649 ath_hal_txstart(ah, txq->axq_qnum);
650}
651
652/*
653 * Hand off a packet to the hardware (or mcast queue.)
654 *
655 * The relevant hardware txq should be locked.
656 */
657static void
658ath_tx_handoff(struct ath_softc *sc, struct ath_txq *txq, struct ath_buf *bf)
659{
660 ATH_TXQ_LOCK_ASSERT(txq);
661
662 if (txq->axq_qnum == ATH_TXQ_SWQ)
663 ath_tx_handoff_mcast(sc, txq, bf);
664 else
665 ath_tx_handoff_hw(sc, txq, bf);
666}
667
668static int
669ath_tx_tag_crypto(struct ath_softc *sc, struct ieee80211_node *ni,
670 struct mbuf *m0, int iswep, int isfrag, int *hdrlen, int *pktlen,
671 int *keyix)
672{
673 DPRINTF(sc, ATH_DEBUG_XMIT,
674 "%s: hdrlen=%d, pktlen=%d, isfrag=%d, iswep=%d, m0=%p\n",
675 __func__,
676 *hdrlen,
677 *pktlen,
678 isfrag,
679 iswep,
680 m0);
681
682 if (iswep) {
683 const struct ieee80211_cipher *cip;
684 struct ieee80211_key *k;
685
686 /*
687 * Construct the 802.11 header+trailer for an encrypted
688 * frame. The only reason this can fail is because of an
689 * unknown or unsupported cipher/key type.
690 */
691 k = ieee80211_crypto_encap(ni, m0);
692 if (k == NULL) {
693 /*
694 * This can happen when the key is yanked after the
695 * frame was queued. Just discard the frame; the
696 * 802.11 layer counts failures and provides
697 * debugging/diagnostics.
698 */
699 return (0);
700 }
701 /*
702 * Adjust the packet + header lengths for the crypto
703 * additions and calculate the h/w key index. When
704 * a s/w mic is done the frame will have had any mic
705 * added to it prior to entry so m0->m_pkthdr.len will
706 * account for it. Otherwise we need to add it to the
707 * packet length.
708 */
709 cip = k->wk_cipher;
710 (*hdrlen) += cip->ic_header;
711 (*pktlen) += cip->ic_header + cip->ic_trailer;
712 /* NB: frags always have any TKIP MIC done in s/w */
713 if ((k->wk_flags & IEEE80211_KEY_SWMIC) == 0 && !isfrag)
714 (*pktlen) += cip->ic_miclen;
715 (*keyix) = k->wk_keyix;
716 } else if (ni->ni_ucastkey.wk_cipher == &ieee80211_cipher_none) {
717 /*
718 * Use station key cache slot, if assigned.
719 */
720 (*keyix) = ni->ni_ucastkey.wk_keyix;
721 if ((*keyix) == IEEE80211_KEYIX_NONE)
722 (*keyix) = HAL_TXKEYIX_INVALID;
723 } else
724 (*keyix) = HAL_TXKEYIX_INVALID;
725
726 return (1);
727}
728
729/*
730 * Calculate whether interoperability protection is required for
731 * this frame.
732 *
733 * This requires the rate control information be filled in,
734 * as the protection requirement depends upon the current
735 * operating mode / PHY.
736 */
737static void
738ath_tx_calc_protection(struct ath_softc *sc, struct ath_buf *bf)
739{
740 struct ieee80211_frame *wh;
741 uint8_t rix;
742 uint16_t flags;
743 int shortPreamble;
744 const HAL_RATE_TABLE *rt = sc->sc_currates;
745 struct ifnet *ifp = sc->sc_ifp;
746 struct ieee80211com *ic = ifp->if_l2com;
747
748 flags = bf->bf_state.bfs_txflags;
749 rix = bf->bf_state.bfs_rc[0].rix;
750 shortPreamble = bf->bf_state.bfs_shpream;
751 wh = mtod(bf->bf_m, struct ieee80211_frame *);
752
753 /*
754 * If 802.11g protection is enabled, determine whether
755 * to use RTS/CTS or just CTS. Note that this is only
756 * done for OFDM unicast frames.
757 */
758 if ((ic->ic_flags & IEEE80211_F_USEPROT) &&
759 rt->info[rix].phy == IEEE80211_T_OFDM &&
760 (flags & HAL_TXDESC_NOACK) == 0) {
761 bf->bf_state.bfs_doprot = 1;
762 /* XXX fragments must use CCK rates w/ protection */
763 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) {
764 flags |= HAL_TXDESC_RTSENA;
765 } else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) {
766 flags |= HAL_TXDESC_CTSENA;
767 }
768 /*
769 * For frags it would be desirable to use the
770 * highest CCK rate for RTS/CTS. But stations
771 * farther away may detect it at a lower CCK rate
772 * so use the configured protection rate instead
773 * (for now).
774 */
775 sc->sc_stats.ast_tx_protect++;
776 }
777
778 /*
779 * If 11n protection is enabled and it's a HT frame,
780 * enable RTS.
781 *
782 * XXX ic_htprotmode or ic_curhtprotmode?
783 * XXX should it_htprotmode only matter if ic_curhtprotmode
784 * XXX indicates it's not a HT pure environment?
785 */
786 if ((ic->ic_htprotmode == IEEE80211_PROT_RTSCTS) &&
787 rt->info[rix].phy == IEEE80211_T_HT &&
788 (flags & HAL_TXDESC_NOACK) == 0) {
789 flags |= HAL_TXDESC_RTSENA;
790 sc->sc_stats.ast_tx_htprotect++;
791 }
792 bf->bf_state.bfs_txflags = flags;
793}
794
795/*
796 * Update the frame duration given the currently selected rate.
797 *
798 * This also updates the frame duration value, so it will require
799 * a DMA flush.
800 */
801static void
802ath_tx_calc_duration(struct ath_softc *sc, struct ath_buf *bf)
803{
804 struct ieee80211_frame *wh;
805 uint8_t rix;
806 uint16_t flags;
807 int shortPreamble;
808 struct ath_hal *ah = sc->sc_ah;
809 const HAL_RATE_TABLE *rt = sc->sc_currates;
810 int isfrag = bf->bf_m->m_flags & M_FRAG;
811
812 flags = bf->bf_state.bfs_txflags;
813 rix = bf->bf_state.bfs_rc[0].rix;
814 shortPreamble = bf->bf_state.bfs_shpream;
815 wh = mtod(bf->bf_m, struct ieee80211_frame *);
816
817 /*
818 * Calculate duration. This logically belongs in the 802.11
819 * layer but it lacks sufficient information to calculate it.
820 */
821 if ((flags & HAL_TXDESC_NOACK) == 0 &&
822 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_CTL) {
823 u_int16_t dur;
824 if (shortPreamble)
825 dur = rt->info[rix].spAckDuration;
826 else
827 dur = rt->info[rix].lpAckDuration;
828 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) {
829 dur += dur; /* additional SIFS+ACK */
830 KASSERT(bf->bf_m->m_nextpkt != NULL, ("no fragment"));
831 /*
832 * Include the size of next fragment so NAV is
833 * updated properly. The last fragment uses only
834 * the ACK duration
835 */
836 dur += ath_hal_computetxtime(ah, rt,
837 bf->bf_m->m_nextpkt->m_pkthdr.len,
838 rix, shortPreamble);
839 }
840 if (isfrag) {
841 /*
842 * Force hardware to use computed duration for next
843 * fragment by disabling multi-rate retry which updates
844 * duration based on the multi-rate duration table.
845 */
846 bf->bf_state.bfs_ismrr = 0;
847 bf->bf_state.bfs_try0 = ATH_TXMGTTRY;
848 /* XXX update bfs_rc[0].try? */
849 }
850
851 /* Update the duration field itself */
852 *(u_int16_t *)wh->i_dur = htole16(dur);
853 }
854}
855
856static uint8_t
857ath_tx_get_rtscts_rate(struct ath_hal *ah, const HAL_RATE_TABLE *rt,
858 int cix, int shortPreamble)
859{
860 uint8_t ctsrate;
861
862 /*
863 * CTS transmit rate is derived from the transmit rate
864 * by looking in the h/w rate table. We must also factor
865 * in whether or not a short preamble is to be used.
866 */
867 /* NB: cix is set above where RTS/CTS is enabled */
868 KASSERT(cix != 0xff, ("cix not setup"));
869 ctsrate = rt->info[cix].rateCode;
870
871 /* XXX this should only matter for legacy rates */
872 if (shortPreamble)
873 ctsrate |= rt->info[cix].shortPreamble;
874
875 return (ctsrate);
876}
877
878/*
879 * Calculate the RTS/CTS duration for legacy frames.
880 */
881static int
882ath_tx_calc_ctsduration(struct ath_hal *ah, int rix, int cix,
883 int shortPreamble, int pktlen, const HAL_RATE_TABLE *rt,
884 int flags)
885{
886 int ctsduration = 0;
887
888 /* This mustn't be called for HT modes */
889 if (rt->info[cix].phy == IEEE80211_T_HT) {
890 printf("%s: HT rate where it shouldn't be (0x%x)\n",
891 __func__, rt->info[cix].rateCode);
892 return (-1);
893 }
894
895 /*
896 * Compute the transmit duration based on the frame
897 * size and the size of an ACK frame. We call into the
898 * HAL to do the computation since it depends on the
899 * characteristics of the actual PHY being used.
900 *
901 * NB: CTS is assumed the same size as an ACK so we can
902 * use the precalculated ACK durations.
903 */
904 if (shortPreamble) {
905 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */
906 ctsduration += rt->info[cix].spAckDuration;
907 ctsduration += ath_hal_computetxtime(ah,
908 rt, pktlen, rix, AH_TRUE);
909 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */
910 ctsduration += rt->info[rix].spAckDuration;
911 } else {
912 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */
913 ctsduration += rt->info[cix].lpAckDuration;
914 ctsduration += ath_hal_computetxtime(ah,
915 rt, pktlen, rix, AH_FALSE);
916 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */
917 ctsduration += rt->info[rix].lpAckDuration;
918 }
919
920 return (ctsduration);
921}
922
923/*
924 * Update the given ath_buf with updated rts/cts setup and duration
925 * values.
926 *
927 * To support rate lookups for each software retry, the rts/cts rate
928 * and cts duration must be re-calculated.
929 *
930 * This function assumes the RTS/CTS flags have been set as needed;
931 * mrr has been disabled; and the rate control lookup has been done.
932 *
933 * XXX TODO: MRR need only be disabled for the pre-11n NICs.
934 * XXX The 11n NICs support per-rate RTS/CTS configuration.
935 */
936static void
937ath_tx_set_rtscts(struct ath_softc *sc, struct ath_buf *bf)
938{
939 uint16_t ctsduration = 0;
940 uint8_t ctsrate = 0;
941 uint8_t rix = bf->bf_state.bfs_rc[0].rix;
942 uint8_t cix = 0;
943 const HAL_RATE_TABLE *rt = sc->sc_currates;
944
945 /*
946 * No RTS/CTS enabled? Don't bother.
947 */
948 if ((bf->bf_state.bfs_txflags &
949 (HAL_TXDESC_RTSENA | HAL_TXDESC_CTSENA)) == 0) {
950 /* XXX is this really needed? */
951 bf->bf_state.bfs_ctsrate = 0;
952 bf->bf_state.bfs_ctsduration = 0;
953 return;
954 }
955
956 /*
957 * If protection is enabled, use the protection rix control
958 * rate. Otherwise use the rate0 control rate.
959 */
960 if (bf->bf_state.bfs_doprot)
961 rix = sc->sc_protrix;
962 else
963 rix = bf->bf_state.bfs_rc[0].rix;
964
965 /*
966 * If the raw path has hard-coded ctsrate0 to something,
967 * use it.
968 */
969 if (bf->bf_state.bfs_ctsrate0 != 0)
970 cix = ath_tx_findrix(sc, bf->bf_state.bfs_ctsrate0);
971 else
972 /* Control rate from above */
973 cix = rt->info[rix].controlRate;
974
975 /* Calculate the rtscts rate for the given cix */
976 ctsrate = ath_tx_get_rtscts_rate(sc->sc_ah, rt, cix,
977 bf->bf_state.bfs_shpream);
978
979 /* The 11n chipsets do ctsduration calculations for you */
980 if (! ath_tx_is_11n(sc))
981 ctsduration = ath_tx_calc_ctsduration(sc->sc_ah, rix, cix,
982 bf->bf_state.bfs_shpream, bf->bf_state.bfs_pktlen,
983 rt, bf->bf_state.bfs_txflags);
984
985 /* Squirrel away in ath_buf */
986 bf->bf_state.bfs_ctsrate = ctsrate;
987 bf->bf_state.bfs_ctsduration = ctsduration;
988
989 /*
990 * Must disable multi-rate retry when using RTS/CTS.
991 * XXX TODO: only for pre-11n NICs.
992 */
993 bf->bf_state.bfs_ismrr = 0;
994 bf->bf_state.bfs_try0 =
995 bf->bf_state.bfs_rc[0].tries = ATH_TXMGTTRY; /* XXX ew */
996}
997
998/*
999 * Setup the descriptor chain for a normal or fast-frame
1000 * frame.
1001 */
1002static void
1003ath_tx_setds(struct ath_softc *sc, struct ath_buf *bf)
1004{
1005 struct ath_desc *ds = bf->bf_desc;
1006 struct ath_hal *ah = sc->sc_ah;
1007
1008 ath_hal_setuptxdesc(ah, ds
1009 , bf->bf_state.bfs_pktlen /* packet length */
1010 , bf->bf_state.bfs_hdrlen /* header length */
1011 , bf->bf_state.bfs_atype /* Atheros packet type */
1012 , bf->bf_state.bfs_txpower /* txpower */
1013 , bf->bf_state.bfs_txrate0
1014 , bf->bf_state.bfs_try0 /* series 0 rate/tries */
1015 , bf->bf_state.bfs_keyix /* key cache index */
1016 , bf->bf_state.bfs_txantenna /* antenna mode */
1017 , bf->bf_state.bfs_txflags /* flags */
1018 , bf->bf_state.bfs_ctsrate /* rts/cts rate */
1019 , bf->bf_state.bfs_ctsduration /* rts/cts duration */
1020 );
1021
1022 /*
1023 * This will be overriden when the descriptor chain is written.
1024 */
1025 bf->bf_lastds = ds;
1026 bf->bf_last = bf;
1027
1028 /* XXX TODO: Setup descriptor chain */
1029}
1030
1031/*
1032 * Do a rate lookup.
1033 *
1034 * This performs a rate lookup for the given ath_buf only if it's required.
1035 * Non-data frames and raw frames don't require it.
1036 *
1037 * This populates the primary and MRR entries; MRR values are
1038 * then disabled later on if something requires it (eg RTS/CTS on
1039 * pre-11n chipsets.
1040 *
1041 * This needs to be done before the RTS/CTS fields are calculated
1042 * as they may depend upon the rate chosen.
1043 */
1044static void
1045ath_tx_do_ratelookup(struct ath_softc *sc, struct ath_buf *bf)
1046{
1047 uint8_t rate, rix;
1048 int try0;
1049
1050 if (! bf->bf_state.bfs_doratelookup)
1051 return;
1052
1053 /* Get rid of any previous state */
1054 bzero(bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc));
1055
1056 ATH_NODE_LOCK(ATH_NODE(bf->bf_node));
1057 ath_rate_findrate(sc, ATH_NODE(bf->bf_node), bf->bf_state.bfs_shpream,
1058 bf->bf_state.bfs_pktlen, &rix, &try0, &rate);
1059
1060 /* In case MRR is disabled, make sure rc[0] is setup correctly */
1061 bf->bf_state.bfs_rc[0].rix = rix;
1062 bf->bf_state.bfs_rc[0].ratecode = rate;
1063 bf->bf_state.bfs_rc[0].tries = try0;
1064
1065 if (bf->bf_state.bfs_ismrr && try0 != ATH_TXMAXTRY)
1066 ath_rate_getxtxrates(sc, ATH_NODE(bf->bf_node), rix,
1067 bf->bf_state.bfs_rc);
1068 ATH_NODE_UNLOCK(ATH_NODE(bf->bf_node));
1069
1070 sc->sc_txrix = rix; /* for LED blinking */
1071 sc->sc_lastdatarix = rix; /* for fast frames */
1072 bf->bf_state.bfs_try0 = try0;
1073 bf->bf_state.bfs_txrate0 = rate;
1074}
1075
1076/*
1077 * Set the rate control fields in the given descriptor based on
1078 * the bf_state fields and node state.
1079 *
1080 * The bfs fields should already be set with the relevant rate
1081 * control information, including whether MRR is to be enabled.
1082 *
1083 * Since the FreeBSD HAL currently sets up the first TX rate
1084 * in ath_hal_setuptxdesc(), this will setup the MRR
1085 * conditionally for the pre-11n chips, and call ath_buf_set_rate
1086 * unconditionally for 11n chips. These require the 11n rate
1087 * scenario to be set if MCS rates are enabled, so it's easier
1088 * to just always call it. The caller can then only set rates 2, 3
1089 * and 4 if multi-rate retry is needed.
1090 */
1091static void
1092ath_tx_set_ratectrl(struct ath_softc *sc, struct ieee80211_node *ni,
1093 struct ath_buf *bf)
1094{
1095 struct ath_rc_series *rc = bf->bf_state.bfs_rc;
1096
1097 /* If mrr is disabled, blank tries 1, 2, 3 */
1098 if (! bf->bf_state.bfs_ismrr)
1099 rc[1].tries = rc[2].tries = rc[3].tries = 0;
1100
1101 /*
1102 * Always call - that way a retried descriptor will
1103 * have the MRR fields overwritten.
1104 *
1105 * XXX TODO: see if this is really needed - setting up
1106 * the first descriptor should set the MRR fields to 0
1107 * for us anyway.
1108 */
1109 if (ath_tx_is_11n(sc)) {
1110 ath_buf_set_rate(sc, ni, bf);
1111 } else {
1112 ath_hal_setupxtxdesc(sc->sc_ah, bf->bf_desc
1113 , rc[1].ratecode, rc[1].tries
1114 , rc[2].ratecode, rc[2].tries
1115 , rc[3].ratecode, rc[3].tries
1116 );
1117 }
1118}
1119
1120/*
1121 * Transmit the given frame to the hardware.
1122 *
1123 * The frame must already be setup; rate control must already have
1124 * been done.
1125 *
1126 * XXX since the TXQ lock is being held here (and I dislike holding
1127 * it for this long when not doing software aggregation), later on
1128 * break this function into "setup_normal" and "xmit_normal". The
1129 * lock only needs to be held for the ath_tx_handoff call.
1130 */
1131static void
1132ath_tx_xmit_normal(struct ath_softc *sc, struct ath_txq *txq,
1133 struct ath_buf *bf)
1134{
1135
1136 ATH_TXQ_LOCK_ASSERT(txq);
1137
1138 /* Setup the descriptor before handoff */
1139 ath_tx_do_ratelookup(sc, bf);
1140 ath_tx_calc_duration(sc, bf);
1141 ath_tx_calc_protection(sc, bf);
1142 ath_tx_set_rtscts(sc, bf);
1143 ath_tx_rate_fill_rcflags(sc, bf);
1144 ath_tx_setds(sc, bf);
1145 ath_tx_set_ratectrl(sc, bf->bf_node, bf);
1146 ath_tx_chaindesclist(sc, bf);
1147
1148 /* Hand off to hardware */
1149 ath_tx_handoff(sc, txq, bf);
1150}
1151
1152
1153
1154static int
1155ath_tx_normal_setup(struct ath_softc *sc, struct ieee80211_node *ni,
1156 struct ath_buf *bf, struct mbuf *m0, struct ath_txq *txq)
1157{
1158 struct ieee80211vap *vap = ni->ni_vap;
1159 struct ath_hal *ah = sc->sc_ah;
1160 struct ifnet *ifp = sc->sc_ifp;
1161 struct ieee80211com *ic = ifp->if_l2com;
1162 const struct chanAccParams *cap = &ic->ic_wme.wme_chanParams;
1163 int error, iswep, ismcast, isfrag, ismrr;
1164 int keyix, hdrlen, pktlen, try0 = 0;
1165 u_int8_t rix = 0, txrate = 0;
1166 struct ath_desc *ds;
1167 struct ieee80211_frame *wh;
1168 u_int subtype, flags;
1169 HAL_PKT_TYPE atype;
1170 const HAL_RATE_TABLE *rt;
1171 HAL_BOOL shortPreamble;
1172 struct ath_node *an;
1173 u_int pri;
1174
1175 /*
1176 * To ensure that both sequence numbers and the CCMP PN handling
1177 * is "correct", make sure that the relevant TID queue is locked.
1178 * Otherwise the CCMP PN and seqno may appear out of order, causing
1179 * re-ordered frames to have out of order CCMP PN's, resulting
1180 * in many, many frame drops.
1181 */
1182 ATH_TXQ_LOCK_ASSERT(txq);
1183
1184 wh = mtod(m0, struct ieee80211_frame *);
1185 iswep = wh->i_fc[1] & IEEE80211_FC1_WEP;
1186 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1);
1187 isfrag = m0->m_flags & M_FRAG;
1188 hdrlen = ieee80211_anyhdrsize(wh);
1189 /*
1190 * Packet length must not include any
1191 * pad bytes; deduct them here.
1192 */
1193 pktlen = m0->m_pkthdr.len - (hdrlen & 3);
1194
1195 /* Handle encryption twiddling if needed */
1196 if (! ath_tx_tag_crypto(sc, ni, m0, iswep, isfrag, &hdrlen,
1197 &pktlen, &keyix)) {
1198 ath_freetx(m0);
1199 return EIO;
1200 }
1201
1202 /* packet header may have moved, reset our local pointer */
1203 wh = mtod(m0, struct ieee80211_frame *);
1204
1205 pktlen += IEEE80211_CRC_LEN;
1206
1207 /*
1208 * Load the DMA map so any coalescing is done. This
1209 * also calculates the number of descriptors we need.
1210 */
1211 error = ath_tx_dmasetup(sc, bf, m0);
1212 if (error != 0)
1213 return error;
1214 bf->bf_node = ni; /* NB: held reference */
1215 m0 = bf->bf_m; /* NB: may have changed */
1216 wh = mtod(m0, struct ieee80211_frame *);
1217
1218 /* setup descriptors */
1219 ds = bf->bf_desc;
1220 rt = sc->sc_currates;
1221 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode));
1222
1223 /*
1224 * NB: the 802.11 layer marks whether or not we should
1225 * use short preamble based on the current mode and
1226 * negotiated parameters.
1227 */
1228 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) &&
1229 (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE)) {
1230 shortPreamble = AH_TRUE;
1231 sc->sc_stats.ast_tx_shortpre++;
1232 } else {
1233 shortPreamble = AH_FALSE;
1234 }
1235
1236 an = ATH_NODE(ni);
1237 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */
1238 ismrr = 0; /* default no multi-rate retry*/
1239 pri = M_WME_GETAC(m0); /* honor classification */
1240 /* XXX use txparams instead of fixed values */
1241 /*
1242 * Calculate Atheros packet type from IEEE80211 packet header,
1243 * setup for rate calculations, and select h/w transmit queue.
1244 */
1245 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) {
1246 case IEEE80211_FC0_TYPE_MGT:
1247 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
1248 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON)
1249 atype = HAL_PKT_TYPE_BEACON;
1250 else if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)
1251 atype = HAL_PKT_TYPE_PROBE_RESP;
1252 else if (subtype == IEEE80211_FC0_SUBTYPE_ATIM)
1253 atype = HAL_PKT_TYPE_ATIM;
1254 else
1255 atype = HAL_PKT_TYPE_NORMAL; /* XXX */
1256 rix = an->an_mgmtrix;
1257 txrate = rt->info[rix].rateCode;
1258 if (shortPreamble)
1259 txrate |= rt->info[rix].shortPreamble;
1260 try0 = ATH_TXMGTTRY;
1261 flags |= HAL_TXDESC_INTREQ; /* force interrupt */
1262 break;
1263 case IEEE80211_FC0_TYPE_CTL:
1264 atype = HAL_PKT_TYPE_PSPOLL; /* stop setting of duration */
1265 rix = an->an_mgmtrix;
1266 txrate = rt->info[rix].rateCode;
1267 if (shortPreamble)
1268 txrate |= rt->info[rix].shortPreamble;
1269 try0 = ATH_TXMGTTRY;
1270 flags |= HAL_TXDESC_INTREQ; /* force interrupt */
1271 break;
1272 case IEEE80211_FC0_TYPE_DATA:
1273 atype = HAL_PKT_TYPE_NORMAL; /* default */
1274 /*
1275 * Data frames: multicast frames go out at a fixed rate,
1276 * EAPOL frames use the mgmt frame rate; otherwise consult
1277 * the rate control module for the rate to use.
1278 */
1279 if (ismcast) {
1280 rix = an->an_mcastrix;
1281 txrate = rt->info[rix].rateCode;
1282 if (shortPreamble)
1283 txrate |= rt->info[rix].shortPreamble;
1284 try0 = 1;
1285 } else if (m0->m_flags & M_EAPOL) {
1286 /* XXX? maybe always use long preamble? */
1287 rix = an->an_mgmtrix;
1288 txrate = rt->info[rix].rateCode;
1289 if (shortPreamble)
1290 txrate |= rt->info[rix].shortPreamble;
1291 try0 = ATH_TXMAXTRY; /* XXX?too many? */
1292 } else {
1293 /*
1294 * Do rate lookup on each TX, rather than using
1295 * the hard-coded TX information decided here.
1296 */
1297 ismrr = 1;
1298 bf->bf_state.bfs_doratelookup = 1;
1299 }
1300 if (cap->cap_wmeParams[pri].wmep_noackPolicy)
1301 flags |= HAL_TXDESC_NOACK;
1302 break;
1303 default:
1304 if_printf(ifp, "bogus frame type 0x%x (%s)\n",
1305 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, __func__);
1306 /* XXX statistic */
1307 ath_freetx(m0);
1308 return EIO;
1309 }
1310
1311 /*
1312 * There are two known scenarios where the frame AC doesn't match
1313 * what the destination TXQ is.
1314 *
1315 * + non-QoS frames (eg management?) that the net80211 stack has
1316 * assigned a higher AC to, but since it's a non-QoS TID, it's
1317 * being thrown into TID 16. TID 16 gets the AC_BE queue.
1318 * It's quite possible that management frames should just be
1319 * direct dispatched to hardware rather than go via the software
1320 * queue; that should be investigated in the future. There are
1321 * some specific scenarios where this doesn't make sense, mostly
1322 * surrounding ADDBA request/response - hence why that is special
1323 * cased.
1324 *
1325 * + Multicast frames going into the VAP mcast queue. That shows up
1326 * as "TXQ 11".
1327 *
1328 * This driver should eventually support separate TID and TXQ locking,
1329 * allowing for arbitrary AC frames to appear on arbitrary software
1330 * queues, being queued to the "correct" hardware queue when needed.
1331 */
1332#if 0
1333 if (txq != sc->sc_ac2q[pri]) {
1334 device_printf(sc->sc_dev,
1335 "%s: txq=%p (%d), pri=%d, pri txq=%p (%d)\n",
1336 __func__,
1337 txq,
1338 txq->axq_qnum,
1339 pri,
1340 sc->sc_ac2q[pri],
1341 sc->sc_ac2q[pri]->axq_qnum);
1342 }
1343#endif
1344
1345 /*
1346 * Calculate miscellaneous flags.
1347 */
1348 if (ismcast) {
1349 flags |= HAL_TXDESC_NOACK; /* no ack on broad/multicast */
1350 } else if (pktlen > vap->iv_rtsthreshold &&
1351 (ni->ni_ath_flags & IEEE80211_NODE_FF) == 0) {
1352 flags |= HAL_TXDESC_RTSENA; /* RTS based on frame length */
1353 sc->sc_stats.ast_tx_rts++;
1354 }
1355 if (flags & HAL_TXDESC_NOACK) /* NB: avoid double counting */
1356 sc->sc_stats.ast_tx_noack++;
1357#ifdef IEEE80211_SUPPORT_TDMA
1358 if (sc->sc_tdma && (flags & HAL_TXDESC_NOACK) == 0) {
1359 DPRINTF(sc, ATH_DEBUG_TDMA,
1360 "%s: discard frame, ACK required w/ TDMA\n", __func__);
1361 sc->sc_stats.ast_tdma_ack++;
1362 ath_freetx(m0);
1363 return EIO;
1364 }
1365#endif
1366
1367 /*
1368 * Determine if a tx interrupt should be generated for
1369 * this descriptor. We take a tx interrupt to reap
1370 * descriptors when the h/w hits an EOL condition or
1371 * when the descriptor is specifically marked to generate
1372 * an interrupt. We periodically mark descriptors in this
1373 * way to insure timely replenishing of the supply needed
1374 * for sending frames. Defering interrupts reduces system
1375 * load and potentially allows more concurrent work to be
1376 * done but if done to aggressively can cause senders to
1377 * backup.
1378 *
1379 * NB: use >= to deal with sc_txintrperiod changing
1380 * dynamically through sysctl.
1381 */
1382 if (flags & HAL_TXDESC_INTREQ) {
1383 txq->axq_intrcnt = 0;
1384 } else if (++txq->axq_intrcnt >= sc->sc_txintrperiod) {
1385 flags |= HAL_TXDESC_INTREQ;
1386 txq->axq_intrcnt = 0;
1387 }
1388
1389 /* This point forward is actual TX bits */
1390
1391 /*
1392 * At this point we are committed to sending the frame
1393 * and we don't need to look at m_nextpkt; clear it in
1394 * case this frame is part of frag chain.
1395 */
1396 m0->m_nextpkt = NULL;
1397
1398 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT))
1399 ieee80211_dump_pkt(ic, mtod(m0, const uint8_t *), m0->m_len,
1400 sc->sc_hwmap[rix].ieeerate, -1);
1401
1402 if (ieee80211_radiotap_active_vap(vap)) {
1403 u_int64_t tsf = ath_hal_gettsf64(ah);
1404
1405 sc->sc_tx_th.wt_tsf = htole64(tsf);
1406 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags;
1407 if (iswep)
1408 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP;
1409 if (isfrag)
1410 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG;
1411 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate;
1412 sc->sc_tx_th.wt_txpower = ni->ni_txpower;
1413 sc->sc_tx_th.wt_antenna = sc->sc_txantenna;
1414
1415 ieee80211_radiotap_tx(vap, m0);
1416 }
1417
1418 /* Blank the legacy rate array */
1419 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc));
1420
1421 /*
1422 * ath_buf_set_rate needs at least one rate/try to setup
1423 * the rate scenario.
1424 */
1425 bf->bf_state.bfs_rc[0].rix = rix;
1426 bf->bf_state.bfs_rc[0].tries = try0;
1427 bf->bf_state.bfs_rc[0].ratecode = txrate;
1428
1429 /* Store the decided rate index values away */
1430 bf->bf_state.bfs_pktlen = pktlen;
1431 bf->bf_state.bfs_hdrlen = hdrlen;
1432 bf->bf_state.bfs_atype = atype;
1433 bf->bf_state.bfs_txpower = ni->ni_txpower;
1434 bf->bf_state.bfs_txrate0 = txrate;
1435 bf->bf_state.bfs_try0 = try0;
1436 bf->bf_state.bfs_keyix = keyix;
1437 bf->bf_state.bfs_txantenna = sc->sc_txantenna;
1438 bf->bf_state.bfs_txflags = flags;
1439 bf->bf_state.bfs_shpream = shortPreamble;
1440
1441 /* XXX this should be done in ath_tx_setrate() */
1442 bf->bf_state.bfs_ctsrate0 = 0; /* ie, no hard-coded ctsrate */
1443 bf->bf_state.bfs_ctsrate = 0; /* calculated later */
1444 bf->bf_state.bfs_ctsduration = 0;
1445 bf->bf_state.bfs_ismrr = ismrr;
1446
1447 return 0;
1448}
1449
1450/*
1451 * Direct-dispatch the current frame to the hardware.
1452 *
1453 * This can be called by the net80211 code.
1454 *
1455 * XXX what about locking? Or, push the seqno assign into the
1456 * XXX aggregate scheduler so its serialised?
1457 */
1458int
1459ath_tx_start(struct ath_softc *sc, struct ieee80211_node *ni,
1460 struct ath_buf *bf, struct mbuf *m0)
1461{
1462 struct ieee80211vap *vap = ni->ni_vap;
1463 struct ath_vap *avp = ATH_VAP(vap);
1464 int r = 0;
1465 u_int pri;
1466 int tid;
1467 struct ath_txq *txq;
1468 int ismcast;
1469 const struct ieee80211_frame *wh;
1470 int is_ampdu, is_ampdu_tx, is_ampdu_pending;
1471 ieee80211_seq seqno;
1472 uint8_t type, subtype;
1473
1474 /*
1475 * Determine the target hardware queue.
1476 *
1477 * For multicast frames, the txq gets overridden appropriately
1478 * depending upon the state of PS.
1479 *
1480 * For any other frame, we do a TID/QoS lookup inside the frame
1481 * to see what the TID should be. If it's a non-QoS frame, the
1482 * AC and TID are overridden. The TID/TXQ code assumes the
1483 * TID is on a predictable hardware TXQ, so we don't support
1484 * having a node TID queued to multiple hardware TXQs.
1485 * This may change in the future but would require some locking
1486 * fudgery.
1487 */
1488 pri = ath_tx_getac(sc, m0);
1489 tid = ath_tx_gettid(sc, m0);
1490
1491 txq = sc->sc_ac2q[pri];
1492 wh = mtod(m0, struct ieee80211_frame *);
1493 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1);
1494 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
1495 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
1496
1497 /*
1498 * Enforce how deep the multicast queue can grow.
1499 *
1500 * XXX duplicated in ath_raw_xmit().
1501 */
1502 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1503 ATH_TXQ_LOCK(sc->sc_cabq);
1504
1505 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) {
1506 sc->sc_stats.ast_tx_mcastq_overflow++;
1507 r = ENOBUFS;
1508 }
1509
1510 ATH_TXQ_UNLOCK(sc->sc_cabq);
1511
1512 if (r != 0) {
1513 m_freem(m0);
1514 return r;
1515 }
1516 }
1517
1518 /* A-MPDU TX */
1519 is_ampdu_tx = ath_tx_ampdu_running(sc, ATH_NODE(ni), tid);
1520 is_ampdu_pending = ath_tx_ampdu_pending(sc, ATH_NODE(ni), tid);
1521 is_ampdu = is_ampdu_tx | is_ampdu_pending;
1522
1523 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, ac=%d, is_ampdu=%d\n",
1524 __func__, tid, pri, is_ampdu);
1525
1526 /*
1527 * When servicing one or more stations in power-save mode
1528 * (or) if there is some mcast data waiting on the mcast
1529 * queue (to prevent out of order delivery) multicast frames
1530 * must be bufferd until after the beacon.
1531 *
1532 * TODO: we should lock the mcastq before we check the length.
1533 */
1534 if (ismcast && (vap->iv_ps_sta || avp->av_mcastq.axq_depth))
1535 txq = &avp->av_mcastq;
1536
1537 /* Do the generic frame setup */
1538 /* XXX should just bzero the bf_state? */
1539 bf->bf_state.bfs_dobaw = 0;
1540
1541 /*
1542 * Acquire the TXQ lock early, so both the encap and seqno
1543 * are allocated together.
1544 */
1545 ATH_TXQ_LOCK(txq);
1546
1547 /* A-MPDU TX? Manually set sequence number */
1548 /*
1549 * Don't do it whilst pending; the net80211 layer still
1550 * assigns them.
