if_ath_tx.c revision 233897
1/*- 2 * Copyright (c) 2002-2009 Sam Leffler, Errno Consulting 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer, 10 * without modification. 11 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 12 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any 13 * redistribution must be conditioned upon including a substantially 14 * similar Disclaimer requirement for further binary redistribution. 15 * 16 * NO WARRANTY 17 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY 20 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 21 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, 22 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 25 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 27 * THE POSSIBILITY OF SUCH DAMAGES. 28 */ 29 30#include <sys/cdefs.h> 31__FBSDID("$FreeBSD: head/sys/dev/ath/if_ath_tx.c 233897 2012-04-04 22:22:50Z adrian $"); 32 33/* 34 * Driver for the Atheros Wireless LAN controller. 35 * 36 * This software is derived from work of Atsushi Onoe; his contribution 37 * is greatly appreciated. 38 */ 39 40#include "opt_inet.h" 41#include "opt_ath.h" 42#include "opt_wlan.h" 43 44#include <sys/param.h> 45#include <sys/systm.h> 46#include <sys/sysctl.h> 47#include <sys/mbuf.h> 48#include <sys/malloc.h> 49#include <sys/lock.h> 50#include <sys/mutex.h> 51#include <sys/kernel.h> 52#include <sys/socket.h> 53#include <sys/sockio.h> 54#include <sys/errno.h> 55#include <sys/callout.h> 56#include <sys/bus.h> 57#include <sys/endian.h> 58#include <sys/kthread.h> 59#include <sys/taskqueue.h> 60#include <sys/priv.h> 61 62#include <machine/bus.h> 63 64#include <net/if.h> 65#include <net/if_dl.h> 66#include <net/if_media.h> 67#include <net/if_types.h> 68#include <net/if_arp.h> 69#include <net/ethernet.h> 70#include <net/if_llc.h> 71 72#include <net80211/ieee80211_var.h> 73#include <net80211/ieee80211_regdomain.h> 74#ifdef IEEE80211_SUPPORT_SUPERG 75#include <net80211/ieee80211_superg.h> 76#endif 77#ifdef IEEE80211_SUPPORT_TDMA 78#include <net80211/ieee80211_tdma.h> 79#endif 80#include <net80211/ieee80211_ht.h> 81 82#include <net/bpf.h> 83 84#ifdef INET 85#include <netinet/in.h> 86#include <netinet/if_ether.h> 87#endif 88 89#include <dev/ath/if_athvar.h> 90#include <dev/ath/ath_hal/ah_devid.h> /* XXX for softled */ 91#include <dev/ath/ath_hal/ah_diagcodes.h> 92 93#include <dev/ath/if_ath_debug.h> 94 95#ifdef ATH_TX99_DIAG 96#include <dev/ath/ath_tx99/ath_tx99.h> 97#endif 98 99#include <dev/ath/if_ath_misc.h> 100#include <dev/ath/if_ath_tx.h> 101#include <dev/ath/if_ath_tx_ht.h> 102 103/* 104 * How many retries to perform in software 105 */ 106#define SWMAX_RETRIES 10 107 108static int ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, 109 int tid); 110static int ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, 111 int tid); 112static int ath_tx_action_frame_override_queue(struct ath_softc *sc, 113 struct ieee80211_node *ni, struct mbuf *m0, int *tid); 114static int ath_tx_seqno_required(struct ath_softc *sc, 115 struct ieee80211_node *ni, struct ath_buf *bf, struct mbuf *m0); 116 117/* 118 * Whether to use the 11n rate scenario functions or not 119 */ 120static inline int 121ath_tx_is_11n(struct ath_softc *sc) 122{ 123 return (sc->sc_ah->ah_magic == 0x20065416); 124} 125 126/* 127 * Obtain the current TID from the given frame. 128 * 129 * Non-QoS frames need to go into TID 16 (IEEE80211_NONQOS_TID.) 130 * This has implications for which AC/priority the packet is placed 131 * in. 132 */ 133static int 134ath_tx_gettid(struct ath_softc *sc, const struct mbuf *m0) 135{ 136 const struct ieee80211_frame *wh; 137 int pri = M_WME_GETAC(m0); 138 139 wh = mtod(m0, const struct ieee80211_frame *); 140 if (! IEEE80211_QOS_HAS_SEQ(wh)) 141 return IEEE80211_NONQOS_TID; 142 else 143 return WME_AC_TO_TID(pri); 144} 145 146/* 147 * Determine what the correct AC queue for the given frame 148 * should be. 149 * 150 * This code assumes that the TIDs map consistently to 151 * the underlying hardware (or software) ath_txq. 152 * Since the sender may try to set an AC which is 153 * arbitrary, non-QoS TIDs may end up being put on 154 * completely different ACs. There's no way to put a 155 * TID into multiple ath_txq's for scheduling, so 156 * for now we override the AC/TXQ selection and set 157 * non-QOS TID frames into the BE queue. 158 * 159 * This may be completely incorrect - specifically, 160 * some management frames may end up out of order 161 * compared to the QoS traffic they're controlling. 162 * I'll look into this later. 163 */ 164static int 165ath_tx_getac(struct ath_softc *sc, const struct mbuf *m0) 166{ 167 const struct ieee80211_frame *wh; 168 int pri = M_WME_GETAC(m0); 169 wh = mtod(m0, const struct ieee80211_frame *); 170 if (IEEE80211_QOS_HAS_SEQ(wh)) 171 return pri; 172 173 return WME_AC_BE; 174} 175 176void 177ath_txfrag_cleanup(struct ath_softc *sc, 178 ath_bufhead *frags, struct ieee80211_node *ni) 179{ 180 struct ath_buf *bf, *next; 181 182 ATH_TXBUF_LOCK_ASSERT(sc); 183 184 TAILQ_FOREACH_SAFE(bf, frags, bf_list, next) { 185 /* NB: bf assumed clean */ 186 TAILQ_REMOVE(frags, bf, bf_list); 187 TAILQ_INSERT_HEAD(&sc->sc_txbuf, bf, bf_list); 188 ieee80211_node_decref(ni); 189 } 190} 191 192/* 193 * Setup xmit of a fragmented frame. Allocate a buffer 194 * for each frag and bump the node reference count to 195 * reflect the held reference to be setup by ath_tx_start. 196 */ 197int 198ath_txfrag_setup(struct ath_softc *sc, ath_bufhead *frags, 199 struct mbuf *m0, struct ieee80211_node *ni) 200{ 201 struct mbuf *m; 202 struct ath_buf *bf; 203 204 ATH_TXBUF_LOCK(sc); 205 for (m = m0->m_nextpkt; m != NULL; m = m->m_nextpkt) { 206 bf = _ath_getbuf_locked(sc); 207 if (bf == NULL) { /* out of buffers, cleanup */ 208 ath_txfrag_cleanup(sc, frags, ni); 209 break; 210 } 211 ieee80211_node_incref(ni); 212 TAILQ_INSERT_TAIL(frags, bf, bf_list); 213 } 214 ATH_TXBUF_UNLOCK(sc); 215 216 return !TAILQ_EMPTY(frags); 217} 218 219/* 220 * Reclaim mbuf resources. For fragmented frames we 221 * need to claim each frag chained with m_nextpkt. 222 */ 223void 224ath_freetx(struct mbuf *m) 225{ 226 struct mbuf *next; 227 228 do { 229 next = m->m_nextpkt; 230 m->m_nextpkt = NULL; 231 m_freem(m); 232 } while ((m = next) != NULL); 233} 234 235static int 236ath_tx_dmasetup(struct ath_softc *sc, struct ath_buf *bf, struct mbuf *m0) 237{ 238 struct mbuf *m; 239 int error; 240 241 /* 242 * Load the DMA map so any coalescing is done. This 243 * also calculates the number of descriptors we need. 244 */ 245 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 246 bf->bf_segs, &bf->bf_nseg, 247 BUS_DMA_NOWAIT); 248 if (error == EFBIG) { 249 /* XXX packet requires too many descriptors */ 250 bf->bf_nseg = ATH_TXDESC+1; 251 } else if (error != 0) { 252 sc->sc_stats.ast_tx_busdma++; 253 ath_freetx(m0); 254 return error; 255 } 256 /* 257 * Discard null packets and check for packets that 258 * require too many TX descriptors. We try to convert 259 * the latter to a cluster. 