1 /*- 2 * Copyright (c) 2002-2009 Sam Leffler, Errno Consulting 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer, 10 * without modification. 11 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 12 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any 13 * redistribution must be conditioned upon including a substantially 14 * similar Disclaimer requirement for further binary redistribution. 15 * 16 * NO WARRANTY 17 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY 20 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 21 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, 22 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 25 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 27 * THE POSSIBILITY OF SUCH DAMAGES. 28 */ 29 30 #include <sys/cdefs.h> 31 __FBSDID("$FreeBSD$"); 32 33 /* 34 * Driver for the Atheros Wireless LAN controller. 35 * 36 * This software is derived from work of Atsushi Onoe; his contribution 37 * is greatly appreciated. 38 */ 39 40 #include "opt_inet.h" 41 #include "opt_ath.h" 42 #include "opt_wlan.h" 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/sysctl.h> 47 #include <sys/mbuf.h> 48 #include <sys/malloc.h> 49 #include <sys/lock.h> 50 #include <sys/mutex.h> 51 #include <sys/kernel.h> 52 #include <sys/socket.h> 53 #include <sys/sockio.h> 54 #include <sys/errno.h> 55 #include <sys/callout.h> 56 #include <sys/bus.h> 57 #include <sys/endian.h> 58 #include <sys/kthread.h> 59 #include <sys/taskqueue.h> 60 #include <sys/priv.h> 61 62 #include <machine/bus.h> 63 64 #include <net/if.h> 65 #include <net/if_dl.h> 66 #include <net/if_media.h> 67 #include <net/if_types.h> 68 #include <net/if_arp.h> 69 #include <net/ethernet.h> 70 #include <net/if_llc.h> 71 72 #include <net80211/ieee80211_var.h> 73 #include <net80211/ieee80211_regdomain.h> 74 #ifdef IEEE80211_SUPPORT_SUPERG 75 #include <net80211/ieee80211_superg.h> 76 #endif 77 #ifdef IEEE80211_SUPPORT_TDMA 78 #include <net80211/ieee80211_tdma.h> 79 #endif 80 #include <net80211/ieee80211_ht.h> 81 82 #include <net/bpf.h> 83 84 #ifdef INET 85 #include <netinet/in.h> 86 #include <netinet/if_ether.h> 87 #endif 88 89 #include <dev/ath/if_athvar.h> 90 #include <dev/ath/ath_hal/ah_devid.h> /* XXX for softled */ 91 #include <dev/ath/ath_hal/ah_diagcodes.h> 92 93 #include <dev/ath/if_ath_debug.h> 94 95 #ifdef ATH_TX99_DIAG 96 #include <dev/ath/ath_tx99/ath_tx99.h> 97 #endif 98 99 #include <dev/ath/if_ath_misc.h> 100 #include <dev/ath/if_ath_tx.h> 101 #include <dev/ath/if_ath_tx_ht.h> 102 103 /* 104 * How many retries to perform in software 105 */ 106 #define SWMAX_RETRIES 10 107 108 static int ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, 109 int tid); 110 static int ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, 111 int tid); 112 static int ath_tx_action_frame_override_queue(struct ath_softc *sc, 113 struct ieee80211_node *ni, struct mbuf *m0, int *tid); 114 static int ath_tx_seqno_required(struct ath_softc *sc, 115 struct ieee80211_node *ni, struct ath_buf *bf, struct mbuf *m0); 116 117 /* 118 * Whether to use the 11n rate scenario functions or not 119 */ 120 static inline int 121 ath_tx_is_11n(struct ath_softc *sc) 122 { 123 return (sc->sc_ah->ah_magic == 0x20065416); 124 } 125 126 /* 127 * Obtain the current TID from the given frame. 128 * 129 * Non-QoS frames need to go into TID 16 (IEEE80211_NONQOS_TID.) 130 * This has implications for which AC/priority the packet is placed 131 * in. 132 */ 133 static int 134 ath_tx_gettid(struct ath_softc *sc, const struct mbuf *m0) 135 { 136 const struct ieee80211_frame *wh; 137 int pri = M_WME_GETAC(m0); 138 139 wh = mtod(m0, const struct ieee80211_frame *); 140 if (! IEEE80211_QOS_HAS_SEQ(wh)) 141 return IEEE80211_NONQOS_TID; 142 else 143 return WME_AC_TO_TID(pri); 144 } 145 146 /* 147 * Determine what the correct AC queue for the given frame 148 * should be. 149 * 150 * This code assumes that the TIDs map consistently to 151 * the underlying hardware (or software) ath_txq. 152 * Since the sender may try to set an AC which is 153 * arbitrary, non-QoS TIDs may end up being put on 154 * completely different ACs. There's no way to put a 155 * TID into multiple ath_txq's for scheduling, so 156 * for now we override the AC/TXQ selection and set 157 * non-QOS TID frames into the BE queue. 158 * 159 * This may be completely incorrect - specifically, 160 * some management frames may end up out of order 161 * compared to the QoS traffic they're controlling. 162 * I'll look into this later. 163 */ 164 static int 165 ath_tx_getac(struct ath_softc *sc, const struct mbuf *m0) 166 { 167 const struct ieee80211_frame *wh; 168 int pri = M_WME_GETAC(m0); 169 wh = mtod(m0, const struct ieee80211_frame *); 170 if (IEEE80211_QOS_HAS_SEQ(wh)) 171 return pri; 172 173 return WME_AC_BE; 174 } 175 176 void 177 ath_txfrag_cleanup(struct ath_softc *sc, 178 ath_bufhead *frags, struct ieee80211_node *ni) 179 { 180 struct ath_buf *bf, *next; 181 182 ATH_TXBUF_LOCK_ASSERT(sc); 183 184 TAILQ_FOREACH_SAFE(bf, frags, bf_list, next) { 185 /* NB: bf assumed clean */ 186 TAILQ_REMOVE(frags, bf, bf_list); 187 TAILQ_INSERT_HEAD(&sc->sc_txbuf, bf, bf_list); 188 ieee80211_node_decref(ni); 189 } 190 } 191 192 /* 193 * Setup xmit of a fragmented frame. Allocate a buffer 194 * for each frag and bump the node reference count to 195 * reflect the held reference to be setup by ath_tx_start. 196 */ 197 int 198 ath_txfrag_setup(struct ath_softc *sc, ath_bufhead *frags, 199 struct mbuf *m0, struct ieee80211_node *ni) 200 { 201 struct mbuf *m; 202 struct ath_buf *bf; 203 204 ATH_TXBUF_LOCK(sc); 205 for (m = m0->m_nextpkt; m != NULL; m = m->m_nextpkt) { 206 bf = _ath_getbuf_locked(sc); 207 if (bf == NULL) { /* out of buffers, cleanup */ 208 ath_txfrag_cleanup(sc, frags, ni); 209 break; 210 } 211 ieee80211_node_incref(ni); 212 TAILQ_INSERT_TAIL(frags, bf, bf_list); 213 } 214 ATH_TXBUF_UNLOCK(sc); 215 216 return !TAILQ_EMPTY(frags); 217 } 218 219 /* 220 * Reclaim mbuf resources. For fragmented frames we 221 * need to claim each frag chained with m_nextpkt. 222 */ 223 void 224 ath_freetx(struct mbuf *m) 225 { 226 struct mbuf *next; 227 228 do { 229 next = m->m_nextpkt; 230 m->m_nextpkt = NULL; 231 m_freem(m); 232 } while ((m = next) != NULL); 233 } 234 235 static int 236 ath_tx_dmasetup(struct ath_softc *sc, struct ath_buf *bf, struct mbuf *m0) 237 { 238 struct mbuf *m; 239 int error; 240 241 /* 242 * Load the DMA map so any coalescing is done. This 243 * also calculates the number of descriptors we need. 244 */ 245 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 246 bf->bf_segs, &bf->bf_nseg, 247 BUS_DMA_NOWAIT); 248 if (error == EFBIG) { 249 /* XXX packet requires too many descriptors */ 250 bf->bf_nseg = ATH_TXDESC+1; 251 } else if (error != 0) { 252 sc->sc_stats.ast_tx_busdma++; 253 ath_freetx(m0); 254 return error; 255 } 256 /* 257 * Discard null packets and check for packets that 258 * require too many TX descriptors. We try to convert 259 * the latter to a cluster. 260 */ 261 if (bf->bf_nseg > ATH_TXDESC) { /* too many desc's, linearize */ 262 sc->sc_stats.ast_tx_linear++; 263 m = m_collapse(m0, M_DONTWAIT, ATH_TXDESC); 264 if (m == NULL) { 265 ath_freetx(m0); 266 sc->sc_stats.ast_tx_nombuf++; 267 return ENOMEM; 268 } 269 m0 = m; 270 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 271 bf->bf_segs, &bf->bf_nseg, 272 BUS_DMA_NOWAIT); 273 if (error != 0) { 274 sc->sc_stats.ast_tx_busdma++; 275 ath_freetx(m0); 276 return error; 277 } 278 KASSERT(bf->bf_nseg <= ATH_TXDESC, 279 ("too many segments after defrag; nseg %u", bf->bf_nseg)); 280 } else if (bf->bf_nseg == 0) { /* null packet, discard */ 281 sc->sc_stats.ast_tx_nodata++; 282 ath_freetx(m0); 283 return EIO; 284 } 285 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: m %p len %u\n", 286 __func__, m0, m0->m_pkthdr.len); 287 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, BUS_DMASYNC_PREWRITE); 288 bf->bf_m = m0; 289 290 return 0; 291 } 292 293 /* 294 * Chain together segments+descriptors for a non-11n frame. 295 */ 296 static void 297 ath_tx_chaindesclist(struct ath_softc *sc, struct ath_buf *bf) 298 { 299 struct ath_hal *ah = sc->sc_ah; 300 struct ath_desc *ds, *ds0; 301 int i; 302 303 /* 304 * Fillin the remainder of the descriptor info. 305 */ 306 ds0 = ds = bf->bf_desc; 307 for (i = 0; i < bf->bf_nseg; i++, ds++) { 308 ds->ds_data = bf->bf_segs[i].ds_addr; 309 if (i == bf->bf_nseg - 1) 310 ds->ds_link = 0; 311 else 312 ds->ds_link = bf->bf_daddr + sizeof(*ds) * (i + 1); 313 ath_hal_filltxdesc(ah, ds 314 , bf->bf_segs[i].ds_len /* segment length */ 315 , i == 0 /* first segment */ 316 , i == bf->bf_nseg - 1 /* last segment */ 317 , ds0 /* first descriptor */ 318 ); 319 DPRINTF(sc, ATH_DEBUG_XMIT, 320 "%s: %d: %08x %08x %08x %08x %08x %08x\n", 321 __func__, i, ds->ds_link, ds->ds_data, 322 ds->ds_ctl0, ds->ds_ctl1, ds->ds_hw[0], ds->ds_hw[1]); 323 bf->bf_lastds = ds; 324 } 325 } 326 327 /* 328 * Fill in the descriptor list for a aggregate subframe. 329 * 330 * The subframe is returned with the ds_link field in the last subframe 331 * pointing to 0. 332 */ 333 static void 334 ath_tx_chaindesclist_subframe(struct ath_softc *sc, struct ath_buf *bf) 335 { 336 struct ath_hal *ah = sc->sc_ah; 337 struct ath_desc *ds, *ds0; 338 int i; 339 340 ds0 = ds = bf->bf_desc; 341 342 /* 343 * There's no need to call ath_hal_setupfirsttxdesc here; 344 * That's only going to occur for the first frame in an aggregate. 345 */ 346 for (i = 0; i < bf->bf_nseg; i++, ds++) { 347 ds->ds_data = bf->bf_segs[i].ds_addr; 348 if (i == bf->bf_nseg - 1) 349 ds->ds_link = 0; 350 else 351 ds->ds_link = bf->bf_daddr + sizeof(*ds) * (i + 1); 352 353 /* 354 * This performs the setup for an aggregate frame. 355 * This includes enabling the aggregate flags if needed. 356 */ 357 ath_hal_chaintxdesc(ah, ds, 358 bf->bf_state.bfs_pktlen, 359 bf->bf_state.bfs_hdrlen, 360 HAL_PKT_TYPE_AMPDU, /* forces aggregate bits to be set */ 361 bf->bf_state.bfs_keyix, 362 0, /* cipher, calculated from keyix */ 363 bf->bf_state.bfs_ndelim, 364 bf->bf_segs[i].ds_len, /* segment length */ 365 i == 0, /* first segment */ 366 i == bf->bf_nseg - 1, /* last segment */ 367 bf->bf_next == NULL /* last sub-frame in aggr */ 368 ); 369 370 DPRINTF(sc, ATH_DEBUG_XMIT, 371 "%s: %d: %08x %08x %08x %08x %08x %08x\n", 372 __func__, i, ds->ds_link, ds->ds_data, 373 ds->ds_ctl0, ds->ds_ctl1, ds->ds_hw[0], ds->ds_hw[1]); 374 bf->bf_lastds = ds; 375 } 376 } 377 378 /* 379 * Setup segments+descriptors for an 11n aggregate. 380 * bf_first is the first buffer in the aggregate. 381 * The descriptor list must already been linked together using 382 * bf->bf_next. 383 */ 384 static void 385 ath_tx_setds_11n(struct ath_softc *sc, struct ath_buf *bf_first) 386 { 387 struct ath_buf *bf, *bf_prev = NULL; 388 389 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: nframes=%d, al=%d\n", 390 __func__, bf_first->bf_state.bfs_nframes, 391 bf_first->bf_state.bfs_al); 392 393 /* 394 * Setup all descriptors of all subframes. 395 */ 396 bf = bf_first; 397 while (bf != NULL) { 398 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 399 "%s: bf=%p, nseg=%d, pktlen=%d, seqno=%d\n", 400 __func__, bf, bf->bf_nseg, bf->bf_state.bfs_pktlen, 401 SEQNO(bf->bf_state.bfs_seqno)); 402 403 /* Sub-frame setup */ 404 ath_tx_chaindesclist_subframe(sc, bf); 405 406 /* 407 * Link the last descriptor of the previous frame 408 * to the beginning descriptor of this frame. 409 */ 410 if (bf_prev != NULL) 411 bf_prev->bf_lastds->ds_link = bf->bf_daddr; 412 413 /* Save a copy so we can link the next descriptor in */ 414 bf_prev = bf; 415 bf = bf->bf_next; 416 } 417 418 /* 419 * Setup first descriptor of first frame. 420 * chaintxdesc() overwrites the descriptor entries; 421 * setupfirsttxdesc() merges in things. 422 * Otherwise various fields aren't set correctly (eg flags). 423 */ 424 ath_hal_setupfirsttxdesc(sc->sc_ah, 425 bf_first->bf_desc, 426 bf_first->bf_state.bfs_al, 427 bf_first->bf_state.bfs_flags | HAL_TXDESC_INTREQ, 428 bf_first->bf_state.bfs_txpower, 429 bf_first->bf_state.bfs_txrate0, 430 bf_first->bf_state.bfs_try0, 431 bf_first->bf_state.bfs_txantenna, 432 bf_first->bf_state.bfs_ctsrate, 433 bf_first->bf_state.bfs_ctsduration); 434 435 /* 436 * Setup the last descriptor in the list. 437 * bf_prev points to the last; bf is NULL here. 438 */ 439 ath_hal_setuplasttxdesc(sc->sc_ah, bf_prev->bf_desc, 440 bf_first->bf_desc); 441 442 /* 443 * Set the first descriptor bf_lastds field to point to 444 * the last descriptor in the last subframe, that's where 445 * the status update will occur. 446 */ 447 bf_first->bf_lastds = bf_prev->bf_lastds; 448 449 /* 450 * And bf_last in the first descriptor points to the end of 451 * the aggregate list. 452 */ 453 bf_first->bf_last = bf_prev; 454 455 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: end\n", __func__); 456 } 457 458 static void 459 ath_tx_handoff_mcast(struct ath_softc *sc, struct ath_txq *txq, 460 struct ath_buf *bf) 461 { 462 ATH_TXQ_LOCK_ASSERT(txq); 463 KASSERT((bf->bf_flags & ATH_BUF_BUSY) == 0, 464 ("%s: busy status 0x%x", __func__, bf->bf_flags)); 465 if (txq->axq_link != NULL) { 466 struct ath_buf *last = ATH_TXQ_LAST(txq, axq_q_s); 467 struct ieee80211_frame *wh; 468 469 /* mark previous frame */ 470 wh = mtod(last->bf_m, struct ieee80211_frame *); 471 wh->i_fc[1] |= IEEE80211_FC1_MORE_DATA; 472 bus_dmamap_sync(sc->sc_dmat, last->bf_dmamap, 473 BUS_DMASYNC_PREWRITE); 474 475 /* link descriptor */ 476 *txq->axq_link = bf->bf_daddr; 477 } 478 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 479 txq->axq_link = &bf->bf_lastds->ds_link; 480 } 481 482 /* 483 * Hand-off packet to a hardware queue. 484 */ 485 static void 486 ath_tx_handoff_hw(struct ath_softc *sc, struct ath_txq *txq, 487 struct ath_buf *bf) 488 { 489 struct ath_hal *ah = sc->sc_ah; 490 491 /* 492 * Insert the frame on the outbound list and pass it on 493 * to the hardware. Multicast frames buffered for power 494 * save stations and transmit from the CAB queue are stored 495 * on a s/w only queue and loaded on to the CAB queue in 496 * the SWBA handler since frames only go out on DTIM and 497 * to avoid possible races. 498 */ 499 ATH_TXQ_LOCK_ASSERT(txq); 500 KASSERT((bf->bf_flags & ATH_BUF_BUSY) == 0, 501 ("%s: busy status 0x%x", __func__, bf->bf_flags)); 502 KASSERT(txq->axq_qnum != ATH_TXQ_SWQ, 503 ("ath_tx_handoff_hw called for mcast queue")); 504 505 #if 0 506 /* 507 * This causes a LOR. Find out where the PCU lock is being 508 * held whilst the TXQ lock is grabbed - that shouldn't 509 * be occuring. 510 */ 511 ATH_PCU_LOCK(sc); 512 if (sc->sc_inreset_cnt) { 513 ATH_PCU_UNLOCK(sc); 514 DPRINTF(sc, ATH_DEBUG_RESET, 515 "%s: called with sc_in_reset != 0\n", 516 __func__); 517 DPRINTF(sc, ATH_DEBUG_XMIT, 518 "%s: queued: TXDP[%u] = %p (%p) depth %d\n", 519 __func__, txq->axq_qnum, 520 (caddr_t)bf->bf_daddr, bf->bf_desc, 521 txq->axq_depth); 522 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 523 if (bf->bf_state.bfs_aggr) 524 txq->axq_aggr_depth++; 525 /* 526 * There's no need to update axq_link; the hardware 527 * is in reset and once the reset is complete, any 528 * non-empty queues will simply have DMA restarted. 529 */ 530 return; 531 } 532 ATH_PCU_UNLOCK(sc); 533 #endif 534 535 /* For now, so not to generate whitespace diffs */ 536 if (1) { 537 #ifdef IEEE80211_SUPPORT_TDMA 538 int qbusy; 539 540 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 541 qbusy = ath_hal_txqenabled(ah, txq->axq_qnum); 542 if (txq->axq_link == NULL) { 543 /* 544 * Be careful writing the address to TXDP. If 545 * the tx q is enabled then this write will be 546 * ignored. Normally this is not an issue but 547 * when tdma is in use and the q is beacon gated 548 * this race can occur. If the q is busy then 549 * defer the work to later--either when another 550 * packet comes along or when we prepare a beacon 551 * frame at SWBA. 552 */ 553 if (!qbusy) { 554 ath_hal_puttxbuf(ah, txq->axq_qnum, 555 bf->bf_daddr); 556 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 557 DPRINTF(sc, ATH_DEBUG_XMIT, 558 "%s: TXDP[%u] = %p (%p) depth %d\n", 559 __func__, txq->axq_qnum, 560 (caddr_t)bf->bf_daddr, bf->bf_desc, 561 txq->axq_depth); 562 } else { 563 txq->axq_flags |= ATH_TXQ_PUTPENDING; 564 DPRINTF(sc, ATH_DEBUG_TDMA | ATH_DEBUG_XMIT, 565 "%s: Q%u busy, defer enable\n", __func__, 566 txq->axq_qnum); 567 } 568 } else { 569 *txq->axq_link = bf->bf_daddr; 570 DPRINTF(sc, ATH_DEBUG_XMIT, 571 "%s: link[%u](%p)=%p (%p) depth %d\n", __func__, 572 txq->axq_qnum, txq->axq_link, 573 (caddr_t)bf->bf_daddr, bf->bf_desc, 574 txq->axq_depth); 575 if ((txq->axq_flags & ATH_TXQ_PUTPENDING) && !qbusy) { 576 /* 577 * The q was busy when we previously tried 578 * to write the address of the first buffer 579 * in the chain. Since it's not busy now 580 * handle this chore. We are certain the 581 * buffer at the front is the right one since 582 * axq_link is NULL only when the buffer list 583 * is/was empty. 