1551 */
1552 if (is_ampdu_tx) {
1553 /*
1554 * Always call; this function will
1555 * handle making sure that null data frames
1556 * don't get a sequence number from the current
1557 * TID and thus mess with the BAW.
1558 */
1559 seqno = ath_tx_tid_seqno_assign(sc, ni, bf, m0);
1560
1561 /*
1562 * Don't add QoS NULL frames to the BAW.
1563 */
1564 if (IEEE80211_QOS_HAS_SEQ(wh) &&
1565 subtype != IEEE80211_FC0_SUBTYPE_QOS_NULL) {
1566 bf->bf_state.bfs_dobaw = 1;
1567 }
1568 }
1569
1570 /*
1571 * If needed, the sequence number has been assigned.
1572 * Squirrel it away somewhere easy to get to.
1573 */
1574 bf->bf_state.bfs_seqno = M_SEQNO_GET(m0) << IEEE80211_SEQ_SEQ_SHIFT;
1575
1576 /* Is ampdu pending? fetch the seqno and print it out */
1577 if (is_ampdu_pending)
1578 DPRINTF(sc, ATH_DEBUG_SW_TX,
1579 "%s: tid %d: ampdu pending, seqno %d\n",
1580 __func__, tid, M_SEQNO_GET(m0));
1581
1582 /* This also sets up the DMA map */
1583 r = ath_tx_normal_setup(sc, ni, bf, m0, txq);
1584
1585 if (r != 0)
1586 goto done;
1587
1588 /* At this point m0 could have changed! */
1589 m0 = bf->bf_m;
1590
1591#if 1
1592 /*
1593 * If it's a multicast frame, do a direct-dispatch to the
1594 * destination hardware queue. Don't bother software
1595 * queuing it.
1596 */
1597 /*
1598 * If it's a BAR frame, do a direct dispatch to the
1599 * destination hardware queue. Don't bother software
1600 * queuing it, as the TID will now be paused.
1601 * Sending a BAR frame can occur from the net80211 txa timer
1602 * (ie, retries) or from the ath txtask (completion call.)
1603 * It queues directly to hardware because the TID is paused
1604 * at this point (and won't be unpaused until the BAR has
1605 * either been TXed successfully or max retries has been
1606 * reached.)
1607 */
1608 if (txq == &avp->av_mcastq) {
1609 DPRINTF(sc, ATH_DEBUG_SW_TX,
1610 "%s: bf=%p: mcastq: TX'ing\n", __func__, bf);
1611 ath_tx_xmit_normal(sc, txq, bf);
1612 } else if (type == IEEE80211_FC0_TYPE_CTL &&
1613 subtype == IEEE80211_FC0_SUBTYPE_BAR) {
1614 DPRINTF(sc, ATH_DEBUG_SW_TX,
1615 "%s: BAR: TX'ing direct\n", __func__);
1616 ath_tx_xmit_normal(sc, txq, bf);
1617 } else {
1618 /* add to software queue */
1619 DPRINTF(sc, ATH_DEBUG_SW_TX,
1620 "%s: bf=%p: swq: TX'ing\n", __func__, bf);
1621 ath_tx_swq(sc, ni, txq, bf);
1622 }
1623#else
1624 /*
1625 * For now, since there's no software queue,
1626 * direct-dispatch to the hardware.
1627 */
1628 ath_tx_xmit_normal(sc, txq, bf);
1629#endif
1630done:
1631 ATH_TXQ_UNLOCK(txq);
1632
1633 return 0;
1634}
1635
1636static int
1637ath_tx_raw_start(struct ath_softc *sc, struct ieee80211_node *ni,
1638 struct ath_buf *bf, struct mbuf *m0,
1639 const struct ieee80211_bpf_params *params)
1640{
1641 struct ifnet *ifp = sc->sc_ifp;
1642 struct ieee80211com *ic = ifp->if_l2com;
1643 struct ath_hal *ah = sc->sc_ah;
1644 struct ieee80211vap *vap = ni->ni_vap;
1645 int error, ismcast, ismrr;
1646 int keyix, hdrlen, pktlen, try0, txantenna;
1647 u_int8_t rix, txrate;
1648 struct ieee80211_frame *wh;
1649 u_int flags;
1650 HAL_PKT_TYPE atype;
1651 const HAL_RATE_TABLE *rt;
1652 struct ath_desc *ds;
1653 u_int pri;
1654 int o_tid = -1;
1655 int do_override;
1656
1657 wh = mtod(m0, struct ieee80211_frame *);
1658 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1);
1659 hdrlen = ieee80211_anyhdrsize(wh);
1660 /*
1661 * Packet length must not include any
1662 * pad bytes; deduct them here.
1663 */
1664 /* XXX honor IEEE80211_BPF_DATAPAD */
1665 pktlen = m0->m_pkthdr.len - (hdrlen & 3) + IEEE80211_CRC_LEN;
1666
1667 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: ismcast=%d\n",
1668 __func__, ismcast);
1669
1670 pri = params->ibp_pri & 3;
1671 /* Override pri if the frame isn't a QoS one */
1672 if (! IEEE80211_QOS_HAS_SEQ(wh))
1673 pri = ath_tx_getac(sc, m0);
1674
1675 /* XXX If it's an ADDBA, override the correct queue */
1676 do_override = ath_tx_action_frame_override_queue(sc, ni, m0, &o_tid);
1677
1678 /* Map ADDBA to the correct priority */
1679 if (do_override) {
1680#if 0
1681 device_printf(sc->sc_dev,
1682 "%s: overriding tid %d pri %d -> %d\n",
1683 __func__, o_tid, pri, TID_TO_WME_AC(o_tid));
1684#endif
1685 pri = TID_TO_WME_AC(o_tid);
1686 }
1687
1688 ATH_TXQ_LOCK(sc->sc_ac2q[pri]);
1689
1690 /* Handle encryption twiddling if needed */
1691 if (! ath_tx_tag_crypto(sc, ni,
1692 m0, params->ibp_flags & IEEE80211_BPF_CRYPTO, 0,
1693 &hdrlen, &pktlen, &keyix)) {
1694 ath_freetx(m0);
1695 return EIO;
1696 }
1697 /* packet header may have moved, reset our local pointer */
1698 wh = mtod(m0, struct ieee80211_frame *);
1699
1700 /* Do the generic frame setup */
1701 /* XXX should just bzero the bf_state? */
1702 bf->bf_state.bfs_dobaw = 0;
1703
1704 error = ath_tx_dmasetup(sc, bf, m0);
1705 if (error != 0)
1706 return error;
1707 m0 = bf->bf_m; /* NB: may have changed */
1708 wh = mtod(m0, struct ieee80211_frame *);
1709 bf->bf_node = ni; /* NB: held reference */
1710
1711 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */
1712 flags |= HAL_TXDESC_INTREQ; /* force interrupt */
1713 if (params->ibp_flags & IEEE80211_BPF_RTS)
1714 flags |= HAL_TXDESC_RTSENA;
1715 else if (params->ibp_flags & IEEE80211_BPF_CTS) {
1716 /* XXX assume 11g/11n protection? */
1717 bf->bf_state.bfs_doprot = 1;
1718 flags |= HAL_TXDESC_CTSENA;
1719 }
1720 /* XXX leave ismcast to injector? */
1721 if ((params->ibp_flags & IEEE80211_BPF_NOACK) || ismcast)
1722 flags |= HAL_TXDESC_NOACK;
1723
1724 rt = sc->sc_currates;
1725 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode));
1726 rix = ath_tx_findrix(sc, params->ibp_rate0);
1727 txrate = rt->info[rix].rateCode;
1728 if (params->ibp_flags & IEEE80211_BPF_SHORTPRE)
1729 txrate |= rt->info[rix].shortPreamble;
1730 sc->sc_txrix = rix;
1731 try0 = params->ibp_try0;
1732 ismrr = (params->ibp_try1 != 0);
1733 txantenna = params->ibp_pri >> 2;
1734 if (txantenna == 0) /* XXX? */
1735 txantenna = sc->sc_txantenna;
1736
1737 /*
1738 * Since ctsrate is fixed, store it away for later
1739 * use when the descriptor fields are being set.
1740 */
1741 if (flags & (HAL_TXDESC_RTSENA|HAL_TXDESC_CTSENA))
1742 bf->bf_state.bfs_ctsrate0 = params->ibp_ctsrate;
1743
1744 /*
1745 * NB: we mark all packets as type PSPOLL so the h/w won't
1746 * set the sequence number, duration, etc.
1747 */
1748 atype = HAL_PKT_TYPE_PSPOLL;
1749
1750 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT))
1751 ieee80211_dump_pkt(ic, mtod(m0, caddr_t), m0->m_len,
1752 sc->sc_hwmap[rix].ieeerate, -1);
1753
1754 if (ieee80211_radiotap_active_vap(vap)) {
1755 u_int64_t tsf = ath_hal_gettsf64(ah);
1756
1757 sc->sc_tx_th.wt_tsf = htole64(tsf);
1758 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags;
1759 if (wh->i_fc[1] & IEEE80211_FC1_WEP)
1760 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP;
1761 if (m0->m_flags & M_FRAG)
1762 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG;
1763 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate;
1764 sc->sc_tx_th.wt_txpower = ni->ni_txpower;
1765 sc->sc_tx_th.wt_antenna = sc->sc_txantenna;
1766
1767 ieee80211_radiotap_tx(vap, m0);
1768 }
1769
1770 /*
1771 * Formulate first tx descriptor with tx controls.
1772 */
1773 ds = bf->bf_desc;
1774 /* XXX check return value? */
1775
1776 /* Store the decided rate index values away */
1777 bf->bf_state.bfs_pktlen = pktlen;
1778 bf->bf_state.bfs_hdrlen = hdrlen;
1779 bf->bf_state.bfs_atype = atype;
1780 bf->bf_state.bfs_txpower = params->ibp_power;
1781 bf->bf_state.bfs_txrate0 = txrate;
1782 bf->bf_state.bfs_try0 = try0;
1783 bf->bf_state.bfs_keyix = keyix;
1784 bf->bf_state.bfs_txantenna = txantenna;
1785 bf->bf_state.bfs_txflags = flags;
1786 bf->bf_state.bfs_shpream =
1787 !! (params->ibp_flags & IEEE80211_BPF_SHORTPRE);
1788
1789 /* XXX this should be done in ath_tx_setrate() */
1790 bf->bf_state.bfs_ctsrate = 0;
1791 bf->bf_state.bfs_ctsduration = 0;
1792 bf->bf_state.bfs_ismrr = ismrr;
1793
1794 /* Blank the legacy rate array */
1795 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc));
1796
1797 bf->bf_state.bfs_rc[0].rix =
1798 ath_tx_findrix(sc, params->ibp_rate0);
1799 bf->bf_state.bfs_rc[0].tries = try0;
1800 bf->bf_state.bfs_rc[0].ratecode = txrate;
1801
1802 if (ismrr) {
1803 int rix;
1804
1805 rix = ath_tx_findrix(sc, params->ibp_rate1);
1806 bf->bf_state.bfs_rc[1].rix = rix;
1807 bf->bf_state.bfs_rc[1].tries = params->ibp_try1;
1808
1809 rix = ath_tx_findrix(sc, params->ibp_rate2);
1810 bf->bf_state.bfs_rc[2].rix = rix;
1811 bf->bf_state.bfs_rc[2].tries = params->ibp_try2;
1812
1813 rix = ath_tx_findrix(sc, params->ibp_rate3);
1814 bf->bf_state.bfs_rc[3].rix = rix;
1815 bf->bf_state.bfs_rc[3].tries = params->ibp_try3;
1816 }
1817 /*
1818 * All the required rate control decisions have been made;
1819 * fill in the rc flags.
1820 */
1821 ath_tx_rate_fill_rcflags(sc, bf);
1822
1823 /* NB: no buffered multicast in power save support */
1824
1825 /*
1826 * If we're overiding the ADDBA destination, dump directly
1827 * into the hardware queue, right after any pending
1828 * frames to that node are.
1829 */
1830 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: dooverride=%d\n",
1831 __func__, do_override);
1832
1833 if (do_override) {
1834 ath_tx_xmit_normal(sc, sc->sc_ac2q[pri], bf);
1835 } else {
1836 /* Queue to software queue */
1837 ath_tx_swq(sc, ni, sc->sc_ac2q[pri], bf);
1838 }
1839 ATH_TXQ_UNLOCK(sc->sc_ac2q[pri]);
1840
1841 return 0;
1842}
1843
1844/*
1845 * Send a raw frame.
1846 *
1847 * This can be called by net80211.
1848 */
1849int
1850ath_raw_xmit(struct ieee80211_node *ni, struct mbuf *m,
1851 const struct ieee80211_bpf_params *params)
1852{
1853 struct ieee80211com *ic = ni->ni_ic;
1854 struct ifnet *ifp = ic->ic_ifp;
1855 struct ath_softc *sc = ifp->if_softc;
1856 struct ath_buf *bf;
1857 struct ieee80211_frame *wh = mtod(m, struct ieee80211_frame *);
1858 int error = 0;
1859
1860 ATH_PCU_LOCK(sc);
1861 if (sc->sc_inreset_cnt > 0) {
1862 device_printf(sc->sc_dev, "%s: sc_inreset_cnt > 0; bailing\n",
1863 __func__);
1864 error = EIO;
1865 ATH_PCU_UNLOCK(sc);
1866 goto bad0;
1867 }
1868 sc->sc_txstart_cnt++;
1869 ATH_PCU_UNLOCK(sc);
1870
1871 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || sc->sc_invalid) {
1872 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: discard frame, %s", __func__,
1873 (ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 ?
1874 "!running" : "invalid");
1875 m_freem(m);
1876 error = ENETDOWN;
1877 goto bad;
1878 }
1879
1880 /*
1881 * Enforce how deep the multicast queue can grow.
1882 *
1883 * XXX duplicated in ath_tx_start().
1884 */
1885 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1886 ATH_TXQ_LOCK(sc->sc_cabq);
1887
1888 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) {
1889 sc->sc_stats.ast_tx_mcastq_overflow++;
1890 error = ENOBUFS;
1891 }
1892
1893 ATH_TXQ_UNLOCK(sc->sc_cabq);
1894
1895 if (error != 0) {
1896 m_freem(m);
1897 goto bad;
1898 }
1899 }
1900
1901 /*
1902 * Grab a TX buffer and associated resources.
1903 */
1904 bf = ath_getbuf(sc, ATH_BUFTYPE_MGMT);
1905 if (bf == NULL) {
1906 sc->sc_stats.ast_tx_nobuf++;
1907 m_freem(m);
1908 error = ENOBUFS;
1909 goto bad;
1910 }
1911
1912 if (params == NULL) {
1913 /*
1914 * Legacy path; interpret frame contents to decide
1915 * precisely how to send the frame.
1916 */
1917 if (ath_tx_start(sc, ni, bf, m)) {
1918 error = EIO; /* XXX */
1919 goto bad2;
1920 }
1921 } else {
1922 /*
1923 * Caller supplied explicit parameters to use in
1924 * sending the frame.
1925 */
1926 if (ath_tx_raw_start(sc, ni, bf, m, params)) {
1927 error = EIO; /* XXX */
1928 goto bad2;
1929 }
1930 }
1931 sc->sc_wd_timer = 5;
1932 ifp->if_opackets++;
1933 sc->sc_stats.ast_tx_raw++;
1934
1935 ATH_PCU_LOCK(sc);
1936 sc->sc_txstart_cnt--;
1937 ATH_PCU_UNLOCK(sc);
1938
1939 return 0;
1940bad2:
1941 ATH_TXBUF_LOCK(sc);
1942 ath_returnbuf_head(sc, bf);
1943 ATH_TXBUF_UNLOCK(sc);
1944bad:
1945 ATH_PCU_LOCK(sc);
1946 sc->sc_txstart_cnt--;
1947 ATH_PCU_UNLOCK(sc);
1948bad0:
1949 ifp->if_oerrors++;
1950 sc->sc_stats.ast_tx_raw_fail++;
1951 ieee80211_free_node(ni);
1952
1953 return error;
1954}
1955
1956/* Some helper functions */
1957
1958/*
1959 * ADDBA (and potentially others) need to be placed in the same
1960 * hardware queue as the TID/node it's relating to. This is so
1961 * it goes out after any pending non-aggregate frames to the
1962 * same node/TID.
1963 *
1964 * If this isn't done, the ADDBA can go out before the frames
1965 * queued in hardware. Even though these frames have a sequence
1966 * number -earlier- than the ADDBA can be transmitted (but
1967 * no frames whose sequence numbers are after the ADDBA should
1968 * be!) they'll arrive after the ADDBA - and the receiving end
1969 * will simply drop them as being out of the BAW.
1970 *
1971 * The frames can't be appended to the TID software queue - it'll
1972 * never be sent out. So these frames have to be directly
1973 * dispatched to the hardware, rather than queued in software.
1974 * So if this function returns true, the TXQ has to be
1975 * overridden and it has to be directly dispatched.
1976 *
1977 * It's a dirty hack, but someone's gotta do it.
1978 */
1979
1980/*
1981 * XXX doesn't belong here!
1982 */
1983static int
1984ieee80211_is_action(struct ieee80211_frame *wh)
1985{
1986 /* Type: Management frame? */
1987 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) !=
1988 IEEE80211_FC0_TYPE_MGT)
1989 return 0;
1990
1991 /* Subtype: Action frame? */
1992 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) !=
1993 IEEE80211_FC0_SUBTYPE_ACTION)
1994 return 0;
1995
1996 return 1;
1997}
1998
1999#define MS(_v, _f) (((_v) & _f) >> _f##_S)
2000/*
2001 * Return an alternate TID for ADDBA request frames.
2002 *
2003 * Yes, this likely should be done in the net80211 layer.
2004 */
2005static int
2006ath_tx_action_frame_override_queue(struct ath_softc *sc,
2007 struct ieee80211_node *ni,
2008 struct mbuf *m0, int *tid)
2009{
2010 struct ieee80211_frame *wh = mtod(m0, struct ieee80211_frame *);
2011 struct ieee80211_action_ba_addbarequest *ia;
2012 uint8_t *frm;
2013 uint16_t baparamset;
2014
2015 /* Not action frame? Bail */
2016 if (! ieee80211_is_action(wh))
2017 return 0;
2018
2019 /* XXX Not needed for frames we send? */
2020#if 0
2021 /* Correct length? */
2022 if (! ieee80211_parse_action(ni, m))
2023 return 0;
2024#endif
2025
2026 /* Extract out action frame */
2027 frm = (u_int8_t *)&wh[1];
2028 ia = (struct ieee80211_action_ba_addbarequest *) frm;
2029
2030 /* Not ADDBA? Bail */
2031 if (ia->rq_header.ia_category != IEEE80211_ACTION_CAT_BA)
2032 return 0;
2033 if (ia->rq_header.ia_action != IEEE80211_ACTION_BA_ADDBA_REQUEST)
2034 return 0;
2035
2036 /* Extract TID, return it */
2037 baparamset = le16toh(ia->rq_baparamset);
2038 *tid = (int) MS(baparamset, IEEE80211_BAPS_TID);
2039
2040 return 1;
2041}
2042#undef MS
2043
2044/* Per-node software queue operations */
2045
2046/*
2047 * Add the current packet to the given BAW.
2048 * It is assumed that the current packet
2049 *
2050 * + fits inside the BAW;
2051 * + already has had a sequence number allocated.
2052 *
2053 * Since the BAW status may be modified by both the ath task and
2054 * the net80211/ifnet contexts, the TID must be locked.
2055 */
2056void
2057ath_tx_addto_baw(struct ath_softc *sc, struct ath_node *an,
2058 struct ath_tid *tid, struct ath_buf *bf)
2059{
2060 int index, cindex;
2061 struct ieee80211_tx_ampdu *tap;
2062
2063 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2064 ATH_TID_LOCK_ASSERT(sc, tid);
2065
2066 if (bf->bf_state.bfs_isretried)
2067 return;
2068
2069 tap = ath_tx_get_tx_tid(an, tid->tid);
2070
2071 if (! bf->bf_state.bfs_dobaw) {
2072 device_printf(sc->sc_dev,
2073 "%s: dobaw=0, seqno=%d, window %d:%d\n",
2074 __func__,
2075 SEQNO(bf->bf_state.bfs_seqno),
2076 tap->txa_start,
2077 tap->txa_wnd);
2078 }
2079
2080 if (bf->bf_state.bfs_addedbaw)
2081 device_printf(sc->sc_dev,
2082 "%s: re-added? tid=%d, seqno %d; window %d:%d; "
2083 "baw head=%d tail=%d\n",
2084 __func__, tid->tid, SEQNO(bf->bf_state.bfs_seqno),
2085 tap->txa_start, tap->txa_wnd, tid->baw_head,
2086 tid->baw_tail);
2087
2088 /*
2089 * Verify that the given sequence number is not outside of the
2090 * BAW. Complain loudly if that's the case.
2091 */
2092 if (! BAW_WITHIN(tap->txa_start, tap->txa_wnd,
2093 SEQNO(bf->bf_state.bfs_seqno))) {
2094 device_printf(sc->sc_dev,
2095 "%s: bf=%p: outside of BAW?? tid=%d, seqno %d; window %d:%d; "
2096 "baw head=%d tail=%d\n",
2097 __func__, bf, tid->tid, SEQNO(bf->bf_state.bfs_seqno),
2098 tap->txa_start, tap->txa_wnd, tid->baw_head,
2099 tid->baw_tail);
2100 }
2101
2102 /*
2103 * ni->ni_txseqs[] is the currently allocated seqno.
2104 * the txa state contains the current baw start.
2105 */
2106 index = ATH_BA_INDEX(tap->txa_start, SEQNO(bf->bf_state.bfs_seqno));
2107 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1);
2108 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW,
2109 "%s: tid=%d, seqno %d; window %d:%d; index=%d cindex=%d "
2110 "baw head=%d tail=%d\n",
2111 __func__, tid->tid, SEQNO(bf->bf_state.bfs_seqno),
2112 tap->txa_start, tap->txa_wnd, index, cindex, tid->baw_head,
2113 tid->baw_tail);
2114
2115
2116#if 0
2117 assert(tid->tx_buf[cindex] == NULL);
2118#endif
2119 if (tid->tx_buf[cindex] != NULL) {
2120 device_printf(sc->sc_dev,
2121 "%s: ba packet dup (index=%d, cindex=%d, "
2122 "head=%d, tail=%d)\n",
2123 __func__, index, cindex, tid->baw_head, tid->baw_tail);
2124 device_printf(sc->sc_dev,
2125 "%s: BA bf: %p; seqno=%d ; new bf: %p; seqno=%d\n",
2126 __func__,
2127 tid->tx_buf[cindex],
2128 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno),
2129 bf,
2130 SEQNO(bf->bf_state.bfs_seqno)
2131 );
2132 }
2133 tid->tx_buf[cindex] = bf;
2134
2135 if (index >= ((tid->baw_tail - tid->baw_head) &
2136 (ATH_TID_MAX_BUFS - 1))) {
2137 tid->baw_tail = cindex;
2138 INCR(tid->baw_tail, ATH_TID_MAX_BUFS);
2139 }
2140}
2141
2142/*
2143 * Flip the BAW buffer entry over from the existing one to the new one.
2144 *
2145 * When software retransmitting a (sub-)frame, it is entirely possible that
2146 * the frame ath_buf is marked as BUSY and can't be immediately reused.
2147 * In that instance the buffer is cloned and the new buffer is used for
2148 * retransmit. We thus need to update the ath_buf slot in the BAW buf
2149 * tracking array to maintain consistency.
2150 */
2151static void
2152ath_tx_switch_baw_buf(struct ath_softc *sc, struct ath_node *an,
2153 struct ath_tid *tid, struct ath_buf *old_bf, struct ath_buf *new_bf)
2154{
2155 int index, cindex;
2156 struct ieee80211_tx_ampdu *tap;
2157 int seqno = SEQNO(old_bf->bf_state.bfs_seqno);
2158
2159 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2160 ATH_TID_LOCK_ASSERT(sc, tid);
2161
2162 tap = ath_tx_get_tx_tid(an, tid->tid);
2163 index = ATH_BA_INDEX(tap->txa_start, seqno);
2164 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1);
2165
2166 /*
2167 * Just warn for now; if it happens then we should find out
2168 * about it. It's highly likely the aggregation session will
2169 * soon hang.
2170 */
2171 if (old_bf->bf_state.bfs_seqno != new_bf->bf_state.bfs_seqno) {
2172 device_printf(sc->sc_dev, "%s: retransmitted buffer"
2173 " has mismatching seqno's, BA session may hang.\n",
2174 __func__);
2175 device_printf(sc->sc_dev, "%s: old seqno=%d, new_seqno=%d\n",
2176 __func__,
2177 old_bf->bf_state.bfs_seqno,
2178 new_bf->bf_state.bfs_seqno);
2179 }
2180
2181 if (tid->tx_buf[cindex] != old_bf) {
2182 device_printf(sc->sc_dev, "%s: ath_buf pointer incorrect; "
2183 " has m BA session may hang.\n",
2184 __func__);
2185 device_printf(sc->sc_dev, "%s: old bf=%p, new bf=%p\n",
2186 __func__,
2187 old_bf, new_bf);
2188 }
2189
2190 tid->tx_buf[cindex] = new_bf;
2191}
2192
2193/*
2194 * seq_start - left edge of BAW
2195 * seq_next - current/next sequence number to allocate
2196 *
2197 * Since the BAW status may be modified by both the ath task and
2198 * the net80211/ifnet contexts, the TID must be locked.
2199 */
2200static void
2201ath_tx_update_baw(struct ath_softc *sc, struct ath_node *an,
2202 struct ath_tid *tid, const struct ath_buf *bf)
2203{
2204 int index, cindex;
2205 struct ieee80211_tx_ampdu *tap;
2206 int seqno = SEQNO(bf->bf_state.bfs_seqno);
2207
2208 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2209 ATH_TID_LOCK_ASSERT(sc, tid);
2210
2211 tap = ath_tx_get_tx_tid(an, tid->tid);
2212 index = ATH_BA_INDEX(tap->txa_start, seqno);
2213 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1);
2214
2215 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW,
2216 "%s: tid=%d, baw=%d:%d, seqno=%d, index=%d, cindex=%d, "
2217 "baw head=%d, tail=%d\n",
2218 __func__, tid->tid, tap->txa_start, tap->txa_wnd, seqno, index,
2219 cindex, tid->baw_head, tid->baw_tail);
2220
2221 /*
2222 * If this occurs then we have a big problem - something else
2223 * has slid tap->txa_start along without updating the BAW
2224 * tracking start/end pointers. Thus the TX BAW state is now
2225 * completely busted.
2226 *
2227 * But for now, since I haven't yet fixed TDMA and buffer cloning,
2228 * it's quite possible that a cloned buffer is making its way
2229 * here and causing it to fire off. Disable TDMA for now.
2230 */
2231 if (tid->tx_buf[cindex] != bf) {
2232 device_printf(sc->sc_dev,
2233 "%s: comp bf=%p, seq=%d; slot bf=%p, seqno=%d\n",
2234 __func__,
2235 bf, SEQNO(bf->bf_state.bfs_seqno),
2236 tid->tx_buf[cindex],
2237 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno));
2238 }
2239
2240 tid->tx_buf[cindex] = NULL;
2241
2242 while (tid->baw_head != tid->baw_tail &&
2243 !tid->tx_buf[tid->baw_head]) {
2244 INCR(tap->txa_start, IEEE80211_SEQ_RANGE);
2245 INCR(tid->baw_head, ATH_TID_MAX_BUFS);
2246 }
2247 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW,
2248 "%s: baw is now %d:%d, baw head=%d\n",
2249 __func__, tap->txa_start, tap->txa_wnd, tid->baw_head);
2250}
2251
2252/*
2253 * Mark the current node/TID as ready to TX.
2254 *
2255 * This is done to make it easy for the software scheduler to
2256 * find which nodes have data to send.
2257 *
2258 * The TXQ lock must be held.
2259 */
2260static void
2261ath_tx_tid_sched(struct ath_softc *sc, struct ath_tid *tid)
2262{
2263 struct ath_txq *txq = sc->sc_ac2q[tid->ac];
2264
2265 ATH_TXQ_LOCK_ASSERT(txq);
2266
2267 if (tid->paused)
2268 return; /* paused, can't schedule yet */
2269
2270 if (tid->sched)
2271 return; /* already scheduled */
2272
2273 tid->sched = 1;
2274
2275 TAILQ_INSERT_TAIL(&txq->axq_tidq, tid, axq_qelem);
2276}
2277
2278/*
2279 * Mark the current node as no longer needing to be polled for
2280 * TX packets.
2281 *
2282 * The TXQ lock must be held.
2283 */
2284static void
2285ath_tx_tid_unsched(struct ath_softc *sc, struct ath_tid *tid)
2286{
2287 struct ath_txq *txq = sc->sc_ac2q[tid->ac];
2288
2289 ATH_TXQ_LOCK_ASSERT(txq);
2290
2291 if (tid->sched == 0)
2292 return;
2293
2294 tid->sched = 0;
2295 TAILQ_REMOVE(&txq->axq_tidq, tid, axq_qelem);
2296}
2297
2298/*
2299 * Assign a sequence number manually to the given frame.
2300 *
2301 * This should only be called for A-MPDU TX frames.
2302 */
2303static ieee80211_seq
2304ath_tx_tid_seqno_assign(struct ath_softc *sc, struct ieee80211_node *ni,
2305 struct ath_buf *bf, struct mbuf *m0)
2306{
2307 struct ieee80211_frame *wh;
2308 int tid, pri;
2309 ieee80211_seq seqno;
2310 uint8_t subtype;
2311
2312 /* TID lookup */
2313 wh = mtod(m0, struct ieee80211_frame *);
2314 pri = M_WME_GETAC(m0); /* honor classification */
2315 tid = WME_AC_TO_TID(pri);
2316 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: pri=%d, tid=%d, qos has seq=%d\n",
2317 __func__, pri, tid, IEEE80211_QOS_HAS_SEQ(wh));
2318
2319 /* XXX Is it a control frame? Ignore */
2320
2321 /* Does the packet require a sequence number? */
2322 if (! IEEE80211_QOS_HAS_SEQ(wh))
2323 return -1;
2324
2325 ATH_TID_LOCK_ASSERT(sc, &(ATH_NODE(ni)->an_tid[tid]));
2326
2327 /*
2328 * Is it a QOS NULL Data frame? Give it a sequence number from
2329 * the default TID (IEEE80211_NONQOS_TID.)
2330 *
2331 * The RX path of everything I've looked at doesn't include the NULL
2332 * data frame sequence number in the aggregation state updates, so
2333 * assigning it a sequence number there will cause a BAW hole on the
2334 * RX side.
2335 */
2336 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
2337 if (subtype == IEEE80211_FC0_SUBTYPE_QOS_NULL) {
2338 /* XXX no locking for this TID? This is a bit of a problem. */
2339 seqno = ni->ni_txseqs[IEEE80211_NONQOS_TID];
2340 INCR(ni->ni_txseqs[IEEE80211_NONQOS_TID], IEEE80211_SEQ_RANGE);
2341 } else {
2342 /* Manually assign sequence number */
2343 seqno = ni->ni_txseqs[tid];
2344 INCR(ni->ni_txseqs[tid], IEEE80211_SEQ_RANGE);
2345 }
2346 *(uint16_t *)&wh->i_seq[0] = htole16(seqno << IEEE80211_SEQ_SEQ_SHIFT);
2347 M_SEQNO_SET(m0, seqno);
2348
2349 /* Return so caller can do something with it if needed */
2350 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: -> seqno=%d\n", __func__, seqno);
2351 return seqno;
2352}
2353
2354/*
2355 * Attempt to direct dispatch an aggregate frame to hardware.
2356 * If the frame is out of BAW, queue.
2357 * Otherwise, schedule it as a single frame.
2358 */
2359static void
2360ath_tx_xmit_aggr(struct ath_softc *sc, struct ath_node *an, struct ath_buf *bf)
2361{
2362 struct ath_tid *tid = &an->an_tid[bf->bf_state.bfs_tid];
2363 struct ath_txq *txq = bf->bf_state.bfs_txq;
2364 struct ieee80211_tx_ampdu *tap;
2365
2366 ATH_TXQ_LOCK_ASSERT(txq);
2367 ATH_TID_LOCK_ASSERT(sc, tid);
2368
2369 tap = ath_tx_get_tx_tid(an, tid->tid);
2370
2371 /* paused? queue */
2372 if (tid->paused) {
2373 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list);
2374 /* XXX don't sched - we're paused! */
2375 return;
2376 }
2377
2378 /* outside baw? queue */
2379 if (bf->bf_state.bfs_dobaw &&
2380 (! BAW_WITHIN(tap->txa_start, tap->txa_wnd,
2381 SEQNO(bf->bf_state.bfs_seqno)))) {
2382 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list);
2383 ath_tx_tid_sched(sc, tid);
2384 return;
2385 }
2386
2387 /* Direct dispatch to hardware */
2388 ath_tx_do_ratelookup(sc, bf);
2389 ath_tx_calc_duration(sc, bf);
2390 ath_tx_calc_protection(sc, bf);
2391 ath_tx_set_rtscts(sc, bf);
2392 ath_tx_rate_fill_rcflags(sc, bf);
2393 ath_tx_setds(sc, bf);
2394 ath_tx_set_ratectrl(sc, bf->bf_node, bf);
2395 ath_tx_chaindesclist(sc, bf);
2396
2397 /* Statistics */
2398 sc->sc_aggr_stats.aggr_low_hwq_single_pkt++;
2399
2400 /* Track per-TID hardware queue depth correctly */
2401 tid->hwq_depth++;
2402
2403 /* Add to BAW */
2404 if (bf->bf_state.bfs_dobaw) {
2405 ath_tx_addto_baw(sc, an, tid, bf);
2406 bf->bf_state.bfs_addedbaw = 1;
2407 }
2408
2409 /* Set completion handler, multi-frame aggregate or not */
2410 bf->bf_comp = ath_tx_aggr_comp;
2411
2412 /* Hand off to hardware */
2413 ath_tx_handoff(sc, txq, bf);
2414}
2415
2416/*
2417 * Attempt to send the packet.
2418 * If the queue isn't busy, direct-dispatch.
2419 * If the queue is busy enough, queue the given packet on the
2420 * relevant software queue.
2421 */
2422void
2423ath_tx_swq(struct ath_softc *sc, struct ieee80211_node *ni, struct ath_txq *txq,
2424 struct ath_buf *bf)
2425{
2426 struct ath_node *an = ATH_NODE(ni);
2427 struct ieee80211_frame *wh;
2428 struct ath_tid *atid;
2429 int pri, tid;
2430 struct mbuf *m0 = bf->bf_m;
2431
2432 ATH_TXQ_LOCK_ASSERT(txq);
2433
2434 /* Fetch the TID - non-QoS frames get assigned to TID 16 */
2435 wh = mtod(m0, struct ieee80211_frame *);
2436 pri = ath_tx_getac(sc, m0);
2437 tid = ath_tx_gettid(sc, m0);
2438 atid = &an->an_tid[tid];
2439
2440 ATH_TID_LOCK_ASSERT(sc, atid);
2441
2442 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p, pri=%d, tid=%d, qos=%d\n",
2443 __func__, bf, pri, tid, IEEE80211_QOS_HAS_SEQ(wh));
2444
2445 /* Set local packet state, used to queue packets to hardware */
2446 bf->bf_state.bfs_tid = tid;
2447 bf->bf_state.bfs_txq = txq;
2448 bf->bf_state.bfs_pri = pri;
2449
2450 /*
2451 * If the hardware queue isn't busy, queue it directly.
