xref: /freebsd/sys/dev/ath/if_ath_beacon.c (revision ddd5b8e9b4d8957fce018c520657cdfa4ecffad3)
1 /*-
2  * Copyright (c) 2002-2009 Sam Leffler, Errno Consulting
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer,
10  *    without modification.
11  * 2. Redistributions in binary form must reproduce at minimum a disclaimer
12  *    similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any
13  *    redistribution must be conditioned upon including a substantially
14  *    similar Disclaimer requirement for further binary redistribution.
15  *
16  * NO WARRANTY
17  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
18  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19  * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY
20  * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21  * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY,
22  * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
25  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
27  * THE POSSIBILITY OF SUCH DAMAGES.
28  */
29 
30 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD$");
32 
33 /*
34  * Driver for the Atheros Wireless LAN controller.
35  *
36  * This software is derived from work of Atsushi Onoe; his contribution
37  * is greatly appreciated.
38  */
39 
40 #include "opt_inet.h"
41 #include "opt_ath.h"
42 /*
43  * This is needed for register operations which are performed
44  * by the driver - eg, calls to ath_hal_gettsf32().
45  *
46  * It's also required for any AH_DEBUG checks in here, eg the
47  * module dependencies.
48  */
49 #include "opt_ah.h"
50 #include "opt_wlan.h"
51 
52 #include <sys/param.h>
53 #include <sys/systm.h>
54 #include <sys/sysctl.h>
55 #include <sys/mbuf.h>
56 #include <sys/malloc.h>
57 #include <sys/lock.h>
58 #include <sys/mutex.h>
59 #include <sys/kernel.h>
60 #include <sys/socket.h>
61 #include <sys/sockio.h>
62 #include <sys/errno.h>
63 #include <sys/callout.h>
64 #include <sys/bus.h>
65 #include <sys/endian.h>
66 #include <sys/kthread.h>
67 #include <sys/taskqueue.h>
68 #include <sys/priv.h>
69 #include <sys/module.h>
70 #include <sys/ktr.h>
71 #include <sys/smp.h>	/* for mp_ncpus */
72 
73 #include <machine/bus.h>
74 
75 #include <net/if.h>
76 #include <net/if_dl.h>
77 #include <net/if_media.h>
78 #include <net/if_types.h>
79 #include <net/if_arp.h>
80 #include <net/ethernet.h>
81 #include <net/if_llc.h>
82 
83 #include <net80211/ieee80211_var.h>
84 #include <net80211/ieee80211_regdomain.h>
85 #ifdef IEEE80211_SUPPORT_SUPERG
86 #include <net80211/ieee80211_superg.h>
87 #endif
88 
89 #include <net/bpf.h>
90 
91 #ifdef INET
92 #include <netinet/in.h>
93 #include <netinet/if_ether.h>
94 #endif
95 
96 #include <dev/ath/if_athvar.h>
97 
98 #include <dev/ath/if_ath_debug.h>
99 #include <dev/ath/if_ath_misc.h>
100 #include <dev/ath/if_ath_tx.h>
101 #include <dev/ath/if_ath_beacon.h>
102 
103 #ifdef ATH_TX99_DIAG
104 #include <dev/ath/ath_tx99/ath_tx99.h>
105 #endif
106 
107 /*
108  * Setup a h/w transmit queue for beacons.
109  */
110 int
111 ath_beaconq_setup(struct ath_softc *sc)
112 {
113 	struct ath_hal *ah = sc->sc_ah;
114 	HAL_TXQ_INFO qi;
115 
116 	memset(&qi, 0, sizeof(qi));
117 	qi.tqi_aifs = HAL_TXQ_USEDEFAULT;
118 	qi.tqi_cwmin = HAL_TXQ_USEDEFAULT;
119 	qi.tqi_cwmax = HAL_TXQ_USEDEFAULT;
120 	/* NB: for dynamic turbo, don't enable any other interrupts */
121 	qi.tqi_qflags = HAL_TXQ_TXDESCINT_ENABLE;
122 	if (sc->sc_isedma)
123 		qi.tqi_qflags |= HAL_TXQ_TXOKINT_ENABLE |
124 		    HAL_TXQ_TXERRINT_ENABLE;
125 
126 	return ath_hal_setuptxqueue(ah, HAL_TX_QUEUE_BEACON, &qi);
127 }
128 
129 /*
130  * Setup the transmit queue parameters for the beacon queue.
131  */
132 int
133 ath_beaconq_config(struct ath_softc *sc)
134 {
135 #define	ATH_EXPONENT_TO_VALUE(v)	((1<<(v))-1)
136 	struct ieee80211com *ic = sc->sc_ifp->if_l2com;
137 	struct ath_hal *ah = sc->sc_ah;
138 	HAL_TXQ_INFO qi;
139 
140 	ath_hal_gettxqueueprops(ah, sc->sc_bhalq, &qi);
141 	if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
142 	    ic->ic_opmode == IEEE80211_M_MBSS) {
143 		/*
144 		 * Always burst out beacon and CAB traffic.
145 		 */
146 		qi.tqi_aifs = ATH_BEACON_AIFS_DEFAULT;
147 		qi.tqi_cwmin = ATH_BEACON_CWMIN_DEFAULT;
148 		qi.tqi_cwmax = ATH_BEACON_CWMAX_DEFAULT;
149 	} else {
150 		struct wmeParams *wmep =
151 			&ic->ic_wme.wme_chanParams.cap_wmeParams[WME_AC_BE];
152 		/*
153 		 * Adhoc mode; important thing is to use 2x cwmin.
