static void ieee80211_send_delba(struct ieee80211_sub_if_data *sdata,
166 const u8 *da, u16 tid,
167 u16 initiator, u16 reason_code)
169 struct ieee80211_local *local = sdata->local;
170 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
172 struct ieee80211_mgmt *mgmt;
175 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
178 printk(KERN_ERR "%s: failed to allocate buffer "
179 "for delba frame\n", sdata->dev->name);
183 skb_reserve(skb, local->hw.extra_tx_headroom);
184 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
186 memcpy(mgmt->da, da, ETH_ALEN);
187 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
188 if (sdata->vif.type == NL80211_IFTYPE_AP)
189 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
191 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
192 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
193 IEEE80211_STYPE_ACTION);
195 skb_put(skb, 1 + sizeof(mgmt->u.action.u.delba));
197 mgmt->u.action.category = WLAN_CATEGORY_BACK;
198 mgmt->u.action.u.delba.action_code = WLAN_ACTION_DELBA;
199 params = (u16)(initiator << 11); /* bit 11 initiator */
200 params |= (u16)(tid << 12); /* bit 15:12 TID number */
202 mgmt->u.action.u.delba.params = cpu_to_le16(params);
203 mgmt->u.action.u.delba.reason_code = cpu_to_le16(reason_code);
205 ieee80211_tx_skb(sdata, skb, 0);
208 void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn)
210 struct ieee80211_local *local = sdata->local;
212 struct ieee80211_bar *bar;
215 skb = dev_alloc_skb(sizeof(*bar) + local->hw.extra_tx_headroom);
217 printk(KERN_ERR "%s: failed to allocate buffer for "
218 "bar frame\n", sdata->dev->name);
221 skb_reserve(skb, local->hw.extra_tx_headroom);
222 bar = (struct ieee80211_bar *)skb_put(skb, sizeof(*bar));
223 memset(bar, 0, sizeof(*bar));
224 bar->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
225 IEEE80211_STYPE_BACK_REQ);
226 memcpy(bar->ra, ra, ETH_ALEN);
227 memcpy(bar->ta, sdata->dev->dev_addr, ETH_ALEN);
228 bar_control |= (u16)IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL;
229 bar_control |= (u16)IEEE80211_BAR_CTRL_CBMTID_COMPRESSED_BA;
230 bar_control |= (u16)(tid << 12);
231 bar->control = cpu_to_le16(bar_control);
232 bar->start_seq_num = cpu_to_le16(ssn);
234 ieee80211_tx_skb(sdata, skb, 0);
237 void ieee80211_sta_stop_rx_ba_session(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid,
238 u16 initiator, u16 reason)
240 struct ieee80211_local *local = sdata->local;
241 struct ieee80211_hw *hw = &local->hw;
242 struct sta_info *sta;
247 sta = sta_info_get(local, ra);
253 /* check if TID is in operational state */
254 spin_lock_bh(&sta->lock);
255 if (sta->ampdu_mlme.tid_state_rx[tid]
256 != HT_AGG_STATE_OPERATIONAL) {
257 spin_unlock_bh(&sta->lock);
261 sta->ampdu_mlme.tid_state_rx[tid] =
262 HT_AGG_STATE_REQ_STOP_BA_MSK |
263 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
264 spin_unlock_bh(&sta->lock);
266 /* stop HW Rx aggregation. ampdu_action existence
267 * already verified in session init so we add the BUG_ON */
268 BUG_ON(!local->ops->ampdu_action);
270 #ifdef CONFIG_MAC80211_HT_DEBUG
271 printk(KERN_DEBUG "Rx BA session stop requested for %pM tid %u\n",
273 #endif /* CONFIG_MAC80211_HT_DEBUG */
275 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_STOP,
276 &sta->sta, tid, NULL);
278 printk(KERN_DEBUG "HW problem - can not stop rx "
279 "aggregation for tid %d\n", tid);
281 /* shutdown timer has not expired */
282 if (initiator != WLAN_BACK_TIMER)
283 del_timer_sync(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
285 /* check if this is a self generated aggregation halt */
286 if (initiator == WLAN_BACK_RECIPIENT || initiator == WLAN_BACK_TIMER)
287 ieee80211_send_delba(sdata, ra, tid, 0, reason);
289 /* free the reordering buffer */
290 for (i = 0; i < sta->ampdu_mlme.tid_rx[tid]->buf_size; i++) {
291 if (sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]) {
292 /* release the reordered frames */
293 dev_kfree_skb(sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i]);
294 sta->ampdu_mlme.tid_rx[tid]->stored_mpdu_num--;
295 sta->ampdu_mlme.tid_rx[tid]->reorder_buf[i] = NULL;
299 kfree(sta->ampdu_mlme.tid_rx[tid]->reorder_buf);
300 kfree(sta->ampdu_mlme.tid_rx[tid]);
301 sta->ampdu_mlme.tid_rx[tid] = NULL;
302 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_IDLE;
309 * After sending add Block Ack request we activated a timer until
310 * add Block Ack response will arrive from the recipient.
