Kernel
/
iwd
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git
3
0
Fork 0
Code Releases Activity
iwd/src/frame-xchg.c

1416 lines
35 KiB
C
Raw Normal View History

Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
/*
*
* Wireless daemon for Linux
*
* Copyright (C) 2020 Intel Corporation. All rights reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <errno.h>
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
#include <stdarg.h>
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
#include <sys/socket.h>
#include <linux/genetlink.h>
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
#include <ell/ell.h>
#include "linux/nl80211.h"
treewide: Use ell's useful.h header
2021-03-12 04:46:09 +01:00
#include "ell/useful.h"
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
#include "src/iwd.h"
#include "src/module.h"
#include "src/mpdu.h"
#include "src/util.h"
#include "src/watchlist.h"
#include "src/nl80211util.h"
#include "src/netdev.h"
#include "src/frame-xchg.h"
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
#include "src/wiphy.h"
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
frame-xchg.c: fix build with glibc < 2.24 SOL_NETLINK is used since commit 87a198111af1ea67053895f7435fb99e3cdd2159 resulting in the following build failure with glibc < 2.24: src/frame-xchg.c: In function 'frame_watch_group_io_read': src/frame-xchg.c:328:27: error: 'SOL_NETLINK' undeclared (first use in this function) if (cmsg->cmsg_level != SOL_NETLINK) ^ This failure is due to glibc that doesn't support SOL_NETLINK before version 2.24 and https://github.com/bminor/glibc/commit/f9b437d5efce93800b51ad2a437c8b1c9616bf80 Fixes: - http://autobuild.buildroot.org/results/3485088b84111c271bbcfaf025aa4103c6452072
2020-04-22 10:13:38 +02:00
#ifndef SOL_NETLINK
#define SOL_NETLINK 270
#endif
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
struct watch_group {
/*
* Group IDs, except 0, are per wdev for user's convenience.
* I.e. group 1 can be used for P2P discovery and be removed as
* soon as the scan is over on a given device without interfering
* with scans on other devices. This means a module can name
* all the groups it's going to need in a static enum.
* Group 0 is the default group and uses the iwd_get_genl() netlink
* socket shared with all its other users, meaning that it can not
* be closed through the watch API. It is to be used for watches
* that don't need to be unregistered before the virtual interface
* type change or destruction, which are the two events that
* implicitly unregister all existing watches.
*/
uint32_t id;
uint64_t wdev_id;
uint32_t unicast_watch_id;
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
struct l_io *io;
uint32_t nl_pid;
uint32_t nl_seq;
struct l_queue *write_queue;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
struct watchlist watches;
};
struct frame_watch {
uint64_t wdev_id;
uint16_t frame_type;
uint8_t *prefix;
size_t prefix_len;
struct watch_group *group;
struct watchlist_item super;
};
static struct l_queue *watch_groups;
struct wdev_info {
uint64_t id;
uint32_t iftype;
};
static struct l_queue *wdevs;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
struct frame_xchg_data {
uint64_t wdev_id;
uint32_t freq;
struct mmpdu_header *tx_mpdu;
size_t tx_mpdu_len;
bool tx_acked;
uint64_t cookie;
bool have_cookie;
bool early_status;
struct {
struct mmpdu_header *mpdu;
const void *body;
size_t body_len;
int rssi;
} early_frame;
struct l_timeout *timeout;
struct l_queue *rx_watches;
frame_xchg_cb_t cb;
frame-xchg: add destroy function to start() APIs This makes things more consistent with other IWD APIs as well as prepares for unifying frame-xchg and scanning.
2020-06-23 17:42:51 +02:00
frame_xchg_destroy_func_t destroy;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
void *user_data;
uint32_t group_id;
unsigned int retry_cnt;
unsigned int retry_interval;
unsigned int resp_timeout;
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
unsigned int retries_on_ack;
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
struct wiphy_radio_work_item work;
frame-xchg: Add no-cck-rate flag only for P2P interfaces We want to use this flag only on the interfaces with one of the three P2P iftypes so set the flag automatically depending on the iftype from the last 'config' notification.
2020-09-29 18:37:04 +02:00
bool no_cck_rates;
frame-xchg: Cancel NL80211_CMD_FRAME commands when interrupted The callback for the FRAME command was causing a crash in wiphy_radio_work_done when not cancelled when the wiphy was being removed from the system. This was likely to happen if this radio work item was waiting for another item to finish. When the first one was being cancelled due to the wiphy being removed, this one would be started and immediately stopped by the radio work queue. Now this crash could be fixed by dropping all frame exchange instances on an interface that is being removed which is easy to do, but properly cancelling the commands saves us the headache of analysing whether there's a race condition in other situations where a frame exchange is being aborted.
2020-09-29 18:37:05 +02:00
unsigned int tx_cmd_id;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
};
struct frame_xchg_watch_data {
struct frame_xchg_prefix *prefix;
frame_xchg_resp_cb_t cb;
};
static struct l_queue *frame_xchgs;
static struct l_genl_family *nl80211;
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
static uint32_t nl80211_id;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
struct frame_prefix_info {
uint16_t frame_type;
const uint8_t *body;
size_t body_len;
uint64_t wdev_id;
};
static bool frame_watch_match_prefix(const void *a, const void *b)
{
const struct watchlist_item *item = a;
const struct frame_watch *watch =
l_container_of(item, struct frame_watch, super);
const struct frame_prefix_info *info = b;
return watch->frame_type == info->frame_type &&
watch->prefix_len <= info->body_len &&
(watch->prefix_len == 0 ||
!memcmp(watch->prefix, info->body, watch->prefix_len)) &&
info->wdev_id == watch->wdev_id;
}
static void frame_watch_unicast_notify(struct l_genl_msg *msg, void *user_data)
{
struct watch_group *group = user_data;
const uint64_t *wdev_id = NULL;
const uint32_t *ifindex = NULL;
struct l_genl_attr attr;
uint16_t type, len, frame_len;
const void *data;
const struct mmpdu_header *mpdu = NULL;
const uint8_t *body;
struct frame_prefix_info info;
int rssi = 0; /* No-RSSI flag value */
if (l_genl_msg_get_command(msg) != NL80211_CMD_FRAME)
return;
if (!l_genl_attr_init(&attr, msg))
return;
while (l_genl_attr_next(&attr, &type, &len, &data)) {
switch (type) {
case NL80211_ATTR_WDEV:
if (len != 8)
break;
wdev_id = data;
break;
case NL80211_ATTR_IFINDEX:
if (len != 4)
break;
ifindex = data;
break;
case NL80211_ATTR_FRAME:
mpdu = mpdu_validate(data, len);
if (!mpdu) {
l_warn("Frame didn't validate as MMPDU");
return;
}
frame_len = len;
break;
case NL80211_ATTR_RX_SIGNAL_DBM:
if (len != 4)
break;
rssi = *(const int32_t *) data;
}
}
if (!wdev_id || (group->wdev_id && group->wdev_id != *wdev_id)) {
l_warn("Bad wdev attribute");
return;
}
if (!mpdu) {
l_warn("Missing frame data");
return;
}
body = mmpdu_body(mpdu);
if (ifindex) {
struct netdev *netdev = netdev_find(*ifindex);
if (netdev && memcmp(mpdu->address_1,
netdev_get_address(netdev), 6) &&
!util_is_broadcast_address(mpdu->address_1))
return;
}
/* Only match the frame type and subtype like the kernel does */
#define FC_FTYPE_STYPE_MASK 0x00fc
info.frame_type = l_get_le16(mpdu) & FC_FTYPE_STYPE_MASK;
info.body = (const uint8_t *) body;
info.body_len = (const uint8_t *) mpdu + frame_len - body;
info.wdev_id = *wdev_id;
WATCHLIST_NOTIFY_MATCHES(&group->watches, frame_watch_match_prefix,
&info, frame_watch_cb_t, mpdu,
info.body, info.body_len, rssi);
frame-xchg: Fix group removal inside frame callback When a frame registered in a given group Id triggers a callback and that callback ends up calling frame_watch_group_remove for that group Id, that call will happen inside WATCHLIST_NOTIFY_MATCHES and will free the memory used by the watchlist. watchlist.h has protection against the watchlist being "destroyed" inside WATCHLIST_NOTIFY_MATCHES, but not against its memory being freed -- the memory where it stores the in_notify and destroy_pending flags. Free the group immediately after WATCHLIST_NOTIFY_MATCHES to avoid reads/writes to those flags triggering valgrind warnings.
2020-07-21 02:45:39 +02:00
/* Has frame_watch_group_destroy been called inside a frame CB? */
if (group->watches.pending_destroy)
l_free(group);
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
}
static void frame_watch_group_destroy(void *data)
{
struct watch_group *group = data;
if (group->unicast_watch_id)
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
l_genl_remove_unicast_watch(iwd_get_genl(),
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
group->unicast_watch_id);
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
l_io_destroy(group->io);
l_queue_destroy(group->write_queue,
(l_queue_destroy_func_t) l_genl_msg_unref);
frame-xchg: Fix group removal inside frame callback When a frame registered in a given group Id triggers a callback and that callback ends up calling frame_watch_group_remove for that group Id, that call will happen inside WATCHLIST_NOTIFY_MATCHES and will free the memory used by the watchlist. watchlist.h has protection against the watchlist being "destroyed" inside WATCHLIST_NOTIFY_MATCHES, but not against its memory being freed -- the memory where it stores the in_notify and destroy_pending flags. Free the group immediately after WATCHLIST_NOTIFY_MATCHES to avoid reads/writes to those flags triggering valgrind warnings.
2020-07-21 02:45:39 +02:00
/*
* We may be inside a frame notification but even then use
* watchlist_destroy to prevent any more notifications from
* being dispatched.
