2019-07-24 16:58:20 +08:00
|
|
|
// SPDX-License-Identifier: ISC
|
2018-01-24 23:19:14 +08:00
|
|
|
/*
|
|
|
|
|
* Copyright (C) 2018 Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
*/
|
|
|
|
|
#include "mt76.h"
|
|
|
|
|
|
|
|
|
|
#define REORDER_TIMEOUT (HZ / 10)
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
mt76_aggr_release(struct mt76_rx_tid *tid, struct sk_buff_head *frames, int idx)
|
|
|
|
|
{
|
|
|
|
|
struct sk_buff *skb;
|
|
|
|
|
|
|
|
|
|
tid->head = ieee80211_sn_inc(tid->head);
|
|
|
|
|
|
|
|
|
|
skb = tid->reorder_buf[idx];
|
|
|
|
|
if (!skb)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
tid->reorder_buf[idx] = NULL;
|
|
|
|
|
tid->nframes--;
|
|
|
|
|
__skb_queue_tail(frames, skb);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
2019-08-21 11:11:15 +08:00
|
|
|
mt76_rx_aggr_release_frames(struct mt76_rx_tid *tid,
|
|
|
|
|
struct sk_buff_head *frames,
|
|
|
|
|
u16 head)
|
2018-01-24 23:19:14 +08:00
|
|
|
{
|
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
|
|
while (ieee80211_sn_less(tid->head, head)) {
|
|
|
|
|
idx = tid->head % tid->size;
|
|
|
|
|
mt76_aggr_release(tid, frames, idx);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
mt76_rx_aggr_release_head(struct mt76_rx_tid *tid, struct sk_buff_head *frames)
|
|
|
|
|
{
|
|
|
|
|
int idx = tid->head % tid->size;
|
|
|
|
|
|
|
|
|
|
while (tid->reorder_buf[idx]) {
|
|
|
|
|
mt76_aggr_release(tid, frames, idx);
|
|
|
|
|
idx = tid->head % tid->size;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
mt76_rx_aggr_check_release(struct mt76_rx_tid *tid, struct sk_buff_head *frames)
|
|
|
|
|
{
|
|
|
|
|
struct mt76_rx_status *status;
|
|
|
|
|
struct sk_buff *skb;
|
|
|
|
|
int start, idx, nframes;
|
|
|
|
|
|
|
|
|
|
if (!tid->nframes)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
mt76_rx_aggr_release_head(tid, frames);
|
|
|
|
|
|
|
|
|
|
start = tid->head % tid->size;
|
|
|
|
|
nframes = tid->nframes;
|
|
|
|
|
|
|
|
|
|
for (idx = (tid->head + 1) % tid->size;
|
|
|
|
|
idx != start && nframes;
|
|
|
|
|
idx = (idx + 1) % tid->size) {
|
|
|
|
|
skb = tid->reorder_buf[idx];
|
|
|
|
|
if (!skb)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
nframes--;
|
2019-08-21 11:11:15 +08:00
|
|
|
status = (struct mt76_rx_status *)skb->cb;
|
|
|
|
|
if (!time_after(jiffies,
|
|
|
|
|
status->reorder_time + REORDER_TIMEOUT))
|
2018-01-24 23:19:14 +08:00
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
mt76_rx_aggr_release_frames(tid, frames, status->seqno);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mt76_rx_aggr_release_head(tid, frames);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
mt76_rx_aggr_reorder_work(struct work_struct *work)
|
|
|
|
|
{
|
|
|
|
|
struct mt76_rx_tid *tid = container_of(work, struct mt76_rx_tid,
|
|
|
|
|
reorder_work.work);
|
|
|
|
|
struct mt76_dev *dev = tid->dev;
|
|
|
|
|
struct sk_buff_head frames;
|
2018-01-27 23:02:05 +08:00
|
|
|
int nframes;
|
2018-01-24 23:19:14 +08:00
|
|
|
|
|
|
|
|
__skb_queue_head_init(&frames);
|
|
|
|
|
|
|
|
|
|
local_bh_disable();
|
2018-04-25 17:11:22 +08:00
|
|
|
rcu_read_lock();
|
2018-01-24 23:19:14 +08:00
|
|
|
|
|
|
|
|
spin_lock(&tid->lock);
|
|
|
|
|
mt76_rx_aggr_check_release(tid, &frames);
|
2018-01-27 23:02:05 +08:00
|
|
|
nframes = tid->nframes;
|
2018-01-24 23:19:14 +08:00
|
|
|
spin_unlock(&tid->lock);
