1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | /* |
3 | * Copyright 2002-2005, Instant802 Networks, Inc. |
4 | * Copyright 2005-2006, Devicescape Software, Inc. |
5 | * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> |
6 | * Copyright 2007 Johannes Berg <johannes@sipsolutions.net> |
7 | * Copyright 2013-2014 Intel Mobile Communications GmbH |
8 | * Copyright (C) 2018-2022 Intel Corporation |
9 | * |
10 | * Transmit and frame generation functions. |
11 | */ |
12 | |
13 | #include <linux/kernel.h> |
14 | #include <linux/slab.h> |
15 | #include <linux/skbuff.h> |
16 | #include <linux/if_vlan.h> |
17 | #include <linux/etherdevice.h> |
18 | #include <linux/bitmap.h> |
19 | #include <linux/rcupdate.h> |
20 | #include <linux/export.h> |
21 | #include <net/net_namespace.h> |
22 | #include <net/ieee80211_radiotap.h> |
23 | #include <net/cfg80211.h> |
24 | #include <net/mac80211.h> |
25 | #include <net/codel.h> |
26 | #include <net/codel_impl.h> |
27 | #include <asm/unaligned.h> |
28 | #include <net/fq_impl.h> |
29 | #include <net/gso.h> |
30 | |
31 | #include "ieee80211_i.h" |
32 | #include "driver-ops.h" |
33 | #include "led.h" |
34 | #include "mesh.h" |
35 | #include "wep.h" |
36 | #include "wpa.h" |
37 | #include "wme.h" |
38 | #include "rate.h" |
39 | |
40 | /* misc utils */ |
41 | |
42 | static __le16 ieee80211_duration(struct ieee80211_tx_data *tx, |
43 | struct sk_buff *skb, int group_addr, |
44 | int next_frag_len) |
45 | { |
46 | int rate, mrate, erp, dur, i; |
47 | struct ieee80211_rate *txrate; |
48 | struct ieee80211_local *local = tx->local; |
49 | struct ieee80211_supported_band *sband; |
50 | struct ieee80211_hdr *hdr; |
51 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
52 | struct ieee80211_chanctx_conf *chanctx_conf; |
53 | u32 rate_flags = 0; |
54 | |
55 | /* assume HW handles this */ |
56 | if (tx->rate.flags & (IEEE80211_TX_RC_MCS | IEEE80211_TX_RC_VHT_MCS)) |
57 | return 0; |
58 | |
59 | rcu_read_lock(); |
60 | chanctx_conf = rcu_dereference(tx->sdata->vif.bss_conf.chanctx_conf); |
61 | if (chanctx_conf) |
62 | rate_flags = ieee80211_chandef_rate_flags(chandef: &chanctx_conf->def); |
63 | rcu_read_unlock(); |
64 | |
65 | /* uh huh? */ |
66 | if (WARN_ON_ONCE(tx->rate.idx < 0)) |
67 | return 0; |
68 | |
69 | sband = local->hw.wiphy->bands[info->band]; |
70 | txrate = &sband->bitrates[tx->rate.idx]; |
71 | |
72 | erp = txrate->flags & IEEE80211_RATE_ERP_G; |
73 | |
74 | /* device is expected to do this */ |
75 | if (sband->band == NL80211_BAND_S1GHZ) |
76 | return 0; |
77 | |
78 | /* |
79 | * data and mgmt (except PS Poll): |
80 | * - during CFP: 32768 |
81 | * - during contention period: |
82 | * if addr1 is group address: 0 |
83 | * if more fragments = 0 and addr1 is individual address: time to |
84 | * transmit one ACK plus SIFS |
85 | * if more fragments = 1 and addr1 is individual address: time to |
86 | * transmit next fragment plus 2 x ACK plus 3 x SIFS |
87 | * |
88 | * IEEE 802.11, 9.6: |
89 | * - control response frame (CTS or ACK) shall be transmitted using the |
90 | * same rate as the immediately previous frame in the frame exchange |
91 | * sequence, if this rate belongs to the PHY mandatory rates, or else |
92 | * at the highest possible rate belonging to the PHY rates in the |
93 | * BSSBasicRateSet |
94 | */ |
95 | hdr = (struct ieee80211_hdr *)skb->data; |
96 | if (ieee80211_is_ctl(fc: hdr->frame_control)) { |
97 | /* TODO: These control frames are not currently sent by |
98 | * mac80211, but should they be implemented, this function |
99 | * needs to be updated to support duration field calculation. |
100 | * |
101 | * RTS: time needed to transmit pending data/mgmt frame plus |
102 | * one CTS frame plus one ACK frame plus 3 x SIFS |
103 | * CTS: duration of immediately previous RTS minus time |
104 | * required to transmit CTS and its SIFS |
105 | * ACK: 0 if immediately previous directed data/mgmt had |
106 | * more=0, with more=1 duration in ACK frame is duration |
107 | * from previous frame minus time needed to transmit ACK |
108 | * and its SIFS |
109 | * PS Poll: BIT(15) | BIT(14) | aid |
110 | */ |
111 | return 0; |
112 | } |
113 | |
114 | /* data/mgmt */ |
115 | if (0 /* FIX: data/mgmt during CFP */) |
116 | return cpu_to_le16(32768); |
117 | |
118 | if (group_addr) /* Group address as the destination - no ACK */ |
119 | return 0; |
120 | |
121 | /* Individual destination address: |
122 | * IEEE 802.11, Ch. 9.6 (after IEEE 802.11g changes) |
123 | * CTS and ACK frames shall be transmitted using the highest rate in |
124 | * basic rate set that is less than or equal to the rate of the |
125 | * immediately previous frame and that is using the same modulation |
126 | * (CCK or OFDM). If no basic rate set matches with these requirements, |
127 | * the highest mandatory rate of the PHY that is less than or equal to |
128 | * the rate of the previous frame is used. |
129 | * Mandatory rates for IEEE 802.11g PHY: 1, 2, 5.5, 11, 6, 12, 24 Mbps |
130 | */ |
131 | rate = -1; |
132 | /* use lowest available if everything fails */ |
133 | mrate = sband->bitrates[0].bitrate; |
134 | for (i = 0; i < sband->n_bitrates; i++) { |
135 | struct ieee80211_rate *r = &sband->bitrates[i]; |
136 | |
137 | if (r->bitrate > txrate->bitrate) |
138 | break; |
139 | |
140 | if ((rate_flags & r->flags) != rate_flags) |
141 | continue; |
142 | |
143 | if (tx->sdata->vif.bss_conf.basic_rates & BIT(i)) |
144 | rate = r->bitrate; |
145 | |
146 | switch (sband->band) { |
147 | case NL80211_BAND_2GHZ: |
148 | case NL80211_BAND_LC: { |
149 | u32 flag; |
150 | if (tx->sdata->deflink.operating_11g_mode) |
151 | flag = IEEE80211_RATE_MANDATORY_G; |
152 | else |
153 | flag = IEEE80211_RATE_MANDATORY_B; |
154 | if (r->flags & flag) |
155 | mrate = r->bitrate; |
156 | break; |
157 | } |
158 | case NL80211_BAND_5GHZ: |
159 | case NL80211_BAND_6GHZ: |
160 | if (r->flags & IEEE80211_RATE_MANDATORY_A) |
161 | mrate = r->bitrate; |
162 | break; |
163 | case NL80211_BAND_S1GHZ: |
164 | case NL80211_BAND_60GHZ: |
165 | /* TODO, for now fall through */ |
166 | case NUM_NL80211_BANDS: |
167 | WARN_ON(1); |
168 | break; |
169 | } |
170 | } |
171 | if (rate == -1) { |
172 | /* No matching basic rate found; use highest suitable mandatory |
173 | * PHY rate */ |
174 | rate = mrate; |
175 | } |
176 | |
177 | /* Don't calculate ACKs for QoS Frames with NoAck Policy set */ |
178 | if (ieee80211_is_data_qos(fc: hdr->frame_control) && |
179 | *(ieee80211_get_qos_ctl(hdr)) & IEEE80211_QOS_CTL_ACK_POLICY_NOACK) |
180 | dur = 0; |
181 | else |
182 | /* Time needed to transmit ACK |
183 | * (10 bytes + 4-byte FCS = 112 bits) plus SIFS; rounded up |
184 | * to closest integer */ |
185 | dur = ieee80211_frame_duration(band: sband->band, len: 10, rate, erp, |
186 | short_preamble: tx->sdata->vif.bss_conf.use_short_preamble); |
187 | |
188 | if (next_frag_len) { |
189 | /* Frame is fragmented: duration increases with time needed to |
190 | * transmit next fragment plus ACK and 2 x SIFS. */ |
191 | dur *= 2; /* ACK + SIFS */ |
192 | /* next fragment */ |
193 | dur += ieee80211_frame_duration(band: sband->band, len: next_frag_len, |
194 | rate: txrate->bitrate, erp, |
195 | short_preamble: tx->sdata->vif.bss_conf.use_short_preamble); |
196 | } |
197 | |
198 | return cpu_to_le16(dur); |
199 | } |
200 | |
201 | /* tx handlers */ |
202 | static ieee80211_tx_result debug_noinline |
203 | ieee80211_tx_h_dynamic_ps(struct ieee80211_tx_data *tx) |
204 | { |
205 | struct ieee80211_local *local = tx->local; |
206 | struct ieee80211_if_managed *ifmgd; |
207 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb: tx->skb); |
208 | |
209 | /* driver doesn't support power save */ |
210 | if (!ieee80211_hw_check(&local->hw, SUPPORTS_PS)) |
211 | return TX_CONTINUE; |
212 | |
213 | /* hardware does dynamic power save */ |
214 | if (ieee80211_hw_check(&local->hw, SUPPORTS_DYNAMIC_PS)) |
215 | return TX_CONTINUE; |
216 | |
217 | /* dynamic power save disabled */ |
218 | if (local->hw.conf.dynamic_ps_timeout <= 0) |
219 | return TX_CONTINUE; |
220 | |
221 | /* we are scanning, don't enable power save */ |
222 | if (local->scanning) |
223 | return TX_CONTINUE; |
224 | |
225 | if (!local->ps_sdata) |
226 | return TX_CONTINUE; |
227 | |
228 | /* No point if we're going to suspend */ |
229 | if (local->quiescing) |
230 | return TX_CONTINUE; |
231 | |
232 | /* dynamic ps is supported only in managed mode */ |
233 | if (tx->sdata->vif.type != NL80211_IFTYPE_STATION) |
234 | return TX_CONTINUE; |
235 | |
236 | if (unlikely(info->flags & IEEE80211_TX_INTFL_OFFCHAN_TX_OK)) |
237 | return TX_CONTINUE; |
238 | |
239 | ifmgd = &tx->sdata->u.mgd; |
240 | |
241 | /* |
242 | * Don't wakeup from power save if u-apsd is enabled, voip ac has |
243 | * u-apsd enabled and the frame is in voip class. This effectively |
244 | * means that even if all access categories have u-apsd enabled, in |
245 | * practise u-apsd is only used with the voip ac. This is a |
246 | * workaround for the case when received voip class packets do not |
247 | * have correct qos tag for some reason, due the network or the |
248 | * peer application. |
249 | * |
250 | * Note: ifmgd->uapsd_queues access is racy here. If the value is |
251 | * changed via debugfs, user needs to reassociate manually to have |
252 | * everything in sync. |
253 | */ |
254 | if ((ifmgd->flags & IEEE80211_STA_UAPSD_ENABLED) && |
255 | (ifmgd->uapsd_queues & IEEE80211_WMM_IE_STA_QOSINFO_AC_VO) && |
256 | skb_get_queue_mapping(skb: tx->skb) == IEEE80211_AC_VO) |
257 | return TX_CONTINUE; |
258 | |
259 | if (local->hw.conf.flags & IEEE80211_CONF_PS) { |
260 | ieee80211_stop_queues_by_reason(hw: &local->hw, |
261 | queues: IEEE80211_MAX_QUEUE_MAP, |
262 | reason: IEEE80211_QUEUE_STOP_REASON_PS, |
263 | refcounted: false); |
264 | ifmgd->flags &= ~IEEE80211_STA_NULLFUNC_ACKED; |
265 | wiphy_work_queue(wiphy: local->hw.wiphy, |
266 | work: &local->dynamic_ps_disable_work); |
267 | } |
268 | |
269 | /* Don't restart the timer if we're not disassociated */ |
270 | if (!ifmgd->associated) |
271 | return TX_CONTINUE; |
272 | |
273 | mod_timer(timer: &local->dynamic_ps_timer, expires: jiffies + |
274 | msecs_to_jiffies(m: local->hw.conf.dynamic_ps_timeout)); |
275 | |
276 | return TX_CONTINUE; |
277 | } |
278 | |
279 | static ieee80211_tx_result debug_noinline |
280 | ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx) |
281 | { |
282 | |
283 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; |
284 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb: tx->skb); |
285 | bool assoc = false; |
286 | |
287 | if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED)) |
288 | return TX_CONTINUE; |
289 | |
290 | if (unlikely(test_bit(SCAN_SW_SCANNING, &tx->local->scanning)) && |
291 | test_bit(SDATA_STATE_OFFCHANNEL, &tx->sdata->state) && |
292 | !ieee80211_is_probe_req(fc: hdr->frame_control) && |
293 | !ieee80211_is_any_nullfunc(fc: hdr->frame_control)) |
294 | /* |
295 | * When software scanning only nullfunc frames (to notify |
296 | * the sleep state to the AP) and probe requests (for the |
297 | * active scan) are allowed, all other frames should not be |
298 | * sent and we should not get here, but if we do |
299 | * nonetheless, drop them to avoid sending them |
300 | * off-channel. See the link below and |
301 | * ieee80211_start_scan() for more. |
302 | * |
303 | * http://article.gmane.org/gmane.linux.kernel.wireless.general/30089 |
304 | */ |
305 | return TX_DROP; |
306 | |
307 | if (tx->sdata->vif.type == NL80211_IFTYPE_OCB) |
308 | return TX_CONTINUE; |
309 | |
310 | if (tx->flags & IEEE80211_TX_PS_BUFFERED) |
311 | return TX_CONTINUE; |
312 | |
313 | if (tx->sta) |
314 | assoc = test_sta_flag(sta: tx->sta, flag: WLAN_STA_ASSOC); |
315 | |
316 | if (likely(tx->flags & IEEE80211_TX_UNICAST)) { |
317 | if (unlikely(!assoc && |
318 | ieee80211_is_data(hdr->frame_control))) { |
319 | #ifdef CONFIG_MAC80211_VERBOSE_DEBUG |
320 | sdata_info(tx->sdata, |
321 | "dropped data frame to not associated station %pM\n" , |
322 | hdr->addr1); |
323 | #endif |
324 | I802_DEBUG_INC(tx->local->tx_handlers_drop_not_assoc); |
325 | return TX_DROP; |
326 | } |
327 | } else if (unlikely(ieee80211_is_data(hdr->frame_control) && |
328 | ieee80211_vif_get_num_mcast_if(tx->sdata) == 0)) { |
329 | /* |
330 | * No associated STAs - no need to send multicast |
331 | * frames. |
332 | */ |
333 | return TX_DROP; |
334 | } |
335 | |
336 | return TX_CONTINUE; |
337 | } |
338 | |
339 | /* This function is called whenever the AP is about to exceed the maximum limit |
340 | * of buffered frames for power saving STAs. This situation should not really |
341 | * happen often during normal operation, so dropping the oldest buffered packet |
342 | * from each queue should be OK to make some room for new frames. */ |
343 | static void purge_old_ps_buffers(struct ieee80211_local *local) |
344 | { |
345 | int total = 0, purged = 0; |
346 | struct sk_buff *skb; |
347 | struct ieee80211_sub_if_data *sdata; |
348 | struct sta_info *sta; |
349 | |
350 | list_for_each_entry_rcu(sdata, &local->interfaces, list) { |
351 | struct ps_data *ps; |
352 | |
353 | if (sdata->vif.type == NL80211_IFTYPE_AP) |
354 | ps = &sdata->u.ap.ps; |
355 | else if (ieee80211_vif_is_mesh(vif: &sdata->vif)) |
356 | ps = &sdata->u.mesh.ps; |
357 | else |
358 | continue; |
359 | |
360 | skb = skb_dequeue(list: &ps->bc_buf); |
361 | if (skb) { |
362 | purged++; |
363 | ieee80211_free_txskb(hw: &local->hw, skb); |
364 | } |
365 | total += skb_queue_len(list_: &ps->bc_buf); |
366 | } |
367 | |
368 | /* |
369 | * Drop one frame from each station from the lowest-priority |
370 | * AC that has frames at all. |
371 | */ |
372 | list_for_each_entry_rcu(sta, &local->sta_list, list) { |
373 | int ac; |
374 | |
375 | for (ac = IEEE80211_AC_BK; ac >= IEEE80211_AC_VO; ac--) { |
376 | skb = skb_dequeue(list: &sta->ps_tx_buf[ac]); |
377 | total += skb_queue_len(list_: &sta->ps_tx_buf[ac]); |
378 | if (skb) { |
379 | purged++; |
380 | ieee80211_free_txskb(hw: &local->hw, skb); |
381 | break; |
382 | } |
383 | } |
384 | } |
385 | |
386 | local->total_ps_buffered = total; |
387 | ps_dbg_hw(&local->hw, "PS buffers full - purged %d frames\n" , purged); |
388 | } |
389 | |
390 | static ieee80211_tx_result |
391 | ieee80211_tx_h_multicast_ps_buf(struct ieee80211_tx_data *tx) |
392 | { |
393 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb: tx->skb); |
394 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; |
395 | struct ps_data *ps; |
396 | |
397 | /* |
398 | * broadcast/multicast frame |
399 | * |
400 | * If any of the associated/peer stations is in power save mode, |
401 | * the frame is buffered to be sent after DTIM beacon frame. |
402 | * This is done either by the hardware or us. |
403 | */ |
404 | |
405 | /* powersaving STAs currently only in AP/VLAN/mesh mode */ |
406 | if (tx->sdata->vif.type == NL80211_IFTYPE_AP || |
407 | tx->sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { |
408 | if (!tx->sdata->bss) |
409 | return TX_CONTINUE; |
410 | |
411 | ps = &tx->sdata->bss->ps; |
412 | } else if (ieee80211_vif_is_mesh(vif: &tx->sdata->vif)) { |
413 | ps = &tx->sdata->u.mesh.ps; |
414 | } else { |
415 | return TX_CONTINUE; |
416 | } |
417 | |
418 | |
419 | /* no buffering for ordered frames */ |
420 | if (ieee80211_has_order(fc: hdr->frame_control)) |
421 | return TX_CONTINUE; |
422 | |
423 | if (ieee80211_is_probe_req(fc: hdr->frame_control)) |
424 | return TX_CONTINUE; |
425 | |
426 | if (ieee80211_hw_check(&tx->local->hw, QUEUE_CONTROL)) |
427 | info->hw_queue = tx->sdata->vif.cab_queue; |
428 | |
429 | /* no stations in PS mode and no buffered packets */ |
430 | if (!atomic_read(v: &ps->num_sta_ps) && skb_queue_empty(list: &ps->bc_buf)) |
431 | return TX_CONTINUE; |
432 | |
433 | info->flags |= IEEE80211_TX_CTL_SEND_AFTER_DTIM; |
434 | |
435 | /* device releases frame after DTIM beacon */ |
436 | if (!ieee80211_hw_check(&tx->local->hw, HOST_BROADCAST_PS_BUFFERING)) |
437 | return TX_CONTINUE; |
438 | |
439 | /* buffered in mac80211 */ |
440 | if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER) |
441 | purge_old_ps_buffers(local: tx->local); |
442 | |
443 | if (skb_queue_len(list_: &ps->bc_buf) >= AP_MAX_BC_BUFFER) { |
444 | ps_dbg(tx->sdata, |
445 | "BC TX buffer full - dropping the oldest frame\n" ); |
446 | ieee80211_free_txskb(hw: &tx->local->hw, skb: skb_dequeue(list: &ps->bc_buf)); |
447 | } else |
448 | tx->local->total_ps_buffered++; |
449 | |
450 | skb_queue_tail(list: &ps->bc_buf, newsk: tx->skb); |
451 | |
452 | return TX_QUEUED; |
453 | } |
454 | |
455 | static int ieee80211_use_mfp(__le16 fc, struct sta_info *sta, |
456 | struct sk_buff *skb) |
457 | { |
458 | if (!ieee80211_is_mgmt(fc)) |
459 | return 0; |
460 | |
461 | if (sta == NULL || !test_sta_flag(sta, flag: WLAN_STA_MFP)) |
462 | return 0; |
463 | |
464 | if (!ieee80211_is_robust_mgmt_frame(skb)) |
465 | return 0; |
466 | |
467 | return 1; |
468 | } |
469 | |
470 | static ieee80211_tx_result |
471 | ieee80211_tx_h_unicast_ps_buf(struct ieee80211_tx_data *tx) |
472 | { |
473 | struct sta_info *sta = tx->sta; |
474 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb: tx->skb); |
475 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; |
476 | struct ieee80211_local *local = tx->local; |
477 | |
478 | if (unlikely(!sta)) |
479 | return TX_CONTINUE; |
480 | |
481 | if (unlikely((test_sta_flag(sta, WLAN_STA_PS_STA) || |
482 | test_sta_flag(sta, WLAN_STA_PS_DRIVER) || |
483 | test_sta_flag(sta, WLAN_STA_PS_DELIVER)) && |
484 | !(info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER))) { |
485 | int ac = skb_get_queue_mapping(skb: tx->skb); |
486 | |
487 | if (ieee80211_is_mgmt(fc: hdr->frame_control) && |
488 | !ieee80211_is_bufferable_mmpdu(skb: tx->skb)) { |
489 | info->flags |= IEEE80211_TX_CTL_NO_PS_BUFFER; |
490 | return TX_CONTINUE; |
491 | } |
492 | |
493 | ps_dbg(sta->sdata, "STA %pM aid %d: PS buffer for AC %d\n" , |
494 | sta->sta.addr, sta->sta.aid, ac); |
495 | if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER) |
496 | purge_old_ps_buffers(local: tx->local); |
497 | |
498 | /* sync with ieee80211_sta_ps_deliver_wakeup */ |
499 | spin_lock(lock: &sta->ps_lock); |
500 | /* |
501 | * STA woke up the meantime and all the frames on ps_tx_buf have |
502 | * been queued to pending queue. No reordering can happen, go |
503 | * ahead and Tx the packet. |
504 | */ |
505 | if (!test_sta_flag(sta, flag: WLAN_STA_PS_STA) && |
506 | !test_sta_flag(sta, flag: WLAN_STA_PS_DRIVER) && |
507 | !test_sta_flag(sta, flag: WLAN_STA_PS_DELIVER)) { |
508 | spin_unlock(lock: &sta->ps_lock); |
509 | return TX_CONTINUE; |
510 | } |
511 | |
512 | if (skb_queue_len(list_: &sta->ps_tx_buf[ac]) >= STA_MAX_TX_BUFFER) { |
513 | struct sk_buff *old = skb_dequeue(list: &sta->ps_tx_buf[ac]); |
514 | ps_dbg(tx->sdata, |
515 | "STA %pM TX buffer for AC %d full - dropping oldest frame\n" , |
516 | sta->sta.addr, ac); |
517 | ieee80211_free_txskb(hw: &local->hw, skb: old); |
518 | } else |
519 | tx->local->total_ps_buffered++; |
520 | |
521 | info->control.jiffies = jiffies; |
522 | info->control.vif = &tx->sdata->vif; |
523 | info->control.flags |= IEEE80211_TX_INTCFL_NEED_TXPROCESSING; |
524 | info->flags &= ~IEEE80211_TX_TEMPORARY_FLAGS; |
525 | skb_queue_tail(list: &sta->ps_tx_buf[ac], newsk: tx->skb); |
526 | spin_unlock(lock: &sta->ps_lock); |
527 | |
528 | if (!timer_pending(timer: &local->sta_cleanup)) |
529 | mod_timer(timer: &local->sta_cleanup, |
530 | expires: round_jiffies(j: jiffies + |
531 | STA_INFO_CLEANUP_INTERVAL)); |
532 | |
533 | /* |
534 | * We queued up some frames, so the TIM bit might |
535 | * need to be set, recalculate it. |
536 | */ |
537 | sta_info_recalc_tim(sta); |
538 | |
539 | return TX_QUEUED; |
540 | } else if (unlikely(test_sta_flag(sta, WLAN_STA_PS_STA))) { |
541 | ps_dbg(tx->sdata, |
542 | "STA %pM in PS mode, but polling/in SP -> send frame\n" , |
543 | sta->sta.addr); |
544 | } |
545 | |
546 | return TX_CONTINUE; |
547 | } |
548 | |
549 | static ieee80211_tx_result debug_noinline |
550 | ieee80211_tx_h_ps_buf(struct ieee80211_tx_data *tx) |
551 | { |
552 | if (unlikely(tx->flags & IEEE80211_TX_PS_BUFFERED)) |
553 | return TX_CONTINUE; |
554 | |
555 | if (tx->flags & IEEE80211_TX_UNICAST) |
556 | return ieee80211_tx_h_unicast_ps_buf(tx); |
557 | else |
558 | return ieee80211_tx_h_multicast_ps_buf(tx); |
559 | } |
560 | |
561 | static ieee80211_tx_result debug_noinline |
562 | ieee80211_tx_h_check_control_port_protocol(struct ieee80211_tx_data *tx) |
563 | { |
564 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb: tx->skb); |
565 | |
566 | if (unlikely(tx->sdata->control_port_protocol == tx->skb->protocol)) { |
567 | if (tx->sdata->control_port_no_encrypt) |
568 | info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; |
569 | info->control.flags |= IEEE80211_TX_CTRL_PORT_CTRL_PROTO; |
570 | info->flags |= IEEE80211_TX_CTL_USE_MINRATE; |
571 | } |
572 | |
573 | return TX_CONTINUE; |
574 | } |
575 | |
576 | static struct ieee80211_key * |
577 | ieee80211_select_link_key(struct ieee80211_tx_data *tx) |
578 | { |
579 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; |
580 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb: tx->skb); |
581 | struct ieee80211_link_data *link; |
582 | unsigned int link_id; |
583 | |
584 | link_id = u32_get_bits(v: info->control.flags, field: IEEE80211_TX_CTRL_MLO_LINK); |
585 | if (link_id == IEEE80211_LINK_UNSPECIFIED) { |
586 | link = &tx->sdata->deflink; |
587 | } else { |
588 | link = rcu_dereference(tx->sdata->link[link_id]); |
589 | if (!link) |
590 | return NULL; |
591 | } |
592 | |
593 | if (ieee80211_is_group_privacy_action(skb: tx->skb)) |
594 | return rcu_dereference(link->default_multicast_key); |
595 | else if (ieee80211_is_mgmt(fc: hdr->frame_control) && |
596 | is_multicast_ether_addr(addr: hdr->addr1) && |
597 | ieee80211_is_robust_mgmt_frame(skb: tx->skb)) |
598 | return rcu_dereference(link->default_mgmt_key); |
599 | else if (is_multicast_ether_addr(addr: hdr->addr1)) |
600 | return rcu_dereference(link->default_multicast_key); |
601 | |
602 | return NULL; |
603 | } |
604 | |
605 | static ieee80211_tx_result debug_noinline |
606 | ieee80211_tx_h_select_key(struct ieee80211_tx_data *tx) |
607 | { |
608 | struct ieee80211_key *key; |
609 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb: tx->skb); |
610 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; |
611 | |
612 | if (unlikely(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT)) { |
613 | tx->key = NULL; |
614 | return TX_CONTINUE; |
615 | } |
616 | |
617 | if (tx->sta && |
618 | (key = rcu_dereference(tx->sta->ptk[tx->sta->ptk_idx]))) |
619 | tx->key = key; |
620 | else if ((key = ieee80211_select_link_key(tx))) |
621 | tx->key = key; |
622 | else if (!is_multicast_ether_addr(addr: hdr->addr1) && |
623 | (key = rcu_dereference(tx->sdata->default_unicast_key))) |
624 | tx->key = key; |
625 | else |
626 | tx->key = NULL; |
627 | |
628 | if (tx->key) { |
629 | bool skip_hw = false; |
630 | |
631 | /* TODO: add threshold stuff again */ |
632 | |
633 | switch (tx->key->conf.cipher) { |
634 | case WLAN_CIPHER_SUITE_WEP40: |
635 | case WLAN_CIPHER_SUITE_WEP104: |
636 | case WLAN_CIPHER_SUITE_TKIP: |
637 | if (!ieee80211_is_data_present(fc: hdr->frame_control)) |
638 | tx->key = NULL; |
639 | break; |
640 | case WLAN_CIPHER_SUITE_CCMP: |
641 | case WLAN_CIPHER_SUITE_CCMP_256: |
642 | case WLAN_CIPHER_SUITE_GCMP: |
643 | case WLAN_CIPHER_SUITE_GCMP_256: |
644 | if (!ieee80211_is_data_present(fc: hdr->frame_control) && |
645 | !ieee80211_use_mfp(fc: hdr->frame_control, sta: tx->sta, |
646 | skb: tx->skb) && |
647 | !ieee80211_is_group_privacy_action(skb: tx->skb)) |
648 | tx->key = NULL; |
649 | else |
650 | skip_hw = (tx->key->conf.flags & |
651 | IEEE80211_KEY_FLAG_SW_MGMT_TX) && |
652 | ieee80211_is_mgmt(fc: hdr->frame_control); |
653 | break; |
654 | case WLAN_CIPHER_SUITE_AES_CMAC: |
655 | case WLAN_CIPHER_SUITE_BIP_CMAC_256: |
656 | case WLAN_CIPHER_SUITE_BIP_GMAC_128: |
657 | case WLAN_CIPHER_SUITE_BIP_GMAC_256: |
658 | if (!ieee80211_is_mgmt(fc: hdr->frame_control)) |
659 | tx->key = NULL; |
660 | break; |
661 | } |
662 | |
663 | if (unlikely(tx->key && tx->key->flags & KEY_FLAG_TAINTED && |
664 | !ieee80211_is_deauth(hdr->frame_control)) && |
665 | tx->skb->protocol != tx->sdata->control_port_protocol) |
666 | return TX_DROP; |
667 | |
668 | if (!skip_hw && tx->key && |
669 | tx->key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) |
670 | info->control.hw_key = &tx->key->conf; |
671 | } else if (ieee80211_is_data_present(fc: hdr->frame_control) && tx->sta && |
672 | test_sta_flag(sta: tx->sta, flag: WLAN_STA_USES_ENCRYPTION)) { |
673 | return TX_DROP; |
674 | } |
675 | |
676 | return TX_CONTINUE; |
677 | } |
678 | |
679 | static ieee80211_tx_result debug_noinline |
680 | ieee80211_tx_h_rate_ctrl(struct ieee80211_tx_data *tx) |
681 | { |
682 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb: tx->skb); |
683 | struct ieee80211_hdr *hdr = (void *)tx->skb->data; |
684 | struct ieee80211_supported_band *sband; |
685 | u32 len; |
686 | struct ieee80211_tx_rate_control txrc; |
687 | struct ieee80211_sta_rates *ratetbl = NULL; |
688 | bool encap = info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP; |
689 | bool assoc = false; |
690 | |
691 | memset(&txrc, 0, sizeof(txrc)); |
692 | |
693 | sband = tx->local->hw.wiphy->bands[info->band]; |
694 | |
695 | len = min_t(u32, tx->skb->len + FCS_LEN, |
696 | tx->local->hw.wiphy->frag_threshold); |
697 | |
698 | /* set up the tx rate control struct we give the RC algo */ |
699 | txrc.hw = &tx->local->hw; |
700 | txrc.sband = sband; |
701 | txrc.bss_conf = &tx->sdata->vif.bss_conf; |
702 | txrc.skb = tx->skb; |
703 | txrc.reported_rate.idx = -1; |
704 | txrc.rate_idx_mask = tx->sdata->rc_rateidx_mask[info->band]; |
705 | |
706 | if (tx->sdata->rc_has_mcs_mask[info->band]) |
707 | txrc.rate_idx_mcs_mask = |
708 | tx->sdata->rc_rateidx_mcs_mask[info->band]; |
709 | |
710 | txrc.bss = (tx->sdata->vif.type == NL80211_IFTYPE_AP || |
711 | tx->sdata->vif.type == NL80211_IFTYPE_MESH_POINT || |
712 | tx->sdata->vif.type == NL80211_IFTYPE_ADHOC || |
713 | tx->sdata->vif.type == NL80211_IFTYPE_OCB); |
714 | |
715 | /* set up RTS protection if desired */ |
716 | if (len > tx->local->hw.wiphy->rts_threshold) { |
717 | txrc.rts = true; |
718 | } |
719 | |
720 | info->control.use_rts = txrc.rts; |
721 | info->control.use_cts_prot = tx->sdata->vif.bss_conf.use_cts_prot; |
722 | |
723 | /* |
724 | * Use short preamble if the BSS can handle it, but not for |
725 | * management frames unless we know the receiver can handle |
726 | * that -- the management frame might be to a station that |
727 | * just wants a probe response. |
728 | */ |
729 | if (tx->sdata->vif.bss_conf.use_short_preamble && |
730 | (ieee80211_is_tx_data(skb: tx->skb) || |
731 | (tx->sta && test_sta_flag(sta: tx->sta, flag: WLAN_STA_SHORT_PREAMBLE)))) |
732 | txrc.short_preamble = true; |
733 | |
734 | info->control.short_preamble = txrc.short_preamble; |
735 | |
736 | /* don't ask rate control when rate already injected via radiotap */ |