154 		 */
155 		qi.tqi_aifs = wmep->wmep_aifsn;
156 		qi.tqi_cwmin = 2*ATH_EXPONENT_TO_VALUE(wmep->wmep_logcwmin);
157 		qi.tqi_cwmax = ATH_EXPONENT_TO_VALUE(wmep->wmep_logcwmax);
158 	}
159 
160 	if (!ath_hal_settxqueueprops(ah, sc->sc_bhalq, &qi)) {
161 		device_printf(sc->sc_dev, "unable to update parameters for "
162 			"beacon hardware queue!\n");
163 		return 0;
164 	} else {
165 		ath_hal_resettxqueue(ah, sc->sc_bhalq); /* push to h/w */
166 		return 1;
167 	}
168 #undef ATH_EXPONENT_TO_VALUE
169 }
170 
171 /*
172  * Allocate and setup an initial beacon frame.
173  */
174 int
175 ath_beacon_alloc(struct ath_softc *sc, struct ieee80211_node *ni)
176 {
177 	struct ieee80211vap *vap = ni->ni_vap;
178 	struct ath_vap *avp = ATH_VAP(vap);
179 	struct ath_buf *bf;
180 	struct mbuf *m;
181 	int error;
182 
183 	bf = avp->av_bcbuf;
184 	DPRINTF(sc, ATH_DEBUG_NODE, "%s: bf_m=%p, bf_node=%p\n",
185 	    __func__, bf->bf_m, bf->bf_node);
186 	if (bf->bf_m != NULL) {
187 		bus_dmamap_unload(sc->sc_dmat, bf->bf_dmamap);
188 		m_freem(bf->bf_m);
189 		bf->bf_m = NULL;
190 	}
191 	if (bf->bf_node != NULL) {
192 		ieee80211_free_node(bf->bf_node);
193 		bf->bf_node = NULL;
194 	}
195 
196 	/*
197 	 * NB: the beacon data buffer must be 32-bit aligned;
198 	 * we assume the mbuf routines will return us something
199 	 * with this alignment (perhaps should assert).
200 	 */
201 	m = ieee80211_beacon_alloc(ni, &avp->av_boff);
202 	if (m == NULL) {
203 		device_printf(sc->sc_dev, "%s: cannot get mbuf\n", __func__);
204 		sc->sc_stats.ast_be_nombuf++;
205 		return ENOMEM;
206 	}
207 	error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m,
208 				     bf->bf_segs, &bf->bf_nseg,
209 				     BUS_DMA_NOWAIT);
210 	if (error != 0) {
211 		device_printf(sc->sc_dev,
212 		    "%s: cannot map mbuf, bus_dmamap_load_mbuf_sg returns %d\n",
213 		    __func__, error);
214 		m_freem(m);
215 		return error;
216 	}
217 
218 	/*
219 	 * Calculate a TSF adjustment factor required for staggered
220 	 * beacons.  Note that we assume the format of the beacon
221 	 * frame leaves the tstamp field immediately following the
222 	 * header.
223 	 */
224 	if (sc->sc_stagbeacons && avp->av_bslot > 0) {
225 		uint64_t tsfadjust;
226 		struct ieee80211_frame *wh;
227 
228 		/*
229 		 * The beacon interval is in TU's; the TSF is in usecs.
230 		 * We figure out how many TU's to add to align the timestamp
231 		 * then convert to TSF units and handle byte swapping before
232 		 * inserting it in the frame.  The hardware will then add this
233 		 * each time a beacon frame is sent.  Note that we align vap's
234 		 * 1..N and leave vap 0 untouched.  This means vap 0 has a
235 		 * timestamp in one beacon interval while the others get a
236 		 * timstamp aligned to the next interval.
237 		 */
238 		tsfadjust = ni->ni_intval *
239 		    (ATH_BCBUF - avp->av_bslot) / ATH_BCBUF;
240 		tsfadjust = htole64(tsfadjust << 10);	/* TU -> TSF */
241 
242 		DPRINTF(sc, ATH_DEBUG_BEACON,
243 		    "%s: %s beacons bslot %d intval %u tsfadjust %llu\n",
244 		    __func__, sc->sc_stagbeacons ? "stagger" : "burst",
245 		    avp->av_bslot, ni->ni_intval,
246 		    (long long unsigned) le64toh(tsfadjust));
247 
248 		wh = mtod(m, struct ieee80211_frame *);
249 		memcpy(&wh[1], &tsfadjust, sizeof(tsfadjust));
250 	}
251 	bf->bf_m = m;
252 	bf->bf_node = ieee80211_ref_node(ni);
253 
254 	return 0;
255 }
256 
257 /*
258  * Setup the beacon frame for transmit.
259  */
260 static void
261 ath_beacon_setup(struct ath_softc *sc, struct ath_buf *bf)
262 {
263 #define	USE_SHPREAMBLE(_ic) \
264 	(((_ic)->ic_flags & (IEEE80211_F_SHPREAMBLE | IEEE80211_F_USEBARKER))\
265 		== IEEE80211_F_SHPREAMBLE)
266 	struct ieee80211_node *ni = bf->bf_node;
267 	struct ieee80211com *ic = ni->ni_ic;
268 	struct mbuf *m = bf->bf_m;
269 	struct ath_hal *ah = sc->sc_ah;
270 	struct ath_desc *ds;
271 	int flags, antenna;
272 	const HAL_RATE_TABLE *rt;
273 	u_int8_t rix, rate;
274 	HAL_DMA_ADDR bufAddrList[4];
275 	uint32_t segLenList[4];
276 	HAL_11N_RATE_SERIES rc[4];
277 
278 	DPRINTF(sc, ATH_DEBUG_BEACON_PROC, "%s: m %p len %u\n",
279 		__func__, m, m->m_len);
280 
281 	/* setup descriptors */
282 	ds = bf->bf_desc;
283 	bf->bf_last = bf;
284 	bf->bf_lastds = ds;
285 
286 	flags = HAL_TXDESC_NOACK;
287 	if (ic->ic_opmode == IEEE80211_M_IBSS && sc->sc_hasveol) {
288 		/* self-linked descriptor */
289 		ath_hal_settxdesclink(sc->sc_ah, ds, bf->bf_daddr);
290 		flags |= HAL_TXDESC_VEOL;
291 		/*
292 		 * Let hardware handle antenna switching.
