1
2
3
4
5
6
7
8
9
10
11
12#include <linux/export.h>
13#include <linux/etherdevice.h>
14#include <net/mac80211.h>
15#include <asm/unaligned.h>
16#include "ieee80211_i.h"
17#include "rate.h"
18#include "mesh.h"
19#include "led.h"
20#include "wme.h"
21
22
23void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
24 struct sk_buff *skb)
25{
26 struct ieee80211_local *local = hw_to_local(hw);
27 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
28 int tmp;
29
30 skb->pkt_type = IEEE80211_TX_STATUS_MSG;
31 skb_queue_tail(info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS ?
32 &local->skb_queue : &local->skb_queue_unreliable, skb);
33 tmp = skb_queue_len(&local->skb_queue) +
34 skb_queue_len(&local->skb_queue_unreliable);
35 while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT &&
36 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
37 ieee80211_free_txskb(hw, skb);
38 tmp--;
39 I802_DEBUG_INC(local->tx_status_drop);
40 }
41 tasklet_schedule(&local->tasklet);
42}
43EXPORT_SYMBOL(ieee80211_tx_status_irqsafe);
44
45static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
46 struct sta_info *sta,
47 struct sk_buff *skb)
48{
49 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
50 struct ieee80211_hdr *hdr = (void *)skb->data;
51 int ac;
52
53
54
55
56
57
58
59
60
61 memset(&info->control, 0, sizeof(info->control));
62
63 info->control.jiffies = jiffies;
64 info->control.vif = &sta->sdata->vif;
65 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING |
66 IEEE80211_TX_INTFL_RETRANSMISSION;
67 info->flags &= ~IEEE80211_TX_TEMPORARY_FLAGS;
68
69 sta->tx_filtered_count++;
70
71
72
73
74
75
76
77
78 if (hdr->frame_control & cpu_to_le16(IEEE80211_FCTL_MOREDATA))
79 hdr->frame_control &= ~cpu_to_le16(IEEE80211_FCTL_MOREDATA);
80
81 if (ieee80211_is_data_qos(hdr->frame_control)) {
82 u8 *p = ieee80211_get_qos_ctl(hdr);
83 int tid = *p & IEEE80211_QOS_CTL_TID_MASK;
84
85
86
87
88
89
90 if (*p & IEEE80211_QOS_CTL_EOSP)
91 *p &= ~IEEE80211_QOS_CTL_EOSP;
92 ac = ieee802_1d_to_ac[tid & 7];
93 } else {
94 ac = IEEE80211_AC_BE;
95 }
96
97
98
99
100
101
102 set_sta_flag(sta, WLAN_STA_CLEAR_PS_FILT);
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138 if (test_sta_flag(sta, WLAN_STA_PS_STA) &&
139 skb_queue_len(&sta->tx_filtered[ac]) < STA_MAX_TX_BUFFER) {
140 skb_queue_tail(&sta->tx_filtered[ac], skb);
141 sta_info_recalc_tim(sta);
142
143 if (!timer_pending(&local->sta_cleanup))
144 mod_timer(&local->sta_cleanup,
145 round_jiffies(jiffies +
146 STA_INFO_CLEANUP_INTERVAL));
147 return;
148 }
149
150 if (!test_sta_flag(sta, WLAN_STA_PS_STA) &&
151 !(info->flags & IEEE80211_TX_INTFL_RETRIED)) {
152
153 info->flags |= IEEE80211_TX_INTFL_RETRIED;
154 ieee80211_add_pending_skb(local, skb);
155 return;
156 }
157
158 ps_dbg_ratelimited(sta->sdata,
159 "dropped TX filtered frame, queue_len=%d PS=%d @%lu\n",
160 skb_queue_len(&sta->tx_filtered[ac]),
161 !!test_sta_flag(sta, WLAN_STA_PS_STA), jiffies);
162 ieee80211_free_txskb(&local->hw, skb);
163}
164
165static void ieee80211_check_pending_bar(struct sta_info *sta, u8 *addr, u8 tid)
166{
167 struct tid_ampdu_tx *tid_tx;
168
169 tid_tx = rcu_dereference(sta->ampdu_mlme.tid_tx[tid]);
170 if (!tid_tx || !tid_tx->bar_pending)
171 return;
172
173 tid_tx->bar_pending = false;
