io/net80211/net80211_ht.c

*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
*10266SQuaker.Fang@Sun.COM * Use is subject to license terms.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Copyright (c) 2007 Sam Leffler, Errno Consulting
*10266SQuaker.Fang@Sun.COM * All rights reserved.
*10266SQuaker.Fang@Sun.COM *
*10266SQuaker.Fang@Sun.COM * Redistribution and use in source and binary forms, with or without
*10266SQuaker.Fang@Sun.COM * modification, are permitted provided that the following conditions
*10266SQuaker.Fang@Sun.COM * are met:
*10266SQuaker.Fang@Sun.COM * 1. Redistributions of source code must retain the above copyright
*10266SQuaker.Fang@Sun.COM *    notice, this list of conditions and the following disclaimer.
*10266SQuaker.Fang@Sun.COM * 2. Redistributions in binary form must reproduce the above copyright
*10266SQuaker.Fang@Sun.COM *    notice, this list of conditions and the following disclaimer in the
*10266SQuaker.Fang@Sun.COM *    documentation and/or other materials provided with the distribution.
*10266SQuaker.Fang@Sun.COM *
*10266SQuaker.Fang@Sun.COM * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
*10266SQuaker.Fang@Sun.COM * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
*10266SQuaker.Fang@Sun.COM * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
*10266SQuaker.Fang@Sun.COM * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
*10266SQuaker.Fang@Sun.COM * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
*10266SQuaker.Fang@Sun.COM * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
*10266SQuaker.Fang@Sun.COM * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
*10266SQuaker.Fang@Sun.COM * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
*10266SQuaker.Fang@Sun.COM * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
*10266SQuaker.Fang@Sun.COM * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * IEEE 802.11n protocol support.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COM#include <sys/mac_provider.h>
*10266SQuaker.Fang@Sun.COM#include <sys/strsun.h>
*10266SQuaker.Fang@Sun.COM#include <sys/byteorder.h>
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM#include "net80211_impl.h"
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/* define here, used throughout file */
*10266SQuaker.Fang@Sun.COM#define	MS(_v, _f)	(((_v) & _f) >> _f##_S)
*10266SQuaker.Fang@Sun.COM#define	SM(_v, _f)	(((_v) << _f##_S) & _f)
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/* need max array size */
*10266SQuaker.Fang@Sun.COM/* NB: these are for HT20 w/ long GI */
*10266SQuaker.Fang@Sun.COMconst int ieee80211_htrates[16] = {
*10266SQuaker.Fang@Sun.COM	13,		/* IFM_IEEE80211_MCS0 */
*10266SQuaker.Fang@Sun.COM	26,		/* IFM_IEEE80211_MCS1 */
*10266SQuaker.Fang@Sun.COM	39,		/* IFM_IEEE80211_MCS2 */
*10266SQuaker.Fang@Sun.COM	52,		/* IFM_IEEE80211_MCS3 */
*10266SQuaker.Fang@Sun.COM	78,		/* IFM_IEEE80211_MCS4 */
*10266SQuaker.Fang@Sun.COM	104,		/* IFM_IEEE80211_MCS5 */
*10266SQuaker.Fang@Sun.COM	117,		/* IFM_IEEE80211_MCS6 */
*10266SQuaker.Fang@Sun.COM	130,		/* IFM_IEEE80211_MCS7 */
*10266SQuaker.Fang@Sun.COM	26,		/* IFM_IEEE80211_MCS8 */
*10266SQuaker.Fang@Sun.COM	52,		/* IFM_IEEE80211_MCS9 */
*10266SQuaker.Fang@Sun.COM	78,		/* IFM_IEEE80211_MCS10 */
*10266SQuaker.Fang@Sun.COM	104,		/* IFM_IEEE80211_MCS11 */
*10266SQuaker.Fang@Sun.COM	156,		/* IFM_IEEE80211_MCS12 */
*10266SQuaker.Fang@Sun.COM	208,		/* IFM_IEEE80211_MCS13 */
*10266SQuaker.Fang@Sun.COM	234,		/* IFM_IEEE80211_MCS14 */
*10266SQuaker.Fang@Sun.COM	260,		/* IFM_IEEE80211_MCS15 */
*10266SQuaker.Fang@Sun.COM};
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COMstruct ieee80211_htrateset ieee80211_rateset_11n =
*10266SQuaker.Fang@Sun.COM	{ 16, {
*10266SQuaker.Fang@Sun.COM	/* MCS: 6.5   13 19.5   26   39  52 58.5  65  13  26 */
*10266SQuaker.Fang@Sun.COM		0,   1,   2,   3,   4,  5,   6,  7,  8,  9,
*10266SQuaker.Fang@Sun.COM	/* 39   52   78  104  117, 130 */
*10266SQuaker.Fang@Sun.COM		10,  11,  12,  13,  14,  15 }
*10266SQuaker.Fang@Sun.COM	};
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM#define	IEEE80211_AMPDU_AGE
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM#define	IEEE80211_AGGR_TIMEOUT	250		/* msecs */
*10266SQuaker.Fang@Sun.COM#define	IEEE80211_AGGR_MINRETRY	(10 * hz)	/* ticks */
*10266SQuaker.Fang@Sun.COM#define	IEEE80211_AGGR_MAXTRIES	3
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Receive processing.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Decap the encapsulated A-MSDU frames and dispatch all but
*10266SQuaker.Fang@Sun.COM * the last for delivery.  The last frame is returned for
*10266SQuaker.Fang@Sun.COM * delivery via the normal path.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COM#define	FF_LLC_SIZE	\
*10266SQuaker.Fang@Sun.COM	(sizeof (struct ether_header) + sizeof (struct ieee80211_llc))
*10266SQuaker.Fang@Sun.COMmblk_t *
*10266SQuaker.Fang@Sun.COMieee80211_decap_amsdu(struct ieee80211_node *in, mblk_t *mp)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM	struct ether_header *eh;
*10266SQuaker.Fang@Sun.COM	struct ieee80211_frame *wh;
*10266SQuaker.Fang@Sun.COM	int framelen, hdrspace;
*10266SQuaker.Fang@Sun.COM	mblk_t *m0;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* all msdu has same ieee80211_frame header */
*10266SQuaker.Fang@Sun.COM	wh = (struct ieee80211_frame *)mp->b_rptr;
*10266SQuaker.Fang@Sun.COM	hdrspace = ieee80211_hdrspace(ic, wh);
*10266SQuaker.Fang@Sun.COM	mp->b_rptr += hdrspace;	/* A-MSDU subframe follows */
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	for (;;) {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * The frame has an 802.3 header followed by an 802.2
*10266SQuaker.Fang@Sun.COM		 * LLC header.  The encapsulated frame length is in the
*10266SQuaker.Fang@Sun.COM		 * first header type field;
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		if (MBLKL(mp) < FF_LLC_SIZE) {
*10266SQuaker.Fang@Sun.COM			ieee80211_err("too short, decap failed\n");
*10266SQuaker.Fang@Sun.COM			goto out;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * Decap frames, encapsulate to 802.11 frame then deliver.
*10266SQuaker.Fang@Sun.COM		 * 802.3 header is first (struct ether_header)
*10266SQuaker.Fang@Sun.COM		 * 802.2 header follows (struct ieee80211_llc)
*10266SQuaker.Fang@Sun.COM		 * data, msdu = llc + data
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		eh = (struct ether_header *)mp->b_rptr;
*10266SQuaker.Fang@Sun.COM						/* 802.2 header follows */
*10266SQuaker.Fang@Sun.COM		framelen = ntohs(eh->ether_type);	/* llc + data */
*10266SQuaker.Fang@Sun.COM		m0 = allocb(hdrspace + framelen, BPRI_MED);
*10266SQuaker.Fang@Sun.COM		if (m0 == NULL) {
*10266SQuaker.Fang@Sun.COM			ieee80211_err("decap_msdu(): can't alloc mblk\n");
*10266SQuaker.Fang@Sun.COM			goto out;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		(void) memcpy(m0->b_wptr, (uint8_t *)wh, hdrspace);
*10266SQuaker.Fang@Sun.COM		m0->b_wptr += hdrspace;
*10266SQuaker.Fang@Sun.COM		(void) memcpy(m0->b_wptr,
*10266SQuaker.Fang@Sun.COM		    mp->b_rptr + sizeof (struct ether_header), framelen);
*10266SQuaker.Fang@Sun.COM		m0->b_wptr += framelen;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM		ic->ic_stats.is_rx_frags++;
*10266SQuaker.Fang@Sun.COM		ic->ic_stats.is_rx_bytes += MBLKL(m0);
*10266SQuaker.Fang@Sun.COM		IEEE80211_UNLOCK(ic);
*10266SQuaker.Fang@Sun.COM		mac_rx(ic->ic_mach, NULL, m0);	/* deliver to mac */
*10266SQuaker.Fang@Sun.COM		IEEE80211_LOCK(ic);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM		framelen += sizeof (struct ether_header);
*10266SQuaker.Fang@Sun.COM		if (MBLKL(mp) == framelen)	/* last, no padding */
*10266SQuaker.Fang@Sun.COM			goto out;
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * Remove frame contents; each intermediate frame
*10266SQuaker.Fang@Sun.COM		 * is required to be aligned to a 4-byte boundary.
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		mp->b_rptr += roundup(framelen, 4);	/* padding */
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COMout:
*10266SQuaker.Fang@Sun.COM	freemsg(mp);
*10266SQuaker.Fang@Sun.COM	return (NULL);	/* none delivered by caller */
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM#undef FF_LLC_SIZE
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Start A-MPDU rx/re-order processing for the specified TID.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMampdu_rx_start(struct ieee80211_rx_ampdu *rap, int bufsiz, int start)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	(void) memset(rap, 0, sizeof (*rap));
*10266SQuaker.Fang@Sun.COM	rap->rxa_wnd = (bufsiz == 0) ? IEEE80211_AGGR_BAWMAX
*10266SQuaker.Fang@Sun.COM	    : min((uint16_t)bufsiz, IEEE80211_AGGR_BAWMAX);
*10266SQuaker.Fang@Sun.COM	rap->rxa_start = (uint16_t)start;
*10266SQuaker.Fang@Sun.COM	rap->rxa_flags |= IEEE80211_AGGR_XCHGPEND;
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Purge all frames in the A-MPDU re-order queue.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMampdu_rx_purge(struct ieee80211_rx_ampdu *rap)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	mblk_t *m;
*10266SQuaker.Fang@Sun.COM	int i;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	for (i = 0; i < rap->rxa_wnd; i++) {
*10266SQuaker.Fang@Sun.COM		m = rap->rxa_m[i];
*10266SQuaker.Fang@Sun.COM		if (m != NULL) {
*10266SQuaker.Fang@Sun.COM			rap->rxa_m[i] = NULL;
*10266SQuaker.Fang@Sun.COM			rap->rxa_qbytes -= MBLKL(m);
*10266SQuaker.Fang@Sun.COM			freemsg(m);
*10266SQuaker.Fang@Sun.COM			if (--rap->rxa_qframes == 0)
*10266SQuaker.Fang@Sun.COM				break;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	ASSERT(rap->rxa_qbytes == 0 && rap->rxa_qframes == 0);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Stop A-MPDU rx processing for the specified TID.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMampdu_rx_stop(struct ieee80211_rx_ampdu *rap)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	rap->rxa_flags &= ~IEEE80211_AGGR_XCHGPEND;
*10266SQuaker.Fang@Sun.COM	ampdu_rx_purge(rap);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Dispatch a frame from the A-MPDU reorder queue.  The
*10266SQuaker.Fang@Sun.COM * frame is fed back into ieee80211_input marked with an
*10266SQuaker.Fang@Sun.COM * M_AMPDU flag so it doesn't come back to us (it also
*10266SQuaker.Fang@Sun.COM * permits ieee80211_input to optimize re-processing).
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMampdu_dispatch(struct ieee80211_node *in, mblk_t *m)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	m->b_flag |= M_AMPDU;	/* bypass normal processing */
*10266SQuaker.Fang@Sun.COM	/* NB: rssi and rstamp are ignored w/ M_AMPDU set */
*10266SQuaker.Fang@Sun.COM	(void) ieee80211_input(in->in_ic, m, in, 0, 0);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Dispatch as many frames as possible from the re-order queue.
*10266SQuaker.Fang@Sun.COM * Frames will always be "at the front"; we process all frames
*10266SQuaker.Fang@Sun.COM * up to the first empty slot in the window.  On completion we
*10266SQuaker.Fang@Sun.COM * cleanup state if there are still pending frames in the current
*10266SQuaker.Fang@Sun.COM * BA window.  We assume the frame at slot 0 is already handled
*10266SQuaker.Fang@Sun.COM * by the caller; we always start at slot 1.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMampdu_rx_dispatch(struct ieee80211_rx_ampdu *rap, struct ieee80211_node *in)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	mblk_t *m;
*10266SQuaker.Fang@Sun.COM	int i;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* flush run of frames */
*10266SQuaker.Fang@Sun.COM	for (i = 1; i < rap->rxa_wnd; i++) {
*10266SQuaker.Fang@Sun.COM		m = rap->rxa_m[i];
*10266SQuaker.Fang@Sun.COM		if (m == NULL)
*10266SQuaker.Fang@Sun.COM			break;
*10266SQuaker.Fang@Sun.COM		rap->rxa_m[i] = NULL;
*10266SQuaker.Fang@Sun.COM		rap->rxa_qbytes -= MBLKL(m);
*10266SQuaker.Fang@Sun.COM		rap->rxa_qframes--;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM		ampdu_dispatch(in, m);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	/*
*10266SQuaker.Fang@Sun.COM	 * If frames remain, copy the mbuf pointers down so
*10266SQuaker.Fang@Sun.COM	 * they correspond to the offsets in the new window.
*10266SQuaker.Fang@Sun.COM	 */
*10266SQuaker.Fang@Sun.COM	if (rap->rxa_qframes != 0) {
*10266SQuaker.Fang@Sun.COM		int n = rap->rxa_qframes, j;
*10266SQuaker.Fang@Sun.COM		for (j = i+1; j < rap->rxa_wnd; j++) {
*10266SQuaker.Fang@Sun.COM			if (rap->rxa_m[j] != NULL) {
*10266SQuaker.Fang@Sun.COM				rap->rxa_m[j-i] = rap->rxa_m[j];
*10266SQuaker.Fang@Sun.COM				rap->rxa_m[j] = NULL;
*10266SQuaker.Fang@Sun.COM				if (--n == 0)
*10266SQuaker.Fang@Sun.COM					break;
*10266SQuaker.Fang@Sun.COM			}
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		ASSERT(n == 0);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	/*
*10266SQuaker.Fang@Sun.COM	 * Adjust the start of the BA window to
*10266SQuaker.Fang@Sun.COM	 * reflect the frames just dispatched.
