1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2002-2009 Sam Leffler, Errno Consulting 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 #include <sys/cdefs.h> 29 #include "opt_wlan.h" 30 31 #ifdef IEEE80211_SUPPORT_SUPERG 32 33 #include <sys/param.h> 34 #include <sys/systm.h> 35 #include <sys/mbuf.h> 36 #include <sys/kernel.h> 37 #include <sys/endian.h> 38 39 #include <sys/socket.h> 40 41 #include <net/if.h> 42 #include <net/if_var.h> 43 #include <net/if_llc.h> 44 #include <net/if_media.h> 45 #include <net/bpf.h> 46 #include <net/ethernet.h> 47 48 #include <net80211/ieee80211_var.h> 49 #include <net80211/ieee80211_input.h> 50 #include <net80211/ieee80211_phy.h> 51 #include <net80211/ieee80211_superg.h> 52 53 /* 54 * Atheros fast-frame encapsulation format. 55 * FF max payload: 56 * 802.2 + FFHDR + HPAD + 802.3 + 802.2 + 1500 + SPAD + 802.3 + 802.2 + 1500: 57 * 8 + 4 + 4 + 14 + 8 + 1500 + 6 + 14 + 8 + 1500 58 * = 3066 59 */ 60 /* fast frame header is 32-bits */ 61 #define ATH_FF_PROTO 0x0000003f /* protocol */ 62 #define ATH_FF_PROTO_S 0 63 #define ATH_FF_FTYPE 0x000000c0 /* frame type */ 64 #define ATH_FF_FTYPE_S 6 65 #define ATH_FF_HLEN32 0x00000300 /* optional hdr length */ 66 #define ATH_FF_HLEN32_S 8 67 #define ATH_FF_SEQNUM 0x001ffc00 /* sequence number */ 68 #define ATH_FF_SEQNUM_S 10 69 #define ATH_FF_OFFSET 0xffe00000 /* offset to 2nd payload */ 70 #define ATH_FF_OFFSET_S 21 71 72 #define ATH_FF_MAX_HDR_PAD 4 73 #define ATH_FF_MAX_SEP_PAD 6 74 #define ATH_FF_MAX_HDR 30 75 76 #define ATH_FF_PROTO_L2TUNNEL 0 /* L2 tunnel protocol */ 77 #define ATH_FF_ETH_TYPE 0x88bd /* Ether type for encapsulated frames */ 78 #define ATH_FF_SNAP_ORGCODE_0 0x00 79 #define ATH_FF_SNAP_ORGCODE_1 0x03 80 #define ATH_FF_SNAP_ORGCODE_2 0x7f 81 82 #define ATH_FF_TXQMIN 2 /* min txq depth for staging */ 83 #define ATH_FF_TXQMAX 50 /* maximum # of queued frames allowed */ 84 #define ATH_FF_STAGEMAX 5 /* max waiting period for staged frame*/ 85 86 #define ETHER_HEADER_COPY(dst, src) \ 87 memcpy(dst, src, sizeof(struct ether_header)) 88 89 static int ieee80211_ffppsmin = 2; /* pps threshold for ff aggregation */ 90 SYSCTL_INT(_net_wlan, OID_AUTO, ffppsmin, CTLFLAG_RW, 91 &ieee80211_ffppsmin, 0, "min packet rate before fast-frame staging"); 92 static int ieee80211_ffagemax = -1; /* max time frames held on stage q */ 93 SYSCTL_PROC(_net_wlan, OID_AUTO, ffagemax, 94 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, 95 &ieee80211_ffagemax, 0, ieee80211_sysctl_msecs_ticks, "I", 96 "max hold time for fast-frame staging (ms)"); 97 98 static void 99 ff_age_all(void *arg, int npending) 100 { 101 struct ieee80211com *ic = arg; 102 103 /* XXX cache timer value somewhere (racy) */ 104 ieee80211_ff_age_all(ic, ieee80211_ffagemax + 1); 105 } 106 107 void 108 ieee80211_superg_attach(struct ieee80211com *ic) 109 { 110 struct ieee80211_superg *sg; 111 112 IEEE80211_FF_LOCK_INIT(ic, ic->ic_name); 113 114 sg = (struct ieee80211_superg *) IEEE80211_MALLOC( 115 sizeof(struct ieee80211_superg), M_80211_VAP, 116 IEEE80211_M_NOWAIT | IEEE80211_M_ZERO); 117 if (sg == NULL) { 118 net80211_ic_printf(ic, 119 "%s: cannot allocate SuperG state block\n", __func__); 120 return; 121 } 122 TIMEOUT_TASK_INIT(ic->ic_tq, &sg->ff_qtimer, 0, ff_age_all, ic); 123 ic->ic_superg = sg; 124 125 /* 126 * Default to not being so aggressive for FF/AMSDU 127 * aging, otherwise we may hold a frame around 128 * for way too long before we expire it out. 129 */ 130 ieee80211_ffagemax = msecs_to_ticks(2); 131 } 132 133 void 134 ieee80211_superg_detach(struct ieee80211com *ic) 135 { 136 137 if (ic->ic_superg != NULL) { 138 struct timeout_task *qtask = &ic->ic_superg->ff_qtimer; 139 140 while (taskqueue_cancel_timeout(ic->ic_tq, qtask, NULL) != 0) 141 taskqueue_drain_timeout(ic->ic_tq, qtask); 142 IEEE80211_FREE(ic->ic_superg, M_80211_VAP); 143 ic->ic_superg = NULL; 144 } 145 IEEE80211_FF_LOCK_DESTROY(ic); 146 } 147 148 void 149 ieee80211_superg_vattach(struct