174 ieee80211_send_bar(&sta->sdata->vif, addr, tid, tid_tx->failed_bar_ssn);
175}
176
177static void ieee80211_frame_acked(struct sta_info *sta, struct sk_buff *skb)
178{
179 struct ieee80211_mgmt *mgmt = (void *) skb->data;
180 struct ieee80211_local *local = sta->local;
181 struct ieee80211_sub_if_data *sdata = sta->sdata;
182
183 if (ieee80211_is_data_qos(mgmt->frame_control)) {
184 struct ieee80211_hdr *hdr = (void *) skb->data;
185 u8 *qc = ieee80211_get_qos_ctl(hdr);
186 u16 tid = qc[0] & 0xf;
187
188 ieee80211_check_pending_bar(sta, hdr->addr1, tid);
189 }
190
191 if (ieee80211_is_action(mgmt->frame_control) &&
192 sdata->vif.type == NL80211_IFTYPE_STATION &&
193 mgmt->u.action.category == WLAN_CATEGORY_HT &&
194 mgmt->u.action.u.ht_smps.action == WLAN_HT_ACTION_SMPS) {
195
196
197
198
199
200
201
202 switch (mgmt->u.action.u.ht_smps.smps_control) {
203 case WLAN_HT_SMPS_CONTROL_DYNAMIC:
204 sta->sdata->u.mgd.ap_smps = IEEE80211_SMPS_DYNAMIC;
205 break;
206 case WLAN_HT_SMPS_CONTROL_STATIC:
207 sta->sdata->u.mgd.ap_smps = IEEE80211_SMPS_STATIC;
208 break;
209 case WLAN_HT_SMPS_CONTROL_DISABLED:
210 default:
211 sta->sdata->u.mgd.ap_smps = IEEE80211_SMPS_OFF;
212 break;
213 }
214
215 ieee80211_queue_work(&local->hw, &local->recalc_smps);
216 }
217}
218
219static void ieee80211_set_bar_pending(struct sta_info *sta, u8 tid, u16 ssn)
220{
221 struct tid_ampdu_tx *tid_tx;
222
223 tid_tx = rcu_dereference(sta->ampdu_mlme.tid_tx[tid]);
224 if (!tid_tx)
225 return;
226
227 tid_tx->failed_bar_ssn = ssn;
228 tid_tx->bar_pending = true;
229}
230
231static int ieee80211_tx_radiotap_len(struct ieee80211_tx_info *info)
232{
233 int len = sizeof(struct ieee80211_radiotap_header);
234
235
236 if (info->status.rates[0].idx >= 0 &&
237 !(info->status.rates[0].flags & IEEE80211_TX_RC_MCS))
238 len += 2;
239
240
241 len += 2;
242
243
244 len += 1;
245
246
247 if (info->status.rates[0].idx >= 0 &&
248 info->status.rates[0].flags & IEEE80211_TX_RC_MCS)
249 len += 3;
250
251 return len;
252}
253
254static void ieee80211_add_tx_radiotap_header(struct ieee80211_supported_band
255 *sband, struct sk_buff *skb,
256 int retry_count, int rtap_len)
257{
258 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
259 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
260 struct ieee80211_radiotap_header *rthdr;
261 unsigned char *pos;
262 u16 txflags;
263
264 rthdr = (struct ieee80211_radiotap_header *) skb_push(skb, rtap_len);
265
266 memset(rthdr, 0, rtap_len);
267 rthdr->it_len = cpu_to_le16(rtap_len);
268 rthdr->it_present =
269 cpu_to_le32((1 << IEEE80211_RADIOTAP_TX_FLAGS) |
270 (1 << IEEE80211_RADIOTAP_DATA_RETRIES));
271 pos = (unsigned char *)(rthdr + 1);
272
273
274
275
276
277
278
279
280 if (info->status.rates[0].idx >= 0 &&
281 !(info->status.rates[0].flags & IEEE80211_TX_RC_MCS)) {
282 rthdr->it_present |= cpu_to_le32(1 << IEEE80211_RADIOTAP_RATE);
283 *pos = sband->bitrates[info->status.rates[0].idx].bitrate / 5;
284
285 pos += 2;
286 }
287
288
289 txflags = 0;
290 if (!(info->flags & IEEE80211_TX_STAT_ACK) &&
291 !is_multicast_ether_addr(hdr->addr1))
292 txflags |= IEEE80211_RADIOTAP_F_TX_FAIL;
293
294 if ((info->status.rates[0].flags & IEEE80211_TX_RC_USE_RTS_CTS) ||
295 (info->status.rates[0].flags & IEEE80211_TX_RC_USE_CTS_PROTECT))
296 txflags |= IEEE80211_RADIOTAP_F_TX_CTS;
