LXR linux/net/mac80211/status.c

   1/*
   2 * Copyright 2002-2005, Instant802 Networks, Inc.
   3 * Copyright 2005-2006, Devicescape Software, Inc.
   4 * Copyright 2006-2007  Jiri Benc <jbenc@suse.cz>
   5 * Copyright 2008-2010  Johannes Berg <johannes@sipsolutions.net>
   6 *
   7 * This program is free software; you can redistribute it and/or modify
   8 * it under the terms of the GNU General Public License version 2 as
   9 * published by the Free Software Foundation.
  10 */
  11
  12#include <linux/export.h>
  13#include <net/mac80211.h>
  14#include "ieee80211_i.h"
  15#include "rate.h"
  16#include "mesh.h"
  17#include "led.h"
  18#include "wme.h"
  19
  20
  21void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
  22                                 struct sk_buff *skb)
  23{
  24        struct ieee80211_local *local = hw_to_local(hw);
  25        struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
  26        int tmp;
  27
  28        skb->pkt_type = IEEE80211_TX_STATUS_MSG;
  29        skb_queue_tail(info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS ?
  30                       &local->skb_queue : &local->skb_queue_unreliable, skb);
  31        tmp = skb_queue_len(&local->skb_queue) +
  32                skb_queue_len(&local->skb_queue_unreliable);
  33        while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT &&
  34               (skb = skb_dequeue(&local->skb_queue_unreliable))) {
  35                dev_kfree_skb_irq(skb);
  36                tmp--;
  37                I802_DEBUG_INC(local->tx_status_drop);
  38        }
  39        tasklet_schedule(&local->tasklet);
  40}
  41EXPORT_SYMBOL(ieee80211_tx_status_irqsafe);
  42
  43static void ieee80211_handle_filtered_frame(struct ieee80211_local *local,
  44                                            struct sta_info *sta,
  45                                            struct sk_buff *skb)
  46{
  47        struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
  48        struct ieee80211_hdr *hdr = (void *)skb->data;
  49        int ac;
  50
  51        /*
  52         * This skb 'survived' a round-trip through the driver, and
  53         * hopefully the driver didn't mangle it too badly. However,
  54         * we can definitely not rely on the control information
  55         * being correct. Clear it so we don't get junk there, and
  56         * indicate that it needs new processing, but must not be
  57         * modified/encrypted again.
  58         */
  59        memset(&info->control, 0, sizeof(info->control));
  60
  61        info->control.jiffies = jiffies;
  62        info->control.vif = &sta->sdata->vif;
  63        info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING |
  64                       IEEE80211_TX_INTFL_RETRANSMISSION;
  65        info->flags &= ~IEEE80211_TX_TEMPORARY_FLAGS;
  66
  67        sta->tx_filtered_count++;
  68
  69        /*
  70         * Clear more-data bit on filtered frames, it might be set
  71         * but later frames might time out so it might have to be
  72         * clear again ... It's all rather unlikely (this frame
  73         * should time out first, right?) but let's not confuse
  74         * peers unnecessarily.
  75         */
  76        if (hdr->frame_control & cpu_to_le16(IEEE80211_FCTL_MOREDATA))
  77                hdr->frame_control &= ~cpu_to_le16(IEEE80211_FCTL_MOREDATA);
  78
  79        if (ieee80211_is_data_qos(hdr->frame_control)) {
  80                u8 *p = ieee80211_get_qos_ctl(hdr);
  81                int tid = *p & IEEE80211_QOS_CTL_TID_MASK;
  82
  83                /*
  84                 * Clear EOSP if set, this could happen e.g.
  85                 * if an absence period (us being a P2P GO)
  86                 * shortens the SP.