*10266SQuaker.Fang@Sun.COM	 */
*10266SQuaker.Fang@Sun.COM	rap->rxa_start = IEEE80211_SEQ_ADD(rap->rxa_start, i);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM#ifdef IEEE80211_AMPDU_AGE
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Dispatch all frames in the A-MPDU re-order queue.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMampdu_rx_flush(struct ieee80211_node *in, struct ieee80211_rx_ampdu *rap)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	mblk_t *m;
*10266SQuaker.Fang@Sun.COM	int i;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ieee80211_dbg(IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM	    "ampdu_rx_flush(%d)\n",
*10266SQuaker.Fang@Sun.COM	    rap->rxa_wnd);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	for (i = 0; i < rap->rxa_wnd; i++) {
*10266SQuaker.Fang@Sun.COM		m = rap->rxa_m[i];
*10266SQuaker.Fang@Sun.COM		if (m == NULL)
*10266SQuaker.Fang@Sun.COM			continue;
*10266SQuaker.Fang@Sun.COM		rap->rxa_m[i] = NULL;
*10266SQuaker.Fang@Sun.COM		rap->rxa_qbytes -= MBLKL(m);
*10266SQuaker.Fang@Sun.COM		rap->rxa_qframes--;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM		ampdu_dispatch(in, m);
*10266SQuaker.Fang@Sun.COM		if (rap->rxa_qframes == 0)
*10266SQuaker.Fang@Sun.COM			break;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM#endif /* IEEE80211_AMPDU_AGE */
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Dispatch all frames in the A-MPDU re-order queue
*10266SQuaker.Fang@Sun.COM * preceding the specified sequence number.  This logic
*10266SQuaker.Fang@Sun.COM * handles window moves due to a received MSDU or BAR.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMampdu_rx_flush_upto(struct ieee80211_node *in,
*10266SQuaker.Fang@Sun.COM	struct ieee80211_rx_ampdu *rap, ieee80211_seq winstart)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	mblk_t *m;
*10266SQuaker.Fang@Sun.COM	ieee80211_seq seqno;
*10266SQuaker.Fang@Sun.COM	int i;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/*
*10266SQuaker.Fang@Sun.COM	 * Flush any complete MSDU's with a sequence number lower
*10266SQuaker.Fang@Sun.COM	 * than winstart.  Gaps may exist.  Note that we may actually
*10266SQuaker.Fang@Sun.COM	 * dispatch frames past winstart if a run continues; this is
*10266SQuaker.Fang@Sun.COM	 * an optimization that avoids having to do a separate pass
*10266SQuaker.Fang@Sun.COM	 * to dispatch frames after moving the BA window start.
*10266SQuaker.Fang@Sun.COM	 */
*10266SQuaker.Fang@Sun.COM	seqno = rap->rxa_start;
*10266SQuaker.Fang@Sun.COM	for (i = 0; i < rap->rxa_wnd; i++) {
*10266SQuaker.Fang@Sun.COM		m = rap->rxa_m[i];
*10266SQuaker.Fang@Sun.COM		if (m != NULL) {
*10266SQuaker.Fang@Sun.COM			rap->rxa_m[i] = NULL;
*10266SQuaker.Fang@Sun.COM			rap->rxa_qbytes -= MBLKL(m);
*10266SQuaker.Fang@Sun.COM			rap->rxa_qframes--;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			ampdu_dispatch(in, m);
*10266SQuaker.Fang@Sun.COM		} else {
*10266SQuaker.Fang@Sun.COM			if (!IEEE80211_SEQ_BA_BEFORE(seqno, winstart))
*10266SQuaker.Fang@Sun.COM				break;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		seqno = IEEE80211_SEQ_INC(seqno);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	/*
*10266SQuaker.Fang@Sun.COM	 * If frames remain, copy the mbuf pointers down so
*10266SQuaker.Fang@Sun.COM	 * they correspond to the offsets in the new window.
*10266SQuaker.Fang@Sun.COM	 */
*10266SQuaker.Fang@Sun.COM	if (rap->rxa_qframes != 0) {
*10266SQuaker.Fang@Sun.COM		int n = rap->rxa_qframes, j;
*10266SQuaker.Fang@Sun.COM		for (j = i+1; j < rap->rxa_wnd; j++) {
*10266SQuaker.Fang@Sun.COM			if (rap->rxa_m[j] != NULL) {
*10266SQuaker.Fang@Sun.COM				rap->rxa_m[j-i] = rap->rxa_m[j];
*10266SQuaker.Fang@Sun.COM				rap->rxa_m[j] = NULL;
*10266SQuaker.Fang@Sun.COM				if (--n == 0)
*10266SQuaker.Fang@Sun.COM					break;
*10266SQuaker.Fang@Sun.COM			}
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		if (n != 0) {
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "ampdu_rx_flush_upto(): "
*10266SQuaker.Fang@Sun.COM			    "lost %d frames, qframes %d off %d "
*10266SQuaker.Fang@Sun.COM			    "BA win <%d:%d> winstart %d\n",
*10266SQuaker.Fang@Sun.COM			    n, rap->rxa_qframes, i, rap->rxa_start,
*10266SQuaker.Fang@Sun.COM			    IEEE80211_SEQ_ADD(rap->rxa_start, rap->rxa_wnd-1),
*10266SQuaker.Fang@Sun.COM			    winstart);
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	/*
*10266SQuaker.Fang@Sun.COM	 * Move the start of the BA window; we use the
*10266SQuaker.Fang@Sun.COM	 * sequence number of the last MSDU that was
*10266SQuaker.Fang@Sun.COM	 * passed up the stack+1 or winstart if stopped on
*10266SQuaker.Fang@Sun.COM	 * a gap in the reorder buffer.
*10266SQuaker.Fang@Sun.COM	 */
*10266SQuaker.Fang@Sun.COM	rap->rxa_start = seqno;
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Process a received QoS data frame for an HT station.  Handle
*10266SQuaker.Fang@Sun.COM * A-MPDU reordering: if this frame is received out of order
*10266SQuaker.Fang@Sun.COM * and falls within the BA window hold onto it.  Otherwise if
*10266SQuaker.Fang@Sun.COM * this frame completes a run, flush any pending frames.  We
*10266SQuaker.Fang@Sun.COM * return 1 if the frame is consumed.  A 0 is returned if
*10266SQuaker.Fang@Sun.COM * the frame should be processed normally by the caller.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMint
*10266SQuaker.Fang@Sun.COMieee80211_ampdu_reorder(struct ieee80211_node *in, mblk_t *m)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM#define	IEEE80211_FC0_QOSDATA \
*10266SQuaker.Fang@Sun.COM	(IEEE80211_FC0_TYPE_DATA | IEEE80211_FC0_SUBTYPE_QOS | \
*10266SQuaker.Fang@Sun.COM	IEEE80211_FC0_VERSION_0)
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM#define	PROCESS		0	/* caller should process frame */
*10266SQuaker.Fang@Sun.COM#define	CONSUMED	1	/* frame consumed, caller does nothing */
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	struct ieee80211_qosframe *wh;
*10266SQuaker.Fang@Sun.COM	struct ieee80211_rx_ampdu *rap;
*10266SQuaker.Fang@Sun.COM	ieee80211_seq rxseq;
*10266SQuaker.Fang@Sun.COM	uint8_t tid;
*10266SQuaker.Fang@Sun.COM	int off;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ASSERT(in->in_flags & IEEE80211_NODE_HT);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* NB: m_len known to be sufficient */
*10266SQuaker.Fang@Sun.COM	wh = (struct ieee80211_qosframe *)m->b_rptr;
*10266SQuaker.Fang@Sun.COM	ASSERT(wh->i_fc[0] == IEEE80211_FC0_QOSDATA);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if ((wh->i_fc[1] & IEEE80211_FC1_DIR_MASK) == IEEE80211_FC1_DIR_DSTODS)
*10266SQuaker.Fang@Sun.COM		tid = ((struct ieee80211_qosframe_addr4 *)wh)->i_qos[0];
*10266SQuaker.Fang@Sun.COM	else
*10266SQuaker.Fang@Sun.COM		tid = wh->i_qos[0];
*10266SQuaker.Fang@Sun.COM	tid &= IEEE80211_QOS_TID;
*10266SQuaker.Fang@Sun.COM	rap = &in->in_rx_ampdu[tid];
*10266SQuaker.Fang@Sun.COM	if ((rap->rxa_flags & IEEE80211_AGGR_XCHGPEND) == 0) {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * No ADDBA request yet, don't touch.
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		return (PROCESS);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	rxseq = LE_16(*(uint16_t *)wh->i_seq) >> IEEE80211_SEQ_SEQ_SHIFT;
*10266SQuaker.Fang@Sun.COM	rap->rxa_nframes++;
*10266SQuaker.Fang@Sun.COMagain:
*10266SQuaker.Fang@Sun.COM	if (rxseq == rap->rxa_start) {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * First frame in window.
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		if (rap->rxa_qframes != 0) {
*10266SQuaker.Fang@Sun.COM			/*
*10266SQuaker.Fang@Sun.COM			 * Dispatch as many packets as we can.
*10266SQuaker.Fang@Sun.COM			 */
*10266SQuaker.Fang@Sun.COM			ASSERT(rap->rxa_m[0] == NULL);	/* [0] is m */
*10266SQuaker.Fang@Sun.COM			ampdu_dispatch(in, m);
*10266SQuaker.Fang@Sun.COM			ampdu_rx_dispatch(rap, in);
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "ieee80211_ampdu_reorder(%u), CONSUMED ...\n",
*10266SQuaker.Fang@Sun.COM			    rap->rxa_qframes);
*10266SQuaker.Fang@Sun.COM			return (CONSUMED);
*10266SQuaker.Fang@Sun.COM		} else {
*10266SQuaker.Fang@Sun.COM			/*
*10266SQuaker.Fang@Sun.COM			 * In order; advance window and notify
*10266SQuaker.Fang@Sun.COM			 * caller to dispatch directly.
*10266SQuaker.Fang@Sun.COM			 */
*10266SQuaker.Fang@Sun.COM			rap->rxa_start = IEEE80211_SEQ_INC(rxseq);
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "ieee80211_ampdu_reorder(%u), PROCESS ...\n",
*10266SQuaker.Fang@Sun.COM			    rap->rxa_start);
*10266SQuaker.Fang@Sun.COM			return (PROCESS);
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	ieee80211_dbg(IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM	    "ieee80211_ampdu_reorder(%u, %u), out of order ...\n",
*10266SQuaker.Fang@Sun.COM	    rxseq, rap->rxa_start);
*10266SQuaker.Fang@Sun.COM	/*
*10266SQuaker.Fang@Sun.COM	 * Frame is out of order; store if in the BA window.
*10266SQuaker.Fang@Sun.COM	 */
*10266SQuaker.Fang@Sun.COM	/* calculate offset in BA window */
*10266SQuaker.Fang@Sun.COM	off = IEEE80211_SEQ_SUB(rxseq, rap->rxa_start);
*10266SQuaker.Fang@Sun.COM	if (off < rap->rxa_wnd) {
*10266SQuaker.Fang@Sun.COM#ifdef IEEE80211_AMPDU_AGE
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * Common case (hopefully): in the BA window.
*10266SQuaker.Fang@Sun.COM		 * Sec 9.10.7.6 a) (D2.04 p.118 line 47)
*10266SQuaker.Fang@Sun.COM		 * --
*10266SQuaker.Fang@Sun.COM		 * Check for frames sitting too long in the reorder queue.
*10266SQuaker.Fang@Sun.COM		 * This should only ever happen if frames are not delivered
*10266SQuaker.Fang@Sun.COM		 * without the sender otherwise notifying us (e.g. with a
*10266SQuaker.Fang@Sun.COM		 * BAR to move the window).  Typically this happens because
*10266SQuaker.Fang@Sun.COM		 * of vendor bugs that cause the sequence number to jump.
*10266SQuaker.Fang@Sun.COM		 * When this happens we get a gap in the reorder queue that
*10266SQuaker.Fang@Sun.COM		 * leaves frame sitting on the queue until they get pushed
*10266SQuaker.Fang@Sun.COM		 * out due to window moves.  When the vendor does not send
*10266SQuaker.Fang@Sun.COM		 * BAR this move only happens due to explicit packet sends
*10266SQuaker.Fang@Sun.COM		 *
*10266SQuaker.Fang@Sun.COM		 * NB: we only track the time of the oldest frame in the
*10266SQuaker.Fang@Sun.COM		 * reorder q; this means that if we flush we might push
*10266SQuaker.Fang@Sun.COM		 * frames that still "new"; if this happens then subsequent
*10266SQuaker.Fang@Sun.COM		 * frames will result in BA window moves which cost something
*10266SQuaker.Fang@Sun.COM		 * but is still better than a big throughput dip.
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		clock_t ticks;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM		ticks = ddi_get_lbolt();
*10266SQuaker.Fang@Sun.COM		if (rap->rxa_qframes != 0) {
*10266SQuaker.Fang@Sun.COM			/* honor batimeout? */
*10266SQuaker.Fang@Sun.COM			if (ticks - rap->rxa_age > drv_usectohz(500*1000)) {
*10266SQuaker.Fang@Sun.COM				/*
*10266SQuaker.Fang@Sun.COM				 * Too long since we received the first
*10266SQuaker.Fang@Sun.COM				 * frame; flush the reorder buffer.
*10266SQuaker.Fang@Sun.COM				 */
*10266SQuaker.Fang@Sun.COM				if (rap->rxa_qframes != 0) {
*10266SQuaker.Fang@Sun.COM					ampdu_rx_flush(in, rap);
*10266SQuaker.Fang@Sun.COM				}
*10266SQuaker.Fang@Sun.COM				rap->rxa_start = IEEE80211_SEQ_INC(rxseq);
*10266SQuaker.Fang@Sun.COM				return (PROCESS);
*10266SQuaker.Fang@Sun.COM			}
*10266SQuaker.Fang@Sun.COM		} else {
*10266SQuaker.Fang@Sun.COM			/*
*10266SQuaker.Fang@Sun.COM			 * First frame, start aging timer.