737 | if (info->control.flags & IEEE80211_TX_CTRL_RATE_INJECT) |
738 | return TX_CONTINUE; |
739 | |
740 | if (tx->sta) |
741 | assoc = test_sta_flag(sta: tx->sta, flag: WLAN_STA_ASSOC); |
742 | |
743 | /* |
744 | * Lets not bother rate control if we're associated and cannot |
745 | * talk to the sta. This should not happen. |
746 | */ |
747 | if (WARN(test_bit(SCAN_SW_SCANNING, &tx->local->scanning) && assoc && |
748 | !rate_usable_index_exists(sband, &tx->sta->sta), |
749 | "%s: Dropped data frame as no usable bitrate found while " |
750 | "scanning and associated. Target station: " |
751 | "%pM on %d GHz band\n" , |
752 | tx->sdata->name, |
753 | encap ? ((struct ethhdr *)hdr)->h_dest : hdr->addr1, |
754 | info->band ? 5 : 2)) |
755 | return TX_DROP; |
756 | |
757 | /* |
758 | * If we're associated with the sta at this point we know we can at |
759 | * least send the frame at the lowest bit rate. |
760 | */ |
761 | rate_control_get_rate(sdata: tx->sdata, sta: tx->sta, txrc: &txrc); |
762 | |
763 | if (tx->sta && !info->control.skip_table) |
764 | ratetbl = rcu_dereference(tx->sta->sta.rates); |
765 | |
766 | if (unlikely(info->control.rates[0].idx < 0)) { |
767 | if (ratetbl) { |
768 | struct ieee80211_tx_rate rate = { |
769 | .idx = ratetbl->rate[0].idx, |
770 | .flags = ratetbl->rate[0].flags, |
771 | .count = ratetbl->rate[0].count |
772 | }; |
773 | |
774 | if (ratetbl->rate[0].idx < 0) |
775 | return TX_DROP; |
776 | |
777 | tx->rate = rate; |
778 | } else { |
779 | return TX_DROP; |
780 | } |
781 | } else { |
782 | tx->rate = info->control.rates[0]; |
783 | } |
784 | |
785 | if (txrc.reported_rate.idx < 0) { |
786 | txrc.reported_rate = tx->rate; |
787 | if (tx->sta && ieee80211_is_tx_data(skb: tx->skb)) |
788 | tx->sta->deflink.tx_stats.last_rate = txrc.reported_rate; |
789 | } else if (tx->sta) |
790 | tx->sta->deflink.tx_stats.last_rate = txrc.reported_rate; |
791 | |
792 | if (ratetbl) |
793 | return TX_CONTINUE; |
794 | |
795 | if (unlikely(!info->control.rates[0].count)) |
796 | info->control.rates[0].count = 1; |
797 | |
798 | if (WARN_ON_ONCE((info->control.rates[0].count > 1) && |
799 | (info->flags & IEEE80211_TX_CTL_NO_ACK))) |
800 | info->control.rates[0].count = 1; |
801 | |
802 | return TX_CONTINUE; |
803 | } |
804 | |
805 | static __le16 ieee80211_tx_next_seq(struct sta_info *sta, int tid) |
806 | { |
807 | u16 *seq = &sta->tid_seq[tid]; |
808 | __le16 ret = cpu_to_le16(*seq); |
809 | |
810 | /* Increase the sequence number. */ |
811 | *seq = (*seq + 0x10) & IEEE80211_SCTL_SEQ; |
812 | |
813 | return ret; |
814 | } |
815 | |
816 | static ieee80211_tx_result debug_noinline |
817 | ieee80211_tx_h_sequence(struct ieee80211_tx_data *tx) |
818 | { |
819 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb: tx->skb); |
820 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data; |
821 | int tid; |
822 | |
823 | /* |
824 | * Packet injection may want to control the sequence |
825 | * number, if we have no matching interface then we |
826 | * neither assign one ourselves nor ask the driver to. |
827 | */ |
828 | if (unlikely(info->control.vif->type == NL80211_IFTYPE_MONITOR)) |
829 | return TX_CONTINUE; |
830 | |
831 | if (unlikely(ieee80211_is_ctl(hdr->frame_control))) |
832 | return TX_CONTINUE; |
833 | |
834 | if (ieee80211_hdrlen(fc: hdr->frame_control) < 24) |
835 | return TX_CONTINUE; |
836 | |
837 | if (ieee80211_is_qos_nullfunc(fc: hdr->frame_control)) |
838 | return TX_CONTINUE; |
839 | |
840 | if (info->control.flags & IEEE80211_TX_CTRL_NO_SEQNO) |
841 | return TX_CONTINUE; |
842 | |
843 | /* SNS11 from 802.11be 10.3.2.14 */ |
844 | if (unlikely(is_multicast_ether_addr(hdr->addr1) && |
845 | ieee80211_vif_is_mld(info->control.vif) && |
846 | info->control.vif->type == NL80211_IFTYPE_AP)) { |
847 | if (info->control.flags & IEEE80211_TX_CTRL_MCAST_MLO_FIRST_TX) |
848 | tx->sdata->mld_mcast_seq += 0x10; |
849 | hdr->seq_ctrl = cpu_to_le16(tx->sdata->mld_mcast_seq); |
850 | return TX_CONTINUE; |
851 | } |
852 | |
853 | /* |
854 | * Anything but QoS data that has a sequence number field |
855 | * (is long enough) gets a sequence number from the global |
856 | * counter. QoS data frames with a multicast destination |
857 | * also use the global counter (802.11-2012 9.3.2.10). |
858 | */ |
859 | if (!ieee80211_is_data_qos(fc: hdr->frame_control) || |
860 | is_multicast_ether_addr(addr: hdr->addr1)) { |
861 | /* driver should assign sequence number */ |
862 | info->flags |= IEEE80211_TX_CTL_ASSIGN_SEQ; |
863 | /* for pure STA mode without beacons, we can do it */ |
864 | hdr->seq_ctrl = cpu_to_le16(tx->sdata->sequence_number); |
865 | tx->sdata->sequence_number += 0x10; |
866 | if (tx->sta) |
867 | tx->sta->deflink.tx_stats.msdu[IEEE80211_NUM_TIDS]++; |
868 | return TX_CONTINUE; |
869 | } |
870 | |
871 | /* |
872 | * This should be true for injected/management frames only, for |
873 | * management frames we have set the IEEE80211_TX_CTL_ASSIGN_SEQ |
874 | * above since they are not QoS-data frames. |
875 | */ |
876 | if (!tx->sta) |
877 | return TX_CONTINUE; |
878 | |
879 | /* include per-STA, per-TID sequence counter */ |
880 | tid = ieee80211_get_tid(hdr); |
881 | tx->sta->deflink.tx_stats.msdu[tid]++; |
882 | |
883 | hdr->seq_ctrl = ieee80211_tx_next_seq(sta: tx->sta, tid); |
884 | |
885 | return TX_CONTINUE; |
886 | } |
887 | |
888 | static int ieee80211_fragment(struct ieee80211_tx_data *tx, |
889 | struct sk_buff *skb, int hdrlen, |
890 | int frag_threshold) |
891 | { |
892 | struct ieee80211_local *local = tx->local; |
893 | struct ieee80211_tx_info *info; |
894 | struct sk_buff *tmp; |
895 | int per_fragm = frag_threshold - hdrlen - FCS_LEN; |
896 | int pos = hdrlen + per_fragm; |
897 | int rem = skb->len - hdrlen - per_fragm; |
898 | |
899 | if (WARN_ON(rem < 0)) |
900 | return -EINVAL; |
901 | |
902 | /* first fragment was already added to queue by caller */ |
903 | |
904 | while (rem) { |
905 | int fraglen = per_fragm; |
906 | |
907 | if (fraglen > rem) |
908 | fraglen = rem; |
909 | rem -= fraglen; |
910 | tmp = dev_alloc_skb(length: local->tx_headroom + |
911 | frag_threshold + |
912 | IEEE80211_ENCRYPT_HEADROOM + |
913 | IEEE80211_ENCRYPT_TAILROOM); |
914 | if (!tmp) |
915 | return -ENOMEM; |
916 | |
917 | __skb_queue_tail(list: &tx->skbs, newsk: tmp); |
918 | |
919 | skb_reserve(skb: tmp, |
920 | len: local->tx_headroom + IEEE80211_ENCRYPT_HEADROOM); |
921 | |
922 | /* copy control information */ |
923 | memcpy(tmp->cb, skb->cb, sizeof(tmp->cb)); |
924 | |
925 | info = IEEE80211_SKB_CB(skb: tmp); |
926 | info->flags &= ~(IEEE80211_TX_CTL_CLEAR_PS_FILT | |
927 | IEEE80211_TX_CTL_FIRST_FRAGMENT); |
928 | |
929 | if (rem) |
930 | info->flags |= IEEE80211_TX_CTL_MORE_FRAMES; |
931 | |
932 | skb_copy_queue_mapping(to: tmp, from: skb); |
933 | tmp->priority = skb->priority; |
934 | tmp->dev = skb->dev; |
935 | |
936 | /* copy header and data */ |
937 | skb_put_data(skb: tmp, data: skb->data, len: hdrlen); |
938 | skb_put_data(skb: tmp, data: skb->data + pos, len: fraglen); |
939 | |
940 | pos += fraglen; |
941 | } |
942 | |
943 | /* adjust first fragment's length */ |
944 | skb_trim(skb, len: hdrlen + per_fragm); |
945 | return 0; |
946 | } |
947 | |
948 | static ieee80211_tx_result debug_noinline |
949 | ieee80211_tx_h_fragment(struct ieee80211_tx_data *tx) |
950 | { |
951 | struct sk_buff *skb = tx->skb; |
952 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
953 | struct ieee80211_hdr *hdr = (void *)skb->data; |
954 | int frag_threshold = tx->local->hw.wiphy->frag_threshold; |
955 | int hdrlen; |
956 | int fragnum; |
957 | |
958 | /* no matter what happens, tx->skb moves to tx->skbs */ |
959 | __skb_queue_tail(list: &tx->skbs, newsk: skb); |
960 | tx->skb = NULL; |
961 | |
962 | if (info->flags & IEEE80211_TX_CTL_DONTFRAG) |
963 | return TX_CONTINUE; |
964 | |
965 | if (ieee80211_hw_check(&tx->local->hw, SUPPORTS_TX_FRAG)) |
966 | return TX_CONTINUE; |
967 | |
968 | /* |
969 | * Warn when submitting a fragmented A-MPDU frame and drop it. |
970 | * This scenario is handled in ieee80211_tx_prepare but extra |
971 | * caution taken here as fragmented ampdu may cause Tx stop. |
972 | */ |
973 | if (WARN_ON(info->flags & IEEE80211_TX_CTL_AMPDU)) |
974 | return TX_DROP; |
975 | |
976 | hdrlen = ieee80211_hdrlen(fc: hdr->frame_control); |
977 | |
978 | /* internal error, why isn't DONTFRAG set? */ |
979 | if (WARN_ON(skb->len + FCS_LEN <= frag_threshold)) |
980 | return TX_DROP; |
981 | |
982 | /* |
983 | * Now fragment the frame. This will allocate all the fragments and |
984 | * chain them (using skb as the first fragment) to skb->next. |
985 | * During transmission, we will remove the successfully transmitted |
986 | * fragments from this list. When the low-level driver rejects one |
987 | * of the fragments then we will simply pretend to accept the skb |
988 | * but store it away as pending. |
989 | */ |
990 | if (ieee80211_fragment(tx, skb, hdrlen, frag_threshold)) |
991 | return TX_DROP; |
992 | |
993 | /* update duration/seq/flags of fragments */ |
994 | fragnum = 0; |
995 | |
996 | skb_queue_walk(&tx->skbs, skb) { |
997 | const __le16 morefrags = cpu_to_le16(IEEE80211_FCTL_MOREFRAGS); |
998 | |
999 | hdr = (void *)skb->data; |
1000 | info = IEEE80211_SKB_CB(skb); |
1001 | |
1002 | if (!skb_queue_is_last(list: &tx->skbs, skb)) { |
1003 | hdr->frame_control |= morefrags; |
1004 | /* |
1005 | * No multi-rate retries for fragmented frames, that |
1006 | * would completely throw off the NAV at other STAs. |
1007 | */ |
1008 | info->control.rates[1].idx = -1; |
1009 | info->control.rates[2].idx = -1; |
1010 | info->control.rates[3].idx = -1; |
1011 | BUILD_BUG_ON(IEEE80211_TX_MAX_RATES != 4); |
1012 | info->flags &= ~IEEE80211_TX_CTL_RATE_CTRL_PROBE; |
1013 | } else { |
1014 | hdr->frame_control &= ~morefrags; |
1015 | } |
1016 | hdr->seq_ctrl |= cpu_to_le16(fragnum & IEEE80211_SCTL_FRAG); |
1017 | fragnum++; |
1018 | } |
1019 | |
1020 | return TX_CONTINUE; |
1021 | } |
1022 | |
1023 | static ieee80211_tx_result debug_noinline |
1024 | ieee80211_tx_h_stats(struct ieee80211_tx_data *tx) |
1025 | { |
1026 | struct sk_buff *skb; |
1027 | int ac = -1; |
1028 | |
1029 | if (!tx->sta) |
1030 | return TX_CONTINUE; |
1031 | |
1032 | skb_queue_walk(&tx->skbs, skb) { |
1033 | ac = skb_get_queue_mapping(skb); |
1034 | tx->sta->deflink.tx_stats.bytes[ac] += skb->len; |
1035 | } |
1036 | if (ac >= 0) |
1037 | tx->sta->deflink.tx_stats.packets[ac]++; |
1038 | |
1039 | return TX_CONTINUE; |
1040 | } |
1041 | |
1042 | static ieee80211_tx_result debug_noinline |
1043 | ieee80211_tx_h_encrypt(struct ieee80211_tx_data *tx) |
1044 | { |
1045 | if (!tx->key) |
1046 | return TX_CONTINUE; |
1047 | |
1048 | switch (tx->key->conf.cipher) { |
1049 | case WLAN_CIPHER_SUITE_WEP40: |
1050 | case WLAN_CIPHER_SUITE_WEP104: |
1051 | return ieee80211_crypto_wep_encrypt(tx); |
1052 | case WLAN_CIPHER_SUITE_TKIP: |
1053 | return ieee80211_crypto_tkip_encrypt(tx); |
1054 | case WLAN_CIPHER_SUITE_CCMP: |
1055 | return ieee80211_crypto_ccmp_encrypt( |
1056 | tx, IEEE80211_CCMP_MIC_LEN); |
1057 | case WLAN_CIPHER_SUITE_CCMP_256: |
1058 | return ieee80211_crypto_ccmp_encrypt( |
1059 | tx, IEEE80211_CCMP_256_MIC_LEN); |
1060 | case WLAN_CIPHER_SUITE_AES_CMAC: |
1061 | return ieee80211_crypto_aes_cmac_encrypt(tx); |
1062 | case WLAN_CIPHER_SUITE_BIP_CMAC_256: |
1063 | return ieee80211_crypto_aes_cmac_256_encrypt(tx); |
1064 | case WLAN_CIPHER_SUITE_BIP_GMAC_128: |
1065 | case WLAN_CIPHER_SUITE_BIP_GMAC_256: |
1066 | return ieee80211_crypto_aes_gmac_encrypt(tx); |
1067 | case WLAN_CIPHER_SUITE_GCMP: |
1068 | case WLAN_CIPHER_SUITE_GCMP_256: |
1069 | return ieee80211_crypto_gcmp_encrypt(tx); |
1070 | } |
1071 | |
1072 | return TX_DROP; |
1073 | } |
1074 | |
1075 | static ieee80211_tx_result debug_noinline |
1076 | ieee80211_tx_h_calculate_duration(struct ieee80211_tx_data *tx) |
1077 | { |
1078 | struct sk_buff *skb; |
1079 | struct ieee80211_hdr *hdr; |
1080 | int next_len; |
1081 | bool group_addr; |
1082 | |
1083 | skb_queue_walk(&tx->skbs, skb) { |
1084 | hdr = (void *) skb->data; |
1085 | if (unlikely(ieee80211_is_pspoll(hdr->frame_control))) |
1086 | break; /* must not overwrite AID */ |
1087 | if (!skb_queue_is_last(list: &tx->skbs, skb)) { |
1088 | struct sk_buff *next = skb_queue_next(list: &tx->skbs, skb); |
1089 | next_len = next->len; |
1090 | } else |
1091 | next_len = 0; |
1092 | group_addr = is_multicast_ether_addr(addr: hdr->addr1); |
1093 | |
1094 | hdr->duration_id = |
1095 | ieee80211_duration(tx, skb, group_addr, next_frag_len: next_len); |
1096 | } |
1097 | |
1098 | return TX_CONTINUE; |
1099 | } |
1100 | |
1101 | /* actual transmit path */ |
1102 | |
1103 | static bool ieee80211_tx_prep_agg(struct ieee80211_tx_data *tx, |
1104 | struct sk_buff *skb, |
1105 | struct ieee80211_tx_info *info, |
1106 | struct tid_ampdu_tx *tid_tx, |
1107 | int tid) |
1108 | { |
1109 | bool queued = false; |
1110 | bool reset_agg_timer = false; |
1111 | struct sk_buff *purge_skb = NULL; |
1112 | |
1113 | if (test_bit(HT_AGG_STATE_OPERATIONAL, &tid_tx->state)) { |
1114 | reset_agg_timer = true; |
1115 | } else if (test_bit(HT_AGG_STATE_WANT_START, &tid_tx->state)) { |
1116 | /* |
1117 | * nothing -- this aggregation session is being started |
1118 | * but that might still fail with the driver |
1119 | */ |
1120 | } else if (!tx->sta->sta.txq[tid]) { |
1121 | spin_lock(lock: &tx->sta->lock); |
1122 | /* |
1123 | * Need to re-check now, because we may get here |
1124 | * |
1125 | * 1) in the window during which the setup is actually |
1126 | * already done, but not marked yet because not all |
1127 | * packets are spliced over to the driver pending |
1128 | * queue yet -- if this happened we acquire the lock |
1129 | * either before or after the splice happens, but |
1130 | * need to recheck which of these cases happened. |
1131 | * |
1132 | * 2) during session teardown, if the OPERATIONAL bit |
1133 | * was cleared due to the teardown but the pointer |
1134 | * hasn't been assigned NULL yet (or we loaded it |
1135 | * before it was assigned) -- in this case it may |
1136 | * now be NULL which means we should just let the |
1137 | * packet pass through because splicing the frames |
1138 | * back is already done. |
1139 | */ |
1140 | tid_tx = rcu_dereference_protected_tid_tx(tx->sta, tid); |
1141 | |
1142 | if (!tid_tx) { |
1143 | /* do nothing, let packet pass through */ |
1144 | } else if (test_bit(HT_AGG_STATE_OPERATIONAL, &tid_tx->state)) { |
1145 | reset_agg_timer = true; |
1146 | } else { |
1147 | queued = true; |
1148 | if (info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER) { |
1149 | clear_sta_flag(sta: tx->sta, flag: WLAN_STA_SP); |
1150 | ps_dbg(tx->sta->sdata, |
1151 | "STA %pM aid %d: SP frame queued, close the SP w/o telling the peer\n" , |
1152 | tx->sta->sta.addr, tx->sta->sta.aid); |
1153 | } |
1154 | info->control.vif = &tx->sdata->vif; |
1155 | info->control.flags |= IEEE80211_TX_INTCFL_NEED_TXPROCESSING; |
1156 | info->flags &= ~IEEE80211_TX_TEMPORARY_FLAGS; |
1157 | __skb_queue_tail(list: &tid_tx->pending, newsk: skb); |
1158 | if (skb_queue_len(list_: &tid_tx->pending) > STA_MAX_TX_BUFFER) |
1159 | purge_skb = __skb_dequeue(list: &tid_tx->pending); |
1160 | } |
1161 | spin_unlock(lock: &tx->sta->lock); |
1162 | |
1163 | if (purge_skb) |
1164 | ieee80211_free_txskb(hw: &tx->local->hw, skb: purge_skb); |
1165 | } |
1166 | |
1167 | /* reset session timer */ |
1168 | if (reset_agg_timer) |
1169 | tid_tx->last_tx = jiffies; |
1170 | |
1171 | return queued; |
1172 | } |
1173 | |
1174 | void ieee80211_aggr_check(struct ieee80211_sub_if_data *sdata, |
1175 | struct sta_info *sta, struct sk_buff *skb) |
1176 | { |
1177 | struct rate_control_ref *ref = sdata->local->rate_ctrl; |
1178 | u16 tid; |
1179 | |
1180 | if (!ref || !(ref->ops->capa & RATE_CTRL_CAPA_AMPDU_TRIGGER)) |
1181 | return; |
1182 | |
1183 | if (!sta || !sta->sta.deflink.ht_cap.ht_supported || |
1184 | !sta->sta.wme || skb_get_queue_mapping(skb) == IEEE80211_AC_VO || |
1185 | skb->protocol == sdata->control_port_protocol) |
1186 | return; |
1187 | |
1188 | tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK; |
1189 | if (likely(sta->ampdu_mlme.tid_tx[tid])) |
1190 | return; |
1191 | |
1192 | ieee80211_start_tx_ba_session(sta: &sta->sta, tid, timeout: 0); |
1193 | } |
1194 | |
1195 | /* |
1196 | * initialises @tx |
1197 | * pass %NULL for the station if unknown, a valid pointer if known |
1198 | * or an ERR_PTR() if the station is known not to exist |
1199 | */ |
1200 | static ieee80211_tx_result |
1201 | ieee80211_tx_prepare(struct ieee80211_sub_if_data *sdata, |
1202 | struct ieee80211_tx_data *tx, |
1203 | struct sta_info *sta, struct sk_buff *skb) |
1204 | { |
1205 | struct ieee80211_local *local = sdata->local; |
1206 | struct ieee80211_hdr *hdr; |
1207 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
1208 | bool aggr_check = false; |
1209 | int tid; |
1210 | |
1211 | memset(tx, 0, sizeof(*tx)); |
1212 | tx->skb = skb; |
1213 | tx->local = local; |
1214 | tx->sdata = sdata; |
1215 | __skb_queue_head_init(list: &tx->skbs); |
1216 | |
1217 | /* |
1218 | * If this flag is set to true anywhere, and we get here, |
1219 | * we are doing the needed processing, so remove the flag |
1220 | * now. |
1221 | */ |
1222 | info->control.flags &= ~IEEE80211_TX_INTCFL_NEED_TXPROCESSING; |
1223 | |
1224 | hdr = (struct ieee80211_hdr *) skb->data; |
1225 | |
1226 | if (likely(sta)) { |
1227 | if (!IS_ERR(ptr: sta)) |
1228 | tx->sta = sta; |
1229 | } else { |
1230 | if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { |
1231 | tx->sta = rcu_dereference(sdata->u.vlan.sta); |
1232 | if (!tx->sta && sdata->wdev.use_4addr) |
1233 | return TX_DROP; |
1234 | } else if (tx->sdata->control_port_protocol == tx->skb->protocol) { |
1235 | tx->sta = sta_info_get_bss(sdata, addr: hdr->addr1); |
1236 | } |
1237 | if (!tx->sta && !is_multicast_ether_addr(addr: hdr->addr1)) { |
1238 | tx->sta = sta_info_get(sdata, addr: hdr->addr1); |
1239 | aggr_check = true; |
1240 | } |
1241 | } |
1242 | |
1243 | if (tx->sta && ieee80211_is_data_qos(fc: hdr->frame_control) && |
1244 | !ieee80211_is_qos_nullfunc(fc: hdr->frame_control) && |
1245 | ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION) && |
1246 | !ieee80211_hw_check(&local->hw, TX_AMPDU_SETUP_IN_HW)) { |
1247 | struct tid_ampdu_tx *tid_tx; |
1248 | |
1249 | tid = ieee80211_get_tid(hdr); |
1250 | tid_tx = rcu_dereference(tx->sta->ampdu_mlme.tid_tx[tid]); |
1251 | if (!tid_tx && aggr_check) { |
1252 | ieee80211_aggr_check(sdata, sta: tx->sta, skb); |
1253 | tid_tx = rcu_dereference(tx->sta->ampdu_mlme.tid_tx[tid]); |
1254 | } |
1255 | |
1256 | if (tid_tx) { |
1257 | bool queued; |
1258 | |
1259 | queued = ieee80211_tx_prep_agg(tx, skb, info, |
1260 | tid_tx, tid); |
1261 | |
1262 | if (unlikely(queued)) |
1263 | return TX_QUEUED; |
1264 | } |
1265 | } |
1266 | |
1267 | if (is_multicast_ether_addr(addr: hdr->addr1)) { |
1268 | tx->flags &= ~IEEE80211_TX_UNICAST; |
1269 | info->flags |= IEEE80211_TX_CTL_NO_ACK; |
1270 | } else |
1271 | tx->flags |= IEEE80211_TX_UNICAST; |
1272 | |
1273 | if (!(info->flags & IEEE80211_TX_CTL_DONTFRAG)) { |
1274 | if (!(tx->flags & IEEE80211_TX_UNICAST) || |
1275 | skb->len + FCS_LEN <= local->hw.wiphy->frag_threshold || |
1276 | info->flags & IEEE80211_TX_CTL_AMPDU) |
1277 | info->flags |= IEEE80211_TX_CTL_DONTFRAG; |
1278 | } |
1279 | |
1280 | if (!tx->sta) |
1281 | info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT; |
1282 | else if (test_and_clear_sta_flag(sta: tx->sta, flag: WLAN_STA_CLEAR_PS_FILT)) { |
1283 | info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT; |
1284 | ieee80211_check_fast_xmit(sta: tx->sta); |
1285 | } |
1286 | |
1287 | info->flags |= IEEE80211_TX_CTL_FIRST_FRAGMENT; |
1288 | |
1289 | return TX_CONTINUE; |
1290 | } |
1291 | |
1292 | static struct txq_info *ieee80211_get_txq(struct ieee80211_local *local, |
1293 | struct ieee80211_vif *vif, |
1294 | struct sta_info *sta, |
1295 | struct sk_buff *skb) |
1296 | { |
1297 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; |
1298 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
1299 | struct ieee80211_txq *txq = NULL; |
1300 | |
1301 | if ((info->flags & IEEE80211_TX_CTL_SEND_AFTER_DTIM) || |
1302 | (info->control.flags & IEEE80211_TX_CTRL_PS_RESPONSE)) |
1303 | return NULL; |
1304 | |
1305 | if (!(info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP) && |
1306 | unlikely(!ieee80211_is_data_present(hdr->frame_control))) { |
1307 | if ((!ieee80211_is_mgmt(fc: hdr->frame_control) || |
1308 | ieee80211_is_bufferable_mmpdu(skb) || |
1309 | vif->type == NL80211_IFTYPE_STATION) && |
1310 | sta && sta->uploaded) { |
1311 | /* |
1312 | * This will be NULL if the driver didn't set the |
1313 | * opt-in hardware flag. |
1314 | */ |
1315 | txq = sta->sta.txq[IEEE80211_NUM_TIDS]; |
1316 | } |
1317 | } else if (sta) { |
1318 | u8 tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK; |
1319 | |
1320 | if (!sta->uploaded) |
1321 | return NULL; |
1322 | |
1323 | txq = sta->sta.txq[tid]; |
1324 | } else { |
1325 | txq = vif->txq; |
1326 | } |
1327 | |
1328 | if (!txq) |
1329 | return NULL; |
1330 | |
1331 | return to_txq_info(txq); |
1332 | } |
1333 | |
1334 | static void ieee80211_set_skb_enqueue_time(struct sk_buff *skb) |
1335 | { |
1336 | struct sk_buff *next; |
1337 | codel_time_t now = codel_get_time(); |
1338 | |
1339 | skb_list_walk_safe(skb, skb, next) |
1340 | IEEE80211_SKB_CB(skb)->control.enqueue_time = now; |
1341 | } |
1342 | |
1343 | static u32 codel_skb_len_func(const struct sk_buff *skb) |
1344 | { |
1345 | return skb->len; |
1346 | } |
1347 | |
1348 | static codel_time_t codel_skb_time_func(const struct sk_buff *skb) |
1349 | { |
1350 | const struct ieee80211_tx_info *info; |
1351 | |
1352 | info = (const struct ieee80211_tx_info *)skb->cb; |
1353 | return info->control.enqueue_time; |
1354 | } |
1355 | |
1356 | static struct sk_buff *codel_dequeue_func(struct codel_vars *cvars, |
1357 | void *ctx) |
1358 | { |
1359 | struct ieee80211_local *local; |
1360 | struct txq_info *txqi; |
1361 | struct fq *fq; |
1362 | struct fq_flow *flow; |
1363 | |
1364 | txqi = ctx; |
1365 | local = vif_to_sdata(p: txqi->txq.vif)->local; |
1366 | fq = &local->fq; |
1367 | |
1368 | if (cvars == &txqi->def_cvars) |
1369 | flow = &txqi->tin.default_flow; |
1370 | else |
1371 | flow = &fq->flows[cvars - local->cvars]; |
1372 | |
1373 | return fq_flow_dequeue(fq, flow); |
1374 | } |
1375 | |
1376 | static void codel_drop_func(struct sk_buff *skb, |
1377 | void *ctx) |
1378 | { |
1379 | struct ieee80211_local *local; |
1380 | struct ieee80211_hw *hw; |
1381 | struct txq_info *txqi; |
1382 | |
1383 | txqi = ctx; |
1384 | local = vif_to_sdata(p: txqi->txq.vif)->local; |
1385 | hw = &local->hw; |
1386 | |
1387 | ieee80211_free_txskb(hw, skb); |
1388 | } |
1389 | |
1390 | static struct sk_buff *fq_tin_dequeue_func(struct fq *fq, |
1391 | struct fq_tin *tin, |
1392 | struct fq_flow *flow) |
1393 | { |
1394 | struct ieee80211_local *local; |
1395 | struct txq_info *txqi; |
1396 | struct codel_vars *cvars; |
1397 | struct codel_params *cparams; |
1398 | struct codel_stats *cstats; |
1399 | |
1400 | local = container_of(fq, struct ieee80211_local, fq); |
1401 | txqi = container_of(tin, struct txq_info, tin); |
1402 | cstats = &txqi->cstats; |
1403 | |
1404 | if (txqi->txq.sta) { |
1405 | struct sta_info *sta = container_of(txqi->txq.sta, |
1406 | struct sta_info, sta); |
1407 | cparams = &sta->cparams; |
1408 | } else { |
1409 | cparams = &local->cparams; |
1410 | } |
1411 | |
1412 | if (flow == &tin->default_flow) |
1413 | cvars = &txqi->def_cvars; |
1414 | else |
1415 | cvars = &local->cvars[flow - fq->flows]; |
1416 | |
1417 | return codel_dequeue(ctx: txqi, |
1418 | backlog: &flow->backlog, |
1419 | params: cparams, |
1420 | vars: cvars, |
1421 | stats: cstats, |
1422 | skb_len_func: codel_skb_len_func, |
1423 | skb_time_func: codel_skb_time_func, |
1424 | drop_func: codel_drop_func, |
1425 | dequeue_func: codel_dequeue_func); |
1426 | } |
1427 | |
1428 | static void fq_skb_free_func(struct fq *fq, |
1429 | struct fq_tin *tin, |
1430 | struct fq_flow *flow, |
1431 | struct sk_buff *skb) |
1432 | { |
1433 | struct ieee80211_local *local; |
1434 | |
1435 | local = container_of(fq, struct ieee80211_local, fq); |
1436 | ieee80211_free_txskb(hw: &local->hw, skb); |
1437 | } |
1438 | |
1439 | static void ieee80211_txq_enqueue(struct ieee80211_local *local, |
1440 | struct txq_info *txqi, |
1441 | struct sk_buff *skb) |
1442 | { |
1443 | struct fq *fq = &local->fq; |
1444 | struct fq_tin *tin = &txqi->tin; |
1445 | u32 flow_idx = fq_flow_idx(fq, skb); |
1446 | |
1447 | ieee80211_set_skb_enqueue_time(skb); |
1448 | |
1449 | spin_lock_bh(lock: &fq->lock); |
1450 | /* |
1451 | * For management frames, don't really apply codel etc., |
1452 | * we don't want to apply any shaping or anything we just |
1453 | * want to simplify the driver API by having them on the |
1454 | * txqi. |
1455 | */ |
1456 | if (unlikely(txqi->txq.tid == IEEE80211_NUM_TIDS)) { |
1457 | IEEE80211_SKB_CB(skb)->control.flags |= |
1458 | IEEE80211_TX_INTCFL_NEED_TXPROCESSING; |
1459 | __skb_queue_tail(list: &txqi->frags, newsk: skb); |
1460 | } else { |
1461 | fq_tin_enqueue(fq, tin, idx: flow_idx, skb, |
1462 | free_func: fq_skb_free_func); |
1463 | } |
1464 | spin_unlock_bh(lock: &fq->lock); |
1465 | } |
1466 | |
1467 | static bool fq_vlan_filter_func(struct fq *fq, struct fq_tin *tin, |
1468 | struct fq_flow *flow, struct sk_buff *skb, |
1469 | void *data) |
1470 | { |
1471 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
1472 | |
1473 | return info->control.vif == data; |
1474 | } |
1475 | |
1476 | void ieee80211_txq_remove_vlan(struct ieee80211_local *local, |
1477 | struct ieee80211_sub_if_data *sdata) |
1478 | { |
1479 | struct fq *fq = &local->fq; |
1480 | struct txq_info *txqi; |
1481 | struct fq_tin *tin; |
1482 | struct ieee80211_sub_if_data *ap; |
1483 | |
1484 | if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_AP_VLAN)) |
1485 | return; |
1486 | |
1487 | ap = container_of(sdata->bss, struct ieee80211_sub_if_data, u.ap); |
1488 | |
1489 | if (!ap->vif.txq) |
1490 | return; |
1491 | |
1492 | txqi = to_txq_info(txq: ap->vif.txq); |
1493 | tin = &txqi->tin; |
1494 | |
1495 | spin_lock_bh(lock: &fq->lock); |
1496 | fq_tin_filter(fq, tin, filter_func: fq_vlan_filter_func, filter_data: &sdata->vif, |
1497 | free_func: fq_skb_free_func); |
1498 | spin_unlock_bh(lock: &fq->lock); |
1499 | } |
1500 | |
1501 | void ieee80211_txq_init(struct ieee80211_sub_if_data *sdata, |
1502 | struct sta_info *sta, |
1503 | struct txq_info *txqi, int tid) |
1504 | { |
1505 | fq_tin_init(tin: &txqi->tin); |
1506 | codel_vars_init(vars: &txqi->def_cvars); |
1507 | codel_stats_init(stats: &txqi->cstats); |
1508 | __skb_queue_head_init(list: &txqi->frags); |
1509 | INIT_LIST_HEAD(list: &txqi->schedule_order); |
1510 | |
1511 | txqi->txq.vif = &sdata->vif; |
1512 | |
1513 | if (!sta) { |
1514 | sdata->vif.txq = &txqi->txq; |
1515 | txqi->txq.tid = 0; |
1516 | txqi->txq.ac = IEEE80211_AC_BE; |
1517 | |
1518 | return; |