*/
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
watchlist_destroy(&group->watches);
frame-xchg: Fix group removal inside frame callback When a frame registered in a given group Id triggers a callback and that callback ends up calling frame_watch_group_remove for that group Id, that call will happen inside WATCHLIST_NOTIFY_MATCHES and will free the memory used by the watchlist. watchlist.h has protection against the watchlist being "destroyed" inside WATCHLIST_NOTIFY_MATCHES, but not against its memory being freed -- the memory where it stores the in_notify and destroy_pending flags. Free the group immediately after WATCHLIST_NOTIFY_MATCHES to avoid reads/writes to those flags triggering valgrind warnings.
2020-07-21 02:45:39 +02:00
if (group->watches.in_notify)
return;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
l_free(group);
}
static void frame_watch_free(struct watchlist_item *item)
{
struct frame_watch *watch =
l_container_of(item, struct frame_watch, super);
l_free(watch->prefix);
l_free(watch);
}
static const struct watchlist_ops frame_watch_ops = {
.item_free = frame_watch_free,
};
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
static bool frame_watch_group_io_write(struct l_io *io, void *user_data)
{
struct watch_group *group = user_data;
struct l_genl_msg *msg;
const void *msg_data;
size_t msg_size;
ssize_t bytes_written;
msg = l_queue_pop_head(group->write_queue);
if (!msg)
return false;
msg_data = l_genl_msg_to_data(msg, nl80211_id, NLM_F_REQUEST,
++group->nl_seq, group->nl_pid,
&msg_size);
bytes_written = send(l_io_get_fd(group->io), msg_data, msg_size, 0);
l_genl_msg_unref(msg);
if (bytes_written < 0) {
l_error("Frame watch group socket write error: %s (%i)",
strerror(errno), errno);
l_queue_push_head(group->write_queue, msg);
return false;
}
return !l_queue_isempty(group->write_queue);
}
static bool frame_watch_group_io_read(struct l_io *io, void *user_data)
{
struct watch_group *group = user_data;
struct cmsghdr *cmsg;
struct msghdr msg;
struct iovec iov;
unsigned char buf[8192];
unsigned char control[32];
ssize_t bytes_read;
struct nlmsghdr *nlmsg;
size_t nlmsg_len;
uint32_t nlmsg_group = 0;
memset(&iov, 0, sizeof(iov));
iov.iov_base = buf;
iov.iov_len = sizeof(buf);
memset(&msg, 0, sizeof(msg));
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
msg.msg_control = control;
msg.msg_controllen = sizeof(control);
bytes_read = recvmsg(l_io_get_fd(group->io), &msg, 0);
if (bytes_read < 0) {
if (errno != EAGAIN && errno != EINTR) {
l_error("Frame watch group socket read error: %s (%i)",
strerror(errno), errno);
return false;
}
return true;
}
nlmsg_len = bytes_read;
for (cmsg = CMSG_FIRSTHDR(&msg); cmsg != NULL;
cmsg = CMSG_NXTHDR(&msg, cmsg)) {
struct nl_pktinfo pktinfo;
if (cmsg->cmsg_level != SOL_NETLINK)
continue;
if (cmsg->cmsg_type != NETLINK_PKTINFO)
continue;
memcpy(&pktinfo, CMSG_DATA(cmsg), sizeof(pktinfo));
nlmsg_group = pktinfo.group;
}
if (nlmsg_group) /* Ignore multicast */
return true;
for (nlmsg = iov.iov_base; NLMSG_OK(nlmsg, nlmsg_len);
nlmsg = NLMSG_NEXT(nlmsg, nlmsg_len)) {
struct l_genl_msg *genl_msg;
if (nlmsg->nlmsg_type != nl80211_id) /* Ignore other families */
continue;
if (nlmsg->nlmsg_seq) /* Ignore responses */
continue;
genl_msg = l_genl_msg_new_from_data((void *) nlmsg,
nlmsg->nlmsg_len);
if (!genl_msg)
continue;
frame_watch_unicast_notify(genl_msg, group);
l_genl_msg_unref(genl_msg);
}
return true;
}
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
static struct watch_group *frame_watch_group_new(uint64_t wdev_id, uint32_t id)
{
struct watch_group *group = l_new(struct watch_group, 1);
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
struct sockaddr_nl addr;
socklen_t addrlen = sizeof(addr);
int fd = -1, pktinfo = 1;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
group->id = id;
group->wdev_id = wdev_id;
watchlist_init(&group->watches, &frame_watch_ops);
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
if (id == 0) {
group->unicast_watch_id = l_genl_add_unicast_watch(
iwd_get_genl(),
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
NL80211_GENL_NAME,
frame_watch_unicast_notify,
group, NULL);
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
if (unlikely(!group->unicast_watch_id)) {
l_error("Registering for unicast notification failed");
goto err;
}
return group;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
}
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
/*
* If we need to add groups using genl sockets other than our main
* genl socket (iwd_get_genl()), use raw io instead of l_genl. This
* way we don't have to query the genl families -- we already know
* nl80211 is present -- and the handling is simpler, and l_genl,
* while it would work, is not meant to have multiple instances
* per program.
*/
fd = socket(PF_NETLINK,
SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK,
NETLINK_GENERIC);
if (unlikely(fd < 0))
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
goto err;
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
memset(&addr, 0, sizeof(addr));
addr.nl_family = AF_NETLINK;
addr.nl_pid = 0;
if (unlikely(bind(fd, (struct sockaddr *) &addr, sizeof(addr)) < 0))
goto err;
if (unlikely(getsockname(fd, (struct sockaddr *) &addr, &addrlen) < 0))
goto err;
group->nl_pid = addr.nl_pid;
if (unlikely(setsockopt(fd, SOL_NETLINK, NETLINK_PKTINFO,
&pktinfo, sizeof(pktinfo)) < 0))
goto err;
group->io = l_io_new(fd);
if (unlikely(!group->io))
goto err;
l_io_set_close_on_destroy(group->io, true);
l_io_set_read_handler(group->io, frame_watch_group_io_read, group,
frame-xchg: Drop l_io read destroy handler This function was intended to catch socket errors and destroy the group but it would leak the l_io object if that happened, and if called on ordinary shutdown it could cause a crash. Since we're now assuming that the netlink socket operations never fail just remove it.
2020-03-20 17:20:22 +01:00
NULL);
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
group->write_queue = l_queue_new();
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
return group;
err:
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
if (fd > -1)
close(fd);
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
frame_watch_group_destroy(group);
return NULL;
}
frame-xchg: Use frame_watch_group_match in frame_watch_group_get
2020-05-31 02:56:45 +02:00
struct watch_group_match_info {
uint64_t wdev_id;
uint32_t id;
};
static bool frame_watch_group_match(const void *a, const void *b)
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
{
frame-xchg: Use frame_watch_group_match in frame_watch_group_get
2020-05-31 02:56:45 +02:00
const struct watch_group *group = a;
const struct watch_group_match_info *info = b;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
frame-xchg: Use frame_watch_group_match in frame_watch_group_get
2020-05-31 02:56:45 +02:00
return group->wdev_id == info->wdev_id && group->id == info->id;
}
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
frame-xchg: Use frame_watch_group_match in frame_watch_group_get
2020-05-31 02:56:45 +02:00
static struct watch_group *frame_watch_group_get(uint64_t wdev_id, uint32_t id)
{
struct watch_group_match_info info = { id == 0 ? 0 : wdev_id, id };
struct watch_group *group = l_queue_find(watch_groups,
frame_watch_group_match, &info);
if (!group) {
group = frame_watch_group_new(wdev_id, id);
l_queue_push_tail(watch_groups, group);
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
}
frame-xchg: Add new groups to watch_groups list I forgot to actually add new groups being created in frame_watch_group_get to the watch_groups queue, meaning that we'd re-create the group every time a new watch was added to the group.
2020-02-07 12:39:11 +01:00
return group;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
}
static void frame_watch_register_cb(struct l_genl_msg *msg, void *user_data)
{
if (l_genl_msg_get_error(msg) < 0)
l_error("Could not register frame watch type %04x: %i",
L_PTR_TO_UINT(user_data), l_genl_msg_get_error(msg));
}
frame-xchg: Optimize frame_watch_remove_by_handler scenarios Since frame_watch_remove_by_handler only forgets a given function + user data pointers, and doesn't remove the frame prefixes added in the kernel, we can avoid later re-registering those prefixes with the kernel by keeping them in our local watchlist, and only replacing the handler pointer with a dummy function.
2020-03-18 15:45:28 +01:00
static void frame_watch_notify_empty(const struct mmpdu_header *mpdu,
const void *body, size_t body_len,
int rssi, void *user_data)
{
}
frame-xchg: Try to call a handler only once per frame Try to better deduplicate the frame watches. Until now we'd check if we'd already registered a given frame body prefix with the kernel, or a matching more general prefix (shorter). Now also try to check if we have already have a watch with the same callback pointer and user_data value, and: * an identical or shorter (more general) prefix, in that case ignore the new watch completely. * a longer (more specific) prefix, in that case forget the existing watch. The use case for this is when we have a single callback for multiple watches and multiple frame types, and inside that callback we're looking at the frame body again and matching it to frame types. In that case we don't want that function to be called multiple times for one frame event.
2020-02-15 01:17:43 +01:00
struct frame_duplicate_info {
uint64_t wdev_id;
uint16_t frame_type;
const uint8_t *prefix;
size_t prefix_len;
frame_watch_cb_t handler;
void *user_data;
bool duplicate : 1;
bool registered : 1;
};
static bool frame_watch_check_duplicate(void *data, void *user_data)
{
struct watchlist_item *super = data;
struct frame_watch *watch =
l_container_of(super, struct frame_watch, super);
struct frame_duplicate_info *info = user_data;
int common_len = info->prefix_len < watch->prefix_len ?
info->prefix_len : watch->prefix_len;
if (info->wdev_id != watch->wdev_id ||
info->frame_type != watch->frame_type ||
(common_len &&
memcmp(info->prefix, watch->prefix, common_len)))
/* No match */
return false;
if (info->prefix_len >= watch->prefix_len)
/*
* A matching shorter prefix is already registered with
* the kernel, no need to register the new prefix.