311 * If this timer expires sta_addba_resp_timer_expired will be executed.
313 static void sta_addba_resp_timer_expired(unsigned long data)
315 /* not an elegant detour, but there is no choice as the timer passes
316 * only one argument, and both sta_info and TID are needed, so init
317 * flow in sta_info_create gives the TID as data, while the timer_to_id
318 * array gives the sta through container_of */
319 u16 tid = *(u8 *)data;
320 struct sta_info *temp_sta = container_of((void *)data,
321 struct sta_info, timer_to_tid[tid]);
323 struct ieee80211_local *local = temp_sta->local;
324 struct ieee80211_hw *hw = &local->hw;
325 struct sta_info *sta;
330 sta = sta_info_get(local, temp_sta->sta.addr);
336 state = &sta->ampdu_mlme.tid_state_tx[tid];
337 /* check if the TID waits for addBA response */
338 spin_lock_bh(&sta->lock);
339 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
340 spin_unlock_bh(&sta->lock);
341 *state = HT_AGG_STATE_IDLE;
342 #ifdef CONFIG_MAC80211_HT_DEBUG
343 printk(KERN_DEBUG "timer expired on tid %d but we are not "
344 "expecting addBA response there", tid);
346 goto timer_expired_exit;
349 #ifdef CONFIG_MAC80211_HT_DEBUG
350 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
353 /* go through the state check in stop_BA_session */
354 *state = HT_AGG_STATE_OPERATIONAL;
355 spin_unlock_bh(&sta->lock);
356 ieee80211_stop_tx_ba_session(hw, temp_sta->sta.addr, tid,
357 WLAN_BACK_INITIATOR);
363 void ieee80211_sta_tear_down_BA_sessions(struct ieee80211_sub_if_data *sdata, u8 *addr)
365 struct ieee80211_local *local = sdata->local;
368 for (i = 0; i < STA_TID_NUM; i++) {
369 ieee80211_stop_tx_ba_session(&local->hw, addr, i,
370 WLAN_BACK_INITIATOR);
371 ieee80211_sta_stop_rx_ba_session(sdata, addr, i,
373 WLAN_REASON_QSTA_LEAVE_QBSS);
377 int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
379 struct ieee80211_local *local = hw_to_local(hw);
380 struct sta_info *sta;
381 struct ieee80211_sub_if_data *sdata;
386 if (tid >= STA_TID_NUM)
389 #ifdef CONFIG_MAC80211_HT_DEBUG
390 printk(KERN_DEBUG "Open BA session requested for %pM tid %u\n",
392 #endif /* CONFIG_MAC80211_HT_DEBUG */
396 sta = sta_info_get(local, ra);
398 #ifdef CONFIG_MAC80211_HT_DEBUG
399 printk(KERN_DEBUG "Could not find the station\n");
405 spin_lock_bh(&sta->lock);
407 /* we have tried too many times, receiver does not want A-MPDU */
408 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) {
413 state = &sta->ampdu_mlme.tid_state_tx[tid];
414 /* check if the TID is not in aggregation flow already */
415 if (*state != HT_AGG_STATE_IDLE) {
416 #ifdef CONFIG_MAC80211_HT_DEBUG
417 printk(KERN_DEBUG "BA request denied - session is not "
418 "idle on tid %u\n", tid);
419 #endif /* CONFIG_MAC80211_HT_DEBUG */
424 /* prepare A-MPDU MLME for Tx aggregation */
425 sta->ampdu_mlme.tid_tx[tid] =
426 kmalloc(sizeof(struct tid_ampdu_tx), GFP_ATOMIC);
427 if (!sta->ampdu_mlme.tid_tx[tid]) {
428 #ifdef CONFIG_MAC80211_HT_DEBUG
430 printk(KERN_ERR "allocate tx mlme to tid %d failed\n",
437 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function =
438 sta_addba_resp_timer_expired;
439 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.data =
440 (unsigned long)&sta->timer_to_tid[tid];
441 init_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
443 /* create a new queue for this aggregation */
444 ret = ieee80211_ht_agg_queue_add(local, sta, tid);
446 /* case no queue is available to aggregation
447 * don't switch to aggregation */
449 #ifdef CONFIG_MAC80211_HT_DEBUG
450 printk(KERN_DEBUG "BA request denied - queue unavailable for"
452 #endif /* CONFIG_MAC80211_HT_DEBUG */