1519 | } |
1520 | |
1521 | if (tid == IEEE80211_NUM_TIDS) { |
1522 | if (sdata->vif.type == NL80211_IFTYPE_STATION) { |
1523 | /* Drivers need to opt in to the management MPDU TXQ */ |
1524 | if (!ieee80211_hw_check(&sdata->local->hw, |
1525 | STA_MMPDU_TXQ)) |
1526 | return; |
1527 | } else if (!ieee80211_hw_check(&sdata->local->hw, |
1528 | BUFF_MMPDU_TXQ)) { |
1529 | /* Drivers need to opt in to the bufferable MMPDU TXQ */ |
1530 | return; |
1531 | } |
1532 | txqi->txq.ac = IEEE80211_AC_VO; |
1533 | } else { |
1534 | txqi->txq.ac = ieee80211_ac_from_tid(tid); |
1535 | } |
1536 | |
1537 | txqi->txq.sta = &sta->sta; |
1538 | txqi->txq.tid = tid; |
1539 | sta->sta.txq[tid] = &txqi->txq; |
1540 | } |
1541 | |
1542 | void ieee80211_txq_purge(struct ieee80211_local *local, |
1543 | struct txq_info *txqi) |
1544 | { |
1545 | struct fq *fq = &local->fq; |
1546 | struct fq_tin *tin = &txqi->tin; |
1547 | |
1548 | spin_lock_bh(lock: &fq->lock); |
1549 | fq_tin_reset(fq, tin, free_func: fq_skb_free_func); |
1550 | ieee80211_purge_tx_queue(hw: &local->hw, skbs: &txqi->frags); |
1551 | spin_unlock_bh(lock: &fq->lock); |
1552 | |
1553 | spin_lock_bh(lock: &local->active_txq_lock[txqi->txq.ac]); |
1554 | list_del_init(entry: &txqi->schedule_order); |
1555 | spin_unlock_bh(lock: &local->active_txq_lock[txqi->txq.ac]); |
1556 | } |
1557 | |
1558 | void ieee80211_txq_set_params(struct ieee80211_local *local) |
1559 | { |
1560 | if (local->hw.wiphy->txq_limit) |
1561 | local->fq.limit = local->hw.wiphy->txq_limit; |
1562 | else |
1563 | local->hw.wiphy->txq_limit = local->fq.limit; |
1564 | |
1565 | if (local->hw.wiphy->txq_memory_limit) |
1566 | local->fq.memory_limit = local->hw.wiphy->txq_memory_limit; |
1567 | else |
1568 | local->hw.wiphy->txq_memory_limit = local->fq.memory_limit; |
1569 | |
1570 | if (local->hw.wiphy->txq_quantum) |
1571 | local->fq.quantum = local->hw.wiphy->txq_quantum; |
1572 | else |
1573 | local->hw.wiphy->txq_quantum = local->fq.quantum; |
1574 | } |
1575 | |
1576 | int ieee80211_txq_setup_flows(struct ieee80211_local *local) |
1577 | { |
1578 | struct fq *fq = &local->fq; |
1579 | int ret; |
1580 | int i; |
1581 | bool supp_vht = false; |
1582 | enum nl80211_band band; |
1583 | |
1584 | ret = fq_init(fq, flows_cnt: 4096); |
1585 | if (ret) |
1586 | return ret; |
1587 | |
1588 | /* |
1589 | * If the hardware doesn't support VHT, it is safe to limit the maximum |
1590 | * queue size. 4 Mbytes is 64 max-size aggregates in 802.11n. |
1591 | */ |
1592 | for (band = 0; band < NUM_NL80211_BANDS; band++) { |
1593 | struct ieee80211_supported_band *sband; |
1594 | |
1595 | sband = local->hw.wiphy->bands[band]; |
1596 | if (!sband) |
1597 | continue; |
1598 | |
1599 | supp_vht = supp_vht || sband->vht_cap.vht_supported; |
1600 | } |
1601 | |
1602 | if (!supp_vht) |
1603 | fq->memory_limit = 4 << 20; /* 4 Mbytes */ |
1604 | |
1605 | codel_params_init(params: &local->cparams); |
1606 | local->cparams.interval = MS2TIME(100); |
1607 | local->cparams.target = MS2TIME(20); |
1608 | local->cparams.ecn = true; |
1609 | |
1610 | local->cvars = kcalloc(n: fq->flows_cnt, size: sizeof(local->cvars[0]), |
1611 | GFP_KERNEL); |
1612 | if (!local->cvars) { |
1613 | spin_lock_bh(lock: &fq->lock); |
1614 | fq_reset(fq, free_func: fq_skb_free_func); |
1615 | spin_unlock_bh(lock: &fq->lock); |
1616 | return -ENOMEM; |
1617 | } |
1618 | |
1619 | for (i = 0; i < fq->flows_cnt; i++) |
1620 | codel_vars_init(vars: &local->cvars[i]); |
1621 | |
1622 | ieee80211_txq_set_params(local); |
1623 | |
1624 | return 0; |
1625 | } |
1626 | |
1627 | void ieee80211_txq_teardown_flows(struct ieee80211_local *local) |
1628 | { |
1629 | struct fq *fq = &local->fq; |
1630 | |
1631 | kfree(objp: local->cvars); |
1632 | local->cvars = NULL; |
1633 | |
1634 | spin_lock_bh(lock: &fq->lock); |
1635 | fq_reset(fq, free_func: fq_skb_free_func); |
1636 | spin_unlock_bh(lock: &fq->lock); |
1637 | } |
1638 | |
1639 | static bool ieee80211_queue_skb(struct ieee80211_local *local, |
1640 | struct ieee80211_sub_if_data *sdata, |
1641 | struct sta_info *sta, |
1642 | struct sk_buff *skb) |
1643 | { |
1644 | struct ieee80211_vif *vif; |
1645 | struct txq_info *txqi; |
1646 | |
1647 | if (sdata->vif.type == NL80211_IFTYPE_MONITOR) |
1648 | return false; |
1649 | |
1650 | if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) |
1651 | sdata = container_of(sdata->bss, |
1652 | struct ieee80211_sub_if_data, u.ap); |
1653 | |
1654 | vif = &sdata->vif; |
1655 | txqi = ieee80211_get_txq(local, vif, sta, skb); |
1656 | |
1657 | if (!txqi) |
1658 | return false; |
1659 | |
1660 | ieee80211_txq_enqueue(local, txqi, skb); |
1661 | |
1662 | schedule_and_wake_txq(local, txqi); |
1663 | |
1664 | return true; |
1665 | } |
1666 | |
1667 | static bool ieee80211_tx_frags(struct ieee80211_local *local, |
1668 | struct ieee80211_vif *vif, |
1669 | struct sta_info *sta, |
1670 | struct sk_buff_head *skbs, |
1671 | bool txpending) |
1672 | { |
1673 | struct ieee80211_tx_control control = {}; |
1674 | struct sk_buff *skb, *tmp; |
1675 | unsigned long flags; |
1676 | |
1677 | skb_queue_walk_safe(skbs, skb, tmp) { |
1678 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
1679 | int q = info->hw_queue; |
1680 | |
1681 | #ifdef CONFIG_MAC80211_VERBOSE_DEBUG |
1682 | if (WARN_ON_ONCE(q >= local->hw.queues)) { |
1683 | __skb_unlink(skb, list: skbs); |
1684 | ieee80211_free_txskb(hw: &local->hw, skb); |
1685 | continue; |
1686 | } |
1687 | #endif |
1688 | |
1689 | spin_lock_irqsave(&local->queue_stop_reason_lock, flags); |
1690 | if (local->queue_stop_reasons[q] || |
1691 | (!txpending && !skb_queue_empty(list: &local->pending[q]))) { |
1692 | if (unlikely(info->flags & |
1693 | IEEE80211_TX_INTFL_OFFCHAN_TX_OK)) { |
1694 | if (local->queue_stop_reasons[q] & |
1695 | ~BIT(IEEE80211_QUEUE_STOP_REASON_OFFCHANNEL)) { |
1696 | /* |
1697 | * Drop off-channel frames if queues |
1698 | * are stopped for any reason other |
1699 | * than off-channel operation. Never |
1700 | * queue them. |
1701 | */ |
1702 | spin_unlock_irqrestore( |
1703 | lock: &local->queue_stop_reason_lock, |
1704 | flags); |
1705 | ieee80211_purge_tx_queue(hw: &local->hw, |
1706 | skbs); |
1707 | return true; |
1708 | } |
1709 | } else { |
1710 | |
1711 | /* |
1712 | * Since queue is stopped, queue up frames for |
1713 | * later transmission from the tx-pending |
1714 | * tasklet when the queue is woken again. |
1715 | */ |
1716 | if (txpending) |
1717 | skb_queue_splice_init(list: skbs, |
1718 | head: &local->pending[q]); |
1719 | else |
1720 | skb_queue_splice_tail_init(list: skbs, |
1721 | head: &local->pending[q]); |
1722 | |
1723 | spin_unlock_irqrestore(lock: &local->queue_stop_reason_lock, |
1724 | flags); |
1725 | return false; |
1726 | } |
1727 | } |
1728 | spin_unlock_irqrestore(lock: &local->queue_stop_reason_lock, flags); |
1729 | |
1730 | info->control.vif = vif; |
1731 | control.sta = sta ? &sta->sta : NULL; |
1732 | |
1733 | __skb_unlink(skb, list: skbs); |
1734 | drv_tx(local, control: &control, skb); |
1735 | } |
1736 | |
1737 | return true; |
1738 | } |
1739 | |
1740 | /* |
1741 | * Returns false if the frame couldn't be transmitted but was queued instead. |
1742 | */ |
1743 | static bool __ieee80211_tx(struct ieee80211_local *local, |
1744 | struct sk_buff_head *skbs, struct sta_info *sta, |
1745 | bool txpending) |
1746 | { |
1747 | struct ieee80211_tx_info *info; |
1748 | struct ieee80211_sub_if_data *sdata; |
1749 | struct ieee80211_vif *vif; |
1750 | struct sk_buff *skb; |
1751 | bool result; |
1752 | |
1753 | if (WARN_ON(skb_queue_empty(skbs))) |
1754 | return true; |
1755 | |
1756 | skb = skb_peek(list_: skbs); |
1757 | info = IEEE80211_SKB_CB(skb); |
1758 | sdata = vif_to_sdata(p: info->control.vif); |
1759 | if (sta && !sta->uploaded) |
1760 | sta = NULL; |
1761 | |
1762 | switch (sdata->vif.type) { |
1763 | case NL80211_IFTYPE_MONITOR: |
1764 | if (sdata->u.mntr.flags & MONITOR_FLAG_ACTIVE) { |
1765 | vif = &sdata->vif; |
1766 | break; |
1767 | } |
1768 | sdata = rcu_dereference(local->monitor_sdata); |
1769 | if (sdata) { |
1770 | vif = &sdata->vif; |
1771 | info->hw_queue = |
1772 | vif->hw_queue[skb_get_queue_mapping(skb)]; |
1773 | } else if (ieee80211_hw_check(&local->hw, QUEUE_CONTROL)) { |
1774 | ieee80211_purge_tx_queue(hw: &local->hw, skbs); |
1775 | return true; |
1776 | } else |
1777 | vif = NULL; |
1778 | break; |
1779 | case NL80211_IFTYPE_AP_VLAN: |
1780 | sdata = container_of(sdata->bss, |
1781 | struct ieee80211_sub_if_data, u.ap); |
1782 | fallthrough; |
1783 | default: |
1784 | vif = &sdata->vif; |
1785 | break; |
1786 | } |
1787 | |
1788 | result = ieee80211_tx_frags(local, vif, sta, skbs, txpending); |
1789 | |
1790 | WARN_ON_ONCE(!skb_queue_empty(skbs)); |
1791 | |
1792 | return result; |
1793 | } |
1794 | |
1795 | /* |
1796 | * Invoke TX handlers, return 0 on success and non-zero if the |
1797 | * frame was dropped or queued. |
1798 | * |
1799 | * The handlers are split into an early and late part. The latter is everything |
1800 | * that can be sensitive to reordering, and will be deferred to after packets |
1801 | * are dequeued from the intermediate queues (when they are enabled). |
1802 | */ |
1803 | static int invoke_tx_handlers_early(struct ieee80211_tx_data *tx) |
1804 | { |
1805 | ieee80211_tx_result res = TX_DROP; |
1806 | |
1807 | #define CALL_TXH(txh) \ |
1808 | do { \ |
1809 | res = txh(tx); \ |
1810 | if (res != TX_CONTINUE) \ |
1811 | goto txh_done; \ |
1812 | } while (0) |
1813 | |
1814 | CALL_TXH(ieee80211_tx_h_dynamic_ps); |
1815 | CALL_TXH(ieee80211_tx_h_check_assoc); |
1816 | CALL_TXH(ieee80211_tx_h_ps_buf); |
1817 | CALL_TXH(ieee80211_tx_h_check_control_port_protocol); |
1818 | CALL_TXH(ieee80211_tx_h_select_key); |
1819 | |
1820 | txh_done: |
1821 | if (unlikely(res == TX_DROP)) { |
1822 | I802_DEBUG_INC(tx->local->tx_handlers_drop); |
1823 | if (tx->skb) |
1824 | ieee80211_free_txskb(hw: &tx->local->hw, skb: tx->skb); |
1825 | else |
1826 | ieee80211_purge_tx_queue(hw: &tx->local->hw, skbs: &tx->skbs); |
1827 | return -1; |
1828 | } else if (unlikely(res == TX_QUEUED)) { |
1829 | I802_DEBUG_INC(tx->local->tx_handlers_queued); |
1830 | return -1; |
1831 | } |
1832 | |
1833 | return 0; |
1834 | } |
1835 | |
1836 | /* |
1837 | * Late handlers can be called while the sta lock is held. Handlers that can |
1838 | * cause packets to be generated will cause deadlock! |
1839 | */ |
1840 | static int invoke_tx_handlers_late(struct ieee80211_tx_data *tx) |
1841 | { |
1842 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb: tx->skb); |
1843 | ieee80211_tx_result res = TX_CONTINUE; |
1844 | |
1845 | if (!ieee80211_hw_check(&tx->local->hw, HAS_RATE_CONTROL)) |
1846 | CALL_TXH(ieee80211_tx_h_rate_ctrl); |
1847 | |
1848 | if (unlikely(info->flags & IEEE80211_TX_INTFL_RETRANSMISSION)) { |
1849 | __skb_queue_tail(list: &tx->skbs, newsk: tx->skb); |
1850 | tx->skb = NULL; |
1851 | goto txh_done; |
1852 | } |
1853 | |
1854 | CALL_TXH(ieee80211_tx_h_michael_mic_add); |
1855 | CALL_TXH(ieee80211_tx_h_sequence); |
1856 | CALL_TXH(ieee80211_tx_h_fragment); |
1857 | /* handlers after fragment must be aware of tx info fragmentation! */ |
1858 | CALL_TXH(ieee80211_tx_h_stats); |
1859 | CALL_TXH(ieee80211_tx_h_encrypt); |
1860 | if (!ieee80211_hw_check(&tx->local->hw, HAS_RATE_CONTROL)) |
1861 | CALL_TXH(ieee80211_tx_h_calculate_duration); |
1862 | #undef CALL_TXH |
1863 | |
1864 | txh_done: |
1865 | if (unlikely(res == TX_DROP)) { |
1866 | I802_DEBUG_INC(tx->local->tx_handlers_drop); |
1867 | if (tx->skb) |
1868 | ieee80211_free_txskb(hw: &tx->local->hw, skb: tx->skb); |
1869 | else |
1870 | ieee80211_purge_tx_queue(hw: &tx->local->hw, skbs: &tx->skbs); |
1871 | return -1; |
1872 | } else if (unlikely(res == TX_QUEUED)) { |
1873 | I802_DEBUG_INC(tx->local->tx_handlers_queued); |
1874 | return -1; |
1875 | } |
1876 | |
1877 | return 0; |
1878 | } |
1879 | |
1880 | static int invoke_tx_handlers(struct ieee80211_tx_data *tx) |
1881 | { |
1882 | int r = invoke_tx_handlers_early(tx); |
1883 | |
1884 | if (r) |
1885 | return r; |
1886 | return invoke_tx_handlers_late(tx); |
1887 | } |
1888 | |
1889 | bool ieee80211_tx_prepare_skb(struct ieee80211_hw *hw, |
1890 | struct ieee80211_vif *vif, struct sk_buff *skb, |
1891 | int band, struct ieee80211_sta **sta) |
1892 | { |
1893 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(p: vif); |
1894 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
1895 | struct ieee80211_tx_data tx; |
1896 | struct sk_buff *skb2; |
1897 | |
1898 | if (ieee80211_tx_prepare(sdata, tx: &tx, NULL, skb) == TX_DROP) |
1899 | return false; |
1900 | |
1901 | info->band = band; |
1902 | info->control.vif = vif; |
1903 | info->hw_queue = vif->hw_queue[skb_get_queue_mapping(skb)]; |
1904 | |
1905 | if (invoke_tx_handlers(tx: &tx)) |
1906 | return false; |
1907 | |
1908 | if (sta) { |
1909 | if (tx.sta) |
1910 | *sta = &tx.sta->sta; |
1911 | else |
1912 | *sta = NULL; |
1913 | } |
1914 | |
1915 | /* this function isn't suitable for fragmented data frames */ |
1916 | skb2 = __skb_dequeue(list: &tx.skbs); |
1917 | if (WARN_ON(skb2 != skb || !skb_queue_empty(&tx.skbs))) { |
1918 | ieee80211_free_txskb(hw, skb: skb2); |
1919 | ieee80211_purge_tx_queue(hw, skbs: &tx.skbs); |
1920 | return false; |
1921 | } |
1922 | |
1923 | return true; |
1924 | } |
1925 | EXPORT_SYMBOL(ieee80211_tx_prepare_skb); |
1926 | |
1927 | /* |
1928 | * Returns false if the frame couldn't be transmitted but was queued instead. |
1929 | */ |
1930 | static bool ieee80211_tx(struct ieee80211_sub_if_data *sdata, |
1931 | struct sta_info *sta, struct sk_buff *skb, |
1932 | bool txpending) |
1933 | { |
1934 | struct ieee80211_local *local = sdata->local; |
1935 | struct ieee80211_tx_data tx; |
1936 | ieee80211_tx_result res_prepare; |
1937 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
1938 | bool result = true; |
1939 | |
1940 | if (unlikely(skb->len < 10)) { |
1941 | dev_kfree_skb(skb); |
1942 | return true; |
1943 | } |
1944 | |
1945 | /* initialises tx */ |
1946 | res_prepare = ieee80211_tx_prepare(sdata, tx: &tx, sta, skb); |
1947 | |
1948 | if (unlikely(res_prepare == TX_DROP)) { |
1949 | ieee80211_free_txskb(hw: &local->hw, skb); |
1950 | return true; |
1951 | } else if (unlikely(res_prepare == TX_QUEUED)) { |
1952 | return true; |
1953 | } |
1954 | |
1955 | /* set up hw_queue value early */ |
1956 | if (!(info->flags & IEEE80211_TX_CTL_TX_OFFCHAN) || |
1957 | !ieee80211_hw_check(&local->hw, QUEUE_CONTROL)) |
1958 | info->hw_queue = |
1959 | sdata->vif.hw_queue[skb_get_queue_mapping(skb)]; |
1960 | |
1961 | if (invoke_tx_handlers_early(tx: &tx)) |
1962 | return true; |
1963 | |
1964 | if (ieee80211_queue_skb(local, sdata, sta: tx.sta, skb: tx.skb)) |
1965 | return true; |
1966 | |
1967 | if (!invoke_tx_handlers_late(tx: &tx)) |
1968 | result = __ieee80211_tx(local, skbs: &tx.skbs, sta: tx.sta, txpending); |
1969 | |
1970 | return result; |
1971 | } |
1972 | |
1973 | /* device xmit handlers */ |
1974 | |
1975 | enum ieee80211_encrypt { |
1976 | ENCRYPT_NO, |
1977 | ENCRYPT_MGMT, |
1978 | ENCRYPT_DATA, |
1979 | }; |
1980 | |
1981 | static int ieee80211_skb_resize(struct ieee80211_sub_if_data *sdata, |
1982 | struct sk_buff *skb, |
1983 | int head_need, |
1984 | enum ieee80211_encrypt encrypt) |
1985 | { |
1986 | struct ieee80211_local *local = sdata->local; |
1987 | bool enc_tailroom; |
1988 | int tail_need = 0; |
1989 | |
1990 | enc_tailroom = encrypt == ENCRYPT_MGMT || |
1991 | (encrypt == ENCRYPT_DATA && |
1992 | sdata->crypto_tx_tailroom_needed_cnt); |
1993 | |
1994 | if (enc_tailroom) { |
1995 | tail_need = IEEE80211_ENCRYPT_TAILROOM; |
1996 | tail_need -= skb_tailroom(skb); |
1997 | tail_need = max_t(int, tail_need, 0); |
1998 | } |
1999 | |
2000 | if (skb_cloned(skb) && |
2001 | (!ieee80211_hw_check(&local->hw, SUPPORTS_CLONED_SKBS) || |
2002 | !skb_clone_writable(skb, ETH_HLEN) || enc_tailroom)) |
2003 | I802_DEBUG_INC(local->tx_expand_skb_head_cloned); |
2004 | else if (head_need || tail_need) |
2005 | I802_DEBUG_INC(local->tx_expand_skb_head); |
2006 | else |
2007 | return 0; |
2008 | |
2009 | if (pskb_expand_head(skb, nhead: head_need, ntail: tail_need, GFP_ATOMIC)) { |
2010 | wiphy_debug(local->hw.wiphy, |
2011 | "failed to reallocate TX buffer\n" ); |
2012 | return -ENOMEM; |
2013 | } |
2014 | |
2015 | return 0; |
2016 | } |
2017 | |
2018 | void ieee80211_xmit(struct ieee80211_sub_if_data *sdata, |
2019 | struct sta_info *sta, struct sk_buff *skb) |
2020 | { |
2021 | struct ieee80211_local *local = sdata->local; |
2022 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
2023 | struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data; |
2024 | int headroom; |
2025 | enum ieee80211_encrypt encrypt; |
2026 | |
2027 | if (info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT) |
2028 | encrypt = ENCRYPT_NO; |
2029 | else if (ieee80211_is_mgmt(fc: hdr->frame_control)) |
2030 | encrypt = ENCRYPT_MGMT; |
2031 | else |
2032 | encrypt = ENCRYPT_DATA; |
2033 | |
2034 | headroom = local->tx_headroom; |
2035 | if (encrypt != ENCRYPT_NO) |
2036 | headroom += IEEE80211_ENCRYPT_HEADROOM; |
2037 | headroom -= skb_headroom(skb); |
2038 | headroom = max_t(int, 0, headroom); |
2039 | |
2040 | if (ieee80211_skb_resize(sdata, skb, head_need: headroom, encrypt)) { |
2041 | ieee80211_free_txskb(hw: &local->hw, skb); |
2042 | return; |
2043 | } |
2044 | |
2045 | /* reload after potential resize */ |
2046 | hdr = (struct ieee80211_hdr *) skb->data; |
2047 | info->control.vif = &sdata->vif; |
2048 | |
2049 | if (ieee80211_vif_is_mesh(vif: &sdata->vif)) { |
2050 | if (ieee80211_is_data(fc: hdr->frame_control) && |
2051 | is_unicast_ether_addr(addr: hdr->addr1)) { |
2052 | if (mesh_nexthop_resolve(sdata, skb)) |
2053 | return; /* skb queued: don't free */ |
2054 | } else { |
2055 | ieee80211_mps_set_frame_flags(sdata, NULL, hdr); |
2056 | } |
2057 | } |
2058 | |
2059 | ieee80211_set_qos_hdr(sdata, skb); |
2060 | ieee80211_tx(sdata, sta, skb, txpending: false); |
2061 | } |
2062 | |
2063 | static bool ieee80211_validate_radiotap_len(struct sk_buff *skb) |
2064 | { |
2065 | struct ieee80211_radiotap_header *rthdr = |
2066 | (struct ieee80211_radiotap_header *)skb->data; |
2067 | |
2068 | /* check for not even having the fixed radiotap header part */ |
2069 | if (unlikely(skb->len < sizeof(struct ieee80211_radiotap_header))) |
2070 | return false; /* too short to be possibly valid */ |
2071 | |
2072 | /* is it a header version we can trust to find length from? */ |
2073 | if (unlikely(rthdr->it_version)) |
2074 | return false; /* only version 0 is supported */ |
2075 | |
2076 | /* does the skb contain enough to deliver on the alleged length? */ |
2077 | if (unlikely(skb->len < ieee80211_get_radiotap_len(skb->data))) |
2078 | return false; /* skb too short for claimed rt header extent */ |
2079 | |
2080 | return true; |
2081 | } |
2082 | |
2083 | bool ieee80211_parse_tx_radiotap(struct sk_buff *skb, |
2084 | struct net_device *dev) |
2085 | { |
2086 | struct ieee80211_local *local = wdev_priv(wdev: dev->ieee80211_ptr); |
2087 | struct ieee80211_radiotap_iterator iterator; |
2088 | struct ieee80211_radiotap_header *rthdr = |
2089 | (struct ieee80211_radiotap_header *) skb->data; |
2090 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
2091 | int ret = ieee80211_radiotap_iterator_init(iterator: &iterator, radiotap_header: rthdr, max_length: skb->len, |
2092 | NULL); |
2093 | u16 txflags; |
2094 | u16 rate = 0; |
2095 | bool rate_found = false; |
2096 | u8 rate_retries = 0; |
2097 | u16 rate_flags = 0; |
2098 | u8 mcs_known, mcs_flags, mcs_bw; |
2099 | u16 vht_known; |
2100 | u8 vht_mcs = 0, vht_nss = 0; |
2101 | int i; |
2102 | |
2103 | if (!ieee80211_validate_radiotap_len(skb)) |
2104 | return false; |
2105 | |
2106 | info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT | |
2107 | IEEE80211_TX_CTL_DONTFRAG; |
2108 | |
2109 | /* |
2110 | * for every radiotap entry that is present |
2111 | * (ieee80211_radiotap_iterator_next returns -ENOENT when no more |
2112 | * entries present, or -EINVAL on error) |
2113 | */ |
2114 | |
2115 | while (!ret) { |
2116 | ret = ieee80211_radiotap_iterator_next(iterator: &iterator); |
2117 | |
2118 | if (ret) |
2119 | continue; |
2120 | |
2121 | /* see if this argument is something we can use */ |
2122 | switch (iterator.this_arg_index) { |
2123 | /* |
2124 | * You must take care when dereferencing iterator.this_arg |
2125 | * for multibyte types... the pointer is not aligned. Use |
2126 | * get_unaligned((type *)iterator.this_arg) to dereference |
2127 | * iterator.this_arg for type "type" safely on all arches. |
2128 | */ |
2129 | case IEEE80211_RADIOTAP_FLAGS: |
2130 | if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FCS) { |
2131 | /* |
2132 | * this indicates that the skb we have been |
2133 | * handed has the 32-bit FCS CRC at the end... |
2134 | * we should react to that by snipping it off |
2135 | * because it will be recomputed and added |
2136 | * on transmission |
2137 | */ |
2138 | if (skb->len < (iterator._max_length + FCS_LEN)) |
2139 | return false; |
2140 | |
2141 | skb_trim(skb, len: skb->len - FCS_LEN); |
2142 | } |
2143 | if (*iterator.this_arg & IEEE80211_RADIOTAP_F_WEP) |
2144 | info->flags &= ~IEEE80211_TX_INTFL_DONT_ENCRYPT; |
2145 | if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FRAG) |
2146 | info->flags &= ~IEEE80211_TX_CTL_DONTFRAG; |
2147 | break; |
2148 | |
2149 | case IEEE80211_RADIOTAP_TX_FLAGS: |
2150 | txflags = get_unaligned_le16(p: iterator.this_arg); |
2151 | if (txflags & IEEE80211_RADIOTAP_F_TX_NOACK) |
2152 | info->flags |= IEEE80211_TX_CTL_NO_ACK; |
2153 | if (txflags & IEEE80211_RADIOTAP_F_TX_NOSEQNO) |
2154 | info->control.flags |= IEEE80211_TX_CTRL_NO_SEQNO; |
2155 | if (txflags & IEEE80211_RADIOTAP_F_TX_ORDER) |
2156 | info->control.flags |= |
2157 | IEEE80211_TX_CTRL_DONT_REORDER; |
2158 | break; |
2159 | |
2160 | case IEEE80211_RADIOTAP_RATE: |
2161 | rate = *iterator.this_arg; |
2162 | rate_flags = 0; |
2163 | rate_found = true; |
2164 | break; |
2165 | |
2166 | case IEEE80211_RADIOTAP_ANTENNA: |
2167 | /* this can appear multiple times, keep a bitmap */ |
2168 | info->control.antennas |= BIT(*iterator.this_arg); |
2169 | break; |
2170 | |
2171 | case IEEE80211_RADIOTAP_DATA_RETRIES: |
2172 | rate_retries = *iterator.this_arg; |
2173 | break; |
2174 | |
2175 | case IEEE80211_RADIOTAP_MCS: |
2176 | mcs_known = iterator.this_arg[0]; |
2177 | mcs_flags = iterator.this_arg[1]; |
2178 | if (!(mcs_known & IEEE80211_RADIOTAP_MCS_HAVE_MCS)) |
2179 | break; |
2180 | |
2181 | rate_found = true; |
2182 | rate = iterator.this_arg[2]; |
2183 | rate_flags = IEEE80211_TX_RC_MCS; |
2184 | |
2185 | if (mcs_known & IEEE80211_RADIOTAP_MCS_HAVE_GI && |
2186 | mcs_flags & IEEE80211_RADIOTAP_MCS_SGI) |
2187 | rate_flags |= IEEE80211_TX_RC_SHORT_GI; |
2188 | |
2189 | mcs_bw = mcs_flags & IEEE80211_RADIOTAP_MCS_BW_MASK; |
2190 | if (mcs_known & IEEE80211_RADIOTAP_MCS_HAVE_BW && |
2191 | mcs_bw == IEEE80211_RADIOTAP_MCS_BW_40) |
2192 | rate_flags |= IEEE80211_TX_RC_40_MHZ_WIDTH; |
2193 | |
2194 | if (mcs_known & IEEE80211_RADIOTAP_MCS_HAVE_FEC && |
2195 | mcs_flags & IEEE80211_RADIOTAP_MCS_FEC_LDPC) |
2196 | info->flags |= IEEE80211_TX_CTL_LDPC; |
2197 | |
2198 | if (mcs_known & IEEE80211_RADIOTAP_MCS_HAVE_STBC) { |
2199 | u8 stbc = u8_get_bits(v: mcs_flags, |
2200 | field: IEEE80211_RADIOTAP_MCS_STBC_MASK); |
2201 | |
2202 | info->flags |= |
2203 | u32_encode_bits(v: stbc, |
2204 | field: IEEE80211_TX_CTL_STBC); |
2205 | } |
2206 | break; |
2207 | |
2208 | case IEEE80211_RADIOTAP_VHT: |
2209 | vht_known = get_unaligned_le16(p: iterator.this_arg); |
2210 | rate_found = true; |
2211 | |
2212 | rate_flags = IEEE80211_TX_RC_VHT_MCS; |
2213 | if ((vht_known & IEEE80211_RADIOTAP_VHT_KNOWN_GI) && |
2214 | (iterator.this_arg[2] & |
2215 | IEEE80211_RADIOTAP_VHT_FLAG_SGI)) |
2216 | rate_flags |= IEEE80211_TX_RC_SHORT_GI; |
2217 | if (vht_known & |
2218 | IEEE80211_RADIOTAP_VHT_KNOWN_BANDWIDTH) { |
2219 | if (iterator.this_arg[3] == 1) |
2220 | rate_flags |= |
2221 | IEEE80211_TX_RC_40_MHZ_WIDTH; |
2222 | else if (iterator.this_arg[3] == 4) |
2223 | rate_flags |= |
2224 | IEEE80211_TX_RC_80_MHZ_WIDTH; |
2225 | else if (iterator.this_arg[3] == 11) |
2226 | rate_flags |= |
2227 | IEEE80211_TX_RC_160_MHZ_WIDTH; |
2228 | } |
2229 | |
2230 | vht_mcs = iterator.this_arg[4] >> 4; |
2231 | if (vht_mcs > 11) |
2232 | vht_mcs = 0; |
2233 | vht_nss = iterator.this_arg[4] & 0xF; |
2234 | if (!vht_nss || vht_nss > 8) |
2235 | vht_nss = 1; |
2236 | break; |
2237 | |
2238 | /* |
2239 | * Please update the file |
2240 | * Documentation/networking/mac80211-injection.rst |
2241 | * when parsing new fields here. |
2242 | */ |
2243 | |
2244 | default: |
2245 | break; |
2246 | } |
2247 | } |
2248 | |
2249 | if (ret != -ENOENT) /* ie, if we didn't simply run out of fields */ |
2250 | return false; |
2251 | |
2252 | if (rate_found) { |
2253 | struct ieee80211_supported_band *sband = |
2254 | local->hw.wiphy->bands[info->band]; |
2255 | |
2256 | info->control.flags |= IEEE80211_TX_CTRL_RATE_INJECT; |
2257 | |
2258 | for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) { |
2259 | info->control.rates[i].idx = -1; |
2260 | info->control.rates[i].flags = 0; |
2261 | info->control.rates[i].count = 0; |
2262 | } |
2263 | |
2264 | if (rate_flags & IEEE80211_TX_RC_MCS) { |
2265 | /* reset antennas if not enough */ |
2266 | if (IEEE80211_HT_MCS_CHAINS(rate) > |
2267 | hweight8(info->control.antennas)) |
2268 | info->control.antennas = 0; |
2269 | |
2270 | info->control.rates[0].idx = rate; |
2271 | } else if (rate_flags & IEEE80211_TX_RC_VHT_MCS) { |
2272 | /* reset antennas if not enough */ |
2273 | if (vht_nss > hweight8(info->control.antennas)) |
2274 | info->control.antennas = 0; |
2275 | |
2276 | ieee80211_rate_set_vht(rate: info->control.rates, mcs: vht_mcs, |
2277 | nss: vht_nss); |
2278 | } else if (sband) { |
2279 | for (i = 0; i < sband->n_bitrates; i++) { |
2280 | if (rate * 5 != sband->bitrates[i].bitrate) |
2281 | continue; |
2282 | |
2283 | info->control.rates[0].idx = i; |
2284 | break; |
2285 | } |
2286 | } |
2287 | |
2288 | if (info->control.rates[0].idx < 0) |
2289 | info->control.flags &= ~IEEE80211_TX_CTRL_RATE_INJECT; |
2290 | |
2291 | info->control.rates[0].flags = rate_flags; |
2292 | info->control.rates[0].count = min_t(u8, rate_retries + 1, |
2293 | local->hw.max_rate_tries); |
2294 | } |
2295 | |
2296 | return true; |
2297 | } |
2298 | |
2299 | netdev_tx_t ieee80211_monitor_start_xmit(struct sk_buff *skb, |
2300 | struct net_device *dev) |
2301 | { |
2302 | struct ieee80211_local *local = wdev_priv(wdev: dev->ieee80211_ptr); |
2303 | struct ieee80211_chanctx_conf *chanctx_conf; |
2304 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
2305 | struct ieee80211_hdr *hdr; |
2306 | struct ieee80211_sub_if_data *tmp_sdata, *sdata; |
2307 | struct cfg80211_chan_def *chandef; |
2308 | u16 len_rthdr; |
2309 | int hdrlen; |
2310 | |
2311 | sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
2312 | if (unlikely(!ieee80211_sdata_running(sdata))) |
2313 | goto fail; |
2314 | |
2315 | memset(info, 0, sizeof(*info)); |