*/
info->registered = true;
frame-xchg: Optimize frame_watch_remove_by_handler scenarios Since frame_watch_remove_by_handler only forgets a given function + user data pointers, and doesn't remove the frame prefixes added in the kernel, we can avoid later re-registering those prefixes with the kernel by keeping them in our local watchlist, and only replacing the handler pointer with a dummy function.
2020-03-18 15:45:28 +01:00
/*
* If we previously had a watch registered on this socket,
* with the same or a more specific prefix, we can now forget
* its entry as the new watch is going to hold enough
* information to keep us from registering redundant prefixes
* in the future.
*/
if (info->prefix_len <= watch->prefix_len &&
watch->super.notify == frame_watch_notify_empty)
goto drop;
frame-xchg: Try to call a handler only once per frame Try to better deduplicate the frame watches. Until now we'd check if we'd already registered a given frame body prefix with the kernel, or a matching more general prefix (shorter). Now also try to check if we have already have a watch with the same callback pointer and user_data value, and: * an identical or shorter (more general) prefix, in that case ignore the new watch completely. * a longer (more specific) prefix, in that case forget the existing watch. The use case for this is when we have a single callback for multiple watches and multiple frame types, and inside that callback we're looking at the frame body again and matching it to frame types. In that case we don't want that function to be called multiple times for one frame event.
2020-02-15 01:17:43 +01:00
if (info->handler != watch->super.notify ||
info->user_data != watch->super.notify_data)
return false;
/*
* If we already have a watch with the exact same callback and
* user_data and a matching prefix (longer or shorter), drop
* either the existing watch, or the new watch, so as to preserve
* the set of frames that trigger the callback but avoid
* calling back twice with the same user_data.
*/
if (info->prefix_len >= watch->prefix_len) {
info->duplicate = true;
return false;
}
frame-xchg: Optimize frame_watch_remove_by_handler scenarios Since frame_watch_remove_by_handler only forgets a given function + user data pointers, and doesn't remove the frame prefixes added in the kernel, we can avoid later re-registering those prefixes with the kernel by keeping them in our local watchlist, and only replacing the handler pointer with a dummy function.
2020-03-18 15:45:28 +01:00
drop:
frame-xchg: fix bug when starting new xchg from callback This bug is caused by the following behavior: 1. Start a frame-xchg, wait for callback 2. From callback start a new frame-xchg, same prefix. The new frame-xchg request will detect that there is a duplicate watch, which is correct behavior. It will then remove this duplicate from the watchlist. The issue here is that we are in the watchlist notify loop from the original xchg. This causes that loop to read from the now freed watchlist item, causing an invalid read. Instead of freeing the item immediately, check if the notify loop is in progress and only set 'id' to zero and 'stale_items' to true. This will allow the notify loop to finish, then the watchlist code will prune out any stale items. If not in the notify loop the item can be freed as it was before.
2020-06-01 22:03:40 +02:00
/*
* Drop the existing watch as a duplicate of the new one. If we are in
* the watchlist notify loop, just mark this item as stale and it will
* be cleaned up afterwards
*/
if (watch->group->watches.in_notify) {
super->id = 0;
watch->group->watches.stale_items = true;
return false;
}
frame-xchg: Actually free duplicate watches Fix a potential leak when we need to drop an existing watch because it's being replaced with a new one.
2020-03-18 15:45:23 +01:00
frame_watch_free(&watch->super);
frame-xchg: Try to call a handler only once per frame Try to better deduplicate the frame watches. Until now we'd check if we'd already registered a given frame body prefix with the kernel, or a matching more general prefix (shorter). Now also try to check if we have already have a watch with the same callback pointer and user_data value, and: * an identical or shorter (more general) prefix, in that case ignore the new watch completely. * a longer (more specific) prefix, in that case forget the existing watch. The use case for this is when we have a single callback for multiple watches and multiple frame types, and inside that callback we're looking at the frame body again and matching it to frame types. In that case we don't want that function to be called multiple times for one frame event.
2020-02-15 01:17:43 +01:00
return true;
}
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
bool frame_watch_add(uint64_t wdev_id, uint32_t group_id, uint16_t frame_type,
const uint8_t *prefix, size_t prefix_len,
frame_watch_cb_t handler, void *user_data,
frame_xchg_destroy_func_t destroy)
{
struct watch_group *group = frame_watch_group_get(wdev_id, group_id);
struct frame_watch *watch;
struct l_genl_msg *msg;
frame-xchg: Try to call a handler only once per frame Try to better deduplicate the frame watches. Until now we'd check if we'd already registered a given frame body prefix with the kernel, or a matching more general prefix (shorter). Now also try to check if we have already have a watch with the same callback pointer and user_data value, and: * an identical or shorter (more general) prefix, in that case ignore the new watch completely. * a longer (more specific) prefix, in that case forget the existing watch. The use case for this is when we have a single callback for multiple watches and multiple frame types, and inside that callback we're looking at the frame body again and matching it to frame types. In that case we don't want that function to be called multiple times for one frame event.
2020-02-15 01:17:43 +01:00
struct frame_duplicate_info info = {
wdev_id, frame_type, prefix, prefix_len,
handler, user_data, false, false
};
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
if (!group)
return false;
frame-xchg: Try to call a handler only once per frame Try to better deduplicate the frame watches. Until now we'd check if we'd already registered a given frame body prefix with the kernel, or a matching more general prefix (shorter). Now also try to check if we have already have a watch with the same callback pointer and user_data value, and: * an identical or shorter (more general) prefix, in that case ignore the new watch completely. * a longer (more specific) prefix, in that case forget the existing watch. The use case for this is when we have a single callback for multiple watches and multiple frame types, and inside that callback we're looking at the frame body again and matching it to frame types. In that case we don't want that function to be called multiple times for one frame event.
2020-02-15 01:17:43 +01:00
l_queue_foreach_remove(group->watches.items,
frame_watch_check_duplicate, &info);
if (info.duplicate)
return true;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
watch = l_new(struct frame_watch, 1);
watch->frame_type = frame_type;
watch->prefix = prefix_len ? l_memdup(prefix, prefix_len) : NULL;
watch->prefix_len = prefix_len;
watch->wdev_id = wdev_id;
watch->group = group;
watchlist_link(&group->watches, &watch->super, handler, user_data,
destroy);
frame-xchg: Try to call a handler only once per frame Try to better deduplicate the frame watches. Until now we'd check if we'd already registered a given frame body prefix with the kernel, or a matching more general prefix (shorter). Now also try to check if we have already have a watch with the same callback pointer and user_data value, and: * an identical or shorter (more general) prefix, in that case ignore the new watch completely. * a longer (more specific) prefix, in that case forget the existing watch. The use case for this is when we have a single callback for multiple watches and multiple frame types, and inside that callback we're looking at the frame body again and matching it to frame types. In that case we don't want that function to be called multiple times for one frame event.
2020-02-15 01:17:43 +01:00
if (info.registered)
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
return true;
msg = l_genl_msg_new_sized(NL80211_CMD_REGISTER_FRAME, 32 + prefix_len);
l_genl_msg_append_attr(msg, NL80211_ATTR_WDEV, 8, &wdev_id);
l_genl_msg_append_attr(msg, NL80211_ATTR_FRAME_TYPE, 2, &frame_type);
l_genl_msg_append_attr(msg, NL80211_ATTR_FRAME_MATCH,
prefix_len, prefix);
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
if (group->id == 0)
l_genl_family_send(nl80211, msg, frame_watch_register_cb,
L_UINT_TO_PTR(frame_type), NULL);
else {
l_queue_push_tail(group->write_queue, msg);
l_io_set_write_handler(group->io, frame_watch_group_io_write,
group, NULL);
}
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
return true;
}
bool frame_watch_group_remove(uint64_t wdev_id, uint32_t group_id)
{
frame-xchg: Use both group_id and wdev_id when removing group In frame_watch_group_remove I forgot to actually match the group to be removed by both wdev_id and group_id. group_ids are unique only in the scope of one wdev.
2020-02-07 12:39:13 +01:00
struct watch_group_match_info info = { wdev_id, group_id };
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
struct watch_group *group = l_queue_remove_if(watch_groups,
frame-xchg: Use both group_id and wdev_id when removing group In frame_watch_group_remove I forgot to actually match the group to be removed by both wdev_id and group_id. group_ids are unique only in the scope of one wdev.
2020-02-07 12:39:13 +01:00
frame_watch_group_match, &info);
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
if (!group)
return false;
frame_watch_group_destroy(group);
return true;
}
static bool frame_watch_item_remove_wdev(void *data, void *user_data)
{
struct frame_watch *watch =
l_container_of(data, struct frame_watch, super);
const uint64_t *wdev_id = user_data;
if (watch->wdev_id != *wdev_id)
return false;
if (watch->super.destroy)
watch->super.destroy(watch->super.notify_data);
frame_watch_free(&watch->super);
return true;
}
static bool frame_watch_group_remove_wdev(void *data, void *user_data)
{
struct watch_group *group = data;
const uint64_t *wdev_id = user_data;
frame-watch: Actually unregister removed groups Actually close the sockets for removed groups an free resources
2020-02-04 12:23:04 +01:00
if (group->wdev_id == *wdev_id) {
frame_watch_group_destroy(group);
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
return true;
frame-watch: Actually unregister removed groups Actually close the sockets for removed groups an free resources
2020-02-04 12:23:04 +01:00
}
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
if (group->id != 0)
return false;
/*
* Have to be careful here because we're messing with watchlist
* internals.
