1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17#include <linux/kernel.h>
18#include <linux/slab.h>
19#include <linux/skbuff.h>
20#include <linux/if_vlan.h>
21#include <linux/etherdevice.h>
22#include <linux/bitmap.h>
23#include <linux/rcupdate.h>
24#include <linux/export.h>
25#include <net/net_namespace.h>
26#include <net/ieee80211_radiotap.h>
27#include <net/cfg80211.h>
28#include <net/mac80211.h>
29#include <net/codel.h>
30#include <net/codel_impl.h>
31#include <asm/unaligned.h>
32#include <net/fq_impl.h>
33
34#include "ieee80211_i.h"
35#include "driver-ops.h"
36#include "led.h"
37#include "mesh.h"
38#include "wep.h"
39#include "wpa.h"
40#include "wme.h"
41#include "rate.h"
42
43
44
45static inline void ieee80211_tx_stats(struct net_device *dev, u32 len)
46{
47 struct pcpu_sw_netstats *tstats = this_cpu_ptr(dev->tstats);
48
49 u64_stats_update_begin(&tstats->syncp);
50 tstats->tx_packets++;
51 tstats->tx_bytes += len;
52 u64_stats_update_end(&tstats->syncp);
53}
54
55static __le16 ieee80211_duration(struct ieee80211_tx_data *tx,
56 struct sk_buff *skb, int group_addr,
57 int next_frag_len)
58{
59 int rate, mrate, erp, dur, i, shift = 0;
60 struct ieee80211_rate *txrate;
61 struct ieee80211_local *local = tx->local;
62 struct ieee80211_supported_band *sband;
63 struct ieee80211_hdr *hdr;
64 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
65 struct ieee80211_chanctx_conf *chanctx_conf;
66 u32 rate_flags = 0;
67
68
69 if (tx->rate.flags & (IEEE80211_TX_RC_MCS | IEEE80211_TX_RC_VHT_MCS))
70 return 0;
71
72 rcu_read_lock();
73 chanctx_conf = rcu_dereference(tx->sdata->vif.chanctx_conf);
74 if (chanctx_conf) {
75 shift = ieee80211_chandef_get_shift(&chanctx_conf->def);
76 rate_flags = ieee80211_chandef_rate_flags(&chanctx_conf->def);
77 }
78 rcu_read_unlock();
79
80
81 if (WARN_ON_ONCE(tx->rate.idx < 0))
82 return 0;
83
84 sband = local->hw.wiphy->bands[info->band];
85 txrate = &sband->bitrates[tx->rate.idx];
86
87 erp = txrate->flags & IEEE80211_RATE_ERP_G;
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106 hdr = (struct ieee80211_hdr *)skb->data;
107 if (ieee80211_is_ctl(hdr->frame_control)) {
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122 return 0;
123 }
124
125
126 if (0 )
127 return cpu_to_le16(32768);
128
129 if (group_addr)
130 return 0;
131
132
133
134
135
136
137
138
139
140
141
142 rate = -1;
143
144 mrate = sband->bitrates[0].bitrate;
145 for (i = 0; i < sband->n_bitrates; i++) {
146 struct ieee80211_rate *r = &sband->bitrates[i];
147
148 if (r->bitrate > txrate->bitrate)
149 break;
150
151 if ((rate_flags & r->flags) != rate_flags)
152 continue;
153
154 if (tx->sdata->vif.bss_conf.basic_rates & BIT(i))
155 rate = DIV_ROUND_UP(r->bitrate, 1 << shift);
156
157 switch (sband->band) {
158 case NL80211_BAND_2GHZ: {
159 u32 flag;
160 if (tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE)
161 flag = IEEE80211_RATE_MANDATORY_G;
162 else
163 flag = IEEE80211_RATE_MANDATORY_B;
164 if (r->flags & flag)
165 mrate = r->bitrate;
166 break;
167 }
168 case NL80211_BAND_5GHZ:
169 if (r->flags & IEEE80211_RATE_MANDATORY_A)
170 mrate = r->bitrate;
171 break;
172 case NL80211_BAND_60GHZ:
173
174 case NUM_NL80211_BANDS:
175 WARN_ON(1);
176 break;
177 }
178 }
179 if (rate == -1) {
180
181
182 rate = DIV_ROUND_UP(mrate, 1 << shift);
183 }
184
185
186 if (ieee80211_is_data_qos(hdr->frame_control) &&
187 *(ieee80211_get_qos_ctl(hdr)) & IEEE80211_QOS_CTL_ACK_POLICY_NOACK)
188 dur = 0;
189 else
190
191
192
193 dur = ieee80211_frame_duration(sband->band, 10, rate, erp,
194 tx->sdata->vif.bss_conf.use_short_preamble,
195 shift);
196
197 if (next_frag_len) {
198
199
200 dur *= 2;
201
202 dur += ieee80211_frame_duration(sband->band, next_frag_len,
203 txrate->bitrate, erp,
204 tx->sdata->vif.bss_conf.use_short_preamble,
205 shift);
206 }
207
208 return cpu_to_le16(dur);
209}
210
211
212static ieee80211_tx_result debug_noinline
213ieee80211_tx_h_dynamic_ps(struct ieee80211_tx_data *tx)
214{
215 struct ieee80211_local *local = tx->local;
216 struct ieee80211_if_managed *ifmgd;
217 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
218
219
220 if (!ieee80211_hw_check(&local->hw, SUPPORTS_PS))
221 return TX_CONTINUE;
222
223
224 if (ieee80211_hw_check(&local->hw, SUPPORTS_DYNAMIC_PS))
225 return TX_CONTINUE;
226
227
228 if (local->hw.conf.dynamic_ps_timeout <= 0)
229 return TX_CONTINUE;
230
231
232 if (local->scanning)
233 return TX_CONTINUE;
234
235 if (!local->ps_sdata)
236 return TX_CONTINUE;
237
238
239 if (local->quiescing)
240 return TX_CONTINUE;
241
242
243 if (tx->sdata->vif.type != NL80211_IFTYPE_STATION)
244 return TX_CONTINUE;
245
246 if (unlikely(info->flags & IEEE80211_TX_INTFL_OFFCHAN_TX_OK))
247 return TX_CONTINUE;
248
249 ifmgd = &tx->sdata->u.mgd;
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264 if ((ifmgd->flags & IEEE80211_STA_UAPSD_ENABLED) &&
265 (ifmgd->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO) &&
266 skb_get_queue_mapping(tx->skb) == IEEE80211_AC_VO)
267 return TX_CONTINUE;
268
269 if (local->hw.conf.flags & IEEE80211_CONF_PS) {
270 ieee80211_stop_queues_by_reason(&local->hw,
271 IEEE80211_MAX_QUEUE_MAP,
272 IEEE80211_QUEUE_STOP_REASON_PS,
273 false);
274 ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED;
275 ieee80211_queue_work(&local->hw,
276 &local->dynamic_ps_disable_work);
277 }
278
279
280 if (!ifmgd->associated)
281 return TX_CONTINUE;
282
283 mod_timer(&local->dynamic_ps_timer, jiffies +
284 msecs_to_jiffies(local->hw.conf.dynamic_ps_timeout));
285
286 return TX_CONTINUE;
287}
288
289static ieee80211_tx_result debug_noinline
290ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx)
291{
292
293 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
294 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
295 bool assoc = false;
296
297 if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED))
298 return TX_CONTINUE;
299
300 if (unlikely(test_bit(SCAN_SW_SCANNING, &tx->local->scanning)) &&
301 test_bit(SDATA_STATE_OFFCHANNEL, &tx->sdata->state) &&
302 !ieee80211_is_probe_req(hdr->frame_control) &&
303 !ieee80211_is_nullfunc(hdr->frame_control))
304
305
306
307
308
309
310
311
312
313
314
315 return TX_DROP;
316
317 if (tx->sdata->vif.type == NL80211_IFTYPE_OCB)
318 return TX_CONTINUE;
319
320 if (tx->sdata->vif.type == NL80211_IFTYPE_WDS)
321 return TX_CONTINUE;
322
323 if (tx->flags & IEEE80211_TX_PS_BUFFERED)
324 return TX_CONTINUE;
325
326 if (tx->sta)
327 assoc = test_sta_flag(tx->sta, WLAN_STA_ASSOC);
328
329 if (likely(tx->flags & IEEE80211_TX_UNICAST)) {
330 if (unlikely(!assoc &&
331 ieee80211_is_data(hdr->frame_control))) {
332#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
333 sdata_info(tx->sdata,
334 "dropped data frame to not associated station %pM\n",
335 hdr->addr1);
336#endif
337 I802_DEBUG_INC(tx->local->tx_handlers_drop_not_assoc);
338 return TX_DROP;
339 }
340 } else if (unlikely(ieee80211_is_data(hdr->frame_control) &&
341 ieee80211_vif_get_num_mcast_if(tx->sdata) == 0)) {
342
343
344
345
346 return TX_DROP;
347 }
348
349 return TX_CONTINUE;
350}
351
352
353
354
355
356static void purge_old_ps_buffers(struct ieee80211_local *local)
357{
358 int total = 0, purged = 0;
359 struct sk_buff *skb;
360 struct ieee80211_sub_if_data *sdata;
361 struct sta_info *sta;
362
363 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
364 struct ps_data *ps;
365
366 if (sdata->vif.type == NL80211_IFTYPE_AP)
367 ps = &sdata->u.ap.ps;
368 else if (ieee80211_vif_is_mesh(&sdata->vif))
369 ps = &sdata->u.mesh.ps;
370 else
371 continue;
372
373 skb = skb_dequeue(&ps->bc_buf);
374 if (skb) {
375 purged++;
376 ieee80211_free_txskb(&local->hw, skb);
377 }
378 total += skb_queue_len(&ps->bc_buf);
379 }
380
381
382
383
384
385 list_for_each_entry_rcu(sta, &local->sta_list, list) {
386 int ac;
387
388 for (ac = IEEE80211_AC_BK; ac >= IEEE80211_AC_VO; ac--) {
389 skb = skb_dequeue(&sta->ps_tx_buf[ac]);
390 total += skb_queue_len(&sta->ps_tx_buf[ac]);
391 if (skb) {
392 purged++;
393 ieee80211_free_txskb(&local->hw, skb);
394 break;
395 }
396 }
397 }
398
399 local->total_ps_buffered = total;
400 ps_dbg_hw(&local->hw, "PS buffers full - purged %d frames\n", purged);
401}
402
403static ieee80211_tx_result
404ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx)
405{
406 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
407 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
408 struct ps_data *ps;
409
410
411
412
413
414
415
416
417
418
419 if (tx->sdata->vif.type == NL80211_IFTYPE_AP ||
420 tx->sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
421 if (!tx->sdata->bss)
422 return TX_CONTINUE;
423
424 ps = &tx->sdata->bss->ps;
425 } else if (ieee80211_vif_is_mesh(&tx->sdata->vif)) {
426 ps = &tx->sdata->u.mesh.ps;
427 } else {
428 return TX_CONTINUE;
429 }
430
431
432
433 if (ieee80211_has_order(hdr->frame_control))
434 return TX_CONTINUE;
435
436 if (ieee80211_is_probe_req(hdr->frame_control))
437 return TX_CONTINUE;
438
439 if (ieee80211_hw_check(&tx->local->hw, QUEUE_CONTROL))
440 info->hw_queue = tx->sdata->vif.cab_queue;
441
442
443 if (!atomic_read(&ps->num_sta_ps) && skb_queue_empty(&ps->bc_buf))
444 return TX_CONTINUE;
445
446 info->flags |= IEEE80211_TX_CTL_SEND_AFTER_DTIM;
447
448
449 if (!ieee80211_hw_check(&tx->local->hw, HOST_BROADCAST_PS_BUFFERING))
450 return TX_CONTINUE;
451
452
453 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
454 purge_old_ps_buffers(tx->local);
455
456 if (skb_queue_len(&ps->bc_buf) >= AP_MAX_BC_BUFFER) {
457 ps_dbg(tx->sdata,
458 "BC TX buffer full - dropping the oldest frame\n");
459 ieee80211_free_txskb(&tx->local->hw, skb_dequeue(&ps->bc_buf));
460 } else
461 tx->local->total_ps_buffered++;
462
463 skb_queue_tail(&ps->bc_buf, tx->skb);
464
465 return TX_QUEUED;
466}
467
468static int ieee80211_use_mfp(__le16 fc, struct sta_info *sta,
469 struct sk_buff *skb)
470{
471 if (!ieee80211_is_mgmt(fc))
472 return 0;
473
474 if (sta == NULL || !test_sta_flag(sta, WLAN_STA_MFP))
475 return 0;
476
477 if (!ieee80211_is_robust_mgmt_frame(skb))
478 return 0;
479
480 return 1;
481}
482
483static ieee80211_tx_result
484ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx)
485{
486 struct sta_info *sta = tx->sta;
487 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
488 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
489 struct ieee80211_local *local = tx->local;
490
491 if (unlikely(!sta))
492 return TX_CONTINUE;
493
494 if (unlikely((test_sta_flag(sta, WLAN_STA_PS_STA) ||
495 test_sta_flag(sta, WLAN_STA_PS_DRIVER) ||
496 test_sta_flag(sta, WLAN_STA_PS_DELIVER)) &&
497 !(info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER))) {
498 int ac = skb_get_queue_mapping(tx->skb);
499
500 if (ieee80211_is_mgmt(hdr->frame_control) &&
501 !ieee80211_is_bufferable_mmpdu(hdr->frame_control)) {
502 info->flags |= IEEE80211_TX_CTL_NO_PS_BUFFER;
503 return TX_CONTINUE;
504 }
505
506 ps_dbg(sta->sdata, "STA %pM aid %d: PS buffer for AC %d\n",
507 sta->sta.addr, sta->sta.aid, ac);
508 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
509 purge_old_ps_buffers(tx->local);
510
511
512 spin_lock(&sta->ps_lock);
513
514
515
516
517
518 if (!test_sta_flag(sta, WLAN_STA_PS_STA) &&
519 !test_sta_flag(sta, WLAN_STA_PS_DRIVER) &&
520 !test_sta_flag(sta, WLAN_STA_PS_DELIVER)) {
521 spin_unlock(&sta->ps_lock);
522 return TX_CONTINUE;
523 }
524
525 if (skb_queue_len(&sta->ps_tx_buf[ac]) >= STA_MAX_TX_BUFFER) {
526 struct sk_buff *old = skb_dequeue(&sta->ps_tx_buf[ac]);
527 ps_dbg(tx->sdata,
528 "STA %pM TX buffer for AC %d full - dropping oldest frame\n",
529 sta->sta.addr, ac);
530 ieee80211_free_txskb(&local->hw, old);
531 } else
532 tx->local->total_ps_buffered++;
533
534 info->control.jiffies = jiffies;
535 info->control.vif = &tx->sdata->vif;
536 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING;
537 info->flags &= ~IEEE80211_TX_TEMPORARY_FLAGS;
538 skb_queue_tail(&sta->ps_tx_buf[ac], tx->skb);
539 spin_unlock(&sta->ps_lock);
540
541 if (!timer_pending(&local->sta_cleanup))
542 mod_timer(&local->sta_cleanup,
543 round_jiffies(jiffies +
544 STA_INFO_CLEANUP_INTERVAL));
545
546
547
548
549
550 sta_info_recalc_tim(sta);
551
552 return TX_QUEUED;
553 } else if (unlikely(test_sta_flag(sta, WLAN_STA_PS_STA))) {
554 ps_dbg(tx->sdata,
555 "STA %pM in PS mode, but polling/in SP -> send frame\n",
556 sta->sta.addr);
557 }
558
559 return TX_CONTINUE;
560}
561
562static ieee80211_tx_result debug_noinline
563ieee80211_tx_h_ps_buf(struct ieee80211_tx_data *tx)
564{
565 if (unlikely(tx->flags & IEEE80211_TX_PS_BUFFERED))
566 return TX_CONTINUE;
567
568 if (tx->flags & IEEE80211_TX_UNICAST)
569 return ieee80211_tx_h_unicast_ps_buf(tx);
570 else
571 return ieee80211_tx_h_multicast_ps_buf(tx);
572}
573
574static ieee80211_tx_result debug_noinline
575ieee80211_tx_h_check_control_port_protocol(struct ieee80211_tx_data *tx)
576{
577 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
578
579 if (unlikely(tx->sdata->control_port_protocol == tx->skb->protocol)) {
580 if (tx->sdata->control_port_no_encrypt)
581 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
582 info->control.flags |= IEEE80211_TX_CTRL_PORT_CTRL_PROTO;
583 info->flags |= IEEE80211_TX_CTL_USE_MINRATE;
584 }
585
586 return TX_CONTINUE;
587}
588
589static ieee80211_tx_result debug_noinline
590ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx)
591{
592 struct ieee80211_key *key;
593 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
594 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
595
596 if (unlikely(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT))
597 tx->key = NULL;
598 else if (tx->sta &&
599 (key = rcu_dereference(tx->sta->ptk[tx->sta->ptk_idx])))
600 tx->key = key;
601 else if (ieee80211_is_group_privacy_action(tx->skb) &&
602 (key = rcu_dereference(tx->sdata->default_multicast_key)))
603 tx->key = key;
604 else if (ieee80211_is_mgmt(hdr->frame_control) &&
605 is_multicast_ether_addr(hdr->addr1) &&
606 ieee80211_is_robust_mgmt_frame(tx->skb) &&
607 (key = rcu_dereference(tx->sdata->default_mgmt_key)))
608 tx->key = key;
609 else if (is_multicast_ether_addr(hdr->addr1) &&
610 (key = rcu_dereference(tx->sdata->default_multicast_key)))
611 tx->key = key;
612 else if (!is_multicast_ether_addr(hdr->addr1) &&
613 (key = rcu_dereference(tx->sdata->default_unicast_key)))
614 tx->key = key;
615 else
616 tx->key = NULL;
617
618 if (tx->key) {
619 bool skip_hw = false;
620
621
622
623 switch (tx->key->conf.cipher) {
624 case WLAN_CIPHER_SUITE_WEP40:
625 case WLAN_CIPHER_SUITE_WEP104:
626 case WLAN_CIPHER_SUITE_TKIP:
627 if (!ieee80211_is_data_present(hdr->frame_control))
628 tx->key = NULL;
629 break;
630 case WLAN_CIPHER_SUITE_CCMP:
631 case WLAN_CIPHER_SUITE_CCMP_256:
632 case WLAN_CIPHER_SUITE_GCMP:
633 case WLAN_CIPHER_SUITE_GCMP_256:
634 if (!ieee80211_is_data_present(hdr->frame_control) &&
635 !ieee80211_use_mfp(hdr->frame_control, tx->sta,
636 tx->skb) &&
637 !ieee80211_is_group_privacy_action(tx->skb))
638 tx->key = NULL;
639 else
640 skip_hw = (tx->key->conf.flags &
641 IEEE80211_KEY_FLAG_SW_MGMT_TX) &&
642 ieee80211_is_mgmt(hdr->frame_control);
643 break;
644 case WLAN_CIPHER_SUITE_AES_CMAC:
645 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
646 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
647 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
648 if (!ieee80211_is_mgmt(hdr->frame_control))
649 tx->key = NULL;
650 break;
651 }
652
653 if (unlikely(tx->key && tx->key->flags & KEY_FLAG_TAINTED &&