260 */ 261 if (bf->bf_nseg > ATH_TXDESC) { /* too many desc's, linearize */ 262 sc->sc_stats.ast_tx_linear++; 263 m = m_collapse(m0, M_DONTWAIT, ATH_TXDESC); 264 if (m == NULL) { 265 ath_freetx(m0); 266 sc->sc_stats.ast_tx_nombuf++; 267 return ENOMEM; 268 } 269 m0 = m; 270 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 271 bf->bf_segs, &bf->bf_nseg, 272 BUS_DMA_NOWAIT); 273 if (error != 0) { 274 sc->sc_stats.ast_tx_busdma++; 275 ath_freetx(m0); 276 return error; 277 } 278 KASSERT(bf->bf_nseg <= ATH_TXDESC, 279 ("too many segments after defrag; nseg %u", bf->bf_nseg)); 280 } else if (bf->bf_nseg == 0) { /* null packet, discard */ 281 sc->sc_stats.ast_tx_nodata++; 282 ath_freetx(m0); 283 return EIO; 284 } 285 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: m %p len %u\n", 286 __func__, m0, m0->m_pkthdr.len); 287 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, BUS_DMASYNC_PREWRITE); 288 bf->bf_m = m0; 289 290 return 0; 291} 292 293/* 294 * Chain together segments+descriptors for a non-11n frame. 295 */ 296static void 297ath_tx_chaindesclist(struct ath_softc *sc, struct ath_buf *bf) 298{ 299 struct ath_hal *ah = sc->sc_ah; 300 struct ath_desc *ds, *ds0; 301 int i; 302 303 /* 304 * Fillin the remainder of the descriptor info. 305 */ 306 ds0 = ds = bf->bf_desc; 307 for (i = 0; i < bf->bf_nseg; i++, ds++) { 308 ds->ds_data = bf->bf_segs[i].ds_addr; 309 if (i == bf->bf_nseg - 1) 310 ds->ds_link = 0; 311 else 312 ds->ds_link = bf->bf_daddr + sizeof(*ds) * (i + 1); 313 ath_hal_filltxdesc(ah, ds 314 , bf->bf_segs[i].ds_len /* segment length */ 315 , i == 0 /* first segment */ 316 , i == bf->bf_nseg - 1 /* last segment */ 317 , ds0 /* first descriptor */ 318 ); 319 DPRINTF(sc, ATH_DEBUG_XMIT, 320 "%s: %d: %08x %08x %08x %08x %08x %08x\n", 321 __func__, i, ds->ds_link, ds->ds_data, 322 ds->ds_ctl0, ds->ds_ctl1, ds->ds_hw[0], ds->ds_hw[1]); 323 bf->bf_lastds = ds; 324 } 325} 326 327/* 328 * Fill in the descriptor list for a aggregate subframe. 329 * 330 * The subframe is returned with the ds_link field in the last subframe 331 * pointing to 0. 332 */ 333static void 334ath_tx_chaindesclist_subframe(struct ath_softc *sc, struct ath_buf *bf) 335{ 336 struct ath_hal *ah = sc->sc_ah; 337 struct ath_desc *ds, *ds0; 338 int i; 339 340 ds0 = ds = bf->bf_desc; 341 342 /* 343 * There's no need to call ath_hal_setupfirsttxdesc here; 344 * That's only going to occur for the first frame in an aggregate. 345 */ 346 for (i = 0; i < bf->bf_nseg; i++, ds++) { 347 ds->ds_data = bf->bf_segs[i].ds_addr; 348 if (i == bf->bf_nseg - 1) 349 ds->ds_link = 0; 350 else 351 ds->ds_link = bf->bf_daddr + sizeof(*ds) * (i + 1); 352 353 /* 354 * This performs the setup for an aggregate frame. 355 * This includes enabling the aggregate flags if needed. 356 */ 357 ath_hal_chaintxdesc(ah, ds, 358 bf->bf_state.bfs_pktlen, 359 bf->bf_state.bfs_hdrlen, 360 HAL_PKT_TYPE_AMPDU, /* forces aggregate bits to be set */ 361 bf->bf_state.bfs_keyix, 362 0, /* cipher, calculated from keyix */ 363 bf->bf_state.bfs_ndelim, 364 bf->bf_segs[i].ds_len, /* segment length */ 365 i == 0, /* first segment */ 366 i == bf->bf_nseg - 1, /* last segment */ 367 bf->bf_next == NULL /* last sub-frame in aggr */ 368 ); 369 370 DPRINTF(sc, ATH_DEBUG_XMIT, 371 "%s: %d: %08x %08x %08x %08x %08x %08x\n", 372 __func__, i, ds->ds_link, ds->ds_data, 373 ds->ds_ctl0, ds->ds_ctl1, ds->ds_hw[0], ds->ds_hw[1]); 374 bf->bf_lastds = ds; 375 } 376} 377 378/* 379 * Setup segments+descriptors for an 11n aggregate. 380 * bf_first is the first buffer in the aggregate. 381 * The descriptor list must already been linked together using 382 * bf->bf_next. 383 */ 384static void 385ath_tx_setds_11n(struct ath_softc *sc, struct ath_buf *bf_first) 386{ 387 struct ath_buf *bf, *bf_prev = NULL; 388 389 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: nframes=%d, al=%d\n", 390 __func__, bf_first->bf_state.bfs_nframes, 391 bf_first->bf_state.bfs_al); 392 393 /* 394 * Setup all descriptors of all subframes. 395 */ 396 bf = bf_first; 397 while (bf != NULL) { 398 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 399 "%s: bf=%p, nseg=%d, pktlen=%d, seqno=%d\n", 400 __func__, bf, bf->bf_nseg, bf->bf_state.bfs_pktlen, 401 SEQNO(bf->bf_state.bfs_seqno)); 402 403 /* Sub-frame setup */ 404 ath_tx_chaindesclist_subframe(sc, bf); 405 406 /* 407 * Link the last descriptor of the previous frame 408 * to the beginning descriptor of this frame. 409 */ 410 if (bf_prev != NULL) 411 bf_prev->bf_lastds->ds_link = bf->bf_daddr; 412 413 /* Save a copy so we can link the next descriptor in */ 414 bf_prev = bf; 415 bf = bf->bf_next; 416 } 417 418 /* 419 * Setup first descriptor of first frame. 420 * chaintxdesc() overwrites the descriptor entries; 421 * setupfirsttxdesc() merges in things. 422 * Otherwise various fields aren't set correctly (eg flags). 423 */ 424 ath_hal_setupfirsttxdesc(sc->sc_ah, 425 bf_first->bf_desc, 426 bf_first->bf_state.bfs_al, 427 bf_first->bf_state.bfs_flags | HAL_TXDESC_INTREQ, 428 bf_first->bf_state.bfs_txpower, 429 bf_first->bf_state.bfs_txrate0, 430 bf_first->bf_state.bfs_try0, 431 bf_first->bf_state.bfs_txantenna, 432 bf_first->bf_state.bfs_ctsrate, 433 bf_first->bf_state.bfs_ctsduration); 434 435 /* 436 * Setup the last descriptor in the list. 437 * bf_prev points to the last; bf is NULL here. 438 */ 439 ath_hal_setuplasttxdesc(sc->sc_ah, bf_prev->bf_desc, 440 bf_first->bf_desc); 441 442 /* 443 * Set the first descriptor bf_lastds field to point to 444 * the last descriptor in the last subframe, that's where 445 * the status update will occur. 446 */ 447 bf_first->bf_lastds = bf_prev->bf_lastds; 448 449 /* 450 * And bf_last in the first descriptor points to the end of 451 * the aggregate list. 452 */ 453 bf_first->bf_last = bf_prev; 454 455 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: end\n", __func__); 456} 457 458static void 459ath_tx_handoff_mcast(struct ath_softc *sc, struct ath_txq *txq, 460 struct ath_buf *bf) 461{ 462 ATH_TXQ_LOCK_ASSERT(txq); 463 KASSERT((bf->bf_flags & ATH_BUF_BUSY) == 0, 464 ("%s: busy status 0x%x", __func__, bf->bf_flags)); 465 if (txq->axq_link != NULL) { 466 struct ath_buf *last = ATH_TXQ_LAST(txq, axq_q_s); 467 struct ieee80211_frame *wh; 468 469 /* mark previous frame */ 470 wh = mtod(last->bf_m, struct ieee80211_frame *); 471 wh->i_fc[1] |= IEEE80211_FC1_MORE_DATA; 472 bus_dmamap_sync(sc->sc_dmat, last->bf_dmamap, 473 BUS_DMASYNC_PREWRITE); 474 475 /* link descriptor */ 476 *txq->axq_link = bf->bf_daddr; 477 } 478 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 479 txq->axq_link = &bf->bf_lastds->ds_link; 480} 481 482/* 483 * Hand-off packet to a hardware queue. 