297 else if (info->status.rates[0].flags & IEEE80211_TX_RC_USE_RTS_CTS)
298 txflags |= IEEE80211_RADIOTAP_F_TX_RTS;
299
300 put_unaligned_le16(txflags, pos);
301 pos += 2;
302
303
304
305 *pos = retry_count;
306 pos++;
307
308
309 if (info->status.rates[0].idx >= 0 &&
310 info->status.rates[0].flags & IEEE80211_TX_RC_MCS) {
311 rthdr->it_present |= cpu_to_le32(1 << IEEE80211_RADIOTAP_MCS);
312 pos[0] = IEEE80211_RADIOTAP_MCS_HAVE_MCS |
313 IEEE80211_RADIOTAP_MCS_HAVE_GI |
314 IEEE80211_RADIOTAP_MCS_HAVE_BW;
315 if (info->status.rates[0].flags & IEEE80211_TX_RC_SHORT_GI)
316 pos[1] |= IEEE80211_RADIOTAP_MCS_SGI;
317 if (info->status.rates[0].flags & IEEE80211_TX_RC_40_MHZ_WIDTH)
318 pos[1] |= IEEE80211_RADIOTAP_MCS_BW_40;
319 if (info->status.rates[0].flags & IEEE80211_TX_RC_GREEN_FIELD)
320 pos[1] |= IEEE80211_RADIOTAP_MCS_FMT_GF;
321 pos[2] = info->status.rates[0].idx;
322 pos += 3;
323 }
324
325}
326
327
328
329
330
331
332
333
334#define STA_LOST_PKT_THRESHOLD 50
335
336void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb)
337{
338 struct sk_buff *skb2;
339 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
340 struct ieee80211_local *local = hw_to_local(hw);
341 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
342 __le16 fc;
343 struct ieee80211_supported_band *sband;
344 struct ieee80211_sub_if_data *sdata;
345 struct net_device *prev_dev = NULL;
346 struct sta_info *sta, *tmp;
347 int retry_count = -1, i;
348 int rates_idx = -1;
349 bool send_to_cooked;
350 bool acked;
351 struct ieee80211_bar *bar;
352 int rtap_len;
353
354 for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
355 if ((info->flags & IEEE80211_TX_CTL_AMPDU) &&
356 !(info->flags & IEEE80211_TX_STAT_AMPDU)) {
357
358 info->status.rates[i].idx = -1;
359 info->status.rates[i].count = 0;
360 break;
361 } else if (info->status.rates[i].idx < 0) {
362 break;
363 } else if (i >= hw->max_report_rates) {
364
365 info->status.rates[i].idx = -1;
366 info->status.rates[i].count = 0;
367 break;
368 }
369
370 retry_count += info->status.rates[i].count;
371 }
372 rates_idx = i - 1;
373
374 if (retry_count < 0)
375 retry_count = 0;
376
377 rcu_read_lock();
378
379 sband = local->hw.wiphy->bands[info->band];
380 fc = hdr->frame_control;
381
382 for_each_sta_info(local, hdr->addr1, sta, tmp) {
383
384 if (!ether_addr_equal(hdr->addr2, sta->sdata->vif.addr))
385 continue;
386
387 if (info->flags & IEEE80211_TX_STATUS_EOSP)
388 clear_sta_flag(sta, WLAN_STA_SP);
389
390 acked = !!(info->flags & IEEE80211_TX_STAT_ACK);
391 if (!acked && test_sta_flag(sta, WLAN_STA_PS_STA)) {
392
393
394
395
396 ieee80211_handle_filtered_frame(local, sta, skb);
397 rcu_read_unlock();
398 return;
399 }
400
401 if ((local->hw.flags & IEEE80211_HW_HAS_RATE_CONTROL) &&
402 (rates_idx != -1))
403 sta->last_tx_rate = info->status.rates[rates_idx];
404
405 if ((info->flags & IEEE80211_TX_STAT_AMPDU_NO_BACK) &&
406 (ieee80211_is_data_qos(fc))) {
407 u16 tid, ssn;
408 u8 *qc;
409
410 qc = ieee80211_get_qos_ctl(hdr);
411 tid = qc[0] & 0xf;
412 ssn = ((le16_to_cpu(hdr->seq_ctrl) + 0x10)
413 & IEEE80211_SCTL_SEQ);
414 ieee80211_send_bar(&sta->sdata->vif, hdr->addr1,
415 tid, ssn);
416 }
417
418 if (!acked && ieee80211_is_back_req(fc)) {
419 u16 tid, control;
420
421
422
423
424
425
426 bar = (struct ieee80211_bar *) skb->data;
427 control = le16_to_cpu(bar->control);