654 !ieee80211_is_deauth(hdr->frame_control)))
655 return TX_DROP;
656
657 if (!skip_hw && tx->key &&
658 tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)
659 info->control.hw_key = &tx->key->conf;
660 }
661
662 return TX_CONTINUE;
663}
664
665static ieee80211_tx_result debug_noinline
666ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx)
667{
668 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
669 struct ieee80211_hdr *hdr = (void *)tx->skb->data;
670 struct ieee80211_supported_band *sband;
671 u32 len;
672 struct ieee80211_tx_rate_control txrc;
673 struct ieee80211_sta_rates *ratetbl = NULL;
674 bool assoc = false;
675
676 memset(&txrc, 0, sizeof(txrc));
677
678 sband = tx->local->hw.wiphy->bands[info->band];
679
680 len = min_t(u32, tx->skb->len + FCS_LEN,
681 tx->local->hw.wiphy->frag_threshold);
682
683
684 txrc.hw = &tx->local->hw;
685 txrc.sband = sband;
686 txrc.bss_conf = &tx->sdata->vif.bss_conf;
687 txrc.skb = tx->skb;
688 txrc.reported_rate.idx = -1;
689 txrc.rate_idx_mask = tx->sdata->rc_rateidx_mask[info->band];
690
691 if (tx->sdata->rc_has_mcs_mask[info->band])
692 txrc.rate_idx_mcs_mask =
693 tx->sdata->rc_rateidx_mcs_mask[info->band];
694
695 txrc.bss = (tx->sdata->vif.type == NL80211_IFTYPE_AP ||
696 tx->sdata->vif.type == NL80211_IFTYPE_MESH_POINT ||
697 tx->sdata->vif.type == NL80211_IFTYPE_ADHOC ||
698 tx->sdata->vif.type == NL80211_IFTYPE_OCB);
699
700
701 if (len > tx->local->hw.wiphy->rts_threshold) {
702 txrc.rts = true;
703 }
704
705 info->control.use_rts = txrc.rts;
706 info->control.use_cts_prot = tx->sdata->vif.bss_conf.use_cts_prot;
707
708
709
710
711
712
713
714 if (tx->sdata->vif.bss_conf.use_short_preamble &&
715 (ieee80211_is_data(hdr->frame_control) ||
716 (tx->sta && test_sta_flag(tx->sta, WLAN_STA_SHORT_PREAMBLE))))
717 txrc.short_preamble = true;
718
719 info->control.short_preamble = txrc.short_preamble;
720
721
722 if (info->control.flags & IEEE80211_TX_CTRL_RATE_INJECT)
723 return TX_CONTINUE;
724
725 if (tx->sta)
726 assoc = test_sta_flag(tx->sta, WLAN_STA_ASSOC);
727
728
729
730
731
732 if (WARN(test_bit(SCAN_SW_SCANNING, &tx->local->scanning) && assoc &&
733 !rate_usable_index_exists(sband, &tx->sta->sta),
734 "%s: Dropped data frame as no usable bitrate found while "
735 "scanning and associated. Target station: "
736 "%pM on %d GHz band\n",
737 tx->sdata->name, hdr->addr1,
738 info->band ? 5 : 2))
739 return TX_DROP;
740
741
742
743
744
745 rate_control_get_rate(tx->sdata, tx->sta, &txrc);
746
747 if (tx->sta && !info->control.skip_table)
748 ratetbl = rcu_dereference(tx->sta->sta.rates);
749
750 if (unlikely(info->control.rates[0].idx < 0)) {
751 if (ratetbl) {
752 struct ieee80211_tx_rate rate = {
753 .idx = ratetbl->rate[0].idx,
754 .flags = ratetbl->rate[0].flags,
755 .count = ratetbl->rate[0].count
756 };
757
758 if (ratetbl->rate[0].idx < 0)
759 return TX_DROP;
760
761 tx->rate = rate;
762 } else {
763 return TX_DROP;
764 }
765 } else {
766 tx->rate = info->control.rates[0];
767 }
768
769 if (txrc.reported_rate.idx < 0) {
770 txrc.reported_rate = tx->rate;
771 if (tx->sta && ieee80211_is_data(hdr->frame_control))
772 tx->sta->tx_stats.last_rate = txrc.reported_rate;
773 } else if (tx->sta)
774 tx->sta->tx_stats.last_rate = txrc.reported_rate;
775
776 if (ratetbl)
777 return TX_CONTINUE;
778
779 if (unlikely(!info->control.rates[0].count))
780 info->control.rates[0].count = 1;
781
782 if (WARN_ON_ONCE((info->control.rates[0].count > 1) &&
783 (info->flags & IEEE80211_TX_CTL_NO_ACK)))
784 info->control.rates[0].count = 1;
785
786 return TX_CONTINUE;
787}
788
789static __le16 ieee80211_tx_next_seq(struct sta_info *sta, int tid)
790{
791 u16 *seq = &sta->tid_seq[tid];
792 __le16 ret = cpu_to_le16(*seq);
793
794
795 *seq = (*seq + 0x10) & IEEE80211_SCTL_SEQ;
796
797 return ret;
798}
799
800static ieee80211_tx_result debug_noinline
801ieee80211_tx_h_sequence(struct ieee80211_tx_data *tx)
802{
803 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
804 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
805 int tid;
806
807
808
809
810
811
812 if (unlikely(info->control.vif->type == NL80211_IFTYPE_MONITOR))
813 return TX_CONTINUE;
814
815 if (unlikely(ieee80211_is_ctl(hdr->frame_control)))
816 return TX_CONTINUE;
817
818 if (ieee80211_hdrlen(hdr->frame_control) < 24)
819 return TX_CONTINUE;
820
821 if (ieee80211_is_qos_nullfunc(hdr->frame_control))
822 return TX_CONTINUE;
823
824
825
826
827
828
829
830 if (!ieee80211_is_data_qos(hdr->frame_control) ||
831 is_multicast_ether_addr(hdr->addr1)) {
832 if (tx->flags & IEEE80211_TX_NO_SEQNO)
833 return TX_CONTINUE;
834
835 info->flags |= IEEE80211_TX_CTL_ASSIGN_SEQ;
836
837 hdr->seq_ctrl = cpu_to_le16(tx->sdata->sequence_number);
838 tx->sdata->sequence_number += 0x10;
839 if (tx->sta)
840 tx->sta->tx_stats.msdu[IEEE80211_NUM_TIDS]++;
841 return TX_CONTINUE;
842 }
843
844
845
846
847
848
849 if (!tx->sta)
850 return TX_CONTINUE;
851
852
853 tid = ieee80211_get_tid(hdr);
854 tx->sta->tx_stats.msdu[tid]++;
855
856 hdr->seq_ctrl = ieee80211_tx_next_seq(tx->sta, tid);
857
858 return TX_CONTINUE;
859}
860
861static int ieee80211_fragment(struct ieee80211_tx_data *tx,
862 struct sk_buff *skb, int hdrlen,
863 int frag_threshold)
864{
865 struct ieee80211_local *local = tx->local;
866 struct ieee80211_tx_info *info;
867 struct sk_buff *tmp;
868 int per_fragm = frag_threshold - hdrlen - FCS_LEN;
869 int pos = hdrlen + per_fragm;
870 int rem = skb->len - hdrlen - per_fragm;
871
872 if (WARN_ON(rem < 0))
873 return -EINVAL;
874
875
876
877 while (rem) {
878 int fraglen = per_fragm;
879
880 if (fraglen > rem)
881 fraglen = rem;
882 rem -= fraglen;
883 tmp = dev_alloc_skb(local->tx_headroom +
884 frag_threshold +
885 tx->sdata->encrypt_headroom +
886 IEEE80211_ENCRYPT_TAILROOM);
887 if (!tmp)
888 return -ENOMEM;
889
890 __skb_queue_tail(&tx->skbs, tmp);
891
892 skb_reserve(tmp,
893 local->tx_headroom + tx->sdata->encrypt_headroom);
894
895
896 memcpy(tmp->cb, skb->cb, sizeof(tmp->cb));
897
898 info = IEEE80211_SKB_CB(tmp);
899 info->flags &= ~(IEEE80211_TX_CTL_CLEAR_PS_FILT |
900 IEEE80211_TX_CTL_FIRST_FRAGMENT);
901
902 if (rem)
903 info->flags |= IEEE80211_TX_CTL_MORE_FRAMES;
904
905 skb_copy_queue_mapping(tmp, skb);
906 tmp->priority = skb->priority;
907 tmp->dev = skb->dev;
908
909
910 skb_put_data(tmp, skb->data, hdrlen);
911 skb_put_data(tmp, skb->data + pos, fraglen);
912
913 pos += fraglen;
914 }
915
916
917 skb_trim(skb, hdrlen + per_fragm);
918 return 0;
919}
920
921static ieee80211_tx_result debug_noinline
922ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx)
923{
924 struct sk_buff *skb = tx->skb;
925 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
926 struct ieee80211_hdr *hdr = (void *)skb->data;
927 int frag_threshold = tx->local->hw.wiphy->frag_threshold;
928 int hdrlen;
929 int fragnum;
930
931
932 __skb_queue_tail(&tx->skbs, skb);
933 tx->skb = NULL;
934
935 if (info->flags & IEEE80211_TX_CTL_DONTFRAG)
936 return TX_CONTINUE;
937
938 if (ieee80211_hw_check(&tx->local->hw, SUPPORTS_TX_FRAG))
939 return TX_CONTINUE;
940
941
942
943
944
945
946 if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU))
947 return TX_DROP;
948
949 hdrlen = ieee80211_hdrlen(hdr->frame_control);
950
951
952 if (WARN_ON(skb->len + FCS_LEN <= frag_threshold))
953 return TX_DROP;
954
955
956
957
958
959
960
961
962
963 if (ieee80211_fragment(tx, skb, hdrlen, frag_threshold))
964 return TX_DROP;
965
966
967 fragnum = 0;
968
969 skb_queue_walk(&tx->skbs, skb) {
970 const __le16 morefrags = cpu_to_le16(IEEE80211_FCTL_MOREFRAGS);
971
972 hdr = (void *)skb->data;
973 info = IEEE80211_SKB_CB(skb);
974
975 if (!skb_queue_is_last(&tx->skbs, skb)) {
976 hdr->frame_control |= morefrags;
977
978
979
980
981 info->control.rates[1].idx = -1;
982 info->control.rates[2].idx = -1;
983 info->control.rates[3].idx = -1;
984 BUILD_BUG_ON(IEEE80211_TX_MAX_RATES != 4);
985 info->flags &= ~IEEE80211_TX_CTL_RATE_CTRL_PROBE;
986 } else {
987 hdr->frame_control &= ~morefrags;
988 }
989 hdr->seq_ctrl |= cpu_to_le16(fragnum & IEEE80211_SCTL_FRAG);
990 fragnum++;
991 }
992
993 return TX_CONTINUE;
994}
995
996static ieee80211_tx_result debug_noinline
997ieee80211_tx_h_stats(struct ieee80211_tx_data *tx)
998{
999 struct sk_buff *skb;
1000 int ac = -1;
1001
1002 if (!tx->sta)
1003 return TX_CONTINUE;
1004
1005 skb_queue_walk(&tx->skbs, skb) {
1006 ac = skb_get_queue_mapping(skb);
1007 tx->sta->tx_stats.bytes[ac] += skb->len;
1008 }
1009 if (ac >= 0)
1010 tx->sta->tx_stats.packets[ac]++;
1011
1012 return TX_CONTINUE;
1013}
1014
1015static ieee80211_tx_result debug_noinline
1016ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx)
1017{
1018 if (!tx->key)
1019 return TX_CONTINUE;
1020
1021 switch (tx->key->conf.cipher) {
1022 case WLAN_CIPHER_SUITE_WEP40:
1023 case WLAN_CIPHER_SUITE_WEP104:
1024 return ieee80211_crypto_wep_encrypt(tx);
1025 case WLAN_CIPHER_SUITE_TKIP:
1026 return ieee80211_crypto_tkip_encrypt(tx);
1027 case WLAN_CIPHER_SUITE_CCMP:
1028 return ieee80211_crypto_ccmp_encrypt(
1029 tx, IEEE80211_CCMP_MIC_LEN);
1030 case WLAN_CIPHER_SUITE_CCMP_256:
1031 return ieee80211_crypto_ccmp_encrypt(
1032 tx, IEEE80211_CCMP_256_MIC_LEN);
1033 case WLAN_CIPHER_SUITE_AES_CMAC:
1034 return ieee80211_crypto_aes_cmac_encrypt(tx);
1035 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
1036 return ieee80211_crypto_aes_cmac_256_encrypt(tx);
1037 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
1038 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
1039 return ieee80211_crypto_aes_gmac_encrypt(tx);
1040 case WLAN_CIPHER_SUITE_GCMP:
1041 case WLAN_CIPHER_SUITE_GCMP_256:
1042 return ieee80211_crypto_gcmp_encrypt(tx);
1043 default:
1044 return ieee80211_crypto_hw_encrypt(tx);
1045 }
1046
1047 return TX_DROP;
1048}
1049
1050static ieee80211_tx_result debug_noinline
1051ieee80211_tx_h_calculate_duration(struct ieee80211_tx_data *tx)
1052{
1053 struct sk_buff *skb;
1054 struct ieee80211_hdr *hdr;
1055 int next_len;
1056 bool group_addr;
1057
1058 skb_queue_walk(&tx->skbs, skb) {
1059 hdr = (void *) skb->data;
1060 if (unlikely(ieee80211_is_pspoll(hdr->frame_control)))
1061 break;
1062 if (!skb_queue_is_last(&tx->skbs, skb)) {
1063 struct sk_buff *next = skb_queue_next(&tx->skbs, skb);
1064 next_len = next->len;
1065 } else
1066 next_len = 0;
1067 group_addr = is_multicast_ether_addr(hdr->addr1);
1068
1069 hdr->duration_id =
1070 ieee80211_duration(tx, skb, group_addr, next_len);
1071 }
1072
1073 return TX_CONTINUE;
1074}
1075
1076
1077
1078static bool ieee80211_tx_prep_agg(struct ieee80211_tx_data *tx,
1079 struct sk_buff *skb,
1080 struct ieee80211_tx_info *info,
1081 struct tid_ampdu_tx *tid_tx,
1082 int tid)
1083{
1084 bool queued = false;
1085 bool reset_agg_timer = false;
1086 struct sk_buff *purge_skb = NULL;
1087
1088 if (test_bit(HT_AGG_STATE_OPERATIONAL, &tid_tx->state)) {
1089 info->flags |= IEEE80211_TX_CTL_AMPDU;
1090 reset_agg_timer = true;
1091 } else if (test_bit(HT_AGG_STATE_WANT_START, &tid_tx->state)) {
1092
1093
1094
1095
1096 } else if (!tx->sta->sta.txq[tid]) {
1097 spin_lock(&tx->sta->lock);
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116 tid_tx = rcu_dereference_protected_tid_tx(tx->sta, tid);
1117
1118 if (!tid_tx) {
1119
1120 } else if (test_bit(HT_AGG_STATE_OPERATIONAL, &tid_tx->state)) {
1121 info->flags |= IEEE80211_TX_CTL_AMPDU;
1122 reset_agg_timer = true;
1123 } else {
1124 queued = true;
1125 if (info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER) {
1126 clear_sta_flag(tx->sta, WLAN_STA_SP);
1127 ps_dbg(tx->sta->sdata,
1128 "STA %pM aid %d: SP frame queued, close the SP w/o telling the peer\n",
1129 tx->sta->sta.addr, tx->sta->sta.aid);
1130 }
1131 info->control.vif = &tx->sdata->vif;
1132 info->flags |= IEEE80211_TX_INTFL_NEED_TXPROCESSING;
1133 info->flags &= ~IEEE80211_TX_TEMPORARY_FLAGS;
1134 __skb_queue_tail(&tid_tx->pending, skb);
1135 if (skb_queue_len(&tid_tx->pending) > STA_MAX_TX_BUFFER)
1136 purge_skb = __skb_dequeue(&tid_tx->pending);
1137 }
1138 spin_unlock(&tx->sta->lock);
1139
1140 if (purge_skb)
1141 ieee80211_free_txskb(&tx->local->hw, purge_skb);
1142 }
1143
1144
1145 if (reset_agg_timer)
1146 tid_tx->last_tx = jiffies;
1147
1148 return queued;
1149}
1150
1151
1152
1153
1154
1155
1156static ieee80211_tx_result
1157ieee80211_tx_prepare(struct ieee80211_sub_if_data *sdata,
1158 struct ieee80211_tx_data *tx,
1159 struct sta_info *sta, struct sk_buff *skb)
1160{
1161 struct ieee80211_local *local = sdata->local;
1162 struct ieee80211_hdr *hdr;
1163 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1164 int tid;
1165
1166 memset(tx, 0, sizeof(*tx));
1167 tx->skb = skb;
1168 tx->local = local;
1169 tx->sdata = sdata;
1170 __skb_queue_head_init(&tx->skbs);
1171
1172
1173
1174
1175
1176
1177 info->flags &= ~IEEE80211_TX_INTFL_NEED_TXPROCESSING;
1178
1179 hdr = (struct ieee80211_hdr *) skb->data;
1180
1181 if (likely(sta)) {
1182 if (!IS_ERR(sta))
1183 tx->sta = sta;
1184 } else {
1185 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) {
1186 tx->sta = rcu_dereference(sdata->u.vlan.sta);
1187 if (!tx->sta && sdata->wdev.use_4addr)
1188 return TX_DROP;
1189 } else if (info->flags & (IEEE80211_TX_INTFL_NL80211_FRAME_TX |
1190 IEEE80211_TX_CTL_INJECTED) ||
1191 tx->sdata->control_port_protocol == tx->skb->protocol) {
1192 tx->sta = sta_info_get_bss(sdata, hdr->addr1);
1193 }
1194 if (!tx->sta && !is_multicast_ether_addr(hdr->addr1))
1195 tx->sta = sta_info_get(sdata, hdr->addr1);
1196 }
1197
1198 if (tx->sta && ieee80211_is_data_qos(hdr->frame_control) &&
1199 !ieee80211_is_qos_nullfunc(hdr->frame_control) &&
1200 ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION) &&
1201 !ieee80211_hw_check(&local->hw, TX_AMPDU_SETUP_IN_HW)) {
1202 struct tid_ampdu_tx *tid_tx;
1203
1204 tid = ieee80211_get_tid(hdr);
1205
1206 tid_tx = rcu_dereference(tx->sta->ampdu_mlme.tid_tx[tid]);
1207 if (tid_tx) {
1208 bool queued;
1209
1210 queued = ieee80211_tx_prep_agg(tx, skb, info,
1211 tid_tx, tid);
1212
1213 if (unlikely(queued))
1214 return TX_QUEUED;
1215 }
1216 }
1217
1218 if (is_multicast_ether_addr(hdr->addr1)) {
1219 tx->flags &= ~IEEE80211_TX_UNICAST;
1220 info->flags |= IEEE80211_TX_CTL_NO_ACK;
1221 } else
1222 tx->flags |= IEEE80211_TX_UNICAST;
1223
1224 if (!(info->flags & IEEE80211_TX_CTL_DONTFRAG)) {
1225 if (!(tx->flags & IEEE80211_TX_UNICAST) ||
1226 skb->len + FCS_LEN <= local->hw.wiphy->frag_threshold ||
1227 info->flags & IEEE80211_TX_CTL_AMPDU)
1228 info->flags |= IEEE80211_TX_CTL_DONTFRAG;
1229 }
1230
1231 if (!tx->sta)
1232 info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
1233 else if (test_and_clear_sta_flag(tx->sta, WLAN_STA_CLEAR_PS_FILT)) {
1234 info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT;
1235 ieee80211_check_fast_xmit(tx->sta);
1236 }
1237
1238 info->flags |= IEEE80211_TX_CTL_FIRST_FRAGMENT;
1239
1240 return TX_CONTINUE;
1241}
1242
1243static struct txq_info *ieee80211_get_txq(struct ieee80211_local *local,
1244 struct ieee80211_vif *vif,
1245 struct sta_info *sta,
1246 struct sk_buff *skb)
1247{
1248 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1249 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1250 struct ieee80211_txq *txq = NULL;
1251
1252 if ((info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM) ||
1253 (info->control.flags & IEEE80211_TX_CTRL_PS_RESPONSE))
1254 return NULL;
1255
1256 if (unlikely(!ieee80211_is_data_present(hdr->frame_control))) {
