4 * Copyright 2003, Jouni Malinen <jkmaline@cc.hut.fi>
5 * Copyright 2002-2005, Instant802 Networks, Inc.
6 * Copyright 2005-2006, Devicescape Software, Inc.
7 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * Copyright 2007-2009, Intel Corporation
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License version 2 as
13 * published by the Free Software Foundation.
16 #include <linux/ieee80211.h>
17 #include <net/mac80211.h>
18 #include "ieee80211_i.h"
24 * Aggregation on the TX side requires setting the hardware flag
25 * %IEEE80211_HW_AMPDU_AGGREGATION as well as, if present, the @ampdu_queues
26 * hardware parameter to the number of hardware AMPDU queues. If there are no
27 * hardware queues then the driver will (currently) have to do all frame
30 * When TX aggregation is started by some subsystem (usually the rate control
31 * algorithm would be appropriate) by calling the
32 * ieee80211_start_tx_ba_session() function, the driver will be notified via
33 * its @ampdu_action function, with the %IEEE80211_AMPDU_TX_START action.
35 * In response to that, the driver is later required to call the
36 * ieee80211_start_tx_ba_cb() (or ieee80211_start_tx_ba_cb_irqsafe())
37 * function, which will start the aggregation session.
39 * Similarly, when the aggregation session is stopped by
40 * ieee80211_stop_tx_ba_session(), the driver's @ampdu_action function will
41 * be called with the action %IEEE80211_AMPDU_TX_STOP. In this case, the
42 * call must not fail, and the driver must later call ieee80211_stop_tx_ba_cb()
43 * (or ieee80211_stop_tx_ba_cb_irqsafe()).
46 static void ieee80211_send_addba_request(struct ieee80211_sub_if_data *sdata,
47 const u8 *da, u16 tid,
48 u8 dialog_token, u16 start_seq_num,
49 u16 agg_size, u16 timeout)
51 struct ieee80211_local *local = sdata->local;
52 struct ieee80211_if_sta *ifsta = &sdata->u.sta;
54 struct ieee80211_mgmt *mgmt;
57 skb = dev_alloc_skb(sizeof(*mgmt) + local->hw.extra_tx_headroom);
60 printk(KERN_ERR "%s: failed to allocate buffer "
61 "for addba request frame\n", sdata->dev->name);
64 skb_reserve(skb, local->hw.extra_tx_headroom);
65 mgmt = (struct ieee80211_mgmt *) skb_put(skb, 24);
67 memcpy(mgmt->da, da, ETH_ALEN);
68 memcpy(mgmt->sa, sdata->dev->dev_addr, ETH_ALEN);
69 if (sdata->vif.type == NL80211_IFTYPE_AP ||
70 sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
71 memcpy(mgmt->bssid, sdata->dev->dev_addr, ETH_ALEN);
73 memcpy(mgmt->bssid, ifsta->bssid, ETH_ALEN);
75 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
76 IEEE80211_STYPE_ACTION);
78 skb_put(skb, 1 + sizeof(mgmt->u.action.u.addba_req));
80 mgmt->u.action.category = WLAN_CATEGORY_BACK;
81 mgmt->u.action.u.addba_req.action_code = WLAN_ACTION_ADDBA_REQ;
83 mgmt->u.action.u.addba_req.dialog_token = dialog_token;
84 capab = (u16)(1 << 1); /* bit 1 aggregation policy */
85 capab |= (u16)(tid << 2); /* bit 5:2 TID number */
86 capab |= (u16)(agg_size << 6); /* bit 15:6 max size of aggergation */
88 mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
90 mgmt->u.action.u.addba_req.timeout = cpu_to_le16(timeout);
91 mgmt->u.action.u.addba_req.start_seq_num =
92 cpu_to_le16(start_seq_num << 4);
94 ieee80211_tx_skb(sdata, skb, 1);
97 void ieee80211_send_bar(struct ieee80211_sub_if_data *sdata, u8 *ra, u16 tid, u16 ssn)
99 struct ieee80211_local *local = sdata->local;
101 struct ieee80211_bar *bar;
104 skb = dev_alloc_skb(sizeof(*bar) + local->hw.extra_tx_headroom);