2316 | info->flags = IEEE80211_TX_CTL_REQ_TX_STATUS | |
2317 | IEEE80211_TX_CTL_INJECTED; |
2318 | |
2319 | /* Sanity-check the length of the radiotap header */ |
2320 | if (!ieee80211_validate_radiotap_len(skb)) |
2321 | goto fail; |
2322 | |
2323 | /* we now know there is a radiotap header with a length we can use */ |
2324 | len_rthdr = ieee80211_get_radiotap_len(data: skb->data); |
2325 | |
2326 | /* |
2327 | * fix up the pointers accounting for the radiotap |
2328 | * header still being in there. We are being given |
2329 | * a precooked IEEE80211 header so no need for |
2330 | * normal processing |
2331 | */ |
2332 | skb_set_mac_header(skb, offset: len_rthdr); |
2333 | /* |
2334 | * these are just fixed to the end of the rt area since we |
2335 | * don't have any better information and at this point, nobody cares |
2336 | */ |
2337 | skb_set_network_header(skb, offset: len_rthdr); |
2338 | skb_set_transport_header(skb, offset: len_rthdr); |
2339 | |
2340 | if (skb->len < len_rthdr + 2) |
2341 | goto fail; |
2342 | |
2343 | hdr = (struct ieee80211_hdr *)(skb->data + len_rthdr); |
2344 | hdrlen = ieee80211_hdrlen(fc: hdr->frame_control); |
2345 | |
2346 | if (skb->len < len_rthdr + hdrlen) |
2347 | goto fail; |
2348 | |
2349 | /* |
2350 | * Initialize skb->protocol if the injected frame is a data frame |
2351 | * carrying a rfc1042 header |
2352 | */ |
2353 | if (ieee80211_is_data(fc: hdr->frame_control) && |
2354 | skb->len >= len_rthdr + hdrlen + sizeof(rfc1042_header) + 2) { |
2355 | u8 *payload = (u8 *)hdr + hdrlen; |
2356 | |
2357 | if (ether_addr_equal(addr1: payload, addr2: rfc1042_header)) |
2358 | skb->protocol = cpu_to_be16((payload[6] << 8) | |
2359 | payload[7]); |
2360 | } |
2361 | |
2362 | rcu_read_lock(); |
2363 | |
2364 | /* |
2365 | * We process outgoing injected frames that have a local address |
2366 | * we handle as though they are non-injected frames. |
2367 | * This code here isn't entirely correct, the local MAC address |
2368 | * isn't always enough to find the interface to use; for proper |
2369 | * VLAN support we have an nl80211-based mechanism. |
2370 | * |
2371 | * This is necessary, for example, for old hostapd versions that |
2372 | * don't use nl80211-based management TX/RX. |
2373 | */ |
2374 | list_for_each_entry_rcu(tmp_sdata, &local->interfaces, list) { |
2375 | if (!ieee80211_sdata_running(sdata: tmp_sdata)) |
2376 | continue; |
2377 | if (tmp_sdata->vif.type == NL80211_IFTYPE_MONITOR || |
2378 | tmp_sdata->vif.type == NL80211_IFTYPE_AP_VLAN) |
2379 | continue; |
2380 | if (ether_addr_equal(addr1: tmp_sdata->vif.addr, addr2: hdr->addr2)) { |
2381 | sdata = tmp_sdata; |
2382 | break; |
2383 | } |
2384 | } |
2385 | |
2386 | chanctx_conf = rcu_dereference(sdata->vif.bss_conf.chanctx_conf); |
2387 | if (!chanctx_conf) { |
2388 | tmp_sdata = rcu_dereference(local->monitor_sdata); |
2389 | if (tmp_sdata) |
2390 | chanctx_conf = |
2391 | rcu_dereference(tmp_sdata->vif.bss_conf.chanctx_conf); |
2392 | } |
2393 | |
2394 | if (chanctx_conf) |
2395 | chandef = &chanctx_conf->def; |
2396 | else if (!local->use_chanctx) |
2397 | chandef = &local->_oper_chandef; |
2398 | else |
2399 | goto fail_rcu; |
2400 | |
2401 | /* |
2402 | * Frame injection is not allowed if beaconing is not allowed |
2403 | * or if we need radar detection. Beaconing is usually not allowed when |
2404 | * the mode or operation (Adhoc, AP, Mesh) does not support DFS. |
2405 | * Passive scan is also used in world regulatory domains where |
2406 | * your country is not known and as such it should be treated as |
2407 | * NO TX unless the channel is explicitly allowed in which case |
2408 | * your current regulatory domain would not have the passive scan |
2409 | * flag. |
2410 | * |
2411 | * Since AP mode uses monitor interfaces to inject/TX management |
2412 | * frames we can make AP mode the exception to this rule once it |
2413 | * supports radar detection as its implementation can deal with |
2414 | * radar detection by itself. We can do that later by adding a |
2415 | * monitor flag interfaces used for AP support. |
2416 | */ |
2417 | if (!cfg80211_reg_can_beacon(wiphy: local->hw.wiphy, chandef, |
2418 | iftype: sdata->vif.type)) |
2419 | goto fail_rcu; |
2420 | |
2421 | info->band = chandef->chan->band; |
2422 | |
2423 | /* Initialize skb->priority according to frame type and TID class, |
2424 | * with respect to the sub interface that the frame will actually |
2425 | * be transmitted on. If the DONT_REORDER flag is set, the original |
2426 | * skb-priority is preserved to assure frames injected with this |
2427 | * flag are not reordered relative to each other. |
2428 | */ |
2429 | ieee80211_select_queue_80211(sdata, skb, hdr); |
2430 | skb_set_queue_mapping(skb, queue_mapping: ieee80211_ac_from_tid(tid: skb->priority)); |
2431 | |
2432 | /* |
2433 | * Process the radiotap header. This will now take into account the |
2434 | * selected chandef above to accurately set injection rates and |
2435 | * retransmissions. |
2436 | */ |
2437 | if (!ieee80211_parse_tx_radiotap(skb, dev)) |
2438 | goto fail_rcu; |
2439 | |
2440 | /* remove the injection radiotap header */ |
2441 | skb_pull(skb, len: len_rthdr); |
2442 | |
2443 | ieee80211_xmit(sdata, NULL, skb); |
2444 | rcu_read_unlock(); |
2445 | |
2446 | return NETDEV_TX_OK; |
2447 | |
2448 | fail_rcu: |
2449 | rcu_read_unlock(); |
2450 | fail: |
2451 | dev_kfree_skb(skb); |
2452 | return NETDEV_TX_OK; /* meaning, we dealt with the skb */ |
2453 | } |
2454 | |
2455 | static inline bool ieee80211_is_tdls_setup(struct sk_buff *skb) |
2456 | { |
2457 | u16 ethertype = (skb->data[12] << 8) | skb->data[13]; |
2458 | |
2459 | return ethertype == ETH_P_TDLS && |
2460 | skb->len > 14 && |
2461 | skb->data[14] == WLAN_TDLS_SNAP_RFTYPE; |
2462 | } |
2463 | |
2464 | int ieee80211_lookup_ra_sta(struct ieee80211_sub_if_data *sdata, |
2465 | struct sk_buff *skb, |
2466 | struct sta_info **sta_out) |
2467 | { |
2468 | struct sta_info *sta; |
2469 | |
2470 | switch (sdata->vif.type) { |
2471 | case NL80211_IFTYPE_AP_VLAN: |
2472 | sta = rcu_dereference(sdata->u.vlan.sta); |
2473 | if (sta) { |
2474 | *sta_out = sta; |
2475 | return 0; |
2476 | } else if (sdata->wdev.use_4addr) { |
2477 | return -ENOLINK; |
2478 | } |
2479 | fallthrough; |
2480 | case NL80211_IFTYPE_AP: |
2481 | case NL80211_IFTYPE_OCB: |
2482 | case NL80211_IFTYPE_ADHOC: |
2483 | if (is_multicast_ether_addr(addr: skb->data)) { |
2484 | *sta_out = ERR_PTR(error: -ENOENT); |
2485 | return 0; |
2486 | } |
2487 | sta = sta_info_get_bss(sdata, addr: skb->data); |
2488 | break; |
2489 | #ifdef CONFIG_MAC80211_MESH |
2490 | case NL80211_IFTYPE_MESH_POINT: |
2491 | /* determined much later */ |
2492 | *sta_out = NULL; |
2493 | return 0; |
2494 | #endif |
2495 | case NL80211_IFTYPE_STATION: |
2496 | if (sdata->wdev.wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS) { |
2497 | sta = sta_info_get(sdata, addr: skb->data); |
2498 | if (sta && test_sta_flag(sta, flag: WLAN_STA_TDLS_PEER)) { |
2499 | if (test_sta_flag(sta, |
2500 | flag: WLAN_STA_TDLS_PEER_AUTH)) { |
2501 | *sta_out = sta; |
2502 | return 0; |
2503 | } |
2504 | |
2505 | /* |
2506 | * TDLS link during setup - throw out frames to |
2507 | * peer. Allow TDLS-setup frames to unauthorized |
2508 | * peers for the special case of a link teardown |
2509 | * after a TDLS sta is removed due to being |
2510 | * unreachable. |
2511 | */ |
2512 | if (!ieee80211_is_tdls_setup(skb)) |
2513 | return -EINVAL; |
2514 | } |
2515 | |
2516 | } |
2517 | |
2518 | sta = sta_info_get(sdata, addr: sdata->vif.cfg.ap_addr); |
2519 | if (!sta) |
2520 | return -ENOLINK; |
2521 | break; |
2522 | default: |
2523 | return -EINVAL; |
2524 | } |
2525 | |
2526 | *sta_out = sta ?: ERR_PTR(error: -ENOENT); |
2527 | return 0; |
2528 | } |
2529 | |
2530 | static u16 ieee80211_store_ack_skb(struct ieee80211_local *local, |
2531 | struct sk_buff *skb, |
2532 | u32 *info_flags, |
2533 | u64 *cookie) |
2534 | { |
2535 | struct sk_buff *ack_skb; |
2536 | u16 info_id = 0; |
2537 | |
2538 | if (skb->sk) |
2539 | ack_skb = skb_clone_sk(skb); |
2540 | else |
2541 | ack_skb = skb_clone(skb, GFP_ATOMIC); |
2542 | |
2543 | if (ack_skb) { |
2544 | unsigned long flags; |
2545 | int id; |
2546 | |
2547 | spin_lock_irqsave(&local->ack_status_lock, flags); |
2548 | id = idr_alloc(&local->ack_status_frames, ptr: ack_skb, |
2549 | start: 1, end: 0x2000, GFP_ATOMIC); |
2550 | spin_unlock_irqrestore(lock: &local->ack_status_lock, flags); |
2551 | |
2552 | if (id >= 0) { |
2553 | info_id = id; |
2554 | *info_flags |= IEEE80211_TX_CTL_REQ_TX_STATUS; |
2555 | if (cookie) { |
2556 | *cookie = ieee80211_mgmt_tx_cookie(local); |
2557 | IEEE80211_SKB_CB(skb: ack_skb)->ack.cookie = *cookie; |
2558 | } |
2559 | } else { |
2560 | kfree_skb(skb: ack_skb); |
2561 | } |
2562 | } |
2563 | |
2564 | return info_id; |
2565 | } |
2566 | |
2567 | /** |
2568 | * ieee80211_build_hdr - build 802.11 header in the given frame |
2569 | * @sdata: virtual interface to build the header for |
2570 | * @skb: the skb to build the header in |
2571 | * @info_flags: skb flags to set |
2572 | * @sta: the station pointer |
2573 | * @ctrl_flags: info control flags to set |
2574 | * @cookie: cookie pointer to fill (if not %NULL) |
2575 | * |
2576 | * This function takes the skb with 802.3 header and reformats the header to |
2577 | * the appropriate IEEE 802.11 header based on which interface the packet is |
2578 | * being transmitted on. |
2579 | * |
2580 | * Note that this function also takes care of the TX status request and |
2581 | * potential unsharing of the SKB - this needs to be interleaved with the |
2582 | * header building. |
2583 | * |
2584 | * The function requires the read-side RCU lock held |
2585 | * |
2586 | * Returns: the (possibly reallocated) skb or an ERR_PTR() code |
2587 | */ |
2588 | static struct sk_buff *ieee80211_build_hdr(struct ieee80211_sub_if_data *sdata, |
2589 | struct sk_buff *skb, u32 info_flags, |
2590 | struct sta_info *sta, u32 ctrl_flags, |
2591 | u64 *cookie) |
2592 | { |
2593 | struct ieee80211_local *local = sdata->local; |
2594 | struct ieee80211_tx_info *info; |
2595 | int head_need; |
2596 | u16 ethertype, hdrlen, meshhdrlen = 0; |
2597 | __le16 fc; |
2598 | struct ieee80211_hdr hdr; |
2599 | struct ieee80211s_hdr mesh_hdr __maybe_unused; |
2600 | struct mesh_path __maybe_unused *mppath = NULL, *mpath = NULL; |
2601 | const u8 *encaps_data; |
2602 | int encaps_len, ; |
2603 | bool wme_sta = false, authorized = false; |
2604 | bool tdls_peer; |
2605 | bool multicast; |
2606 | u16 info_id = 0; |
2607 | struct ieee80211_chanctx_conf *chanctx_conf = NULL; |
2608 | enum nl80211_band band; |
2609 | int ret; |
2610 | u8 link_id = u32_get_bits(v: ctrl_flags, field: IEEE80211_TX_CTRL_MLO_LINK); |
2611 | |
2612 | if (IS_ERR(ptr: sta)) |
2613 | sta = NULL; |
2614 | |
2615 | #ifdef CONFIG_MAC80211_DEBUGFS |
2616 | if (local->force_tx_status) |
2617 | info_flags |= IEEE80211_TX_CTL_REQ_TX_STATUS; |
2618 | #endif |
2619 | |
2620 | /* convert Ethernet header to proper 802.11 header (based on |
2621 | * operation mode) */ |
2622 | ethertype = (skb->data[12] << 8) | skb->data[13]; |
2623 | fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA); |
2624 | |
2625 | if (!ieee80211_vif_is_mld(vif: &sdata->vif)) |
2626 | chanctx_conf = |
2627 | rcu_dereference(sdata->vif.bss_conf.chanctx_conf); |
2628 | |
2629 | switch (sdata->vif.type) { |
2630 | case NL80211_IFTYPE_AP_VLAN: |
2631 | if (sdata->wdev.use_4addr) { |
2632 | fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS); |
2633 | /* RA TA DA SA */ |
2634 | memcpy(hdr.addr1, sta->sta.addr, ETH_ALEN); |
2635 | memcpy(hdr.addr2, sdata->vif.addr, ETH_ALEN); |
2636 | memcpy(hdr.addr3, skb->data, ETH_ALEN); |
2637 | memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN); |
2638 | hdrlen = 30; |
2639 | authorized = test_sta_flag(sta, flag: WLAN_STA_AUTHORIZED); |
2640 | wme_sta = sta->sta.wme; |
2641 | } |
2642 | if (!ieee80211_vif_is_mld(vif: &sdata->vif)) { |
2643 | struct ieee80211_sub_if_data *ap_sdata; |
2644 | |
2645 | /* override chanctx_conf from AP (we don't have one) */ |
2646 | ap_sdata = container_of(sdata->bss, |
2647 | struct ieee80211_sub_if_data, |
2648 | u.ap); |
2649 | chanctx_conf = |
2650 | rcu_dereference(ap_sdata->vif.bss_conf.chanctx_conf); |
2651 | } |
2652 | if (sdata->wdev.use_4addr) |
2653 | break; |
2654 | fallthrough; |
2655 | case NL80211_IFTYPE_AP: |
2656 | fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS); |
2657 | /* DA BSSID SA */ |
2658 | memcpy(hdr.addr1, skb->data, ETH_ALEN); |
2659 | |
2660 | if (ieee80211_vif_is_mld(vif: &sdata->vif) && sta && !sta->sta.mlo) { |
2661 | struct ieee80211_link_data *link; |
2662 | |
2663 | link_id = sta->deflink.link_id; |
2664 | link = rcu_dereference(sdata->link[link_id]); |
2665 | if (WARN_ON(!link)) { |
2666 | ret = -ENOLINK; |
2667 | goto free; |
2668 | } |
2669 | memcpy(hdr.addr2, link->conf->addr, ETH_ALEN); |
2670 | } else if (link_id == IEEE80211_LINK_UNSPECIFIED || |
2671 | (sta && sta->sta.mlo)) { |
2672 | memcpy(hdr.addr2, sdata->vif.addr, ETH_ALEN); |
2673 | } else { |
2674 | struct ieee80211_bss_conf *conf; |
2675 | |
2676 | conf = rcu_dereference(sdata->vif.link_conf[link_id]); |
2677 | if (unlikely(!conf)) { |
2678 | ret = -ENOLINK; |
2679 | goto free; |
2680 | } |
2681 | |
2682 | memcpy(hdr.addr2, conf->addr, ETH_ALEN); |
2683 | } |
2684 | |
2685 | memcpy(hdr.addr3, skb->data + ETH_ALEN, ETH_ALEN); |
2686 | hdrlen = 24; |
2687 | break; |
2688 | #ifdef CONFIG_MAC80211_MESH |
2689 | case NL80211_IFTYPE_MESH_POINT: |
2690 | if (!is_multicast_ether_addr(addr: skb->data)) { |
2691 | struct sta_info *next_hop; |
2692 | bool mpp_lookup = true; |
2693 | |
2694 | mpath = mesh_path_lookup(sdata, dst: skb->data); |
2695 | if (mpath) { |
2696 | mpp_lookup = false; |
2697 | next_hop = rcu_dereference(mpath->next_hop); |
2698 | if (!next_hop || |
2699 | !(mpath->flags & (MESH_PATH_ACTIVE | |
2700 | MESH_PATH_RESOLVING))) |
2701 | mpp_lookup = true; |
2702 | } |
2703 | |
2704 | if (mpp_lookup) { |
2705 | mppath = mpp_path_lookup(sdata, dst: skb->data); |
2706 | if (mppath) |
2707 | mppath->exp_time = jiffies; |
2708 | } |
2709 | |
2710 | if (mppath && mpath) |
2711 | mesh_path_del(sdata, addr: mpath->dst); |
2712 | } |
2713 | |
2714 | /* |
2715 | * Use address extension if it is a packet from |
2716 | * another interface or if we know the destination |
2717 | * is being proxied by a portal (i.e. portal address |
2718 | * differs from proxied address) |
2719 | */ |
2720 | if (ether_addr_equal(addr1: sdata->vif.addr, addr2: skb->data + ETH_ALEN) && |
2721 | !(mppath && !ether_addr_equal(addr1: mppath->mpp, addr2: skb->data))) { |
2722 | hdrlen = ieee80211_fill_mesh_addresses(hdr: &hdr, fc: &fc, |
2723 | da: skb->data, sa: skb->data + ETH_ALEN); |
2724 | meshhdrlen = ieee80211_new_mesh_header(sdata, meshhdr: &mesh_hdr, |
2725 | NULL, NULL); |
2726 | } else { |
2727 | /* DS -> MBSS (802.11-2012 13.11.3.3). |
2728 | * For unicast with unknown forwarding information, |
2729 | * destination might be in the MBSS or if that fails |
2730 | * forwarded to another mesh gate. In either case |
2731 | * resolution will be handled in ieee80211_xmit(), so |
2732 | * leave the original DA. This also works for mcast */ |
2733 | const u8 *mesh_da = skb->data; |
2734 | |
2735 | if (mppath) |
2736 | mesh_da = mppath->mpp; |
2737 | else if (mpath) |
2738 | mesh_da = mpath->dst; |
2739 | |
2740 | hdrlen = ieee80211_fill_mesh_addresses(hdr: &hdr, fc: &fc, |
2741 | da: mesh_da, sa: sdata->vif.addr); |
2742 | if (is_multicast_ether_addr(addr: mesh_da)) |
2743 | /* DA TA mSA AE:SA */ |
2744 | meshhdrlen = ieee80211_new_mesh_header( |
2745 | sdata, meshhdr: &mesh_hdr, |
2746 | addr4or5: skb->data + ETH_ALEN, NULL); |
2747 | else |
2748 | /* RA TA mDA mSA AE:DA SA */ |
2749 | meshhdrlen = ieee80211_new_mesh_header( |
2750 | sdata, meshhdr: &mesh_hdr, addr4or5: skb->data, |
2751 | addr6: skb->data + ETH_ALEN); |
2752 | |
2753 | } |
2754 | |
2755 | /* For injected frames, fill RA right away as nexthop lookup |
2756 | * will be skipped. |
2757 | */ |
2758 | if ((ctrl_flags & IEEE80211_TX_CTRL_SKIP_MPATH_LOOKUP) && |
2759 | is_zero_ether_addr(addr: hdr.addr1)) |
2760 | memcpy(hdr.addr1, skb->data, ETH_ALEN); |
2761 | break; |
2762 | #endif |
2763 | case NL80211_IFTYPE_STATION: |
2764 | /* we already did checks when looking up the RA STA */ |
2765 | tdls_peer = test_sta_flag(sta, flag: WLAN_STA_TDLS_PEER); |
2766 | |
2767 | if (tdls_peer) { |
2768 | /* For TDLS only one link can be valid with peer STA */ |
2769 | int tdls_link_id = sta->sta.valid_links ? |
2770 | __ffs(sta->sta.valid_links) : 0; |
2771 | struct ieee80211_link_data *link; |
2772 | |
2773 | /* DA SA BSSID */ |
2774 | memcpy(hdr.addr1, skb->data, ETH_ALEN); |
2775 | memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN); |
2776 | link = rcu_dereference(sdata->link[tdls_link_id]); |
2777 | if (WARN_ON_ONCE(!link)) { |
2778 | ret = -EINVAL; |
2779 | goto free; |
2780 | } |
2781 | memcpy(hdr.addr3, link->u.mgd.bssid, ETH_ALEN); |
2782 | hdrlen = 24; |
2783 | } else if (sdata->u.mgd.use_4addr && |
2784 | cpu_to_be16(ethertype) != sdata->control_port_protocol) { |
2785 | fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS | |
2786 | IEEE80211_FCTL_TODS); |
2787 | /* RA TA DA SA */ |
2788 | memcpy(hdr.addr1, sdata->deflink.u.mgd.bssid, ETH_ALEN); |
2789 | memcpy(hdr.addr2, sdata->vif.addr, ETH_ALEN); |
2790 | memcpy(hdr.addr3, skb->data, ETH_ALEN); |
2791 | memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN); |
2792 | hdrlen = 30; |
2793 | } else { |
2794 | fc |= cpu_to_le16(IEEE80211_FCTL_TODS); |
2795 | /* BSSID SA DA */ |
2796 | memcpy(hdr.addr1, sdata->vif.cfg.ap_addr, ETH_ALEN); |
2797 | memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN); |
2798 | memcpy(hdr.addr3, skb->data, ETH_ALEN); |
2799 | hdrlen = 24; |
2800 | } |
2801 | break; |
2802 | case NL80211_IFTYPE_OCB: |
2803 | /* DA SA BSSID */ |
2804 | memcpy(hdr.addr1, skb->data, ETH_ALEN); |
2805 | memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN); |
2806 | eth_broadcast_addr(addr: hdr.addr3); |
2807 | hdrlen = 24; |
2808 | break; |
2809 | case NL80211_IFTYPE_ADHOC: |
2810 | /* DA SA BSSID */ |
2811 | memcpy(hdr.addr1, skb->data, ETH_ALEN); |
2812 | memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN); |
2813 | memcpy(hdr.addr3, sdata->u.ibss.bssid, ETH_ALEN); |
2814 | hdrlen = 24; |
2815 | break; |
2816 | default: |
2817 | ret = -EINVAL; |
2818 | goto free; |
2819 | } |
2820 | |
2821 | if (!chanctx_conf) { |
2822 | if (!ieee80211_vif_is_mld(vif: &sdata->vif)) { |
2823 | ret = -ENOTCONN; |
2824 | goto free; |
2825 | } |
2826 | /* MLD transmissions must not rely on the band */ |
2827 | band = 0; |
2828 | } else { |
2829 | band = chanctx_conf->def.chan->band; |
2830 | } |
2831 | |
2832 | multicast = is_multicast_ether_addr(addr: hdr.addr1); |
2833 | |
2834 | /* sta is always NULL for mesh */ |
2835 | if (sta) { |
2836 | authorized = test_sta_flag(sta, flag: WLAN_STA_AUTHORIZED); |
2837 | wme_sta = sta->sta.wme; |
2838 | } else if (ieee80211_vif_is_mesh(vif: &sdata->vif)) { |
2839 | /* For mesh, the use of the QoS header is mandatory */ |
2840 | wme_sta = true; |
2841 | } |
2842 | |
2843 | /* receiver does QoS (which also means we do) use it */ |
2844 | if (wme_sta) { |
2845 | fc |= cpu_to_le16(IEEE80211_STYPE_QOS_DATA); |
2846 | hdrlen += 2; |
2847 | } |
2848 | |
2849 | /* |
2850 | * Drop unicast frames to unauthorised stations unless they are |
2851 | * EAPOL frames from the local station. |
2852 | */ |
2853 | if (unlikely(!ieee80211_vif_is_mesh(&sdata->vif) && |
2854 | (sdata->vif.type != NL80211_IFTYPE_OCB) && |
2855 | !multicast && !authorized && |
2856 | (cpu_to_be16(ethertype) != sdata->control_port_protocol || |
2857 | !ieee80211_is_our_addr(sdata, skb->data + ETH_ALEN, NULL)))) { |
2858 | #ifdef CONFIG_MAC80211_VERBOSE_DEBUG |
2859 | net_info_ratelimited("%s: dropped frame to %pM (unauthorized port)\n" , |
2860 | sdata->name, hdr.addr1); |
2861 | #endif |
2862 | |
2863 | I802_DEBUG_INC(local->tx_handlers_drop_unauth_port); |
2864 | |
2865 | ret = -EPERM; |
2866 | goto free; |
2867 | } |
2868 | |
2869 | if (unlikely(!multicast && |
2870 | ((skb->sk && |
2871 | skb_shinfo(skb)->tx_flags & SKBTX_WIFI_STATUS) || |
2872 | ctrl_flags & IEEE80211_TX_CTL_REQ_TX_STATUS))) |
2873 | info_id = ieee80211_store_ack_skb(local, skb, info_flags: &info_flags, |
2874 | cookie); |
2875 | |
2876 | /* |
2877 | * If the skb is shared we need to obtain our own copy. |
2878 | */ |
2879 | skb = skb_share_check(skb, GFP_ATOMIC); |
2880 | if (unlikely(!skb)) { |
2881 | ret = -ENOMEM; |
2882 | goto free; |
2883 | } |
2884 | |
2885 | hdr.frame_control = fc; |
2886 | hdr.duration_id = 0; |
2887 | hdr.seq_ctrl = 0; |
2888 | |
2889 | skip_header_bytes = ETH_HLEN; |
2890 | if (ethertype == ETH_P_AARP || ethertype == ETH_P_IPX) { |
2891 | encaps_data = bridge_tunnel_header; |
2892 | encaps_len = sizeof(bridge_tunnel_header); |
2893 | skip_header_bytes -= 2; |
2894 | } else if (ethertype >= ETH_P_802_3_MIN) { |
2895 | encaps_data = rfc1042_header; |
2896 | encaps_len = sizeof(rfc1042_header); |
2897 | skip_header_bytes -= 2; |
2898 | } else { |
2899 | encaps_data = NULL; |
2900 | encaps_len = 0; |
2901 | } |
2902 | |
2903 | skb_pull(skb, len: skip_header_bytes); |
2904 | head_need = hdrlen + encaps_len + meshhdrlen - skb_headroom(skb); |
2905 | |
2906 | /* |
2907 | * So we need to modify the skb header and hence need a copy of |
2908 | * that. The head_need variable above doesn't, so far, include |
2909 | * the needed header space that we don't need right away. If we |
2910 | * can, then we don't reallocate right now but only after the |
2911 | * frame arrives at the master device (if it does...) |
2912 | * |
2913 | * If we cannot, however, then we will reallocate to include all |
2914 | * the ever needed space. Also, if we need to reallocate it anyway, |
2915 | * make it big enough for everything we may ever need. |
2916 | */ |
2917 | |
2918 | if (head_need > 0 || skb_cloned(skb)) { |
2919 | head_need += IEEE80211_ENCRYPT_HEADROOM; |
2920 | head_need += local->tx_headroom; |
2921 | head_need = max_t(int, 0, head_need); |
2922 | if (ieee80211_skb_resize(sdata, skb, head_need, encrypt: ENCRYPT_DATA)) { |
2923 | ieee80211_free_txskb(hw: &local->hw, skb); |
2924 | skb = NULL; |
2925 | return ERR_PTR(error: -ENOMEM); |
2926 | } |
2927 | } |
2928 | |
2929 | if (encaps_data) |
2930 | memcpy(skb_push(skb, encaps_len), encaps_data, encaps_len); |
2931 | |
2932 | #ifdef CONFIG_MAC80211_MESH |
2933 | if (meshhdrlen > 0) |
2934 | memcpy(skb_push(skb, meshhdrlen), &mesh_hdr, meshhdrlen); |
2935 | #endif |
2936 | |
2937 | if (ieee80211_is_data_qos(fc)) { |
2938 | __le16 *qos_control; |
2939 | |
2940 | qos_control = skb_push(skb, len: 2); |
2941 | memcpy(skb_push(skb, hdrlen - 2), &hdr, hdrlen - 2); |
2942 | /* |
2943 | * Maybe we could actually set some fields here, for now just |
2944 | * initialise to zero to indicate no special operation. |
2945 | */ |
2946 | *qos_control = 0; |
2947 | } else |
2948 | memcpy(skb_push(skb, hdrlen), &hdr, hdrlen); |
2949 | |
2950 | skb_reset_mac_header(skb); |
2951 | |
2952 | info = IEEE80211_SKB_CB(skb); |
2953 | memset(info, 0, sizeof(*info)); |
2954 | |
2955 | info->flags = info_flags; |
2956 | if (info_id) { |
2957 | info->status_data = info_id; |
2958 | info->status_data_idr = 1; |
2959 | } |
2960 | info->band = band; |
2961 | |
2962 | if (likely(!cookie)) { |
2963 | ctrl_flags |= u32_encode_bits(v: link_id, |
2964 | field: IEEE80211_TX_CTRL_MLO_LINK); |
2965 | } else { |
2966 | unsigned int pre_conf_link_id; |
2967 | |
2968 | /* |
2969 | * ctrl_flags already have been set by |
2970 | * ieee80211_tx_control_port(), here |
2971 | * we just sanity check that |
2972 | */ |
2973 | |
2974 | pre_conf_link_id = u32_get_bits(v: ctrl_flags, |
2975 | field: IEEE80211_TX_CTRL_MLO_LINK); |
2976 | |
2977 | if (pre_conf_link_id != link_id && |
2978 | link_id != IEEE80211_LINK_UNSPECIFIED) { |
2979 | #ifdef CONFIG_MAC80211_VERBOSE_DEBUG |
2980 | net_info_ratelimited("%s: dropped frame to %pM with bad link ID request (%d vs. %d)\n" , |
2981 | sdata->name, hdr.addr1, |
2982 | pre_conf_link_id, link_id); |
2983 | #endif |
2984 | ret = -EINVAL; |
2985 | goto free; |
2986 | } |
2987 | } |
2988 | |
2989 | info->control.flags = ctrl_flags; |
2990 | |
2991 | return skb; |
2992 | free: |
2993 | kfree_skb(skb); |
2994 | return ERR_PTR(error: ret); |
2995 | } |
2996 | |
2997 | /* |
2998 | * fast-xmit overview |
2999 | * |
3000 | * The core idea of this fast-xmit is to remove per-packet checks by checking |
3001 | * them out of band. ieee80211_check_fast_xmit() implements the out-of-band |
3002 | * checks that are needed to get the sta->fast_tx pointer assigned, after which |
3003 | * much less work can be done per packet. For example, fragmentation must be |
3004 | * disabled or the fast_tx pointer will not be set. All the conditions are seen |
3005 | * in the code here. |
3006 | * |
3007 | * Once assigned, the fast_tx data structure also caches the per-packet 802.11 |
3008 | * header and other data to aid packet processing in ieee80211_xmit_fast(). |
3009 | * |
3010 | * The most difficult part of this is that when any of these assumptions |
3011 | * change, an external trigger (i.e. a call to ieee80211_clear_fast_xmit(), |
3012 | * ieee80211_check_fast_xmit() or friends) is required to reset the data, |
3013 | * since the per-packet code no longer checks the conditions. This is reflected |
3014 | * by the calls to these functions throughout the rest of the code, and must be |
3015 | * maintained if any of the TX path checks change. |
3016 | */ |
3017 | |
3018 | void ieee80211_check_fast_xmit(struct sta_info *sta) |
3019 | { |
3020 | struct ieee80211_fast_tx build = {}, *fast_tx = NULL, *old; |
3021 | struct ieee80211_local *local = sta->local; |
3022 | struct ieee80211_sub_if_data *sdata = sta->sdata; |
3023 | struct ieee80211_hdr *hdr = (void *)build.hdr; |
3024 | struct ieee80211_chanctx_conf *chanctx_conf; |
3025 | __le16 fc; |
3026 | |
3027 | if (!ieee80211_hw_check(&local->hw, SUPPORT_FAST_XMIT)) |
3028 | return; |
3029 | |
3030 | if (ieee80211_vif_is_mesh(vif: &sdata->vif)) |
3031 | mesh_fast_tx_flush_sta(sdata, sta); |
3032 | |
3033 | /* Locking here protects both the pointer itself, and against concurrent |
3034 | * invocations winning data access races to, e.g., the key pointer that |
3035 | * is used. |
3036 | * Without it, the invocation of this function right after the key |
3037 | * pointer changes wouldn't be sufficient, as another CPU could access |
3038 | * the pointer, then stall, and then do the cache update after the CPU |
3039 | * that invalidated the key. |
3040 | * With the locking, such scenarios cannot happen as the check for the |
3041 | * key and the fast-tx assignment are done atomically, so the CPU that |
3042 | * modifies the key will either wait or other one will see the key |
3043 | * cleared/changed already. |
3044 | */ |
3045 | spin_lock_bh(lock: &sta->lock); |
3046 | if (ieee80211_hw_check(&local->hw, SUPPORTS_PS) && |