*10266SQuaker.Fang@Sun.COM			 */
*10266SQuaker.Fang@Sun.COM			rap->rxa_age = ticks;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM#endif /* IEEE80211_AMPDU_AGE */
*10266SQuaker.Fang@Sun.COM		/* save packet */
*10266SQuaker.Fang@Sun.COM		if (rap->rxa_m[off] == NULL) {
*10266SQuaker.Fang@Sun.COM			rap->rxa_m[off] = m;
*10266SQuaker.Fang@Sun.COM			rap->rxa_qframes++;
*10266SQuaker.Fang@Sun.COM			rap->rxa_qbytes += MBLKL(m);
*10266SQuaker.Fang@Sun.COM		} else {
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_INPUT | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "a-mpdu duplicate "
*10266SQuaker.Fang@Sun.COM			    "seqno %u tid %u BA win <%u:%u>\n",
*10266SQuaker.Fang@Sun.COM			    rxseq, tid, rap->rxa_start,
*10266SQuaker.Fang@Sun.COM			    IEEE80211_SEQ_ADD(rap->rxa_start,
*10266SQuaker.Fang@Sun.COM			    rap->rxa_wnd - 1));
*10266SQuaker.Fang@Sun.COM			freemsg(m);
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		return (CONSUMED);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	if (off < IEEE80211_SEQ_BA_RANGE) {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * Outside the BA window, but within range;
*10266SQuaker.Fang@Sun.COM		 * flush the reorder q and move the window.
*10266SQuaker.Fang@Sun.COM		 * Sec 9.10.7.6 b) (D2.04 p.118 line 60)
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM		    "move BA win <%u:%u> (%u frames) rxseq %u tid %u\n",
*10266SQuaker.Fang@Sun.COM		    rap->rxa_start,
*10266SQuaker.Fang@Sun.COM		    IEEE80211_SEQ_ADD(rap->rxa_start, rap->rxa_wnd - 1),
*10266SQuaker.Fang@Sun.COM		    rap->rxa_qframes, rxseq, tid);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * The spec says to flush frames up to but not including:
*10266SQuaker.Fang@Sun.COM		 * 	WinStart_B = rxseq - rap->rxa_wnd + 1
*10266SQuaker.Fang@Sun.COM		 * Then insert the frame or notify the caller to process
*10266SQuaker.Fang@Sun.COM		 * it immediately.  We can safely do this by just starting
*10266SQuaker.Fang@Sun.COM		 * over again because we know the frame will now be within
*10266SQuaker.Fang@Sun.COM		 * the BA window.
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		/* NB: rxa_wnd known to be >0 */
*10266SQuaker.Fang@Sun.COM		ampdu_rx_flush_upto(in, rap,
*10266SQuaker.Fang@Sun.COM		    IEEE80211_SEQ_SUB(rxseq, rap->rxa_wnd-1));
*10266SQuaker.Fang@Sun.COM		goto again;
*10266SQuaker.Fang@Sun.COM	} else {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * Outside the BA window and out of range; toss.
*10266SQuaker.Fang@Sun.COM		 * Sec 9.10.7.6 c) (D2.04 p.119 line 16)
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_HT, "MSDU"
*10266SQuaker.Fang@Sun.COM		    "BA win <%u:%u> (%u frames) rxseq %u tid %u%s\n",
*10266SQuaker.Fang@Sun.COM		    rap->rxa_start,
*10266SQuaker.Fang@Sun.COM		    IEEE80211_SEQ_ADD(rap->rxa_start, rap->rxa_wnd-1),
*10266SQuaker.Fang@Sun.COM		    rap->rxa_qframes, rxseq, tid,
*10266SQuaker.Fang@Sun.COM		    wh->i_fc[1] & IEEE80211_FC1_RETRY ? " (retransmit)" : "");
*10266SQuaker.Fang@Sun.COM		freemsg(m);
*10266SQuaker.Fang@Sun.COM		return (CONSUMED);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM#undef CONSUMED
*10266SQuaker.Fang@Sun.COM#undef PROCESS
*10266SQuaker.Fang@Sun.COM#undef IEEE80211_FC0_QOSDATA
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Process a BAR ctl frame.  Dispatch all frames up to
*10266SQuaker.Fang@Sun.COM * the sequence number of the frame.  If this frame is
*10266SQuaker.Fang@Sun.COM * out of range it's discarded.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_recv_bar(struct ieee80211_node *in, mblk_t *m0)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211_frame_bar *wh;
*10266SQuaker.Fang@Sun.COM	struct ieee80211_rx_ampdu *rap;
*10266SQuaker.Fang@Sun.COM	ieee80211_seq rxseq;
*10266SQuaker.Fang@Sun.COM	int tid, off;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	wh = (struct ieee80211_frame_bar *)m0->b_rptr;
*10266SQuaker.Fang@Sun.COM	/* check basic BAR */
*10266SQuaker.Fang@Sun.COM	tid = MS(LE_16(wh->i_ctl), IEEE80211_BAR_TID);
*10266SQuaker.Fang@Sun.COM	rap = &in->in_rx_ampdu[tid];
*10266SQuaker.Fang@Sun.COM	if ((rap->rxa_flags & IEEE80211_AGGR_XCHGPEND) == 0) {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * No ADDBA request yet, don't touch.
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_INPUT | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM		    "BAR no BA stream, tid %u\n", tid);
*10266SQuaker.Fang@Sun.COM		return;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	rxseq = LE_16(wh->i_seq) >> IEEE80211_SEQ_SEQ_SHIFT;
*10266SQuaker.Fang@Sun.COM	if (rxseq == rap->rxa_start)
*10266SQuaker.Fang@Sun.COM		return;
*10266SQuaker.Fang@Sun.COM	/* calculate offset in BA window */
*10266SQuaker.Fang@Sun.COM	off = IEEE80211_SEQ_SUB(rxseq, rap->rxa_start);
*10266SQuaker.Fang@Sun.COM	if (off < IEEE80211_SEQ_BA_RANGE) {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * Flush the reorder q up to rxseq and move the window.
*10266SQuaker.Fang@Sun.COM		 * Sec 9.10.7.6 a) (D2.04 p.119 line 22)
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM		    "BAR moves BA win <%u:%u> (%u frames) rxseq %u tid %u\n",
*10266SQuaker.Fang@Sun.COM		    rap->rxa_start,
*10266SQuaker.Fang@Sun.COM		    IEEE80211_SEQ_ADD(rap->rxa_start, rap->rxa_wnd-1),
*10266SQuaker.Fang@Sun.COM		    rap->rxa_qframes, rxseq, tid);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM		ampdu_rx_flush_upto(in, rap, rxseq);
*10266SQuaker.Fang@Sun.COM		if (off >= rap->rxa_wnd) {
*10266SQuaker.Fang@Sun.COM			/*
*10266SQuaker.Fang@Sun.COM			 * BAR specifies a window start to the right of BA
*10266SQuaker.Fang@Sun.COM			 * window; we must move it explicitly since
*10266SQuaker.Fang@Sun.COM			 * ampdu_rx_flush_upto will not.
*10266SQuaker.Fang@Sun.COM			 */
*10266SQuaker.Fang@Sun.COM			rap->rxa_start = rxseq;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM	} else {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * Out of range; toss.
*10266SQuaker.Fang@Sun.COM		 * Sec 9.10.7.6 b) (D2.04 p.119 line 41)
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_HT, "BAR "
*10266SQuaker.Fang@Sun.COM		    "BA win <%u:%u> (%u frames) rxseq %u tid %u%s\n",
*10266SQuaker.Fang@Sun.COM		    rap->rxa_start,
*10266SQuaker.Fang@Sun.COM		    IEEE80211_SEQ_ADD(rap->rxa_start, rap->rxa_wnd-1),
*10266SQuaker.Fang@Sun.COM		    rap->rxa_qframes, rxseq, tid,
*10266SQuaker.Fang@Sun.COM		    wh->i_fc[1] & IEEE80211_FC1_RETRY ? " (retransmit)" : "");
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Setup HT-specific state in a node.  Called only
*10266SQuaker.Fang@Sun.COM * when HT use is negotiated so we don't do extra
*10266SQuaker.Fang@Sun.COM * work for temporary and/or legacy sta's.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_ht_node_init(struct ieee80211_node *in, const uint8_t *htcap)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211_tx_ampdu *tap;
*10266SQuaker.Fang@Sun.COM	int ac;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if (in->in_flags & IEEE80211_NODE_HT) {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * Clean AMPDU state on re-associate.  This handles the case
*10266SQuaker.Fang@Sun.COM		 * where a station leaves w/o notifying us and then returns
*10266SQuaker.Fang@Sun.COM		 * before node is reaped for inactivity.
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		ieee80211_ht_node_cleanup(in);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	ieee80211_parse_htcap(in, htcap);
*10266SQuaker.Fang@Sun.COM	for (ac = 0; ac < WME_NUM_AC; ac++) {
*10266SQuaker.Fang@Sun.COM		tap = &in->in_tx_ampdu[ac];
*10266SQuaker.Fang@Sun.COM		tap->txa_ac = (uint8_t)ac;
*10266SQuaker.Fang@Sun.COM		/* NB: further initialization deferred */
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	in->in_flags |= IEEE80211_NODE_HT | IEEE80211_NODE_AMPDU;
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Cleanup HT-specific state in a node.  Called only
*10266SQuaker.Fang@Sun.COM * when HT use has been marked.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_ht_node_cleanup(struct ieee80211_node *in)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM	int i;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ASSERT(in->in_flags & IEEE80211_NODE_HT);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* optimize this */
*10266SQuaker.Fang@Sun.COM	for (i = 0; i < WME_NUM_AC; i++) {
*10266SQuaker.Fang@Sun.COM		struct ieee80211_tx_ampdu *tap = &in->in_tx_ampdu[i];
*10266SQuaker.Fang@Sun.COM		if (tap->txa_flags & IEEE80211_AGGR_SETUP) {
*10266SQuaker.Fang@Sun.COM			/*
*10266SQuaker.Fang@Sun.COM			 * Stop BA stream if setup so driver has a chance
*10266SQuaker.Fang@Sun.COM			 * to reclaim any resources it might have allocated.
*10266SQuaker.Fang@Sun.COM			 */
*10266SQuaker.Fang@Sun.COM			ic->ic_addba_stop(in, &in->in_tx_ampdu[i]);
*10266SQuaker.Fang@Sun.COM			/* IEEE80211_TAPQ_DESTROY(tap); */
*10266SQuaker.Fang@Sun.COM			/* NB: clearing NAK means we may re-send ADDBA */
*10266SQuaker.Fang@Sun.COM			tap->txa_flags &=
*10266SQuaker.Fang@Sun.COM			    ~(IEEE80211_AGGR_SETUP | IEEE80211_AGGR_NAK);
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	for (i = 0; i < WME_NUM_TID; i++)
*10266SQuaker.Fang@Sun.COM		ampdu_rx_stop(&in->in_rx_ampdu[i]);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	in->in_htcap = 0;
*10266SQuaker.Fang@Sun.COM	in->in_flags &= ~(IEEE80211_NODE_HT | IEEE80211_NODE_HTCOMPAT |
*10266SQuaker.Fang@Sun.COM	    IEEE80211_NODE_AMPDU);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COMstatic struct ieee80211_channel *
*10266SQuaker.Fang@Sun.COMfindhtchan(struct ieee80211com *ic, struct ieee80211_channel *c, int htflags)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	return ieee80211_find_channel(ic, c->ich_freq,
*10266SQuaker.Fang@Sun.COM	    (c->ich_flags &~ IEEE80211_CHAN_HT) | htflags);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Adjust a channel to be HT/non-HT according to the vap's configuration.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstruct ieee80211_channel *
*10266SQuaker.Fang@Sun.COMieee80211_ht_adjust_channel(struct ieee80211com *ic,
*10266SQuaker.Fang@Sun.COM	struct ieee80211_channel *chan, int flags)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211_channel *c;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if (flags & IEEE80211_FEXT_HT) {
*10266SQuaker.Fang@Sun.COM		/* promote to HT if possible */
*10266SQuaker.Fang@Sun.COM		if (flags & IEEE80211_FEXT_USEHT40) {
*10266SQuaker.Fang@Sun.COM			if (!IEEE80211_IS_CHAN_HT40(chan)) {
*10266SQuaker.Fang@Sun.COM				/* NB: arbitrarily pick ht40+ over ht40- */
*10266SQuaker.Fang@Sun.COM				c = findhtchan(ic, chan, IEEE80211_CHAN_HT40U);
*10266SQuaker.Fang@Sun.COM				if (c == NULL)
*10266SQuaker.Fang@Sun.COM					c = findhtchan(ic, chan,
*10266SQuaker.Fang@Sun.COM					    IEEE80211_CHAN_HT40D);
*10266SQuaker.Fang@Sun.COM				if (c == NULL)
*10266SQuaker.Fang@Sun.COM					c = findhtchan(ic, chan,
*10266SQuaker.Fang@Sun.COM					    IEEE80211_CHAN_HT20);
*10266SQuaker.Fang@Sun.COM				if (c != NULL)
*10266SQuaker.Fang@Sun.COM					chan = c;
*10266SQuaker.Fang@Sun.COM			}
*10266SQuaker.Fang@Sun.COM		} else if (!IEEE80211_IS_CHAN_HT20(chan)) {
*10266SQuaker.Fang@Sun.COM			c = findhtchan(ic, chan, IEEE80211_CHAN_HT20);
*10266SQuaker.Fang@Sun.COM			if (c != NULL)
*10266SQuaker.Fang@Sun.COM				chan = c;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM	} else if (IEEE80211_IS_CHAN_HT(chan)) {
*10266SQuaker.Fang@Sun.COM		/* demote to legacy, HT use is disabled */
*10266SQuaker.Fang@Sun.COM		c = ieee80211_find_channel(ic, chan->ich_freq,
*10266SQuaker.Fang@Sun.COM		    chan->ich_flags &~ IEEE80211_CHAN_HT);
*10266SQuaker.Fang@Sun.COM		if (c != NULL)
*10266SQuaker.Fang@Sun.COM			chan = c;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	return (chan);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Setup HT-specific state for a legacy WDS peer.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_ht_wds_init(struct ieee80211_node *in)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM	struct ieee80211_tx_ampdu *tap;
*10266SQuaker.Fang@Sun.COM	int ac;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ASSERT(ic->ic_flags_ext & IEEE80211_FEXT_HT);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* check scan cache in case peer has an ap and we have info */
*10266SQuaker.Fang@Sun.COM	/*
*10266SQuaker.Fang@Sun.COM	 * If setup with a legacy channel; locate an HT channel.
*10266SQuaker.Fang@Sun.COM	 * Otherwise if the inherited channel (from a companion
*10266SQuaker.Fang@Sun.COM	 * AP) is suitable use it so we use the same location
*10266SQuaker.Fang@Sun.COM	 * for the extension channel).