ieee80211vap *vap) 150 { 151 struct ieee80211com *ic = vap->iv_ic; 152 153 if (ic->ic_superg == NULL) /* NB: can't do fast-frames w/o state */ 154 vap->iv_caps &= ~IEEE80211_C_FF; 155 if (vap->iv_caps & IEEE80211_C_FF) 156 vap->iv_flags |= IEEE80211_F_FF; 157 /* NB: we only implement sta mode */ 158 if (vap->iv_opmode == IEEE80211_M_STA && 159 (vap->iv_caps & IEEE80211_C_TURBOP)) 160 vap->iv_flags |= IEEE80211_F_TURBOP; 161 } 162 163 void 164 ieee80211_superg_vdetach(struct ieee80211vap *vap) 165 { 166 } 167 168 #define ATH_OUI_BYTES 0x00, 0x03, 0x7f 169 /* 170 * Add a WME information element to a frame. 171 */ 172 uint8_t * 173 ieee80211_add_ath(uint8_t *frm, uint8_t caps, ieee80211_keyix defkeyix) 174 { 175 static const struct ieee80211_ath_ie info = { 176 .ath_id = IEEE80211_ELEMID_VENDOR, 177 .ath_len = sizeof(struct ieee80211_ath_ie) - 2, 178 .ath_oui = { ATH_OUI_BYTES }, 179 .ath_oui_type = ATH_OUI_TYPE, 180 .ath_oui_subtype= ATH_OUI_SUBTYPE, 181 .ath_version = ATH_OUI_VERSION, 182 }; 183 struct ieee80211_ath_ie *ath = (struct ieee80211_ath_ie *) frm; 184 185 memcpy(frm, &info, sizeof(info)); 186 ath->ath_capability = caps; 187 if (defkeyix != IEEE80211_KEYIX_NONE) { 188 ath->ath_defkeyix[0] = (defkeyix & 0xff); 189 ath->ath_defkeyix[1] = ((defkeyix >> 8) & 0xff); 190 } else { 191 ath->ath_defkeyix[0] = 0xff; 192 ath->ath_defkeyix[1] = 0x7f; 193 } 194 return frm + sizeof(info); 195 } 196 #undef ATH_OUI_BYTES 197 198 uint8_t * 199 ieee80211_add_athcaps(uint8_t *frm, const struct ieee80211_node *bss) 200 { 201 const struct ieee80211vap *vap = bss->ni_vap; 202 203 return ieee80211_add_ath(frm, 204 vap->iv_flags & IEEE80211_F_ATHEROS, 205 ((vap->iv_flags & IEEE80211_F_WPA) == 0 && 206 bss->ni_authmode != IEEE80211_AUTH_8021X) ? 207 vap->iv_def_txkey : IEEE80211_KEYIX_NONE); 208 } 209 210 void 211 ieee80211_parse_ath(struct ieee80211_node *ni, uint8_t *ie) 212 { 213 const struct ieee80211_ath_ie *ath = 214 (const struct ieee80211_ath_ie *) ie; 215 216 ni->ni_ath_flags = ath->ath_capability; 217 ni->ni_ath_defkeyix = le16dec(&ath->ath_defkeyix); 218 } 219 220 int 221 ieee80211_parse_athparams(struct ieee80211_node *ni, uint8_t *frm, 222 const struct ieee80211_frame *wh) 223 { 224 struct ieee80211vap *vap = ni->ni_vap; 225 const struct ieee80211_ath_ie *ath; 226 u_int len = frm[1]; 227 int capschanged; 228 uint16_t defkeyix; 229 230 if (len < sizeof(struct ieee80211_ath_ie)-2) { 231 IEEE80211_DISCARD_IE(vap, 232 IEEE80211_MSG_ELEMID | IEEE80211_MSG_SUPERG, 233 wh, "Atheros", "too short, len %u", len); 234 return -1; 235 } 236 ath = (const struct ieee80211_ath_ie *)frm; 237 capschanged = (ni->ni_ath_flags != ath->ath_capability); 238 defkeyix = le16dec(ath->ath_defkeyix); 239 if (capschanged || defkeyix != ni->ni_ath_defkeyix) { 240 ni->ni_ath_flags = ath->ath_capability; 241 ni->ni_ath_defkeyix = defkeyix; 242 IEEE80211_NOTE(vap, IEEE80211_MSG_SUPERG, ni, 243 "ath ie change: new caps 0x%x defkeyix 0x%x", 244 ni->ni_ath_flags, ni->ni_ath_defkeyix); 245 } 246 if (IEEE80211_ATH_CAP(vap, ni, ATHEROS_CAP_TURBO_PRIME)) { 247 uint16_t curflags, newflags; 248 249 /* 250 * Check for turbo mode switch. Calculate flags 251 * for the new mode and effect the switch. 252 */ 253 newflags = curflags = vap->iv_ic->ic_bsschan->ic_flags; 254 /* NB: BOOST is not in ic_flags, so get it from the ie */ 255 if (ath->ath_capability & ATHEROS_CAP_BOOST) 256 newflags |= IEEE80211_CHAN_TURBO; 257 else 258 newflags &= ~IEEE80211_CHAN_TURBO; 259 if (newflags != curflags) 260 ieee80211_dturbo_switch(vap, newflags); 261 } 262 return capschanged; 263 } 264 265 /* 266 * Decap the encapsulated frame pair and dispatch the first 267 * for delivery. The second frame is returned for delivery 268 * via the normal path. 269 */ 270 struct mbuf * 271 ieee80211_ff_decap(struct ieee80211_node *ni, struct mbuf *m) 272 { 273 #define FF_LLC_SIZE (sizeof(struct ether_header) + sizeof(struct llc)) 274 struct ieee80211vap *vap = ni->ni_vap; 275 struct llc *llc; 276 uint32_t ath; 277 struct mbuf *n; 278 int framelen; 279 280 /* NB: we assume caller does this check for us */ 281 KASSERT(IEEE80211_ATH_CAP(vap, ni, IEEE80211_NODE_FF), 282 ("ff not negotiated")); 283 /* 284 * Check for fast-frame tunnel encapsulation. 