1257 if ((!ieee80211_is_mgmt(hdr->frame_control) ||
1258 ieee80211_is_bufferable_mmpdu(hdr->frame_control) ||
1259 vif->type == NL80211_IFTYPE_STATION) &&
1260 sta && sta->uploaded) {
1261
1262
1263
1264
1265 txq = sta->sta.txq[IEEE80211_NUM_TIDS];
1266 }
1267 } else if (sta) {
1268 u8 tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK;
1269
1270 if (!sta->uploaded)
1271 return NULL;
1272
1273 txq = sta->sta.txq[tid];
1274 } else if (vif) {
1275 txq = vif->txq;
1276 }
1277
1278 if (!txq)
1279 return NULL;
1280
1281 return to_txq_info(txq);
1282}
1283
1284static void ieee80211_set_skb_enqueue_time(struct sk_buff *skb)
1285{
1286 IEEE80211_SKB_CB(skb)->control.enqueue_time = codel_get_time();
1287}
1288
1289static u32 codel_skb_len_func(const struct sk_buff *skb)
1290{
1291 return skb->len;
1292}
1293
1294static codel_time_t codel_skb_time_func(const struct sk_buff *skb)
1295{
1296 const struct ieee80211_tx_info *info;
1297
1298 info = (const struct ieee80211_tx_info *)skb->cb;
1299 return info->control.enqueue_time;
1300}
1301
1302static struct sk_buff *codel_dequeue_func(struct codel_vars *cvars,
1303 void *ctx)
1304{
1305 struct ieee80211_local *local;
1306 struct txq_info *txqi;
1307 struct fq *fq;
1308 struct fq_flow *flow;
1309
1310 txqi = ctx;
1311 local = vif_to_sdata(txqi->txq.vif)->local;
1312 fq = &local->fq;
1313
1314 if (cvars == &txqi->def_cvars)
1315 flow = &txqi->def_flow;
1316 else
1317 flow = &fq->flows[cvars - local->cvars];
1318
1319 return fq_flow_dequeue(fq, flow);
1320}
1321
1322static void codel_drop_func(struct sk_buff *skb,
1323 void *ctx)
1324{
1325 struct ieee80211_local *local;
1326 struct ieee80211_hw *hw;
1327 struct txq_info *txqi;
1328
1329 txqi = ctx;
1330 local = vif_to_sdata(txqi->txq.vif)->local;
1331 hw = &local->hw;
1332
1333 ieee80211_free_txskb(hw, skb);
1334}
1335
1336static struct sk_buff *fq_tin_dequeue_func(struct fq *fq,
1337 struct fq_tin *tin,
1338 struct fq_flow *flow)
1339{
1340 struct ieee80211_local *local;
1341 struct txq_info *txqi;
1342 struct codel_vars *cvars;
1343 struct codel_params *cparams;
1344 struct codel_stats *cstats;
1345
1346 local = container_of(fq, struct ieee80211_local, fq);
1347 txqi = container_of(tin, struct txq_info, tin);
1348 cstats = &txqi->cstats;
1349
1350 if (txqi->txq.sta) {
1351 struct sta_info *sta = container_of(txqi->txq.sta,
1352 struct sta_info, sta);
1353 cparams = &sta->cparams;
1354 } else {
1355 cparams = &local->cparams;
1356 }
1357
1358 if (flow == &txqi->def_flow)
1359 cvars = &txqi->def_cvars;
1360 else
1361 cvars = &local->cvars[flow - fq->flows];
1362
1363 return codel_dequeue(txqi,
1364 &flow->backlog,
1365 cparams,
1366 cvars,
1367 cstats,
1368 codel_skb_len_func,
1369 codel_skb_time_func,
1370 codel_drop_func,
1371 codel_dequeue_func);
1372}
1373
1374static void fq_skb_free_func(struct fq *fq,
1375 struct fq_tin *tin,
1376 struct fq_flow *flow,
1377 struct sk_buff *skb)
1378{
1379 struct ieee80211_local *local;
1380
1381 local = container_of(fq, struct ieee80211_local, fq);
1382 ieee80211_free_txskb(&local->hw, skb);
1383}
1384
1385static struct fq_flow *fq_flow_get_default_func(struct fq *fq,
1386 struct fq_tin *tin,
1387 int idx,
1388 struct sk_buff *skb)
1389{
1390 struct txq_info *txqi;
1391
1392 txqi = container_of(tin, struct txq_info, tin);
1393 return &txqi->def_flow;
1394}
1395
1396static void ieee80211_txq_enqueue(struct ieee80211_local *local,
1397 struct txq_info *txqi,
1398 struct sk_buff *skb)
1399{
1400 struct fq *fq = &local->fq;
1401 struct fq_tin *tin = &txqi->tin;
1402
1403 ieee80211_set_skb_enqueue_time(skb);
1404 fq_tin_enqueue(fq, tin, skb,
1405 fq_skb_free_func,
1406 fq_flow_get_default_func);
1407}
1408
1409static bool fq_vlan_filter_func(struct fq *fq, struct fq_tin *tin,
1410 struct fq_flow *flow, struct sk_buff *skb,
1411 void *data)
1412{
1413 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1414
1415 return info->control.vif == data;
1416}
1417
1418void ieee80211_txq_remove_vlan(struct ieee80211_local *local,
1419 struct ieee80211_sub_if_data *sdata)
1420{
1421 struct fq *fq = &local->fq;
1422 struct txq_info *txqi;
1423 struct fq_tin *tin;
1424 struct ieee80211_sub_if_data *ap;
1425
1426 if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_AP_VLAN))
1427 return;
1428
1429 ap = container_of(sdata->bss, struct ieee80211_sub_if_data, u.ap);
1430
1431 if (!ap->vif.txq)
1432 return;
1433
1434 txqi = to_txq_info(ap->vif.txq);
1435 tin = &txqi->tin;
1436
1437 spin_lock_bh(&fq->lock);
1438 fq_tin_filter(fq, tin, fq_vlan_filter_func, &sdata->vif,
1439 fq_skb_free_func);
1440 spin_unlock_bh(&fq->lock);
1441}
1442
1443void ieee80211_txq_init(struct ieee80211_sub_if_data *sdata,
1444 struct sta_info *sta,
1445 struct txq_info *txqi, int tid)
1446{
1447 fq_tin_init(&txqi->tin);
1448 fq_flow_init(&txqi->def_flow);
1449 codel_vars_init(&txqi->def_cvars);
1450 codel_stats_init(&txqi->cstats);
1451 __skb_queue_head_init(&txqi->frags);
1452
1453 txqi->txq.vif = &sdata->vif;
1454
1455 if (!sta) {
1456 sdata->vif.txq = &txqi->txq;
1457 txqi->txq.tid = 0;
1458 txqi->txq.ac = IEEE80211_AC_BE;
1459
1460 return;
1461 }
1462
1463 if (tid == IEEE80211_NUM_TIDS) {
1464 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
1465
1466 if (!ieee80211_hw_check(&sdata->local->hw,
1467 STA_MMPDU_TXQ))
1468 return;
1469 } else if (!ieee80211_hw_check(&sdata->local->hw,
1470 BUFF_MMPDU_TXQ)) {
1471
1472 return;
1473 }
1474 txqi->txq.ac = IEEE80211_AC_VO;
1475 } else {
1476 txqi->txq.ac = ieee80211_ac_from_tid(tid);
1477 }
1478
1479 txqi->txq.sta = &sta->sta;
1480 txqi->txq.tid = tid;
1481 sta->sta.txq[tid] = &txqi->txq;
1482}
1483
1484void ieee80211_txq_purge(struct ieee80211_local *local,
1485 struct txq_info *txqi)
1486{
1487 struct fq *fq = &local->fq;
1488 struct fq_tin *tin = &txqi->tin;
1489
1490 fq_tin_reset(fq, tin, fq_skb_free_func);
1491 ieee80211_purge_tx_queue(&local->hw, &txqi->frags);
1492}
1493
1494void ieee80211_txq_set_params(struct ieee80211_local *local)
1495{
1496 if (local->hw.wiphy->txq_limit)
1497 local->fq.limit = local->hw.wiphy->txq_limit;
1498 else
1499 local->hw.wiphy->txq_limit = local->fq.limit;
1500
1501 if (local->hw.wiphy->txq_memory_limit)
1502 local->fq.memory_limit = local->hw.wiphy->txq_memory_limit;
1503 else
1504 local->hw.wiphy->txq_memory_limit = local->fq.memory_limit;
1505
1506 if (local->hw.wiphy->txq_quantum)
1507 local->fq.quantum = local->hw.wiphy->txq_quantum;
1508 else
1509 local->hw.wiphy->txq_quantum = local->fq.quantum;
1510}
1511
1512int ieee80211_txq_setup_flows(struct ieee80211_local *local)
1513{
1514 struct fq *fq = &local->fq;
1515 int ret;
1516 int i;
1517 bool supp_vht = false;
1518 enum nl80211_band band;
1519
1520 if (!local->ops->wake_tx_queue)
1521 return 0;
1522
1523 ret = fq_init(fq, 4096);
1524 if (ret)
1525 return ret;
1526
1527
1528
1529
1530
1531 for (band = 0; band < NUM_NL80211_BANDS; band++) {
1532 struct ieee80211_supported_band *sband;
1533
1534 sband = local->hw.wiphy->bands[band];
1535 if (!sband)
1536 continue;
1537
1538 supp_vht = supp_vht || sband->vht_cap.vht_supported;
1539 }
1540
1541 if (!supp_vht)
1542 fq->memory_limit = 4 << 20;
1543
1544 codel_params_init(&local->cparams);
1545 local->cparams.interval = MS2TIME(100);
1546 local->cparams.target = MS2TIME(20);
1547 local->cparams.ecn = true;
1548
1549 local->cvars = kcalloc(fq->flows_cnt, sizeof(local->cvars[0]),
1550 GFP_KERNEL);
1551 if (!local->cvars) {
1552 spin_lock_bh(&fq->lock);
1553 fq_reset(fq, fq_skb_free_func);
1554 spin_unlock_bh(&fq->lock);
1555 return -ENOMEM;
1556 }
1557
1558 for (i = 0; i < fq->flows_cnt; i++)
1559 codel_vars_init(&local->cvars[i]);
1560
1561 ieee80211_txq_set_params(local);
1562
1563 return 0;
1564}
1565
1566void ieee80211_txq_teardown_flows(struct ieee80211_local *local)
1567{
1568 struct fq *fq = &local->fq;
1569
1570 if (!local->ops->wake_tx_queue)
1571 return;
1572
1573 kfree(local->cvars);
1574 local->cvars = NULL;
1575
1576 spin_lock_bh(&fq->lock);
1577 fq_reset(fq, fq_skb_free_func);
1578 spin_unlock_bh(&fq->lock);
1579}
1580
1581static bool ieee80211_queue_skb(struct ieee80211_local *local,
1582 struct ieee80211_sub_if_data *sdata,
1583 struct sta_info *sta,
1584 struct sk_buff *skb)
1585{
1586 struct fq *fq = &local->fq;
1587 struct ieee80211_vif *vif;
1588 struct txq_info *txqi;
1589
1590 if (!local->ops->wake_tx_queue ||
1591 sdata->vif.type == NL80211_IFTYPE_MONITOR)
1592 return false;
1593
1594 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
1595 sdata = container_of(sdata->bss,
1596 struct ieee80211_sub_if_data, u.ap);
1597
1598 vif = &sdata->vif;
1599 txqi = ieee80211_get_txq(local, vif, sta, skb);
1600
1601 if (!txqi)
1602 return false;
1603
1604 spin_lock_bh(&fq->lock);
1605 ieee80211_txq_enqueue(local, txqi, skb);
1606 spin_unlock_bh(&fq->lock);
1607
1608 drv_wake_tx_queue(local, txqi);
1609
1610 return true;
1611}
1612
1613static bool ieee80211_tx_frags(struct ieee80211_local *local,
1614 struct ieee80211_vif *vif,
1615 struct ieee80211_sta *sta,
1616 struct sk_buff_head *skbs,
1617 bool txpending)
1618{
1619 struct ieee80211_tx_control control = {};
1620 struct sk_buff *skb, *tmp;
1621 unsigned long flags;
1622
1623 skb_queue_walk_safe(skbs, skb, tmp) {
1624 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1625 int q = info->hw_queue;
1626
1627#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1628 if (WARN_ON_ONCE(q >= local->hw.queues)) {
1629 __skb_unlink(skb, skbs);
1630 ieee80211_free_txskb(&local->hw, skb);
1631 continue;
1632 }
1633#endif
1634
1635 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
1636 if (local->queue_stop_reasons[q] ||
1637 (!txpending && !skb_queue_empty(&local->pending[q]))) {
1638 if (unlikely(info->flags &
1639 IEEE80211_TX_INTFL_OFFCHAN_TX_OK)) {
1640 if (local->queue_stop_reasons[q] &
1641 ~BIT(IEEE80211_QUEUE_STOP_REASON_OFFCHANNEL)) {
1642
1643
1644
1645
1646
1647
1648 spin_unlock_irqrestore(
1649 &local->queue_stop_reason_lock,
1650 flags);
1651 ieee80211_purge_tx_queue(&local->hw,
1652 skbs);
1653 return true;
1654 }
1655 } else {
1656
1657
1658
1659
1660
1661
1662 if (txpending)
1663 skb_queue_splice_init(skbs,
1664 &local->pending[q]);
1665 else
1666 skb_queue_splice_tail_init(skbs,
1667 &local->pending[q]);
1668
1669 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
1670 flags);
1671 return false;
1672 }
1673 }
1674 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
1675
1676 info->control.vif = vif;
1677 control.sta = sta;
1678
1679 __skb_unlink(skb, skbs);
1680 drv_tx(local, &control, skb);
1681 }
1682
1683 return true;
1684}
1685
1686
1687
1688
1689static bool __ieee80211_tx(struct ieee80211_local *local,
1690 struct sk_buff_head *skbs, int led_len,
1691 struct sta_info *sta, bool txpending)
1692{
1693 struct ieee80211_tx_info *info;
1694 struct ieee80211_sub_if_data *sdata;
1695 struct ieee80211_vif *vif;
1696 struct ieee80211_sta *pubsta;
1697 struct sk_buff *skb;
1698 bool result = true;
1699 __le16 fc;
1700
1701 if (WARN_ON(skb_queue_empty(skbs)))
1702 return true;
1703
1704 skb = skb_peek(skbs);
1705 fc = ((struct ieee80211_hdr *)skb->data)->frame_control;
1706 info = IEEE80211_SKB_CB(skb);
1707 sdata = vif_to_sdata(info->control.vif);
1708 if (sta && !sta->uploaded)
1709 sta = NULL;
1710
1711 if (sta)
1712 pubsta = &sta->sta;
1713 else
1714 pubsta = NULL;
1715
1716 switch (sdata->vif.type) {
1717 case NL80211_IFTYPE_MONITOR:
1718 if (sdata->u.mntr.flags & MONITOR_FLAG_ACTIVE) {
1719 vif = &sdata->vif;
1720 break;
1721 }
1722 sdata = rcu_dereference(local->monitor_sdata);
1723 if (sdata) {
1724 vif = &sdata->vif;
1725 info->hw_queue =
1726 vif->hw_queue[skb_get_queue_mapping(skb)];
1727 } else if (ieee80211_hw_check(&local->hw, QUEUE_CONTROL)) {
1728 ieee80211_purge_tx_queue(&local->hw, skbs);
1729 return true;
1730 } else
1731 vif = NULL;
1732 break;
1733 case NL80211_IFTYPE_AP_VLAN:
1734 sdata = container_of(sdata->bss,
1735 struct ieee80211_sub_if_data, u.ap);
1736
1737 default:
1738 vif = &sdata->vif;
1739 break;
1740 }
1741
1742 result = ieee80211_tx_frags(local, vif, pubsta, skbs,
1743 txpending);
1744
1745 ieee80211_tpt_led_trig_tx(local, fc, led_len);
1746
1747 WARN_ON_ONCE(!skb_queue_empty(skbs));
1748
1749 return result;
1750}
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760static int invoke_tx_handlers_early(struct ieee80211_tx_data *tx)
1761{
1762 ieee80211_tx_result res = TX_DROP;
1763
1764#define CALL_TXH(txh) \
1765 do { \
1766 res = txh(tx); \
1767 if (res != TX_CONTINUE) \
1768 goto txh_done; \
1769 } while (0)
1770
1771 CALL_TXH(ieee80211_tx_h_dynamic_ps);
1772 CALL_TXH(ieee80211_tx_h_check_assoc);
1773 CALL_TXH(ieee80211_tx_h_ps_buf);
1774 CALL_TXH(ieee80211_tx_h_check_control_port_protocol);
1775 CALL_TXH(ieee80211_tx_h_select_key);
1776 if (!ieee80211_hw_check(&tx->local->hw, HAS_RATE_CONTROL))
1777 CALL_TXH(ieee80211_tx_h_rate_ctrl);
1778
1779 txh_done:
1780 if (unlikely(res == TX_DROP)) {
1781 I802_DEBUG_INC(tx->local->tx_handlers_drop);
1782 if (tx->skb)
1783 ieee80211_free_txskb(&tx->local->hw, tx->skb);
1784 else
1785 ieee80211_purge_tx_queue(&tx->local->hw, &tx->skbs);
1786 return -1;
1787 } else if (unlikely(res == TX_QUEUED)) {
1788 I802_DEBUG_INC(tx->local->tx_handlers_queued);
1789 return -1;
1790 }
1791
1792 return 0;
1793}
1794
1795
1796
1797
1798
1799static int invoke_tx_handlers_late(struct ieee80211_tx_data *tx)
1800{
1801 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
1802 ieee80211_tx_result res = TX_CONTINUE;
1803
1804 if (unlikely(info->flags & IEEE80211_TX_INTFL_RETRANSMISSION)) {
1805 __skb_queue_tail(&tx->skbs, tx->skb);
1806 tx->skb = NULL;
1807 goto txh_done;
1808 }
1809
1810 CALL_TXH(ieee80211_tx_h_michael_mic_add);
1811 CALL_TXH(ieee80211_tx_h_sequence);
1812 CALL_TXH(ieee80211_tx_h_fragment);
1813
1814 CALL_TXH(ieee80211_tx_h_stats);
1815 CALL_TXH(ieee80211_tx_h_encrypt);
1816 if (!ieee80211_hw_check(&tx->local->hw, HAS_RATE_CONTROL))
1817 CALL_TXH(ieee80211_tx_h_calculate_duration);
1818#undef CALL_TXH
1819
1820 txh_done:
1821 if (unlikely(res == TX_DROP)) {
1822 I802_DEBUG_INC(tx->local->tx_handlers_drop);
1823 if (tx->skb)
1824 ieee80211_free_txskb(&tx->local->hw, tx->skb);
1825 else
1826 ieee80211_purge_tx_queue(&tx->local->hw, &tx->skbs);
1827 return -1;
1828 } else if (unlikely(res == TX_QUEUED)) {
1829 I802_DEBUG_INC(tx->local->tx_handlers_queued);
1830 return -1;
1831 }
1832
1833 return 0;
1834}
1835
1836static int invoke_tx_handlers(struct ieee80211_tx_data *tx)
1837{
1838 int r = invoke_tx_handlers_early(tx);
1839
1840 if (r)
1841 return r;
1842 return invoke_tx_handlers_late(tx);
1843}
1844
1845bool ieee80211_tx_prepare_skb(struct ieee80211_hw *hw,
1846 struct ieee80211_vif *vif, struct sk_buff *skb,
1847 int band, struct ieee80211_sta **sta)
1848{
1849 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
1850 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1851 struct ieee80211_tx_data tx;
1852 struct sk_buff *skb2;
1853
1854 if (ieee80211_tx_prepare(sdata, &tx, NULL, skb) == TX_DROP)
1855 return false;
1856
1857 info->band = band;
1858 info->control.vif = vif;
1859 info->hw_queue = vif->hw_queue[skb_get_queue_mapping(skb)];
1860
1861 if (invoke_tx_handlers(&tx))
1862 return false;
1863
1864 if (sta) {
1865 if (tx.sta)
1866 *sta = &tx.sta->sta;
1867 else
1868 *sta = NULL;
1869 }
1870
1871
1872 skb2 = __skb_dequeue(&tx.skbs);
1873 if (WARN_ON(skb2 != skb || !skb_queue_empty(&tx.skbs))) {
1874 ieee80211_free_txskb(hw, skb2);
1875 ieee80211_purge_tx_queue(hw, &tx.skbs);