*10266SQuaker.Fang@Sun.COM	 */
*10266SQuaker.Fang@Sun.COM	in->in_chan = ieee80211_ht_adjust_channel(ic, in->in_chan,
*10266SQuaker.Fang@Sun.COM	    ic->ic_flags_ext);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	in->in_htcap = 0;
*10266SQuaker.Fang@Sun.COM	if (ic->ic_flags_ext & IEEE80211_FEXT_SHORTGI20)
*10266SQuaker.Fang@Sun.COM		in->in_htcap |= IEEE80211_HTCAP_SHORTGI20;
*10266SQuaker.Fang@Sun.COM	if (IEEE80211_IS_CHAN_HT40(in->in_chan)) {
*10266SQuaker.Fang@Sun.COM		in->in_htcap |= IEEE80211_HTCAP_CHWIDTH40;
*10266SQuaker.Fang@Sun.COM		in->in_chw = 40;
*10266SQuaker.Fang@Sun.COM		if (IEEE80211_IS_CHAN_HT40U(in->in_chan))
*10266SQuaker.Fang@Sun.COM			in->in_ht2ndchan = IEEE80211_HTINFO_2NDCHAN_ABOVE;
*10266SQuaker.Fang@Sun.COM		else if (IEEE80211_IS_CHAN_HT40D(in->in_chan))
*10266SQuaker.Fang@Sun.COM			in->in_ht2ndchan = IEEE80211_HTINFO_2NDCHAN_BELOW;
*10266SQuaker.Fang@Sun.COM		if (ic->ic_flags_ext & IEEE80211_FEXT_SHORTGI40)
*10266SQuaker.Fang@Sun.COM			in->in_htcap |= IEEE80211_HTCAP_SHORTGI40;
*10266SQuaker.Fang@Sun.COM	} else {
*10266SQuaker.Fang@Sun.COM		in->in_chw = 20;
*10266SQuaker.Fang@Sun.COM		in->in_ht2ndchan = IEEE80211_HTINFO_2NDCHAN_NONE;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	in->in_htctlchan = ieee80211_chan2ieee(ic, in->in_chan);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	in->in_htopmode = 0;		/* need protection state */
*10266SQuaker.Fang@Sun.COM	in->in_htstbc = 0;		/* need info */
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	for (ac = 0; ac < WME_NUM_AC; ac++) {
*10266SQuaker.Fang@Sun.COM		tap = &in->in_tx_ampdu[ac];
*10266SQuaker.Fang@Sun.COM		tap->txa_ac = (uint8_t)ac;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	/* NB: AMPDU tx/rx governed by IEEE80211_FEXT_AMPDU_{TX,RX} */
*10266SQuaker.Fang@Sun.COM	in->in_flags |= IEEE80211_NODE_HT | IEEE80211_NODE_AMPDU;
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Notify hostap vaps of a change in the HTINFO ie.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMhtinfo_notify(struct ieee80211com *ic)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	if (ic->ic_opmode != IEEE80211_M_HOSTAP)
*10266SQuaker.Fang@Sun.COM		return;
*10266SQuaker.Fang@Sun.COM	ieee80211_dbg(IEEE80211_MSG_ASSOC | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM	    "HT bss occupancy change: %d sta, %d ht, "
*10266SQuaker.Fang@Sun.COM	    "%d ht40%s, HT protmode now 0x%x\n",
*10266SQuaker.Fang@Sun.COM	    ic->ic_sta_assoc,
*10266SQuaker.Fang@Sun.COM	    ic->ic_ht_sta_assoc,
*10266SQuaker.Fang@Sun.COM	    ic->ic_ht40_sta_assoc,
*10266SQuaker.Fang@Sun.COM	    (ic->ic_flags_ext & IEEE80211_FEXT_NONHT_PR) ?
*10266SQuaker.Fang@Sun.COM	    ", non-HT sta present" : "",
*10266SQuaker.Fang@Sun.COM	    ic->ic_curhtprotmode);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Calculate HT protection mode from current
*10266SQuaker.Fang@Sun.COM * state and handle updates.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMhtinfo_update(struct ieee80211com *ic)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	uint8_t protmode;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if (ic->ic_flags_ext & IEEE80211_FEXT_NONHT_PR) {
*10266SQuaker.Fang@Sun.COM		protmode = IEEE80211_HTINFO_OPMODE_PROTOPT
*10266SQuaker.Fang@Sun.COM		    | IEEE80211_HTINFO_NONHT_PRESENT;
*10266SQuaker.Fang@Sun.COM	} else if (ic->ic_sta_assoc != ic->ic_ht_sta_assoc) {
*10266SQuaker.Fang@Sun.COM		protmode = IEEE80211_HTINFO_OPMODE_MIXED
*10266SQuaker.Fang@Sun.COM		    | IEEE80211_HTINFO_NONHT_PRESENT;
*10266SQuaker.Fang@Sun.COM	} else if (IEEE80211_IS_CHAN_HT40(ic->ic_curchan) &&
*10266SQuaker.Fang@Sun.COM	    ic->ic_sta_assoc != ic->ic_ht40_sta_assoc) {
*10266SQuaker.Fang@Sun.COM		protmode = IEEE80211_HTINFO_OPMODE_HT20PR;
*10266SQuaker.Fang@Sun.COM	} else {
*10266SQuaker.Fang@Sun.COM		protmode = IEEE80211_HTINFO_OPMODE_PURE;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	if (protmode != ic->ic_curhtprotmode) {
*10266SQuaker.Fang@Sun.COM		ic->ic_curhtprotmode = protmode;
*10266SQuaker.Fang@Sun.COM		htinfo_notify(ic);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Handle an HT station joining a BSS.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_ht_node_join(struct ieee80211_node *in)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	IEEE80211_LOCK_ASSERT(ic);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if (in->in_flags & IEEE80211_NODE_HT) {
*10266SQuaker.Fang@Sun.COM		ic->ic_ht_sta_assoc++;
*10266SQuaker.Fang@Sun.COM		if (in->in_chw == 40)
*10266SQuaker.Fang@Sun.COM			ic->ic_ht40_sta_assoc++;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	htinfo_update(ic);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Handle an HT station leaving a BSS.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_ht_node_leave(struct ieee80211_node *in)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	IEEE80211_LOCK_ASSERT(ic);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if (in->in_flags & IEEE80211_NODE_HT) {
*10266SQuaker.Fang@Sun.COM		ic->ic_ht_sta_assoc--;
*10266SQuaker.Fang@Sun.COM		if (in->in_chw == 40)
*10266SQuaker.Fang@Sun.COM			ic->ic_ht40_sta_assoc--;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	htinfo_update(ic);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Public version of htinfo_update; used for processing
*10266SQuaker.Fang@Sun.COM * beacon frames from overlapping bss in hostap_recv_mgmt.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_htinfo_update(struct ieee80211com *ic, int protmode)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	if (protmode != ic->ic_curhtprotmode) {
*10266SQuaker.Fang@Sun.COM		ic->ic_curhtprotmode = (uint8_t)protmode;
*10266SQuaker.Fang@Sun.COM		htinfo_notify(ic);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/* unalligned little endian access */
*10266SQuaker.Fang@Sun.COM#define	LE_READ_2(p)					\
*10266SQuaker.Fang@Sun.COM	((uint16_t)					\
*10266SQuaker.Fang@Sun.COM	((((const uint8_t *)(p))[0]) |			\
*10266SQuaker.Fang@Sun.COM	(((const uint8_t *)(p))[1] <<  8)))
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Process an 802.11n HT capabilities ie.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_parse_htcap(struct ieee80211_node *in, const uint8_t *ie)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if (ie[0] == IEEE80211_ELEMID_VENDOR) {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * Station used Vendor OUI ie to associate;
*10266SQuaker.Fang@Sun.COM		 * mark the node so when we respond we'll use
*10266SQuaker.Fang@Sun.COM		 * the Vendor OUI's and not the standard ie's.
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		in->in_flags |= IEEE80211_NODE_HTCOMPAT;
*10266SQuaker.Fang@Sun.COM		ie += 4;
*10266SQuaker.Fang@Sun.COM	} else
*10266SQuaker.Fang@Sun.COM		in->in_flags &= ~IEEE80211_NODE_HTCOMPAT;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	in->in_htcap = *(uint16_t *)(ie +
*10266SQuaker.Fang@Sun.COM	    offsetof(struct ieee80211_ie_htcap, hc_cap));
*10266SQuaker.Fang@Sun.COM	in->in_htparam = ie[offsetof(struct ieee80211_ie_htcap, hc_param)];
*10266SQuaker.Fang@Sun.COM	/* needed or will ieee80211_parse_htinfo always be called? */
*10266SQuaker.Fang@Sun.COM	in->in_chw = (in->in_htcap & IEEE80211_HTCAP_CHWIDTH40) &&
*10266SQuaker.Fang@Sun.COM	    (ic->ic_flags_ext & IEEE80211_FEXT_USEHT40) ? 40 : 20;
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Process an 802.11n HT info ie and update the node state.
*10266SQuaker.Fang@Sun.COM * Note that we handle use this information to identify the
*10266SQuaker.Fang@Sun.COM * correct channel (HT20, HT40+, HT40-, legacy).  The caller
*10266SQuaker.Fang@Sun.COM * is responsible for insuring any required channel change is
*10266SQuaker.Fang@Sun.COM * done (e.g. in sta mode when parsing the contents of a
*10266SQuaker.Fang@Sun.COM * beacon frame).
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_parse_htinfo(struct ieee80211_node *in, const uint8_t *ie)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM	const struct ieee80211_ie_htinfo *htinfo;
*10266SQuaker.Fang@Sun.COM	struct ieee80211_channel *c;
*10266SQuaker.Fang@Sun.COM	uint16_t w;
*10266SQuaker.Fang@Sun.COM	int htflags, chanflags;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if (ie[0] == IEEE80211_ELEMID_VENDOR)
*10266SQuaker.Fang@Sun.COM		ie += 4;
*10266SQuaker.Fang@Sun.COM	htinfo = (const struct ieee80211_ie_htinfo *)ie;
*10266SQuaker.Fang@Sun.COM	in->in_htctlchan = htinfo->hi_ctrlchannel;
*10266SQuaker.Fang@Sun.COM	in->in_ht2ndchan = SM(htinfo->hi_byte1, IEEE80211_HTINFO_2NDCHAN);
*10266SQuaker.Fang@Sun.COM	w = *(uint16_t *)(&htinfo->hi_byte2);
*10266SQuaker.Fang@Sun.COM	in->in_htopmode = SM(w, IEEE80211_HTINFO_OPMODE);
*10266SQuaker.Fang@Sun.COM	w = *(uint16_t *)(&htinfo->hi_byte45);
*10266SQuaker.Fang@Sun.COM	in->in_htstbc = SM(w, IEEE80211_HTINFO_BASIC_STBCMCS);
*10266SQuaker.Fang@Sun.COM	/*
*10266SQuaker.Fang@Sun.COM	 * Handle 11n channel switch.  Use the received HT ie's to
*10266SQuaker.Fang@Sun.COM	 * identify the right channel to use.  If we cannot locate it
*10266SQuaker.Fang@Sun.COM	 * in the channel table then fallback to legacy operation.
*10266SQuaker.Fang@Sun.COM	 */
*10266SQuaker.Fang@Sun.COM	htflags = (ic->ic_flags_ext & IEEE80211_FEXT_HT) ?
*10266SQuaker.Fang@Sun.COM	    IEEE80211_CHAN_HT20 : 0;
*10266SQuaker.Fang@Sun.COM	/* NB: honor operating mode constraint */
*10266SQuaker.Fang@Sun.COM	if ((htinfo->hi_byte1 & IEEE80211_HTINFO_TXWIDTH_2040) &&
*10266SQuaker.Fang@Sun.COM	    (ic->ic_flags_ext & IEEE80211_FEXT_USEHT40)) {
*10266SQuaker.Fang@Sun.COM		if (in->in_ht2ndchan == IEEE80211_HTINFO_2NDCHAN_ABOVE)
*10266SQuaker.Fang@Sun.COM			htflags = IEEE80211_CHAN_HT40U;
*10266SQuaker.Fang@Sun.COM		else if (in->in_ht2ndchan == IEEE80211_HTINFO_2NDCHAN_BELOW)
*10266SQuaker.Fang@Sun.COM			htflags = IEEE80211_CHAN_HT40D;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	chanflags = (in->in_chan->ich_flags &~ IEEE80211_CHAN_HT) | htflags;
*10266SQuaker.Fang@Sun.COM	if (chanflags != in->in_chan->ich_flags) {
*10266SQuaker.Fang@Sun.COM		c = ieee80211_find_channel(ic,
*10266SQuaker.Fang@Sun.COM		    in->in_chan->ich_freq, chanflags);
*10266SQuaker.Fang@Sun.COM		if (c == NULL && htflags != IEEE80211_CHAN_HT20) {
*10266SQuaker.Fang@Sun.COM			/*
*10266SQuaker.Fang@Sun.COM			 * No HT40 channel entry in our table; fall back
*10266SQuaker.Fang@Sun.COM			 * to HT20 operation.  This should not happen.