584 */ 585 ath_hal_puttxbuf(ah, txq->axq_qnum, 586 TAILQ_FIRST(&txq->axq_q)->bf_daddr); 587 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 588 DPRINTF(sc, ATH_DEBUG_TDMA | ATH_DEBUG_XMIT, 589 "%s: Q%u restarted\n", __func__, 590 txq->axq_qnum); 591 } 592 } 593 #else 594 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 595 if (txq->axq_link == NULL) { 596 ath_hal_puttxbuf(ah, txq->axq_qnum, bf->bf_daddr); 597 DPRINTF(sc, ATH_DEBUG_XMIT, 598 "%s: TXDP[%u] = %p (%p) depth %d\n", 599 __func__, txq->axq_qnum, 600 (caddr_t)bf->bf_daddr, bf->bf_desc, 601 txq->axq_depth); 602 } else { 603 *txq->axq_link = bf->bf_daddr; 604 DPRINTF(sc, ATH_DEBUG_XMIT, 605 "%s: link[%u](%p)=%p (%p) depth %d\n", __func__, 606 txq->axq_qnum, txq->axq_link, 607 (caddr_t)bf->bf_daddr, bf->bf_desc, 608 txq->axq_depth); 609 } 610 #endif /* IEEE80211_SUPPORT_TDMA */ 611 if (bf->bf_state.bfs_aggr) 612 txq->axq_aggr_depth++; 613 txq->axq_link = &bf->bf_lastds->ds_link; 614 ath_hal_txstart(ah, txq->axq_qnum); 615 } 616 } 617 618 /* 619 * Restart TX DMA for the given TXQ. 620 * 621 * This must be called whether the queue is empty or not. 622 */ 623 void 624 ath_txq_restart_dma(struct ath_softc *sc, struct ath_txq *txq) 625 { 626 struct ath_hal *ah = sc->sc_ah; 627 struct ath_buf *bf, *bf_last; 628 629 ATH_TXQ_LOCK_ASSERT(txq); 630 631 /* This is always going to be cleared, empty or not */ 632 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 633 634 /* XXX make this ATH_TXQ_FIRST */ 635 bf = TAILQ_FIRST(&txq->axq_q); 636 bf_last = ATH_TXQ_LAST(txq, axq_q_s); 637 638 if (bf == NULL) 639 return; 640 641 ath_hal_puttxbuf(ah, txq->axq_qnum, bf->bf_daddr); 642 txq->axq_link = &bf_last->bf_lastds->ds_link; 643 ath_hal_txstart(ah, txq->axq_qnum); 644 } 645 646 /* 647 * Hand off a packet to the hardware (or mcast queue.) 648 * 649 * The relevant hardware txq should be locked. 650 */ 651 static void 652 ath_tx_handoff(struct ath_softc *sc, struct ath_txq *txq, struct ath_buf *bf) 653 { 654 ATH_TXQ_LOCK_ASSERT(txq); 655 656 if (txq->axq_qnum == ATH_TXQ_SWQ) 657 ath_tx_handoff_mcast(sc, txq, bf); 658 else 659 ath_tx_handoff_hw(sc, txq, bf); 660 } 661 662 static int 663 ath_tx_tag_crypto(struct ath_softc *sc, struct ieee80211_node *ni, 664 struct mbuf *m0, int iswep, int isfrag, int *hdrlen, int *pktlen, 665 int *keyix) 666 { 667 DPRINTF(sc, ATH_DEBUG_XMIT, 668 "%s: hdrlen=%d, pktlen=%d, isfrag=%d, iswep=%d, m0=%p\n", 669 __func__, 670 *hdrlen, 671 *pktlen, 672 isfrag, 673 iswep, 674 m0); 675 676 if (iswep) { 677 const struct ieee80211_cipher *cip; 678 struct ieee80211_key *k; 679 680 /* 681 * Construct the 802.11 header+trailer for an encrypted 682 * frame. The only reason this can fail is because of an 683 * unknown or unsupported cipher/key type. 684 */ 685 k = ieee80211_crypto_encap(ni, m0); 686 if (k == NULL) { 687 /* 688 * This can happen when the key is yanked after the 689 * frame was queued. Just discard the frame; the 690 * 802.11 layer counts failures and provides 691 * debugging/diagnostics. 692 */ 693 return (0); 694 } 695 /* 696 * Adjust the packet + header lengths for the crypto 697 * additions and calculate the h/w key index. When 698 * a s/w mic is done the frame will have had any mic 699 * added to it prior to entry so m0->m_pkthdr.len will 700 * account for it. Otherwise we need to add it to the 701 * packet length. 702 */ 703 cip = k->wk_cipher; 704 (*hdrlen) += cip->ic_header; 705 (*pktlen) += cip->ic_header + cip->ic_trailer; 706 /* NB: frags always have any TKIP MIC done in s/w */ 707 if ((k->wk_flags & IEEE80211_KEY_SWMIC) == 0 && !isfrag) 708 (*pktlen) += cip->ic_miclen; 709 (*keyix) = k->wk_keyix; 710 } else if (ni->ni_ucastkey.wk_cipher == &ieee80211_cipher_none) { 711 /* 712 * Use station key cache slot, if assigned. 713 */ 714 (*keyix) = ni->ni_ucastkey.wk_keyix; 715 if ((*keyix) == IEEE80211_KEYIX_NONE) 716 (*keyix) = HAL_TXKEYIX_INVALID; 717 } else 718 (*keyix) = HAL_TXKEYIX_INVALID; 719 720 return (1); 721 } 722 723 static uint8_t 724 ath_tx_get_rtscts_rate(struct ath_hal *ah, const HAL_RATE_TABLE *rt, 725 int cix, int shortPreamble) 726 { 727 uint8_t ctsrate; 728 729 /* 730 * CTS transmit rate is derived from the transmit rate 731 * by looking in the h/w rate table. We must also factor 732 * in whether or not a short preamble is to be used. 733 */ 734 /* NB: cix is set above where RTS/CTS is enabled */ 735 KASSERT(cix != 0xff, ("cix not setup")); 736 ctsrate = rt->info[cix].rateCode; 737 738 /* XXX this should only matter for legacy rates */ 739 if (shortPreamble) 740 ctsrate |= rt->info[cix].shortPreamble; 741 742 return (ctsrate); 743 } 744 745 /* 746 * Calculate the RTS/CTS duration for legacy frames. 747 */ 748 static int 749 ath_tx_calc_ctsduration(struct ath_hal *ah, int rix, int cix, 750 int shortPreamble, int pktlen, const HAL_RATE_TABLE *rt, 751 int flags) 752 { 753 int ctsduration = 0; 754 755 /* This mustn't be called for HT modes */ 756 if (rt->info[cix].phy == IEEE80211_T_HT) { 757 printf("%s: HT rate where it shouldn't be (0x%x)\n", 758 __func__, rt->info[cix].rateCode); 759 return (-1); 760 } 761 762 /* 763 * Compute the transmit duration based on the frame 764 * size and the size of an ACK frame. We call into the 765 * HAL to do the computation since it depends on the 766 * characteristics of the actual PHY being used. 767 * 768 * NB: CTS is assumed the same size as an ACK so we can 769 * use the precalculated ACK durations. 770 */ 771 if (shortPreamble) { 772 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */ 773 ctsduration += rt->info[cix].spAckDuration; 774 ctsduration += ath_hal_computetxtime(ah, 775 rt, pktlen, rix, AH_TRUE); 776 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */ 777 ctsduration += rt->info[rix].spAckDuration; 778 } else { 779 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */ 780 ctsduration += rt->info[cix].lpAckDuration; 781 ctsduration += ath_hal_computetxtime(ah, 782 rt, pktlen, rix, AH_FALSE); 783 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */ 784 ctsduration += rt->info[rix].lpAckDuration; 785 } 786 787 return (ctsduration); 788 } 789 790 /* 791 * Update the given ath_buf with updated rts/cts setup and duration 792 * values. 793 * 794 * To support rate lookups for each software retry, the rts/cts rate 795 * and cts duration must be re-calculated. 796 * 797 * This function assumes the RTS/CTS flags have been set as needed; 798 * mrr has been disabled; and the rate control lookup has been done. 799 * 800 * XXX TODO: MRR need only be disabled for the pre-11n NICs. 801 * XXX The 11n NICs support per-rate RTS/CTS configuration. 802 */ 803 static void 804 ath_tx_set_rtscts(struct ath_softc *sc, struct ath_buf *bf) 805 { 806 uint16_t ctsduration = 0; 807 uint8_t ctsrate = 0; 808 uint8_t rix = bf->bf_state.bfs_rc[0].rix; 809 uint8_t cix = 0; 810 const HAL_RATE_TABLE *rt = sc->sc_currates; 811 812 /* 813 * No RTS/CTS enabled? Don't bother. 814 */ 815 if ((bf->bf_state.bfs_flags & 816 (HAL_TXDESC_RTSENA | HAL_TXDESC_CTSENA)) == 0) { 817 /* XXX is this really needed? */ 818 bf->bf_state.bfs_ctsrate = 0; 819 bf->bf_state.bfs_ctsduration = 0; 820 return; 821 } 822 823 /* 824 * If protection is enabled, use the protection rix control 825 * rate. Otherwise use the rate0 control rate. 826 */ 827 if (bf->bf_state.bfs_doprot) 828 rix = sc->sc_protrix; 829 else 830 rix = bf->bf_state.bfs_rc[0].rix; 831 832 /* 833 * If the raw path has hard-coded ctsrate0 to something, 834 * use it. 835 */ 836 if (bf->bf_state.bfs_ctsrate0 != 0) 837 cix = ath_tx_findrix(sc, bf->bf_state.bfs_ctsrate0); 838 else 839 /* Control rate from above */ 840 cix = rt->info[rix].controlRate; 841 842 /* Calculate the rtscts rate for the given cix */ 843 ctsrate = ath_tx_get_rtscts_rate(sc->sc_ah, rt, cix, 844 bf->bf_state.bfs_shpream); 845 846 /* The 11n chipsets do ctsduration calculations for you */ 847 if (! ath_tx_is_11n(sc)) 848 ctsduration = ath_tx_calc_ctsduration(sc->sc_ah, rix, cix, 849 bf->bf_state.bfs_shpream, bf->bf_state.bfs_pktlen, 850 rt, bf->bf_state.bfs_flags); 851 852 /* Squirrel away in ath_buf */ 853 bf->bf_state.bfs_ctsrate = ctsrate; 854 bf->bf_state.bfs_ctsduration = ctsduration; 855 856 /* 857 * Must disable multi-rate retry when using RTS/CTS. 858 * XXX TODO: only for pre-11n NICs. 859 */ 860 bf->bf_state.bfs_ismrr = 0; 861 bf->bf_state.bfs_try0 = 862 bf->bf_state.bfs_rc[0].tries = ATH_TXMGTTRY; /* XXX ew */ 863 } 864 865 /* 866 * Setup the descriptor chain for a normal or fast-frame 867 * frame. 868 */ 869 static void 870 ath_tx_setds(struct ath_softc *sc, struct ath_buf *bf) 871 { 872 struct ath_desc *ds = bf->bf_desc; 873 struct ath_hal *ah = sc->sc_ah; 874 875 ath_hal_setuptxdesc(ah, ds 876 , bf->bf_state.bfs_pktlen /* packet length */ 877 , bf->bf_state.bfs_hdrlen /* header length */ 878 , bf->bf_state.bfs_atype /* Atheros packet type */ 879 , bf->bf_state.bfs_txpower /* txpower */ 880 , bf->bf_state.bfs_txrate0 881 , bf->bf_state.bfs_try0 /* series 0 rate/tries */ 882 , bf->bf_state.bfs_keyix /* key cache index */ 883 , bf->bf_state.bfs_txantenna /* antenna mode */ 884 , bf->bf_state.bfs_flags /* flags */ 885 , bf->bf_state.bfs_ctsrate /* rts/cts rate */ 886 , bf->bf_state.bfs_ctsduration /* rts/cts duration */ 887 ); 888 889 /* 890 * This will be overriden when the descriptor chain is written. 891 */ 892 bf->bf_lastds = ds; 893 bf->bf_last = bf; 894 895 /* XXX TODO: Setup descriptor chain */ 896 } 897 898 /* 899 * Do a rate lookup. 900 * 901 * This performs a rate lookup for the given ath_buf only if it's required. 902 * Non-data frames and raw frames don't require it. 903 * 904 * This populates the primary and MRR entries; MRR values are 905 * then disabled later on if something requires it (eg RTS/CTS on 906 * pre-11n chipsets. 907 * 908 * This needs to be done before the RTS/CTS fields are calculated 909 * as they may depend upon the rate chosen. 910 */ 911 static void 912 ath_tx_do_ratelookup(struct ath_softc *sc, struct ath_buf *bf) 913 { 914 uint8_t rate, rix; 915 int try0; 916 917 if (! bf->bf_state.bfs_doratelookup) 918 return; 919 920 /* Get rid of any previous state */ 921 bzero(bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 922 923 ATH_NODE_LOCK(ATH_NODE(bf->bf_node)); 924 ath_rate_findrate(sc, ATH_NODE(bf->bf_node), bf->bf_state.bfs_shpream, 925 bf->bf_state.bfs_pktlen, &rix, &try0, &rate); 926 927 /* In case MRR is disabled, make sure rc[0] is setup correctly */ 928 bf->bf_state.bfs_rc[0].rix = rix; 929 bf->bf_state.bfs_rc[0].ratecode = rate; 930 bf->bf_state.bfs_rc[0].tries = try0; 931 932 if (bf->bf_state.bfs_ismrr && try0 != ATH_TXMAXTRY) 933 ath_rate_getxtxrates(sc, ATH_NODE(bf->bf_node), rix, 934 bf->bf_state.bfs_rc); 935 ATH_NODE_UNLOCK(ATH_NODE(bf->bf_node)); 936 937 sc->sc_txrix = rix; /* for LED blinking */ 938 sc->sc_lastdatarix = rix; /* for fast frames */ 939 bf->bf_state.bfs_try0 = try0; 940 bf->bf_state.bfs_txrate0 = rate; 941 } 942 943 /* 944 * Set the rate control fields in the given descriptor based on 945 * the bf_state fields and node state. 946 * 947 * The bfs fields should already be set with the relevant rate 948 * control information, including whether MRR is to be enabled. 949 * 950 * Since the FreeBSD HAL currently sets up the first TX rate 951 * in ath_hal_setuptxdesc(), this will setup the MRR 952 * conditionally for the pre-11n chips, and call ath_buf_set_rate 953 * unconditionally for 11n chips. These require the 11n rate 954 * scenario to be set if MCS rates are enabled, so it's easier 955 * to just always call it. The caller can then only set rates 2, 3 956 * and 4 if multi-rate retry is needed. 957 */ 958 static void 959 ath_tx_set_ratectrl(struct ath_softc *sc, struct ieee80211_node *ni, 960 struct ath_buf *bf) 961 { 962 struct ath_rc_series *rc = bf->bf_state.bfs_rc; 963 964 /* If mrr is disabled, blank tries 1, 2, 3 */ 965 if (! bf->bf_state.bfs_ismrr) 966 rc[1].tries = rc[2].tries = rc[3].tries = 0; 967 968 /* 969 * Always call - that way a retried descriptor will 970 * have the MRR fields overwritten. 971 * 972 * XXX TODO: see if this is really needed - setting up 973 * the first descriptor should set the MRR fields to 0 974 * for us anyway. 975 */ 976 if (ath_tx_is_11n(sc)) { 977 ath_buf_set_rate(sc, ni, bf); 978 } else { 979 ath_hal_setupxtxdesc(sc->sc_ah, bf->bf_desc 980 , rc[1].ratecode, rc[1].tries 981 , rc[2].ratecode, rc[2].tries 982 , rc[3].ratecode, rc[3].tries 983 ); 984 } 985 } 986 987 /* 988 * Transmit the given frame to the hardware. 989 * 990 * The frame must already be setup; rate control must already have 991 * been done. 992 * 993 * XXX since the TXQ lock is being held here (and I dislike holding 994 * it for this long when not doing software aggregation), later on 995 * break this function into "setup_normal" and "xmit_normal". The 996 * lock only needs to be held for the ath_tx_handoff call. 997 */ 998 static void 999 ath_tx_xmit_normal(struct ath_softc *sc, struct ath_txq *txq, 1000 struct ath_buf *bf) 1001 { 1002 1003 ATH_TXQ_LOCK_ASSERT(txq); 1004 1005 /* Setup the descriptor before handoff */ 1006 ath_tx_do_ratelookup(sc, bf); 1007 ath_tx_rate_fill_rcflags(sc, bf); 1008 ath_tx_set_rtscts(sc, bf); 1009 ath_tx_setds(sc, bf); 1010 ath_tx_set_ratectrl(sc, bf->bf_node, bf); 1011 ath_tx_chaindesclist(sc, bf); 1012 1013 /* Hand off to hardware */ 1014 ath_tx_handoff(sc, txq, bf); 1015 } 1016 1017 1018 1019 static int 1020 ath_tx_normal_setup(struct ath_softc *sc, struct ieee80211_node *ni, 1021 struct ath_buf *bf, struct mbuf *m0) 1022 { 1023 struct ieee80211vap *vap = ni->ni_vap; 1024 struct ath_vap *avp = ATH_VAP(vap); 1025 struct ath_hal *ah = sc->sc_ah; 1026 struct ifnet *ifp = sc->sc_ifp; 1027 struct ieee80211com *ic = ifp->if_l2com; 1028 const struct chanAccParams *cap = &ic->ic_wme.wme_chanParams; 1029 int error, iswep, ismcast, isfrag, ismrr; 1030 int keyix, hdrlen, pktlen, try0 = 0; 1031 u_int8_t rix = 0, txrate = 0; 1032 struct ath_desc *ds; 1033 struct ath_txq *txq; 1034 struct ieee80211_frame *wh; 1035 u_int subtype, flags; 1036 HAL_PKT_TYPE atype; 1037 const HAL_RATE_TABLE *rt; 1038 HAL_BOOL shortPreamble; 1039 struct ath_node *an; 1040 u_int pri; 1041 1042 wh = mtod(m0, struct ieee80211_frame *); 1043 iswep = wh->i_fc[1] & IEEE80211_FC1_WEP; 1044 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1045 isfrag = m0->m_flags & M_FRAG; 1046 hdrlen = ieee80211_anyhdrsize(wh); 1047 /* 1048 * Packet length must not include any 1049 * pad bytes; deduct them here. 1050 */ 1051 pktlen = m0->m_pkthdr.len - (hdrlen & 3); 1052 1053 /* Handle encryption twiddling if needed */ 1054 if (! ath_tx_tag_crypto(sc, ni, m0, iswep, isfrag, &hdrlen, 1055 &pktlen, &keyix)) { 1056 ath_freetx(m0); 1057 return EIO; 1058 } 1059 1060 /* packet header may have moved, reset our local pointer */ 1061 wh = mtod(m0, struct ieee80211_frame *); 1062 1063 pktlen += IEEE80211_CRC_LEN; 1064 1065 /* 1066 * Load the DMA map so any coalescing is done. This 1067 * also calculates the number of descriptors we need. 1068 */ 1069 error = ath_tx_dmasetup(sc, bf, m0); 1070 if (error != 0) 1071 return error; 1072 bf->bf_node = ni; /* NB: held reference */ 1073 m0 = bf->bf_m; /* NB: may have changed */ 1074 wh = mtod(m0, struct ieee80211_frame *); 1075 1076 /* setup descriptors */ 1077 ds = bf->bf_desc; 1078 rt = sc->sc_currates; 1079 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode)); 1080 1081 /* 1082 * NB: the 802.11 layer marks whether or not we should 1083 * use short preamble based on the current mode and 1084 * negotiated parameters. 1085 */ 1086 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 1087 (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE)) { 1088 shortPreamble = AH_TRUE; 1089 sc->sc_stats.ast_tx_shortpre++; 1090 } else { 1091 shortPreamble = AH_FALSE; 1092 } 1093 1094 an = ATH_NODE(ni); 1095 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */ 1096 ismrr = 0; /* default no multi-rate retry*/ 1097 pri = M_WME_GETAC(m0); /* honor classification */ 1098 /* XXX use txparams instead of fixed values */ 1099 /* 1100 * Calculate Atheros packet type from IEEE80211 packet header, 1101 * setup for rate calculations, and select h/w transmit queue. 1102 */ 1103 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) { 1104 case IEEE80211_FC0_TYPE_MGT: 1105 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1106 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON) 1107 atype = HAL_PKT_TYPE_BEACON; 1108 else if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1109 atype = HAL_PKT_TYPE_PROBE_RESP; 1110 else if (subtype == IEEE80211_FC0_SUBTYPE_ATIM) 1111 atype = HAL_PKT_TYPE_ATIM; 1112 else 1113 atype = HAL_PKT_TYPE_NORMAL; /* XXX */ 1114 rix = an->an_mgmtrix; 1115 txrate = rt->info[rix].rateCode; 1116 if (shortPreamble) 1117 txrate |= rt->info[rix].shortPreamble; 1118 try0 = ATH_TXMGTTRY; 1119 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1120 break; 1121 case IEEE80211_FC0_TYPE_CTL: 1122 atype = HAL_PKT_TYPE_PSPOLL; /* stop setting of duration */ 1123 rix = an->an_mgmtrix; 1124 txrate = rt->info[rix].rateCode; 1125 if (shortPreamble) 1126 txrate |= rt->info[rix].shortPreamble; 1127 try0 = ATH_TXMGTTRY; 1128 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1129 break; 1130 case IEEE80211_FC0_TYPE_DATA: 1131 atype = HAL_PKT_TYPE_NORMAL; /* default */ 1132 /* 1133 * Data frames: multicast frames go out at a fixed rate, 1134 * EAPOL frames use the mgmt frame rate; otherwise consult 1135 * the rate control module for the rate to use. 1136 */ 1137 if (ismcast) { 1138 rix = an->an_mcastrix; 1139 txrate = rt->info[rix].rateCode; 1140 if (shortPreamble) 1141 txrate |= rt->info[rix].shortPreamble; 1142 try0 = 1; 1143 } else if (m0->m_flags & M_EAPOL) { 1144 /* XXX? maybe always use long preamble? */ 1145 rix = an->an_mgmtrix; 1146 txrate = rt->info[rix].rateCode; 1147 if (shortPreamble) 1148 txrate |= rt->info[rix].shortPreamble; 1149 try0 = ATH_TXMAXTRY; /* XXX?too many? */ 1150 } else { 1151 /* 1152 * Do rate lookup on each TX, rather than using 1153 * the hard-coded TX information decided here. 1154 */ 1155 ismrr = 1; 1156 bf->bf_state.bfs_doratelookup = 1; 1157 } 1158 if (cap->cap_wmeParams[pri].wmep_noackPolicy) 1159 flags |= HAL_TXDESC_NOACK; 1160 break; 1161 default: 1162 if_printf(ifp, "bogus frame type 0x%x (%s)\n", 1163 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, __func__); 1164 /* XXX statistic */ 1165 ath_freetx(m0); 1166 return EIO; 1167 } 1168 txq = sc->sc_ac2q[pri]; 1169 1170 /* 1171 * When servicing one or more stations in power-save mode 1172 * (or) if there is some mcast data waiting on the mcast 1173 * queue (to prevent out of order delivery) multicast 1174 * frames must be buffered until after the beacon. 