293 		 */
294 		antenna = sc->sc_txantenna;
295 	} else {
296 		ath_hal_settxdesclink(sc->sc_ah, ds, 0);
297 		/*
298 		 * Switch antenna every 4 beacons.
299 		 * XXX assumes two antenna
300 		 */
301 		if (sc->sc_txantenna != 0)
302 			antenna = sc->sc_txantenna;
303 		else if (sc->sc_stagbeacons && sc->sc_nbcnvaps != 0)
304 			antenna = ((sc->sc_stats.ast_be_xmit / sc->sc_nbcnvaps) & 4 ? 2 : 1);
305 		else
306 			antenna = (sc->sc_stats.ast_be_xmit & 4 ? 2 : 1);
307 	}
308 
309 	KASSERT(bf->bf_nseg == 1,
310 		("multi-segment beacon frame; nseg %u", bf->bf_nseg));
311 
312 	/*
313 	 * Calculate rate code.
314 	 * XXX everything at min xmit rate
315 	 */
316 	rix = 0;
317 	rt = sc->sc_currates;
318 	rate = rt->info[rix].rateCode;
319 	if (USE_SHPREAMBLE(ic))
320 		rate |= rt->info[rix].shortPreamble;
321 	ath_hal_setuptxdesc(ah, ds
322 		, m->m_len + IEEE80211_CRC_LEN	/* frame length */
323 		, sizeof(struct ieee80211_frame)/* header length */
324 		, HAL_PKT_TYPE_BEACON		/* Atheros packet type */
325 		, ni->ni_txpower		/* txpower XXX */
326 		, rate, 1			/* series 0 rate/tries */
327 		, HAL_TXKEYIX_INVALID		/* no encryption */
328 		, antenna			/* antenna mode */
329 		, flags				/* no ack, veol for beacons */
330 		, 0				/* rts/cts rate */
331 		, 0				/* rts/cts duration */
332 	);
333 
334 	/*
335 	 * The EDMA HAL currently assumes that _all_ rate control
336 	 * settings are done in ath_hal_set11nratescenario(), rather
337 	 * than in ath_hal_setuptxdesc().
338 	 */
339 	if (sc->sc_isedma) {
340 		memset(&rc, 0, sizeof(rc));
341 
342 		rc[0].ChSel = sc->sc_txchainmask;
343 		rc[0].Tries = 1;
344 		rc[0].Rate = rt->info[rix].rateCode;
345 		rc[0].RateIndex = rix;
346 		rc[0].tx_power_cap = 0x3f;
347 		rc[0].PktDuration =
348 		    ath_hal_computetxtime(ah, rt, roundup(m->m_len, 4),
349 		        rix, 0);
350 		ath_hal_set11nratescenario(ah, ds, 0, 0, rc, 4, flags);
351 	}
352 
353 	/* NB: beacon's BufLen must be a multiple of 4 bytes */
354 	segLenList[0] = roundup(m->m_len, 4);
355 	segLenList[1] = segLenList[2] = segLenList[3] = 0;
356 	bufAddrList[0] = bf->bf_segs[0].ds_addr;
357 	bufAddrList[1] = bufAddrList[2] = bufAddrList[3] = 0;
358 	ath_hal_filltxdesc(ah, ds
359 		, bufAddrList
360 		, segLenList
361 		, 0				/* XXX desc id */
362 		, sc->sc_bhalq			/* hardware TXQ */
363 		, AH_TRUE			/* first segment */
364 		, AH_TRUE			/* last segment */
365 		, ds				/* first descriptor */
366 	);
367 #if 0
368 	ath_desc_swap(ds);
369 #endif
370 #undef USE_SHPREAMBLE
371 }
372 
373 void
374 ath_beacon_update(struct ieee80211vap *vap, int item)
375 {
376 	struct ieee80211_beacon_offsets *bo = &ATH_VAP(vap)->av_boff;
377 
378 	setbit(bo->bo_flags, item);
379 }
380 
381 /*
382  * Handle a beacon miss.
383  */
384 static void
385 ath_beacon_miss(struct ath_softc *sc)
386 {
387 	HAL_SURVEY_SAMPLE hs;
388 	HAL_BOOL ret;
389 	uint32_t hangs;
390 
391 	bzero(&hs, sizeof(hs));
392 
393 	ret = ath_hal_get_mib_cycle_counts(sc->sc_ah, &hs);
394 
395 	if (ath_hal_gethangstate(sc->sc_ah, 0xffff, &hangs) && hangs != 0) {
396 		DPRINTF(sc, ATH_DEBUG_BEACON,
397 		    "%s: hang=0x%08x\n",
398 		    __func__,
399 		    hangs);
400 	}
401 
402 	DPRINTF(sc, ATH_DEBUG_BEACON,
403 	    "%s: valid=%d, txbusy=%u, rxbusy=%u, chanbusy=%u, "
404 	    "extchanbusy=%u, cyclecount=%u\n",
405 	    __func__,
406 	    ret,
407 	    hs.tx_busy,
408 	    hs.rx_busy,
409 	    hs.chan_busy,
410 	    hs.ext_chan_busy,
411 	    hs.cycle_count);
412 }
413 
414 /*
415  * Transmit a beacon frame at SWBA.  Dynamic updates to the
416  * frame contents are done as needed and the slot time is
417  * also adjusted based on current state.
418  */
419 void
420 ath_beacon_proc(void *arg, int pending)
421 {
422 	struct ath_softc *sc = arg;
423 	struct ath_hal *ah = sc->sc_ah;
424 	struct ieee80211vap *vap;
425 	struct ath_buf *bf;
426 	int slot, otherant;
427 	uint32_t bfaddr;
428 
429 	DPRINTF(sc, ATH_DEBUG_BEACON_PROC, "%s: pending %u\n",
430 		__func__, pending);
431 	/*
432 	 * Check if the previous beacon has gone out.  If
433 	 * not don't try to post another, skip this period
434 	 * and wait for the next.  Missed beacons indicate
435 	 * a problem and should not occur.  If we miss too
436 	 * many consecutive beacons reset the device.