1876 return false;
1877 }
1878
1879 return true;
1880}
1881EXPORT_SYMBOL(ieee80211_tx_prepare_skb);
1882
1883
1884
1885
1886static bool ieee80211_tx(struct ieee80211_sub_if_data *sdata,
1887 struct sta_info *sta, struct sk_buff *skb,
1888 bool txpending, u32 txdata_flags)
1889{
1890 struct ieee80211_local *local = sdata->local;
1891 struct ieee80211_tx_data tx;
1892 ieee80211_tx_result res_prepare;
1893 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1894 bool result = true;
1895 int led_len;
1896
1897 if (unlikely(skb->len < 10)) {
1898 dev_kfree_skb(skb);
1899 return true;
1900 }
1901
1902
1903 led_len = skb->len;
1904 res_prepare = ieee80211_tx_prepare(sdata, &tx, sta, skb);
1905
1906 tx.flags |= txdata_flags;
1907
1908 if (unlikely(res_prepare == TX_DROP)) {
1909 ieee80211_free_txskb(&local->hw, skb);
1910 return true;
1911 } else if (unlikely(res_prepare == TX_QUEUED)) {
1912 return true;
1913 }
1914
1915
1916 if (!(info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) ||
1917 !ieee80211_hw_check(&local->hw, QUEUE_CONTROL))
1918 info->hw_queue =
1919 sdata->vif.hw_queue[skb_get_queue_mapping(skb)];
1920
1921 if (invoke_tx_handlers_early(&tx))
1922 return true;
1923
1924 if (ieee80211_queue_skb(local, sdata, tx.sta, tx.skb))
1925 return true;
1926
1927 if (!invoke_tx_handlers_late(&tx))
1928 result = __ieee80211_tx(local, &tx.skbs, led_len,
1929 tx.sta, txpending);
1930
1931 return result;
1932}
1933
1934
1935
1936static int ieee80211_skb_resize(struct ieee80211_sub_if_data *sdata,
1937 struct sk_buff *skb,
1938 int head_need, bool may_encrypt)
1939{
1940 struct ieee80211_local *local = sdata->local;
1941 int tail_need = 0;
1942
1943 if (may_encrypt && sdata->crypto_tx_tailroom_needed_cnt) {
1944 tail_need = IEEE80211_ENCRYPT_TAILROOM;
1945 tail_need -= skb_tailroom(skb);
1946 tail_need = max_t(int, tail_need, 0);
1947 }
1948
1949 if (skb_cloned(skb) &&
1950 (!ieee80211_hw_check(&local->hw, SUPPORTS_CLONED_SKBS) ||
1951 !skb_clone_writable(skb, ETH_HLEN) ||
1952 (may_encrypt && sdata->crypto_tx_tailroom_needed_cnt)))
1953 I802_DEBUG_INC(local->tx_expand_skb_head_cloned);
1954 else if (head_need || tail_need)
1955 I802_DEBUG_INC(local->tx_expand_skb_head);
1956 else
1957 return 0;
1958
1959 if (pskb_expand_head(skb, head_need, tail_need, GFP_ATOMIC)) {
1960 wiphy_debug(local->hw.wiphy,
1961 "failed to reallocate TX buffer\n");
1962 return -ENOMEM;
1963 }
1964
1965 return 0;
1966}
1967
1968void ieee80211_xmit(struct ieee80211_sub_if_data *sdata,
1969 struct sta_info *sta, struct sk_buff *skb,
1970 u32 txdata_flags)
1971{
1972 struct ieee80211_local *local = sdata->local;
1973 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1974 struct ieee80211_hdr *hdr;
1975 int headroom;
1976 bool may_encrypt;
1977
1978 may_encrypt = !(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT);
1979
1980 headroom = local->tx_headroom;
1981 if (may_encrypt)
1982 headroom += sdata->encrypt_headroom;
1983 headroom -= skb_headroom(skb);
1984 headroom = max_t(int, 0, headroom);
1985
1986 if (ieee80211_skb_resize(sdata, skb, headroom, may_encrypt)) {
1987 ieee80211_free_txskb(&local->hw, skb);
1988 return;
1989 }
1990
1991 hdr = (struct ieee80211_hdr *) skb->data;
1992 info->control.vif = &sdata->vif;
1993
1994 if (ieee80211_vif_is_mesh(&sdata->vif)) {
1995 if (ieee80211_is_data(hdr->frame_control) &&
1996 is_unicast_ether_addr(hdr->addr1)) {
1997 if (mesh_nexthop_resolve(sdata, skb))
1998 return;
1999 } else {
2000 ieee80211_mps_set_frame_flags(sdata, NULL, hdr);
2001 }
2002 }
2003
2004 ieee80211_set_qos_hdr(sdata, skb);
2005 ieee80211_tx(sdata, sta, skb, false, txdata_flags);
2006}
2007
2008static bool ieee80211_parse_tx_radiotap(struct ieee80211_local *local,
2009 struct sk_buff *skb)
2010{
2011 struct ieee80211_radiotap_iterator iterator;
2012 struct ieee80211_radiotap_header *rthdr =
2013 (struct ieee80211_radiotap_header *) skb->data;
2014 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
2015 struct ieee80211_supported_band *sband =
2016 local->hw.wiphy->bands[info->band];
2017 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len,
2018 NULL);
2019 u16 txflags;
2020 u16 rate = 0;
2021 bool rate_found = false;
2022 u8 rate_retries = 0;
2023 u16 rate_flags = 0;
2024 u8 mcs_known, mcs_flags, mcs_bw;
2025 u16 vht_known;
2026 u8 vht_mcs = 0, vht_nss = 0;
2027 int i;
2028
2029 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT |
2030 IEEE80211_TX_CTL_DONTFRAG;
2031
2032
2033
2034
2035
2036
2037
2038 while (!ret) {
2039 ret = ieee80211_radiotap_iterator_next(&iterator);
2040
2041 if (ret)
2042 continue;
2043
2044
2045 switch (iterator.this_arg_index) {
2046
2047
2048
2049
2050
2051
2052 case IEEE80211_RADIOTAP_FLAGS:
2053 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FCS) {
2054
2055
2056
2057
2058
2059
2060
2061 if (skb->len < (iterator._max_length + FCS_LEN))
2062 return false;
2063
2064 skb_trim(skb, skb->len - FCS_LEN);
2065 }
2066 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_WEP)
2067 info->flags &= ~IEEE80211_TX_INTFL_DONT_ENCRYPT;
2068 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG)
2069 info->flags &= ~IEEE80211_TX_CTL_DONTFRAG;
2070 break;
2071
2072 case IEEE80211_RADIOTAP_TX_FLAGS:
2073 txflags = get_unaligned_le16(iterator.this_arg);
2074 if (txflags & IEEE80211_RADIOTAP_F_TX_NOACK)
2075 info->flags |= IEEE80211_TX_CTL_NO_ACK;
2076 break;
2077
2078 case IEEE80211_RADIOTAP_RATE:
2079 rate = *iterator.this_arg;
2080 rate_flags = 0;
2081 rate_found = true;
2082 break;
2083
2084 case IEEE80211_RADIOTAP_DATA_RETRIES:
2085 rate_retries = *iterator.this_arg;
2086 break;
2087
2088 case IEEE80211_RADIOTAP_MCS:
2089 mcs_known = iterator.this_arg[0];
2090 mcs_flags = iterator.this_arg[1];
2091 if (!(mcs_known & IEEE80211_RADIOTAP_MCS_HAVE_MCS))
2092 break;
2093
2094 rate_found = true;
2095 rate = iterator.this_arg[2];
2096 rate_flags = IEEE80211_TX_RC_MCS;
2097
2098 if (mcs_known & IEEE80211_RADIOTAP_MCS_HAVE_GI &&
2099 mcs_flags & IEEE80211_RADIOTAP_MCS_SGI)
2100 rate_flags |= IEEE80211_TX_RC_SHORT_GI;
2101
2102 mcs_bw = mcs_flags & IEEE80211_RADIOTAP_MCS_BW_MASK;
2103 if (mcs_known & IEEE80211_RADIOTAP_MCS_HAVE_BW &&
2104 mcs_bw == IEEE80211_RADIOTAP_MCS_BW_40)
2105 rate_flags |= IEEE80211_TX_RC_40_MHZ_WIDTH;
2106 break;
2107
2108 case IEEE80211_RADIOTAP_VHT:
2109 vht_known = get_unaligned_le16(iterator.this_arg);
2110 rate_found = true;
2111
2112 rate_flags = IEEE80211_TX_RC_VHT_MCS;
2113 if ((vht_known & IEEE80211_RADIOTAP_VHT_KNOWN_GI) &&
2114 (iterator.this_arg[2] &
2115 IEEE80211_RADIOTAP_VHT_FLAG_SGI))
2116 rate_flags |= IEEE80211_TX_RC_SHORT_GI;
2117 if (vht_known &
2118 IEEE80211_RADIOTAP_VHT_KNOWN_BANDWIDTH) {
2119 if (iterator.this_arg[3] == 1)
2120 rate_flags |=
2121 IEEE80211_TX_RC_40_MHZ_WIDTH;
2122 else if (iterator.this_arg[3] == 4)
2123 rate_flags |=
2124 IEEE80211_TX_RC_80_MHZ_WIDTH;
2125 else if (iterator.this_arg[3] == 11)
2126 rate_flags |=
2127 IEEE80211_TX_RC_160_MHZ_WIDTH;
2128 }
2129
2130 vht_mcs = iterator.this_arg[4] >> 4;
2131 vht_nss = iterator.this_arg[4] & 0xF;
2132 break;
2133
2134
2135
2136
2137
2138
2139
2140 default:
2141 break;
2142 }
2143 }
2144
2145 if (ret != -ENOENT)
2146 return false;
2147
2148 if (rate_found) {
2149 info->control.flags |= IEEE80211_TX_CTRL_RATE_INJECT;
2150
2151 for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
2152 info->control.rates[i].idx = -1;
2153 info->control.rates[i].flags = 0;
2154 info->control.rates[i].count = 0;
2155 }
2156
2157 if (rate_flags & IEEE80211_TX_RC_MCS) {
2158 info->control.rates[0].idx = rate;
2159 } else if (rate_flags & IEEE80211_TX_RC_VHT_MCS) {
2160 ieee80211_rate_set_vht(info->control.rates, vht_mcs,
2161 vht_nss);
2162 } else {
2163 for (i = 0; i < sband->n_bitrates; i++) {
2164 if (rate * 5 != sband->bitrates[i].bitrate)
2165 continue;
2166
2167 info->control.rates[0].idx = i;
2168 break;
2169 }
2170 }
2171
2172 if (info->control.rates[0].idx < 0)
2173 info->control.flags &= ~IEEE80211_TX_CTRL_RATE_INJECT;
2174
2175 info->control.rates[0].flags = rate_flags;
2176 info->control.rates[0].count = min_t(u8, rate_retries + 1,
2177 local->hw.max_rate_tries);
2178 }
2179
2180
2181
2182
2183
2184
2185 skb_pull(skb, iterator._max_length);
2186
2187 return true;
2188}
2189
2190netdev_tx_t ieee80211_monitor_start_xmit(struct sk_buff *skb,
2191 struct net_device *dev)
2192{
2193 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2194 struct ieee80211_chanctx_conf *chanctx_conf;
2195 struct ieee80211_radiotap_header *prthdr =
2196 (struct ieee80211_radiotap_header *)skb->data;
2197 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
2198 struct ieee80211_hdr *hdr;
2199 struct ieee80211_sub_if_data *tmp_sdata, *sdata;
2200 struct cfg80211_chan_def *chandef;
2201 u16 len_rthdr;
2202 int hdrlen;
2203
2204
2205 if (unlikely(skb->len < sizeof(struct ieee80211_radiotap_header)))
2206 goto fail;
2207
2208
2209 if (unlikely(prthdr->it_version))
2210 goto fail;
2211
2212
2213 len_rthdr = ieee80211_get_radiotap_len(skb->data);
2214
2215
2216 if (unlikely(skb->len < len_rthdr))
2217 goto fail;
2218
2219
2220
2221
2222
2223
2224
2225 skb_set_mac_header(skb, len_rthdr);
2226
2227
2228
2229
2230 skb_set_network_header(skb, len_rthdr);
2231 skb_set_transport_header(skb, len_rthdr);
2232
2233 if (skb->len < len_rthdr + 2)
2234 goto fail;
2235
2236 hdr = (struct ieee80211_hdr *)(skb->data + len_rthdr);
2237 hdrlen = ieee80211_hdrlen(hdr->frame_control);
2238
2239 if (skb->len < len_rthdr + hdrlen)
2240 goto fail;
2241
2242
2243
2244
2245
2246 if (ieee80211_is_data(hdr->frame_control) &&
2247 skb->len >= len_rthdr + hdrlen + sizeof(rfc1042_header) + 2) {
2248 u8 *payload = (u8 *)hdr + hdrlen;
2249
2250 if (ether_addr_equal(payload, rfc1042_header))
2251 skb->protocol = cpu_to_be16((payload[6] << 8) |
2252 payload[7]);
2253 }
2254
2255 memset(info, 0, sizeof(*info));
2256
2257 info->flags = IEEE80211_TX_CTL_REQ_TX_STATUS |
2258 IEEE80211_TX_CTL_INJECTED;
2259
2260 rcu_read_lock();
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2271
2272 list_for_each_entry_rcu(tmp_sdata, &local->interfaces, list) {
2273 if (!ieee80211_sdata_running(tmp_sdata))
2274 continue;
2275 if (tmp_sdata->vif.type == NL80211_IFTYPE_MONITOR ||
2276 tmp_sdata->vif.type == NL80211_IFTYPE_AP_VLAN ||
2277 tmp_sdata->vif.type == NL80211_IFTYPE_WDS)
2278 continue;
2279 if (ether_addr_equal(tmp_sdata->vif.addr, hdr->addr2)) {
2280 sdata = tmp_sdata;
2281 break;
2282 }
2283 }
2284
2285 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
2286 if (!chanctx_conf) {
2287 tmp_sdata = rcu_dereference(local->monitor_sdata);
2288 if (tmp_sdata)
2289 chanctx_conf =
2290 rcu_dereference(tmp_sdata->vif.chanctx_conf);
2291 }
2292
2293 if (chanctx_conf)
2294 chandef = &chanctx_conf->def;
2295 else if (!local->use_chanctx)
2296 chandef = &local->_oper_chandef;
2297 else
2298 goto fail_rcu;
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316 if (!cfg80211_reg_can_beacon(local->hw.wiphy, chandef,
2317 sdata->vif.type))
2318 goto fail_rcu;
2319
2320 info->band = chandef->chan->band;
2321
2322
2323 if (!ieee80211_parse_tx_radiotap(local, skb))
2324 goto fail_rcu;
2325
2326 ieee80211_xmit(sdata, NULL, skb, 0);
2327 rcu_read_unlock();
2328
2329 return NETDEV_TX_OK;
2330
2331fail_rcu:
2332 rcu_read_unlock();
2333fail:
2334 dev_kfree_skb(skb);
2335 return NETDEV_TX_OK;
2336}
2337
2338static inline bool ieee80211_is_tdls_setup(struct sk_buff *skb)
2339{
2340 u16 ethertype = (skb->data[12] << 8) | skb->data[13];
2341
2342 return ethertype == ETH_P_TDLS &&
2343 skb->len > 14 &&
2344 skb->data[14] == WLAN_TDLS_SNAP_RFTYPE;
2345}
2346
2347static int ieee80211_lookup_ra_sta(struct ieee80211_sub_if_data *sdata,
2348 struct sk_buff *skb,
2349 struct sta_info **sta_out)
2350{
2351 struct sta_info *sta;
2352
2353 switch (sdata->vif.type) {
2354 case NL80211_IFTYPE_AP_VLAN:
2355 sta = rcu_dereference(sdata->u.vlan.sta);
2356 if (sta) {
2357 *sta_out = sta;
2358 return 0;
2359 } else if (sdata->wdev.use_4addr) {
2360 return -ENOLINK;
2361 }
2362
2363 case NL80211_IFTYPE_AP:
2364 case NL80211_IFTYPE_OCB:
2365 case NL80211_IFTYPE_ADHOC:
2366 if (is_multicast_ether_addr(skb->data)) {
2367 *sta_out = ERR_PTR(-ENOENT);
2368 return 0;
2369 }
2370 sta = sta_info_get_bss(sdata, skb->data);
2371 break;
2372 case NL80211_IFTYPE_WDS:
2373 sta = sta_info_get(sdata, sdata->u.wds.remote_addr);
2374 break;
2375#ifdef CONFIG_MAC80211_MESH
2376 case NL80211_IFTYPE_MESH_POINT:
2377
2378 *sta_out = NULL;
2379 return 0;
2380#endif
2381 case NL80211_IFTYPE_STATION:
2382 if (sdata->wdev.wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS) {
2383 sta = sta_info_get(sdata, skb->data);
2384 if (sta && test_sta_flag(sta, WLAN_STA_TDLS_PEER)) {
2385 if (test_sta_flag(sta,
2386 WLAN_STA_TDLS_PEER_AUTH)) {
2387 *sta_out = sta;
2388 return 0;
2389 }
2390
2391
2392
2393
2394
2395
2396
2397
2398 if (!ieee80211_is_tdls_setup(skb))
2399 return -EINVAL;
2400 }
2401
2402 }
2403
2404 sta = sta_info_get(sdata, sdata->u.mgd.bssid);
2405 if (!sta)
2406 return -ENOLINK;
2407 break;
2408 default:
2409 return -EINVAL;
2410 }
2411
2412 *sta_out = sta ?: ERR_PTR(-ENOENT);
2413 return 0;
2414}
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434static struct sk_buff *ieee80211_build_hdr(struct ieee80211_sub_if_data *sdata,
2435 struct sk_buff *skb, u32 info_flags,
2436 struct sta_info *sta)
2437{
2438 struct ieee80211_local *local = sdata->local;
2439 struct ieee80211_tx_info *info;
2440 int head_need;
2441 u16 ethertype, hdrlen, meshhdrlen = 0;
2442 __le16 fc;
2443 struct ieee80211_hdr hdr;
2444 struct ieee80211s_hdr mesh_hdr __maybe_unused;
2445 struct mesh_path __maybe_unused *mppath = NULL, *mpath = NULL;
2446 const u8 *encaps_data;
2447 int encaps_len, skip_header_bytes;
2448 bool wme_sta = false, authorized = false;
2449 bool tdls_peer;
2450 bool multicast;
2451 u16 info_id = 0;
2452 struct ieee80211_chanctx_conf *chanctx_conf;
2453 struct ieee80211_sub_if_data *ap_sdata;
2454 enum nl80211_band band;
2455 int ret;
2456
2457 if (IS_ERR(sta))
2458 sta = NULL;
2459
2460
2461
2462 ethertype = (skb->data[12] << 8) | skb->data[13];
2463 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA);
2464
2465 switch (sdata->vif.type) {
2466 case NL80211_IFTYPE_AP_VLAN:
2467 if (sdata->wdev.use_4addr) {
2468 fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS);
2469
2470 memcpy(hdr.addr1, sta->sta.addr, ETH_ALEN);
2471 memcpy(hdr.addr2, sdata->vif.addr, ETH_ALEN);
2472 memcpy(hdr.addr3, skb->data, ETH_ALEN);
2473 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
2474 hdrlen = 30;
2475 authorized = test_sta_flag(sta, WLAN_STA_AUTHORIZED);
2476 wme_sta = sta->sta.wme;
2477 }
2478 ap_sdata = container_of(sdata->bss, struct ieee80211_sub_if_data,
2479 u.ap);
2480 chanctx_conf = rcu_dereference(ap_sdata->vif.chanctx_conf);
2481 if (!chanctx_conf) {
2482 ret = -ENOTCONN;
2483 goto free;
2484 }
2485 band = chanctx_conf->def.chan->band;
2486 if (sdata->wdev.use_4addr)
2487 break;
2488
2489 case NL80211_IFTYPE_AP:
2490 if (sdata->vif.type == NL80211_IFTYPE_AP)
2491 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
2492 if (!chanctx_conf) {
2493 ret = -ENOTCONN;
2494 goto free;
2495 }
2496 fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS);
2497
2498 memcpy(hdr.addr1, skb->data, ETH_ALEN);
2499 memcpy(hdr.addr2, sdata->vif.addr, ETH_ALEN);
2500 memcpy(hdr.addr3, skb->data + ETH_ALEN, ETH_ALEN);
2501 hdrlen = 24;
2502 band = chanctx_conf->def.chan->band;
2503 break;