428 if (!(control & IEEE80211_BAR_CTRL_MULTI_TID)) {
429 u16 ssn = le16_to_cpu(bar->start_seq_num);
430
431 tid = (control &
432 IEEE80211_BAR_CTRL_TID_INFO_MASK) >>
433 IEEE80211_BAR_CTRL_TID_INFO_SHIFT;
434
435 if (local->hw.flags &
436 IEEE80211_HW_TEARDOWN_AGGR_ON_BAR_FAIL)
437 ieee80211_stop_tx_ba_session(&sta->sta, tid);
438 else
439 ieee80211_set_bar_pending(sta, tid, ssn);
440 }
441 }
442
443 if (info->flags & IEEE80211_TX_STAT_TX_FILTERED) {
444 ieee80211_handle_filtered_frame(local, sta, skb);
445 rcu_read_unlock();
446 return;
447 } else {
448 if (!acked)
449 sta->tx_retry_failed++;
450 sta->tx_retry_count += retry_count;
451 }
452
453 rate_control_tx_status(local, sband, sta, skb);
454 if (ieee80211_vif_is_mesh(&sta->sdata->vif))
455 ieee80211s_update_metric(local, sta, skb);
456
457 if (!(info->flags & IEEE80211_TX_CTL_INJECTED) && acked)
458 ieee80211_frame_acked(sta, skb);
459
460 if ((sta->sdata->vif.type == NL80211_IFTYPE_STATION) &&
461 (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS))
462 ieee80211_sta_tx_notify(sta->sdata, (void *) skb->data, acked);
463
464 if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) {
465 if (info->flags & IEEE80211_TX_STAT_ACK) {
466 if (sta->lost_packets)
467 sta->lost_packets = 0;
468 } else if (++sta->lost_packets >= STA_LOST_PKT_THRESHOLD) {
469 cfg80211_cqm_pktloss_notify(sta->sdata->dev,
470 sta->sta.addr,
471 sta->lost_packets,
472 GFP_ATOMIC);
473 sta->lost_packets = 0;
474 }
475 }
476 }
477
478 rcu_read_unlock();
479
480 ieee80211_led_tx(local, 0);
481
482
483
484
485
486 if (info->flags & IEEE80211_TX_STAT_ACK) {
487 if (ieee80211_is_first_frag(hdr->seq_ctrl)) {
488 local->dot11TransmittedFrameCount++;
489 if (is_multicast_ether_addr(hdr->addr1))
490 local->dot11MulticastTransmittedFrameCount++;
491 if (retry_count > 0)
492 local->dot11RetryCount++;
493 if (retry_count > 1)
494 local->dot11MultipleRetryCount++;
495 }
496
497
498
499
500
501 if (!is_multicast_ether_addr(hdr->addr1) ||
502 ieee80211_is_data(fc) ||
503 ieee80211_is_mgmt(fc))
504 local->dot11TransmittedFragmentCount++;
505 } else {
506 if (ieee80211_is_first_frag(hdr->seq_ctrl))
507 local->dot11FailedCount++;
508 }
509
510 if (ieee80211_is_nullfunc(fc) && ieee80211_has_pm(fc) &&
511 (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) &&
512 !(info->flags & IEEE80211_TX_CTL_INJECTED) &&
513 local->ps_sdata && !(local->scanning)) {
514 if (info->flags & IEEE80211_TX_STAT_ACK) {
515 local->ps_sdata->u.mgd.flags |=
516 IEEE80211_STA_NULLFUNC_ACKED;
517 } else
518 mod_timer(&local->dynamic_ps_timer, jiffies +
519 msecs_to_jiffies(10));
520 }
521
522 if (info->flags & IEEE80211_TX_INTFL_NL80211_FRAME_TX) {
523 u64 cookie = (unsigned long)skb;
524 bool found = false;
525
526 acked = info->flags & IEEE80211_TX_STAT_ACK;
527
528 rcu_read_lock();
529
530 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
531 if (!sdata->dev)
532 continue;
533
534 if (skb->dev != sdata->dev)
535 continue;
536
537 found = true;
538 break;
539 }
540
541 if (!skb->dev) {
542 sdata = rcu_dereference(local->p2p_sdata);
543 if (sdata)
544 found = true;
545 }
546
547 if (!found)
548 skb->dev = NULL;
549 else if (ieee80211_is_nullfunc(hdr->frame_control) ||
550 ieee80211_is_qos_nullfunc(hdr->frame_control)) {
551 cfg80211_probe_status(sdata->dev, hdr->addr1,