1175 * 1176 * XXX This likely means that if there's a station in power 1177 * save mode, we won't be doing any kind of aggregation towards 1178 * anyone. This is likely a very suboptimal way of dealing 1179 * with things. 1180 */ 1181 if (ismcast && (vap->iv_ps_sta || avp->av_mcastq.axq_depth)) 1182 txq = &avp->av_mcastq; 1183 1184 /* 1185 * Calculate miscellaneous flags. 1186 */ 1187 if (ismcast) { 1188 flags |= HAL_TXDESC_NOACK; /* no ack on broad/multicast */ 1189 } else if (pktlen > vap->iv_rtsthreshold && 1190 (ni->ni_ath_flags & IEEE80211_NODE_FF) == 0) { 1191 flags |= HAL_TXDESC_RTSENA; /* RTS based on frame length */ 1192 sc->sc_stats.ast_tx_rts++; 1193 } 1194 if (flags & HAL_TXDESC_NOACK) /* NB: avoid double counting */ 1195 sc->sc_stats.ast_tx_noack++; 1196 #ifdef IEEE80211_SUPPORT_TDMA 1197 if (sc->sc_tdma && (flags & HAL_TXDESC_NOACK) == 0) { 1198 DPRINTF(sc, ATH_DEBUG_TDMA, 1199 "%s: discard frame, ACK required w/ TDMA\n", __func__); 1200 sc->sc_stats.ast_tdma_ack++; 1201 ath_freetx(m0); 1202 return EIO; 1203 } 1204 #endif 1205 1206 /* 1207 * If 802.11g protection is enabled, determine whether 1208 * to use RTS/CTS or just CTS. Note that this is only 1209 * done for OFDM unicast frames. 1210 */ 1211 if ((ic->ic_flags & IEEE80211_F_USEPROT) && 1212 rt->info[rix].phy == IEEE80211_T_OFDM && 1213 (flags & HAL_TXDESC_NOACK) == 0) { 1214 bf->bf_state.bfs_doprot = 1; 1215 /* XXX fragments must use CCK rates w/ protection */ 1216 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) { 1217 flags |= HAL_TXDESC_RTSENA; 1218 } else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) { 1219 flags |= HAL_TXDESC_CTSENA; 1220 } 1221 /* 1222 * For frags it would be desirable to use the 1223 * highest CCK rate for RTS/CTS. But stations 1224 * farther away may detect it at a lower CCK rate 1225 * so use the configured protection rate instead 1226 * (for now). 1227 */ 1228 sc->sc_stats.ast_tx_protect++; 1229 } 1230 1231 #if 0 1232 /* 1233 * If 11n protection is enabled and it's a HT frame, 1234 * enable RTS. 1235 * 1236 * XXX ic_htprotmode or ic_curhtprotmode? 1237 * XXX should it_htprotmode only matter if ic_curhtprotmode 1238 * XXX indicates it's not a HT pure environment? 1239 */ 1240 if ((ic->ic_htprotmode == IEEE80211_PROT_RTSCTS) && 1241 rt->info[rix].phy == IEEE80211_T_HT && 1242 (flags & HAL_TXDESC_NOACK) == 0) { 1243 cix = rt->info[sc->sc_protrix].controlRate; 1244 flags |= HAL_TXDESC_RTSENA; 1245 sc->sc_stats.ast_tx_htprotect++; 1246 } 1247 #endif 1248 1249 /* 1250 * Calculate duration. This logically belongs in the 802.11 1251 * layer but it lacks sufficient information to calculate it. 1252 */ 1253 if ((flags & HAL_TXDESC_NOACK) == 0 && 1254 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_CTL) { 1255 u_int16_t dur; 1256 if (shortPreamble) 1257 dur = rt->info[rix].spAckDuration; 1258 else 1259 dur = rt->info[rix].lpAckDuration; 1260 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) { 1261 dur += dur; /* additional SIFS+ACK */ 1262 KASSERT(m0->m_nextpkt != NULL, ("no fragment")); 1263 /* 1264 * Include the size of next fragment so NAV is 1265 * updated properly. The last fragment uses only 1266 * the ACK duration 1267 */ 1268 dur += ath_hal_computetxtime(ah, rt, 1269 m0->m_nextpkt->m_pkthdr.len, 1270 rix, shortPreamble); 1271 } 1272 if (isfrag) { 1273 /* 1274 * Force hardware to use computed duration for next 1275 * fragment by disabling multi-rate retry which updates 1276 * duration based on the multi-rate duration table. 1277 */ 1278 ismrr = 0; 1279 try0 = ATH_TXMGTTRY; /* XXX? */ 1280 } 1281 *(u_int16_t *)wh->i_dur = htole16(dur); 1282 } 1283 1284 /* 1285 * Determine if a tx interrupt should be generated for 1286 * this descriptor. We take a tx interrupt to reap 1287 * descriptors when the h/w hits an EOL condition or 1288 * when the descriptor is specifically marked to generate 1289 * an interrupt. We periodically mark descriptors in this 1290 * way to insure timely replenishing of the supply needed 1291 * for sending frames. Defering interrupts reduces system 1292 * load and potentially allows more concurrent work to be 1293 * done but if done to aggressively can cause senders to 1294 * backup. 1295 * 1296 * NB: use >= to deal with sc_txintrperiod changing 1297 * dynamically through sysctl. 1298 */ 1299 if (flags & HAL_TXDESC_INTREQ) { 1300 txq->axq_intrcnt = 0; 1301 } else if (++txq->axq_intrcnt >= sc->sc_txintrperiod) { 1302 flags |= HAL_TXDESC_INTREQ; 1303 txq->axq_intrcnt = 0; 1304 } 1305 1306 /* This point forward is actual TX bits */ 1307 1308 /* 1309 * At this point we are committed to sending the frame 1310 * and we don't need to look at m_nextpkt; clear it in 1311 * case this frame is part of frag chain. 1312 */ 1313 m0->m_nextpkt = NULL; 1314 1315 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT)) 1316 ieee80211_dump_pkt(ic, mtod(m0, const uint8_t *), m0->m_len, 1317 sc->sc_hwmap[rix].ieeerate, -1); 1318 1319 if (ieee80211_radiotap_active_vap(vap)) { 1320 u_int64_t tsf = ath_hal_gettsf64(ah); 1321 1322 sc->sc_tx_th.wt_tsf = htole64(tsf); 1323 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags; 1324 if (iswep) 1325 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1326 if (isfrag) 1327 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1328 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate; 1329 sc->sc_tx_th.wt_txpower = ni->ni_txpower; 1330 sc->sc_tx_th.wt_antenna = sc->sc_txantenna; 1331 1332 ieee80211_radiotap_tx(vap, m0); 1333 } 1334 1335 /* Blank the legacy rate array */ 1336 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1337 1338 /* 1339 * ath_buf_set_rate needs at least one rate/try to setup 1340 * the rate scenario. 1341 */ 1342 bf->bf_state.bfs_rc[0].rix = rix; 1343 bf->bf_state.bfs_rc[0].tries = try0; 1344 bf->bf_state.bfs_rc[0].ratecode = txrate; 1345 1346 /* Store the decided rate index values away */ 1347 bf->bf_state.bfs_pktlen = pktlen; 1348 bf->bf_state.bfs_hdrlen = hdrlen; 1349 bf->bf_state.bfs_atype = atype; 1350 bf->bf_state.bfs_txpower = ni->ni_txpower; 1351 bf->bf_state.bfs_txrate0 = txrate; 1352 bf->bf_state.bfs_try0 = try0; 1353 bf->bf_state.bfs_keyix = keyix; 1354 bf->bf_state.bfs_txantenna = sc->sc_txantenna; 1355 bf->bf_state.bfs_flags = flags; 1356 bf->bf_txflags = flags; 1357 bf->bf_state.bfs_shpream = shortPreamble; 1358 1359 /* XXX this should be done in ath_tx_setrate() */ 1360 bf->bf_state.bfs_ctsrate0 = 0; /* ie, no hard-coded ctsrate */ 1361 bf->bf_state.bfs_ctsrate = 0; /* calculated later */ 1362 bf->bf_state.bfs_ctsduration = 0; 1363 bf->bf_state.bfs_ismrr = ismrr; 1364 1365 return 0; 1366 } 1367 1368 /* 1369 * Direct-dispatch the current frame to the hardware. 1370 * 1371 * This can be called by the net80211 code. 1372 * 1373 * XXX what about locking? Or, push the seqno assign into the 1374 * XXX aggregate scheduler so its serialised? 1375 */ 1376 int 1377 ath_tx_start(struct ath_softc *sc, struct ieee80211_node *ni, 1378 struct ath_buf *bf, struct mbuf *m0) 1379 { 1380 struct ieee80211vap *vap = ni->ni_vap; 1381 struct ath_vap *avp = ATH_VAP(vap); 1382 int r = 0; 1383 u_int pri; 1384 int tid; 1385 struct ath_txq *txq; 1386 int ismcast; 1387 const struct ieee80211_frame *wh; 1388 int is_ampdu, is_ampdu_tx, is_ampdu_pending; 1389 //ieee80211_seq seqno; 1390 uint8_t type, subtype; 1391 1392 /* 1393 * Determine the target hardware queue. 1394 * 1395 * For multicast frames, the txq gets overridden to be the 1396 * software TXQ and it's done via direct-dispatch. 1397 * 1398 * For any other frame, we do a TID/QoS lookup inside the frame 1399 * to see what the TID should be. If it's a non-QoS frame, the 1400 * AC and TID are overridden. The TID/TXQ code assumes the 1401 * TID is on a predictable hardware TXQ, so we don't support 1402 * having a node TID queued to multiple hardware TXQs. 1403 * This may change in the future but would require some locking 1404 * fudgery. 1405 */ 1406 pri = ath_tx_getac(sc, m0); 1407 tid = ath_tx_gettid(sc, m0); 1408 1409 txq = sc->sc_ac2q[pri]; 1410 wh = mtod(m0, struct ieee80211_frame *); 1411 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1412 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 1413 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1414 1415 /* 1416 * Enforce how deep the multicast queue can grow. 1417 * 1418 * XXX duplicated in ath_raw_xmit(). 1419 */ 1420 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1421 ATH_TXQ_LOCK(sc->sc_cabq); 1422 1423 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) { 1424 sc->sc_stats.ast_tx_mcastq_overflow++; 1425 r = ENOBUFS; 1426 } 1427 1428 ATH_TXQ_UNLOCK(sc->sc_cabq); 1429 1430 if (r != 0) { 1431 m_freem(m0); 1432 return r; 1433 } 1434 } 1435 1436 /* A-MPDU TX */ 1437 is_ampdu_tx = ath_tx_ampdu_running(sc, ATH_NODE(ni), tid); 1438 is_ampdu_pending = ath_tx_ampdu_pending(sc, ATH_NODE(ni), tid); 1439 is_ampdu = is_ampdu_tx | is_ampdu_pending; 1440 1441 DPRINTF(sc, ATH_DEBUG_SW_TX, 1442 "%s: bf=%p, tid=%d, ac=%d, is_ampdu=%d\n", 1443 __func__, bf, tid, pri, is_ampdu); 1444 1445 /* Multicast frames go onto the software multicast queue */ 1446 if (ismcast) 1447 txq = &avp->av_mcastq; 1448 1449 /* 1450 * XXX This likely means that if there's a station in power 1451 * save mode, we won't be doing any kind of aggregation towards 1452 * anyone. This is likely a very suboptimal way of dealing 1453 * with things. 1454 */ 1455 if ((! is_ampdu) && (vap->iv_ps_sta || avp->av_mcastq.axq_depth)) 1456 txq = &avp->av_mcastq; 1457 1458 /* Do the generic frame setup */ 1459 /* XXX should just bzero the bf_state? */ 1460 bf->bf_state.bfs_dobaw = 0; 1461 bf->bf_state.bfs_seqno_assigned = 0; 1462 bf->bf_state.bfs_need_seqno = 0; 1463 bf->bf_state.bfs_seqno = -1; /* XXX debugging */ 1464 1465 /* A-MPDU TX? Manually set sequence number */ 1466 /* Don't do it whilst pending; the net80211 layer still assigns them */ 1467 /* XXX do we need locking here? */ 1468 if (is_ampdu_tx) { 1469 ATH_TXQ_LOCK(txq); 1470 /* 1471 * Always call; this function will 1472 * handle making sure that null data frames 1473 * don't get a sequence number from the current 1474 * TID and thus mess with the BAW. 1475 */ 1476 //seqno = ath_tx_tid_seqno_assign(sc, ni, bf, m0); 1477 if (ath_tx_seqno_required(sc, ni, bf, m0)) { 1478 bf->bf_state.bfs_dobaw = 1; 1479 bf->bf_state.bfs_need_seqno = 1; 1480 } 1481 ATH_TXQ_UNLOCK(txq); 1482 } else { 1483 /* No AMPDU TX, we've been assigned a sequence number. */ 1484 if (IEEE80211_QOS_HAS_SEQ(wh)) { 1485 bf->bf_state.bfs_seqno_assigned = 1; 1486 /* XXX we should store the frag+seqno in bfs_seqno */ 1487 bf->bf_state.bfs_seqno = 1488 M_SEQNO_GET(m0) << IEEE80211_SEQ_SEQ_SHIFT; 1489 } 1490 } 1491 1492 /* 1493 * If needed, the sequence number has been assigned. 1494 * Squirrel it away somewhere easy to get to. 1495 */ 1496 //bf->bf_state.bfs_seqno = M_SEQNO_GET(m0) << IEEE80211_SEQ_SEQ_SHIFT; 1497 1498 /* Is ampdu pending? fetch the seqno and print it out */ 1499 if (is_ampdu_pending) 1500 DPRINTF(sc, ATH_DEBUG_SW_TX, 1501 "%s: tid %d: ampdu pending, seqno %d\n", 1502 __func__, tid, M_SEQNO_GET(m0)); 1503 1504 /* This also sets up the DMA map */ 1505 r = ath_tx_normal_setup(sc, ni, bf, m0); 1506 1507 if (r != 0) 1508 return r; 1509 1510 /* At this point m0 could have changed! */ 1511 m0 = bf->bf_m; 1512 1513 DPRINTF(sc, ATH_DEBUG_SW_TX, 1514 "%s: DONE: bf=%p, tid=%d, ac=%d, is_ampdu=%d, dobaw=%d, seqno=%d\n", 1515 __func__, bf, tid, pri, is_ampdu, bf->bf_state.bfs_dobaw, M_SEQNO_GET(m0)); 1516 1517 #if 1 1518 /* 1519 * If it's a multicast frame, do a direct-dispatch to the 1520 * destination hardware queue. Don't bother software 1521 * queuing it. 1522 */ 1523 /* 1524 * If it's a BAR frame, do a direct dispatch to the 1525 * destination hardware queue. Don't bother software 1526 * queuing it, as the TID will now be paused. 1527 * Sending a BAR frame can occur from the net80211 txa timer 1528 * (ie, retries) or from the ath txtask (completion call.) 1529 * It queues directly to hardware because the TID is paused 1530 * at this point (and won't be unpaused until the BAR has 1531 * either been TXed successfully or max retries has been 1532 * reached.) 1533 */ 1534 if (txq == &avp->av_mcastq) { 1535 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 1536 "%s: bf=%p: mcastq: TX'ing\n", __func__, bf); 1537 ATH_TXQ_LOCK(txq); 1538 ath_tx_xmit_normal(sc, txq, bf); 1539 ATH_TXQ_UNLOCK(txq); 1540 } else if (type == IEEE80211_FC0_TYPE_CTL && 1541 subtype == IEEE80211_FC0_SUBTYPE_BAR) { 1542 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 1543 "%s: BAR: TX'ing direct\n", __func__); 1544 ATH_TXQ_LOCK(txq); 1545 ath_tx_xmit_normal(sc, txq, bf); 1546 ATH_TXQ_UNLOCK(txq); 1547 } else { 1548 /* add to software queue */ 1549 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 1550 "%s: bf=%p: swq: TX'ing\n", __func__, bf); 1551 ath_tx_swq(sc, ni, txq, bf); 1552 } 1553 #else 1554 /* 1555 * For now, since there's no software queue, 1556 * direct-dispatch to the hardware. 1557 */ 1558 ATH_TXQ_LOCK(txq); 1559 ath_tx_xmit_normal(sc, txq, bf); 1560 ATH_TXQ_UNLOCK(txq); 1561 #endif 1562 1563 return 0; 1564 } 1565 1566 static int 1567 ath_tx_raw_start(struct ath_softc *sc, struct ieee80211_node *ni, 1568 struct ath_buf *bf, struct mbuf *m0, 1569 const struct ieee80211_bpf_params *params) 1570 { 1571 struct ifnet *ifp = sc->sc_ifp; 1572 struct ieee80211com *ic = ifp->if_l2com; 1573 struct ath_hal *ah = sc->sc_ah; 1574 struct ieee80211vap *vap = ni->ni_vap; 1575 int error, ismcast, ismrr; 1576 int keyix, hdrlen, pktlen, try0, txantenna; 1577 u_int8_t rix, txrate; 1578 struct ieee80211_frame *wh; 1579 u_int flags; 1580 HAL_PKT_TYPE atype; 1581 const HAL_RATE_TABLE *rt; 1582 struct ath_desc *ds; 1583 u_int pri; 1584 int o_tid = -1; 1585 int do_override; 1586 1587 wh = mtod(m0, struct ieee80211_frame *); 1588 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1589 hdrlen = ieee80211_anyhdrsize(wh); 1590 /* 1591 * Packet length must not include any 1592 * pad bytes; deduct them here. 1593 */ 1594 /* XXX honor IEEE80211_BPF_DATAPAD */ 1595 pktlen = m0->m_pkthdr.len - (hdrlen & 3) + IEEE80211_CRC_LEN; 1596 1597 1598 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: ismcast=%d\n", 1599 __func__, ismcast); 1600 1601 /* Handle encryption twiddling if needed */ 1602 if (! ath_tx_tag_crypto(sc, ni, 1603 m0, params->ibp_flags & IEEE80211_BPF_CRYPTO, 0, 1604 &hdrlen, &pktlen, &keyix)) { 1605 ath_freetx(m0); 1606 return EIO; 1607 } 1608 /* packet header may have moved, reset our local pointer */ 1609 wh = mtod(m0, struct ieee80211_frame *); 1610 1611 /* Do the generic frame setup */ 1612 /* XXX should just bzero the bf_state? */ 1613 bf->bf_state.bfs_dobaw = 0; 1614 1615 error = ath_tx_dmasetup(sc, bf, m0); 1616 if (error != 0) 1617 return error; 1618 m0 = bf->bf_m; /* NB: may have changed */ 1619 wh = mtod(m0, struct ieee80211_frame *); 1620 bf->bf_node = ni; /* NB: held reference */ 1621 1622 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */ 1623 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1624 if (params->ibp_flags & IEEE80211_BPF_RTS) 1625 flags |= HAL_TXDESC_RTSENA; 1626 else if (params->ibp_flags & IEEE80211_BPF_CTS) { 1627 /* XXX assume 11g/11n protection? */ 1628 bf->bf_state.bfs_doprot = 1; 1629 flags |= HAL_TXDESC_CTSENA; 1630 } 1631 /* XXX leave ismcast to injector? */ 1632 if ((params->ibp_flags & IEEE80211_BPF_NOACK) || ismcast) 1633 flags |= HAL_TXDESC_NOACK; 1634 1635 rt = sc->sc_currates; 1636 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode)); 1637 rix = ath_tx_findrix(sc, params->ibp_rate0); 1638 txrate = rt->info[rix].rateCode; 1639 if (params->ibp_flags & IEEE80211_BPF_SHORTPRE) 1640 txrate |= rt->info[rix].shortPreamble; 1641 sc->sc_txrix = rix; 1642 try0 = params->ibp_try0; 1643 ismrr = (params->ibp_try1 != 0); 1644 txantenna = params->ibp_pri >> 2; 1645 if (txantenna == 0) /* XXX? */ 1646 txantenna = sc->sc_txantenna; 1647 1648 /* 1649 * Since ctsrate is fixed, store it away for later 1650 * use when the descriptor fields are being set. 1651 */ 1652 if (flags & (HAL_TXDESC_RTSENA|HAL_TXDESC_CTSENA)) 1653 bf->bf_state.bfs_ctsrate0 = params->ibp_ctsrate; 1654 1655 pri = params->ibp_pri & 3; 1656 /* Override pri if the frame isn't a QoS one */ 1657 if (! IEEE80211_QOS_HAS_SEQ(wh)) 1658 pri = ath_tx_getac(sc, m0); 1659 1660 /* 1661 * NB: we mark all packets as type PSPOLL so the h/w won't 1662 * set the sequence number, duration, etc. 1663 */ 1664 atype = HAL_PKT_TYPE_PSPOLL; 1665 1666 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT)) 1667 ieee80211_dump_pkt(ic, mtod(m0, caddr_t), m0->m_len, 1668 sc->sc_hwmap[rix].ieeerate, -1); 1669 1670 if (ieee80211_radiotap_active_vap(vap)) { 1671 u_int64_t tsf = ath_hal_gettsf64(ah); 1672 1673 sc->sc_tx_th.wt_tsf = htole64(tsf); 1674 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags; 1675 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1676 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1677 if (m0->m_flags & M_FRAG) 1678 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1679 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate; 1680 sc->sc_tx_th.wt_txpower = ni->ni_txpower; 1681 sc->sc_tx_th.wt_antenna = sc->sc_txantenna; 1682 1683 ieee80211_radiotap_tx(vap, m0); 1684 } 1685 1686 /* 1687 * Formulate first tx descriptor with tx controls. 