*/
l_queue_foreach_remove(group->watches.items,
frame-watch: Fix an l_queue_foreach_remove call A pointer to the wdev_id is expected in this call inside frame_watch_group_remove_wdev instead of a pointer to the pointer.
2020-02-04 12:23:05 +01:00
frame_watch_item_remove_wdev, user_data);
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
return false;
}
bool frame_watch_wdev_remove(uint64_t wdev_id)
{
return l_queue_foreach_remove(watch_groups, frame_watch_group_remove_wdev,
&wdev_id) > 0;
}
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
struct frame_watch_handler_check_info {
frame-xchg: Fix frame_watch_remove_by_handler for group 0 Don't match the default group's (group_id 0) wdev_id against the provided wdev_id because the default group can be used on all wdevs and its wdev_id is 0. Also match individual item's wdev_id in the group to make up for this although it normally wouldn't matter.
2020-05-31 02:56:44 +02:00
uint64_t wdev_id;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
frame_watch_cb_t handler;
void *user_data;
};
static bool frame_watch_item_remove_by_handler(void *data, void *user_data)
{
frame-xchg: Fix frame_watch_item_remove_by_handler
2020-03-18 15:45:24 +01:00
struct frame_watch *watch =
l_container_of(data, struct frame_watch, super);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
struct frame_watch_handler_check_info *info = user_data;
frame-xchg: Fix frame_watch_remove_by_handler for group 0 Don't match the default group's (group_id 0) wdev_id against the provided wdev_id because the default group can be used on all wdevs and its wdev_id is 0. Also match individual item's wdev_id in the group to make up for this although it normally wouldn't matter.
2020-05-31 02:56:44 +02:00
if (watch->wdev_id != info->wdev_id ||
watch->super.notify != info->handler ||
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
watch->super.notify_data != info->user_data)
return false;
frame-xchg: Optimize frame_watch_remove_by_handler scenarios Since frame_watch_remove_by_handler only forgets a given function + user data pointers, and doesn't remove the frame prefixes added in the kernel, we can avoid later re-registering those prefixes with the kernel by keeping them in our local watchlist, and only replacing the handler pointer with a dummy function.
2020-03-18 15:45:28 +01:00
if (watch->super.destroy) {
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
watch->super.destroy(watch->super.notify_data);
frame-xchg: Optimize frame_watch_remove_by_handler scenarios Since frame_watch_remove_by_handler only forgets a given function + user data pointers, and doesn't remove the frame prefixes added in the kernel, we can avoid later re-registering those prefixes with the kernel by keeping them in our local watchlist, and only replacing the handler pointer with a dummy function.
2020-03-18 15:45:28 +01:00
watch->super.destroy = NULL;
}
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
frame-xchg: Optimize frame_watch_remove_by_handler scenarios Since frame_watch_remove_by_handler only forgets a given function + user data pointers, and doesn't remove the frame prefixes added in the kernel, we can avoid later re-registering those prefixes with the kernel by keeping them in our local watchlist, and only replacing the handler pointer with a dummy function.
2020-03-18 15:45:28 +01:00
/*
* Keep the entry, with a dummy callback, in order to keep us from
* re-registering its prefix in future frame_watch_add calls. We
* can drop the entry in some circumstances but checking the
* conditions for this costs more than it is worth right now.
*/
watch->super.notify = frame_watch_notify_empty;
return false;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
/*
* Note this one doesn't interact with the kernel watches, only forgets our
* struct frame_watch instances.
*
* Also note empty groups are not automatically destroyed because right now
* this is not desired in frame_xchg_reset -- the only user of this function.
*/
static bool frame_watch_remove_by_handler(uint64_t wdev_id, uint32_t group_id,
frame_watch_cb_t handler,
void *user_data)
{
struct watch_group_match_info group_info =
frame-xchg: Fix frame_watch_remove_by_handler for group 0 Don't match the default group's (group_id 0) wdev_id against the provided wdev_id because the default group can be used on all wdevs and its wdev_id is 0. Also match individual item's wdev_id in the group to make up for this although it normally wouldn't matter.
2020-05-31 02:56:44 +02:00
{ group_id == 0 ? 0 : wdev_id, group_id };
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
struct frame_watch_handler_check_info handler_info =
frame-xchg: Fix frame_watch_remove_by_handler for group 0 Don't match the default group's (group_id 0) wdev_id against the provided wdev_id because the default group can be used on all wdevs and its wdev_id is 0. Also match individual item's wdev_id in the group to make up for this although it normally wouldn't matter.
2020-05-31 02:56:44 +02:00
{ wdev_id, handler, user_data };
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
struct watch_group *group = l_queue_find(watch_groups,
frame_watch_group_match,
&group_info);
if (!group)
return false;
return l_queue_foreach_remove(group->watches.items,
frame_watch_item_remove_by_handler,
&handler_info) > 0;
}
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
static bool frame_xchg_tx_retry(struct wiphy_radio_work_item *item);
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
static bool frame_xchg_resp_handle(const struct mmpdu_header *mpdu,
const void *body, size_t body_len,
int rssi, void *user_data);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
static void frame_xchg_resp_cb(const struct mmpdu_header *mpdu,
const void *body, size_t body_len,
int rssi, void *user_data);
static void frame_xchg_wait_cancel(struct frame_xchg_data *fx)
{
struct l_genl_msg *msg;
if (!fx->have_cookie)
return;
l_debug("");
msg = l_genl_msg_new_sized(NL80211_CMD_FRAME_WAIT_CANCEL, 32);
l_genl_msg_append_attr(msg, NL80211_ATTR_WDEV, 8, &fx->wdev_id);
l_genl_msg_append_attr(msg, NL80211_ATTR_COOKIE, 8, &fx->cookie);
l_genl_family_send(nl80211, msg, NULL, NULL, NULL);
fx->have_cookie = false;
}
static void frame_xchg_reset(struct frame_xchg_data *fx)
{
frame_xchg_wait_cancel(fx);
if (fx->timeout)
l_timeout_remove(fx->timeout);
frame-xchg: fix invalid read This seems to happen occationally with testAP (potentially others). The invalid read appears to happen when the frame_xchg_tx_cb detects an early status and no ACK. In this particular case there is no retry interval so we reach the retry limit and 'done' the frame. This frees the 'fx' data all before the destroy callback can get called. Once we finally return and the destroy callback is called 'fx' is freed and we see the invalid write. ==206== Memcheck, a memory error detector ==206== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==206== Using Valgrind-3.16.1 and LibVEX; rerun with -h for copyright info ==206== Command: iwd -p rad1,rad2,rad3,rad4 -d ==206== Parent PID: 140 ==206== ==206== Invalid write of size 4 ==206== at 0x4493A0: frame_xchg_tx_destroy (frame-xchg.c:941) ==206== by 0x46DAF6: destroy_request (genl.c:673) ==206== by 0x46DAF6: process_unicast (genl.c:1002) ==206== by 0x46DAF6: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206== by 0x403E78: main (main.c:490) ==206== Address 0x4c59c6c is 172 bytes inside a block of size 176 free'd ==206== at 0x483B9F5: free (vg_replace_malloc.c:538) ==206== by 0x40F14C: destroy_work (wiphy.c:248) ==206== by 0x40F14C: wiphy_radio_work_done (wiphy.c:1578) ==206== by 0x44A916: frame_xchg_tx_cb (frame-xchg.c:930) ==206== by 0x46DAD9: process_unicast (genl.c:993) ==206== by 0x46DAD9: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206== by 0x403E78: main (main.c:490) ==206== Block was alloc'd at ==206== at 0x483A809: malloc (vg_replace_malloc.c:307) ==206== by 0x4643CD: l_malloc (util.c:61) ==206== by 0x44AF8C: frame_xchg_startv (frame-xchg.c:1155) ==206== by 0x44B2A4: frame_xchg_start (frame-xchg.c:1108) ==206== by 0x42BC55: ap_send_mgmt_frame (ap.c:709) ==206== by 0x42F513: ap_probe_req_cb (ap.c:1869) ==206== by 0x449752: frame_watch_unicast_notify (frame-xchg.c:233) ==206== by 0x46DA2F: dispatch_unicast_watches (genl.c:961) ==206== by 0x46DA2F: process_unicast (genl.c:980) ==206== by 0x46DA2F: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206==
2020-10-30 17:35:59 +01:00
if (fx->tx_cmd_id) {
frame-xchg: Cancel NL80211_CMD_FRAME commands when interrupted The callback for the FRAME command was causing a crash in wiphy_radio_work_done when not cancelled when the wiphy was being removed from the system. This was likely to happen if this radio work item was waiting for another item to finish. When the first one was being cancelled due to the wiphy being removed, this one would be started and immediately stopped by the radio work queue. Now this crash could be fixed by dropping all frame exchange instances on an interface that is being removed which is easy to do, but properly cancelling the commands saves us the headache of analysing whether there's a race condition in other situations where a frame exchange is being aborted.