484 */ 485static void 486ath_tx_handoff_hw(struct ath_softc *sc, struct ath_txq *txq, 487 struct ath_buf *bf) 488{ 489 struct ath_hal *ah = sc->sc_ah; 490 491 /* 492 * Insert the frame on the outbound list and pass it on 493 * to the hardware. Multicast frames buffered for power 494 * save stations and transmit from the CAB queue are stored 495 * on a s/w only queue and loaded on to the CAB queue in 496 * the SWBA handler since frames only go out on DTIM and 497 * to avoid possible races. 498 */ 499 ATH_TXQ_LOCK_ASSERT(txq); 500 KASSERT((bf->bf_flags & ATH_BUF_BUSY) == 0, 501 ("%s: busy status 0x%x", __func__, bf->bf_flags)); 502 KASSERT(txq->axq_qnum != ATH_TXQ_SWQ, 503 ("ath_tx_handoff_hw called for mcast queue")); 504 505#if 0 506 /* 507 * This causes a LOR. Find out where the PCU lock is being 508 * held whilst the TXQ lock is grabbed - that shouldn't 509 * be occuring. 510 */ 511 ATH_PCU_LOCK(sc); 512 if (sc->sc_inreset_cnt) { 513 ATH_PCU_UNLOCK(sc); 514 DPRINTF(sc, ATH_DEBUG_RESET, 515 "%s: called with sc_in_reset != 0\n", 516 __func__); 517 DPRINTF(sc, ATH_DEBUG_XMIT, 518 "%s: queued: TXDP[%u] = %p (%p) depth %d\n", 519 __func__, txq->axq_qnum, 520 (caddr_t)bf->bf_daddr, bf->bf_desc, 521 txq->axq_depth); 522 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 523 if (bf->bf_state.bfs_aggr) 524 txq->axq_aggr_depth++; 525 /* 526 * There's no need to update axq_link; the hardware 527 * is in reset and once the reset is complete, any 528 * non-empty queues will simply have DMA restarted. 529 */ 530 return; 531 } 532 ATH_PCU_UNLOCK(sc); 533#endif 534 535 /* For now, so not to generate whitespace diffs */ 536 if (1) { 537#ifdef IEEE80211_SUPPORT_TDMA 538 int qbusy; 539 540 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 541 qbusy = ath_hal_txqenabled(ah, txq->axq_qnum); 542 if (txq->axq_link == NULL) { 543 /* 544 * Be careful writing the address to TXDP. If 545 * the tx q is enabled then this write will be 546 * ignored. Normally this is not an issue but 547 * when tdma is in use and the q is beacon gated 548 * this race can occur. If the q is busy then 549 * defer the work to later--either when another 550 * packet comes along or when we prepare a beacon 551 * frame at SWBA. 552 */ 553 if (!qbusy) { 554 ath_hal_puttxbuf(ah, txq->axq_qnum, 555 bf->bf_daddr); 556 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 557 DPRINTF(sc, ATH_DEBUG_XMIT, 558 "%s: TXDP[%u] = %p (%p) depth %d\n", 559 __func__, txq->axq_qnum, 560 (caddr_t)bf->bf_daddr, bf->bf_desc, 561 txq->axq_depth); 562 } else { 563 txq->axq_flags |= ATH_TXQ_PUTPENDING; 564 DPRINTF(sc, ATH_DEBUG_TDMA | ATH_DEBUG_XMIT, 565 "%s: Q%u busy, defer enable\n", __func__, 566 txq->axq_qnum); 567 } 568 } else { 569 *txq->axq_link = bf->bf_daddr; 570 DPRINTF(sc, ATH_DEBUG_XMIT, 571 "%s: link[%u](%p)=%p (%p) depth %d\n", __func__, 572 txq->axq_qnum, txq->axq_link, 573 (caddr_t)bf->bf_daddr, bf->bf_desc, 574 txq->axq_depth); 575 if ((txq->axq_flags & ATH_TXQ_PUTPENDING) && !qbusy) { 576 /* 577 * The q was busy when we previously tried 578 * to write the address of the first buffer 579 * in the chain. Since it's not busy now 580 * handle this chore. We are certain the 581 * buffer at the front is the right one since 582 * axq_link is NULL only when the buffer list 583 * is/was empty. 584 */ 585 ath_hal_puttxbuf(ah, txq->axq_qnum, 586 TAILQ_FIRST(&txq->axq_q)->bf_daddr); 587 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 588 DPRINTF(sc, ATH_DEBUG_TDMA | ATH_DEBUG_XMIT, 589 "%s: Q%u restarted\n", __func__, 590 txq->axq_qnum); 591 } 592 } 593#else 594 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 595 if (txq->axq_link == NULL) { 596 ath_hal_puttxbuf(ah, txq->axq_qnum, bf->bf_daddr); 597 DPRINTF(sc, ATH_DEBUG_XMIT, 598 "%s: TXDP[%u] = %p (%p) depth %d\n", 599 __func__, txq->axq_qnum, 600 (caddr_t)bf->bf_daddr, bf->bf_desc, 601 txq->axq_depth); 602 } else { 603 *txq->axq_link = bf->bf_daddr; 604 DPRINTF(sc, ATH_DEBUG_XMIT, 605 "%s: link[%u](%p)=%p (%p) depth %d\n", __func__, 606 txq->axq_qnum, txq->axq_link, 607 (caddr_t)bf->bf_daddr, bf->bf_desc, 608 txq->axq_depth); 609 } 610#endif /* IEEE80211_SUPPORT_TDMA */ 611 if (bf->bf_state.bfs_aggr) 612 txq->axq_aggr_depth++; 613 txq->axq_link = &bf->bf_lastds->ds_link; 614 ath_hal_txstart(ah, txq->axq_qnum); 615 } 616} 617 618/* 619 * Restart TX DMA for the given TXQ. 620 * 621 * This must be called whether the queue is empty or not. 622 */ 623void 624ath_txq_restart_dma(struct ath_softc *sc, struct ath_txq *txq) 625{ 626 struct ath_hal *ah = sc->sc_ah; 627 struct ath_buf *bf, *bf_last; 628 629 ATH_TXQ_LOCK_ASSERT(txq); 630 631 /* This is always going to be cleared, empty or not */ 632 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 633 634 /* XXX make this ATH_TXQ_FIRST */ 635 bf = TAILQ_FIRST(&txq->axq_q); 636 bf_last = ATH_TXQ_LAST(txq, axq_q_s); 637 638 if (bf == NULL) 639 return; 640 641 ath_hal_puttxbuf(ah, txq->axq_qnum, bf->bf_daddr); 642 txq->axq_link = &bf_last->bf_lastds->ds_link; 643 ath_hal_txstart(ah, txq->axq_qnum); 644} 645 646/* 647 * Hand off a packet to the hardware (or mcast queue.) 648 * 649 * The relevant hardware txq should be locked. 650 */ 651static void 652ath_tx_handoff(struct ath_softc *sc, struct ath_txq *txq, struct ath_buf *bf) 653{ 654 ATH_TXQ_LOCK_ASSERT(txq); 655 656 if (txq->axq_qnum == ATH_TXQ_SWQ) 657 ath_tx_handoff_mcast(sc, txq, bf); 658 else 659 ath_tx_handoff_hw(sc, txq, bf); 660} 661 662static int 663ath_tx_tag_crypto(struct ath_softc *sc, struct ieee80211_node *ni, 664 struct mbuf *m0, int iswep, int isfrag, int *hdrlen, int *pktlen, 665 int *keyix) 666{ 667 DPRINTF(sc, ATH_DEBUG_XMIT, 668 "%s: hdrlen=%d, pktlen=%d, isfrag=%d, iswep=%d, m0=%p\n", 669 __func__, 670 *hdrlen, 671 *pktlen, 672 isfrag, 673 iswep, 674 m0); 675 676 if (iswep) { 677 const struct ieee80211_cipher *cip; 678 struct ieee80211_key *k; 679 680 /* 681 * Construct the 802.11 header+trailer for an encrypted 682 * frame. The only reason this can fail is because of an 683 * unknown or unsupported cipher/key type. 684 */ 685 k = ieee80211_crypto_encap(ni, m0); 686 if (k == NULL) { 687 /* 688 * This can happen when the key is yanked after the 689 * frame was queued. Just discard the frame; the 690 * 802.11 layer counts failures and provides 691 * debugging/diagnostics. 692 */ 693 return (0); 694 } 695 /* 696 * Adjust the packet + header lengths for the crypto 697 * additions and calculate the h/w key index. When 698 * a s/w mic is done the frame will have had any mic 699 * added to it prior to entry so m0->m_pkthdr.len will 700 * account for it. Otherwise we need to add it to the 701 * packet length. 702 */ 703 cip = k->wk_cipher; 704 (*hdrlen) += cip->ic_header; 705 (*pktlen) += cip->ic_header + cip->ic_trailer; 706 /* NB: frags always have any TKIP MIC done in s/w */ 707 if ((k->wk_flags & IEEE80211_KEY_SWMIC) == 0 && !isfrag) 708 (*pktlen) += cip->ic_miclen; 709 (*keyix) = k->wk_keyix; 710 } else if (ni->ni_ucastkey.wk_cipher == &ieee80211_cipher_none) { 711 /* 712 * Use station key cache slot, if assigned. 