106 printk(KERN_ERR "%s: failed to allocate buffer for "
107 "bar frame\n", sdata->dev->name);
110 skb_reserve(skb, local->hw.extra_tx_headroom);
111 bar = (struct ieee80211_bar *)skb_put(skb, sizeof(*bar));
112 memset(bar, 0, sizeof(*bar));
113 bar->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
114 IEEE80211_STYPE_BACK_REQ);
115 memcpy(bar->ra, ra, ETH_ALEN);
116 memcpy(bar->ta, sdata->dev->dev_addr, ETH_ALEN);
117 bar_control |= (u16)IEEE80211_BAR_CTRL_ACK_POLICY_NORMAL;
118 bar_control |= (u16)IEEE80211_BAR_CTRL_CBMTID_COMPRESSED_BA;
119 bar_control |= (u16)(tid << 12);
120 bar->control = cpu_to_le16(bar_control);
121 bar->start_seq_num = cpu_to_le16(ssn);
123 ieee80211_tx_skb(sdata, skb, 0);
126 static int ___ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
127 enum ieee80211_back_parties initiator)
129 struct ieee80211_local *local = sta->local;
133 state = &sta->ampdu_mlme.tid_state_tx[tid];
135 if (local->hw.ampdu_queues)
136 ieee80211_stop_queue(&local->hw, sta->tid_to_tx_q[tid]);
138 *state = HT_AGG_STATE_REQ_STOP_BA_MSK |
139 (initiator << HT_AGG_STATE_INITIATOR_SHIFT);
141 ret = local->ops->ampdu_action(&local->hw, IEEE80211_AMPDU_TX_STOP,
142 &sta->sta, tid, NULL);
144 /* HW shall not deny going back to legacy */
146 *state = HT_AGG_STATE_OPERATIONAL;
147 if (local->hw.ampdu_queues)
148 ieee80211_wake_queue(&local->hw, sta->tid_to_tx_q[tid]);
155 * After sending add Block Ack request we activated a timer until
156 * add Block Ack response will arrive from the recipient.
157 * If this timer expires sta_addba_resp_timer_expired will be executed.
159 static void sta_addba_resp_timer_expired(unsigned long data)
161 /* not an elegant detour, but there is no choice as the timer passes
162 * only one argument, and both sta_info and TID are needed, so init
163 * flow in sta_info_create gives the TID as data, while the timer_to_id
164 * array gives the sta through container_of */
165 u16 tid = *(u8 *)data;
166 struct sta_info *sta = container_of((void *)data,
167 struct sta_info, timer_to_tid[tid]);
170 state = &sta->ampdu_mlme.tid_state_tx[tid];
172 /* check if the TID waits for addBA response */
173 spin_lock_bh(&sta->lock);
174 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
175 spin_unlock_bh(&sta->lock);
176 *state = HT_AGG_STATE_IDLE;
177 #ifdef CONFIG_MAC80211_HT_DEBUG
178 printk(KERN_DEBUG "timer expired on tid %d but we are not "
179 "expecting addBA response there", tid);
184 #ifdef CONFIG_MAC80211_HT_DEBUG
185 printk(KERN_DEBUG "addBA response timer expired on tid %d\n", tid);
188 ___ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_INITIATOR);
189 spin_unlock_bh(&sta->lock);
192 int ieee80211_start_tx_ba_session(struct ieee80211_hw *hw, u8 *ra, u16 tid)
194 struct ieee80211_local *local = hw_to_local(hw);
195 struct sta_info *sta;
196 struct ieee80211_sub_if_data *sdata;
201 if (WARN_ON(!local->ops->ampdu_action))
204 if ((tid >= STA_TID_NUM) || !(hw->flags & IEEE80211_HW_AMPDU_AGGREGATION))
207 #ifdef CONFIG_MAC80211_HT_DEBUG
208 printk(KERN_DEBUG "Open BA session requested for %pM tid %u\n",
210 #endif /* CONFIG_MAC80211_HT_DEBUG */
214 sta = sta_info_get(local, ra);
216 #ifdef CONFIG_MAC80211_HT_DEBUG
217 printk(KERN_DEBUG "Could not find the station\n");
224 * The aggregation code is not prepared to handle
225 * anything but STA/AP due to the BSSID handling.
226 * IBSS could work in the code but isn't supported
227 * by drivers or the standard.