2504 case NL80211_IFTYPE_WDS:
2505 fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS);
2506
2507 memcpy(hdr.addr1, sdata->u.wds.remote_addr, ETH_ALEN);
2508 memcpy(hdr.addr2, sdata->vif.addr, ETH_ALEN);
2509 memcpy(hdr.addr3, skb->data, ETH_ALEN);
2510 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
2511 hdrlen = 30;
2512
2513
2514
2515
2516 band = local->hw.conf.chandef.chan->band;
2517 break;
2518#ifdef CONFIG_MAC80211_MESH
2519 case NL80211_IFTYPE_MESH_POINT:
2520 if (!is_multicast_ether_addr(skb->data)) {
2521 struct sta_info *next_hop;
2522 bool mpp_lookup = true;
2523
2524 mpath = mesh_path_lookup(sdata, skb->data);
2525 if (mpath) {
2526 mpp_lookup = false;
2527 next_hop = rcu_dereference(mpath->next_hop);
2528 if (!next_hop ||
2529 !(mpath->flags & (MESH_PATH_ACTIVE |
2530 MESH_PATH_RESOLVING)))
2531 mpp_lookup = true;
2532 }
2533
2534 if (mpp_lookup) {
2535 mppath = mpp_path_lookup(sdata, skb->data);
2536 if (mppath)
2537 mppath->exp_time = jiffies;
2538 }
2539
2540 if (mppath && mpath)
2541 mesh_path_del(sdata, mpath->dst);
2542 }
2543
2544
2545
2546
2547
2548
2549
2550 if (ether_addr_equal(sdata->vif.addr, skb->data + ETH_ALEN) &&
2551 !(mppath && !ether_addr_equal(mppath->mpp, skb->data))) {
2552 hdrlen = ieee80211_fill_mesh_addresses(&hdr, &fc,
2553 skb->data, skb->data + ETH_ALEN);
2554 meshhdrlen = ieee80211_new_mesh_header(sdata, &mesh_hdr,
2555 NULL, NULL);
2556 } else {
2557
2558
2559
2560
2561
2562
2563 const u8 *mesh_da = skb->data;
2564
2565 if (mppath)
2566 mesh_da = mppath->mpp;
2567 else if (mpath)
2568 mesh_da = mpath->dst;
2569
2570 hdrlen = ieee80211_fill_mesh_addresses(&hdr, &fc,
2571 mesh_da, sdata->vif.addr);
2572 if (is_multicast_ether_addr(mesh_da))
2573
2574 meshhdrlen = ieee80211_new_mesh_header(
2575 sdata, &mesh_hdr,
2576 skb->data + ETH_ALEN, NULL);
2577 else
2578
2579 meshhdrlen = ieee80211_new_mesh_header(
2580 sdata, &mesh_hdr, skb->data,
2581 skb->data + ETH_ALEN);
2582
2583 }
2584 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
2585 if (!chanctx_conf) {
2586 ret = -ENOTCONN;
2587 goto free;
2588 }
2589 band = chanctx_conf->def.chan->band;
2590 break;
2591#endif
2592 case NL80211_IFTYPE_STATION:
2593
2594 tdls_peer = test_sta_flag(sta, WLAN_STA_TDLS_PEER);
2595
2596 if (tdls_peer) {
2597
2598 memcpy(hdr.addr1, skb->data, ETH_ALEN);
2599 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
2600 memcpy(hdr.addr3, sdata->u.mgd.bssid, ETH_ALEN);
2601 hdrlen = 24;
2602 } else if (sdata->u.mgd.use_4addr &&
2603 cpu_to_be16(ethertype) != sdata->control_port_protocol) {
2604 fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS |
2605 IEEE80211_FCTL_TODS);
2606
2607 memcpy(hdr.addr1, sdata->u.mgd.bssid, ETH_ALEN);
2608 memcpy(hdr.addr2, sdata->vif.addr, ETH_ALEN);
2609 memcpy(hdr.addr3, skb->data, ETH_ALEN);
2610 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
2611 hdrlen = 30;
2612 } else {
2613 fc |= cpu_to_le16(IEEE80211_FCTL_TODS);
2614
2615 memcpy(hdr.addr1, sdata->u.mgd.bssid, ETH_ALEN);
2616 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
2617 memcpy(hdr.addr3, skb->data, ETH_ALEN);
2618 hdrlen = 24;
2619 }
2620 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
2621 if (!chanctx_conf) {
2622 ret = -ENOTCONN;
2623 goto free;
2624 }
2625 band = chanctx_conf->def.chan->band;
2626 break;
2627 case NL80211_IFTYPE_OCB:
2628
2629 memcpy(hdr.addr1, skb->data, ETH_ALEN);
2630 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
2631 eth_broadcast_addr(hdr.addr3);
2632 hdrlen = 24;
2633 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
2634 if (!chanctx_conf) {
2635 ret = -ENOTCONN;
2636 goto free;
2637 }
2638 band = chanctx_conf->def.chan->band;
2639 break;
2640 case NL80211_IFTYPE_ADHOC:
2641
2642 memcpy(hdr.addr1, skb->data, ETH_ALEN);
2643 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
2644 memcpy(hdr.addr3, sdata->u.ibss.bssid, ETH_ALEN);
2645 hdrlen = 24;
2646 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
2647 if (!chanctx_conf) {
2648 ret = -ENOTCONN;
2649 goto free;
2650 }
2651 band = chanctx_conf->def.chan->band;
2652 break;
2653 default:
2654 ret = -EINVAL;
2655 goto free;
2656 }
2657
2658 multicast = is_multicast_ether_addr(hdr.addr1);
2659
2660
2661 if (sta) {
2662 authorized = test_sta_flag(sta, WLAN_STA_AUTHORIZED);
2663 wme_sta = sta->sta.wme;
2664 } else if (ieee80211_vif_is_mesh(&sdata->vif)) {
2665
2666 wme_sta = true;
2667 }
2668
2669
2670 if (wme_sta) {
2671 fc |= cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
2672 hdrlen += 2;
2673 }
2674
2675
2676
2677
2678
2679 if (unlikely(!ieee80211_vif_is_mesh(&sdata->vif) &&
2680 (sdata->vif.type != NL80211_IFTYPE_OCB) &&
2681 !multicast && !authorized &&
2682 (cpu_to_be16(ethertype) != sdata->control_port_protocol ||
2683 !ether_addr_equal(sdata->vif.addr, skb->data + ETH_ALEN)))) {
2684#ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2685 net_info_ratelimited("%s: dropped frame to %pM (unauthorized port)\n",
2686 sdata->name, hdr.addr1);
2687#endif
2688
2689 I802_DEBUG_INC(local->tx_handlers_drop_unauth_port);
2690
2691 ret = -EPERM;
2692 goto free;
2693 }
2694
2695 if (unlikely(!multicast && skb->sk &&
2696 skb_shinfo(skb)->tx_flags & SKBTX_WIFI_STATUS)) {
2697 struct sk_buff *ack_skb = skb_clone_sk(skb);
2698
2699 if (ack_skb) {
2700 unsigned long flags;
2701 int id;
2702
2703 spin_lock_irqsave(&local->ack_status_lock, flags);
2704 id = idr_alloc(&local->ack_status_frames, ack_skb,
2705 1, 0x10000, GFP_ATOMIC);
2706 spin_unlock_irqrestore(&local->ack_status_lock, flags);
2707
2708 if (id >= 0) {
2709 info_id = id;
2710 info_flags |= IEEE80211_TX_CTL_REQ_TX_STATUS;
2711 } else {
2712 kfree_skb(ack_skb);
2713 }
2714 }
2715 }
2716
2717
2718
2719
2720 if (skb_shared(skb)) {
2721 struct sk_buff *tmp_skb = skb;
2722
2723
2724 WARN_ON(info_id);
2725
2726 skb = skb_clone(skb, GFP_ATOMIC);
2727 kfree_skb(tmp_skb);
2728
2729 if (!skb) {
2730 ret = -ENOMEM;
2731 goto free;
2732 }
2733 }
2734
2735 hdr.frame_control = fc;
2736 hdr.duration_id = 0;
2737 hdr.seq_ctrl = 0;
2738
2739 skip_header_bytes = ETH_HLEN;
2740 if (ethertype == ETH_P_AARP || ethertype == ETH_P_IPX) {
2741 encaps_data = bridge_tunnel_header;
2742 encaps_len = sizeof(bridge_tunnel_header);
2743 skip_header_bytes -= 2;
2744 } else if (ethertype >= ETH_P_802_3_MIN) {
2745 encaps_data = rfc1042_header;
2746 encaps_len = sizeof(rfc1042_header);
2747 skip_header_bytes -= 2;
2748 } else {
2749 encaps_data = NULL;
2750 encaps_len = 0;
2751 }
2752
2753 skb_pull(skb, skip_header_bytes);
2754 head_need = hdrlen + encaps_len + meshhdrlen - skb_headroom(skb);
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768 if (head_need > 0 || skb_cloned(skb)) {
2769 head_need += sdata->encrypt_headroom;
2770 head_need += local->tx_headroom;
2771 head_need = max_t(int, 0, head_need);
2772 if (ieee80211_skb_resize(sdata, skb, head_need, true)) {
2773 ieee80211_free_txskb(&local->hw, skb);
2774 skb = NULL;
2775 return ERR_PTR(-ENOMEM);
2776 }
2777 }
2778
2779 if (encaps_data)
2780 memcpy(skb_push(skb, encaps_len), encaps_data, encaps_len);
2781
2782#ifdef CONFIG_MAC80211_MESH
2783 if (meshhdrlen > 0)
2784 memcpy(skb_push(skb, meshhdrlen), &mesh_hdr, meshhdrlen);
2785#endif
2786
2787 if (ieee80211_is_data_qos(fc)) {
2788 __le16 *qos_control;
2789
2790 qos_control = skb_push(skb, 2);
2791 memcpy(skb_push(skb, hdrlen - 2), &hdr, hdrlen - 2);
2792
2793
2794
2795
2796 *qos_control = 0;
2797 } else
2798 memcpy(skb_push(skb, hdrlen), &hdr, hdrlen);
2799
2800 skb_reset_mac_header(skb);
2801
2802 info = IEEE80211_SKB_CB(skb);
2803 memset(info, 0, sizeof(*info));
2804
2805 info->flags = info_flags;
2806 info->ack_frame_id = info_id;
2807 info->band = band;
2808
2809 return skb;
2810 free:
2811 kfree_skb(skb);
2812 return ERR_PTR(ret);
2813}
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836void ieee80211_check_fast_xmit(struct sta_info *sta)
2837{
2838 struct ieee80211_fast_tx build = {}, *fast_tx = NULL, *old;
2839 struct ieee80211_local *local = sta->local;
2840 struct ieee80211_sub_if_data *sdata = sta->sdata;
2841 struct ieee80211_hdr *hdr = (void *)build.hdr;
2842 struct ieee80211_chanctx_conf *chanctx_conf;
2843 __le16 fc;
2844
2845 if (!ieee80211_hw_check(&local->hw, SUPPORT_FAST_XMIT))
2846 return;
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860 spin_lock_bh(&sta->lock);
2861 if (ieee80211_hw_check(&local->hw, SUPPORTS_PS) &&
2862 !ieee80211_hw_check(&local->hw, SUPPORTS_DYNAMIC_PS) &&
2863 sdata->vif.type == NL80211_IFTYPE_STATION)
2864 goto out;
2865
2866 if (!test_sta_flag(sta, WLAN_STA_AUTHORIZED))
2867 goto out;
2868
2869 if (test_sta_flag(sta, WLAN_STA_PS_STA) ||
2870 test_sta_flag(sta, WLAN_STA_PS_DRIVER) ||
2871 test_sta_flag(sta, WLAN_STA_PS_DELIVER) ||
2872 test_sta_flag(sta, WLAN_STA_CLEAR_PS_FILT))
2873 goto out;
2874
2875 if (sdata->noack_map)
2876 goto out;
2877
2878
2879 if (local->hw.wiphy->frag_threshold != (u32)-1 &&
2880 !ieee80211_hw_check(&local->hw, SUPPORTS_TX_FRAG))
2881 goto out;
2882
2883 rcu_read_lock();
2884 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
2885 if (!chanctx_conf) {
2886 rcu_read_unlock();
2887 goto out;
2888 }
2889 build.band = chanctx_conf->def.chan->band;
2890 rcu_read_unlock();
2891
2892 fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA);
2893
2894 switch (sdata->vif.type) {
2895 case NL80211_IFTYPE_ADHOC:
2896
2897 build.da_offs = offsetof(struct ieee80211_hdr, addr1);
2898 build.sa_offs = offsetof(struct ieee80211_hdr, addr2);
2899 memcpy(hdr->addr3, sdata->u.ibss.bssid, ETH_ALEN);
2900 build.hdr_len = 24;
2901 break;
2902 case NL80211_IFTYPE_STATION:
2903 if (test_sta_flag(sta, WLAN_STA_TDLS_PEER)) {
2904
2905 build.da_offs = offsetof(struct ieee80211_hdr, addr1);
2906 build.sa_offs = offsetof(struct ieee80211_hdr, addr2);
2907 memcpy(hdr->addr3, sdata->u.mgd.bssid, ETH_ALEN);
2908 build.hdr_len = 24;
2909 break;
2910 }
2911
2912 if (sdata->u.mgd.use_4addr) {
2913
2914 fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS |
2915 IEEE80211_FCTL_TODS);
2916
2917 memcpy(hdr->addr1, sdata->u.mgd.bssid, ETH_ALEN);
2918 memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN);
2919 build.da_offs = offsetof(struct ieee80211_hdr, addr3);
2920 build.sa_offs = offsetof(struct ieee80211_hdr, addr4);
2921 build.hdr_len = 30;
2922 break;
2923 }
2924 fc |= cpu_to_le16(IEEE80211_FCTL_TODS);
2925
2926 memcpy(hdr->addr1, sdata->u.mgd.bssid, ETH_ALEN);
2927 build.da_offs = offsetof(struct ieee80211_hdr, addr3);
2928 build.sa_offs = offsetof(struct ieee80211_hdr, addr2);
2929 build.hdr_len = 24;
2930 break;
2931 case NL80211_IFTYPE_AP_VLAN:
2932 if (sdata->wdev.use_4addr) {
2933 fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS |
2934 IEEE80211_FCTL_TODS);
2935
2936 memcpy(hdr->addr1, sta->sta.addr, ETH_ALEN);
2937 memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN);
2938 build.da_offs = offsetof(struct ieee80211_hdr, addr3);
2939 build.sa_offs = offsetof(struct ieee80211_hdr, addr4);
2940 build.hdr_len = 30;
2941 break;
2942 }
2943
2944 case NL80211_IFTYPE_AP:
2945 fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS);
2946
2947 build.da_offs = offsetof(struct ieee80211_hdr, addr1);
2948 memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN);
2949 build.sa_offs = offsetof(struct ieee80211_hdr, addr3);
2950 build.hdr_len = 24;
2951 break;
2952 default:
2953
2954 goto out;
2955 }
2956
2957 if (sta->sta.wme) {
2958 build.hdr_len += 2;
2959 fc |= cpu_to_le16(IEEE80211_STYPE_QOS_DATA);
2960 }
2961
2962
2963
2964
2965
2966
2967 build.key = rcu_access_pointer(sta->ptk[sta->ptk_idx]);
2968 if (!build.key)
2969 build.key = rcu_access_pointer(sdata->default_unicast_key);
2970 if (build.key) {
2971 bool gen_iv, iv_spc, mmic;
2972
2973 gen_iv = build.key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV;
2974 iv_spc = build.key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE;
2975 mmic = build.key->conf.flags &
2976 (IEEE80211_KEY_FLAG_GENERATE_MMIC |
2977 IEEE80211_KEY_FLAG_PUT_MIC_SPACE);
2978
2979
2980 if (!(build.key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
2981 goto out;
2982
2983
2984 if (build.key->flags & KEY_FLAG_TAINTED)
2985 goto out;
2986
2987 switch (build.key->conf.cipher) {
2988 case WLAN_CIPHER_SUITE_CCMP:
2989 case WLAN_CIPHER_SUITE_CCMP_256:
2990
2991 if (gen_iv) {
2992 (build.hdr + build.hdr_len)[3] =
2993 0x20 | (build.key->conf.keyidx << 6);
2994 build.pn_offs = build.hdr_len;
2995 }
2996 if (gen_iv || iv_spc)
2997 build.hdr_len += IEEE80211_CCMP_HDR_LEN;
2998 break;
2999 case WLAN_CIPHER_SUITE_GCMP:
3000 case WLAN_CIPHER_SUITE_GCMP_256:
3001
3002 if (gen_iv) {
3003 (build.hdr + build.hdr_len)[3] =
3004 0x20 | (build.key->conf.keyidx << 6);
3005 build.pn_offs = build.hdr_len;
3006 }
3007 if (gen_iv || iv_spc)
3008 build.hdr_len += IEEE80211_GCMP_HDR_LEN;
3009 break;
3010 case WLAN_CIPHER_SUITE_TKIP:
3011
3012 if (mmic || gen_iv)
3013 goto out;
3014 if (iv_spc)
3015 build.hdr_len += IEEE80211_TKIP_IV_LEN;
3016 break;
3017 case WLAN_CIPHER_SUITE_WEP40:
3018 case WLAN_CIPHER_SUITE_WEP104:
3019
3020 if (gen_iv)
3021 goto out;
3022 if (iv_spc)
3023 build.hdr_len += IEEE80211_WEP_IV_LEN;
3024 break;
3025 case WLAN_CIPHER_SUITE_AES_CMAC:
3026 case WLAN_CIPHER_SUITE_BIP_CMAC_256:
3027 case WLAN_CIPHER_SUITE_BIP_GMAC_128:
3028 case WLAN_CIPHER_SUITE_BIP_GMAC_256:
3029 WARN(1,
3030 "management cipher suite 0x%x enabled for data\n",
3031 build.key->conf.cipher);
3032 goto out;
3033 default:
3034
3035 if (WARN_ON(gen_iv))
3036 goto out;
3037
3038 if (!(build.key->flags & KEY_FLAG_CIPHER_SCHEME))
3039 break;
3040
3041 if (iv_spc &&
3042 build.key->conf.iv_len > IEEE80211_FAST_XMIT_MAX_IV)
3043 goto out;
3044 if (iv_spc)
3045 build.hdr_len += build.key->conf.iv_len;
3046 }
3047
3048 fc |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
3049 }
3050
3051 hdr->frame_control = fc;
3052
3053 memcpy(build.hdr + build.hdr_len,
3054 rfc1042_header, sizeof(rfc1042_header));
3055 build.hdr_len += sizeof(rfc1042_header);
3056
3057 fast_tx = kmemdup(&build, sizeof(build), GFP_ATOMIC);
3058
3059 if (!fast_tx)
3060 goto out;
3061
3062 out:
3063
3064 old = rcu_dereference_protected(sta->fast_tx,
3065 lockdep_is_held(&sta->lock));
3066 rcu_assign_pointer(sta->fast_tx, fast_tx);
3067 if (old)
3068 kfree_rcu(old, rcu_head);
3069 spin_unlock_bh(&sta->lock);
3070}
3071
3072void ieee80211_check_fast_xmit_all(struct ieee80211_local *local)
3073{
3074 struct sta_info *sta;
3075
3076 rcu_read_lock();
3077 list_for_each_entry_rcu(sta, &local->sta_list, list)
3078 ieee80211_check_fast_xmit(sta);
3079 rcu_read_unlock();
3080}
3081
3082void ieee80211_check_fast_xmit_iface(struct ieee80211_sub_if_data *sdata)
3083{
3084 struct ieee80211_local *local = sdata->local;
3085 struct sta_info *sta;
3086
3087 rcu_read_lock();
3088
3089 list_for_each_entry_rcu(sta, &local->sta_list, list) {
3090 if (sdata != sta->sdata &&
3091 (!sta->sdata->bss || sta->sdata->bss != sdata->bss))
3092 continue;
3093 ieee80211_check_fast_xmit(sta);
3094 }
3095
3096 rcu_read_unlock();
3097}
3098
3099void ieee80211_clear_fast_xmit(struct sta_info *sta)
3100{
3101 struct ieee80211_fast_tx *fast_tx;
3102
3103 spin_lock_bh(&sta->lock);
3104 fast_tx = rcu_dereference_protected(sta->fast_tx,
3105 lockdep_is_held(&sta->lock));
3106 RCU_INIT_POINTER(sta->fast_tx, NULL);
3107 spin_unlock_bh(&sta->lock);
3108
3109 if (fast_tx)
3110 kfree_rcu(fast_tx, rcu_head);
3111}
3112
3113static bool ieee80211_amsdu_realloc_pad(struct ieee80211_local *local,