437 	 */
438 	if (ath_hal_numtxpending(ah, sc->sc_bhalq) != 0) {
439 		sc->sc_bmisscount++;
440 		sc->sc_stats.ast_be_missed++;
441 		ath_beacon_miss(sc);
442 		DPRINTF(sc, ATH_DEBUG_BEACON,
443 			"%s: missed %u consecutive beacons\n",
444 			__func__, sc->sc_bmisscount);
445 		if (sc->sc_bmisscount >= ath_bstuck_threshold)
446 			taskqueue_enqueue(sc->sc_tq, &sc->sc_bstucktask);
447 		return;
448 	}
449 	if (sc->sc_bmisscount != 0) {
450 		DPRINTF(sc, ATH_DEBUG_BEACON,
451 			"%s: resume beacon xmit after %u misses\n",
452 			__func__, sc->sc_bmisscount);
453 		sc->sc_bmisscount = 0;
454 	}
455 
456 	if (sc->sc_stagbeacons) {			/* staggered beacons */
457 		struct ieee80211com *ic = sc->sc_ifp->if_l2com;
458 		uint32_t tsftu;
459 
460 		tsftu = ath_hal_gettsf32(ah) >> 10;
461 		/* XXX lintval */
462 		slot = ((tsftu % ic->ic_lintval) * ATH_BCBUF) / ic->ic_lintval;
463 		vap = sc->sc_bslot[(slot+1) % ATH_BCBUF];
464 		bfaddr = 0;
465 		if (vap != NULL && vap->iv_state >= IEEE80211_S_RUN) {
466 			bf = ath_beacon_generate(sc, vap);
467 			if (bf != NULL)
468 				bfaddr = bf->bf_daddr;
469 		}
470 	} else {					/* burst'd beacons */
471 		uint32_t *bflink = &bfaddr;
472 
473 		for (slot = 0; slot < ATH_BCBUF; slot++) {
474 			vap = sc->sc_bslot[slot];
475 			if (vap != NULL && vap->iv_state >= IEEE80211_S_RUN) {
476 				bf = ath_beacon_generate(sc, vap);
477 				/*
478 				 * XXX TODO: this should use settxdesclinkptr()
479 				 * otherwise it won't work for EDMA chipsets!
480 				 */
481 				if (bf != NULL) {
482 					/* XXX should do this using the ds */
483 					*bflink = bf->bf_daddr;
484 					ath_hal_gettxdesclinkptr(sc->sc_ah,
485 					    bf->bf_desc, &bflink);
486 				}
487 			}
488 		}
489 		/*
490 		 * XXX TODO: this should use settxdesclinkptr()
491 		 * otherwise it won't work for EDMA chipsets!
492 		 */
493 		*bflink = 0;				/* terminate list */
494 	}
495 
496 	/*
497 	 * Handle slot time change when a non-ERP station joins/leaves
498 	 * an 11g network.  The 802.11 layer notifies us via callback,
499 	 * we mark updateslot, then wait one beacon before effecting
500 	 * the change.  This gives associated stations at least one
501 	 * beacon interval to note the state change.
502 	 */
503 	/* XXX locking */
504 	if (sc->sc_updateslot == UPDATE) {
505 		sc->sc_updateslot = COMMIT;	/* commit next beacon */
506 		sc->sc_slotupdate = slot;
507 	} else if (sc->sc_updateslot == COMMIT && sc->sc_slotupdate == slot)
508 		ath_setslottime(sc);		/* commit change to h/w */
509 
510 	/*
511 	 * Check recent per-antenna transmit statistics and flip
512 	 * the default antenna if noticeably more frames went out
513 	 * on the non-default antenna.
514 	 * XXX assumes 2 anntenae
515 	 */
516 	if (!sc->sc_diversity && (!sc->sc_stagbeacons || slot == 0)) {
517 		otherant = sc->sc_defant & 1 ? 2 : 1;
518 		if (sc->sc_ant_tx[otherant] > sc->sc_ant_tx[sc->sc_defant] + 2)
519 			ath_setdefantenna(sc, otherant);
520 		sc->sc_ant_tx[1] = sc->sc_ant_tx[2] = 0;
521 	}
522 
523 	/* Program the CABQ with the contents of the CABQ txq and start it */
524 	ATH_TXQ_LOCK(sc->sc_cabq);
525 	ath_beacon_cabq_start(sc);
526 	ATH_TXQ_UNLOCK(sc->sc_cabq);
527 
528 	/* Program the new beacon frame if we have one for this interval */
529 	if (bfaddr != 0) {
530 		/*
531 		 * Stop any current dma and put the new frame on the queue.
532 		 * This should never fail since we check above that no frames
533 		 * are still pending on the queue.
534 		 */
535 		if (! sc->sc_isedma) {
536 			if (!ath_hal_stoptxdma(ah, sc->sc_bhalq)) {
537 				DPRINTF(sc, ATH_DEBUG_ANY,
538 					"%s: beacon queue %u did not stop?\n",
539 					__func__, sc->sc_bhalq);
540 			}
541 		}
542 		/* NB: cabq traffic should already be queued and primed */
543 
544 		ath_hal_puttxbuf(ah, sc->sc_bhalq, bfaddr);
545 		ath_hal_txstart(ah, sc->sc_bhalq);
546 
547 		sc->sc_stats.ast_be_xmit++;
548 	}
549 }
550 
551 static void
552 ath_beacon_cabq_start_edma(struct ath_softc *sc)
553 {
554 	struct ath_buf *bf, *bf_last;
555 	struct ath_txq *cabq = sc->sc_cabq;
556 #if 0
557 	struct ath_buf *bfi;
558 	int i = 0;
559 #endif
560 
561 	ATH_TXQ_LOCK_ASSERT(cabq);
562 
563 	if (TAILQ_EMPTY(&cabq->axq_q))
564 		return;
565 	bf = TAILQ_FIRST(&cabq->axq_q);
566 	bf_last = TAILQ_LAST(&cabq->axq_q, axq_q_s);
567 
568 	/*
569 	 * This is a dirty, dirty hack to push the contents of
570 	 * the cabq staging queue into the FIFO.