713 */ 714 (*keyix) = ni->ni_ucastkey.wk_keyix; 715 if ((*keyix) == IEEE80211_KEYIX_NONE) 716 (*keyix) = HAL_TXKEYIX_INVALID; 717 } else 718 (*keyix) = HAL_TXKEYIX_INVALID; 719 720 return (1); 721} 722 723static uint8_t 724ath_tx_get_rtscts_rate(struct ath_hal *ah, const HAL_RATE_TABLE *rt, 725 int cix, int shortPreamble) 726{ 727 uint8_t ctsrate; 728 729 /* 730 * CTS transmit rate is derived from the transmit rate 731 * by looking in the h/w rate table. We must also factor 732 * in whether or not a short preamble is to be used. 733 */ 734 /* NB: cix is set above where RTS/CTS is enabled */ 735 KASSERT(cix != 0xff, ("cix not setup")); 736 ctsrate = rt->info[cix].rateCode; 737 738 /* XXX this should only matter for legacy rates */ 739 if (shortPreamble) 740 ctsrate |= rt->info[cix].shortPreamble; 741 742 return (ctsrate); 743} 744 745/* 746 * Calculate the RTS/CTS duration for legacy frames. 747 */ 748static int 749ath_tx_calc_ctsduration(struct ath_hal *ah, int rix, int cix, 750 int shortPreamble, int pktlen, const HAL_RATE_TABLE *rt, 751 int flags) 752{ 753 int ctsduration = 0; 754 755 /* This mustn't be called for HT modes */ 756 if (rt->info[cix].phy == IEEE80211_T_HT) { 757 printf("%s: HT rate where it shouldn't be (0x%x)\n", 758 __func__, rt->info[cix].rateCode); 759 return (-1); 760 } 761 762 /* 763 * Compute the transmit duration based on the frame 764 * size and the size of an ACK frame. We call into the 765 * HAL to do the computation since it depends on the 766 * characteristics of the actual PHY being used. 767 * 768 * NB: CTS is assumed the same size as an ACK so we can 769 * use the precalculated ACK durations. 770 */ 771 if (shortPreamble) { 772 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */ 773 ctsduration += rt->info[cix].spAckDuration; 774 ctsduration += ath_hal_computetxtime(ah, 775 rt, pktlen, rix, AH_TRUE); 776 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */ 777 ctsduration += rt->info[rix].spAckDuration; 778 } else { 779 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */ 780 ctsduration += rt->info[cix].lpAckDuration; 781 ctsduration += ath_hal_computetxtime(ah, 782 rt, pktlen, rix, AH_FALSE); 783 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */ 784 ctsduration += rt->info[rix].lpAckDuration; 785 } 786 787 return (ctsduration); 788} 789 790/* 791 * Update the given ath_buf with updated rts/cts setup and duration 792 * values. 793 * 794 * To support rate lookups for each software retry, the rts/cts rate 795 * and cts duration must be re-calculated. 796 * 797 * This function assumes the RTS/CTS flags have been set as needed; 798 * mrr has been disabled; and the rate control lookup has been done. 799 * 800 * XXX TODO: MRR need only be disabled for the pre-11n NICs. 801 * XXX The 11n NICs support per-rate RTS/CTS configuration. 802 */ 803static void 804ath_tx_set_rtscts(struct ath_softc *sc, struct ath_buf *bf) 805{ 806 uint16_t ctsduration = 0; 807 uint8_t ctsrate = 0; 808 uint8_t rix = bf->bf_state.bfs_rc[0].rix; 809 uint8_t cix = 0; 810 const HAL_RATE_TABLE *rt = sc->sc_currates; 811 812 /* 813 * No RTS/CTS enabled? Don't bother. 814 */ 815 if ((bf->bf_state.bfs_flags & 816 (HAL_TXDESC_RTSENA | HAL_TXDESC_CTSENA)) == 0) { 817 /* XXX is this really needed? */ 818 bf->bf_state.bfs_ctsrate = 0; 819 bf->bf_state.bfs_ctsduration = 0; 820 return; 821 } 822 823 /* 824 * If protection is enabled, use the protection rix control 825 * rate. Otherwise use the rate0 control rate. 826 */ 827 if (bf->bf_state.bfs_doprot) 828 rix = sc->sc_protrix; 829 else 830 rix = bf->bf_state.bfs_rc[0].rix; 831 832 /* 833 * If the raw path has hard-coded ctsrate0 to something, 834 * use it. 835 */ 836 if (bf->bf_state.bfs_ctsrate0 != 0) 837 cix = ath_tx_findrix(sc, bf->bf_state.bfs_ctsrate0); 838 else 839 /* Control rate from above */ 840 cix = rt->info[rix].controlRate; 841 842 /* Calculate the rtscts rate for the given cix */ 843 ctsrate = ath_tx_get_rtscts_rate(sc->sc_ah, rt, cix, 844 bf->bf_state.bfs_shpream); 845 846 /* The 11n chipsets do ctsduration calculations for you */ 847 if (! ath_tx_is_11n(sc)) 848 ctsduration = ath_tx_calc_ctsduration(sc->sc_ah, rix, cix, 849 bf->bf_state.bfs_shpream, bf->bf_state.bfs_pktlen, 850 rt, bf->bf_state.bfs_flags); 851 852 /* Squirrel away in ath_buf */ 853 bf->bf_state.bfs_ctsrate = ctsrate; 854 bf->bf_state.bfs_ctsduration = ctsduration; 855 856 /* 857 * Must disable multi-rate retry when using RTS/CTS. 858 * XXX TODO: only for pre-11n NICs. 859 */ 860 bf->bf_state.bfs_ismrr = 0; 861 bf->bf_state.bfs_try0 = 862 bf->bf_state.bfs_rc[0].tries = ATH_TXMGTTRY; /* XXX ew */ 863} 864 865/* 866 * Setup the descriptor chain for a normal or fast-frame 867 * frame. 868 */ 869static void 870ath_tx_setds(struct ath_softc *sc, struct ath_buf *bf) 871{ 872 struct ath_desc *ds = bf->bf_desc; 873 struct ath_hal *ah = sc->sc_ah; 874 875 ath_hal_setuptxdesc(ah, ds 876 , bf->bf_state.bfs_pktlen /* packet length */ 877 , bf->bf_state.bfs_hdrlen /* header length */ 878 , bf->bf_state.bfs_atype /* Atheros packet type */ 879 , bf->bf_state.bfs_txpower /* txpower */ 880 , bf->bf_state.bfs_txrate0 881 , bf->bf_state.bfs_try0 /* series 0 rate/tries */ 882 , bf->bf_state.bfs_keyix /* key cache index */ 883 , bf->bf_state.bfs_txantenna /* antenna mode */ 884 , bf->bf_state.bfs_flags /* flags */ 885 , bf->bf_state.bfs_ctsrate /* rts/cts rate */ 886 , bf->bf_state.bfs_ctsduration /* rts/cts duration */ 887 ); 888 889 /* 890 * This will be overriden when the descriptor chain is written. 891 */ 892 bf->bf_lastds = ds; 893 bf->bf_last = bf; 894 895 /* XXX TODO: Setup descriptor chain */ 896} 897 898/* 899 * Do a rate lookup. 900 * 901 * This performs a rate lookup for the given ath_buf only if it's required. 902 * Non-data frames and raw frames don't require it. 903 * 904 * This populates the primary and MRR entries; MRR values are 905 * then disabled later on if something requires it (eg RTS/CTS on 906 * pre-11n chipsets. 907 * 908 * This needs to be done before the RTS/CTS fields are calculated 909 * as they may depend upon the rate chosen. 910 */ 911static void 912ath_tx_do_ratelookup(struct ath_softc *sc, struct ath_buf *bf) 913{ 914 uint8_t rate, rix; 915 int try0; 916 917 if (! bf->bf_state.bfs_doratelookup) 918 return; 919 920 /* Get rid of any previous state */ 921 bzero(bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 922 923 ATH_NODE_LOCK(ATH_NODE(bf->bf_node)); 924 ath_rate_findrate(sc, ATH_NODE(bf->bf_node), bf->bf_state.bfs_shpream, 925 bf->bf_state.bfs_pktlen, &rix, &try0, &rate); 926 927 /* In case MRR is disabled, make sure rc[0] is setup correctly */ 928 bf->bf_state.bfs_rc[0].rix = rix; 929 bf->bf_state.bfs_rc[0].ratecode = rate; 930 bf->bf_state.bfs_rc[0].tries = try0; 931 932 if (bf->bf_state.bfs_ismrr && try0 != ATH_TXMAXTRY) 933 ath_rate_getxtxrates(sc, ATH_NODE(bf->bf_node), rix, 934 bf->bf_state.bfs_rc); 935 ATH_NODE_UNLOCK(ATH_NODE(bf->bf_node)); 936 937 sc->sc_txrix = rix; /* for LED blinking */ 938 sc->sc_lastdatarix = rix; /* for fast frames */ 939 bf->bf_state.bfs_try0 = try0; 940 bf->bf_state.bfs_txrate0 = rate; 941} 942 943/* 944 * Set the rate control fields in the given descriptor based on 945 * the bf_state fields and node state. 