|
|
|
|
|
|
2018-01-27 23:02:05 +08:00
|
|
|
if (nframes)
|
|
|
|
|
ieee80211_queue_delayed_work(tid->dev->hw, &tid->reorder_work,
|
|
|
|
|
REORDER_TIMEOUT);
|
2018-07-31 16:09:08 +08:00
|
|
|
mt76_rx_complete(dev, &frames, NULL);
|
2018-01-24 23:19:14 +08:00
|
|
|
|
2018-04-25 17:11:22 +08:00
|
|
|
rcu_read_unlock();
|
2018-01-24 23:19:14 +08:00
|
|
|
local_bh_enable();
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-27 23:02:04 +08:00
|
|
|
static void
|
|
|
|
|
mt76_rx_aggr_check_ctl(struct sk_buff *skb, struct sk_buff_head *frames)
|
|
|
|
|
{
|
2019-08-21 11:11:15 +08:00
|
|
|
struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
|
|
|
|
|
struct ieee80211_bar *bar = (struct ieee80211_bar *)skb->data;
|
2018-01-27 23:02:04 +08:00
|
|
|
struct mt76_wcid *wcid = status->wcid;
|
|
|
|
|
struct mt76_rx_tid *tid;
|
|
|
|
|
u16 seqno;
|
|
|
|
|
|
|
|
|
|
if (!ieee80211_is_ctl(bar->frame_control))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (!ieee80211_is_back_req(bar->frame_control))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
status->tid = le16_to_cpu(bar->control) >> 12;
|
2019-04-01 15:16:43 +08:00
|
|
|
seqno = IEEE80211_SEQ_TO_SN(le16_to_cpu(bar->start_seq_num));
|
2018-01-27 23:02:04 +08:00
|
|
|
tid = rcu_dereference(wcid->aggr[status->tid]);
|
|
|
|
|
if (!tid)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
spin_lock_bh(&tid->lock);
|
2019-10-07 18:30:46 +08:00
|
|
|
if (!tid->stopped) {
|
|
|
|
|
mt76_rx_aggr_release_frames(tid, frames, seqno);
|
|
|
|
|
mt76_rx_aggr_release_head(tid, frames);
|
|
|
|
|
}
|
2018-01-27 23:02:04 +08:00
|
|
|
spin_unlock_bh(&tid->lock);
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-24 23:19:14 +08:00
|
|
|
void mt76_rx_aggr_reorder(struct sk_buff *skb, struct sk_buff_head *frames)
|
|
|
|
|
{
|
2019-08-21 11:11:15 +08:00
|
|
|
struct mt76_rx_status *status = (struct mt76_rx_status *)skb->cb;
|
|
|
|
|
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
|
2018-01-24 23:19:14 +08:00
|
|
|
struct mt76_wcid *wcid = status->wcid;
|
|
|
|
|
struct ieee80211_sta *sta;
|
|
|
|
|
struct mt76_rx_tid *tid;
|
|
|
|
|
bool sn_less;
|
|
|
|
|
u16 seqno, head, size;
|
2018-04-04 03:52:54 +08:00
|
|
|
u8 ackp, idx;
|
2018-01-24 23:19:14 +08:00
|
|
|
|
|
|
|
|
__skb_queue_tail(frames, skb);
|
|
|
|
|
|
|
|
|
|
sta = wcid_to_sta(wcid);
|
2018-01-27 23:02:04 +08:00
|
|
|
if (!sta)
|
2018-01-24 23:19:14 +08:00
|
|
|
return;
|
|
|
|
|
|
2018-01-27 23:02:04 +08:00
|
|
|
if (!status->aggr) {
|
|
|
|
|
mt76_rx_aggr_check_ctl(skb, frames);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2018-04-04 03:52:54 +08:00
|
|
|
/* not part of a BA session */
|
|
|
|
|
ackp = *ieee80211_get_qos_ctl(hdr) & IEEE80211_QOS_CTL_ACK_POLICY_MASK;
|
|
|
|
|
if (ackp != IEEE80211_QOS_CTL_ACK_POLICY_BLOCKACK &&
|
|
|
|
|
ackp != IEEE80211_QOS_CTL_ACK_POLICY_NORMAL)
|
|
|
|
|
return;
|
|
|
|
|
|
2018-01-24 23:19:14 +08:00
|
|
|
tid = rcu_dereference(wcid->aggr[status->tid]);
|
|
|
|
|
if (!tid)
|
|
|
|
|
return;
|
|
|
|
|
|
2018-04-04 03:52:53 +08:00
|
|
|
status->flag |= RX_FLAG_DUP_VALIDATED;
|
2018-01-24 23:19:14 +08:00
|
|
|
spin_lock_bh(&tid->lock);
|
|
|
|
|
|
|
|
|
|
if (tid->stopped)
|
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
|
|
head = tid->head;
|
|
|
|
|
seqno = status->seqno;
|
|
|
|
|
size = tid->size;
|
|
|
|
|