3047 | !ieee80211_hw_check(&local->hw, SUPPORTS_DYNAMIC_PS) && |
3048 | sdata->vif.type == NL80211_IFTYPE_STATION) |
3049 | goto out; |
3050 | |
3051 | if (!test_sta_flag(sta, flag: WLAN_STA_AUTHORIZED)) |
3052 | goto out; |
3053 | |
3054 | if (test_sta_flag(sta, flag: WLAN_STA_PS_STA) || |
3055 | test_sta_flag(sta, flag: WLAN_STA_PS_DRIVER) || |
3056 | test_sta_flag(sta, flag: WLAN_STA_PS_DELIVER) || |
3057 | test_sta_flag(sta, flag: WLAN_STA_CLEAR_PS_FILT)) |
3058 | goto out; |
3059 | |
3060 | if (sdata->noack_map) |
3061 | goto out; |
3062 | |
3063 | /* fast-xmit doesn't handle fragmentation at all */ |
3064 | if (local->hw.wiphy->frag_threshold != (u32)-1 && |
3065 | !ieee80211_hw_check(&local->hw, SUPPORTS_TX_FRAG)) |
3066 | goto out; |
3067 | |
3068 | if (!ieee80211_vif_is_mld(vif: &sdata->vif)) { |
3069 | rcu_read_lock(); |
3070 | chanctx_conf = |
3071 | rcu_dereference(sdata->vif.bss_conf.chanctx_conf); |
3072 | if (!chanctx_conf) { |
3073 | rcu_read_unlock(); |
3074 | goto out; |
3075 | } |
3076 | build.band = chanctx_conf->def.chan->band; |
3077 | rcu_read_unlock(); |
3078 | } else { |
3079 | /* MLD transmissions must not rely on the band */ |
3080 | build.band = 0; |
3081 | } |
3082 | |
3083 | fc = cpu_to_le16(IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA); |
3084 | |
3085 | switch (sdata->vif.type) { |
3086 | case NL80211_IFTYPE_ADHOC: |
3087 | /* DA SA BSSID */ |
3088 | build.da_offs = offsetof(struct ieee80211_hdr, addr1); |
3089 | build.sa_offs = offsetof(struct ieee80211_hdr, addr2); |
3090 | memcpy(hdr->addr3, sdata->u.ibss.bssid, ETH_ALEN); |
3091 | build.hdr_len = 24; |
3092 | break; |
3093 | case NL80211_IFTYPE_STATION: |
3094 | if (test_sta_flag(sta, flag: WLAN_STA_TDLS_PEER)) { |
3095 | /* For TDLS only one link can be valid with peer STA */ |
3096 | int tdls_link_id = sta->sta.valid_links ? |
3097 | __ffs(sta->sta.valid_links) : 0; |
3098 | struct ieee80211_link_data *link; |
3099 | |
3100 | /* DA SA BSSID */ |
3101 | build.da_offs = offsetof(struct ieee80211_hdr, addr1); |
3102 | build.sa_offs = offsetof(struct ieee80211_hdr, addr2); |
3103 | link = rcu_dereference(sdata->link[tdls_link_id]); |
3104 | if (WARN_ON_ONCE(!link)) |
3105 | break; |
3106 | memcpy(hdr->addr3, link->u.mgd.bssid, ETH_ALEN); |
3107 | build.hdr_len = 24; |
3108 | break; |
3109 | } |
3110 | |
3111 | if (sdata->u.mgd.use_4addr) { |
3112 | /* non-regular ethertype cannot use the fastpath */ |
3113 | fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS | |
3114 | IEEE80211_FCTL_TODS); |
3115 | /* RA TA DA SA */ |
3116 | memcpy(hdr->addr1, sdata->deflink.u.mgd.bssid, ETH_ALEN); |
3117 | memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN); |
3118 | build.da_offs = offsetof(struct ieee80211_hdr, addr3); |
3119 | build.sa_offs = offsetof(struct ieee80211_hdr, addr4); |
3120 | build.hdr_len = 30; |
3121 | break; |
3122 | } |
3123 | fc |= cpu_to_le16(IEEE80211_FCTL_TODS); |
3124 | /* BSSID SA DA */ |
3125 | memcpy(hdr->addr1, sdata->vif.cfg.ap_addr, ETH_ALEN); |
3126 | build.da_offs = offsetof(struct ieee80211_hdr, addr3); |
3127 | build.sa_offs = offsetof(struct ieee80211_hdr, addr2); |
3128 | build.hdr_len = 24; |
3129 | break; |
3130 | case NL80211_IFTYPE_AP_VLAN: |
3131 | if (sdata->wdev.use_4addr) { |
3132 | fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS | |
3133 | IEEE80211_FCTL_TODS); |
3134 | /* RA TA DA SA */ |
3135 | memcpy(hdr->addr1, sta->sta.addr, ETH_ALEN); |
3136 | memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN); |
3137 | build.da_offs = offsetof(struct ieee80211_hdr, addr3); |
3138 | build.sa_offs = offsetof(struct ieee80211_hdr, addr4); |
3139 | build.hdr_len = 30; |
3140 | break; |
3141 | } |
3142 | fallthrough; |
3143 | case NL80211_IFTYPE_AP: |
3144 | fc |= cpu_to_le16(IEEE80211_FCTL_FROMDS); |
3145 | /* DA BSSID SA */ |
3146 | build.da_offs = offsetof(struct ieee80211_hdr, addr1); |
3147 | if (sta->sta.mlo || !ieee80211_vif_is_mld(vif: &sdata->vif)) { |
3148 | memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN); |
3149 | } else { |
3150 | unsigned int link_id = sta->deflink.link_id; |
3151 | struct ieee80211_link_data *link; |
3152 | |
3153 | rcu_read_lock(); |
3154 | link = rcu_dereference(sdata->link[link_id]); |
3155 | if (WARN_ON(!link)) { |
3156 | rcu_read_unlock(); |
3157 | goto out; |
3158 | } |
3159 | memcpy(hdr->addr2, link->conf->addr, ETH_ALEN); |
3160 | rcu_read_unlock(); |
3161 | } |
3162 | build.sa_offs = offsetof(struct ieee80211_hdr, addr3); |
3163 | build.hdr_len = 24; |
3164 | break; |
3165 | default: |
3166 | /* not handled on fast-xmit */ |
3167 | goto out; |
3168 | } |
3169 | |
3170 | if (sta->sta.wme) { |
3171 | build.hdr_len += 2; |
3172 | fc |= cpu_to_le16(IEEE80211_STYPE_QOS_DATA); |
3173 | } |
3174 | |
3175 | /* We store the key here so there's no point in using rcu_dereference() |
3176 | * but that's fine because the code that changes the pointers will call |
3177 | * this function after doing so. For a single CPU that would be enough, |
3178 | * for multiple see the comment above. |
3179 | */ |
3180 | build.key = rcu_access_pointer(sta->ptk[sta->ptk_idx]); |
3181 | if (!build.key) |
3182 | build.key = rcu_access_pointer(sdata->default_unicast_key); |
3183 | if (build.key) { |
3184 | bool gen_iv, iv_spc, mmic; |
3185 | |
3186 | gen_iv = build.key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV; |
3187 | iv_spc = build.key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE; |
3188 | mmic = build.key->conf.flags & |
3189 | (IEEE80211_KEY_FLAG_GENERATE_MMIC | |
3190 | IEEE80211_KEY_FLAG_PUT_MIC_SPACE); |
3191 | |
3192 | /* don't handle software crypto */ |
3193 | if (!(build.key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) |
3194 | goto out; |
3195 | |
3196 | /* Key is being removed */ |
3197 | if (build.key->flags & KEY_FLAG_TAINTED) |
3198 | goto out; |
3199 | |
3200 | switch (build.key->conf.cipher) { |
3201 | case WLAN_CIPHER_SUITE_CCMP: |
3202 | case WLAN_CIPHER_SUITE_CCMP_256: |
3203 | if (gen_iv) |
3204 | build.pn_offs = build.hdr_len; |
3205 | if (gen_iv || iv_spc) |
3206 | build.hdr_len += IEEE80211_CCMP_HDR_LEN; |
3207 | break; |
3208 | case WLAN_CIPHER_SUITE_GCMP: |
3209 | case WLAN_CIPHER_SUITE_GCMP_256: |
3210 | if (gen_iv) |
3211 | build.pn_offs = build.hdr_len; |
3212 | if (gen_iv || iv_spc) |
3213 | build.hdr_len += IEEE80211_GCMP_HDR_LEN; |
3214 | break; |
3215 | case WLAN_CIPHER_SUITE_TKIP: |
3216 | /* cannot handle MMIC or IV generation in xmit-fast */ |
3217 | if (mmic || gen_iv) |
3218 | goto out; |
3219 | if (iv_spc) |
3220 | build.hdr_len += IEEE80211_TKIP_IV_LEN; |
3221 | break; |
3222 | case WLAN_CIPHER_SUITE_WEP40: |
3223 | case WLAN_CIPHER_SUITE_WEP104: |
3224 | /* cannot handle IV generation in fast-xmit */ |
3225 | if (gen_iv) |
3226 | goto out; |
3227 | if (iv_spc) |
3228 | build.hdr_len += IEEE80211_WEP_IV_LEN; |
3229 | break; |
3230 | case WLAN_CIPHER_SUITE_AES_CMAC: |
3231 | case WLAN_CIPHER_SUITE_BIP_CMAC_256: |
3232 | case WLAN_CIPHER_SUITE_BIP_GMAC_128: |
3233 | case WLAN_CIPHER_SUITE_BIP_GMAC_256: |
3234 | WARN(1, |
3235 | "management cipher suite 0x%x enabled for data\n" , |
3236 | build.key->conf.cipher); |
3237 | goto out; |
3238 | default: |
3239 | /* we don't know how to generate IVs for this at all */ |
3240 | if (WARN_ON(gen_iv)) |
3241 | goto out; |
3242 | } |
3243 | |
3244 | fc |= cpu_to_le16(IEEE80211_FCTL_PROTECTED); |
3245 | } |
3246 | |
3247 | hdr->frame_control = fc; |
3248 | |
3249 | memcpy(build.hdr + build.hdr_len, |
3250 | rfc1042_header, sizeof(rfc1042_header)); |
3251 | build.hdr_len += sizeof(rfc1042_header); |
3252 | |
3253 | fast_tx = kmemdup(p: &build, size: sizeof(build), GFP_ATOMIC); |
3254 | /* if the kmemdup fails, continue w/o fast_tx */ |
3255 | |
3256 | out: |
3257 | /* we might have raced against another call to this function */ |
3258 | old = rcu_dereference_protected(sta->fast_tx, |
3259 | lockdep_is_held(&sta->lock)); |
3260 | rcu_assign_pointer(sta->fast_tx, fast_tx); |
3261 | if (old) |
3262 | kfree_rcu(old, rcu_head); |
3263 | spin_unlock_bh(lock: &sta->lock); |
3264 | } |
3265 | |
3266 | void ieee80211_check_fast_xmit_all(struct ieee80211_local *local) |
3267 | { |
3268 | struct sta_info *sta; |
3269 | |
3270 | rcu_read_lock(); |
3271 | list_for_each_entry_rcu(sta, &local->sta_list, list) |
3272 | ieee80211_check_fast_xmit(sta); |
3273 | rcu_read_unlock(); |
3274 | } |
3275 | |
3276 | void ieee80211_check_fast_xmit_iface(struct ieee80211_sub_if_data *sdata) |
3277 | { |
3278 | struct ieee80211_local *local = sdata->local; |
3279 | struct sta_info *sta; |
3280 | |
3281 | rcu_read_lock(); |
3282 | |
3283 | list_for_each_entry_rcu(sta, &local->sta_list, list) { |
3284 | if (sdata != sta->sdata && |
3285 | (!sta->sdata->bss || sta->sdata->bss != sdata->bss)) |
3286 | continue; |
3287 | ieee80211_check_fast_xmit(sta); |
3288 | } |
3289 | |
3290 | rcu_read_unlock(); |
3291 | } |
3292 | |
3293 | void ieee80211_clear_fast_xmit(struct sta_info *sta) |
3294 | { |
3295 | struct ieee80211_fast_tx *fast_tx; |
3296 | |
3297 | spin_lock_bh(lock: &sta->lock); |
3298 | fast_tx = rcu_dereference_protected(sta->fast_tx, |
3299 | lockdep_is_held(&sta->lock)); |
3300 | RCU_INIT_POINTER(sta->fast_tx, NULL); |
3301 | spin_unlock_bh(lock: &sta->lock); |
3302 | |
3303 | if (fast_tx) |
3304 | kfree_rcu(fast_tx, rcu_head); |
3305 | } |
3306 | |
3307 | static bool ieee80211_amsdu_realloc_pad(struct ieee80211_local *local, |
3308 | struct sk_buff *skb, int headroom) |
3309 | { |
3310 | if (skb_headroom(skb) < headroom) { |
3311 | I802_DEBUG_INC(local->tx_expand_skb_head); |
3312 | |
3313 | if (pskb_expand_head(skb, nhead: headroom, ntail: 0, GFP_ATOMIC)) { |
3314 | wiphy_debug(local->hw.wiphy, |
3315 | "failed to reallocate TX buffer\n" ); |
3316 | return false; |
3317 | } |
3318 | } |
3319 | |
3320 | return true; |
3321 | } |
3322 | |
3323 | static bool ieee80211_amsdu_prepare_head(struct ieee80211_sub_if_data *sdata, |
3324 | struct ieee80211_fast_tx *fast_tx, |
3325 | struct sk_buff *skb) |
3326 | { |
3327 | struct ieee80211_local *local = sdata->local; |
3328 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
3329 | struct ieee80211_hdr *hdr; |
3330 | struct ethhdr *amsdu_hdr; |
3331 | int hdr_len = fast_tx->hdr_len - sizeof(rfc1042_header); |
3332 | int subframe_len = skb->len - hdr_len; |
3333 | void *data; |
3334 | u8 *qc, *h_80211_src, *h_80211_dst; |
3335 | const u8 *bssid; |
3336 | |
3337 | if (info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE) |
3338 | return false; |
3339 | |
3340 | if (info->control.flags & IEEE80211_TX_CTRL_AMSDU) |
3341 | return true; |
3342 | |
3343 | if (!ieee80211_amsdu_realloc_pad(local, skb, |
3344 | headroom: sizeof(*amsdu_hdr) + |
3345 | local->hw.extra_tx_headroom)) |
3346 | return false; |
3347 | |
3348 | data = skb_push(skb, len: sizeof(*amsdu_hdr)); |
3349 | memmove(data, data + sizeof(*amsdu_hdr), hdr_len); |
3350 | hdr = data; |
3351 | amsdu_hdr = data + hdr_len; |
3352 | /* h_80211_src/dst is addr* field within hdr */ |
3353 | h_80211_src = data + fast_tx->sa_offs; |
3354 | h_80211_dst = data + fast_tx->da_offs; |
3355 | |
3356 | amsdu_hdr->h_proto = cpu_to_be16(subframe_len); |
3357 | ether_addr_copy(dst: amsdu_hdr->h_source, src: h_80211_src); |
3358 | ether_addr_copy(dst: amsdu_hdr->h_dest, src: h_80211_dst); |
3359 | |
3360 | /* according to IEEE 802.11-2012 8.3.2 table 8-19, the outer SA/DA |
3361 | * fields needs to be changed to BSSID for A-MSDU frames depending |
3362 | * on FromDS/ToDS values. |
3363 | */ |
3364 | switch (sdata->vif.type) { |
3365 | case NL80211_IFTYPE_STATION: |
3366 | bssid = sdata->vif.cfg.ap_addr; |
3367 | break; |
3368 | case NL80211_IFTYPE_AP: |
3369 | case NL80211_IFTYPE_AP_VLAN: |
3370 | bssid = sdata->vif.addr; |
3371 | break; |
3372 | default: |
3373 | bssid = NULL; |
3374 | } |
3375 | |
3376 | if (bssid && ieee80211_has_fromds(fc: hdr->frame_control)) |
3377 | ether_addr_copy(dst: h_80211_src, src: bssid); |
3378 | |
3379 | if (bssid && ieee80211_has_tods(fc: hdr->frame_control)) |
3380 | ether_addr_copy(dst: h_80211_dst, src: bssid); |
3381 | |
3382 | qc = ieee80211_get_qos_ctl(hdr); |
3383 | *qc |= IEEE80211_QOS_CTL_A_MSDU_PRESENT; |
3384 | |
3385 | info->control.flags |= IEEE80211_TX_CTRL_AMSDU; |
3386 | |
3387 | return true; |
3388 | } |
3389 | |
3390 | static bool ieee80211_amsdu_aggregate(struct ieee80211_sub_if_data *sdata, |
3391 | struct sta_info *sta, |
3392 | struct ieee80211_fast_tx *fast_tx, |
3393 | struct sk_buff *skb, |
3394 | const u8 *da, const u8 *sa) |
3395 | { |
3396 | struct ieee80211_local *local = sdata->local; |
3397 | struct fq *fq = &local->fq; |
3398 | struct fq_tin *tin; |
3399 | struct fq_flow *flow; |
3400 | u8 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK; |
3401 | struct ieee80211_txq *txq = sta->sta.txq[tid]; |
3402 | struct txq_info *txqi; |
3403 | struct sk_buff **frag_tail, *head; |
3404 | int subframe_len = skb->len - ETH_ALEN; |
3405 | u8 max_subframes = sta->sta.max_amsdu_subframes; |
3406 | int max_frags = local->hw.max_tx_fragments; |
3407 | int max_amsdu_len = sta->sta.cur->max_amsdu_len; |
3408 | int orig_truesize; |
3409 | u32 flow_idx; |
3410 | __be16 len; |
3411 | void *data; |
3412 | bool ret = false; |
3413 | unsigned int orig_len; |
3414 | int n = 2, nfrags, pad = 0; |
3415 | u16 hdrlen; |
3416 | |
3417 | if (!ieee80211_hw_check(&local->hw, TX_AMSDU)) |
3418 | return false; |
3419 | |
3420 | if (sdata->vif.offload_flags & IEEE80211_OFFLOAD_ENCAP_ENABLED) |
3421 | return false; |
3422 | |
3423 | if (ieee80211_vif_is_mesh(vif: &sdata->vif)) |
3424 | return false; |
3425 | |
3426 | if (skb_is_gso(skb)) |
3427 | return false; |
3428 | |
3429 | if (!txq) |
3430 | return false; |
3431 | |
3432 | txqi = to_txq_info(txq); |
3433 | if (test_bit(IEEE80211_TXQ_NO_AMSDU, &txqi->flags)) |
3434 | return false; |
3435 | |
3436 | if (sta->sta.cur->max_rc_amsdu_len) |
3437 | max_amsdu_len = min_t(int, max_amsdu_len, |
3438 | sta->sta.cur->max_rc_amsdu_len); |
3439 | |
3440 | if (sta->sta.cur->max_tid_amsdu_len[tid]) |
3441 | max_amsdu_len = min_t(int, max_amsdu_len, |
3442 | sta->sta.cur->max_tid_amsdu_len[tid]); |
3443 | |
3444 | flow_idx = fq_flow_idx(fq, skb); |
3445 | |
3446 | spin_lock_bh(lock: &fq->lock); |
3447 | |
3448 | /* TODO: Ideally aggregation should be done on dequeue to remain |
3449 | * responsive to environment changes. |
3450 | */ |
3451 | |
3452 | tin = &txqi->tin; |
3453 | flow = fq_flow_classify(fq, tin, idx: flow_idx, skb); |
3454 | head = skb_peek_tail(list_: &flow->queue); |
3455 | if (!head || skb_is_gso(skb: head)) |
3456 | goto out; |
3457 | |
3458 | orig_truesize = head->truesize; |
3459 | orig_len = head->len; |
3460 | |
3461 | if (skb->len + head->len > max_amsdu_len) |
3462 | goto out; |
3463 | |
3464 | nfrags = 1 + skb_shinfo(skb)->nr_frags; |
3465 | nfrags += 1 + skb_shinfo(head)->nr_frags; |
3466 | frag_tail = &skb_shinfo(head)->frag_list; |
3467 | while (*frag_tail) { |
3468 | nfrags += 1 + skb_shinfo(*frag_tail)->nr_frags; |
3469 | frag_tail = &(*frag_tail)->next; |
3470 | n++; |
3471 | } |
3472 | |
3473 | if (max_subframes && n > max_subframes) |
3474 | goto out; |
3475 | |
3476 | if (max_frags && nfrags > max_frags) |
3477 | goto out; |
3478 | |
3479 | if (!drv_can_aggregate_in_amsdu(local, head, skb)) |
3480 | goto out; |
3481 | |
3482 | if (!ieee80211_amsdu_prepare_head(sdata, fast_tx, skb: head)) |
3483 | goto out; |
3484 | |
3485 | /* If n == 2, the "while (*frag_tail)" loop above didn't execute |
3486 | * and frag_tail should be &skb_shinfo(head)->frag_list. |
3487 | * However, ieee80211_amsdu_prepare_head() can reallocate it. |
3488 | * Reload frag_tail to have it pointing to the correct place. |
3489 | */ |
3490 | if (n == 2) |
3491 | frag_tail = &skb_shinfo(head)->frag_list; |
3492 | |
3493 | /* |
3494 | * Pad out the previous subframe to a multiple of 4 by adding the |
3495 | * padding to the next one, that's being added. Note that head->len |
3496 | * is the length of the full A-MSDU, but that works since each time |
3497 | * we add a new subframe we pad out the previous one to a multiple |
3498 | * of 4 and thus it no longer matters in the next round. |
3499 | */ |
3500 | hdrlen = fast_tx->hdr_len - sizeof(rfc1042_header); |
3501 | if ((head->len - hdrlen) & 3) |
3502 | pad = 4 - ((head->len - hdrlen) & 3); |
3503 | |
3504 | if (!ieee80211_amsdu_realloc_pad(local, skb, headroom: sizeof(rfc1042_header) + |
3505 | 2 + pad)) |
3506 | goto out_recalc; |
3507 | |
3508 | ret = true; |
3509 | data = skb_push(skb, ETH_ALEN + 2); |
3510 | ether_addr_copy(dst: data, src: da); |
3511 | ether_addr_copy(dst: data + ETH_ALEN, src: sa); |
3512 | |
3513 | data += 2 * ETH_ALEN; |
3514 | len = cpu_to_be16(subframe_len); |
3515 | memcpy(data, &len, 2); |
3516 | memcpy(data + 2, rfc1042_header, sizeof(rfc1042_header)); |
3517 | |
3518 | memset(skb_push(skb, pad), 0, pad); |
3519 | |
3520 | head->len += skb->len; |
3521 | head->data_len += skb->len; |
3522 | *frag_tail = skb; |
3523 | |
3524 | out_recalc: |
3525 | fq->memory_usage += head->truesize - orig_truesize; |
3526 | if (head->len != orig_len) { |
3527 | flow->backlog += head->len - orig_len; |
3528 | tin->backlog_bytes += head->len - orig_len; |
3529 | } |
3530 | out: |
3531 | spin_unlock_bh(lock: &fq->lock); |
3532 | |
3533 | return ret; |
3534 | } |
3535 | |
3536 | /* |
3537 | * Can be called while the sta lock is held. Anything that can cause packets to |
3538 | * be generated will cause deadlock! |
3539 | */ |
3540 | static ieee80211_tx_result |
3541 | ieee80211_xmit_fast_finish(struct ieee80211_sub_if_data *sdata, |
3542 | struct sta_info *sta, u8 pn_offs, |
3543 | struct ieee80211_key *key, |
3544 | struct ieee80211_tx_data *tx) |
3545 | { |
3546 | struct sk_buff *skb = tx->skb; |
3547 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
3548 | struct ieee80211_hdr *hdr = (void *)skb->data; |
3549 | u8 tid = IEEE80211_NUM_TIDS; |
3550 | |
3551 | if (!ieee80211_hw_check(&tx->local->hw, HAS_RATE_CONTROL) && |
3552 | ieee80211_tx_h_rate_ctrl(tx) != TX_CONTINUE) |
3553 | return TX_DROP; |
3554 | |
3555 | if (key) |
3556 | info->control.hw_key = &key->conf; |
3557 | |
3558 | dev_sw_netstats_tx_add(dev: skb->dev, packets: 1, len: skb->len); |
3559 | |
3560 | if (hdr->frame_control & cpu_to_le16(IEEE80211_STYPE_QOS_DATA)) { |
3561 | tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK; |
3562 | hdr->seq_ctrl = ieee80211_tx_next_seq(sta, tid); |
3563 | } else { |
3564 | info->flags |= IEEE80211_TX_CTL_ASSIGN_SEQ; |
3565 | hdr->seq_ctrl = cpu_to_le16(sdata->sequence_number); |
3566 | sdata->sequence_number += 0x10; |
3567 | } |
3568 | |
3569 | if (skb_shinfo(skb)->gso_size) |
3570 | sta->deflink.tx_stats.msdu[tid] += |
3571 | DIV_ROUND_UP(skb->len, skb_shinfo(skb)->gso_size); |
3572 | else |
3573 | sta->deflink.tx_stats.msdu[tid]++; |
3574 | |
3575 | info->hw_queue = sdata->vif.hw_queue[skb_get_queue_mapping(skb)]; |
3576 | |
3577 | /* statistics normally done by ieee80211_tx_h_stats (but that |
3578 | * has to consider fragmentation, so is more complex) |
3579 | */ |
3580 | sta->deflink.tx_stats.bytes[skb_get_queue_mapping(skb)] += skb->len; |
3581 | sta->deflink.tx_stats.packets[skb_get_queue_mapping(skb)]++; |
3582 | |
3583 | if (pn_offs) { |
3584 | u64 pn; |
3585 | u8 *crypto_hdr = skb->data + pn_offs; |
3586 | |
3587 | switch (key->conf.cipher) { |
3588 | case WLAN_CIPHER_SUITE_CCMP: |
3589 | case WLAN_CIPHER_SUITE_CCMP_256: |
3590 | case WLAN_CIPHER_SUITE_GCMP: |
3591 | case WLAN_CIPHER_SUITE_GCMP_256: |
3592 | pn = atomic64_inc_return(v: &key->conf.tx_pn); |
3593 | crypto_hdr[0] = pn; |
3594 | crypto_hdr[1] = pn >> 8; |
3595 | crypto_hdr[3] = 0x20 | (key->conf.keyidx << 6); |
3596 | crypto_hdr[4] = pn >> 16; |
3597 | crypto_hdr[5] = pn >> 24; |
3598 | crypto_hdr[6] = pn >> 32; |
3599 | crypto_hdr[7] = pn >> 40; |
3600 | break; |
3601 | } |
3602 | } |
3603 | |
3604 | return TX_CONTINUE; |
3605 | } |
3606 | |
3607 | static netdev_features_t |
3608 | ieee80211_sdata_netdev_features(struct ieee80211_sub_if_data *sdata) |
3609 | { |
3610 | if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN) |
3611 | return sdata->vif.netdev_features; |
3612 | |
3613 | if (!sdata->bss) |
3614 | return 0; |
3615 | |
3616 | sdata = container_of(sdata->bss, struct ieee80211_sub_if_data, u.ap); |
3617 | return sdata->vif.netdev_features; |
3618 | } |
3619 | |
3620 | static struct sk_buff * |
3621 | ieee80211_tx_skb_fixup(struct sk_buff *skb, netdev_features_t features) |
3622 | { |
3623 | if (skb_is_gso(skb)) { |
3624 | struct sk_buff *segs; |
3625 | |
3626 | segs = skb_gso_segment(skb, features); |
3627 | if (!segs) |
3628 | return skb; |
3629 | if (IS_ERR(ptr: segs)) |
3630 | goto free; |
3631 | |
3632 | consume_skb(skb); |
3633 | return segs; |
3634 | } |
3635 | |
3636 | if (skb_needs_linearize(skb, features) && __skb_linearize(skb)) |
3637 | goto free; |
3638 | |
3639 | if (skb->ip_summed == CHECKSUM_PARTIAL) { |
3640 | int ofs = skb_checksum_start_offset(skb); |
3641 | |
3642 | if (skb->encapsulation) |
3643 | skb_set_inner_transport_header(skb, offset: ofs); |
3644 | else |
3645 | skb_set_transport_header(skb, offset: ofs); |
3646 | |
3647 | if (skb_csum_hwoffload_help(skb, features)) |
3648 | goto free; |
3649 | } |
3650 | |
3651 | skb_mark_not_on_list(skb); |
3652 | return skb; |
3653 | |
3654 | free: |
3655 | kfree_skb(skb); |
3656 | return NULL; |
3657 | } |
3658 | |
3659 | void __ieee80211_xmit_fast(struct ieee80211_sub_if_data *sdata, |
3660 | struct sta_info *sta, |
3661 | struct ieee80211_fast_tx *fast_tx, |
3662 | struct sk_buff *skb, bool ampdu, |
3663 | const u8 *da, const u8 *sa) |
3664 | { |
3665 | struct ieee80211_local *local = sdata->local; |
3666 | struct ieee80211_hdr *hdr = (void *)fast_tx->hdr; |
3667 | struct ieee80211_tx_info *info; |
3668 | struct ieee80211_tx_data tx; |
3669 | ieee80211_tx_result r; |
3670 | int hw_headroom = sdata->local->hw.extra_tx_headroom; |
3671 | int = fast_tx->hdr_len - (ETH_HLEN - 2); |
3672 | |
3673 | skb = skb_share_check(skb, GFP_ATOMIC); |
3674 | if (unlikely(!skb)) |
3675 | return; |
3676 | |
3677 | if ((hdr->frame_control & cpu_to_le16(IEEE80211_STYPE_QOS_DATA)) && |
3678 | ieee80211_amsdu_aggregate(sdata, sta, fast_tx, skb, da, sa)) |
3679 | return; |
3680 | |
3681 | /* will not be crypto-handled beyond what we do here, so use false |
3682 | * as the may-encrypt argument for the resize to not account for |
3683 | * more room than we already have in 'extra_head' |
3684 | */ |
3685 | if (unlikely(ieee80211_skb_resize(sdata, skb, |
3686 | max_t(int, extra_head + hw_headroom - |
3687 | skb_headroom(skb), 0), |
3688 | ENCRYPT_NO))) |
3689 | goto free; |
3690 | |
3691 | hdr = skb_push(skb, len: extra_head); |
3692 | memcpy(skb->data, fast_tx->hdr, fast_tx->hdr_len); |
3693 | memcpy(skb->data + fast_tx->da_offs, da, ETH_ALEN); |
3694 | memcpy(skb->data + fast_tx->sa_offs, sa, ETH_ALEN); |
3695 | |
3696 | info = IEEE80211_SKB_CB(skb); |
3697 | memset(info, 0, sizeof(*info)); |
3698 | info->band = fast_tx->band; |
3699 | info->control.vif = &sdata->vif; |
3700 | info->flags = IEEE80211_TX_CTL_FIRST_FRAGMENT | |
3701 | IEEE80211_TX_CTL_DONTFRAG; |
3702 | info->control.flags = IEEE80211_TX_CTRL_FAST_XMIT | |
3703 | u32_encode_bits(IEEE80211_LINK_UNSPECIFIED, |
3704 | field: IEEE80211_TX_CTRL_MLO_LINK); |
3705 | |
3706 | #ifdef CONFIG_MAC80211_DEBUGFS |
3707 | if (local->force_tx_status) |
3708 | info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS; |
3709 | #endif |
3710 | |
3711 | if (hdr->frame_control & cpu_to_le16(IEEE80211_STYPE_QOS_DATA)) { |
3712 | u8 tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK; |
3713 | |
3714 | *ieee80211_get_qos_ctl(hdr) = tid; |
3715 | } |
3716 | |
3717 | __skb_queue_head_init(list: &tx.skbs); |
3718 | |
3719 | tx.flags = IEEE80211_TX_UNICAST; |
3720 | tx.local = local; |
3721 | tx.sdata = sdata; |
3722 | tx.sta = sta; |
3723 | tx.key = fast_tx->key; |
3724 | |
3725 | if (ieee80211_queue_skb(local, sdata, sta, skb)) |
3726 | return; |
3727 | |
3728 | tx.skb = skb; |
3729 | r = ieee80211_xmit_fast_finish(sdata, sta, pn_offs: fast_tx->pn_offs, |
3730 | key: fast_tx->key, tx: &tx); |
3731 | tx.skb = NULL; |
3732 | if (r == TX_DROP) |
3733 | goto free; |
3734 | |
3735 | if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) |
3736 | sdata = container_of(sdata->bss, |
3737 | struct ieee80211_sub_if_data, u.ap); |
3738 | |
3739 | __skb_queue_tail(list: &tx.skbs, newsk: skb); |
3740 | ieee80211_tx_frags(local, vif: &sdata->vif, sta, skbs: &tx.skbs, txpending: false); |
3741 | return; |
3742 | |
3743 | free: |
3744 | kfree_skb(skb); |
3745 | } |
3746 | |
3747 | static bool ieee80211_xmit_fast(struct ieee80211_sub_if_data *sdata, |
3748 | struct sta_info *sta, |
3749 | struct ieee80211_fast_tx *fast_tx, |
3750 | struct sk_buff *skb) |
3751 | { |
3752 | u16 ethertype = (skb->data[12] << 8) | skb->data[13]; |
3753 | struct ieee80211_hdr *hdr = (void *)fast_tx->hdr; |
3754 | struct tid_ampdu_tx *tid_tx = NULL; |
3755 | struct sk_buff *next; |
3756 | struct ethhdr eth; |
3757 | u8 tid = IEEE80211_NUM_TIDS; |
3758 | |
3759 | /* control port protocol needs a lot of special handling */ |
3760 | if (cpu_to_be16(ethertype) == sdata->control_port_protocol) |
3761 | return false; |
3762 | |
3763 | /* only RFC 1042 SNAP */ |
3764 | if (ethertype < ETH_P_802_3_MIN) |
3765 | return false; |
3766 | |
3767 | /* don't handle TX status request here either */ |
3768 | if (skb->sk && skb_shinfo(skb)->tx_flags & SKBTX_WIFI_STATUS) |
3769 | return false; |
3770 | |
3771 | if (hdr->frame_control & cpu_to_le16(IEEE80211_STYPE_QOS_DATA)) { |
3772 | tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK; |
3773 | tid_tx = rcu_dereference(sta->ampdu_mlme.tid_tx[tid]); |
3774 | if (tid_tx) { |
3775 | if (!test_bit(HT_AGG_STATE_OPERATIONAL, &tid_tx->state)) |
3776 | return false; |
3777 | if (tid_tx->timeout) |
3778 | tid_tx->last_tx = jiffies; |
3779 | } |
3780 | } |
3781 | |
3782 | memcpy(ð, skb->data, ETH_HLEN - 2); |
3783 | |
3784 | /* after this point (skb is modified) we cannot return false */ |
3785 | skb = ieee80211_tx_skb_fixup(skb, features: ieee80211_sdata_netdev_features(sdata)); |
3786 | if (!skb) |
3787 | return true; |
3788 | |
3789 | skb_list_walk_safe(skb, skb, next) { |
3790 | skb_mark_not_on_list(skb); |
3791 | __ieee80211_xmit_fast(sdata, sta, fast_tx, skb, ampdu: tid_tx, |
3792 | da: eth.h_dest, sa: eth.h_source); |
3793 | } |
3794 | |
3795 | return true; |
3796 | } |
3797 | |
3798 | struct sk_buff *ieee80211_tx_dequeue(struct ieee80211_hw *hw, |
3799 | struct ieee80211_txq *txq) |
3800 | { |
3801 | struct ieee80211_local *local = hw_to_local(hw); |
3802 | struct txq_info *txqi = container_of(txq, struct txq_info, txq); |
3803 | struct ieee80211_hdr *hdr; |
3804 | struct sk_buff *skb = NULL; |
3805 | struct fq *fq = &local->fq; |
3806 | struct fq_tin *tin = &txqi->tin; |
3807 | struct ieee80211_tx_info *info; |
3808 | struct ieee80211_tx_data tx; |
3809 | ieee80211_tx_result r; |
3810 | struct ieee80211_vif *vif = txq->vif; |
3811 | int q = vif->hw_queue[txq->ac]; |
3812 | unsigned long flags; |
3813 | bool q_stopped; |
3814 | |
3815 | WARN_ON_ONCE(softirq_count() == 0); |
