wifi: rtw88: usb: Fix disconnection after beacon loss

Message ID	ecbf0601-810d-4609-b8fc-8b0e38d2948d@gmail.com (mailing list archive)
State	Accepted
Delegated to:	Ping-Ke Shih
Headers	show Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com [209.85.221.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 415A571727 for <linux-wireless@vger.kernel.org>; Mon, 29 Apr 2024 17:57:55 +0000 (UTC) Message-ID: <ecbf0601-810d-4609-b8fc-8b0e38d2948d@gmail.com> Date: Mon, 29 Apr 2024 20:57:52 +0300 Precedence: bulk MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Content-Language: en-US To: "linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org> Cc: Ping-Ke Shih <pkshih@realtek.com>, Sascha Hauer <sha@pengutronix.de> From: Bitterblue Smith <rtl8821cerfe2@gmail.com> Subject: [PATCH] wifi: rtw88: usb: Fix disconnection after beacon loss Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit
Series	wifi: rtw88: usb: Fix disconnection after beacon loss \| expand wifi: rtw88: usb: Fix disconnection after beacon loss

Message ID

ecbf0601-810d-4609-b8fc-8b0e38d2948d@gmail.com (mailing list archive)

State

Accepted

Delegated to:

Ping-Ke Shih

Headers

Message-ID: <ecbf0601-810d-4609-b8fc-8b0e38d2948d@gmail.com>
Date: Mon, 29 Apr 2024 20:57:52 +0300
Precedence: bulk
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: "linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org>
Cc: Ping-Ke Shih <pkshih@realtek.com>, Sascha Hauer <sha@pengutronix.de>
From: Bitterblue Smith <rtl8821cerfe2@gmail.com>
Subject: [PATCH] wifi: rtw88: usb: Fix disconnection after beacon loss
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Series

wifi: rtw88: usb: Fix disconnection after beacon loss | expand

Commit Message

Bitterblue Smith April 29, 2024, 5:57 p.m. UTC

When there is beacon loss, for example due to unrelated Bluetooth
devices transmitting music nearby, the wifi connection dies soon
after the first beacon loss message:

Apr 28 20:47:14 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
 CTRL-EVENT-BEACON-LOSS
Apr 28 20:47:15 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
 CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1

Apr 28 20:47:24 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
 CTRL-EVENT-BEACON-LOSS
Apr 28 20:47:25 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
 CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1

Apr 28 20:47:34 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
 CTRL-EVENT-BEACON-LOSS
Apr 28 20:47:35 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
 CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1

When the beacon loss happens, mac80211 makes rtw88 transmit a QOS
NULL frame and asks to confirm the ACK status. Even though rtw88
confirms to mac80211 that the QOS NULL was transmitted successfully,
the connection still dies. This is because rtw88 is handing the QOS
NULL back to mac80211 with skb->data pointing to the headroom (the
TX descriptor) instead of ieee80211_hdr.

Fix the disconnection by moving skb->data to the correct position
before ieee80211_tx_status_irqsafe().

The problem was observed with RTL8811AU (TP-Link Archer T2U Nano)
and the potential future rtw88_8821au driver. Also tested with
RTL8811CU (Tenda U9).

Cc: stable@vger.kernel.org
Signed-off-by: Bitterblue Smith <rtl8821cerfe2@gmail.com>
---
 drivers/net/wireless/realtek/rtw88/usb.c | 2 ++
 1 file changed, 2 insertions(+)