  87                 */
  88                if (*p & IEEE80211_QOS_CTL_EOSP)
  89                        *p &= ~IEEE80211_QOS_CTL_EOSP;
  90                ac = ieee802_1d_to_ac[tid & 7];
  91        } else {
  92                ac = IEEE80211_AC_BE;
  93        }
  94
  95        /*
  96         * Clear the TX filter mask for this STA when sending the next
  97         * packet. If the STA went to power save mode, this will happen
  98         * when it wakes up for the next time.
  99         */
 100        set_sta_flag(sta, WLAN_STA_CLEAR_PS_FILT);
 101
 102        /*
 103         * This code races in the following way:
 104         *
 105         *  (1) STA sends frame indicating it will go to sleep and does so
 106         *  (2) hardware/firmware adds STA to filter list, passes frame up
 107         *  (3) hardware/firmware processes TX fifo and suppresses a frame
 108         *  (4) we get TX status before having processed the frame and
 109         *      knowing that the STA has gone to sleep.
 110         *
 111         * This is actually quite unlikely even when both those events are
 112         * processed from interrupts coming in quickly after one another or
 113         * even at the same time because we queue both TX status events and
 114         * RX frames to be processed by a tasklet and process them in the
 115         * same order that they were received or TX status last. Hence, there
 116         * is no race as long as the frame RX is processed before the next TX
 117         * status, which drivers can ensure, see below.
 118         *
 119         * Note that this can only happen if the hardware or firmware can
 120         * actually add STAs to the filter list, if this is done by the
 121         * driver in response to set_tim() (which will only reduce the race
 122         * this whole filtering tries to solve, not completely solve it)
 123         * this situation cannot happen.
 124         *
 125         * To completely solve this race drivers need to make sure that they
 126         *  (a) don't mix the irq-safe/not irq-safe TX status/RX processing
 127         *      functions and
 128         *  (b) always process RX events before TX status events if ordering
 129         *      can be unknown, for example with different interrupt status
 130         *      bits.
 131         *  (c) if PS mode transitions are manual (i.e. the flag
 132         *      %IEEE80211_HW_AP_LINK_PS is set), always process PS state
 133         *      changes before calling TX status events if ordering can be
 134         *      unknown.
 135         */
 136        if (test_sta_flag(sta, WLAN_STA_PS_STA) &&
 137            skb_queue_len(&sta->tx_filtered[ac]) < STA_MAX_TX_BUFFER) {
 138                skb_queue_tail(&sta->tx_filtered[ac], skb);
 139                sta_info_recalc_tim(sta);
 140
 141                if (!timer_pending(&local->sta_cleanup))
 142                        mod_timer(&local->sta_cleanup,
 143                                  round_jiffies(jiffies +
 144                                                STA_INFO_CLEANUP_INTERVAL));
 145                return;
 146        }
 147
 148        if (!test_sta_flag(sta, WLAN_STA_PS_STA) &&
 149            !(info->flags & IEEE80211_TX_INTFL_RETRIED)) {
 150                /* Software retry the packet once */
 151                info->flags |= IEEE80211_TX_INTFL_RETRIED;
 152                ieee80211_add_pending_skb(local, skb);
 153                return;
 154        }
 155
 156#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
 157        if (net_ratelimit())
 158                wiphy_debug(local->hw.wiphy,
 159                            "dropped TX filtered frame, queue_len=%d PS=%d @%lu\n",
 160                            skb_queue_len(&sta->tx_filtered[ac]),
 161                            !!test_sta_flag(sta, WLAN_STA_PS_STA), jiffies);
 162#endif
 163        dev_kfree_skb(skb);
 164}
 165
 166static void ieee80211_check_pending_bar(struct sta_info *sta, u8 *addr, u8 tid)
 167{
 168        struct tid_ampdu_tx *tid_tx;
 169
 170        tid_tx = rcu_dereference(sta->ampdu_mlme.tid_tx[tid]);
 171        if (!tid_tx || !tid_tx->bar_pending)
 172                return;
 173
 174        tid_tx->bar_pending = false;