2020-09-29 18:37:05 +02:00
l_genl_family_cancel(nl80211, fx->tx_cmd_id);
frame-xchg: fix invalid read This seems to happen occationally with testAP (potentially others). The invalid read appears to happen when the frame_xchg_tx_cb detects an early status and no ACK. In this particular case there is no retry interval so we reach the retry limit and 'done' the frame. This frees the 'fx' data all before the destroy callback can get called. Once we finally return and the destroy callback is called 'fx' is freed and we see the invalid write. ==206== Memcheck, a memory error detector ==206== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==206== Using Valgrind-3.16.1 and LibVEX; rerun with -h for copyright info ==206== Command: iwd -p rad1,rad2,rad3,rad4 -d ==206== Parent PID: 140 ==206== ==206== Invalid write of size 4 ==206== at 0x4493A0: frame_xchg_tx_destroy (frame-xchg.c:941) ==206== by 0x46DAF6: destroy_request (genl.c:673) ==206== by 0x46DAF6: process_unicast (genl.c:1002) ==206== by 0x46DAF6: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206== by 0x403E78: main (main.c:490) ==206== Address 0x4c59c6c is 172 bytes inside a block of size 176 free'd ==206== at 0x483B9F5: free (vg_replace_malloc.c:538) ==206== by 0x40F14C: destroy_work (wiphy.c:248) ==206== by 0x40F14C: wiphy_radio_work_done (wiphy.c:1578) ==206== by 0x44A916: frame_xchg_tx_cb (frame-xchg.c:930) ==206== by 0x46DAD9: process_unicast (genl.c:993) ==206== by 0x46DAD9: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206== by 0x403E78: main (main.c:490) ==206== Block was alloc'd at ==206== at 0x483A809: malloc (vg_replace_malloc.c:307) ==206== by 0x4643CD: l_malloc (util.c:61) ==206== by 0x44AF8C: frame_xchg_startv (frame-xchg.c:1155) ==206== by 0x44B2A4: frame_xchg_start (frame-xchg.c:1108) ==206== by 0x42BC55: ap_send_mgmt_frame (ap.c:709) ==206== by 0x42F513: ap_probe_req_cb (ap.c:1869) ==206== by 0x449752: frame_watch_unicast_notify (frame-xchg.c:233) ==206== by 0x46DA2F: dispatch_unicast_watches (genl.c:961) ==206== by 0x46DA2F: process_unicast (genl.c:980) ==206== by 0x46DA2F: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206==
2020-10-30 17:35:59 +01:00
fx->tx_cmd_id = 0;
}
frame-xchg: Cancel NL80211_CMD_FRAME commands when interrupted The callback for the FRAME command was causing a crash in wiphy_radio_work_done when not cancelled when the wiphy was being removed from the system. This was likely to happen if this radio work item was waiting for another item to finish. When the first one was being cancelled due to the wiphy being removed, this one would be started and immediately stopped by the radio work queue. Now this crash could be fixed by dropping all frame exchange instances on an interface that is being removed which is easy to do, but properly cancelling the commands saves us the headache of analysing whether there's a race condition in other situations where a frame exchange is being aborted.
2020-09-29 18:37:05 +02:00
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
l_free(fx->early_frame.mpdu);
fx->early_frame.mpdu = NULL;
l_queue_destroy(fx->rx_watches, l_free);
fx->rx_watches = NULL;
l_free(fx->tx_mpdu);
fx->tx_mpdu = NULL;
frame_watch_remove_by_handler(fx->wdev_id, fx->group_id,
frame_xchg_resp_cb, fx);
}
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
static void frame_xchg_destroy(struct wiphy_radio_work_item *item)
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
{
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
struct frame_xchg_data *fx = l_container_of(item,
struct frame_xchg_data, work);
frame-xchg: add destroy function to start() APIs This makes things more consistent with other IWD APIs as well as prepares for unifying frame-xchg and scanning.
2020-06-23 17:42:51 +02:00
if (fx->destroy)
fx->destroy(fx->user_data);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
frame_xchg_reset(fx);
l_free(fx);
}
static void frame_xchg_done(struct frame_xchg_data *fx, int err)
{
l_queue_remove(frame_xchgs, fx);
frame-xchg: add destroy function to start() APIs This makes things more consistent with other IWD APIs as well as prepares for unifying frame-xchg and scanning.
2020-06-23 17:42:51 +02:00
if (fx->cb)
fx->cb(err, fx->user_data);
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
wiphy_radio_work_done(wiphy_find_by_wdev(fx->wdev_id), fx->work.id);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
static void frame_xchg_timeout_destroy(void *user_data)
{
struct frame_xchg_data *fx = user_data;
fx->timeout = NULL;
}
static void frame_xchg_timeout_cb(struct l_timeout *timeout,
void *user_data)
{
struct frame_xchg_data *fx = user_data;
l_timeout_remove(fx->timeout);
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
frame_xchg_tx_retry(&fx->work);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
static void frame_xchg_listen_end_cb(struct l_timeout *timeout,
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
void *user_data)
{
struct frame_xchg_data *fx = user_data;
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
if (!fx->retries_on_ack) {
frame_xchg_done(fx, 0);
return;
}
l_timeout_remove(fx->timeout);
fx->retries_on_ack--;
fx->retry_cnt = 0;
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
frame_xchg_tx_retry(&fx->work);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
static void frame_xchg_tx_status(struct frame_xchg_data *fx, bool acked)
{
if (!acked) {
frame_xchg_wait_cancel(fx);
if (!fx->retry_interval || fx->retry_cnt >= 15) {
if (!fx->resp_timeout)
fx->have_cookie = false;
l_error("Frame tx retry limit reached");
frame_xchg_done(fx, -ECOMM);
return;
}
l_free(fx->early_frame.mpdu);
fx->early_frame.mpdu = NULL;
fx->timeout = l_timeout_create_ms(fx->retry_interval,
frame_xchg_timeout_cb, fx,
frame_xchg_timeout_destroy);
return;
}
if (!fx->resp_timeout) {
/* No listen period to cancel */
fx->have_cookie = false;
frame_xchg_done(fx, 0);
return;
}
fx->tx_acked = true;
/* Process frames received early for strange drivers */
if (fx->early_frame.mpdu) {
/* The command is now over so no need to cancel it */
fx->have_cookie = false;
l_debug("Processing an early frame");
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
if (frame_xchg_resp_handle(fx->early_frame.mpdu,
fx->early_frame.body,
fx->early_frame.body_len,
fx->early_frame.rssi, fx))
return;
frame_xchg_listen_end_cb(NULL, fx);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
return;
}
/* Txed frame ACKed, listen for response frames */
fx->timeout = l_timeout_create_ms(fx->resp_timeout,
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
frame_xchg_listen_end_cb, fx,
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
frame_xchg_timeout_destroy);
}
static void frame_xchg_tx_cb(struct l_genl_msg *msg, void *user_data)
{
struct frame_xchg_data *fx = user_data;
int error = l_genl_msg_get_error(msg);
uint64_t cookie;
bool early_status;
frame-xchg: fix invalid read This seems to happen occationally with testAP (potentially others). The invalid read appears to happen when the frame_xchg_tx_cb detects an early status and no ACK. In this particular case there is no retry interval so we reach the retry limit and 'done' the frame. This frees the 'fx' data all before the destroy callback can get called. Once we finally return and the destroy callback is called 'fx' is freed and we see the invalid write. ==206== Memcheck, a memory error detector ==206== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==206== Using Valgrind-3.16.1 and LibVEX; rerun with -h for copyright info ==206== Command: iwd -p rad1,rad2,rad3,rad4 -d ==206== Parent PID: 140 ==206== ==206== Invalid write of size 4 ==206== at 0x4493A0: frame_xchg_tx_destroy (frame-xchg.c:941) ==206== by 0x46DAF6: destroy_request (genl.c:673) ==206== by 0x46DAF6: process_unicast (genl.c:1002) ==206== by 0x46DAF6: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206== by 0x403E78: main (main.c:490) ==206== Address 0x4c59c6c is 172 bytes inside a block of size 176 free'd ==206== at 0x483B9F5: free (vg_replace_malloc.c:538) ==206== by 0x40F14C: destroy_work (wiphy.c:248) ==206== by 0x40F14C: wiphy_radio_work_done (wiphy.c:1578) ==206== by 0x44A916: frame_xchg_tx_cb (frame-xchg.c:930) ==206== by 0x46DAD9: process_unicast (genl.c:993) ==206== by 0x46DAD9: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206== by 0x403E78: main (main.c:490) ==206== Block was alloc'd at ==206== at 0x483A809: malloc (vg_replace_malloc.c:307) ==206== by 0x4643CD: l_malloc (util.c:61) ==206== by 0x44AF8C: frame_xchg_startv (frame-xchg.c:1155) ==206== by 0x44B2A4: frame_xchg_start (frame-xchg.c:1108) ==206== by 0x42BC55: ap_send_mgmt_frame (ap.c:709) ==206== by 0x42F513: ap_probe_req_cb (ap.c:1869) ==206== by 0x449752: frame_watch_unicast_notify (frame-xchg.c:233) ==206== by 0x46DA2F: dispatch_unicast_watches (genl.c:961) ==206== by 0x46DA2F: process_unicast (genl.c:980) ==206== by 0x46DA2F: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206==
2020-10-30 17:35:59 +01:00
fx->tx_cmd_id = 0;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
if (error < 0) {
if (error == -EBUSY) {
fx->timeout = l_timeout_create_ms(fx->retry_interval,
frame_xchg_timeout_cb, fx,
frame_xchg_timeout_destroy);
return;
}
l_error("Frame tx failed: %s (%i)", strerror(-error), -error);
goto error;
}
if (L_WARN_ON(nl80211_parse_attrs(msg, NL80211_ATTR_COOKIE, &cookie,
NL80211_ATTR_UNSPEC) < 0)) {
error = -EINVAL;
goto error;
}
frame-xchg: Make debugs a bit more useful - Make sure to print the cookie information - Don't print messages for frames we're not interested in. This is particularly helpful when running auto-tests since frame acks from hostapd pollute the iwd log.
2021-04-21 18:03:55 +02:00
l_debug("Frame sent, cookie: %"PRIu64" obtained", cookie);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
early_status = fx->early_status && cookie == fx->cookie;
fx->tx_acked = early_status && fx->tx_acked;
fx->have_cookie = true;
fx->cookie = cookie;
if (early_status)
frame_xchg_tx_status(fx, fx->tx_acked);
return;
error:
frame_xchg_done(fx, error);
}
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
static bool frame_xchg_tx_retry(struct wiphy_radio_work_item *item)
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
{
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
struct frame_xchg_data *fx = l_container_of(item,
struct frame_xchg_data, work);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
struct l_genl_msg *msg;
uint32_t duration = fx->resp_timeout;
/*
* TODO: in Station, AP, P2P-Client, GO or Ad-Hoc modes if we're
* transmitting the frame on the BSS's operating channel we can skip
* NL80211_ATTR_DURATION and we should still receive the frames
* without potentially interfering with other operations.