1688 */ 1689 ds = bf->bf_desc; 1690 /* XXX check return value? */ 1691 1692 /* Store the decided rate index values away */ 1693 bf->bf_state.bfs_pktlen = pktlen; 1694 bf->bf_state.bfs_hdrlen = hdrlen; 1695 bf->bf_state.bfs_atype = atype; 1696 bf->bf_state.bfs_txpower = params->ibp_power; 1697 bf->bf_state.bfs_txrate0 = txrate; 1698 bf->bf_state.bfs_try0 = try0; 1699 bf->bf_state.bfs_keyix = keyix; 1700 bf->bf_state.bfs_txantenna = txantenna; 1701 bf->bf_state.bfs_flags = flags; 1702 bf->bf_txflags = flags; 1703 bf->bf_state.bfs_shpream = 1704 !! (params->ibp_flags & IEEE80211_BPF_SHORTPRE); 1705 1706 /* XXX this should be done in ath_tx_setrate() */ 1707 bf->bf_state.bfs_ctsrate = 0; 1708 bf->bf_state.bfs_ctsduration = 0; 1709 bf->bf_state.bfs_ismrr = ismrr; 1710 1711 /* Blank the legacy rate array */ 1712 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1713 1714 bf->bf_state.bfs_rc[0].rix = 1715 ath_tx_findrix(sc, params->ibp_rate0); 1716 bf->bf_state.bfs_rc[0].tries = try0; 1717 bf->bf_state.bfs_rc[0].ratecode = txrate; 1718 1719 if (ismrr) { 1720 int rix; 1721 1722 rix = ath_tx_findrix(sc, params->ibp_rate1); 1723 bf->bf_state.bfs_rc[1].rix = rix; 1724 bf->bf_state.bfs_rc[1].tries = params->ibp_try1; 1725 1726 rix = ath_tx_findrix(sc, params->ibp_rate2); 1727 bf->bf_state.bfs_rc[2].rix = rix; 1728 bf->bf_state.bfs_rc[2].tries = params->ibp_try2; 1729 1730 rix = ath_tx_findrix(sc, params->ibp_rate3); 1731 bf->bf_state.bfs_rc[3].rix = rix; 1732 bf->bf_state.bfs_rc[3].tries = params->ibp_try3; 1733 } 1734 /* 1735 * All the required rate control decisions have been made; 1736 * fill in the rc flags. 1737 */ 1738 ath_tx_rate_fill_rcflags(sc, bf); 1739 1740 /* NB: no buffered multicast in power save support */ 1741 1742 /* XXX If it's an ADDBA, override the correct queue */ 1743 do_override = ath_tx_action_frame_override_queue(sc, ni, m0, &o_tid); 1744 1745 /* Map ADDBA to the correct priority */ 1746 if (do_override) { 1747 #if 0 1748 device_printf(sc->sc_dev, 1749 "%s: overriding tid %d pri %d -> %d\n", 1750 __func__, o_tid, pri, TID_TO_WME_AC(o_tid)); 1751 #endif 1752 pri = TID_TO_WME_AC(o_tid); 1753 } 1754 1755 /* 1756 * If we're overiding the ADDBA destination, dump directly 1757 * into the hardware queue, right after any pending 1758 * frames to that node are. 1759 */ 1760 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: dooverride=%d\n", 1761 __func__, do_override); 1762 1763 if (do_override) { 1764 ATH_TXQ_LOCK(sc->sc_ac2q[pri]); 1765 ath_tx_xmit_normal(sc, sc->sc_ac2q[pri], bf); 1766 ATH_TXQ_UNLOCK(sc->sc_ac2q[pri]); 1767 } else { 1768 /* Queue to software queue */ 1769 ath_tx_swq(sc, ni, sc->sc_ac2q[pri], bf); 1770 } 1771 1772 return 0; 1773 } 1774 1775 /* 1776 * Send a raw frame. 1777 * 1778 * This can be called by net80211. 1779 */ 1780 int 1781 ath_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 1782 const struct ieee80211_bpf_params *params) 1783 { 1784 struct ieee80211com *ic = ni->ni_ic; 1785 struct ifnet *ifp = ic->ic_ifp; 1786 struct ath_softc *sc = ifp->if_softc; 1787 struct ath_buf *bf; 1788 struct ieee80211_frame *wh = mtod(m, struct ieee80211_frame *); 1789 int error = 0; 1790 1791 ATH_PCU_LOCK(sc); 1792 if (sc->sc_inreset_cnt > 0) { 1793 device_printf(sc->sc_dev, "%s: sc_inreset_cnt > 0; bailing\n", 1794 __func__); 1795 error = EIO; 1796 ATH_PCU_UNLOCK(sc); 1797 goto bad0; 1798 } 1799 sc->sc_txstart_cnt++; 1800 ATH_PCU_UNLOCK(sc); 1801 1802 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || sc->sc_invalid) { 1803 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: discard frame, %s", __func__, 1804 (ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 ? 1805 "!running" : "invalid"); 1806 m_freem(m); 1807 error = ENETDOWN; 1808 goto bad; 1809 } 1810 1811 /* 1812 * Enforce how deep the multicast queue can grow. 1813 * 1814 * XXX duplicated in ath_tx_start(). 1815 */ 1816 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1817 ATH_TXQ_LOCK(sc->sc_cabq); 1818 1819 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) { 1820 sc->sc_stats.ast_tx_mcastq_overflow++; 1821 error = ENOBUFS; 1822 } 1823 1824 ATH_TXQ_UNLOCK(sc->sc_cabq); 1825 1826 if (error != 0) { 1827 m_freem(m); 1828 goto bad; 1829 } 1830 } 1831 1832 /* 1833 * Grab a TX buffer and associated resources. 1834 */ 1835 bf = ath_getbuf(sc); 1836 if (bf == NULL) { 1837 sc->sc_stats.ast_tx_nobuf++; 1838 m_freem(m); 1839 error = ENOBUFS; 1840 goto bad; 1841 } 1842 1843 if (params == NULL) { 1844 /* 1845 * Legacy path; interpret frame contents to decide 1846 * precisely how to send the frame. 1847 */ 1848 if (ath_tx_start(sc, ni, bf, m)) { 1849 error = EIO; /* XXX */ 1850 goto bad2; 1851 } 1852 } else { 1853 /* 1854 * Caller supplied explicit parameters to use in 1855 * sending the frame. 1856 */ 1857 if (ath_tx_raw_start(sc, ni, bf, m, params)) { 1858 error = EIO; /* XXX */ 1859 goto bad2; 1860 } 1861 } 1862 sc->sc_wd_timer = 5; 1863 ifp->if_opackets++; 1864 sc->sc_stats.ast_tx_raw++; 1865 1866 ATH_PCU_LOCK(sc); 1867 sc->sc_txstart_cnt--; 1868 ATH_PCU_UNLOCK(sc); 1869 1870 return 0; 1871 bad2: 1872 ATH_TXBUF_LOCK(sc); 1873 TAILQ_INSERT_HEAD(&sc->sc_txbuf, bf, bf_list); 1874 ATH_TXBUF_UNLOCK(sc); 1875 bad: 1876 ATH_PCU_LOCK(sc); 1877 sc->sc_txstart_cnt--; 1878 ATH_PCU_UNLOCK(sc); 1879 bad0: 1880 ifp->if_oerrors++; 1881 sc->sc_stats.ast_tx_raw_fail++; 1882 ieee80211_free_node(ni); 1883 1884 return error; 1885 } 1886 1887 /* Some helper functions */ 1888 1889 /* 1890 * ADDBA (and potentially others) need to be placed in the same 1891 * hardware queue as the TID/node it's relating to. This is so 1892 * it goes out after any pending non-aggregate frames to the 1893 * same node/TID. 1894 * 1895 * If this isn't done, the ADDBA can go out before the frames 1896 * queued in hardware. Even though these frames have a sequence 1897 * number -earlier- than the ADDBA can be transmitted (but 1898 * no frames whose sequence numbers are after the ADDBA should 1899 * be!) they'll arrive after the ADDBA - and the receiving end 1900 * will simply drop them as being out of the BAW. 1901 * 1902 * The frames can't be appended to the TID software queue - it'll 1903 * never be sent out. So these frames have to be directly 1904 * dispatched to the hardware, rather than queued in software. 1905 * So if this function returns true, the TXQ has to be 1906 * overridden and it has to be directly dispatched. 1907 * 1908 * It's a dirty hack, but someone's gotta do it. 1909 */ 1910 1911 /* 1912 * XXX doesn't belong here! 1913 */ 1914 static int 1915 ieee80211_is_action(struct ieee80211_frame *wh) 1916 { 1917 /* Type: Management frame? */ 1918 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != 1919 IEEE80211_FC0_TYPE_MGT) 1920 return 0; 1921 1922 /* Subtype: Action frame? */ 1923 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) != 1924 IEEE80211_FC0_SUBTYPE_ACTION) 1925 return 0; 1926 1927 return 1; 1928 } 1929 1930 #define MS(_v, _f) (((_v) & _f) >> _f##_S) 1931 /* 1932 * Return an alternate TID for ADDBA request frames. 1933 * 1934 * Yes, this likely should be done in the net80211 layer. 1935 */ 1936 static int 1937 ath_tx_action_frame_override_queue(struct ath_softc *sc, 1938 struct ieee80211_node *ni, 1939 struct mbuf *m0, int *tid) 1940 { 1941 struct ieee80211_frame *wh = mtod(m0, struct ieee80211_frame *); 1942 struct ieee80211_action_ba_addbarequest *ia; 1943 uint8_t *frm; 1944 uint16_t baparamset; 1945 1946 /* Not action frame? Bail */ 1947 if (! ieee80211_is_action(wh)) 1948 return 0; 1949 1950 /* XXX Not needed for frames we send? */ 1951 #if 0 1952 /* Correct length? */ 1953 if (! ieee80211_parse_action(ni, m)) 1954 return 0; 1955 #endif 1956 1957 /* Extract out action frame */ 1958 frm = (u_int8_t *)&wh[1]; 1959 ia = (struct ieee80211_action_ba_addbarequest *) frm; 1960 1961 /* Not ADDBA? Bail */ 1962 if (ia->rq_header.ia_category != IEEE80211_ACTION_CAT_BA) 1963 return 0; 1964 if (ia->rq_header.ia_action != IEEE80211_ACTION_BA_ADDBA_REQUEST) 1965 return 0; 1966 1967 /* Extract TID, return it */ 1968 baparamset = le16toh(ia->rq_baparamset); 1969 *tid = (int) MS(baparamset, IEEE80211_BAPS_TID); 1970 1971 return 1; 1972 } 1973 #undef MS 1974 1975 /* Per-node software queue operations */ 1976 1977 /* 1978 * Add the current packet to the given BAW. 1979 * It is assumed that the current packet 1980 * 1981 * + fits inside the BAW; 1982 * + already has had a sequence number allocated. 1983 * 1984 * Since the BAW status may be modified by both the ath task and 1985 * the net80211/ifnet contexts, the TID must be locked. 1986 */ 1987 void 1988 ath_tx_addto_baw(struct ath_softc *sc, struct ath_node *an, 1989 struct ath_tid *tid, struct ath_buf *bf) 1990 { 1991 int index, cindex; 1992 struct ieee80211_tx_ampdu *tap; 1993 1994 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 1995 1996 if (bf->bf_state.bfs_isretried) 1997 return; 1998 1999 /* 2000 * If this occurs we're in a lot of trouble. We should try to 2001 * recover from this without the session hanging? 2002 */ 2003 if (! bf->bf_state.bfs_seqno_assigned) { 2004 device_printf(sc->sc_dev, 2005 "%s: bf=%p, seqno_assigned is 0?!\n", __func__, bf); 2006 return; 2007 } 2008 2009 tap = ath_tx_get_tx_tid(an, tid->tid); 2010 2011 if (bf->bf_state.bfs_addedbaw) 2012 device_printf(sc->sc_dev, 2013 "%s: re-added? bf=%p, tid=%d, seqno %d; window %d:%d; " 2014 "baw head=%d tail=%d\n", 2015 __func__, bf, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 2016 tap->txa_start, tap->txa_wnd, tid->baw_head, 2017 tid->baw_tail); 2018 2019 /* 2020 * Verify that the given sequence number is not outside of the 2021 * BAW. Complain loudly if that's the case. 2022 */ 2023 if (! BAW_WITHIN(tap->txa_start, tap->txa_wnd, 2024 SEQNO(bf->bf_state.bfs_seqno))) { 2025 device_printf(sc->sc_dev, 2026 "%s: bf=%p: outside of BAW?? tid=%d, seqno %d; window %d:%d; " 2027 "baw head=%d tail=%d\n", 2028 __func__, bf, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 2029 tap->txa_start, tap->txa_wnd, tid->baw_head, 2030 tid->baw_tail); 2031 2032 } 2033 2034 /* 2035 * ni->ni_txseqs[] is the currently allocated seqno. 2036 * the txa state contains the current baw start. 2037 */ 2038 index = ATH_BA_INDEX(tap->txa_start, SEQNO(bf->bf_state.bfs_seqno)); 2039 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2040 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2041 "%s: bf=%p, tid=%d, seqno %d; window %d:%d; index=%d cindex=%d " 2042 "baw head=%d tail=%d\n", 2043 __func__, bf, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 2044 tap->txa_start, tap->txa_wnd, index, cindex, tid->baw_head, 2045 tid->baw_tail); 2046 2047 2048 #if 0 2049 assert(tid->tx_buf[cindex] == NULL); 2050 #endif 2051 if (tid->tx_buf[cindex] != NULL) { 2052 device_printf(sc->sc_dev, 2053 "%s: ba packet dup (index=%d, cindex=%d, " 2054 "head=%d, tail=%d)\n", 2055 __func__, index, cindex, tid->baw_head, tid->baw_tail); 2056 device_printf(sc->sc_dev, 2057 "%s: BA bf: %p; seqno=%d ; new bf: %p; seqno=%d\n", 2058 __func__, 2059 tid->tx_buf[cindex], 2060 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno), 2061 bf, 2062 SEQNO(bf->bf_state.bfs_seqno) 2063 ); 2064 } 2065 tid->tx_buf[cindex] = bf; 2066 2067 if (index >= ((tid->baw_tail - tid->baw_head) & 2068 (ATH_TID_MAX_BUFS - 1))) { 2069 tid->baw_tail = cindex; 2070 INCR(tid->baw_tail, ATH_TID_MAX_BUFS); 2071 } 2072 } 2073 2074 /* 2075 * Flip the BAW buffer entry over from the existing one to the new one. 2076 * 2077 * When software retransmitting a (sub-)frame, it is entirely possible that 2078 * the frame ath_buf is marked as BUSY and can't be immediately reused. 2079 * In that instance the buffer is cloned and the new buffer is used for 2080 * retransmit. We thus need to update the ath_buf slot in the BAW buf 2081 * tracking array to maintain consistency. 2082 */ 2083 static void 2084 ath_tx_switch_baw_buf(struct ath_softc *sc, struct ath_node *an, 2085 struct ath_tid *tid, struct ath_buf *old_bf, struct ath_buf *new_bf) 2086 { 2087 int index, cindex; 2088 struct ieee80211_tx_ampdu *tap; 2089 int seqno = SEQNO(old_bf->bf_state.bfs_seqno); 2090 2091 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2092 2093 tap = ath_tx_get_tx_tid(an, tid->tid); 2094 index = ATH_BA_INDEX(tap->txa_start, seqno); 2095 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2096 2097 /* 2098 * Just warn for now; if it happens then we should find out 2099 * about it. It's highly likely the aggregation session will 2100 * soon hang. 2101 */ 2102 if (old_bf->bf_state.bfs_seqno != new_bf->bf_state.bfs_seqno) { 2103 device_printf(sc->sc_dev, "%s: retransmitted buffer" 2104 " has mismatching seqno's, BA session may hang.\n", 2105 __func__); 2106 device_printf(sc->sc_dev, "%s: old seqno=%d, new_seqno=%d\n", 2107 __func__, 2108 old_bf->bf_state.bfs_seqno, 2109 new_bf->bf_state.bfs_seqno); 2110 } 2111 2112 if (tid->tx_buf[cindex] != old_bf) { 2113 device_printf(sc->sc_dev, "%s: ath_buf pointer incorrect; " 2114 " has m BA session may hang.\n", 2115 __func__); 2116 device_printf(sc->sc_dev, "%s: old bf=%p, new bf=%p\n", 2117 __func__, 2118 old_bf, new_bf); 2119 } 2120 2121 tid->tx_buf[cindex] = new_bf; 2122 } 2123 2124 /* 2125 * seq_start - left edge of BAW 2126 * seq_next - current/next sequence number to allocate 2127 * 2128 * Since the BAW status may be modified by both the ath task and 2129 * the net80211/ifnet contexts, the TID must be locked. 2130 */ 2131 static void 2132 ath_tx_update_baw(struct ath_softc *sc, struct ath_node *an, 2133 struct ath_tid *tid, const struct ath_buf *bf) 2134 { 2135 int index, cindex; 2136 struct ieee80211_tx_ampdu *tap; 2137 int seqno = SEQNO(bf->bf_state.bfs_seqno); 2138 2139 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2140 2141 tap = ath_tx_get_tx_tid(an, tid->tid); 2142 index = ATH_BA_INDEX(tap->txa_start, seqno); 2143 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2144 2145 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2146 "%s: bf=%p: tid=%d, baw=%d:%d, seqno=%d, index=%d, cindex=%d, " 2147 "baw head=%d, tail=%d\n", 2148 __func__, bf, tid->tid, tap->txa_start, tap->txa_wnd, seqno, index, 2149 cindex, tid->baw_head, tid->baw_tail); 2150 2151 /* 2152 * If this occurs then we have a big problem - something else 2153 * has slid tap->txa_start along without updating the BAW 2154 * tracking start/end pointers. Thus the TX BAW state is now 2155 * completely busted. 2156 * 2157 * But for now, since I haven't yet fixed TDMA and buffer cloning, 2158 * it's quite possible that a cloned buffer is making its way 2159 * here and causing it to fire off. Disable TDMA for now. 2160 */ 2161 if (tid->tx_buf[cindex] != bf) { 2162 device_printf(sc->sc_dev, 2163 "%s: comp bf=%p, seq=%d; slot bf=%p, seqno=%d\n", 2164 __func__, 2165 bf, SEQNO(bf->bf_state.bfs_seqno), 2166 tid->tx_buf[cindex], 2167 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno)); 2168 } 2169 2170 tid->tx_buf[cindex] = NULL; 2171 2172 while (tid->baw_head != tid->baw_tail && 2173 !tid->tx_buf[tid->baw_head]) { 2174 INCR(tap->txa_start, IEEE80211_SEQ_RANGE); 2175 INCR(tid->baw_head, ATH_TID_MAX_BUFS); 2176 } 2177 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2178 "%s: baw is now %d:%d, baw head=%d\n", 2179 __func__, tap->txa_start, tap->txa_wnd, tid->baw_head); 2180 } 2181 2182 /* 2183 * Mark the current node/TID as ready to TX. 2184 * 2185 * This is done to make it easy for the software scheduler to 2186 * find which nodes have data to send. 2187 * 2188 * The TXQ lock must be held. 2189 */ 2190 static void 2191 ath_tx_tid_sched(struct ath_softc *sc, struct ath_tid *tid) 2192 { 2193 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2194 2195 ATH_TXQ_LOCK_ASSERT(txq); 2196 2197 if (tid->paused) 2198 return; /* paused, can't schedule yet */ 2199 2200 if (tid->sched) 2201 return; /* already scheduled */ 2202 2203 tid->sched = 1; 2204 2205 TAILQ_INSERT_TAIL(&txq->axq_tidq, tid, axq_qelem); 2206 } 2207 2208 /* 2209 * Mark the current node as no longer needing to be polled for 2210 * TX packets. 2211 * 2212 * The TXQ lock must be held. 2213 */ 2214 static void 2215 ath_tx_tid_unsched(struct ath_softc *sc, struct ath_tid *tid) 2216 { 2217 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2218 2219 ATH_TXQ_LOCK_ASSERT(txq); 2220 2221 if (tid->sched == 0) 2222 return; 2223 2224 tid->sched = 0; 2225 TAILQ_REMOVE(&txq->axq_tidq, tid, axq_qelem); 2226 } 2227 2228 /* 2229 * Return whether a sequence number is actually required. 2230 * 2231 * A sequence number must only be allocated at the time that a frame 2232 * is considered for addition to the BAW/aggregate and being TXed. 2233 * The sequence number must not be allocated before the frame 2234 * is added to the BAW (protected by the same lock instance) 2235 * otherwise a the multi-entrant TX path may result in a later seqno 2236 * being added to the BAW first. The subsequent addition of the 2237 * earlier seqno would then not go into the BAW as it's now outside 2238 * of said BAW. 2239 * 2240 * This routine is used by ath_tx_start() to mark whether the frame 2241 * should get a sequence number before adding it to the BAW. 2242 * 2243 * Then the actual aggregate TX routines will check whether this 2244 * flag is set and if the frame needs to go into the BAW, it'll 2245 * have a sequence number allocated for it. 2246 */ 2247 static int 2248 ath_tx_seqno_required(struct ath_softc *sc, struct ieee80211_node *ni, 2249 struct ath_buf *bf, struct mbuf *m0) 2250 { 2251 const struct ieee80211_frame *wh; 2252 uint8_t subtype; 2253 2254 wh = mtod(m0, const struct ieee80211_frame *); 2255 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2256 2257 /* XXX assert txq lock */ 2258 /* XXX assert ampdu is set */ 2259 2260 return ((IEEE80211_QOS_HAS_SEQ(wh) && 2261 subtype != IEEE80211_FC0_SUBTYPE_QOS_NULL)); 2262 } 2263 2264 /* 2265 * Assign a sequence number manually to the given frame. 2266 * 2267 * This should only be called for A-MPDU TX frames. 2268 * 2269 * If this is called after the initial frame setup, make sure you've flushed 2270 * the DMA map or you'll risk sending stale data to the NIC. This routine 2271 * updates the actual frame contents with the relevant seqno. 2272 */ 2273 int 2274 ath_tx_tid_seqno_assign(struct ath_softc *sc, struct ieee80211_node *ni, 2275 struct ath_buf *bf, struct mbuf *m0) 2276 { 2277 struct ieee80211_frame *wh; 2278 int tid, pri; 2279 ieee80211_seq seqno; 2280 uint8_t subtype; 2281 2282 /* TID lookup */ 2283 wh = mtod(m0, struct ieee80211_frame *); 2284 pri = M_WME_GETAC(m0); /* honor classification */ 2285 tid = WME_AC_TO_TID(pri); 2286 DPRINTF(sc, ATH_DEBUG_SW_TX, 2287 "%s: bf=%p, pri=%d, tid=%d, qos has seq=%d\n", 2288 __func__, bf, pri, tid, IEEE80211_QOS_HAS_SEQ(wh)); 2289 2290 if (! bf->bf_state.bfs_need_seqno) { 2291 device_printf(sc->sc_dev, "%s: bf=%p: need_seqno not set?!\n", 2292 __func__, bf); 2293 return -1; 2294 } 2295 /* XXX check for bfs_need_seqno? */ 2296 if (bf->bf_state.bfs_seqno_assigned) { 2297 device_printf(sc->sc_dev, 2298 "%s: bf=%p: seqno already assigned (%d)?!\n", 2299 __func__, bf, SEQNO(bf->bf_state.bfs_seqno)); 2300 return bf->bf_state.bfs_seqno >> IEEE80211_SEQ_SEQ_SHIFT; 2301 } 2302 2303 /* XXX Is it a control frame? Ignore */ 2304 2305 /* Does the packet require a sequence number? */ 2306 if (! IEEE80211_QOS_HAS_SEQ(wh)) 2307 return -1; 2308 2309 /* 2310 * Is it a QOS NULL Data frame? Give it a sequence number from 2311 * the default TID (IEEE80211_NONQOS_TID.) 2312 * 2313 * The RX path of everything I've looked at doesn't include the NULL 2314 * data frame sequence number in the aggregation state updates, so 2315 * assigning it a sequence number there will cause a BAW hole on the 2316 * RX side. 2317 */ 2318 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2319 if (subtype == IEEE80211_FC0_SUBTYPE_QOS_NULL) { 2320 seqno = ni->ni_txseqs[IEEE80211_NONQOS_TID]; 2321 INCR(ni->ni_txseqs[IEEE80211_NONQOS_TID], IEEE80211_SEQ_RANGE); 2322 } else { 2323 /* Manually assign sequence number */ 2324 seqno = ni->ni_txseqs[tid]; 2325 INCR(ni->ni_txseqs[tid], IEEE80211_SEQ_RANGE); 2326 } 2327 *(uint16_t *)&wh->i_seq[0] = htole16(seqno << IEEE80211_SEQ_SEQ_SHIFT); 2328 M_SEQNO_SET(m0, seqno); 2329 bf->bf_state.bfs_seqno = seqno << IEEE80211_SEQ_SEQ_SHIFT; 2330 bf->bf_state.bfs_seqno_assigned = 1; 2331 2332 /* Return so caller can do something with it if needed */ 2333 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: -> seqno=%d\n", 2334 __func__, 2335 bf, 2336 seqno); 2337 return seqno; 2338 } 2339 2340 /* 2341 * Attempt to direct dispatch an aggregate frame to hardware. 2342 * If the frame is out of BAW, queue. 2343 * Otherwise, schedule it as a single frame. 2344 */ 2345 static void 2346 ath_tx_xmit_aggr(struct ath_softc *sc, struct ath_node *an, struct ath_buf *bf) 2347 { 2348 struct ieee80211_node *ni = &an->an_node; 2349 struct ath_tid *tid = &an->an_tid[bf->bf_state.bfs_tid]; 2350 struct ath_txq *txq = bf->bf_state.bfs_txq; 2351 struct ieee80211_tx_ampdu *tap; 2352 2353 ATH_TXQ_LOCK_ASSERT(txq); 2354 2355 tap = ath_tx_get_tx_tid(an, tid->tid); 2356 2357 /* paused? queue */ 2358 if (tid->paused) { 2359 ATH_TXQ_INSERT_TAIL(tid, bf, bf_list); 2360 /* XXX don't sched - we're paused! */ 2361 return; 2362 } 2363 2364 /* 2365 * TODO: If it's _before_ the BAW left edge, complain very loudly. 2366 * This means something (else) has slid the left edge along 2367 * before we got a chance to be TXed. 2368 */ 2369 2370 /* 2371 * Is there space in this BAW for another frame? 2372 * If not, don't bother trying to schedule it; just 2373 * throw it back on the queue. 2374 * 2375 * If we allocate the sequence number before we add 2376 * it to the BAW, we risk racing with another TX 2377 * thread that gets in a frame into the BAW with 2378 * seqno greater than ours. We'd then fail the 2379 * below check and throw the frame on the tail of 2380 * the queue. The sender would then have a hole. 2381 * 2382 * XXX again, we're protecting ni->ni_txseqs[tid] 2383 * behind this hardware TXQ lock, like the rest of 2384 * the TIDs that map to it. Ugh. 2385 */ 2386 if (bf->bf_state.bfs_dobaw) { 2387 ieee80211_seq seqno; 2388 2389 /* 2390 * If the sequence number is allocated, use it. 2391 * Otherwise, use the sequence number we WOULD 2392 * allocate. 2393 */ 2394 if (bf->bf_state.bfs_seqno_assigned) 2395 seqno = SEQNO(bf->bf_state.bfs_seqno); 2396 else 2397 seqno = ni->ni_txseqs[bf->bf_state.bfs_tid]; 2398 2399 /* 2400 * Check whether either the currently allocated 2401 * sequence number _OR_ the to-be allocated 2402 * sequence number is inside the BAW. 2403 */ 2404 if (! BAW_WITHIN(tap->txa_start, tap->txa_wnd, seqno)) { 2405 ATH_TXQ_INSERT_TAIL(tid, bf, bf_list); 2406 ath_tx_tid_sched(sc, tid); 2407 return; 2408 } 2409 if (! bf->bf_state.bfs_seqno_assigned) { 2410 int seqno; 2411 2412 seqno = ath_tx_tid_seqno_assign(sc, ni, bf, bf->bf_m); 2413 if (seqno < 0) { 2414 device_printf(sc->sc_dev, 2415 "%s: bf=%p, huh, seqno=-1?\n", 2416 __func__, 2417 bf); 2418 /* XXX what can we even do here? */ 2419 } 2420 /* Flush seqno update to RAM */ 2421 /* 2422 * XXX This is required because the dmasetup 2423 * XXX is done early rather than at dispatch 2424 * XXX time. Ew, we should fix this! 2425 */ 2426 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, 2427 BUS_DMASYNC_PREWRITE); 2428 } 2429 } 2430 2431 /* outside baw? queue */ 2432 if (bf->bf_state.bfs_dobaw && 2433 (! BAW_WITHIN(tap->txa_start, tap->txa_wnd, 2434 SEQNO(bf->bf_state.bfs_seqno)))) { 2435 device_printf(sc->sc_dev, 2436 "%s: bf=%p, shouldn't be outside BAW now?!\n", 2437 __func__, 2438 bf); 2439 ATH_TXQ_INSERT_TAIL(tid, bf, bf_list); 2440 ath_tx_tid_sched(sc, tid); 2441 return; 2442 } 2443 2444 /* Direct dispatch to hardware */ 2445 ath_tx_do_ratelookup(sc, bf); 2446 ath_tx_rate_fill_rcflags(sc, bf); 2447 ath_tx_set_rtscts(sc, bf); 2448 ath_tx_setds(sc, bf); 2449 ath_tx_set_ratectrl(sc, bf->bf_node, bf); 2450 ath_tx_chaindesclist(sc, bf); 2451 2452 /* Statistics */ 2453 sc->sc_aggr_stats.aggr_low_hwq_single_pkt++; 2454 2455 /* Track per-TID hardware queue depth correctly */ 2456 tid->hwq_depth++; 2457 2458 /* Add to BAW */ 2459 if (bf->bf_state.bfs_dobaw) { 2460 ath_tx_addto_baw(sc, an, tid, bf); 2461 bf->bf_state.bfs_addedbaw = 1; 2462 } 2463 2464 /* Set completion handler, multi-frame aggregate or not */ 2465 bf->bf_comp = ath_tx_aggr_comp; 2466 2467 /* Hand off to hardware */ 2468 ath_tx_handoff(sc, txq, bf); 2469 } 2470 2471 /* 2472 * Attempt to send the packet. 2473 * If the queue isn't busy, direct-dispatch. 2474 * If the queue is busy enough, queue the given packet on the 2475 * relevant software queue. 2476 */ 2477 void 2478 ath_tx_swq(struct ath_softc *sc, struct ieee80211_node *ni, struct ath_txq *txq, 2479 struct ath_buf *bf) 2480 { 2481 struct ath_node *an = ATH_NODE(ni); 2482 struct ieee80211_frame *wh; 2483 struct ath_tid *atid; 2484 int pri, tid; 2485 struct mbuf *m0 = bf->bf_m; 2486 2487 /* Fetch the TID - non-QoS frames get assigned to TID 16 */ 2488 wh = mtod(m0, struct ieee80211_frame *); 2489 pri = ath_tx_getac(sc, m0); 2490 tid = ath_tx_gettid(sc, m0); 2491 atid = &an->an_tid[tid]; 2492 2493 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p, pri=%d, tid=%d, qos=%d, seqno=%d\n", 2494 __func__, bf, pri, tid, IEEE80211_QOS_HAS_SEQ(wh), SEQNO(bf->bf_state.bfs_seqno)); 2495 2496 /* Set local packet state, used to queue packets to hardware */ 2497 bf->bf_state.bfs_tid = tid; 2498 bf->bf_state.bfs_txq = txq; 2499 bf->bf_state.bfs_pri = pri; 2500 2501 /* 2502 * If the hardware queue isn't busy, queue it directly. 2503 * If the hardware queue is busy, queue it. 2504 * If the TID is paused or the traffic it outside BAW, software 2505 * queue it. 2506 */ 2507 ATH_TXQ_LOCK(txq); 2508 if (atid->paused) { 2509 /* TID is paused, queue */ 2510 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: paused\n", __func__, bf); 2511 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2512 } else if (ath_tx_ampdu_pending(sc, an, tid)) { 2513 /* AMPDU pending; queue */ 2514 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: pending\n", __func__, bf); 2515 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2516 /* XXX sched? */ 2517 } else if (ath_tx_ampdu_running(sc, an, tid)) { 2518 /* AMPDU running, attempt direct dispatch if possible */ 2519 if (txq->axq_depth < sc->sc_hwq_limit) { 2520 DPRINTF(sc, ATH_DEBUG_SW_TX, 2521 "%s: bf=%p: xmit_aggr\n", 2522 __func__, bf); 2523 ath_tx_xmit_aggr(sc, an, bf); 2524 } else { 2525 DPRINTF(sc, ATH_DEBUG_SW_TX, 2526 "%s: bf=%p: ampdu; swq'ing\n", 2527 __func__, bf); 2528 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2529 ath_tx_tid_sched(sc, atid); 2530 } 2531 } else if (txq->axq_depth < sc->sc_hwq_limit) { 2532 /* AMPDU not running, attempt direct dispatch */ 2533 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: xmit_normal\n", __func__, bf); 2534 ath_tx_xmit_normal(sc, txq, bf); 2535 } else { 2536 /* Busy; queue */ 2537 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: swq'ing\n", __func__, bf); 2538 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2539 ath_tx_tid_sched(sc, atid); 2540 } 2541 ATH_TXQ_UNLOCK(txq); 2542 } 2543 2544 /* 2545 * Do the basic frame setup stuff that's required before the frame 2546 * is added to a software queue. 2547 * 2548 * All frames get mostly the same treatment and it's done once. 2549 * Retransmits fiddle with things like the rate control setup, 2550 * setting the retransmit bit in the packet; doing relevant DMA/bus 2551 * syncing and relinking it (back) into the hardware TX queue. 2552 * 2553 * Note that this may cause the mbuf to be reallocated, so 2554 * m0 may not be valid. 2555 */ 2556 2557 2558 /* 2559 * Configure the per-TID node state. 2560 * 2561 * This likely belongs in if_ath_node.c but I can't think of anywhere 2562 * else to put it just yet. 2563 * 2564 * This sets up the SLISTs and the mutex as appropriate. 2565 */ 2566 void 2567 ath_tx_tid_init(struct ath_softc *sc, struct ath_node *an) 2568 { 2569 int i, j; 2570 struct ath_tid *atid; 2571 2572 for (i = 0; i < IEEE80211_TID_SIZE; i++) { 2573 atid = &an->an_tid[i]; 2574 TAILQ_INIT(&atid->axq_q); 2575 atid->tid = i; 2576 atid->an = an; 2577 for (j = 0; j < ATH_TID_MAX_BUFS; j++) 2578 atid->tx_buf[j] = NULL; 2579 atid->baw_head = atid->baw_tail = 0; 2580 atid->paused = 0; 2581 atid->sched = 0; 2582 atid->hwq_depth = 0; 2583 atid->cleanup_inprogress = 0; 2584 if (i == IEEE80211_NONQOS_TID) 2585 atid->ac = WME_AC_BE; 2586 else 2587 atid->ac = TID_TO_WME_AC(i); 2588 } 2589 } 2590 2591 /* 2592 * Pause the current TID. This stops packets from being transmitted 2593 * on it. 2594 * 2595 * Since this is also called from upper layers as well as the driver, 2596 * it will get the TID lock. 2597 */ 2598 static void 2599 ath_tx_tid_pause(struct ath_softc *sc, struct ath_tid *tid) 2600 { 2601 2602 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2603 tid->paused++; 2604 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: paused = %d\n", 2605 __func__, tid->paused); 2606 } 2607 2608 /* 2609 * Unpause the current TID, and schedule it if needed. 2610 */ 2611 static void 2612 ath_tx_tid_resume(struct ath_softc *sc, struct ath_tid *tid) 2613 { 2614 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2615 2616 tid->paused--; 2617 2618 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: unpaused = %d\n", 2619 __func__, tid->paused); 2620 2621 if (tid->paused || tid->axq_depth == 0) { 2622 return; 2623 } 2624 2625 ath_tx_tid_sched(sc, tid); 2626 /* Punt some frames to the hardware if needed */ 2627 //ath_txq_sched(sc, sc->sc_ac2q[tid->ac]); 2628 taskqueue_enqueue(sc->sc_tq, &sc->sc_txqtask); 2629 } 2630 2631 /* 2632 * Suspend the queue because we need to TX a BAR. 2633 */ 2634 static void 2635 ath_tx_tid_bar_suspend(struct ath_softc *sc, struct ath_tid *tid) 2636 { 2637 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2638 2639 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2640 "%s: tid=%p, called\n", 2641 __func__, 2642 tid); 2643 2644 /* We shouldn't be called when bar_tx is 1 */ 2645 if (tid->bar_tx) { 2646 device_printf(sc->sc_dev, "%s: bar_tx is 1?!\n", 2647 __func__); 2648 } 2649 2650 /* If we've already been called, just be patient. */ 2651 if (tid->bar_wait) 2652 return; 2653 2654 /* Wait! */ 2655 tid->bar_wait = 1; 2656 2657 /* Only one pause, no matter how many frames fail */ 2658 ath_tx_tid_pause(sc, tid); 2659 } 2660 2661 /* 2662 * We've finished with BAR handling - either we succeeded or 2663 * failed. Either way, unsuspend TX. 2664 */ 2665 static void 2666 ath_tx_tid_bar_unsuspend(struct ath_softc *sc, struct ath_tid *tid) 2667 { 2668 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2669 2670 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2671 "%s: tid=%p, called\n", 2672 __func__, 2673 tid); 2674 2675 if (tid->bar_tx == 0 || tid->bar_wait == 0) { 2676 device_printf(sc->sc_dev, "%s: bar_tx=%d, bar_wait=%d: ?\n", 2677 __func__, tid->bar_tx, tid->bar_wait); 2678 } 2679 2680 tid->bar_tx = tid->bar_wait = 0; 2681 ath_tx_tid_resume(sc, tid); 2682 } 2683 2684 /* 2685 * Return whether we're ready to TX a BAR frame. 2686 * 2687 * Requires the TID lock be held. 2688 */ 2689 static int 2690 ath_tx_tid_bar_tx_ready(struct ath_softc *sc, struct ath_tid *tid) 2691 { 2692 2693 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2694 2695 if (tid->bar_wait == 0 || tid->hwq_depth > 0) 2696 return (0); 2697 2698 return (1); 2699 } 2700 2701 /* 2702 * Check whether the current TID is ready to have a BAR 2703 * TXed and if so, do the TX. 2704 * 2705 * Since the TID/TXQ lock can't be held during a call to 2706 * ieee80211_send_bar(), we have to do the dirty thing of unlocking it, 2707 * sending the BAR and locking it again. 2708 * 2709 * Eventually, the code to send the BAR should be broken out 2710 * from this routine so the lock doesn't have to be reacquired 2711 * just to be immediately dropped by the caller. 2712 */ 2713 static void 2714 ath_tx_tid_bar_tx(struct ath_softc *sc, struct ath_tid *tid) 2715 { 2716 struct ieee80211_tx_ampdu *tap; 2717 2718 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2719 2720 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2721 "%s: tid=%p, called\n", 2722 __func__, 2723 tid); 2724 2725 tap = ath_tx_get_tx_tid(tid->an, tid->tid); 2726 2727 /* 2728 * This is an error condition! 2729 */ 2730 if (tid->bar_wait == 0 || tid->bar_tx == 1) { 2731 device_printf(sc->sc_dev, 2732 "%s: tid=%p, bar_tx=%d, bar_wait=%d: ?\n", 2733 __func__, 2734 tid, 2735 tid->bar_tx, 2736 tid->bar_wait); 2737 return; 2738 } 2739 2740 /* Don't do anything if we still have pending frames */ 2741 if (tid->hwq_depth > 0) { 2742 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2743 "%s: tid=%p, hwq_depth=%d, waiting\n", 2744 __func__, 2745 tid, 2746 tid->hwq_depth); 2747 return; 2748 } 2749 2750 /* We're now about to TX */ 2751 tid->bar_tx = 1; 2752 2753 /* 2754 * Calculate new BAW left edge, now that all frames have either 2755 * succeeded or failed. 2756 * 2757 * XXX verify this is _actually_ the valid value to begin at! 2758 */ 2759 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2760 "%s: tid=%p, new BAW left edge=%d\n", 2761 __func__, 2762 tid, 2763 tap->txa_start); 2764 2765 /* Try sending the BAR frame */ 2766 /* We can't hold the lock here! */ 2767 2768 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 2769 if (ieee80211_send_bar(&tid->an->an_node, tap, tap->txa_start) == 0) { 2770 /* Success? Now we wait for notification that it's done */ 2771 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 2772 return; 2773 } 2774 2775 /* Failure? For now, warn loudly and continue */ 2776 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 2777 device_printf(sc->sc_dev, "%s: tid=%p, failed to TX BAR, continue!\n", 2778 __func__, tid); 2779 ath_tx_tid_bar_unsuspend(sc, tid); 2780 } 2781 2782 2783 /* 2784 * Free any packets currently pending in the software TX queue. 2785 * 2786 * This will be called when a node is being deleted. 2787 * 2788 * It can also be called on an active node during an interface 2789 * reset or state transition. 2790 * 2791 * (From Linux/reference): 2792 * 2793 * TODO: For frame(s) that are in the retry state, we will reuse the 2794 * sequence number(s) without setting the retry bit. The 2795 * alternative is to give up on these and BAR the receiver's window 2796 * forward. 2797 */ 2798 static void 2799 ath_tx_tid_drain(struct ath_softc *sc, struct ath_node *an, 2800 struct ath_tid *tid, ath_bufhead *bf_cq) 2801 { 2802 struct ath_buf *bf; 2803 struct ieee80211_tx_ampdu *tap; 2804 struct ieee80211_node *ni = &an->an_node; 2805 int t = 0; 2806 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2807 2808 tap = ath_tx_get_tx_tid(an, tid->tid); 2809 2810 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2811 2812 /* Walk the queue, free frames */ 2813 for (;;) { 2814 bf = TAILQ_FIRST(&tid->axq_q); 2815 if (bf == NULL) { 2816 break; 2817 } 2818 2819 if (t == 0) { 2820 device_printf(sc->sc_dev, 2821 "%s: node %p: bf=%p: addbaw=%d, dobaw=%d, " 2822 "seqno_assign=%d, seqno_required=%d, seqno=%d, retry=%d\n", 2823 __func__, ni, bf, 2824 bf->bf_state.bfs_addedbaw, 2825 bf->bf_state.bfs_dobaw, 2826 bf->bf_state.bfs_need_seqno, 2827 bf->bf_state.bfs_seqno_assigned, 2828 SEQNO(bf->bf_state.bfs_seqno), 2829 bf->bf_state.bfs_retries); 2830 device_printf(sc->sc_dev, 2831 "%s: node %p: bf=%p: tid txq_depth=%d hwq_depth=%d\n", 2832 __func__, ni, bf, 2833 tid->axq_depth, 2834 tid->hwq_depth); 2835 device_printf(sc->sc_dev, 2836 "%s: node %p: bf=%p: tid %d: txq_depth=%d, " 2837 "txq_aggr_depth=%d, sched=%d, paused=%d, " 2838 "hwq_depth=%d, incomp=%d, baw_head=%d, " 2839 "baw_tail=%d txa_start=%d, ni_txseqs=%d\n", 2840 __func__, ni, bf, tid->tid, txq->axq_depth, 2841 txq->axq_aggr_depth, tid->sched, tid->paused, 2842 tid->hwq_depth, tid->incomp, tid->baw_head, 2843 tid->baw_tail, tap == NULL ? -1 : tap->txa_start, 2844 ni->ni_txseqs[tid->tid]); 2845 2846 /* XXX Dump the frame, see what it is? */ 2847 ieee80211_dump_pkt(ni->ni_ic, 2848 mtod(bf->bf_m, const uint8_t *), 2849 bf->bf_m->m_len, 0, -1); 2850 2851 t = 1; 2852 } 2853 2854 2855 /* 2856 * If the current TID is running AMPDU, update 2857 * the BAW. 2858 */ 2859 if (ath_tx_ampdu_running(sc, an, tid->tid) && 2860 bf->bf_state.bfs_dobaw) { 2861 /* 2862 * Only remove the frame from the BAW if it's 2863 * been transmitted at least once; this means 2864 * the frame was in the BAW to begin with. 2865 */ 2866 if (bf->bf_state.bfs_retries > 0) { 2867 ath_tx_update_baw(sc, an, tid, bf); 2868 bf->bf_state.bfs_dobaw = 0; 2869 } 2870 /* 2871 * This has become a non-fatal error now 2872 */ 2873 if (! bf->bf_state.bfs_addedbaw) 2874 device_printf(sc->sc_dev, 2875 "%s: wasn't added: seqno %d\n", 2876 __func__, SEQNO(bf->bf_state.bfs_seqno)); 2877 } 2878 ATH_TXQ_REMOVE(tid, bf, bf_list); 2879 TAILQ_INSERT_TAIL(bf_cq, bf, bf_list); 2880 } 2881 2882 /* 2883 * Now that it's completed, grab the TID lock and update 2884 * the sequence number and BAW window. 2885 * Because sequence numbers have been assigned to frames 2886 * that haven't been sent yet, it's entirely possible 2887 * we'll be called with some pending frames that have not 2888 * been transmitted. 2889 * 2890 * The cleaner solution is to do the sequence number allocation 2891 * when the packet is first transmitted - and thus the "retries" 2892 * check above would be enough to update the BAW/seqno. 2893 */ 2894 2895 /* But don't do it for non-QoS TIDs */ 2896 if (tap) { 2897 #if 0 2898 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2899 "%s: node %p: TID %d: sliding BAW left edge to %d\n", 2900 __func__, an, tid->tid, tap->txa_start); 2901 #endif 2902 ni->ni_txseqs[tid->tid] = tap->txa_start; 2903 tid->baw_tail = tid->baw_head; 2904 } 2905 } 2906 2907 /* 2908 * Flush all software queued packets for the given node. 2909 * 2910 * This occurs when a completion handler frees the last buffer 2911 * for a node, and the node is thus freed. This causes the node 2912 * to be cleaned up, which ends up calling ath_tx_node_flush. 2913 */ 2914 void 2915 ath_tx_node_flush(struct ath_softc *sc, struct ath_node *an) 2916 { 2917 int tid; 2918 ath_bufhead bf_cq; 2919 struct ath_buf *bf; 2920 2921 TAILQ_INIT(&bf_cq); 2922 2923 for (tid = 0; tid < IEEE80211_TID_SIZE; tid++) { 2924 struct ath_tid *atid = &an->an_tid[tid]; 2925 struct ath_txq *txq = sc->sc_ac2q[atid->ac]; 2926 2927 /* Remove this tid from the list of active tids */ 2928 ATH_TXQ_LOCK(txq); 2929 ath_tx_tid_unsched(sc, atid); 2930 2931 /* Free packets */ 2932 ath_tx_tid_drain(sc, an, atid, &bf_cq); 2933 ATH_TXQ_UNLOCK(txq); 2934 } 2935 2936 /* Handle completed frames */ 2937 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2938 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2939 ath_tx_default_comp(sc, bf, 0); 2940 } 2941 } 2942 2943 /* 2944 * Drain all the software TXQs currently with traffic queued. 2945 */ 2946 void 2947 ath_tx_txq_drain(struct ath_softc *sc, struct ath_txq *txq) 2948 { 2949 struct ath_tid *tid; 2950 ath_bufhead bf_cq; 2951 struct ath_buf *bf; 2952 2953 TAILQ_INIT(&bf_cq); 2954 ATH_TXQ_LOCK(txq); 2955 2956 /* 2957 * Iterate over all active tids for the given txq, 2958 * flushing and unsched'ing them 2959 */ 2960 while (! TAILQ_EMPTY(&txq->axq_tidq)) { 2961 tid = TAILQ_FIRST(&txq->axq_tidq); 2962 ath_tx_tid_drain(sc, tid->an, tid, &bf_cq); 2963 ath_tx_tid_unsched(sc, tid); 2964 } 2965 2966 ATH_TXQ_UNLOCK(txq); 2967 2968 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2969 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2970 ath_tx_default_comp(sc, bf, 0); 2971 } 2972 } 2973 2974 /* 2975 * Handle completion of non-aggregate session frames. 2976 */ 2977 void 2978 ath_tx_normal_comp(struct ath_softc *sc, struct ath_buf *bf, int fail) 2979 { 2980 struct ieee80211_node *ni = bf->bf_node; 2981 struct ath_node *an = ATH_NODE(ni); 2982 int tid = bf->bf_state.bfs_tid; 2983 struct ath_tid *atid = &an->an_tid[tid]; 2984 struct ath_tx_status *ts = &bf->bf_status.ds_txstat; 2985 2986 /* The TID state is protected behind the TXQ lock */ 2987 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2988 2989 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: fail=%d, hwq_depth now %d\n", 2990 __func__, bf, fail, atid->hwq_depth - 1); 2991 2992 atid->hwq_depth--; 2993 if (atid->hwq_depth < 0) 2994 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 2995 __func__, atid->hwq_depth); 2996 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2997 2998 /* 2999 * punt to rate control if we're not being cleaned up 3000 * during a hw queue drain and the frame wanted an ACK. 3001 */ 3002 if (fail == 0 && ((bf->bf_txflags & HAL_TXDESC_NOACK) == 0)) 3003 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc, 3004 ts, bf->bf_state.bfs_pktlen, 3005 1, (ts->ts_status == 0) ? 0 : 1); 3006 3007 ath_tx_default_comp(sc, bf, fail); 3008 } 3009 3010 /* 3011 * Handle cleanup of aggregate session packets that aren't 3012 * an A-MPDU. 3013 * 3014 * There's no need to update the BAW here - the session is being 3015 * torn down. 3016 */ 3017 static void 3018 ath_tx_comp_cleanup_unaggr(struct ath_softc *sc, struct ath_buf *bf) 3019 { 3020 struct ieee80211_node *ni = bf->bf_node; 3021 struct ath_node *an = ATH_NODE(ni); 3022 int tid = bf->bf_state.bfs_tid; 3023 struct ath_tid *atid = &an->an_tid[tid]; 3024 3025 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: TID %d: incomp=%d\n", 3026 __func__, tid, atid->incomp); 3027 3028 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3029 atid->incomp--; 3030 if (atid->incomp == 0) { 3031 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3032 "%s: TID %d: cleaned up! resume!\n", 3033 __func__, tid); 3034 atid->cleanup_inprogress = 0; 3035 ath_tx_tid_resume(sc, atid); 3036 } 3037 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3038 3039 ath_tx_default_comp(sc, bf, 0); 3040 } 3041 3042 /* 3043 * Performs transmit side cleanup when TID changes from aggregated to 3044 * unaggregated. 3045 * 3046 * - Discard all retry frames from the s/w queue. 3047 * - Fix the tx completion function for all buffers in s/w queue. 3048 * - Count the number of unacked frames, and let transmit completion 3049 * handle it later. 3050 * 3051 * The caller is responsible for pausing the TID. 3052 */ 3053 static void 3054 ath_tx_cleanup(struct ath_softc *sc, struct ath_node *an, int tid) 3055 { 3056 struct ath_tid *atid = &an->an_tid[tid]; 3057 struct ieee80211_tx_ampdu *tap; 3058 struct ath_buf *bf, *bf_next; 3059 ath_bufhead bf_cq; 3060 3061 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3062 "%s: TID %d: called\n", __func__, tid); 3063 3064 TAILQ_INIT(&bf_cq); 3065 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3066 3067 /* 3068 * Update the frames in the software TX queue: 3069 * 3070 * + Discard retry frames in the queue 3071 * + Fix the completion function to be non-aggregate 3072 */ 3073 bf = TAILQ_FIRST(&atid->axq_q); 3074 while (bf) { 3075 if (bf->bf_state.bfs_isretried) { 3076 bf_next = TAILQ_NEXT(bf, bf_list); 3077 TAILQ_REMOVE(&atid->axq_q, bf, bf_list); 3078 atid->axq_depth--; 3079 if (bf->bf_state.bfs_dobaw) { 3080 ath_tx_update_baw(sc, an, atid, bf); 3081 if (! bf->bf_state.bfs_addedbaw) 3082 device_printf(sc->sc_dev, 3083 "%s: wasn't added: seqno %d\n", 3084 __func__, 3085 SEQNO(bf->bf_state.bfs_seqno)); 3086 } 3087 bf->bf_state.bfs_dobaw = 0; 3088 /* 3089 * Call the default completion handler with "fail" just 3090 * so upper levels are suitably notified about this. 3091 */ 3092 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3093 bf = bf_next; 3094 continue; 3095 } 3096 /* Give these the default completion handler */ 3097 bf->bf_comp = ath_tx_normal_comp; 3098 bf = TAILQ_NEXT(bf, bf_list); 3099 } 3100 3101 /* The caller is required to pause the TID */ 3102 #if 0 3103 /* Pause the TID */ 3104 ath_tx_tid_pause(sc, atid); 3105 #endif 3106 3107 /* 3108 * Calculate what hardware-queued frames exist based 3109 * on the current BAW size. Ie, what frames have been 3110 * added to the TX hardware queue for this TID but 3111 * not yet ACKed. 3112 */ 3113 tap = ath_tx_get_tx_tid(an, tid); 3114 /* Need the lock - fiddling with BAW */ 3115 while (atid->baw_head != atid->baw_tail) { 3116 if (atid->tx_buf[atid->baw_head]) { 3117 atid->incomp++; 3118 atid->cleanup_inprogress = 1; 3119 atid->tx_buf[atid->baw_head] = NULL; 3120 } 3121 INCR(atid->baw_head, ATH_TID_MAX_BUFS); 3122 INCR(tap->txa_start, IEEE80211_SEQ_RANGE); 3123 } 3124 3125 /* 3126 * If cleanup is required, defer TID scheduling 3127 * until all the HW queued packets have been 3128 * sent. 3129 */ 3130 if (! atid->cleanup_inprogress) 3131 ath_tx_tid_resume(sc, atid); 3132 3133 if (atid->cleanup_inprogress) 3134 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3135 "%s: TID %d: cleanup needed: %d packets\n", 3136 __func__, tid, atid->incomp); 3137 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3138 3139 /* Handle completing frames and fail them */ 3140 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3141 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3142 ath_tx_default_comp(sc, bf, 1); 3143 } 3144 } 3145 3146 static void 3147 ath_tx_set_retry(struct ath_softc *sc, struct ath_buf *bf) 3148 { 3149 struct ieee80211_frame *wh; 3150 3151 wh = mtod(bf->bf_m, struct ieee80211_frame *); 3152 /* Only update/resync if needed */ 3153 if (bf->bf_state.bfs_isretried == 0) { 3154 wh->i_fc[1] |= IEEE80211_FC1_RETRY; 3155 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, 3156 BUS_DMASYNC_PREWRITE); 3157 } 3158 sc->sc_stats.ast_tx_swretries++; 3159 bf->bf_state.bfs_isretried = 1; 3160 bf->bf_state.bfs_retries ++; 3161 } 3162 3163 static struct ath_buf * 3164 ath_tx_retry_clone(struct ath_softc *sc, struct ath_node *an, 3165 struct ath_tid *tid, struct ath_buf *bf) 3166 { 3167 struct ath_buf *nbf; 3168 int error; 3169 3170 nbf = ath_buf_clone(sc, bf); 3171 3172 #if 0 3173 device_printf(sc->sc_dev, "%s: ATH_BUF_BUSY; cloning\n", 3174 __func__); 3175 #endif 3176 3177 if (nbf == NULL) { 3178 /* Failed to clone */ 3179 device_printf(sc->sc_dev, 3180 "%s: failed to clone a busy buffer\n", 3181 __func__); 3182 return NULL; 3183 } 3184 3185 /* Setup the dma for the new buffer */ 3186 error = ath_tx_dmasetup(sc, nbf, nbf->bf_m); 3187 if (error != 0) { 3188 device_printf(sc->sc_dev, 3189 "%s: failed to setup dma for clone\n", 3190 __func__); 3191 /* 3192 * Put this at the head of the list, not tail; 3193 * that way it doesn't interfere with the 3194 * busy buffer logic (which uses the tail of 3195 * the list.) 3196 */ 3197 ATH_TXBUF_LOCK(sc); 3198 TAILQ_INSERT_HEAD(&sc->sc_txbuf, nbf, bf_list); 3199 ATH_TXBUF_UNLOCK(sc); 3200 return NULL; 3201 } 3202 3203 /* Update BAW if required, before we free the original buf */ 3204 if (bf->bf_state.bfs_dobaw) 3205 ath_tx_switch_baw_buf(sc, an, tid, bf, nbf); 3206 3207 /* Free current buffer; return the older buffer */ 3208 bf->bf_m = NULL; 3209 bf->bf_node = NULL; 3210 ath_freebuf(sc, bf); 3211 return nbf; 3212 } 3213 3214 /* 3215 * Handle retrying an unaggregate frame in an aggregate 3216 * session. 3217 * 3218 * If too many retries occur, pause the TID, wait for 3219 * any further retransmits (as there's no reason why 3220 * non-aggregate frames in an aggregate session are 3221 * transmitted in-order; they just have to be in-BAW) 3222 * and then queue a BAR. 3223 */ 3224 static void 3225 ath_tx_aggr_retry_unaggr(struct ath_softc *sc, struct ath_buf *bf) 3226 { 3227 struct ieee80211_node *ni = bf->bf_node; 3228 struct ath_node *an = ATH_NODE(ni); 3229 int tid = bf->bf_state.bfs_tid; 3230 struct ath_tid *atid = &an->an_tid[tid]; 3231 struct ieee80211_tx_ampdu *tap; 3232 3233 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3234 3235 tap = ath_tx_get_tx_tid(an, tid); 3236 3237 /* 3238 * If the buffer is marked as busy, we can't directly 3239 * reuse it. Instead, try to clone the buffer. 3240 * If the clone is successful, recycle the old buffer. 3241 * If the clone is unsuccessful, set bfs_retries to max 3242 * to force the next bit of code to free the buffer 3243 * for us. 3244 */ 3245 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) && 3246 (bf->bf_flags & ATH_BUF_BUSY)) { 3247 struct ath_buf *nbf; 3248 nbf = ath_tx_retry_clone(sc, an, atid, bf); 3249 if (nbf) 3250 /* bf has been freed at this point */ 3251 bf = nbf; 3252 else 3253 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1; 3254 } 3255 3256 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) { 3257 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES, 3258 "%s: exceeded retries; seqno %d\n", 3259 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3260 sc->sc_stats.ast_tx_swretrymax++; 3261 3262 /* Update BAW anyway */ 3263 if (bf->bf_state.bfs_dobaw) { 3264 ath_tx_update_baw(sc, an, atid, bf); 3265 if (! bf->bf_state.bfs_addedbaw) 3266 device_printf(sc->sc_dev, 3267 "%s: wasn't added: seqno %d\n", 3268 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3269 } 3270 bf->bf_state.bfs_dobaw = 0; 3271 3272 /* Suspend the TX queue and get ready to send the BAR */ 3273 ath_tx_tid_bar_suspend(sc, atid); 3274 3275 /* Send the BAR if there are no other frames waiting */ 3276 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3277 ath_tx_tid_bar_tx(sc, atid); 3278 3279 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3280 3281 /* Free buffer, bf is free after this call */ 3282 ath_tx_default_comp(sc, bf, 0); 3283 return; 3284 } 3285 3286 /* 3287 * This increments the retry counter as well as 3288 * sets the retry flag in the ath_buf and packet 3289 * body. 3290 */ 3291 ath_tx_set_retry(sc, bf); 3292 3293 /* 3294 * Insert this at the head of the queue, so it's 3295 * retried before any current/subsequent frames. 3296 */ 3297 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list); 3298 ath_tx_tid_sched(sc, atid); 3299 /* Send the BAR if there are no other frames waiting */ 3300 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3301 ath_tx_tid_bar_tx(sc, atid); 3302 3303 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3304 } 3305 3306 /* 3307 * Common code for aggregate excessive retry/subframe retry. 3308 * If retrying, queues buffers to bf_q. If not, frees the 3309 * buffers. 3310 * 3311 * XXX should unify this with ath_tx_aggr_retry_unaggr() 3312 */ 3313 static int 3314 ath_tx_retry_subframe(struct ath_softc *sc, struct ath_buf *bf, 3315 ath_bufhead *bf_q) 3316 { 3317 struct ieee80211_node *ni = bf->bf_node; 3318 struct ath_node *an = ATH_NODE(ni); 3319 int tid = bf->bf_state.bfs_tid; 3320 struct ath_tid *atid = &an->an_tid[tid]; 3321 3322 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[atid->ac]); 3323 3324 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3325 ath_hal_set11nburstduration(sc->sc_ah, bf->bf_desc, 0); 3326 /* ath_hal_set11n_virtualmorefrag(sc->sc_ah, bf->bf_desc, 0); */ 3327 3328 /* 3329 * If the buffer is marked as busy, we can't directly 3330 * reuse it. Instead, try to clone the buffer. 3331 * If the clone is successful, recycle the old buffer. 3332 * If the clone is unsuccessful, set bfs_retries to max 3333 * to force the next bit of code to free the buffer 3334 * for us. 3335 */ 3336 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) && 3337 (bf->bf_flags & ATH_BUF_BUSY)) { 3338 struct ath_buf *nbf; 3339 nbf = ath_tx_retry_clone(sc, an, atid, bf); 3340 if (nbf) 3341 /* bf has been freed at this point */ 3342 bf = nbf; 3343 else 3344 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1; 3345 } 3346 3347 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) { 3348 sc->sc_stats.ast_tx_swretrymax++; 3349 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES, 3350 "%s: max retries: seqno %d\n", 3351 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3352 ath_tx_update_baw(sc, an, atid, bf); 3353 if (! bf->bf_state.bfs_addedbaw) 3354 device_printf(sc->sc_dev, 3355 "%s: wasn't added: seqno %d\n", 3356 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3357 bf->bf_state.bfs_dobaw = 0; 3358 return 1; 3359 } 3360 3361 ath_tx_set_retry(sc, bf); 3362 bf->bf_next = NULL; /* Just to make sure */ 3363 3364 TAILQ_INSERT_TAIL(bf_q, bf, bf_list); 3365 return 0; 3366 } 3367 3368 /* 3369 * error pkt completion for an aggregate destination 3370 */ 3371 static void 3372 ath_tx_comp_aggr_error(struct ath_softc *sc, struct ath_buf *bf_first, 3373 struct ath_tid *tid) 3374 { 3375 struct ieee80211_node *ni = bf_first->bf_node; 3376 struct ath_node *an = ATH_NODE(ni); 3377 struct ath_buf *bf_next, *bf; 3378 ath_bufhead bf_q; 3379 int drops = 0; 3380 struct ieee80211_tx_ampdu *tap; 3381 ath_bufhead bf_cq; 3382 3383 TAILQ_INIT(&bf_q); 3384 TAILQ_INIT(&bf_cq); 3385 3386 /* 3387 * Update rate control - all frames have failed. 3388 * 3389 * XXX use the length in the first frame in the series; 3390 * XXX just so things are consistent for now. 3391 */ 3392 ath_tx_update_ratectrl(sc, ni, bf_first->bf_state.bfs_rc, 3393 &bf_first->bf_status.ds_txstat, 3394 bf_first->bf_state.bfs_pktlen, 3395 bf_first->bf_state.bfs_nframes, bf_first->bf_state.bfs_nframes); 3396 3397 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 3398 tap = ath_tx_get_tx_tid(an, tid->tid); 3399 sc->sc_stats.ast_tx_aggr_failall++; 3400 3401 /* Retry all subframes */ 3402 bf = bf_first; 3403 while (bf) { 3404 bf_next = bf->bf_next; 3405 bf->bf_next = NULL; /* Remove it from the aggr list */ 3406 sc->sc_stats.ast_tx_aggr_fail++; 3407 if (ath_tx_retry_subframe(sc, bf, &bf_q)) { 3408 drops++; 3409 bf->bf_next = NULL; 3410 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3411 } 3412 bf = bf_next; 3413 } 3414 3415 /* Prepend all frames to the beginning of the queue */ 3416 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) { 3417 TAILQ_REMOVE(&bf_q, bf, bf_list); 3418 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list); 3419 } 3420 3421 ath_tx_tid_sched(sc, tid); 3422 3423 /* 3424 * send bar if we dropped any frames 3425 * 3426 * Keep the txq lock held for now, as we need to ensure 3427 * that ni_txseqs[] is consistent (as it's being updated 3428 * in the ifnet TX context or raw TX context.) 3429 */ 3430 if (drops) { 3431 /* Suspend the TX queue and get ready to send the BAR */ 3432 ath_tx_tid_bar_suspend(sc, tid); 3433 } 3434 3435 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 3436 3437 /* 3438 * Send BAR if required 3439 */ 3440 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 3441 if (ath_tx_tid_bar_tx_ready(sc, tid)) 3442 ath_tx_tid_bar_tx(sc, tid); 3443 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 3444 3445 /* Complete frames which errored out */ 3446 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3447 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3448 ath_tx_default_comp(sc, bf, 0); 3449 } 3450 } 3451 3452 /* 3453 * Handle clean-up of packets from an aggregate list. 3454 * 3455 * There's no need to update the BAW here - the session is being 3456 * torn down. 3457 */ 3458 static void 3459 ath_tx_comp_cleanup_aggr(struct ath_softc *sc, struct ath_buf *bf_first) 3460 { 3461 struct ath_buf *bf, *bf_next; 3462 struct ieee80211_node *ni = bf_first->bf_node; 3463 struct ath_node *an = ATH_NODE(ni); 3464 int tid = bf_first->bf_state.bfs_tid; 3465 struct ath_tid *atid = &an->an_tid[tid]; 3466 3467 bf = bf_first; 3468 3469 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3470 3471 /* update incomp */ 3472 while (bf) { 3473 atid->incomp--; 3474 bf = bf->bf_next; 3475 } 3476 3477 if (atid->incomp == 0) { 3478 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3479 "%s: TID %d: cleaned up! resume!\n", 3480 __func__, tid); 3481 atid->cleanup_inprogress = 0; 3482 ath_tx_tid_resume(sc, atid); 3483 } 3484 3485 /* Send BAR if required */ 3486 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3487 ath_tx_tid_bar_tx(sc, atid); 3488 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3489 3490 /* Handle frame completion */ 3491 while (bf) { 3492 bf_next = bf->bf_next; 3493 ath_tx_default_comp(sc, bf, 1); 3494 bf = bf_next; 3495 } 3496 } 3497 3498 /* 3499 * Handle completion of an set of aggregate frames. 3500 * 3501 * XXX for now, simply complete each sub-frame. 3502 * 3503 * Note: the completion handler is the last descriptor in the aggregate, 3504 * not the last descriptor in the first frame. 3505 */ 3506 static void 3507 ath_tx_aggr_comp_aggr(struct ath_softc *sc, struct ath_buf *bf_first, 3508 int fail) 3509 { 3510 //struct ath_desc *ds = bf->bf_lastds; 3511 struct ieee80211_node *ni = bf_first->bf_node; 3512 struct ath_node *an = ATH_NODE(ni); 3513 int tid = bf_first->bf_state.bfs_tid; 3514 struct ath_tid *atid = &an->an_tid[tid]; 3515 struct ath_tx_status ts; 3516 struct ieee80211_tx_ampdu *tap; 3517 ath_bufhead bf_q; 3518 ath_bufhead bf_cq; 3519 int seq_st, tx_ok; 3520 int hasba, isaggr; 3521 uint32_t ba[2]; 3522 struct ath_buf *bf, *bf_next; 3523 int ba_index; 3524 int drops = 0; 3525 int nframes = 0, nbad = 0, nf; 3526 int pktlen; 3527 /* XXX there's too much on the stack? */ 3528 struct ath_rc_series rc[4]; 3529 int txseq; 3530 3531 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: called; hwq_depth=%d\n", 3532 __func__, atid->hwq_depth); 3533 3534 /* The TID state is kept behind the TXQ lock */ 3535 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3536 3537 atid->hwq_depth--; 3538 if (atid->hwq_depth < 0) 3539 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 3540 __func__, atid->hwq_depth); 3541 3542 /* 3543 * Punt cleanup to the relevant function, not our problem now 3544 */ 3545 if (atid->cleanup_inprogress) { 3546 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3547 ath_tx_comp_cleanup_aggr(sc, bf_first); 3548 return; 3549 } 3550 3551 /* 3552 * Take a copy; this may be needed -after- bf_first 3553 * has been completed and freed. 3554 */ 3555 ts = bf_first->bf_status.ds_txstat; 3556 /* 3557 * XXX for now, use the first frame in the aggregate for 3558 * XXX rate control completion; it's at least consistent. 3559 */ 3560 pktlen = bf_first->bf_state.bfs_pktlen; 3561 3562 /* 3563 * handle errors first 3564 */ 3565 if (ts.ts_status & HAL_TXERR_XRETRY) { 3566 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3567 ath_tx_comp_aggr_error(sc, bf_first, atid); 3568 return; 3569 } 3570 3571 TAILQ_INIT(&bf_q); 3572 TAILQ_INIT(&bf_cq); 3573 tap = ath_tx_get_tx_tid(an, tid); 3574 3575 /* 3576 * extract starting sequence and block-ack bitmap 3577 */ 3578 /* XXX endian-ness of seq_st, ba? */ 3579 seq_st = ts.ts_seqnum; 3580 hasba = !! (ts.ts_flags & HAL_TX_BA); 3581 tx_ok = (ts.ts_status == 0); 3582 isaggr = bf_first->bf_state.bfs_aggr; 3583 ba[0] = ts.ts_ba_low; 3584 ba[1] = ts.ts_ba_high; 3585 3586 /* 3587 * Copy the TX completion status and the rate control 3588 * series from the first descriptor, as it may be freed 3589 * before the rate control code can get its grubby fingers 3590 * into things. 3591 */ 3592 memcpy(rc, bf_first->bf_state.bfs_rc, sizeof(rc)); 3593 3594 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3595 "%s: txa_start=%d, tx_ok=%d, status=%.8x, flags=%.8x, " 3596 "isaggr=%d, seq_st=%d, hasba=%d, ba=%.8x, %.8x\n", 3597 __func__, tap->txa_start, tx_ok, ts.ts_status, ts.ts_flags, 3598 isaggr, seq_st, hasba, ba[0], ba[1]); 3599 3600 /* Occasionally, the MAC sends a tx status for the wrong TID. */ 3601 if (tid != ts.ts_tid) { 3602 device_printf(sc->sc_dev, "%s: tid %d != hw tid %d\n", 3603 __func__, tid, ts.ts_tid); 3604 tx_ok = 0; 3605 } 3606 3607 /* AR5416 BA bug; this requires an interface reset */ 3608 if (isaggr && tx_ok && (! hasba)) { 3609 device_printf(sc->sc_dev, 3610 "%s: AR5416 bug: hasba=%d; txok=%d, isaggr=%d, " 3611 "seq_st=%d\n", 3612 __func__, hasba, tx_ok, isaggr, seq_st); 3613 /* XXX TODO: schedule an interface reset */ 3614 } 3615 3616 /* 3617 * Walk the list of frames, figure out which ones were correctly 3618 * sent and which weren't. 3619 */ 3620 bf = bf_first; 3621 nf = bf_first->bf_state.bfs_nframes; 3622 3623 /* bf_first is going to be invalid once this list is walked */ 3624 bf_first = NULL; 3625 3626 /* 3627 * Walk the list of completed frames and determine 3628 * which need to be completed and which need to be 3629 * retransmitted. 3630 * 3631 * For completed frames, the completion functions need 3632 * to be called at the end of this function as the last 3633 * node reference may free the node. 3634 * 3635 * Finally, since the TXQ lock can't be held during the 3636 * completion callback (to avoid lock recursion), 3637 * the completion calls have to be done outside of the 3638 * lock. 3639 */ 3640 while (bf) { 3641 nframes++; 3642 ba_index = ATH_BA_INDEX(seq_st, 3643 SEQNO(bf->bf_state.bfs_seqno)); 3644 bf_next = bf->bf_next; 3645 bf->bf_next = NULL; /* Remove it from the aggr list */ 3646 3647 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3648 "%s: checking bf=%p seqno=%d; ack=%d\n", 3649 __func__, bf, SEQNO(bf->bf_state.bfs_seqno), 3650 ATH_BA_ISSET(ba, ba_index)); 3651 3652 if (tx_ok && ATH_BA_ISSET(ba, ba_index)) { 3653 sc->sc_stats.ast_tx_aggr_ok++; 3654 ath_tx_update_baw(sc, an, atid, bf); 3655 bf->bf_state.bfs_dobaw = 0; 3656 if (! bf->bf_state.bfs_addedbaw) 3657 device_printf(sc->sc_dev, 3658 "%s: wasn't added: seqno %d\n", 3659 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3660 bf->bf_next = NULL; 3661 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3662 } else { 3663 sc->sc_stats.ast_tx_aggr_fail++; 3664 if (ath_tx_retry_subframe(sc, bf, &bf_q)) { 3665 drops++; 3666 bf->bf_next = NULL; 3667 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3668 } 3669 nbad++; 3670 } 3671 bf = bf_next; 3672 } 3673 3674 /* 3675 * Now that the BAW updates have been done, unlock 3676 * 3677 * txseq is grabbed before the lock is released so we 3678 * have a consistent view of what -was- in the BAW. 3679 * Anything after this point will not yet have been 3680 * TXed. 3681 */ 3682 txseq = tap->txa_start; 3683 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3684 3685 if (nframes != nf) 3686 device_printf(sc->sc_dev, 3687 "%s: num frames seen=%d; bf nframes=%d\n", 3688 __func__, nframes, nf); 3689 3690 /* 3691 * Now we know how many frames were bad, call the rate 3692 * control code. 3693 */ 3694 if (fail == 0) 3695 ath_tx_update_ratectrl(sc, ni, rc, &ts, pktlen, nframes, 3696 nbad); 3697 3698 /* 3699 * send bar if we dropped any frames 3700 */ 3701 if (drops) { 3702 /* Suspend the TX queue and get ready to send the BAR */ 3703 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3704 ath_tx_tid_bar_suspend(sc, atid); 3705 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3706 } 3707 3708 /* Prepend all frames to the beginning of the queue */ 3709 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3710 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) { 3711 TAILQ_REMOVE(&bf_q, bf, bf_list); 3712 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list); 3713 } 3714 ath_tx_tid_sched(sc, atid); 3715 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3716 3717 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3718 "%s: txa_start now %d\n", __func__, tap->txa_start); 3719 3720 /* 3721 * Send BAR if required 3722 */ 3723 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3724 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3725 ath_tx_tid_bar_tx(sc, atid); 3726 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3727 3728 /* Do deferred completion */ 3729 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3730 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3731 ath_tx_default_comp(sc, bf, 0); 3732 } 3733 } 3734 3735 /* 3736 * Handle completion of unaggregated frames in an ADDBA 3737 * session. 3738 * 3739 * Fail is set to 1 if the entry is being freed via a call to 3740 * ath_tx_draintxq(). 3741 */ 3742 static void 3743 ath_tx_aggr_comp_unaggr(struct ath_softc *sc, struct ath_buf *bf, int fail) 3744 { 3745 struct ieee80211_node *ni = bf->bf_node; 3746 struct ath_node *an = ATH_NODE(ni); 3747 int tid = bf->bf_state.bfs_tid; 3748 struct ath_tid *atid = &an->an_tid[tid]; 3749 struct ath_tx_status *ts = &bf->bf_status.ds_txstat; 3750 3751 /* 3752 * Update rate control status here, before we possibly 3753 * punt to retry or cleanup. 3754 * 3755 * Do it outside of the TXQ lock. 3756 */ 3757 if (fail == 0 && ((bf->bf_txflags & HAL_TXDESC_NOACK) == 0)) 3758 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc, 3759 &bf->bf_status.ds_txstat, 3760 bf->bf_state.bfs_pktlen, 3761 1, (ts->ts_status == 0) ? 0 : 1); 3762 3763 /* 3764 * This is called early so atid->hwq_depth can be tracked. 3765 * This unfortunately means that it's released and regrabbed 3766 * during retry and cleanup. That's rather inefficient. 3767 */ 3768 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3769 3770 if (tid == IEEE80211_NONQOS_TID) 3771 device_printf(sc->sc_dev, "%s: TID=16!\n", __func__); 3772 3773 DPRINTF(sc, ATH_DEBUG_SW_TX, 3774 "%s: bf=%p: tid=%d, hwq_depth=%d, seqno=%d\n", 3775 __func__, bf, bf->bf_state.bfs_tid, atid->hwq_depth, 3776 SEQNO(bf->bf_state.bfs_seqno)); 3777 3778 atid->hwq_depth--; 3779 if (atid->hwq_depth < 0) 3780 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 3781 __func__, atid->hwq_depth); 3782 3783 /* 3784 * If a cleanup is in progress, punt to comp_cleanup; 3785 * rather than handling it here. It's thus their 3786 * responsibility to clean up, call the completion 3787 * function in net80211, etc. 3788 */ 3789 if (atid->cleanup_inprogress) { 3790 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3791 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: cleanup_unaggr\n", 3792 __func__); 3793 ath_tx_comp_cleanup_unaggr(sc, bf); 3794 return; 3795 } 3796 3797 /* 3798 * Don't bother with the retry check if all frames 3799 * are being failed (eg during queue deletion.) 3800 */ 3801 if (fail == 0 && ts->ts_status & HAL_TXERR_XRETRY) { 3802 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3803 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: retry_unaggr\n", 3804 __func__); 3805 ath_tx_aggr_retry_unaggr(sc, bf); 3806 return; 3807 } 3808 3809 /* Success? Complete */ 3810 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: TID=%d, seqno %d\n", 3811 __func__, tid, SEQNO(bf->bf_state.bfs_seqno)); 3812 if (bf->bf_state.bfs_dobaw) { 3813 ath_tx_update_baw(sc, an, atid, bf); 3814 bf->bf_state.bfs_dobaw = 0; 3815 if (! bf->bf_state.bfs_addedbaw) 3816 device_printf(sc->sc_dev, 3817 "%s: wasn't added: seqno %d\n", 3818 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3819 } 3820 3821 /* 3822 * Send BAR if required 3823 */ 3824 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3825 ath_tx_tid_bar_tx(sc, atid); 3826 3827 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3828 3829 ath_tx_default_comp(sc, bf, fail); 3830 /* bf is freed at this point */ 3831 } 3832 3833 void 3834 ath_tx_aggr_comp(struct ath_softc *sc, struct ath_buf *bf, int fail) 3835 { 3836 if (bf->bf_state.bfs_aggr) 3837 ath_tx_aggr_comp_aggr(sc, bf, fail); 3838 else 3839 ath_tx_aggr_comp_unaggr(sc, bf, fail); 3840 } 3841 3842 /* 3843 * Schedule some packets from the given node/TID to the hardware. 3844 * 3845 * This is the aggregate version. 3846 */ 3847 void 3848 ath_tx_tid_hw_queue_aggr(struct ath_softc *sc, struct ath_node *an, 3849 struct ath_tid *tid) 3850 { 3851 struct ath_buf *bf; 3852 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 3853 struct ieee80211_tx_ampdu *tap; 3854 struct ieee80211_node *ni = &an->an_node; 3855 ATH_AGGR_STATUS status; 3856 ath_bufhead bf_q; 3857 3858 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d\n", __func__, tid->tid); 3859 ATH_TXQ_LOCK_ASSERT(txq); 3860 3861 tap = ath_tx_get_tx_tid(an, tid->tid); 3862 3863 if (tid->tid == IEEE80211_NONQOS_TID) 3864 device_printf(sc->sc_dev, "%s: called for TID=NONQOS_TID?\n", 3865 __func__); 3866 3867 for (;;) { 3868 status = ATH_AGGR_DONE; 3869 3870 /* 3871 * If the upper layer has paused the TID, don't 3872 * queue any further packets. 3873 * 3874 * This can also occur from the completion task because 3875 * of packet loss; but as its serialised with this code, 3876 * it won't "appear" half way through queuing packets. 3877 */ 3878 if (tid->paused) 3879 break; 3880 3881 bf = TAILQ_FIRST(&tid->axq_q); 3882 if (bf == NULL) { 3883 break; 3884 } 3885 3886 /* 3887 * If the packet doesn't fall within the BAW (eg a NULL 3888 * data frame), schedule it directly; continue. 3889 */ 3890 if (! bf->bf_state.bfs_dobaw) { 3891 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3892 "%s: non-baw packet\n", 3893 __func__); 3894 ATH_TXQ_REMOVE(tid, bf, bf_list); 3895 bf->bf_state.bfs_aggr = 0; 3896 ath_tx_do_ratelookup(sc, bf); 3897 ath_tx_rate_fill_rcflags(sc, bf); 3898 ath_tx_set_rtscts(sc, bf); 3899 ath_tx_setds(sc, bf); 3900 ath_tx_chaindesclist(sc, bf); 3901 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3902 ath_tx_set_ratectrl(sc, ni, bf); 3903 3904 sc->sc_aggr_stats.aggr_nonbaw_pkt++; 3905 3906 /* Queue the packet; continue */ 3907 goto queuepkt; 3908 } 3909 3910 TAILQ_INIT(&bf_q); 3911 3912 /* 3913 * Do a rate control lookup on the first frame in the 3914 * list. The rate control code needs that to occur 3915 * before it can determine whether to TX. 3916 * It's inaccurate because the rate control code doesn't 3917 * really "do" aggregate lookups, so it only considers 3918 * the size of the first frame. 3919 */ 3920 ath_tx_do_ratelookup(sc, bf); 3921 bf->bf_state.bfs_rc[3].rix = 0; 3922 bf->bf_state.bfs_rc[3].tries = 0; 3923 ath_tx_rate_fill_rcflags(sc, bf); 3924 3925 status = ath_tx_form_aggr(sc, an, tid, &bf_q); 3926 3927 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3928 "%s: ath_tx_form_aggr() status=%d\n", __func__, status); 3929 3930 /* 3931 * No frames to be picked up - out of BAW 3932 */ 3933 if (TAILQ_EMPTY(&bf_q)) 3934 break; 3935 3936 /* 3937 * This assumes that the descriptor list in the ath_bufhead 3938 * are already linked together via bf_next pointers. 3939 */ 3940 bf = TAILQ_FIRST(&bf_q); 3941 3942 /* 3943 * If it's the only frame send as non-aggregate 3944 * assume that ath_tx_form_aggr() has checked 3945 * whether it's in the BAW and added it appropriately. 3946 */ 3947 if (bf->bf_state.bfs_nframes == 1) { 3948 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3949 "%s: single-frame aggregate\n", __func__); 3950 bf->bf_state.bfs_aggr = 0; 3951 ath_tx_set_rtscts(sc, bf); 3952 ath_tx_setds(sc, bf); 3953 ath_tx_chaindesclist(sc, bf); 3954 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3955 ath_tx_set_ratectrl(sc, ni, bf); 3956 if (status == ATH_AGGR_BAW_CLOSED) 3957 sc->sc_aggr_stats.aggr_baw_closed_single_pkt++; 3958 else 3959 sc->sc_aggr_stats.aggr_single_pkt++; 3960 } else { 3961 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3962 "%s: multi-frame aggregate: %d frames, " 3963 "length %d\n", 3964 __func__, bf->bf_state.bfs_nframes, 3965 bf->bf_state.bfs_al); 3966 bf->bf_state.bfs_aggr = 1; 3967 sc->sc_aggr_stats.aggr_pkts[bf->bf_state.bfs_nframes]++; 3968 sc->sc_aggr_stats.aggr_aggr_pkt++; 3969 3970 /* 3971 * Update the rate and rtscts information based on the 3972 * rate decision made by the rate control code; 3973 * the first frame in the aggregate needs it. 3974 */ 3975 ath_tx_set_rtscts(sc, bf); 3976 3977 /* 3978 * Setup the relevant descriptor fields 3979 * for aggregation. The first descriptor 3980 * already points to the rest in the chain. 3981 */ 3982 ath_tx_setds_11n(sc, bf); 3983 3984 /* 3985 * setup first desc with rate and aggr info 3986 */ 3987 ath_tx_set_ratectrl(sc, ni, bf); 3988 } 3989 queuepkt: 3990 //txq = bf->bf_state.bfs_txq; 3991 3992 /* Set completion handler, multi-frame aggregate or not */ 3993 bf->bf_comp = ath_tx_aggr_comp; 3994 3995 if (bf->bf_state.bfs_tid == IEEE80211_NONQOS_TID) 3996 device_printf(sc->sc_dev, "%s: TID=16?\n", __func__); 3997 3998 /* Punt to txq */ 3999 ath_tx_handoff(sc, txq, bf); 4000 4001 /* Track outstanding buffer count to hardware */ 4002 /* aggregates are "one" buffer */ 4003 tid->hwq_depth++; 4004 4005 /* 4006 * Break out if ath_tx_form_aggr() indicated 4007 * there can't be any further progress (eg BAW is full.) 4008 * Checking for an empty txq is done above. 4009 * 4010 * XXX locking on txq here? 4011 */ 4012 if (txq->axq_aggr_depth >= sc->sc_hwq_limit || 4013 status == ATH_AGGR_BAW_CLOSED) 4014 break; 4015 } 4016 } 4017 4018 /* 4019 * Schedule some packets from the given node/TID to the hardware. 4020 */ 4021 void 4022 ath_tx_tid_hw_queue_norm(struct ath_softc *sc, struct ath_node *an, 4023 struct ath_tid *tid) 4024 { 4025 struct ath_buf *bf; 4026 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 4027 struct ieee80211_node *ni = &an->an_node; 4028 4029 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: node %p: TID %d: called\n", 4030 __func__, an, tid->tid); 4031 4032 ATH_TXQ_LOCK_ASSERT(txq); 4033 4034 /* Check - is AMPDU pending or running? then print out something */ 4035 if (ath_tx_ampdu_pending(sc, an, tid->tid)) 4036 device_printf(sc->sc_dev, "%s: tid=%d, ampdu pending?\n", 4037 __func__, tid->tid); 4038 if (ath_tx_ampdu_running(sc, an, tid->tid)) 4039 device_printf(sc->sc_dev, "%s: tid=%d, ampdu running?\n", 4040 __func__, tid->tid); 4041 4042 for (;;) { 4043 4044 /* 4045 * If the upper layers have paused the TID, don't 4046 * queue any further packets. 4047 */ 4048 if (tid->paused) 4049 break; 4050 4051 bf = TAILQ_FIRST(&tid->axq_q); 4052 if (bf == NULL) { 4053 break; 4054 } 4055 4056 ATH_TXQ_REMOVE(tid, bf, bf_list); 4057 4058 KASSERT(txq == bf->bf_state.bfs_txq, ("txqs not equal!\n")); 4059 4060 /* Sanity check! */ 4061 if (tid->tid != bf->bf_state.bfs_tid) { 4062 device_printf(sc->sc_dev, "%s: bfs_tid %d !=" 4063 " tid %d\n", 4064 __func__, bf->bf_state.bfs_tid, tid->tid); 4065 } 4066 /* Normal completion handler */ 4067 bf->bf_comp = ath_tx_normal_comp; 4068 4069 /* Program descriptors + rate control */ 4070 ath_tx_do_ratelookup(sc, bf); 4071 ath_tx_rate_fill_rcflags(sc, bf); 4072 ath_tx_set_rtscts(sc, bf); 4073 ath_tx_setds(sc, bf); 4074 ath_tx_chaindesclist(sc, bf); 4075 ath_tx_set_ratectrl(sc, ni, bf); 4076 4077 /* Track outstanding buffer count to hardware */ 4078 /* aggregates are "one" buffer */ 4079 tid->hwq_depth++; 4080 4081 /* Punt to hardware or software txq */ 4082 ath_tx_handoff(sc, txq, bf); 4083 } 4084 } 4085 4086 /* 4087 * Schedule some packets to the given hardware queue. 4088 * 4089 * This function walks the list of TIDs (ie, ath_node TIDs 4090 * with queued traffic) and attempts to schedule traffic 4091 * from them. 4092 * 4093 * TID scheduling is implemented as a FIFO, with TIDs being 4094 * added to the end of the queue after some frames have been 4095 * scheduled. 4096 */ 4097 void 4098 ath_txq_sched(struct ath_softc *sc, struct ath_txq *txq) 4099 { 4100 struct ath_tid *tid, *next, *last; 4101 4102 ATH_TXQ_LOCK_ASSERT(txq); 4103 4104 /* 4105 * Don't schedule if the hardware queue is busy. 4106 * This (hopefully) gives some more time to aggregate 4107 * some packets in the aggregation queue. 4108 */ 4109 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) { 4110 sc->sc_aggr_stats.aggr_sched_nopkt++; 4111 return; 4112 } 4113 4114 last = TAILQ_LAST(&txq->axq_tidq, axq_t_s); 4115 4116 TAILQ_FOREACH_SAFE(tid, &txq->axq_tidq, axq_qelem, next) { 4117 /* 4118 * Suspend paused queues here; they'll be resumed 4119 * once the addba completes or times out. 4120 */ 4121 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, paused=%d\n", 4122 __func__, tid->tid, tid->paused); 4123 ath_tx_tid_unsched(sc, tid); 4124 if (tid->paused) { 4125 continue; 4126 } 4127 if (ath_tx_ampdu_running(sc, tid->an, tid->tid)) 4128 ath_tx_tid_hw_queue_aggr(sc, tid->an, tid); 4129 else 4130 ath_tx_tid_hw_queue_norm(sc, tid->an, tid); 4131 4132 /* Not empty? Re-schedule */ 4133 if (tid->axq_depth != 0) 4134 ath_tx_tid_sched(sc, tid); 4135 4136 /* Give the software queue time to aggregate more packets */ 4137 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) { 4138 break; 4139 } 4140 4141 /* 4142 * If this was the last entry on the original list, stop. 4143 * Otherwise nodes that have been rescheduled onto the end 4144 * of the TID FIFO list will just keep being rescheduled. 4145 */ 4146 if (tid == last) 4147 break; 4148 } 4149 } 4150 4151 /* 4152 * TX addba handling 4153 */ 4154 4155 /* 4156 * Return net80211 TID struct pointer, or NULL for none 4157 */ 4158 struct ieee80211_tx_ampdu * 4159 ath_tx_get_tx_tid(struct ath_node *an, int tid) 4160 { 4161 struct ieee80211_node *ni = &an->an_node; 4162 struct ieee80211_tx_ampdu *tap; 4163 int ac; 4164 4165 if (tid == IEEE80211_NONQOS_TID) 4166 return NULL; 4167 4168 ac = TID_TO_WME_AC(tid); 4169 4170 tap = &ni->ni_tx_ampdu[ac]; 4171 return tap; 4172 } 4173 4174 /* 4175 * Is AMPDU-TX running? 4176 */ 4177 static int 4178 ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, int tid) 4179 { 4180 struct ieee80211_tx_ampdu *tap; 4181 4182 if (tid == IEEE80211_NONQOS_TID) 4183 return 0; 4184 4185 tap = ath_tx_get_tx_tid(an, tid); 4186 if (tap == NULL) 4187 return 0; /* Not valid; default to not running */ 4188 4189 return !! (tap->txa_flags & IEEE80211_AGGR_RUNNING); 4190 } 4191 4192 /* 4193 * Is AMPDU-TX negotiation pending? 4194 */ 4195 static int 4196 ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, int tid) 4197 { 4198 struct ieee80211_tx_ampdu *tap; 4199 4200 if (tid == IEEE80211_NONQOS_TID) 4201 return 0; 4202 4203 tap = ath_tx_get_tx_tid(an, tid); 4204 if (tap == NULL) 4205 return 0; /* Not valid; default to not pending */ 4206 4207 return !! (tap->txa_flags & IEEE80211_AGGR_XCHGPEND); 4208 } 4209 4210 /* 4211 * Is AMPDU-TX pending for the given TID? 4212 */ 4213 4214 4215 /* 4216 * Method to handle sending an ADDBA request. 4217 * 4218 * We tap this so the relevant flags can be set to pause the TID 4219 * whilst waiting for the response. 4220 * 4221 * XXX there's no timeout handler we can override? 4222 */ 4223 int 4224 ath_addba_request(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4225 int dialogtoken, int baparamset, int batimeout) 4226 { 4227 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4228 int tid = WME_AC_TO_TID(tap->txa_ac); 4229 struct ath_node *an = ATH_NODE(ni); 4230 struct ath_tid *atid = &an->an_tid[tid]; 4231 4232 /* 4233 * XXX danger Will Robinson! 4234 * 4235 * Although the taskqueue may be running and scheduling some more 4236 * packets, these should all be _before_ the addba sequence number. 4237 * However, net80211 will keep self-assigning sequence numbers 4238 * until addba has been negotiated. 4239 * 4240 * In the past, these packets would be "paused" (which still works 4241 * fine, as they're being scheduled to the driver in the same 4242 * serialised method which is calling the addba request routine) 4243 * and when the aggregation session begins, they'll be dequeued 4244 * as aggregate packets and added to the BAW. However, now there's 4245 * a "bf->bf_state.bfs_dobaw" flag, and this isn't set for these 4246 * packets. Thus they never get included in the BAW tracking and 4247 * this can cause the initial burst of packets after the addba 4248 * negotiation to "hang", as they quickly fall outside the BAW. 4249 * 4250 * The "eventual" solution should be to tag these packets with 4251 * dobaw. Although net80211 has given us a sequence number, 4252 * it'll be "after" the left edge of the BAW and thus it'll 4253 * fall within it. 4254 */ 4255 ATH_TXQ_LOCK(sc->sc_ac2q[atid->tid]); 4256 ath_tx_tid_pause(sc, atid); 4257 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->tid]); 4258 4259 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4260 "%s: called; dialogtoken=%d, baparamset=%d, batimeout=%d\n", 4261 __func__, dialogtoken, baparamset, batimeout); 4262 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4263 "%s: txa_start=%d, ni_txseqs=%d\n", 4264 __func__, tap->txa_start, ni->ni_txseqs[tid]); 4265 4266 return sc->sc_addba_request(ni, tap, dialogtoken, baparamset, 4267 batimeout); 4268 } 4269 4270 /* 4271 * Handle an ADDBA response. 4272 * 4273 * We unpause the queue so TX'ing can resume. 4274 * 4275 * Any packets TX'ed from this point should be "aggregate" (whether 4276 * aggregate or not) so the BAW is updated. 4277 * 4278 * Note! net80211 keeps self-assigning sequence numbers until 4279 * ampdu is negotiated. This means the initially-negotiated BAW left 4280 * edge won't match the ni->ni_txseq. 4281 * 4282 * So, being very dirty, the BAW left edge is "slid" here to match 4283 * ni->ni_txseq. 4284 * 4285 * What likely SHOULD happen is that all packets subsequent to the 4286 * addba request should be tagged as aggregate and queued as non-aggregate 4287 * frames; thus updating the BAW. For now though, I'll just slide the 4288 * window. 4289 */ 4290 int 4291 ath_addba_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4292 int status, int code, int batimeout) 4293 { 4294 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4295 int tid = WME_AC_TO_TID(tap->txa_ac); 4296 struct ath_node *an = ATH_NODE(ni); 4297 struct ath_tid *atid = &an->an_tid[tid]; 4298 int r; 4299 4300 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4301 "%s: called; status=%d, code=%d, batimeout=%d\n", __func__, 4302 status, code, batimeout); 4303 4304 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4305 "%s: txa_start=%d, ni_txseqs=%d\n", 4306 __func__, tap->txa_start, ni->ni_txseqs[tid]); 4307 4308 /* 4309 * Call this first, so the interface flags get updated 4310 * before the TID is unpaused. Otherwise a race condition 4311 * exists where the unpaused TID still doesn't yet have 4312 * IEEE80211_AGGR_RUNNING set. 4313 */ 4314 r = sc->sc_addba_response(ni, tap, status, code, batimeout); 4315 4316 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4317 /* 4318 * XXX dirty! 4319 * Slide the BAW left edge to wherever net80211 left it for us. 4320 * Read above for more information. 4321 */ 4322 tap->txa_start = ni->ni_txseqs[tid]; 4323 ath_tx_tid_resume(sc, atid); 4324 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4325 return r; 4326 } 4327 4328 4329 /* 4330 * Stop ADDBA on a queue. 4331 */ 4332 void 4333 ath_addba_stop(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 4334 { 4335 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4336 int tid = WME_AC_TO_TID(tap->txa_ac); 4337 struct ath_node *an = ATH_NODE(ni); 4338 struct ath_tid *atid = &an->an_tid[tid]; 4339 4340 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: called\n", __func__); 4341 4342 /* Pause TID traffic early, so there aren't any races */ 4343 ATH_TXQ_LOCK(sc->sc_ac2q[atid->tid]); 4344 ath_tx_tid_pause(sc, atid); 4345 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->tid]); 4346 4347 /* There's no need to hold the TXQ lock here */ 4348 sc->sc_addba_stop(ni, tap); 4349 4350 /* 4351 * ath_tx_cleanup will resume the TID if possible, otherwise 4352 * it'll set the cleanup flag, and it'll be unpaused once 4353 * things have been cleaned up. 4354 */ 4355 ath_tx_cleanup(sc, an, tid); 4356 } 4357 4358 /* 4359 * Note: net80211 bar_timeout() doesn't call this function on BAR failure; 4360 * it simply tears down the aggregation session. Ew. 4361 * 4362 * It however will call ieee80211_ampdu_stop() which will call 4363 * ic->ic_addba_stop(). 4364 * 4365 * XXX This uses a hard-coded max BAR count value; the whole 4366 * XXX BAR TX success or failure should be better handled! 4367 */ 4368 void 4369 ath_bar_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4370 int status) 4371 { 4372 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4373 int tid = WME_AC_TO_TID(tap->txa_ac); 4374 struct ath_node *an = ATH_NODE(ni); 4375 struct ath_tid *atid = &an->an_tid[tid]; 4376 int attempts = tap->txa_attempts; 4377 4378 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4379 "%s: called; status=%d\n", __func__, status); 4380 4381 /* Note: This may update the BAW details */ 4382 sc->sc_bar_response(ni, tap, status); 4383 4384 /* Unpause the TID */ 4385 /* 4386 * XXX if this is attempt=50, the TID will be downgraded 4387 * XXX to a non-aggregate session. So we must unpause the 4388 * XXX TID here or it'll never be done. 4389 */ 4390 if (status == 0 || attempts == 50) { 4391 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4392 ath_tx_tid_bar_unsuspend(sc, atid); 4393 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4394 } 4395 } 4396 4397 /* 4398 * This is called whenever the pending ADDBA request times out. 4399 * Unpause and reschedule the TID. 4400 */ 4401 void 4402 ath_addba_response_timeout(struct ieee80211_node *ni, 4403 struct ieee80211_tx_ampdu *tap) 4404 { 4405 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4406 int tid = WME_AC_TO_TID(tap->txa_ac); 4407 struct ath_node *an = ATH_NODE(ni); 4408 struct ath_tid *atid = &an->an_tid[tid]; 4409 4410 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4411 "%s: called; resuming\n", __func__); 4412 4413 /* Note: This updates the aggregate state to (again) pending */ 4414 sc->sc_addba_response_timeout(ni, tap); 4415 4416 /* Unpause the TID; which reschedules it */ 4417 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4418 ath_tx_tid_resume(sc, atid); 4419 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4420 } 4421