2452 * If the hardware queue is busy, queue it.
2453 * If the TID is paused or the traffic it outside BAW, software
2454 * queue it.
2455 */
2456 if (atid->paused) {
2457 /* TID is paused, queue */
2458 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: paused\n", __func__);
2459 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list);
2460 } else if (ath_tx_ampdu_pending(sc, an, tid)) {
2461 /* AMPDU pending; queue */
2462 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: pending\n", __func__);
2463 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list);
2464 /* XXX sched? */
2465 } else if (ath_tx_ampdu_running(sc, an, tid)) {
2466 /* AMPDU running, attempt direct dispatch if possible */
2467
2468 /*
2469 * Always queue the frame to the tail of the list.
2470 */
2471 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list);
2472
2473 /*
2474 * If the hardware queue isn't busy, direct dispatch
2475 * the head frame in the list. Don't schedule the
2476 * TID - let it build some more frames first?
2477 *
2478 * Otherwise, schedule the TID.
2479 */
2480 if (txq->axq_depth < sc->sc_hwq_limit) {
2481 bf = TAILQ_FIRST(&atid->axq_q);
2482 ATH_TXQ_REMOVE(atid, bf, bf_list);
2483 ath_tx_xmit_aggr(sc, an, bf);
2484 DPRINTF(sc, ATH_DEBUG_SW_TX,
2485 "%s: xmit_aggr\n",
2486 __func__);
2487 } else {
2488 DPRINTF(sc, ATH_DEBUG_SW_TX,
2489 "%s: ampdu; swq'ing\n",
2490 __func__);
2491 ath_tx_tid_sched(sc, atid);
2492 }
2493 } else if (txq->axq_depth < sc->sc_hwq_limit) {
2494 /* AMPDU not running, attempt direct dispatch */
2495 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: xmit_normal\n", __func__);
2496 ath_tx_xmit_normal(sc, txq, bf);
2497 } else {
2498 /* Busy; queue */
2499 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: swq'ing\n", __func__);
2500 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list);
2501 ath_tx_tid_sched(sc, atid);
2502 }
2503}
2504
2505/*
2506 * Do the basic frame setup stuff that's required before the frame
2507 * is added to a software queue.
2508 *
2509 * All frames get mostly the same treatment and it's done once.
2510 * Retransmits fiddle with things like the rate control setup,
2511 * setting the retransmit bit in the packet; doing relevant DMA/bus
2512 * syncing and relinking it (back) into the hardware TX queue.
2513 *
2514 * Note that this may cause the mbuf to be reallocated, so
2515 * m0 may not be valid.
2516 */
2517
2518
2519/*
2520 * Configure the per-TID node state.
2521 *
2522 * This likely belongs in if_ath_node.c but I can't think of anywhere
2523 * else to put it just yet.
2524 *
2525 * This sets up the SLISTs and the mutex as appropriate.
2526 */
2527void
2528ath_tx_tid_init(struct ath_softc *sc, struct ath_node *an)
2529{
2530 int i, j;
2531 struct ath_tid *atid;
2532
2533 for (i = 0; i < IEEE80211_TID_SIZE; i++) {
2534 atid = &an->an_tid[i];
2535 TAILQ_INIT(&atid->axq_q);
2536 atid->tid = i;
2537 atid->an = an;
2538 for (j = 0; j < ATH_TID_MAX_BUFS; j++)
2539 atid->tx_buf[j] = NULL;
2540 atid->baw_head = atid->baw_tail = 0;
2541 atid->paused = 0;
2542 atid->sched = 0;
2543 atid->hwq_depth = 0;
2544 atid->cleanup_inprogress = 0;
2545 if (i == IEEE80211_NONQOS_TID)
2546 atid->ac = WME_AC_BE;
2547 else
2548 atid->ac = TID_TO_WME_AC(i);
2549 }
2550}
2551
2552/*
2553 * Pause the current TID. This stops packets from being transmitted
2554 * on it.
2555 *
2556 * Since this is also called from upper layers as well as the driver,
2557 * it will get the TID lock.
2558 */
2559static void
2560ath_tx_tid_pause(struct ath_softc *sc, struct ath_tid *tid)
2561{
2562
2563 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2564 tid->paused++;
2565 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: paused = %d\n",
2566 __func__, tid->paused);
2567}
2568
2569/*
2570 * Unpause the current TID, and schedule it if needed.
2571 */
2572static void
2573ath_tx_tid_resume(struct ath_softc *sc, struct ath_tid *tid)
2574{
2575 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2576
2577 tid->paused--;
2578
2579 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: unpaused = %d\n",
2580 __func__, tid->paused);
2581
2582 if (tid->paused || tid->axq_depth == 0) {
2583 return;
2584 }
2585
2586 ath_tx_tid_sched(sc, tid);
2587 /* Punt some frames to the hardware if needed */
2588 //ath_txq_sched(sc, sc->sc_ac2q[tid->ac]);
2589 taskqueue_enqueue(sc->sc_tq, &sc->sc_txqtask);
2590}
2591
2592/*
2593 * Suspend the queue because we need to TX a BAR.
2594 */
2595static void
2596ath_tx_tid_bar_suspend(struct ath_softc *sc, struct ath_tid *tid)
2597{
2598 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2599
2600 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
2601 "%s: tid=%p, bar_wait=%d, bar_tx=%d, called\n",
2602 __func__,
2603 tid,
2604 tid->bar_wait,
2605 tid->bar_tx);
2606
2607 /* We shouldn't be called when bar_tx is 1 */
2608 if (tid->bar_tx) {
2609 device_printf(sc->sc_dev, "%s: bar_tx is 1?!\n",
2610 __func__);
2611 }
2612
2613 /* If we've already been called, just be patient. */
2614 if (tid->bar_wait)
2615 return;
2616
2617 /* Wait! */
2618 tid->bar_wait = 1;
2619
2620 /* Only one pause, no matter how many frames fail */
2621 ath_tx_tid_pause(sc, tid);
2622}
2623
2624/*
2625 * We've finished with BAR handling - either we succeeded or
2626 * failed. Either way, unsuspend TX.
2627 */
2628static void
2629ath_tx_tid_bar_unsuspend(struct ath_softc *sc, struct ath_tid *tid)
2630{
2631 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2632
2633 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
2634 "%s: tid=%p, called\n",
2635 __func__,
2636 tid);
2637
2638 if (tid->bar_tx == 0 || tid->bar_wait == 0) {
2639 device_printf(sc->sc_dev, "%s: bar_tx=%d, bar_wait=%d: ?\n",
2640 __func__, tid->bar_tx, tid->bar_wait);
2641 }
2642
2643 tid->bar_tx = tid->bar_wait = 0;
2644 ath_tx_tid_resume(sc, tid);
2645}
2646
2647/*
2648 * Return whether we're ready to TX a BAR frame.
2649 *
2650 * Requires the TID lock be held.
2651 */
2652static int
2653ath_tx_tid_bar_tx_ready(struct ath_softc *sc, struct ath_tid *tid)
2654{
2655
2656 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2657
2658 if (tid->bar_wait == 0 || tid->hwq_depth > 0)
2659 return (0);
2660
2661 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, "%s: tid=%p (%d), bar ready\n",
2662 __func__, tid, tid->tid);
2663
2664 return (1);
2665}
2666
2667/*
2668 * Check whether the current TID is ready to have a BAR
2669 * TXed and if so, do the TX.
2670 *
2671 * Since the TID/TXQ lock can't be held during a call to
2672 * ieee80211_send_bar(), we have to do the dirty thing of unlocking it,
2673 * sending the BAR and locking it again.
2674 *
2675 * Eventually, the code to send the BAR should be broken out
2676 * from this routine so the lock doesn't have to be reacquired
2677 * just to be immediately dropped by the caller.
2678 */
2679static void
2680ath_tx_tid_bar_tx(struct ath_softc *sc, struct ath_tid *tid)
2681{
2682 struct ieee80211_tx_ampdu *tap;
2683
2684 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2685
2686 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
2687 "%s: tid=%p, called\n",
2688 __func__,
2689 tid);
2690
2691 tap = ath_tx_get_tx_tid(tid->an, tid->tid);
2692
2693 /*
2694 * This is an error condition!
2695 */
2696 if (tid->bar_wait == 0 || tid->bar_tx == 1) {
2697 device_printf(sc->sc_dev,
2698 "%s: tid=%p, bar_tx=%d, bar_wait=%d: ?\n",
2699 __func__,
2700 tid,
2701 tid->bar_tx,
2702 tid->bar_wait);
2703 return;
2704 }
2705
2706 /* Don't do anything if we still have pending frames */
2707 if (tid->hwq_depth > 0) {
2708 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
2709 "%s: tid=%p, hwq_depth=%d, waiting\n",
2710 __func__,
2711 tid,
2712 tid->hwq_depth);
2713 return;
2714 }
2715
2716 /* We're now about to TX */
2717 tid->bar_tx = 1;
2718
2719 /*
2720 * Calculate new BAW left edge, now that all frames have either
2721 * succeeded or failed.
2722 *
2723 * XXX verify this is _actually_ the valid value to begin at!
2724 */
2725 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
2726 "%s: tid=%p, new BAW left edge=%d\n",
2727 __func__,
2728 tid,
2729 tap->txa_start);
2730
2731 /* Try sending the BAR frame */
2732 /* We can't hold the lock here! */
2733
2734 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]);
2735 if (ieee80211_send_bar(&tid->an->an_node, tap, tap->txa_start) == 0) {
2736 /* Success? Now we wait for notification that it's done */
2737 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]);
2738 return;
2739 }
2740
2741 /* Failure? For now, warn loudly and continue */
2742 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]);
2743 device_printf(sc->sc_dev, "%s: tid=%p, failed to TX BAR, continue!\n",
2744 __func__, tid);
2745 ath_tx_tid_bar_unsuspend(sc, tid);
2746}
2747
2748
2749/*
2750 * Free any packets currently pending in the software TX queue.
2751 *
2752 * This will be called when a node is being deleted.
2753 *
2754 * It can also be called on an active node during an interface
2755 * reset or state transition.
2756 *
2757 * (From Linux/reference):
2758 *
2759 * TODO: For frame(s) that are in the retry state, we will reuse the
2760 * sequence number(s) without setting the retry bit. The
2761 * alternative is to give up on these and BAR the receiver's window
2762 * forward.
2763 */
2764static void
2765ath_tx_tid_drain(struct ath_softc *sc, struct ath_node *an,
2766 struct ath_tid *tid, ath_bufhead *bf_cq)
2767{
2768 struct ath_buf *bf;
2769 struct ieee80211_tx_ampdu *tap;
2770 struct ieee80211_node *ni = &an->an_node;
2771 int t = 0;
2772 struct ath_txq *txq = sc->sc_ac2q[tid->ac];
2773
2774 tap = ath_tx_get_tx_tid(an, tid->tid);
2775
2776 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2777
2778 /* Walk the queue, free frames */
2779 for (;;) {
2780 bf = TAILQ_FIRST(&tid->axq_q);
2781 if (bf == NULL) {
2782 break;
2783 }
2784
2785 if (t == 0) {
2786 device_printf(sc->sc_dev,
2787 "%s: node %p: bf=%p: addbaw=%d, dobaw=%d, "
2788 "seqno=%d, retry=%d\n",
2789 __func__, ni, bf,
2790 bf->bf_state.bfs_addedbaw,
2791 bf->bf_state.bfs_dobaw,
2792 SEQNO(bf->bf_state.bfs_seqno),
2793 bf->bf_state.bfs_retries);
2794 device_printf(sc->sc_dev,
2795 "%s: node %p: bf=%p: tid txq_depth=%d hwq_depth=%d, bar_wait=%d\n",
2796 __func__, ni, bf,
2797 tid->axq_depth,
2798 tid->hwq_depth,
2799 tid->bar_wait);
2800 device_printf(sc->sc_dev,
2801 "%s: node %p: tid %d: txq_depth=%d, "
2802 "txq_aggr_depth=%d, sched=%d, paused=%d, "
2803 "hwq_depth=%d, incomp=%d, baw_head=%d, "
2804 "baw_tail=%d txa_start=%d, ni_txseqs=%d\n",
2805 __func__, ni, tid->tid, txq->axq_depth,
2806 txq->axq_aggr_depth, tid->sched, tid->paused,
2807 tid->hwq_depth, tid->incomp, tid->baw_head,
2808 tid->baw_tail, tap == NULL ? -1 : tap->txa_start,
2809 ni->ni_txseqs[tid->tid]);
2810
2811 /* XXX Dump the frame, see what it is? */
2812 ieee80211_dump_pkt(ni->ni_ic,
2813 mtod(bf->bf_m, const uint8_t *),
2814 bf->bf_m->m_len, 0, -1);
2815
2816 t = 1;
2817 }
2818
2819
2820 /*
2821 * If the current TID is running AMPDU, update
2822 * the BAW.
2823 */
2824 if (ath_tx_ampdu_running(sc, an, tid->tid) &&
2825 bf->bf_state.bfs_dobaw) {
2826 /*
2827 * Only remove the frame from the BAW if it's
2828 * been transmitted at least once; this means
2829 * the frame was in the BAW to begin with.
2830 */
2831 if (bf->bf_state.bfs_retries > 0) {
2832 ath_tx_update_baw(sc, an, tid, bf);
2833 bf->bf_state.bfs_dobaw = 0;
2834 }
2835 /*
2836 * This has become a non-fatal error now
2837 */
2838 if (! bf->bf_state.bfs_addedbaw)
2839 device_printf(sc->sc_dev,
2840 "%s: wasn't added: seqno %d\n",
2841 __func__, SEQNO(bf->bf_state.bfs_seqno));
2842 }
2843 ATH_TXQ_REMOVE(tid, bf, bf_list);
2844 TAILQ_INSERT_TAIL(bf_cq, bf, bf_list);
2845 }
2846
2847 /*
2848 * Now that it's completed, grab the TID lock and update
2849 * the sequence number and BAW window.
2850 * Because sequence numbers have been assigned to frames
2851 * that haven't been sent yet, it's entirely possible
2852 * we'll be called with some pending frames that have not
2853 * been transmitted.
2854 *
2855 * The cleaner solution is to do the sequence number allocation
2856 * when the packet is first transmitted - and thus the "retries"
2857 * check above would be enough to update the BAW/seqno.
2858 */
2859
2860 /* But don't do it for non-QoS TIDs */
2861 if (tap) {
2862#if 0
2863 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
2864 "%s: node %p: TID %d: sliding BAW left edge to %d\n",
2865 __func__, an, tid->tid, tap->txa_start);
2866#endif
2867 ni->ni_txseqs[tid->tid] = tap->txa_start;
2868 tid->baw_tail = tid->baw_head;
2869 }
2870}
2871
2872/*
2873 * Flush all software queued packets for the given node.
2874 *
2875 * This occurs when a completion handler frees the last buffer
2876 * for a node, and the node is thus freed. This causes the node
2877 * to be cleaned up, which ends up calling ath_tx_node_flush.
2878 */
2879void
2880ath_tx_node_flush(struct ath_softc *sc, struct ath_node *an)
2881{
2882 int tid;
2883 ath_bufhead bf_cq;
2884 struct ath_buf *bf;
2885
2886 TAILQ_INIT(&bf_cq);
2887
2888 for (tid = 0; tid < IEEE80211_TID_SIZE; tid++) {
2889 struct ath_tid *atid = &an->an_tid[tid];
2890 struct ath_txq *txq = sc->sc_ac2q[atid->ac];
2891
2892 /* Remove this tid from the list of active tids */
2893 ATH_TXQ_LOCK(txq);
2894 ath_tx_tid_unsched(sc, atid);
2895
2896 /* Free packets */
2897 ath_tx_tid_drain(sc, an, atid, &bf_cq);
2898 ATH_TXQ_UNLOCK(txq);
2899 }
2900
2901 /* Handle completed frames */
2902 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) {
2903 TAILQ_REMOVE(&bf_cq, bf, bf_list);
2904 ath_tx_default_comp(sc, bf, 0);
2905 }
2906}
2907
2908/*
2909 * Drain all the software TXQs currently with traffic queued.
2910 */
2911void
2912ath_tx_txq_drain(struct ath_softc *sc, struct ath_txq *txq)
2913{
2914 struct ath_tid *tid;
2915 ath_bufhead bf_cq;
2916 struct ath_buf *bf;
2917
2918 TAILQ_INIT(&bf_cq);
2919 ATH_TXQ_LOCK(txq);
2920
2921 /*
2922 * Iterate over all active tids for the given txq,
2923 * flushing and unsched'ing them
2924 */
2925 while (! TAILQ_EMPTY(&txq->axq_tidq)) {
2926 tid = TAILQ_FIRST(&txq->axq_tidq);
2927 ath_tx_tid_drain(sc, tid->an, tid, &bf_cq);
2928 ath_tx_tid_unsched(sc, tid);
2929 }
2930
2931 ATH_TXQ_UNLOCK(txq);
2932
2933 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) {
2934 TAILQ_REMOVE(&bf_cq, bf, bf_list);
2935 ath_tx_default_comp(sc, bf, 0);
2936 }
2937}
2938
2939/*
2940 * Handle completion of non-aggregate session frames.
2941 */
2942void
2943ath_tx_normal_comp(struct ath_softc *sc, struct ath_buf *bf, int fail)
2944{
2945 struct ieee80211_node *ni = bf->bf_node;
2946 struct ath_node *an = ATH_NODE(ni);
2947 int tid = bf->bf_state.bfs_tid;
2948 struct ath_tid *atid = &an->an_tid[tid];
2949 struct ath_tx_status *ts = &bf->bf_status.ds_txstat;
2950
2951 /* The TID state is protected behind the TXQ lock */
2952 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
2953
2954 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: fail=%d, hwq_depth now %d\n",
2955 __func__, bf, fail, atid->hwq_depth - 1);
2956
2957 atid->hwq_depth--;
2958 if (atid->hwq_depth < 0)
2959 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n",
2960 __func__, atid->hwq_depth);
2961 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
2962
2963 /*
2964 * punt to rate control if we're not being cleaned up
2965 * during a hw queue drain and the frame wanted an ACK.
2966 */
2967 if (fail == 0 && ((bf->bf_state.bfs_txflags & HAL_TXDESC_NOACK) == 0))
2968 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc,
2969 ts, bf->bf_state.bfs_pktlen,
2970 1, (ts->ts_status == 0) ? 0 : 1);
2971
2972 ath_tx_default_comp(sc, bf, fail);
2973}
2974
2975/*
2976 * Handle cleanup of aggregate session packets that aren't
2977 * an A-MPDU.
2978 *
2979 * There's no need to update the BAW here - the session is being
2980 * torn down.
2981 */
2982static void
2983ath_tx_comp_cleanup_unaggr(struct ath_softc *sc, struct ath_buf *bf)
2984{
2985 struct ieee80211_node *ni = bf->bf_node;
2986 struct ath_node *an = ATH_NODE(ni);
2987 int tid = bf->bf_state.bfs_tid;
2988 struct ath_tid *atid = &an->an_tid[tid];
2989
2990 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: TID %d: incomp=%d\n",
2991 __func__, tid, atid->incomp);
2992
2993 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
2994 atid->incomp--;
2995 if (atid->incomp == 0) {
2996 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
2997 "%s: TID %d: cleaned up! resume!\n",
2998 __func__, tid);
2999 atid->cleanup_inprogress = 0;
3000 ath_tx_tid_resume(sc, atid);
3001 }
3002 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3003
3004 ath_tx_default_comp(sc, bf, 0);
3005}
3006
3007/*
3008 * Performs transmit side cleanup when TID changes from aggregated to
3009 * unaggregated.
3010 *
3011 * - Discard all retry frames from the s/w queue.
3012 * - Fix the tx completion function for all buffers in s/w queue.
3013 * - Count the number of unacked frames, and let transmit completion
3014 * handle it later.
3015 *
3016 * The caller is responsible for pausing the TID.
3017 */
3018static void
3019ath_tx_tid_cleanup(struct ath_softc *sc, struct ath_node *an, int tid)
3020{
3021 struct ath_tid *atid = &an->an_tid[tid];
3022 struct ieee80211_tx_ampdu *tap;
3023 struct ath_buf *bf, *bf_next;
3024 ath_bufhead bf_cq;
3025
3026 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW,
3027 "%s: TID %d: called\n", __func__, tid);
3028
3029 TAILQ_INIT(&bf_cq);
3030 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3031
3032 /*
3033 * Update the frames in the software TX queue:
3034 *
3035 * + Discard retry frames in the queue
3036 * + Fix the completion function to be non-aggregate
3037 */
3038 bf = TAILQ_FIRST(&atid->axq_q);
3039 while (bf) {
3040 if (bf->bf_state.bfs_isretried) {
3041 bf_next = TAILQ_NEXT(bf, bf_list);
3042 TAILQ_REMOVE(&atid->axq_q, bf, bf_list);
3043 atid->axq_depth--;
3044 if (bf->bf_state.bfs_dobaw) {
3045 ath_tx_update_baw(sc, an, atid, bf);
3046 if (! bf->bf_state.bfs_addedbaw)
3047 device_printf(sc->sc_dev,
3048 "%s: wasn't added: seqno %d\n",
3049 __func__,
3050 SEQNO(bf->bf_state.bfs_seqno));
3051 }
3052 bf->bf_state.bfs_dobaw = 0;
3053 /*
3054 * Call the default completion handler with "fail" just
3055 * so upper levels are suitably notified about this.
3056 */
3057 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list);
3058 bf = bf_next;
3059 continue;
3060 }
3061 /* Give these the default completion handler */
3062 bf->bf_comp = ath_tx_normal_comp;
3063 bf = TAILQ_NEXT(bf, bf_list);
3064 }
3065
3066 /* The caller is required to pause the TID */
3067#if 0
3068 /* Pause the TID */
3069 ath_tx_tid_pause(sc, atid);
3070#endif
3071
3072 /*
3073 * Calculate what hardware-queued frames exist based
3074 * on the current BAW size. Ie, what frames have been
3075 * added to the TX hardware queue for this TID but
3076 * not yet ACKed.
3077 */
3078 tap = ath_tx_get_tx_tid(an, tid);
3079 /* Need the lock - fiddling with BAW */
3080 while (atid->baw_head != atid->baw_tail) {
3081 if (atid->tx_buf[atid->baw_head]) {
3082 atid->incomp++;
3083 atid->cleanup_inprogress = 1;
3084 atid->tx_buf[atid->baw_head] = NULL;
3085 }
3086 INCR(atid->baw_head, ATH_TID_MAX_BUFS);
3087 INCR(tap->txa_start, IEEE80211_SEQ_RANGE);
3088 }
3089
3090 /*
3091 * If cleanup is required, defer TID scheduling
3092 * until all the HW queued packets have been
3093 * sent.
3094 */
3095 if (! atid->cleanup_inprogress)
3096 ath_tx_tid_resume(sc, atid);
3097
3098 if (atid->cleanup_inprogress)
3099 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
3100 "%s: TID %d: cleanup needed: %d packets\n",
3101 __func__, tid, atid->incomp);
3102 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3103
3104 /* Handle completing frames and fail them */
3105 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) {
3106 TAILQ_REMOVE(&bf_cq, bf, bf_list);
3107 ath_tx_default_comp(sc, bf, 1);
3108 }
3109}
3110
3111static void
3112ath_tx_set_retry(struct ath_softc *sc, struct ath_buf *bf)
3113{
3114 struct ieee80211_frame *wh;
3115
3116 wh = mtod(bf->bf_m, struct ieee80211_frame *);
3117 /* Only update/resync if needed */
3118 if (bf->bf_state.bfs_isretried == 0) {
3119 wh->i_fc[1] |= IEEE80211_FC1_RETRY;
3120 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap,
3121 BUS_DMASYNC_PREWRITE);
3122 }
3123 sc->sc_stats.ast_tx_swretries++;
3124 bf->bf_state.bfs_isretried = 1;
3125 bf->bf_state.bfs_retries ++;
3126}
3127
3128static struct ath_buf *
3129ath_tx_retry_clone(struct ath_softc *sc, struct ath_node *an,
3130 struct ath_tid *tid, struct ath_buf *bf)
3131{
3132 struct ath_buf *nbf;
3133 int error;
3134
3135 nbf = ath_buf_clone(sc, bf);
3136
3137#if 0
3138 device_printf(sc->sc_dev, "%s: ATH_BUF_BUSY; cloning\n",
3139 __func__);
3140#endif
3141
3142 if (nbf == NULL) {
3143 /* Failed to clone */
3144 device_printf(sc->sc_dev,
3145 "%s: failed to clone a busy buffer\n",
3146 __func__);
3147 return NULL;
3148 }
3149
3150 /* Setup the dma for the new buffer */
3151 error = ath_tx_dmasetup(sc, nbf, nbf->bf_m);
3152 if (error != 0) {
3153 device_printf(sc->sc_dev,
3154 "%s: failed to setup dma for clone\n",
3155 __func__);
3156 /*
3157 * Put this at the head of the list, not tail;
3158 * that way it doesn't interfere with the
3159 * busy buffer logic (which uses the tail of
3160 * the list.)
3161 */
3162 ATH_TXBUF_LOCK(sc);
3163 ath_returnbuf_head(sc, nbf);
3164 ATH_TXBUF_UNLOCK(sc);
3165 return NULL;
3166 }
3167
3168 /* Update BAW if required, before we free the original buf */
3169 if (bf->bf_state.bfs_dobaw)
3170 ath_tx_switch_baw_buf(sc, an, tid, bf, nbf);
3171
3172 /* Free current buffer; return the older buffer */
3173 bf->bf_m = NULL;
3174 bf->bf_node = NULL;
3175 ath_freebuf(sc, bf);
3176 return nbf;
3177}
3178
3179/*
3180 * Handle retrying an unaggregate frame in an aggregate
3181 * session.
3182 *
3183 * If too many retries occur, pause the TID, wait for
3184 * any further retransmits (as there's no reason why
3185 * non-aggregate frames in an aggregate session are
3186 * transmitted in-order; they just have to be in-BAW)
3187 * and then queue a BAR.
3188 */
3189static void
3190ath_tx_aggr_retry_unaggr(struct ath_softc *sc, struct ath_buf *bf)
3191{
3192 struct ieee80211_node *ni = bf->bf_node;
3193 struct ath_node *an = ATH_NODE(ni);
3194 int tid = bf->bf_state.bfs_tid;
3195 struct ath_tid *atid = &an->an_tid[tid];
3196 struct ieee80211_tx_ampdu *tap;
3197
3198 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3199
3200 tap = ath_tx_get_tx_tid(an, tid);
3201
3202 /*
3203 * If the buffer is marked as busy, we can't directly
3204 * reuse it. Instead, try to clone the buffer.
3205 * If the clone is successful, recycle the old buffer.
3206 * If the clone is unsuccessful, set bfs_retries to max
3207 * to force the next bit of code to free the buffer
3208 * for us.
3209 */
3210 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) &&
3211 (bf->bf_flags & ATH_BUF_BUSY)) {
3212 struct ath_buf *nbf;
3213 nbf = ath_tx_retry_clone(sc, an, atid, bf);
3214 if (nbf)
3215 /* bf has been freed at this point */
3216 bf = nbf;
3217 else
3218 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1;
3219 }
3220
3221 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) {
3222 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES,
3223 "%s: exceeded retries; seqno %d\n",
3224 __func__, SEQNO(bf->bf_state.bfs_seqno));
3225 sc->sc_stats.ast_tx_swretrymax++;
3226
3227 /* Update BAW anyway */
3228 if (bf->bf_state.bfs_dobaw) {
3229 ath_tx_update_baw(sc, an, atid, bf);
3230 if (! bf->bf_state.bfs_addedbaw)
3231 device_printf(sc->sc_dev,
3232 "%s: wasn't added: seqno %d\n",
3233 __func__, SEQNO(bf->bf_state.bfs_seqno));
3234 }
3235 bf->bf_state.bfs_dobaw = 0;
3236
3237 /* Suspend the TX queue and get ready to send the BAR */
3238 ath_tx_tid_bar_suspend(sc, atid);
3239
3240 /* Send the BAR if there are no other frames waiting */
3241 if (ath_tx_tid_bar_tx_ready(sc, atid))
3242 ath_tx_tid_bar_tx(sc, atid);
3243
3244 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3245
3246 /* Free buffer, bf is free after this call */
3247 ath_tx_default_comp(sc, bf, 0);
3248 return;
3249 }
3250
3251 /*
3252 * This increments the retry counter as well as
3253 * sets the retry flag in the ath_buf and packet
3254 * body.
3255 */
3256 ath_tx_set_retry(sc, bf);
3257
3258 /*
3259 * Insert this at the head of the queue, so it's
3260 * retried before any current/subsequent frames.
3261 */
3262 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list);
3263 ath_tx_tid_sched(sc, atid);
3264 /* Send the BAR if there are no other frames waiting */
3265 if (ath_tx_tid_bar_tx_ready(sc, atid))
3266 ath_tx_tid_bar_tx(sc, atid);
3267
3268 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3269}
3270
3271/*
3272 * Common code for aggregate excessive retry/subframe retry.
3273 * If retrying, queues buffers to bf_q. If not, frees the
3274 * buffers.
3275 *
3276 * XXX should unify this with ath_tx_aggr_retry_unaggr()
3277 */
3278static int
3279ath_tx_retry_subframe(struct ath_softc *sc, struct ath_buf *bf,
3280 ath_bufhead *bf_q)
3281{
3282 struct ieee80211_node *ni = bf->bf_node;
3283 struct ath_node *an = ATH_NODE(ni);
3284 int tid = bf->bf_state.bfs_tid;
3285 struct ath_tid *atid = &an->an_tid[tid];
3286
3287 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[atid->ac]);
3288
3289 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc);
3290 ath_hal_set11nburstduration(sc->sc_ah, bf->bf_desc, 0);
3291 /* ath_hal_set11n_virtualmorefrag(sc->sc_ah, bf->bf_desc, 0); */
3292
3293 /*
3294 * If the buffer is marked as busy, we can't directly
3295 * reuse it. Instead, try to clone the buffer.
3296 * If the clone is successful, recycle the old buffer.
3297 * If the clone is unsuccessful, set bfs_retries to max
3298 * to force the next bit of code to free the buffer
3299 * for us.
3300 */
3301 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) &&
3302 (bf->bf_flags & ATH_BUF_BUSY)) {
3303 struct ath_buf *nbf;
3304 nbf = ath_tx_retry_clone(sc, an, atid, bf);
3305 if (nbf)
3306 /* bf has been freed at this point */
3307 bf = nbf;
3308 else
3309 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1;
3310 }
3311
3312 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) {
3313 sc->sc_stats.ast_tx_swretrymax++;
3314 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES,
3315 "%s: max retries: seqno %d\n",
3316 __func__, SEQNO(bf->bf_state.bfs_seqno));
3317 ath_tx_update_baw(sc, an, atid, bf);
3318 if (! bf->bf_state.bfs_addedbaw)
3319 device_printf(sc->sc_dev,
3320 "%s: wasn't added: seqno %d\n",
3321 __func__, SEQNO(bf->bf_state.bfs_seqno));
3322 bf->bf_state.bfs_dobaw = 0;
3323 return 1;
3324 }
3325
3326 ath_tx_set_retry(sc, bf);
3327 bf->bf_next = NULL; /* Just to make sure */
3328
3329 TAILQ_INSERT_TAIL(bf_q, bf, bf_list);
3330 return 0;
3331}
3332
3333/*
3334 * error pkt completion for an aggregate destination
3335 */
3336static void
3337ath_tx_comp_aggr_error(struct ath_softc *sc, struct ath_buf *bf_first,
3338 struct ath_tid *tid)
3339{
3340 struct ieee80211_node *ni = bf_first->bf_node;
3341 struct ath_node *an = ATH_NODE(ni);
3342 struct ath_buf *bf_next, *bf;
3343 ath_bufhead bf_q;
3344 int drops = 0;
3345 struct ieee80211_tx_ampdu *tap;
3346 ath_bufhead bf_cq;
3347
3348 TAILQ_INIT(&bf_q);
3349 TAILQ_INIT(&bf_cq);
3350
3351 /*
3352 * Update rate control - all frames have failed.
3353 *
3354 * XXX use the length in the first frame in the series;
3355 * XXX just so things are consistent for now.
3356 */
3357 ath_tx_update_ratectrl(sc, ni, bf_first->bf_state.bfs_rc,
3358 &bf_first->bf_status.ds_txstat,
3359 bf_first->bf_state.bfs_pktlen,
3360 bf_first->bf_state.bfs_nframes, bf_first->bf_state.bfs_nframes);
3361
3362 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]);
3363 tap = ath_tx_get_tx_tid(an, tid->tid);
3364 sc->sc_stats.ast_tx_aggr_failall++;
3365
3366 /* Retry all subframes */
3367 bf = bf_first;
3368 while (bf) {
3369 bf_next = bf->bf_next;
3370 bf->bf_next = NULL; /* Remove it from the aggr list */
3371 sc->sc_stats.ast_tx_aggr_fail++;
3372 if (ath_tx_retry_subframe(sc, bf, &bf_q)) {
3373 drops++;
3374 bf->bf_next = NULL;
3375 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list);
3376 }
3377 bf = bf_next;
3378 }
3379
3380 /* Prepend all frames to the beginning of the queue */
3381 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) {
3382 TAILQ_REMOVE(&bf_q, bf, bf_list);
3383 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list);
3384 }
3385
3386 /*
3387 * Schedule the TID to be re-tried.
3388 */
3389 ath_tx_tid_sched(sc, tid);
3390
3391 /*
3392 * send bar if we dropped any frames
3393 *
3394 * Keep the txq lock held for now, as we need to ensure
3395 * that ni_txseqs[] is consistent (as it's being updated
3396 * in the ifnet TX context or raw TX context.)
3397 */
3398 if (drops) {
3399 /* Suspend the TX queue and get ready to send the BAR */
3400 ath_tx_tid_bar_suspend(sc, tid);
3401 }
3402
3403 /*
3404 * Send BAR if required
3405 */
3406 if (ath_tx_tid_bar_tx_ready(sc, tid))
3407 ath_tx_tid_bar_tx(sc, tid);
3408 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]);
3409
3410 /* Complete frames which errored out */
3411 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) {
3412 TAILQ_REMOVE(&bf_cq, bf, bf_list);
3413 ath_tx_default_comp(sc, bf, 0);
3414 }
3415}
3416
3417/*
3418 * Handle clean-up of packets from an aggregate list.
3419 *
3420 * There's no need to update the BAW here - the session is being
3421 * torn down.
3422 */
3423static void
3424ath_tx_comp_cleanup_aggr(struct ath_softc *sc, struct ath_buf *bf_first)
3425{
3426 struct ath_buf *bf, *bf_next;
3427 struct ieee80211_node *ni = bf_first->bf_node;
3428 struct ath_node *an = ATH_NODE(ni);
3429 int tid = bf_first->bf_state.bfs_tid;
3430 struct ath_tid *atid = &an->an_tid[tid];
3431
3432 bf = bf_first;
3433
3434 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3435
3436 /* update incomp */
3437 while (bf) {
3438 atid->incomp--;
3439 bf = bf->bf_next;
3440 }
3441
3442 if (atid->incomp == 0) {
3443 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
3444 "%s: TID %d: cleaned up! resume!\n",
3445 __func__, tid);
3446 atid->cleanup_inprogress = 0;
3447 ath_tx_tid_resume(sc, atid);
3448 }
3449
3450 /* Send BAR if required */
3451 if (ath_tx_tid_bar_tx_ready(sc, atid))
3452 ath_tx_tid_bar_tx(sc, atid);
3453 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3454
3455 /* Handle frame completion */
3456 while (bf) {
3457 bf_next = bf->bf_next;
3458 ath_tx_default_comp(sc, bf, 1);
3459 bf = bf_next;
3460 }
3461}
3462
3463/*
3464 * Handle completion of an set of aggregate frames.