3114 struct sk_buff *skb, int headroom)
3115{
3116 if (skb_headroom(skb) < headroom) {
3117 I802_DEBUG_INC(local->tx_expand_skb_head);
3118
3119 if (pskb_expand_head(skb, headroom, 0, GFP_ATOMIC)) {
3120 wiphy_debug(local->hw.wiphy,
3121 "failed to reallocate TX buffer\n");
3122 return false;
3123 }
3124 }
3125
3126 return true;
3127}
3128
3129static bool ieee80211_amsdu_prepare_head(struct ieee80211_sub_if_data *sdata,
3130 struct ieee80211_fast_tx *fast_tx,
3131 struct sk_buff *skb)
3132{
3133 struct ieee80211_local *local = sdata->local;
3134 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3135 struct ieee80211_hdr *hdr;
3136 struct ethhdr *amsdu_hdr;
3137 int hdr_len = fast_tx->hdr_len - sizeof(rfc1042_header);
3138 int subframe_len = skb->len - hdr_len;
3139 void *data;
3140 u8 *qc, *h_80211_src, *h_80211_dst;
3141 const u8 *bssid;
3142
3143 if (info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE)
3144 return false;
3145
3146 if (info->control.flags & IEEE80211_TX_CTRL_AMSDU)
3147 return true;
3148
3149 if (!ieee80211_amsdu_realloc_pad(local, skb, sizeof(*amsdu_hdr)))
3150 return false;
3151
3152 data = skb_push(skb, sizeof(*amsdu_hdr));
3153 memmove(data, data + sizeof(*amsdu_hdr), hdr_len);
3154 hdr = data;
3155 amsdu_hdr = data + hdr_len;
3156
3157 h_80211_src = data + fast_tx->sa_offs;
3158 h_80211_dst = data + fast_tx->da_offs;
3159
3160 amsdu_hdr->h_proto = cpu_to_be16(subframe_len);
3161 ether_addr_copy(amsdu_hdr->h_source, h_80211_src);
3162 ether_addr_copy(amsdu_hdr->h_dest, h_80211_dst);
3163
3164
3165
3166
3167
3168 switch (sdata->vif.type) {
3169 case NL80211_IFTYPE_STATION:
3170 bssid = sdata->u.mgd.bssid;
3171 break;
3172 case NL80211_IFTYPE_AP:
3173 case NL80211_IFTYPE_AP_VLAN:
3174 bssid = sdata->vif.addr;
3175 break;
3176 default:
3177 bssid = NULL;
3178 }
3179
3180 if (bssid && ieee80211_has_fromds(hdr->frame_control))
3181 ether_addr_copy(h_80211_src, bssid);
3182
3183 if (bssid && ieee80211_has_tods(hdr->frame_control))
3184 ether_addr_copy(h_80211_dst, bssid);
3185
3186 qc = ieee80211_get_qos_ctl(hdr);
3187 *qc |= IEEE80211_QOS_CTL_A_MSDU_PRESENT;
3188
3189 info->control.flags |= IEEE80211_TX_CTRL_AMSDU;
3190
3191 return true;
3192}
3193
3194static bool ieee80211_amsdu_aggregate(struct ieee80211_sub_if_data *sdata,
3195 struct sta_info *sta,
3196 struct ieee80211_fast_tx *fast_tx,
3197 struct sk_buff *skb)
3198{
3199 struct ieee80211_local *local = sdata->local;
3200 struct fq *fq = &local->fq;
3201 struct fq_tin *tin;
3202 struct fq_flow *flow;
3203 u8 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
3204 struct ieee80211_txq *txq = sta->sta.txq[tid];
3205 struct txq_info *txqi;
3206 struct sk_buff **frag_tail, *head;
3207 int subframe_len = skb->len - ETH_ALEN;
3208 u8 max_subframes = sta->sta.max_amsdu_subframes;
3209 int max_frags = local->hw.max_tx_fragments;
3210 int max_amsdu_len = sta->sta.max_amsdu_len;
3211 __be16 len;
3212 void *data;
3213 bool ret = false;
3214 unsigned int orig_len;
3215 int n = 2, nfrags, pad = 0;
3216 u16 hdrlen;
3217
3218 if (!ieee80211_hw_check(&local->hw, TX_AMSDU))
3219 return false;
3220
3221 if (!txq)
3222 return false;
3223
3224 txqi = to_txq_info(txq);
3225 if (test_bit(IEEE80211_TXQ_NO_AMSDU, &txqi->flags))
3226 return false;
3227
3228 if (sta->sta.max_rc_amsdu_len)
3229 max_amsdu_len = min_t(int, max_amsdu_len,
3230 sta->sta.max_rc_amsdu_len);
3231
3232 if (sta->sta.max_tid_amsdu_len[tid])
3233 max_amsdu_len = min_t(int, max_amsdu_len,
3234 sta->sta.max_tid_amsdu_len[tid]);
3235
3236 spin_lock_bh(&fq->lock);
3237
3238
3239
3240
3241
3242 tin = &txqi->tin;
3243 flow = fq_flow_classify(fq, tin, skb, fq_flow_get_default_func);
3244 head = skb_peek_tail(&flow->queue);
3245 if (!head)
3246 goto out;
3247
3248 orig_len = head->len;
3249
3250 if (skb->len + head->len > max_amsdu_len)
3251 goto out;
3252
3253 nfrags = 1 + skb_shinfo(skb)->nr_frags;
3254 nfrags += 1 + skb_shinfo(head)->nr_frags;
3255 frag_tail = &skb_shinfo(head)->frag_list;
3256 while (*frag_tail) {
3257 nfrags += 1 + skb_shinfo(*frag_tail)->nr_frags;
3258 frag_tail = &(*frag_tail)->next;
3259 n++;
3260 }
3261
3262 if (max_subframes && n > max_subframes)
3263 goto out;
3264
3265 if (max_frags && nfrags > max_frags)
3266 goto out;
3267
3268 if (!drv_can_aggregate_in_amsdu(local, head, skb))
3269 goto out;
3270
3271 if (!ieee80211_amsdu_prepare_head(sdata, fast_tx, head))
3272 goto out;
3273
3274
3275
3276
3277
3278
3279
3280
3281 hdrlen = fast_tx->hdr_len - sizeof(rfc1042_header);
3282 if ((head->len - hdrlen) & 3)
3283 pad = 4 - ((head->len - hdrlen) & 3);
3284
3285 if (!ieee80211_amsdu_realloc_pad(local, skb, sizeof(rfc1042_header) +
3286 2 + pad))
3287 goto out_recalc;
3288
3289 ret = true;
3290 data = skb_push(skb, ETH_ALEN + 2);
3291 memmove(data, data + ETH_ALEN + 2, 2 * ETH_ALEN);
3292
3293 data += 2 * ETH_ALEN;
3294 len = cpu_to_be16(subframe_len);
3295 memcpy(data, &len, 2);
3296 memcpy(data + 2, rfc1042_header, sizeof(rfc1042_header));
3297
3298 memset(skb_push(skb, pad), 0, pad);
3299
3300 head->len += skb->len;
3301 head->data_len += skb->len;
3302 *frag_tail = skb;
3303
3304out_recalc:
3305 if (head->len != orig_len) {
3306 flow->backlog += head->len - orig_len;
3307 tin->backlog_bytes += head->len - orig_len;
3308
3309 fq_recalc_backlog(fq, tin, flow);
3310 }
3311out:
3312 spin_unlock_bh(&fq->lock);
3313
3314 return ret;
3315}
3316
3317
3318
3319
3320
3321static void ieee80211_xmit_fast_finish(struct ieee80211_sub_if_data *sdata,
3322 struct sta_info *sta, u8 pn_offs,
3323 struct ieee80211_key *key,
3324 struct sk_buff *skb)
3325{
3326 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3327 struct ieee80211_hdr *hdr = (void *)skb->data;
3328 u8 tid = IEEE80211_NUM_TIDS;
3329
3330 if (key)
3331 info->control.hw_key = &key->conf;
3332
3333 ieee80211_tx_stats(skb->dev, skb->len);
3334
3335 if (hdr->frame_control & cpu_to_le16(IEEE80211_STYPE_QOS_DATA)) {
3336 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
3337 hdr->seq_ctrl = ieee80211_tx_next_seq(sta, tid);
3338 } else {
3339 info->flags |= IEEE80211_TX_CTL_ASSIGN_SEQ;
3340 hdr->seq_ctrl = cpu_to_le16(sdata->sequence_number);
3341 sdata->sequence_number += 0x10;
3342 }
3343
3344 if (skb_shinfo(skb)->gso_size)
3345 sta->tx_stats.msdu[tid] +=
3346 DIV_ROUND_UP(skb->len, skb_shinfo(skb)->gso_size);
3347 else
3348 sta->tx_stats.msdu[tid]++;
3349
3350 info->hw_queue = sdata->vif.hw_queue[skb_get_queue_mapping(skb)];
3351
3352
3353
3354
3355 sta->tx_stats.bytes[skb_get_queue_mapping(skb)] += skb->len;
3356 sta->tx_stats.packets[skb_get_queue_mapping(skb)]++;
3357
3358 if (pn_offs) {
3359 u64 pn;
3360 u8 *crypto_hdr = skb->data + pn_offs;
3361
3362 switch (key->conf.cipher) {
3363 case WLAN_CIPHER_SUITE_CCMP:
3364 case WLAN_CIPHER_SUITE_CCMP_256:
3365 case WLAN_CIPHER_SUITE_GCMP:
3366 case WLAN_CIPHER_SUITE_GCMP_256:
3367 pn = atomic64_inc_return(&key->conf.tx_pn);
3368 crypto_hdr[0] = pn;
3369 crypto_hdr[1] = pn >> 8;
3370 crypto_hdr[4] = pn >> 16;
3371 crypto_hdr[5] = pn >> 24;
3372 crypto_hdr[6] = pn >> 32;
3373 crypto_hdr[7] = pn >> 40;
3374 break;
3375 }
3376 }
3377}
3378
3379static bool ieee80211_xmit_fast(struct ieee80211_sub_if_data *sdata,
3380 struct sta_info *sta,
3381 struct ieee80211_fast_tx *fast_tx,
3382 struct sk_buff *skb)
3383{
3384 struct ieee80211_local *local = sdata->local;
3385 u16 ethertype = (skb->data[12] << 8) | skb->data[13];
3386 int extra_head = fast_tx->hdr_len - (ETH_HLEN - 2);
3387 int hw_headroom = sdata->local->hw.extra_tx_headroom;
3388 struct ethhdr eth;
3389 struct ieee80211_tx_info *info;
3390 struct ieee80211_hdr *hdr = (void *)fast_tx->hdr;
3391 struct ieee80211_tx_data tx;
3392 ieee80211_tx_result r;
3393 struct tid_ampdu_tx *tid_tx = NULL;
3394 u8 tid = IEEE80211_NUM_TIDS;
3395
3396
3397 if (cpu_to_be16(ethertype) == sdata->control_port_protocol)
3398 return false;
3399
3400
3401 if (ethertype < ETH_P_802_3_MIN)
3402 return false;
3403
3404
3405 if (skb->sk && skb_shinfo(skb)->tx_flags & SKBTX_WIFI_STATUS)
3406 return false;
3407
3408 if (hdr->frame_control & cpu_to_le16(IEEE80211_STYPE_QOS_DATA)) {
3409 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
3410 tid_tx = rcu_dereference(sta->ampdu_mlme.tid_tx[tid]);
3411 if (tid_tx) {
3412 if (!test_bit(HT_AGG_STATE_OPERATIONAL, &tid_tx->state))
3413 return false;
3414 if (tid_tx->timeout)
3415 tid_tx->last_tx = jiffies;
3416 }
3417 }
3418
3419
3420
3421 if (skb_shared(skb)) {
3422 struct sk_buff *tmp_skb = skb;
3423
3424 skb = skb_clone(skb, GFP_ATOMIC);
3425 kfree_skb(tmp_skb);
3426
3427 if (!skb)
3428 return true;
3429 }
3430
3431 if ((hdr->frame_control & cpu_to_le16(IEEE80211_STYPE_QOS_DATA)) &&
3432 ieee80211_amsdu_aggregate(sdata, sta, fast_tx, skb))
3433 return true;
3434
3435
3436
3437
3438
3439 if (unlikely(ieee80211_skb_resize(sdata, skb,
3440 max_t(int, extra_head + hw_headroom -
3441 skb_headroom(skb), 0),
3442 false))) {
3443 kfree_skb(skb);
3444 return true;
3445 }
3446
3447 memcpy(ð, skb->data, ETH_HLEN - 2);
3448 hdr = skb_push(skb, extra_head);
3449 memcpy(skb->data, fast_tx->hdr, fast_tx->hdr_len);
3450 memcpy(skb->data + fast_tx->da_offs, eth.h_dest, ETH_ALEN);
3451 memcpy(skb->data + fast_tx->sa_offs, eth.h_source, ETH_ALEN);
3452
3453 info = IEEE80211_SKB_CB(skb);
3454 memset(info, 0, sizeof(*info));
3455 info->band = fast_tx->band;
3456 info->control.vif = &sdata->vif;
3457 info->flags = IEEE80211_TX_CTL_FIRST_FRAGMENT |
3458 IEEE80211_TX_CTL_DONTFRAG |
3459 (tid_tx ? IEEE80211_TX_CTL_AMPDU : 0);
3460 info->control.flags = IEEE80211_TX_CTRL_FAST_XMIT;
3461
3462 if (hdr->frame_control & cpu_to_le16(IEEE80211_STYPE_QOS_DATA)) {
3463 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK;
3464 *ieee80211_get_qos_ctl(hdr) = tid;
3465 }
3466
3467 __skb_queue_head_init(&tx.skbs);
3468
3469 tx.flags = IEEE80211_TX_UNICAST;
3470 tx.local = local;
3471 tx.sdata = sdata;
3472 tx.sta = sta;
3473 tx.key = fast_tx->key;
3474
3475 if (!ieee80211_hw_check(&local->hw, HAS_RATE_CONTROL)) {
3476 tx.skb = skb;
3477 r = ieee80211_tx_h_rate_ctrl(&tx);
3478 skb = tx.skb;
3479 tx.skb = NULL;
3480
3481 if (r != TX_CONTINUE) {
3482 if (r != TX_QUEUED)
3483 kfree_skb(skb);
3484 return true;
3485 }
3486 }
3487
3488 if (ieee80211_queue_skb(local, sdata, sta, skb))
3489 return true;
3490
3491 ieee80211_xmit_fast_finish(sdata, sta, fast_tx->pn_offs,
3492 fast_tx->key, skb);
3493
3494 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
3495 sdata = container_of(sdata->bss,
3496 struct ieee80211_sub_if_data, u.ap);
3497
3498 __skb_queue_tail(&tx.skbs, skb);
3499 ieee80211_tx_frags(local, &sdata->vif, &sta->sta, &tx.skbs, false);
3500 return true;
3501}
3502
3503struct sk_buff *ieee80211_tx_dequeue(struct ieee80211_hw *hw,
3504 struct ieee80211_txq *txq)
3505{
3506 struct ieee80211_local *local = hw_to_local(hw);
3507 struct txq_info *txqi = container_of(txq, struct txq_info, txq);
3508 struct ieee80211_hdr *hdr;
3509 struct sk_buff *skb = NULL;
3510 struct fq *fq = &local->fq;
3511 struct fq_tin *tin = &txqi->tin;
3512 struct ieee80211_tx_info *info;
3513 struct ieee80211_tx_data tx;
3514 ieee80211_tx_result r;
3515 struct ieee80211_vif *vif = txq->vif;
3516
3517 spin_lock_bh(&fq->lock);
3518
3519 if (test_bit(IEEE80211_TXQ_STOP, &txqi->flags) ||
3520 test_bit(IEEE80211_TXQ_STOP_NETIF_TX, &txqi->flags))
3521 goto out;
3522
3523 if (vif->txqs_stopped[ieee80211_ac_from_tid(txq->tid)]) {
3524 set_bit(IEEE80211_TXQ_STOP_NETIF_TX, &txqi->flags);
3525 goto out;
3526 }
3527
3528
3529 skb = __skb_dequeue(&txqi->frags);
3530 if (skb)
3531 goto out;
3532
3533begin:
3534 skb = fq_tin_dequeue(fq, tin, fq_tin_dequeue_func);
3535 if (!skb)
3536 goto out;
3537
3538 hdr = (struct ieee80211_hdr *)skb->data;
3539 info = IEEE80211_SKB_CB(skb);
3540
3541 memset(&tx, 0, sizeof(tx));
3542 __skb_queue_head_init(&tx.skbs);
3543 tx.local = local;
3544 tx.skb = skb;
3545 tx.sdata = vif_to_sdata(info->control.vif);
3546
3547 if (txq->sta)
3548 tx.sta = container_of(txq->sta, struct sta_info, sta);
3549
3550
3551
3552
3553
3554 r = ieee80211_tx_h_select_key(&tx);
3555 if (r != TX_CONTINUE) {
3556 ieee80211_free_txskb(&local->hw, skb);
3557 goto begin;
3558 }
3559
3560 if (test_bit(IEEE80211_TXQ_AMPDU, &txqi->flags))
3561 info->flags |= IEEE80211_TX_CTL_AMPDU;
3562 else
3563 info->flags &= ~IEEE80211_TX_CTL_AMPDU;
3564
3565 if (info->control.flags & IEEE80211_TX_CTRL_FAST_XMIT) {
3566 struct sta_info *sta = container_of(txq->sta, struct sta_info,
3567 sta);
3568 u8 pn_offs = 0;
3569
3570 if (tx.key &&
3571 (tx.key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV))
3572 pn_offs = ieee80211_hdrlen(hdr->frame_control);
3573
3574 ieee80211_xmit_fast_finish(sta->sdata, sta, pn_offs,
3575 tx.key, skb);
3576 } else {
3577 if (invoke_tx_handlers_late(&tx))
3578 goto begin;
3579
3580 skb = __skb_dequeue(&tx.skbs);
3581
3582 if (!skb_queue_empty(&tx.skbs))
3583 skb_queue_splice_tail(&tx.skbs, &txqi->frags);
3584 }
3585
3586 if (skb && skb_has_frag_list(skb) &&
3587 !ieee80211_hw_check(&local->hw, TX_FRAG_LIST)) {
3588 if (skb_linearize(skb)) {
3589 ieee80211_free_txskb(&local->hw, skb);
3590 goto begin;
3591 }
3592 }
3593
3594 switch (tx.sdata->vif.type) {
3595 case NL80211_IFTYPE_MONITOR:
3596 if (tx.sdata->u.mntr.flags & MONITOR_FLAG_ACTIVE) {
3597 vif = &tx.sdata->vif;
3598 break;
3599 }
3600 tx.sdata = rcu_dereference(local->monitor_sdata);
3601 if (tx.sdata) {
3602 vif = &tx.sdata->vif;
3603 info->hw_queue =
3604 vif->hw_queue[skb_get_queue_mapping(skb)];
3605 } else if (ieee80211_hw_check(&local->hw, QUEUE_CONTROL)) {
3606 ieee80211_free_txskb(&local->hw, skb);
3607 goto begin;
3608 } else {
3609 vif = NULL;
3610 }
3611 break;
3612 case NL80211_IFTYPE_AP_VLAN:
3613 tx.sdata = container_of(tx.sdata->bss,
3614 struct ieee80211_sub_if_data, u.ap);
3615
3616 default:
3617 vif = &tx.sdata->vif;
3618 break;
3619 }
3620
3621 IEEE80211_SKB_CB(skb)->control.vif = vif;
3622
3623out:
3624 spin_unlock_bh(&fq->lock);
3625
3626 return skb;
3627}
3628EXPORT_SYMBOL(ieee80211_tx_dequeue);
3629
3630void __ieee80211_subif_start_xmit(struct sk_buff *skb,
3631 struct net_device *dev,
3632 u32 info_flags)
3633{
3634 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3635 struct sta_info *sta;
3636 struct sk_buff *next;
3637
3638 if (unlikely(skb->len < ETH_HLEN)) {
3639 kfree_skb(skb);
3640 return;
3641 }
3642
3643 rcu_read_lock();
3644
3645 if (ieee80211_lookup_ra_sta(sdata, skb, &sta))
3646 goto out_free;
3647
3648 if (!IS_ERR_OR_NULL(sta)) {
3649 struct ieee80211_fast_tx *fast_tx;
3650
3651 sk_pacing_shift_update(skb->sk, sdata->local->hw.tx_sk_pacing_shift);
3652
3653 fast_tx = rcu_dereference(sta->fast_tx);
3654
3655 if (fast_tx &&
3656 ieee80211_xmit_fast(sdata, sta, fast_tx, skb))
3657 goto out;
3658 }
3659
3660 if (skb_is_gso(skb)) {
3661 struct sk_buff *segs;
3662
3663 segs = skb_gso_segment(skb, 0);
3664 if (IS_ERR(segs)) {
3665 goto out_free;
3666 } else if (segs) {
3667 consume_skb(skb);
3668 skb = segs;
3669 }
3670 } else {
3671
3672 if (skb_linearize(skb)) {
3673 kfree_skb(skb);
3674 goto out;
3675 }
3676
3677
3678
3679
3680
3681 if (skb->ip_summed == CHECKSUM_PARTIAL) {
3682 skb_set_transport_header(skb,
3683 skb_checksum_start_offset(skb));
3684 if (skb_checksum_help(skb))
3685 goto out_free;
3686 }
3687 }
3688
3689 next = skb;
3690 while (next) {
3691 skb = next;
3692 next = skb->next;
3693
3694 skb->prev = NULL;
3695 skb->next = NULL;
3696
3697 skb = ieee80211_build_hdr(sdata, skb, info_flags, sta);
3698 if (IS_ERR(skb))