3816 | |
3817 | if (!ieee80211_txq_airtime_check(hw, txq)) |
3818 | return NULL; |
3819 | |
3820 | begin: |
3821 | spin_lock_irqsave(&local->queue_stop_reason_lock, flags); |
3822 | q_stopped = local->queue_stop_reasons[q]; |
3823 | spin_unlock_irqrestore(lock: &local->queue_stop_reason_lock, flags); |
3824 | |
3825 | if (unlikely(q_stopped)) { |
3826 | /* mark for waking later */ |
3827 | set_bit(nr: IEEE80211_TXQ_DIRTY, addr: &txqi->flags); |
3828 | return NULL; |
3829 | } |
3830 | |
3831 | spin_lock_bh(lock: &fq->lock); |
3832 | |
3833 | /* Make sure fragments stay together. */ |
3834 | skb = __skb_dequeue(list: &txqi->frags); |
3835 | if (unlikely(skb)) { |
3836 | if (!(IEEE80211_SKB_CB(skb)->control.flags & |
3837 | IEEE80211_TX_INTCFL_NEED_TXPROCESSING)) |
3838 | goto out; |
3839 | IEEE80211_SKB_CB(skb)->control.flags &= |
3840 | ~IEEE80211_TX_INTCFL_NEED_TXPROCESSING; |
3841 | } else { |
3842 | if (unlikely(test_bit(IEEE80211_TXQ_STOP, &txqi->flags))) |
3843 | goto out; |
3844 | |
3845 | skb = fq_tin_dequeue(fq, tin, dequeue_func: fq_tin_dequeue_func); |
3846 | } |
3847 | |
3848 | if (!skb) |
3849 | goto out; |
3850 | |
3851 | spin_unlock_bh(lock: &fq->lock); |
3852 | |
3853 | hdr = (struct ieee80211_hdr *)skb->data; |
3854 | info = IEEE80211_SKB_CB(skb); |
3855 | |
3856 | memset(&tx, 0, sizeof(tx)); |
3857 | __skb_queue_head_init(list: &tx.skbs); |
3858 | tx.local = local; |
3859 | tx.skb = skb; |
3860 | tx.sdata = vif_to_sdata(p: info->control.vif); |
3861 | |
3862 | if (txq->sta) { |
3863 | tx.sta = container_of(txq->sta, struct sta_info, sta); |
3864 | /* |
3865 | * Drop unicast frames to unauthorised stations unless they are |
3866 | * injected frames or EAPOL frames from the local station. |
3867 | */ |
3868 | if (unlikely(!(info->flags & IEEE80211_TX_CTL_INJECTED) && |
3869 | ieee80211_is_data(hdr->frame_control) && |
3870 | !ieee80211_vif_is_mesh(&tx.sdata->vif) && |
3871 | tx.sdata->vif.type != NL80211_IFTYPE_OCB && |
3872 | !is_multicast_ether_addr(hdr->addr1) && |
3873 | !test_sta_flag(tx.sta, WLAN_STA_AUTHORIZED) && |
3874 | (!(info->control.flags & |
3875 | IEEE80211_TX_CTRL_PORT_CTRL_PROTO) || |
3876 | !ieee80211_is_our_addr(tx.sdata, hdr->addr2, |
3877 | NULL)))) { |
3878 | I802_DEBUG_INC(local->tx_handlers_drop_unauth_port); |
3879 | ieee80211_free_txskb(hw: &local->hw, skb); |
3880 | goto begin; |
3881 | } |
3882 | } |
3883 | |
3884 | /* |
3885 | * The key can be removed while the packet was queued, so need to call |
3886 | * this here to get the current key. |
3887 | */ |
3888 | r = ieee80211_tx_h_select_key(tx: &tx); |
3889 | if (r != TX_CONTINUE) { |
3890 | ieee80211_free_txskb(hw: &local->hw, skb); |
3891 | goto begin; |
3892 | } |
3893 | |
3894 | if (test_bit(IEEE80211_TXQ_AMPDU, &txqi->flags)) |
3895 | info->flags |= (IEEE80211_TX_CTL_AMPDU | |
3896 | IEEE80211_TX_CTL_DONTFRAG); |
3897 | |
3898 | if (info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP) { |
3899 | if (!ieee80211_hw_check(&local->hw, HAS_RATE_CONTROL)) { |
3900 | r = ieee80211_tx_h_rate_ctrl(tx: &tx); |
3901 | if (r != TX_CONTINUE) { |
3902 | ieee80211_free_txskb(hw: &local->hw, skb); |
3903 | goto begin; |
3904 | } |
3905 | } |
3906 | goto encap_out; |
3907 | } |
3908 | |
3909 | if (info->control.flags & IEEE80211_TX_CTRL_FAST_XMIT) { |
3910 | struct sta_info *sta = container_of(txq->sta, struct sta_info, |
3911 | sta); |
3912 | u8 pn_offs = 0; |
3913 | |
3914 | if (tx.key && |
3915 | (tx.key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) |
3916 | pn_offs = ieee80211_hdrlen(fc: hdr->frame_control); |
3917 | |
3918 | r = ieee80211_xmit_fast_finish(sdata: sta->sdata, sta, pn_offs, |
3919 | key: tx.key, tx: &tx); |
3920 | if (r != TX_CONTINUE) { |
3921 | ieee80211_free_txskb(hw: &local->hw, skb); |
3922 | goto begin; |
3923 | } |
3924 | } else { |
3925 | if (invoke_tx_handlers_late(tx: &tx)) |
3926 | goto begin; |
3927 | |
3928 | skb = __skb_dequeue(list: &tx.skbs); |
3929 | |
3930 | if (!skb_queue_empty(list: &tx.skbs)) { |
3931 | spin_lock_bh(lock: &fq->lock); |
3932 | skb_queue_splice_tail(list: &tx.skbs, head: &txqi->frags); |
3933 | spin_unlock_bh(lock: &fq->lock); |
3934 | } |
3935 | } |
3936 | |
3937 | if (skb_has_frag_list(skb) && |
3938 | !ieee80211_hw_check(&local->hw, TX_FRAG_LIST)) { |
3939 | if (skb_linearize(skb)) { |
3940 | ieee80211_free_txskb(hw: &local->hw, skb); |
3941 | goto begin; |
3942 | } |
3943 | } |
3944 | |
3945 | switch (tx.sdata->vif.type) { |
3946 | case NL80211_IFTYPE_MONITOR: |
3947 | if (tx.sdata->u.mntr.flags & MONITOR_FLAG_ACTIVE) { |
3948 | vif = &tx.sdata->vif; |
3949 | break; |
3950 | } |
3951 | tx.sdata = rcu_dereference(local->monitor_sdata); |
3952 | if (tx.sdata) { |
3953 | vif = &tx.sdata->vif; |
3954 | info->hw_queue = |
3955 | vif->hw_queue[skb_get_queue_mapping(skb)]; |
3956 | } else if (ieee80211_hw_check(&local->hw, QUEUE_CONTROL)) { |
3957 | ieee80211_free_txskb(hw: &local->hw, skb); |
3958 | goto begin; |
3959 | } else { |
3960 | vif = NULL; |
3961 | } |
3962 | break; |
3963 | case NL80211_IFTYPE_AP_VLAN: |
3964 | tx.sdata = container_of(tx.sdata->bss, |
3965 | struct ieee80211_sub_if_data, u.ap); |
3966 | fallthrough; |
3967 | default: |
3968 | vif = &tx.sdata->vif; |
3969 | break; |
3970 | } |
3971 | |
3972 | encap_out: |
3973 | IEEE80211_SKB_CB(skb)->control.vif = vif; |
3974 | |
3975 | if (tx.sta && |
3976 | wiphy_ext_feature_isset(wiphy: local->hw.wiphy, ftidx: NL80211_EXT_FEATURE_AQL)) { |
3977 | bool ampdu = txq->ac != IEEE80211_AC_VO; |
3978 | u32 airtime; |
3979 | |
3980 | airtime = ieee80211_calc_expected_tx_airtime(hw, vif, pubsta: txq->sta, |
3981 | len: skb->len, ampdu); |
3982 | if (airtime) { |
3983 | airtime = ieee80211_info_set_tx_time_est(info, tx_time_est: airtime); |
3984 | ieee80211_sta_update_pending_airtime(local, sta: tx.sta, |
3985 | ac: txq->ac, |
3986 | tx_airtime: airtime, |
3987 | tx_completed: false); |
3988 | } |
3989 | } |
3990 | |
3991 | return skb; |
3992 | |
3993 | out: |
3994 | spin_unlock_bh(lock: &fq->lock); |
3995 | |
3996 | return skb; |
3997 | } |
3998 | EXPORT_SYMBOL(ieee80211_tx_dequeue); |
3999 | |
4000 | static inline s32 ieee80211_sta_deficit(struct sta_info *sta, u8 ac) |
4001 | { |
4002 | struct airtime_info *air_info = &sta->airtime[ac]; |
4003 | |
4004 | return air_info->deficit - atomic_read(v: &air_info->aql_tx_pending); |
4005 | } |
4006 | |
4007 | static void |
4008 | ieee80211_txq_set_active(struct txq_info *txqi) |
4009 | { |
4010 | struct sta_info *sta; |
4011 | |
4012 | if (!txqi->txq.sta) |
4013 | return; |
4014 | |
4015 | sta = container_of(txqi->txq.sta, struct sta_info, sta); |
4016 | sta->airtime[txqi->txq.ac].last_active = (u32)jiffies; |
4017 | } |
4018 | |
4019 | static bool |
4020 | ieee80211_txq_keep_active(struct txq_info *txqi) |
4021 | { |
4022 | struct sta_info *sta; |
4023 | u32 diff; |
4024 | |
4025 | if (!txqi->txq.sta) |
4026 | return false; |
4027 | |
4028 | sta = container_of(txqi->txq.sta, struct sta_info, sta); |
4029 | if (ieee80211_sta_deficit(sta, ac: txqi->txq.ac) >= 0) |
4030 | return false; |
4031 | |
4032 | diff = (u32)jiffies - sta->airtime[txqi->txq.ac].last_active; |
4033 | |
4034 | return diff <= AIRTIME_ACTIVE_DURATION; |
4035 | } |
4036 | |
4037 | struct ieee80211_txq *ieee80211_next_txq(struct ieee80211_hw *hw, u8 ac) |
4038 | { |
4039 | struct ieee80211_local *local = hw_to_local(hw); |
4040 | struct ieee80211_txq *ret = NULL; |
4041 | struct txq_info *txqi = NULL, *head = NULL; |
4042 | bool found_eligible_txq = false; |
4043 | |
4044 | spin_lock_bh(lock: &local->active_txq_lock[ac]); |
4045 | |
4046 | if (!local->schedule_round[ac]) |
4047 | goto out; |
4048 | |
4049 | begin: |
4050 | txqi = list_first_entry_or_null(&local->active_txqs[ac], |
4051 | struct txq_info, |
4052 | schedule_order); |
4053 | if (!txqi) |
4054 | goto out; |
4055 | |
4056 | if (txqi == head) { |
4057 | if (!found_eligible_txq) |
4058 | goto out; |
4059 | else |
4060 | found_eligible_txq = false; |
4061 | } |
4062 | |
4063 | if (!head) |
4064 | head = txqi; |
4065 | |
4066 | if (txqi->txq.sta) { |
4067 | struct sta_info *sta = container_of(txqi->txq.sta, |
4068 | struct sta_info, sta); |
4069 | bool aql_check = ieee80211_txq_airtime_check(hw, txq: &txqi->txq); |
4070 | s32 deficit = ieee80211_sta_deficit(sta, ac: txqi->txq.ac); |
4071 | |
4072 | if (aql_check) |
4073 | found_eligible_txq = true; |
4074 | |
4075 | if (deficit < 0) |
4076 | sta->airtime[txqi->txq.ac].deficit += |
4077 | sta->airtime_weight; |
4078 | |
4079 | if (deficit < 0 || !aql_check) { |
4080 | list_move_tail(list: &txqi->schedule_order, |
4081 | head: &local->active_txqs[txqi->txq.ac]); |
4082 | goto begin; |
4083 | } |
4084 | } |
4085 | |
4086 | if (txqi->schedule_round == local->schedule_round[ac]) |
4087 | goto out; |
4088 | |
4089 | list_del_init(entry: &txqi->schedule_order); |
4090 | txqi->schedule_round = local->schedule_round[ac]; |
4091 | ret = &txqi->txq; |
4092 | |
4093 | out: |
4094 | spin_unlock_bh(lock: &local->active_txq_lock[ac]); |
4095 | return ret; |
4096 | } |
4097 | EXPORT_SYMBOL(ieee80211_next_txq); |
4098 | |
4099 | void __ieee80211_schedule_txq(struct ieee80211_hw *hw, |
4100 | struct ieee80211_txq *txq, |
4101 | bool force) |
4102 | { |
4103 | struct ieee80211_local *local = hw_to_local(hw); |
4104 | struct txq_info *txqi = to_txq_info(txq); |
4105 | bool has_queue; |
4106 | |
4107 | spin_lock_bh(lock: &local->active_txq_lock[txq->ac]); |
4108 | |
4109 | has_queue = force || txq_has_queue(txq); |
4110 | if (list_empty(head: &txqi->schedule_order) && |
4111 | (has_queue || ieee80211_txq_keep_active(txqi))) { |
4112 | /* If airtime accounting is active, always enqueue STAs at the |
4113 | * head of the list to ensure that they only get moved to the |
4114 | * back by the airtime DRR scheduler once they have a negative |
4115 | * deficit. A station that already has a negative deficit will |
4116 | * get immediately moved to the back of the list on the next |
4117 | * call to ieee80211_next_txq(). |
4118 | */ |
4119 | if (txqi->txq.sta && local->airtime_flags && has_queue && |
4120 | wiphy_ext_feature_isset(wiphy: local->hw.wiphy, |
4121 | ftidx: NL80211_EXT_FEATURE_AIRTIME_FAIRNESS)) |
4122 | list_add(new: &txqi->schedule_order, |
4123 | head: &local->active_txqs[txq->ac]); |
4124 | else |
4125 | list_add_tail(new: &txqi->schedule_order, |
4126 | head: &local->active_txqs[txq->ac]); |
4127 | if (has_queue) |
4128 | ieee80211_txq_set_active(txqi); |
4129 | } |
4130 | |
4131 | spin_unlock_bh(lock: &local->active_txq_lock[txq->ac]); |
4132 | } |
4133 | EXPORT_SYMBOL(__ieee80211_schedule_txq); |
4134 | |
4135 | DEFINE_STATIC_KEY_FALSE(aql_disable); |
4136 | |
4137 | bool ieee80211_txq_airtime_check(struct ieee80211_hw *hw, |
4138 | struct ieee80211_txq *txq) |
4139 | { |
4140 | struct sta_info *sta; |
4141 | struct ieee80211_local *local = hw_to_local(hw); |
4142 | |
4143 | if (!wiphy_ext_feature_isset(wiphy: local->hw.wiphy, ftidx: NL80211_EXT_FEATURE_AQL)) |
4144 | return true; |
4145 | |
4146 | if (static_branch_unlikely(&aql_disable)) |
4147 | return true; |
4148 | |
4149 | if (!txq->sta) |
4150 | return true; |
4151 | |
4152 | if (unlikely(txq->tid == IEEE80211_NUM_TIDS)) |
4153 | return true; |
4154 | |
4155 | sta = container_of(txq->sta, struct sta_info, sta); |
4156 | if (atomic_read(v: &sta->airtime[txq->ac].aql_tx_pending) < |
4157 | sta->airtime[txq->ac].aql_limit_low) |
4158 | return true; |
4159 | |
4160 | if (atomic_read(v: &local->aql_total_pending_airtime) < |
4161 | local->aql_threshold && |
4162 | atomic_read(v: &sta->airtime[txq->ac].aql_tx_pending) < |
4163 | sta->airtime[txq->ac].aql_limit_high) |
4164 | return true; |
4165 | |
4166 | return false; |
4167 | } |
4168 | EXPORT_SYMBOL(ieee80211_txq_airtime_check); |
4169 | |
4170 | static bool |
4171 | ieee80211_txq_schedule_airtime_check(struct ieee80211_local *local, u8 ac) |
4172 | { |
4173 | unsigned int num_txq = 0; |
4174 | struct txq_info *txq; |
4175 | u32 aql_limit; |
4176 | |
4177 | if (!wiphy_ext_feature_isset(wiphy: local->hw.wiphy, ftidx: NL80211_EXT_FEATURE_AQL)) |
4178 | return true; |
4179 | |
4180 | list_for_each_entry(txq, &local->active_txqs[ac], schedule_order) |
4181 | num_txq++; |
4182 | |
4183 | aql_limit = (num_txq - 1) * local->aql_txq_limit_low[ac] / 2 + |
4184 | local->aql_txq_limit_high[ac]; |
4185 | |
4186 | return atomic_read(v: &local->aql_ac_pending_airtime[ac]) < aql_limit; |
4187 | } |
4188 | |
4189 | bool ieee80211_txq_may_transmit(struct ieee80211_hw *hw, |
4190 | struct ieee80211_txq *txq) |
4191 | { |
4192 | struct ieee80211_local *local = hw_to_local(hw); |
4193 | struct txq_info *iter, *tmp, *txqi = to_txq_info(txq); |
4194 | struct sta_info *sta; |
4195 | u8 ac = txq->ac; |
4196 | |
4197 | spin_lock_bh(lock: &local->active_txq_lock[ac]); |
4198 | |
4199 | if (!txqi->txq.sta) |
4200 | goto out; |
4201 | |
4202 | if (list_empty(head: &txqi->schedule_order)) |
4203 | goto out; |
4204 | |
4205 | if (!ieee80211_txq_schedule_airtime_check(local, ac)) |
4206 | goto out; |
4207 | |
4208 | list_for_each_entry_safe(iter, tmp, &local->active_txqs[ac], |
4209 | schedule_order) { |
4210 | if (iter == txqi) |
4211 | break; |
4212 | |
4213 | if (!iter->txq.sta) { |
4214 | list_move_tail(list: &iter->schedule_order, |
4215 | head: &local->active_txqs[ac]); |
4216 | continue; |
4217 | } |
4218 | sta = container_of(iter->txq.sta, struct sta_info, sta); |
4219 | if (ieee80211_sta_deficit(sta, ac) < 0) |
4220 | sta->airtime[ac].deficit += sta->airtime_weight; |
4221 | list_move_tail(list: &iter->schedule_order, head: &local->active_txqs[ac]); |
4222 | } |
4223 | |
4224 | sta = container_of(txqi->txq.sta, struct sta_info, sta); |
4225 | if (sta->airtime[ac].deficit >= 0) |
4226 | goto out; |
4227 | |
4228 | sta->airtime[ac].deficit += sta->airtime_weight; |
4229 | list_move_tail(list: &txqi->schedule_order, head: &local->active_txqs[ac]); |
4230 | spin_unlock_bh(lock: &local->active_txq_lock[ac]); |
4231 | |
4232 | return false; |
4233 | out: |
4234 | if (!list_empty(head: &txqi->schedule_order)) |
4235 | list_del_init(entry: &txqi->schedule_order); |
4236 | spin_unlock_bh(lock: &local->active_txq_lock[ac]); |
4237 | |
4238 | return true; |
4239 | } |
4240 | EXPORT_SYMBOL(ieee80211_txq_may_transmit); |
4241 | |
4242 | void ieee80211_txq_schedule_start(struct ieee80211_hw *hw, u8 ac) |
4243 | { |
4244 | struct ieee80211_local *local = hw_to_local(hw); |
4245 | |
4246 | spin_lock_bh(lock: &local->active_txq_lock[ac]); |
4247 | |
4248 | if (ieee80211_txq_schedule_airtime_check(local, ac)) { |
4249 | local->schedule_round[ac]++; |
4250 | if (!local->schedule_round[ac]) |
4251 | local->schedule_round[ac]++; |
4252 | } else { |
4253 | local->schedule_round[ac] = 0; |
4254 | } |
4255 | |
4256 | spin_unlock_bh(lock: &local->active_txq_lock[ac]); |
4257 | } |
4258 | EXPORT_SYMBOL(ieee80211_txq_schedule_start); |
4259 | |
4260 | void __ieee80211_subif_start_xmit(struct sk_buff *skb, |
4261 | struct net_device *dev, |
4262 | u32 info_flags, |
4263 | u32 ctrl_flags, |
4264 | u64 *cookie) |
4265 | { |
4266 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
4267 | struct ieee80211_local *local = sdata->local; |
4268 | struct sta_info *sta; |
4269 | struct sk_buff *next; |
4270 | int len = skb->len; |
4271 | |
4272 | if (unlikely(!ieee80211_sdata_running(sdata) || skb->len < ETH_HLEN)) { |
4273 | kfree_skb(skb); |
4274 | return; |
4275 | } |
4276 | |
4277 | sk_pacing_shift_update(sk: skb->sk, val: sdata->local->hw.tx_sk_pacing_shift); |
4278 | |
4279 | rcu_read_lock(); |
4280 | |
4281 | if (ieee80211_vif_is_mesh(vif: &sdata->vif) && |
4282 | ieee80211_hw_check(&local->hw, SUPPORT_FAST_XMIT) && |
4283 | ieee80211_mesh_xmit_fast(sdata, skb, ctrl_flags)) |
4284 | goto out; |
4285 | |
4286 | if (ieee80211_lookup_ra_sta(sdata, skb, sta_out: &sta)) |
4287 | goto out_free; |
4288 | |
4289 | if (IS_ERR(ptr: sta)) |
4290 | sta = NULL; |
4291 | |
4292 | skb_set_queue_mapping(skb, queue_mapping: ieee80211_select_queue(sdata, sta, skb)); |
4293 | ieee80211_aggr_check(sdata, sta, skb); |
4294 | |
4295 | if (sta) { |
4296 | struct ieee80211_fast_tx *fast_tx; |
4297 | |
4298 | fast_tx = rcu_dereference(sta->fast_tx); |
4299 | |
4300 | if (fast_tx && |
4301 | ieee80211_xmit_fast(sdata, sta, fast_tx, skb)) |
4302 | goto out; |
4303 | } |
4304 | |
4305 | /* the frame could be fragmented, software-encrypted, and other |
4306 | * things so we cannot really handle checksum or GSO offload. |
4307 | * fix it up in software before we handle anything else. |
4308 | */ |
4309 | skb = ieee80211_tx_skb_fixup(skb, features: 0); |
4310 | if (!skb) { |
4311 | len = 0; |
4312 | goto out; |
4313 | } |
4314 | |
4315 | skb_list_walk_safe(skb, skb, next) { |
4316 | skb_mark_not_on_list(skb); |
4317 | |
4318 | if (skb->protocol == sdata->control_port_protocol) |
4319 | ctrl_flags |= IEEE80211_TX_CTRL_SKIP_MPATH_LOOKUP; |
4320 | |
4321 | skb = ieee80211_build_hdr(sdata, skb, info_flags, |
4322 | sta, ctrl_flags, cookie); |
4323 | if (IS_ERR(ptr: skb)) { |
4324 | kfree_skb_list(segs: next); |
4325 | goto out; |
4326 | } |
4327 | |
4328 | dev_sw_netstats_tx_add(dev, packets: 1, len: skb->len); |
4329 | |
4330 | ieee80211_xmit(sdata, sta, skb); |
4331 | } |
4332 | goto out; |
4333 | out_free: |
4334 | kfree_skb(skb); |
4335 | len = 0; |
4336 | out: |
4337 | if (len) |
4338 | ieee80211_tpt_led_trig_tx(local, bytes: len); |
4339 | rcu_read_unlock(); |
4340 | } |
4341 | |
4342 | static int ieee80211_change_da(struct sk_buff *skb, struct sta_info *sta) |
4343 | { |
4344 | struct ethhdr *eth; |
4345 | int err; |
4346 | |
4347 | err = skb_ensure_writable(skb, ETH_HLEN); |
4348 | if (unlikely(err)) |
4349 | return err; |
4350 | |
4351 | eth = (void *)skb->data; |
4352 | ether_addr_copy(dst: eth->h_dest, src: sta->sta.addr); |
4353 | |
4354 | return 0; |
4355 | } |
4356 | |
4357 | static bool ieee80211_multicast_to_unicast(struct sk_buff *skb, |
4358 | struct net_device *dev) |
4359 | { |
4360 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
4361 | const struct ethhdr *eth = (void *)skb->data; |
4362 | const struct vlan_ethhdr *ethvlan = (void *)skb->data; |
4363 | __be16 ethertype; |
4364 | |
4365 | switch (sdata->vif.type) { |
4366 | case NL80211_IFTYPE_AP_VLAN: |
4367 | if (sdata->u.vlan.sta) |
4368 | return false; |
4369 | if (sdata->wdev.use_4addr) |
4370 | return false; |
4371 | fallthrough; |
4372 | case NL80211_IFTYPE_AP: |
4373 | /* check runtime toggle for this bss */ |
4374 | if (!sdata->bss->multicast_to_unicast) |
4375 | return false; |
4376 | break; |
4377 | default: |
4378 | return false; |
4379 | } |
4380 | |
4381 | /* multicast to unicast conversion only for some payload */ |
4382 | ethertype = eth->h_proto; |
4383 | if (ethertype == htons(ETH_P_8021Q) && skb->len >= VLAN_ETH_HLEN) |
4384 | ethertype = ethvlan->h_vlan_encapsulated_proto; |
4385 | switch (ethertype) { |
4386 | case htons(ETH_P_ARP): |
4387 | case htons(ETH_P_IP): |
4388 | case htons(ETH_P_IPV6): |
4389 | break; |
4390 | default: |
4391 | return false; |
4392 | } |
4393 | |
4394 | return true; |
4395 | } |
4396 | |
4397 | static void |
4398 | ieee80211_convert_to_unicast(struct sk_buff *skb, struct net_device *dev, |
4399 | struct sk_buff_head *queue) |
4400 | { |
4401 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
4402 | struct ieee80211_local *local = sdata->local; |
4403 | const struct ethhdr *eth = (struct ethhdr *)skb->data; |
4404 | struct sta_info *sta, *first = NULL; |
4405 | struct sk_buff *cloned_skb; |
4406 | |
4407 | rcu_read_lock(); |
4408 | |
4409 | list_for_each_entry_rcu(sta, &local->sta_list, list) { |
4410 | if (sdata != sta->sdata) |
4411 | /* AP-VLAN mismatch */ |
4412 | continue; |
4413 | if (unlikely(ether_addr_equal(eth->h_source, sta->sta.addr))) |
4414 | /* do not send back to source */ |
4415 | continue; |
4416 | if (!first) { |
4417 | first = sta; |
4418 | continue; |
4419 | } |
4420 | cloned_skb = skb_clone(skb, GFP_ATOMIC); |
4421 | if (!cloned_skb) |
4422 | goto multicast; |
4423 | if (unlikely(ieee80211_change_da(cloned_skb, sta))) { |
4424 | dev_kfree_skb(cloned_skb); |
4425 | goto multicast; |
4426 | } |
4427 | __skb_queue_tail(list: queue, newsk: cloned_skb); |
4428 | } |
4429 | |
4430 | if (likely(first)) { |
4431 | if (unlikely(ieee80211_change_da(skb, first))) |
4432 | goto multicast; |
4433 | __skb_queue_tail(list: queue, newsk: skb); |
4434 | } else { |
4435 | /* no STA connected, drop */ |
4436 | kfree_skb(skb); |
4437 | skb = NULL; |
4438 | } |
4439 | |
4440 | goto out; |
4441 | multicast: |
4442 | __skb_queue_purge(list: queue); |
4443 | __skb_queue_tail(list: queue, newsk: skb); |
4444 | out: |
4445 | rcu_read_unlock(); |
4446 | } |
4447 | |
4448 | static void ieee80211_mlo_multicast_tx_one(struct ieee80211_sub_if_data *sdata, |
4449 | struct sk_buff *skb, u32 ctrl_flags, |
4450 | unsigned int link_id) |
4451 | { |
4452 | struct sk_buff *out; |
4453 | |
4454 | out = skb_copy(skb, GFP_ATOMIC); |
4455 | if (!out) |
4456 | return; |
4457 | |
4458 | ctrl_flags |= u32_encode_bits(v: link_id, field: IEEE80211_TX_CTRL_MLO_LINK); |
4459 | __ieee80211_subif_start_xmit(skb: out, dev: sdata->dev, info_flags: 0, ctrl_flags, NULL); |
4460 | } |
4461 | |
4462 | static void ieee80211_mlo_multicast_tx(struct net_device *dev, |
4463 | struct sk_buff *skb) |
4464 | { |
4465 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
4466 | unsigned long links = sdata->vif.active_links; |
4467 | unsigned int link; |
4468 | u32 ctrl_flags = IEEE80211_TX_CTRL_MCAST_MLO_FIRST_TX; |
4469 | |
4470 | if (hweight16(links) == 1) { |
4471 | ctrl_flags |= u32_encode_bits(__ffs(links), |
4472 | field: IEEE80211_TX_CTRL_MLO_LINK); |
4473 | |
4474 | __ieee80211_subif_start_xmit(skb, dev: sdata->dev, info_flags: 0, ctrl_flags, |
4475 | NULL); |
4476 | return; |
4477 | } |
4478 | |
4479 | for_each_set_bit(link, &links, IEEE80211_MLD_MAX_NUM_LINKS) { |
4480 | ieee80211_mlo_multicast_tx_one(sdata, skb, ctrl_flags, link_id: link); |
4481 | ctrl_flags = 0; |
4482 | } |
4483 | kfree_skb(skb); |
4484 | } |
4485 | |
4486 | /** |
4487 | * ieee80211_subif_start_xmit - netif start_xmit function for 802.3 vifs |
4488 | * @skb: packet to be sent |
4489 | * @dev: incoming interface |
4490 | * |
4491 | * On failure skb will be freed. |
4492 | * |
4493 | * Returns: the netdev TX status (but really only %NETDEV_TX_OK) |
4494 | */ |
4495 | netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb, |
4496 | struct net_device *dev) |
4497 | { |
4498 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
4499 | const struct ethhdr *eth = (void *)skb->data; |
4500 | |
4501 | if (likely(!is_multicast_ether_addr(eth->h_dest))) |
4502 | goto normal; |
4503 | |
4504 | if (unlikely(!ieee80211_sdata_running(sdata))) { |
4505 | kfree_skb(skb); |
4506 | return NETDEV_TX_OK; |
4507 | } |
4508 | |
4509 | if (unlikely(ieee80211_multicast_to_unicast(skb, dev))) { |
4510 | struct sk_buff_head queue; |
4511 | |
4512 | __skb_queue_head_init(list: &queue); |
4513 | ieee80211_convert_to_unicast(skb, dev, queue: &queue); |
4514 | while ((skb = __skb_dequeue(list: &queue))) |
4515 | __ieee80211_subif_start_xmit(skb, dev, info_flags: 0, |
4516 | IEEE80211_TX_CTRL_MLO_LINK_UNSPEC, |
4517 | NULL); |
4518 | } else if (ieee80211_vif_is_mld(vif: &sdata->vif) && |
4519 | sdata->vif.type == NL80211_IFTYPE_AP && |
4520 | !ieee80211_hw_check(&sdata->local->hw, MLO_MCAST_MULTI_LINK_TX)) { |
4521 | ieee80211_mlo_multicast_tx(dev, skb); |
4522 | } else { |
4523 | normal: |
4524 | __ieee80211_subif_start_xmit(skb, dev, info_flags: 0, |
4525 | IEEE80211_TX_CTRL_MLO_LINK_UNSPEC, |
4526 | NULL); |
4527 | } |
4528 | |
4529 | return NETDEV_TX_OK; |
4530 | } |
4531 | |
4532 | |
4533 | |
4534 | static bool __ieee80211_tx_8023(struct ieee80211_sub_if_data *sdata, |
4535 | struct sk_buff *skb, struct sta_info *sta, |
4536 | bool txpending) |
4537 | { |
4538 | struct ieee80211_local *local = sdata->local; |
4539 | struct ieee80211_tx_control control = {}; |
4540 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
4541 | struct ieee80211_sta *pubsta = NULL; |
4542 | unsigned long flags; |
4543 | int q = info->hw_queue; |
4544 | |
4545 | spin_lock_irqsave(&local->queue_stop_reason_lock, flags); |
4546 | |
4547 | if (local->queue_stop_reasons[q] || |
4548 | (!txpending && !skb_queue_empty(list: &local->pending[q]))) { |
4549 | if (txpending) |
4550 | skb_queue_head(list: &local->pending[q], newsk: skb); |
4551 | else |
4552 | skb_queue_tail(list: &local->pending[q], newsk: skb); |
4553 | |
4554 | spin_unlock_irqrestore(lock: &local->queue_stop_reason_lock, flags); |
4555 | |
4556 | return false; |
4557 | } |
4558 | |
4559 | spin_unlock_irqrestore(lock: &local->queue_stop_reason_lock, flags); |
4560 | |
4561 | if (sta && sta->uploaded) |
4562 | pubsta = &sta->sta; |
4563 | |
4564 | control.sta = pubsta; |
4565 | |
4566 | drv_tx(local, control: &control, skb); |
4567 | |
4568 | return true; |
4569 | } |
4570 | |
4571 | static bool ieee80211_tx_8023(struct ieee80211_sub_if_data *sdata, |
4572 | struct sk_buff *skb, struct sta_info *sta, |
4573 | bool txpending) |
4574 | { |
4575 | struct ieee80211_local *local = sdata->local; |
4576 | struct sk_buff *next; |
4577 | bool ret = true; |
4578 | |
4579 | if (ieee80211_queue_skb(local, sdata, sta, skb)) |
4580 | return true; |
4581 | |
4582 | skb_list_walk_safe(skb, skb, next) { |
4583 | skb_mark_not_on_list(skb); |
4584 | if (!__ieee80211_tx_8023(sdata, skb, sta, txpending)) |
4585 | ret = false; |
4586 | } |
4587 | |
4588 | return ret; |
4589 | } |
4590 | |
4591 | static void ieee80211_8023_xmit(struct ieee80211_sub_if_data *sdata, |
4592 | struct net_device *dev, struct sta_info *sta, |
4593 | struct ieee80211_key *key, struct sk_buff *skb) |
4594 | { |
4595 | struct ieee80211_tx_info *info; |
4596 | struct ieee80211_local *local = sdata->local; |
4597 | struct tid_ampdu_tx *tid_tx; |
4598 | struct sk_buff *seg, *next; |
4599 | unsigned int skbs = 0, len = 0; |
4600 | u16 queue; |
4601 | u8 tid; |
4602 | |
4603 | queue = ieee80211_select_queue(sdata, sta, skb); |
4604 | skb_set_queue_mapping(skb, queue_mapping: queue); |
4605 | |
4606 | if (unlikely(test_bit(SCAN_SW_SCANNING, &local->scanning)) && |
4607 | test_bit(SDATA_STATE_OFFCHANNEL, &sdata->state)) |
4608 | goto out_free; |
4609 | |
4610 | skb = skb_share_check(skb, GFP_ATOMIC); |
4611 | if (unlikely(!skb)) |
4612 | return; |
4613 | |
4614 | ieee80211_aggr_check(sdata, sta, skb); |
4615 | |
4616 | tid = skb->priority & IEEE80211_QOS_CTL_TAG1D_MASK; |
4617 | tid_tx = rcu_dereference(sta->ampdu_mlme.tid_tx[tid]); |
4618 | if (tid_tx) { |
4619 | if (!test_bit(HT_AGG_STATE_OPERATIONAL, &tid_tx->state)) { |
4620 | /* fall back to non-offload slow path */ |
4621 | __ieee80211_subif_start_xmit(skb, dev, info_flags: 0, |
4622 | IEEE80211_TX_CTRL_MLO_LINK_UNSPEC, |
4623 | NULL); |
4624 | return; |
4625 | } |
4626 | |
4627 | if (tid_tx->timeout) |
4628 | tid_tx->last_tx = jiffies; |
4629 | } |
4630 | |
4631 | skb = ieee80211_tx_skb_fixup(skb, features: ieee80211_sdata_netdev_features(sdata)); |
4632 | if (!skb) |
4633 | return; |
4634 | |
4635 | info = IEEE80211_SKB_CB(skb); |
4636 | memset(info, 0, sizeof(*info)); |
4637 | |