3465 *
3466 * XXX for now, simply complete each sub-frame.
3467 *
3468 * Note: the completion handler is the last descriptor in the aggregate,
3469 * not the last descriptor in the first frame.
3470 */
3471static void
3472ath_tx_aggr_comp_aggr(struct ath_softc *sc, struct ath_buf *bf_first,
3473 int fail)
3474{
3475 //struct ath_desc *ds = bf->bf_lastds;
3476 struct ieee80211_node *ni = bf_first->bf_node;
3477 struct ath_node *an = ATH_NODE(ni);
3478 int tid = bf_first->bf_state.bfs_tid;
3479 struct ath_tid *atid = &an->an_tid[tid];
3480 struct ath_tx_status ts;
3481 struct ieee80211_tx_ampdu *tap;
3482 ath_bufhead bf_q;
3483 ath_bufhead bf_cq;
3484 int seq_st, tx_ok;
3485 int hasba, isaggr;
3486 uint32_t ba[2];
3487 struct ath_buf *bf, *bf_next;
3488 int ba_index;
3489 int drops = 0;
3490 int nframes = 0, nbad = 0, nf;
3491 int pktlen;
3492 /* XXX there's too much on the stack? */
3493 struct ath_rc_series rc[ATH_RC_NUM];
3494 int txseq;
3495
3496 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: called; hwq_depth=%d\n",
3497 __func__, atid->hwq_depth);
3498
3499 /* The TID state is kept behind the TXQ lock */
3500 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3501
3502 atid->hwq_depth--;
3503 if (atid->hwq_depth < 0)
3504 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n",
3505 __func__, atid->hwq_depth);
3506
3507 /*
3508 * Punt cleanup to the relevant function, not our problem now
3509 */
3510 if (atid->cleanup_inprogress) {
3511 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3512 ath_tx_comp_cleanup_aggr(sc, bf_first);
3513 return;
3514 }
3515
3516 /*
3517 * Take a copy; this may be needed -after- bf_first
3518 * has been completed and freed.
3519 */
3520 ts = bf_first->bf_status.ds_txstat;
3521 /*
3522 * XXX for now, use the first frame in the aggregate for
3523 * XXX rate control completion; it's at least consistent.
3524 */
3525 pktlen = bf_first->bf_state.bfs_pktlen;
3526
3527 /*
3528 * Handle errors first!
3529 *
3530 * Here, handle _any_ error as a "exceeded retries" error.
3531 * Later on (when filtered frames are to be specially handled)
3532 * it'll have to be expanded.
3533 */
3534#if 0
3535 if (ts.ts_status & HAL_TXERR_XRETRY) {
3536#endif
3537 if (ts.ts_status != 0) {
3538 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3539 ath_tx_comp_aggr_error(sc, bf_first, atid);
3540 return;
3541 }
3542
3543 TAILQ_INIT(&bf_q);
3544 TAILQ_INIT(&bf_cq);
3545 tap = ath_tx_get_tx_tid(an, tid);
3546
3547 /*
3548 * extract starting sequence and block-ack bitmap
3549 */
3550 /* XXX endian-ness of seq_st, ba? */
3551 seq_st = ts.ts_seqnum;
3552 hasba = !! (ts.ts_flags & HAL_TX_BA);
3553 tx_ok = (ts.ts_status == 0);
3554 isaggr = bf_first->bf_state.bfs_aggr;
3555 ba[0] = ts.ts_ba_low;
3556 ba[1] = ts.ts_ba_high;
3557
3558 /*
3559 * Copy the TX completion status and the rate control
3560 * series from the first descriptor, as it may be freed
3561 * before the rate control code can get its grubby fingers
3562 * into things.
3563 */
3564 memcpy(rc, bf_first->bf_state.bfs_rc, sizeof(rc));
3565
3566 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3567 "%s: txa_start=%d, tx_ok=%d, status=%.8x, flags=%.8x, "
3568 "isaggr=%d, seq_st=%d, hasba=%d, ba=%.8x, %.8x\n",
3569 __func__, tap->txa_start, tx_ok, ts.ts_status, ts.ts_flags,
3570 isaggr, seq_st, hasba, ba[0], ba[1]);
3571
3572 /* Occasionally, the MAC sends a tx status for the wrong TID. */
3573 if (tid != ts.ts_tid) {
3574 device_printf(sc->sc_dev, "%s: tid %d != hw tid %d\n",
3575 __func__, tid, ts.ts_tid);
3576 tx_ok = 0;
3577 }
3578
3579 /* AR5416 BA bug; this requires an interface reset */
3580 if (isaggr && tx_ok && (! hasba)) {
3581 device_printf(sc->sc_dev,
3582 "%s: AR5416 bug: hasba=%d; txok=%d, isaggr=%d, "
3583 "seq_st=%d\n",
3584 __func__, hasba, tx_ok, isaggr, seq_st);
3585 /* XXX TODO: schedule an interface reset */
3586#ifdef ATH_DEBUG
3587 ath_printtxbuf(sc, bf_first,
3588 sc->sc_ac2q[atid->ac]->axq_qnum, 0, 0);
3589#endif
3590 }
3591
3592 /*
3593 * Walk the list of frames, figure out which ones were correctly
3594 * sent and which weren't.
3595 */
3596 bf = bf_first;
3597 nf = bf_first->bf_state.bfs_nframes;
3598
3599 /* bf_first is going to be invalid once this list is walked */
3600 bf_first = NULL;
3601
3602 /*
3603 * Walk the list of completed frames and determine
3604 * which need to be completed and which need to be
3605 * retransmitted.
3606 *
3607 * For completed frames, the completion functions need
3608 * to be called at the end of this function as the last
3609 * node reference may free the node.
3610 *
3611 * Finally, since the TXQ lock can't be held during the
3612 * completion callback (to avoid lock recursion),
3613 * the completion calls have to be done outside of the
3614 * lock.
3615 */
3616 while (bf) {
3617 nframes++;
3618 ba_index = ATH_BA_INDEX(seq_st,
3619 SEQNO(bf->bf_state.bfs_seqno));
3620 bf_next = bf->bf_next;
3621 bf->bf_next = NULL; /* Remove it from the aggr list */
3622
3623 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3624 "%s: checking bf=%p seqno=%d; ack=%d\n",
3625 __func__, bf, SEQNO(bf->bf_state.bfs_seqno),
3626 ATH_BA_ISSET(ba, ba_index));
3627
3628 if (tx_ok && ATH_BA_ISSET(ba, ba_index)) {
3629 sc->sc_stats.ast_tx_aggr_ok++;
3630 ath_tx_update_baw(sc, an, atid, bf);
3631 bf->bf_state.bfs_dobaw = 0;
3632 if (! bf->bf_state.bfs_addedbaw)
3633 device_printf(sc->sc_dev,
3634 "%s: wasn't added: seqno %d\n",
3635 __func__, SEQNO(bf->bf_state.bfs_seqno));
3636 bf->bf_next = NULL;
3637 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list);
3638 } else {
3639 sc->sc_stats.ast_tx_aggr_fail++;
3640 if (ath_tx_retry_subframe(sc, bf, &bf_q)) {
3641 drops++;
3642 bf->bf_next = NULL;
3643 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list);
3644 }
3645 nbad++;
3646 }
3647 bf = bf_next;
3648 }
3649
3650 /*
3651 * Now that the BAW updates have been done, unlock
3652 *
3653 * txseq is grabbed before the lock is released so we
3654 * have a consistent view of what -was- in the BAW.
3655 * Anything after this point will not yet have been
3656 * TXed.
3657 */
3658 txseq = tap->txa_start;
3659 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3660
3661 if (nframes != nf)
3662 device_printf(sc->sc_dev,
3663 "%s: num frames seen=%d; bf nframes=%d\n",
3664 __func__, nframes, nf);
3665
3666 /*
3667 * Now we know how many frames were bad, call the rate
3668 * control code.
3669 */
3670 if (fail == 0)
3671 ath_tx_update_ratectrl(sc, ni, rc, &ts, pktlen, nframes,
3672 nbad);
3673
3674 /*
3675 * send bar if we dropped any frames
3676 */
3677 if (drops) {
3678 /* Suspend the TX queue and get ready to send the BAR */
3679 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3680 ath_tx_tid_bar_suspend(sc, atid);
3681 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3682 }
3683
3684 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3685 "%s: txa_start now %d\n", __func__, tap->txa_start);
3686
3687 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3688
3689 /* Prepend all frames to the beginning of the queue */
3690 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) {
3691 TAILQ_REMOVE(&bf_q, bf, bf_list);
3692 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list);
3693 }
3694
3695 /*
3696 * Reschedule to grab some further frames.
3697 */
3698 ath_tx_tid_sched(sc, atid);
3699
3700 /*
3701 * Send BAR if required
3702 */
3703 if (ath_tx_tid_bar_tx_ready(sc, atid))
3704 ath_tx_tid_bar_tx(sc, atid);
3705
3706 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3707
3708 /* Do deferred completion */
3709 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) {
3710 TAILQ_REMOVE(&bf_cq, bf, bf_list);
3711 ath_tx_default_comp(sc, bf, 0);
3712 }
3713}
3714
3715/*
3716 * Handle completion of unaggregated frames in an ADDBA
3717 * session.
3718 *
3719 * Fail is set to 1 if the entry is being freed via a call to
3720 * ath_tx_draintxq().
3721 */
3722static void
3723ath_tx_aggr_comp_unaggr(struct ath_softc *sc, struct ath_buf *bf, int fail)
3724{
3725 struct ieee80211_node *ni = bf->bf_node;
3726 struct ath_node *an = ATH_NODE(ni);
3727 int tid = bf->bf_state.bfs_tid;
3728 struct ath_tid *atid = &an->an_tid[tid];
3729 struct ath_tx_status *ts = &bf->bf_status.ds_txstat;
3730
3731 /*
3732 * Update rate control status here, before we possibly
3733 * punt to retry or cleanup.
3734 *
3735 * Do it outside of the TXQ lock.
3736 */
3737 if (fail == 0 && ((bf->bf_state.bfs_txflags & HAL_TXDESC_NOACK) == 0))
3738 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc,
3739 &bf->bf_status.ds_txstat,
3740 bf->bf_state.bfs_pktlen,
3741 1, (ts->ts_status == 0) ? 0 : 1);
3742
3743 /*
3744 * This is called early so atid->hwq_depth can be tracked.
3745 * This unfortunately means that it's released and regrabbed
3746 * during retry and cleanup. That's rather inefficient.
3747 */
3748 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3749
3750 if (tid == IEEE80211_NONQOS_TID)
3751 device_printf(sc->sc_dev, "%s: TID=16!\n", __func__);
3752
3753 DPRINTF(sc, ATH_DEBUG_SW_TX,
3754 "%s: bf=%p: tid=%d, hwq_depth=%d, seqno=%d\n",
3755 __func__, bf, bf->bf_state.bfs_tid, atid->hwq_depth,
3756 SEQNO(bf->bf_state.bfs_seqno));
3757
3758 atid->hwq_depth--;
3759 if (atid->hwq_depth < 0)
3760 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n",
3761 __func__, atid->hwq_depth);
3762
3763 /*
3764 * If a cleanup is in progress, punt to comp_cleanup;
3765 * rather than handling it here. It's thus their
3766 * responsibility to clean up, call the completion
3767 * function in net80211, etc.
3768 */
3769 if (atid->cleanup_inprogress) {
3770 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3771 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: cleanup_unaggr\n",
3772 __func__);
3773 ath_tx_comp_cleanup_unaggr(sc, bf);
3774 return;
3775 }
3776
3777 /*
3778 * Don't bother with the retry check if all frames
3779 * are being failed (eg during queue deletion.)
3780 */
3781#if 0
3782 if (fail == 0 && ts->ts_status & HAL_TXERR_XRETRY) {
3783#endif
3784 if (fail == 0 && ts->ts_status != 0) {
3785 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3786 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: retry_unaggr\n",
3787 __func__);
3788 ath_tx_aggr_retry_unaggr(sc, bf);
3789 return;
3790 }
3791
3792 /* Success? Complete */
3793 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: TID=%d, seqno %d\n",
3794 __func__, tid, SEQNO(bf->bf_state.bfs_seqno));
3795 if (bf->bf_state.bfs_dobaw) {
3796 ath_tx_update_baw(sc, an, atid, bf);
3797 bf->bf_state.bfs_dobaw = 0;
3798 if (! bf->bf_state.bfs_addedbaw)
3799 device_printf(sc->sc_dev,
3800 "%s: wasn't added: seqno %d\n",
3801 __func__, SEQNO(bf->bf_state.bfs_seqno));
3802 }
3803
3804 /*
3805 * Send BAR if required
3806 */
3807 if (ath_tx_tid_bar_tx_ready(sc, atid))
3808 ath_tx_tid_bar_tx(sc, atid);
3809
3810 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3811
3812 ath_tx_default_comp(sc, bf, fail);
3813 /* bf is freed at this point */
3814}
3815
3816void
3817ath_tx_aggr_comp(struct ath_softc *sc, struct ath_buf *bf, int fail)
3818{
3819 if (bf->bf_state.bfs_aggr)
3820 ath_tx_aggr_comp_aggr(sc, bf, fail);
3821 else
3822 ath_tx_aggr_comp_unaggr(sc, bf, fail);
3823}
3824
3825/*
3826 * Schedule some packets from the given node/TID to the hardware.
3827 *
3828 * This is the aggregate version.
3829 */
3830void
3831ath_tx_tid_hw_queue_aggr(struct ath_softc *sc, struct ath_node *an,
3832 struct ath_tid *tid)
3833{
3834 struct ath_buf *bf;
3835 struct ath_txq *txq = sc->sc_ac2q[tid->ac];
3836 struct ieee80211_tx_ampdu *tap;
3837 struct ieee80211_node *ni = &an->an_node;
3838 ATH_AGGR_STATUS status;
3839 ath_bufhead bf_q;
3840
3841 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d\n", __func__, tid->tid);
3842 ATH_TXQ_LOCK_ASSERT(txq);
3843
3844 tap = ath_tx_get_tx_tid(an, tid->tid);
3845
3846 if (tid->tid == IEEE80211_NONQOS_TID)
3847 device_printf(sc->sc_dev, "%s: called for TID=NONQOS_TID?\n",
3848 __func__);
3849
3850 for (;;) {
3851 status = ATH_AGGR_DONE;
3852
3853 /*
3854 * If the upper layer has paused the TID, don't
3855 * queue any further packets.
3856 *
3857 * This can also occur from the completion task because
3858 * of packet loss; but as its serialised with this code,
3859 * it won't "appear" half way through queuing packets.
3860 */
3861 if (tid->paused)
3862 break;
3863
3864 bf = TAILQ_FIRST(&tid->axq_q);
3865 if (bf == NULL) {
3866 break;
3867 }
3868
3869 /*
3870 * If the packet doesn't fall within the BAW (eg a NULL
3871 * data frame), schedule it directly; continue.
3872 */
3873 if (! bf->bf_state.bfs_dobaw) {
3874 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3875 "%s: non-baw packet\n",
3876 __func__);
3877 ATH_TXQ_REMOVE(tid, bf, bf_list);
3878 bf->bf_state.bfs_aggr = 0;
3879 ath_tx_do_ratelookup(sc, bf);
3880 ath_tx_calc_duration(sc, bf);
3881 ath_tx_calc_protection(sc, bf);
3882 ath_tx_set_rtscts(sc, bf);
3883 ath_tx_rate_fill_rcflags(sc, bf);
3884 ath_tx_setds(sc, bf);
3885 ath_tx_chaindesclist(sc, bf);
3886 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc);
3887 ath_tx_set_ratectrl(sc, ni, bf);
3888
3889 sc->sc_aggr_stats.aggr_nonbaw_pkt++;
3890
3891 /* Queue the packet; continue */
3892 goto queuepkt;
3893 }
3894
3895 TAILQ_INIT(&bf_q);
3896
3897 /*
3898 * Do a rate control lookup on the first frame in the
3899 * list. The rate control code needs that to occur
3900 * before it can determine whether to TX.
3901 * It's inaccurate because the rate control code doesn't
3902 * really "do" aggregate lookups, so it only considers
3903 * the size of the first frame.
3904 */
3905 ath_tx_do_ratelookup(sc, bf);
3906 bf->bf_state.bfs_rc[3].rix = 0;
3907 bf->bf_state.bfs_rc[3].tries = 0;
3908
3909 ath_tx_calc_duration(sc, bf);
3910 ath_tx_calc_protection(sc, bf);
3911
3912 ath_tx_set_rtscts(sc, bf);
3913 ath_tx_rate_fill_rcflags(sc, bf);
3914
3915 status = ath_tx_form_aggr(sc, an, tid, &bf_q);
3916
3917 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3918 "%s: ath_tx_form_aggr() status=%d\n", __func__, status);
3919
3920 /*
3921 * No frames to be picked up - out of BAW
3922 */
3923 if (TAILQ_EMPTY(&bf_q))
3924 break;
3925
3926 /*
3927 * This assumes that the descriptor list in the ath_bufhead
3928 * are already linked together via bf_next pointers.
3929 */
3930 bf = TAILQ_FIRST(&bf_q);
3931
3932 if (status == ATH_AGGR_8K_LIMITED)
3933 sc->sc_aggr_stats.aggr_rts_aggr_limited++;
3934
3935 /*
3936 * If it's the only frame send as non-aggregate
3937 * assume that ath_tx_form_aggr() has checked
3938 * whether it's in the BAW and added it appropriately.
3939 */
3940 if (bf->bf_state.bfs_nframes == 1) {
3941 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3942 "%s: single-frame aggregate\n", __func__);
3943 bf->bf_state.bfs_aggr = 0;
3944 ath_tx_setds(sc, bf);
3945 ath_tx_chaindesclist(sc, bf);
3946 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc);
3947 ath_tx_set_ratectrl(sc, ni, bf);
3948 if (status == ATH_AGGR_BAW_CLOSED)
3949 sc->sc_aggr_stats.aggr_baw_closed_single_pkt++;
3950 else
3951 sc->sc_aggr_stats.aggr_single_pkt++;
3952 } else {
3953 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3954 "%s: multi-frame aggregate: %d frames, "
3955 "length %d\n",
3956 __func__, bf->bf_state.bfs_nframes,
3957 bf->bf_state.bfs_al);
3958 bf->bf_state.bfs_aggr = 1;
3959 sc->sc_aggr_stats.aggr_pkts[bf->bf_state.bfs_nframes]++;
3960 sc->sc_aggr_stats.aggr_aggr_pkt++;
3961
3962 /*
3963 * Calculate the duration/protection as required.
3964 */
3965 ath_tx_calc_duration(sc, bf);
3966 ath_tx_calc_protection(sc, bf);
3967
3968 /*
3969 * Update the rate and rtscts information based on the
3970 * rate decision made by the rate control code;
3971 * the first frame in the aggregate needs it.
3972 */
3973 ath_tx_set_rtscts(sc, bf);
3974
3975 /*
3976 * Setup the relevant descriptor fields
3977 * for aggregation. The first descriptor
3978 * already points to the rest in the chain.
3979 */
3980 ath_tx_setds_11n(sc, bf);
3981
3982 /*
3983 * setup first desc with rate and aggr info
3984 */
3985 ath_tx_set_ratectrl(sc, ni, bf);
3986 }
3987 queuepkt:
3988 //txq = bf->bf_state.bfs_txq;
3989
3990 /* Set completion handler, multi-frame aggregate or not */
3991 bf->bf_comp = ath_tx_aggr_comp;
3992
3993 if (bf->bf_state.bfs_tid == IEEE80211_NONQOS_TID)
3994 device_printf(sc->sc_dev, "%s: TID=16?\n", __func__);
3995
3996 /* Punt to txq */
3997 ath_tx_handoff(sc, txq, bf);
3998
3999 /* Track outstanding buffer count to hardware */
4000 /* aggregates are "one" buffer */
4001 tid->hwq_depth++;
4002
4003 /*
4004 * Break out if ath_tx_form_aggr() indicated
4005 * there can't be any further progress (eg BAW is full.)
4006 * Checking for an empty txq is done above.
4007 *
4008 * XXX locking on txq here?
4009 */
4010 if (txq->axq_aggr_depth >= sc->sc_hwq_limit ||
4011 status == ATH_AGGR_BAW_CLOSED)
4012 break;
4013 }
4014}
4015
4016/*
4017 * Schedule some packets from the given node/TID to the hardware.
4018 */
4019void
4020ath_tx_tid_hw_queue_norm(struct ath_softc *sc, struct ath_node *an,
4021 struct ath_tid *tid)
4022{
4023 struct ath_buf *bf;
4024 struct ath_txq *txq = sc->sc_ac2q[tid->ac];
4025 struct ieee80211_node *ni = &an->an_node;
4026
4027 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: node %p: TID %d: called\n",
4028 __func__, an, tid->tid);
4029
4030 ATH_TXQ_LOCK_ASSERT(txq);
4031
4032 /* Check - is AMPDU pending or running? then print out something */
4033 if (ath_tx_ampdu_pending(sc, an, tid->tid))
4034 device_printf(sc->sc_dev, "%s: tid=%d, ampdu pending?\n",
4035 __func__, tid->tid);
4036 if (ath_tx_ampdu_running(sc, an, tid->tid))
4037 device_printf(sc->sc_dev, "%s: tid=%d, ampdu running?\n",
4038 __func__, tid->tid);
4039
4040 for (;;) {
4041
4042 /*
4043 * If the upper layers have paused the TID, don't
4044 * queue any further packets.
4045 */
4046 if (tid->paused)
4047 break;
4048
4049 bf = TAILQ_FIRST(&tid->axq_q);
4050 if (bf == NULL) {
4051 break;
4052 }
4053
4054 ATH_TXQ_REMOVE(tid, bf, bf_list);
4055
4056 KASSERT(txq == bf->bf_state.bfs_txq, ("txqs not equal!\n"));
4057
4058 /* Sanity check! */
4059 if (tid->tid != bf->bf_state.bfs_tid) {
4060 device_printf(sc->sc_dev, "%s: bfs_tid %d !="
4061 " tid %d\n",
4062 __func__, bf->bf_state.bfs_tid, tid->tid);
4063 }
4064 /* Normal completion handler */
4065 bf->bf_comp = ath_tx_normal_comp;
4066
4067 /* Program descriptors + rate control */
4068 ath_tx_do_ratelookup(sc, bf);
4069 ath_tx_calc_duration(sc, bf);
4070 ath_tx_calc_protection(sc, bf);
4071 ath_tx_set_rtscts(sc, bf);
4072 ath_tx_rate_fill_rcflags(sc, bf);
4073 ath_tx_setds(sc, bf);
4074 ath_tx_chaindesclist(sc, bf);
4075 ath_tx_set_ratectrl(sc, ni, bf);
4076
4077 /* Track outstanding buffer count to hardware */
4078 /* aggregates are "one" buffer */
4079 tid->hwq_depth++;
4080
4081 /* Punt to hardware or software txq */
4082 ath_tx_handoff(sc, txq, bf);
4083 }
4084}
4085
4086/*
4087 * Schedule some packets to the given hardware queue.
4088 *
4089 * This function walks the list of TIDs (ie, ath_node TIDs
4090 * with queued traffic) and attempts to schedule traffic
4091 * from them.
4092 *
4093 * TID scheduling is implemented as a FIFO, with TIDs being
4094 * added to the end of the queue after some frames have been
4095 * scheduled.
4096 */
4097void
4098ath_txq_sched(struct ath_softc *sc, struct ath_txq *txq)
4099{
4100 struct ath_tid *tid, *next, *last;
4101
4102 ATH_TXQ_LOCK_ASSERT(txq);
4103
4104 /*
4105 * Don't schedule if the hardware queue is busy.
4106 * This (hopefully) gives some more time to aggregate
4107 * some packets in the aggregation queue.
4108 */
4109 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) {
4110 sc->sc_aggr_stats.aggr_sched_nopkt++;
4111 return;
4112 }
4113
4114 last = TAILQ_LAST(&txq->axq_tidq, axq_t_s);
4115
4116 TAILQ_FOREACH_SAFE(tid, &txq->axq_tidq, axq_qelem, next) {
4117 /*
4118 * Suspend paused queues here; they'll be resumed
4119 * once the addba completes or times out.
4120 */
4121 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, paused=%d\n",
4122 __func__, tid->tid, tid->paused);
4123 ath_tx_tid_unsched(sc, tid);
4124 if (tid->paused) {
4125 continue;
4126 }
4127 if (ath_tx_ampdu_running(sc, tid->an, tid->tid))
4128 ath_tx_tid_hw_queue_aggr(sc, tid->an, tid);
4129 else
4130 ath_tx_tid_hw_queue_norm(sc, tid->an, tid);
4131
4132 /* Not empty? Re-schedule */
4133 if (tid->axq_depth != 0)
4134 ath_tx_tid_sched(sc, tid);
4135
4136 /* Give the software queue time to aggregate more packets */
4137 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) {
4138 break;
4139 }
4140
4141 /*
4142 * If this was the last entry on the original list, stop.
4143 * Otherwise nodes that have been rescheduled onto the end
4144 * of the TID FIFO list will just keep being rescheduled.
4145 */
4146 if (tid == last)
4147 break;
4148 }
4149}
4150
4151/*
4152 * TX addba handling
4153 */
4154
4155/*
4156 * Return net80211 TID struct pointer, or NULL for none
4157 */
4158struct ieee80211_tx_ampdu *
4159ath_tx_get_tx_tid(struct ath_node *an, int tid)
4160{
4161 struct ieee80211_node *ni = &an->an_node;
4162 struct ieee80211_tx_ampdu *tap;
4163
4164 if (tid == IEEE80211_NONQOS_TID)
4165 return NULL;
4166
4167 tap = &ni->ni_tx_ampdu[tid];
4168 return tap;
4169}
4170
4171/*
4172 * Is AMPDU-TX running?
4173 */
4174static int
4175ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, int tid)
4176{
4177 struct ieee80211_tx_ampdu *tap;
4178
4179 if (tid == IEEE80211_NONQOS_TID)
4180 return 0;
4181
4182 tap = ath_tx_get_tx_tid(an, tid);
4183 if (tap == NULL)
4184 return 0; /* Not valid; default to not running */
4185
4186 return !! (tap->txa_flags & IEEE80211_AGGR_RUNNING);
4187}
4188
4189/*
4190 * Is AMPDU-TX negotiation pending?
4191 */
4192static int
4193ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, int tid)
4194{
4195 struct ieee80211_tx_ampdu *tap;
4196
4197 if (tid == IEEE80211_NONQOS_TID)
4198 return 0;
4199
4200 tap = ath_tx_get_tx_tid(an, tid);
4201 if (tap == NULL)
4202 return 0; /* Not valid; default to not pending */
4203
4204 return !! (tap->txa_flags & IEEE80211_AGGR_XCHGPEND);
4205}
4206
4207/*
4208 * Is AMPDU-TX pending for the given TID?
4209 */
4210
4211
4212/*
4213 * Method to handle sending an ADDBA request.
4214 *
4215 * We tap this so the relevant flags can be set to pause the TID
4216 * whilst waiting for the response.
4217 *
4218 * XXX there's no timeout handler we can override?
4219 */
4220int
4221ath_addba_request(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap,
4222 int dialogtoken, int baparamset, int batimeout)
4223{
4224 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc;
4225 int tid = tap->txa_tid;
4226 struct ath_node *an = ATH_NODE(ni);
4227 struct ath_tid *atid = &an->an_tid[tid];
4228
4229 /*
4230 * XXX danger Will Robinson!
4231 *
4232 * Although the taskqueue may be running and scheduling some more
4233 * packets, these should all be _before_ the addba sequence number.
4234 * However, net80211 will keep self-assigning sequence numbers
4235 * until addba has been negotiated.
4236 *
4237 * In the past, these packets would be "paused" (which still works
4238 * fine, as they're being scheduled to the driver in the same
4239 * serialised method which is calling the addba request routine)
4240 * and when the aggregation session begins, they'll be dequeued
4241 * as aggregate packets and added to the BAW. However, now there's
4242 * a "bf->bf_state.bfs_dobaw" flag, and this isn't set for these
4243 * packets. Thus they never get included in the BAW tracking and
4244 * this can cause the initial burst of packets after the addba
4245 * negotiation to "hang", as they quickly fall outside the BAW.
4246 *
4247 * The "eventual" solution should be to tag these packets with
4248 * dobaw. Although net80211 has given us a sequence number,
4249 * it'll be "after" the left edge of the BAW and thus it'll
4250 * fall within it.
4251 */
4252 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4253 /*
4254 * This is a bit annoying. Until net80211 HT code inherits some
4255 * (any) locking, we may have this called in parallel BUT only
4256 * one response/timeout will be called. Grr.
4257 */
4258 if (atid->addba_tx_pending == 0) {
4259 ath_tx_tid_pause(sc, atid);
4260 atid->addba_tx_pending = 1;
4261 }
4262 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4263
4264 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
4265 "%s: called; dialogtoken=%d, baparamset=%d, batimeout=%d\n",
4266 __func__, dialogtoken, baparamset, batimeout);
4267 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
4268 "%s: txa_start=%d, ni_txseqs=%d\n",
4269 __func__, tap->txa_start, ni->ni_txseqs[tid]);
4270
4271 return sc->sc_addba_request(ni, tap, dialogtoken, baparamset,
4272 batimeout);
4273}
4274
4275/*
4276 * Handle an ADDBA response.
4277 *
4278 * We unpause the queue so TX'ing can resume.
4279 *
4280 * Any packets TX'ed from this point should be "aggregate" (whether
4281 * aggregate or not) so the BAW is updated.
4282 *
4283 * Note! net80211 keeps self-assigning sequence numbers until
4284 * ampdu is negotiated. This means the initially-negotiated BAW left
4285 * edge won't match the ni->ni_txseq.
4286 *
4287 * So, being very dirty, the BAW left edge is "slid" here to match
4288 * ni->ni_txseq.
4289 *
4290 * What likely SHOULD happen is that all packets subsequent to the
4291 * addba request should be tagged as aggregate and queued as non-aggregate
4292 * frames; thus updating the BAW. For now though, I'll just slide the
4293 * window.
4294 */
4295int
4296ath_addba_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap,
4297 int status, int code, int batimeout)
4298{
4299 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc;
4300 int tid = tap->txa_tid;
4301 struct ath_node *an = ATH_NODE(ni);
4302 struct ath_tid *atid = &an->an_tid[tid];
4303 int r;
4304
4305 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
4306 "%s: called; status=%d, code=%d, batimeout=%d\n", __func__,
4307 status, code, batimeout);
4308
4309 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
4310 "%s: txa_start=%d, ni_txseqs=%d\n",
4311 __func__, tap->txa_start, ni->ni_txseqs[tid]);
4312
4313 /*
4314 * Call this first, so the interface flags get updated
4315 * before the TID is unpaused. Otherwise a race condition
4316 * exists where the unpaused TID still doesn't yet have
4317 * IEEE80211_AGGR_RUNNING set.
4318 */
4319 r = sc->sc_addba_response(ni, tap, status, code, batimeout);
4320
4321 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4322 atid->addba_tx_pending = 0;
4323 /*
4324 * XXX dirty!
4325 * Slide the BAW left edge to wherever net80211 left it for us.
4326 * Read above for more information.
4327 */
4328 tap->txa_start = ni->ni_txseqs[tid];
4329 ath_tx_tid_resume(sc, atid);
4330 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4331 return r;
4332}
4333
4334
4335/*
4336 * Stop ADDBA on a queue.
4337 *
4338 * This can be called whilst BAR TX is currently active on the queue,
4339 * so make sure this is unblocked before continuing.
4340 */
4341void
4342ath_addba_stop(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap)
4343{
4344 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc;
4345 int tid = tap->txa_tid;
4346 struct ath_node *an = ATH_NODE(ni);
4347 struct ath_tid *atid = &an->an_tid[tid];
4348
4349 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: called\n", __func__);
4350
4351 /*
4352 * Pause TID traffic early, so there aren't any races
4353 * Unblock the pending BAR held traffic, if it's currently paused.
4354 */
4355 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4356 ath_tx_tid_pause(sc, atid);
4357 if (atid->bar_wait) {
4358 /*
4359 * bar_unsuspend() expects bar_tx == 1, as it should be
4360 * called from the TX completion path. This quietens
4361 * the warning. It's cleared for us anyway.
4362 */
4363 atid->bar_tx = 1;
4364 ath_tx_tid_bar_unsuspend(sc, atid);
4365 }
4366 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4367
4368 /* There's no need to hold the TXQ lock here */
4369 sc->sc_addba_stop(ni, tap);
4370
4371 /*
4372 * ath_tx_tid_cleanup will resume the TID if possible, otherwise
4373 * it'll set the cleanup flag, and it'll be unpaused once
4374 * things have been cleaned up.
4375 */
4376 ath_tx_tid_cleanup(sc, an, tid);
4377}
4378
4379/*
4380 * Note: net80211 bar_timeout() doesn't call this function on BAR failure;
4381 * it simply tears down the aggregation session. Ew.
4382 *
4383 * It however will call ieee80211_ampdu_stop() which will call
4384 * ic->ic_addba_stop().
4385 *
4386 * XXX This uses a hard-coded max BAR count value; the whole
4387 * XXX BAR TX success or failure should be better handled!
4388 */
4389void
4390ath_bar_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap,
4391 int status)
4392{
4393 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc;
4394 int tid = tap->txa_tid;
4395 struct ath_node *an = ATH_NODE(ni);
4396 struct ath_tid *atid = &an->an_tid[tid];
4397 int attempts = tap->txa_attempts;
4398
4399 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
4400 "%s: called; tap=%p, atid=%p, txa_tid=%d, atid->tid=%d, status=%d, attempts=%d\n",
4401 __func__,
4402 tap,
4403 atid,
4404 tap->txa_tid,
4405 atid->tid,
4406 status,
4407 attempts);
4408
4409 /* Note: This may update the BAW details */
4410 sc->sc_bar_response(ni, tap, status);
4411
4412 /* Unpause the TID */
4413 /*
4414 * XXX if this is attempt=50, the TID will be downgraded
4415 * XXX to a non-aggregate session. So we must unpause the
4416 * XXX TID here or it'll never be done.
4417 */
4418 if (status == 0 || attempts == 50) {
4419 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4420 ath_tx_tid_bar_unsuspend(sc, atid);
4421 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4422 }
4423}
4424
4425/*
4426 * This is called whenever the pending ADDBA request times out.
4427 * Unpause and reschedule the TID.
4428 */
4429void
4430ath_addba_response_timeout(struct ieee80211_node *ni,
4431 struct ieee80211_tx_ampdu *tap)
4432{
4433 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc;
4434 int tid = tap->txa_tid;
4435 struct ath_node *an = ATH_NODE(ni);
4436 struct ath_tid *atid = &an->an_tid[tid];
4437
4438 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
4439 "%s: called; resuming\n", __func__);
4440
4441 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4442 atid->addba_tx_pending = 0;
4443 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4444
4445 /* Note: This updates the aggregate state to (again) pending */
4446 sc->sc_addba_response_timeout(ni, tap);
4447
4448 /* Unpause the TID; which reschedules it */
4449 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4450 ath_tx_tid_resume(sc, atid);
4451 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4452}
| 652 ath_hal_txstart(ah, txq->axq_qnum);
653}
654
655/*
656 * Hand off a packet to the hardware (or mcast queue.)