229 if (sta->sdata->vif.type != NL80211_IFTYPE_STATION &&
230 sta->sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
231 sta->sdata->vif.type != NL80211_IFTYPE_AP) {
236 spin_lock_bh(&sta->lock);
238 /* we have tried too many times, receiver does not want A-MPDU */
239 if (sta->ampdu_mlme.addba_req_num[tid] > HT_AGG_MAX_RETRIES) {
244 state = &sta->ampdu_mlme.tid_state_tx[tid];
245 /* check if the TID is not in aggregation flow already */
246 if (*state != HT_AGG_STATE_IDLE) {
247 #ifdef CONFIG_MAC80211_HT_DEBUG
248 printk(KERN_DEBUG "BA request denied - session is not "
249 "idle on tid %u\n", tid);
250 #endif /* CONFIG_MAC80211_HT_DEBUG */
255 /* prepare A-MPDU MLME for Tx aggregation */
256 sta->ampdu_mlme.tid_tx[tid] =
257 kmalloc(sizeof(struct tid_ampdu_tx), GFP_ATOMIC);
258 if (!sta->ampdu_mlme.tid_tx[tid]) {
259 #ifdef CONFIG_MAC80211_HT_DEBUG
261 printk(KERN_ERR "allocate tx mlme to tid %d failed\n",
268 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.function =
269 sta_addba_resp_timer_expired;
270 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.data =
271 (unsigned long)&sta->timer_to_tid[tid];
272 init_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
274 if (hw->ampdu_queues) {
275 /* create a new queue for this aggregation */
276 ret = ieee80211_ht_agg_queue_add(local, sta, tid);
278 /* case no queue is available to aggregation
279 * don't switch to aggregation */
281 #ifdef CONFIG_MAC80211_HT_DEBUG
282 printk(KERN_DEBUG "BA request denied - "
283 "queue unavailable for tid %d\n", tid);
284 #endif /* CONFIG_MAC80211_HT_DEBUG */
285 goto err_unlock_queue;
290 /* Ok, the Addba frame hasn't been sent yet, but if the driver calls the
291 * call back right away, it must see that the flow has begun */
292 *state |= HT_ADDBA_REQUESTED_MSK;
294 /* This is slightly racy because the queue isn't stopped */
295 start_seq_num = sta->tid_seq[tid];
297 ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START,
298 &sta->sta, tid, &start_seq_num);
301 /* No need to requeue the packets in the agg queue, since we
302 * held the tx lock: no packet could be enqueued to the newly
304 if (hw->ampdu_queues)
305 ieee80211_ht_agg_queue_remove(local, sta, tid, 0);
306 #ifdef CONFIG_MAC80211_HT_DEBUG
307 printk(KERN_DEBUG "BA request denied - HW unavailable for"
309 #endif /* CONFIG_MAC80211_HT_DEBUG */
310 *state = HT_AGG_STATE_IDLE;
311 goto err_unlock_queue;
314 /* Will put all the packets in the new SW queue */
315 if (hw->ampdu_queues)
316 ieee80211_requeue(local, ieee802_1d_to_ac[tid]);
317 spin_unlock_bh(&sta->lock);
319 /* send an addBA request */
320 sta->ampdu_mlme.dialog_token_allocator++;
321 sta->ampdu_mlme.tid_tx[tid]->dialog_token =
322 sta->ampdu_mlme.dialog_token_allocator;
323 sta->ampdu_mlme.tid_tx[tid]->ssn = start_seq_num;
326 ieee80211_send_addba_request(sta->sdata, ra, tid,
327 sta->ampdu_mlme.tid_tx[tid]->dialog_token,
328 sta->ampdu_mlme.tid_tx[tid]->ssn,
330 /* activate the timer for the recipient's addBA response */
331 sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer.expires =
332 jiffies + ADDBA_RESP_INTERVAL;
333 add_timer(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
334 #ifdef CONFIG_MAC80211_HT_DEBUG
335 printk(KERN_DEBUG "activated addBA response timer on tid %d\n", tid);
340 kfree(sta->ampdu_mlme.tid_tx[tid]);
341 sta->ampdu_mlme.tid_tx[tid] = NULL;
344 spin_unlock_bh(&sta->lock);