 175        ieee80211_send_bar(&sta->sdata->vif, addr, tid, tid_tx->failed_bar_ssn);
 176}
 177
 178static void ieee80211_frame_acked(struct sta_info *sta, struct sk_buff *skb)
 179{
 180        struct ieee80211_mgmt *mgmt = (void *) skb->data;
 181        struct ieee80211_local *local = sta->local;
 182        struct ieee80211_sub_if_data *sdata = sta->sdata;
 183
 184        if (ieee80211_is_data_qos(mgmt->frame_control)) {
 185                struct ieee80211_hdr *hdr = (void *) skb->data;
 186                u8 *qc = ieee80211_get_qos_ctl(hdr);
 187                u16 tid = qc[0] & 0xf;
 188
 189                ieee80211_check_pending_bar(sta, hdr->addr1, tid);
 190        }
 191
 192        if (ieee80211_is_action(mgmt->frame_control) &&
 193            sdata->vif.type == NL80211_IFTYPE_STATION &&
 194            mgmt->u.action.category == WLAN_CATEGORY_HT &&
 195            mgmt->u.action.u.ht_smps.action == WLAN_HT_ACTION_SMPS) {
 196                /*
 197                 * This update looks racy, but isn't -- if we come
 198                 * here we've definitely got a station that we're
 199                 * talking to, and on a managed interface that can
 200                 * only be the AP. And the only other place updating
 201                 * this variable is before we're associated.
 202                 */
 203                switch (mgmt->u.action.u.ht_smps.smps_control) {
 204                case WLAN_HT_SMPS_CONTROL_DYNAMIC:
 205                        sta->sdata->u.mgd.ap_smps = IEEE80211_SMPS_DYNAMIC;
 206                        break;
 207                case WLAN_HT_SMPS_CONTROL_STATIC:
 208                        sta->sdata->u.mgd.ap_smps = IEEE80211_SMPS_STATIC;
 209                        break;
 210                case WLAN_HT_SMPS_CONTROL_DISABLED:
 211                default: /* shouldn't happen since we don't send that */
 212                        sta->sdata->u.mgd.ap_smps = IEEE80211_SMPS_OFF;
 213                        break;
 214                }
 215
 216                ieee80211_queue_work(&local->hw, &local->recalc_smps);
 217        }
 218}
 219
 220static void ieee80211_set_bar_pending(struct sta_info *sta, u8 tid, u16 ssn)
 221{
 222        struct tid_ampdu_tx *tid_tx;
 223
 224        tid_tx = rcu_dereference(sta->ampdu_mlme.tid_tx[tid]);
 225        if (!tid_tx)
 226                return;
 227
 228        tid_tx->failed_bar_ssn = ssn;
 229        tid_tx->bar_pending = true;
 230}
 231
 232static int ieee80211_tx_radiotap_len(struct ieee80211_tx_info *info)
 233{
 234        int len = sizeof(struct ieee80211_radiotap_header);
 235
 236        /* IEEE80211_RADIOTAP_RATE rate */
 237        if (info->status.rates[0].idx >= 0 &&
 238            !(info->status.rates[0].flags & IEEE80211_TX_RC_MCS))
 239                len += 2;
 240
 241        /* IEEE80211_RADIOTAP_TX_FLAGS */
 242        len += 2;
 243
 244        /* IEEE80211_RADIOTAP_DATA_RETRIES */
 245        len += 1;
 246
 247        /* IEEE80211_TX_RC_MCS */
 248        if (info->status.rates[0].idx >= 0 &&
 249            info->status.rates[0].flags & IEEE80211_TX_RC_MCS)
 250                len += 3;
 251
 252        return len;
 253}
 254
 255static void ieee80211_add_tx_radiotap_header(struct ieee80211_supported_band
 256                                             *sband, struct sk_buff *skb,
 257                                             int retry_count, int rtap_len)
 258{
 259        struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
 260        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
 261        struct ieee80211_radiotap_header *rthdr;
 262        unsigned char *pos;
 263        u16 txflags;
 264
 265        rthdr = (struct ieee80211_radiotap_header *) skb_push(skb, rtap_len);
 266
 267        memset(rthdr, 0, rtap_len);
 268        rthdr->it_len = cpu_to_le16(rtap_len);
 269        rthdr->it_present =
 270                cpu_to_le32((1 << IEEE80211_RADIOTAP_TX_FLAGS) |
 271                            (1 << IEEE80211_RADIOTAP_DATA_RETRIES));
 272        pos = (unsigned char *)(rthdr + 1);
 273
 274        /*
 275         * XXX: Once radiotap gets the bitmap reset thing the vendor
 276         *      extensions proposal contains, we can actually report
 277         *      the whole set of tries we did.