*
* TODO: we may want to react to NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL
* in the group socket's unicast handler.
*/
msg = l_genl_msg_new_sized(NL80211_CMD_FRAME, 128 + fx->tx_mpdu_len);
l_genl_msg_append_attr(msg, NL80211_ATTR_WDEV, 8, &fx->wdev_id);
l_genl_msg_append_attr(msg, NL80211_ATTR_WIPHY_FREQ, 4, &fx->freq);
l_genl_msg_append_attr(msg, NL80211_ATTR_OFFCHANNEL_TX_OK, 0, NULL);
l_genl_msg_append_attr(msg, NL80211_ATTR_FRAME,
fx->tx_mpdu_len, fx->tx_mpdu);
frame-xchg: Add no-cck-rate flag only for P2P interfaces We want to use this flag only on the interfaces with one of the three P2P iftypes so set the flag automatically depending on the iftype from the last 'config' notification.
2020-09-29 18:37:04 +02:00
if (fx->no_cck_rates)
l_genl_msg_append_attr(msg, NL80211_ATTR_TX_NO_CCK_RATE, 0,
NULL);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
if (duration)
l_genl_msg_append_attr(msg, NL80211_ATTR_DURATION, 4,
&duration);
frame-xchg: Cancel NL80211_CMD_FRAME commands when interrupted The callback for the FRAME command was causing a crash in wiphy_radio_work_done when not cancelled when the wiphy was being removed from the system. This was likely to happen if this radio work item was waiting for another item to finish. When the first one was being cancelled due to the wiphy being removed, this one would be started and immediately stopped by the radio work queue. Now this crash could be fixed by dropping all frame exchange instances on an interface that is being removed which is easy to do, but properly cancelling the commands saves us the headache of analysing whether there's a race condition in other situations where a frame exchange is being aborted.
2020-09-29 18:37:05 +02:00
fx->tx_cmd_id = l_genl_family_send(nl80211, msg, frame_xchg_tx_cb, fx,
frame-xchg: fix invalid read This seems to happen occationally with testAP (potentially others). The invalid read appears to happen when the frame_xchg_tx_cb detects an early status and no ACK. In this particular case there is no retry interval so we reach the retry limit and 'done' the frame. This frees the 'fx' data all before the destroy callback can get called. Once we finally return and the destroy callback is called 'fx' is freed and we see the invalid write. ==206== Memcheck, a memory error detector ==206== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==206== Using Valgrind-3.16.1 and LibVEX; rerun with -h for copyright info ==206== Command: iwd -p rad1,rad2,rad3,rad4 -d ==206== Parent PID: 140 ==206== ==206== Invalid write of size 4 ==206== at 0x4493A0: frame_xchg_tx_destroy (frame-xchg.c:941) ==206== by 0x46DAF6: destroy_request (genl.c:673) ==206== by 0x46DAF6: process_unicast (genl.c:1002) ==206== by 0x46DAF6: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206== by 0x403E78: main (main.c:490) ==206== Address 0x4c59c6c is 172 bytes inside a block of size 176 free'd ==206== at 0x483B9F5: free (vg_replace_malloc.c:538) ==206== by 0x40F14C: destroy_work (wiphy.c:248) ==206== by 0x40F14C: wiphy_radio_work_done (wiphy.c:1578) ==206== by 0x44A916: frame_xchg_tx_cb (frame-xchg.c:930) ==206== by 0x46DAD9: process_unicast (genl.c:993) ==206== by 0x46DAD9: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206== by 0x403E78: main (main.c:490) ==206== Block was alloc'd at ==206== at 0x483A809: malloc (vg_replace_malloc.c:307) ==206== by 0x4643CD: l_malloc (util.c:61) ==206== by 0x44AF8C: frame_xchg_startv (frame-xchg.c:1155) ==206== by 0x44B2A4: frame_xchg_start (frame-xchg.c:1108) ==206== by 0x42BC55: ap_send_mgmt_frame (ap.c:709) ==206== by 0x42F513: ap_probe_req_cb (ap.c:1869) ==206== by 0x449752: frame_watch_unicast_notify (frame-xchg.c:233) ==206== by 0x46DA2F: dispatch_unicast_watches (genl.c:961) ==206== by 0x46DA2F: process_unicast (genl.c:980) ==206== by 0x46DA2F: received_data (genl.c:1101) ==206== by 0x46AA4B: io_callback (io.c:118) ==206== by 0x469D6C: l_main_iterate (main.c:477) ==206== by 0x469E1B: l_main_run (main.c:524) ==206== by 0x469E1B: l_main_run (main.c:506) ==206== by 0x46A02B: l_main_run_with_signal (main.c:646) ==206==
2020-10-30 17:35:59 +01:00
NULL);
frame-xchg: Cancel NL80211_CMD_FRAME commands when interrupted The callback for the FRAME command was causing a crash in wiphy_radio_work_done when not cancelled when the wiphy was being removed from the system. This was likely to happen if this radio work item was waiting for another item to finish. When the first one was being cancelled due to the wiphy being removed, this one would be started and immediately stopped by the radio work queue. Now this crash could be fixed by dropping all frame exchange instances on an interface that is being removed which is easy to do, but properly cancelling the commands saves us the headache of analysing whether there's a race condition in other situations where a frame exchange is being aborted.
2020-09-29 18:37:05 +02:00
if (!fx->tx_cmd_id) {
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
l_error("Error sending frame");
l_genl_msg_unref(msg);
frame_xchg_done(fx, -EIO);
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
return true;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
fx->tx_acked = false;
fx->have_cookie = false;
fx->early_status = false;
fx->retry_cnt++;
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
return false;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
frame-xchg: Fix potential use after free Check if the frame callback has cancelled the frame_xchg before attempting to free it.
2020-07-31 03:31:24 +02:00
static bool frame_xchg_match_ptr(const void *a, const void *b)
{
return a == b;
}
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
static bool frame_xchg_resp_handle(const struct mmpdu_header *mpdu,
const void *body, size_t body_len,
int rssi, void *user_data)
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
{
struct frame_xchg_data *fx = user_data;
const struct l_queue_entry *entry;
size_t hdr_len;
l_debug("");
if (memcmp(mpdu->address_1, fx->tx_mpdu->address_2, 6))
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
return false;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
if (memcmp(mpdu->address_2, fx->tx_mpdu->address_1, 6))
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
return false;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
/*
frame-xchg: Drop the BSSID check for incoming frames The BSSID (address_3) in response frames was being checked to be the same as in the request frame, or all-zeros for faulty drivers. At least one Wi-Fi Display device sends a GO Negotiation Response with the BSSID different from its Device Address (by 1 bit) and I didn't see an easy way to obtain that address beforhand so we can "whitelist" it for this check, so just drop that check for now. ANQP didn't have this check before it started using frame-xchg so it shouldn't be critical.
2020-07-21 02:45:40 +02:00
* BSSID (address_3) check not practical because some Linux
* drivers report all-zero values and some remote devices send
* wrong addresses. But the frame callback is free to perform
* its own check.
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
*/
for (entry = l_queue_get_entries(fx->rx_watches);
entry; entry = entry->next) {
struct frame_xchg_watch_data *watch = entry->data;
bool done;
if (body_len < watch->prefix->len ||
memcmp(body, watch->prefix->data,
watch->prefix->len))
continue;
if (!fx->tx_acked)
goto early_frame;
done = watch->cb(mpdu, body, body_len, rssi, fx->user_data);
frame-xchg: Fix potential use after free Check if the frame callback has cancelled the frame_xchg before attempting to free it.
2020-07-31 03:31:24 +02:00
if (!l_queue_find(frame_xchgs, frame_xchg_match_ptr, fx))
return true;
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
if (done) {
/* NULL callback here since the caller is done */
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
fx->cb = NULL;
frame_xchg_done(fx, 0);
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
return true;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
}
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
return false;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
early_frame:
/*
* Work around the strange order of events seen with the brcmfmac
* driver where we receive the response frames before the frame
* Tx status, which in turn is receive before the Tx callback with
* the operation cookie... rather then the reverse.
* Save the response frame to be processed in the Tx done callback.
*/
if (fx->early_frame.mpdu)
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
return false;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
hdr_len = (const uint8_t *) body - (const uint8_t *) mpdu;
fx->early_frame.mpdu = l_memdup(mpdu, body_len + hdr_len);
fx->early_frame.body = (const uint8_t *) fx->early_frame.mpdu + hdr_len;
fx->early_frame.body_len = body_len;
fx->early_frame.rssi = rssi;
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
return false;
}
static void frame_xchg_resp_cb(const struct mmpdu_header *mpdu,
const void *body, size_t body_len,
int rssi, void *user_data)
{
frame_xchg_resp_handle(mpdu, body, body_len, rssi, user_data);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
frame-xchg: Improve search for current frame in MLME notify Since there may now be multiple frames-xchg record for each wdev, when we receive the TX Status event, make sure we find the record who's radio work has started, as indicated by fx->retry_cnt > 0. Otherwise we're relying on the ordering of the frames in the "frame_xchgs" queue and constant priority.
2020-07-31 03:31:25 +02:00
static bool frame_xchg_match_running(const void *a, const void *b)
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
{
const struct frame_xchg_data *fx = a;
const uint64_t *wdev_id = b;
frame-xchg: Improve search for current frame in MLME notify Since there may now be multiple frames-xchg record for each wdev, when we receive the TX Status event, make sure we find the record who's radio work has started, as indicated by fx->retry_cnt > 0. Otherwise we're relying on the ordering of the frames in the "frame_xchgs" queue and constant priority.