349 EXPORT_SYMBOL(ieee80211_start_tx_ba_session);
351 void ieee80211_start_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u16 tid)
353 struct ieee80211_local *local = hw_to_local(hw);
354 struct sta_info *sta;
357 if (tid >= STA_TID_NUM) {
358 #ifdef CONFIG_MAC80211_HT_DEBUG
359 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
366 sta = sta_info_get(local, ra);
369 #ifdef CONFIG_MAC80211_HT_DEBUG
370 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
375 state = &sta->ampdu_mlme.tid_state_tx[tid];
376 spin_lock_bh(&sta->lock);
378 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
379 #ifdef CONFIG_MAC80211_HT_DEBUG
380 printk(KERN_DEBUG "addBA was not requested yet, state is %d\n",
383 spin_unlock_bh(&sta->lock);
388 WARN_ON_ONCE(*state & HT_ADDBA_DRV_READY_MSK);
390 *state |= HT_ADDBA_DRV_READY_MSK;
392 if (*state == HT_AGG_STATE_OPERATIONAL) {
393 #ifdef CONFIG_MAC80211_HT_DEBUG
394 printk(KERN_DEBUG "Aggregation is on for tid %d \n", tid);
396 if (hw->ampdu_queues)
397 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
399 spin_unlock_bh(&sta->lock);
402 EXPORT_SYMBOL(ieee80211_start_tx_ba_cb);
404 void ieee80211_start_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
405 const u8 *ra, u16 tid)
407 struct ieee80211_local *local = hw_to_local(hw);
408 struct ieee80211_ra_tid *ra_tid;
409 struct sk_buff *skb = dev_alloc_skb(0);
411 if (unlikely(!skb)) {
412 #ifdef CONFIG_MAC80211_HT_DEBUG
414 printk(KERN_WARNING "%s: Not enough memory, "
415 "dropping start BA session", skb->dev->name);
419 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
420 memcpy(&ra_tid->ra, ra, ETH_ALEN);
423 skb->pkt_type = IEEE80211_ADDBA_MSG;
424 skb_queue_tail(&local->skb_queue, skb);
425 tasklet_schedule(&local->tasklet);
427 EXPORT_SYMBOL(ieee80211_start_tx_ba_cb_irqsafe);
429 int __ieee80211_stop_tx_ba_session(struct sta_info *sta, u16 tid,
430 enum ieee80211_back_parties initiator)
435 /* check if the TID is in aggregation */
436 state = &sta->ampdu_mlme.tid_state_tx[tid];
437 spin_lock_bh(&sta->lock);
439 if (*state != HT_AGG_STATE_OPERATIONAL) {
444 #ifdef CONFIG_MAC80211_HT_DEBUG
445 printk(KERN_DEBUG "Tx BA session stop requested for %pM tid %u\n",
447 #endif /* CONFIG_MAC80211_HT_DEBUG */
449 ret = ___ieee80211_stop_tx_ba_session(sta, tid, initiator);
452 spin_unlock_bh(&sta->lock);
456 int ieee80211_stop_tx_ba_session(struct ieee80211_hw *hw,
458 enum ieee80211_back_parties initiator)
460 struct ieee80211_local *local = hw_to_local(hw);
461 struct sta_info *sta;
464 if (WARN_ON(!local->ops->ampdu_action))
467 if (tid >= STA_TID_NUM)
471 sta = sta_info_get(local, ra);
477 ret = __ieee80211_stop_tx_ba_session(sta, tid, initiator);
481 EXPORT_SYMBOL(ieee80211_stop_tx_ba_session);
483 void ieee80211_stop_tx_ba_cb(struct ieee80211_hw *hw, u8 *ra, u8 tid)
485 struct ieee80211_local *local = hw_to_local(hw);
486 struct sta_info *sta;
490 if (tid >= STA_TID_NUM) {
491 #ifdef CONFIG_MAC80211_HT_DEBUG
492 printk(KERN_DEBUG "Bad TID value: tid = %d (>= %d)\n",
498 #ifdef CONFIG_MAC80211_HT_DEBUG
499 printk(KERN_DEBUG "Stopping Tx BA session for %pM tid %d\n",
501 #endif /* CONFIG_MAC80211_HT_DEBUG */
504 sta = sta_info_get(local, ra);
506 #ifdef CONFIG_MAC80211_HT_DEBUG
507 printk(KERN_DEBUG "Could not find station: %pM\n", ra);
512 state = &sta->ampdu_mlme.tid_state_tx[tid];
514 /* NOTE: no need to use sta->lock in this state check, as
515 * ieee80211_stop_tx_ba_session will let only one stop call to