 278         */
 279
 280        /* IEEE80211_RADIOTAP_RATE */
 281        if (info->status.rates[0].idx >= 0 &&
 282            !(info->status.rates[0].flags & IEEE80211_TX_RC_MCS)) {
 283                rthdr->it_present |= cpu_to_le32(1 << IEEE80211_RADIOTAP_RATE);
 284                *pos = sband->bitrates[info->status.rates[0].idx].bitrate / 5;
 285                /* padding for tx flags */
 286                pos += 2;
 287        }
 288
 289        /* IEEE80211_RADIOTAP_TX_FLAGS */
 290        txflags = 0;
 291        if (!(info->flags & IEEE80211_TX_STAT_ACK) &&
 292            !is_multicast_ether_addr(hdr->addr1))
 293                txflags |= IEEE80211_RADIOTAP_F_TX_FAIL;
 294
 295        if ((info->status.rates[0].flags & IEEE80211_TX_RC_USE_RTS_CTS) ||
 296            (info->status.rates[0].flags & IEEE80211_TX_RC_USE_CTS_PROTECT))
 297                txflags |= IEEE80211_RADIOTAP_F_TX_CTS;
 298        else if (info->status.rates[0].flags & IEEE80211_TX_RC_USE_RTS_CTS)
 299                txflags |= IEEE80211_RADIOTAP_F_TX_RTS;
 300
 301        put_unaligned_le16(txflags, pos);
 302        pos += 2;
 303
 304        /* IEEE80211_RADIOTAP_DATA_RETRIES */
 305        /* for now report the total retry_count */
 306        *pos = retry_count;
 307        pos++;
 308
 309        /* IEEE80211_TX_RC_MCS */
 310        if (info->status.rates[0].idx >= 0 &&
 311            info->status.rates[0].flags & IEEE80211_TX_RC_MCS) {
 312                rthdr->it_present |= cpu_to_le32(1 << IEEE80211_RADIOTAP_MCS);
 313                pos[0] = IEEE80211_RADIOTAP_MCS_HAVE_MCS |
 314                         IEEE80211_RADIOTAP_MCS_HAVE_GI |
 315                         IEEE80211_RADIOTAP_MCS_HAVE_BW;
 316                if (info->status.rates[0].flags & IEEE80211_TX_RC_SHORT_GI)
 317                        pos[1] |= IEEE80211_RADIOTAP_MCS_SGI;
 318                if (info->status.rates[0].flags & IEEE80211_TX_RC_40_MHZ_WIDTH)
 319                        pos[1] |= IEEE80211_RADIOTAP_MCS_BW_40;
 320                if (info->status.rates[0].flags & IEEE80211_TX_RC_GREEN_FIELD)
 321                        pos[1] |= IEEE80211_RADIOTAP_MCS_FMT_GF;
 322                pos[2] = info->status.rates[0].idx;
 323                pos += 3;
 324        }
 325
 326}
 327
 328/*
 329 * Use a static threshold for now, best value to be determined
 330 * by testing ...
 331 * Should it depend on:
 332 *  - on # of retransmissions
 333 *  - current throughput (higher value for higher tpt)?