571 	 *
572 	 * This ideally should live in the EDMA code file
573 	 * and only push things into the CABQ if there's a FIFO
574 	 * slot.
575 	 *
576 	 * We can't treat this like a normal TX queue because
577 	 * in the case of multi-VAP traffic, we may have to flush
578 	 * the CABQ each new (staggered) beacon that goes out.
579 	 * But for non-staggered beacons, we could in theory
580 	 * handle multicast traffic for all VAPs in one FIFO
581 	 * push.  Just keep all of this in mind if you're wondering
582 	 * how to correctly/better handle multi-VAP CABQ traffic
583 	 * with EDMA.
584 	 */
585 
586 	/*
587 	 * Is the CABQ FIFO free? If not, complain loudly and
588 	 * don't queue anything.  Maybe we'll flush the CABQ
589 	 * traffic, maybe we won't.  But that'll happen next
590 	 * beacon interval.
591 	 */
592 	if (cabq->axq_fifo_depth >= HAL_TXFIFO_DEPTH) {
593 		device_printf(sc->sc_dev,
594 		    "%s: Q%d: CAB FIFO queue=%d?\n",
595 		    __func__,
596 		    cabq->axq_qnum,
597 		    cabq->axq_fifo_depth);
598 		return;
599 	}
600 
601 	/*
602 	 * Ok, so here's the gymnastics reqiured to make this
603 	 * all sensible.
604 	 */
605 
606 	/*
607 	 * Tag the first/last buffer appropriately.
608 	 */
609 	bf->bf_flags |= ATH_BUF_FIFOPTR;
610 	bf_last->bf_flags |= ATH_BUF_FIFOEND;
611 
612 #if 0
613 	i = 0;
614 	TAILQ_FOREACH(bfi, &cabq->axq_q, bf_list) {
615 		ath_printtxbuf(sc, bf, cabq->axq_qnum, i, 0);
616 		i++;
617 	}
618 #endif
619 
620 	/*
621 	 * We now need to push this set of frames onto the tail
622 	 * of the FIFO queue.  We don't adjust the aggregate
623 	 * count, only the queue depth counter(s).
624 	 * We also need to blank the link pointer now.
625 	 */
626 	TAILQ_CONCAT(&cabq->fifo.axq_q, &cabq->axq_q, bf_list);
627 	cabq->axq_link = NULL;
628 	cabq->fifo.axq_depth += cabq->axq_depth;
629 	cabq->axq_depth = 0;
630 
631 	/* Bump FIFO queue */
632 	cabq->axq_fifo_depth++;
633 
634 	/* Push the first entry into the hardware */
635 	ath_hal_puttxbuf(sc->sc_ah, cabq->axq_qnum, bf->bf_daddr);
636 
637 	/* NB: gated by beacon so safe to start here */
638 	ath_hal_txstart(sc->sc_ah, cabq->axq_qnum);
639 
640 }
641 
642 static void
643 ath_beacon_cabq_start_legacy(struct ath_softc *sc)
644 {
645 	struct ath_buf *bf;
646 	struct ath_txq *cabq = sc->sc_cabq;
647 
648 	ATH_TXQ_LOCK_ASSERT(cabq);
649 	if (TAILQ_EMPTY(&cabq->axq_q))
650 		return;
651 	bf = TAILQ_FIRST(&cabq->axq_q);
652 
653 	/* Push the first entry into the hardware */
654 	ath_hal_puttxbuf(sc->sc_ah, cabq->axq_qnum, bf->bf_daddr);
655 
656 	/* NB: gated by beacon so safe to start here */
657 	ath_hal_txstart(sc->sc_ah, cabq->axq_qnum);
658 }
659 
660 /*
661  * Start CABQ transmission - this assumes that all frames are prepped
662  * and ready in the CABQ.
663  */
664 void
665 ath_beacon_cabq_start(struct ath_softc *sc)
666 {
667 	struct ath_txq *cabq = sc->sc_cabq;
668 
669 	ATH_TXQ_LOCK_ASSERT(cabq);
670 
671 	if (TAILQ_EMPTY(&cabq->axq_q))
672 		return;
673 
674 	if (sc->sc_isedma)
675 		ath_beacon_cabq_start_edma(sc);
676 	else
677 		ath_beacon_cabq_start_legacy(sc);
678 }
679 
680 struct ath_buf *
681 ath_beacon_generate(struct ath_softc *sc, struct ieee80211vap *vap)
682 {
683 	struct ath_vap *avp = ATH_VAP(vap);
684 	struct ath_txq *cabq = sc->sc_cabq;
685 	struct ath_buf *bf;
686 	struct mbuf *m;
687 	int nmcastq, error;
688 
689 	KASSERT(vap->iv_state >= IEEE80211_S_RUN,
690 	    ("not running, state %d", vap->iv_state));
691 	KASSERT(avp->av_bcbuf != NULL, ("no beacon buffer"));
692 
693 	/*
694 	 * Update dynamic beacon contents.  If this returns
695 	 * non-zero then we need to remap the memory because
696 	 * the beacon frame changed size (probably because
697 	 * of the TIM bitmap).