3699 goto out;
3700
3701 ieee80211_tx_stats(dev, skb->len);
3702
3703 ieee80211_xmit(sdata, sta, skb, 0);
3704 }
3705 goto out;
3706 out_free:
3707 kfree_skb(skb);
3708 out:
3709 rcu_read_unlock();
3710}
3711
3712static int ieee80211_change_da(struct sk_buff *skb, struct sta_info *sta)
3713{
3714 struct ethhdr *eth;
3715 int err;
3716
3717 err = skb_ensure_writable(skb, ETH_HLEN);
3718 if (unlikely(err))
3719 return err;
3720
3721 eth = (void *)skb->data;
3722 ether_addr_copy(eth->h_dest, sta->sta.addr);
3723
3724 return 0;
3725}
3726
3727static bool ieee80211_multicast_to_unicast(struct sk_buff *skb,
3728 struct net_device *dev)
3729{
3730 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3731 const struct ethhdr *eth = (void *)skb->data;
3732 const struct vlan_ethhdr *ethvlan = (void *)skb->data;
3733 __be16 ethertype;
3734
3735 if (likely(!is_multicast_ether_addr(eth->h_dest)))
3736 return false;
3737
3738 switch (sdata->vif.type) {
3739 case NL80211_IFTYPE_AP_VLAN:
3740 if (sdata->u.vlan.sta)
3741 return false;
3742 if (sdata->wdev.use_4addr)
3743 return false;
3744
3745 case NL80211_IFTYPE_AP:
3746
3747 if (!sdata->bss->multicast_to_unicast)
3748 return false;
3749 break;
3750 default:
3751 return false;
3752 }
3753
3754
3755 ethertype = eth->h_proto;
3756 if (ethertype == htons(ETH_P_8021Q) && skb->len >= VLAN_ETH_HLEN)
3757 ethertype = ethvlan->h_vlan_encapsulated_proto;
3758 switch (ethertype) {
3759 case htons(ETH_P_ARP):
3760 case htons(ETH_P_IP):
3761 case htons(ETH_P_IPV6):
3762 break;
3763 default:
3764 return false;
3765 }
3766
3767 return true;
3768}
3769
3770static void
3771ieee80211_convert_to_unicast(struct sk_buff *skb, struct net_device *dev,
3772 struct sk_buff_head *queue)
3773{
3774 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3775 struct ieee80211_local *local = sdata->local;
3776 const struct ethhdr *eth = (struct ethhdr *)skb->data;
3777 struct sta_info *sta, *first = NULL;
3778 struct sk_buff *cloned_skb;
3779
3780 rcu_read_lock();
3781
3782 list_for_each_entry_rcu(sta, &local->sta_list, list) {
3783 if (sdata != sta->sdata)
3784
3785 continue;
3786 if (unlikely(ether_addr_equal(eth->h_source, sta->sta.addr)))
3787
3788 continue;
3789 if (!first) {
3790 first = sta;
3791 continue;
3792 }
3793 cloned_skb = skb_clone(skb, GFP_ATOMIC);
3794 if (!cloned_skb)
3795 goto multicast;
3796 if (unlikely(ieee80211_change_da(cloned_skb, sta))) {
3797 dev_kfree_skb(cloned_skb);
3798 goto multicast;
3799 }
3800 __skb_queue_tail(queue, cloned_skb);
3801 }
3802
3803 if (likely(first)) {
3804 if (unlikely(ieee80211_change_da(skb, first)))
3805 goto multicast;
3806 __skb_queue_tail(queue, skb);
3807 } else {
3808
3809 kfree_skb(skb);
3810 skb = NULL;
3811 }
3812
3813 goto out;
3814multicast:
3815 __skb_queue_purge(queue);
3816 __skb_queue_tail(queue, skb);
3817out:
3818 rcu_read_unlock();
3819}
3820
3821
3822
3823
3824
3825
3826
3827
3828netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
3829 struct net_device *dev)
3830{
3831 if (unlikely(ieee80211_multicast_to_unicast(skb, dev))) {
3832 struct sk_buff_head queue;
3833
3834 __skb_queue_head_init(&queue);
3835 ieee80211_convert_to_unicast(skb, dev, &queue);
3836 while ((skb = __skb_dequeue(&queue)))
3837 __ieee80211_subif_start_xmit(skb, dev, 0);
3838 } else {
3839 __ieee80211_subif_start_xmit(skb, dev, 0);
3840 }
3841
3842 return NETDEV_TX_OK;
3843}
3844
3845struct sk_buff *
3846ieee80211_build_data_template(struct ieee80211_sub_if_data *sdata,
3847 struct sk_buff *skb, u32 info_flags)
3848{
3849 struct ieee80211_hdr *hdr;
3850 struct ieee80211_tx_data tx = {
3851 .local = sdata->local,
3852 .sdata = sdata,
3853 };
3854 struct sta_info *sta;
3855
3856 rcu_read_lock();
3857
3858 if (ieee80211_lookup_ra_sta(sdata, skb, &sta)) {
3859 kfree_skb(skb);
3860 skb = ERR_PTR(-EINVAL);
3861 goto out;
3862 }
3863
3864 skb = ieee80211_build_hdr(sdata, skb, info_flags, sta);
3865 if (IS_ERR(skb))
3866 goto out;
3867
3868 hdr = (void *)skb->data;
3869 tx.sta = sta_info_get(sdata, hdr->addr1);
3870 tx.skb = skb;
3871
3872 if (ieee80211_tx_h_select_key(&tx) != TX_CONTINUE) {
3873 rcu_read_unlock();
3874 kfree_skb(skb);
3875 return ERR_PTR(-EINVAL);
3876 }
3877
3878out:
3879 rcu_read_unlock();
3880 return skb;
3881}
3882
3883
3884
3885
3886
3887void ieee80211_clear_tx_pending(struct ieee80211_local *local)
3888{
3889 struct sk_buff *skb;
3890 int i;
3891
3892 for (i = 0; i < local->hw.queues; i++) {
3893 while ((skb = skb_dequeue(&local->pending[i])) != NULL)
3894 ieee80211_free_txskb(&local->hw, skb);
3895 }
3896}
3897
3898
3899
3900
3901
3902
3903static bool ieee80211_tx_pending_skb(struct ieee80211_local *local,
3904 struct sk_buff *skb)
3905{
3906 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3907 struct ieee80211_sub_if_data *sdata;
3908 struct sta_info *sta;
3909 struct ieee80211_hdr *hdr;
3910 bool result;
3911 struct ieee80211_chanctx_conf *chanctx_conf;
3912
3913 sdata = vif_to_sdata(info->control.vif);
3914
3915 if (info->flags & IEEE80211_TX_INTFL_NEED_TXPROCESSING) {
3916 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
3917 if (unlikely(!chanctx_conf)) {
3918 dev_kfree_skb(skb);
3919 return true;
3920 }
3921 info->band = chanctx_conf->def.chan->band;
3922 result = ieee80211_tx(sdata, NULL, skb, true, 0);
3923 } else {
3924 struct sk_buff_head skbs;
3925
3926 __skb_queue_head_init(&skbs);
3927 __skb_queue_tail(&skbs, skb);
3928
3929 hdr = (struct ieee80211_hdr *)skb->data;
3930 sta = sta_info_get(sdata, hdr->addr1);
3931
3932 result = __ieee80211_tx(local, &skbs, skb->len, sta, true);
3933 }
3934
3935 return result;
3936}
3937
3938
3939
3940
3941void ieee80211_tx_pending(unsigned long data)
3942{
3943 struct ieee80211_local *local = (struct ieee80211_local *)data;
3944 unsigned long flags;
3945 int i;
3946 bool txok;
3947
3948 rcu_read_lock();
3949
3950 spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
3951 for (i = 0; i < local->hw.queues; i++) {
3952
3953
3954
3955
3956 if (local->queue_stop_reasons[i] ||
3957 skb_queue_empty(&local->pending[i]))
3958 continue;
3959
3960 while (!skb_queue_empty(&local->pending[i])) {
3961 struct sk_buff *skb = __skb_dequeue(&local->pending[i]);
3962 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
3963
3964 if (WARN_ON(!info->control.vif)) {
3965 ieee80211_free_txskb(&local->hw, skb);
3966 continue;
3967 }
3968
3969 spin_unlock_irqrestore(&local->queue_stop_reason_lock,
3970 flags);
3971
3972 txok = ieee80211_tx_pending_skb(local, skb);
3973 spin_lock_irqsave(&local->queue_stop_reason_lock,
3974 flags);
3975 if (!txok)
3976 break;
3977 }
3978
3979 if (skb_queue_empty(&local->pending[i]))
3980 ieee80211_propagate_queue_wake(local, i);
3981 }
3982 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
3983
3984 rcu_read_unlock();
3985}
3986
3987
3988
3989static void __ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata,
3990 struct ps_data *ps, struct sk_buff *skb,
3991 bool is_template)
3992{
3993 u8 *pos, *tim;
3994 int aid0 = 0;
3995 int i, have_bits = 0, n1, n2;
3996
3997
3998
3999 if (atomic_read(&ps->num_sta_ps) > 0)
4000
4001
4002 have_bits = !bitmap_empty((unsigned long *)ps->tim,
4003 IEEE80211_MAX_AID+1);
4004 if (!is_template) {
4005 if (ps->dtim_count == 0)
4006 ps->dtim_count = sdata->vif.bss_conf.dtim_period - 1;
4007 else
4008 ps->dtim_count--;
4009 }
4010
4011 tim = pos = skb_put(skb, 6);
4012 *pos++ = WLAN_EID_TIM;
4013 *pos++ = 4;
4014 *pos++ = ps->dtim_count;
4015 *pos++ = sdata->vif.bss_conf.dtim_period;
4016
4017 if (ps->dtim_count == 0 && !skb_queue_empty(&ps->bc_buf))
4018 aid0 = 1;
4019
4020 ps->dtim_bc_mc = aid0 == 1;
4021
4022 if (have_bits) {
4023
4024
4025
4026 n1 = 0;
4027 for (i = 0; i < IEEE80211_MAX_TIM_LEN; i++) {
4028 if (ps->tim[i]) {
4029 n1 = i & 0xfe;
4030 break;
4031 }
4032 }
4033 n2 = n1;
4034 for (i = IEEE80211_MAX_TIM_LEN - 1; i >= n1; i--) {
4035 if (ps->tim[i]) {
4036 n2 = i;
4037 break;
4038 }
4039 }
4040
4041
4042 *pos++ = n1 | aid0;
4043
4044 skb_put(skb, n2 - n1);
4045 memcpy(pos, ps->tim + n1, n2 - n1 + 1);
4046
4047 tim[1] = n2 - n1 + 4;
4048 } else {
4049 *pos++ = aid0;
4050 *pos++ = 0;
4051 }
4052}
4053
4054static int ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata,
4055 struct ps_data *ps, struct sk_buff *skb,
4056 bool is_template)
4057{
4058 struct ieee80211_local *local = sdata->local;
4059
4060
4061
4062
4063
4064
4065
4066
4067 if (local->tim_in_locked_section) {
4068 __ieee80211_beacon_add_tim(sdata, ps, skb, is_template);
4069 } else {
4070 spin_lock_bh(&local->tim_lock);
4071 __ieee80211_beacon_add_tim(sdata, ps, skb, is_template);
4072 spin_unlock_bh(&local->tim_lock);
4073 }
4074
4075 return 0;
4076}
4077
4078static void ieee80211_set_csa(struct ieee80211_sub_if_data *sdata,
4079 struct beacon_data *beacon)
4080{
4081 struct probe_resp *resp;
4082 u8 *beacon_data;
4083 size_t beacon_data_len;
4084 int i;
4085 u8 count = beacon->csa_current_counter;
4086
4087 switch (sdata->vif.type) {
4088 case NL80211_IFTYPE_AP:
4089 beacon_data = beacon->tail;
4090 beacon_data_len = beacon->tail_len;
4091 break;
4092 case NL80211_IFTYPE_ADHOC:
4093 beacon_data = beacon->head;
4094 beacon_data_len = beacon->head_len;
4095 break;
4096 case NL80211_IFTYPE_MESH_POINT:
4097 beacon_data = beacon->head;
4098 beacon_data_len = beacon->head_len;
4099 break;
4100 default:
4101 return;
4102 }
4103
4104 rcu_read_lock();
4105 for (i = 0; i < IEEE80211_MAX_CSA_COUNTERS_NUM; ++i) {
4106 resp = rcu_dereference(sdata->u.ap.probe_resp);
4107
4108 if (beacon->csa_counter_offsets[i]) {
4109 if (WARN_ON_ONCE(beacon->csa_counter_offsets[i] >=
4110 beacon_data_len)) {
4111 rcu_read_unlock();
4112 return;
4113 }
4114
4115 beacon_data[beacon->csa_counter_offsets[i]] = count;
4116 }
4117
4118 if (sdata->vif.type == NL80211_IFTYPE_AP && resp)
4119 resp->data[resp->csa_counter_offsets[i]] = count;
4120 }
4121 rcu_read_unlock();
4122}
4123
4124static u8 __ieee80211_csa_update_counter(struct beacon_data *beacon)
4125{
4126 beacon->csa_current_counter--;
4127
4128
4129 WARN_ON_ONCE(!beacon->csa_current_counter);
4130
4131 return beacon->csa_current_counter;
4132}
4133
4134u8 ieee80211_csa_update_counter(struct ieee80211_vif *vif)
4135{
4136 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
4137 struct beacon_data *beacon = NULL;
4138 u8 count = 0;
4139
4140 rcu_read_lock();
4141
4142 if (sdata->vif.type == NL80211_IFTYPE_AP)
4143 beacon = rcu_dereference(sdata->u.ap.beacon);
4144 else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
4145 beacon = rcu_dereference(sdata->u.ibss.presp);
4146 else if (ieee80211_vif_is_mesh(&sdata->vif))
4147 beacon = rcu_dereference(sdata->u.mesh.beacon);
4148
4149 if (!beacon)
4150 goto unlock;
4151
4152 count = __ieee80211_csa_update_counter(beacon);
4153
4154unlock:
4155 rcu_read_unlock();
4156 return count;
4157}
4158EXPORT_SYMBOL(ieee80211_csa_update_counter);
4159
4160void ieee80211_csa_set_counter(struct ieee80211_vif *vif, u8 counter)
4161{
4162 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
4163 struct beacon_data *beacon = NULL;
4164
4165 rcu_read_lock();
4166
4167 if (sdata->vif.type == NL80211_IFTYPE_AP)
4168 beacon = rcu_dereference(sdata->u.ap.beacon);
4169 else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
4170 beacon = rcu_dereference(sdata->u.ibss.presp);
4171 else if (ieee80211_vif_is_mesh(&sdata->vif))
4172 beacon = rcu_dereference(sdata->u.mesh.beacon);
4173
4174 if (!beacon)
4175 goto unlock;
4176
4177 if (counter < beacon->csa_current_counter)
4178 beacon->csa_current_counter = counter;
4179
4180unlock:
4181 rcu_read_unlock();
4182}
4183EXPORT_SYMBOL(ieee80211_csa_set_counter);
4184
4185bool ieee80211_csa_is_complete(struct ieee80211_vif *vif)
4186{
4187 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
4188 struct beacon_data *beacon = NULL;
4189 u8 *beacon_data;
4190 size_t beacon_data_len;
4191 int ret = false;
4192
4193 if (!ieee80211_sdata_running(sdata))
4194 return false;
4195
4196 rcu_read_lock();
4197 if (vif->type == NL80211_IFTYPE_AP) {
4198 struct ieee80211_if_ap *ap = &sdata->u.ap;
4199
4200 beacon = rcu_dereference(ap->beacon);
4201 if (WARN_ON(!beacon || !beacon->tail))
4202 goto out;
4203 beacon_data = beacon->tail;
4204 beacon_data_len = beacon->tail_len;
4205 } else if (vif->type == NL80211_IFTYPE_ADHOC) {
4206 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
4207
4208 beacon = rcu_dereference(ifibss->presp);
4209 if (!beacon)
4210 goto out;
4211
4212 beacon_data = beacon->head;
4213 beacon_data_len = beacon->head_len;
4214 } else if (vif->type == NL80211_IFTYPE_MESH_POINT) {
4215 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
4216
4217 beacon = rcu_dereference(ifmsh->beacon);
4218 if (!beacon)
4219 goto out;
4220
4221 beacon_data = beacon->head;
4222 beacon_data_len = beacon->head_len;
4223 } else {
4224 WARN_ON(1);
4225 goto out;
4226 }
4227
4228 if (!beacon->csa_counter_offsets[0])
4229 goto out;
4230
4231 if (WARN_ON_ONCE(beacon->csa_counter_offsets[0] > beacon_data_len))
4232 goto out;
4233
4234 if (beacon_data[beacon->csa_counter_offsets[0]] == 1)
4235 ret = true;
4236 out:
4237 rcu_read_unlock();
4238
4239 return ret;
4240}
4241EXPORT_SYMBOL(ieee80211_csa_is_complete);
4242
4243static struct sk_buff *
4244__ieee80211_beacon_get(struct ieee80211_hw *hw,
4245 struct ieee80211_vif *vif,
4246 struct ieee80211_mutable_offsets *offs,
4247 bool is_template)
4248{
4249 struct ieee80211_local *local = hw_to_local(hw);
4250 struct beacon_data *beacon = NULL;
4251 struct sk_buff *skb = NULL;
4252 struct ieee80211_tx_info *info;
4253 struct ieee80211_sub_if_data *sdata = NULL;
4254 enum nl80211_band band;
4255 struct ieee80211_tx_rate_control txrc;
4256 struct ieee80211_chanctx_conf *chanctx_conf;
4257 int csa_off_base = 0;
4258
4259 rcu_read_lock();
4260
4261 sdata = vif_to_sdata(vif);
4262 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
4263
4264 if (!ieee80211_sdata_running(sdata) || !chanctx_conf)
4265 goto out;
4266
4267 if (offs)
4268 memset(offs, 0, sizeof(*offs));
4269
4270 if (sdata->vif.type == NL80211_IFTYPE_AP) {
4271 struct ieee80211_if_ap *ap = &sdata->u.ap;
4272
4273 beacon = rcu_dereference(ap->beacon);
4274 if (beacon) {
4275 if (beacon->csa_counter_offsets[0]) {
4276 if (!is_template)
4277 __ieee80211_csa_update_counter(beacon);
4278
4279 ieee80211_set_csa(sdata, beacon);
4280 }
4281
4282
4283
4284
4285
4286 skb = dev_alloc_skb(local->tx_headroom +
4287 beacon->head_len +
4288 beacon->tail_len + 256 +
4289 local->hw.extra_beacon_tailroom);
4290 if (!skb)
4291 goto out;
4292
4293 skb_reserve(skb, local->tx_headroom);
4294 skb_put_data(skb, beacon->head, beacon->head_len);
4295
4296 ieee80211_beacon_add_tim(sdata, &ap->ps, skb,
4297 is_template);
4298
4299 if (offs) {
4300 offs->tim_offset = beacon->head_len;
4301 offs->tim_length = skb->len - beacon->head_len;
4302
4303
4304 csa_off_base = skb->len;
4305 }
4306
4307 if (beacon->tail)
4308 skb_put_data(skb, beacon->tail,
4309 beacon->tail_len);
4310 } else
4311 goto out;
4312 } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) {
4313 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
4314 struct ieee80211_hdr *hdr;
4315
4316 beacon = rcu_dereference(ifibss->presp);
4317 if (!beacon)
4318 goto out;
4319
4320 if (beacon->csa_counter_offsets[0]) {
4321 if (!is_template)
4322 __ieee80211_csa_update_counter(beacon);
4323
4324 ieee80211_set_csa(sdata, beacon);
4325 }
4326
4327 skb = dev_alloc_skb(local->tx_headroom + beacon->head_len +