552 cookie, acked, GFP_ATOMIC);
553 } else {
554 cfg80211_mgmt_tx_status(&sdata->wdev, cookie, skb->data,
555 skb->len, acked, GFP_ATOMIC);
556 }
557
558 rcu_read_unlock();
559 }
560
561 if (unlikely(info->ack_frame_id)) {
562 struct sk_buff *ack_skb;
563 unsigned long flags;
564
565 spin_lock_irqsave(&local->ack_status_lock, flags);
566 ack_skb = idr_find(&local->ack_status_frames,
567 info->ack_frame_id);
568 if (ack_skb)
569 idr_remove(&local->ack_status_frames,
570 info->ack_frame_id);
571 spin_unlock_irqrestore(&local->ack_status_lock, flags);
572
573
574 if (ack_skb)
575 skb_complete_wifi_ack(ack_skb,
576 info->flags & IEEE80211_TX_STAT_ACK);
577 }
578
579
580 skb_orphan(skb);
581
582
583 send_to_cooked = !!(info->flags & IEEE80211_TX_CTL_INJECTED) ||
584 !(ieee80211_is_data(fc));
585
586
587
588
589
590 if (!local->monitors && (!send_to_cooked || !local->cooked_mntrs)) {
591 dev_kfree_skb(skb);
592 return;
593 }
594
595
596 rtap_len = ieee80211_tx_radiotap_len(info);
597 if (WARN_ON_ONCE(skb_headroom(skb) < rtap_len)) {
598 pr_err("ieee80211_tx_status: headroom too small\n");
599 dev_kfree_skb(skb);
600 return;
601 }
602 ieee80211_add_tx_radiotap_header(sband, skb, retry_count, rtap_len);
603
604
605 skb_set_mac_header(skb, 0);
606 skb->ip_summed = CHECKSUM_UNNECESSARY;
607 skb->pkt_type = PACKET_OTHERHOST;
608 skb->protocol = htons(ETH_P_802_2);
609 memset(skb->cb, 0, sizeof(skb->cb));
610
611 rcu_read_lock();
612 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
613 if (sdata->vif.type == NL80211_IFTYPE_MONITOR) {
614 if (!ieee80211_sdata_running(sdata))
615 continue;
616
617 if ((sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES) &&
618 !send_to_cooked)
619 continue;
620
621 if (prev_dev) {
622 skb2 = skb_clone(skb, GFP_ATOMIC);
623 if (skb2) {
624 skb2->dev = prev_dev;
625 netif_rx(skb2);
626 }
627 }
628
629 prev_dev = sdata->dev;
630 }
631 }
632 if (prev_dev) {
633 skb->dev = prev_dev;
634 netif_rx(skb);
635 skb = NULL;
636 }
637 rcu_read_unlock();
638 dev_kfree_skb(skb);
639}
640EXPORT_SYMBOL(ieee80211_tx_status);
641
642void ieee80211_report_low_ack(struct ieee80211_sta *pubsta, u32 num_packets)
643{
644 struct sta_info *sta = container_of(pubsta, struct sta_info, sta);
645 cfg80211_cqm_pktloss_notify(sta->sdata->dev, sta->sta.addr,
646 num_packets, GFP_ATOMIC);
647}
648EXPORT_SYMBOL(ieee80211_report_low_ack);
649
650void ieee80211_free_txskb(struct ieee80211_hw *hw, struct sk_buff *skb)
651{
652 struct ieee80211_local *local = hw_to_local(hw);
653 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
654
655 if (unlikely(info->ack_frame_id)) {
656 struct sk_buff *ack_skb;
657 unsigned long flags;
658
659 spin_lock_irqsave(&local->ack_status_lock, flags);
660 ack_skb = idr_find(&local->ack_status_frames,
661 info->ack_frame_id);
662 if (ack_skb)
663 idr_remove(&local->ack_status_frames,
664 info->ack_frame_id);
665 spin_unlock_irqrestore(&local->ack_status_lock, flags);
666
667
668 if (ack_skb)
669 dev_kfree_skb_any(ack_skb);
670 }
671
672 dev_kfree_skb_any(skb);
673}
674EXPORT_SYMBOL(ieee80211_free_txskb);
675
676void ieee80211_purge_tx_queue(struct ieee80211_hw *hw,
677 struct sk_buff_head *skbs)
678{
679 struct sk_buff *skb;
680
681 while ((skb = __skb_dequeue(skbs)))
682 ieee80211_free_txskb(hw, skb);
683}
684