*10266SQuaker.Fang@Sun.COM			 */
*10266SQuaker.Fang@Sun.COM			c = findhtchan(ic, in->in_chan, IEEE80211_CHAN_HT20);
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ASSOC | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "no HT40 channel (freq %u), falling back to HT20\n",
*10266SQuaker.Fang@Sun.COM			    in->in_chan->ich_freq);
*10266SQuaker.Fang@Sun.COM			/* stat */
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		if (c != NULL && c != in->in_chan) {
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ASSOC | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "switch station to HT%d channel %u/0x%x\n",
*10266SQuaker.Fang@Sun.COM			    IEEE80211_IS_CHAN_HT40(c) ? 40 : 20,
*10266SQuaker.Fang@Sun.COM			    c->ich_freq, c->ich_flags);
*10266SQuaker.Fang@Sun.COM			in->in_chan = c;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		/* NB: caller responsible for forcing any channel change */
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	/* update node's tx channel width */
*10266SQuaker.Fang@Sun.COM	in->in_chw = IEEE80211_IS_CHAN_HT40(in->in_chan)? 40 : 20;
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Install received HT rate set by parsing the HT cap ie.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMint
*10266SQuaker.Fang@Sun.COMieee80211_setup_htrates(struct ieee80211_node *in, const uint8_t *ie, int flags)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	const struct ieee80211_ie_htcap *htcap;
*10266SQuaker.Fang@Sun.COM	struct ieee80211_htrateset *rs;
*10266SQuaker.Fang@Sun.COM	int i;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	rs = &in->in_htrates;
*10266SQuaker.Fang@Sun.COM	(void) memset(rs, 0, sizeof (*rs));
*10266SQuaker.Fang@Sun.COM	if (ie != NULL) {
*10266SQuaker.Fang@Sun.COM		if (ie[0] == IEEE80211_ELEMID_VENDOR)
*10266SQuaker.Fang@Sun.COM			ie += 4;
*10266SQuaker.Fang@Sun.COM		htcap = (const struct ieee80211_ie_htcap *) ie;
*10266SQuaker.Fang@Sun.COM		for (i = 0; i < IEEE80211_HTRATE_MAXSIZE; i++) {
*10266SQuaker.Fang@Sun.COM			if (ieee80211_isclr(htcap->hc_mcsset, i))
*10266SQuaker.Fang@Sun.COM				continue;
*10266SQuaker.Fang@Sun.COM			if (rs->rs_nrates == IEEE80211_HTRATE_MAXSIZE) {
*10266SQuaker.Fang@Sun.COM				ieee80211_dbg(
*10266SQuaker.Fang@Sun.COM				    IEEE80211_MSG_XRATE | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM				    "WARNING, HT rate set too large; only "
*10266SQuaker.Fang@Sun.COM				    "using %u rates\n",
*10266SQuaker.Fang@Sun.COM				    IEEE80211_HTRATE_MAXSIZE);
*10266SQuaker.Fang@Sun.COM				break;
*10266SQuaker.Fang@Sun.COM			}
*10266SQuaker.Fang@Sun.COM			rs->rs_rates[rs->rs_nrates++] = (uint8_t)i;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	return (ieee80211_fix_rate(in, (struct ieee80211_rateset *)rs, flags));
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Mark rates in a node's HT rate set as basic according
*10266SQuaker.Fang@Sun.COM * to the information in the supplied HT info ie.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_setup_basic_htrates(struct ieee80211_node *in, const uint8_t *ie)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	const struct ieee80211_ie_htinfo *htinfo;
*10266SQuaker.Fang@Sun.COM	struct ieee80211_htrateset *rs;
*10266SQuaker.Fang@Sun.COM	int i, j;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if (ie[0] == IEEE80211_ELEMID_VENDOR)
*10266SQuaker.Fang@Sun.COM		ie += 4;
*10266SQuaker.Fang@Sun.COM	htinfo = (const struct ieee80211_ie_htinfo *) ie;
*10266SQuaker.Fang@Sun.COM	rs = &in->in_htrates;
*10266SQuaker.Fang@Sun.COM	if (rs->rs_nrates == 0) {
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_XRATE | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM		    "WARNING, empty HT rate set\n");
*10266SQuaker.Fang@Sun.COM		return;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	for (i = 0; i < IEEE80211_HTRATE_MAXSIZE; i++) {
*10266SQuaker.Fang@Sun.COM		if (ieee80211_isclr(htinfo->hi_basicmcsset, i))
*10266SQuaker.Fang@Sun.COM			continue;
*10266SQuaker.Fang@Sun.COM		for (j = 0; j < rs->rs_nrates; j++)
*10266SQuaker.Fang@Sun.COM			if ((rs->rs_rates[j] & IEEE80211_RATE_VAL) == i)
*10266SQuaker.Fang@Sun.COM				rs->rs_rates[j] |= IEEE80211_RATE_BASIC;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMaddba_timeout(void *arg)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211_tx_ampdu *tap = arg;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	tap->txa_flags &= ~IEEE80211_AGGR_XCHGPEND;
*10266SQuaker.Fang@Sun.COM	tap->txa_attempts++;
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMaddba_start_timeout(struct ieee80211_tx_ampdu *tap)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	tap->txa_timer = timeout(addba_timeout, (void *)tap,
*10266SQuaker.Fang@Sun.COM	    drv_usectohz(IEEE80211_AGGR_TIMEOUT * 1000));
*10266SQuaker.Fang@Sun.COM	tap->txa_flags |= IEEE80211_AGGR_XCHGPEND;
*10266SQuaker.Fang@Sun.COM	tap->txa_lastrequest = ddi_get_lbolt();
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMaddba_stop_timeout(struct ieee80211_tx_ampdu *tap)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	if (tap->txa_flags & IEEE80211_AGGR_XCHGPEND) {
*10266SQuaker.Fang@Sun.COM		if (tap->txa_timer != NULL) {
*10266SQuaker.Fang@Sun.COM			(void) untimeout(tap->txa_timer);
*10266SQuaker.Fang@Sun.COM			tap->txa_timer = NULL;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		tap->txa_flags &= ~IEEE80211_AGGR_XCHGPEND;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Default method for requesting A-MPDU tx aggregation.
*10266SQuaker.Fang@Sun.COM * We setup the specified state block and start a timer
*10266SQuaker.Fang@Sun.COM * to wait for an ADDBA response frame.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COM/* ARGSUSED */
*10266SQuaker.Fang@Sun.COMstatic int
*10266SQuaker.Fang@Sun.COMieee80211_addba_request(struct ieee80211_node *in,
*10266SQuaker.Fang@Sun.COM    struct ieee80211_tx_ampdu *tap,
*10266SQuaker.Fang@Sun.COM    int dialogtoken, int baparamset, int batimeout)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	int bufsiz;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	tap->txa_token = (uint8_t)dialogtoken;
*10266SQuaker.Fang@Sun.COM	tap->txa_flags |= IEEE80211_AGGR_IMMEDIATE;
*10266SQuaker.Fang@Sun.COM	tap->txa_start = tap->txa_seqstart = 0;
*10266SQuaker.Fang@Sun.COM	bufsiz = MS(baparamset, IEEE80211_BAPS_BUFSIZ);
*10266SQuaker.Fang@Sun.COM	tap->txa_wnd = (bufsiz == 0) ? IEEE80211_AGGR_BAWMAX
*10266SQuaker.Fang@Sun.COM	    : min((uint16_t)bufsiz, IEEE80211_AGGR_BAWMAX);
*10266SQuaker.Fang@Sun.COM	addba_start_timeout(tap);
*10266SQuaker.Fang@Sun.COM	return (1);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Default method for processing an A-MPDU tx aggregation
*10266SQuaker.Fang@Sun.COM * response.  We shutdown any pending timer and update the
*10266SQuaker.Fang@Sun.COM * state block according to the reply.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COM/* ARGSUSED */
*10266SQuaker.Fang@Sun.COMstatic int
*10266SQuaker.Fang@Sun.COMieee80211_addba_response(struct ieee80211_node *in,
*10266SQuaker.Fang@Sun.COM    struct ieee80211_tx_ampdu *tap,
*10266SQuaker.Fang@Sun.COM    int status, int baparamset, int batimeout)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	int bufsiz;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	addba_stop_timeout(tap);
*10266SQuaker.Fang@Sun.COM	if (status == IEEE80211_STATUS_SUCCESS) {
*10266SQuaker.Fang@Sun.COM		bufsiz = MS(baparamset, IEEE80211_BAPS_BUFSIZ);
*10266SQuaker.Fang@Sun.COM		/* override our request? */
*10266SQuaker.Fang@Sun.COM		tap->txa_wnd = (bufsiz == 0) ? IEEE80211_AGGR_BAWMAX
*10266SQuaker.Fang@Sun.COM		    : min((uint16_t)bufsiz, IEEE80211_AGGR_BAWMAX);
*10266SQuaker.Fang@Sun.COM		tap->txa_flags |= IEEE80211_AGGR_RUNNING;
*10266SQuaker.Fang@Sun.COM	} else {
*10266SQuaker.Fang@Sun.COM		/* mark tid so we don't try again */
*10266SQuaker.Fang@Sun.COM		tap->txa_flags |= IEEE80211_AGGR_NAK;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	return (1);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Default method for stopping A-MPDU tx aggregation.
*10266SQuaker.Fang@Sun.COM * Any timer is cleared and we drain any pending frames.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COM/* ARGSUSED */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMieee80211_addba_stop(struct ieee80211_node *in, struct ieee80211_tx_ampdu *tap)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	addba_stop_timeout(tap);
*10266SQuaker.Fang@Sun.COM	if (tap->txa_flags & IEEE80211_AGGR_RUNNING) {
*10266SQuaker.Fang@Sun.COM		/* clear aggregation queue */
*10266SQuaker.Fang@Sun.COM		tap->txa_flags &= ~IEEE80211_AGGR_RUNNING;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	tap->txa_attempts = 0;
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Process a received action frame using the default aggregation
*10266SQuaker.Fang@Sun.COM * policy.  We intercept ADDBA-related frames and use them to
*10266SQuaker.Fang@Sun.COM * update our aggregation state.  All other frames are passed up
*10266SQuaker.Fang@Sun.COM * for processing by ieee80211_recv_action.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMieee80211_aggr_recv_action(struct ieee80211_node *in,
*10266SQuaker.Fang@Sun.COM	const uint8_t *frm, const uint8_t *efrm)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM	const struct ieee80211_action *ia;
*10266SQuaker.Fang@Sun.COM	struct ieee80211_rx_ampdu *rap;
*10266SQuaker.Fang@Sun.COM	struct ieee80211_tx_ampdu *tap;
*10266SQuaker.Fang@Sun.COM	uint8_t dialogtoken;
*10266SQuaker.Fang@Sun.COM	uint16_t baparamset, batimeout, baseqctl, code;
*10266SQuaker.Fang@Sun.COM	uint16_t args[4];
*10266SQuaker.Fang@Sun.COM	int tid, ac, bufsiz;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ia = (const struct ieee80211_action *) frm;
*10266SQuaker.Fang@Sun.COM	switch (ia->ia_category) {
*10266SQuaker.Fang@Sun.COM	case IEEE80211_ACTION_CAT_BA:
*10266SQuaker.Fang@Sun.COM		switch (ia->ia_action) {
*10266SQuaker.Fang@Sun.COM		case IEEE80211_ACTION_BA_ADDBA_REQUEST:
*10266SQuaker.Fang@Sun.COM			dialogtoken = frm[2];
*10266SQuaker.Fang@Sun.COM			baparamset = *(uint16_t *)(frm+3);
*10266SQuaker.Fang@Sun.COM			batimeout = *(uint16_t *)(frm+5);
*10266SQuaker.Fang@Sun.COM			baseqctl = *(uint16_t *)(frm+7);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			tid = MS(baparamset, IEEE80211_BAPS_TID);
*10266SQuaker.Fang@Sun.COM			bufsiz = MS(baparamset, IEEE80211_BAPS_BUFSIZ);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "recv ADDBA request: dialogtoken %u "
*10266SQuaker.Fang@Sun.COM			    "baparamset 0x%x (tid %d bufsiz %d) batimeout %d "
*10266SQuaker.Fang@Sun.COM			    "baseqctl %d:%d\n",
*10266SQuaker.Fang@Sun.COM			    dialogtoken, baparamset, tid, bufsiz, batimeout,
*10266SQuaker.Fang@Sun.COM			    MS(baseqctl, IEEE80211_BASEQ_START),
*10266SQuaker.Fang@Sun.COM			    MS(baseqctl, IEEE80211_BASEQ_FRAG));
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			rap = &in->in_rx_ampdu[tid];
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			/* Send ADDBA response */
*10266SQuaker.Fang@Sun.COM			args[0] = dialogtoken;
*10266SQuaker.Fang@Sun.COM			/*
*10266SQuaker.Fang@Sun.COM			 * NB: We ack only if the sta associated with HT and
*10266SQuaker.Fang@Sun.COM			 * the ap is configured to do AMPDU rx (the latter
*10266SQuaker.Fang@Sun.COM			 * violates the 11n spec and is mostly for testing).
*10266SQuaker.Fang@Sun.COM			 */
*10266SQuaker.Fang@Sun.COM			if ((in->in_flags & IEEE80211_NODE_AMPDU_RX) &&
*10266SQuaker.Fang@Sun.COM			    (ic->ic_flags_ext & IEEE80211_FEXT_AMPDU_RX)) {
*10266SQuaker.Fang@Sun.COM				ampdu_rx_start(rap, bufsiz,
*10266SQuaker.Fang@Sun.COM				    MS(baseqctl, IEEE80211_BASEQ_START));
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM				args[1] = IEEE80211_STATUS_SUCCESS;
*10266SQuaker.Fang@Sun.COM			} else {
*10266SQuaker.Fang@Sun.COM				ieee80211_dbg(
*10266SQuaker.Fang@Sun.COM				    IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM				    "reject ADDBA request: %s\n",
*10266SQuaker.Fang@Sun.COM				    in->in_flags & IEEE80211_NODE_AMPDU_RX ?