285 */ 286 if (m->m_pkthdr.len < 3*FF_LLC_SIZE) 287 return m; 288 if (m->m_len < FF_LLC_SIZE && 289 (m = m_pullup(m, FF_LLC_SIZE)) == NULL) { 290 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY, 291 ni->ni_macaddr, "fast-frame", 292 "%s", "m_pullup(llc) failed"); 293 vap->iv_stats.is_rx_tooshort++; 294 return NULL; 295 } 296 llc = (struct llc *)(mtod(m, uint8_t *) + 297 sizeof(struct ether_header)); 298 if (llc->llc_snap.ether_type != htons(ATH_FF_ETH_TYPE)) 299 return m; 300 m_adj(m, FF_LLC_SIZE); 301 m_copydata(m, 0, sizeof(uint32_t), (caddr_t) &ath); 302 if (_IEEE80211_MASKSHIFT(ath, ATH_FF_PROTO) != ATH_FF_PROTO_L2TUNNEL) { 303 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY, 304 ni->ni_macaddr, "fast-frame", 305 "unsupport tunnel protocol, header 0x%x", ath); 306 vap->iv_stats.is_ff_badhdr++; 307 m_freem(m); 308 return NULL; 309 } 310 /* NB: skip header and alignment padding */ 311 m_adj(m, roundup(sizeof(uint32_t) - 2, 4) + 2); 312 313 vap->iv_stats.is_ff_decap++; 314 315 /* 316 * Decap the first frame, bust it apart from the 317 * second and deliver; then decap the second frame 318 * and return it to the caller for normal delivery. 319 */ 320 m = ieee80211_decap1(m, &framelen); 321 if (m == NULL) { 322 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY, 323 ni->ni_macaddr, "fast-frame", "%s", "first decap failed"); 324 vap->iv_stats.is_ff_tooshort++; 325 return NULL; 326 } 327 n = m_split(m, framelen, IEEE80211_M_NOWAIT); 328 if (n == NULL) { 329 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY, 330 ni->ni_macaddr, "fast-frame", 331 "%s", "unable to split encapsulated frames"); 332 vap->iv_stats.is_ff_split++; 333 m_freem(m); /* NB: must reclaim */ 334 return NULL; 335 } 336 /* XXX not right for WDS */ 337 vap->iv_deliver_data(vap, ni, m); /* 1st of pair */ 338 339 /* 340 * Decap second frame. 341 */ 342 m_adj(n, roundup2(framelen, 4) - framelen); /* padding */ 343 n = ieee80211_decap1(n, &framelen); 344 if (n == NULL) { 345 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_ANY, 346 ni->ni_macaddr, "fast-frame", "%s", "second decap failed"); 347 vap->iv_stats.is_ff_tooshort++; 348 } 349 /* XXX verify framelen against mbuf contents */ 350 return n; /* 2nd delivered by caller */ 351 #undef FF_LLC_SIZE 352 } 353 354 /* 355 * Fast frame encapsulation. There must be two packets 356 * chained with m_nextpkt. We do header adjustment for 357 * each, add the tunnel encapsulation, and then concatenate 358 * the mbuf chains to form a single frame for transmission. 359 */ 360 struct mbuf * 361 ieee80211_ff_encap(struct ieee80211vap *vap, struct mbuf *m1, int hdrspace, 362 struct ieee80211_key *key) 363 { 364 struct mbuf *m2; 365 struct ether_header eh1, eh2; 366 struct llc *llc; 367 struct mbuf *m; 368 int pad; 369 370 m2 = m1->m_nextpkt; 371 if (m2 == NULL) { 372 IEEE80211_DPRINTF(vap, IEEE80211_MSG_SUPERG, 373 "%s: only one frame\n", __func__); 374 goto bad; 375 } 376 m1->m_nextpkt = NULL; 377 378 /* 379 * Adjust to include 802.11 header requirement. 380 */ 381 KASSERT(m1->m_len >= sizeof(eh1), ("no ethernet header!")); 382 ETHER_HEADER_COPY(&eh1, mtod(m1, caddr_t)); 383 m1 = ieee80211_mbuf_adjust(vap, hdrspace, key, m1); 384 if (m1 == NULL) { 385 net80211_vap_printf(vap, "%s: failed initial mbuf_adjust\n", 386 __func__); 387 /* NB: ieee80211_mbuf_adjust handles msgs+statistics */ 388 m_freem(m2); 389 goto bad; 390 } 391 392 /* 393 * Copy second frame's Ethernet header out of line 394 * and adjust for possible padding in case there isn't room 395 * at the end of first frame. 