Comments

Ping-Ke Shih April 30, 2024, 12:50 a.m. UTC | #1

+Cc: Martin for rtw88 SDIO that seems have the same problem 

Bitterblue Smith <rtl8821cerfe2@gmail.com> wrote:
> When there is beacon loss, for example due to unrelated Bluetooth
> devices transmitting music nearby, the wifi connection dies soon
> after the first beacon loss message:
> 
> Apr 28 20:47:14 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-BEACON-LOSS
> Apr 28 20:47:15 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1
> 
> Apr 28 20:47:24 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-BEACON-LOSS
> Apr 28 20:47:25 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1
> 
> Apr 28 20:47:34 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-BEACON-LOSS
> Apr 28 20:47:35 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1
> 
> When the beacon loss happens, mac80211 makes rtw88 transmit a QOS
> NULL frame and asks to confirm the ACK status. Even though rtw88
> confirms to mac80211 that the QOS NULL was transmitted successfully,
> the connection still dies. This is because rtw88 is handing the QOS
> NULL back to mac80211 with skb->data pointing to the headroom (the
> TX descriptor) instead of ieee80211_hdr.
> 
> Fix the disconnection by moving skb->data to the correct position
> before ieee80211_tx_status_irqsafe().
> 
> The problem was observed with RTL8811AU (TP-Link Archer T2U Nano)
> and the potential future rtw88_8821au driver. Also tested with
> RTL8811CU (Tenda U9).
> 
> Cc: stable@vger.kernel.org
> Signed-off-by: Bitterblue Smith <rtl8821cerfe2@gmail.com>
> ---
>  drivers/net/wireless/realtek/rtw88/usb.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/net/wireless/realtek/rtw88/usb.c b/drivers/net/wireless/realtek/rtw88/usb.c
> index 3ba7b81c6080..1dfe7c6ae4ba 100644
> --- a/drivers/net/wireless/realtek/rtw88/usb.c
> +++ b/drivers/net/wireless/realtek/rtw88/usb.c
> @@ -278,6 +278,8 @@ static void rtw_usb_write_port_tx_complete(struct urb *urb)
>                 info = IEEE80211_SKB_CB(skb);
>                 tx_data = rtw_usb_get_tx_data(skb);
> 
> +               skb_pull(skb, rtwdev->chip->tx_pkt_desc_sz);
> +

There are two cases of arguments of skb_push() for USB: 
1. skb_push(skb, chip->tx_pkt_desc_sz);
2. skb_push(skb, headsize);
   headsize = pkt_info->offset ? pkt_info->offset : desclen;
      pkt_info->offset = chip->tx_pkt_desc_sz;
      desclen = chip->tx_pkt_desc_sz;

Eventually all are chip->tx_pkt_desc_sz, but spend a little time to ensure this.
Could you test and have another patch to change above case (2) to (1)?

>                 /* enqueue to wait for tx report */
>                 if (info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS) {
>                         rtw_tx_report_enqueue(rtwdev, skb, tx_data->sn);
> --
> 2.44.0

Bitterblue Smith April 30, 2024, 12:14 p.m. UTC | #2

On 30/04/2024 03:50, Ping-Ke Shih wrote:
> +Cc: Martin for rtw88 SDIO that seems have the same problem 
> 
> Bitterblue Smith <rtl8821cerfe2@gmail.com> wrote:
>> When there is beacon loss, for example due to unrelated Bluetooth
>> devices transmitting music nearby, the wifi connection dies soon
>> after the first beacon loss message:
>>
>> Apr 28 20:47:14 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>>  CTRL-EVENT-BEACON-LOSS
>> Apr 28 20:47:15 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>>  CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1
>>
>> Apr 28 20:47:24 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>>  CTRL-EVENT-BEACON-LOSS
>> Apr 28 20:47:25 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>>  CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1
>>
>> Apr 28 20:47:34 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>>  CTRL-EVENT-BEACON-LOSS
>> Apr 28 20:47:35 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>>  CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1
>>
>> When the beacon loss happens, mac80211 makes rtw88 transmit a QOS
>> NULL frame and asks to confirm the ACK status. Even though rtw88
>> confirms to mac80211 that the QOS NULL was transmitted successfully,
>> the connection still dies. This is because rtw88 is handing the QOS
>> NULL back to mac80211 with skb->data pointing to the headroom (the
>> TX descriptor) instead of ieee80211_hdr.
>>
>> Fix the disconnection by moving skb->data to the correct position
>> before ieee80211_tx_status_irqsafe().
>>
>> The problem was observed with RTL8811AU (TP-Link Archer T2U Nano)
>> and the potential future rtw88_8821au driver. Also tested with
>> RTL8811CU (Tenda U9).
>>
>> Cc: stable@vger.kernel.org
>> Signed-off-by: Bitterblue Smith <rtl8821cerfe2@gmail.com>
>> ---
>>  drivers/net/wireless/realtek/rtw88/usb.c | 2 ++
>>  1 file changed, 2 insertions(+)
>>
>> diff --git a/drivers/net/wireless/realtek/rtw88/usb.c b/drivers/net/wireless/realtek/rtw88/usb.c
>> index 3ba7b81c6080..1dfe7c6ae4ba 100644
>> --- a/drivers/net/wireless/realtek/rtw88/usb.c
>> +++ b/drivers/net/wireless/realtek/rtw88/usb.c
>> @@ -278,6 +278,8 @@ static void rtw_usb_write_port_tx_complete(struct urb *urb)
>>                 info = IEEE80211_SKB_CB(skb);
>>                 tx_data = rtw_usb_get_tx_data(skb);
>>
>> +               skb_pull(skb, rtwdev->chip->tx_pkt_desc_sz);
>> +
> 
> There are two cases of arguments of skb_push() for USB: 
> 1. skb_push(skb, chip->tx_pkt_desc_sz);
> 2. skb_push(skb, headsize);
>    headsize = pkt_info->offset ? pkt_info->offset : desclen;
>       pkt_info->offset = chip->tx_pkt_desc_sz;
>       desclen = chip->tx_pkt_desc_sz;
> 
> Eventually all are chip->tx_pkt_desc_sz, but spend a little time to ensure this.
> Could you test and have another patch to change above case (2) to (1)?
> 