*10266SQuaker.Fang@Sun.COM				    "administratively disabled" :
*10266SQuaker.Fang@Sun.COM				    "not negotiated for station");
*10266SQuaker.Fang@Sun.COM				args[1] = IEEE80211_STATUS_UNSPECIFIED;
*10266SQuaker.Fang@Sun.COM			}
*10266SQuaker.Fang@Sun.COM			/* honor rap flags? */
*10266SQuaker.Fang@Sun.COM			args[2] = IEEE80211_BAPS_POLICY_IMMEDIATE
*10266SQuaker.Fang@Sun.COM			    | SM(tid, IEEE80211_BAPS_TID)
*10266SQuaker.Fang@Sun.COM			    | SM(rap->rxa_wnd, IEEE80211_BAPS_BUFSIZ);
*10266SQuaker.Fang@Sun.COM			args[3] = 0;
*10266SQuaker.Fang@Sun.COM			ic->ic_send_action(in, IEEE80211_ACTION_CAT_BA,
*10266SQuaker.Fang@Sun.COM			    IEEE80211_ACTION_BA_ADDBA_RESPONSE, args);
*10266SQuaker.Fang@Sun.COM			return;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM		case IEEE80211_ACTION_BA_ADDBA_RESPONSE:
*10266SQuaker.Fang@Sun.COM			dialogtoken = frm[2];
*10266SQuaker.Fang@Sun.COM			code = *(uint16_t *)(frm+3);
*10266SQuaker.Fang@Sun.COM			baparamset = *(uint16_t *)(frm+5);
*10266SQuaker.Fang@Sun.COM			tid = MS(baparamset, IEEE80211_BAPS_TID);
*10266SQuaker.Fang@Sun.COM			bufsiz = MS(baparamset, IEEE80211_BAPS_BUFSIZ);
*10266SQuaker.Fang@Sun.COM			batimeout = *(uint16_t *)(frm+7);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			ac = TID_TO_WME_AC(tid);
*10266SQuaker.Fang@Sun.COM			tap = &in->in_tx_ampdu[ac];
*10266SQuaker.Fang@Sun.COM			if ((tap->txa_flags & IEEE80211_AGGR_XCHGPEND) == 0) {
*10266SQuaker.Fang@Sun.COM				ieee80211_err("ADDBA response"
*10266SQuaker.Fang@Sun.COM				    "no pending ADDBA, tid %d dialogtoken %u "
*10266SQuaker.Fang@Sun.COM				    "code %d\n", tid, dialogtoken, code);
*10266SQuaker.Fang@Sun.COM				return;
*10266SQuaker.Fang@Sun.COM			}
*10266SQuaker.Fang@Sun.COM			if (dialogtoken != tap->txa_token) {
*10266SQuaker.Fang@Sun.COM				ieee80211_err("ADDBA response"
*10266SQuaker.Fang@Sun.COM				    "dialogtoken mismatch: waiting for %d, "
*10266SQuaker.Fang@Sun.COM				    "received %d, tid %d code %d\n",
*10266SQuaker.Fang@Sun.COM				    tap->txa_token, dialogtoken, tid, code);
*10266SQuaker.Fang@Sun.COM				return;
*10266SQuaker.Fang@Sun.COM			}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "recv ADDBA response: dialogtoken %u code %d "
*10266SQuaker.Fang@Sun.COM			    "baparamset 0x%x (tid %d bufsiz %d) batimeout %d\n",
*10266SQuaker.Fang@Sun.COM			    dialogtoken, code, baparamset, tid, bufsiz,
*10266SQuaker.Fang@Sun.COM			    batimeout);
*10266SQuaker.Fang@Sun.COM			ic->ic_addba_response(in, tap,
*10266SQuaker.Fang@Sun.COM			    code, baparamset, batimeout);
*10266SQuaker.Fang@Sun.COM			return;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM		case IEEE80211_ACTION_BA_DELBA:
*10266SQuaker.Fang@Sun.COM			baparamset = *(uint16_t *)(frm+2);
*10266SQuaker.Fang@Sun.COM			code = *(uint16_t *)(frm+4);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			tid = MS(baparamset, IEEE80211_DELBAPS_TID);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "recv DELBA: baparamset 0x%x (tid %d initiator %d) "
*10266SQuaker.Fang@Sun.COM			    "code %d\n", baparamset, tid,
*10266SQuaker.Fang@Sun.COM			    MS(baparamset, IEEE80211_DELBAPS_INIT), code);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			if ((baparamset & IEEE80211_DELBAPS_INIT) == 0) {
*10266SQuaker.Fang@Sun.COM				ac = TID_TO_WME_AC(tid);
*10266SQuaker.Fang@Sun.COM				tap = &in->in_tx_ampdu[ac];
*10266SQuaker.Fang@Sun.COM				ic->ic_addba_stop(in, tap);
*10266SQuaker.Fang@Sun.COM			} else {
*10266SQuaker.Fang@Sun.COM				rap = &in->in_rx_ampdu[tid];
*10266SQuaker.Fang@Sun.COM				ampdu_rx_stop(rap);
*10266SQuaker.Fang@Sun.COM			}
*10266SQuaker.Fang@Sun.COM			return;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		break;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	ieee80211_recv_action(in, frm, efrm);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Process a received 802.11n action frame.
*10266SQuaker.Fang@Sun.COM * Aggregation-related frames are assumed to be handled
*10266SQuaker.Fang@Sun.COM * already; we handle any other frames we can, otherwise
*10266SQuaker.Fang@Sun.COM * complain about being unsupported (with debugging).
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COM/* ARGSUSED */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_recv_action(struct ieee80211_node *in,
*10266SQuaker.Fang@Sun.COM    const uint8_t *frm, const uint8_t *efrm)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	const struct ieee80211_action *ia;
*10266SQuaker.Fang@Sun.COM	int chw;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ia = (const struct ieee80211_action *) frm;
*10266SQuaker.Fang@Sun.COM	switch (ia->ia_category) {
*10266SQuaker.Fang@Sun.COM	case IEEE80211_ACTION_CAT_BA:
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM		    "BA action %d not implemented\n",
*10266SQuaker.Fang@Sun.COM		    ia->ia_action);
*10266SQuaker.Fang@Sun.COM		break;
*10266SQuaker.Fang@Sun.COM	case IEEE80211_ACTION_CAT_HT:
*10266SQuaker.Fang@Sun.COM		switch (ia->ia_action) {
*10266SQuaker.Fang@Sun.COM		case IEEE80211_ACTION_HT_TXCHWIDTH:
*10266SQuaker.Fang@Sun.COM			chw = frm[2] == IEEE80211_A_HT_TXCHWIDTH_2040 ? 40 : 20;
*10266SQuaker.Fang@Sun.COM			if (chw != in->in_chw) {
*10266SQuaker.Fang@Sun.COM				in->in_chw = (uint8_t)chw;
*10266SQuaker.Fang@Sun.COM				in->in_flags |= IEEE80211_NODE_CHWUPDATE;
*10266SQuaker.Fang@Sun.COM			}
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "HT txchwidth, width %d (%s)\n",
*10266SQuaker.Fang@Sun.COM			    chw,
*10266SQuaker.Fang@Sun.COM			    in->in_flags & IEEE80211_NODE_CHWUPDATE ?
*10266SQuaker.Fang@Sun.COM			    "new" : "no change");
*10266SQuaker.Fang@Sun.COM			break;
*10266SQuaker.Fang@Sun.COM		case IEEE80211_ACTION_HT_MIMOPWRSAVE:
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "HT MIMO PS\n");
*10266SQuaker.Fang@Sun.COM			break;
*10266SQuaker.Fang@Sun.COM		default:
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "HT action %d not implemented\n",
*10266SQuaker.Fang@Sun.COM			    ia->ia_action);
*10266SQuaker.Fang@Sun.COM			break;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		break;
*10266SQuaker.Fang@Sun.COM	default:
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM		    "category %d not implemented\n",
*10266SQuaker.Fang@Sun.COM		    ia->ia_category);
*10266SQuaker.Fang@Sun.COM		break;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Transmit processing.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Request A-MPDU tx aggregation.  Setup local state and
*10266SQuaker.Fang@Sun.COM * issue an ADDBA request.  BA use will only happen after
*10266SQuaker.Fang@Sun.COM * the other end replies with ADDBA response.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMint
*10266SQuaker.Fang@Sun.COMieee80211_ampdu_request(struct ieee80211_node *in,
*10266SQuaker.Fang@Sun.COM    struct ieee80211_tx_ampdu *tap)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM	uint16_t args[4];
*10266SQuaker.Fang@Sun.COM	int tid, dialogtoken;
*10266SQuaker.Fang@Sun.COM	static int tokens = 0;	/* tokens */
*10266SQuaker.Fang@Sun.COM	clock_t ticks;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ticks = ddi_get_lbolt();
*10266SQuaker.Fang@Sun.COM	if ((tap->txa_flags & IEEE80211_AGGR_SETUP) == 0) {
*10266SQuaker.Fang@Sun.COM		/* do deferred setup of state */
*10266SQuaker.Fang@Sun.COM		tap->txa_flags |= IEEE80211_AGGR_SETUP;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	if (tap->txa_attempts >= IEEE80211_AGGR_MAXTRIES &&
*10266SQuaker.Fang@Sun.COM	    (ticks - tap->txa_lastrequest) < IEEE80211_AGGR_MINRETRY) {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * Don't retry too often; IEEE80211_AGGR_MINRETRY
*10266SQuaker.Fang@Sun.COM		 * defines the minimum interval we'll retry after
*10266SQuaker.Fang@Sun.COM		 * IEEE80211_AGGR_MAXTRIES failed attempts to
*10266SQuaker.Fang@Sun.COM		 * negotiate use.
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		return (0);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	/* hack for not doing proper locking */
*10266SQuaker.Fang@Sun.COM	tap->txa_flags &= ~IEEE80211_AGGR_NAK;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	dialogtoken = (tokens+1) % 63;		/* algorithm */
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	tid = WME_AC_TO_TID(tap->txa_ac);
*10266SQuaker.Fang@Sun.COM	args[0] = (uint16_t)dialogtoken;
*10266SQuaker.Fang@Sun.COM	args[1]	= IEEE80211_BAPS_POLICY_IMMEDIATE
*10266SQuaker.Fang@Sun.COM	    | SM(tid, IEEE80211_BAPS_TID)
*10266SQuaker.Fang@Sun.COM	    | SM(IEEE80211_AGGR_BAWMAX, IEEE80211_BAPS_BUFSIZ);
*10266SQuaker.Fang@Sun.COM	args[2] = 0;	/* batimeout */
*10266SQuaker.Fang@Sun.COM	args[3] = SM(0, IEEE80211_BASEQ_START)
*10266SQuaker.Fang@Sun.COM	    | SM(0, IEEE80211_BASEQ_FRAG);
*10266SQuaker.Fang@Sun.COM	/* NB: do first so there's no race against reply */
*10266SQuaker.Fang@Sun.COM	if (!ic->ic_addba_request(in, tap, dialogtoken, args[1], args[2])) {
*10266SQuaker.Fang@Sun.COM		/* unable to setup state, don't make request */
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM		    "could not setup BA stream for AC %d\n",
*10266SQuaker.Fang@Sun.COM		    tap->txa_ac);
*10266SQuaker.Fang@Sun.COM		/* defer next try so we don't slam the driver with requests */
*10266SQuaker.Fang@Sun.COM		tap->txa_attempts = IEEE80211_AGGR_MAXTRIES;
*10266SQuaker.Fang@Sun.COM		tap->txa_lastrequest = ticks;
*10266SQuaker.Fang@Sun.COM		return (0);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	tokens = dialogtoken;			/* allocate token */
*10266SQuaker.Fang@Sun.COM	return (ic->ic_send_action(in, IEEE80211_ACTION_CAT_BA,
*10266SQuaker.Fang@Sun.COM	    IEEE80211_ACTION_BA_ADDBA_REQUEST, args));
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Terminate an AMPDU tx stream. State is reclaimed
*10266SQuaker.Fang@Sun.COM * and the peer notified with a DelBA Action frame.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_ampdu_stop(struct ieee80211_node *in, struct ieee80211_tx_ampdu *tap)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM	uint16_t args[4];
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if (IEEE80211_AMPDU_RUNNING(tap)) {
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM		    "stop BA stream for AC %d\n", tap->txa_ac);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM		ic->ic_addba_stop(in, tap);
*10266SQuaker.Fang@Sun.COM		args[0] = WME_AC_TO_TID(tap->txa_ac);
*10266SQuaker.Fang@Sun.COM		args[1] = IEEE80211_DELBAPS_INIT;
*10266SQuaker.Fang@Sun.COM		args[2] = 1;				/* reason code */
*10266SQuaker.Fang@Sun.COM		(void) ieee80211_send_action(in, IEEE80211_ACTION_CAT_BA,
*10266SQuaker.Fang@Sun.COM		    IEEE80211_ACTION_BA_DELBA, args);
*10266SQuaker.Fang@Sun.COM	} else {
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM		    "BA stream for AC %d not running\n",
*10266SQuaker.Fang@Sun.COM		    tap->txa_ac);
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Transmit a BAR frame to the specified node.  The
*10266SQuaker.Fang@Sun.COM * BAR contents are drawn from the supplied aggregation
*10266SQuaker.Fang@Sun.COM * state associated with the node.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMint
*10266SQuaker.Fang@Sun.COMieee80211_send_bar(struct ieee80211_node *in,
*10266SQuaker.Fang@Sun.COM    const struct ieee80211_tx_ampdu *tap)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM#define	ADDSHORT(frm, v) do {			\
*10266SQuaker.Fang@Sun.COM        _NOTE(CONSTCOND)                        \
*10266SQuaker.Fang@Sun.COM	frm[0] = (v) & 0xff;			\
*10266SQuaker.Fang@Sun.COM	frm[1] = (v) >> 8;			\
*10266SQuaker.Fang@Sun.COM	frm += 2;				\
*10266SQuaker.Fang@Sun.COM        _NOTE(CONSTCOND)                        \
*10266SQuaker.Fang@Sun.COM} while (0)
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM	struct ieee80211_frame_min *wh;
*10266SQuaker.Fang@Sun.COM	mblk_t *m;
*10266SQuaker.Fang@Sun.COM	uint8_t *frm;
*10266SQuaker.Fang@Sun.COM	uint16_t barctl, barseqctl;
*10266SQuaker.Fang@Sun.COM	int tid;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	m = ieee80211_getmgtframe(&frm, sizeof (struct ieee80211_ba_request));
*10266SQuaker.Fang@Sun.COM	if (m == NULL)
*10266SQuaker.Fang@Sun.COM		return (ENOMEM);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	wh = (struct ieee80211_frame_min *)m->b_rptr;
*10266SQuaker.Fang@Sun.COM	wh->i_fc[0] = IEEE80211_FC0_VERSION_0 |
*10266SQuaker.Fang@Sun.COM	    IEEE80211_FC0_TYPE_CTL | IEEE80211_FC0_SUBTYPE_BAR;
*10266SQuaker.Fang@Sun.COM	wh->i_fc[1] = 0;
*10266SQuaker.Fang@Sun.COM	IEEE80211_ADDR_COPY(wh->i_addr1, in->in_macaddr);
*10266SQuaker.Fang@Sun.COM	IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_macaddr);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	tid = WME_AC_TO_TID(tap->txa_ac);
*10266SQuaker.Fang@Sun.COM	barctl 	= (tap->txa_flags & IEEE80211_AGGR_IMMEDIATE ?
*10266SQuaker.Fang@Sun.COM	    IEEE80211_BAPS_POLICY_IMMEDIATE :
*10266SQuaker.Fang@Sun.COM	    IEEE80211_BAPS_POLICY_DELAYED)
*10266SQuaker.Fang@Sun.COM	    | SM(tid, IEEE80211_BAPS_TID)
*10266SQuaker.Fang@Sun.COM	    | SM(tap->txa_wnd, IEEE80211_BAPS_BUFSIZ);
*10266SQuaker.Fang@Sun.COM	barseqctl = SM(tap->txa_start, IEEE80211_BASEQ_START)
*10266SQuaker.Fang@Sun.COM	    | SM(0, IEEE80211_BASEQ_FRAG);
*10266SQuaker.Fang@Sun.COM	ADDSHORT(frm, barctl);
*10266SQuaker.Fang@Sun.COM	ADDSHORT(frm, barseqctl);
*10266SQuaker.Fang@Sun.COM	m->b_wptr = frm;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ieee80211_dbg(IEEE80211_MSG_DEBUG,
*10266SQuaker.Fang@Sun.COM	    "send bar frame (tid %u start %u) on channel %u\n",
*10266SQuaker.Fang@Sun.COM	    tid, tap->txa_start, ieee80211_chan2ieee(ic, ic->ic_curchan));
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	(void) (*ic->ic_xmit)(ic, m, IEEE80211_FC0_TYPE_CTL);	/* MGT? */
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	return (0);
*10266SQuaker.Fang@Sun.COM#undef ADDSHORT
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Send an action management frame.  The arguments are stuff
*10266SQuaker.Fang@Sun.COM * into a frame without inspection; the caller is assumed to
*10266SQuaker.Fang@Sun.COM * prepare them carefully (e.g. based on the aggregation state).