396 */ 397 KASSERT(m2->m_len >= sizeof(eh2), ("no ethernet header!")); 398 ETHER_HEADER_COPY(&eh2, mtod(m2, caddr_t)); 399 m2 = ieee80211_mbuf_adjust(vap, 4, NULL, m2); 400 if (m2 == NULL) { 401 /* NB: ieee80211_mbuf_adjust handles msgs+statistics */ 402 net80211_vap_printf(vap, "%s: failed second \n", __func__); 403 goto bad; 404 } 405 406 /* 407 * Now do tunnel encapsulation. First, each 408 * frame gets a standard encapsulation. 409 */ 410 m1 = ieee80211_ff_encap1(vap, m1, &eh1); 411 if (m1 == NULL) 412 goto bad; 413 m2 = ieee80211_ff_encap1(vap, m2, &eh2); 414 if (m2 == NULL) 415 goto bad; 416 417 /* 418 * Pad leading frame to a 4-byte boundary. If there 419 * is space at the end of the first frame, put it 420 * there; otherwise prepend to the front of the second 421 * frame. We know doing the second will always work 422 * because we reserve space above. We prefer appending 423 * as this typically has better DMA alignment properties. 424 */ 425 for (m = m1; m->m_next != NULL; m = m->m_next) 426 ; 427 pad = roundup2(m1->m_pkthdr.len, 4) - m1->m_pkthdr.len; 428 if (pad) { 429 if (M_TRAILINGSPACE(m) < pad) { /* prepend to second */ 430 m2->m_data -= pad; 431 m2->m_len += pad; 432 m2->m_pkthdr.len += pad; 433 } else { /* append to first */ 434 m->m_len += pad; 435 m1->m_pkthdr.len += pad; 436 } 437 } 438 439 /* 440 * A-MSDU's are just appended; the "I'm A-MSDU!" bit is in the 441 * QoS header. 442 * 443 * XXX optimize by prepending together 444 */ 445 m->m_next = m2; /* NB: last mbuf from above */ 446 m1->m_pkthdr.len += m2->m_pkthdr.len; 447 M_PREPEND(m1, sizeof(uint32_t)+2, IEEE80211_M_NOWAIT); 448 if (m1 == NULL) { /* XXX cannot happen */ 449 IEEE80211_DPRINTF(vap, IEEE80211_MSG_SUPERG, 450 "%s: no space for tunnel header\n", __func__); 451 vap->iv_stats.is_tx_nobuf++; 452 return NULL; 453 } 454 memset(mtod(m1, void *), 0, sizeof(uint32_t)+2); 455 456 M_PREPEND(m1, sizeof(struct llc), IEEE80211_M_NOWAIT); 457 if (m1 == NULL) { /* XXX cannot happen */ 458 IEEE80211_DPRINTF(vap, IEEE80211_MSG_SUPERG, 459 "%s: no space for llc header\n", __func__); 460 vap->iv_stats.is_tx_nobuf++; 461 return NULL; 462 } 463 llc = mtod(m1, struct llc *); 464 llc->llc_dsap = llc->llc_ssap = LLC_SNAP_LSAP; 465 llc->llc_control = LLC_UI; 466 llc->llc_snap.org_code[0] = ATH_FF_SNAP_ORGCODE_0; 467 llc->llc_snap.org_code[1] = ATH_FF_SNAP_ORGCODE_1; 468 llc->llc_snap.org_code[2] = ATH_FF_SNAP_ORGCODE_2; 469 llc->llc_snap.ether_type = htons(ATH_FF_ETH_TYPE); 470 471 vap->iv_stats.is_ff_encap++; 472 473 return m1; 474 bad: 475 vap->iv_stats.is_ff_encapfail++; 476 if (m1 != NULL) 477 m_freem(m1); 478 if (m2 != NULL) 479 m_freem(m2); 480 return NULL; 481 } 482 483 /* 484 * A-MSDU encapsulation. 485 * 486 * This assumes just two frames for now, since we're borrowing the 487 * same queuing code and infrastructure as fast-frames. 488 * 489 * There must be two packets chained with m_nextpkt. 490 * We do header adjustment for each, and then concatenate the mbuf chains 491 * to form a single frame for transmission. 492 */ 493 struct mbuf * 494 ieee80211_amsdu_encap(struct ieee80211vap *vap, struct mbuf *m1, int hdrspace, 495 struct ieee80211_key *key) 496 { 497 struct mbuf *m2; 498 struct ether_header eh1, eh2; 499 struct mbuf *m; 500 int pad; 501 502 m2 = m1->m_nextpkt; 503 if (m2 == NULL) { 504 IEEE80211_DPRINTF(vap, IEEE80211_MSG_SUPERG, 505 "%s: only one frame\n", __func__); 506 goto bad; 507 } 508 m1->m_nextpkt = NULL; 509 510 /* 511 * Include A-MSDU header in adjusting header layout. 512 */ 513 KASSERT(m1->m_len >= sizeof(eh1), ("no ethernet header!")); 514 ETHER_HEADER_COPY(&eh1, mtod(m1, caddr_t)); 515 m1 = ieee80211_mbuf_adjust(vap, 516 hdrspace + sizeof(struct llc) + sizeof(uint32_t) + 517 sizeof(struct ether_header), 518 key, m1); 519 if (m1 == NULL) { 520 /* NB: ieee80211_mbuf_adjust handles msgs+statistics */ 521 m_freem(m2); 522 goto bad; 523 } 524 525 /* 526 * Copy second frame's Ethernet header out of line 527 * and adjust for encapsulation headers. Note that 528 * we make room for padding in case there isn't room 529 * at the end of first frame. 