453 goto err_unlock_queue;
457 /* Ok, the Addba frame hasn't been sent yet, but if the driver calls the
458 * call back right away, it must see that the flow has begun */
459 *state |= HT_ADDBA_REQUESTED_MSK;
461 /* This is slightly racy because the queue isn't stopped */
462 start_seq_num = sta->tid_seq[tid];
464 if (local->ops->ampdu_action)
465 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START,
466 &sta->sta, tid, &start_seq_num);
469 /* No need to requeue the packets in the agg queue, since we
470 * held the tx lock: no packet could be enqueued to the newly
472 ieee80211_ht_agg_queue_remove(local, sta, tid, 0);
473 #ifdef CONFIG_MAC80211_HT_DEBUG
474 printk(KERN_DEBUG "BA request denied - HW unavailable for"
476 #endif /* CONFIG_MAC80211_HT_DEBUG */
477 *state = HT_AGG_STATE_IDLE;
478 goto err_unlock_queue;
481 /* Will put all the packets in the new SW queue */
482 ieee80211_requeue(local, ieee802_1d_to_ac[tid]);
483 spin_unlock_bh(&sta->lock);
485 /* send an addBA request */
486 sta->ampdu_mlme.dialog_token_allocator++;
487 sta->ampdu_mlme.tid_tx[tid]->dialog_token =
488 sta->ampdu_mlme.dialog_token_allocator;
489 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num;
492 ieee80211_send_addba_request(sta->sdata, ra, tid,
493 sta->ampdu_mlme.tid_tx[tid]->dialog_token,
494 sta->ampdu_mlme.tid_tx[tid]->ssn,
496 /* activate the timer for the recipient's addBA response */
497 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires =
498 jiffies + ADDBA_RESP_INTERVAL;
499 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
500 #ifdef CONFIG_MAC80211_HT_DEBUG
501 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid);
506 kfree(sta->ampdu_mlme.tid_tx[tid]);
507 sta->ampdu_mlme.tid_tx[tid] = NULL;
510 spin_unlock_bh(&sta->lock);
515 EXPORT_SYMBOL(ieee80211_start_tx_ba_session);
517 int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
519 enum ieee80211_back_parties initiator)
521 struct ieee80211_local *local = hw_to_local(hw);
522 struct sta_info *sta;
526 if (tid >= STA_TID_NUM)
530 sta = sta_info_get(local, ra);
536 /* check if the TID is in aggregation */
537 state = &sta->ampdu_mlme.tid_state_tx[tid];
538 spin_lock_bh(&sta->lock);
540 if (*state != HT_AGG_STATE_OPERATIONAL) {
545 #ifdef CONFIG_MAC80211_HT_DEBUG
546 printk(KERN_DEBUG "Tx BA session stop requested for %pM tid %u\n",
548 #endif /* CONFIG_MAC80211_HT_DEBUG */
550 ieee80211_stop_queue(hw, sta->tid_to_tx_q[tid]);
552 *state = HT_AGG_STATE_REQ_STOP_BA_MSK |
553 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
555 if (local->ops->ampdu_action)
556 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_STOP,
557 &sta->sta, tid, NULL);
559 /* case HW denied going back to legacy */
561 WARN_ON(ret != -EBUSY);
562 *state = HT_AGG_STATE_OPERATIONAL;
563 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
568 spin_unlock_bh(&sta->lock);
572 EXPORT_SYMBOL(ieee80211_stop_tx_ba_session);
574 void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
576 struct ieee80211_local *local = hw_to_local(hw);
577 struct sta_info *sta;
580 if (tid >= STA_TID_NUM) {
581 #ifdef CONFIG_MAC80211_HT_DEBUG
582 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
589 sta = sta_info_get(local, ra);
592 #ifdef CONFIG_MAC80211_HT_DEBUG
593 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
598 state = &sta->ampdu_mlme.tid_state_tx[tid];
599 spin_lock_bh(&sta->lock);
601 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
602 #ifdef CONFIG_MAC80211_HT_DEBUG
603 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n",
606 spin_unlock_bh(&sta->lock);
611 WARN_ON_ONCE(*state & HT_ADDBA_DRV_READY_MSK);