 334 */
 335#define STA_LOST_PKT_THRESHOLD  50
 336
 337void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb)
 338{
 339        struct sk_buff *skb2;
 340        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
 341        struct ieee80211_local *local = hw_to_local(hw);
 342        struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
 343        u16 frag, type;
 344        __le16 fc;
 345        struct ieee80211_supported_band *sband;
 346        struct ieee80211_sub_if_data *sdata;
 347        struct net_device *prev_dev = NULL;
 348        struct sta_info *sta, *tmp;
 349        int retry_count = -1, i;
 350        int rates_idx = -1;
 351        bool send_to_cooked;
 352        bool acked;
 353        struct ieee80211_bar *bar;
 354        u16 tid;
 355        int rtap_len;
 356
 357        for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
 358                if (info->status.rates[i].idx < 0) {
 359                        break;
 360                } else if (i >= hw->max_report_rates) {
 361                        /* the HW cannot have attempted that rate */
 362                        info->status.rates[i].idx = -1;
 363                        info->status.rates[i].count = 0;
 364                        break;
 365                }
 366
 367                retry_count += info->status.rates[i].count;
 368        }
 369        rates_idx = i - 1;
 370
 371        if (retry_count < 0)
 372                retry_count = 0;
 373
 374        rcu_read_lock();
 375
 376        sband = local->hw.wiphy->bands[info->band];
 377        fc = hdr->frame_control;
 378
 379        for_each_sta_info(local, hdr->addr1, sta, tmp) {
 380                /* skip wrong virtual interface */
 381                if (memcmp(hdr->addr2, sta->sdata->vif.addr, ETH_ALEN))
 382                        continue;
 383
 384                if (info->flags & IEEE80211_TX_STATUS_EOSP)
 385                        clear_sta_flag(sta, WLAN_STA_SP);
 386
 387                acked = !!(info->flags & IEEE80211_TX_STAT_ACK);
 388                if (!acked && test_sta_flag(sta, WLAN_STA_PS_STA)) {
 389                        /*
 390                         * The STA is in power save mode, so assume
 391                         * that this TX packet failed because of that.
 392                         */
 393                        ieee80211_handle_filtered_frame(local, sta, skb);
 394                        rcu_read_unlock();
 395                        return;
 396                }
 397
 398                if ((local->hw.flags & IEEE80211_HW_HAS_RATE_CONTROL) &&
 399                    (rates_idx != -1))
 400                        sta->last_tx_rate = info->status.rates[rates_idx];
 401
 402                if ((info->flags & IEEE80211_TX_STAT_AMPDU_NO_BACK) &&
 403                    (ieee80211_is_data_qos(fc))) {
 404                        u16 tid, ssn;
 405                        u8 *qc;
 406
 407                        qc = ieee80211_get_qos_ctl(hdr);
 408                        tid = qc[0] & 0xf;
 409                        ssn = ((le16_to_cpu(hdr->seq_ctrl) + 0x10)
 410                                                & IEEE80211_SCTL_SEQ);
 411                        ieee80211_send_bar(&sta->sdata->vif, hdr->addr1,
 412                                           tid, ssn);
 413                }
 414
 415                if (!acked && ieee80211_is_back_req(fc)) {
 416                        u16 control;
 417
 418                        /*
 419                         * BAR failed, store the last SSN and retry sending
 420                         * the BAR when the next unicast transmission on the
 421                         * same TID succeeds.