530 */ 531 KASSERT(m2->m_len >= sizeof(eh2), ("no ethernet header!")); 532 ETHER_HEADER_COPY(&eh2, mtod(m2, caddr_t)); 533 m2 = ieee80211_mbuf_adjust(vap, 4, NULL, m2); 534 if (m2 == NULL) { 535 /* NB: ieee80211_mbuf_adjust handles msgs+statistics */ 536 goto bad; 537 } 538 539 /* 540 * Now do tunnel encapsulation. First, each 541 * frame gets a standard encapsulation. 542 */ 543 m1 = ieee80211_ff_encap1(vap, m1, &eh1); 544 if (m1 == NULL) 545 goto bad; 546 m2 = ieee80211_ff_encap1(vap, m2, &eh2); 547 if (m2 == NULL) 548 goto bad; 549 550 /* 551 * Pad leading frame to a 4-byte boundary. If there 552 * is space at the end of the first frame, put it 553 * there; otherwise prepend to the front of the second 554 * frame. We know doing the second will always work 555 * because we reserve space above. We prefer appending 556 * as this typically has better DMA alignment properties. 557 */ 558 for (m = m1; m->m_next != NULL; m = m->m_next) 559 ; 560 pad = roundup2(m1->m_pkthdr.len, 4) - m1->m_pkthdr.len; 561 if (pad) { 562 if (M_TRAILINGSPACE(m) < pad) { /* prepend to second */ 563 m2->m_data -= pad; 564 m2->m_len += pad; 565 m2->m_pkthdr.len += pad; 566 } else { /* append to first */ 567 m->m_len += pad; 568 m1->m_pkthdr.len += pad; 569 } 570 } 571 572 /* 573 * Now, stick 'em together. 574 */ 575 m->m_next = m2; /* NB: last mbuf from above */ 576 m1->m_pkthdr.len += m2->m_pkthdr.len; 577 578 vap->iv_stats.is_amsdu_encap++; 579 580 return m1; 581 bad: 582 vap->iv_stats.is_amsdu_encapfail++; 583 if (m1 != NULL) 584 m_freem(m1); 585 if (m2 != NULL) 586 m_freem(m2); 587 return NULL; 588 } 589 590 static void 591 ff_transmit(struct ieee80211_node *ni, struct mbuf *m) 592 { 593 struct ieee80211vap *vap = ni->ni_vap; 594 struct ieee80211com *ic = ni->ni_ic; 595 596 IEEE80211_TX_LOCK_ASSERT(ic); 597 598 /* encap and xmit */ 599 m = ieee80211_encap(vap, ni, m); 600 if (m != NULL) 601 (void) ieee80211_parent_xmitpkt(ic, m); 602 else 603 ieee80211_free_node(ni); 604 } 605 606 /* 607 * Flush frames to device; note we re-use the linked list 608 * the frames were stored on and use the sentinel (unchanged) 609 * which may be non-NULL. 610 */ 611 static void 612 ff_flush(struct mbuf *head, struct mbuf *last) 613 { 614 struct mbuf *m, *next; 615 struct ieee80211_node *ni; 616 struct ieee80211vap *vap; 617 618 for (m = head; m != last; m = next) { 619 next = m->m_nextpkt; 620 m->m_nextpkt = NULL; 621 622 ni = (struct ieee80211_node *) m->m_pkthdr.rcvif; 623 vap = ni->ni_vap; 624 625 IEEE80211_NOTE(vap, IEEE80211_MSG_SUPERG, ni, 626 "%s: flush frame, age %u", __func__, M_AGE_GET(m)); 627 vap->iv_stats.is_ff_flush++; 628 629 ff_transmit(ni, m); 630 } 631 } 632 633 /* 634 * Age frames on the staging queue. 635 */ 636 void 637 ieee80211_ff_age(struct ieee80211com *ic, struct ieee80211_stageq *sq, 638 int quanta) 639 { 640 struct mbuf *m, *head; 641 struct ieee80211_node *ni; 642 643 IEEE80211_FF_LOCK(ic); 644 if (sq->depth == 0) { 645 IEEE80211_FF_UNLOCK(ic); 646 return; /* nothing to do */ 647 } 648 649 KASSERT(sq->head != NULL, ("stageq empty")); 650 651 head = sq->head; 652 while ((m = sq->head) != NULL && M_AGE_GET(m) < quanta) { 653 int tid = WME_AC_TO_TID(M_WME_GETAC(m)); 654 655 /* clear staging ref to frame */ 656 ni = (struct ieee80211_node *) m->m_pkthdr.rcvif; 657 KASSERT(ni->ni_tx_superg[tid] == m, ("staging queue empty")); 658 ni->ni_tx_superg[tid] = NULL; 659 660 sq->head = m->m_nextpkt; 661 sq->depth--; 662 } 663 if (m == NULL) 664 sq->tail = NULL; 665 else 666 M_AGE_SUB(m, quanta); 667 IEEE80211_FF_UNLOCK(ic); 668 669 IEEE80211_TX_LOCK(ic); 670 ff_flush(head, m); 671 IEEE80211_TX_UNLOCK(ic); 672 } 673 674 static void 675 stageq_add(struct ieee80211com *ic, struct ieee80211_stageq *sq, struct mbuf *m) 676 { 677 int age = ieee80211_ffagemax; 678 679 IEEE80211_FF_LOCK_ASSERT(ic); 680 681 if (sq->tail != NULL) { 682 sq->tail->m_nextpkt = m; 683 age -= M_AGE_GET(sq->head); 