657 *
658 * The relevant hardware txq should be locked.
659 */
660static void
661ath_tx_handoff(struct ath_softc *sc, struct ath_txq *txq, struct ath_buf *bf)
662{
663 ATH_TXQ_LOCK_ASSERT(txq);
664
665 if (txq->axq_qnum == ATH_TXQ_SWQ)
666 ath_tx_handoff_mcast(sc, txq, bf);
667 else
668 ath_tx_handoff_hw(sc, txq, bf);
669}
670
671static int
672ath_tx_tag_crypto(struct ath_softc *sc, struct ieee80211_node *ni,
673 struct mbuf *m0, int iswep, int isfrag, int *hdrlen, int *pktlen,
674 int *keyix)
675{
676 DPRINTF(sc, ATH_DEBUG_XMIT,
677 "%s: hdrlen=%d, pktlen=%d, isfrag=%d, iswep=%d, m0=%p\n",
678 __func__,
679 *hdrlen,
680 *pktlen,
681 isfrag,
682 iswep,
683 m0);
684
685 if (iswep) {
686 const struct ieee80211_cipher *cip;
687 struct ieee80211_key *k;
688
689 /*
690 * Construct the 802.11 header+trailer for an encrypted
691 * frame. The only reason this can fail is because of an
692 * unknown or unsupported cipher/key type.
693 */
694 k = ieee80211_crypto_encap(ni, m0);
695 if (k == NULL) {
696 /*
697 * This can happen when the key is yanked after the
698 * frame was queued. Just discard the frame; the
699 * 802.11 layer counts failures and provides
700 * debugging/diagnostics.
701 */
702 return (0);
703 }
704 /*
705 * Adjust the packet + header lengths for the crypto
706 * additions and calculate the h/w key index. When
707 * a s/w mic is done the frame will have had any mic
708 * added to it prior to entry so m0->m_pkthdr.len will
709 * account for it. Otherwise we need to add it to the
710 * packet length.
711 */
712 cip = k->wk_cipher;
713 (*hdrlen) += cip->ic_header;
714 (*pktlen) += cip->ic_header + cip->ic_trailer;
715 /* NB: frags always have any TKIP MIC done in s/w */
716 if ((k->wk_flags & IEEE80211_KEY_SWMIC) == 0 && !isfrag)
717 (*pktlen) += cip->ic_miclen;
718 (*keyix) = k->wk_keyix;
719 } else if (ni->ni_ucastkey.wk_cipher == &ieee80211_cipher_none) {
720 /*
721 * Use station key cache slot, if assigned.
722 */
723 (*keyix) = ni->ni_ucastkey.wk_keyix;
724 if ((*keyix) == IEEE80211_KEYIX_NONE)
725 (*keyix) = HAL_TXKEYIX_INVALID;
726 } else
727 (*keyix) = HAL_TXKEYIX_INVALID;
728
729 return (1);
730}
731
732/*
733 * Calculate whether interoperability protection is required for
734 * this frame.
735 *
736 * This requires the rate control information be filled in,
737 * as the protection requirement depends upon the current
738 * operating mode / PHY.
739 */
740static void
741ath_tx_calc_protection(struct ath_softc *sc, struct ath_buf *bf)
742{
743 struct ieee80211_frame *wh;
744 uint8_t rix;
745 uint16_t flags;
746 int shortPreamble;
747 const HAL_RATE_TABLE *rt = sc->sc_currates;
748 struct ifnet *ifp = sc->sc_ifp;
749 struct ieee80211com *ic = ifp->if_l2com;
750
751 flags = bf->bf_state.bfs_txflags;
752 rix = bf->bf_state.bfs_rc[0].rix;
753 shortPreamble = bf->bf_state.bfs_shpream;
754 wh = mtod(bf->bf_m, struct ieee80211_frame *);
755
756 /*
757 * If 802.11g protection is enabled, determine whether
758 * to use RTS/CTS or just CTS. Note that this is only
759 * done for OFDM unicast frames.
760 */
761 if ((ic->ic_flags & IEEE80211_F_USEPROT) &&
762 rt->info[rix].phy == IEEE80211_T_OFDM &&
763 (flags & HAL_TXDESC_NOACK) == 0) {
764 bf->bf_state.bfs_doprot = 1;
765 /* XXX fragments must use CCK rates w/ protection */
766 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) {
767 flags |= HAL_TXDESC_RTSENA;
768 } else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) {
769 flags |= HAL_TXDESC_CTSENA;
770 }
771 /*
772 * For frags it would be desirable to use the
773 * highest CCK rate for RTS/CTS. But stations
774 * farther away may detect it at a lower CCK rate
775 * so use the configured protection rate instead
776 * (for now).
777 */
778 sc->sc_stats.ast_tx_protect++;
779 }
780
781 /*
782 * If 11n protection is enabled and it's a HT frame,
783 * enable RTS.
784 *
785 * XXX ic_htprotmode or ic_curhtprotmode?
786 * XXX should it_htprotmode only matter if ic_curhtprotmode
787 * XXX indicates it's not a HT pure environment?
788 */
789 if ((ic->ic_htprotmode == IEEE80211_PROT_RTSCTS) &&
790 rt->info[rix].phy == IEEE80211_T_HT &&
791 (flags & HAL_TXDESC_NOACK) == 0) {
792 flags |= HAL_TXDESC_RTSENA;
793 sc->sc_stats.ast_tx_htprotect++;
794 }
795 bf->bf_state.bfs_txflags = flags;
796}
797
798/*
799 * Update the frame duration given the currently selected rate.
800 *
801 * This also updates the frame duration value, so it will require
802 * a DMA flush.
803 */
804static void
805ath_tx_calc_duration(struct ath_softc *sc, struct ath_buf *bf)
806{
807 struct ieee80211_frame *wh;
808 uint8_t rix;
809 uint16_t flags;
810 int shortPreamble;
811 struct ath_hal *ah = sc->sc_ah;
812 const HAL_RATE_TABLE *rt = sc->sc_currates;
813 int isfrag = bf->bf_m->m_flags & M_FRAG;
814
815 flags = bf->bf_state.bfs_txflags;
816 rix = bf->bf_state.bfs_rc[0].rix;
817 shortPreamble = bf->bf_state.bfs_shpream;
818 wh = mtod(bf->bf_m, struct ieee80211_frame *);
819
820 /*
821 * Calculate duration. This logically belongs in the 802.11
822 * layer but it lacks sufficient information to calculate it.
823 */
824 if ((flags & HAL_TXDESC_NOACK) == 0 &&
825 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_CTL) {
826 u_int16_t dur;
827 if (shortPreamble)
828 dur = rt->info[rix].spAckDuration;
829 else
830 dur = rt->info[rix].lpAckDuration;
831 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) {
832 dur += dur; /* additional SIFS+ACK */
833 KASSERT(bf->bf_m->m_nextpkt != NULL, ("no fragment"));
834 /*
835 * Include the size of next fragment so NAV is
836 * updated properly. The last fragment uses only
837 * the ACK duration
838 */
839 dur += ath_hal_computetxtime(ah, rt,
840 bf->bf_m->m_nextpkt->m_pkthdr.len,
841 rix, shortPreamble);
842 }
843 if (isfrag) {
844 /*
845 * Force hardware to use computed duration for next
846 * fragment by disabling multi-rate retry which updates
847 * duration based on the multi-rate duration table.
848 */
849 bf->bf_state.bfs_ismrr = 0;
850 bf->bf_state.bfs_try0 = ATH_TXMGTTRY;
851 /* XXX update bfs_rc[0].try? */
852 }
853
854 /* Update the duration field itself */
855 *(u_int16_t *)wh->i_dur = htole16(dur);
856 }
857}
858
859static uint8_t
860ath_tx_get_rtscts_rate(struct ath_hal *ah, const HAL_RATE_TABLE *rt,
861 int cix, int shortPreamble)
862{
863 uint8_t ctsrate;
864
865 /*
866 * CTS transmit rate is derived from the transmit rate
867 * by looking in the h/w rate table. We must also factor
868 * in whether or not a short preamble is to be used.
869 */
870 /* NB: cix is set above where RTS/CTS is enabled */
871 KASSERT(cix != 0xff, ("cix not setup"));
872 ctsrate = rt->info[cix].rateCode;
873
874 /* XXX this should only matter for legacy rates */
875 if (shortPreamble)
876 ctsrate |= rt->info[cix].shortPreamble;
877
878 return (ctsrate);
879}
880
881/*
882 * Calculate the RTS/CTS duration for legacy frames.
883 */
884static int
885ath_tx_calc_ctsduration(struct ath_hal *ah, int rix, int cix,
886 int shortPreamble, int pktlen, const HAL_RATE_TABLE *rt,
887 int flags)
888{
889 int ctsduration = 0;
890
891 /* This mustn't be called for HT modes */
892 if (rt->info[cix].phy == IEEE80211_T_HT) {
893 printf("%s: HT rate where it shouldn't be (0x%x)\n",
894 __func__, rt->info[cix].rateCode);
895 return (-1);
896 }
897
898 /*
899 * Compute the transmit duration based on the frame
900 * size and the size of an ACK frame. We call into the
901 * HAL to do the computation since it depends on the
902 * characteristics of the actual PHY being used.
903 *
904 * NB: CTS is assumed the same size as an ACK so we can
905 * use the precalculated ACK durations.
906 */
907 if (shortPreamble) {
908 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */
909 ctsduration += rt->info[cix].spAckDuration;
910 ctsduration += ath_hal_computetxtime(ah,
911 rt, pktlen, rix, AH_TRUE);
912 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */
913 ctsduration += rt->info[rix].spAckDuration;
914 } else {
915 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */
916 ctsduration += rt->info[cix].lpAckDuration;
917 ctsduration += ath_hal_computetxtime(ah,
918 rt, pktlen, rix, AH_FALSE);
919 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */
920 ctsduration += rt->info[rix].lpAckDuration;
921 }
922
923 return (ctsduration);
924}
925
926/*
927 * Update the given ath_buf with updated rts/cts setup and duration
928 * values.
929 *
930 * To support rate lookups for each software retry, the rts/cts rate
931 * and cts duration must be re-calculated.
932 *
933 * This function assumes the RTS/CTS flags have been set as needed;
934 * mrr has been disabled; and the rate control lookup has been done.
935 *
936 * XXX TODO: MRR need only be disabled for the pre-11n NICs.
937 * XXX The 11n NICs support per-rate RTS/CTS configuration.
938 */
939static void
940ath_tx_set_rtscts(struct ath_softc *sc, struct ath_buf *bf)
941{
942 uint16_t ctsduration = 0;
943 uint8_t ctsrate = 0;
944 uint8_t rix = bf->bf_state.bfs_rc[0].rix;
945 uint8_t cix = 0;
946 const HAL_RATE_TABLE *rt = sc->sc_currates;
947
948 /*
949 * No RTS/CTS enabled? Don't bother.
950 */
951 if ((bf->bf_state.bfs_txflags &
952 (HAL_TXDESC_RTSENA | HAL_TXDESC_CTSENA)) == 0) {
953 /* XXX is this really needed? */
954 bf->bf_state.bfs_ctsrate = 0;
955 bf->bf_state.bfs_ctsduration = 0;
956 return;
957 }
958
959 /*
960 * If protection is enabled, use the protection rix control
961 * rate. Otherwise use the rate0 control rate.
962 */
963 if (bf->bf_state.bfs_doprot)
964 rix = sc->sc_protrix;
965 else
966 rix = bf->bf_state.bfs_rc[0].rix;
967
968 /*
969 * If the raw path has hard-coded ctsrate0 to something,
970 * use it.
971 */
972 if (bf->bf_state.bfs_ctsrate0 != 0)
973 cix = ath_tx_findrix(sc, bf->bf_state.bfs_ctsrate0);
974 else
975 /* Control rate from above */
976 cix = rt->info[rix].controlRate;
977
978 /* Calculate the rtscts rate for the given cix */
979 ctsrate = ath_tx_get_rtscts_rate(sc->sc_ah, rt, cix,
980 bf->bf_state.bfs_shpream);
981
982 /* The 11n chipsets do ctsduration calculations for you */
983 if (! ath_tx_is_11n(sc))
984 ctsduration = ath_tx_calc_ctsduration(sc->sc_ah, rix, cix,
985 bf->bf_state.bfs_shpream, bf->bf_state.bfs_pktlen,
986 rt, bf->bf_state.bfs_txflags);
987
988 /* Squirrel away in ath_buf */
989 bf->bf_state.bfs_ctsrate = ctsrate;
990 bf->bf_state.bfs_ctsduration = ctsduration;
991
992 /*
993 * Must disable multi-rate retry when using RTS/CTS.
994 * XXX TODO: only for pre-11n NICs.
995 */
996 bf->bf_state.bfs_ismrr = 0;
997 bf->bf_state.bfs_try0 =
998 bf->bf_state.bfs_rc[0].tries = ATH_TXMGTTRY; /* XXX ew */
999}
1000
1001/*
1002 * Setup the descriptor chain for a normal or fast-frame
1003 * frame.
1004 */
1005static void
1006ath_tx_setds(struct ath_softc *sc, struct ath_buf *bf)
1007{
1008 struct ath_desc *ds = bf->bf_desc;
1009 struct ath_hal *ah = sc->sc_ah;
1010
1011 ath_hal_setuptxdesc(ah, ds
1012 , bf->bf_state.bfs_pktlen /* packet length */
1013 , bf->bf_state.bfs_hdrlen /* header length */
1014 , bf->bf_state.bfs_atype /* Atheros packet type */
1015 , bf->bf_state.bfs_txpower /* txpower */
1016 , bf->bf_state.bfs_txrate0
1017 , bf->bf_state.bfs_try0 /* series 0 rate/tries */
1018 , bf->bf_state.bfs_keyix /* key cache index */
1019 , bf->bf_state.bfs_txantenna /* antenna mode */
1020 , bf->bf_state.bfs_txflags /* flags */
1021 , bf->bf_state.bfs_ctsrate /* rts/cts rate */
1022 , bf->bf_state.bfs_ctsduration /* rts/cts duration */
1023 );
1024
1025 /*
1026 * This will be overriden when the descriptor chain is written.
1027 */
1028 bf->bf_lastds = ds;
1029 bf->bf_last = bf;
1030
1031 /* XXX TODO: Setup descriptor chain */
1032}
1033
1034/*
1035 * Do a rate lookup.
1036 *
1037 * This performs a rate lookup for the given ath_buf only if it's required.
1038 * Non-data frames and raw frames don't require it.
1039 *
1040 * This populates the primary and MRR entries; MRR values are
1041 * then disabled later on if something requires it (eg RTS/CTS on
1042 * pre-11n chipsets.
1043 *
1044 * This needs to be done before the RTS/CTS fields are calculated
1045 * as they may depend upon the rate chosen.
1046 */
1047static void
1048ath_tx_do_ratelookup(struct ath_softc *sc, struct ath_buf *bf)
1049{
1050 uint8_t rate, rix;
1051 int try0;
1052
1053 if (! bf->bf_state.bfs_doratelookup)
1054 return;
1055
1056 /* Get rid of any previous state */
1057 bzero(bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc));
1058
1059 ATH_NODE_LOCK(ATH_NODE(bf->bf_node));
1060 ath_rate_findrate(sc, ATH_NODE(bf->bf_node), bf->bf_state.bfs_shpream,
1061 bf->bf_state.bfs_pktlen, &rix, &try0, &rate);
1062
1063 /* In case MRR is disabled, make sure rc[0] is setup correctly */
1064 bf->bf_state.bfs_rc[0].rix = rix;
1065 bf->bf_state.bfs_rc[0].ratecode = rate;
1066 bf->bf_state.bfs_rc[0].tries = try0;
1067
1068 if (bf->bf_state.bfs_ismrr && try0 != ATH_TXMAXTRY)
1069 ath_rate_getxtxrates(sc, ATH_NODE(bf->bf_node), rix,
1070 bf->bf_state.bfs_rc);
1071 ATH_NODE_UNLOCK(ATH_NODE(bf->bf_node));
1072
1073 sc->sc_txrix = rix; /* for LED blinking */
1074 sc->sc_lastdatarix = rix; /* for fast frames */
1075 bf->bf_state.bfs_try0 = try0;
1076 bf->bf_state.bfs_txrate0 = rate;
1077}
1078
1079/*
1080 * Set the rate control fields in the given descriptor based on
1081 * the bf_state fields and node state.
1082 *
1083 * The bfs fields should already be set with the relevant rate
1084 * control information, including whether MRR is to be enabled.
1085 *
1086 * Since the FreeBSD HAL currently sets up the first TX rate
1087 * in ath_hal_setuptxdesc(), this will setup the MRR
1088 * conditionally for the pre-11n chips, and call ath_buf_set_rate
1089 * unconditionally for 11n chips. These require the 11n rate
1090 * scenario to be set if MCS rates are enabled, so it's easier
1091 * to just always call it. The caller can then only set rates 2, 3
1092 * and 4 if multi-rate retry is needed.
1093 */
1094static void
1095ath_tx_set_ratectrl(struct ath_softc *sc, struct ieee80211_node *ni,
1096 struct ath_buf *bf)
1097{
1098 struct ath_rc_series *rc = bf->bf_state.bfs_rc;
1099
1100 /* If mrr is disabled, blank tries 1, 2, 3 */
1101 if (! bf->bf_state.bfs_ismrr)
1102 rc[1].tries = rc[2].tries = rc[3].tries = 0;
1103
1104 /*
1105 * Always call - that way a retried descriptor will
1106 * have the MRR fields overwritten.
1107 *
1108 * XXX TODO: see if this is really needed - setting up
1109 * the first descriptor should set the MRR fields to 0
1110 * for us anyway.
1111 */
1112 if (ath_tx_is_11n(sc)) {
1113 ath_buf_set_rate(sc, ni, bf);
1114 } else {
1115 ath_hal_setupxtxdesc(sc->sc_ah, bf->bf_desc
1116 , rc[1].ratecode, rc[1].tries
1117 , rc[2].ratecode, rc[2].tries
1118 , rc[3].ratecode, rc[3].tries
1119 );
1120 }
1121}
1122
1123/*
1124 * Transmit the given frame to the hardware.
1125 *
1126 * The frame must already be setup; rate control must already have
1127 * been done.
1128 *
1129 * XXX since the TXQ lock is being held here (and I dislike holding
1130 * it for this long when not doing software aggregation), later on
1131 * break this function into "setup_normal" and "xmit_normal". The
1132 * lock only needs to be held for the ath_tx_handoff call.
1133 */
1134static void
1135ath_tx_xmit_normal(struct ath_softc *sc, struct ath_txq *txq,
1136 struct ath_buf *bf)
1137{
1138
1139 ATH_TXQ_LOCK_ASSERT(txq);
1140
1141 /* Setup the descriptor before handoff */
1142 ath_tx_do_ratelookup(sc, bf);
1143 ath_tx_calc_duration(sc, bf);
1144 ath_tx_calc_protection(sc, bf);
1145 ath_tx_set_rtscts(sc, bf);
1146 ath_tx_rate_fill_rcflags(sc, bf);
1147 ath_tx_setds(sc, bf);
1148 ath_tx_set_ratectrl(sc, bf->bf_node, bf);
1149 ath_tx_chaindesclist(sc, bf);
1150
1151 /* Hand off to hardware */
1152 ath_tx_handoff(sc, txq, bf);
1153}
1154
1155
1156
1157static int
1158ath_tx_normal_setup(struct ath_softc *sc, struct ieee80211_node *ni,
1159 struct ath_buf *bf, struct mbuf *m0, struct ath_txq *txq)
1160{
1161 struct ieee80211vap *vap = ni->ni_vap;
1162 struct ath_hal *ah = sc->sc_ah;
1163 struct ifnet *ifp = sc->sc_ifp;
1164 struct ieee80211com *ic = ifp->if_l2com;
1165 const struct chanAccParams *cap = &ic->ic_wme.wme_chanParams;
1166 int error, iswep, ismcast, isfrag, ismrr;
1167 int keyix, hdrlen, pktlen, try0 = 0;
1168 u_int8_t rix = 0, txrate = 0;
1169 struct ath_desc *ds;
1170 struct ieee80211_frame *wh;
1171 u_int subtype, flags;
1172 HAL_PKT_TYPE atype;
1173 const HAL_RATE_TABLE *rt;
1174 HAL_BOOL shortPreamble;
1175 struct ath_node *an;
1176 u_int pri;
1177
1178 /*
1179 * To ensure that both sequence numbers and the CCMP PN handling
1180 * is "correct", make sure that the relevant TID queue is locked.
1181 * Otherwise the CCMP PN and seqno may appear out of order, causing
1182 * re-ordered frames to have out of order CCMP PN's, resulting
1183 * in many, many frame drops.
1184 */
1185 ATH_TXQ_LOCK_ASSERT(txq);
1186
1187 wh = mtod(m0, struct ieee80211_frame *);
1188 iswep = wh->i_fc[1] & IEEE80211_FC1_WEP;
1189 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1);
1190 isfrag = m0->m_flags & M_FRAG;
1191 hdrlen = ieee80211_anyhdrsize(wh);
1192 /*
1193 * Packet length must not include any
1194 * pad bytes; deduct them here.
1195 */
1196 pktlen = m0->m_pkthdr.len - (hdrlen & 3);
1197
1198 /* Handle encryption twiddling if needed */
1199 if (! ath_tx_tag_crypto(sc, ni, m0, iswep, isfrag, &hdrlen,
1200 &pktlen, &keyix)) {
1201 ath_freetx(m0);
1202 return EIO;
1203 }
1204
1205 /* packet header may have moved, reset our local pointer */
1206 wh = mtod(m0, struct ieee80211_frame *);
1207
1208 pktlen += IEEE80211_CRC_LEN;
1209
1210 /*
1211 * Load the DMA map so any coalescing is done. This
1212 * also calculates the number of descriptors we need.
1213 */
1214 error = ath_tx_dmasetup(sc, bf, m0);
1215 if (error != 0)
1216 return error;
1217 bf->bf_node = ni; /* NB: held reference */
1218 m0 = bf->bf_m; /* NB: may have changed */
1219 wh = mtod(m0, struct ieee80211_frame *);
1220
1221 /* setup descriptors */
1222 ds = bf->bf_desc;
1223 rt = sc->sc_currates;
1224 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode));
1225
1226 /*
1227 * NB: the 802.11 layer marks whether or not we should
1228 * use short preamble based on the current mode and
1229 * negotiated parameters.
1230 */
1231 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) &&
1232 (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE)) {
1233 shortPreamble = AH_TRUE;
1234 sc->sc_stats.ast_tx_shortpre++;
1235 } else {
1236 shortPreamble = AH_FALSE;
1237 }
1238
1239 an = ATH_NODE(ni);
1240 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */
1241 ismrr = 0; /* default no multi-rate retry*/
1242 pri = M_WME_GETAC(m0); /* honor classification */
1243 /* XXX use txparams instead of fixed values */
1244 /*
1245 * Calculate Atheros packet type from IEEE80211 packet header,
1246 * setup for rate calculations, and select h/w transmit queue.
1247 */
1248 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) {
1249 case IEEE80211_FC0_TYPE_MGT:
1250 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
1251 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON)
1252 atype = HAL_PKT_TYPE_BEACON;
1253 else if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP)
1254 atype = HAL_PKT_TYPE_PROBE_RESP;
1255 else if (subtype == IEEE80211_FC0_SUBTYPE_ATIM)
1256 atype = HAL_PKT_TYPE_ATIM;
1257 else
1258 atype = HAL_PKT_TYPE_NORMAL; /* XXX */
1259 rix = an->an_mgmtrix;
1260 txrate = rt->info[rix].rateCode;
1261 if (shortPreamble)
1262 txrate |= rt->info[rix].shortPreamble;
1263 try0 = ATH_TXMGTTRY;
1264 flags |= HAL_TXDESC_INTREQ; /* force interrupt */
1265 break;
1266 case IEEE80211_FC0_TYPE_CTL:
1267 atype = HAL_PKT_TYPE_PSPOLL; /* stop setting of duration */
1268 rix = an->an_mgmtrix;
1269 txrate = rt->info[rix].rateCode;
1270 if (shortPreamble)
1271 txrate |= rt->info[rix].shortPreamble;
1272 try0 = ATH_TXMGTTRY;
1273 flags |= HAL_TXDESC_INTREQ; /* force interrupt */
1274 break;
1275 case IEEE80211_FC0_TYPE_DATA:
1276 atype = HAL_PKT_TYPE_NORMAL; /* default */
1277 /*
1278 * Data frames: multicast frames go out at a fixed rate,
1279 * EAPOL frames use the mgmt frame rate; otherwise consult
1280 * the rate control module for the rate to use.
1281 */
1282 if (ismcast) {
1283 rix = an->an_mcastrix;
1284 txrate = rt->info[rix].rateCode;
1285 if (shortPreamble)
1286 txrate |= rt->info[rix].shortPreamble;
1287 try0 = 1;
1288 } else if (m0->m_flags & M_EAPOL) {
1289 /* XXX? maybe always use long preamble? */
1290 rix = an->an_mgmtrix;
1291 txrate = rt->info[rix].rateCode;
1292 if (shortPreamble)
1293 txrate |= rt->info[rix].shortPreamble;
1294 try0 = ATH_TXMAXTRY; /* XXX?too many? */
1295 } else {
1296 /*
1297 * Do rate lookup on each TX, rather than using
1298 * the hard-coded TX information decided here.
1299 */
1300 ismrr = 1;
1301 bf->bf_state.bfs_doratelookup = 1;
1302 }
1303 if (cap->cap_wmeParams[pri].wmep_noackPolicy)
1304 flags |= HAL_TXDESC_NOACK;
1305 break;
1306 default:
1307 if_printf(ifp, "bogus frame type 0x%x (%s)\n",
1308 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, __func__);
1309 /* XXX statistic */
1310 ath_freetx(m0);
1311 return EIO;
1312 }
1313
1314 /*
1315 * There are two known scenarios where the frame AC doesn't match
1316 * what the destination TXQ is.
1317 *
1318 * + non-QoS frames (eg management?) that the net80211 stack has
1319 * assigned a higher AC to, but since it's a non-QoS TID, it's
1320 * being thrown into TID 16. TID 16 gets the AC_BE queue.
1321 * It's quite possible that management frames should just be
1322 * direct dispatched to hardware rather than go via the software
1323 * queue; that should be investigated in the future. There are
1324 * some specific scenarios where this doesn't make sense, mostly
1325 * surrounding ADDBA request/response - hence why that is special
1326 * cased.
1327 *
1328 * + Multicast frames going into the VAP mcast queue. That shows up
1329 * as "TXQ 11".
1330 *
1331 * This driver should eventually support separate TID and TXQ locking,
1332 * allowing for arbitrary AC frames to appear on arbitrary software
1333 * queues, being queued to the "correct" hardware queue when needed.
1334 */
1335#if 0
1336 if (txq != sc->sc_ac2q[pri]) {
1337 device_printf(sc->sc_dev,
1338 "%s: txq=%p (%d), pri=%d, pri txq=%p (%d)\n",
1339 __func__,
1340 txq,
1341 txq->axq_qnum,
1342 pri,
1343 sc->sc_ac2q[pri],
1344 sc->sc_ac2q[pri]->axq_qnum);
1345 }
1346#endif
1347
1348 /*
1349 * Calculate miscellaneous flags.
1350 */
1351 if (ismcast) {
1352 flags |= HAL_TXDESC_NOACK; /* no ack on broad/multicast */
1353 } else if (pktlen > vap->iv_rtsthreshold &&
1354 (ni->ni_ath_flags & IEEE80211_NODE_FF) == 0) {
1355 flags |= HAL_TXDESC_RTSENA; /* RTS based on frame length */
1356 sc->sc_stats.ast_tx_rts++;
1357 }
1358 if (flags & HAL_TXDESC_NOACK) /* NB: avoid double counting */
1359 sc->sc_stats.ast_tx_noack++;
1360#ifdef IEEE80211_SUPPORT_TDMA
1361 if (sc->sc_tdma && (flags & HAL_TXDESC_NOACK) == 0) {
1362 DPRINTF(sc, ATH_DEBUG_TDMA,
1363 "%s: discard frame, ACK required w/ TDMA\n", __func__);
1364 sc->sc_stats.ast_tdma_ack++;
1365 ath_freetx(m0);
1366 return EIO;
1367 }
1368#endif
1369
1370 /*
1371 * Determine if a tx interrupt should be generated for
1372 * this descriptor. We take a tx interrupt to reap
1373 * descriptors when the h/w hits an EOL condition or
1374 * when the descriptor is specifically marked to generate
1375 * an interrupt. We periodically mark descriptors in this
1376 * way to insure timely replenishing of the supply needed
1377 * for sending frames. Defering interrupts reduces system
1378 * load and potentially allows more concurrent work to be
1379 * done but if done to aggressively can cause senders to
1380 * backup.
1381 *
1382 * NB: use >= to deal with sc_txintrperiod changing
1383 * dynamically through sysctl.
1384 */
1385 if (flags & HAL_TXDESC_INTREQ) {
1386 txq->axq_intrcnt = 0;
1387 } else if (++txq->axq_intrcnt >= sc->sc_txintrperiod) {
1388 flags |= HAL_TXDESC_INTREQ;
1389 txq->axq_intrcnt = 0;
1390 }
1391
1392 /* This point forward is actual TX bits */
1393
1394 /*
1395 * At this point we are committed to sending the frame
1396 * and we don't need to look at m_nextpkt; clear it in
1397 * case this frame is part of frag chain.
1398 */
1399 m0->m_nextpkt = NULL;
1400
1401 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT))
1402 ieee80211_dump_pkt(ic, mtod(m0, const uint8_t *), m0->m_len,
1403 sc->sc_hwmap[rix].ieeerate, -1);
1404
1405 if (ieee80211_radiotap_active_vap(vap)) {
1406 u_int64_t tsf = ath_hal_gettsf64(ah);
1407
1408 sc->sc_tx_th.wt_tsf = htole64(tsf);
1409 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags;
1410 if (iswep)
1411 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP;
1412 if (isfrag)
1413 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG;
1414 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate;
1415 sc->sc_tx_th.wt_txpower = ni->ni_txpower;
1416 sc->sc_tx_th.wt_antenna = sc->sc_txantenna;
1417
1418 ieee80211_radiotap_tx(vap, m0);
1419 }
1420
1421 /* Blank the legacy rate array */
1422 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc));
1423
1424 /*
1425 * ath_buf_set_rate needs at least one rate/try to setup
1426 * the rate scenario.
1427 */
1428 bf->bf_state.bfs_rc[0].rix = rix;
1429 bf->bf_state.bfs_rc[0].tries = try0;
1430 bf->bf_state.bfs_rc[0].ratecode = txrate;
1431
1432 /* Store the decided rate index values away */
1433 bf->bf_state.bfs_pktlen = pktlen;
1434 bf->bf_state.bfs_hdrlen = hdrlen;
1435 bf->bf_state.bfs_atype = atype;
1436 bf->bf_state.bfs_txpower = ni->ni_txpower;
1437 bf->bf_state.bfs_txrate0 = txrate;
1438 bf->bf_state.bfs_try0 = try0;
1439 bf->bf_state.bfs_keyix = keyix;
1440 bf->bf_state.bfs_txantenna = sc->sc_txantenna;
1441 bf->bf_state.bfs_txflags = flags;
1442 bf->bf_state.bfs_shpream = shortPreamble;
1443
1444 /* XXX this should be done in ath_tx_setrate() */
1445 bf->bf_state.bfs_ctsrate0 = 0; /* ie, no hard-coded ctsrate */
1446 bf->bf_state.bfs_ctsrate = 0; /* calculated later */
1447 bf->bf_state.bfs_ctsduration = 0;
1448 bf->bf_state.bfs_ismrr = ismrr;
1449
1450 return 0;
1451}
1452
1453/*
1454 * Direct-dispatch the current frame to the hardware.
1455 *
1456 * This can be called by the net80211 code.
1457 *
1458 * XXX what about locking? Or, push the seqno assign into the
1459 * XXX aggregate scheduler so its serialised?
1460 */
1461int
1462ath_tx_start(struct ath_softc *sc, struct ieee80211_node *ni,
1463 struct ath_buf *bf, struct mbuf *m0)
1464{
1465 struct ieee80211vap *vap = ni->ni_vap;
1466 struct ath_vap *avp = ATH_VAP(vap);
1467 int r = 0;
1468 u_int pri;
1469 int tid;
1470 struct ath_txq *txq;
1471 int ismcast;
1472 const struct ieee80211_frame *wh;
1473 int is_ampdu, is_ampdu_tx, is_ampdu_pending;
1474 ieee80211_seq seqno;
1475 uint8_t type, subtype;
1476
1477 /*
1478 * Determine the target hardware queue.
1479 *
1480 * For multicast frames, the txq gets overridden appropriately
1481 * depending upon the state of PS.
1482 *
1483 * For any other frame, we do a TID/QoS lookup inside the frame
1484 * to see what the TID should be. If it's a non-QoS frame, the
1485 * AC and TID are overridden. The TID/TXQ code assumes the
1486 * TID is on a predictable hardware TXQ, so we don't support
1487 * having a node TID queued to multiple hardware TXQs.
1488 * This may change in the future but would require some locking
1489 * fudgery.
1490 */
1491 pri = ath_tx_getac(sc, m0);
1492 tid = ath_tx_gettid(sc, m0);
1493
1494 txq = sc->sc_ac2q[pri];
1495 wh = mtod(m0, struct ieee80211_frame *);
1496 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1);
1497 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK;
1498 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
1499
1500 /*
1501 * Enforce how deep the multicast queue can grow.
1502 *
1503 * XXX duplicated in ath_raw_xmit().
1504 */
1505 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1506 ATH_TXQ_LOCK(sc->sc_cabq);
1507
1508 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) {
1509 sc->sc_stats.ast_tx_mcastq_overflow++;
1510 r = ENOBUFS;
1511 }
1512
1513 ATH_TXQ_UNLOCK(sc->sc_cabq);
1514
1515 if (r != 0) {
1516 m_freem(m0);
1517 return r;
1518 }
1519 }
1520
1521 /* A-MPDU TX */
1522 is_ampdu_tx = ath_tx_ampdu_running(sc, ATH_NODE(ni), tid);
1523 is_ampdu_pending = ath_tx_ampdu_pending(sc, ATH_NODE(ni), tid);
1524 is_ampdu = is_ampdu_tx | is_ampdu_pending;
1525
1526 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, ac=%d, is_ampdu=%d\n",
1527 __func__, tid, pri, is_ampdu);
1528
1529 /*
1530 * When servicing one or more stations in power-save mode
1531 * (or) if there is some mcast data waiting on the mcast
1532 * queue (to prevent out of order delivery) multicast frames
1533 * must be bufferd until after the beacon.
1534 *
1535 * TODO: we should lock the mcastq before we check the length.
1536 */
1537 if (ismcast && (vap->iv_ps_sta || avp->av_mcastq.axq_depth))
1538 txq = &avp->av_mcastq;
1539
1540 /* Do the generic frame setup */
1541 /* XXX should just bzero the bf_state? */
1542 bf->bf_state.bfs_dobaw = 0;
1543
1544 /*
1545 * Acquire the TXQ lock early, so both the encap and seqno
1546 * are allocated together.
1547 */
1548 ATH_TXQ_LOCK(txq);
1549
1550 /* A-MPDU TX? Manually set sequence number */
1551 /*
1552 * Don't do it whilst pending; the net80211 layer still
1553 * assigns them.