946 * 947 * The bfs fields should already be set with the relevant rate 948 * control information, including whether MRR is to be enabled. 949 * 950 * Since the FreeBSD HAL currently sets up the first TX rate 951 * in ath_hal_setuptxdesc(), this will setup the MRR 952 * conditionally for the pre-11n chips, and call ath_buf_set_rate 953 * unconditionally for 11n chips. These require the 11n rate 954 * scenario to be set if MCS rates are enabled, so it's easier 955 * to just always call it. The caller can then only set rates 2, 3 956 * and 4 if multi-rate retry is needed. 957 */ 958static void 959ath_tx_set_ratectrl(struct ath_softc *sc, struct ieee80211_node *ni, 960 struct ath_buf *bf) 961{ 962 struct ath_rc_series *rc = bf->bf_state.bfs_rc; 963 964 /* If mrr is disabled, blank tries 1, 2, 3 */ 965 if (! bf->bf_state.bfs_ismrr) 966 rc[1].tries = rc[2].tries = rc[3].tries = 0; 967 968 /* 969 * Always call - that way a retried descriptor will 970 * have the MRR fields overwritten. 971 * 972 * XXX TODO: see if this is really needed - setting up 973 * the first descriptor should set the MRR fields to 0 974 * for us anyway. 975 */ 976 if (ath_tx_is_11n(sc)) { 977 ath_buf_set_rate(sc, ni, bf); 978 } else { 979 ath_hal_setupxtxdesc(sc->sc_ah, bf->bf_desc 980 , rc[1].ratecode, rc[1].tries 981 , rc[2].ratecode, rc[2].tries 982 , rc[3].ratecode, rc[3].tries 983 ); 984 } 985} 986 987/* 988 * Transmit the given frame to the hardware. 989 * 990 * The frame must already be setup; rate control must already have 991 * been done. 992 * 993 * XXX since the TXQ lock is being held here (and I dislike holding 994 * it for this long when not doing software aggregation), later on 995 * break this function into "setup_normal" and "xmit_normal". The 996 * lock only needs to be held for the ath_tx_handoff call. 997 */ 998static void 999ath_tx_xmit_normal(struct ath_softc *sc, struct ath_txq *txq, 1000 struct ath_buf *bf) 1001{ 1002 1003 ATH_TXQ_LOCK_ASSERT(txq); 1004 1005 /* Setup the descriptor before handoff */ 1006 ath_tx_do_ratelookup(sc, bf); 1007 ath_tx_rate_fill_rcflags(sc, bf); 1008 ath_tx_set_rtscts(sc, bf); 1009 ath_tx_setds(sc, bf); 1010 ath_tx_set_ratectrl(sc, bf->bf_node, bf); 1011 ath_tx_chaindesclist(sc, bf); 1012 1013 /* Hand off to hardware */ 1014 ath_tx_handoff(sc, txq, bf); 1015} 1016 1017 1018 1019static int 1020ath_tx_normal_setup(struct ath_softc *sc, struct ieee80211_node *ni, 1021 struct ath_buf *bf, struct mbuf *m0) 1022{ 1023 struct ieee80211vap *vap = ni->ni_vap; 1024 struct ath_vap *avp = ATH_VAP(vap); 1025 struct ath_hal *ah = sc->sc_ah; 1026 struct ifnet *ifp = sc->sc_ifp; 1027 struct ieee80211com *ic = ifp->if_l2com; 1028 const struct chanAccParams *cap = &ic->ic_wme.wme_chanParams; 1029 int error, iswep, ismcast, isfrag, ismrr; 1030 int keyix, hdrlen, pktlen, try0 = 0; 1031 u_int8_t rix = 0, txrate = 0; 1032 struct ath_desc *ds; 1033 struct ath_txq *txq; 1034 struct ieee80211_frame *wh; 1035 u_int subtype, flags; 1036 HAL_PKT_TYPE atype; 1037 const HAL_RATE_TABLE *rt; 1038 HAL_BOOL shortPreamble; 1039 struct ath_node *an; 1040 u_int pri; 1041 1042 wh = mtod(m0, struct ieee80211_frame *); 1043 iswep = wh->i_fc[1] & IEEE80211_FC1_WEP; 1044 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1045 isfrag = m0->m_flags & M_FRAG; 1046 hdrlen = ieee80211_anyhdrsize(wh); 1047 /* 1048 * Packet length must not include any 1049 * pad bytes; deduct them here. 1050 */ 1051 pktlen = m0->m_pkthdr.len - (hdrlen & 3); 1052 1053 /* Handle encryption twiddling if needed */ 1054 if (! ath_tx_tag_crypto(sc, ni, m0, iswep, isfrag, &hdrlen, 1055 &pktlen, &keyix)) { 1056 ath_freetx(m0); 1057 return EIO; 1058 } 1059 1060 /* packet header may have moved, reset our local pointer */ 1061 wh = mtod(m0, struct ieee80211_frame *); 1062 1063 pktlen += IEEE80211_CRC_LEN; 1064 1065 /* 1066 * Load the DMA map so any coalescing is done. This 1067 * also calculates the number of descriptors we need. 1068 */ 1069 error = ath_tx_dmasetup(sc, bf, m0); 1070 if (error != 0) 1071 return error; 1072 bf->bf_node = ni; /* NB: held reference */ 1073 m0 = bf->bf_m; /* NB: may have changed */ 1074 wh = mtod(m0, struct ieee80211_frame *); 1075 1076 /* setup descriptors */ 1077 ds = bf->bf_desc; 1078 rt = sc->sc_currates; 1079 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode)); 1080 1081 /* 1082 * NB: the 802.11 layer marks whether or not we should 1083 * use short preamble based on the current mode and 1084 * negotiated parameters. 1085 */ 1086 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 1087 (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE)) { 1088 shortPreamble = AH_TRUE; 1089 sc->sc_stats.ast_tx_shortpre++; 1090 } else { 1091 shortPreamble = AH_FALSE; 1092 } 1093 1094 an = ATH_NODE(ni); 1095 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */ 1096 ismrr = 0; /* default no multi-rate retry*/ 1097 pri = M_WME_GETAC(m0); /* honor classification */ 1098 /* XXX use txparams instead of fixed values */ 1099 /* 1100 * Calculate Atheros packet type from IEEE80211 packet header, 1101 * setup for rate calculations, and select h/w transmit queue. 1102 */ 1103 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) { 1104 case IEEE80211_FC0_TYPE_MGT: 1105 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1106 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON) 1107 atype = HAL_PKT_TYPE_BEACON; 1108 else if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1109 atype = HAL_PKT_TYPE_PROBE_RESP; 1110 else if (subtype == IEEE80211_FC0_SUBTYPE_ATIM) 1111 atype = HAL_PKT_TYPE_ATIM; 1112 else 1113 atype = HAL_PKT_TYPE_NORMAL; /* XXX */ 1114 rix = an->an_mgmtrix; 1115 txrate = rt->info[rix].rateCode; 1116 if (shortPreamble) 1117 txrate |= rt->info[rix].shortPreamble; 1118 try0 = ATH_TXMGTTRY; 1119 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1120 break; 1121 case IEEE80211_FC0_TYPE_CTL: 1122 atype = HAL_PKT_TYPE_PSPOLL; /* stop setting of duration */ 1123 rix = an->an_mgmtrix; 1124 txrate = rt->info[rix].rateCode; 1125 if (shortPreamble) 1126 txrate |= rt->info[rix].shortPreamble; 1127 try0 = ATH_TXMGTTRY; 1128 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1129 break; 1130 case IEEE80211_FC0_TYPE_DATA: 1131 atype = HAL_PKT_TYPE_NORMAL; /* default */ 1132 /* 1133 * Data frames: multicast frames go out at a fixed rate, 1134 * EAPOL frames use the mgmt frame rate; otherwise consult 1135 * the rate control module for the rate to use. 1136 */ 1137 if (ismcast) { 1138 rix = an->an_mcastrix; 1139 txrate = rt->info[rix].rateCode; 1140 if (shortPreamble) 1141 txrate |= rt->info[rix].shortPreamble; 1142 try0 = 1; 1143 } else if (m0->m_flags & M_EAPOL) { 1144 /* XXX? maybe always use long preamble? */ 1145 rix = an->an_mgmtrix; 1146 txrate = rt->info[rix].rateCode; 1147 if (shortPreamble) 1148 txrate |= rt->info[rix].shortPreamble; 1149 try0 = ATH_TXMAXTRY; /* XXX?too many? */ 1150 } else { 1151 /* 1152 * Do rate lookup on each TX, rather than using 1153 * the hard-coded TX information decided here. 1154 */ 1155 ismrr = 1; 1156 bf->bf_state.bfs_doratelookup = 1; 1157 } 1158 if (cap->cap_wmeParams[pri].wmep_noackPolicy) 1159 flags |= HAL_TXDESC_NOACK; 1160 break; 1161 default: 1162 if_printf(ifp, "bogus frame type 0x%x (%s)\n", 1163 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, __func__); 1164 /* XXX statistic */ 1165 ath_freetx(m0); 1166 return EIO; 1167 } 1168 txq = sc->sc_ac2q[pri]; 1169 1170 /* 1171 * When servicing one or more stations in power-save mode 1172 * (or) if there is some mcast data waiting on the mcast 1173 * queue (to prevent out of order delivery) multicast 1174 * frames must be buffered until after the beacon. 