684 } else { 685 sq->head = m; 686 687 struct timeout_task *qtask = &ic->ic_superg->ff_qtimer; 688 taskqueue_enqueue_timeout(ic->ic_tq, qtask, age); 689 } 690 KASSERT(age >= 0, ("age %d", age)); 691 M_AGE_SET(m, age); 692 m->m_nextpkt = NULL; 693 sq->tail = m; 694 sq->depth++; 695 } 696 697 static void 698 stageq_remove(struct ieee80211com *ic, struct ieee80211_stageq *sq, struct mbuf *mstaged) 699 { 700 struct mbuf *m, *mprev; 701 702 IEEE80211_FF_LOCK_ASSERT(ic); 703 704 mprev = NULL; 705 for (m = sq->head; m != NULL; m = m->m_nextpkt) { 706 if (m == mstaged) { 707 if (mprev == NULL) 708 sq->head = m->m_nextpkt; 709 else 710 mprev->m_nextpkt = m->m_nextpkt; 711 if (sq->tail == m) 712 sq->tail = mprev; 713 sq->depth--; 714 return; 715 } 716 mprev = m; 717 } 718 net80211_ic_printf(ic, "%s: packet not found\n", __func__); 719 } 720 721 static uint32_t 722 ff_approx_txtime(struct ieee80211_node *ni, 723 const struct mbuf *m1, const struct mbuf *m2) 724 { 725 struct ieee80211_node_txrate txr; 726 struct ieee80211com *ic = ni->ni_ic; 727 struct ieee80211vap *vap = ni->ni_vap; 728 uint32_t framelen; 729 uint32_t frame_time; 730 uint8_t dot11rate; 731 732 /* 733 * Approximate the frame length to be transmitted. A swag to add 734 * the following maximal values to the skb payload: 735 * - 32: 802.11 encap + CRC 736 * - 24: encryption overhead (if wep bit) 737 * - 4 + 6: fast-frame header and padding 738 * - 16: 2 LLC FF tunnel headers 739 * - 14: 1 802.3 FF tunnel header (mbuf already accounts for 2nd) 740 */ 741 framelen = m1->m_pkthdr.len + 32 + 742 ATH_FF_MAX_HDR_PAD + ATH_FF_MAX_SEP_PAD + ATH_FF_MAX_HDR; 743 if (vap->iv_flags & IEEE80211_F_PRIVACY) 744 framelen += 24; 745 if (m2 != NULL) 746 framelen += m2->m_pkthdr.len; 747 748 ieee80211_node_get_txrate(ni, &txr); 749 750 switch (txr.type) { 751 case IEEE80211_NODE_TXRATE_LEGACY: 752 dot11rate = ieee80211_node_get_txrate_dot11rate(ni); 753 frame_time = ieee80211_compute_duration(ic->ic_rt, framelen, 754 dot11rate, 0); 755 break; 756 case IEEE80211_NODE_TXRATE_HT: 757 /* TODO: check ht40/shortgi */ 758 dot11rate = ieee80211_node_get_txrate_dot11rate(ni); 759 frame_time = ieee80211_compute_duration_ht(framelen, 760 dot11rate, 761 IEEE80211_HT_RC_2_STREAMS(dot11rate), 762 0, /* isht40 */ 763 0); /* isshortgi */ 764 break; 765 case IEEE80211_NODE_TXRATE_VHT: 766 /* TODO: there's no VHT frame length calculation just yet */ 767 frame_time = 1000; /* 1ms */ 768 break; 769 case IEEE80211_NODE_TXRATE_UNDEFINED: 770 /* TODO: proper error handling */ 771 frame_time = 4000; /* 4ms */ 772 break; 773 } 774 775 return (frame_time); 776 } 777 778 /* 779 * Check if the supplied frame can be partnered with an existing 780 * or pending frame. Return a reference to any frame that should be 781 * sent on return; otherwise return NULL. 782 */ 783 struct mbuf * 784 ieee80211_ff_check(struct ieee80211_node *ni, struct mbuf *m) 785 { 786 struct ieee80211vap *vap = ni->ni_vap; 787 struct ieee80211com *ic = ni->ni_ic; 788 struct ieee80211_superg *sg = ic->ic_superg; 789 const int pri = M_WME_GETAC(m); 790 struct ieee80211_stageq *sq; 791 struct ieee80211_tx_ampdu *tap; 792 struct mbuf *mstaged; 793 uint32_t txtime, limit; 794 795 IEEE80211_TX_UNLOCK_ASSERT(ic); 796 797 IEEE80211_LOCK(ic); 798 limit = IEEE80211_TXOP_TO_US( 799 ic->ic_wme.wme_chanParams.cap_wmeParams[pri].wmep_txopLimit); 800 IEEE80211_UNLOCK(ic); 801 802 /* 803 * Check if the supplied frame can be aggregated. 804 * 805 * NB: we allow EAPOL frames to be aggregated with other ucast traffic. 