516 * pass through per sta/tid
518 if ((*state & HT_AGG_STATE_REQ_STOP_BA_MSK) == 0) {
519 #ifdef CONFIG_MAC80211_HT_DEBUG
520 printk(KERN_DEBUG "unexpected callback to A-MPDU stop\n");
526 if (*state & HT_AGG_STATE_INITIATOR_MSK)
527 ieee80211_send_delba(sta->sdata, ra, tid,
528 WLAN_BACK_INITIATOR, WLAN_REASON_QSTA_NOT_USE);
530 if (hw->ampdu_queues) {
531 agg_queue = sta->tid_to_tx_q[tid];
532 ieee80211_ht_agg_queue_remove(local, sta, tid, 1);
534 /* We just requeued the all the frames that were in the
535 * removed queue, and since we might miss a softirq we do
536 * netif_schedule_queue. ieee80211_wake_queue is not used
537 * here as this queue is not necessarily stopped
539 netif_schedule_queue(netdev_get_tx_queue(local->mdev,
542 spin_lock_bh(&sta->lock);
543 *state = HT_AGG_STATE_IDLE;
544 sta->ampdu_mlme.addba_req_num[tid] = 0;
545 kfree(sta->ampdu_mlme.tid_tx[tid]);
546 sta->ampdu_mlme.tid_tx[tid] = NULL;
547 spin_unlock_bh(&sta->lock);
551 EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb);
553 void ieee80211_stop_tx_ba_cb_irqsafe(struct ieee80211_hw *hw,
554 const u8 *ra, u16 tid)
556 struct ieee80211_local *local = hw_to_local(hw);
557 struct ieee80211_ra_tid *ra_tid;
558 struct sk_buff *skb = dev_alloc_skb(0);
560 if (unlikely(!skb)) {
561 #ifdef CONFIG_MAC80211_HT_DEBUG
563 printk(KERN_WARNING "%s: Not enough memory, "
564 "dropping stop BA session", skb->dev->name);
568 ra_tid = (struct ieee80211_ra_tid *) &skb->cb;
569 memcpy(&ra_tid->ra, ra, ETH_ALEN);
572 skb->pkt_type = IEEE80211_DELBA_MSG;
573 skb_queue_tail(&local->skb_queue, skb);
574 tasklet_schedule(&local->tasklet);
576 EXPORT_SYMBOL(ieee80211_stop_tx_ba_cb_irqsafe);
579 void ieee80211_process_addba_resp(struct ieee80211_local *local,
580 struct sta_info *sta,
581 struct ieee80211_mgmt *mgmt,
584 struct ieee80211_hw *hw = &local->hw;
586 u16 tid, start_seq_num;
589 capab = le16_to_cpu(mgmt->u.action.u.addba_resp.capab);
590 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
592 state = &sta->ampdu_mlme.tid_state_tx[tid];
594 spin_lock_bh(&sta->lock);
596 if (!(*state & HT_ADDBA_REQUESTED_MSK)) {
597 spin_unlock_bh(&sta->lock);
601 if (mgmt->u.action.u.addba_resp.dialog_token !=
602 sta->ampdu_mlme.tid_tx[tid]->dialog_token) {
603 spin_unlock_bh(&sta->lock);
604 #ifdef CONFIG_MAC80211_HT_DEBUG
605 printk(KERN_DEBUG "wrong addBA response token, tid %d\n", tid);
606 #endif /* CONFIG_MAC80211_HT_DEBUG */
610 del_timer_sync(&sta->ampdu_mlme.tid_tx[tid]->addba_resp_timer);
611 #ifdef CONFIG_MAC80211_HT_DEBUG
612 printk(KERN_DEBUG "switched off addBA timer for tid %d \n", tid);
613 #endif /* CONFIG_MAC80211_HT_DEBUG */
614 if (le16_to_cpu(mgmt->u.action.u.addba_resp.status)
615 == WLAN_STATUS_SUCCESS) {
616 *state |= HT_ADDBA_RECEIVED_MSK;
617 sta->ampdu_mlme.addba_req_num[tid] = 0;
619 if (*state == HT_AGG_STATE_OPERATIONAL &&
620 local->hw.ampdu_queues)
621 ieee80211_wake_queue(hw, sta->tid_to_tx_q[tid]);
623 if (local->ops->ampdu_action) {
624 (void)local->ops->ampdu_action(hw,
625 IEEE80211_AMPDU_TX_RESUME,
626 &sta->sta, tid, &start_seq_num);
628 #ifdef CONFIG_MAC80211_HT_DEBUG
629 printk(KERN_DEBUG "Resuming TX aggregation for tid %d\n", tid);
630 #endif /* CONFIG_MAC80211_HT_DEBUG */
632 sta->ampdu_mlme.addba_req_num[tid]++;
633 ___ieee80211_stop_tx_ba_session(sta, tid, WLAN_BACK_INITIATOR);
635 spin_unlock_bh(&sta->lock);
projects / linux-2.6 / blob