2020-07-31 03:31:25 +02:00
return fx->retry_cnt > 0 && fx->wdev_id == *wdev_id;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
/*
* Send an action frame described by @frame. If @retry_interval is
* non-zero and we receive no ACK from @peer to any of the retransmissions
* done in the kernel (at a high rate), retry after @retry_interval
* milliseconds from the time the kernel gave up. If no ACK is received
* after all the retransmissions, call @cb with a non-zero error number.
* Otherwise, if @resp_timeout is non-zero, remain on the same channel
* and report any response frames from the frame's destination address
* that match provided prefixes, to the corresponding callbacks. Do so
* for @resp_timeout milliseconds from the ACK receival or until a frame
* callback returns @true. Call @cb when @resp_timeout runs out and
* no frame callback returned @true, or immediately after the ACK if
* @resp_timeout was 0. @frame is an iovec array terminated by an iovec
* struct with NULL-iov_base.
*/
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
uint32_t frame_xchg_start(uint64_t wdev_id, struct iovec *frame, uint32_t freq,
frame-xchg: Add frame_xchg_start
2020-03-19 22:12:11 +01:00
unsigned int retry_interval, unsigned int resp_timeout,
unsigned int retries_on_ack, uint32_t group_id,
frame-xchg: add destroy function to start() APIs This makes things more consistent with other IWD APIs as well as prepares for unifying frame-xchg and scanning.
2020-06-23 17:42:51 +02:00
frame_xchg_cb_t cb, void *user_data,
frame_xchg_destroy_func_t destroy, ...)
frame-xchg: Add frame_xchg_start
2020-03-19 22:12:11 +01:00
{
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
uint32_t id;
frame-xchg: Add frame_xchg_start
2020-03-19 22:12:11 +01:00
va_list args;
frame-xchg: add destroy function to start() APIs This makes things more consistent with other IWD APIs as well as prepares for unifying frame-xchg and scanning.
2020-06-23 17:42:51 +02:00
va_start(args, destroy);
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
id = frame_xchg_startv(wdev_id, frame, freq, retry_interval, resp_timeout,
frame-xchg: add destroy function to start() APIs This makes things more consistent with other IWD APIs as well as prepares for unifying frame-xchg and scanning.
2020-06-23 17:42:51 +02:00
retries_on_ack, group_id, cb, user_data,
destroy, args);
frame-xchg: Add frame_xchg_start
2020-03-19 22:12:11 +01:00
va_end(args);
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
return id;
frame-xchg: Add frame_xchg_start
2020-03-19 22:12:11 +01:00
}
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
static const struct wiphy_radio_work_item_ops work_ops = {
.do_work = frame_xchg_tx_retry,
.destroy = frame_xchg_destroy,
};
frame-xchg: Add no-cck-rate flag only for P2P interfaces We want to use this flag only on the interfaces with one of the three P2P iftypes so set the flag automatically depending on the iftype from the last 'config' notification.
2020-09-29 18:37:04 +02:00
static bool frame_xchg_wdev_match(const void *a, const void *b)
{
const struct wdev_info *wdev = a;
const uint64_t *id = b;
return wdev->id == *id;
}
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
uint32_t frame_xchg_startv(uint64_t wdev_id, struct iovec *frame, uint32_t freq,
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
unsigned int retry_interval, unsigned int resp_timeout,
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
unsigned int retries_on_ack, uint32_t group_id,
frame-xchg: add destroy function to start() APIs This makes things more consistent with other IWD APIs as well as prepares for unifying frame-xchg and scanning.
2020-06-23 17:42:51 +02:00
frame_xchg_cb_t cb, void *user_data,
frame_xchg_destroy_func_t destroy, va_list resp_args)
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
{
struct frame_xchg_data *fx;
size_t frame_len;
struct iovec *iov;
uint8_t *ptr;
frame-xchg: Add no-cck-rate flag only for P2P interfaces We want to use this flag only on the interfaces with one of the three P2P iftypes so set the flag automatically depending on the iftype from the last 'config' notification.
2020-09-29 18:37:04 +02:00
struct wdev_info *wdev;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
for (frame_len = 0, iov = frame; iov->iov_base; iov++)
frame_len += iov->iov_len;
frame-xchg: fix incorrect length check frame_xchg_startv was using sizeof(mmpdu) to check the minimum length for a frame. Instead mmpdu_header_len should be used since this checks fc.order and returns either 24 or 28 bytes, not 28 bytes always. This change adds the requirement that the first iovec in the array must contain at least the first 2 bytes (mmpdu_fc) of the header. This really shouldn't be a problem since all current users of frame-xchg put the entire header (or entire frame) into the first iovec in the array.
2020-06-22 17:25:16 +02:00
/*
* This assumes that the first iovec at least contains the mmpdu_fc
* portion of the header used to calculate the minimum length.
*/
if (frame[0].iov_len >= 2 && frame_len <
mmpdu_header_len((const struct mmpdu_header *)
frame[0].iov_base)) {
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
l_error("Frame too short");
cb(-EMSGSIZE, user_data);
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
return 0;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
fx = l_new(struct frame_xchg_data, 1);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
if (!frame_xchgs)
frame_xchgs = l_queue_new();
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
fx->wdev_id = wdev_id;
fx->freq = freq;
fx->retry_interval = retry_interval;
fx->resp_timeout = resp_timeout;
frame-xchg: Add facility to keep retransmitting after ACK In some cases a P2P peer will ACK our frame but not reply on the first attempt, and other implementations seem to handle this by going back to retransmitting the frame at a high rate until it gets ACKed again, at which point they will again give the peer a longer time to tx the response frame. Implement the same logic here by adding a retries_on_ack parameter that takes the number of additional times we want to restart the normal retransmit counter after we received no response frame on the first attempt. So passing 0 maintains the current behaviour, 1 for 1 extra attempt, etc. In effect we may retransmit a frame about 15 * (retry_on_ack + 1) * <in-kernel retransmit limit> times. The kernel/driver retransmits a frame a number of times if there's no ACK (I've seen about 20 normally) at a high frequency, if that fails we retry the whole process 15 times inside frame-xchg.c and if we still get no ACK at any point, we give up. If we do get an ACK, we wait for a response frame and if we don't get that we will optionally reset the retry counter and restart the whole thing retry_on_ack times.
2020-03-19 22:12:10 +01:00
fx->retries_on_ack = retries_on_ack;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
fx->cb = cb;
frame-xchg: add destroy function to start() APIs This makes things more consistent with other IWD APIs as well as prepares for unifying frame-xchg and scanning.
2020-06-23 17:42:51 +02:00
fx->destroy = destroy;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
fx->user_data = user_data;
fx->group_id = group_id;
fx->tx_mpdu = l_malloc(frame_len);
fx->tx_mpdu_len = frame_len;
ptr = (uint8_t *) fx->tx_mpdu;
for (iov = frame; iov->iov_base; ptr += iov->iov_len, iov++)
memcpy(ptr, iov->iov_base, iov->iov_len);
frame-xchg: Add no-cck-rate flag only for P2P interfaces We want to use this flag only on the interfaces with one of the three P2P iftypes so set the flag automatically depending on the iftype from the last 'config' notification.
2020-09-29 18:37:04 +02:00
wdev = l_queue_find(wdevs, frame_xchg_wdev_match, &wdev_id);
fx->no_cck_rates = wdev &&
(wdev->iftype == NL80211_IFTYPE_P2P_DEVICE ||
wdev->iftype == NL80211_IFTYPE_P2P_CLIENT ||
wdev->iftype == NL80211_IFTYPE_P2P_GO);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
/*
* Subscribe to the response frames now instead of in the ACK
* callback to save ourselves race condition considerations.
*/
while (1) {
struct frame_xchg_prefix *prefix;
struct frame_xchg_watch_data *watch;
prefix = va_arg(resp_args, struct frame_xchg_prefix *);
if (!prefix)
break;
watch = l_new(struct frame_xchg_watch_data, 1);
watch->prefix = prefix;
watch->cb = va_arg(resp_args, void *);
frame_watch_add(wdev_id, group_id, 0x00d0,
prefix->data, prefix->len,
frame_xchg_resp_cb, fx, NULL);
if (!fx->rx_watches)
fx->rx_watches = l_queue_new();
l_queue_push_tail(fx->rx_watches, watch);
}
fx->retry_cnt = 0;
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
l_queue_push_tail(frame_xchgs, fx);
/*
* TODO: Assume any offchannel frames are a high priority (0). This may
* need to be re-examined in the future if other operations (e.g.
* wait on channel) are introduced.
*/
return wiphy_radio_work_insert(wiphy_find_by_wdev(wdev_id),
&fx->work, 0, &work_ops);
}
frame-xchg: Re-add frame_xchg_stop In 98cf2bf3ece070bfe7ff45670b95d24b34bf3e13 frame_xchg_stop was removed and its use in p2p.c was changed to frame_xchg_cancel with the slight complication that the ID returned by frame_xchg_start had do be stored. Re-add frame_xchg_stop, (renamed as frame_xchg_stop_wdev) to simplify this bit in p2p.c.