698 	 */
699 	bf = avp->av_bcbuf;
700 	m = bf->bf_m;
701 	/* XXX lock mcastq? */
702 	nmcastq = avp->av_mcastq.axq_depth;
703 
704 	if (ieee80211_beacon_update(bf->bf_node, &avp->av_boff, m, nmcastq)) {
705 		/* XXX too conservative? */
706 		bus_dmamap_unload(sc->sc_dmat, bf->bf_dmamap);
707 		error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m,
708 					     bf->bf_segs, &bf->bf_nseg,
709 					     BUS_DMA_NOWAIT);
710 		if (error != 0) {
711 			if_printf(vap->iv_ifp,
712 			    "%s: bus_dmamap_load_mbuf_sg failed, error %u\n",
713 			    __func__, error);
714 			return NULL;
715 		}
716 	}
717 	if ((avp->av_boff.bo_tim[4] & 1) && cabq->axq_depth) {
718 		DPRINTF(sc, ATH_DEBUG_BEACON,
719 		    "%s: cabq did not drain, mcastq %u cabq %u\n",
720 		    __func__, nmcastq, cabq->axq_depth);
721 		sc->sc_stats.ast_cabq_busy++;
722 		if (sc->sc_nvaps > 1 && sc->sc_stagbeacons) {
723 			/*
724 			 * CABQ traffic from a previous vap is still pending.
725 			 * We must drain the q before this beacon frame goes
726 			 * out as otherwise this vap's stations will get cab
727 			 * frames from a different vap.
728 			 * XXX could be slow causing us to miss DBA
729 			 */
730 			ath_tx_draintxq(sc, cabq);
731 		}
732 	}
733 	ath_beacon_setup(sc, bf);
734 	bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, BUS_DMASYNC_PREWRITE);
735 
736 	/*
737 	 * Enable the CAB queue before the beacon queue to
738 	 * insure cab frames are triggered by this beacon.
739 	 */
740 	if (avp->av_boff.bo_tim[4] & 1) {
741 
742 		/* NB: only at DTIM */
743 		ATH_TXQ_LOCK(&avp->av_mcastq);
744 		if (nmcastq) {
745 			struct ath_buf *bfm, *bfc_last;
746 
747 			/*
748 			 * Move frames from the s/w mcast q to the h/w cab q.
749 			 *
750 			 * XXX TODO: if we chain together multiple VAPs
751 			 * worth of CABQ traffic, should we keep the
752 			 * MORE data bit set on the last frame of each
753 			 * intermediary VAP (ie, only clear the MORE
754 			 * bit of the last frame on the last vap?)
755 			 */
756 			bfm = TAILQ_FIRST(&avp->av_mcastq.axq_q);
757 			ATH_TXQ_LOCK(cabq);
758 
759 			/*
760 			 * If there's already a frame on the CABQ, we
761 			 * need to link to the end of the last frame.
762 			 * We can't use axq_link here because
763 			 * EDMA descriptors require some recalculation
764 			 * (checksum) to occur.
765 			 */
766 			bfc_last = ATH_TXQ_LAST(cabq, axq_q_s);
767 			if (bfc_last != NULL) {
768 				ath_hal_settxdesclink(sc->sc_ah,
769 				    bfc_last->bf_lastds,
770 				    bfm->bf_daddr);
771 			}
772 			ath_txqmove(cabq, &avp->av_mcastq);
773 			ATH_TXQ_UNLOCK(cabq);
774 			/*
775 			 * XXX not entirely accurate, in case a mcast
776 			 * queue frame arrived before we grabbed the TX
777 			 * lock.
778 			 */
779 			sc->sc_stats.ast_cabq_xmit += nmcastq;
780 		}
781 		ATH_TXQ_UNLOCK(&avp->av_mcastq);
782 	}
783 	return bf;
784 }
785 
786 void
787 ath_beacon_start_adhoc(struct ath_softc *sc, struct ieee80211vap *vap)
788 {
789 	struct ath_vap *avp = ATH_VAP(vap);
790 	struct ath_hal *ah = sc->sc_ah;
791 	struct ath_buf *bf;
792 	struct mbuf *m;
793 	int error;
794 
795 	KASSERT(avp->av_bcbuf != NULL, ("no beacon buffer"));
796 
797 	/*
798 	 * Update dynamic beacon contents.  If this returns
799 	 * non-zero then we need to remap the memory because
800 	 * the beacon frame changed size (probably because
801 	 * of the TIM bitmap).
802 	 */
803 	bf = avp->av_bcbuf;
804 	m = bf->bf_m;
805 	if (ieee80211_beacon_update(bf->bf_node, &avp->av_boff, m, 0)) {
806 		/* XXX too conservative? */
807 		bus_dmamap_unload(sc->sc_dmat, bf->bf_dmamap);
808 		error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m,
809 					     bf->bf_segs, &bf->bf_nseg,
810 					     BUS_DMA_NOWAIT);
811 		if (error != 0) {
812 			if_printf(vap->iv_ifp,
813 			    "%s: bus_dmamap_load_mbuf_sg failed, error %u\n",
814 			    __func__, error);
815 			return;
816 		}
817 	}
818 	ath_beacon_setup(sc, bf);
819 	bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, BUS_DMASYNC_PREWRITE);
820 
821 	/* NB: caller is known to have already stopped tx dma */
822 	ath_hal_puttxbuf(ah, sc->sc_bhalq, bf->bf_daddr);
823 	ath_hal_txstart(ah, sc->sc_bhalq);
824 }
825 
826 /*
827  * Reclaim beacon resources and return buffer to the pool.
828  */
829 void
830 ath_beacon_return(struct ath_softc *sc, struct ath_buf *bf)
831 {
832 
833 	DPRINTF(sc, ATH_DEBUG_NODE, "%s: free bf=%p, bf_m=%p, bf_node=%p\n",
834 	    __func__, bf, bf->bf_m, bf->bf_node);
835 	if (bf->bf_m != NULL) {
836 		bus_dmamap_unload(sc->sc_dmat, bf->bf_dmamap);
837 		m_freem(bf->bf_m);
838 		bf->bf_m = NULL;
839 	}
840 	if (bf->bf_node != NULL) {
841 		ieee80211_free_node(bf->bf_node);
842 		bf->bf_node = NULL;
843 	}
844 	TAILQ_INSERT_TAIL(&sc->sc_bbuf, bf, bf_list);
845 }
846 
847 /*
848  * Reclaim beacon resources.