4638 | info->hw_queue = sdata->vif.hw_queue[queue]; |
4639 | |
4640 | if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) |
4641 | sdata = container_of(sdata->bss, |
4642 | struct ieee80211_sub_if_data, u.ap); |
4643 | |
4644 | info->flags |= IEEE80211_TX_CTL_HW_80211_ENCAP; |
4645 | info->control.vif = &sdata->vif; |
4646 | |
4647 | if (key) |
4648 | info->control.hw_key = &key->conf; |
4649 | |
4650 | skb_list_walk_safe(skb, seg, next) { |
4651 | skbs++; |
4652 | len += seg->len; |
4653 | if (seg != skb) |
4654 | memcpy(IEEE80211_SKB_CB(seg), info, sizeof(*info)); |
4655 | } |
4656 | |
4657 | if (unlikely(skb->sk && |
4658 | skb_shinfo(skb)->tx_flags & SKBTX_WIFI_STATUS)) { |
4659 | info->status_data = ieee80211_store_ack_skb(local, skb, |
4660 | info_flags: &info->flags, NULL); |
4661 | if (info->status_data) |
4662 | info->status_data_idr = 1; |
4663 | } |
4664 | |
4665 | dev_sw_netstats_tx_add(dev, packets: skbs, len); |
4666 | sta->deflink.tx_stats.packets[queue] += skbs; |
4667 | sta->deflink.tx_stats.bytes[queue] += len; |
4668 | |
4669 | ieee80211_tpt_led_trig_tx(local, bytes: len); |
4670 | |
4671 | ieee80211_tx_8023(sdata, skb, sta, txpending: false); |
4672 | |
4673 | return; |
4674 | |
4675 | out_free: |
4676 | kfree_skb(skb); |
4677 | } |
4678 | |
4679 | netdev_tx_t ieee80211_subif_start_xmit_8023(struct sk_buff *skb, |
4680 | struct net_device *dev) |
4681 | { |
4682 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
4683 | struct ethhdr *ehdr = (struct ethhdr *)skb->data; |
4684 | struct ieee80211_key *key; |
4685 | struct sta_info *sta; |
4686 | |
4687 | if (unlikely(!ieee80211_sdata_running(sdata) || skb->len < ETH_HLEN)) { |
4688 | kfree_skb(skb); |
4689 | return NETDEV_TX_OK; |
4690 | } |
4691 | |
4692 | rcu_read_lock(); |
4693 | |
4694 | if (ieee80211_lookup_ra_sta(sdata, skb, sta_out: &sta)) { |
4695 | kfree_skb(skb); |
4696 | goto out; |
4697 | } |
4698 | |
4699 | if (unlikely(IS_ERR_OR_NULL(sta) || !sta->uploaded || |
4700 | !test_sta_flag(sta, WLAN_STA_AUTHORIZED) || |
4701 | sdata->control_port_protocol == ehdr->h_proto)) |
4702 | goto skip_offload; |
4703 | |
4704 | key = rcu_dereference(sta->ptk[sta->ptk_idx]); |
4705 | if (!key) |
4706 | key = rcu_dereference(sdata->default_unicast_key); |
4707 | |
4708 | if (key && (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) || |
4709 | key->conf.cipher == WLAN_CIPHER_SUITE_TKIP)) |
4710 | goto skip_offload; |
4711 | |
4712 | sk_pacing_shift_update(sk: skb->sk, val: sdata->local->hw.tx_sk_pacing_shift); |
4713 | ieee80211_8023_xmit(sdata, dev, sta, key, skb); |
4714 | goto out; |
4715 | |
4716 | skip_offload: |
4717 | ieee80211_subif_start_xmit(skb, dev); |
4718 | out: |
4719 | rcu_read_unlock(); |
4720 | |
4721 | return NETDEV_TX_OK; |
4722 | } |
4723 | |
4724 | struct sk_buff * |
4725 | ieee80211_build_data_template(struct ieee80211_sub_if_data *sdata, |
4726 | struct sk_buff *skb, u32 info_flags) |
4727 | { |
4728 | struct ieee80211_hdr *hdr; |
4729 | struct ieee80211_tx_data tx = { |
4730 | .local = sdata->local, |
4731 | .sdata = sdata, |
4732 | }; |
4733 | struct sta_info *sta; |
4734 | |
4735 | rcu_read_lock(); |
4736 | |
4737 | if (ieee80211_lookup_ra_sta(sdata, skb, sta_out: &sta)) { |
4738 | kfree_skb(skb); |
4739 | skb = ERR_PTR(error: -EINVAL); |
4740 | goto out; |
4741 | } |
4742 | |
4743 | skb = ieee80211_build_hdr(sdata, skb, info_flags, sta, |
4744 | IEEE80211_TX_CTRL_MLO_LINK_UNSPEC, NULL); |
4745 | if (IS_ERR(ptr: skb)) |
4746 | goto out; |
4747 | |
4748 | hdr = (void *)skb->data; |
4749 | tx.sta = sta_info_get(sdata, addr: hdr->addr1); |
4750 | tx.skb = skb; |
4751 | |
4752 | if (ieee80211_tx_h_select_key(tx: &tx) != TX_CONTINUE) { |
4753 | rcu_read_unlock(); |
4754 | kfree_skb(skb); |
4755 | return ERR_PTR(error: -EINVAL); |
4756 | } |
4757 | |
4758 | out: |
4759 | rcu_read_unlock(); |
4760 | return skb; |
4761 | } |
4762 | |
4763 | /* |
4764 | * ieee80211_clear_tx_pending may not be called in a context where |
4765 | * it is possible that it packets could come in again. |
4766 | */ |
4767 | void ieee80211_clear_tx_pending(struct ieee80211_local *local) |
4768 | { |
4769 | struct sk_buff *skb; |
4770 | int i; |
4771 | |
4772 | for (i = 0; i < local->hw.queues; i++) { |
4773 | while ((skb = skb_dequeue(list: &local->pending[i])) != NULL) |
4774 | ieee80211_free_txskb(hw: &local->hw, skb); |
4775 | } |
4776 | } |
4777 | |
4778 | /* |
4779 | * Returns false if the frame couldn't be transmitted but was queued instead, |
4780 | * which in this case means re-queued -- take as an indication to stop sending |
4781 | * more pending frames. |
4782 | */ |
4783 | static bool ieee80211_tx_pending_skb(struct ieee80211_local *local, |
4784 | struct sk_buff *skb) |
4785 | { |
4786 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
4787 | struct ieee80211_sub_if_data *sdata; |
4788 | struct sta_info *sta; |
4789 | struct ieee80211_hdr *hdr; |
4790 | bool result; |
4791 | struct ieee80211_chanctx_conf *chanctx_conf; |
4792 | |
4793 | sdata = vif_to_sdata(p: info->control.vif); |
4794 | |
4795 | if (info->control.flags & IEEE80211_TX_INTCFL_NEED_TXPROCESSING) { |
4796 | /* update band only for non-MLD */ |
4797 | if (!ieee80211_vif_is_mld(vif: &sdata->vif)) { |
4798 | chanctx_conf = |
4799 | rcu_dereference(sdata->vif.bss_conf.chanctx_conf); |
4800 | if (unlikely(!chanctx_conf)) { |
4801 | dev_kfree_skb(skb); |
4802 | return true; |
4803 | } |
4804 | info->band = chanctx_conf->def.chan->band; |
4805 | } |
4806 | result = ieee80211_tx(sdata, NULL, skb, txpending: true); |
4807 | } else if (info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP) { |
4808 | if (ieee80211_lookup_ra_sta(sdata, skb, sta_out: &sta)) { |
4809 | dev_kfree_skb(skb); |
4810 | return true; |
4811 | } |
4812 | |
4813 | if (IS_ERR(ptr: sta) || (sta && !sta->uploaded)) |
4814 | sta = NULL; |
4815 | |
4816 | result = ieee80211_tx_8023(sdata, skb, sta, txpending: true); |
4817 | } else { |
4818 | struct sk_buff_head skbs; |
4819 | |
4820 | __skb_queue_head_init(list: &skbs); |
4821 | __skb_queue_tail(list: &skbs, newsk: skb); |
4822 | |
4823 | hdr = (struct ieee80211_hdr *)skb->data; |
4824 | sta = sta_info_get(sdata, addr: hdr->addr1); |
4825 | |
4826 | result = __ieee80211_tx(local, skbs: &skbs, sta, txpending: true); |
4827 | } |
4828 | |
4829 | return result; |
4830 | } |
4831 | |
4832 | /* |
4833 | * Transmit all pending packets. Called from tasklet. |
4834 | */ |
4835 | void ieee80211_tx_pending(struct tasklet_struct *t) |
4836 | { |
4837 | struct ieee80211_local *local = from_tasklet(local, t, |
4838 | tx_pending_tasklet); |
4839 | unsigned long flags; |
4840 | int i; |
4841 | bool txok; |
4842 | |
4843 | rcu_read_lock(); |
4844 | |
4845 | spin_lock_irqsave(&local->queue_stop_reason_lock, flags); |
4846 | for (i = 0; i < local->hw.queues; i++) { |
4847 | /* |
4848 | * If queue is stopped by something other than due to pending |
4849 | * frames, or we have no pending frames, proceed to next queue. |
4850 | */ |
4851 | if (local->queue_stop_reasons[i] || |
4852 | skb_queue_empty(list: &local->pending[i])) |
4853 | continue; |
4854 | |
4855 | while (!skb_queue_empty(list: &local->pending[i])) { |
4856 | struct sk_buff *skb = __skb_dequeue(list: &local->pending[i]); |
4857 | struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb); |
4858 | |
4859 | if (WARN_ON(!info->control.vif)) { |
4860 | ieee80211_free_txskb(hw: &local->hw, skb); |
4861 | continue; |
4862 | } |
4863 | |
4864 | spin_unlock_irqrestore(lock: &local->queue_stop_reason_lock, |
4865 | flags); |
4866 | |
4867 | txok = ieee80211_tx_pending_skb(local, skb); |
4868 | spin_lock_irqsave(&local->queue_stop_reason_lock, |
4869 | flags); |
4870 | if (!txok) |
4871 | break; |
4872 | } |
4873 | } |
4874 | spin_unlock_irqrestore(lock: &local->queue_stop_reason_lock, flags); |
4875 | |
4876 | rcu_read_unlock(); |
4877 | } |
4878 | |
4879 | /* functions for drivers to get certain frames */ |
4880 | |
4881 | static void __ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata, |
4882 | struct ieee80211_link_data *link, |
4883 | struct ps_data *ps, struct sk_buff *skb, |
4884 | bool is_template) |
4885 | { |
4886 | u8 *pos, *tim; |
4887 | int aid0 = 0; |
4888 | int i, have_bits = 0, n1, n2; |
4889 | struct ieee80211_bss_conf *link_conf = link->conf; |
4890 | |
4891 | /* Generate bitmap for TIM only if there are any STAs in power save |
4892 | * mode. */ |
4893 | if (atomic_read(v: &ps->num_sta_ps) > 0) |
4894 | /* in the hope that this is faster than |
4895 | * checking byte-for-byte */ |
4896 | have_bits = !bitmap_empty(src: (unsigned long *)ps->tim, |
4897 | IEEE80211_MAX_AID+1); |
4898 | if (!is_template) { |
4899 | if (ps->dtim_count == 0) |
4900 | ps->dtim_count = link_conf->dtim_period - 1; |
4901 | else |
4902 | ps->dtim_count--; |
4903 | } |
4904 | |
4905 | tim = pos = skb_put(skb, len: 5); |
4906 | *pos++ = WLAN_EID_TIM; |
4907 | *pos++ = 3; |
4908 | *pos++ = ps->dtim_count; |
4909 | *pos++ = link_conf->dtim_period; |
4910 | |
4911 | if (ps->dtim_count == 0 && !skb_queue_empty(list: &ps->bc_buf)) |
4912 | aid0 = 1; |
4913 | |
4914 | ps->dtim_bc_mc = aid0 == 1; |
4915 | |
4916 | if (have_bits) { |
4917 | /* Find largest even number N1 so that bits numbered 1 through |
4918 | * (N1 x 8) - 1 in the bitmap are 0 and number N2 so that bits |
4919 | * (N2 + 1) x 8 through 2007 are 0. */ |
4920 | n1 = 0; |
4921 | for (i = 0; i < IEEE80211_MAX_TIM_LEN; i++) { |
4922 | if (ps->tim[i]) { |
4923 | n1 = i & 0xfe; |
4924 | break; |
4925 | } |
4926 | } |
4927 | n2 = n1; |
4928 | for (i = IEEE80211_MAX_TIM_LEN - 1; i >= n1; i--) { |
4929 | if (ps->tim[i]) { |
4930 | n2 = i; |
4931 | break; |
4932 | } |
4933 | } |
4934 | |
4935 | /* Bitmap control */ |
4936 | *pos++ = n1 | aid0; |
4937 | /* Part Virt Bitmap */ |
4938 | skb_put_data(skb, data: ps->tim + n1, len: n2 - n1 + 1); |
4939 | |
4940 | tim[1] = n2 - n1 + 4; |
4941 | } else { |
4942 | *pos++ = aid0; /* Bitmap control */ |
4943 | |
4944 | if (ieee80211_get_link_sband(link)->band != NL80211_BAND_S1GHZ) { |
4945 | tim[1] = 4; |
4946 | /* Part Virt Bitmap */ |
4947 | skb_put_u8(skb, val: 0); |
4948 | } |
4949 | } |
4950 | } |
4951 | |
4952 | static int ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata, |
4953 | struct ieee80211_link_data *link, |
4954 | struct ps_data *ps, struct sk_buff *skb, |
4955 | bool is_template) |
4956 | { |
4957 | struct ieee80211_local *local = sdata->local; |
4958 | |
4959 | /* |
4960 | * Not very nice, but we want to allow the driver to call |
4961 | * ieee80211_beacon_get() as a response to the set_tim() |
4962 | * callback. That, however, is already invoked under the |
4963 | * sta_lock to guarantee consistent and race-free update |
4964 | * of the tim bitmap in mac80211 and the driver. |
4965 | */ |
4966 | if (local->tim_in_locked_section) { |
4967 | __ieee80211_beacon_add_tim(sdata, link, ps, skb, is_template); |
4968 | } else { |
4969 | spin_lock_bh(lock: &local->tim_lock); |
4970 | __ieee80211_beacon_add_tim(sdata, link, ps, skb, is_template); |
4971 | spin_unlock_bh(lock: &local->tim_lock); |
4972 | } |
4973 | |
4974 | return 0; |
4975 | } |
4976 | |
4977 | static void ieee80211_set_beacon_cntdwn(struct ieee80211_sub_if_data *sdata, |
4978 | struct beacon_data *beacon, |
4979 | struct ieee80211_link_data *link) |
4980 | { |
4981 | u8 *beacon_data, count, max_count = 1; |
4982 | struct probe_resp *resp; |
4983 | size_t beacon_data_len; |
4984 | u16 *bcn_offsets; |
4985 | int i; |
4986 | |
4987 | switch (sdata->vif.type) { |
4988 | case NL80211_IFTYPE_AP: |
4989 | beacon_data = beacon->tail; |
4990 | beacon_data_len = beacon->tail_len; |
4991 | break; |
4992 | case NL80211_IFTYPE_ADHOC: |
4993 | beacon_data = beacon->head; |
4994 | beacon_data_len = beacon->head_len; |
4995 | break; |
4996 | case NL80211_IFTYPE_MESH_POINT: |
4997 | beacon_data = beacon->head; |
4998 | beacon_data_len = beacon->head_len; |
4999 | break; |
5000 | default: |
5001 | return; |
5002 | } |
5003 | |
5004 | resp = rcu_dereference(link->u.ap.probe_resp); |
5005 | |
5006 | bcn_offsets = beacon->cntdwn_counter_offsets; |
5007 | count = beacon->cntdwn_current_counter; |
5008 | if (link->conf->csa_active) |
5009 | max_count = IEEE80211_MAX_CNTDWN_COUNTERS_NUM; |
5010 | |
5011 | for (i = 0; i < max_count; ++i) { |
5012 | if (bcn_offsets[i]) { |
5013 | if (WARN_ON_ONCE(bcn_offsets[i] >= beacon_data_len)) |
5014 | return; |
5015 | beacon_data[bcn_offsets[i]] = count; |
5016 | } |
5017 | |
5018 | if (sdata->vif.type == NL80211_IFTYPE_AP && resp) { |
5019 | u16 *resp_offsets = resp->cntdwn_counter_offsets; |
5020 | |
5021 | resp->data[resp_offsets[i]] = count; |
5022 | } |
5023 | } |
5024 | } |
5025 | |
5026 | static u8 __ieee80211_beacon_update_cntdwn(struct beacon_data *beacon) |
5027 | { |
5028 | beacon->cntdwn_current_counter--; |
5029 | |
5030 | /* the counter should never reach 0 */ |
5031 | WARN_ON_ONCE(!beacon->cntdwn_current_counter); |
5032 | |
5033 | return beacon->cntdwn_current_counter; |
5034 | } |
5035 | |
5036 | u8 ieee80211_beacon_update_cntdwn(struct ieee80211_vif *vif) |
5037 | { |
5038 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(p: vif); |
5039 | struct beacon_data *beacon = NULL; |
5040 | u8 count = 0; |
5041 | |
5042 | rcu_read_lock(); |
5043 | |
5044 | if (sdata->vif.type == NL80211_IFTYPE_AP) |
5045 | beacon = rcu_dereference(sdata->deflink.u.ap.beacon); |
5046 | else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) |
5047 | beacon = rcu_dereference(sdata->u.ibss.presp); |
5048 | else if (ieee80211_vif_is_mesh(vif: &sdata->vif)) |
5049 | beacon = rcu_dereference(sdata->u.mesh.beacon); |
5050 | |
5051 | if (!beacon) |
5052 | goto unlock; |
5053 | |
5054 | count = __ieee80211_beacon_update_cntdwn(beacon); |
5055 | |
5056 | unlock: |
5057 | rcu_read_unlock(); |
5058 | return count; |
5059 | } |
5060 | EXPORT_SYMBOL(ieee80211_beacon_update_cntdwn); |
5061 | |
5062 | void ieee80211_beacon_set_cntdwn(struct ieee80211_vif *vif, u8 counter) |
5063 | { |
5064 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(p: vif); |
5065 | struct beacon_data *beacon = NULL; |
5066 | |
5067 | rcu_read_lock(); |
5068 | |
5069 | if (sdata->vif.type == NL80211_IFTYPE_AP) |
5070 | beacon = rcu_dereference(sdata->deflink.u.ap.beacon); |
5071 | else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) |
5072 | beacon = rcu_dereference(sdata->u.ibss.presp); |
5073 | else if (ieee80211_vif_is_mesh(vif: &sdata->vif)) |
5074 | beacon = rcu_dereference(sdata->u.mesh.beacon); |
5075 | |
5076 | if (!beacon) |
5077 | goto unlock; |
5078 | |
5079 | if (counter < beacon->cntdwn_current_counter) |
5080 | beacon->cntdwn_current_counter = counter; |
5081 | |
5082 | unlock: |
5083 | rcu_read_unlock(); |
5084 | } |
5085 | EXPORT_SYMBOL(ieee80211_beacon_set_cntdwn); |
5086 | |
5087 | bool ieee80211_beacon_cntdwn_is_complete(struct ieee80211_vif *vif) |
5088 | { |
5089 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(p: vif); |
5090 | struct beacon_data *beacon = NULL; |
5091 | u8 *beacon_data; |
5092 | size_t beacon_data_len; |
5093 | int ret = false; |
5094 | |
5095 | if (!ieee80211_sdata_running(sdata)) |
5096 | return false; |
5097 | |
5098 | rcu_read_lock(); |
5099 | if (vif->type == NL80211_IFTYPE_AP) { |
5100 | beacon = rcu_dereference(sdata->deflink.u.ap.beacon); |
5101 | if (WARN_ON(!beacon || !beacon->tail)) |
5102 | goto out; |
5103 | beacon_data = beacon->tail; |
5104 | beacon_data_len = beacon->tail_len; |
5105 | } else if (vif->type == NL80211_IFTYPE_ADHOC) { |
5106 | struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; |
5107 | |
5108 | beacon = rcu_dereference(ifibss->presp); |
5109 | if (!beacon) |
5110 | goto out; |
5111 | |
5112 | beacon_data = beacon->head; |
5113 | beacon_data_len = beacon->head_len; |
5114 | } else if (vif->type == NL80211_IFTYPE_MESH_POINT) { |
5115 | struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; |
5116 | |
5117 | beacon = rcu_dereference(ifmsh->beacon); |
5118 | if (!beacon) |
5119 | goto out; |
5120 | |
5121 | beacon_data = beacon->head; |
5122 | beacon_data_len = beacon->head_len; |
5123 | } else { |
5124 | WARN_ON(1); |
5125 | goto out; |
5126 | } |
5127 | |
5128 | if (!beacon->cntdwn_counter_offsets[0]) |
5129 | goto out; |
5130 | |
5131 | if (WARN_ON_ONCE(beacon->cntdwn_counter_offsets[0] > beacon_data_len)) |
5132 | goto out; |
5133 | |
5134 | if (beacon_data[beacon->cntdwn_counter_offsets[0]] == 1) |
5135 | ret = true; |
5136 | |
5137 | out: |
5138 | rcu_read_unlock(); |
5139 | |
5140 | return ret; |
5141 | } |
5142 | EXPORT_SYMBOL(ieee80211_beacon_cntdwn_is_complete); |
5143 | |
5144 | static int ieee80211_beacon_protect(struct sk_buff *skb, |
5145 | struct ieee80211_local *local, |
5146 | struct ieee80211_sub_if_data *sdata, |
5147 | struct ieee80211_link_data *link) |
5148 | { |
5149 | ieee80211_tx_result res; |
5150 | struct ieee80211_tx_data tx; |
5151 | struct sk_buff *check_skb; |
5152 | |
5153 | memset(&tx, 0, sizeof(tx)); |
5154 | tx.key = rcu_dereference(link->default_beacon_key); |
5155 | if (!tx.key) |
5156 | return 0; |
5157 | |
5158 | if (unlikely(tx.key->flags & KEY_FLAG_TAINTED)) { |
5159 | tx.key = NULL; |
5160 | return -EINVAL; |
5161 | } |
5162 | |
5163 | if (!(tx.key->conf.flags & IEEE80211_KEY_FLAG_SW_MGMT_TX) && |
5164 | tx.key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) |
5165 | IEEE80211_SKB_CB(skb)->control.hw_key = &tx.key->conf; |
5166 | |
5167 | tx.local = local; |
5168 | tx.sdata = sdata; |
5169 | __skb_queue_head_init(list: &tx.skbs); |
5170 | __skb_queue_tail(list: &tx.skbs, newsk: skb); |
5171 | res = ieee80211_tx_h_encrypt(tx: &tx); |
5172 | check_skb = __skb_dequeue(list: &tx.skbs); |
5173 | /* we may crash after this, but it'd be a bug in crypto */ |
5174 | WARN_ON(check_skb != skb); |
5175 | if (WARN_ON_ONCE(res != TX_CONTINUE)) |
5176 | return -EINVAL; |
5177 | |
5178 | return 0; |
5179 | } |
5180 | |
5181 | static void |
5182 | ieee80211_beacon_get_finish(struct ieee80211_hw *hw, |
5183 | struct ieee80211_vif *vif, |
5184 | struct ieee80211_link_data *link, |
5185 | struct ieee80211_mutable_offsets *offs, |
5186 | struct beacon_data *beacon, |
5187 | struct sk_buff *skb, |
5188 | struct ieee80211_chanctx_conf *chanctx_conf, |
5189 | u16 csa_off_base) |
5190 | { |
5191 | struct ieee80211_local *local = hw_to_local(hw); |
5192 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(p: vif); |
5193 | struct ieee80211_tx_info *info; |
5194 | enum nl80211_band band; |
5195 | struct ieee80211_tx_rate_control txrc; |
5196 | |
5197 | /* CSA offsets */ |
5198 | if (offs && beacon) { |
5199 | u16 i; |
5200 | |
5201 | for (i = 0; i < IEEE80211_MAX_CNTDWN_COUNTERS_NUM; i++) { |
5202 | u16 csa_off = beacon->cntdwn_counter_offsets[i]; |
5203 | |
5204 | if (!csa_off) |
5205 | continue; |
5206 | |
5207 | offs->cntdwn_counter_offs[i] = csa_off_base + csa_off; |
5208 | } |
5209 | } |
5210 | |
5211 | band = chanctx_conf->def.chan->band; |
5212 | info = IEEE80211_SKB_CB(skb); |
5213 | info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; |
5214 | info->flags |= IEEE80211_TX_CTL_NO_ACK; |
5215 | info->band = band; |
5216 | |
5217 | memset(&txrc, 0, sizeof(txrc)); |
5218 | txrc.hw = hw; |
5219 | txrc.sband = local->hw.wiphy->bands[band]; |
5220 | txrc.bss_conf = link->conf; |
5221 | txrc.skb = skb; |
5222 | txrc.reported_rate.idx = -1; |
5223 | if (sdata->beacon_rate_set && sdata->beacon_rateidx_mask[band]) |
5224 | txrc.rate_idx_mask = sdata->beacon_rateidx_mask[band]; |
5225 | else |
5226 | txrc.rate_idx_mask = sdata->rc_rateidx_mask[band]; |
5227 | txrc.bss = true; |
5228 | rate_control_get_rate(sdata, NULL, txrc: &txrc); |
5229 | |
5230 | info->control.vif = vif; |
5231 | info->control.flags |= u32_encode_bits(v: link->link_id, |
5232 | field: IEEE80211_TX_CTRL_MLO_LINK); |
5233 | info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT | |
5234 | IEEE80211_TX_CTL_ASSIGN_SEQ | |
5235 | IEEE80211_TX_CTL_FIRST_FRAGMENT; |
5236 | } |
5237 | |
5238 | static void |
5239 | ieee80211_beacon_add_mbssid(struct sk_buff *skb, struct beacon_data *beacon, |
5240 | u8 i) |
5241 | { |
5242 | if (!beacon->mbssid_ies || !beacon->mbssid_ies->cnt || |
5243 | i > beacon->mbssid_ies->cnt) |
5244 | return; |
5245 | |
5246 | if (i < beacon->mbssid_ies->cnt) { |
5247 | skb_put_data(skb, data: beacon->mbssid_ies->elem[i].data, |
5248 | len: beacon->mbssid_ies->elem[i].len); |
5249 | |
5250 | if (beacon->rnr_ies && beacon->rnr_ies->cnt) { |
5251 | skb_put_data(skb, data: beacon->rnr_ies->elem[i].data, |
5252 | len: beacon->rnr_ies->elem[i].len); |
5253 | |
5254 | for (i = beacon->mbssid_ies->cnt; i < beacon->rnr_ies->cnt; i++) |
5255 | skb_put_data(skb, data: beacon->rnr_ies->elem[i].data, |
5256 | len: beacon->rnr_ies->elem[i].len); |
5257 | } |
5258 | return; |
5259 | } |
5260 | |
5261 | /* i == beacon->mbssid_ies->cnt, include all MBSSID elements */ |
5262 | for (i = 0; i < beacon->mbssid_ies->cnt; i++) |
5263 | skb_put_data(skb, data: beacon->mbssid_ies->elem[i].data, |
5264 | len: beacon->mbssid_ies->elem[i].len); |
5265 | } |
5266 | |
5267 | static struct sk_buff * |
5268 | ieee80211_beacon_get_ap(struct ieee80211_hw *hw, |
5269 | struct ieee80211_vif *vif, |
5270 | struct ieee80211_link_data *link, |
5271 | struct ieee80211_mutable_offsets *offs, |
5272 | bool is_template, |
5273 | struct beacon_data *beacon, |
5274 | struct ieee80211_chanctx_conf *chanctx_conf, |
5275 | u8 ema_index) |
5276 | { |
5277 | struct ieee80211_local *local = hw_to_local(hw); |
5278 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(p: vif); |
5279 | struct ieee80211_if_ap *ap = &sdata->u.ap; |
5280 | struct sk_buff *skb = NULL; |
5281 | u16 csa_off_base = 0; |
5282 | int mbssid_len; |
5283 | |
5284 | if (beacon->cntdwn_counter_offsets[0]) { |
5285 | if (!is_template) |
5286 | ieee80211_beacon_update_cntdwn(vif); |
5287 | |
5288 | ieee80211_set_beacon_cntdwn(sdata, beacon, link); |
5289 | } |
5290 | |
5291 | /* headroom, head length, |
5292 | * tail length, maximum TIM length and multiple BSSID length |
5293 | */ |
5294 | mbssid_len = ieee80211_get_mbssid_beacon_len(elems: beacon->mbssid_ies, |
5295 | rnr_elems: beacon->rnr_ies, |
5296 | i: ema_index); |
5297 | |
5298 | skb = dev_alloc_skb(length: local->tx_headroom + beacon->head_len + |
5299 | beacon->tail_len + 256 + |
5300 | local->hw.extra_beacon_tailroom + mbssid_len); |
5301 | if (!skb) |
5302 | return NULL; |
5303 | |
5304 | skb_reserve(skb, len: local->tx_headroom); |
5305 | skb_put_data(skb, data: beacon->head, len: beacon->head_len); |
5306 | |
5307 | ieee80211_beacon_add_tim(sdata, link, ps: &ap->ps, skb, is_template); |
5308 | |
5309 | if (offs) { |
5310 | offs->tim_offset = beacon->head_len; |
5311 | offs->tim_length = skb->len - beacon->head_len; |
5312 | offs->cntdwn_counter_offs[0] = beacon->cntdwn_counter_offsets[0]; |
5313 | |
5314 | if (mbssid_len) { |
5315 | ieee80211_beacon_add_mbssid(skb, beacon, i: ema_index); |
5316 | offs->mbssid_off = skb->len - mbssid_len; |
5317 | } |
5318 | |
5319 | /* for AP the csa offsets are from tail */ |
5320 | csa_off_base = skb->len; |
5321 | } |
5322 | |
5323 | if (beacon->tail) |
5324 | skb_put_data(skb, data: beacon->tail, len: beacon->tail_len); |
5325 | |
5326 | if (ieee80211_beacon_protect(skb, local, sdata, link) < 0) |
5327 | return NULL; |
5328 | |
5329 | ieee80211_beacon_get_finish(hw, vif, link, offs, beacon, skb, |
5330 | chanctx_conf, csa_off_base); |
5331 | return skb; |
5332 | } |
5333 | |
5334 | static struct ieee80211_ema_beacons * |
5335 | ieee80211_beacon_get_ap_ema_list(struct ieee80211_hw *hw, |
5336 | struct ieee80211_vif *vif, |
5337 | struct ieee80211_link_data *link, |
5338 | struct ieee80211_mutable_offsets *offs, |
5339 | bool is_template, struct beacon_data *beacon, |
5340 | struct ieee80211_chanctx_conf *chanctx_conf) |
5341 | { |
5342 | struct ieee80211_ema_beacons *ema = NULL; |
5343 | |
5344 | if (!beacon->mbssid_ies || !beacon->mbssid_ies->cnt) |
5345 | return NULL; |
5346 | |
5347 | ema = kzalloc(struct_size(ema, bcn, beacon->mbssid_ies->cnt), |
5348 | GFP_ATOMIC); |
5349 | if (!ema) |
5350 | return NULL; |
5351 | |
5352 | for (ema->cnt = 0; ema->cnt < beacon->mbssid_ies->cnt; ema->cnt++) { |
5353 | ema->bcn[ema->cnt].skb = |
5354 | ieee80211_beacon_get_ap(hw, vif, link, |
5355 | offs: &ema->bcn[ema->cnt].offs, |
5356 | is_template, beacon, |
5357 | chanctx_conf, ema_index: ema->cnt); |
5358 | if (!ema->bcn[ema->cnt].skb) |
5359 | break; |
5360 | } |
5361 | |
5362 | if (ema->cnt == beacon->mbssid_ies->cnt) |
5363 | return ema; |
5364 | |
5365 | ieee80211_beacon_free_ema_list(ema_beacons: ema); |
5366 | return NULL; |
5367 | } |
5368 | |
5369 | #define IEEE80211_INCLUDE_ALL_MBSSID_ELEMS -1 |
5370 | |
5371 | static struct sk_buff * |
5372 | __ieee80211_beacon_get(struct ieee80211_hw *hw, |
5373 | struct ieee80211_vif *vif, |
5374 | struct ieee80211_mutable_offsets *offs, |
5375 | bool is_template, |
5376 | unsigned int link_id, |
5377 | int ema_index, |
5378 | struct ieee80211_ema_beacons **ema_beacons) |
5379 | { |
5380 | struct ieee80211_local *local = hw_to_local(hw); |
5381 | struct beacon_data *beacon = NULL; |
5382 | struct sk_buff *skb = NULL; |
5383 | struct ieee80211_sub_if_data *sdata = NULL; |
5384 | struct ieee80211_chanctx_conf *chanctx_conf; |
5385 | struct ieee80211_link_data *link; |
5386 | |
5387 | rcu_read_lock(); |
5388 | |
5389 | sdata = vif_to_sdata(p: vif); |
5390 | link = rcu_dereference(sdata->link[link_id]); |
5391 | if (!link) |
5392 | goto out; |
5393 | chanctx_conf = |
5394 | rcu_dereference(link->conf->chanctx_conf); |
5395 | |
5396 | if (!ieee80211_sdata_running(sdata) || !chanctx_conf) |
5397 | goto out; |
5398 | |
5399 | if (offs) |
5400 | memset(offs, 0, sizeof(*offs)); |
5401 | |
5402 | if (sdata->vif.type == NL80211_IFTYPE_AP) { |
5403 | beacon = rcu_dereference(link->u.ap.beacon); |
5404 | if (!beacon) |
5405 | goto out; |
5406 | |
5407 | if (ema_beacons) { |
5408 | *ema_beacons = |
5409 | ieee80211_beacon_get_ap_ema_list(hw, vif, link, |
5410 | offs, |
5411 | is_template, |
5412 | beacon, |
5413 | chanctx_conf); |
5414 | } else { |
5415 | if (beacon->mbssid_ies && beacon->mbssid_ies->cnt) { |
5416 | if (ema_index >= beacon->mbssid_ies->cnt) |
5417 | goto out; /* End of MBSSID elements */ |
5418 | |
5419 | if (ema_index <= IEEE80211_INCLUDE_ALL_MBSSID_ELEMS) |
5420 | ema_index = beacon->mbssid_ies->cnt; |
5421 | } else { |
5422 | ema_index = 0; |
5423 | } |
5424 | |
5425 | skb = ieee80211_beacon_get_ap(hw, vif, link, offs, |
5426 | is_template, beacon, |
5427 | chanctx_conf, |
5428 | ema_index); |
5429 | } |
5430 | } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) { |
5431 | struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; |
5432 | struct ieee80211_hdr *hdr; |
5433 | |
5434 | beacon = rcu_dereference(ifibss->presp); |
5435 | if (!beacon) |
5436 | goto out; |
5437 | |
5438 | if (beacon->cntdwn_counter_offsets[0]) { |
5439 | if (!is_template) |
5440 | __ieee80211_beacon_update_cntdwn(beacon); |
5441 | |
5442 | ieee80211_set_beacon_cntdwn(sdata, beacon, link); |
5443 | } |
5444 | |
5445 | skb = dev_alloc_skb(length: local->tx_headroom + beacon->head_len + |
5446 | local->hw.extra_beacon_tailroom); |