sn_less = ieee80211_sn_less(seqno, head);
|
|
|
|
|
|
|
|
|
|
if (!tid->started) {
|
|
|
|
|
if (sn_less)
|
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
|
|
tid->started = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (sn_less) {
|
|
|
|
|
__skb_unlink(skb, frames);
|
|
|
|
|
dev_kfree_skb(skb);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (seqno == head) {
|
|
|
|
|
tid->head = ieee80211_sn_inc(head);
|
|
|
|
|
if (tid->nframes)
|
|
|
|
|
mt76_rx_aggr_release_head(tid, frames);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
__skb_unlink(skb, frames);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Frame sequence number exceeds buffering window, free up some space
|
|
|
|
|
* by releasing previous frames
|
|
|
|
|
*/
|
|
|
|
|
if (!ieee80211_sn_less(seqno, head + size)) {
|
|
|
|
|
head = ieee80211_sn_inc(ieee80211_sn_sub(seqno, size));
|
|
|
|
|
mt76_rx_aggr_release_frames(tid, frames, head);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
idx = seqno % size;
|
|
|
|
|
|
|
|
|
|
/* Discard if the current slot is already in use */
|
|
|
|
|
if (tid->reorder_buf[idx]) {
|
|
|
|
|
dev_kfree_skb(skb);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
status->reorder_time = jiffies;
|
|
|
|
|
tid->reorder_buf[idx] = skb;
|
|
|
|
|
tid->nframes++;
|
|
|
|
|
mt76_rx_aggr_release_head(tid, frames);
|
|
|
|
|
|
2019-08-21 11:11:15 +08:00
|
|
|
ieee80211_queue_delayed_work(tid->dev->hw, &tid->reorder_work,
|
|
|
|
|
REORDER_TIMEOUT);
|
2018-01-24 23:19:14 +08:00
|
|
|
|
|
|
|
|
out:
|
|
|
|
|
spin_unlock_bh(&tid->lock);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int mt76_rx_aggr_start(struct mt76_dev *dev, struct mt76_wcid *wcid, u8 tidno,
|
|
|
|
|
u16 ssn, u8 size)
|
|
|
|
|
{
|
|
|
|
|
struct mt76_rx_tid *tid;
|
|
|
|
|
|
|
|
|
|
mt76_rx_aggr_stop(dev, wcid, tidno);
|
|
|
|
|
|
treewide: Use struct_size() for kmalloc()-family
One of the more common cases of allocation size calculations is finding
the size of a structure that has a zero-sized array at the end, along
with memory for some number of elements for that array. For example:
struct foo {
int stuff;
void *entry[];
};
instance = kmalloc(sizeof(struct foo) + sizeof(void *) * count, GFP_KERNEL);
Instead of leaving these open-coded and prone to type mistakes, we can
now use the new struct_size() helper:
instance = kmalloc(struct_size(instance, entry, count), GFP_KERNEL);
This patch makes the changes for kmalloc()-family (and kvmalloc()-family)
uses. It was done via automatic conversion with manual review for the
"CHECKME" non-standard cases noted below, using the following Coccinelle
script:
// pkey_cache = kmalloc(sizeof *pkey_cache + tprops->pkey_tbl_len *
// sizeof *pkey_cache->table, GFP_KERNEL);
@@
identifier alloc =~ "kmalloc|kzalloc|kvmalloc|kvzalloc";
expression GFP;
identifier VAR, ELEMENT;
expression COUNT;
@@
- alloc(sizeof(*VAR) + COUNT * sizeof(*VAR->ELEMENT), GFP)
+ alloc(struct_size(VAR, ELEMENT, COUNT), GFP)
// mr = kzalloc(sizeof(*mr) + m * sizeof(mr->map[0]), GFP_KERNEL);
@@
identifier alloc =~ "kmalloc|kzalloc|kvmalloc|kvzalloc";
expression GFP;
identifier VAR, ELEMENT;
expression COUNT;
@@
- alloc(sizeof(*VAR) + COUNT * sizeof(VAR->ELEMENT[0]), GFP)
+ alloc(struct_size(VAR, ELEMENT, COUNT), GFP)
// Same pattern, but can't trivially locate the trailing element name,
// or variable name.