1554 */
1555 if (is_ampdu_tx) {
1556 /*
1557 * Always call; this function will
1558 * handle making sure that null data frames
1559 * don't get a sequence number from the current
1560 * TID and thus mess with the BAW.
1561 */
1562 seqno = ath_tx_tid_seqno_assign(sc, ni, bf, m0);
1563
1564 /*
1565 * Don't add QoS NULL frames to the BAW.
1566 */
1567 if (IEEE80211_QOS_HAS_SEQ(wh) &&
1568 subtype != IEEE80211_FC0_SUBTYPE_QOS_NULL) {
1569 bf->bf_state.bfs_dobaw = 1;
1570 }
1571 }
1572
1573 /*
1574 * If needed, the sequence number has been assigned.
1575 * Squirrel it away somewhere easy to get to.
1576 */
1577 bf->bf_state.bfs_seqno = M_SEQNO_GET(m0) << IEEE80211_SEQ_SEQ_SHIFT;
1578
1579 /* Is ampdu pending? fetch the seqno and print it out */
1580 if (is_ampdu_pending)
1581 DPRINTF(sc, ATH_DEBUG_SW_TX,
1582 "%s: tid %d: ampdu pending, seqno %d\n",
1583 __func__, tid, M_SEQNO_GET(m0));
1584
1585 /* This also sets up the DMA map */
1586 r = ath_tx_normal_setup(sc, ni, bf, m0, txq);
1587
1588 if (r != 0)
1589 goto done;
1590
1591 /* At this point m0 could have changed! */
1592 m0 = bf->bf_m;
1593
1594#if 1
1595 /*
1596 * If it's a multicast frame, do a direct-dispatch to the
1597 * destination hardware queue. Don't bother software
1598 * queuing it.
1599 */
1600 /*
1601 * If it's a BAR frame, do a direct dispatch to the
1602 * destination hardware queue. Don't bother software
1603 * queuing it, as the TID will now be paused.
1604 * Sending a BAR frame can occur from the net80211 txa timer
1605 * (ie, retries) or from the ath txtask (completion call.)
1606 * It queues directly to hardware because the TID is paused
1607 * at this point (and won't be unpaused until the BAR has
1608 * either been TXed successfully or max retries has been
1609 * reached.)
1610 */
1611 if (txq == &avp->av_mcastq) {
1612 DPRINTF(sc, ATH_DEBUG_SW_TX,
1613 "%s: bf=%p: mcastq: TX'ing\n", __func__, bf);
1614 ath_tx_xmit_normal(sc, txq, bf);
1615 } else if (type == IEEE80211_FC0_TYPE_CTL &&
1616 subtype == IEEE80211_FC0_SUBTYPE_BAR) {
1617 DPRINTF(sc, ATH_DEBUG_SW_TX,
1618 "%s: BAR: TX'ing direct\n", __func__);
1619 ath_tx_xmit_normal(sc, txq, bf);
1620 } else {
1621 /* add to software queue */
1622 DPRINTF(sc, ATH_DEBUG_SW_TX,
1623 "%s: bf=%p: swq: TX'ing\n", __func__, bf);
1624 ath_tx_swq(sc, ni, txq, bf);
1625 }
1626#else
1627 /*
1628 * For now, since there's no software queue,
1629 * direct-dispatch to the hardware.
1630 */
1631 ath_tx_xmit_normal(sc, txq, bf);
1632#endif
1633done:
1634 ATH_TXQ_UNLOCK(txq);
1635
1636 return 0;
1637}
1638
1639static int
1640ath_tx_raw_start(struct ath_softc *sc, struct ieee80211_node *ni,
1641 struct ath_buf *bf, struct mbuf *m0,
1642 const struct ieee80211_bpf_params *params)
1643{
1644 struct ifnet *ifp = sc->sc_ifp;
1645 struct ieee80211com *ic = ifp->if_l2com;
1646 struct ath_hal *ah = sc->sc_ah;
1647 struct ieee80211vap *vap = ni->ni_vap;
1648 int error, ismcast, ismrr;
1649 int keyix, hdrlen, pktlen, try0, txantenna;
1650 u_int8_t rix, txrate;
1651 struct ieee80211_frame *wh;
1652 u_int flags;
1653 HAL_PKT_TYPE atype;
1654 const HAL_RATE_TABLE *rt;
1655 struct ath_desc *ds;
1656 u_int pri;
1657 int o_tid = -1;
1658 int do_override;
1659
1660 wh = mtod(m0, struct ieee80211_frame *);
1661 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1);
1662 hdrlen = ieee80211_anyhdrsize(wh);
1663 /*
1664 * Packet length must not include any
1665 * pad bytes; deduct them here.
1666 */
1667 /* XXX honor IEEE80211_BPF_DATAPAD */
1668 pktlen = m0->m_pkthdr.len - (hdrlen & 3) + IEEE80211_CRC_LEN;
1669
1670 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: ismcast=%d\n",
1671 __func__, ismcast);
1672
1673 pri = params->ibp_pri & 3;
1674 /* Override pri if the frame isn't a QoS one */
1675 if (! IEEE80211_QOS_HAS_SEQ(wh))
1676 pri = ath_tx_getac(sc, m0);
1677
1678 /* XXX If it's an ADDBA, override the correct queue */
1679 do_override = ath_tx_action_frame_override_queue(sc, ni, m0, &o_tid);
1680
1681 /* Map ADDBA to the correct priority */
1682 if (do_override) {
1683#if 0
1684 device_printf(sc->sc_dev,
1685 "%s: overriding tid %d pri %d -> %d\n",
1686 __func__, o_tid, pri, TID_TO_WME_AC(o_tid));
1687#endif
1688 pri = TID_TO_WME_AC(o_tid);
1689 }
1690
1691 ATH_TXQ_LOCK(sc->sc_ac2q[pri]);
1692
1693 /* Handle encryption twiddling if needed */
1694 if (! ath_tx_tag_crypto(sc, ni,
1695 m0, params->ibp_flags & IEEE80211_BPF_CRYPTO, 0,
1696 &hdrlen, &pktlen, &keyix)) {
1697 ath_freetx(m0);
1698 return EIO;
1699 }
1700 /* packet header may have moved, reset our local pointer */
1701 wh = mtod(m0, struct ieee80211_frame *);
1702
1703 /* Do the generic frame setup */
1704 /* XXX should just bzero the bf_state? */
1705 bf->bf_state.bfs_dobaw = 0;
1706
1707 error = ath_tx_dmasetup(sc, bf, m0);
1708 if (error != 0)
1709 return error;
1710 m0 = bf->bf_m; /* NB: may have changed */
1711 wh = mtod(m0, struct ieee80211_frame *);
1712 bf->bf_node = ni; /* NB: held reference */
1713
1714 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */
1715 flags |= HAL_TXDESC_INTREQ; /* force interrupt */
1716 if (params->ibp_flags & IEEE80211_BPF_RTS)
1717 flags |= HAL_TXDESC_RTSENA;
1718 else if (params->ibp_flags & IEEE80211_BPF_CTS) {
1719 /* XXX assume 11g/11n protection? */
1720 bf->bf_state.bfs_doprot = 1;
1721 flags |= HAL_TXDESC_CTSENA;
1722 }
1723 /* XXX leave ismcast to injector? */
1724 if ((params->ibp_flags & IEEE80211_BPF_NOACK) || ismcast)
1725 flags |= HAL_TXDESC_NOACK;
1726
1727 rt = sc->sc_currates;
1728 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode));
1729 rix = ath_tx_findrix(sc, params->ibp_rate0);
1730 txrate = rt->info[rix].rateCode;
1731 if (params->ibp_flags & IEEE80211_BPF_SHORTPRE)
1732 txrate |= rt->info[rix].shortPreamble;
1733 sc->sc_txrix = rix;
1734 try0 = params->ibp_try0;
1735 ismrr = (params->ibp_try1 != 0);
1736 txantenna = params->ibp_pri >> 2;
1737 if (txantenna == 0) /* XXX? */
1738 txantenna = sc->sc_txantenna;
1739
1740 /*
1741 * Since ctsrate is fixed, store it away for later
1742 * use when the descriptor fields are being set.
1743 */
1744 if (flags & (HAL_TXDESC_RTSENA|HAL_TXDESC_CTSENA))
1745 bf->bf_state.bfs_ctsrate0 = params->ibp_ctsrate;
1746
1747 /*
1748 * NB: we mark all packets as type PSPOLL so the h/w won't
1749 * set the sequence number, duration, etc.
1750 */
1751 atype = HAL_PKT_TYPE_PSPOLL;
1752
1753 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT))
1754 ieee80211_dump_pkt(ic, mtod(m0, caddr_t), m0->m_len,
1755 sc->sc_hwmap[rix].ieeerate, -1);
1756
1757 if (ieee80211_radiotap_active_vap(vap)) {
1758 u_int64_t tsf = ath_hal_gettsf64(ah);
1759
1760 sc->sc_tx_th.wt_tsf = htole64(tsf);
1761 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags;
1762 if (wh->i_fc[1] & IEEE80211_FC1_WEP)
1763 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP;
1764 if (m0->m_flags & M_FRAG)
1765 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG;
1766 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate;
1767 sc->sc_tx_th.wt_txpower = ni->ni_txpower;
1768 sc->sc_tx_th.wt_antenna = sc->sc_txantenna;
1769
1770 ieee80211_radiotap_tx(vap, m0);
1771 }
1772
1773 /*
1774 * Formulate first tx descriptor with tx controls.
1775 */
1776 ds = bf->bf_desc;
1777 /* XXX check return value? */
1778
1779 /* Store the decided rate index values away */
1780 bf->bf_state.bfs_pktlen = pktlen;
1781 bf->bf_state.bfs_hdrlen = hdrlen;
1782 bf->bf_state.bfs_atype = atype;
1783 bf->bf_state.bfs_txpower = params->ibp_power;
1784 bf->bf_state.bfs_txrate0 = txrate;
1785 bf->bf_state.bfs_try0 = try0;
1786 bf->bf_state.bfs_keyix = keyix;
1787 bf->bf_state.bfs_txantenna = txantenna;
1788 bf->bf_state.bfs_txflags = flags;
1789 bf->bf_state.bfs_shpream =
1790 !! (params->ibp_flags & IEEE80211_BPF_SHORTPRE);
1791
1792 /* XXX this should be done in ath_tx_setrate() */
1793 bf->bf_state.bfs_ctsrate = 0;
1794 bf->bf_state.bfs_ctsduration = 0;
1795 bf->bf_state.bfs_ismrr = ismrr;
1796
1797 /* Blank the legacy rate array */
1798 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc));
1799
1800 bf->bf_state.bfs_rc[0].rix =
1801 ath_tx_findrix(sc, params->ibp_rate0);
1802 bf->bf_state.bfs_rc[0].tries = try0;
1803 bf->bf_state.bfs_rc[0].ratecode = txrate;
1804
1805 if (ismrr) {
1806 int rix;
1807
1808 rix = ath_tx_findrix(sc, params->ibp_rate1);
1809 bf->bf_state.bfs_rc[1].rix = rix;
1810 bf->bf_state.bfs_rc[1].tries = params->ibp_try1;
1811
1812 rix = ath_tx_findrix(sc, params->ibp_rate2);
1813 bf->bf_state.bfs_rc[2].rix = rix;
1814 bf->bf_state.bfs_rc[2].tries = params->ibp_try2;
1815
1816 rix = ath_tx_findrix(sc, params->ibp_rate3);
1817 bf->bf_state.bfs_rc[3].rix = rix;
1818 bf->bf_state.bfs_rc[3].tries = params->ibp_try3;
1819 }
1820 /*
1821 * All the required rate control decisions have been made;
1822 * fill in the rc flags.
1823 */
1824 ath_tx_rate_fill_rcflags(sc, bf);
1825
1826 /* NB: no buffered multicast in power save support */
1827
1828 /*
1829 * If we're overiding the ADDBA destination, dump directly
1830 * into the hardware queue, right after any pending
1831 * frames to that node are.
1832 */
1833 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: dooverride=%d\n",
1834 __func__, do_override);
1835
1836 if (do_override) {
1837 ath_tx_xmit_normal(sc, sc->sc_ac2q[pri], bf);
1838 } else {
1839 /* Queue to software queue */
1840 ath_tx_swq(sc, ni, sc->sc_ac2q[pri], bf);
1841 }
1842 ATH_TXQ_UNLOCK(sc->sc_ac2q[pri]);
1843
1844 return 0;
1845}
1846
1847/*
1848 * Send a raw frame.
1849 *
1850 * This can be called by net80211.
1851 */
1852int
1853ath_raw_xmit(struct ieee80211_node *ni, struct mbuf *m,
1854 const struct ieee80211_bpf_params *params)
1855{
1856 struct ieee80211com *ic = ni->ni_ic;
1857 struct ifnet *ifp = ic->ic_ifp;
1858 struct ath_softc *sc = ifp->if_softc;
1859 struct ath_buf *bf;
1860 struct ieee80211_frame *wh = mtod(m, struct ieee80211_frame *);
1861 int error = 0;
1862
1863 ATH_PCU_LOCK(sc);
1864 if (sc->sc_inreset_cnt > 0) {
1865 device_printf(sc->sc_dev, "%s: sc_inreset_cnt > 0; bailing\n",
1866 __func__);
1867 error = EIO;
1868 ATH_PCU_UNLOCK(sc);
1869 goto bad0;
1870 }
1871 sc->sc_txstart_cnt++;
1872 ATH_PCU_UNLOCK(sc);
1873
1874 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || sc->sc_invalid) {
1875 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: discard frame, %s", __func__,
1876 (ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 ?
1877 "!running" : "invalid");
1878 m_freem(m);
1879 error = ENETDOWN;
1880 goto bad;
1881 }
1882
1883 /*
1884 * Enforce how deep the multicast queue can grow.
1885 *
1886 * XXX duplicated in ath_tx_start().
1887 */
1888 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) {
1889 ATH_TXQ_LOCK(sc->sc_cabq);
1890
1891 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) {
1892 sc->sc_stats.ast_tx_mcastq_overflow++;
1893 error = ENOBUFS;
1894 }
1895
1896 ATH_TXQ_UNLOCK(sc->sc_cabq);
1897
1898 if (error != 0) {
1899 m_freem(m);
1900 goto bad;
1901 }
1902 }
1903
1904 /*
1905 * Grab a TX buffer and associated resources.
1906 */
1907 bf = ath_getbuf(sc, ATH_BUFTYPE_MGMT);
1908 if (bf == NULL) {
1909 sc->sc_stats.ast_tx_nobuf++;
1910 m_freem(m);
1911 error = ENOBUFS;
1912 goto bad;
1913 }
1914
1915 if (params == NULL) {
1916 /*
1917 * Legacy path; interpret frame contents to decide
1918 * precisely how to send the frame.
1919 */
1920 if (ath_tx_start(sc, ni, bf, m)) {
1921 error = EIO; /* XXX */
1922 goto bad2;
1923 }
1924 } else {
1925 /*
1926 * Caller supplied explicit parameters to use in
1927 * sending the frame.
1928 */
1929 if (ath_tx_raw_start(sc, ni, bf, m, params)) {
1930 error = EIO; /* XXX */
1931 goto bad2;
1932 }
1933 }
1934 sc->sc_wd_timer = 5;
1935 ifp->if_opackets++;
1936 sc->sc_stats.ast_tx_raw++;
1937
1938 ATH_PCU_LOCK(sc);
1939 sc->sc_txstart_cnt--;
1940 ATH_PCU_UNLOCK(sc);
1941
1942 return 0;
1943bad2:
1944 ATH_TXBUF_LOCK(sc);
1945 ath_returnbuf_head(sc, bf);
1946 ATH_TXBUF_UNLOCK(sc);
1947bad:
1948 ATH_PCU_LOCK(sc);
1949 sc->sc_txstart_cnt--;
1950 ATH_PCU_UNLOCK(sc);
1951bad0:
1952 ifp->if_oerrors++;
1953 sc->sc_stats.ast_tx_raw_fail++;
1954 ieee80211_free_node(ni);
1955
1956 return error;
1957}
1958
1959/* Some helper functions */
1960
1961/*
1962 * ADDBA (and potentially others) need to be placed in the same
1963 * hardware queue as the TID/node it's relating to. This is so
1964 * it goes out after any pending non-aggregate frames to the
1965 * same node/TID.
1966 *
1967 * If this isn't done, the ADDBA can go out before the frames
1968 * queued in hardware. Even though these frames have a sequence
1969 * number -earlier- than the ADDBA can be transmitted (but
1970 * no frames whose sequence numbers are after the ADDBA should
1971 * be!) they'll arrive after the ADDBA - and the receiving end
1972 * will simply drop them as being out of the BAW.
1973 *
1974 * The frames can't be appended to the TID software queue - it'll
1975 * never be sent out. So these frames have to be directly
1976 * dispatched to the hardware, rather than queued in software.
1977 * So if this function returns true, the TXQ has to be
1978 * overridden and it has to be directly dispatched.
1979 *
1980 * It's a dirty hack, but someone's gotta do it.
1981 */
1982
1983/*
1984 * XXX doesn't belong here!
1985 */
1986static int
1987ieee80211_is_action(struct ieee80211_frame *wh)
1988{
1989 /* Type: Management frame? */
1990 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) !=
1991 IEEE80211_FC0_TYPE_MGT)
1992 return 0;
1993
1994 /* Subtype: Action frame? */
1995 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) !=
1996 IEEE80211_FC0_SUBTYPE_ACTION)
1997 return 0;
1998
1999 return 1;
2000}
2001
2002#define MS(_v, _f) (((_v) & _f) >> _f##_S)
2003/*
2004 * Return an alternate TID for ADDBA request frames.
2005 *
2006 * Yes, this likely should be done in the net80211 layer.
2007 */
2008static int
2009ath_tx_action_frame_override_queue(struct ath_softc *sc,
2010 struct ieee80211_node *ni,
2011 struct mbuf *m0, int *tid)
2012{
2013 struct ieee80211_frame *wh = mtod(m0, struct ieee80211_frame *);
2014 struct ieee80211_action_ba_addbarequest *ia;
2015 uint8_t *frm;
2016 uint16_t baparamset;
2017
2018 /* Not action frame? Bail */
2019 if (! ieee80211_is_action(wh))
2020 return 0;
2021
2022 /* XXX Not needed for frames we send? */
2023#if 0
2024 /* Correct length? */
2025 if (! ieee80211_parse_action(ni, m))
2026 return 0;
2027#endif
2028
2029 /* Extract out action frame */
2030 frm = (u_int8_t *)&wh[1];
2031 ia = (struct ieee80211_action_ba_addbarequest *) frm;
2032
2033 /* Not ADDBA? Bail */
2034 if (ia->rq_header.ia_category != IEEE80211_ACTION_CAT_BA)
2035 return 0;
2036 if (ia->rq_header.ia_action != IEEE80211_ACTION_BA_ADDBA_REQUEST)
2037 return 0;
2038
2039 /* Extract TID, return it */
2040 baparamset = le16toh(ia->rq_baparamset);
2041 *tid = (int) MS(baparamset, IEEE80211_BAPS_TID);
2042
2043 return 1;
2044}
2045#undef MS
2046
2047/* Per-node software queue operations */
2048
2049/*
2050 * Add the current packet to the given BAW.
2051 * It is assumed that the current packet
2052 *
2053 * + fits inside the BAW;
2054 * + already has had a sequence number allocated.
2055 *
2056 * Since the BAW status may be modified by both the ath task and
2057 * the net80211/ifnet contexts, the TID must be locked.
2058 */
2059void
2060ath_tx_addto_baw(struct ath_softc *sc, struct ath_node *an,
2061 struct ath_tid *tid, struct ath_buf *bf)
2062{
2063 int index, cindex;
2064 struct ieee80211_tx_ampdu *tap;
2065
2066 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2067 ATH_TID_LOCK_ASSERT(sc, tid);
2068
2069 if (bf->bf_state.bfs_isretried)
2070 return;
2071
2072 tap = ath_tx_get_tx_tid(an, tid->tid);
2073
2074 if (! bf->bf_state.bfs_dobaw) {
2075 device_printf(sc->sc_dev,
2076 "%s: dobaw=0, seqno=%d, window %d:%d\n",
2077 __func__,
2078 SEQNO(bf->bf_state.bfs_seqno),
2079 tap->txa_start,
2080 tap->txa_wnd);
2081 }
2082
2083 if (bf->bf_state.bfs_addedbaw)
2084 device_printf(sc->sc_dev,
2085 "%s: re-added? tid=%d, seqno %d; window %d:%d; "
2086 "baw head=%d tail=%d\n",
2087 __func__, tid->tid, SEQNO(bf->bf_state.bfs_seqno),
2088 tap->txa_start, tap->txa_wnd, tid->baw_head,
2089 tid->baw_tail);
2090
2091 /*
2092 * Verify that the given sequence number is not outside of the
2093 * BAW. Complain loudly if that's the case.
2094 */
2095 if (! BAW_WITHIN(tap->txa_start, tap->txa_wnd,
2096 SEQNO(bf->bf_state.bfs_seqno))) {
2097 device_printf(sc->sc_dev,
2098 "%s: bf=%p: outside of BAW?? tid=%d, seqno %d; window %d:%d; "
2099 "baw head=%d tail=%d\n",
2100 __func__, bf, tid->tid, SEQNO(bf->bf_state.bfs_seqno),
2101 tap->txa_start, tap->txa_wnd, tid->baw_head,
2102 tid->baw_tail);
2103 }
2104
2105 /*
2106 * ni->ni_txseqs[] is the currently allocated seqno.
2107 * the txa state contains the current baw start.
2108 */
2109 index = ATH_BA_INDEX(tap->txa_start, SEQNO(bf->bf_state.bfs_seqno));
2110 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1);
2111 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW,
2112 "%s: tid=%d, seqno %d; window %d:%d; index=%d cindex=%d "
2113 "baw head=%d tail=%d\n",
2114 __func__, tid->tid, SEQNO(bf->bf_state.bfs_seqno),
2115 tap->txa_start, tap->txa_wnd, index, cindex, tid->baw_head,
2116 tid->baw_tail);
2117
2118
2119#if 0
2120 assert(tid->tx_buf[cindex] == NULL);
2121#endif
2122 if (tid->tx_buf[cindex] != NULL) {
2123 device_printf(sc->sc_dev,
2124 "%s: ba packet dup (index=%d, cindex=%d, "
2125 "head=%d, tail=%d)\n",
2126 __func__, index, cindex, tid->baw_head, tid->baw_tail);
2127 device_printf(sc->sc_dev,
2128 "%s: BA bf: %p; seqno=%d ; new bf: %p; seqno=%d\n",
2129 __func__,
2130 tid->tx_buf[cindex],
2131 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno),
2132 bf,
2133 SEQNO(bf->bf_state.bfs_seqno)
2134 );
2135 }
2136 tid->tx_buf[cindex] = bf;
2137
2138 if (index >= ((tid->baw_tail - tid->baw_head) &
2139 (ATH_TID_MAX_BUFS - 1))) {
2140 tid->baw_tail = cindex;
2141 INCR(tid->baw_tail, ATH_TID_MAX_BUFS);
2142 }
2143}
2144
2145/*
2146 * Flip the BAW buffer entry over from the existing one to the new one.
2147 *
2148 * When software retransmitting a (sub-)frame, it is entirely possible that
2149 * the frame ath_buf is marked as BUSY and can't be immediately reused.
2150 * In that instance the buffer is cloned and the new buffer is used for
2151 * retransmit. We thus need to update the ath_buf slot in the BAW buf
2152 * tracking array to maintain consistency.
2153 */
2154static void
2155ath_tx_switch_baw_buf(struct ath_softc *sc, struct ath_node *an,
2156 struct ath_tid *tid, struct ath_buf *old_bf, struct ath_buf *new_bf)
2157{
2158 int index, cindex;
2159 struct ieee80211_tx_ampdu *tap;
2160 int seqno = SEQNO(old_bf->bf_state.bfs_seqno);
2161
2162 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2163 ATH_TID_LOCK_ASSERT(sc, tid);
2164
2165 tap = ath_tx_get_tx_tid(an, tid->tid);
2166 index = ATH_BA_INDEX(tap->txa_start, seqno);
2167 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1);
2168
2169 /*
2170 * Just warn for now; if it happens then we should find out
2171 * about it. It's highly likely the aggregation session will
2172 * soon hang.
2173 */
2174 if (old_bf->bf_state.bfs_seqno != new_bf->bf_state.bfs_seqno) {
2175 device_printf(sc->sc_dev, "%s: retransmitted buffer"
2176 " has mismatching seqno's, BA session may hang.\n",
2177 __func__);
2178 device_printf(sc->sc_dev, "%s: old seqno=%d, new_seqno=%d\n",
2179 __func__,
2180 old_bf->bf_state.bfs_seqno,
2181 new_bf->bf_state.bfs_seqno);
2182 }
2183
2184 if (tid->tx_buf[cindex] != old_bf) {
2185 device_printf(sc->sc_dev, "%s: ath_buf pointer incorrect; "
2186 " has m BA session may hang.\n",
2187 __func__);
2188 device_printf(sc->sc_dev, "%s: old bf=%p, new bf=%p\n",
2189 __func__,
2190 old_bf, new_bf);
2191 }
2192
2193 tid->tx_buf[cindex] = new_bf;
2194}
2195
2196/*
2197 * seq_start - left edge of BAW
2198 * seq_next - current/next sequence number to allocate
2199 *
2200 * Since the BAW status may be modified by both the ath task and
2201 * the net80211/ifnet contexts, the TID must be locked.
2202 */
2203static void
2204ath_tx_update_baw(struct ath_softc *sc, struct ath_node *an,
2205 struct ath_tid *tid, const struct ath_buf *bf)
2206{
2207 int index, cindex;
2208 struct ieee80211_tx_ampdu *tap;
2209 int seqno = SEQNO(bf->bf_state.bfs_seqno);
2210
2211 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2212 ATH_TID_LOCK_ASSERT(sc, tid);
2213
2214 tap = ath_tx_get_tx_tid(an, tid->tid);
2215 index = ATH_BA_INDEX(tap->txa_start, seqno);
2216 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1);
2217
2218 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW,
2219 "%s: tid=%d, baw=%d:%d, seqno=%d, index=%d, cindex=%d, "
2220 "baw head=%d, tail=%d\n",
2221 __func__, tid->tid, tap->txa_start, tap->txa_wnd, seqno, index,
2222 cindex, tid->baw_head, tid->baw_tail);
2223
2224 /*
2225 * If this occurs then we have a big problem - something else
2226 * has slid tap->txa_start along without updating the BAW
2227 * tracking start/end pointers. Thus the TX BAW state is now
2228 * completely busted.
2229 *
2230 * But for now, since I haven't yet fixed TDMA and buffer cloning,
2231 * it's quite possible that a cloned buffer is making its way
2232 * here and causing it to fire off. Disable TDMA for now.
2233 */
2234 if (tid->tx_buf[cindex] != bf) {
2235 device_printf(sc->sc_dev,
2236 "%s: comp bf=%p, seq=%d; slot bf=%p, seqno=%d\n",
2237 __func__,
2238 bf, SEQNO(bf->bf_state.bfs_seqno),
2239 tid->tx_buf[cindex],
2240 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno));
2241 }
2242
2243 tid->tx_buf[cindex] = NULL;
2244
2245 while (tid->baw_head != tid->baw_tail &&
2246 !tid->tx_buf[tid->baw_head]) {
2247 INCR(tap->txa_start, IEEE80211_SEQ_RANGE);
2248 INCR(tid->baw_head, ATH_TID_MAX_BUFS);
2249 }
2250 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW,
2251 "%s: baw is now %d:%d, baw head=%d\n",
2252 __func__, tap->txa_start, tap->txa_wnd, tid->baw_head);
2253}
2254
2255/*
2256 * Mark the current node/TID as ready to TX.
2257 *
2258 * This is done to make it easy for the software scheduler to
2259 * find which nodes have data to send.
2260 *
2261 * The TXQ lock must be held.
2262 */
2263static void
2264ath_tx_tid_sched(struct ath_softc *sc, struct ath_tid *tid)
2265{
2266 struct ath_txq *txq = sc->sc_ac2q[tid->ac];
2267
2268 ATH_TXQ_LOCK_ASSERT(txq);
2269
2270 if (tid->paused)
2271 return; /* paused, can't schedule yet */
2272
2273 if (tid->sched)
2274 return; /* already scheduled */
2275
2276 tid->sched = 1;
2277
2278 TAILQ_INSERT_TAIL(&txq->axq_tidq, tid, axq_qelem);
2279}
2280
2281/*
2282 * Mark the current node as no longer needing to be polled for
2283 * TX packets.
2284 *
2285 * The TXQ lock must be held.
2286 */
2287static void
2288ath_tx_tid_unsched(struct ath_softc *sc, struct ath_tid *tid)
2289{
2290 struct ath_txq *txq = sc->sc_ac2q[tid->ac];
2291
2292 ATH_TXQ_LOCK_ASSERT(txq);
2293
2294 if (tid->sched == 0)
2295 return;
2296
2297 tid->sched = 0;
2298 TAILQ_REMOVE(&txq->axq_tidq, tid, axq_qelem);
2299}
2300
2301/*
2302 * Assign a sequence number manually to the given frame.
2303 *
2304 * This should only be called for A-MPDU TX frames.
2305 */
2306static ieee80211_seq
2307ath_tx_tid_seqno_assign(struct ath_softc *sc, struct ieee80211_node *ni,
2308 struct ath_buf *bf, struct mbuf *m0)
2309{
2310 struct ieee80211_frame *wh;
2311 int tid, pri;
2312 ieee80211_seq seqno;
2313 uint8_t subtype;
2314
2315 /* TID lookup */
2316 wh = mtod(m0, struct ieee80211_frame *);
2317 pri = M_WME_GETAC(m0); /* honor classification */
2318 tid = WME_AC_TO_TID(pri);
2319 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: pri=%d, tid=%d, qos has seq=%d\n",
2320 __func__, pri, tid, IEEE80211_QOS_HAS_SEQ(wh));
2321
2322 /* XXX Is it a control frame? Ignore */
2323
2324 /* Does the packet require a sequence number? */
2325 if (! IEEE80211_QOS_HAS_SEQ(wh))
2326 return -1;
2327
2328 ATH_TID_LOCK_ASSERT(sc, &(ATH_NODE(ni)->an_tid[tid]));
2329
2330 /*
2331 * Is it a QOS NULL Data frame? Give it a sequence number from
2332 * the default TID (IEEE80211_NONQOS_TID.)
2333 *
2334 * The RX path of everything I've looked at doesn't include the NULL
2335 * data frame sequence number in the aggregation state updates, so
2336 * assigning it a sequence number there will cause a BAW hole on the
2337 * RX side.
2338 */
2339 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
2340 if (subtype == IEEE80211_FC0_SUBTYPE_QOS_NULL) {
2341 /* XXX no locking for this TID? This is a bit of a problem. */
2342 seqno = ni->ni_txseqs[IEEE80211_NONQOS_TID];
2343 INCR(ni->ni_txseqs[IEEE80211_NONQOS_TID], IEEE80211_SEQ_RANGE);
2344 } else {
2345 /* Manually assign sequence number */
2346 seqno = ni->ni_txseqs[tid];
2347 INCR(ni->ni_txseqs[tid], IEEE80211_SEQ_RANGE);
2348 }
2349 *(uint16_t *)&wh->i_seq[0] = htole16(seqno << IEEE80211_SEQ_SEQ_SHIFT);
2350 M_SEQNO_SET(m0, seqno);
2351
2352 /* Return so caller can do something with it if needed */
2353 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: -> seqno=%d\n", __func__, seqno);
2354 return seqno;
2355}
2356
2357/*
2358 * Attempt to direct dispatch an aggregate frame to hardware.
2359 * If the frame is out of BAW, queue.
2360 * Otherwise, schedule it as a single frame.
2361 */
2362static void
2363ath_tx_xmit_aggr(struct ath_softc *sc, struct ath_node *an, struct ath_buf *bf)
2364{
2365 struct ath_tid *tid = &an->an_tid[bf->bf_state.bfs_tid];
2366 struct ath_txq *txq = bf->bf_state.bfs_txq;
2367 struct ieee80211_tx_ampdu *tap;
2368
2369 ATH_TXQ_LOCK_ASSERT(txq);
2370 ATH_TID_LOCK_ASSERT(sc, tid);
2371
2372 tap = ath_tx_get_tx_tid(an, tid->tid);
2373
2374 /* paused? queue */
2375 if (tid->paused) {
2376 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list);
2377 /* XXX don't sched - we're paused! */
2378 return;
2379 }
2380
2381 /* outside baw? queue */
2382 if (bf->bf_state.bfs_dobaw &&
2383 (! BAW_WITHIN(tap->txa_start, tap->txa_wnd,
2384 SEQNO(bf->bf_state.bfs_seqno)))) {
2385 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list);
2386 ath_tx_tid_sched(sc, tid);
2387 return;
2388 }
2389
2390 /* Direct dispatch to hardware */
2391 ath_tx_do_ratelookup(sc, bf);
2392 ath_tx_calc_duration(sc, bf);
2393 ath_tx_calc_protection(sc, bf);
2394 ath_tx_set_rtscts(sc, bf);
2395 ath_tx_rate_fill_rcflags(sc, bf);
2396 ath_tx_setds(sc, bf);
2397 ath_tx_set_ratectrl(sc, bf->bf_node, bf);
2398 ath_tx_chaindesclist(sc, bf);
2399
2400 /* Statistics */
2401 sc->sc_aggr_stats.aggr_low_hwq_single_pkt++;
2402
2403 /* Track per-TID hardware queue depth correctly */
2404 tid->hwq_depth++;
2405
2406 /* Add to BAW */
2407 if (bf->bf_state.bfs_dobaw) {
2408 ath_tx_addto_baw(sc, an, tid, bf);
2409 bf->bf_state.bfs_addedbaw = 1;
2410 }
2411
2412 /* Set completion handler, multi-frame aggregate or not */
2413 bf->bf_comp = ath_tx_aggr_comp;
2414
2415 /* Hand off to hardware */
2416 ath_tx_handoff(sc, txq, bf);
2417}
2418
2419/*
2420 * Attempt to send the packet.
2421 * If the queue isn't busy, direct-dispatch.
2422 * If the queue is busy enough, queue the given packet on the
2423 * relevant software queue.
2424 */
2425void
2426ath_tx_swq(struct ath_softc *sc, struct ieee80211_node *ni, struct ath_txq *txq,
2427 struct ath_buf *bf)
2428{
2429 struct ath_node *an = ATH_NODE(ni);
2430 struct ieee80211_frame *wh;
2431 struct ath_tid *atid;
2432 int pri, tid;
2433 struct mbuf *m0 = bf->bf_m;
2434
2435 ATH_TXQ_LOCK_ASSERT(txq);
2436
2437 /* Fetch the TID - non-QoS frames get assigned to TID 16 */
2438 wh = mtod(m0, struct ieee80211_frame *);
2439 pri = ath_tx_getac(sc, m0);
2440 tid = ath_tx_gettid(sc, m0);
2441 atid = &an->an_tid[tid];
2442
2443 ATH_TID_LOCK_ASSERT(sc, atid);
2444
2445 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p, pri=%d, tid=%d, qos=%d\n",
2446 __func__, bf, pri, tid, IEEE80211_QOS_HAS_SEQ(wh));
2447
2448 /* Set local packet state, used to queue packets to hardware */
2449 bf->bf_state.bfs_tid = tid;
2450 bf->bf_state.bfs_txq = txq;
2451 bf->bf_state.bfs_pri = pri;
2452
2453 /*
2454 * If the hardware queue isn't busy, queue it directly.