 422                         */
 423                        bar = (struct ieee80211_bar *) skb->data;
 424                        control = le16_to_cpu(bar->control);
 425                        if (!(control & IEEE80211_BAR_CTRL_MULTI_TID)) {
 426                                u16 ssn = le16_to_cpu(bar->start_seq_num);
 427
 428                                tid = (control &
 429                                       IEEE80211_BAR_CTRL_TID_INFO_MASK) >>
 430                                      IEEE80211_BAR_CTRL_TID_INFO_SHIFT;
 431
 432                                ieee80211_set_bar_pending(sta, tid, ssn);
 433                        }
 434                }
 435
 436                if (info->flags & IEEE80211_TX_STAT_TX_FILTERED) {
 437                        ieee80211_handle_filtered_frame(local, sta, skb);
 438                        rcu_read_unlock();
 439                        return;
 440                } else {
 441                        if (!acked)
 442                                sta->tx_retry_failed++;
 443                        sta->tx_retry_count += retry_count;
 444                }
 445
 446                rate_control_tx_status(local, sband, sta, skb);
 447                if (ieee80211_vif_is_mesh(&sta->sdata->vif))
 448                        ieee80211s_update_metric(local, sta, skb);
 449
 450                if (!(info->flags & IEEE80211_TX_CTL_INJECTED) && acked)
 451                        ieee80211_frame_acked(sta, skb);
 452
 453                if ((sta->sdata->vif.type == NL80211_IFTYPE_STATION) &&
 454                    (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS))
 455                        ieee80211_sta_tx_notify(sta->sdata, (void *) skb->data, acked);
 456
 457                if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) {
 458                        if (info->flags & IEEE80211_TX_STAT_ACK) {
 459                                if (sta->lost_packets)
 460                                        sta->lost_packets = 0;
 461                        } else if (++sta->lost_packets >= STA_LOST_PKT_THRESHOLD) {
 462                                cfg80211_cqm_pktloss_notify(sta->sdata->dev,
 463                                                            sta->sta.addr,
 464                                                            sta->lost_packets,
 465                                                            GFP_ATOMIC);
 466                                sta->lost_packets = 0;
 467                        }
 468                }
 469        }
 470
 471        rcu_read_unlock();
 472
 473        ieee80211_led_tx(local, 0);
 474
 475        /* SNMP counters
 476         * Fragments are passed to low-level drivers as separate skbs, so these
 477         * are actually fragments, not frames. Update frame counters only for
 478         * the first fragment of the frame. */
 479
 480        frag = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG;
 481        type = le16_to_cpu(hdr->frame_control) & IEEE80211_FCTL_FTYPE;
 482
 483        if (info->flags & IEEE80211_TX_STAT_ACK) {
 484                if (frag == 0) {
 485                        local->dot11TransmittedFrameCount++;
 486                        if (is_multicast_ether_addr(hdr->addr1))
 487                                local->dot11MulticastTransmittedFrameCount++;
 488                        if (retry_count > 0)
 489                                local->dot11RetryCount++;
 490                        if (retry_count > 1)
 491                                local->dot11MultipleRetryCount++;
 492                }
 493
 494                /* This counter shall be incremented for an acknowledged MPDU
 495                 * with an individual address in the address 1 field or an MPDU
 496                 * with a multicast address in the address 1 field of type Data
 497                 * or Management. */
 498                if (!is_multicast_ether_addr(hdr->addr1) ||
 499                    type == IEEE80211_FTYPE_DATA ||
 500                    type == IEEE80211_FTYPE_MGMT)
 501                        local->dot11TransmittedFragmentCount++;
 502        } else {
 503                if (frag == 0)
 504                        local->dot11FailedCount++;
 505        }
 506
 507        if (ieee80211_is_nullfunc(fc) && ieee80211_has_pm(fc) &&
 508            (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) &&