@@
identifier alloc =~ "kmalloc|kzalloc|kvmalloc|kvzalloc";
expression GFP;
expression SOMETHING, COUNT, ELEMENT;
@@
- alloc(sizeof(SOMETHING) + COUNT * sizeof(ELEMENT), GFP)
+ alloc(CHECKME_struct_size(&SOMETHING, ELEMENT, COUNT), GFP)
Signed-off-by: Kees Cook <keescook@chromium.org>
2018-05-09 04:45:50 +08:00
|
|
|
tid = kzalloc(struct_size(tid, reorder_buf, size), GFP_KERNEL);
|
2018-01-24 23:19:14 +08:00
|
|
|
if (!tid)
|
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
|
|
tid->dev = dev;
|
|
|
|
|
tid->head = ssn;
|
|
|
|
|
tid->size = size;
|
|
|
|
|
INIT_DELAYED_WORK(&tid->reorder_work, mt76_rx_aggr_reorder_work);
|
|
|
|
|
spin_lock_init(&tid->lock);
|
|
|
|
|
|
|
|
|
|
rcu_assign_pointer(wcid->aggr[tidno], tid);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL_GPL(mt76_rx_aggr_start);
|
|
|
|
|
|
|
|
|
|
static void mt76_rx_aggr_shutdown(struct mt76_dev *dev, struct mt76_rx_tid *tid)
|
|
|
|
|
{
|
|
|
|
|
u8 size = tid->size;
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
spin_lock_bh(&tid->lock);
|
|
|
|
|
|
|
|
|
|
tid->stopped = true;
|
|
|
|
|
for (i = 0; tid->nframes && i < size; i++) {
|
|
|
|
|
struct sk_buff *skb = tid->reorder_buf[i];
|
|
|
|
|
|
|
|
|
|
if (!skb)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
tid->nframes--;
|
|
|
|
|
dev_kfree_skb(skb);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
spin_unlock_bh(&tid->lock);
|
2019-10-07 18:30:46 +08:00
|
|
|
|
|
|
|
|
cancel_delayed_work_sync(&tid->reorder_work);
|
2018-01-24 23:19:14 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void mt76_rx_aggr_stop(struct mt76_dev *dev, struct mt76_wcid *wcid, u8 tidno)
|
|
|
|
|
{
|
2019-10-07 21:30:18 +08:00
|
|
|
struct mt76_rx_tid *tid = NULL;
|
2018-01-24 23:19:14 +08:00
|
|
|
|
2019-12-12 02:30:21 +08:00
|
|
|
tid = rcu_replace_pointer(wcid->aggr[tidno], tid,
|
|
|
|
|
lockdep_is_held(&dev->mutex));
|
2018-01-24 23:19:14 +08:00
|
|
|
if (tid) {
|
|
|
|
|
mt76_rx_aggr_shutdown(dev, tid);
|
|
|
|
|
kfree_rcu(tid, rcu_head);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL_GPL(mt76_rx_aggr_stop);
|