613 *state |= HT_ADDBA_DRV_READY_MSK;
615 if (*state == HT_AGG_STATE_OPERATIONAL) {
616 #ifdef CONFIG_MAC80211_HT_DEBUG
617 printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid);
619 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
621 spin_unlock_bh(&sta->lock);
624 EXPORT_SYMBOL(ieee80211_start_tx_ba_cb);
626 void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
628 struct ieee80211_local *local = hw_to_local(hw);
629 struct sta_info *sta;
633 if (tid >= STA_TID_NUM) {
634 #ifdef CONFIG_MAC80211_HT_DEBUG
635 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
641 #ifdef CONFIG_MAC80211_HT_DEBUG
642 printk(KERN_DEBUG "Stopping Tx BA session for %pM tid %d\n",
644 #endif /* CONFIG_MAC80211_HT_DEBUG */
647 sta = sta_info_get(local, ra);
649 #ifdef CONFIG_MAC80211_HT_DEBUG
650 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
655 state = &sta->ampdu_mlme.tid_state_tx[tid];
657 /* NOTE: no need to use sta->lock in this state check, as
658 * ieee80211_stop_tx_ba_session will let only one stop call to
659 * pass through per sta/tid
661 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
662 #ifdef CONFIG_MAC80211_HT_DEBUG
663 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
669 if (*state & HT_AGG_STATE_INITIATOR_MSK)
670 ieee80211_send_delba(sta->sdata, ra, tid,
671 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);
673 agg_queue = sta->tid_to_tx_q[tid];
675 ieee80211_ht_agg_queue_remove(local, sta, tid, 1);
677 /* We just requeued the all the frames that were in the
678 * removed queue, and since we might miss a softirq we do
679 * netif_schedule_queue. ieee80211_wake_queue is not used
680 * here as this queue is not necessarily stopped
682 netif_schedule_queue(netdev_get_tx_queue(local->mdev, agg_queue));
683 spin_lock_bh(&sta->lock);
684 *state = HT_AGG_STATE_IDLE;
685 sta->ampdu_mlme.addba_req_num[tid] = 0;
686 kfree(sta->ampdu_mlme.tid_tx[tid]);
687 sta->ampdu_mlme.tid_tx[tid] = NULL;
688 spin_unlock_bh(&sta->lock);
692 EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb);
694 void ieee80211_start_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
695 const u8 *ra, u16 tid)
697 struct ieee80211_local *local = hw_to_local(hw);
698 struct ieee80211_ra_tid *ra_tid;
699 struct sk_buff *skb = dev_alloc_skb(0);
701 if (unlikely(!skb)) {
702 #ifdef CONFIG_MAC80211_HT_DEBUG
704 printk(KERN_WARNING "%s: Not enough memory, "
705 "dropping start BA session", skb->dev->name);
709 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
710 memcpy(&ra_tid->ra, ra, ETH_ALEN);
713 skb->pkt_type = IEEE80211_ADDBA_MSG;
714 skb_queue_tail(&local->skb_queue, skb);
715 tasklet_schedule(&local->tasklet);
717 EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe);
719 void ieee80211_stop_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
720 const u8 *ra, u16 tid)
722 struct ieee80211_local *local = hw_to_local(hw);
723 struct ieee80211_ra_tid *ra_tid;
724 struct sk_buff *skb = dev_alloc_skb(0);
726 if (unlikely(!skb)) {
727 #ifdef CONFIG_MAC80211_HT_DEBUG
729 printk(KERN_WARNING "%s: Not enough memory, "
730 "dropping stop BA session", skb->dev->name);
734 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
735 memcpy(&ra_tid->ra, ra, ETH_ALEN);
738 skb->pkt_type = IEEE80211_DELBA_MSG;
739 skb_queue_tail(&local->skb_queue, skb);
740 tasklet_schedule(&local->tasklet);
742 EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb_irqsafe);
745 * After accepting the AddBA Request we activated a timer,
746 * resetting it after each frame that arrives from the originator.
747 * if this timer expires ieee80211_sta_stop_rx_ba_session will be executed.