1175 * 1176 * XXX This likely means that if there's a station in power 1177 * save mode, we won't be doing any kind of aggregation towards 1178 * anyone. This is likely a very suboptimal way of dealing 1179 * with things. 1180 */ 1181 if (ismcast && (vap->iv_ps_sta || avp->av_mcastq.axq_depth)) 1182 txq = &avp->av_mcastq; 1183 1184 /* 1185 * Calculate miscellaneous flags. 1186 */ 1187 if (ismcast) { 1188 flags |= HAL_TXDESC_NOACK; /* no ack on broad/multicast */ 1189 } else if (pktlen > vap->iv_rtsthreshold && 1190 (ni->ni_ath_flags & IEEE80211_NODE_FF) == 0) { 1191 flags |= HAL_TXDESC_RTSENA; /* RTS based on frame length */ 1192 sc->sc_stats.ast_tx_rts++; 1193 } 1194 if (flags & HAL_TXDESC_NOACK) /* NB: avoid double counting */ 1195 sc->sc_stats.ast_tx_noack++; 1196#ifdef IEEE80211_SUPPORT_TDMA 1197 if (sc->sc_tdma && (flags & HAL_TXDESC_NOACK) == 0) { 1198 DPRINTF(sc, ATH_DEBUG_TDMA, 1199 "%s: discard frame, ACK required w/ TDMA\n", __func__); 1200 sc->sc_stats.ast_tdma_ack++; 1201 ath_freetx(m0); 1202 return EIO; 1203 } 1204#endif 1205 1206 /* 1207 * If 802.11g protection is enabled, determine whether 1208 * to use RTS/CTS or just CTS. Note that this is only 1209 * done for OFDM unicast frames. 1210 */ 1211 if ((ic->ic_flags & IEEE80211_F_USEPROT) && 1212 rt->info[rix].phy == IEEE80211_T_OFDM && 1213 (flags & HAL_TXDESC_NOACK) == 0) { 1214 bf->bf_state.bfs_doprot = 1; 1215 /* XXX fragments must use CCK rates w/ protection */ 1216 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) { 1217 flags |= HAL_TXDESC_RTSENA; 1218 } else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) { 1219 flags |= HAL_TXDESC_CTSENA; 1220 } 1221 /* 1222 * For frags it would be desirable to use the 1223 * highest CCK rate for RTS/CTS. But stations 1224 * farther away may detect it at a lower CCK rate 1225 * so use the configured protection rate instead 1226 * (for now). 1227 */ 1228 sc->sc_stats.ast_tx_protect++; 1229 } 1230 1231#if 0 1232 /* 1233 * If 11n protection is enabled and it's a HT frame, 1234 * enable RTS. 1235 * 1236 * XXX ic_htprotmode or ic_curhtprotmode? 1237 * XXX should it_htprotmode only matter if ic_curhtprotmode 1238 * XXX indicates it's not a HT pure environment? 1239 */ 1240 if ((ic->ic_htprotmode == IEEE80211_PROT_RTSCTS) && 1241 rt->info[rix].phy == IEEE80211_T_HT && 1242 (flags & HAL_TXDESC_NOACK) == 0) { 1243 cix = rt->info[sc->sc_protrix].controlRate; 1244 flags |= HAL_TXDESC_RTSENA; 1245 sc->sc_stats.ast_tx_htprotect++; 1246 } 1247#endif 1248 1249 /* 1250 * Calculate duration. This logically belongs in the 802.11 1251 * layer but it lacks sufficient information to calculate it. 1252 */ 1253 if ((flags & HAL_TXDESC_NOACK) == 0 && 1254 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_CTL) { 1255 u_int16_t dur; 1256 if (shortPreamble) 1257 dur = rt->info[rix].spAckDuration; 1258 else 1259 dur = rt->info[rix].lpAckDuration; 1260 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) { 1261 dur += dur; /* additional SIFS+ACK */ 1262 KASSERT(m0->m_nextpkt != NULL, ("no fragment")); 1263 /* 1264 * Include the size of next fragment so NAV is 1265 * updated properly. The last fragment uses only 1266 * the ACK duration 1267 */ 1268 dur += ath_hal_computetxtime(ah, rt, 1269 m0->m_nextpkt->m_pkthdr.len, 1270 rix, shortPreamble); 1271 } 1272 if (isfrag) { 1273 /* 1274 * Force hardware to use computed duration for next 1275 * fragment by disabling multi-rate retry which updates 1276 * duration based on the multi-rate duration table. 1277 */ 1278 ismrr = 0; 1279 try0 = ATH_TXMGTTRY; /* XXX? */ 1280 } 1281 *(u_int16_t *)wh->i_dur = htole16(dur); 1282 } 1283 1284 /* 1285 * Determine if a tx interrupt should be generated for 1286 * this descriptor. We take a tx interrupt to reap 1287 * descriptors when the h/w hits an EOL condition or 1288 * when the descriptor is specifically marked to generate 1289 * an interrupt. We periodically mark descriptors in this 1290 * way to insure timely replenishing of the supply needed 1291 * for sending frames. Defering interrupts reduces system 1292 * load and potentially allows more concurrent work to be 1293 * done but if done to aggressively can cause senders to 1294 * backup. 1295 * 1296 * NB: use >= to deal with sc_txintrperiod changing 1297 * dynamically through sysctl. 1298 */ 1299 if (flags & HAL_TXDESC_INTREQ) { 1300 txq->axq_intrcnt = 0; 1301 } else if (++txq->axq_intrcnt >= sc->sc_txintrperiod) { 1302 flags |= HAL_TXDESC_INTREQ; 1303 txq->axq_intrcnt = 0; 1304 } 1305 1306 /* This point forward is actual TX bits */ 1307 1308 /* 1309 * At this point we are committed to sending the frame 1310 * and we don't need to look at m_nextpkt; clear it in 1311 * case this frame is part of frag chain. 1312 */ 1313 m0->m_nextpkt = NULL; 1314 1315 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT)) 1316 ieee80211_dump_pkt(ic, mtod(m0, const uint8_t *), m0->m_len, 1317 sc->sc_hwmap[rix].ieeerate, -1); 1318 1319 if (ieee80211_radiotap_active_vap(vap)) { 1320 u_int64_t tsf = ath_hal_gettsf64(ah); 1321 1322 sc->sc_tx_th.wt_tsf = htole64(tsf); 1323 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags; 1324 if (iswep) 1325 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1326 if (isfrag) 1327 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1328 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate; 1329 sc->sc_tx_th.wt_txpower = ni->ni_txpower; 1330 sc->sc_tx_th.wt_antenna = sc->sc_txantenna; 1331 1332 ieee80211_radiotap_tx(vap, m0); 1333 } 1334 1335 /* Blank the legacy rate array */ 1336 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1337 1338 /* 1339 * ath_buf_set_rate needs at least one rate/try to setup 1340 * the rate scenario. 