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMint
*10266SQuaker.Fang@Sun.COMieee80211_send_action(struct ieee80211_node *in,
*10266SQuaker.Fang@Sun.COM    int category, int action, uint16_t args[4])
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM#define	ADDSHORT(frm, v) do {			\
*10266SQuaker.Fang@Sun.COM        _NOTE(CONSTCOND)                        \
*10266SQuaker.Fang@Sun.COM	frm[0] = (v) & 0xff;			\
*10266SQuaker.Fang@Sun.COM	frm[1] = (v) >> 8;			\
*10266SQuaker.Fang@Sun.COM	frm += 2;				\
*10266SQuaker.Fang@Sun.COM        _NOTE(CONSTCOND)                        \
*10266SQuaker.Fang@Sun.COM} while (0)
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM	mblk_t *m;
*10266SQuaker.Fang@Sun.COM	uint8_t *frm;
*10266SQuaker.Fang@Sun.COM	uint16_t baparamset;
*10266SQuaker.Fang@Sun.COM	int ret;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ASSERT(in != NULL);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	m = ieee80211_getmgtframe(&frm,
*10266SQuaker.Fang@Sun.COM	    sizeof (uint16_t)	/* action+category */
*10266SQuaker.Fang@Sun.COM	    /* may action payload */
*10266SQuaker.Fang@Sun.COM	    + sizeof (struct ieee80211_action_ba_addbaresponse));
*10266SQuaker.Fang@Sun.COM	if (m == NULL)
*10266SQuaker.Fang@Sun.COM		return (ENOMEM);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	*frm++ = (uint8_t)category;
*10266SQuaker.Fang@Sun.COM	*frm++ = (uint8_t)action;
*10266SQuaker.Fang@Sun.COM	switch (category) {
*10266SQuaker.Fang@Sun.COM	case IEEE80211_ACTION_CAT_BA:
*10266SQuaker.Fang@Sun.COM		switch (action) {
*10266SQuaker.Fang@Sun.COM		case IEEE80211_ACTION_BA_ADDBA_REQUEST:
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "send ADDBA request: dialogtoken %d "
*10266SQuaker.Fang@Sun.COM			    "baparamset 0x%x (tid %d) "
*10266SQuaker.Fang@Sun.COM			    "batimeout 0x%x baseqctl 0x%x\n",
*10266SQuaker.Fang@Sun.COM			    args[0], args[1], MS(args[1], IEEE80211_BAPS_TID),
*10266SQuaker.Fang@Sun.COM			    args[2], args[3]);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			*frm++ = args[0];	/* dialog token */
*10266SQuaker.Fang@Sun.COM			ADDSHORT(frm, args[1]);	/* baparamset */
*10266SQuaker.Fang@Sun.COM			ADDSHORT(frm, args[2]);	/* batimeout */
*10266SQuaker.Fang@Sun.COM			ADDSHORT(frm, args[3]);	/* baseqctl */
*10266SQuaker.Fang@Sun.COM			break;
*10266SQuaker.Fang@Sun.COM		case IEEE80211_ACTION_BA_ADDBA_RESPONSE:
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "send ADDBA response: dialogtoken %d status %d "
*10266SQuaker.Fang@Sun.COM			    "baparamset 0x%x (tid %d) batimeout %d\n",
*10266SQuaker.Fang@Sun.COM			    args[0], args[1], args[2],
*10266SQuaker.Fang@Sun.COM			    MS(args[2], IEEE80211_BAPS_TID), args[3]);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			*frm++ = args[0];	/* dialog token */
*10266SQuaker.Fang@Sun.COM			ADDSHORT(frm, args[1]);	/* statuscode */
*10266SQuaker.Fang@Sun.COM			ADDSHORT(frm, args[2]);	/* baparamset */
*10266SQuaker.Fang@Sun.COM			ADDSHORT(frm, args[3]);	/* batimeout */
*10266SQuaker.Fang@Sun.COM			break;
*10266SQuaker.Fang@Sun.COM		case IEEE80211_ACTION_BA_DELBA:
*10266SQuaker.Fang@Sun.COM			baparamset = SM(args[0], IEEE80211_DELBAPS_TID)
*10266SQuaker.Fang@Sun.COM			    | SM(args[1], IEEE80211_DELBAPS_INIT);
*10266SQuaker.Fang@Sun.COM			ADDSHORT(frm, baparamset);
*10266SQuaker.Fang@Sun.COM			ADDSHORT(frm, args[2]);	/* reason code */
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "send DELBA action: tid %d, initiator %d "
*10266SQuaker.Fang@Sun.COM			    "reason %d\n",
*10266SQuaker.Fang@Sun.COM			    args[0], args[1], args[2]);
*10266SQuaker.Fang@Sun.COM			break;
*10266SQuaker.Fang@Sun.COM		default:
*10266SQuaker.Fang@Sun.COM			goto badaction;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		break;
*10266SQuaker.Fang@Sun.COM	case IEEE80211_ACTION_CAT_HT:
*10266SQuaker.Fang@Sun.COM		switch (action) {
*10266SQuaker.Fang@Sun.COM		case IEEE80211_ACTION_HT_TXCHWIDTH:
*10266SQuaker.Fang@Sun.COM			ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM			    "send HT txchwidth: width %d\n",
*10266SQuaker.Fang@Sun.COM			    IEEE80211_IS_CHAN_HT40(ic->ic_curchan) ? 40 : 20);
*10266SQuaker.Fang@Sun.COM			*frm++ = IEEE80211_IS_CHAN_HT40(ic->ic_curchan) ?
*10266SQuaker.Fang@Sun.COM			    IEEE80211_A_HT_TXCHWIDTH_2040 :
*10266SQuaker.Fang@Sun.COM			    IEEE80211_A_HT_TXCHWIDTH_20;
*10266SQuaker.Fang@Sun.COM			break;
*10266SQuaker.Fang@Sun.COM		default:
*10266SQuaker.Fang@Sun.COM			goto badaction;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		break;
*10266SQuaker.Fang@Sun.COM	default:
*10266SQuaker.Fang@Sun.COM	badaction:
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_ACTION | IEEE80211_MSG_HT,
*10266SQuaker.Fang@Sun.COM		    "unsupported category %d action %d\n",
*10266SQuaker.Fang@Sun.COM		    category, action);
*10266SQuaker.Fang@Sun.COM		return (EINVAL);
*10266SQuaker.Fang@Sun.COM		/* NOTREACHED */
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	m->b_wptr = frm;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ret = ieee80211_mgmt_output(ic, in, m, IEEE80211_FC0_SUBTYPE_ACTION, 0);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	return (ret);
*10266SQuaker.Fang@Sun.COM#undef ADDSHORT
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Construct the MCS bit mask for inclusion
*10266SQuaker.Fang@Sun.COM * in an HT information element.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMieee80211_set_htrates(uint8_t *frm, const struct ieee80211_htrateset *rs)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	int i;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	for (i = 0; i < rs->rs_nrates; i++) {
*10266SQuaker.Fang@Sun.COM		int r = rs->rs_rates[i] & IEEE80211_RATE_VAL;
*10266SQuaker.Fang@Sun.COM		if (r < IEEE80211_HTRATE_MAXSIZE) {
*10266SQuaker.Fang@Sun.COM			/* NB: this assumes a particular implementation */
*10266SQuaker.Fang@Sun.COM			ieee80211_setbit(frm, r);
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Add body of an HTCAP information element.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic uint8_t *
*10266SQuaker.Fang@Sun.COMieee80211_add_htcap_body(uint8_t *frm, struct ieee80211_node *in)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM#define	ADDSHORT(frm, v) do {			\
*10266SQuaker.Fang@Sun.COM        _NOTE(CONSTCOND)                        \
*10266SQuaker.Fang@Sun.COM	frm[0] = (v) & 0xff;			\
*10266SQuaker.Fang@Sun.COM	frm[1] = (v) >> 8;			\
*10266SQuaker.Fang@Sun.COM	frm += 2;				\
*10266SQuaker.Fang@Sun.COM        _NOTE(CONSTCOND)                        \
*10266SQuaker.Fang@Sun.COM} while (0)
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM	uint16_t caps;
*10266SQuaker.Fang@Sun.COM	int rxmax, density;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* HT capabilities */
*10266SQuaker.Fang@Sun.COM	caps = ic->ic_htcaps & 0xffff;
*10266SQuaker.Fang@Sun.COM	/*
*10266SQuaker.Fang@Sun.COM	 * Note channel width depends on whether we are operating as
*10266SQuaker.Fang@Sun.COM	 * a sta or not.  When operating as a sta we are generating
*10266SQuaker.Fang@Sun.COM	 * a request based on our desired configuration.  Otherwise
*10266SQuaker.Fang@Sun.COM	 * we are operational and the channel attributes identify
*10266SQuaker.Fang@Sun.COM	 * how we've been setup (which might be different if a fixed
*10266SQuaker.Fang@Sun.COM	 * channel is specified).
*10266SQuaker.Fang@Sun.COM	 */
*10266SQuaker.Fang@Sun.COM	if (ic->ic_opmode == IEEE80211_M_STA) {
*10266SQuaker.Fang@Sun.COM		/* override 20/40 use based on config */
*10266SQuaker.Fang@Sun.COM		if (ic->ic_flags_ext & IEEE80211_FEXT_USEHT40)
*10266SQuaker.Fang@Sun.COM			caps |= IEEE80211_HTCAP_CHWIDTH40;
*10266SQuaker.Fang@Sun.COM		else
*10266SQuaker.Fang@Sun.COM			caps &= ~IEEE80211_HTCAP_CHWIDTH40;
*10266SQuaker.Fang@Sun.COM		/* use advertised setting (locally constraint) */
*10266SQuaker.Fang@Sun.COM		rxmax = MS(in->in_htparam, IEEE80211_HTCAP_MAXRXAMPDU);
*10266SQuaker.Fang@Sun.COM		density = MS(in->in_htparam, IEEE80211_HTCAP_MPDUDENSITY);
*10266SQuaker.Fang@Sun.COM	} else {
*10266SQuaker.Fang@Sun.COM		/* override 20/40 use based on current channel */
*10266SQuaker.Fang@Sun.COM		if (IEEE80211_IS_CHAN_HT40(ic->ic_curchan))
*10266SQuaker.Fang@Sun.COM			caps |= IEEE80211_HTCAP_CHWIDTH40;
*10266SQuaker.Fang@Sun.COM		else
*10266SQuaker.Fang@Sun.COM			caps &= ~IEEE80211_HTCAP_CHWIDTH40;
*10266SQuaker.Fang@Sun.COM		rxmax = ic->ic_ampdu_rxmax;
*10266SQuaker.Fang@Sun.COM		density = ic->ic_ampdu_density;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM	/* adjust short GI based on channel and config */
*10266SQuaker.Fang@Sun.COM	if ((ic->ic_flags_ext & IEEE80211_FEXT_SHORTGI20) == 0)
*10266SQuaker.Fang@Sun.COM		caps &= ~IEEE80211_HTCAP_SHORTGI20;
*10266SQuaker.Fang@Sun.COM	if ((ic->ic_flags_ext & IEEE80211_FEXT_SHORTGI40) == 0 ||
*10266SQuaker.Fang@Sun.COM	    (caps & IEEE80211_HTCAP_CHWIDTH40) == 0)
*10266SQuaker.Fang@Sun.COM		caps &= ~IEEE80211_HTCAP_SHORTGI40;
*10266SQuaker.Fang@Sun.COM	ADDSHORT(frm, caps);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* HT parameters */
*10266SQuaker.Fang@Sun.COM	*frm = SM(rxmax, IEEE80211_HTCAP_MAXRXAMPDU)
*10266SQuaker.Fang@Sun.COM	    | SM(density, IEEE80211_HTCAP_MPDUDENSITY);
*10266SQuaker.Fang@Sun.COM	frm++;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* pre-zero remainder of ie */
*10266SQuaker.Fang@Sun.COM	(void) memset(frm, 0, sizeof (struct ieee80211_ie_htcap) -
*10266SQuaker.Fang@Sun.COM	    offsetof(struct ieee80211_ie_htcap, hc_mcsset));
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* supported MCS set */
*10266SQuaker.Fang@Sun.COM	/*
*10266SQuaker.Fang@Sun.COM	 * it would better to get the rate set from in_htrates
*10266SQuaker.Fang@Sun.COM	 * so we can restrict it but for sta mode in_htrates isn't
*10266SQuaker.Fang@Sun.COM	 * setup when we're called to form an AssocReq frame so for
*10266SQuaker.Fang@Sun.COM	 * now we're restricted to the default HT rate set.