 509            !(info->flags & IEEE80211_TX_CTL_INJECTED) &&
 510            local->ps_sdata && !(local->scanning)) {
 511                if (info->flags & IEEE80211_TX_STAT_ACK) {
 512                        local->ps_sdata->u.mgd.flags |=
 513                                        IEEE80211_STA_NULLFUNC_ACKED;
 514                } else
 515                        mod_timer(&local->dynamic_ps_timer, jiffies +
 516                                        msecs_to_jiffies(10));
 517        }
 518
 519        if (info->flags & IEEE80211_TX_INTFL_NL80211_FRAME_TX) {
 520                struct ieee80211_work *wk;
 521                u64 cookie = (unsigned long)skb;
 522
 523                rcu_read_lock();
 524                list_for_each_entry_rcu(wk, &local->work_list, list) {
 525                        if (wk->type != IEEE80211_WORK_OFFCHANNEL_TX)
 526                                continue;
 527                        if (wk->offchan_tx.frame != skb)
 528                                continue;
 529                        wk->offchan_tx.status = true;
 530                        break;
 531                }
 532                rcu_read_unlock();
 533                if (local->hw_roc_skb_for_status == skb) {
 534                        cookie = local->hw_roc_cookie ^ 2;
 535                        local->hw_roc_skb_for_status = NULL;
 536                }
 537
 538                cfg80211_mgmt_tx_status(
 539                        skb->dev, cookie, skb->data, skb->len,
 540                        !!(info->flags & IEEE80211_TX_STAT_ACK), GFP_ATOMIC);
 541        }
 542
 543        /* this was a transmitted frame, but now we want to reuse it */
 544        skb_orphan(skb);
 545
 546        /* Need to make a copy before skb->cb gets cleared */
 547        send_to_cooked = !!(info->flags & IEEE80211_TX_CTL_INJECTED) ||
 548                        (type != IEEE80211_FTYPE_DATA);
 549
 550        /*
 551         * This is a bit racy but we can avoid a lot of work
 552         * with this test...
 553         */
 554        if (!local->monitors && (!send_to_cooked || !local->cooked_mntrs)) {
 555                dev_kfree_skb(skb);
 556                return;
 557        }
 558
 559        /* send frame to monitor interfaces now */
 560        rtap_len = ieee80211_tx_radiotap_len(info);
 561        if (WARN_ON_ONCE(skb_headroom(skb) < rtap_len)) {
 562                printk(KERN_ERR "ieee80211_tx_status: headroom too small\n");
 563                dev_kfree_skb(skb);
 564                return;
 565        }
 566        ieee80211_add_tx_radiotap_header(sband, skb, retry_count, rtap_len);
 567
 568        /* XXX: is this sufficient for BPF? */
 569        skb_set_mac_header(skb, 0);
 570        skb->ip_summed = CHECKSUM_UNNECESSARY;
 571        skb->pkt_type = PACKET_OTHERHOST;
 572        skb->protocol = htons(ETH_P_802_2);
 573        memset(skb->cb, 0, sizeof(skb->cb));
 574
 575        rcu_read_lock();
 576        list_for_each_entry_rcu(sdata, &local->interfaces, list) {
 577                if (sdata->vif.type == NL80211_IFTYPE_MONITOR) {
 578                        if (!ieee80211_sdata_running(sdata))
 579                                continue;
 580
 581                        if ((sdata->u.mntr_flags & MONITOR_FLAG_COOK_FRAMES) &&
 582                            !send_to_cooked)
 583                                continue;
 584
 585                        if (prev_dev) {
 586                                skb2 = skb_clone(skb, GFP_ATOMIC);
 587                                if (skb2) {
 588                                        skb2->dev = prev_dev;
 589                                        netif_rx(skb2);
 590                                }
 591                        }
 592
 593                        prev_dev = sdata->dev;
 594                }
 595        }
 596        if (prev_dev) {
 597                skb->dev = prev_dev;
 598                netif_rx(skb);
 599                skb = NULL;
 600        }
 601        rcu_read_unlock();
 602        dev_kfree_skb(skb);
 603}
 604EXPORT_SYMBOL(ieee80211_tx_status);
 605
 606void ieee80211_report_low_ack(struct ieee80211_sta *pubsta, u32 num_packets)
 607{
 608        struct sta_info *sta = container_of(pubsta, struct sta_info, sta);
 609        cfg80211_cqm_pktloss_notify(sta->sdata->dev, sta->sta.addr,
 610                                    num_packets, GFP_ATOMIC);
 611}
 612EXPORT_SYMBOL(ieee80211_report_low_ack);
 613