749 static void sta_rx_agg_session_timer_expired(unsigned long data)
751 /* not an elegant detour, but there is no choice as the timer passes
752 * only one argument, and various sta_info are needed here, so init
753 * flow in sta_info_create gives the TID as data, while the timer_to_id
754 * array gives the sta through container_of */
755 u8 *ptid = (u8 *)data;
756 u8 *timer_to_id = ptid - *ptid;
757 struct sta_info *sta = container_of(timer_to_id, struct sta_info,
760 #ifdef CONFIG_MAC80211_HT_DEBUG
761 printk(KERN_DEBUG "rx session timer expired on tid %d\n", (u16)*ptid);
763 ieee80211_sta_stop_rx_ba_session(sta->sdata, sta->sta.addr,
764 (u16)*ptid, WLAN_BACK_TIMER,
765 WLAN_REASON_QSTA_TIMEOUT);
768 void ieee80211_process_addba_request(struct ieee80211_local *local,
769 struct sta_info *sta,
770 struct ieee80211_mgmt *mgmt,
773 struct ieee80211_hw *hw = &local->hw;
774 struct ieee80211_conf *conf = &hw->conf;
775 struct tid_ampdu_rx *tid_agg_rx;
776 u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
778 int ret = -EOPNOTSUPP;
780 /* extract session parameters from addba request frame */
781 dialog_token = mgmt->u.action.u.addba_req.dialog_token;
782 timeout = le16_to_cpu(mgmt->u.action.u.addba_req.timeout);
784 le16_to_cpu(mgmt->u.action.u.addba_req.start_seq_num) >> 4;
786 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
787 ba_policy = (capab & IEEE80211_ADDBA_PARAM_POLICY_MASK) >> 1;
788 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
789 buf_size = (capab & IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK) >> 6;
791 status = WLAN_STATUS_REQUEST_DECLINED;
793 /* sanity check for incoming parameters:
794 * check if configuration can support the BA policy
795 * and if buffer size does not exceeds max value */
796 if (((ba_policy != 1)
797 && (!(conf->ht_conf.cap & IEEE80211_HT_CAP_DELAY_BA)))
798 || (buf_size > IEEE80211_MAX_AMPDU_BUF)) {
799 status = WLAN_STATUS_INVALID_QOS_PARAM;
800 #ifdef CONFIG_MAC80211_HT_DEBUG
802 printk(KERN_DEBUG "AddBA Req with bad params from "
803 "%pM on tid %u. policy %d, buffer size %d\n",
804 mgmt->sa, tid, ba_policy,
806 #endif /* CONFIG_MAC80211_HT_DEBUG */
809 /* determine default buffer size */
811 struct ieee80211_supported_band *sband;
813 sband = local->hw.wiphy->bands[conf->channel->band];
814 buf_size = IEEE80211_MIN_AMPDU_BUF;
815 buf_size = buf_size << sband->ht_info.ampdu_factor;
819 /* examine state machine */
820 spin_lock_bh(&sta->lock);
822 if (sta->ampdu_mlme.tid_state_rx[tid] != HT_AGG_STATE_IDLE) {
823 #ifdef CONFIG_MAC80211_HT_DEBUG
825 printk(KERN_DEBUG "unexpected AddBA Req from "
828 #endif /* CONFIG_MAC80211_HT_DEBUG */
832 /* prepare A-MPDU MLME for Rx aggregation */
833 sta->ampdu_mlme.tid_rx[tid] =
834 kmalloc(sizeof(struct tid_ampdu_rx), GFP_ATOMIC);
835 if (!sta->ampdu_mlme.tid_rx[tid]) {
836 #ifdef CONFIG_MAC80211_HT_DEBUG
838 printk(KERN_ERR "allocate rx mlme to tid %d failed\n",
844 sta->ampdu_mlme.tid_rx[tid]->session_timer.function =
845 sta_rx_agg_session_timer_expired;
846 sta->ampdu_mlme.tid_rx[tid]->session_timer.data =
847 (unsigned long)&sta->timer_to_tid[tid];
848 init_timer(&sta->ampdu_mlme.tid_rx[tid]->session_timer);
850 tid_agg_rx = sta->ampdu_mlme.tid_rx[tid];
852 /* prepare reordering buffer */
853 tid_agg_rx->reorder_buf =
854 kmalloc(buf_size * sizeof(struct sk_buff *), GFP_ATOMIC);
855 if (!tid_agg_rx->reorder_buf) {
856 #ifdef CONFIG_MAC80211_HT_DEBUG
858 printk(KERN_ERR "can not allocate reordering buffer "
861 kfree(sta->ampdu_mlme.tid_rx[tid]);