1341 */ 1342 bf->bf_state.bfs_rc[0].rix = rix; 1343 bf->bf_state.bfs_rc[0].tries = try0; 1344 bf->bf_state.bfs_rc[0].ratecode = txrate; 1345 1346 /* Store the decided rate index values away */ 1347 bf->bf_state.bfs_pktlen = pktlen; 1348 bf->bf_state.bfs_hdrlen = hdrlen; 1349 bf->bf_state.bfs_atype = atype; 1350 bf->bf_state.bfs_txpower = ni->ni_txpower; 1351 bf->bf_state.bfs_txrate0 = txrate; 1352 bf->bf_state.bfs_try0 = try0; 1353 bf->bf_state.bfs_keyix = keyix; 1354 bf->bf_state.bfs_txantenna = sc->sc_txantenna; 1355 bf->bf_state.bfs_flags = flags; 1356 bf->bf_txflags = flags; 1357 bf->bf_state.bfs_shpream = shortPreamble; 1358 1359 /* XXX this should be done in ath_tx_setrate() */ 1360 bf->bf_state.bfs_ctsrate0 = 0; /* ie, no hard-coded ctsrate */ 1361 bf->bf_state.bfs_ctsrate = 0; /* calculated later */ 1362 bf->bf_state.bfs_ctsduration = 0; 1363 bf->bf_state.bfs_ismrr = ismrr; 1364 1365 return 0; 1366} 1367 1368/* 1369 * Direct-dispatch the current frame to the hardware. 1370 * 1371 * This can be called by the net80211 code. 1372 * 1373 * XXX what about locking? Or, push the seqno assign into the 1374 * XXX aggregate scheduler so its serialised? 1375 */ 1376int 1377ath_tx_start(struct ath_softc *sc, struct ieee80211_node *ni, 1378 struct ath_buf *bf, struct mbuf *m0) 1379{ 1380 struct ieee80211vap *vap = ni->ni_vap; 1381 struct ath_vap *avp = ATH_VAP(vap); 1382 int r = 0; 1383 u_int pri; 1384 int tid; 1385 struct ath_txq *txq; 1386 int ismcast; 1387 const struct ieee80211_frame *wh; 1388 int is_ampdu, is_ampdu_tx, is_ampdu_pending; 1389 //ieee80211_seq seqno; 1390 uint8_t type, subtype; 1391 1392 /* 1393 * Determine the target hardware queue. 1394 * 1395 * For multicast frames, the txq gets overridden to be the 1396 * software TXQ and it's done via direct-dispatch. 1397 * 1398 * For any other frame, we do a TID/QoS lookup inside the frame 1399 * to see what the TID should be. If it's a non-QoS frame, the 1400 * AC and TID are overridden. The TID/TXQ code assumes the 1401 * TID is on a predictable hardware TXQ, so we don't support 1402 * having a node TID queued to multiple hardware TXQs. 1403 * This may change in the future but would require some locking 1404 * fudgery. 1405 */ 1406 pri = ath_tx_getac(sc, m0); 1407 tid = ath_tx_gettid(sc, m0); 1408 1409 txq = sc->sc_ac2q[pri]; 1410 wh = mtod(m0, struct ieee80211_frame *); 1411 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1412 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 1413 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1414 1415 /* 1416 * Enforce how deep the multicast queue can grow. 1417 * 1418 * XXX duplicated in ath_raw_xmit(). 1419 */ 1420 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1421 ATH_TXQ_LOCK(sc->sc_cabq); 1422 1423 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) { 1424 sc->sc_stats.ast_tx_mcastq_overflow++; 1425 r = ENOBUFS; 1426 } 1427 1428 ATH_TXQ_UNLOCK(sc->sc_cabq); 1429 1430 if (r != 0) { 1431 m_freem(m0); 1432 return r; 1433 } 1434 } 1435 1436 /* A-MPDU TX */ 1437 is_ampdu_tx = ath_tx_ampdu_running(sc, ATH_NODE(ni), tid); 1438 is_ampdu_pending = ath_tx_ampdu_pending(sc, ATH_NODE(ni), tid); 1439 is_ampdu = is_ampdu_tx | is_ampdu_pending; 1440 1441 DPRINTF(sc, ATH_DEBUG_SW_TX, 1442 "%s: bf=%p, tid=%d, ac=%d, is_ampdu=%d\n", 1443 __func__, bf, tid, pri, is_ampdu); 1444 1445 /* Multicast frames go onto the software multicast queue */ 1446 if (ismcast) 1447 txq = &avp->av_mcastq; 1448 1449 /* 1450 * XXX This likely means that if there's a station in power 1451 * save mode, we won't be doing any kind of aggregation towards 1452 * anyone. This is likely a very suboptimal way of dealing 1453 * with things. 1454 */ 1455 if ((! is_ampdu) && (vap->iv_ps_sta || avp->av_mcastq.axq_depth)) 1456 txq = &avp->av_mcastq; 1457 1458 /* Do the generic frame setup */ 1459 /* XXX should just bzero the bf_state? */ 1460 bf->bf_state.bfs_dobaw = 0; 1461 bf->bf_state.bfs_seqno_assigned = 0; 1462 bf->bf_state.bfs_need_seqno = 0; 1463 bf->bf_state.bfs_seqno = -1; /* XXX debugging */ 1464 1465 /* A-MPDU TX? Manually set sequence number */ 1466 /* Don't do it whilst pending; the net80211 layer still assigns them */ 1467 /* XXX do we need locking here? */ 1468 if (is_ampdu_tx) { 1469 ATH_TXQ_LOCK(txq); 1470 /* 1471 * Always call; this function will 1472 * handle making sure that null data frames 1473 * don't get a sequence number from the current 1474 * TID and thus mess with the BAW. 1475 */ 1476 //seqno = ath_tx_tid_seqno_assign(sc, ni, bf, m0); 1477 if (ath_tx_seqno_required(sc, ni, bf, m0)) { 1478 bf->bf_state.bfs_dobaw = 1; 1479 bf->bf_state.bfs_need_seqno = 1; 1480 } 1481 ATH_TXQ_UNLOCK(txq); 1482 } else { 1483 /* No AMPDU TX, we've been assigned a sequence number. */ 1484 if (IEEE80211_QOS_HAS_SEQ(wh)) { 1485 bf->bf_state.bfs_seqno_assigned = 1; 1486 /* XXX we should store the frag+seqno in bfs_seqno */ 1487 bf->bf_state.bfs_seqno = 1488 M_SEQNO_GET(m0) << IEEE80211_SEQ_SEQ_SHIFT; 1489 } 1490 } 1491 1492 /* 1493 * If needed, the sequence number has been assigned. 1494 * Squirrel it away somewhere easy to get to. 1495 */ 1496 //bf->bf_state.bfs_seqno = M_SEQNO_GET(m0) << IEEE80211_SEQ_SEQ_SHIFT; 1497 1498 /* Is ampdu pending? fetch the seqno and print it out */ 1499 if (is_ampdu_pending) 1500 DPRINTF(sc, ATH_DEBUG_SW_TX, 1501 "%s: tid %d: ampdu pending, seqno %d\n", 1502 __func__, tid, M_SEQNO_GET(m0)); 1503 1504 /* This also sets up the DMA map */ 1505 r = ath_tx_normal_setup(sc, ni, bf, m0); 1506 1507 if (r != 0) 1508 return r; 1509 1510 /* At this point m0 could have changed! */ 1511 m0 = bf->bf_m; 1512 1513 DPRINTF(sc, ATH_DEBUG_SW_TX, 1514 "%s: DONE: bf=%p, tid=%d, ac=%d, is_ampdu=%d, dobaw=%d, seqno=%d\n", 1515 __func__, bf, tid, pri, is_ampdu, bf->bf_state.bfs_dobaw, M_SEQNO_GET(m0)); 1516 1517#if 1 1518 /* 1519 * If it's a multicast frame, do a direct-dispatch to the 1520 * destination hardware queue. Don't bother software 1521 * queuing it. 1522 */ 1523 /* 1524 * If it's a BAR frame, do a direct dispatch to the 1525 * destination hardware queue. Don't bother software 1526 * queuing it, as the TID will now be paused. 1527 * Sending a BAR frame can occur from the net80211 txa timer 1528 * (ie, retries) or from the ath txtask (completion call.) 1529 * It queues directly to hardware because the TID is paused 1530 * at this point (and won't be unpaused until the BAR has 1531 * either been TXed successfully or max retries has been 1532 * reached.) 1533 */ 1534 if (txq == &avp->av_mcastq) { 1535 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 1536 "%s: bf=%p: mcastq: TX'ing\n", __func__, bf); 1537 ATH_TXQ_LOCK(txq); 1538 ath_tx_xmit_normal(sc, txq, bf); 1539 ATH_TXQ_UNLOCK(txq); 1540 } else if (type == IEEE80211_FC0_TYPE_CTL && 1541 subtype == IEEE80211_FC0_SUBTYPE_BAR) { 1542 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 1543 "%s: BAR: TX'ing direct\n", __func__); 1544 ATH_TXQ_LOCK(txq); 1545 ath_tx_xmit_normal(sc, txq, bf); 1546 ATH_TXQ_UNLOCK(txq); 1547 } else { 1548 /* add to software queue */ 1549 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 1550 "%s: bf=%p: swq: TX'ing\n", __func__, bf); 1551 ath_tx_swq(sc, ni, txq, bf); 1552 } 1553#else 1554 /* 1555 * For now, since there's no software queue, 1556 * direct-dispatch to the hardware. 