I see what you mean. I will make it another patch, because
the skb from case 2 is not sent to mac80211.

>>                 /* enqueue to wait for tx report */
>>                 if (info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS) {
>>                         rtw_tx_report_enqueue(rtwdev, skb, tx_data->sn);
>> --
>> 2.44.0
>

Ping-Ke Shih May 9, 2024, 6:23 a.m. UTC | #3

Bitterblue Smith <rtl8821cerfe2@gmail.com> wrote:

> When there is beacon loss, for example due to unrelated Bluetooth
> devices transmitting music nearby, the wifi connection dies soon
> after the first beacon loss message:
> 
> Apr 28 20:47:14 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-BEACON-LOSS
> Apr 28 20:47:15 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1
> 
> Apr 28 20:47:24 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-BEACON-LOSS
> Apr 28 20:47:25 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1
> 
> Apr 28 20:47:34 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-BEACON-LOSS
> Apr 28 20:47:35 ideapad2 wpa_supplicant[1161]: wlp3s0f3u4:
>  CTRL-EVENT-DISCONNECTED bssid=... reason=4 locally_generated=1
> 
> When the beacon loss happens, mac80211 makes rtw88 transmit a QOS
> NULL frame and asks to confirm the ACK status. Even though rtw88
> confirms to mac80211 that the QOS NULL was transmitted successfully,
> the connection still dies. This is because rtw88 is handing the QOS
> NULL back to mac80211 with skb->data pointing to the headroom (the
> TX descriptor) instead of ieee80211_hdr.
> 
> Fix the disconnection by moving skb->data to the correct position
> before ieee80211_tx_status_irqsafe().
> 
> The problem was observed with RTL8811AU (TP-Link Archer T2U Nano)
> and the potential future rtw88_8821au driver. Also tested with
> RTL8811CU (Tenda U9).
> 
> Cc: stable@vger.kernel.org
> Signed-off-by: Bitterblue Smith <rtl8821cerfe2@gmail.com>

1 patch(es) applied to rtw-next branch of rtw.git, thanks.

28818b4d871b wifi: rtw88: usb: Fix disconnection after beacon loss

---
https://github.com/pkshih/rtw.git

diff --git a/drivers/net/wireless/realtek/rtw88/usb.c b/drivers/net/wireless/realtek/rtw88/usb.c
index 3ba7b81c6080..1dfe7c6ae4ba 100644
--- a/drivers/net/wireless/realtek/rtw88/usb.c
+++ b/drivers/net/wireless/realtek/rtw88/usb.c
@@ -278,6 +278,8 @@  static void rtw_usb_write_port_tx_complete(struct urb *urb)
 		info = IEEE80211_SKB_CB(skb);
 		tx_data = rtw_usb_get_tx_data(skb);
 
+		skb_pull(skb, rtwdev->chip->tx_pkt_desc_sz);
+
 		/* enqueue to wait for tx report */
 		if (info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS) {
 			rtw_tx_report_enqueue(rtwdev, skb, tx_data->sn);

wifi: rtw88: usb: Fix disconnection after beacon loss

Commit Message

Comments

Patch