864 memset(tid_agg_rx->reorder_buf, 0,
865 buf_size * sizeof(struct sk_buff *));
867 if (local->ops->ampdu_action)
868 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_RX_START,
869 &sta->sta, tid, &start_seq_num);
870 #ifdef CONFIG_MAC80211_HT_DEBUG
871 printk(KERN_DEBUG "Rx A-MPDU request on tid %d result %d\n", tid, ret);
872 #endif /* CONFIG_MAC80211_HT_DEBUG */
875 kfree(tid_agg_rx->reorder_buf);
877 sta->ampdu_mlme.tid_rx[tid] = NULL;
881 /* change state and send addba resp */
882 sta->ampdu_mlme.tid_state_rx[tid] = HT_AGG_STATE_OPERATIONAL;
883 tid_agg_rx->dialog_token = dialog_token;
884 tid_agg_rx->ssn = start_seq_num;
885 tid_agg_rx->head_seq_num = start_seq_num;
886 tid_agg_rx->buf_size = buf_size;
887 tid_agg_rx->timeout = timeout;
888 tid_agg_rx->stored_mpdu_num = 0;
889 status = WLAN_STATUS_SUCCESS;
891 spin_unlock_bh(&sta->lock);
894 ieee80211_send_addba_resp(sta->sdata, sta->sta.addr, tid,
895 dialog_token, status, 1, buf_size, timeout);
898 void ieee80211_process_addba_resp(struct ieee80211_local *local,
899 struct sta_info *sta,
900 struct ieee80211_mgmt *mgmt,
903 struct ieee80211_hw *hw = &local->hw;
908 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
909 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
911 state = &sta->ampdu_mlme.tid_state_tx[tid];
913 spin_lock_bh(&sta->lock);
915 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
916 spin_unlock_bh(&sta->lock);
920 if (mgmt->u.action.u.addba_resp.dialog_token !=
921 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
922 spin_unlock_bh(&sta->lock);
923 #ifdef CONFIG_MAC80211_HT_DEBUG
924 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
925 #endif /* CONFIG_MAC80211_HT_DEBUG */
929 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
930 #ifdef CONFIG_MAC80211_HT_DEBUG
931 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
932 #endif /* CONFIG_MAC80211_HT_DEBUG */
933 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
934 == WLAN_STATUS_SUCCESS) {
935 *state |= HT_ADDBA_RECEIVED_MSK;
936 sta->ampdu_mlme.addba_req_num[tid] = 0;
938 if (*state == HT_AGG_STATE_OPERATIONAL)
939 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
941 spin_unlock_bh(&sta->lock);
943 sta->ampdu_mlme.addba_req_num[tid]++;
944 /* this will allow the state check in stop_BA_session */
945 *state = HT_AGG_STATE_OPERATIONAL;
946 spin_unlock_bh(&sta->lock);
947 ieee80211_stop_tx_ba_session(hw, sta->sta.addr, tid,
948 WLAN_BACK_INITIATOR);
952 void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata,
953 struct sta_info *sta,
954 struct ieee80211_mgmt *mgmt, size_t len)
956 struct ieee80211_local *local = sdata->local;
960 params = le16_to_cpu(mgmt->u.action.u.delba.params);
961 tid = (params & IEEE80211_DELBA_PARAM_TID_MASK) >> 12;
962 initiator = (params & IEEE80211_DELBA_PARAM_INITIATOR_MASK) >> 11;
964 #ifdef CONFIG_MAC80211_HT_DEBUG
966 printk(KERN_DEBUG "delba from %pM (%s) tid %d reason code %d\n",
967 mgmt->sa, initiator ? "initiator" : "recipient", tid,
968 mgmt->u.action.u.delba.reason_code);
969 #endif /* CONFIG_MAC80211_HT_DEBUG */
971 if (initiator == WLAN_BACK_INITIATOR)
972 ieee80211_sta_stop_rx_ba_session(sdata, sta->sta.addr, tid,
973 WLAN_BACK_INITIATOR, 0);
974 else { /* WLAN_BACK_RECIPIENT */
975 spin_lock_bh(&sta->lock);
976 sta->ampdu_mlme.tid_state_tx[tid] =
977 HT_AGG_STATE_OPERATIONAL;
978 spin_unlock_bh(&sta->lock);
979 ieee80211_stop_tx_ba_session(&local->hw, sta->sta.addr, tid,
980 WLAN_BACK_RECIPIENT);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob