1 /*- 2 * Copyright (c) 2002-2009 Sam Leffler, Errno Consulting 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer, 10 * without modification. 11 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 12 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any 13 * redistribution must be conditioned upon including a substantially 14 * similar Disclaimer requirement for further binary redistribution. 15 * 16 * NO WARRANTY 17 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY 20 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 21 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, 22 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 25 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 27 * THE POSSIBILITY OF SUCH DAMAGES. 28 */ 29 30 #include <sys/cdefs.h> 31 __FBSDID("$FreeBSD$"); 32 33 /* 34 * Driver for the Atheros Wireless LAN controller. 35 * 36 * This software is derived from work of Atsushi Onoe; his contribution 37 * is greatly appreciated. 38 */ 39 40 #include "opt_inet.h" 41 #include "opt_ath.h" 42 #include "opt_wlan.h" 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/sysctl.h> 47 #include <sys/mbuf.h> 48 #include <sys/malloc.h> 49 #include <sys/lock.h> 50 #include <sys/mutex.h> 51 #include <sys/kernel.h> 52 #include <sys/socket.h> 53 #include <sys/sockio.h> 54 #include <sys/errno.h> 55 #include <sys/callout.h> 56 #include <sys/bus.h> 57 #include <sys/endian.h> 58 #include <sys/kthread.h> 59 #include <sys/taskqueue.h> 60 #include <sys/priv.h> 61 62 #include <machine/bus.h> 63 64 #include <net/if.h> 65 #include <net/if_dl.h> 66 #include <net/if_media.h> 67 #include <net/if_types.h> 68 #include <net/if_arp.h> 69 #include <net/ethernet.h> 70 #include <net/if_llc.h> 71 72 #include <net80211/ieee80211_var.h> 73 #include <net80211/ieee80211_regdomain.h> 74 #ifdef IEEE80211_SUPPORT_SUPERG 75 #include <net80211/ieee80211_superg.h> 76 #endif 77 #ifdef IEEE80211_SUPPORT_TDMA 78 #include <net80211/ieee80211_tdma.h> 79 #endif 80 #include <net80211/ieee80211_ht.h> 81 82 #include <net/bpf.h> 83 84 #ifdef INET 85 #include <netinet/in.h> 86 #include <netinet/if_ether.h> 87 #endif 88 89 #include <dev/ath/if_athvar.h> 90 #include <dev/ath/ath_hal/ah_devid.h> /* XXX for softled */ 91 #include <dev/ath/ath_hal/ah_diagcodes.h> 92 93 #include <dev/ath/if_ath_debug.h> 94 95 #ifdef ATH_TX99_DIAG 96 #include <dev/ath/ath_tx99/ath_tx99.h> 97 #endif 98 99 #include <dev/ath/if_ath_misc.h> 100 #include <dev/ath/if_ath_tx.h> 101 #include <dev/ath/if_ath_tx_ht.h> 102 103 /* 104 * How many retries to perform in software 105 */ 106 #define SWMAX_RETRIES 10 107 108 static int ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, 109 int tid); 110 static int ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, 111 int tid); 112 static ieee80211_seq ath_tx_tid_seqno_assign(struct ath_softc *sc, 113 struct ieee80211_node *ni, struct ath_buf *bf, struct mbuf *m0); 114 static int ath_tx_action_frame_override_queue(struct ath_softc *sc, 115 struct ieee80211_node *ni, struct mbuf *m0, int *tid); 116 117 /* 118 * Whether to use the 11n rate scenario functions or not 119 */ 120 static inline int 121 ath_tx_is_11n(struct ath_softc *sc) 122 { 123 return (sc->sc_ah->ah_magic == 0x20065416); 124 } 125 126 /* 127 * Obtain the current TID from the given frame. 128 * 129 * Non-QoS frames need to go into TID 16 (IEEE80211_NONQOS_TID.) 130 * This has implications for which AC/priority the packet is placed 131 * in. 132 */ 133 static int 134 ath_tx_gettid(struct ath_softc *sc, const struct mbuf *m0) 135 { 136 const struct ieee80211_frame *wh; 137 int pri = M_WME_GETAC(m0); 138 139 wh = mtod(m0, const struct ieee80211_frame *); 140 if (! IEEE80211_QOS_HAS_SEQ(wh)) 141 return IEEE80211_NONQOS_TID; 142 else 143 return WME_AC_TO_TID(pri); 144 } 145 146 /* 147 * Determine what the correct AC queue for the given frame 148 * should be. 149 * 150 * This code assumes that the TIDs map consistently to 151 * the underlying hardware (or software) ath_txq. 152 * Since the sender may try to set an AC which is 153 * arbitrary, non-QoS TIDs may end up being put on 154 * completely different ACs. There's no way to put a 155 * TID into multiple ath_txq's for scheduling, so 156 * for now we override the AC/TXQ selection and set 157 * non-QOS TID frames into the BE queue. 158 * 159 * This may be completely incorrect - specifically, 160 * some management frames may end up out of order 161 * compared to the QoS traffic they're controlling. 162 * I'll look into this later. 163 */ 164 static int 165 ath_tx_getac(struct ath_softc *sc, const struct mbuf *m0) 166 { 167 const struct ieee80211_frame *wh; 168 int pri = M_WME_GETAC(m0); 169 wh = mtod(m0, const struct ieee80211_frame *); 170 if (IEEE80211_QOS_HAS_SEQ(wh)) 171 return pri; 172 173 return WME_AC_BE; 174 } 175 176 void 177 ath_txfrag_cleanup(struct ath_softc *sc, 178 ath_bufhead *frags, struct ieee80211_node *ni) 179 { 180 struct ath_buf *bf, *next; 181 182 ATH_TXBUF_LOCK_ASSERT(sc); 183 184 TAILQ_FOREACH_SAFE(bf, frags, bf_list, next) { 185 /* NB: bf assumed clean */ 186 TAILQ_REMOVE(frags, bf, bf_list); 187 TAILQ_INSERT_HEAD(&sc->sc_txbuf, bf, bf_list); 188 ieee80211_node_decref(ni); 189 } 190 } 191 192 /* 193 * Setup xmit of a fragmented frame. Allocate a buffer 194 * for each frag and bump the node reference count to 195 * reflect the held reference to be setup by ath_tx_start. 196 */ 197 int 198 ath_txfrag_setup(struct ath_softc *sc, ath_bufhead *frags, 199 struct mbuf *m0, struct ieee80211_node *ni) 200 { 201 struct mbuf *m; 202 struct ath_buf *bf; 203 204 ATH_TXBUF_LOCK(sc); 205 for (m = m0->m_nextpkt; m != NULL; m = m->m_nextpkt) { 206 bf = _ath_getbuf_locked(sc); 207 if (bf == NULL) { /* out of buffers, cleanup */ 208 ath_txfrag_cleanup(sc, frags, ni); 209 break; 210 } 211 ieee80211_node_incref(ni); 212 TAILQ_INSERT_TAIL(frags, bf, bf_list); 213 } 214 ATH_TXBUF_UNLOCK(sc); 215 216 return !TAILQ_EMPTY(frags); 217 } 218 219 /* 220 * Reclaim mbuf resources. For fragmented frames we 221 * need to claim each frag chained with m_nextpkt. 222 */ 223 void 224 ath_freetx(struct mbuf *m) 225 { 226 struct mbuf *next; 227 228 do { 229 next = m->m_nextpkt; 230 m->m_nextpkt = NULL; 231 m_freem(m); 232 } while ((m = next) != NULL); 233 } 234 235 static int 236 ath_tx_dmasetup(struct ath_softc *sc, struct ath_buf *bf, struct mbuf *m0) 237 { 238 struct mbuf *m; 239 int error; 240 241 /* 242 * Load the DMA map so any coalescing is done. This 243 * also calculates the number of descriptors we need. 244 */ 245 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 246 bf->bf_segs, &bf->bf_nseg, 247 BUS_DMA_NOWAIT); 248 if (error == EFBIG) { 249 /* XXX packet requires too many descriptors */ 250 bf->bf_nseg = ATH_TXDESC+1; 251 } else if (error != 0) { 252 sc->sc_stats.ast_tx_busdma++; 253 ath_freetx(m0); 254 return error; 255 } 256 /* 257 * Discard null packets and check for packets that 258 * require too many TX descriptors. We try to convert 259 * the latter to a cluster. 260 */ 261 if (bf->bf_nseg > ATH_TXDESC) { /* too many desc's, linearize */ 262 sc->sc_stats.ast_tx_linear++; 263 m = m_collapse(m0, M_DONTWAIT, ATH_TXDESC); 264 if (m == NULL) { 265 ath_freetx(m0); 266 sc->sc_stats.ast_tx_nombuf++; 267 return ENOMEM; 268 } 269 m0 = m; 270 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 271 bf->bf_segs, &bf->bf_nseg, 272 BUS_DMA_NOWAIT); 273 if (error != 0) { 274 sc->sc_stats.ast_tx_busdma++; 275 ath_freetx(m0); 276 return error; 277 } 278 KASSERT(bf->bf_nseg <= ATH_TXDESC, 279 ("too many segments after defrag; nseg %u", bf->bf_nseg)); 280 } else if (bf->bf_nseg == 0) { /* null packet, discard */ 281 sc->sc_stats.ast_tx_nodata++; 282 ath_freetx(m0); 283 return EIO; 284 } 285 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: m %p len %u\n", 286 __func__, m0, m0->m_pkthdr.len); 287 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, BUS_DMASYNC_PREWRITE); 288 bf->bf_m = m0; 289 290 return 0; 291 } 292 293 /* 294 * Chain together segments+descriptors for a non-11n frame. 295 */ 296 static void 297 ath_tx_chaindesclist(struct ath_softc *sc, struct ath_buf *bf) 298 { 299 struct ath_hal *ah = sc->sc_ah; 300 struct ath_desc *ds, *ds0; 301 int i; 302 303 /* 304 * Fillin the remainder of the descriptor info. 305 */ 306 ds0 = ds = bf->bf_desc; 307 for (i = 0; i < bf->bf_nseg; i++, ds++) { 308 ds->ds_data = bf->bf_segs[i].ds_addr; 309 if (i == bf->bf_nseg - 1) 310 ds->ds_link = 0; 311 else 312 ds->ds_link = bf->bf_daddr + sizeof(*ds) * (i + 1); 313 ath_hal_filltxdesc(ah, ds 314 , bf->bf_segs[i].ds_len /* segment length */ 315 , i == 0 /* first segment */ 316 , i == bf->bf_nseg - 1 /* last segment */ 317 , ds0 /* first descriptor */ 318 ); 319 DPRINTF(sc, ATH_DEBUG_XMIT, 320 "%s: %d: %08x %08x %08x %08x %08x %08x\n", 321 __func__, i, ds->ds_link, ds->ds_data, 322 ds->ds_ctl0, ds->ds_ctl1, ds->ds_hw[0], ds->ds_hw[1]); 323 bf->bf_lastds = ds; 324 } 325 } 326 327 /* 328 * Fill in the descriptor list for a aggregate subframe. 329 * 330 * The subframe is returned with the ds_link field in the last subframe 331 * pointing to 0. 332 */ 333 static void 334 ath_tx_chaindesclist_subframe(struct ath_softc *sc, struct ath_buf *bf) 335 { 336 struct ath_hal *ah = sc->sc_ah; 337 struct ath_desc *ds, *ds0; 338 int i; 339 340 ds0 = ds = bf->bf_desc; 341 342 /* 343 * There's no need to call ath_hal_setupfirsttxdesc here; 344 * That's only going to occur for the first frame in an aggregate. 345 */ 346 for (i = 0; i < bf->bf_nseg; i++, ds++) { 347 ds->ds_data = bf->bf_segs[i].ds_addr; 348 if (i == bf->bf_nseg - 1) 349 ds->ds_link = 0; 350 else 351 ds->ds_link = bf->bf_daddr + sizeof(*ds) * (i + 1); 352 353 /* 354 * This performs the setup for an aggregate frame. 355 * This includes enabling the aggregate flags if needed. 356 */ 357 ath_hal_chaintxdesc(ah, ds, 358 bf->bf_state.bfs_pktlen, 359 bf->bf_state.bfs_hdrlen, 360 HAL_PKT_TYPE_AMPDU, /* forces aggregate bits to be set */ 361 bf->bf_state.bfs_keyix, 362 0, /* cipher, calculated from keyix */ 363 bf->bf_state.bfs_ndelim, 364 bf->bf_segs[i].ds_len, /* segment length */ 365 i == 0, /* first segment */ 366 i == bf->bf_nseg - 1 /* last segment */ 367 ); 368 369 DPRINTF(sc, ATH_DEBUG_XMIT, 370 "%s: %d: %08x %08x %08x %08x %08x %08x\n", 371 __func__, i, ds->ds_link, ds->ds_data, 372 ds->ds_ctl0, ds->ds_ctl1, ds->ds_hw[0], ds->ds_hw[1]); 373 bf->bf_lastds = ds; 374 } 375 } 376 377 /* 378 * Setup segments+descriptors for an 11n aggregate. 379 * bf_first is the first buffer in the aggregate. 380 * The descriptor list must already been linked together using 381 * bf->bf_next. 382 */ 383 static void 384 ath_tx_setds_11n(struct ath_softc *sc, struct ath_buf *bf_first) 385 { 386 struct ath_buf *bf, *bf_prev = NULL; 387 388 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: nframes=%d, al=%d\n", 389 __func__, bf_first->bf_state.bfs_nframes, 390 bf_first->bf_state.bfs_al); 391 392 /* 393 * Setup all descriptors of all subframes. 394 */ 395 bf = bf_first; 396 while (bf != NULL) { 397 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 398 "%s: bf=%p, nseg=%d, pktlen=%d, seqno=%d\n", 399 __func__, bf, bf->bf_nseg, bf->bf_state.bfs_pktlen, 400 SEQNO(bf->bf_state.bfs_seqno)); 401 402 /* Sub-frame setup */ 403 ath_tx_chaindesclist_subframe(sc, bf); 404 405 /* 406 * Link the last descriptor of the previous frame 407 * to the beginning descriptor of this frame. 408 */ 409 if (bf_prev != NULL) 410 bf_prev->bf_lastds->ds_link = bf->bf_daddr; 411 412 /* Save a copy so we can link the next descriptor in */ 413 bf_prev = bf; 414 bf = bf->bf_next; 415 } 416 417 /* 418 * Setup first descriptor of first frame. 419 * chaintxdesc() overwrites the descriptor entries; 420 * setupfirsttxdesc() merges in things. 421 * Otherwise various fields aren't set correctly (eg flags). 422 */ 423 ath_hal_setupfirsttxdesc(sc->sc_ah, 424 bf_first->bf_desc, 425 bf_first->bf_state.bfs_al, 426 bf_first->bf_state.bfs_flags | HAL_TXDESC_INTREQ, 427 bf_first->bf_state.bfs_txpower, 428 bf_first->bf_state.bfs_txrate0, 429 bf_first->bf_state.bfs_try0, 430 bf_first->bf_state.bfs_txantenna, 431 bf_first->bf_state.bfs_ctsrate, 432 bf_first->bf_state.bfs_ctsduration); 433 434 /* 435 * Setup the last descriptor in the list. 436 * bf_prev points to the last; bf is NULL here. 437 */ 438 ath_hal_setuplasttxdesc(sc->sc_ah, bf_prev->bf_desc, bf_first->bf_desc); 439 440 /* 441 * Set the first descriptor bf_lastds field to point to 442 * the last descriptor in the last subframe, that's where 443 * the status update will occur. 444 */ 445 bf_first->bf_lastds = bf_prev->bf_lastds; 446 447 /* 448 * And bf_last in the first descriptor points to the end of 449 * the aggregate list. 450 */ 451 bf_first->bf_last = bf_prev; 452 453 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: end\n", __func__); 454 } 455 456 static void 457 ath_tx_handoff_mcast(struct ath_softc *sc, struct ath_txq *txq, 458 struct ath_buf *bf) 459 { 460 ATH_TXQ_LOCK_ASSERT(txq); 461 KASSERT((bf->bf_flags & ATH_BUF_BUSY) == 0, 462 ("%s: busy status 0x%x", __func__, bf->bf_flags)); 463 if (txq->axq_link != NULL) { 464 struct ath_buf *last = ATH_TXQ_LAST(txq, axq_q_s); 465 struct ieee80211_frame *wh; 466 467 /* mark previous frame */ 468 wh = mtod(last->bf_m, struct ieee80211_frame *); 469 wh->i_fc[1] |= IEEE80211_FC1_MORE_DATA; 470 bus_dmamap_sync(sc->sc_dmat, last->bf_dmamap, 471 BUS_DMASYNC_PREWRITE); 472 473 /* link descriptor */ 474 *txq->axq_link = bf->bf_daddr; 475 } 476 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 477 txq->axq_link = &bf->bf_lastds->ds_link; 478 } 479 480 /* 481 * Hand-off packet to a hardware queue. 482 */ 483 static void 484 ath_tx_handoff_hw(struct ath_softc *sc, struct ath_txq *txq, struct ath_buf *bf) 485 { 486 struct ath_hal *ah = sc->sc_ah; 487 488 /* 489 * Insert the frame on the outbound list and pass it on 490 * to the hardware. Multicast frames buffered for power 491 * save stations and transmit from the CAB queue are stored 492 * on a s/w only queue and loaded on to the CAB queue in 493 * the SWBA handler since frames only go out on DTIM and 494 * to avoid possible races. 495 */ 496 ATH_TXQ_LOCK_ASSERT(txq); 497 KASSERT((bf->bf_flags & ATH_BUF_BUSY) == 0, 498 ("%s: busy status 0x%x", __func__, bf->bf_flags)); 499 KASSERT(txq->axq_qnum != ATH_TXQ_SWQ, 500 ("ath_tx_handoff_hw called for mcast queue")); 501 502 #if 0 503 /* 504 * This causes a LOR. Find out where the PCU lock is being 505 * held whilst the TXQ lock is grabbed - that shouldn't 506 * be occuring. 507 */ 508 ATH_PCU_LOCK(sc); 509 if (sc->sc_inreset_cnt) { 510 ATH_PCU_UNLOCK(sc); 511 DPRINTF(sc, ATH_DEBUG_RESET, 512 "%s: called with sc_in_reset != 0\n", 513 __func__); 514 DPRINTF(sc, ATH_DEBUG_XMIT, 515 "%s: queued: TXDP[%u] = %p (%p) depth %d\n", 516 __func__, txq->axq_qnum, 517 (caddr_t)bf->bf_daddr, bf->bf_desc, 518 txq->axq_depth); 519 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 520 if (bf->bf_state.bfs_aggr) 521 txq->axq_aggr_depth++; 522 /* 523 * There's no need to update axq_link; the hardware 524 * is in reset and once the reset is complete, any 525 * non-empty queues will simply have DMA restarted. 526 */ 527 return; 528 } 529 ATH_PCU_UNLOCK(sc); 530 #endif 531 532 /* For now, so not to generate whitespace diffs */ 533 if (1) { 534 #ifdef IEEE80211_SUPPORT_TDMA 535 int qbusy; 536 537 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 538 qbusy = ath_hal_txqenabled(ah, txq->axq_qnum); 539 if (txq->axq_link == NULL) { 540 /* 541 * Be careful writing the address to TXDP. If 542 * the tx q is enabled then this write will be 543 * ignored. Normally this is not an issue but 544 * when tdma is in use and the q is beacon gated 545 * this race can occur. If the q is busy then 546 * defer the work to later--either when another 547 * packet comes along or when we prepare a beacon 548 * frame at SWBA. 549 */ 550 if (!qbusy) { 551 ath_hal_puttxbuf(ah, txq->axq_qnum, bf->bf_daddr); 552 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 553 DPRINTF(sc, ATH_DEBUG_XMIT, 554 "%s: TXDP[%u] = %p (%p) depth %d\n", 555 __func__, txq->axq_qnum, 556 (caddr_t)bf->bf_daddr, bf->bf_desc, 557 txq->axq_depth); 558 } else { 559 txq->axq_flags |= ATH_TXQ_PUTPENDING; 560 DPRINTF(sc, ATH_DEBUG_TDMA | ATH_DEBUG_XMIT, 561 "%s: Q%u busy, defer enable\n", __func__, 562 txq->axq_qnum); 563 } 564 } else { 565 *txq->axq_link = bf->bf_daddr; 566 DPRINTF(sc, ATH_DEBUG_XMIT, 567 "%s: link[%u](%p)=%p (%p) depth %d\n", __func__, 568 txq->axq_qnum, txq->axq_link, 569 (caddr_t)bf->bf_daddr, bf->bf_desc, txq->axq_depth); 570 if ((txq->axq_flags & ATH_TXQ_PUTPENDING) && !qbusy) { 571 /* 572 * The q was busy when we previously tried 573 * to write the address of the first buffer 574 * in the chain. Since it's not busy now 575 * handle this chore. We are certain the 576 * buffer at the front is the right one since 577 * axq_link is NULL only when the buffer list 578 * is/was empty. 579 */ 580 ath_hal_puttxbuf(ah, txq->axq_qnum, 581 TAILQ_FIRST(&txq->axq_q)->bf_daddr); 582 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 583 DPRINTF(sc, ATH_DEBUG_TDMA | ATH_DEBUG_XMIT, 584 "%s: Q%u restarted\n", __func__, 585 txq->axq_qnum); 586 } 587 } 588 #else 589 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 590 if (txq->axq_link == NULL) { 591 ath_hal_puttxbuf(ah, txq->axq_qnum, bf->bf_daddr); 592 DPRINTF(sc, ATH_DEBUG_XMIT, 593 "%s: TXDP[%u] = %p (%p) depth %d\n", 594 __func__, txq->axq_qnum, 595 (caddr_t)bf->bf_daddr, bf->bf_desc, 596 txq->axq_depth); 597 } else { 598 *txq->axq_link = bf->bf_daddr; 599 DPRINTF(sc, ATH_DEBUG_XMIT, 600 "%s: link[%u](%p)=%p (%p) depth %d\n", __func__, 601 txq->axq_qnum, txq->axq_link, 602 (caddr_t)bf->bf_daddr, bf->bf_desc, txq->axq_depth); 603 } 604 #endif /* IEEE80211_SUPPORT_TDMA */ 605 if (bf->bf_state.bfs_aggr) 606 txq->axq_aggr_depth++; 607 txq->axq_link = &bf->bf_lastds->ds_link; 608 ath_hal_txstart(ah, txq->axq_qnum); 609 } 610 } 611 612 /* 613 * Restart TX DMA for the given TXQ. 614 * 615 * This must be called whether the queue is empty or not. 616 */ 617 void 618 ath_txq_restart_dma(struct ath_softc *sc, struct ath_txq *txq) 619 { 620 struct ath_hal *ah = sc->sc_ah; 621 struct ath_buf *bf; 622 623 ATH_TXQ_LOCK_ASSERT(txq); 624 625 /* This is always going to be cleared, empty or not */ 626 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 627 628 bf = TAILQ_FIRST(&txq->axq_q); 629 if (bf == NULL) 630 return; 631 632 ath_hal_puttxbuf(ah, txq->axq_qnum, bf->bf_daddr); 633 txq->axq_link = &bf->bf_lastds->ds_link; 634 ath_hal_txstart(ah, txq->axq_qnum); 635 } 636 637 /* 638 * Hand off a packet to the hardware (or mcast queue.) 639 * 640 * The relevant hardware txq should be locked. 641 */ 642 static void 643 ath_tx_handoff(struct ath_softc *sc, struct ath_txq *txq, struct ath_buf *bf) 644 { 645 ATH_TXQ_LOCK_ASSERT(txq); 646 647 if (txq->axq_qnum == ATH_TXQ_SWQ) 648 ath_tx_handoff_mcast(sc, txq, bf); 649 else 650 ath_tx_handoff_hw(sc, txq, bf); 651 } 652 653 static int 654 ath_tx_tag_crypto(struct ath_softc *sc, struct ieee80211_node *ni, 655 struct mbuf *m0, int iswep, int isfrag, int *hdrlen, int *pktlen, int *keyix) 656 { 657 if (iswep) { 658 const struct ieee80211_cipher *cip; 659 struct ieee80211_key *k; 660 661 /* 662 * Construct the 802.11 header+trailer for an encrypted 663 * frame. The only reason this can fail is because of an 664 * unknown or unsupported cipher/key type. 665 */ 666 k = ieee80211_crypto_encap(ni, m0); 667 if (k == NULL) { 668 /* 669 * This can happen when the key is yanked after the 670 * frame was queued. Just discard the frame; the 671 * 802.11 layer counts failures and provides 672 * debugging/diagnostics. 673 */ 674 return 0; 675 } 676 /* 677 * Adjust the packet + header lengths for the crypto 678 * additions and calculate the h/w key index. When 679 * a s/w mic is done the frame will have had any mic 680 * added to it prior to entry so m0->m_pkthdr.len will 681 * account for it. Otherwise we need to add it to the 682 * packet length. 683 */ 684 cip = k->wk_cipher; 685 (*hdrlen) += cip->ic_header; 686 (*pktlen) += cip->ic_header + cip->ic_trailer; 687 /* NB: frags always have any TKIP MIC done in s/w */ 688 if ((k->wk_flags & IEEE80211_KEY_SWMIC) == 0 && !isfrag) 689 (*pktlen) += cip->ic_miclen; 690 (*keyix) = k->wk_keyix; 691 } else if (ni->ni_ucastkey.wk_cipher == &ieee80211_cipher_none) { 692 /* 693 * Use station key cache slot, if assigned. 694 */ 695 (*keyix) = ni->ni_ucastkey.wk_keyix; 696 if ((*keyix) == IEEE80211_KEYIX_NONE) 697 (*keyix) = HAL_TXKEYIX_INVALID; 698 } else 699 (*keyix) = HAL_TXKEYIX_INVALID; 700 701 return 1; 702 } 703 704 static uint8_t 705 ath_tx_get_rtscts_rate(struct ath_hal *ah, const HAL_RATE_TABLE *rt, 706 int cix, int shortPreamble) 707 { 708 uint8_t ctsrate; 709 710 /* 711 * CTS transmit rate is derived from the transmit rate 712 * by looking in the h/w rate table. We must also factor 713 * in whether or not a short preamble is to be used. 714 */ 715 /* NB: cix is set above where RTS/CTS is enabled */ 716 KASSERT(cix != 0xff, ("cix not setup")); 717 ctsrate = rt->info[cix].rateCode; 718 719 /* XXX this should only matter for legacy rates */ 720 if (shortPreamble) 721 ctsrate |= rt->info[cix].shortPreamble; 722 723 return ctsrate; 724 } 725 726 /* 727 * Calculate the RTS/CTS duration for legacy frames. 728 */ 729 static int 730 ath_tx_calc_ctsduration(struct ath_hal *ah, int rix, int cix, 731 int shortPreamble, int pktlen, const HAL_RATE_TABLE *rt, 732 int flags) 733 { 734 int ctsduration = 0; 735 736 /* This mustn't be called for HT modes */ 737 if (rt->info[cix].phy == IEEE80211_T_HT) { 738 printf("%s: HT rate where it shouldn't be (0x%x)\n", 739 __func__, rt->info[cix].rateCode); 740 return -1; 741 } 742 743 /* 744 * Compute the transmit duration based on the frame 745 * size and the size of an ACK frame. We call into the 746 * HAL to do the computation since it depends on the 747 * characteristics of the actual PHY being used. 748 * 749 * NB: CTS is assumed the same size as an ACK so we can 750 * use the precalculated ACK durations. 751 */ 752 if (shortPreamble) { 753 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */ 754 ctsduration += rt->info[cix].spAckDuration; 755 ctsduration += ath_hal_computetxtime(ah, 756 rt, pktlen, rix, AH_TRUE); 757 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */ 758 ctsduration += rt->info[rix].spAckDuration; 759 } else { 760 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */ 761 ctsduration += rt->info[cix].lpAckDuration; 762 ctsduration += ath_hal_computetxtime(ah, 763 rt, pktlen, rix, AH_FALSE); 764 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */ 765 ctsduration += rt->info[rix].lpAckDuration; 766 } 767 768 return ctsduration; 769 } 770 771 /* 772 * Update the given ath_buf with updated rts/cts setup and duration 773 * values. 774 * 775 * To support rate lookups for each software retry, the rts/cts rate 776 * and cts duration must be re-calculated. 777 * 778 * This function assumes the RTS/CTS flags have been set as needed; 779 * mrr has been disabled; and the rate control lookup has been done. 780 * 781 * XXX TODO: MRR need only be disabled for the pre-11n NICs. 782 * XXX The 11n NICs support per-rate RTS/CTS configuration. 783 */ 784 static void 785 ath_tx_set_rtscts(struct ath_softc *sc, struct ath_buf *bf) 786 { 787 uint16_t ctsduration = 0; 788 uint8_t ctsrate = 0; 789 uint8_t rix = bf->bf_state.bfs_rc[0].rix; 790 uint8_t cix = 0; 791 const HAL_RATE_TABLE *rt = sc->sc_currates; 792 793 /* 794 * No RTS/CTS enabled? Don't bother. 795 */ 796 if ((bf->bf_state.bfs_flags & 797 (HAL_TXDESC_RTSENA | HAL_TXDESC_CTSENA)) == 0) { 798 /* XXX is this really needed? */ 799 bf->bf_state.bfs_ctsrate = 0; 800 bf->bf_state.bfs_ctsduration = 0; 801 return; 802 } 803 804 /* 805 * If protection is enabled, use the protection rix control 806 * rate. Otherwise use the rate0 control rate. 807 */ 808 if (bf->bf_state.bfs_doprot) 809 rix = sc->sc_protrix; 810 else 811 rix = bf->bf_state.bfs_rc[0].rix; 812 813 /* 814 * If the raw path has hard-coded ctsrate0 to something, 815 * use it. 816 */ 817 if (bf->bf_state.bfs_ctsrate0 != 0) 818 cix = ath_tx_findrix(sc, bf->bf_state.bfs_ctsrate0); 819 else 820 /* Control rate from above */ 821 cix = rt->info[rix].controlRate; 822 823 /* Calculate the rtscts rate for the given cix */ 824 ctsrate = ath_tx_get_rtscts_rate(sc->sc_ah, rt, cix, 825 bf->bf_state.bfs_shpream); 826 827 /* The 11n chipsets do ctsduration calculations for you */ 828 if (! ath_tx_is_11n(sc)) 829 ctsduration = ath_tx_calc_ctsduration(sc->sc_ah, rix, cix, 830 bf->bf_state.bfs_shpream, bf->bf_state.bfs_pktlen, 831 rt, bf->bf_state.bfs_flags); 832 833 /* Squirrel away in ath_buf */ 834 bf->bf_state.bfs_ctsrate = ctsrate; 835 bf->bf_state.bfs_ctsduration = ctsduration; 836 837 /* 838 * Must disable multi-rate retry when using RTS/CTS. 839 * XXX TODO: only for pre-11n NICs. 840 */ 841 bf->bf_state.bfs_ismrr = 0; 842 bf->bf_state.bfs_try0 = 843 bf->bf_state.bfs_rc[0].tries = ATH_TXMGTTRY; /* XXX ew */ 844 } 845 846 /* 847 * Setup the descriptor chain for a normal or fast-frame 848 * frame. 849 */ 850 static void 851 ath_tx_setds(struct ath_softc *sc, struct ath_buf *bf) 852 { 853 struct ath_desc *ds = bf->bf_desc; 854 struct ath_hal *ah = sc->sc_ah; 855 856 ath_hal_setuptxdesc(ah, ds 857 , bf->bf_state.bfs_pktlen /* packet length */ 858 , bf->bf_state.bfs_hdrlen /* header length */ 859 , bf->bf_state.bfs_atype /* Atheros packet type */ 860 , bf->bf_state.bfs_txpower /* txpower */ 861 , bf->bf_state.bfs_txrate0 862 , bf->bf_state.bfs_try0 /* series 0 rate/tries */ 863 , bf->bf_state.bfs_keyix /* key cache index */ 864 , bf->bf_state.bfs_txantenna /* antenna mode */ 865 , bf->bf_state.bfs_flags /* flags */ 866 , bf->bf_state.bfs_ctsrate /* rts/cts rate */ 867 , bf->bf_state.bfs_ctsduration /* rts/cts duration */ 868 ); 869 870 /* 871 * This will be overriden when the descriptor chain is written. 872 */ 873 bf->bf_lastds = ds; 874 bf->bf_last = bf; 875 876 /* XXX TODO: Setup descriptor chain */ 877 } 878 879 /* 880 * Do a rate lookup. 881 * 882 * This performs a rate lookup for the given ath_buf only if it's required. 883 * Non-data frames and raw frames don't require it. 884 * 885 * This populates the primary and MRR entries; MRR values are 886 * then disabled later on if something requires it (eg RTS/CTS on 887 * pre-11n chipsets. 888 * 889 * This needs to be done before the RTS/CTS fields are calculated 890 * as they may depend upon the rate chosen. 891 */ 892 static void 893 ath_tx_do_ratelookup(struct ath_softc *sc, struct ath_buf *bf) 894 { 895 uint8_t rate, rix; 896 int try0; 897 898 if (! bf->bf_state.bfs_doratelookup) 899 return; 900 901 /* Get rid of any previous state */ 902 bzero(bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 903 904 ATH_NODE_LOCK(ATH_NODE(bf->bf_node)); 905 ath_rate_findrate(sc, ATH_NODE(bf->bf_node), bf->bf_state.bfs_shpream, 906 bf->bf_state.bfs_pktlen, &rix, &try0, &rate); 907 908 /* In case MRR is disabled, make sure rc[0] is setup correctly */ 909 bf->bf_state.bfs_rc[0].rix = rix; 910 bf->bf_state.bfs_rc[0].ratecode = rate; 911 bf->bf_state.bfs_rc[0].tries = try0; 912 913 if (bf->bf_state.bfs_ismrr && try0 != ATH_TXMAXTRY) 914 ath_rate_getxtxrates(sc, ATH_NODE(bf->bf_node), rix, 915 bf->bf_state.bfs_rc); 916 ATH_NODE_UNLOCK(ATH_NODE(bf->bf_node)); 917 918 sc->sc_txrix = rix; /* for LED blinking */ 919 sc->sc_lastdatarix = rix; /* for fast frames */ 920 bf->bf_state.bfs_try0 = try0; 921 bf->bf_state.bfs_txrate0 = rate; 922 } 923 924 /* 925 * Set the rate control fields in the given descriptor based on 926 * the bf_state fields and node state. 927 * 928 * The bfs fields should already be set with the relevant rate 929 * control information, including whether MRR is to be enabled. 930 * 931 * Since the FreeBSD HAL currently sets up the first TX rate 932 * in ath_hal_setuptxdesc(), this will setup the MRR 933 * conditionally for the pre-11n chips, and call ath_buf_set_rate 934 * unconditionally for 11n chips. These require the 11n rate 935 * scenario to be set if MCS rates are enabled, so it's easier 936 * to just always call it. The caller can then only set rates 2, 3 937 * and 4 if multi-rate retry is needed. 938 */ 939 static void 940 ath_tx_set_ratectrl(struct ath_softc *sc, struct ieee80211_node *ni, 941 struct ath_buf *bf) 942 { 943 struct ath_rc_series *rc = bf->bf_state.bfs_rc; 944 945 /* If mrr is disabled, blank tries 1, 2, 3 */ 946 if (! bf->bf_state.bfs_ismrr) 947 rc[1].tries = rc[2].tries = rc[3].tries = 0; 948 949 /* 950 * Always call - that way a retried descriptor will 951 * have the MRR fields overwritten. 952 * 953 * XXX TODO: see if this is really needed - setting up 954 * the first descriptor should set the MRR fields to 0 955 * for us anyway. 956 */ 957 if (ath_tx_is_11n(sc)) { 958 ath_buf_set_rate(sc, ni, bf); 959 } else { 960 ath_hal_setupxtxdesc(sc->sc_ah, bf->bf_desc 961 , rc[1].ratecode, rc[1].tries 962 , rc[2].ratecode, rc[2].tries 963 , rc[3].ratecode, rc[3].tries 964 ); 965 } 966 } 967 968 /* 969 * Transmit the given frame to the hardware. 970 * 971 * The frame must already be setup; rate control must already have 972 * been done. 973 * 974 * XXX since the TXQ lock is being held here (and I dislike holding 975 * it for this long when not doing software aggregation), later on 976 * break this function into "setup_normal" and "xmit_normal". The 977 * lock only needs to be held for the ath_tx_handoff call. 978 */ 979 static void 980 ath_tx_xmit_normal(struct ath_softc *sc, struct ath_txq *txq, 981 struct ath_buf *bf) 982 { 983 984 ATH_TXQ_LOCK_ASSERT(txq); 985 986 /* Setup the descriptor before handoff */ 987 ath_tx_do_ratelookup(sc, bf); 988 ath_tx_rate_fill_rcflags(sc, bf); 989 ath_tx_set_rtscts(sc, bf); 990 ath_tx_setds(sc, bf); 991 ath_tx_set_ratectrl(sc, bf->bf_node, bf); 992 ath_tx_chaindesclist(sc, bf); 993 994 /* Hand off to hardware */ 995 ath_tx_handoff(sc, txq, bf); 996 } 997 998 999 1000 static int 1001 ath_tx_normal_setup(struct ath_softc *sc, struct ieee80211_node *ni, 1002 struct ath_buf *bf, struct mbuf *m0) 1003 { 1004 struct ieee80211vap *vap = ni->ni_vap; 1005 struct ath_vap *avp = ATH_VAP(vap); 1006 struct ath_hal *ah = sc->sc_ah; 1007 struct ifnet *ifp = sc->sc_ifp; 1008 struct ieee80211com *ic = ifp->if_l2com; 1009 const struct chanAccParams *cap = &ic->ic_wme.wme_chanParams; 1010 int error, iswep, ismcast, isfrag, ismrr; 1011 int keyix, hdrlen, pktlen, try0 = 0; 1012 u_int8_t rix = 0, txrate = 0; 1013 struct ath_desc *ds; 1014 struct ath_txq *txq; 1015 struct ieee80211_frame *wh; 1016 u_int subtype, flags; 1017 HAL_PKT_TYPE atype; 1018 const HAL_RATE_TABLE *rt; 1019 HAL_BOOL shortPreamble; 1020 struct ath_node *an; 1021 u_int pri; 1022 1023 wh = mtod(m0, struct ieee80211_frame *); 1024 iswep = wh->i_fc[1] & IEEE80211_FC1_WEP; 1025 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1026 isfrag = m0->m_flags & M_FRAG; 1027 hdrlen = ieee80211_anyhdrsize(wh); 1028 /* 1029 * Packet length must not include any 1030 * pad bytes; deduct them here. 1031 */ 1032 pktlen = m0->m_pkthdr.len - (hdrlen & 3); 1033 1034 /* Handle encryption twiddling if needed */ 1035 if (! ath_tx_tag_crypto(sc, ni, m0, iswep, isfrag, &hdrlen, 1036 &pktlen, &keyix)) { 1037 ath_freetx(m0); 1038 return EIO; 1039 } 1040 1041 /* packet header may have moved, reset our local pointer */ 1042 wh = mtod(m0, struct ieee80211_frame *); 1043 1044 pktlen += IEEE80211_CRC_LEN; 1045 1046 /* 1047 * Load the DMA map so any coalescing is done. This 1048 * also calculates the number of descriptors we need. 1049 */ 1050 error = ath_tx_dmasetup(sc, bf, m0); 1051 if (error != 0) 1052 return error; 1053 bf->bf_node = ni; /* NB: held reference */ 1054 m0 = bf->bf_m; /* NB: may have changed */ 1055 wh = mtod(m0, struct ieee80211_frame *); 1056 1057 /* setup descriptors */ 1058 ds = bf->bf_desc; 1059 rt = sc->sc_currates; 1060 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode)); 1061 1062 /* 1063 * NB: the 802.11 layer marks whether or not we should 1064 * use short preamble based on the current mode and 1065 * negotiated parameters. 1066 */ 1067 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 1068 (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE)) { 1069 shortPreamble = AH_TRUE; 1070 sc->sc_stats.ast_tx_shortpre++; 1071 } else { 1072 shortPreamble = AH_FALSE; 1073 } 1074 1075 an = ATH_NODE(ni); 1076 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */ 1077 ismrr = 0; /* default no multi-rate retry*/ 1078 pri = M_WME_GETAC(m0); /* honor classification */ 1079 /* XXX use txparams instead of fixed values */ 1080 /* 1081 * Calculate Atheros packet type from IEEE80211 packet header, 1082 * setup for rate calculations, and select h/w transmit queue. 1083 */ 1084 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) { 1085 case IEEE80211_FC0_TYPE_MGT: 1086 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1087 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON) 1088 atype = HAL_PKT_TYPE_BEACON; 1089 else if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1090 atype = HAL_PKT_TYPE_PROBE_RESP; 1091 else if (subtype == IEEE80211_FC0_SUBTYPE_ATIM) 1092 atype = HAL_PKT_TYPE_ATIM; 1093 else 1094 atype = HAL_PKT_TYPE_NORMAL; /* XXX */ 1095 rix = an->an_mgmtrix; 1096 txrate = rt->info[rix].rateCode; 1097 if (shortPreamble) 1098 txrate |= rt->info[rix].shortPreamble; 1099 try0 = ATH_TXMGTTRY; 1100 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1101 break; 1102 case IEEE80211_FC0_TYPE_CTL: 1103 atype = HAL_PKT_TYPE_PSPOLL; /* stop setting of duration */ 1104 rix = an->an_mgmtrix; 1105 txrate = rt->info[rix].rateCode; 1106 if (shortPreamble) 1107 txrate |= rt->info[rix].shortPreamble; 1108 try0 = ATH_TXMGTTRY; 1109 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1110 break; 1111 case IEEE80211_FC0_TYPE_DATA: 1112 atype = HAL_PKT_TYPE_NORMAL; /* default */ 1113 /* 1114 * Data frames: multicast frames go out at a fixed rate, 1115 * EAPOL frames use the mgmt frame rate; otherwise consult 1116 * the rate control module for the rate to use. 1117 */ 1118 if (ismcast) { 1119 rix = an->an_mcastrix; 1120 txrate = rt->info[rix].rateCode; 1121 if (shortPreamble) 1122 txrate |= rt->info[rix].shortPreamble; 1123 try0 = 1; 1124 } else if (m0->m_flags & M_EAPOL) { 1125 /* XXX? maybe always use long preamble? */ 1126 rix = an->an_mgmtrix; 1127 txrate = rt->info[rix].rateCode; 1128 if (shortPreamble) 1129 txrate |= rt->info[rix].shortPreamble; 1130 try0 = ATH_TXMAXTRY; /* XXX?too many? */ 1131 } else { 1132 /* 1133 * Do rate lookup on each TX, rather than using 1134 * the hard-coded TX information decided here. 1135 */ 1136 ismrr = 1; 1137 bf->bf_state.bfs_doratelookup = 1; 1138 } 1139 if (cap->cap_wmeParams[pri].wmep_noackPolicy) 1140 flags |= HAL_TXDESC_NOACK; 1141 break; 1142 default: 1143 if_printf(ifp, "bogus frame type 0x%x (%s)\n", 1144 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, __func__); 1145 /* XXX statistic */ 1146 ath_freetx(m0); 1147 return EIO; 1148 } 1149 txq = sc->sc_ac2q[pri]; 1150 1151 /* 1152 * When servicing one or more stations in power-save mode 1153 * (or) if there is some mcast data waiting on the mcast 1154 * queue (to prevent out of order delivery) multicast 1155 * frames must be buffered until after the beacon. 1156 */ 1157 if (ismcast && (vap->iv_ps_sta || avp->av_mcastq.axq_depth)) 1158 txq = &avp->av_mcastq; 1159 1160 /* 1161 * Calculate miscellaneous flags. 1162 */ 1163 if (ismcast) { 1164 flags |= HAL_TXDESC_NOACK; /* no ack on broad/multicast */ 1165 } else if (pktlen > vap->iv_rtsthreshold && 1166 (ni->ni_ath_flags & IEEE80211_NODE_FF) == 0) { 1167 flags |= HAL_TXDESC_RTSENA; /* RTS based on frame length */ 1168 sc->sc_stats.ast_tx_rts++; 1169 } 1170 if (flags & HAL_TXDESC_NOACK) /* NB: avoid double counting */ 1171 sc->sc_stats.ast_tx_noack++; 1172 #ifdef IEEE80211_SUPPORT_TDMA 1173 if (sc->sc_tdma && (flags & HAL_TXDESC_NOACK) == 0) { 1174 DPRINTF(sc, ATH_DEBUG_TDMA, 1175 "%s: discard frame, ACK required w/ TDMA\n", __func__); 1176 sc->sc_stats.ast_tdma_ack++; 1177 ath_freetx(m0); 1178 return EIO; 1179 } 1180 #endif 1181 1182 /* 1183 * If 802.11g protection is enabled, determine whether 1184 * to use RTS/CTS or just CTS. Note that this is only 1185 * done for OFDM unicast frames. 1186 */ 1187 if ((ic->ic_flags & IEEE80211_F_USEPROT) && 1188 rt->info[rix].phy == IEEE80211_T_OFDM && 1189 (flags & HAL_TXDESC_NOACK) == 0) { 1190 bf->bf_state.bfs_doprot = 1; 1191 /* XXX fragments must use CCK rates w/ protection */ 1192 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) { 1193 flags |= HAL_TXDESC_RTSENA; 1194 } else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) { 1195 flags |= HAL_TXDESC_CTSENA; 1196 } 1197 /* 1198 * For frags it would be desirable to use the 1199 * highest CCK rate for RTS/CTS. But stations 1200 * farther away may detect it at a lower CCK rate 1201 * so use the configured protection rate instead 1202 * (for now). 1203 */ 1204 sc->sc_stats.ast_tx_protect++; 1205 } 1206 1207 #if 0 1208 /* 1209 * If 11n protection is enabled and it's a HT frame, 1210 * enable RTS. 1211 * 1212 * XXX ic_htprotmode or ic_curhtprotmode? 1213 * XXX should it_htprotmode only matter if ic_curhtprotmode 1214 * XXX indicates it's not a HT pure environment? 1215 */ 1216 if ((ic->ic_htprotmode == IEEE80211_PROT_RTSCTS) && 1217 rt->info[rix].phy == IEEE80211_T_HT && 1218 (flags & HAL_TXDESC_NOACK) == 0) { 1219 cix = rt->info[sc->sc_protrix].controlRate; 1220 flags |= HAL_TXDESC_RTSENA; 1221 sc->sc_stats.ast_tx_htprotect++; 1222 } 1223 #endif 1224 1225 /* 1226 * Calculate duration. This logically belongs in the 802.11 1227 * layer but it lacks sufficient information to calculate it. 1228 */ 1229 if ((flags & HAL_TXDESC_NOACK) == 0 && 1230 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_CTL) { 1231 u_int16_t dur; 1232 if (shortPreamble) 1233 dur = rt->info[rix].spAckDuration; 1234 else 1235 dur = rt->info[rix].lpAckDuration; 1236 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) { 1237 dur += dur; /* additional SIFS+ACK */ 1238 KASSERT(m0->m_nextpkt != NULL, ("no fragment")); 1239 /* 1240 * Include the size of next fragment so NAV is 1241 * updated properly. The last fragment uses only 1242 * the ACK duration 1243 */ 1244 dur += ath_hal_computetxtime(ah, rt, 1245 m0->m_nextpkt->m_pkthdr.len, 1246 rix, shortPreamble); 1247 } 1248 if (isfrag) { 1249 /* 1250 * Force hardware to use computed duration for next 1251 * fragment by disabling multi-rate retry which updates 1252 * duration based on the multi-rate duration table. 1253 */ 1254 ismrr = 0; 1255 try0 = ATH_TXMGTTRY; /* XXX? */ 1256 } 1257 *(u_int16_t *)wh->i_dur = htole16(dur); 1258 } 1259 1260 /* 1261 * Determine if a tx interrupt should be generated for 1262 * this descriptor. We take a tx interrupt to reap 1263 * descriptors when the h/w hits an EOL condition or 1264 * when the descriptor is specifically marked to generate 1265 * an interrupt. We periodically mark descriptors in this 1266 * way to insure timely replenishing of the supply needed 1267 * for sending frames. Defering interrupts reduces system 1268 * load and potentially allows more concurrent work to be 1269 * done but if done to aggressively can cause senders to 1270 * backup. 1271 * 1272 * NB: use >= to deal with sc_txintrperiod changing 1273 * dynamically through sysctl. 1274 */ 1275 if (flags & HAL_TXDESC_INTREQ) { 1276 txq->axq_intrcnt = 0; 1277 } else if (++txq->axq_intrcnt >= sc->sc_txintrperiod) { 1278 flags |= HAL_TXDESC_INTREQ; 1279 txq->axq_intrcnt = 0; 1280 } 1281 1282 /* This point forward is actual TX bits */ 1283 1284 /* 1285 * At this point we are committed to sending the frame 1286 * and we don't need to look at m_nextpkt; clear it in 1287 * case this frame is part of frag chain. 1288 */ 1289 m0->m_nextpkt = NULL; 1290 1291 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT)) 1292 ieee80211_dump_pkt(ic, mtod(m0, const uint8_t *), m0->m_len, 1293 sc->sc_hwmap[rix].ieeerate, -1); 1294 1295 if (ieee80211_radiotap_active_vap(vap)) { 1296 u_int64_t tsf = ath_hal_gettsf64(ah); 1297 1298 sc->sc_tx_th.wt_tsf = htole64(tsf); 1299 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags; 1300 if (iswep) 1301 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1302 if (isfrag) 1303 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1304 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate; 1305 sc->sc_tx_th.wt_txpower = ni->ni_txpower; 1306 sc->sc_tx_th.wt_antenna = sc->sc_txantenna; 1307 1308 ieee80211_radiotap_tx(vap, m0); 1309 } 1310 1311 /* Blank the legacy rate array */ 1312 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1313 1314 /* 1315 * ath_buf_set_rate needs at least one rate/try to setup 1316 * the rate scenario. 1317 */ 1318 bf->bf_state.bfs_rc[0].rix = rix; 1319 bf->bf_state.bfs_rc[0].tries = try0; 1320 bf->bf_state.bfs_rc[0].ratecode = txrate; 1321 1322 /* Store the decided rate index values away */ 1323 bf->bf_state.bfs_pktlen = pktlen; 1324 bf->bf_state.bfs_hdrlen = hdrlen; 1325 bf->bf_state.bfs_atype = atype; 1326 bf->bf_state.bfs_txpower = ni->ni_txpower; 1327 bf->bf_state.bfs_txrate0 = txrate; 1328 bf->bf_state.bfs_try0 = try0; 1329 bf->bf_state.bfs_keyix = keyix; 1330 bf->bf_state.bfs_txantenna = sc->sc_txantenna; 1331 bf->bf_state.bfs_flags = flags; 1332 bf->bf_txflags = flags; 1333 bf->bf_state.bfs_shpream = shortPreamble; 1334 1335 /* XXX this should be done in ath_tx_setrate() */ 1336 bf->bf_state.bfs_ctsrate0 = 0; /* ie, no hard-coded ctsrate */ 1337 bf->bf_state.bfs_ctsrate = 0; /* calculated later */ 1338 bf->bf_state.bfs_ctsduration = 0; 1339 bf->bf_state.bfs_ismrr = ismrr; 1340 1341 return 0; 1342 } 1343 1344 /* 1345 * Direct-dispatch the current frame to the hardware. 1346 * 1347 * This can be called by the net80211 code. 1348 * 1349 * XXX what about locking? Or, push the seqno assign into the 1350 * XXX aggregate scheduler so its serialised? 1351 */ 1352 int 1353 ath_tx_start(struct ath_softc *sc, struct ieee80211_node *ni, 1354 struct ath_buf *bf, struct mbuf *m0) 1355 { 1356 struct ieee80211vap *vap = ni->ni_vap; 1357 struct ath_vap *avp = ATH_VAP(vap); 1358 int r; 1359 u_int pri; 1360 int tid; 1361 struct ath_txq *txq; 1362 int ismcast; 1363 const struct ieee80211_frame *wh; 1364 int is_ampdu, is_ampdu_tx, is_ampdu_pending; 1365 ieee80211_seq seqno; 1366 uint8_t type, subtype; 1367 1368 /* 1369 * Determine the target hardware queue. 1370 * 1371 * For multicast frames, the txq gets overridden to be the 1372 * software TXQ and it's done via direct-dispatch. 1373 * 1374 * For any other frame, we do a TID/QoS lookup inside the frame 1375 * to see what the TID should be. If it's a non-QoS frame, the 1376 * AC and TID are overridden. The TID/TXQ code assumes the 1377 * TID is on a predictable hardware TXQ, so we don't support 1378 * having a node TID queued to multiple hardware TXQs. 1379 * This may change in the future but would require some locking 1380 * fudgery. 1381 */ 1382 pri = ath_tx_getac(sc, m0); 1383 tid = ath_tx_gettid(sc, m0); 1384 1385 txq = sc->sc_ac2q[pri]; 1386 wh = mtod(m0, struct ieee80211_frame *); 1387 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1388 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 1389 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1390 1391 /* A-MPDU TX */ 1392 is_ampdu_tx = ath_tx_ampdu_running(sc, ATH_NODE(ni), tid); 1393 is_ampdu_pending = ath_tx_ampdu_pending(sc, ATH_NODE(ni), tid); 1394 is_ampdu = is_ampdu_tx | is_ampdu_pending; 1395 1396 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, ac=%d, is_ampdu=%d\n", 1397 __func__, tid, pri, is_ampdu); 1398 1399 /* Multicast frames go onto the software multicast queue */ 1400 if (ismcast) 1401 txq = &avp->av_mcastq; 1402 1403 if ((! is_ampdu) && (vap->iv_ps_sta || avp->av_mcastq.axq_depth)) 1404 txq = &avp->av_mcastq; 1405 1406 /* Do the generic frame setup */ 1407 /* XXX should just bzero the bf_state? */ 1408 bf->bf_state.bfs_dobaw = 0; 1409 1410 /* A-MPDU TX? Manually set sequence number */ 1411 /* Don't do it whilst pending; the net80211 layer still assigns them */ 1412 /* XXX do we need locking here? */ 1413 if (is_ampdu_tx) { 1414 ATH_TXQ_LOCK(txq); 1415 /* 1416 * Always call; this function will 1417 * handle making sure that null data frames 1418 * don't get a sequence number from the current 1419 * TID and thus mess with the BAW. 1420 */ 1421 seqno = ath_tx_tid_seqno_assign(sc, ni, bf, m0); 1422 if (IEEE80211_QOS_HAS_SEQ(wh) && 1423 subtype != IEEE80211_FC0_SUBTYPE_QOS_NULL) { 1424 bf->bf_state.bfs_dobaw = 1; 1425 } 1426 ATH_TXQ_UNLOCK(txq); 1427 } 1428 1429 /* 1430 * If needed, the sequence number has been assigned. 1431 * Squirrel it away somewhere easy to get to. 1432 */ 1433 bf->bf_state.bfs_seqno = M_SEQNO_GET(m0) << IEEE80211_SEQ_SEQ_SHIFT; 1434 1435 /* Is ampdu pending? fetch the seqno and print it out */ 1436 if (is_ampdu_pending) 1437 DPRINTF(sc, ATH_DEBUG_SW_TX, 1438 "%s: tid %d: ampdu pending, seqno %d\n", 1439 __func__, tid, M_SEQNO_GET(m0)); 1440 1441 /* This also sets up the DMA map */ 1442 r = ath_tx_normal_setup(sc, ni, bf, m0); 1443 1444 if (r != 0) 1445 return r; 1446 1447 /* At this point m0 could have changed! */ 1448 m0 = bf->bf_m; 1449 1450 #if 1 1451 /* 1452 * If it's a multicast frame, do a direct-dispatch to the 1453 * destination hardware queue. Don't bother software 1454 * queuing it. 1455 */ 1456 /* 1457 * If it's a BAR frame, do a direct dispatch to the 1458 * destination hardware queue. Don't bother software 1459 * queuing it, as the TID will now be paused. 1460 * Sending a BAR frame can occur from the net80211 txa timer 1461 * (ie, retries) or from the ath txtask (completion call.) 1462 * It queues directly to hardware because the TID is paused 1463 * at this point (and won't be unpaused until the BAR has 1464 * either been TXed successfully or max retries has been 1465 * reached.) 1466 */ 1467 if (txq == &avp->av_mcastq) { 1468 ATH_TXQ_LOCK(txq); 1469 ath_tx_xmit_normal(sc, txq, bf); 1470 ATH_TXQ_UNLOCK(txq); 1471 } else if (type == IEEE80211_FC0_TYPE_CTL && 1472 subtype == IEEE80211_FC0_SUBTYPE_BAR) { 1473 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 1474 "%s: BAR: TX'ing direct\n", __func__); 1475 ATH_TXQ_LOCK(txq); 1476 ath_tx_xmit_normal(sc, txq, bf); 1477 ATH_TXQ_UNLOCK(txq); 1478 } else { 1479 /* add to software queue */ 1480 ath_tx_swq(sc, ni, txq, bf); 1481 } 1482 #else 1483 /* 1484 * For now, since there's no software queue, 1485 * direct-dispatch to the hardware. 1486 */ 1487 ATH_TXQ_LOCK(txq); 1488 ath_tx_xmit_normal(sc, txq, bf); 1489 ATH_TXQ_UNLOCK(txq); 1490 #endif 1491 1492 return 0; 1493 } 1494 1495 static int 1496 ath_tx_raw_start(struct ath_softc *sc, struct ieee80211_node *ni, 1497 struct ath_buf *bf, struct mbuf *m0, 1498 const struct ieee80211_bpf_params *params) 1499 { 1500 struct ifnet *ifp = sc->sc_ifp; 1501 struct ieee80211com *ic = ifp->if_l2com; 1502 struct ath_hal *ah = sc->sc_ah; 1503 struct ieee80211vap *vap = ni->ni_vap; 1504 int error, ismcast, ismrr; 1505 int keyix, hdrlen, pktlen, try0, txantenna; 1506 u_int8_t rix, txrate; 1507 struct ieee80211_frame *wh; 1508 u_int flags; 1509 HAL_PKT_TYPE atype; 1510 const HAL_RATE_TABLE *rt; 1511 struct ath_desc *ds; 1512 u_int pri; 1513 int o_tid = -1; 1514 int do_override; 1515 1516 wh = mtod(m0, struct ieee80211_frame *); 1517 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1518 hdrlen = ieee80211_anyhdrsize(wh); 1519 /* 1520 * Packet length must not include any 1521 * pad bytes; deduct them here. 1522 */ 1523 /* XXX honor IEEE80211_BPF_DATAPAD */ 1524 pktlen = m0->m_pkthdr.len - (hdrlen & 3) + IEEE80211_CRC_LEN; 1525 1526 1527 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: ismcast=%d\n", 1528 __func__, ismcast); 1529 1530 /* Handle encryption twiddling if needed */ 1531 if (! ath_tx_tag_crypto(sc, ni, 1532 m0, params->ibp_flags & IEEE80211_BPF_CRYPTO, 0, 1533 &hdrlen, &pktlen, &keyix)) { 1534 ath_freetx(m0); 1535 return EIO; 1536 } 1537 /* packet header may have moved, reset our local pointer */ 1538 wh = mtod(m0, struct ieee80211_frame *); 1539 1540 /* Do the generic frame setup */ 1541 /* XXX should just bzero the bf_state? */ 1542 bf->bf_state.bfs_dobaw = 0; 1543 1544 error = ath_tx_dmasetup(sc, bf, m0); 1545 if (error != 0) 1546 return error; 1547 m0 = bf->bf_m; /* NB: may have changed */ 1548 wh = mtod(m0, struct ieee80211_frame *); 1549 bf->bf_node = ni; /* NB: held reference */ 1550 1551 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */ 1552 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1553 if (params->ibp_flags & IEEE80211_BPF_RTS) 1554 flags |= HAL_TXDESC_RTSENA; 1555 else if (params->ibp_flags & IEEE80211_BPF_CTS) { 1556 /* XXX assume 11g/11n protection? */ 1557 bf->bf_state.bfs_doprot = 1; 1558 flags |= HAL_TXDESC_CTSENA; 1559 } 1560 /* XXX leave ismcast to injector? */ 1561 if ((params->ibp_flags & IEEE80211_BPF_NOACK) || ismcast) 1562 flags |= HAL_TXDESC_NOACK; 1563 1564 rt = sc->sc_currates; 1565 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode)); 1566 rix = ath_tx_findrix(sc, params->ibp_rate0); 1567 txrate = rt->info[rix].rateCode; 1568 if (params->ibp_flags & IEEE80211_BPF_SHORTPRE) 1569 txrate |= rt->info[rix].shortPreamble; 1570 sc->sc_txrix = rix; 1571 try0 = params->ibp_try0; 1572 ismrr = (params->ibp_try1 != 0); 1573 txantenna = params->ibp_pri >> 2; 1574 if (txantenna == 0) /* XXX? */ 1575 txantenna = sc->sc_txantenna; 1576 1577 /* 1578 * Since ctsrate is fixed, store it away for later 1579 * use when the descriptor fields are being set. 1580 */ 1581 if (flags & (HAL_TXDESC_RTSENA|HAL_TXDESC_CTSENA)) 1582 bf->bf_state.bfs_ctsrate0 = params->ibp_ctsrate; 1583 1584 pri = params->ibp_pri & 3; 1585 /* Override pri if the frame isn't a QoS one */ 1586 if (! IEEE80211_QOS_HAS_SEQ(wh)) 1587 pri = ath_tx_getac(sc, m0); 1588 1589 /* 1590 * NB: we mark all packets as type PSPOLL so the h/w won't 1591 * set the sequence number, duration, etc. 1592 */ 1593 atype = HAL_PKT_TYPE_PSPOLL; 1594 1595 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT)) 1596 ieee80211_dump_pkt(ic, mtod(m0, caddr_t), m0->m_len, 1597 sc->sc_hwmap[rix].ieeerate, -1); 1598 1599 if (ieee80211_radiotap_active_vap(vap)) { 1600 u_int64_t tsf = ath_hal_gettsf64(ah); 1601 1602 sc->sc_tx_th.wt_tsf = htole64(tsf); 1603 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags; 1604 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1605 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1606 if (m0->m_flags & M_FRAG) 1607 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1608 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate; 1609 sc->sc_tx_th.wt_txpower = ni->ni_txpower; 1610 sc->sc_tx_th.wt_antenna = sc->sc_txantenna; 1611 1612 ieee80211_radiotap_tx(vap, m0); 1613 } 1614 1615 /* 1616 * Formulate first tx descriptor with tx controls. 1617 */ 1618 ds = bf->bf_desc; 1619 /* XXX check return value? */ 1620 1621 /* Store the decided rate index values away */ 1622 bf->bf_state.bfs_pktlen = pktlen; 1623 bf->bf_state.bfs_hdrlen = hdrlen; 1624 bf->bf_state.bfs_atype = atype; 1625 bf->bf_state.bfs_txpower = params->ibp_power; 1626 bf->bf_state.bfs_txrate0 = txrate; 1627 bf->bf_state.bfs_try0 = try0; 1628 bf->bf_state.bfs_keyix = keyix; 1629 bf->bf_state.bfs_txantenna = txantenna; 1630 bf->bf_state.bfs_flags = flags; 1631 bf->bf_txflags = flags; 1632 bf->bf_state.bfs_shpream = 1633 !! (params->ibp_flags & IEEE80211_BPF_SHORTPRE); 1634 1635 /* XXX this should be done in ath_tx_setrate() */ 1636 bf->bf_state.bfs_ctsrate = 0; 1637 bf->bf_state.bfs_ctsduration = 0; 1638 bf->bf_state.bfs_ismrr = ismrr; 1639 1640 /* Blank the legacy rate array */ 1641 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1642 1643 bf->bf_state.bfs_rc[0].rix = 1644 ath_tx_findrix(sc, params->ibp_rate0); 1645 bf->bf_state.bfs_rc[0].tries = try0; 1646 bf->bf_state.bfs_rc[0].ratecode = txrate; 1647 1648 if (ismrr) { 1649 int rix; 1650 1651 rix = ath_tx_findrix(sc, params->ibp_rate1); 1652 bf->bf_state.bfs_rc[1].rix = rix; 1653 bf->bf_state.bfs_rc[1].tries = params->ibp_try1; 1654 1655 rix = ath_tx_findrix(sc, params->ibp_rate2); 1656 bf->bf_state.bfs_rc[2].rix = rix; 1657 bf->bf_state.bfs_rc[2].tries = params->ibp_try2; 1658 1659 rix = ath_tx_findrix(sc, params->ibp_rate3); 1660 bf->bf_state.bfs_rc[3].rix = rix; 1661 bf->bf_state.bfs_rc[3].tries = params->ibp_try3; 1662 } 1663 /* 1664 * All the required rate control decisions have been made; 1665 * fill in the rc flags. 1666 */ 1667 ath_tx_rate_fill_rcflags(sc, bf); 1668 1669 /* NB: no buffered multicast in power save support */ 1670 1671 /* XXX If it's an ADDBA, override the correct queue */ 1672 do_override = ath_tx_action_frame_override_queue(sc, ni, m0, &o_tid); 1673 1674 /* Map ADDBA to the correct priority */ 1675 if (do_override) { 1676 #if 0 1677 device_printf(sc->sc_dev, 1678 "%s: overriding tid %d pri %d -> %d\n", 1679 __func__, o_tid, pri, TID_TO_WME_AC(o_tid)); 1680 #endif 1681 pri = TID_TO_WME_AC(o_tid); 1682 } 1683 1684 /* 1685 * If we're overiding the ADDBA destination, dump directly 1686 * into the hardware queue, right after any pending 1687 * frames to that node are. 1688 */ 1689 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: dooverride=%d\n", 1690 __func__, do_override); 1691 1692 if (do_override) { 1693 ATH_TXQ_LOCK(sc->sc_ac2q[pri]); 1694 ath_tx_xmit_normal(sc, sc->sc_ac2q[pri], bf); 1695 ATH_TXQ_UNLOCK(sc->sc_ac2q[pri]); 1696 } else { 1697 /* Queue to software queue */ 1698 ath_tx_swq(sc, ni, sc->sc_ac2q[pri], bf); 1699 } 1700 1701 return 0; 1702 } 1703 1704 /* 1705 * Send a raw frame. 1706 * 1707 * This can be called by net80211. 1708 */ 1709 int 1710 ath_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 1711 const struct ieee80211_bpf_params *params) 1712 { 1713 struct ieee80211com *ic = ni->ni_ic; 1714 struct ifnet *ifp = ic->ic_ifp; 1715 struct ath_softc *sc = ifp->if_softc; 1716 struct ath_buf *bf; 1717 int error; 1718 1719 ATH_PCU_LOCK(sc); 1720 if (sc->sc_inreset_cnt > 0) { 1721 device_printf(sc->sc_dev, "%s: sc_inreset_cnt > 0; bailing\n", 1722 __func__); 1723 error = EIO; 1724 ATH_PCU_UNLOCK(sc); 1725 goto bad0; 1726 } 1727 sc->sc_txstart_cnt++; 1728 ATH_PCU_UNLOCK(sc); 1729 1730 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || sc->sc_invalid) { 1731 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: discard frame, %s", __func__, 1732 (ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 ? 1733 "!running" : "invalid"); 1734 m_freem(m); 1735 error = ENETDOWN; 1736 goto bad; 1737 } 1738 /* 1739 * Grab a TX buffer and associated resources. 1740 */ 1741 bf = ath_getbuf(sc); 1742 if (bf == NULL) { 1743 sc->sc_stats.ast_tx_nobuf++; 1744 m_freem(m); 1745 error = ENOBUFS; 1746 goto bad; 1747 } 1748 1749 if (params == NULL) { 1750 /* 1751 * Legacy path; interpret frame contents to decide 1752 * precisely how to send the frame. 1753 */ 1754 if (ath_tx_start(sc, ni, bf, m)) { 1755 error = EIO; /* XXX */ 1756 goto bad2; 1757 } 1758 } else { 1759 /* 1760 * Caller supplied explicit parameters to use in 1761 * sending the frame. 1762 */ 1763 if (ath_tx_raw_start(sc, ni, bf, m, params)) { 1764 error = EIO; /* XXX */ 1765 goto bad2; 1766 } 1767 } 1768 sc->sc_wd_timer = 5; 1769 ifp->if_opackets++; 1770 sc->sc_stats.ast_tx_raw++; 1771 1772 ATH_PCU_LOCK(sc); 1773 sc->sc_txstart_cnt--; 1774 ATH_PCU_UNLOCK(sc); 1775 1776 return 0; 1777 bad2: 1778 ATH_TXBUF_LOCK(sc); 1779 TAILQ_INSERT_HEAD(&sc->sc_txbuf, bf, bf_list); 1780 ATH_TXBUF_UNLOCK(sc); 1781 bad: 1782 ATH_PCU_LOCK(sc); 1783 sc->sc_txstart_cnt--; 1784 ATH_PCU_UNLOCK(sc); 1785 bad0: 1786 ifp->if_oerrors++; 1787 sc->sc_stats.ast_tx_raw_fail++; 1788 ieee80211_free_node(ni); 1789 1790 return error; 1791 } 1792 1793 /* Some helper functions */ 1794 1795 /* 1796 * ADDBA (and potentially others) need to be placed in the same 1797 * hardware queue as the TID/node it's relating to. This is so 1798 * it goes out after any pending non-aggregate frames to the 1799 * same node/TID. 1800 * 1801 * If this isn't done, the ADDBA can go out before the frames 1802 * queued in hardware. Even though these frames have a sequence 1803 * number -earlier- than the ADDBA can be transmitted (but 1804 * no frames whose sequence numbers are after the ADDBA should 1805 * be!) they'll arrive after the ADDBA - and the receiving end 1806 * will simply drop them as being out of the BAW. 1807 * 1808 * The frames can't be appended to the TID software queue - it'll 1809 * never be sent out. So these frames have to be directly 1810 * dispatched to the hardware, rather than queued in software. 1811 * So if this function returns true, the TXQ has to be 1812 * overridden and it has to be directly dispatched. 1813 * 1814 * It's a dirty hack, but someone's gotta do it. 1815 */ 1816 1817 /* 1818 * XXX doesn't belong here! 1819 */ 1820 static int 1821 ieee80211_is_action(struct ieee80211_frame *wh) 1822 { 1823 /* Type: Management frame? */ 1824 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != 1825 IEEE80211_FC0_TYPE_MGT) 1826 return 0; 1827 1828 /* Subtype: Action frame? */ 1829 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) != 1830 IEEE80211_FC0_SUBTYPE_ACTION) 1831 return 0; 1832 1833 return 1; 1834 } 1835 1836 #define MS(_v, _f) (((_v) & _f) >> _f##_S) 1837 /* 1838 * Return an alternate TID for ADDBA request frames. 1839 * 1840 * Yes, this likely should be done in the net80211 layer. 1841 */ 1842 static int 1843 ath_tx_action_frame_override_queue(struct ath_softc *sc, 1844 struct ieee80211_node *ni, 1845 struct mbuf *m0, int *tid) 1846 { 1847 struct ieee80211_frame *wh = mtod(m0, struct ieee80211_frame *); 1848 struct ieee80211_action_ba_addbarequest *ia; 1849 uint8_t *frm; 1850 uint16_t baparamset; 1851 1852 /* Not action frame? Bail */ 1853 if (! ieee80211_is_action(wh)) 1854 return 0; 1855 1856 /* XXX Not needed for frames we send? */ 1857 #if 0 1858 /* Correct length? */ 1859 if (! ieee80211_parse_action(ni, m)) 1860 return 0; 1861 #endif 1862 1863 /* Extract out action frame */ 1864 frm = (u_int8_t *)&wh[1]; 1865 ia = (struct ieee80211_action_ba_addbarequest *) frm; 1866 1867 /* Not ADDBA? Bail */ 1868 if (ia->rq_header.ia_category != IEEE80211_ACTION_CAT_BA) 1869 return 0; 1870 if (ia->rq_header.ia_action != IEEE80211_ACTION_BA_ADDBA_REQUEST) 1871 return 0; 1872 1873 /* Extract TID, return it */ 1874 baparamset = le16toh(ia->rq_baparamset); 1875 *tid = (int) MS(baparamset, IEEE80211_BAPS_TID); 1876 1877 return 1; 1878 } 1879 #undef MS 1880 1881 /* Per-node software queue operations */ 1882 1883 /* 1884 * Add the current packet to the given BAW. 1885 * It is assumed that the current packet 1886 * 1887 * + fits inside the BAW; 1888 * + already has had a sequence number allocated. 1889 * 1890 * Since the BAW status may be modified by both the ath task and 1891 * the net80211/ifnet contexts, the TID must be locked. 1892 */ 1893 void 1894 ath_tx_addto_baw(struct ath_softc *sc, struct ath_node *an, 1895 struct ath_tid *tid, struct ath_buf *bf) 1896 { 1897 int index, cindex; 1898 struct ieee80211_tx_ampdu *tap; 1899 1900 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 1901 1902 if (bf->bf_state.bfs_isretried) 1903 return; 1904 1905 tap = ath_tx_get_tx_tid(an, tid->tid); 1906 1907 if (bf->bf_state.bfs_addedbaw) 1908 device_printf(sc->sc_dev, 1909 "%s: re-added? tid=%d, seqno %d; window %d:%d; baw head=%d tail=%d\n", 1910 __func__, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 1911 tap->txa_start, tap->txa_wnd, tid->baw_head, tid->baw_tail); 1912 1913 /* 1914 * ni->ni_txseqs[] is the currently allocated seqno. 1915 * the txa state contains the current baw start. 1916 */ 1917 index = ATH_BA_INDEX(tap->txa_start, SEQNO(bf->bf_state.bfs_seqno)); 1918 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 1919 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 1920 "%s: tid=%d, seqno %d; window %d:%d; index=%d cindex=%d baw head=%d tail=%d\n", 1921 __func__, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 1922 tap->txa_start, tap->txa_wnd, index, cindex, tid->baw_head, tid->baw_tail); 1923 1924 1925 #if 0 1926 assert(tid->tx_buf[cindex] == NULL); 1927 #endif 1928 if (tid->tx_buf[cindex] != NULL) { 1929 device_printf(sc->sc_dev, 1930 "%s: ba packet dup (index=%d, cindex=%d, " 1931 "head=%d, tail=%d)\n", 1932 __func__, index, cindex, tid->baw_head, tid->baw_tail); 1933 device_printf(sc->sc_dev, 1934 "%s: BA bf: %p; seqno=%d ; new bf: %p; seqno=%d\n", 1935 __func__, 1936 tid->tx_buf[cindex], 1937 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno), 1938 bf, 1939 SEQNO(bf->bf_state.bfs_seqno) 1940 ); 1941 } 1942 tid->tx_buf[cindex] = bf; 1943 1944 if (index >= ((tid->baw_tail - tid->baw_head) & (ATH_TID_MAX_BUFS - 1))) { 1945 tid->baw_tail = cindex; 1946 INCR(tid->baw_tail, ATH_TID_MAX_BUFS); 1947 } 1948 } 1949 1950 /* 1951 * Flip the BAW buffer entry over from the existing one to the new one. 1952 * 1953 * When software retransmitting a (sub-)frame, it is entirely possible that 1954 * the frame ath_buf is marked as BUSY and can't be immediately reused. 1955 * In that instance the buffer is cloned and the new buffer is used for 1956 * retransmit. We thus need to update the ath_buf slot in the BAW buf 1957 * tracking array to maintain consistency. 1958 */ 1959 static void 1960 ath_tx_switch_baw_buf(struct ath_softc *sc, struct ath_node *an, 1961 struct ath_tid *tid, struct ath_buf *old_bf, struct ath_buf *new_bf) 1962 { 1963 int index, cindex; 1964 struct ieee80211_tx_ampdu *tap; 1965 int seqno = SEQNO(old_bf->bf_state.bfs_seqno); 1966 1967 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 1968 1969 tap = ath_tx_get_tx_tid(an, tid->tid); 1970 index = ATH_BA_INDEX(tap->txa_start, seqno); 1971 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 1972 1973 /* 1974 * Just warn for now; if it happens then we should find out 1975 * about it. It's highly likely the aggregation session will 1976 * soon hang. 1977 */ 1978 if (old_bf->bf_state.bfs_seqno != new_bf->bf_state.bfs_seqno) { 1979 device_printf(sc->sc_dev, "%s: retransmitted buffer" 1980 " has mismatching seqno's, BA session may hang.\n", 1981 __func__); 1982 device_printf(sc->sc_dev, "%s: old seqno=%d, new_seqno=%d\n", 1983 __func__, 1984 old_bf->bf_state.bfs_seqno, 1985 new_bf->bf_state.bfs_seqno); 1986 } 1987 1988 if (tid->tx_buf[cindex] != old_bf) { 1989 device_printf(sc->sc_dev, "%s: ath_buf pointer incorrect; " 1990 " has m BA session may hang.\n", 1991 __func__); 1992 device_printf(sc->sc_dev, "%s: old bf=%p, new bf=%p\n", 1993 __func__, 1994 old_bf, new_bf); 1995 } 1996 1997 tid->tx_buf[cindex] = new_bf; 1998 } 1999 2000 /* 2001 * seq_start - left edge of BAW 2002 * seq_next - current/next sequence number to allocate 2003 * 2004 * Since the BAW status may be modified by both the ath task and 2005 * the net80211/ifnet contexts, the TID must be locked. 2006 */ 2007 static void 2008 ath_tx_update_baw(struct ath_softc *sc, struct ath_node *an, 2009 struct ath_tid *tid, const struct ath_buf *bf) 2010 { 2011 int index, cindex; 2012 struct ieee80211_tx_ampdu *tap; 2013 int seqno = SEQNO(bf->bf_state.bfs_seqno); 2014 2015 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2016 2017 tap = ath_tx_get_tx_tid(an, tid->tid); 2018 index = ATH_BA_INDEX(tap->txa_start, seqno); 2019 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2020 2021 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2022 "%s: tid=%d, baw=%d:%d, seqno=%d, index=%d, cindex=%d, baw head=%d, tail=%d\n", 2023 __func__, tid->tid, tap->txa_start, tap->txa_wnd, seqno, index, 2024 cindex, tid->baw_head, tid->baw_tail); 2025 2026 /* 2027 * If this occurs then we have a big problem - something else 2028 * has slid tap->txa_start along without updating the BAW 2029 * tracking start/end pointers. Thus the TX BAW state is now 2030 * completely busted. 2031 * 2032 * But for now, since I haven't yet fixed TDMA and buffer cloning, 2033 * it's quite possible that a cloned buffer is making its way 2034 * here and causing it to fire off. Disable TDMA for now. 2035 */ 2036 if (tid->tx_buf[cindex] != bf) { 2037 device_printf(sc->sc_dev, 2038 "%s: comp bf=%p, seq=%d; slot bf=%p, seqno=%d\n", 2039 __func__, 2040 bf, SEQNO(bf->bf_state.bfs_seqno), 2041 tid->tx_buf[cindex], 2042 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno)); 2043 } 2044 2045 tid->tx_buf[cindex] = NULL; 2046 2047 while (tid->baw_head != tid->baw_tail && !tid->tx_buf[tid->baw_head]) { 2048 INCR(tap->txa_start, IEEE80211_SEQ_RANGE); 2049 INCR(tid->baw_head, ATH_TID_MAX_BUFS); 2050 } 2051 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, "%s: baw is now %d:%d, baw head=%d\n", 2052 __func__, tap->txa_start, tap->txa_wnd, tid->baw_head); 2053 } 2054 2055 /* 2056 * Mark the current node/TID as ready to TX. 2057 * 2058 * This is done to make it easy for the software scheduler to 2059 * find which nodes have data to send. 2060 * 2061 * The TXQ lock must be held. 2062 */ 2063 static void 2064 ath_tx_tid_sched(struct ath_softc *sc, struct ath_tid *tid) 2065 { 2066 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2067 2068 ATH_TXQ_LOCK_ASSERT(txq); 2069 2070 if (tid->paused) 2071 return; /* paused, can't schedule yet */ 2072 2073 if (tid->sched) 2074 return; /* already scheduled */ 2075 2076 tid->sched = 1; 2077 2078 TAILQ_INSERT_TAIL(&txq->axq_tidq, tid, axq_qelem); 2079 } 2080 2081 /* 2082 * Mark the current node as no longer needing to be polled for 2083 * TX packets. 2084 * 2085 * The TXQ lock must be held. 2086 */ 2087 static void 2088 ath_tx_tid_unsched(struct ath_softc *sc, struct ath_tid *tid) 2089 { 2090 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2091 2092 ATH_TXQ_LOCK_ASSERT(txq); 2093 2094 if (tid->sched == 0) 2095 return; 2096 2097 tid->sched = 0; 2098 TAILQ_REMOVE(&txq->axq_tidq, tid, axq_qelem); 2099 } 2100 2101 /* 2102 * Assign a sequence number manually to the given frame. 2103 * 2104 * This should only be called for A-MPDU TX frames. 2105 */ 2106 static ieee80211_seq 2107 ath_tx_tid_seqno_assign(struct ath_softc *sc, struct ieee80211_node *ni, 2108 struct ath_buf *bf, struct mbuf *m0) 2109 { 2110 struct ieee80211_frame *wh; 2111 int tid, pri; 2112 ieee80211_seq seqno; 2113 uint8_t subtype; 2114 2115 /* TID lookup */ 2116 wh = mtod(m0, struct ieee80211_frame *); 2117 pri = M_WME_GETAC(m0); /* honor classification */ 2118 tid = WME_AC_TO_TID(pri); 2119 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: pri=%d, tid=%d, qos has seq=%d\n", 2120 __func__, pri, tid, IEEE80211_QOS_HAS_SEQ(wh)); 2121 2122 /* XXX Is it a control frame? Ignore */ 2123 2124 /* Does the packet require a sequence number? */ 2125 if (! IEEE80211_QOS_HAS_SEQ(wh)) 2126 return -1; 2127 2128 /* 2129 * Is it a QOS NULL Data frame? Give it a sequence number from 2130 * the default TID (IEEE80211_NONQOS_TID.) 2131 * 2132 * The RX path of everything I've looked at doesn't include the NULL 2133 * data frame sequence number in the aggregation state updates, so 2134 * assigning it a sequence number there will cause a BAW hole on the 2135 * RX side. 2136 */ 2137 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2138 if (subtype == IEEE80211_FC0_SUBTYPE_QOS_NULL) { 2139 seqno = ni->ni_txseqs[IEEE80211_NONQOS_TID]; 2140 INCR(ni->ni_txseqs[IEEE80211_NONQOS_TID], IEEE80211_SEQ_RANGE); 2141 } else { 2142 /* Manually assign sequence number */ 2143 seqno = ni->ni_txseqs[tid]; 2144 INCR(ni->ni_txseqs[tid], IEEE80211_SEQ_RANGE); 2145 } 2146 *(uint16_t *)&wh->i_seq[0] = htole16(seqno << IEEE80211_SEQ_SEQ_SHIFT); 2147 M_SEQNO_SET(m0, seqno); 2148 2149 /* Return so caller can do something with it if needed */ 2150 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: -> seqno=%d\n", __func__, seqno); 2151 return seqno; 2152 } 2153 2154 /* 2155 * Attempt to direct dispatch an aggregate frame to hardware. 2156 * If the frame is out of BAW, queue. 2157 * Otherwise, schedule it as a single frame. 2158 */ 2159 static void 2160 ath_tx_xmit_aggr(struct ath_softc *sc, struct ath_node *an, struct ath_buf *bf) 2161 { 2162 struct ath_tid *tid = &an->an_tid[bf->bf_state.bfs_tid]; 2163 struct ath_txq *txq = bf->bf_state.bfs_txq; 2164 struct ieee80211_tx_ampdu *tap; 2165 2166 ATH_TXQ_LOCK_ASSERT(txq); 2167 2168 tap = ath_tx_get_tx_tid(an, tid->tid); 2169 2170 /* paused? queue */ 2171 if (tid->paused) { 2172 ATH_TXQ_INSERT_TAIL(tid, bf, bf_list); 2173 return; 2174 } 2175 2176 /* outside baw? queue */ 2177 if (bf->bf_state.bfs_dobaw && 2178 (! BAW_WITHIN(tap->txa_start, tap->txa_wnd, 2179 SEQNO(bf->bf_state.bfs_seqno)))) { 2180 ATH_TXQ_INSERT_TAIL(tid, bf, bf_list); 2181 ath_tx_tid_sched(sc, tid); 2182 return; 2183 } 2184 2185 /* Direct dispatch to hardware */ 2186 ath_tx_do_ratelookup(sc, bf); 2187 ath_tx_rate_fill_rcflags(sc, bf); 2188 ath_tx_set_rtscts(sc, bf); 2189 ath_tx_setds(sc, bf); 2190 ath_tx_set_ratectrl(sc, bf->bf_node, bf); 2191 ath_tx_chaindesclist(sc, bf); 2192 2193 /* Statistics */ 2194 sc->sc_aggr_stats.aggr_low_hwq_single_pkt++; 2195 2196 /* Track per-TID hardware queue depth correctly */ 2197 tid->hwq_depth++; 2198 2199 /* Add to BAW */ 2200 if (bf->bf_state.bfs_dobaw) { 2201 ath_tx_addto_baw(sc, an, tid, bf); 2202 bf->bf_state.bfs_addedbaw = 1; 2203 } 2204 2205 /* Set completion handler, multi-frame aggregate or not */ 2206 bf->bf_comp = ath_tx_aggr_comp; 2207 2208 /* Hand off to hardware */ 2209 ath_tx_handoff(sc, txq, bf); 2210 } 2211 2212 /* 2213 * Attempt to send the packet. 2214 * If the queue isn't busy, direct-dispatch. 2215 * If the queue is busy enough, queue the given packet on the 2216 * relevant software queue. 2217 */ 2218 void 2219 ath_tx_swq(struct ath_softc *sc, struct ieee80211_node *ni, struct ath_txq *txq, 2220 struct ath_buf *bf) 2221 { 2222 struct ath_node *an = ATH_NODE(ni); 2223 struct ieee80211_frame *wh; 2224 struct ath_tid *atid; 2225 int pri, tid; 2226 struct mbuf *m0 = bf->bf_m; 2227 2228 /* Fetch the TID - non-QoS frames get assigned to TID 16 */ 2229 wh = mtod(m0, struct ieee80211_frame *); 2230 pri = ath_tx_getac(sc, m0); 2231 tid = ath_tx_gettid(sc, m0); 2232 atid = &an->an_tid[tid]; 2233 2234 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p, pri=%d, tid=%d, qos=%d\n", 2235 __func__, bf, pri, tid, IEEE80211_QOS_HAS_SEQ(wh)); 2236 2237 /* Set local packet state, used to queue packets to hardware */ 2238 bf->bf_state.bfs_tid = tid; 2239 bf->bf_state.bfs_txq = txq; 2240 bf->bf_state.bfs_pri = pri; 2241 2242 /* 2243 * If the hardware queue isn't busy, queue it directly. 2244 * If the hardware queue is busy, queue it. 2245 * If the TID is paused or the traffic it outside BAW, software 2246 * queue it. 2247 */ 2248 ATH_TXQ_LOCK(txq); 2249 if (atid->paused) { 2250 /* TID is paused, queue */ 2251 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2252 } else if (ath_tx_ampdu_pending(sc, an, tid)) { 2253 /* AMPDU pending; queue */ 2254 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2255 /* XXX sched? */ 2256 } else if (ath_tx_ampdu_running(sc, an, tid)) { 2257 /* AMPDU running, attempt direct dispatch if possible */ 2258 if (txq->axq_depth < sc->sc_hwq_limit) 2259 ath_tx_xmit_aggr(sc, an, bf); 2260 else { 2261 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2262 ath_tx_tid_sched(sc, atid); 2263 } 2264 } else if (txq->axq_depth < sc->sc_hwq_limit) { 2265 /* AMPDU not running, attempt direct dispatch */ 2266 ath_tx_xmit_normal(sc, txq, bf); 2267 } else { 2268 /* Busy; queue */ 2269 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2270 ath_tx_tid_sched(sc, atid); 2271 } 2272 ATH_TXQ_UNLOCK(txq); 2273 } 2274 2275 /* 2276 * Do the basic frame setup stuff that's required before the frame 2277 * is added to a software queue. 2278 * 2279 * All frames get mostly the same treatment and it's done once. 2280 * Retransmits fiddle with things like the rate control setup, 2281 * setting the retransmit bit in the packet; doing relevant DMA/bus 2282 * syncing and relinking it (back) into the hardware TX queue. 2283 * 2284 * Note that this may cause the mbuf to be reallocated, so 2285 * m0 may not be valid. 2286 */ 2287 2288 2289 /* 2290 * Configure the per-TID node state. 2291 * 2292 * This likely belongs in if_ath_node.c but I can't think of anywhere 2293 * else to put it just yet. 2294 * 2295 * This sets up the SLISTs and the mutex as appropriate. 2296 */ 2297 void 2298 ath_tx_tid_init(struct ath_softc *sc, struct ath_node *an) 2299 { 2300 int i, j; 2301 struct ath_tid *atid; 2302 2303 for (i = 0; i < IEEE80211_TID_SIZE; i++) { 2304 atid = &an->an_tid[i]; 2305 TAILQ_INIT(&atid->axq_q); 2306 atid->tid = i; 2307 atid->an = an; 2308 for (j = 0; j < ATH_TID_MAX_BUFS; j++) 2309 atid->tx_buf[j] = NULL; 2310 atid->baw_head = atid->baw_tail = 0; 2311 atid->paused = 0; 2312 atid->sched = 0; 2313 atid->hwq_depth = 0; 2314 atid->cleanup_inprogress = 0; 2315 if (i == IEEE80211_NONQOS_TID) 2316 atid->ac = WME_AC_BE; 2317 else 2318 atid->ac = TID_TO_WME_AC(i); 2319 } 2320 } 2321 2322 /* 2323 * Pause the current TID. This stops packets from being transmitted 2324 * on it. 2325 * 2326 * Since this is also called from upper layers as well as the driver, 2327 * it will get the TID lock. 2328 */ 2329 static void 2330 ath_tx_tid_pause(struct ath_softc *sc, struct ath_tid *tid) 2331 { 2332 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 2333 tid->paused++; 2334 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: paused = %d\n", 2335 __func__, tid->paused); 2336 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 2337 } 2338 2339 /* 2340 * Unpause the current TID, and schedule it if needed. 2341 */ 2342 static void 2343 ath_tx_tid_resume(struct ath_softc *sc, struct ath_tid *tid) 2344 { 2345 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2346 2347 tid->paused--; 2348 2349 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: unpaused = %d\n", 2350 __func__, tid->paused); 2351 2352 if (tid->paused || tid->axq_depth == 0) { 2353 return; 2354 } 2355 2356 ath_tx_tid_sched(sc, tid); 2357 /* Punt some frames to the hardware if needed */ 2358 ath_txq_sched(sc, sc->sc_ac2q[tid->ac]); 2359 } 2360 2361 /* 2362 * Free any packets currently pending in the software TX queue. 2363 * 2364 * This will be called when a node is being deleted. 2365 * 2366 * It can also be called on an active node during an interface 2367 * reset or state transition. 2368 * 2369 * (From Linux/reference): 2370 * 2371 * TODO: For frame(s) that are in the retry state, we will reuse the 2372 * sequence number(s) without setting the retry bit. The 2373 * alternative is to give up on these and BAR the receiver's window 2374 * forward. 2375 */ 2376 static void 2377 ath_tx_tid_drain(struct ath_softc *sc, struct ath_node *an, struct ath_tid *tid, 2378 ath_bufhead *bf_cq) 2379 { 2380 struct ath_buf *bf; 2381 struct ieee80211_tx_ampdu *tap; 2382 struct ieee80211_node *ni = &an->an_node; 2383 int t = 0; 2384 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2385 2386 tap = ath_tx_get_tx_tid(an, tid->tid); 2387 2388 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2389 2390 /* Walk the queue, free frames */ 2391 for (;;) { 2392 bf = TAILQ_FIRST(&tid->axq_q); 2393 if (bf == NULL) { 2394 break; 2395 } 2396 2397 if (t == 0) { 2398 device_printf(sc->sc_dev, 2399 "%s: node %p: tid %d: txq_depth=%d, " 2400 "txq_aggr_depth=%d, sched=%d, paused=%d, " 2401 "hwq_depth=%d, incomp=%d, baw_head=%d, baw_tail=%d " 2402 "txa_start=%d, ni_txseqs=%d\n", 2403 __func__, ni, tid->tid, txq->axq_depth, 2404 txq->axq_aggr_depth, tid->sched, tid->paused, 2405 tid->hwq_depth, tid->incomp, tid->baw_head, 2406 tid->baw_tail, tap == NULL ? -1 : tap->txa_start, 2407 ni->ni_txseqs[tid->tid]); 2408 t = 1; 2409 } 2410 2411 2412 /* 2413 * If the current TID is running AMPDU, update 2414 * the BAW. 2415 */ 2416 if (ath_tx_ampdu_running(sc, an, tid->tid) && 2417 bf->bf_state.bfs_dobaw) { 2418 /* 2419 * Only remove the frame from the BAW if it's 2420 * been transmitted at least once; this means 2421 * the frame was in the BAW to begin with. 2422 */ 2423 if (bf->bf_state.bfs_retries > 0) { 2424 ath_tx_update_baw(sc, an, tid, bf); 2425 bf->bf_state.bfs_dobaw = 0; 2426 } 2427 /* 2428 * This has become a non-fatal error now 2429 */ 2430 if (! bf->bf_state.bfs_addedbaw) 2431 device_printf(sc->sc_dev, 2432 "%s: wasn't added: seqno %d\n", 2433 __func__, SEQNO(bf->bf_state.bfs_seqno)); 2434 } 2435 ATH_TXQ_REMOVE(tid, bf, bf_list); 2436 TAILQ_INSERT_TAIL(bf_cq, bf, bf_list); 2437 } 2438 2439 /* 2440 * Now that it's completed, grab the TID lock and update 2441 * the sequence number and BAW window. 2442 * Because sequence numbers have been assigned to frames 2443 * that haven't been sent yet, it's entirely possible 2444 * we'll be called with some pending frames that have not 2445 * been transmitted. 2446 * 2447 * The cleaner solution is to do the sequence number allocation 2448 * when the packet is first transmitted - and thus the "retries" 2449 * check above would be enough to update the BAW/seqno. 2450 */ 2451 2452 /* But don't do it for non-QoS TIDs */ 2453 if (tap) { 2454 #if 0 2455 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2456 "%s: node %p: TID %d: sliding BAW left edge to %d\n", 2457 __func__, an, tid->tid, tap->txa_start); 2458 #endif 2459 ni->ni_txseqs[tid->tid] = tap->txa_start; 2460 tid->baw_tail = tid->baw_head; 2461 } 2462 } 2463 2464 /* 2465 * Flush all software queued packets for the given node. 2466 * 2467 * This occurs when a completion handler frees the last buffer 2468 * for a node, and the node is thus freed. This causes the node 2469 * to be cleaned up, which ends up calling ath_tx_node_flush. 2470 */ 2471 void 2472 ath_tx_node_flush(struct ath_softc *sc, struct ath_node *an) 2473 { 2474 int tid; 2475 ath_bufhead bf_cq; 2476 struct ath_buf *bf; 2477 2478 TAILQ_INIT(&bf_cq); 2479 2480 for (tid = 0; tid < IEEE80211_TID_SIZE; tid++) { 2481 struct ath_tid *atid = &an->an_tid[tid]; 2482 struct ath_txq *txq = sc->sc_ac2q[atid->ac]; 2483 2484 /* Remove this tid from the list of active tids */ 2485 ATH_TXQ_LOCK(txq); 2486 ath_tx_tid_unsched(sc, atid); 2487 2488 /* Free packets */ 2489 ath_tx_tid_drain(sc, an, atid, &bf_cq); 2490 ATH_TXQ_UNLOCK(txq); 2491 } 2492 2493 /* Handle completed frames */ 2494 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2495 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2496 ath_tx_default_comp(sc, bf, 0); 2497 } 2498 } 2499 2500 /* 2501 * Drain all the software TXQs currently with traffic queued. 2502 */ 2503 void 2504 ath_tx_txq_drain(struct ath_softc *sc, struct ath_txq *txq) 2505 { 2506 struct ath_tid *tid; 2507 ath_bufhead bf_cq; 2508 struct ath_buf *bf; 2509 2510 TAILQ_INIT(&bf_cq); 2511 ATH_TXQ_LOCK(txq); 2512 2513 /* 2514 * Iterate over all active tids for the given txq, 2515 * flushing and unsched'ing them 2516 */ 2517 while (! TAILQ_EMPTY(&txq->axq_tidq)) { 2518 tid = TAILQ_FIRST(&txq->axq_tidq); 2519 ath_tx_tid_drain(sc, tid->an, tid, &bf_cq); 2520 ath_tx_tid_unsched(sc, tid); 2521 } 2522 2523 ATH_TXQ_UNLOCK(txq); 2524 2525 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2526 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2527 ath_tx_default_comp(sc, bf, 0); 2528 } 2529 } 2530 2531 /* 2532 * Handle completion of non-aggregate session frames. 2533 */ 2534 void 2535 ath_tx_normal_comp(struct ath_softc *sc, struct ath_buf *bf, int fail) 2536 { 2537 struct ieee80211_node *ni = bf->bf_node; 2538 struct ath_node *an = ATH_NODE(ni); 2539 int tid = bf->bf_state.bfs_tid; 2540 struct ath_tid *atid = &an->an_tid[tid]; 2541 struct ath_tx_status *ts = &bf->bf_status.ds_txstat; 2542 2543 /* The TID state is protected behind the TXQ lock */ 2544 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2545 2546 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: fail=%d, hwq_depth now %d\n", 2547 __func__, bf, fail, atid->hwq_depth - 1); 2548 2549 atid->hwq_depth--; 2550 if (atid->hwq_depth < 0) 2551 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 2552 __func__, atid->hwq_depth); 2553 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2554 2555 /* 2556 * punt to rate control if we're not being cleaned up 2557 * during a hw queue drain and the frame wanted an ACK. 2558 */ 2559 if (fail == 0 && ((bf->bf_txflags & HAL_TXDESC_NOACK) == 0)) 2560 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc, 2561 ts, bf->bf_state.bfs_pktlen, 2562 1, (ts->ts_status == 0) ? 0 : 1); 2563 2564 ath_tx_default_comp(sc, bf, fail); 2565 } 2566 2567 /* 2568 * Handle cleanup of aggregate session packets that aren't 2569 * an A-MPDU. 2570 * 2571 * There's no need to update the BAW here - the session is being 2572 * torn down. 2573 */ 2574 static void 2575 ath_tx_comp_cleanup_unaggr(struct ath_softc *sc, struct ath_buf *bf) 2576 { 2577 struct ieee80211_node *ni = bf->bf_node; 2578 struct ath_node *an = ATH_NODE(ni); 2579 int tid = bf->bf_state.bfs_tid; 2580 struct ath_tid *atid = &an->an_tid[tid]; 2581 2582 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: TID %d: incomp=%d\n", 2583 __func__, tid, atid->incomp); 2584 2585 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2586 atid->incomp--; 2587 if (atid->incomp == 0) { 2588 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2589 "%s: TID %d: cleaned up! resume!\n", 2590 __func__, tid); 2591 atid->cleanup_inprogress = 0; 2592 ath_tx_tid_resume(sc, atid); 2593 } 2594 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2595 2596 ath_tx_default_comp(sc, bf, 0); 2597 } 2598 2599 /* 2600 * Performs transmit side cleanup when TID changes from aggregated to 2601 * unaggregated. 2602 * 2603 * - Discard all retry frames from the s/w queue. 2604 * - Fix the tx completion function for all buffers in s/w queue. 2605 * - Count the number of unacked frames, and let transmit completion 2606 * handle it later. 2607 * 2608 * The caller is responsible for pausing the TID. 2609 */ 2610 static void 2611 ath_tx_cleanup(struct ath_softc *sc, struct ath_node *an, int tid) 2612 { 2613 struct ath_tid *atid = &an->an_tid[tid]; 2614 struct ieee80211_tx_ampdu *tap; 2615 struct ath_buf *bf, *bf_next; 2616 ath_bufhead bf_cq; 2617 2618 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2619 "%s: TID %d: called\n", __func__, tid); 2620 2621 TAILQ_INIT(&bf_cq); 2622 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2623 2624 /* 2625 * Update the frames in the software TX queue: 2626 * 2627 * + Discard retry frames in the queue 2628 * + Fix the completion function to be non-aggregate 2629 */ 2630 bf = TAILQ_FIRST(&atid->axq_q); 2631 while (bf) { 2632 if (bf->bf_state.bfs_isretried) { 2633 bf_next = TAILQ_NEXT(bf, bf_list); 2634 TAILQ_REMOVE(&atid->axq_q, bf, bf_list); 2635 atid->axq_depth--; 2636 if (bf->bf_state.bfs_dobaw) { 2637 ath_tx_update_baw(sc, an, atid, bf); 2638 if (! bf->bf_state.bfs_addedbaw) 2639 device_printf(sc->sc_dev, 2640 "%s: wasn't added: seqno %d\n", 2641 __func__, SEQNO(bf->bf_state.bfs_seqno)); 2642 } 2643 bf->bf_state.bfs_dobaw = 0; 2644 /* 2645 * Call the default completion handler with "fail" just 2646 * so upper levels are suitably notified about this. 2647 */ 2648 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 2649 bf = bf_next; 2650 continue; 2651 } 2652 /* Give these the default completion handler */ 2653 bf->bf_comp = ath_tx_normal_comp; 2654 bf = TAILQ_NEXT(bf, bf_list); 2655 } 2656 2657 /* The caller is required to pause the TID */ 2658 #if 0 2659 /* Pause the TID */ 2660 ath_tx_tid_pause(sc, atid); 2661 #endif 2662 2663 /* 2664 * Calculate what hardware-queued frames exist based 2665 * on the current BAW size. Ie, what frames have been 2666 * added to the TX hardware queue for this TID but 2667 * not yet ACKed. 2668 */ 2669 tap = ath_tx_get_tx_tid(an, tid); 2670 /* Need the lock - fiddling with BAW */ 2671 while (atid->baw_head != atid->baw_tail) { 2672 if (atid->tx_buf[atid->baw_head]) { 2673 atid->incomp++; 2674 atid->cleanup_inprogress = 1; 2675 atid->tx_buf[atid->baw_head] = NULL; 2676 } 2677 INCR(atid->baw_head, ATH_TID_MAX_BUFS); 2678 INCR(tap->txa_start, IEEE80211_SEQ_RANGE); 2679 } 2680 2681 /* 2682 * If cleanup is required, defer TID scheduling 2683 * until all the HW queued packets have been 2684 * sent. 2685 */ 2686 if (! atid->cleanup_inprogress) 2687 ath_tx_tid_resume(sc, atid); 2688 2689 if (atid->cleanup_inprogress) 2690 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2691 "%s: TID %d: cleanup needed: %d packets\n", 2692 __func__, tid, atid->incomp); 2693 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2694 2695 /* Handle completing frames and fail them */ 2696 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2697 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2698 ath_tx_default_comp(sc, bf, 1); 2699 } 2700 } 2701 2702 static void 2703 ath_tx_set_retry(struct ath_softc *sc, struct ath_buf *bf) 2704 { 2705 struct ieee80211_frame *wh; 2706 2707 wh = mtod(bf->bf_m, struct ieee80211_frame *); 2708 /* Only update/resync if needed */ 2709 if (bf->bf_state.bfs_isretried == 0) { 2710 wh->i_fc[1] |= IEEE80211_FC1_RETRY; 2711 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, 2712 BUS_DMASYNC_PREWRITE); 2713 } 2714 sc->sc_stats.ast_tx_swretries++; 2715 bf->bf_state.bfs_isretried = 1; 2716 bf->bf_state.bfs_retries ++; 2717 } 2718 2719 static struct ath_buf * 2720 ath_tx_retry_clone(struct ath_softc *sc, struct ath_node *an, 2721 struct ath_tid *tid, struct ath_buf *bf) 2722 { 2723 struct ath_buf *nbf; 2724 int error; 2725 2726 nbf = ath_buf_clone(sc, bf); 2727 2728 #if 0 2729 device_printf(sc->sc_dev, "%s: ATH_BUF_BUSY; cloning\n", 2730 __func__); 2731 #endif 2732 2733 if (nbf == NULL) { 2734 /* Failed to clone */ 2735 device_printf(sc->sc_dev, 2736 "%s: failed to clone a busy buffer\n", 2737 __func__); 2738 return NULL; 2739 } 2740 2741 /* Setup the dma for the new buffer */ 2742 error = ath_tx_dmasetup(sc, nbf, nbf->bf_m); 2743 if (error != 0) { 2744 device_printf(sc->sc_dev, 2745 "%s: failed to setup dma for clone\n", 2746 __func__); 2747 /* 2748 * Put this at the head of the list, not tail; 2749 * that way it doesn't interfere with the 2750 * busy buffer logic (which uses the tail of 2751 * the list.) 2752 */ 2753 ATH_TXBUF_LOCK(sc); 2754 TAILQ_INSERT_HEAD(&sc->sc_txbuf, nbf, bf_list); 2755 ATH_TXBUF_UNLOCK(sc); 2756 return NULL; 2757 } 2758 2759 /* Update BAW if required, before we free the original buf */ 2760 if (bf->bf_state.bfs_dobaw) 2761 ath_tx_switch_baw_buf(sc, an, tid, bf, nbf); 2762 2763 /* Free current buffer; return the older buffer */ 2764 bf->bf_m = NULL; 2765 bf->bf_node = NULL; 2766 ath_freebuf(sc, bf); 2767 return nbf; 2768 } 2769 2770 /* 2771 * Handle retrying an unaggregate frame in an aggregate 2772 * session. 2773 * 2774 * If too many retries occur, pause the TID, wait for 2775 * any further retransmits (as there's no reason why 2776 * non-aggregate frames in an aggregate session are 2777 * transmitted in-order; they just have to be in-BAW) 2778 * and then queue a BAR. 2779 */ 2780 static void 2781 ath_tx_aggr_retry_unaggr(struct ath_softc *sc, struct ath_buf *bf) 2782 { 2783 struct ieee80211_node *ni = bf->bf_node; 2784 struct ath_node *an = ATH_NODE(ni); 2785 int tid = bf->bf_state.bfs_tid; 2786 struct ath_tid *atid = &an->an_tid[tid]; 2787 struct ieee80211_tx_ampdu *tap; 2788 int txseq; 2789 2790 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2791 2792 tap = ath_tx_get_tx_tid(an, tid); 2793 2794 /* 2795 * If the buffer is marked as busy, we can't directly 2796 * reuse it. Instead, try to clone the buffer. 2797 * If the clone is successful, recycle the old buffer. 2798 * If the clone is unsuccessful, set bfs_retries to max 2799 * to force the next bit of code to free the buffer 2800 * for us. 2801 */ 2802 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) && 2803 (bf->bf_flags & ATH_BUF_BUSY)) { 2804 struct ath_buf *nbf; 2805 nbf = ath_tx_retry_clone(sc, an, atid, bf); 2806 if (nbf) 2807 /* bf has been freed at this point */ 2808 bf = nbf; 2809 else 2810 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1; 2811 } 2812 2813 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) { 2814 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES, 2815 "%s: exceeded retries; seqno %d\n", 2816 __func__, SEQNO(bf->bf_state.bfs_seqno)); 2817 sc->sc_stats.ast_tx_swretrymax++; 2818 2819 /* Update BAW anyway */ 2820 if (bf->bf_state.bfs_dobaw) { 2821 ath_tx_update_baw(sc, an, atid, bf); 2822 if (! bf->bf_state.bfs_addedbaw) 2823 device_printf(sc->sc_dev, 2824 "%s: wasn't added: seqno %d\n", 2825 __func__, SEQNO(bf->bf_state.bfs_seqno)); 2826 } 2827 bf->bf_state.bfs_dobaw = 0; 2828 2829 /* Send BAR frame */ 2830 /* 2831 * This'll end up going into net80211 and back out 2832 * again, via ic->ic_raw_xmit(). 2833 */ 2834 txseq = tap->txa_start; 2835 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2836 2837 device_printf(sc->sc_dev, 2838 "%s: TID %d: send BAR; seq %d\n", __func__, tid, txseq); 2839 2840 /* XXX TODO: send BAR */ 2841 2842 /* Free buffer, bf is free after this call */ 2843 ath_tx_default_comp(sc, bf, 0); 2844 return; 2845 } 2846 2847 /* 2848 * This increments the retry counter as well as 2849 * sets the retry flag in the ath_buf and packet 2850 * body. 2851 */ 2852 ath_tx_set_retry(sc, bf); 2853 2854 /* 2855 * Insert this at the head of the queue, so it's 2856 * retried before any current/subsequent frames. 2857 */ 2858 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list); 2859 ath_tx_tid_sched(sc, atid); 2860 2861 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2862 } 2863 2864 /* 2865 * Common code for aggregate excessive retry/subframe retry. 2866 * If retrying, queues buffers to bf_q. If not, frees the 2867 * buffers. 2868 * 2869 * XXX should unify this with ath_tx_aggr_retry_unaggr() 2870 */ 2871 static int 2872 ath_tx_retry_subframe(struct ath_softc *sc, struct ath_buf *bf, 2873 ath_bufhead *bf_q) 2874 { 2875 struct ieee80211_node *ni = bf->bf_node; 2876 struct ath_node *an = ATH_NODE(ni); 2877 int tid = bf->bf_state.bfs_tid; 2878 struct ath_tid *atid = &an->an_tid[tid]; 2879 2880 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[atid->ac]); 2881 2882 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 2883 ath_hal_set11nburstduration(sc->sc_ah, bf->bf_desc, 0); 2884 /* ath_hal_set11n_virtualmorefrag(sc->sc_ah, bf->bf_desc, 0); */ 2885 2886 /* 2887 * If the buffer is marked as busy, we can't directly 2888 * reuse it. Instead, try to clone the buffer. 2889 * If the clone is successful, recycle the old buffer. 2890 * If the clone is unsuccessful, set bfs_retries to max 2891 * to force the next bit of code to free the buffer 2892 * for us. 2893 */ 2894 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) && 2895 (bf->bf_flags & ATH_BUF_BUSY)) { 2896 struct ath_buf *nbf; 2897 nbf = ath_tx_retry_clone(sc, an, atid, bf); 2898 if (nbf) 2899 /* bf has been freed at this point */ 2900 bf = nbf; 2901 else 2902 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1; 2903 } 2904 2905 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) { 2906 sc->sc_stats.ast_tx_swretrymax++; 2907 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES, 2908 "%s: max retries: seqno %d\n", 2909 __func__, SEQNO(bf->bf_state.bfs_seqno)); 2910 ath_tx_update_baw(sc, an, atid, bf); 2911 if (! bf->bf_state.bfs_addedbaw) 2912 device_printf(sc->sc_dev, 2913 "%s: wasn't added: seqno %d\n", 2914 __func__, SEQNO(bf->bf_state.bfs_seqno)); 2915 bf->bf_state.bfs_dobaw = 0; 2916 return 1; 2917 } 2918 2919 ath_tx_set_retry(sc, bf); 2920 bf->bf_next = NULL; /* Just to make sure */ 2921 2922 TAILQ_INSERT_TAIL(bf_q, bf, bf_list); 2923 return 0; 2924 } 2925 2926 /* 2927 * error pkt completion for an aggregate destination 2928 */ 2929 static void 2930 ath_tx_comp_aggr_error(struct ath_softc *sc, struct ath_buf *bf_first, 2931 struct ath_tid *tid) 2932 { 2933 struct ieee80211_node *ni = bf_first->bf_node; 2934 struct ath_node *an = ATH_NODE(ni); 2935 struct ath_buf *bf_next, *bf; 2936 ath_bufhead bf_q; 2937 int drops = 0; 2938 struct ieee80211_tx_ampdu *tap; 2939 ath_bufhead bf_cq; 2940 2941 TAILQ_INIT(&bf_q); 2942 TAILQ_INIT(&bf_cq); 2943 2944 /* 2945 * Update rate control - all frames have failed. 2946 * 2947 * XXX use the length in the first frame in the series; 2948 * XXX just so things are consistent for now. 2949 */ 2950 ath_tx_update_ratectrl(sc, ni, bf_first->bf_state.bfs_rc, 2951 &bf_first->bf_status.ds_txstat, 2952 bf_first->bf_state.bfs_pktlen, 2953 bf_first->bf_state.bfs_nframes, bf_first->bf_state.bfs_nframes); 2954 2955 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 2956 tap = ath_tx_get_tx_tid(an, tid->tid); 2957 sc->sc_stats.ast_tx_aggr_failall++; 2958 2959 /* Retry all subframes */ 2960 bf = bf_first; 2961 while (bf) { 2962 bf_next = bf->bf_next; 2963 bf->bf_next = NULL; /* Remove it from the aggr list */ 2964 sc->sc_stats.ast_tx_aggr_fail++; 2965 if (ath_tx_retry_subframe(sc, bf, &bf_q)) { 2966 drops++; 2967 bf->bf_next = NULL; 2968 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 2969 } 2970 bf = bf_next; 2971 } 2972 2973 /* Prepend all frames to the beginning of the queue */ 2974 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) { 2975 TAILQ_REMOVE(&bf_q, bf, bf_list); 2976 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list); 2977 } 2978 2979 ath_tx_tid_sched(sc, tid); 2980 2981 /* 2982 * send bar if we dropped any frames 2983 * 2984 * Keep the txq lock held for now, as we need to ensure 2985 * that ni_txseqs[] is consistent (as it's being updated 2986 * in the ifnet TX context or raw TX context.) 2987 */ 2988 if (drops) { 2989 int txseq = tap->txa_start; 2990 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 2991 device_printf(sc->sc_dev, 2992 "%s: TID %d: send BAR; seq %d\n", 2993 __func__, tid->tid, txseq); 2994 2995 /* XXX TODO: send BAR */ 2996 } else { 2997 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 2998 } 2999 3000 /* Complete frames which errored out */ 3001 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3002 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3003 ath_tx_default_comp(sc, bf, 0); 3004 } 3005 } 3006 3007 /* 3008 * Handle clean-up of packets from an aggregate list. 3009 * 3010 * There's no need to update the BAW here - the session is being 3011 * torn down. 3012 */ 3013 static void 3014 ath_tx_comp_cleanup_aggr(struct ath_softc *sc, struct ath_buf *bf_first) 3015 { 3016 struct ath_buf *bf, *bf_next; 3017 struct ieee80211_node *ni = bf_first->bf_node; 3018 struct ath_node *an = ATH_NODE(ni); 3019 int tid = bf_first->bf_state.bfs_tid; 3020 struct ath_tid *atid = &an->an_tid[tid]; 3021 3022 bf = bf_first; 3023 3024 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3025 3026 /* update incomp */ 3027 while (bf) { 3028 atid->incomp--; 3029 bf = bf->bf_next; 3030 } 3031 3032 if (atid->incomp == 0) { 3033 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3034 "%s: TID %d: cleaned up! resume!\n", 3035 __func__, tid); 3036 atid->cleanup_inprogress = 0; 3037 ath_tx_tid_resume(sc, atid); 3038 } 3039 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3040 3041 /* Handle frame completion */ 3042 while (bf) { 3043 bf_next = bf->bf_next; 3044 ath_tx_default_comp(sc, bf, 1); 3045 bf = bf_next; 3046 } 3047 } 3048 3049 /* 3050 * Handle completion of an set of aggregate frames. 3051 * 3052 * XXX for now, simply complete each sub-frame. 3053 * 3054 * Note: the completion handler is the last descriptor in the aggregate, 3055 * not the last descriptor in the first frame. 3056 */ 3057 static void 3058 ath_tx_aggr_comp_aggr(struct ath_softc *sc, struct ath_buf *bf_first, int fail) 3059 { 3060 //struct ath_desc *ds = bf->bf_lastds; 3061 struct ieee80211_node *ni = bf_first->bf_node; 3062 struct ath_node *an = ATH_NODE(ni); 3063 int tid = bf_first->bf_state.bfs_tid; 3064 struct ath_tid *atid = &an->an_tid[tid]; 3065 struct ath_tx_status ts; 3066 struct ieee80211_tx_ampdu *tap; 3067 ath_bufhead bf_q; 3068 ath_bufhead bf_cq; 3069 int seq_st, tx_ok; 3070 int hasba, isaggr; 3071 uint32_t ba[2]; 3072 struct ath_buf *bf, *bf_next; 3073 int ba_index; 3074 int drops = 0; 3075 int nframes = 0, nbad = 0, nf; 3076 int pktlen; 3077 /* XXX there's too much on the stack? */ 3078 struct ath_rc_series rc[4]; 3079 int txseq; 3080 3081 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: called; hwq_depth=%d\n", 3082 __func__, atid->hwq_depth); 3083 3084 /* The TID state is kept behind the TXQ lock */ 3085 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3086 3087 atid->hwq_depth--; 3088 if (atid->hwq_depth < 0) 3089 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 3090 __func__, atid->hwq_depth); 3091 3092 /* 3093 * Punt cleanup to the relevant function, not our problem now 3094 */ 3095 if (atid->cleanup_inprogress) { 3096 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3097 ath_tx_comp_cleanup_aggr(sc, bf_first); 3098 return; 3099 } 3100 3101 /* 3102 * Take a copy; this may be needed -after- bf_first 3103 * has been completed and freed. 3104 */ 3105 ts = bf_first->bf_status.ds_txstat; 3106 /* 3107 * XXX for now, use the first frame in the aggregate for 3108 * XXX rate control completion; it's at least consistent. 3109 */ 3110 pktlen = bf_first->bf_state.bfs_pktlen; 3111 3112 /* 3113 * handle errors first 3114 */ 3115 if (ts.ts_status & HAL_TXERR_XRETRY) { 3116 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3117 ath_tx_comp_aggr_error(sc, bf_first, atid); 3118 return; 3119 } 3120 3121 TAILQ_INIT(&bf_q); 3122 TAILQ_INIT(&bf_cq); 3123 tap = ath_tx_get_tx_tid(an, tid); 3124 3125 /* 3126 * extract starting sequence and block-ack bitmap 3127 */ 3128 /* XXX endian-ness of seq_st, ba? */ 3129 seq_st = ts.ts_seqnum; 3130 hasba = !! (ts.ts_flags & HAL_TX_BA); 3131 tx_ok = (ts.ts_status == 0); 3132 isaggr = bf_first->bf_state.bfs_aggr; 3133 ba[0] = ts.ts_ba_low; 3134 ba[1] = ts.ts_ba_high; 3135 3136 /* 3137 * Copy the TX completion status and the rate control 3138 * series from the first descriptor, as it may be freed 3139 * before the rate control code can get its grubby fingers 3140 * into things. 3141 */ 3142 memcpy(rc, bf_first->bf_state.bfs_rc, sizeof(rc)); 3143 3144 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3145 "%s: txa_start=%d, tx_ok=%d, status=%.8x, flags=%.8x, isaggr=%d, seq_st=%d, hasba=%d, ba=%.8x, %.8x\n", 3146 __func__, tap->txa_start, tx_ok, ts.ts_status, ts.ts_flags, 3147 isaggr, seq_st, hasba, ba[0], ba[1]); 3148 3149 /* Occasionally, the MAC sends a tx status for the wrong TID. */ 3150 if (tid != ts.ts_tid) { 3151 device_printf(sc->sc_dev, "%s: tid %d != hw tid %d\n", 3152 __func__, tid, ts.ts_tid); 3153 tx_ok = 0; 3154 } 3155 3156 /* AR5416 BA bug; this requires an interface reset */ 3157 if (isaggr && tx_ok && (! hasba)) { 3158 device_printf(sc->sc_dev, 3159 "%s: AR5416 bug: hasba=%d; txok=%d, isaggr=%d, seq_st=%d\n", 3160 __func__, hasba, tx_ok, isaggr, seq_st); 3161 /* XXX TODO: schedule an interface reset */ 3162 } 3163 3164 /* 3165 * Walk the list of frames, figure out which ones were correctly 3166 * sent and which weren't. 3167 */ 3168 bf = bf_first; 3169 nf = bf_first->bf_state.bfs_nframes; 3170 3171 /* bf_first is going to be invalid once this list is walked */ 3172 bf_first = NULL; 3173 3174 /* 3175 * Walk the list of completed frames and determine 3176 * which need to be completed and which need to be 3177 * retransmitted. 3178 * 3179 * For completed frames, the completion functions need 3180 * to be called at the end of this function as the last 3181 * node reference may free the node. 3182 * 3183 * Finally, since the TXQ lock can't be held during the 3184 * completion callback (to avoid lock recursion), 3185 * the completion calls have to be done outside of the 3186 * lock. 3187 */ 3188 while (bf) { 3189 nframes++; 3190 ba_index = ATH_BA_INDEX(seq_st, SEQNO(bf->bf_state.bfs_seqno)); 3191 bf_next = bf->bf_next; 3192 bf->bf_next = NULL; /* Remove it from the aggr list */ 3193 3194 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3195 "%s: checking bf=%p seqno=%d; ack=%d\n", 3196 __func__, bf, SEQNO(bf->bf_state.bfs_seqno), 3197 ATH_BA_ISSET(ba, ba_index)); 3198 3199 if (tx_ok && ATH_BA_ISSET(ba, ba_index)) { 3200 sc->sc_stats.ast_tx_aggr_ok++; 3201 ath_tx_update_baw(sc, an, atid, bf); 3202 bf->bf_state.bfs_dobaw = 0; 3203 if (! bf->bf_state.bfs_addedbaw) 3204 device_printf(sc->sc_dev, 3205 "%s: wasn't added: seqno %d\n", 3206 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3207 bf->bf_next = NULL; 3208 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3209 } else { 3210 sc->sc_stats.ast_tx_aggr_fail++; 3211 if (ath_tx_retry_subframe(sc, bf, &bf_q)) { 3212 drops++; 3213 bf->bf_next = NULL; 3214 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3215 } 3216 nbad++; 3217 } 3218 bf = bf_next; 3219 } 3220 3221 /* 3222 * Now that the BAW updates have been done, unlock 3223 * 3224 * txseq is grabbed before the lock is released so we 3225 * have a consistent view of what -was- in the BAW. 3226 * Anything after this point will not yet have been 3227 * TXed. 3228 */ 3229 txseq = tap->txa_start; 3230 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3231 3232 if (nframes != nf) 3233 device_printf(sc->sc_dev, 3234 "%s: num frames seen=%d; bf nframes=%d\n", 3235 __func__, nframes, nf); 3236 3237 /* 3238 * Now we know how many frames were bad, call the rate 3239 * control code. 3240 */ 3241 if (fail == 0) 3242 ath_tx_update_ratectrl(sc, ni, rc, &ts, pktlen, nframes, nbad); 3243 3244 /* 3245 * send bar if we dropped any frames 3246 */ 3247 if (drops) { 3248 device_printf(sc->sc_dev, 3249 "%s: TID %d: send BAR; seq %d\n", __func__, tid, txseq); 3250 /* XXX TODO: send BAR */ 3251 } 3252 3253 /* Prepend all frames to the beginning of the queue */ 3254 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3255 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) { 3256 TAILQ_REMOVE(&bf_q, bf, bf_list); 3257 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list); 3258 } 3259 ath_tx_tid_sched(sc, atid); 3260 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3261 3262 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3263 "%s: txa_start now %d\n", __func__, tap->txa_start); 3264 3265 /* Do deferred completion */ 3266 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3267 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3268 ath_tx_default_comp(sc, bf, 0); 3269 } 3270 } 3271 3272 /* 3273 * Handle completion of unaggregated frames in an ADDBA 3274 * session. 3275 * 3276 * Fail is set to 1 if the entry is being freed via a call to 3277 * ath_tx_draintxq(). 3278 */ 3279 static void 3280 ath_tx_aggr_comp_unaggr(struct ath_softc *sc, struct ath_buf *bf, int fail) 3281 { 3282 struct ieee80211_node *ni = bf->bf_node; 3283 struct ath_node *an = ATH_NODE(ni); 3284 int tid = bf->bf_state.bfs_tid; 3285 struct ath_tid *atid = &an->an_tid[tid]; 3286 struct ath_tx_status *ts = &bf->bf_status.ds_txstat; 3287 3288 /* 3289 * Update rate control status here, before we possibly 3290 * punt to retry or cleanup. 3291 * 3292 * Do it outside of the TXQ lock. 3293 */ 3294 if (fail == 0 && ((bf->bf_txflags & HAL_TXDESC_NOACK) == 0)) 3295 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc, 3296 &bf->bf_status.ds_txstat, 3297 bf->bf_state.bfs_pktlen, 3298 1, (ts->ts_status == 0) ? 0 : 1); 3299 3300 /* 3301 * This is called early so atid->hwq_depth can be tracked. 3302 * This unfortunately means that it's released and regrabbed 3303 * during retry and cleanup. That's rather inefficient. 3304 */ 3305 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3306 3307 if (tid == IEEE80211_NONQOS_TID) 3308 device_printf(sc->sc_dev, "%s: TID=16!\n", __func__); 3309 3310 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: tid=%d, hwq_depth=%d\n", 3311 __func__, bf, bf->bf_state.bfs_tid, atid->hwq_depth); 3312 3313 atid->hwq_depth--; 3314 if (atid->hwq_depth < 0) 3315 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 3316 __func__, atid->hwq_depth); 3317 3318 /* 3319 * If a cleanup is in progress, punt to comp_cleanup; 3320 * rather than handling it here. It's thus their 3321 * responsibility to clean up, call the completion 3322 * function in net80211, etc. 3323 */ 3324 if (atid->cleanup_inprogress) { 3325 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3326 ath_tx_comp_cleanup_unaggr(sc, bf); 3327 return; 3328 } 3329 3330 /* 3331 * Don't bother with the retry check if all frames 3332 * are being failed (eg during queue deletion.) 3333 */ 3334 if (fail == 0 && ts->ts_status & HAL_TXERR_XRETRY) { 3335 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3336 ath_tx_aggr_retry_unaggr(sc, bf); 3337 return; 3338 } 3339 3340 /* Success? Complete */ 3341 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: TID=%d, seqno %d\n", 3342 __func__, tid, SEQNO(bf->bf_state.bfs_seqno)); 3343 if (bf->bf_state.bfs_dobaw) { 3344 ath_tx_update_baw(sc, an, atid, bf); 3345 bf->bf_state.bfs_dobaw = 0; 3346 if (! bf->bf_state.bfs_addedbaw) 3347 device_printf(sc->sc_dev, 3348 "%s: wasn't added: seqno %d\n", 3349 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3350 } 3351 3352 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3353 3354 ath_tx_default_comp(sc, bf, fail); 3355 /* bf is freed at this point */ 3356 } 3357 3358 void 3359 ath_tx_aggr_comp(struct ath_softc *sc, struct ath_buf *bf, int fail) 3360 { 3361 if (bf->bf_state.bfs_aggr) 3362 ath_tx_aggr_comp_aggr(sc, bf, fail); 3363 else 3364 ath_tx_aggr_comp_unaggr(sc, bf, fail); 3365 } 3366 3367 /* 3368 * Schedule some packets from the given node/TID to the hardware. 3369 * 3370 * This is the aggregate version. 3371 */ 3372 void 3373 ath_tx_tid_hw_queue_aggr(struct ath_softc *sc, struct ath_node *an, 3374 struct ath_tid *tid) 3375 { 3376 struct ath_buf *bf; 3377 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 3378 struct ieee80211_tx_ampdu *tap; 3379 struct ieee80211_node *ni = &an->an_node; 3380 ATH_AGGR_STATUS status; 3381 ath_bufhead bf_q; 3382 3383 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d\n", __func__, tid->tid); 3384 ATH_TXQ_LOCK_ASSERT(txq); 3385 3386 tap = ath_tx_get_tx_tid(an, tid->tid); 3387 3388 if (tid->tid == IEEE80211_NONQOS_TID) 3389 device_printf(sc->sc_dev, "%s: called for TID=NONQOS_TID?\n", 3390 __func__); 3391 3392 for (;;) { 3393 status = ATH_AGGR_DONE; 3394 3395 /* 3396 * If the upper layer has paused the TID, don't 3397 * queue any further packets. 3398 * 3399 * This can also occur from the completion task because 3400 * of packet loss; but as its serialised with this code, 3401 * it won't "appear" half way through queuing packets. 3402 */ 3403 if (tid->paused) 3404 break; 3405 3406 bf = TAILQ_FIRST(&tid->axq_q); 3407 if (bf == NULL) { 3408 break; 3409 } 3410 3411 /* 3412 * If the packet doesn't fall within the BAW (eg a NULL 3413 * data frame), schedule it directly; continue. 3414 */ 3415 if (! bf->bf_state.bfs_dobaw) { 3416 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: non-baw packet\n", 3417 __func__); 3418 ATH_TXQ_REMOVE(tid, bf, bf_list); 3419 bf->bf_state.bfs_aggr = 0; 3420 ath_tx_do_ratelookup(sc, bf); 3421 ath_tx_rate_fill_rcflags(sc, bf); 3422 ath_tx_set_rtscts(sc, bf); 3423 ath_tx_setds(sc, bf); 3424 ath_tx_chaindesclist(sc, bf); 3425 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3426 ath_tx_set_ratectrl(sc, ni, bf); 3427 3428 sc->sc_aggr_stats.aggr_nonbaw_pkt++; 3429 3430 /* Queue the packet; continue */ 3431 goto queuepkt; 3432 } 3433 3434 TAILQ_INIT(&bf_q); 3435 3436 /* 3437 * Do a rate control lookup on the first frame in the 3438 * list. The rate control code needs that to occur 3439 * before it can determine whether to TX. 3440 * It's inaccurate because the rate control code doesn't 3441 * really "do" aggregate lookups, so it only considers 3442 * the size of the first frame. 3443 */ 3444 ath_tx_do_ratelookup(sc, bf); 3445 bf->bf_state.bfs_rc[3].rix = 0; 3446 bf->bf_state.bfs_rc[3].tries = 0; 3447 ath_tx_rate_fill_rcflags(sc, bf); 3448 3449 status = ath_tx_form_aggr(sc, an, tid, &bf_q); 3450 3451 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3452 "%s: ath_tx_form_aggr() status=%d\n", __func__, status); 3453 3454 /* 3455 * No frames to be picked up - out of BAW 3456 */ 3457 if (TAILQ_EMPTY(&bf_q)) 3458 break; 3459 3460 /* 3461 * This assumes that the descriptor list in the ath_bufhead 3462 * are already linked together via bf_next pointers. 3463 */ 3464 bf = TAILQ_FIRST(&bf_q); 3465 3466 /* 3467 * If it's the only frame send as non-aggregate 3468 * assume that ath_tx_form_aggr() has checked 3469 * whether it's in the BAW and added it appropriately. 3470 */ 3471 if (bf->bf_state.bfs_nframes == 1) { 3472 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3473 "%s: single-frame aggregate\n", __func__); 3474 bf->bf_state.bfs_aggr = 0; 3475 ath_tx_set_rtscts(sc, bf); 3476 ath_tx_setds(sc, bf); 3477 ath_tx_chaindesclist(sc, bf); 3478 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3479 ath_tx_set_ratectrl(sc, ni, bf); 3480 if (status == ATH_AGGR_BAW_CLOSED) 3481 sc->sc_aggr_stats.aggr_baw_closed_single_pkt++; 3482 else 3483 sc->sc_aggr_stats.aggr_single_pkt++; 3484 } else { 3485 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3486 "%s: multi-frame aggregate: %d frames, length %d\n", 3487 __func__, bf->bf_state.bfs_nframes, 3488 bf->bf_state.bfs_al); 3489 bf->bf_state.bfs_aggr = 1; 3490 sc->sc_aggr_stats.aggr_pkts[bf->bf_state.bfs_nframes]++; 3491 sc->sc_aggr_stats.aggr_aggr_pkt++; 3492 3493 /* 3494 * Update the rate and rtscts information based on the 3495 * rate decision made by the rate control code; 3496 * the first frame in the aggregate needs it. 3497 */ 3498 ath_tx_set_rtscts(sc, bf); 3499 3500 /* 3501 * Setup the relevant descriptor fields 3502 * for aggregation. The first descriptor 3503 * already points to the rest in the chain. 3504 */ 3505 ath_tx_setds_11n(sc, bf); 3506 3507 /* 3508 * setup first desc with rate and aggr info 3509 */ 3510 ath_tx_set_ratectrl(sc, ni, bf); 3511 } 3512 queuepkt: 3513 //txq = bf->bf_state.bfs_txq; 3514 3515 /* Set completion handler, multi-frame aggregate or not */ 3516 bf->bf_comp = ath_tx_aggr_comp; 3517 3518 if (bf->bf_state.bfs_tid == IEEE80211_NONQOS_TID) 3519 device_printf(sc->sc_dev, "%s: TID=16?\n", __func__); 3520 3521 /* Punt to txq */ 3522 ath_tx_handoff(sc, txq, bf); 3523 3524 /* Track outstanding buffer count to hardware */ 3525 /* aggregates are "one" buffer */ 3526 tid->hwq_depth++; 3527 3528 /* 3529 * Break out if ath_tx_form_aggr() indicated 3530 * there can't be any further progress (eg BAW is full.) 3531 * Checking for an empty txq is done above. 3532 * 3533 * XXX locking on txq here? 3534 */ 3535 if (txq->axq_aggr_depth >= sc->sc_hwq_limit || 3536 status == ATH_AGGR_BAW_CLOSED) 3537 break; 3538 } 3539 } 3540 3541 /* 3542 * Schedule some packets from the given node/TID to the hardware. 3543 */ 3544 void 3545 ath_tx_tid_hw_queue_norm(struct ath_softc *sc, struct ath_node *an, 3546 struct ath_tid *tid) 3547 { 3548 struct ath_buf *bf; 3549 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 3550 struct ieee80211_node *ni = &an->an_node; 3551 3552 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: node %p: TID %d: called\n", 3553 __func__, an, tid->tid); 3554 3555 ATH_TXQ_LOCK_ASSERT(txq); 3556 3557 /* Check - is AMPDU pending or running? then print out something */ 3558 if (ath_tx_ampdu_pending(sc, an, tid->tid)) 3559 device_printf(sc->sc_dev, "%s: tid=%d, ampdu pending?\n", 3560 __func__, tid->tid); 3561 if (ath_tx_ampdu_running(sc, an, tid->tid)) 3562 device_printf(sc->sc_dev, "%s: tid=%d, ampdu running?\n", 3563 __func__, tid->tid); 3564 3565 for (;;) { 3566 3567 /* 3568 * If the upper layers have paused the TID, don't 3569 * queue any further packets. 3570 */ 3571 if (tid->paused) 3572 break; 3573 3574 bf = TAILQ_FIRST(&tid->axq_q); 3575 if (bf == NULL) { 3576 break; 3577 } 3578 3579 ATH_TXQ_REMOVE(tid, bf, bf_list); 3580 3581 KASSERT(txq == bf->bf_state.bfs_txq, ("txqs not equal!\n")); 3582 3583 /* Sanity check! */ 3584 if (tid->tid != bf->bf_state.bfs_tid) { 3585 device_printf(sc->sc_dev, "%s: bfs_tid %d !=" 3586 " tid %d\n", 3587 __func__, bf->bf_state.bfs_tid, tid->tid); 3588 } 3589 /* Normal completion handler */ 3590 bf->bf_comp = ath_tx_normal_comp; 3591 3592 /* Program descriptors + rate control */ 3593 ath_tx_do_ratelookup(sc, bf); 3594 ath_tx_rate_fill_rcflags(sc, bf); 3595 ath_tx_set_rtscts(sc, bf); 3596 ath_tx_setds(sc, bf); 3597 ath_tx_chaindesclist(sc, bf); 3598 ath_tx_set_ratectrl(sc, ni, bf); 3599 3600 /* Track outstanding buffer count to hardware */ 3601 /* aggregates are "one" buffer */ 3602 tid->hwq_depth++; 3603 3604 /* Punt to hardware or software txq */ 3605 ath_tx_handoff(sc, txq, bf); 3606 } 3607 } 3608 3609 /* 3610 * Schedule some packets to the given hardware queue. 3611 * 3612 * This function walks the list of TIDs (ie, ath_node TIDs 3613 * with queued traffic) and attempts to schedule traffic 3614 * from them. 3615 * 3616 * TID scheduling is implemented as a FIFO, with TIDs being 3617 * added to the end of the queue after some frames have been 3618 * scheduled. 3619 */ 3620 void 3621 ath_txq_sched(struct ath_softc *sc, struct ath_txq *txq) 3622 { 3623 struct ath_tid *tid, *next, *last; 3624 3625 ATH_TXQ_LOCK_ASSERT(txq); 3626 3627 /* 3628 * Don't schedule if the hardware queue is busy. 3629 * This (hopefully) gives some more time to aggregate 3630 * some packets in the aggregation queue. 3631 */ 3632 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) { 3633 sc->sc_aggr_stats.aggr_sched_nopkt++; 3634 return; 3635 } 3636 3637 last = TAILQ_LAST(&txq->axq_tidq, axq_t_s); 3638 3639 TAILQ_FOREACH_SAFE(tid, &txq->axq_tidq, axq_qelem, next) { 3640 /* 3641 * Suspend paused queues here; they'll be resumed 3642 * once the addba completes or times out. 3643 */ 3644 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, paused=%d\n", 3645 __func__, tid->tid, tid->paused); 3646 ath_tx_tid_unsched(sc, tid); 3647 if (tid->paused) { 3648 continue; 3649 } 3650 if (ath_tx_ampdu_running(sc, tid->an, tid->tid)) 3651 ath_tx_tid_hw_queue_aggr(sc, tid->an, tid); 3652 else 3653 ath_tx_tid_hw_queue_norm(sc, tid->an, tid); 3654 3655 /* Not empty? Re-schedule */ 3656 if (tid->axq_depth != 0) 3657 ath_tx_tid_sched(sc, tid); 3658 3659 /* Give the software queue time to aggregate more packets */ 3660 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) { 3661 break; 3662 } 3663 3664 /* 3665 * If this was the last entry on the original list, stop. 3666 * Otherwise nodes that have been rescheduled onto the end 3667 * of the TID FIFO list will just keep being rescheduled. 3668 */ 3669 if (tid == last) 3670 break; 3671 } 3672 } 3673 3674 /* 3675 * TX addba handling 3676 */ 3677 3678 /* 3679 * Return net80211 TID struct pointer, or NULL for none 3680 */ 3681 struct ieee80211_tx_ampdu * 3682 ath_tx_get_tx_tid(struct ath_node *an, int tid) 3683 { 3684 struct ieee80211_node *ni = &an->an_node; 3685 struct ieee80211_tx_ampdu *tap; 3686 int ac; 3687 3688 if (tid == IEEE80211_NONQOS_TID) 3689 return NULL; 3690 3691 ac = TID_TO_WME_AC(tid); 3692 3693 tap = &ni->ni_tx_ampdu[ac]; 3694 return tap; 3695 } 3696 3697 /* 3698 * Is AMPDU-TX running? 3699 */ 3700 static int 3701 ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, int tid) 3702 { 3703 struct ieee80211_tx_ampdu *tap; 3704 3705 if (tid == IEEE80211_NONQOS_TID) 3706 return 0; 3707 3708 tap = ath_tx_get_tx_tid(an, tid); 3709 if (tap == NULL) 3710 return 0; /* Not valid; default to not running */ 3711 3712 return !! (tap->txa_flags & IEEE80211_AGGR_RUNNING); 3713 } 3714 3715 /* 3716 * Is AMPDU-TX negotiation pending? 3717 */ 3718 static int 3719 ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, int tid) 3720 { 3721 struct ieee80211_tx_ampdu *tap; 3722 3723 if (tid == IEEE80211_NONQOS_TID) 3724 return 0; 3725 3726 tap = ath_tx_get_tx_tid(an, tid); 3727 if (tap == NULL) 3728 return 0; /* Not valid; default to not pending */ 3729 3730 return !! (tap->txa_flags & IEEE80211_AGGR_XCHGPEND); 3731 } 3732 3733 /* 3734 * Is AMPDU-TX pending for the given TID? 3735 */ 3736 3737 3738 /* 3739 * Method to handle sending an ADDBA request. 3740 * 3741 * We tap this so the relevant flags can be set to pause the TID 3742 * whilst waiting for the response. 3743 * 3744 * XXX there's no timeout handler we can override? 3745 */ 3746 int 3747 ath_addba_request(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 3748 int dialogtoken, int baparamset, int batimeout) 3749 { 3750 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 3751 int tid = WME_AC_TO_TID(tap->txa_ac); 3752 struct ath_node *an = ATH_NODE(ni); 3753 struct ath_tid *atid = &an->an_tid[tid]; 3754 3755 /* 3756 * XXX danger Will Robinson! 3757 * 3758 * Although the taskqueue may be running and scheduling some more 3759 * packets, these should all be _before_ the addba sequence number. 3760 * However, net80211 will keep self-assigning sequence numbers 3761 * until addba has been negotiated. 3762 * 3763 * In the past, these packets would be "paused" (which still works 3764 * fine, as they're being scheduled to the driver in the same 3765 * serialised method which is calling the addba request routine) 3766 * and when the aggregation session begins, they'll be dequeued 3767 * as aggregate packets and added to the BAW. However, now there's 3768 * a "bf->bf_state.bfs_dobaw" flag, and this isn't set for these 3769 * packets. Thus they never get included in the BAW tracking and 3770 * this can cause the initial burst of packets after the addba 3771 * negotiation to "hang", as they quickly fall outside the BAW. 3772 * 3773 * The "eventual" solution should be to tag these packets with 3774 * dobaw. Although net80211 has given us a sequence number, 3775 * it'll be "after" the left edge of the BAW and thus it'll 3776 * fall within it. 3777 */ 3778 ath_tx_tid_pause(sc, atid); 3779 3780 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3781 "%s: called; dialogtoken=%d, baparamset=%d, batimeout=%d\n", 3782 __func__, dialogtoken, baparamset, batimeout); 3783 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3784 "%s: txa_start=%d, ni_txseqs=%d\n", 3785 __func__, tap->txa_start, ni->ni_txseqs[tid]); 3786 3787 return sc->sc_addba_request(ni, tap, dialogtoken, baparamset, 3788 batimeout); 3789 } 3790 3791 /* 3792 * Handle an ADDBA response. 3793 * 3794 * We unpause the queue so TX'ing can resume. 3795 * 3796 * Any packets TX'ed from this point should be "aggregate" (whether 3797 * aggregate or not) so the BAW is updated. 3798 * 3799 * Note! net80211 keeps self-assigning sequence numbers until 3800 * ampdu is negotiated. This means the initially-negotiated BAW left 3801 * edge won't match the ni->ni_txseq. 3802 * 3803 * So, being very dirty, the BAW left edge is "slid" here to match 3804 * ni->ni_txseq. 3805 * 3806 * What likely SHOULD happen is that all packets subsequent to the 3807 * addba request should be tagged as aggregate and queued as non-aggregate 3808 * frames; thus updating the BAW. For now though, I'll just slide the 3809 * window. 3810 */ 3811 int 3812 ath_addba_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 3813 int status, int code, int batimeout) 3814 { 3815 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 3816 int tid = WME_AC_TO_TID(tap->txa_ac); 3817 struct ath_node *an = ATH_NODE(ni); 3818 struct ath_tid *atid = &an->an_tid[tid]; 3819 int r; 3820 3821 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3822 "%s: called; status=%d, code=%d, batimeout=%d\n", __func__, 3823 status, code, batimeout); 3824 3825 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3826 "%s: txa_start=%d, ni_txseqs=%d\n", 3827 __func__, tap->txa_start, ni->ni_txseqs[tid]); 3828 3829 /* 3830 * Call this first, so the interface flags get updated 3831 * before the TID is unpaused. Otherwise a race condition 3832 * exists where the unpaused TID still doesn't yet have 3833 * IEEE80211_AGGR_RUNNING set. 3834 */ 3835 r = sc->sc_addba_response(ni, tap, status, code, batimeout); 3836 3837 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3838 /* 3839 * XXX dirty! 3840 * Slide the BAW left edge to wherever net80211 left it for us. 3841 * Read above for more information. 3842 */ 3843 tap->txa_start = ni->ni_txseqs[tid]; 3844 ath_tx_tid_resume(sc, atid); 3845 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3846 return r; 3847 } 3848 3849 3850 /* 3851 * Stop ADDBA on a queue. 3852 */ 3853 void 3854 ath_addba_stop(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 3855 { 3856 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 3857 int tid = WME_AC_TO_TID(tap->txa_ac); 3858 struct ath_node *an = ATH_NODE(ni); 3859 struct ath_tid *atid = &an->an_tid[tid]; 3860 3861 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: called\n", __func__); 3862 3863 /* Pause TID traffic early, so there aren't any races */ 3864 ath_tx_tid_pause(sc, atid); 3865 3866 /* There's no need to hold the TXQ lock here */ 3867 sc->sc_addba_stop(ni, tap); 3868 3869 /* 3870 * ath_tx_cleanup will resume the TID if possible, otherwise 3871 * it'll set the cleanup flag, and it'll be unpaused once 3872 * things have been cleaned up. 3873 */ 3874 ath_tx_cleanup(sc, an, tid); 3875 } 3876 3877 /* 3878 * Note: net80211 bar_timeout() doesn't call this function on BAR failure; 3879 * it simply tears down the aggregation session. Ew. 3880 * 3881 * It however will call ieee80211_ampdu_stop() which will call 3882 * ic->ic_addba_stop(). 3883 * 3884 * XXX This uses a hard-coded max BAR count value; the whole 3885 * XXX BAR TX success or failure should be better handled! 3886 */ 3887 void 3888 ath_bar_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 3889 int status) 3890 { 3891 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 3892 int tid = WME_AC_TO_TID(tap->txa_ac); 3893 struct ath_node *an = ATH_NODE(ni); 3894 struct ath_tid *atid = &an->an_tid[tid]; 3895 int attempts = tap->txa_attempts; 3896 3897 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3898 "%s: called; status=%d\n", __func__, status); 3899 3900 /* Note: This may update the BAW details */ 3901 sc->sc_bar_response(ni, tap, status); 3902 3903 /* Unpause the TID */ 3904 /* 3905 * XXX if this is attempt=50, the TID will be downgraded 3906 * XXX to a non-aggregate session. So we must unpause the 3907 * XXX TID here or it'll never be done. 3908 */ 3909 if (status == 0 || attempts == 50) { 3910 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3911 ath_tx_tid_resume(sc, atid); 3912 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3913 } 3914 } 3915 3916 /* 3917 * This is called whenever the pending ADDBA request times out. 3918 * Unpause and reschedule the TID. 3919 */ 3920 void 3921 ath_addba_response_timeout(struct ieee80211_node *ni, 3922 struct ieee80211_tx_ampdu *tap) 3923 { 3924 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 3925 int tid = WME_AC_TO_TID(tap->txa_ac); 3926 struct ath_node *an = ATH_NODE(ni); 3927 struct ath_tid *atid = &an->an_tid[tid]; 3928 3929 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3930 "%s: called; resuming\n", __func__); 3931 3932 /* Note: This updates the aggregate state to (again) pending */ 3933 sc->sc_addba_response_timeout(ni, tap); 3934 3935 /* Unpause the TID; which reschedules it */ 3936 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3937 ath_tx_tid_resume(sc, atid); 3938 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3939 } 3940