849  */
850 void
851 ath_beacon_free(struct ath_softc *sc)
852 {
853 	struct ath_buf *bf;
854 
855 	TAILQ_FOREACH(bf, &sc->sc_bbuf, bf_list) {
856 		DPRINTF(sc, ATH_DEBUG_NODE,
857 		    "%s: free bf=%p, bf_m=%p, bf_node=%p\n",
858 		        __func__, bf, bf->bf_m, bf->bf_node);
859 		if (bf->bf_m != NULL) {
860 			bus_dmamap_unload(sc->sc_dmat, bf->bf_dmamap);
861 			m_freem(bf->bf_m);
862 			bf->bf_m = NULL;
863 		}
864 		if (bf->bf_node != NULL) {
865 			ieee80211_free_node(bf->bf_node);
866 			bf->bf_node = NULL;
867 		}
868 	}
869 }
870 
871 /*
872  * Configure the beacon and sleep timers.
873  *
874  * When operating as an AP this resets the TSF and sets
875  * up the hardware to notify us when we need to issue beacons.
876  *
877  * When operating in station mode this sets up the beacon
878  * timers according to the timestamp of the last received
879  * beacon and the current TSF, configures PCF and DTIM
880  * handling, programs the sleep registers so the hardware
881  * will wakeup in time to receive beacons, and configures
882  * the beacon miss handling so we'll receive a BMISS
883  * interrupt when we stop seeing beacons from the AP
884  * we've associated with.
885  */
886 void
887 ath_beacon_config(struct ath_softc *sc, struct ieee80211vap *vap)
888 {
889 #define	TSF_TO_TU(_h,_l) \
890 	((((u_int32_t)(_h)) << 22) | (((u_int32_t)(_l)) >> 10))
891 #define	FUDGE	2
892 	struct ath_hal *ah = sc->sc_ah;
893 	struct ieee80211com *ic = sc->sc_ifp->if_l2com;
894 	struct ieee80211_node *ni;
895 	u_int32_t nexttbtt, intval, tsftu;
896 	u_int32_t nexttbtt_u8, intval_u8;
897 	u_int64_t tsf;
898 
899 	if (vap == NULL)
900 		vap = TAILQ_FIRST(&ic->ic_vaps);	/* XXX */
901 	/*
902 	 * Just ensure that we aren't being called when the last
903 	 * VAP is destroyed.
904 	 */
905 	if (vap == NULL) {
906 		device_printf(sc->sc_dev, "%s: called with no VAPs\n",
907 		    __func__);
908 		return;
909 	}
910 
911 	ni = ieee80211_ref_node(vap->iv_bss);
912 
913 	/* extract tstamp from last beacon and convert to TU */
914 	nexttbtt = TSF_TO_TU(LE_READ_4(ni->ni_tstamp.data + 4),
915 			     LE_READ_4(ni->ni_tstamp.data));
916 	if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
917 	    ic->ic_opmode == IEEE80211_M_MBSS) {
918 		/*
919 		 * For multi-bss ap/mesh support beacons are either staggered
920 		 * evenly over N slots or burst together.  For the former
921 		 * arrange for the SWBA to be delivered for each slot.
922 		 * Slots that are not occupied will generate nothing.
923 		 */
924 		/* NB: the beacon interval is kept internally in TU's */
925 		intval = ni->ni_intval & HAL_BEACON_PERIOD;
926 		if (sc->sc_stagbeacons)
927 			intval /= ATH_BCBUF;
928 	} else {
929 		/* NB: the beacon interval is kept internally in TU's */
930 		intval = ni->ni_intval & HAL_BEACON_PERIOD;
931 	}
932 	if (nexttbtt == 0)		/* e.g. for ap mode */
933 		nexttbtt = intval;
934 	else if (intval)		/* NB: can be 0 for monitor mode */
935 		nexttbtt = roundup(nexttbtt, intval);
936 	DPRINTF(sc, ATH_DEBUG_BEACON, "%s: nexttbtt %u intval %u (%u)\n",
937 		__func__, nexttbtt, intval, ni->ni_intval);
938 	if (ic->ic_opmode == IEEE80211_M_STA && !sc->sc_swbmiss) {
939 		HAL_BEACON_STATE bs;
940 		int dtimperiod, dtimcount;
941 		int cfpperiod, cfpcount;
942 
943 		/*
944 		 * Setup dtim and cfp parameters according to
945 		 * last beacon we received (which may be none).
946 		 */
947 		dtimperiod = ni->ni_dtim_period;
948 		if (dtimperiod <= 0)		/* NB: 0 if not known */
949 			dtimperiod = 1;
950 		dtimcount = ni->ni_dtim_count;
951 		if (dtimcount >= dtimperiod)	/* NB: sanity check */
952 			dtimcount = 0;		/* XXX? */
953 		cfpperiod = 1;			/* NB: no PCF support yet */
954 		cfpcount = 0;
955 		/*
956 		 * Pull nexttbtt forward to reflect the current
957 		 * TSF and calculate dtim+cfp state for the result.
958 		 */
959 		tsf = ath_hal_gettsf64(ah);
960 		tsftu = TSF_TO_TU(tsf>>32, tsf) + FUDGE;
961 		do {
962 			nexttbtt += intval;
963 			if (--dtimcount < 0) {
964 				dtimcount = dtimperiod - 1;
965 				if (--cfpcount < 0)
966 					cfpcount = cfpperiod - 1;
967 			}
968 		} while (nexttbtt < tsftu);
969 		memset(&bs, 0, sizeof(bs));
970 		bs.bs_intval = intval;
971 		bs.bs_nexttbtt = nexttbtt;
972 		bs.bs_dtimperiod = dtimperiod*intval;
973 		bs.bs_nextdtim = bs.bs_nexttbtt + dtimcount*intval;
974 		bs.bs_cfpperiod = cfpperiod*bs.bs_dtimperiod;
975 		bs.bs_cfpnext = bs.bs_nextdtim + cfpcount*bs.bs_dtimperiod;
976 		bs.bs_cfpmaxduration = 0;
977 #if 0
978 		/*
979 		 * The 802.11 layer records the offset to the DTIM
980 		 * bitmap while receiving beacons; use it here to
981 		 * enable h/w detection of our AID being marked in
982 		 * the bitmap vector (to indicate frames for us are
983 		 * pending at the AP).