4328 local->hw.extra_beacon_tailroom);
4329 if (!skb)
4330 goto out;
4331 skb_reserve(skb, local->tx_headroom);
4332 skb_put_data(skb, beacon->head, beacon->head_len);
4333
4334 hdr = (struct ieee80211_hdr *) skb->data;
4335 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
4336 IEEE80211_STYPE_BEACON);
4337 } else if (ieee80211_vif_is_mesh(&sdata->vif)) {
4338 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
4339
4340 beacon = rcu_dereference(ifmsh->beacon);
4341 if (!beacon)
4342 goto out;
4343
4344 if (beacon->csa_counter_offsets[0]) {
4345 if (!is_template)
4346
4347
4348
4349
4350
4351 __ieee80211_csa_update_counter(beacon);
4352
4353 ieee80211_set_csa(sdata, beacon);
4354 }
4355
4356 if (ifmsh->sync_ops)
4357 ifmsh->sync_ops->adjust_tsf(sdata, beacon);
4358
4359 skb = dev_alloc_skb(local->tx_headroom +
4360 beacon->head_len +
4361 256 +
4362 beacon->tail_len +
4363 local->hw.extra_beacon_tailroom);
4364 if (!skb)
4365 goto out;
4366 skb_reserve(skb, local->tx_headroom);
4367 skb_put_data(skb, beacon->head, beacon->head_len);
4368 ieee80211_beacon_add_tim(sdata, &ifmsh->ps, skb, is_template);
4369
4370 if (offs) {
4371 offs->tim_offset = beacon->head_len;
4372 offs->tim_length = skb->len - beacon->head_len;
4373 }
4374
4375 skb_put_data(skb, beacon->tail, beacon->tail_len);
4376 } else {
4377 WARN_ON(1);
4378 goto out;
4379 }
4380
4381
4382 if (offs && beacon) {
4383 int i;
4384
4385 for (i = 0; i < IEEE80211_MAX_CSA_COUNTERS_NUM; i++) {
4386 u16 csa_off = beacon->csa_counter_offsets[i];
4387
4388 if (!csa_off)
4389 continue;
4390
4391 offs->csa_counter_offs[i] = csa_off_base + csa_off;
4392 }
4393 }
4394
4395 band = chanctx_conf->def.chan->band;
4396
4397 info = IEEE80211_SKB_CB(skb);
4398
4399 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
4400 info->flags |= IEEE80211_TX_CTL_NO_ACK;
4401 info->band = band;
4402
4403 memset(&txrc, 0, sizeof(txrc));
4404 txrc.hw = hw;
4405 txrc.sband = local->hw.wiphy->bands[band];
4406 txrc.bss_conf = &sdata->vif.bss_conf;
4407 txrc.skb = skb;
4408 txrc.reported_rate.idx = -1;
4409 txrc.rate_idx_mask = sdata->rc_rateidx_mask[band];
4410 txrc.bss = true;
4411 rate_control_get_rate(sdata, NULL, &txrc);
4412
4413 info->control.vif = vif;
4414
4415 info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT |
4416 IEEE80211_TX_CTL_ASSIGN_SEQ |
4417 IEEE80211_TX_CTL_FIRST_FRAGMENT;
4418 out:
4419 rcu_read_unlock();
4420 return skb;
4421
4422}
4423
4424struct sk_buff *
4425ieee80211_beacon_get_template(struct ieee80211_hw *hw,
4426 struct ieee80211_vif *vif,
4427 struct ieee80211_mutable_offsets *offs)
4428{
4429 return __ieee80211_beacon_get(hw, vif, offs, true);
4430}
4431EXPORT_SYMBOL(ieee80211_beacon_get_template);
4432
4433struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
4434 struct ieee80211_vif *vif,
4435 u16 *tim_offset, u16 *tim_length)
4436{
4437 struct ieee80211_mutable_offsets offs = {};
4438 struct sk_buff *bcn = __ieee80211_beacon_get(hw, vif, &offs, false);
4439 struct sk_buff *copy;
4440 struct ieee80211_supported_band *sband;
4441 int shift;
4442
4443 if (!bcn)
4444 return bcn;
4445
4446 if (tim_offset)
4447 *tim_offset = offs.tim_offset;
4448
4449 if (tim_length)
4450 *tim_length = offs.tim_length;
4451
4452 if (ieee80211_hw_check(hw, BEACON_TX_STATUS) ||
4453 !hw_to_local(hw)->monitors)
4454 return bcn;
4455
4456
4457 copy = skb_copy(bcn, GFP_ATOMIC);
4458 if (!copy)
4459 return bcn;
4460
4461 shift = ieee80211_vif_get_shift(vif);
4462 sband = ieee80211_get_sband(vif_to_sdata(vif));
4463 if (!sband)
4464 return bcn;
4465
4466 ieee80211_tx_monitor(hw_to_local(hw), copy, sband, 1, shift, false);
4467
4468 return bcn;
4469}
4470EXPORT_SYMBOL(ieee80211_beacon_get_tim);
4471
4472struct sk_buff *ieee80211_proberesp_get(struct ieee80211_hw *hw,
4473 struct ieee80211_vif *vif)
4474{
4475 struct ieee80211_if_ap *ap = NULL;
4476 struct sk_buff *skb = NULL;
4477 struct probe_resp *presp = NULL;
4478 struct ieee80211_hdr *hdr;
4479 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
4480
4481 if (sdata->vif.type != NL80211_IFTYPE_AP)
4482 return NULL;
4483
4484 rcu_read_lock();
4485
4486 ap = &sdata->u.ap;
4487 presp = rcu_dereference(ap->probe_resp);
4488 if (!presp)
4489 goto out;
4490
4491 skb = dev_alloc_skb(presp->len);
4492 if (!skb)
4493 goto out;
4494
4495 skb_put_data(skb, presp->data, presp->len);
4496
4497 hdr = (struct ieee80211_hdr *) skb->data;
4498 memset(hdr->addr1, 0, sizeof(hdr->addr1));
4499
4500out:
4501 rcu_read_unlock();
4502 return skb;
4503}
4504EXPORT_SYMBOL(ieee80211_proberesp_get);
4505
4506struct sk_buff *ieee80211_pspoll_get(struct ieee80211_hw *hw,
4507 struct ieee80211_vif *vif)
4508{
4509 struct ieee80211_sub_if_data *sdata;
4510 struct ieee80211_if_managed *ifmgd;
4511 struct ieee80211_pspoll *pspoll;
4512 struct ieee80211_local *local;
4513 struct sk_buff *skb;
4514
4515 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
4516 return NULL;
4517
4518 sdata = vif_to_sdata(vif);
4519 ifmgd = &sdata->u.mgd;
4520 local = sdata->local;
4521
4522 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*pspoll));
4523 if (!skb)
4524 return NULL;
4525
4526 skb_reserve(skb, local->hw.extra_tx_headroom);
4527
4528 pspoll = skb_put_zero(skb, sizeof(*pspoll));
4529 pspoll->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
4530 IEEE80211_STYPE_PSPOLL);
4531 pspoll->aid = cpu_to_le16(ifmgd->aid);
4532
4533
4534 pspoll->aid |= cpu_to_le16(1 << 15 | 1 << 14);
4535
4536 memcpy(pspoll->bssid, ifmgd->bssid, ETH_ALEN);
4537 memcpy(pspoll->ta, vif->addr, ETH_ALEN);
4538
4539 return skb;
4540}
4541EXPORT_SYMBOL(ieee80211_pspoll_get);
4542
4543struct sk_buff *ieee80211_nullfunc_get(struct ieee80211_hw *hw,
4544 struct ieee80211_vif *vif,
4545 bool qos_ok)
4546{
4547 struct ieee80211_hdr_3addr *nullfunc;
4548 struct ieee80211_sub_if_data *sdata;
4549 struct ieee80211_if_managed *ifmgd;
4550 struct ieee80211_local *local;
4551 struct sk_buff *skb;
4552 bool qos = false;
4553
4554 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
4555 return NULL;
4556
4557 sdata = vif_to_sdata(vif);
4558 ifmgd = &sdata->u.mgd;
4559 local = sdata->local;
4560
4561 if (qos_ok) {
4562 struct sta_info *sta;
4563
4564 rcu_read_lock();
4565 sta = sta_info_get(sdata, ifmgd->bssid);
4566 qos = sta && sta->sta.wme;
4567 rcu_read_unlock();
4568 }
4569
4570 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
4571 sizeof(*nullfunc) + 2);
4572 if (!skb)
4573 return NULL;
4574
4575 skb_reserve(skb, local->hw.extra_tx_headroom);
4576
4577 nullfunc = skb_put_zero(skb, sizeof(*nullfunc));
4578 nullfunc->frame_control = cpu_to_le16(IEEE80211_FTYPE_DATA |
4579 IEEE80211_STYPE_NULLFUNC |
4580 IEEE80211_FCTL_TODS);
4581 if (qos) {
4582 __le16 qos = cpu_to_le16(7);
4583
4584 BUILD_BUG_ON((IEEE80211_STYPE_QOS_NULLFUNC |
4585 IEEE80211_STYPE_NULLFUNC) !=
4586 IEEE80211_STYPE_QOS_NULLFUNC);
4587 nullfunc->frame_control |=
4588 cpu_to_le16(IEEE80211_STYPE_QOS_NULLFUNC);
4589 skb->priority = 7;
4590 skb_set_queue_mapping(skb, IEEE80211_AC_VO);
4591 skb_put_data(skb, &qos, sizeof(qos));
4592 }
4593
4594 memcpy(nullfunc->addr1, ifmgd->bssid, ETH_ALEN);
4595 memcpy(nullfunc->addr2, vif->addr, ETH_ALEN);
4596 memcpy(nullfunc->addr3, ifmgd->bssid, ETH_ALEN);
4597
4598 return skb;
4599}
4600EXPORT_SYMBOL(ieee80211_nullfunc_get);
4601
4602struct sk_buff *ieee80211_probereq_get(struct ieee80211_hw *hw,
4603 const u8 *src_addr,
4604 const u8 *ssid, size_t ssid_len,
4605 size_t tailroom)
4606{
4607 struct ieee80211_local *local = hw_to_local(hw);
4608 struct ieee80211_hdr_3addr *hdr;
4609 struct sk_buff *skb;
4610 size_t ie_ssid_len;
4611 u8 *pos;
4612
4613 ie_ssid_len = 2 + ssid_len;
4614
4615 skb = dev_alloc_skb(local->hw.extra_tx_headroom + sizeof(*hdr) +
4616 ie_ssid_len + tailroom);
4617 if (!skb)
4618 return NULL;
4619
4620 skb_reserve(skb, local->hw.extra_tx_headroom);
4621
4622 hdr = skb_put_zero(skb, sizeof(*hdr));
4623 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
4624 IEEE80211_STYPE_PROBE_REQ);
4625 eth_broadcast_addr(hdr->addr1);
4626 memcpy(hdr->addr2, src_addr, ETH_ALEN);
4627 eth_broadcast_addr(hdr->addr3);
4628
4629 pos = skb_put(skb, ie_ssid_len);
4630 *pos++ = WLAN_EID_SSID;
4631 *pos++ = ssid_len;
4632 if (ssid_len)
4633 memcpy(pos, ssid, ssid_len);
4634 pos += ssid_len;
4635
4636 return skb;
4637}
4638EXPORT_SYMBOL(ieee80211_probereq_get);
4639
4640void ieee80211_rts_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4641 const void *frame, size_t frame_len,
4642 const struct ieee80211_tx_info *frame_txctl,
4643 struct ieee80211_rts *rts)
4644{
4645 const struct ieee80211_hdr *hdr = frame;
4646
4647 rts->frame_control =
4648 cpu_to_le16(IEEE80211_FTYPE_CTL | IEEE80211_STYPE_RTS);
4649 rts->duration = ieee80211_rts_duration(hw, vif, frame_len,
4650 frame_txctl);
4651 memcpy(rts->ra, hdr->addr1, sizeof(rts->ra));
4652 memcpy(rts->ta, hdr->addr2, sizeof(rts->ta));
4653}
4654EXPORT_SYMBOL(ieee80211_rts_get);
4655
4656void ieee80211_ctstoself_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4657 const void *frame, size_t frame_len,
4658 const struct ieee80211_tx_info *frame_txctl,
4659 struct ieee80211_cts *cts)
4660{
4661 const struct ieee80211_hdr *hdr = frame;
4662
4663 cts->frame_control =
4664 cpu_to_le16(IEEE80211_FTYPE_CTL | IEEE80211_STYPE_CTS);
4665 cts->duration = ieee80211_ctstoself_duration(hw, vif,
4666 frame_len, frame_txctl);
4667 memcpy(cts->ra, hdr->addr1, sizeof(cts->ra));
4668}
4669EXPORT_SYMBOL(ieee80211_ctstoself_get);
4670
4671struct sk_buff *
4672ieee80211_get_buffered_bc(struct ieee80211_hw *hw,
4673 struct ieee80211_vif *vif)
4674{
4675 struct ieee80211_local *local = hw_to_local(hw);
4676 struct sk_buff *skb = NULL;
4677 struct ieee80211_tx_data tx;
4678 struct ieee80211_sub_if_data *sdata;
4679 struct ps_data *ps;
4680 struct ieee80211_tx_info *info;
4681 struct ieee80211_chanctx_conf *chanctx_conf;
4682
4683 sdata = vif_to_sdata(vif);
4684
4685 rcu_read_lock();
4686 chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
4687
4688 if (!chanctx_conf)
4689 goto out;
4690
4691 if (sdata->vif.type == NL80211_IFTYPE_AP) {
4692 struct beacon_data *beacon =
4693 rcu_dereference(sdata->u.ap.beacon);
4694
4695 if (!beacon || !beacon->head)
4696 goto out;
4697
4698 ps = &sdata->u.ap.ps;
4699 } else if (ieee80211_vif_is_mesh(&sdata->vif)) {
4700 ps = &sdata->u.mesh.ps;
4701 } else {
4702 goto out;
4703 }
4704
4705 if (ps->dtim_count != 0 || !ps->dtim_bc_mc)
4706 goto out;
4707
4708 while (1) {
4709 skb = skb_dequeue(&ps->bc_buf);
4710 if (!skb)
4711 goto out;
4712 local->total_ps_buffered--;
4713
4714 if (!skb_queue_empty(&ps->bc_buf) && skb->len >= 2) {
4715 struct ieee80211_hdr *hdr =
4716 (struct ieee80211_hdr *) skb->data;
4717
4718
4719
4720 hdr->frame_control |=
4721 cpu_to_le16(IEEE80211_FCTL_MOREDATA);
4722 }
4723
4724 if (sdata->vif.type == NL80211_IFTYPE_AP)
4725 sdata = IEEE80211_DEV_TO_SUB_IF(skb->dev);
4726 if (!ieee80211_tx_prepare(sdata, &tx, NULL, skb))
4727 break;
4728 ieee80211_free_txskb(hw, skb);
4729 }
4730
4731 info = IEEE80211_SKB_CB(skb);
4732
4733 tx.flags |= IEEE80211_TX_PS_BUFFERED;
4734 info->band = chanctx_conf->def.chan->band;
4735
4736 if (invoke_tx_handlers(&tx))
4737 skb = NULL;
4738 out:
4739 rcu_read_unlock();
4740
4741 return skb;
4742}
4743EXPORT_SYMBOL(ieee80211_get_buffered_bc);
4744
4745int ieee80211_reserve_tid(struct ieee80211_sta *pubsta, u8 tid)
4746{
4747 struct sta_info *sta = container_of(pubsta, struct sta_info, sta);
4748 struct ieee80211_sub_if_data *sdata = sta->sdata;
4749 struct ieee80211_local *local = sdata->local;
4750 int ret;
4751 u32 queues;
4752
4753 lockdep_assert_held(&local->sta_mtx);
4754
4755
4756 switch (sdata->vif.type) {
4757 case NL80211_IFTYPE_STATION:
4758 case NL80211_IFTYPE_AP:
4759 case NL80211_IFTYPE_AP_VLAN:
4760 break;
4761 default:
4762 WARN_ON(1);
4763 return -EINVAL;
4764 }
4765
4766 if (WARN_ON(tid >= IEEE80211_NUM_UPS))
4767 return -EINVAL;
4768
4769 if (sta->reserved_tid == tid) {
4770 ret = 0;
4771 goto out;
4772 }
4773
4774 if (sta->reserved_tid != IEEE80211_TID_UNRESERVED) {
4775 sdata_err(sdata, "TID reservation already active\n");
4776 ret = -EALREADY;
4777 goto out;
4778 }
4779
4780 ieee80211_stop_vif_queues(sdata->local, sdata,
4781 IEEE80211_QUEUE_STOP_REASON_RESERVE_TID);
4782
4783 synchronize_net();
4784
4785
4786 if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) {
4787 set_sta_flag(sta, WLAN_STA_BLOCK_BA);
4788 __ieee80211_stop_tx_ba_session(sta, tid,
4789 AGG_STOP_LOCAL_REQUEST);
4790 }
4791
4792 queues = BIT(sdata->vif.hw_queue[ieee802_1d_to_ac[tid]]);
4793 __ieee80211_flush_queues(local, sdata, queues, false);
4794
4795 sta->reserved_tid = tid;
4796
4797 ieee80211_wake_vif_queues(local, sdata,
4798 IEEE80211_QUEUE_STOP_REASON_RESERVE_TID);
4799
4800 if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION))
4801 clear_sta_flag(sta, WLAN_STA_BLOCK_BA);
4802
4803 ret = 0;
4804 out:
4805 return ret;
4806}
4807EXPORT_SYMBOL(ieee80211_reserve_tid);
4808
4809void ieee80211_unreserve_tid(struct ieee80211_sta *pubsta, u8 tid)
4810{
4811 struct sta_info *sta = container_of(pubsta, struct sta_info, sta);
4812 struct ieee80211_sub_if_data *sdata = sta->sdata;
4813
4814 lockdep_assert_held(&sdata->local->sta_mtx);
4815
4816
4817 switch (sdata->vif.type) {
4818 case NL80211_IFTYPE_STATION:
4819 case NL80211_IFTYPE_AP:
4820 case NL80211_IFTYPE_AP_VLAN:
4821 break;
4822 default:
4823 WARN_ON(1);
4824 return;
4825 }
4826
4827 if (tid != sta->reserved_tid) {
4828 sdata_err(sdata, "TID to unreserve (%d) isn't reserved\n", tid);
4829 return;
4830 }
4831
4832 sta->reserved_tid = IEEE80211_TID_UNRESERVED;
4833}
4834EXPORT_SYMBOL(ieee80211_unreserve_tid);
4835
4836void __ieee80211_tx_skb_tid_band(struct ieee80211_sub_if_data *sdata,
4837 struct sk_buff *skb, int tid,
4838 enum nl80211_band band, u32 txdata_flags)
4839{
4840 int ac = ieee80211_ac_from_tid(tid);
4841
4842 skb_reset_mac_header(skb);
4843 skb_set_queue_mapping(skb, ac);
4844 skb->priority = tid;
4845
4846 skb->dev = sdata->dev;
4847
4848
4849
4850
4851
4852
4853 local_bh_disable();
4854 IEEE80211_SKB_CB(skb)->band = band;
4855 ieee80211_xmit(sdata, NULL, skb, txdata_flags);
4856 local_bh_enable();
4857}
4858
4859int ieee80211_tx_control_port(struct wiphy *wiphy, struct net_device *dev,
4860 const u8 *buf, size_t len,
4861 const u8 *dest, __be16 proto, bool unencrypted)
4862{
4863 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4864 struct ieee80211_local *local = sdata->local;
4865 struct sk_buff *skb;
4866 struct ethhdr *ehdr;
4867 u32 flags;
4868
4869
4870
4871
4872 if (proto != sdata->control_port_protocol &&
4873 proto != cpu_to_be16(ETH_P_PREAUTH))
4874 return -EINVAL;
4875
4876 if (unencrypted)
4877 flags = IEEE80211_TX_INTFL_DONT_ENCRYPT;
4878 else
4879 flags = 0;
4880
4881 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
4882 sizeof(struct ethhdr) + len);
4883 if (!skb)
4884 return -ENOMEM;
4885
4886 skb_reserve(skb, local->hw.extra_tx_headroom + sizeof(struct ethhdr));
4887
4888 skb_put_data(skb, buf, len);
4889
4890 ehdr = skb_push(skb, sizeof(struct ethhdr));
4891 memcpy(ehdr->h_dest, dest, ETH_ALEN);
4892 memcpy(ehdr->h_source, sdata->vif.addr, ETH_ALEN);
4893 ehdr->h_proto = proto;
4894
4895 skb->dev = dev;
4896 skb->protocol = htons(ETH_P_802_3);
4897 skb_reset_network_header(skb);
4898 skb_reset_mac_header(skb);
4899
4900 local_bh_disable();
4901 __ieee80211_subif_start_xmit(skb, skb->dev, flags);
4902 local_bh_enable();
4903
4904 return 0;
4905}
4906