*10266SQuaker.Fang@Sun.COM	 */
*10266SQuaker.Fang@Sun.COM	ieee80211_set_htrates(frm, &ieee80211_rateset_11n);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	frm += sizeof (struct ieee80211_ie_htcap) -
*10266SQuaker.Fang@Sun.COM	    offsetof(struct ieee80211_ie_htcap, hc_mcsset);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	return (frm);
*10266SQuaker.Fang@Sun.COM#undef ADDSHORT
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Add 802.11n HT capabilities information element
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMuint8_t *
*10266SQuaker.Fang@Sun.COMieee80211_add_htcap(uint8_t *frm, struct ieee80211_node *in)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	frm[0] = IEEE80211_ELEMID_HTCAP;
*10266SQuaker.Fang@Sun.COM	frm[1] = sizeof (struct ieee80211_ie_htcap) - 2;
*10266SQuaker.Fang@Sun.COM	return (ieee80211_add_htcap_body(frm + 2, in));
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Add Broadcom OUI wrapped standard HTCAP ie; this is
*10266SQuaker.Fang@Sun.COM * used for compatibility w/ pre-draft implementations.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMuint8_t *
*10266SQuaker.Fang@Sun.COMieee80211_add_htcap_vendor(uint8_t *frm, struct ieee80211_node *in)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	frm[0] = IEEE80211_ELEMID_VENDOR;
*10266SQuaker.Fang@Sun.COM	frm[1] = 4 + sizeof (struct ieee80211_ie_htcap) - 2;
*10266SQuaker.Fang@Sun.COM	frm[2] = (BCM_OUI >> 0) & 0xff;
*10266SQuaker.Fang@Sun.COM	frm[3] = (BCM_OUI >> 8) & 0xff;
*10266SQuaker.Fang@Sun.COM	frm[4] = (BCM_OUI >> 16) & 0xff;
*10266SQuaker.Fang@Sun.COM	frm[5] = BCM_OUI_HTCAP;
*10266SQuaker.Fang@Sun.COM	return (ieee80211_add_htcap_body(frm + 6, in));
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Construct the MCS bit mask of basic rates
*10266SQuaker.Fang@Sun.COM * for inclusion in an HT information element.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMieee80211_set_basic_htrates(uint8_t *frm, const struct ieee80211_htrateset *rs)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	int i;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	for (i = 0; i < rs->rs_nrates; i++) {
*10266SQuaker.Fang@Sun.COM		int r = rs->rs_rates[i] & IEEE80211_RATE_VAL;
*10266SQuaker.Fang@Sun.COM		if ((rs->rs_rates[i] & IEEE80211_RATE_BASIC) &&
*10266SQuaker.Fang@Sun.COM		    r < IEEE80211_HTRATE_MAXSIZE) {
*10266SQuaker.Fang@Sun.COM			/* NB: this assumes a particular implementation */
*10266SQuaker.Fang@Sun.COM			ieee80211_setbit(frm, r);
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Update the HTINFO ie for a beacon frame.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_ht_update_beacon(struct ieee80211com *ic,
*10266SQuaker.Fang@Sun.COM    struct ieee80211_beacon_offsets *bo)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM#define	PROTMODE	(IEEE80211_HTINFO_OPMODE|IEEE80211_HTINFO_NONHT_PRESENT)
*10266SQuaker.Fang@Sun.COM	struct ieee80211_ie_htinfo *ht =
*10266SQuaker.Fang@Sun.COM	    (struct ieee80211_ie_htinfo *)bo->bo_htinfo;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* only update on channel change */
*10266SQuaker.Fang@Sun.COM	ht->hi_ctrlchannel = ieee80211_chan2ieee(ic, ic->ic_curchan);
*10266SQuaker.Fang@Sun.COM	ht->hi_byte1 = IEEE80211_HTINFO_RIFSMODE_PROH;
*10266SQuaker.Fang@Sun.COM	if (IEEE80211_IS_CHAN_HT40U(ic->ic_curchan))
*10266SQuaker.Fang@Sun.COM		ht->hi_byte1 |= IEEE80211_HTINFO_2NDCHAN_ABOVE;
*10266SQuaker.Fang@Sun.COM	else if (IEEE80211_IS_CHAN_HT40D(ic->ic_curchan))
*10266SQuaker.Fang@Sun.COM		ht->hi_byte1 |= IEEE80211_HTINFO_2NDCHAN_BELOW;
*10266SQuaker.Fang@Sun.COM	else	/* LINTED */
*10266SQuaker.Fang@Sun.COM		ht->hi_byte1 |= IEEE80211_HTINFO_2NDCHAN_NONE;
*10266SQuaker.Fang@Sun.COM	if (IEEE80211_IS_CHAN_HT40(ic->ic_curchan))
*10266SQuaker.Fang@Sun.COM		ht->hi_byte1 |= IEEE80211_HTINFO_TXWIDTH_2040;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* protection mode */
*10266SQuaker.Fang@Sun.COM	ht->hi_byte2 = (ht->hi_byte2 &~ PROTMODE) | ic->ic_curhtprotmode;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* propagate to vendor ie's */
*10266SQuaker.Fang@Sun.COM#undef PROTMODE
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Add body of an HTINFO information element.
*10266SQuaker.Fang@Sun.COM *
*10266SQuaker.Fang@Sun.COM * NB: We don't use struct ieee80211_ie_htinfo because we can
*10266SQuaker.Fang@Sun.COM * be called to fillin both a standard ie and a compat ie that
*10266SQuaker.Fang@Sun.COM * has a vendor OUI at the front.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMstatic uint8_t *
*10266SQuaker.Fang@Sun.COMieee80211_add_htinfo_body(uint8_t *frm, struct ieee80211_node *in)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	struct ieee80211com *ic = in->in_ic;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* pre-zero remainder of ie */
*10266SQuaker.Fang@Sun.COM	(void) memset(frm, 0, sizeof (struct ieee80211_ie_htinfo) - 2);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* primary/control channel center */
*10266SQuaker.Fang@Sun.COM	*frm++ = ieee80211_chan2ieee(ic, ic->ic_curchan);
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	frm[0] = IEEE80211_HTINFO_RIFSMODE_PROH;
*10266SQuaker.Fang@Sun.COM	if (IEEE80211_IS_CHAN_HT40U(ic->ic_curchan))
*10266SQuaker.Fang@Sun.COM		frm[0] |= IEEE80211_HTINFO_2NDCHAN_ABOVE;
*10266SQuaker.Fang@Sun.COM	else if (IEEE80211_IS_CHAN_HT40D(ic->ic_curchan))
*10266SQuaker.Fang@Sun.COM		frm[0] |= IEEE80211_HTINFO_2NDCHAN_BELOW;
*10266SQuaker.Fang@Sun.COM	else	/* LINTED */
*10266SQuaker.Fang@Sun.COM		frm[0] |= IEEE80211_HTINFO_2NDCHAN_NONE;
*10266SQuaker.Fang@Sun.COM	if (IEEE80211_IS_CHAN_HT40(ic->ic_curchan))
*10266SQuaker.Fang@Sun.COM		frm[0] |= IEEE80211_HTINFO_TXWIDTH_2040;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	frm[1] = ic->ic_curhtprotmode;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	frm += 5;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* basic MCS set */
*10266SQuaker.Fang@Sun.COM	ieee80211_set_basic_htrates(frm, &in->in_htrates);
*10266SQuaker.Fang@Sun.COM	frm += sizeof (struct ieee80211_ie_htinfo) -
*10266SQuaker.Fang@Sun.COM	    offsetof(struct ieee80211_ie_htinfo, hi_basicmcsset);
*10266SQuaker.Fang@Sun.COM	return (frm);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Add 802.11n HT information information element.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMuint8_t *
*10266SQuaker.Fang@Sun.COMieee80211_add_htinfo(uint8_t *frm, struct ieee80211_node *in)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	frm[0] = IEEE80211_ELEMID_HTINFO;
*10266SQuaker.Fang@Sun.COM	frm[1] = sizeof (struct ieee80211_ie_htinfo) - 2;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	return (ieee80211_add_htinfo_body(frm + 2, in));
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/*
*10266SQuaker.Fang@Sun.COM * Add Broadcom OUI wrapped standard HTINFO ie; this is
*10266SQuaker.Fang@Sun.COM * used for compatibility w/ pre-draft implementations.
*10266SQuaker.Fang@Sun.COM */
*10266SQuaker.Fang@Sun.COMuint8_t *
*10266SQuaker.Fang@Sun.COMieee80211_add_htinfo_vendor(uint8_t *frm, struct ieee80211_node *in)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	frm[0] = IEEE80211_ELEMID_VENDOR;
*10266SQuaker.Fang@Sun.COM	frm[1] = 4 + sizeof (struct ieee80211_ie_htinfo) - 2;
*10266SQuaker.Fang@Sun.COM	frm[2] = (BCM_OUI >> 0) & 0xff;
*10266SQuaker.Fang@Sun.COM	frm[3] = (BCM_OUI >> 8) & 0xff;
*10266SQuaker.Fang@Sun.COM	frm[4] = (BCM_OUI >> 16) & 0xff;
*10266SQuaker.Fang@Sun.COM	frm[5] = BCM_OUI_HTINFO;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	return (ieee80211_add_htinfo_body(frm + 6, in));
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_ht_attach(struct ieee80211com *ic)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	/* setup default aggregation policy */
*10266SQuaker.Fang@Sun.COM	ic->ic_recv_action = ieee80211_aggr_recv_action;
*10266SQuaker.Fang@Sun.COM	ic->ic_send_action = ieee80211_send_action;
*10266SQuaker.Fang@Sun.COM	ic->ic_addba_request = ieee80211_addba_request;
*10266SQuaker.Fang@Sun.COM	ic->ic_addba_response = ieee80211_addba_response;
*10266SQuaker.Fang@Sun.COM	ic->ic_addba_stop = ieee80211_addba_stop;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ic->ic_htprotmode = IEEE80211_PROT_RTSCTS;
*10266SQuaker.Fang@Sun.COM	ic->ic_curhtprotmode = IEEE80211_HTINFO_OPMODE_PURE;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	/* get from driver */
*10266SQuaker.Fang@Sun.COM	ic->ic_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_8K;
*10266SQuaker.Fang@Sun.COM	ic->ic_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_NA;
*10266SQuaker.Fang@Sun.COM	ic->ic_ampdu_limit = ic->ic_ampdu_rxmax;
*10266SQuaker.Fang@Sun.COM	ic->ic_amsdu_limit = IEEE80211_HTCAP_MAXAMSDU_3839;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if (ic->ic_htcaps & IEEE80211_HTC_HT) {
*10266SQuaker.Fang@Sun.COM		/*
*10266SQuaker.Fang@Sun.COM		 * Device is HT capable; enable all HT-related
*10266SQuaker.Fang@Sun.COM		 * facilities by default.
*10266SQuaker.Fang@Sun.COM		 * these choices may be too aggressive.
*10266SQuaker.Fang@Sun.COM		 */
*10266SQuaker.Fang@Sun.COM		ic->ic_flags_ext |= IEEE80211_FEXT_HT | IEEE80211_FEXT_HTCOMPAT;
*10266SQuaker.Fang@Sun.COM		if (ic->ic_htcaps & IEEE80211_HTCAP_SHORTGI20)
*10266SQuaker.Fang@Sun.COM			ic->ic_flags_ext |= IEEE80211_FEXT_SHORTGI20;
*10266SQuaker.Fang@Sun.COM		/* infer from channel list? */
*10266SQuaker.Fang@Sun.COM		if (ic->ic_htcaps & IEEE80211_HTCAP_CHWIDTH40) {
*10266SQuaker.Fang@Sun.COM			ic->ic_flags_ext |= IEEE80211_FEXT_USEHT40;
*10266SQuaker.Fang@Sun.COM			if (ic->ic_htcaps & IEEE80211_HTCAP_SHORTGI40)
*10266SQuaker.Fang@Sun.COM				ic->ic_flags_ext |= IEEE80211_FEXT_SHORTGI40;
*10266SQuaker.Fang@Sun.COM		}
*10266SQuaker.Fang@Sun.COM		/* NB: A-MPDU and A-MSDU rx are mandated, these are tx only */
*10266SQuaker.Fang@Sun.COM		ic->ic_flags_ext |= IEEE80211_FEXT_AMPDU_RX;
*10266SQuaker.Fang@Sun.COM		if (ic->ic_htcaps & IEEE80211_HTC_AMPDU)
*10266SQuaker.Fang@Sun.COM			ic->ic_flags_ext |= IEEE80211_FEXT_AMPDU_TX;
*10266SQuaker.Fang@Sun.COM		ic->ic_flags_ext |= IEEE80211_FEXT_AMSDU_RX;
*10266SQuaker.Fang@Sun.COM		if (ic->ic_htcaps & IEEE80211_HTC_AMSDU)
*10266SQuaker.Fang@Sun.COM			ic->ic_flags_ext |= IEEE80211_FEXT_AMSDU_TX;
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM#define	ieee80211_isset16(a, i)	((a) & (1 << (i)))
*10266SQuaker.Fang@Sun.COM	/* fill default rate sets for 11NA/11NG if driver has no specified */
*10266SQuaker.Fang@Sun.COM	if (ieee80211_isset16(ic->ic_modecaps, IEEE80211_MODE_11NA) &&
*10266SQuaker.Fang@Sun.COM	    ic->ic_sup_rates[IEEE80211_MODE_11NA].ir_nrates == 0) {
*10266SQuaker.Fang@Sun.COM		ic->ic_sup_rates[IEEE80211_MODE_11NA] =
*10266SQuaker.Fang@Sun.COM		    ic->ic_sup_rates[IEEE80211_MODE_11A];
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	if (ieee80211_isset16(ic->ic_modecaps, IEEE80211_MODE_11NG) &&
*10266SQuaker.Fang@Sun.COM	    ic->ic_sup_rates[IEEE80211_MODE_11NG].ir_nrates == 0) {
*10266SQuaker.Fang@Sun.COM		ic->ic_sup_rates[IEEE80211_MODE_11NG] =
*10266SQuaker.Fang@Sun.COM		    ic->ic_sup_rates[IEEE80211_MODE_11G];
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM#undef ieee80211_isset16
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/* ARGSUSED */
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_ht_detach(struct ieee80211com *ic)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/* ARGSUSED */
*10266SQuaker.Fang@Sun.COMstatic void
*10266SQuaker.Fang@Sun.COMht_announce(struct ieee80211com *ic, int mode,
*10266SQuaker.Fang@Sun.COM	const struct ieee80211_htrateset *rs)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	int i, rate;
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM	ieee80211_dbg(IEEE80211_MSG_HT, "%s MCS: \n",
*10266SQuaker.Fang@Sun.COM	    ieee80211_phymode_name[mode]);
*10266SQuaker.Fang@Sun.COM	for (i = 0; i < rs->rs_nrates; i++) {
*10266SQuaker.Fang@Sun.COM		rate = ieee80211_htrates[rs->rs_rates[i]];
*10266SQuaker.Fang@Sun.COM		ieee80211_dbg(IEEE80211_MSG_HT, "%s%d%sMbps\n",
*10266SQuaker.Fang@Sun.COM		    (i != 0 ? " " : ""),
*10266SQuaker.Fang@Sun.COM		    rate / 2, ((rate & 0x1) != 0 ? ".5" : ""));
*10266SQuaker.Fang@Sun.COM	}
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COMvoid
*10266SQuaker.Fang@Sun.COMieee80211_ht_announce(struct ieee80211com *ic)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	if (ic->ic_modecaps & (1 << IEEE80211_MODE_11NA))
*10266SQuaker.Fang@Sun.COM		ht_announce(ic, IEEE80211_MODE_11NA, &ieee80211_rateset_11n);
*10266SQuaker.Fang@Sun.COM	if (ic->ic_modecaps & (1 << IEEE80211_MODE_11NG))
*10266SQuaker.Fang@Sun.COM		ht_announce(ic, IEEE80211_MODE_11NG, &ieee80211_rateset_11n);
*10266SQuaker.Fang@Sun.COM}
*10266SQuaker.Fang@Sun.COM
*10266SQuaker.Fang@Sun.COM/* ARGSUSED */
*10266SQuaker.Fang@Sun.COMconst struct ieee80211_htrateset *
*10266SQuaker.Fang@Sun.COMieee80211_get_suphtrates(struct ieee80211com *ic,
*10266SQuaker.Fang@Sun.COM	const struct ieee80211_channel *c)
*10266SQuaker.Fang@Sun.COM{
*10266SQuaker.Fang@Sun.COM	return (&ieee80211_rateset_11n);
*10266SQuaker.Fang@Sun.COM}