984 		 * XXX do DTIM handling in s/w to WAR old h/w bugs
985 		 * XXX enable based on h/w rev for newer chips
986 		 */
987 		bs.bs_timoffset = ni->ni_timoff;
988 #endif
989 		/*
990 		 * Calculate the number of consecutive beacons to miss
991 		 * before taking a BMISS interrupt.
992 		 * Note that we clamp the result to at most 10 beacons.
993 		 */
994 		bs.bs_bmissthreshold = vap->iv_bmissthreshold;
995 		if (bs.bs_bmissthreshold > 10)
996 			bs.bs_bmissthreshold = 10;
997 		else if (bs.bs_bmissthreshold <= 0)
998 			bs.bs_bmissthreshold = 1;
999 
1000 		/*
1001 		 * Calculate sleep duration.  The configuration is
1002 		 * given in ms.  We insure a multiple of the beacon
1003 		 * period is used.  Also, if the sleep duration is
1004 		 * greater than the DTIM period then it makes senses
1005 		 * to make it a multiple of that.
1006 		 *
1007 		 * XXX fixed at 100ms
1008 		 */
1009 		bs.bs_sleepduration =
1010 			roundup(IEEE80211_MS_TO_TU(100), bs.bs_intval);
1011 		if (bs.bs_sleepduration > bs.bs_dtimperiod)
1012 			bs.bs_sleepduration = roundup(bs.bs_sleepduration, bs.bs_dtimperiod);
1013 
1014 		DPRINTF(sc, ATH_DEBUG_BEACON,
1015 			"%s: tsf %ju tsf:tu %u intval %u nexttbtt %u dtim %u nextdtim %u bmiss %u sleep %u cfp:period %u maxdur %u next %u timoffset %u\n"
1016 			, __func__
1017 			, tsf, tsftu
1018 			, bs.bs_intval
1019 			, bs.bs_nexttbtt
1020 			, bs.bs_dtimperiod
1021 			, bs.bs_nextdtim
1022 			, bs.bs_bmissthreshold
1023 			, bs.bs_sleepduration
1024 			, bs.bs_cfpperiod
1025 			, bs.bs_cfpmaxduration
1026 			, bs.bs_cfpnext
1027 			, bs.bs_timoffset
1028 		);
1029 		ath_hal_intrset(ah, 0);
1030 		ath_hal_beacontimers(ah, &bs);
1031 		sc->sc_imask |= HAL_INT_BMISS;
1032 		ath_hal_intrset(ah, sc->sc_imask);
1033 	} else {
1034 		ath_hal_intrset(ah, 0);
1035 		if (nexttbtt == intval)
1036 			intval |= HAL_BEACON_RESET_TSF;
1037 		if (ic->ic_opmode == IEEE80211_M_IBSS) {
1038 			/*
1039 			 * In IBSS mode enable the beacon timers but only
1040 			 * enable SWBA interrupts if we need to manually
1041 			 * prepare beacon frames.  Otherwise we use a
1042 			 * self-linked tx descriptor and let the hardware
1043 			 * deal with things.
1044 			 */
1045 			intval |= HAL_BEACON_ENA;
1046 			if (!sc->sc_hasveol)
1047 				sc->sc_imask |= HAL_INT_SWBA;
1048 			if ((intval & HAL_BEACON_RESET_TSF) == 0) {
1049 				/*
1050 				 * Pull nexttbtt forward to reflect
1051 				 * the current TSF.
1052 				 */
1053 				tsf = ath_hal_gettsf64(ah);
1054 				tsftu = TSF_TO_TU(tsf>>32, tsf) + FUDGE;
1055 				do {
1056 					nexttbtt += intval;
1057 				} while (nexttbtt < tsftu);
1058 			}
1059 			ath_beaconq_config(sc);
1060 		} else if (ic->ic_opmode == IEEE80211_M_HOSTAP ||
1061 		    ic->ic_opmode == IEEE80211_M_MBSS) {
1062 			/*
1063 			 * In AP/mesh mode we enable the beacon timers
1064 			 * and SWBA interrupts to prepare beacon frames.
1065 			 */
1066 			intval |= HAL_BEACON_ENA;
1067 			sc->sc_imask |= HAL_INT_SWBA;	/* beacon prepare */
1068 			ath_beaconq_config(sc);
1069 		}
1070 
1071 		/*
1072 		 * Now dirty things because for now, the EDMA HAL has
1073 		 * nexttbtt and intval is TU/8.
1074 		 */
1075 		if (sc->sc_isedma) {
1076 			nexttbtt_u8 = (nexttbtt << 3);
1077 			intval_u8 = (intval << 3);
1078 			if (intval & HAL_BEACON_ENA)
1079 				intval_u8 |= HAL_BEACON_ENA;
1080 			if (intval & HAL_BEACON_RESET_TSF)
1081 				intval_u8 |= HAL_BEACON_RESET_TSF;
1082 			ath_hal_beaconinit(ah, nexttbtt_u8, intval_u8);
1083 		} else
1084 			ath_hal_beaconinit(ah, nexttbtt, intval);
1085 		sc->sc_bmisscount = 0;
1086 		ath_hal_intrset(ah, sc->sc_imask);
1087 		/*
1088 		 * When using a self-linked beacon descriptor in
1089 		 * ibss mode load it once here.
1090 		 */
1091 		if (ic->ic_opmode == IEEE80211_M_IBSS && sc->sc_hasveol)
1092 			ath_beacon_start_adhoc(sc, vap);
1093 	}
1094 	sc->sc_syncbeacon = 0;
1095 	ieee80211_free_node(ni);
1096 #undef FUDGE
1097 #undef TSF_TO_TU
1098 }
1099