806 * Do 802.1x EAPOL frames proceed in the clear? Then they couldn't 807 * be aggregated with other types of frames when encryption is on? 808 */ 809 IEEE80211_FF_LOCK(ic); 810 tap = &ni->ni_tx_ampdu[WME_AC_TO_TID(pri)]; 811 mstaged = ni->ni_tx_superg[WME_AC_TO_TID(pri)]; 812 /* XXX NOTE: reusing packet counter state from A-MPDU */ 813 /* 814 * XXX NOTE: this means we're double-counting; it should just 815 * be done in ieee80211_output.c once for both superg and A-MPDU. 816 */ 817 ieee80211_txampdu_count_packet(tap); 818 819 /* 820 * When not in station mode never aggregate a multicast 821 * frame; this insures, for example, that a combined frame 822 * does not require multiple encryption keys. 823 */ 824 if (vap->iv_opmode != IEEE80211_M_STA && 825 ETHER_IS_MULTICAST(mtod(m, struct ether_header *)->ether_dhost)) { 826 /* XXX flush staged frame? */ 827 IEEE80211_FF_UNLOCK(ic); 828 return m; 829 } 830 /* 831 * If there is no frame to combine with and the pps is 832 * too low; then do not attempt to aggregate this frame. 833 */ 834 if (mstaged == NULL && 835 ieee80211_txampdu_getpps(tap) < ieee80211_ffppsmin) { 836 IEEE80211_FF_UNLOCK(ic); 837 return m; 838 } 839 sq = &sg->ff_stageq[pri]; 840 /* 841 * Check the txop limit to insure the aggregate fits. 842 */ 843 if (limit != 0 && 844 (txtime = ff_approx_txtime(ni, m, mstaged)) > limit) { 845 /* 846 * Aggregate too long, return to the caller for direct 847 * transmission. In addition, flush any pending frame 848 * before sending this one. 849 */ 850 IEEE80211_DPRINTF(vap, IEEE80211_MSG_SUPERG, 851 "%s: txtime %u exceeds txop limit %u\n", 852 __func__, txtime, limit); 853 854 ni->ni_tx_superg[WME_AC_TO_TID(pri)] = NULL; 855 if (mstaged != NULL) 856 stageq_remove(ic, sq, mstaged); 857 IEEE80211_FF_UNLOCK(ic); 858 859 if (mstaged != NULL) { 860 IEEE80211_TX_LOCK(ic); 861 IEEE80211_NOTE(vap, IEEE80211_MSG_SUPERG, ni, 862 "%s: flush staged frame", __func__); 863 /* encap and xmit */ 864 ff_transmit(ni, mstaged); 865 IEEE80211_TX_UNLOCK(ic); 866 } 867 return m; /* NB: original frame */ 868 } 869 /* 870 * An aggregation candidate. If there's a frame to partner 871 * with then combine and return for processing. Otherwise 872 * save this frame and wait for a partner to show up (or 873 * the frame to be flushed). Note that staged frames also 874 * hold their node reference. 875 */ 876 if (mstaged != NULL) { 877 ni->ni_tx_superg[WME_AC_TO_TID(pri)] = NULL; 878 stageq_remove(ic, sq, mstaged); 879 IEEE80211_FF_UNLOCK(ic); 880 881 IEEE80211_NOTE(vap, IEEE80211_MSG_SUPERG, ni, 882 "%s: aggregate fast-frame", __func__); 883 /* 884 * Release the node reference; we only need 885 * the one already in mstaged. 886 */ 887 KASSERT(mstaged->m_pkthdr.rcvif == (void *)ni, 888 ("rcvif %p ni %p", mstaged->m_pkthdr.rcvif, ni)); 889 ieee80211_free_node(ni); 890 891 m->m_nextpkt = NULL; 892 mstaged->m_nextpkt = m; 893 mstaged->m_flags |= M_FF; /* NB: mark for encap work */ 894 } else { 895 KASSERT(ni->ni_tx_superg[WME_AC_TO_TID(pri)] == NULL, 896 ("ni_tx_superg[]: %p", 897 ni->ni_tx_superg[WME_AC_TO_TID(pri)])); 898 ni->ni_tx_superg[WME_AC_TO_TID(pri)] = m; 899 900 stageq_add(ic, sq, m); 901 IEEE80211_FF_UNLOCK(ic); 902 903 IEEE80211_NOTE(vap, IEEE80211_MSG_SUPERG, ni, 904 "%s: stage frame, %u queued", __func__, sq->depth); 905 /* NB: mstaged is NULL */ 906 } 907 return mstaged; 908 } 909 910 struct mbuf * 911 ieee80211_amsdu_check(struct ieee80211_node *ni, struct mbuf *m) 912 { 913 /* 914 * XXX TODO: actually enforce the node support 915 * and HTCAP requirements for the maximum A-MSDU 916 * size. 917 */ 918 919 /* First: software A-MSDU transmit? */ 920 if (! ieee80211_amsdu_tx_ok(ni)) 921 return (m); 922 923 /* Next - EAPOL? Nope, don't aggregate; we don't QoS encap them */ 924 if (m->m_flags & (M_EAPOL | M_MCAST | M_BCAST)) 925 return (m); 926 927 /* Next - needs to be a data frame, non-broadcast, etc */ 928 if (ETHER_IS_MULTICAST(mtod(m, struct ether_header *)->ether_dhost)) 929 return (m); 930 931 return (ieee80211_ff_check(ni, m)); 932 } 933 934 void 935 ieee80211_ff_node_init(struct ieee80211_node *ni) 936 { 937 /* 938 * Clean FF state on re-associate. This handles the case 939 * where a station leaves w/o notifying us and then returns 940 * before node is reaped for inactivity. 