2455 * If the hardware queue is busy, queue it.
2456 * If the TID is paused or the traffic it outside BAW, software
2457 * queue it.
2458 */
2459 if (atid->paused) {
2460 /* TID is paused, queue */
2461 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: paused\n", __func__);
2462 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list);
2463 } else if (ath_tx_ampdu_pending(sc, an, tid)) {
2464 /* AMPDU pending; queue */
2465 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: pending\n", __func__);
2466 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list);
2467 /* XXX sched? */
2468 } else if (ath_tx_ampdu_running(sc, an, tid)) {
2469 /* AMPDU running, attempt direct dispatch if possible */
2470
2471 /*
2472 * Always queue the frame to the tail of the list.
2473 */
2474 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list);
2475
2476 /*
2477 * If the hardware queue isn't busy, direct dispatch
2478 * the head frame in the list. Don't schedule the
2479 * TID - let it build some more frames first?
2480 *
2481 * Otherwise, schedule the TID.
2482 */
2483 if (txq->axq_depth < sc->sc_hwq_limit) {
2484 bf = TAILQ_FIRST(&atid->axq_q);
2485 ATH_TXQ_REMOVE(atid, bf, bf_list);
2486 ath_tx_xmit_aggr(sc, an, bf);
2487 DPRINTF(sc, ATH_DEBUG_SW_TX,
2488 "%s: xmit_aggr\n",
2489 __func__);
2490 } else {
2491 DPRINTF(sc, ATH_DEBUG_SW_TX,
2492 "%s: ampdu; swq'ing\n",
2493 __func__);
2494 ath_tx_tid_sched(sc, atid);
2495 }
2496 } else if (txq->axq_depth < sc->sc_hwq_limit) {
2497 /* AMPDU not running, attempt direct dispatch */
2498 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: xmit_normal\n", __func__);
2499 ath_tx_xmit_normal(sc, txq, bf);
2500 } else {
2501 /* Busy; queue */
2502 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: swq'ing\n", __func__);
2503 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list);
2504 ath_tx_tid_sched(sc, atid);
2505 }
2506}
2507
2508/*
2509 * Do the basic frame setup stuff that's required before the frame
2510 * is added to a software queue.
2511 *
2512 * All frames get mostly the same treatment and it's done once.
2513 * Retransmits fiddle with things like the rate control setup,
2514 * setting the retransmit bit in the packet; doing relevant DMA/bus
2515 * syncing and relinking it (back) into the hardware TX queue.
2516 *
2517 * Note that this may cause the mbuf to be reallocated, so
2518 * m0 may not be valid.
2519 */
2520
2521
2522/*
2523 * Configure the per-TID node state.
2524 *
2525 * This likely belongs in if_ath_node.c but I can't think of anywhere
2526 * else to put it just yet.
2527 *
2528 * This sets up the SLISTs and the mutex as appropriate.
2529 */
2530void
2531ath_tx_tid_init(struct ath_softc *sc, struct ath_node *an)
2532{
2533 int i, j;
2534 struct ath_tid *atid;
2535
2536 for (i = 0; i < IEEE80211_TID_SIZE; i++) {
2537 atid = &an->an_tid[i];
2538 TAILQ_INIT(&atid->axq_q);
2539 atid->tid = i;
2540 atid->an = an;
2541 for (j = 0; j < ATH_TID_MAX_BUFS; j++)
2542 atid->tx_buf[j] = NULL;
2543 atid->baw_head = atid->baw_tail = 0;
2544 atid->paused = 0;
2545 atid->sched = 0;
2546 atid->hwq_depth = 0;
2547 atid->cleanup_inprogress = 0;
2548 if (i == IEEE80211_NONQOS_TID)
2549 atid->ac = WME_AC_BE;
2550 else
2551 atid->ac = TID_TO_WME_AC(i);
2552 }
2553}
2554
2555/*
2556 * Pause the current TID. This stops packets from being transmitted
2557 * on it.
2558 *
2559 * Since this is also called from upper layers as well as the driver,
2560 * it will get the TID lock.
2561 */
2562static void
2563ath_tx_tid_pause(struct ath_softc *sc, struct ath_tid *tid)
2564{
2565
2566 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2567 tid->paused++;
2568 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: paused = %d\n",
2569 __func__, tid->paused);
2570}
2571
2572/*
2573 * Unpause the current TID, and schedule it if needed.
2574 */
2575static void
2576ath_tx_tid_resume(struct ath_softc *sc, struct ath_tid *tid)
2577{
2578 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2579
2580 tid->paused--;
2581
2582 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: unpaused = %d\n",
2583 __func__, tid->paused);
2584
2585 if (tid->paused || tid->axq_depth == 0) {
2586 return;
2587 }
2588
2589 ath_tx_tid_sched(sc, tid);
2590 /* Punt some frames to the hardware if needed */
2591 //ath_txq_sched(sc, sc->sc_ac2q[tid->ac]);
2592 taskqueue_enqueue(sc->sc_tq, &sc->sc_txqtask);
2593}
2594
2595/*
2596 * Suspend the queue because we need to TX a BAR.
2597 */
2598static void
2599ath_tx_tid_bar_suspend(struct ath_softc *sc, struct ath_tid *tid)
2600{
2601 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2602
2603 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
2604 "%s: tid=%p, bar_wait=%d, bar_tx=%d, called\n",
2605 __func__,
2606 tid,
2607 tid->bar_wait,
2608 tid->bar_tx);
2609
2610 /* We shouldn't be called when bar_tx is 1 */
2611 if (tid->bar_tx) {
2612 device_printf(sc->sc_dev, "%s: bar_tx is 1?!\n",
2613 __func__);
2614 }
2615
2616 /* If we've already been called, just be patient. */
2617 if (tid->bar_wait)
2618 return;
2619
2620 /* Wait! */
2621 tid->bar_wait = 1;
2622
2623 /* Only one pause, no matter how many frames fail */
2624 ath_tx_tid_pause(sc, tid);
2625}
2626
2627/*
2628 * We've finished with BAR handling - either we succeeded or
2629 * failed. Either way, unsuspend TX.
2630 */
2631static void
2632ath_tx_tid_bar_unsuspend(struct ath_softc *sc, struct ath_tid *tid)
2633{
2634 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2635
2636 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
2637 "%s: tid=%p, called\n",
2638 __func__,
2639 tid);
2640
2641 if (tid->bar_tx == 0 || tid->bar_wait == 0) {
2642 device_printf(sc->sc_dev, "%s: bar_tx=%d, bar_wait=%d: ?\n",
2643 __func__, tid->bar_tx, tid->bar_wait);
2644 }
2645
2646 tid->bar_tx = tid->bar_wait = 0;
2647 ath_tx_tid_resume(sc, tid);
2648}
2649
2650/*
2651 * Return whether we're ready to TX a BAR frame.
2652 *
2653 * Requires the TID lock be held.
2654 */
2655static int
2656ath_tx_tid_bar_tx_ready(struct ath_softc *sc, struct ath_tid *tid)
2657{
2658
2659 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2660
2661 if (tid->bar_wait == 0 || tid->hwq_depth > 0)
2662 return (0);
2663
2664 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, "%s: tid=%p (%d), bar ready\n",
2665 __func__, tid, tid->tid);
2666
2667 return (1);
2668}
2669
2670/*
2671 * Check whether the current TID is ready to have a BAR
2672 * TXed and if so, do the TX.
2673 *
2674 * Since the TID/TXQ lock can't be held during a call to
2675 * ieee80211_send_bar(), we have to do the dirty thing of unlocking it,
2676 * sending the BAR and locking it again.
2677 *
2678 * Eventually, the code to send the BAR should be broken out
2679 * from this routine so the lock doesn't have to be reacquired
2680 * just to be immediately dropped by the caller.
2681 */
2682static void
2683ath_tx_tid_bar_tx(struct ath_softc *sc, struct ath_tid *tid)
2684{
2685 struct ieee80211_tx_ampdu *tap;
2686
2687 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2688
2689 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
2690 "%s: tid=%p, called\n",
2691 __func__,
2692 tid);
2693
2694 tap = ath_tx_get_tx_tid(tid->an, tid->tid);
2695
2696 /*
2697 * This is an error condition!
2698 */
2699 if (tid->bar_wait == 0 || tid->bar_tx == 1) {
2700 device_printf(sc->sc_dev,
2701 "%s: tid=%p, bar_tx=%d, bar_wait=%d: ?\n",
2702 __func__,
2703 tid,
2704 tid->bar_tx,
2705 tid->bar_wait);
2706 return;
2707 }
2708
2709 /* Don't do anything if we still have pending frames */
2710 if (tid->hwq_depth > 0) {
2711 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
2712 "%s: tid=%p, hwq_depth=%d, waiting\n",
2713 __func__,
2714 tid,
2715 tid->hwq_depth);
2716 return;
2717 }
2718
2719 /* We're now about to TX */
2720 tid->bar_tx = 1;
2721
2722 /*
2723 * Calculate new BAW left edge, now that all frames have either
2724 * succeeded or failed.
2725 *
2726 * XXX verify this is _actually_ the valid value to begin at!
2727 */
2728 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
2729 "%s: tid=%p, new BAW left edge=%d\n",
2730 __func__,
2731 tid,
2732 tap->txa_start);
2733
2734 /* Try sending the BAR frame */
2735 /* We can't hold the lock here! */
2736
2737 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]);
2738 if (ieee80211_send_bar(&tid->an->an_node, tap, tap->txa_start) == 0) {
2739 /* Success? Now we wait for notification that it's done */
2740 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]);
2741 return;
2742 }
2743
2744 /* Failure? For now, warn loudly and continue */
2745 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]);
2746 device_printf(sc->sc_dev, "%s: tid=%p, failed to TX BAR, continue!\n",
2747 __func__, tid);
2748 ath_tx_tid_bar_unsuspend(sc, tid);
2749}
2750
2751
2752/*
2753 * Free any packets currently pending in the software TX queue.
2754 *
2755 * This will be called when a node is being deleted.
2756 *
2757 * It can also be called on an active node during an interface
2758 * reset or state transition.
2759 *
2760 * (From Linux/reference):
2761 *
2762 * TODO: For frame(s) that are in the retry state, we will reuse the
2763 * sequence number(s) without setting the retry bit. The
2764 * alternative is to give up on these and BAR the receiver's window
2765 * forward.
2766 */
2767static void
2768ath_tx_tid_drain(struct ath_softc *sc, struct ath_node *an,
2769 struct ath_tid *tid, ath_bufhead *bf_cq)
2770{
2771 struct ath_buf *bf;
2772 struct ieee80211_tx_ampdu *tap;
2773 struct ieee80211_node *ni = &an->an_node;
2774 int t = 0;
2775 struct ath_txq *txq = sc->sc_ac2q[tid->ac];
2776
2777 tap = ath_tx_get_tx_tid(an, tid->tid);
2778
2779 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]);
2780
2781 /* Walk the queue, free frames */
2782 for (;;) {
2783 bf = TAILQ_FIRST(&tid->axq_q);
2784 if (bf == NULL) {
2785 break;
2786 }
2787
2788 if (t == 0) {
2789 device_printf(sc->sc_dev,
2790 "%s: node %p: bf=%p: addbaw=%d, dobaw=%d, "
2791 "seqno=%d, retry=%d\n",
2792 __func__, ni, bf,
2793 bf->bf_state.bfs_addedbaw,
2794 bf->bf_state.bfs_dobaw,
2795 SEQNO(bf->bf_state.bfs_seqno),
2796 bf->bf_state.bfs_retries);
2797 device_printf(sc->sc_dev,
2798 "%s: node %p: bf=%p: tid txq_depth=%d hwq_depth=%d, bar_wait=%d\n",
2799 __func__, ni, bf,
2800 tid->axq_depth,
2801 tid->hwq_depth,
2802 tid->bar_wait);
2803 device_printf(sc->sc_dev,
2804 "%s: node %p: tid %d: txq_depth=%d, "
2805 "txq_aggr_depth=%d, sched=%d, paused=%d, "
2806 "hwq_depth=%d, incomp=%d, baw_head=%d, "
2807 "baw_tail=%d txa_start=%d, ni_txseqs=%d\n",
2808 __func__, ni, tid->tid, txq->axq_depth,
2809 txq->axq_aggr_depth, tid->sched, tid->paused,
2810 tid->hwq_depth, tid->incomp, tid->baw_head,
2811 tid->baw_tail, tap == NULL ? -1 : tap->txa_start,
2812 ni->ni_txseqs[tid->tid]);
2813
2814 /* XXX Dump the frame, see what it is? */
2815 ieee80211_dump_pkt(ni->ni_ic,
2816 mtod(bf->bf_m, const uint8_t *),
2817 bf->bf_m->m_len, 0, -1);
2818
2819 t = 1;
2820 }
2821
2822
2823 /*
2824 * If the current TID is running AMPDU, update
2825 * the BAW.
2826 */
2827 if (ath_tx_ampdu_running(sc, an, tid->tid) &&
2828 bf->bf_state.bfs_dobaw) {
2829 /*
2830 * Only remove the frame from the BAW if it's
2831 * been transmitted at least once; this means
2832 * the frame was in the BAW to begin with.
2833 */
2834 if (bf->bf_state.bfs_retries > 0) {
2835 ath_tx_update_baw(sc, an, tid, bf);
2836 bf->bf_state.bfs_dobaw = 0;
2837 }
2838 /*
2839 * This has become a non-fatal error now
2840 */
2841 if (! bf->bf_state.bfs_addedbaw)
2842 device_printf(sc->sc_dev,
2843 "%s: wasn't added: seqno %d\n",
2844 __func__, SEQNO(bf->bf_state.bfs_seqno));
2845 }
2846 ATH_TXQ_REMOVE(tid, bf, bf_list);
2847 TAILQ_INSERT_TAIL(bf_cq, bf, bf_list);
2848 }
2849
2850 /*
2851 * Now that it's completed, grab the TID lock and update
2852 * the sequence number and BAW window.
2853 * Because sequence numbers have been assigned to frames
2854 * that haven't been sent yet, it's entirely possible
2855 * we'll be called with some pending frames that have not
2856 * been transmitted.
2857 *
2858 * The cleaner solution is to do the sequence number allocation
2859 * when the packet is first transmitted - and thus the "retries"
2860 * check above would be enough to update the BAW/seqno.
2861 */
2862
2863 /* But don't do it for non-QoS TIDs */
2864 if (tap) {
2865#if 0
2866 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
2867 "%s: node %p: TID %d: sliding BAW left edge to %d\n",
2868 __func__, an, tid->tid, tap->txa_start);
2869#endif
2870 ni->ni_txseqs[tid->tid] = tap->txa_start;
2871 tid->baw_tail = tid->baw_head;
2872 }
2873}
2874
2875/*
2876 * Flush all software queued packets for the given node.
2877 *
2878 * This occurs when a completion handler frees the last buffer
2879 * for a node, and the node is thus freed. This causes the node
2880 * to be cleaned up, which ends up calling ath_tx_node_flush.
2881 */
2882void
2883ath_tx_node_flush(struct ath_softc *sc, struct ath_node *an)
2884{
2885 int tid;
2886 ath_bufhead bf_cq;
2887 struct ath_buf *bf;
2888
2889 TAILQ_INIT(&bf_cq);
2890
2891 for (tid = 0; tid < IEEE80211_TID_SIZE; tid++) {
2892 struct ath_tid *atid = &an->an_tid[tid];
2893 struct ath_txq *txq = sc->sc_ac2q[atid->ac];
2894
2895 /* Remove this tid from the list of active tids */
2896 ATH_TXQ_LOCK(txq);
2897 ath_tx_tid_unsched(sc, atid);
2898
2899 /* Free packets */
2900 ath_tx_tid_drain(sc, an, atid, &bf_cq);
2901 ATH_TXQ_UNLOCK(txq);
2902 }
2903
2904 /* Handle completed frames */
2905 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) {
2906 TAILQ_REMOVE(&bf_cq, bf, bf_list);
2907 ath_tx_default_comp(sc, bf, 0);
2908 }
2909}
2910
2911/*
2912 * Drain all the software TXQs currently with traffic queued.
2913 */
2914void
2915ath_tx_txq_drain(struct ath_softc *sc, struct ath_txq *txq)
2916{
2917 struct ath_tid *tid;
2918 ath_bufhead bf_cq;
2919 struct ath_buf *bf;
2920
2921 TAILQ_INIT(&bf_cq);
2922 ATH_TXQ_LOCK(txq);
2923
2924 /*
2925 * Iterate over all active tids for the given txq,
2926 * flushing and unsched'ing them
2927 */
2928 while (! TAILQ_EMPTY(&txq->axq_tidq)) {
2929 tid = TAILQ_FIRST(&txq->axq_tidq);
2930 ath_tx_tid_drain(sc, tid->an, tid, &bf_cq);
2931 ath_tx_tid_unsched(sc, tid);
2932 }
2933
2934 ATH_TXQ_UNLOCK(txq);
2935
2936 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) {
2937 TAILQ_REMOVE(&bf_cq, bf, bf_list);
2938 ath_tx_default_comp(sc, bf, 0);
2939 }
2940}
2941
2942/*
2943 * Handle completion of non-aggregate session frames.
2944 */
2945void
2946ath_tx_normal_comp(struct ath_softc *sc, struct ath_buf *bf, int fail)
2947{
2948 struct ieee80211_node *ni = bf->bf_node;
2949 struct ath_node *an = ATH_NODE(ni);
2950 int tid = bf->bf_state.bfs_tid;
2951 struct ath_tid *atid = &an->an_tid[tid];
2952 struct ath_tx_status *ts = &bf->bf_status.ds_txstat;
2953
2954 /* The TID state is protected behind the TXQ lock */
2955 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
2956
2957 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: fail=%d, hwq_depth now %d\n",
2958 __func__, bf, fail, atid->hwq_depth - 1);
2959
2960 atid->hwq_depth--;
2961 if (atid->hwq_depth < 0)
2962 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n",
2963 __func__, atid->hwq_depth);
2964 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
2965
2966 /*
2967 * punt to rate control if we're not being cleaned up
2968 * during a hw queue drain and the frame wanted an ACK.
2969 */
2970 if (fail == 0 && ((bf->bf_state.bfs_txflags & HAL_TXDESC_NOACK) == 0))
2971 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc,
2972 ts, bf->bf_state.bfs_pktlen,
2973 1, (ts->ts_status == 0) ? 0 : 1);
2974
2975 ath_tx_default_comp(sc, bf, fail);
2976}
2977
2978/*
2979 * Handle cleanup of aggregate session packets that aren't
2980 * an A-MPDU.
2981 *
2982 * There's no need to update the BAW here - the session is being
2983 * torn down.
2984 */
2985static void
2986ath_tx_comp_cleanup_unaggr(struct ath_softc *sc, struct ath_buf *bf)
2987{
2988 struct ieee80211_node *ni = bf->bf_node;
2989 struct ath_node *an = ATH_NODE(ni);
2990 int tid = bf->bf_state.bfs_tid;
2991 struct ath_tid *atid = &an->an_tid[tid];
2992
2993 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: TID %d: incomp=%d\n",
2994 __func__, tid, atid->incomp);
2995
2996 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
2997 atid->incomp--;
2998 if (atid->incomp == 0) {
2999 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
3000 "%s: TID %d: cleaned up! resume!\n",
3001 __func__, tid);
3002 atid->cleanup_inprogress = 0;
3003 ath_tx_tid_resume(sc, atid);
3004 }
3005 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3006
3007 ath_tx_default_comp(sc, bf, 0);
3008}
3009
3010/*
3011 * Performs transmit side cleanup when TID changes from aggregated to
3012 * unaggregated.
3013 *
3014 * - Discard all retry frames from the s/w queue.
3015 * - Fix the tx completion function for all buffers in s/w queue.
3016 * - Count the number of unacked frames, and let transmit completion
3017 * handle it later.
3018 *
3019 * The caller is responsible for pausing the TID.
3020 */
3021static void
3022ath_tx_tid_cleanup(struct ath_softc *sc, struct ath_node *an, int tid)
3023{
3024 struct ath_tid *atid = &an->an_tid[tid];
3025 struct ieee80211_tx_ampdu *tap;
3026 struct ath_buf *bf, *bf_next;
3027 ath_bufhead bf_cq;
3028
3029 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW,
3030 "%s: TID %d: called\n", __func__, tid);
3031
3032 TAILQ_INIT(&bf_cq);
3033 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3034
3035 /*
3036 * Update the frames in the software TX queue:
3037 *
3038 * + Discard retry frames in the queue
3039 * + Fix the completion function to be non-aggregate
3040 */
3041 bf = TAILQ_FIRST(&atid->axq_q);
3042 while (bf) {
3043 if (bf->bf_state.bfs_isretried) {
3044 bf_next = TAILQ_NEXT(bf, bf_list);
3045 TAILQ_REMOVE(&atid->axq_q, bf, bf_list);
3046 atid->axq_depth--;
3047 if (bf->bf_state.bfs_dobaw) {
3048 ath_tx_update_baw(sc, an, atid, bf);
3049 if (! bf->bf_state.bfs_addedbaw)
3050 device_printf(sc->sc_dev,
3051 "%s: wasn't added: seqno %d\n",
3052 __func__,
3053 SEQNO(bf->bf_state.bfs_seqno));
3054 }
3055 bf->bf_state.bfs_dobaw = 0;
3056 /*
3057 * Call the default completion handler with "fail" just
3058 * so upper levels are suitably notified about this.
3059 */
3060 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list);
3061 bf = bf_next;
3062 continue;
3063 }
3064 /* Give these the default completion handler */
3065 bf->bf_comp = ath_tx_normal_comp;
3066 bf = TAILQ_NEXT(bf, bf_list);
3067 }
3068
3069 /* The caller is required to pause the TID */
3070#if 0
3071 /* Pause the TID */
3072 ath_tx_tid_pause(sc, atid);
3073#endif
3074
3075 /*
3076 * Calculate what hardware-queued frames exist based
3077 * on the current BAW size. Ie, what frames have been
3078 * added to the TX hardware queue for this TID but
3079 * not yet ACKed.
3080 */
3081 tap = ath_tx_get_tx_tid(an, tid);
3082 /* Need the lock - fiddling with BAW */
3083 while (atid->baw_head != atid->baw_tail) {
3084 if (atid->tx_buf[atid->baw_head]) {
3085 atid->incomp++;
3086 atid->cleanup_inprogress = 1;
3087 atid->tx_buf[atid->baw_head] = NULL;
3088 }
3089 INCR(atid->baw_head, ATH_TID_MAX_BUFS);
3090 INCR(tap->txa_start, IEEE80211_SEQ_RANGE);
3091 }
3092
3093 /*
3094 * If cleanup is required, defer TID scheduling
3095 * until all the HW queued packets have been
3096 * sent.
3097 */
3098 if (! atid->cleanup_inprogress)
3099 ath_tx_tid_resume(sc, atid);
3100
3101 if (atid->cleanup_inprogress)
3102 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
3103 "%s: TID %d: cleanup needed: %d packets\n",
3104 __func__, tid, atid->incomp);
3105 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3106
3107 /* Handle completing frames and fail them */
3108 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) {
3109 TAILQ_REMOVE(&bf_cq, bf, bf_list);
3110 ath_tx_default_comp(sc, bf, 1);
3111 }
3112}
3113
3114static void
3115ath_tx_set_retry(struct ath_softc *sc, struct ath_buf *bf)
3116{
3117 struct ieee80211_frame *wh;
3118
3119 wh = mtod(bf->bf_m, struct ieee80211_frame *);
3120 /* Only update/resync if needed */
3121 if (bf->bf_state.bfs_isretried == 0) {
3122 wh->i_fc[1] |= IEEE80211_FC1_RETRY;
3123 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap,
3124 BUS_DMASYNC_PREWRITE);
3125 }
3126 sc->sc_stats.ast_tx_swretries++;
3127 bf->bf_state.bfs_isretried = 1;
3128 bf->bf_state.bfs_retries ++;
3129}
3130
3131static struct ath_buf *
3132ath_tx_retry_clone(struct ath_softc *sc, struct ath_node *an,
3133 struct ath_tid *tid, struct ath_buf *bf)
3134{
3135 struct ath_buf *nbf;
3136 int error;
3137
3138 nbf = ath_buf_clone(sc, bf);
3139
3140#if 0
3141 device_printf(sc->sc_dev, "%s: ATH_BUF_BUSY; cloning\n",
3142 __func__);
3143#endif
3144
3145 if (nbf == NULL) {
3146 /* Failed to clone */
3147 device_printf(sc->sc_dev,
3148 "%s: failed to clone a busy buffer\n",
3149 __func__);
3150 return NULL;
3151 }
3152
3153 /* Setup the dma for the new buffer */
3154 error = ath_tx_dmasetup(sc, nbf, nbf->bf_m);
3155 if (error != 0) {
3156 device_printf(sc->sc_dev,
3157 "%s: failed to setup dma for clone\n",
3158 __func__);
3159 /*
3160 * Put this at the head of the list, not tail;
3161 * that way it doesn't interfere with the
3162 * busy buffer logic (which uses the tail of
3163 * the list.)
3164 */
3165 ATH_TXBUF_LOCK(sc);
3166 ath_returnbuf_head(sc, nbf);
3167 ATH_TXBUF_UNLOCK(sc);
3168 return NULL;
3169 }
3170
3171 /* Update BAW if required, before we free the original buf */
3172 if (bf->bf_state.bfs_dobaw)
3173 ath_tx_switch_baw_buf(sc, an, tid, bf, nbf);
3174
3175 /* Free current buffer; return the older buffer */
3176 bf->bf_m = NULL;
3177 bf->bf_node = NULL;
3178 ath_freebuf(sc, bf);
3179 return nbf;
3180}
3181
3182/*
3183 * Handle retrying an unaggregate frame in an aggregate
3184 * session.
3185 *
3186 * If too many retries occur, pause the TID, wait for
3187 * any further retransmits (as there's no reason why
3188 * non-aggregate frames in an aggregate session are
3189 * transmitted in-order; they just have to be in-BAW)
3190 * and then queue a BAR.
3191 */
3192static void
3193ath_tx_aggr_retry_unaggr(struct ath_softc *sc, struct ath_buf *bf)
3194{
3195 struct ieee80211_node *ni = bf->bf_node;
3196 struct ath_node *an = ATH_NODE(ni);
3197 int tid = bf->bf_state.bfs_tid;
3198 struct ath_tid *atid = &an->an_tid[tid];
3199 struct ieee80211_tx_ampdu *tap;
3200
3201 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3202
3203 tap = ath_tx_get_tx_tid(an, tid);
3204
3205 /*
3206 * If the buffer is marked as busy, we can't directly
3207 * reuse it. Instead, try to clone the buffer.
3208 * If the clone is successful, recycle the old buffer.
3209 * If the clone is unsuccessful, set bfs_retries to max
3210 * to force the next bit of code to free the buffer
3211 * for us.
3212 */
3213 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) &&
3214 (bf->bf_flags & ATH_BUF_BUSY)) {
3215 struct ath_buf *nbf;
3216 nbf = ath_tx_retry_clone(sc, an, atid, bf);
3217 if (nbf)
3218 /* bf has been freed at this point */
3219 bf = nbf;
3220 else
3221 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1;
3222 }
3223
3224 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) {
3225 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES,
3226 "%s: exceeded retries; seqno %d\n",
3227 __func__, SEQNO(bf->bf_state.bfs_seqno));
3228 sc->sc_stats.ast_tx_swretrymax++;
3229
3230 /* Update BAW anyway */
3231 if (bf->bf_state.bfs_dobaw) {
3232 ath_tx_update_baw(sc, an, atid, bf);
3233 if (! bf->bf_state.bfs_addedbaw)
3234 device_printf(sc->sc_dev,
3235 "%s: wasn't added: seqno %d\n",
3236 __func__, SEQNO(bf->bf_state.bfs_seqno));
3237 }
3238 bf->bf_state.bfs_dobaw = 0;
3239
3240 /* Suspend the TX queue and get ready to send the BAR */
3241 ath_tx_tid_bar_suspend(sc, atid);
3242
3243 /* Send the BAR if there are no other frames waiting */
3244 if (ath_tx_tid_bar_tx_ready(sc, atid))
3245 ath_tx_tid_bar_tx(sc, atid);
3246
3247 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3248
3249 /* Free buffer, bf is free after this call */
3250 ath_tx_default_comp(sc, bf, 0);
3251 return;
3252 }
3253
3254 /*
3255 * This increments the retry counter as well as
3256 * sets the retry flag in the ath_buf and packet
3257 * body.
3258 */
3259 ath_tx_set_retry(sc, bf);
3260
3261 /*
3262 * Insert this at the head of the queue, so it's
3263 * retried before any current/subsequent frames.
3264 */
3265 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list);
3266 ath_tx_tid_sched(sc, atid);
3267 /* Send the BAR if there are no other frames waiting */
3268 if (ath_tx_tid_bar_tx_ready(sc, atid))
3269 ath_tx_tid_bar_tx(sc, atid);
3270
3271 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3272}
3273
3274/*
3275 * Common code for aggregate excessive retry/subframe retry.
3276 * If retrying, queues buffers to bf_q. If not, frees the
3277 * buffers.
3278 *
3279 * XXX should unify this with ath_tx_aggr_retry_unaggr()
3280 */
3281static int
3282ath_tx_retry_subframe(struct ath_softc *sc, struct ath_buf *bf,
3283 ath_bufhead *bf_q)
3284{
3285 struct ieee80211_node *ni = bf->bf_node;
3286 struct ath_node *an = ATH_NODE(ni);
3287 int tid = bf->bf_state.bfs_tid;
3288 struct ath_tid *atid = &an->an_tid[tid];
3289
3290 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[atid->ac]);
3291
3292 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc);
3293 ath_hal_set11nburstduration(sc->sc_ah, bf->bf_desc, 0);
3294 /* ath_hal_set11n_virtualmorefrag(sc->sc_ah, bf->bf_desc, 0); */
3295
3296 /*
3297 * If the buffer is marked as busy, we can't directly
3298 * reuse it. Instead, try to clone the buffer.
3299 * If the clone is successful, recycle the old buffer.
3300 * If the clone is unsuccessful, set bfs_retries to max
3301 * to force the next bit of code to free the buffer
3302 * for us.
3303 */
3304 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) &&
3305 (bf->bf_flags & ATH_BUF_BUSY)) {
3306 struct ath_buf *nbf;
3307 nbf = ath_tx_retry_clone(sc, an, atid, bf);
3308 if (nbf)
3309 /* bf has been freed at this point */
3310 bf = nbf;
3311 else
3312 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1;
3313 }
3314
3315 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) {
3316 sc->sc_stats.ast_tx_swretrymax++;
3317 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES,
3318 "%s: max retries: seqno %d\n",
3319 __func__, SEQNO(bf->bf_state.bfs_seqno));
3320 ath_tx_update_baw(sc, an, atid, bf);
3321 if (! bf->bf_state.bfs_addedbaw)
3322 device_printf(sc->sc_dev,
3323 "%s: wasn't added: seqno %d\n",
3324 __func__, SEQNO(bf->bf_state.bfs_seqno));
3325 bf->bf_state.bfs_dobaw = 0;
3326 return 1;
3327 }
3328
3329 ath_tx_set_retry(sc, bf);
3330 bf->bf_next = NULL; /* Just to make sure */
3331
3332 TAILQ_INSERT_TAIL(bf_q, bf, bf_list);
3333 return 0;
3334}
3335
3336/*
3337 * error pkt completion for an aggregate destination
3338 */
3339static void
3340ath_tx_comp_aggr_error(struct ath_softc *sc, struct ath_buf *bf_first,
3341 struct ath_tid *tid)
3342{
3343 struct ieee80211_node *ni = bf_first->bf_node;
3344 struct ath_node *an = ATH_NODE(ni);
3345 struct ath_buf *bf_next, *bf;
3346 ath_bufhead bf_q;
3347 int drops = 0;
3348 struct ieee80211_tx_ampdu *tap;
3349 ath_bufhead bf_cq;
3350
3351 TAILQ_INIT(&bf_q);
3352 TAILQ_INIT(&bf_cq);
3353
3354 /*
3355 * Update rate control - all frames have failed.
3356 *
3357 * XXX use the length in the first frame in the series;
3358 * XXX just so things are consistent for now.
3359 */
3360 ath_tx_update_ratectrl(sc, ni, bf_first->bf_state.bfs_rc,
3361 &bf_first->bf_status.ds_txstat,
3362 bf_first->bf_state.bfs_pktlen,
3363 bf_first->bf_state.bfs_nframes, bf_first->bf_state.bfs_nframes);
3364
3365 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]);
3366 tap = ath_tx_get_tx_tid(an, tid->tid);
3367 sc->sc_stats.ast_tx_aggr_failall++;
3368
3369 /* Retry all subframes */
3370 bf = bf_first;
3371 while (bf) {
3372 bf_next = bf->bf_next;
3373 bf->bf_next = NULL; /* Remove it from the aggr list */
3374 sc->sc_stats.ast_tx_aggr_fail++;
3375 if (ath_tx_retry_subframe(sc, bf, &bf_q)) {
3376 drops++;
3377 bf->bf_next = NULL;
3378 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list);
3379 }
3380 bf = bf_next;
3381 }
3382
3383 /* Prepend all frames to the beginning of the queue */
3384 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) {
3385 TAILQ_REMOVE(&bf_q, bf, bf_list);
3386 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list);
3387 }
3388
3389 /*
3390 * Schedule the TID to be re-tried.
3391 */
3392 ath_tx_tid_sched(sc, tid);
3393
3394 /*
3395 * send bar if we dropped any frames
3396 *
3397 * Keep the txq lock held for now, as we need to ensure
3398 * that ni_txseqs[] is consistent (as it's being updated
3399 * in the ifnet TX context or raw TX context.)
3400 */
3401 if (drops) {
3402 /* Suspend the TX queue and get ready to send the BAR */
3403 ath_tx_tid_bar_suspend(sc, tid);
3404 }
3405
3406 /*
3407 * Send BAR if required
3408 */
3409 if (ath_tx_tid_bar_tx_ready(sc, tid))
3410 ath_tx_tid_bar_tx(sc, tid);
3411 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]);
3412
3413 /* Complete frames which errored out */
3414 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) {
3415 TAILQ_REMOVE(&bf_cq, bf, bf_list);
3416 ath_tx_default_comp(sc, bf, 0);
3417 }
3418}
3419
3420/*
3421 * Handle clean-up of packets from an aggregate list.
3422 *
3423 * There's no need to update the BAW here - the session is being
3424 * torn down.
3425 */
3426static void
3427ath_tx_comp_cleanup_aggr(struct ath_softc *sc, struct ath_buf *bf_first)
3428{
3429 struct ath_buf *bf, *bf_next;
3430 struct ieee80211_node *ni = bf_first->bf_node;
3431 struct ath_node *an = ATH_NODE(ni);
3432 int tid = bf_first->bf_state.bfs_tid;
3433 struct ath_tid *atid = &an->an_tid[tid];
3434
3435 bf = bf_first;
3436
3437 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3438
3439 /* update incomp */
3440 while (bf) {
3441 atid->incomp--;
3442 bf = bf->bf_next;
3443 }
3444
3445 if (atid->incomp == 0) {
3446 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
3447 "%s: TID %d: cleaned up! resume!\n",
3448 __func__, tid);
3449 atid->cleanup_inprogress = 0;
3450 ath_tx_tid_resume(sc, atid);
3451 }
3452
3453 /* Send BAR if required */
3454 if (ath_tx_tid_bar_tx_ready(sc, atid))
3455 ath_tx_tid_bar_tx(sc, atid);
3456 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3457
3458 /* Handle frame completion */
3459 while (bf) {
3460 bf_next = bf->bf_next;
3461 ath_tx_default_comp(sc, bf, 1);
3462 bf = bf_next;
3463 }
3464}
3465
3466/*
3467 * Handle completion of an set of aggregate frames.