5447 | if (!skb) |
5448 | goto out; |
5449 | skb_reserve(skb, len: local->tx_headroom); |
5450 | skb_put_data(skb, data: beacon->head, len: beacon->head_len); |
5451 | |
5452 | hdr = (struct ieee80211_hdr *) skb->data; |
5453 | hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | |
5454 | IEEE80211_STYPE_BEACON); |
5455 | |
5456 | ieee80211_beacon_get_finish(hw, vif, link, offs, beacon, skb, |
5457 | chanctx_conf, csa_off_base: 0); |
5458 | } else if (ieee80211_vif_is_mesh(vif: &sdata->vif)) { |
5459 | struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; |
5460 | |
5461 | beacon = rcu_dereference(ifmsh->beacon); |
5462 | if (!beacon) |
5463 | goto out; |
5464 | |
5465 | if (beacon->cntdwn_counter_offsets[0]) { |
5466 | if (!is_template) |
5467 | /* TODO: For mesh csa_counter is in TU, so |
5468 | * decrementing it by one isn't correct, but |
5469 | * for now we leave it consistent with overall |
5470 | * mac80211's behavior. |
5471 | */ |
5472 | __ieee80211_beacon_update_cntdwn(beacon); |
5473 | |
5474 | ieee80211_set_beacon_cntdwn(sdata, beacon, link); |
5475 | } |
5476 | |
5477 | if (ifmsh->sync_ops) |
5478 | ifmsh->sync_ops->adjust_tsf(sdata, beacon); |
5479 | |
5480 | skb = dev_alloc_skb(length: local->tx_headroom + |
5481 | beacon->head_len + |
5482 | 256 + /* TIM IE */ |
5483 | beacon->tail_len + |
5484 | local->hw.extra_beacon_tailroom); |
5485 | if (!skb) |
5486 | goto out; |
5487 | skb_reserve(skb, len: local->tx_headroom); |
5488 | skb_put_data(skb, data: beacon->head, len: beacon->head_len); |
5489 | ieee80211_beacon_add_tim(sdata, link, ps: &ifmsh->ps, skb, |
5490 | is_template); |
5491 | |
5492 | if (offs) { |
5493 | offs->tim_offset = beacon->head_len; |
5494 | offs->tim_length = skb->len - beacon->head_len; |
5495 | } |
5496 | |
5497 | skb_put_data(skb, data: beacon->tail, len: beacon->tail_len); |
5498 | ieee80211_beacon_get_finish(hw, vif, link, offs, beacon, skb, |
5499 | chanctx_conf, csa_off_base: 0); |
5500 | } else { |
5501 | WARN_ON(1); |
5502 | goto out; |
5503 | } |
5504 | |
5505 | out: |
5506 | rcu_read_unlock(); |
5507 | return skb; |
5508 | |
5509 | } |
5510 | |
5511 | struct sk_buff * |
5512 | ieee80211_beacon_get_template(struct ieee80211_hw *hw, |
5513 | struct ieee80211_vif *vif, |
5514 | struct ieee80211_mutable_offsets *offs, |
5515 | unsigned int link_id) |
5516 | { |
5517 | return __ieee80211_beacon_get(hw, vif, offs, is_template: true, link_id, |
5518 | IEEE80211_INCLUDE_ALL_MBSSID_ELEMS, NULL); |
5519 | } |
5520 | EXPORT_SYMBOL(ieee80211_beacon_get_template); |
5521 | |
5522 | struct sk_buff * |
5523 | ieee80211_beacon_get_template_ema_index(struct ieee80211_hw *hw, |
5524 | struct ieee80211_vif *vif, |
5525 | struct ieee80211_mutable_offsets *offs, |
5526 | unsigned int link_id, u8 ema_index) |
5527 | { |
5528 | return __ieee80211_beacon_get(hw, vif, offs, is_template: true, link_id, ema_index, |
5529 | NULL); |
5530 | } |
5531 | EXPORT_SYMBOL(ieee80211_beacon_get_template_ema_index); |
5532 | |
5533 | void ieee80211_beacon_free_ema_list(struct ieee80211_ema_beacons *ema_beacons) |
5534 | { |
5535 | u8 i; |
5536 | |
5537 | if (!ema_beacons) |
5538 | return; |
5539 | |
5540 | for (i = 0; i < ema_beacons->cnt; i++) |
5541 | kfree_skb(skb: ema_beacons->bcn[i].skb); |
5542 | |
5543 | kfree(objp: ema_beacons); |
5544 | } |
5545 | EXPORT_SYMBOL(ieee80211_beacon_free_ema_list); |
5546 | |
5547 | struct ieee80211_ema_beacons * |
5548 | ieee80211_beacon_get_template_ema_list(struct ieee80211_hw *hw, |
5549 | struct ieee80211_vif *vif, |
5550 | unsigned int link_id) |
5551 | { |
5552 | struct ieee80211_ema_beacons *ema_beacons = NULL; |
5553 | |
5554 | WARN_ON(__ieee80211_beacon_get(hw, vif, NULL, true, link_id, 0, |
5555 | &ema_beacons)); |
5556 | |
5557 | return ema_beacons; |
5558 | } |
5559 | EXPORT_SYMBOL(ieee80211_beacon_get_template_ema_list); |
5560 | |
5561 | struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw, |
5562 | struct ieee80211_vif *vif, |
5563 | u16 *tim_offset, u16 *tim_length, |
5564 | unsigned int link_id) |
5565 | { |
5566 | struct ieee80211_mutable_offsets offs = {}; |
5567 | struct sk_buff *bcn = __ieee80211_beacon_get(hw, vif, offs: &offs, is_template: false, |
5568 | link_id, |
5569 | IEEE80211_INCLUDE_ALL_MBSSID_ELEMS, |
5570 | NULL); |
5571 | struct sk_buff *copy; |
5572 | |
5573 | if (!bcn) |
5574 | return bcn; |
5575 | |
5576 | if (tim_offset) |
5577 | *tim_offset = offs.tim_offset; |
5578 | |
5579 | if (tim_length) |
5580 | *tim_length = offs.tim_length; |
5581 | |
5582 | if (ieee80211_hw_check(hw, BEACON_TX_STATUS) || |
5583 | !hw_to_local(hw)->monitors) |
5584 | return bcn; |
5585 | |
5586 | /* send a copy to monitor interfaces */ |
5587 | copy = skb_copy(skb: bcn, GFP_ATOMIC); |
5588 | if (!copy) |
5589 | return bcn; |
5590 | |
5591 | ieee80211_tx_monitor(local: hw_to_local(hw), skb: copy, retry_count: 1, send_to_cooked: false, NULL); |
5592 | |
5593 | return bcn; |
5594 | } |
5595 | EXPORT_SYMBOL(ieee80211_beacon_get_tim); |
5596 | |
5597 | struct sk_buff *ieee80211_proberesp_get(struct ieee80211_hw *hw, |
5598 | struct ieee80211_vif *vif) |
5599 | { |
5600 | struct sk_buff *skb = NULL; |
5601 | struct probe_resp *presp = NULL; |
5602 | struct ieee80211_hdr *hdr; |
5603 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(p: vif); |
5604 | |
5605 | if (sdata->vif.type != NL80211_IFTYPE_AP) |
5606 | return NULL; |
5607 | |
5608 | rcu_read_lock(); |
5609 | presp = rcu_dereference(sdata->deflink.u.ap.probe_resp); |
5610 | if (!presp) |
5611 | goto out; |
5612 | |
5613 | skb = dev_alloc_skb(length: presp->len); |
5614 | if (!skb) |
5615 | goto out; |
5616 | |
5617 | skb_put_data(skb, data: presp->data, len: presp->len); |
5618 | |
5619 | hdr = (struct ieee80211_hdr *) skb->data; |
5620 | memset(hdr->addr1, 0, sizeof(hdr->addr1)); |
5621 | |
5622 | out: |
5623 | rcu_read_unlock(); |
5624 | return skb; |
5625 | } |
5626 | EXPORT_SYMBOL(ieee80211_proberesp_get); |
5627 | |
5628 | struct sk_buff *ieee80211_get_fils_discovery_tmpl(struct ieee80211_hw *hw, |
5629 | struct ieee80211_vif *vif) |
5630 | { |
5631 | struct sk_buff *skb = NULL; |
5632 | struct fils_discovery_data *tmpl = NULL; |
5633 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(p: vif); |
5634 | |
5635 | if (sdata->vif.type != NL80211_IFTYPE_AP) |
5636 | return NULL; |
5637 | |
5638 | rcu_read_lock(); |
5639 | tmpl = rcu_dereference(sdata->deflink.u.ap.fils_discovery); |
5640 | if (!tmpl) { |
5641 | rcu_read_unlock(); |
5642 | return NULL; |
5643 | } |
5644 | |
5645 | skb = dev_alloc_skb(length: sdata->local->hw.extra_tx_headroom + tmpl->len); |
5646 | if (skb) { |
5647 | skb_reserve(skb, len: sdata->local->hw.extra_tx_headroom); |
5648 | skb_put_data(skb, data: tmpl->data, len: tmpl->len); |
5649 | } |
5650 | |
5651 | rcu_read_unlock(); |
5652 | return skb; |
5653 | } |
5654 | EXPORT_SYMBOL(ieee80211_get_fils_discovery_tmpl); |
5655 | |
5656 | struct sk_buff * |
5657 | ieee80211_get_unsol_bcast_probe_resp_tmpl(struct ieee80211_hw *hw, |
5658 | struct ieee80211_vif *vif) |
5659 | { |
5660 | struct sk_buff *skb = NULL; |
5661 | struct unsol_bcast_probe_resp_data *tmpl = NULL; |
5662 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(p: vif); |
5663 | |
5664 | if (sdata->vif.type != NL80211_IFTYPE_AP) |
5665 | return NULL; |
5666 | |
5667 | rcu_read_lock(); |
5668 | tmpl = rcu_dereference(sdata->deflink.u.ap.unsol_bcast_probe_resp); |
5669 | if (!tmpl) { |
5670 | rcu_read_unlock(); |
5671 | return NULL; |
5672 | } |
5673 | |
5674 | skb = dev_alloc_skb(length: sdata->local->hw.extra_tx_headroom + tmpl->len); |
5675 | if (skb) { |
5676 | skb_reserve(skb, len: sdata->local->hw.extra_tx_headroom); |
5677 | skb_put_data(skb, data: tmpl->data, len: tmpl->len); |
5678 | } |
5679 | |
5680 | rcu_read_unlock(); |
5681 | return skb; |
5682 | } |
5683 | EXPORT_SYMBOL(ieee80211_get_unsol_bcast_probe_resp_tmpl); |
5684 | |
5685 | struct sk_buff *ieee80211_pspoll_get(struct ieee80211_hw *hw, |
5686 | struct ieee80211_vif *vif) |
5687 | { |
5688 | struct ieee80211_sub_if_data *sdata; |
5689 | struct ieee80211_pspoll *pspoll; |
5690 | struct ieee80211_local *local; |
5691 | struct sk_buff *skb; |
5692 | |
5693 | if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) |
5694 | return NULL; |
5695 | |
5696 | sdata = vif_to_sdata(p: vif); |
5697 | local = sdata->local; |
5698 | |
5699 | skb = dev_alloc_skb(length: local->hw.extra_tx_headroom + sizeof(*pspoll)); |
5700 | if (!skb) |
5701 | return NULL; |
5702 | |
5703 | skb_reserve(skb, len: local->hw.extra_tx_headroom); |
5704 | |
5705 | pspoll = skb_put_zero(skb, len: sizeof(*pspoll)); |
5706 | pspoll->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL | |
5707 | IEEE80211_STYPE_PSPOLL); |
5708 | pspoll->aid = cpu_to_le16(sdata->vif.cfg.aid); |
5709 | |
5710 | /* aid in PS-Poll has its two MSBs each set to 1 */ |
5711 | pspoll->aid |= cpu_to_le16(1 << 15 | 1 << 14); |
5712 | |
5713 | memcpy(pspoll->bssid, sdata->deflink.u.mgd.bssid, ETH_ALEN); |
5714 | memcpy(pspoll->ta, vif->addr, ETH_ALEN); |
5715 | |
5716 | return skb; |
5717 | } |
5718 | EXPORT_SYMBOL(ieee80211_pspoll_get); |
5719 | |
5720 | struct sk_buff *ieee80211_nullfunc_get(struct ieee80211_hw *hw, |
5721 | struct ieee80211_vif *vif, |
5722 | int link_id, bool qos_ok) |
5723 | { |
5724 | struct ieee80211_sub_if_data *sdata = vif_to_sdata(p: vif); |
5725 | struct ieee80211_local *local = sdata->local; |
5726 | struct ieee80211_link_data *link = NULL; |
5727 | struct ieee80211_hdr_3addr *nullfunc; |
5728 | struct sk_buff *skb; |
5729 | bool qos = false; |
5730 | |
5731 | if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) |
5732 | return NULL; |
5733 | |
5734 | skb = dev_alloc_skb(length: local->hw.extra_tx_headroom + |
5735 | sizeof(*nullfunc) + 2); |
5736 | if (!skb) |
5737 | return NULL; |
5738 | |
5739 | rcu_read_lock(); |
5740 | if (qos_ok) { |
5741 | struct sta_info *sta; |
5742 | |
5743 | sta = sta_info_get(sdata, addr: vif->cfg.ap_addr); |
5744 | qos = sta && sta->sta.wme; |
5745 | } |
5746 | |
5747 | if (link_id >= 0) { |
5748 | link = rcu_dereference(sdata->link[link_id]); |
5749 | if (WARN_ON_ONCE(!link)) { |
5750 | rcu_read_unlock(); |
5751 | kfree_skb(skb); |
5752 | return NULL; |
5753 | } |
5754 | } |
5755 | |
5756 | skb_reserve(skb, len: local->hw.extra_tx_headroom); |
5757 | |
5758 | nullfunc = skb_put_zero(skb, len: sizeof(*nullfunc)); |
5759 | nullfunc->frame_control = cpu_to_le16(IEEE80211_FTYPE_DATA | |
5760 | IEEE80211_STYPE_NULLFUNC | |
5761 | IEEE80211_FCTL_TODS); |
5762 | if (qos) { |
5763 | __le16 qoshdr = cpu_to_le16(7); |
5764 | |
5765 | BUILD_BUG_ON((IEEE80211_STYPE_QOS_NULLFUNC | |
5766 | IEEE80211_STYPE_NULLFUNC) != |
5767 | IEEE80211_STYPE_QOS_NULLFUNC); |
5768 | nullfunc->frame_control |= |
5769 | cpu_to_le16(IEEE80211_STYPE_QOS_NULLFUNC); |
5770 | skb->priority = 7; |
5771 | skb_set_queue_mapping(skb, queue_mapping: IEEE80211_AC_VO); |
5772 | skb_put_data(skb, data: &qoshdr, len: sizeof(qoshdr)); |
5773 | } |
5774 | |
5775 | if (link) { |
5776 | memcpy(nullfunc->addr1, link->conf->bssid, ETH_ALEN); |
5777 | memcpy(nullfunc->addr2, link->conf->addr, ETH_ALEN); |
5778 | memcpy(nullfunc->addr3, link->conf->bssid, ETH_ALEN); |
5779 | } else { |
5780 | memcpy(nullfunc->addr1, vif->cfg.ap_addr, ETH_ALEN); |
5781 | memcpy(nullfunc->addr2, vif->addr, ETH_ALEN); |
5782 | memcpy(nullfunc->addr3, vif->cfg.ap_addr, ETH_ALEN); |
5783 | } |
5784 | rcu_read_unlock(); |
5785 | |
5786 | return skb; |
5787 | } |
5788 | EXPORT_SYMBOL(ieee80211_nullfunc_get); |
5789 | |
5790 | struct sk_buff *ieee80211_probereq_get(struct ieee80211_hw *hw, |
5791 | const u8 *src_addr, |
5792 | const u8 *ssid, size_t ssid_len, |
5793 | size_t tailroom) |
5794 | { |
5795 | struct ieee80211_local *local = hw_to_local(hw); |
5796 | struct ieee80211_hdr_3addr *hdr; |
5797 | struct sk_buff *skb; |
5798 | size_t ie_ssid_len; |
5799 | u8 *pos; |
5800 | |
5801 | ie_ssid_len = 2 + ssid_len; |
5802 | |
5803 | skb = dev_alloc_skb(length: local->hw.extra_tx_headroom + sizeof(*hdr) + |
5804 | ie_ssid_len + tailroom); |
5805 | if (!skb) |
5806 | return NULL; |
5807 | |
5808 | skb_reserve(skb, len: local->hw.extra_tx_headroom); |
5809 | |
5810 | hdr = skb_put_zero(skb, len: sizeof(*hdr)); |
5811 | hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | |
5812 | IEEE80211_STYPE_PROBE_REQ); |
5813 | eth_broadcast_addr(addr: hdr->addr1); |
5814 | memcpy(hdr->addr2, src_addr, ETH_ALEN); |
5815 | eth_broadcast_addr(addr: hdr->addr3); |
5816 | |
5817 | pos = skb_put(skb, len: ie_ssid_len); |
5818 | *pos++ = WLAN_EID_SSID; |
5819 | *pos++ = ssid_len; |
5820 | if (ssid_len) |
5821 | memcpy(pos, ssid, ssid_len); |
5822 | pos += ssid_len; |
5823 | |
5824 | return skb; |
5825 | } |
5826 | EXPORT_SYMBOL(ieee80211_probereq_get); |
5827 | |
5828 | void ieee80211_rts_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif, |
5829 | const void *frame, size_t frame_len, |
5830 | const struct ieee80211_tx_info *frame_txctl, |
5831 | struct ieee80211_rts *rts) |
5832 | { |
5833 | const struct ieee80211_hdr *hdr = frame; |
5834 | |
5835 | rts->frame_control = |
5836 | cpu_to_le16(IEEE80211_FTYPE_CTL | IEEE80211_STYPE_RTS); |
5837 | rts->duration = ieee80211_rts_duration(hw, vif, frame_len, |
5838 | frame_txctl); |
5839 | memcpy(rts->ra, hdr->addr1, sizeof(rts->ra)); |
5840 | memcpy(rts->ta, hdr->addr2, sizeof(rts->ta)); |
5841 | } |
5842 | EXPORT_SYMBOL(ieee80211_rts_get); |
5843 | |
5844 | void ieee80211_ctstoself_get(struct ieee80211_hw *hw, struct ieee80211_vif *vif, |
5845 | const void *frame, size_t frame_len, |
5846 | const struct ieee80211_tx_info *frame_txctl, |
5847 | struct ieee80211_cts *cts) |
5848 | { |
5849 | const struct ieee80211_hdr *hdr = frame; |
5850 | |
5851 | cts->frame_control = |
5852 | cpu_to_le16(IEEE80211_FTYPE_CTL | IEEE80211_STYPE_CTS); |
5853 | cts->duration = ieee80211_ctstoself_duration(hw, vif, |
5854 | frame_len, frame_txctl); |
5855 | memcpy(cts->ra, hdr->addr1, sizeof(cts->ra)); |
5856 | } |
5857 | EXPORT_SYMBOL(ieee80211_ctstoself_get); |
5858 | |
5859 | struct sk_buff * |
5860 | ieee80211_get_buffered_bc(struct ieee80211_hw *hw, |
5861 | struct ieee80211_vif *vif) |
5862 | { |
5863 | struct ieee80211_local *local = hw_to_local(hw); |
5864 | struct sk_buff *skb = NULL; |
5865 | struct ieee80211_tx_data tx; |
5866 | struct ieee80211_sub_if_data *sdata; |
5867 | struct ps_data *ps; |
5868 | struct ieee80211_tx_info *info; |
5869 | struct ieee80211_chanctx_conf *chanctx_conf; |
5870 | |
5871 | sdata = vif_to_sdata(p: vif); |
5872 | |
5873 | rcu_read_lock(); |
5874 | chanctx_conf = rcu_dereference(sdata->vif.bss_conf.chanctx_conf); |
5875 | |
5876 | if (!chanctx_conf) |
5877 | goto out; |
5878 | |
5879 | if (sdata->vif.type == NL80211_IFTYPE_AP) { |
5880 | struct beacon_data *beacon = |
5881 | rcu_dereference(sdata->deflink.u.ap.beacon); |
5882 | |
5883 | if (!beacon || !beacon->head) |
5884 | goto out; |
5885 | |
5886 | ps = &sdata->u.ap.ps; |
5887 | } else if (ieee80211_vif_is_mesh(vif: &sdata->vif)) { |
5888 | ps = &sdata->u.mesh.ps; |
5889 | } else { |
5890 | goto out; |
5891 | } |
5892 | |
5893 | if (ps->dtim_count != 0 || !ps->dtim_bc_mc) |
5894 | goto out; /* send buffered bc/mc only after DTIM beacon */ |
5895 | |
5896 | while (1) { |
5897 | skb = skb_dequeue(list: &ps->bc_buf); |
5898 | if (!skb) |
5899 | goto out; |
5900 | local->total_ps_buffered--; |
5901 | |
5902 | if (!skb_queue_empty(list: &ps->bc_buf) && skb->len >= 2) { |
5903 | struct ieee80211_hdr *hdr = |
5904 | (struct ieee80211_hdr *) skb->data; |
5905 | /* more buffered multicast/broadcast frames ==> set |
5906 | * MoreData flag in IEEE 802.11 header to inform PS |
5907 | * STAs */ |
5908 | hdr->frame_control |= |
5909 | cpu_to_le16(IEEE80211_FCTL_MOREDATA); |
5910 | } |
5911 | |
5912 | if (sdata->vif.type == NL80211_IFTYPE_AP) |
5913 | sdata = IEEE80211_DEV_TO_SUB_IF(dev: skb->dev); |
5914 | if (!ieee80211_tx_prepare(sdata, tx: &tx, NULL, skb)) |
5915 | break; |
5916 | ieee80211_free_txskb(hw, skb); |
5917 | } |
5918 | |
5919 | info = IEEE80211_SKB_CB(skb); |
5920 | |
5921 | tx.flags |= IEEE80211_TX_PS_BUFFERED; |
5922 | info->band = chanctx_conf->def.chan->band; |
5923 | |
5924 | if (invoke_tx_handlers(tx: &tx)) |
5925 | skb = NULL; |
5926 | out: |
5927 | rcu_read_unlock(); |
5928 | |
5929 | return skb; |
5930 | } |
5931 | EXPORT_SYMBOL(ieee80211_get_buffered_bc); |
5932 | |
5933 | int ieee80211_reserve_tid(struct ieee80211_sta *pubsta, u8 tid) |
5934 | { |
5935 | struct sta_info *sta = container_of(pubsta, struct sta_info, sta); |
5936 | struct ieee80211_sub_if_data *sdata = sta->sdata; |
5937 | struct ieee80211_local *local = sdata->local; |
5938 | int ret; |
5939 | u32 queues; |
5940 | |
5941 | lockdep_assert_wiphy(local->hw.wiphy); |
5942 | |
5943 | /* only some cases are supported right now */ |
5944 | switch (sdata->vif.type) { |
5945 | case NL80211_IFTYPE_STATION: |
5946 | case NL80211_IFTYPE_AP: |
5947 | case NL80211_IFTYPE_AP_VLAN: |
5948 | break; |
5949 | default: |
5950 | WARN_ON(1); |
5951 | return -EINVAL; |
5952 | } |
5953 | |
5954 | if (WARN_ON(tid >= IEEE80211_NUM_UPS)) |
5955 | return -EINVAL; |
5956 | |
5957 | if (sta->reserved_tid == tid) { |
5958 | ret = 0; |
5959 | goto out; |
5960 | } |
5961 | |
5962 | if (sta->reserved_tid != IEEE80211_TID_UNRESERVED) { |
5963 | sdata_err(sdata, "TID reservation already active\n" ); |
5964 | ret = -EALREADY; |
5965 | goto out; |
5966 | } |
5967 | |
5968 | ieee80211_stop_vif_queues(local: sdata->local, sdata, |
5969 | reason: IEEE80211_QUEUE_STOP_REASON_RESERVE_TID); |
5970 | |
5971 | synchronize_net(); |
5972 | |
5973 | /* Tear down BA sessions so we stop aggregating on this TID */ |
5974 | if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) { |
5975 | set_sta_flag(sta, flag: WLAN_STA_BLOCK_BA); |
5976 | __ieee80211_stop_tx_ba_session(sta, tid, |
5977 | reason: AGG_STOP_LOCAL_REQUEST); |
5978 | } |
5979 | |
5980 | queues = BIT(sdata->vif.hw_queue[ieee802_1d_to_ac[tid]]); |
5981 | __ieee80211_flush_queues(local, sdata, queues, drop: false); |
5982 | |
5983 | sta->reserved_tid = tid; |
5984 | |
5985 | ieee80211_wake_vif_queues(local, sdata, |
5986 | reason: IEEE80211_QUEUE_STOP_REASON_RESERVE_TID); |
5987 | |
5988 | if (ieee80211_hw_check(&local->hw, AMPDU_AGGREGATION)) |
5989 | clear_sta_flag(sta, flag: WLAN_STA_BLOCK_BA); |
5990 | |
5991 | ret = 0; |
5992 | out: |
5993 | return ret; |
5994 | } |
5995 | EXPORT_SYMBOL(ieee80211_reserve_tid); |
5996 | |
5997 | void ieee80211_unreserve_tid(struct ieee80211_sta *pubsta, u8 tid) |
5998 | { |
5999 | struct sta_info *sta = container_of(pubsta, struct sta_info, sta); |
6000 | struct ieee80211_sub_if_data *sdata = sta->sdata; |
6001 | |
6002 | lockdep_assert_wiphy(sdata->local->hw.wiphy); |
6003 | |
6004 | /* only some cases are supported right now */ |
6005 | switch (sdata->vif.type) { |
6006 | case NL80211_IFTYPE_STATION: |
6007 | case NL80211_IFTYPE_AP: |
6008 | case NL80211_IFTYPE_AP_VLAN: |
6009 | break; |
6010 | default: |
6011 | WARN_ON(1); |
6012 | return; |
6013 | } |
6014 | |
6015 | if (tid != sta->reserved_tid) { |
6016 | sdata_err(sdata, "TID to unreserve (%d) isn't reserved\n" , tid); |
6017 | return; |
6018 | } |
6019 | |
6020 | sta->reserved_tid = IEEE80211_TID_UNRESERVED; |
6021 | } |
6022 | EXPORT_SYMBOL(ieee80211_unreserve_tid); |
6023 | |
6024 | void __ieee80211_tx_skb_tid_band(struct ieee80211_sub_if_data *sdata, |
6025 | struct sk_buff *skb, int tid, int link_id, |
6026 | enum nl80211_band band) |
6027 | { |
6028 | const struct ieee80211_hdr *hdr = (void *)skb->data; |
6029 | int ac = ieee80211_ac_from_tid(tid); |
6030 | unsigned int link; |
6031 | |
6032 | skb_reset_mac_header(skb); |
6033 | skb_set_queue_mapping(skb, queue_mapping: ac); |
6034 | skb->priority = tid; |
6035 | |
6036 | skb->dev = sdata->dev; |
6037 | |
6038 | BUILD_BUG_ON(IEEE80211_LINK_UNSPECIFIED < IEEE80211_MLD_MAX_NUM_LINKS); |
6039 | BUILD_BUG_ON(!FIELD_FIT(IEEE80211_TX_CTRL_MLO_LINK, |
6040 | IEEE80211_LINK_UNSPECIFIED)); |
6041 | |
6042 | if (!ieee80211_vif_is_mld(vif: &sdata->vif)) { |
6043 | link = 0; |
6044 | } else if (link_id >= 0) { |
6045 | link = link_id; |
6046 | } else if (memcmp(p: sdata->vif.addr, q: hdr->addr2, ETH_ALEN) == 0) { |
6047 | /* address from the MLD */ |
6048 | link = IEEE80211_LINK_UNSPECIFIED; |
6049 | } else { |
6050 | /* otherwise must be addressed from a link */ |
6051 | rcu_read_lock(); |
6052 | for (link = 0; link < ARRAY_SIZE(sdata->vif.link_conf); link++) { |
6053 | struct ieee80211_bss_conf *link_conf; |
6054 | |
6055 | link_conf = rcu_dereference(sdata->vif.link_conf[link]); |
6056 | if (!link_conf) |
6057 | continue; |
6058 | if (memcmp(p: link_conf->addr, q: hdr->addr2, ETH_ALEN) == 0) |
6059 | break; |
6060 | } |
6061 | rcu_read_unlock(); |
6062 | |
6063 | if (WARN_ON_ONCE(link == ARRAY_SIZE(sdata->vif.link_conf))) |
6064 | link = ffs(sdata->vif.active_links) - 1; |
6065 | } |
6066 | |
6067 | IEEE80211_SKB_CB(skb)->control.flags |= |
6068 | u32_encode_bits(v: link, field: IEEE80211_TX_CTRL_MLO_LINK); |
6069 | |
6070 | /* |
6071 | * The other path calling ieee80211_xmit is from the tasklet, |
6072 | * and while we can handle concurrent transmissions locking |
6073 | * requirements are that we do not come into tx with bhs on. |
6074 | */ |
6075 | local_bh_disable(); |
6076 | IEEE80211_SKB_CB(skb)->band = band; |
6077 | ieee80211_xmit(sdata, NULL, skb); |
6078 | local_bh_enable(); |
6079 | } |
6080 | |
6081 | void ieee80211_tx_skb_tid(struct ieee80211_sub_if_data *sdata, |
6082 | struct sk_buff *skb, int tid, int link_id) |
6083 | { |
6084 | struct ieee80211_chanctx_conf *chanctx_conf; |
6085 | enum nl80211_band band; |
6086 | |
6087 | rcu_read_lock(); |
6088 | if (!ieee80211_vif_is_mld(vif: &sdata->vif)) { |
6089 | WARN_ON(link_id >= 0); |
6090 | chanctx_conf = |
6091 | rcu_dereference(sdata->vif.bss_conf.chanctx_conf); |
6092 | if (WARN_ON(!chanctx_conf)) { |
6093 | rcu_read_unlock(); |
6094 | kfree_skb(skb); |
6095 | return; |
6096 | } |
6097 | band = chanctx_conf->def.chan->band; |
6098 | } else { |
6099 | WARN_ON(link_id >= 0 && |
6100 | !(sdata->vif.active_links & BIT(link_id))); |
6101 | /* MLD transmissions must not rely on the band */ |
6102 | band = 0; |
6103 | } |
6104 | |
6105 | __ieee80211_tx_skb_tid_band(sdata, skb, tid, link_id, band); |
6106 | rcu_read_unlock(); |
6107 | } |
6108 | |
6109 | int ieee80211_tx_control_port(struct wiphy *wiphy, struct net_device *dev, |
6110 | const u8 *buf, size_t len, |
6111 | const u8 *dest, __be16 proto, bool unencrypted, |
6112 | int link_id, u64 *cookie) |
6113 | { |
6114 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
6115 | struct ieee80211_local *local = sdata->local; |
6116 | struct sta_info *sta; |
6117 | struct sk_buff *skb; |
6118 | struct ethhdr *ehdr; |
6119 | u32 ctrl_flags = 0; |
6120 | u32 flags = 0; |
6121 | int err; |
6122 | |
6123 | /* mutex lock is only needed for incrementing the cookie counter */ |
6124 | lockdep_assert_wiphy(local->hw.wiphy); |
6125 | |
6126 | /* Only accept CONTROL_PORT_PROTOCOL configured in CONNECT/ASSOCIATE |
6127 | * or Pre-Authentication |
6128 | */ |
6129 | if (proto != sdata->control_port_protocol && |
6130 | proto != cpu_to_be16(ETH_P_PREAUTH)) |
6131 | return -EINVAL; |
6132 | |
6133 | if (proto == sdata->control_port_protocol) |
6134 | ctrl_flags |= IEEE80211_TX_CTRL_PORT_CTRL_PROTO | |
6135 | IEEE80211_TX_CTRL_SKIP_MPATH_LOOKUP; |
6136 | |
6137 | if (unencrypted) |
6138 | flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; |
6139 | |
6140 | if (cookie) |
6141 | ctrl_flags |= IEEE80211_TX_CTL_REQ_TX_STATUS; |
6142 | |
6143 | flags |= IEEE80211_TX_INTFL_NL80211_FRAME_TX; |
6144 | |
6145 | skb = dev_alloc_skb(length: local->hw.extra_tx_headroom + |
6146 | sizeof(struct ethhdr) + len); |
6147 | if (!skb) |
6148 | return -ENOMEM; |
6149 | |
6150 | skb_reserve(skb, len: local->hw.extra_tx_headroom + sizeof(struct ethhdr)); |
6151 | |
6152 | skb_put_data(skb, data: buf, len); |
6153 | |
6154 | ehdr = skb_push(skb, len: sizeof(struct ethhdr)); |
6155 | memcpy(ehdr->h_dest, dest, ETH_ALEN); |
6156 | |
6157 | /* we may override the SA for MLO STA later */ |
6158 | if (link_id < 0) { |
6159 | ctrl_flags |= u32_encode_bits(IEEE80211_LINK_UNSPECIFIED, |
6160 | field: IEEE80211_TX_CTRL_MLO_LINK); |
6161 | memcpy(ehdr->h_source, sdata->vif.addr, ETH_ALEN); |
6162 | } else { |
6163 | struct ieee80211_bss_conf *link_conf; |
6164 | |
6165 | ctrl_flags |= u32_encode_bits(v: link_id, |
6166 | field: IEEE80211_TX_CTRL_MLO_LINK); |
6167 | |
6168 | rcu_read_lock(); |
6169 | link_conf = rcu_dereference(sdata->vif.link_conf[link_id]); |
6170 | if (!link_conf) { |
6171 | dev_kfree_skb(skb); |
6172 | rcu_read_unlock(); |
6173 | return -ENOLINK; |
6174 | } |
6175 | memcpy(ehdr->h_source, link_conf->addr, ETH_ALEN); |
6176 | rcu_read_unlock(); |
6177 | } |
6178 | |
6179 | ehdr->h_proto = proto; |
6180 | |
6181 | skb->dev = dev; |
6182 | skb->protocol = proto; |
6183 | skb_reset_network_header(skb); |
6184 | skb_reset_mac_header(skb); |
6185 | |
6186 | if (local->hw.queues < IEEE80211_NUM_ACS) |
6187 | goto start_xmit; |
6188 | |
6189 | /* update QoS header to prioritize control port frames if possible, |
6190 | * priorization also happens for control port frames send over |
6191 | * AF_PACKET |
6192 | */ |
6193 | rcu_read_lock(); |
6194 | err = ieee80211_lookup_ra_sta(sdata, skb, sta_out: &sta); |
6195 | if (err) { |
6196 | dev_kfree_skb(skb); |
6197 | rcu_read_unlock(); |
6198 | return err; |
6199 | } |
6200 | |
6201 | if (!IS_ERR(ptr: sta)) { |
6202 | u16 queue = ieee80211_select_queue(sdata, sta, skb); |
6203 | |
6204 | skb_set_queue_mapping(skb, queue_mapping: queue); |
6205 | |
6206 | /* |
6207 | * for MLO STA, the SA should be the AP MLD address, but |
6208 | * the link ID has been selected already |
6209 | */ |
6210 | if (sta && sta->sta.mlo) |
6211 | memcpy(ehdr->h_source, sdata->vif.addr, ETH_ALEN); |
6212 | } |
6213 | rcu_read_unlock(); |
6214 | |
6215 | start_xmit: |
6216 | local_bh_disable(); |
6217 | __ieee80211_subif_start_xmit(skb, dev: skb->dev, info_flags: flags, ctrl_flags, cookie); |
6218 | local_bh_enable(); |
6219 | |
6220 | return 0; |
6221 | } |
6222 | |
6223 | int ieee80211_probe_mesh_link(struct wiphy *wiphy, struct net_device *dev, |
6224 | const u8 *buf, size_t len) |
6225 | { |
6226 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
6227 | struct ieee80211_local *local = sdata->local; |
6228 | struct sk_buff *skb; |
6229 | |
6230 | skb = dev_alloc_skb(length: local->hw.extra_tx_headroom + len + |
6231 | 30 + /* header size */ |
6232 | 18); /* 11s header size */ |
6233 | if (!skb) |
6234 | return -ENOMEM; |
6235 | |
6236 | skb_reserve(skb, len: local->hw.extra_tx_headroom); |
6237 | skb_put_data(skb, data: buf, len); |
6238 | |
6239 | skb->dev = dev; |
6240 | skb->protocol = htons(ETH_P_802_3); |
6241 | skb_reset_network_header(skb); |
6242 | skb_reset_mac_header(skb); |
6243 | |
6244 | local_bh_disable(); |
6245 | __ieee80211_subif_start_xmit(skb, dev: skb->dev, info_flags: 0, |
6246 | ctrl_flags: IEEE80211_TX_CTRL_SKIP_MPATH_LOOKUP, |
6247 | NULL); |
6248 | local_bh_enable(); |
6249 | |
6250 | return 0; |
6251 | } |
6252 | |