2020-07-31 03:31:26 +02:00
static bool frame_xchg_cancel_by_wdev(void *data, void *user_data)
{
struct frame_xchg_data *fx = data;
const uint64_t *wdev_id = user_data;
if (fx->wdev_id != *wdev_id)
return false;
wiphy_radio_work_done(wiphy_find_by_wdev(fx->wdev_id), fx->work.id);
return true;
}
void frame_xchg_stop_wdev(uint64_t wdev_id)
{
l_queue_foreach_remove(frame_xchgs, frame_xchg_cancel_by_wdev,
&wdev_id);
}
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
static bool frame_xchg_match_id(const void *a, const void *b)
{
const struct frame_xchg_data *fx = a;
const uint32_t *id = b;
return fx->work.id == *id;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
void frame_xchg_cancel(uint32_t id)
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
{
struct frame_xchg_data *fx =
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
l_queue_remove_if(frame_xchgs, frame_xchg_match_id, &id);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
if (!fx)
return;
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
wiphy_radio_work_done(wiphy_find_by_wdev(fx->wdev_id), id);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
static void frame_xchg_mlme_notify(struct l_genl_msg *msg, void *user_data)
{
uint64_t wdev_id;
struct frame_xchg_data *fx;
uint64_t cookie;
bool ack;
uint8_t cmd = l_genl_msg_get_command(msg);
switch (cmd) {
case NL80211_CMD_FRAME_TX_STATUS:
if (nl80211_parse_attrs(msg, NL80211_ATTR_WDEV, &wdev_id,
NL80211_ATTR_COOKIE, &cookie,
NL80211_ATTR_ACK, &ack,
NL80211_ATTR_UNSPEC) < 0)
return;
frame-xchg: Improve search for current frame in MLME notify Since there may now be multiple frames-xchg record for each wdev, when we receive the TX Status event, make sure we find the record who's radio work has started, as indicated by fx->retry_cnt > 0. Otherwise we're relying on the ordering of the frames in the "frame_xchgs" queue and constant priority.
2020-07-31 03:31:25 +02:00
fx = l_queue_find(frame_xchgs, frame_xchg_match_running,
&wdev_id);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
if (!fx)
return;
frame-xchg: Make debugs a bit more useful - Make sure to print the cookie information - Don't print messages for frames we're not interested in. This is particularly helpful when running auto-tests since frame acks from hostapd pollute the iwd log.
2021-04-21 18:03:55 +02:00
l_debug("Received %s for cookie: %"PRIu64,
ack ? "an ACK" : "no ACK", cookie);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
if (fx->have_cookie && cookie == fx->cookie && !fx->tx_acked)
frame_xchg_tx_status(fx, ack);
else if (!fx->have_cookie && !fx->tx_acked) {
/*
* Save the information about the frame's ACK status
* to be processed in frame_xchg_tx_cb if we were
* called before it (happens on brcmfmac).
*/
fx->tx_acked = ack;
fx->cookie = cookie;
fx->early_status = true;
}
break;
}
}
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
static void frame_xchg_config_notify(struct l_genl_msg *msg, void *user_data)
{
uint64_t wdev_id;
uint32_t iftype;
struct wdev_info *wdev;
switch (l_genl_msg_get_command(msg)) {
case NL80211_CMD_NEW_INTERFACE:
case NL80211_CMD_SET_INTERFACE:
if (nl80211_parse_attrs(msg, NL80211_ATTR_WDEV, &wdev_id,
NL80211_ATTR_IFTYPE, &iftype,
NL80211_ATTR_UNSPEC) < 0)
break;
wdev = l_queue_find(wdevs, frame_xchg_wdev_match, &wdev_id);
if (!wdev) {
wdev = l_new(struct wdev_info, 1);
wdev->id = wdev_id;
if (!wdevs)
wdevs = l_queue_new();
l_queue_push_tail(wdevs, wdev);
break;
}
frame-xchg: iftype changes to be managed by netdev Since netdev now keeps track of iftype changes, let it call frame_watch_wdev_remove on netdevs that it manages to clear frame registrations that should be cleared due to an iftype change. Note that P2P_DEVICE wdevs are not managed by any netdev object, but since their iftype cannot be changed, they should not be affected by this change.
2021-04-19 23:31:42 +02:00
wdev->iftype = iftype;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
break;
case NL80211_CMD_DEL_INTERFACE:
if (nl80211_parse_attrs(msg, NL80211_ATTR_WDEV, &wdev_id,
NL80211_ATTR_UNSPEC) < 0)
break;
wdev = l_queue_remove_if(wdevs, frame_xchg_wdev_match, &wdev_id);
if (!wdev)
break;
l_free(wdev);
frame_watch_wdev_remove(wdev_id);
break;
}
}
static int frame_xchg_init(void)
{
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
struct watch_group *default_group;
const struct l_genl_family_info *info;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
nl80211 = l_genl_family_new(iwd_get_genl(), NL80211_GENL_NAME);
if (!nl80211) {
l_error("Failed to obtain nl80211");
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
return -EIO;
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
}
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
info = l_genl_family_get_info(nl80211);
nl80211_id = l_genl_family_info_get_id(info);
default_group = frame_watch_group_new(0, 0);
if (!default_group)
goto error;
if (!l_genl_family_register(nl80211, "config", frame_xchg_config_notify,
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
NULL, NULL)) {
l_error("Registering for config notifications failed");
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
goto error;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
}
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
if (!l_genl_family_register(nl80211, "mlme", frame_xchg_mlme_notify,
NULL, NULL)) {
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
l_error("Registering for MLME notification failed");
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
goto error;
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
}
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
watch_groups = l_queue_new();
l_queue_push_tail(watch_groups, default_group);
return 0;
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
error:
if (nl80211) {
l_genl_family_free(nl80211);
nl80211 = NULL;
}
if (default_group)
frame_watch_group_destroy(default_group);
return -EIO;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
}
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
static void destroy_xchg_data(void *user_data)
{
struct frame_xchg_data *fx = user_data;
frame-xchg: Don't call frame_xchg_destroy directly frame_xchg_destroy is passed as the wiphy radio work's destroy callback to wiphy.c. If it's also called directly in frame_xchg_exit, there's going to be a use-after-free when it's called again from wiphy_exit, so instead use wiphy_radio_work_done which will call frame_xchg_destroy and forget the frame_xchg record.
2020-07-21 02:45:37 +02:00
wiphy_radio_work_done(wiphy_find_by_wdev(fx->wdev_id), fx->work.id);
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
}
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
static void frame_xchg_exit(void)
{
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
struct l_queue *groups = watch_groups;
frame-xchg: Allow calling frame_xchg_stop from the callback Don't crash if the user calls frame_xchg_stop(wdev) from inside the frame exchange's final callback. That call is going to be redundant but it's convenient to do this inside a cleanup function for a given wdev without having to check whether any frame exchange was actually running.
2020-03-18 15:45:25 +01:00
struct l_queue *xchgs = frame_xchgs;
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
frame_xchgs = NULL;
frame-xchg: refactor to use wiphy work queue In order to first integrate frame-xchg some refactoring needed to be done. First it is useful to allow queueing frames up rather than requiring the module (p2p, anqp etc) to wait for the last frame to finish. This can be aided by radio management but frame-xchg needed some refactoring as well. First was getting rid of this fx pointer re-use. It looks like this was done to save a bit of memory but things get pretty complex needed to check if the pointer is stale or has been reset. Instead of this we now just allocate a new pointer each frame-xchg. This allows for the module to queue multiple requests as well as removes the complexity of needed to check if the fx pointer is stale. Next was adding the ability to track frame-xchgs by ID. If a module can queue up multiple requests it also needs to be able to cancel them individually vs per-wdev. This comes free with the wiphy work queue since it returns an ID which can be given directly to the caller. Then radio management was simply piped in by adding the insert/done APIs.
2020-07-09 02:04:33 +02:00
l_queue_destroy(xchgs, destroy_xchg_data);
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
watch_groups = NULL;
frame-xchg: Don't use l_genl for additional nl80211 sockets For nl80211 sockets other than our main l_genl object use socket io directly, to avoid creating many instances of l_genl. The only reason we use multiple sockets is to work around an nl80211 design quirk that requires closing the socket to unregister management frame watches. Normally there should not be a need to create multiple sockets in a program.
2020-02-15 01:17:45 +01:00
l_queue_destroy(groups, frame_watch_group_destroy);
l_genl_family_free(nl80211);
frame-xchg: Add a frame exchange API Add a little state machine and a related API, to simplify sending out a frame, receiving the Ack / No-ack status and (if acked) waiting for a response frame from the target device, one of a list of possible frame prefixes. The nl80211 API for this makes it complicated enough that this new API seems to be justified, on top of that there's a quirk when using the brcmfmac driver where the nl80211 response (containing the operation's cookie), the Tx Status event and the response Frame event are received from nl80211 in reverse order (not seen with other drivers so far), further complicating what should be a pretty simple task.
2020-02-15 01:17:44 +01:00
nl80211 = NULL;
Add a new frame watch API This new API is independent of netdev.c and allows actually unregistering from receiving notifications of frames, although with some quirks. The current API only allowed the callback for a registration to be forgotten but our process and/or the kernel would still be woken up when matching frames were received because the kernel had no frame unregister call. In the new API you can supply a group-id paramter when registering frames. If it is non-zero the frame_watch_group_remove() call can be used to remove all frame registrations that had a given group-id by closing the netlink socket on which the notifications would be received. This means though that it's a slightly costly operation. The file is named frame-xchg.c because I'm thinking of also adding utilities for sending frames and waiting for one of a number of replies and handling the acked/un-acked information.
2020-01-06 13:39:38 +01:00
l_queue_destroy(wdevs, l_free);
wdevs = NULL;
}
IWD_MODULE(frame_xchg, frame_xchg_init, frame_xchg_exit);
frame-xchg: Don't call frame_xchg_destroy directly frame_xchg_destroy is passed as the wiphy radio work's destroy callback to wiphy.c. If it's also called directly in frame_xchg_exit, there's going to be a use-after-free when it's called again from wiphy_exit, so instead use wiphy_radio_work_done which will call frame_xchg_destroy and forget the frame_xchg record.
2020-07-21 02:45:37 +02:00
IWD_MODULE_DEPENDS(frame_xchg, wiphy)