3468 *
3469 * XXX for now, simply complete each sub-frame.
3470 *
3471 * Note: the completion handler is the last descriptor in the aggregate,
3472 * not the last descriptor in the first frame.
3473 */
3474static void
3475ath_tx_aggr_comp_aggr(struct ath_softc *sc, struct ath_buf *bf_first,
3476 int fail)
3477{
3478 //struct ath_desc *ds = bf->bf_lastds;
3479 struct ieee80211_node *ni = bf_first->bf_node;
3480 struct ath_node *an = ATH_NODE(ni);
3481 int tid = bf_first->bf_state.bfs_tid;
3482 struct ath_tid *atid = &an->an_tid[tid];
3483 struct ath_tx_status ts;
3484 struct ieee80211_tx_ampdu *tap;
3485 ath_bufhead bf_q;
3486 ath_bufhead bf_cq;
3487 int seq_st, tx_ok;
3488 int hasba, isaggr;
3489 uint32_t ba[2];
3490 struct ath_buf *bf, *bf_next;
3491 int ba_index;
3492 int drops = 0;
3493 int nframes = 0, nbad = 0, nf;
3494 int pktlen;
3495 /* XXX there's too much on the stack? */
3496 struct ath_rc_series rc[ATH_RC_NUM];
3497 int txseq;
3498
3499 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: called; hwq_depth=%d\n",
3500 __func__, atid->hwq_depth);
3501
3502 /* The TID state is kept behind the TXQ lock */
3503 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3504
3505 atid->hwq_depth--;
3506 if (atid->hwq_depth < 0)
3507 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n",
3508 __func__, atid->hwq_depth);
3509
3510 /*
3511 * Punt cleanup to the relevant function, not our problem now
3512 */
3513 if (atid->cleanup_inprogress) {
3514 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3515 ath_tx_comp_cleanup_aggr(sc, bf_first);
3516 return;
3517 }
3518
3519 /*
3520 * Take a copy; this may be needed -after- bf_first
3521 * has been completed and freed.
3522 */
3523 ts = bf_first->bf_status.ds_txstat;
3524 /*
3525 * XXX for now, use the first frame in the aggregate for
3526 * XXX rate control completion; it's at least consistent.
3527 */
3528 pktlen = bf_first->bf_state.bfs_pktlen;
3529
3530 /*
3531 * Handle errors first!
3532 *
3533 * Here, handle _any_ error as a "exceeded retries" error.
3534 * Later on (when filtered frames are to be specially handled)
3535 * it'll have to be expanded.
3536 */
3537#if 0
3538 if (ts.ts_status & HAL_TXERR_XRETRY) {
3539#endif
3540 if (ts.ts_status != 0) {
3541 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3542 ath_tx_comp_aggr_error(sc, bf_first, atid);
3543 return;
3544 }
3545
3546 TAILQ_INIT(&bf_q);
3547 TAILQ_INIT(&bf_cq);
3548 tap = ath_tx_get_tx_tid(an, tid);
3549
3550 /*
3551 * extract starting sequence and block-ack bitmap
3552 */
3553 /* XXX endian-ness of seq_st, ba? */
3554 seq_st = ts.ts_seqnum;
3555 hasba = !! (ts.ts_flags & HAL_TX_BA);
3556 tx_ok = (ts.ts_status == 0);
3557 isaggr = bf_first->bf_state.bfs_aggr;
3558 ba[0] = ts.ts_ba_low;
3559 ba[1] = ts.ts_ba_high;
3560
3561 /*
3562 * Copy the TX completion status and the rate control
3563 * series from the first descriptor, as it may be freed
3564 * before the rate control code can get its grubby fingers
3565 * into things.
3566 */
3567 memcpy(rc, bf_first->bf_state.bfs_rc, sizeof(rc));
3568
3569 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3570 "%s: txa_start=%d, tx_ok=%d, status=%.8x, flags=%.8x, "
3571 "isaggr=%d, seq_st=%d, hasba=%d, ba=%.8x, %.8x\n",
3572 __func__, tap->txa_start, tx_ok, ts.ts_status, ts.ts_flags,
3573 isaggr, seq_st, hasba, ba[0], ba[1]);
3574
3575 /* Occasionally, the MAC sends a tx status for the wrong TID. */
3576 if (tid != ts.ts_tid) {
3577 device_printf(sc->sc_dev, "%s: tid %d != hw tid %d\n",
3578 __func__, tid, ts.ts_tid);
3579 tx_ok = 0;
3580 }
3581
3582 /* AR5416 BA bug; this requires an interface reset */
3583 if (isaggr && tx_ok && (! hasba)) {
3584 device_printf(sc->sc_dev,
3585 "%s: AR5416 bug: hasba=%d; txok=%d, isaggr=%d, "
3586 "seq_st=%d\n",
3587 __func__, hasba, tx_ok, isaggr, seq_st);
3588 /* XXX TODO: schedule an interface reset */
3589#ifdef ATH_DEBUG
3590 ath_printtxbuf(sc, bf_first,
3591 sc->sc_ac2q[atid->ac]->axq_qnum, 0, 0);
3592#endif
3593 }
3594
3595 /*
3596 * Walk the list of frames, figure out which ones were correctly
3597 * sent and which weren't.
3598 */
3599 bf = bf_first;
3600 nf = bf_first->bf_state.bfs_nframes;
3601
3602 /* bf_first is going to be invalid once this list is walked */
3603 bf_first = NULL;
3604
3605 /*
3606 * Walk the list of completed frames and determine
3607 * which need to be completed and which need to be
3608 * retransmitted.
3609 *
3610 * For completed frames, the completion functions need
3611 * to be called at the end of this function as the last
3612 * node reference may free the node.
3613 *
3614 * Finally, since the TXQ lock can't be held during the
3615 * completion callback (to avoid lock recursion),
3616 * the completion calls have to be done outside of the
3617 * lock.
3618 */
3619 while (bf) {
3620 nframes++;
3621 ba_index = ATH_BA_INDEX(seq_st,
3622 SEQNO(bf->bf_state.bfs_seqno));
3623 bf_next = bf->bf_next;
3624 bf->bf_next = NULL; /* Remove it from the aggr list */
3625
3626 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3627 "%s: checking bf=%p seqno=%d; ack=%d\n",
3628 __func__, bf, SEQNO(bf->bf_state.bfs_seqno),
3629 ATH_BA_ISSET(ba, ba_index));
3630
3631 if (tx_ok && ATH_BA_ISSET(ba, ba_index)) {
3632 sc->sc_stats.ast_tx_aggr_ok++;
3633 ath_tx_update_baw(sc, an, atid, bf);
3634 bf->bf_state.bfs_dobaw = 0;
3635 if (! bf->bf_state.bfs_addedbaw)
3636 device_printf(sc->sc_dev,
3637 "%s: wasn't added: seqno %d\n",
3638 __func__, SEQNO(bf->bf_state.bfs_seqno));
3639 bf->bf_next = NULL;
3640 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list);
3641 } else {
3642 sc->sc_stats.ast_tx_aggr_fail++;
3643 if (ath_tx_retry_subframe(sc, bf, &bf_q)) {
3644 drops++;
3645 bf->bf_next = NULL;
3646 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list);
3647 }
3648 nbad++;
3649 }
3650 bf = bf_next;
3651 }
3652
3653 /*
3654 * Now that the BAW updates have been done, unlock
3655 *
3656 * txseq is grabbed before the lock is released so we
3657 * have a consistent view of what -was- in the BAW.
3658 * Anything after this point will not yet have been
3659 * TXed.
3660 */
3661 txseq = tap->txa_start;
3662 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3663
3664 if (nframes != nf)
3665 device_printf(sc->sc_dev,
3666 "%s: num frames seen=%d; bf nframes=%d\n",
3667 __func__, nframes, nf);
3668
3669 /*
3670 * Now we know how many frames were bad, call the rate
3671 * control code.
3672 */
3673 if (fail == 0)
3674 ath_tx_update_ratectrl(sc, ni, rc, &ts, pktlen, nframes,
3675 nbad);
3676
3677 /*
3678 * send bar if we dropped any frames
3679 */
3680 if (drops) {
3681 /* Suspend the TX queue and get ready to send the BAR */
3682 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3683 ath_tx_tid_bar_suspend(sc, atid);
3684 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3685 }
3686
3687 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3688 "%s: txa_start now %d\n", __func__, tap->txa_start);
3689
3690 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3691
3692 /* Prepend all frames to the beginning of the queue */
3693 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) {
3694 TAILQ_REMOVE(&bf_q, bf, bf_list);
3695 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list);
3696 }
3697
3698 /*
3699 * Reschedule to grab some further frames.
3700 */
3701 ath_tx_tid_sched(sc, atid);
3702
3703 /*
3704 * Send BAR if required
3705 */
3706 if (ath_tx_tid_bar_tx_ready(sc, atid))
3707 ath_tx_tid_bar_tx(sc, atid);
3708
3709 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3710
3711 /* Do deferred completion */
3712 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) {
3713 TAILQ_REMOVE(&bf_cq, bf, bf_list);
3714 ath_tx_default_comp(sc, bf, 0);
3715 }
3716}
3717
3718/*
3719 * Handle completion of unaggregated frames in an ADDBA
3720 * session.
3721 *
3722 * Fail is set to 1 if the entry is being freed via a call to
3723 * ath_tx_draintxq().
3724 */
3725static void
3726ath_tx_aggr_comp_unaggr(struct ath_softc *sc, struct ath_buf *bf, int fail)
3727{
3728 struct ieee80211_node *ni = bf->bf_node;
3729 struct ath_node *an = ATH_NODE(ni);
3730 int tid = bf->bf_state.bfs_tid;
3731 struct ath_tid *atid = &an->an_tid[tid];
3732 struct ath_tx_status *ts = &bf->bf_status.ds_txstat;
3733
3734 /*
3735 * Update rate control status here, before we possibly
3736 * punt to retry or cleanup.
3737 *
3738 * Do it outside of the TXQ lock.
3739 */
3740 if (fail == 0 && ((bf->bf_state.bfs_txflags & HAL_TXDESC_NOACK) == 0))
3741 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc,
3742 &bf->bf_status.ds_txstat,
3743 bf->bf_state.bfs_pktlen,
3744 1, (ts->ts_status == 0) ? 0 : 1);
3745
3746 /*
3747 * This is called early so atid->hwq_depth can be tracked.
3748 * This unfortunately means that it's released and regrabbed
3749 * during retry and cleanup. That's rather inefficient.
3750 */
3751 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
3752
3753 if (tid == IEEE80211_NONQOS_TID)
3754 device_printf(sc->sc_dev, "%s: TID=16!\n", __func__);
3755
3756 DPRINTF(sc, ATH_DEBUG_SW_TX,
3757 "%s: bf=%p: tid=%d, hwq_depth=%d, seqno=%d\n",
3758 __func__, bf, bf->bf_state.bfs_tid, atid->hwq_depth,
3759 SEQNO(bf->bf_state.bfs_seqno));
3760
3761 atid->hwq_depth--;
3762 if (atid->hwq_depth < 0)
3763 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n",
3764 __func__, atid->hwq_depth);
3765
3766 /*
3767 * If a cleanup is in progress, punt to comp_cleanup;
3768 * rather than handling it here. It's thus their
3769 * responsibility to clean up, call the completion
3770 * function in net80211, etc.
3771 */
3772 if (atid->cleanup_inprogress) {
3773 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3774 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: cleanup_unaggr\n",
3775 __func__);
3776 ath_tx_comp_cleanup_unaggr(sc, bf);
3777 return;
3778 }
3779
3780 /*
3781 * Don't bother with the retry check if all frames
3782 * are being failed (eg during queue deletion.)
3783 */
3784#if 0
3785 if (fail == 0 && ts->ts_status & HAL_TXERR_XRETRY) {
3786#endif
3787 if (fail == 0 && ts->ts_status != 0) {
3788 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3789 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: retry_unaggr\n",
3790 __func__);
3791 ath_tx_aggr_retry_unaggr(sc, bf);
3792 return;
3793 }
3794
3795 /* Success? Complete */
3796 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: TID=%d, seqno %d\n",
3797 __func__, tid, SEQNO(bf->bf_state.bfs_seqno));
3798 if (bf->bf_state.bfs_dobaw) {
3799 ath_tx_update_baw(sc, an, atid, bf);
3800 bf->bf_state.bfs_dobaw = 0;
3801 if (! bf->bf_state.bfs_addedbaw)
3802 device_printf(sc->sc_dev,
3803 "%s: wasn't added: seqno %d\n",
3804 __func__, SEQNO(bf->bf_state.bfs_seqno));
3805 }
3806
3807 /*
3808 * Send BAR if required
3809 */
3810 if (ath_tx_tid_bar_tx_ready(sc, atid))
3811 ath_tx_tid_bar_tx(sc, atid);
3812
3813 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
3814
3815 ath_tx_default_comp(sc, bf, fail);
3816 /* bf is freed at this point */
3817}
3818
3819void
3820ath_tx_aggr_comp(struct ath_softc *sc, struct ath_buf *bf, int fail)
3821{
3822 if (bf->bf_state.bfs_aggr)
3823 ath_tx_aggr_comp_aggr(sc, bf, fail);
3824 else
3825 ath_tx_aggr_comp_unaggr(sc, bf, fail);
3826}
3827
3828/*
3829 * Schedule some packets from the given node/TID to the hardware.
3830 *
3831 * This is the aggregate version.
3832 */
3833void
3834ath_tx_tid_hw_queue_aggr(struct ath_softc *sc, struct ath_node *an,
3835 struct ath_tid *tid)
3836{
3837 struct ath_buf *bf;
3838 struct ath_txq *txq = sc->sc_ac2q[tid->ac];
3839 struct ieee80211_tx_ampdu *tap;
3840 struct ieee80211_node *ni = &an->an_node;
3841 ATH_AGGR_STATUS status;
3842 ath_bufhead bf_q;
3843
3844 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d\n", __func__, tid->tid);
3845 ATH_TXQ_LOCK_ASSERT(txq);
3846
3847 tap = ath_tx_get_tx_tid(an, tid->tid);
3848
3849 if (tid->tid == IEEE80211_NONQOS_TID)
3850 device_printf(sc->sc_dev, "%s: called for TID=NONQOS_TID?\n",
3851 __func__);
3852
3853 for (;;) {
3854 status = ATH_AGGR_DONE;
3855
3856 /*
3857 * If the upper layer has paused the TID, don't
3858 * queue any further packets.
3859 *
3860 * This can also occur from the completion task because
3861 * of packet loss; but as its serialised with this code,
3862 * it won't "appear" half way through queuing packets.
3863 */
3864 if (tid->paused)
3865 break;
3866
3867 bf = TAILQ_FIRST(&tid->axq_q);
3868 if (bf == NULL) {
3869 break;
3870 }
3871
3872 /*
3873 * If the packet doesn't fall within the BAW (eg a NULL
3874 * data frame), schedule it directly; continue.
3875 */
3876 if (! bf->bf_state.bfs_dobaw) {
3877 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3878 "%s: non-baw packet\n",
3879 __func__);
3880 ATH_TXQ_REMOVE(tid, bf, bf_list);
3881 bf->bf_state.bfs_aggr = 0;
3882 ath_tx_do_ratelookup(sc, bf);
3883 ath_tx_calc_duration(sc, bf);
3884 ath_tx_calc_protection(sc, bf);
3885 ath_tx_set_rtscts(sc, bf);
3886 ath_tx_rate_fill_rcflags(sc, bf);
3887 ath_tx_setds(sc, bf);
3888 ath_tx_chaindesclist(sc, bf);
3889 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc);
3890 ath_tx_set_ratectrl(sc, ni, bf);
3891
3892 sc->sc_aggr_stats.aggr_nonbaw_pkt++;
3893
3894 /* Queue the packet; continue */
3895 goto queuepkt;
3896 }
3897
3898 TAILQ_INIT(&bf_q);
3899
3900 /*
3901 * Do a rate control lookup on the first frame in the
3902 * list. The rate control code needs that to occur
3903 * before it can determine whether to TX.
3904 * It's inaccurate because the rate control code doesn't
3905 * really "do" aggregate lookups, so it only considers
3906 * the size of the first frame.
3907 */
3908 ath_tx_do_ratelookup(sc, bf);
3909 bf->bf_state.bfs_rc[3].rix = 0;
3910 bf->bf_state.bfs_rc[3].tries = 0;
3911
3912 ath_tx_calc_duration(sc, bf);
3913 ath_tx_calc_protection(sc, bf);
3914
3915 ath_tx_set_rtscts(sc, bf);
3916 ath_tx_rate_fill_rcflags(sc, bf);
3917
3918 status = ath_tx_form_aggr(sc, an, tid, &bf_q);
3919
3920 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3921 "%s: ath_tx_form_aggr() status=%d\n", __func__, status);
3922
3923 /*
3924 * No frames to be picked up - out of BAW
3925 */
3926 if (TAILQ_EMPTY(&bf_q))
3927 break;
3928
3929 /*
3930 * This assumes that the descriptor list in the ath_bufhead
3931 * are already linked together via bf_next pointers.
3932 */
3933 bf = TAILQ_FIRST(&bf_q);
3934
3935 if (status == ATH_AGGR_8K_LIMITED)
3936 sc->sc_aggr_stats.aggr_rts_aggr_limited++;
3937
3938 /*
3939 * If it's the only frame send as non-aggregate
3940 * assume that ath_tx_form_aggr() has checked
3941 * whether it's in the BAW and added it appropriately.
3942 */
3943 if (bf->bf_state.bfs_nframes == 1) {
3944 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3945 "%s: single-frame aggregate\n", __func__);
3946 bf->bf_state.bfs_aggr = 0;
3947 ath_tx_setds(sc, bf);
3948 ath_tx_chaindesclist(sc, bf);
3949 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc);
3950 ath_tx_set_ratectrl(sc, ni, bf);
3951 if (status == ATH_AGGR_BAW_CLOSED)
3952 sc->sc_aggr_stats.aggr_baw_closed_single_pkt++;
3953 else
3954 sc->sc_aggr_stats.aggr_single_pkt++;
3955 } else {
3956 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR,
3957 "%s: multi-frame aggregate: %d frames, "
3958 "length %d\n",
3959 __func__, bf->bf_state.bfs_nframes,
3960 bf->bf_state.bfs_al);
3961 bf->bf_state.bfs_aggr = 1;
3962 sc->sc_aggr_stats.aggr_pkts[bf->bf_state.bfs_nframes]++;
3963 sc->sc_aggr_stats.aggr_aggr_pkt++;
3964
3965 /*
3966 * Calculate the duration/protection as required.
3967 */
3968 ath_tx_calc_duration(sc, bf);
3969 ath_tx_calc_protection(sc, bf);
3970
3971 /*
3972 * Update the rate and rtscts information based on the
3973 * rate decision made by the rate control code;
3974 * the first frame in the aggregate needs it.
3975 */
3976 ath_tx_set_rtscts(sc, bf);
3977
3978 /*
3979 * Setup the relevant descriptor fields
3980 * for aggregation. The first descriptor
3981 * already points to the rest in the chain.
3982 */
3983 ath_tx_setds_11n(sc, bf);
3984
3985 /*
3986 * setup first desc with rate and aggr info
3987 */
3988 ath_tx_set_ratectrl(sc, ni, bf);
3989 }
3990 queuepkt:
3991 //txq = bf->bf_state.bfs_txq;
3992
3993 /* Set completion handler, multi-frame aggregate or not */
3994 bf->bf_comp = ath_tx_aggr_comp;
3995
3996 if (bf->bf_state.bfs_tid == IEEE80211_NONQOS_TID)
3997 device_printf(sc->sc_dev, "%s: TID=16?\n", __func__);
3998
3999 /* Punt to txq */
4000 ath_tx_handoff(sc, txq, bf);
4001
4002 /* Track outstanding buffer count to hardware */
4003 /* aggregates are "one" buffer */
4004 tid->hwq_depth++;
4005
4006 /*
4007 * Break out if ath_tx_form_aggr() indicated
4008 * there can't be any further progress (eg BAW is full.)
4009 * Checking for an empty txq is done above.
4010 *
4011 * XXX locking on txq here?
4012 */
4013 if (txq->axq_aggr_depth >= sc->sc_hwq_limit ||
4014 status == ATH_AGGR_BAW_CLOSED)
4015 break;
4016 }
4017}
4018
4019/*
4020 * Schedule some packets from the given node/TID to the hardware.
4021 */
4022void
4023ath_tx_tid_hw_queue_norm(struct ath_softc *sc, struct ath_node *an,
4024 struct ath_tid *tid)
4025{
4026 struct ath_buf *bf;
4027 struct ath_txq *txq = sc->sc_ac2q[tid->ac];
4028 struct ieee80211_node *ni = &an->an_node;
4029
4030 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: node %p: TID %d: called\n",
4031 __func__, an, tid->tid);
4032
4033 ATH_TXQ_LOCK_ASSERT(txq);
4034
4035 /* Check - is AMPDU pending or running? then print out something */
4036 if (ath_tx_ampdu_pending(sc, an, tid->tid))
4037 device_printf(sc->sc_dev, "%s: tid=%d, ampdu pending?\n",
4038 __func__, tid->tid);
4039 if (ath_tx_ampdu_running(sc, an, tid->tid))
4040 device_printf(sc->sc_dev, "%s: tid=%d, ampdu running?\n",
4041 __func__, tid->tid);
4042
4043 for (;;) {
4044
4045 /*
4046 * If the upper layers have paused the TID, don't
4047 * queue any further packets.
4048 */
4049 if (tid->paused)
4050 break;
4051
4052 bf = TAILQ_FIRST(&tid->axq_q);
4053 if (bf == NULL) {
4054 break;
4055 }
4056
4057 ATH_TXQ_REMOVE(tid, bf, bf_list);
4058
4059 KASSERT(txq == bf->bf_state.bfs_txq, ("txqs not equal!\n"));
4060
4061 /* Sanity check! */
4062 if (tid->tid != bf->bf_state.bfs_tid) {
4063 device_printf(sc->sc_dev, "%s: bfs_tid %d !="
4064 " tid %d\n",
4065 __func__, bf->bf_state.bfs_tid, tid->tid);
4066 }
4067 /* Normal completion handler */
4068 bf->bf_comp = ath_tx_normal_comp;
4069
4070 /* Program descriptors + rate control */
4071 ath_tx_do_ratelookup(sc, bf);
4072 ath_tx_calc_duration(sc, bf);
4073 ath_tx_calc_protection(sc, bf);
4074 ath_tx_set_rtscts(sc, bf);
4075 ath_tx_rate_fill_rcflags(sc, bf);
4076 ath_tx_setds(sc, bf);
4077 ath_tx_chaindesclist(sc, bf);
4078 ath_tx_set_ratectrl(sc, ni, bf);
4079
4080 /* Track outstanding buffer count to hardware */
4081 /* aggregates are "one" buffer */
4082 tid->hwq_depth++;
4083
4084 /* Punt to hardware or software txq */
4085 ath_tx_handoff(sc, txq, bf);
4086 }
4087}
4088
4089/*
4090 * Schedule some packets to the given hardware queue.
4091 *
4092 * This function walks the list of TIDs (ie, ath_node TIDs
4093 * with queued traffic) and attempts to schedule traffic
4094 * from them.
4095 *
4096 * TID scheduling is implemented as a FIFO, with TIDs being
4097 * added to the end of the queue after some frames have been
4098 * scheduled.
4099 */
4100void
4101ath_txq_sched(struct ath_softc *sc, struct ath_txq *txq)
4102{
4103 struct ath_tid *tid, *next, *last;
4104
4105 ATH_TXQ_LOCK_ASSERT(txq);
4106
4107 /*
4108 * Don't schedule if the hardware queue is busy.
4109 * This (hopefully) gives some more time to aggregate
4110 * some packets in the aggregation queue.
4111 */
4112 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) {
4113 sc->sc_aggr_stats.aggr_sched_nopkt++;
4114 return;
4115 }
4116
4117 last = TAILQ_LAST(&txq->axq_tidq, axq_t_s);
4118
4119 TAILQ_FOREACH_SAFE(tid, &txq->axq_tidq, axq_qelem, next) {
4120 /*
4121 * Suspend paused queues here; they'll be resumed
4122 * once the addba completes or times out.
4123 */
4124 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, paused=%d\n",
4125 __func__, tid->tid, tid->paused);
4126 ath_tx_tid_unsched(sc, tid);
4127 if (tid->paused) {
4128 continue;
4129 }
4130 if (ath_tx_ampdu_running(sc, tid->an, tid->tid))
4131 ath_tx_tid_hw_queue_aggr(sc, tid->an, tid);
4132 else
4133 ath_tx_tid_hw_queue_norm(sc, tid->an, tid);
4134
4135 /* Not empty? Re-schedule */
4136 if (tid->axq_depth != 0)
4137 ath_tx_tid_sched(sc, tid);
4138
4139 /* Give the software queue time to aggregate more packets */
4140 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) {
4141 break;
4142 }
4143
4144 /*
4145 * If this was the last entry on the original list, stop.
4146 * Otherwise nodes that have been rescheduled onto the end
4147 * of the TID FIFO list will just keep being rescheduled.
4148 */
4149 if (tid == last)
4150 break;
4151 }
4152}
4153
4154/*
4155 * TX addba handling
4156 */
4157
4158/*
4159 * Return net80211 TID struct pointer, or NULL for none
4160 */
4161struct ieee80211_tx_ampdu *
4162ath_tx_get_tx_tid(struct ath_node *an, int tid)
4163{
4164 struct ieee80211_node *ni = &an->an_node;
4165 struct ieee80211_tx_ampdu *tap;
4166
4167 if (tid == IEEE80211_NONQOS_TID)
4168 return NULL;
4169
4170 tap = &ni->ni_tx_ampdu[tid];
4171 return tap;
4172}
4173
4174/*
4175 * Is AMPDU-TX running?
4176 */
4177static int
4178ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, int tid)
4179{
4180 struct ieee80211_tx_ampdu *tap;
4181
4182 if (tid == IEEE80211_NONQOS_TID)
4183 return 0;
4184
4185 tap = ath_tx_get_tx_tid(an, tid);
4186 if (tap == NULL)
4187 return 0; /* Not valid; default to not running */
4188
4189 return !! (tap->txa_flags & IEEE80211_AGGR_RUNNING);
4190}
4191
4192/*
4193 * Is AMPDU-TX negotiation pending?
4194 */
4195static int
4196ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, int tid)
4197{
4198 struct ieee80211_tx_ampdu *tap;
4199
4200 if (tid == IEEE80211_NONQOS_TID)
4201 return 0;
4202
4203 tap = ath_tx_get_tx_tid(an, tid);
4204 if (tap == NULL)
4205 return 0; /* Not valid; default to not pending */
4206
4207 return !! (tap->txa_flags & IEEE80211_AGGR_XCHGPEND);
4208}
4209
4210/*
4211 * Is AMPDU-TX pending for the given TID?
4212 */
4213
4214
4215/*
4216 * Method to handle sending an ADDBA request.
4217 *
4218 * We tap this so the relevant flags can be set to pause the TID
4219 * whilst waiting for the response.
4220 *
4221 * XXX there's no timeout handler we can override?
4222 */
4223int
4224ath_addba_request(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap,
4225 int dialogtoken, int baparamset, int batimeout)
4226{
4227 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc;
4228 int tid = tap->txa_tid;
4229 struct ath_node *an = ATH_NODE(ni);
4230 struct ath_tid *atid = &an->an_tid[tid];
4231
4232 /*
4233 * XXX danger Will Robinson!
4234 *
4235 * Although the taskqueue may be running and scheduling some more
4236 * packets, these should all be _before_ the addba sequence number.
4237 * However, net80211 will keep self-assigning sequence numbers
4238 * until addba has been negotiated.
4239 *
4240 * In the past, these packets would be "paused" (which still works
4241 * fine, as they're being scheduled to the driver in the same
4242 * serialised method which is calling the addba request routine)
4243 * and when the aggregation session begins, they'll be dequeued
4244 * as aggregate packets and added to the BAW. However, now there's
4245 * a "bf->bf_state.bfs_dobaw" flag, and this isn't set for these
4246 * packets. Thus they never get included in the BAW tracking and
4247 * this can cause the initial burst of packets after the addba
4248 * negotiation to "hang", as they quickly fall outside the BAW.
4249 *
4250 * The "eventual" solution should be to tag these packets with
4251 * dobaw. Although net80211 has given us a sequence number,
4252 * it'll be "after" the left edge of the BAW and thus it'll
4253 * fall within it.
4254 */
4255 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4256 /*
4257 * This is a bit annoying. Until net80211 HT code inherits some
4258 * (any) locking, we may have this called in parallel BUT only
4259 * one response/timeout will be called. Grr.
4260 */
4261 if (atid->addba_tx_pending == 0) {
4262 ath_tx_tid_pause(sc, atid);
4263 atid->addba_tx_pending = 1;
4264 }
4265 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4266
4267 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
4268 "%s: called; dialogtoken=%d, baparamset=%d, batimeout=%d\n",
4269 __func__, dialogtoken, baparamset, batimeout);
4270 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
4271 "%s: txa_start=%d, ni_txseqs=%d\n",
4272 __func__, tap->txa_start, ni->ni_txseqs[tid]);
4273
4274 return sc->sc_addba_request(ni, tap, dialogtoken, baparamset,
4275 batimeout);
4276}
4277
4278/*
4279 * Handle an ADDBA response.
4280 *
4281 * We unpause the queue so TX'ing can resume.
4282 *
4283 * Any packets TX'ed from this point should be "aggregate" (whether
4284 * aggregate or not) so the BAW is updated.
4285 *
4286 * Note! net80211 keeps self-assigning sequence numbers until
4287 * ampdu is negotiated. This means the initially-negotiated BAW left
4288 * edge won't match the ni->ni_txseq.
4289 *
4290 * So, being very dirty, the BAW left edge is "slid" here to match
4291 * ni->ni_txseq.
4292 *
4293 * What likely SHOULD happen is that all packets subsequent to the
4294 * addba request should be tagged as aggregate and queued as non-aggregate
4295 * frames; thus updating the BAW. For now though, I'll just slide the
4296 * window.
4297 */
4298int
4299ath_addba_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap,
4300 int status, int code, int batimeout)
4301{
4302 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc;
4303 int tid = tap->txa_tid;
4304 struct ath_node *an = ATH_NODE(ni);
4305 struct ath_tid *atid = &an->an_tid[tid];
4306 int r;
4307
4308 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
4309 "%s: called; status=%d, code=%d, batimeout=%d\n", __func__,
4310 status, code, batimeout);
4311
4312 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
4313 "%s: txa_start=%d, ni_txseqs=%d\n",
4314 __func__, tap->txa_start, ni->ni_txseqs[tid]);
4315
4316 /*
4317 * Call this first, so the interface flags get updated
4318 * before the TID is unpaused. Otherwise a race condition
4319 * exists where the unpaused TID still doesn't yet have
4320 * IEEE80211_AGGR_RUNNING set.
4321 */
4322 r = sc->sc_addba_response(ni, tap, status, code, batimeout);
4323
4324 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4325 atid->addba_tx_pending = 0;
4326 /*
4327 * XXX dirty!
4328 * Slide the BAW left edge to wherever net80211 left it for us.
4329 * Read above for more information.
4330 */
4331 tap->txa_start = ni->ni_txseqs[tid];
4332 ath_tx_tid_resume(sc, atid);
4333 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4334 return r;
4335}
4336
4337
4338/*
4339 * Stop ADDBA on a queue.
4340 *
4341 * This can be called whilst BAR TX is currently active on the queue,
4342 * so make sure this is unblocked before continuing.
4343 */
4344void
4345ath_addba_stop(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap)
4346{
4347 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc;
4348 int tid = tap->txa_tid;
4349 struct ath_node *an = ATH_NODE(ni);
4350 struct ath_tid *atid = &an->an_tid[tid];
4351
4352 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: called\n", __func__);
4353
4354 /*
4355 * Pause TID traffic early, so there aren't any races
4356 * Unblock the pending BAR held traffic, if it's currently paused.
4357 */
4358 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4359 ath_tx_tid_pause(sc, atid);
4360 if (atid->bar_wait) {
4361 /*
4362 * bar_unsuspend() expects bar_tx == 1, as it should be
4363 * called from the TX completion path. This quietens
4364 * the warning. It's cleared for us anyway.
4365 */
4366 atid->bar_tx = 1;
4367 ath_tx_tid_bar_unsuspend(sc, atid);
4368 }
4369 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4370
4371 /* There's no need to hold the TXQ lock here */
4372 sc->sc_addba_stop(ni, tap);
4373
4374 /*
4375 * ath_tx_tid_cleanup will resume the TID if possible, otherwise
4376 * it'll set the cleanup flag, and it'll be unpaused once
4377 * things have been cleaned up.
4378 */
4379 ath_tx_tid_cleanup(sc, an, tid);
4380}
4381
4382/*
4383 * Note: net80211 bar_timeout() doesn't call this function on BAR failure;
4384 * it simply tears down the aggregation session. Ew.
4385 *
4386 * It however will call ieee80211_ampdu_stop() which will call
4387 * ic->ic_addba_stop().
4388 *
4389 * XXX This uses a hard-coded max BAR count value; the whole
4390 * XXX BAR TX success or failure should be better handled!
4391 */
4392void
4393ath_bar_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap,
4394 int status)
4395{
4396 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc;
4397 int tid = tap->txa_tid;
4398 struct ath_node *an = ATH_NODE(ni);
4399 struct ath_tid *atid = &an->an_tid[tid];
4400 int attempts = tap->txa_attempts;
4401
4402 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR,
4403 "%s: called; tap=%p, atid=%p, txa_tid=%d, atid->tid=%d, status=%d, attempts=%d\n",
4404 __func__,
4405 tap,
4406 atid,
4407 tap->txa_tid,
4408 atid->tid,
4409 status,
4410 attempts);
4411
4412 /* Note: This may update the BAW details */
4413 sc->sc_bar_response(ni, tap, status);
4414
4415 /* Unpause the TID */
4416 /*
4417 * XXX if this is attempt=50, the TID will be downgraded
4418 * XXX to a non-aggregate session. So we must unpause the
4419 * XXX TID here or it'll never be done.
4420 */
4421 if (status == 0 || attempts == 50) {
4422 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4423 ath_tx_tid_bar_unsuspend(sc, atid);
4424 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4425 }
4426}
4427
4428/*
4429 * This is called whenever the pending ADDBA request times out.
4430 * Unpause and reschedule the TID.
4431 */
4432void
4433ath_addba_response_timeout(struct ieee80211_node *ni,
4434 struct ieee80211_tx_ampdu *tap)
4435{
4436 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc;
4437 int tid = tap->txa_tid;
4438 struct ath_node *an = ATH_NODE(ni);
4439 struct ath_tid *atid = &an->an_tid[tid];
4440
4441 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL,
4442 "%s: called; resuming\n", __func__);
4443
4444 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4445 atid->addba_tx_pending = 0;
4446 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4447
4448 /* Note: This updates the aggregate state to (again) pending */
4449 sc->sc_addba_response_timeout(ni, tap);
4450
4451 /* Unpause the TID; which reschedules it */
4452 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]);
4453 ath_tx_tid_resume(sc, atid);
4454 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]);
4455}
|