941 */ 942 ieee80211_ff_node_cleanup(ni); 943 } 944 945 void 946 ieee80211_ff_node_cleanup(struct ieee80211_node *ni) 947 { 948 struct ieee80211com *ic = ni->ni_ic; 949 struct ieee80211_superg *sg = ic->ic_superg; 950 struct mbuf *m, *next_m, *head; 951 int tid; 952 953 IEEE80211_FF_LOCK(ic); 954 head = NULL; 955 for (tid = 0; tid < WME_NUM_TID; tid++) { 956 int ac = TID_TO_WME_AC(tid); 957 /* 958 * XXX Initialise the packet counter. 959 * 960 * This may be double-work for 11n stations; 961 * but without it we never setup things. 962 */ 963 ieee80211_txampdu_init_pps(&ni->ni_tx_ampdu[tid]); 964 m = ni->ni_tx_superg[tid]; 965 if (m != NULL) { 966 ni->ni_tx_superg[tid] = NULL; 967 stageq_remove(ic, &sg->ff_stageq[ac], m); 968 m->m_nextpkt = head; 969 head = m; 970 } 971 } 972 IEEE80211_FF_UNLOCK(ic); 973 974 /* 975 * Free mbufs, taking care to not dereference the mbuf after 976 * we free it (hence grabbing m_nextpkt before we free it.) 977 */ 978 m = head; 979 while (m != NULL) { 980 next_m = m->m_nextpkt; 981 m_freem(m); 982 ieee80211_free_node(ni); 983 m = next_m; 984 } 985 } 986 987 /* 988 * Switch between turbo and non-turbo operating modes. 989 * Use the specified channel flags to locate the new 990 * channel, update 802.11 state, and then call back into 991 * the driver to effect the change. 992 */ 993 void 994 ieee80211_dturbo_switch(struct ieee80211vap *vap, int newflags) 995 { 996 struct ieee80211com *ic = vap->iv_ic; 997 struct ieee80211_channel *chan; 998 999 chan = ieee80211_find_channel(ic, ic->ic_bsschan->ic_freq, newflags); 1000 if (chan == NULL) { /* XXX should not happen */ 1001 IEEE80211_DPRINTF(vap, IEEE80211_MSG_SUPERG, 1002 "%s: no channel with freq %u flags 0x%x\n", 1003 __func__, ic->ic_bsschan->ic_freq, newflags); 1004 return; 1005 } 1006 1007 IEEE80211_DPRINTF(vap, IEEE80211_MSG_SUPERG, 1008 "%s: %s -> %s (freq %u flags 0x%x)\n", __func__, 1009 ieee80211_phymode_name[ieee80211_chan2mode(ic->ic_bsschan)], 1010 ieee80211_phymode_name[ieee80211_chan2mode(chan)], 1011 chan->ic_freq, chan->ic_flags); 1012 1013 ic->ic_bsschan = chan; 1014 ic->ic_prevchan = ic->ic_curchan; 1015 ic->ic_curchan = chan; 1016 ic->ic_rt = ieee80211_get_ratetable(chan); 1017 ic->ic_set_channel(ic); 1018 ieee80211_radiotap_chan_change(ic); 1019 /* NB: do not need to reset ERP state 'cuz we're in sta mode */ 1020 } 1021 1022 /* 1023 * Return the current ``state'' of an Atheros capbility. 1024 * If associated in station mode report the negotiated 1025 * setting. Otherwise report the current setting. 1026 */ 1027 static int 1028 getathcap(struct ieee80211vap *vap, int cap) 1029 { 1030 if (vap->iv_opmode == IEEE80211_M_STA && 1031 vap->iv_state == IEEE80211_S_RUN) 1032 return IEEE80211_ATH_CAP(vap, vap->iv_bss, cap) != 0; 1033 else 1034 return (vap->iv_flags & cap) != 0; 1035 } 1036 1037 static int 1038 superg_ioctl_get80211(struct ieee80211vap *vap, struct ieee80211req *ireq) 1039 { 1040 switch (ireq->i_type) { 1041 case IEEE80211_IOC_FF: 1042 ireq->i_val = getathcap(vap, IEEE80211_F_FF); 1043 break; 1044 case IEEE80211_IOC_TURBOP: 1045 ireq->i_val = getathcap(vap, IEEE80211_F_TURBOP); 1046 break; 1047 default: 1048 return ENOSYS; 1049 } 1050 return 0; 1051 } 1052 IEEE80211_IOCTL_GET(superg, superg_ioctl_get80211); 1053 1054 static int 1055 superg_ioctl_set80211(struct ieee80211vap *vap, struct ieee80211req *ireq) 1056 { 1057 switch (ireq->i_type) { 1058 case IEEE80211_IOC_FF: 1059 if (ireq->i_val) { 1060 if ((vap->iv_caps & IEEE80211_C_FF) == 0) 1061 return EOPNOTSUPP; 1062 vap->iv_flags |= IEEE80211_F_FF; 1063 } else 1064 vap->iv_flags &= ~IEEE80211_F_FF; 1065 return ENETRESET; 1066 case IEEE80211_IOC_TURBOP: 1067 if (ireq->i_val) { 1068 if ((vap->iv_caps & IEEE80211_C_TURBOP) == 0) 1069 return EOPNOTSUPP; 1070 vap->iv_flags |= IEEE80211_F_TURBOP; 1071 } else 1072 vap->iv_flags &= ~IEEE80211_F_TURBOP; 1073 return ENETRESET; 1074 default: 1075 return ENOSYS; 1076 } 1077 } 1078 IEEE80211_IOCTL_SET(superg, superg_ioctl_set80211); 1079 1080 #endif /* IEEE80211_SUPPORT_SUPERG */ 1081