1557 */ 1558 ATH_TXQ_LOCK(txq); 1559 ath_tx_xmit_normal(sc, txq, bf); 1560 ATH_TXQ_UNLOCK(txq); 1561#endif 1562 1563 return 0; 1564} 1565 1566static int 1567ath_tx_raw_start(struct ath_softc *sc, struct ieee80211_node *ni, 1568 struct ath_buf *bf, struct mbuf *m0, 1569 const struct ieee80211_bpf_params *params) 1570{ 1571 struct ifnet *ifp = sc->sc_ifp; 1572 struct ieee80211com *ic = ifp->if_l2com; 1573 struct ath_hal *ah = sc->sc_ah; 1574 struct ieee80211vap *vap = ni->ni_vap; 1575 int error, ismcast, ismrr; 1576 int keyix, hdrlen, pktlen, try0, txantenna; 1577 u_int8_t rix, txrate; 1578 struct ieee80211_frame *wh; 1579 u_int flags; 1580 HAL_PKT_TYPE atype; 1581 const HAL_RATE_TABLE *rt; 1582 struct ath_desc *ds; 1583 u_int pri; 1584 int o_tid = -1; 1585 int do_override; 1586 1587 wh = mtod(m0, struct ieee80211_frame *); 1588 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1589 hdrlen = ieee80211_anyhdrsize(wh); 1590 /* 1591 * Packet length must not include any 1592 * pad bytes; deduct them here. 1593 */ 1594 /* XXX honor IEEE80211_BPF_DATAPAD */ 1595 pktlen = m0->m_pkthdr.len - (hdrlen & 3) + IEEE80211_CRC_LEN; 1596 1597 1598 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: ismcast=%d\n", 1599 __func__, ismcast); 1600 1601 /* Handle encryption twiddling if needed */ 1602 if (! ath_tx_tag_crypto(sc, ni, 1603 m0, params->ibp_flags & IEEE80211_BPF_CRYPTO, 0, 1604 &hdrlen, &pktlen, &keyix)) { 1605 ath_freetx(m0); 1606 return EIO; 1607 } 1608 /* packet header may have moved, reset our local pointer */ 1609 wh = mtod(m0, struct ieee80211_frame *); 1610 1611 /* Do the generic frame setup */ 1612 /* XXX should just bzero the bf_state? */ 1613 bf->bf_state.bfs_dobaw = 0; 1614 1615 error = ath_tx_dmasetup(sc, bf, m0); 1616 if (error != 0) 1617 return error; 1618 m0 = bf->bf_m; /* NB: may have changed */ 1619 wh = mtod(m0, struct ieee80211_frame *); 1620 bf->bf_node = ni; /* NB: held reference */ 1621 1622 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */ 1623 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1624 if (params->ibp_flags & IEEE80211_BPF_RTS) 1625 flags |= HAL_TXDESC_RTSENA; 1626 else if (params->ibp_flags & IEEE80211_BPF_CTS) { 1627 /* XXX assume 11g/11n protection? */ 1628 bf->bf_state.bfs_doprot = 1; 1629 flags |= HAL_TXDESC_CTSENA; 1630 } 1631 /* XXX leave ismcast to injector? */ 1632 if ((params->ibp_flags & IEEE80211_BPF_NOACK) || ismcast) 1633 flags |= HAL_TXDESC_NOACK; 1634 1635 rt = sc->sc_currates; 1636 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode)); 1637 rix = ath_tx_findrix(sc, params->ibp_rate0); 1638 txrate = rt->info[rix].rateCode; 1639 if (params->ibp_flags & IEEE80211_BPF_SHORTPRE) 1640 txrate |= rt->info[rix].shortPreamble; 1641 sc->sc_txrix = rix; 1642 try0 = params->ibp_try0; 1643 ismrr = (params->ibp_try1 != 0); 1644 txantenna = params->ibp_pri >> 2; 1645 if (txantenna == 0) /* XXX? */ 1646 txantenna = sc->sc_txantenna; 1647 1648 /* 1649 * Since ctsrate is fixed, store it away for later 1650 * use when the descriptor fields are being set. 1651 */ 1652 if (flags & (HAL_TXDESC_RTSENA|HAL_TXDESC_CTSENA)) 1653 bf->bf_state.bfs_ctsrate0 = params->ibp_ctsrate; 1654 1655 pri = params->ibp_pri & 3; 1656 /* Override pri if the frame isn't a QoS one */ 1657 if (! IEEE80211_QOS_HAS_SEQ(wh)) 1658 pri = ath_tx_getac(sc, m0); 1659 1660 /* 1661 * NB: we mark all packets as type PSPOLL so the h/w won't 1662 * set the sequence number, duration, etc. 1663 */ 1664 atype = HAL_PKT_TYPE_PSPOLL; 1665 1666 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT)) 1667 ieee80211_dump_pkt(ic, mtod(m0, caddr_t), m0->m_len, 1668 sc->sc_hwmap[rix].ieeerate, -1); 1669 1670 if (ieee80211_radiotap_active_vap(vap)) { 1671 u_int64_t tsf = ath_hal_gettsf64(ah); 1672 1673 sc->sc_tx_th.wt_tsf = htole64(tsf); 1674 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags; 1675 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1676 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1677 if (m0->m_flags & M_FRAG) 1678 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1679 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate; 1680 sc->sc_tx_th.wt_txpower = ni->ni_txpower; 1681 sc->sc_tx_th.wt_antenna = sc->sc_txantenna; 1682 1683 ieee80211_radiotap_tx(vap, m0); 1684 } 1685 1686 /* 1687 * Formulate first tx descriptor with tx controls. 1688 */ 1689 ds = bf->bf_desc; 1690 /* XXX check return value? */ 1691 1692 /* Store the decided rate index values away */ 1693 bf->bf_state.bfs_pktlen = pktlen; 1694 bf->bf_state.bfs_hdrlen = hdrlen; 1695 bf->bf_state.bfs_atype = atype; 1696 bf->bf_state.bfs_txpower = params->ibp_power; 1697 bf->bf_state.bfs_txrate0 = txrate; 1698 bf->bf_state.bfs_try0 = try0; 1699 bf->bf_state.bfs_keyix = keyix; 1700 bf->bf_state.bfs_txantenna = txantenna; 1701 bf->bf_state.bfs_flags = flags; 1702 bf->bf_txflags = flags; 1703 bf->bf_state.bfs_shpream = 1704 !! (params->ibp_flags & IEEE80211_BPF_SHORTPRE); 1705 1706 /* XXX this should be done in ath_tx_setrate() */ 1707 bf->bf_state.bfs_ctsrate = 0; 1708 bf->bf_state.bfs_ctsduration = 0; 1709 bf->bf_state.bfs_ismrr = ismrr; 1710 1711 /* Blank the legacy rate array */ 1712 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1713 1714 bf->bf_state.bfs_rc[0].rix = 1715 ath_tx_findrix(sc, params->ibp_rate0); 1716 bf->bf_state.bfs_rc[0].tries = try0; 1717 bf->bf_state.bfs_rc[0].ratecode = txrate; 1718 1719 if (ismrr) { 1720 int rix; 1721 1722 rix = ath_tx_findrix(sc, params->ibp_rate1); 1723 bf->bf_state.bfs_rc[1].rix = rix; 1724 bf->bf_state.bfs_rc[1].tries = params->ibp_try1; 1725 1726 rix = ath_tx_findrix(sc, params->ibp_rate2); 1727 bf->bf_state.bfs_rc[2].rix = rix; 1728 bf->bf_state.bfs_rc[2].tries = params->ibp_try2; 1729 1730 rix = ath_tx_findrix(sc, params->ibp_rate3); 1731 bf->bf_state.bfs_rc[3].rix = rix; 1732 bf->bf_state.bfs_rc[3].tries = params->ibp_try3; 1733 } 1734 /* 1735 * All the required rate control decisions have been made; 1736 * fill in the rc flags. 1737 */ 1738 ath_tx_rate_fill_rcflags(sc, bf); 1739 1740 /* NB: no buffered multicast in power save support */ 1741 1742 /* XXX If it's an ADDBA, override the correct queue */ 1743 do_override = ath_tx_action_frame_override_queue(sc, ni, m0, &o_tid); 1744 1745 /* Map ADDBA to the correct priority */ 1746 if (do_override) { 1747#if 0 1748 device_printf(sc->sc_dev, 1749 "%s: overriding tid %d pri %d -> %d\n", 1750 __func__, o_tid, pri, TID_TO_WME_AC(o_tid)); 1751#endif 1752 pri = TID_TO_WME_AC(o_tid); 1753 } 1754 1755 /* 1756 * If we're overiding the ADDBA destination, dump directly 1757 * into the hardware queue, right after any pending 1758 * frames to that node are. 1759 */ 1760 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: dooverride=%d\n", 1761 __func__, do_override); 1762 1763 if (do_override) { 1764 ATH_TXQ_LOCK(sc->sc_ac2q[pri]); 1765 ath_tx_xmit_normal(sc, sc->sc_ac2q[pri], bf); 1766 ATH_TXQ_UNLOCK(sc->sc_ac2q[pri]); 1767 } else { 1768 /* Queue to software queue */ 1769 ath_tx_swq(sc, ni, sc->sc_ac2q[pri], bf); 1770 } 1771 1772 return 0; 1773} 1774 1775/* 1776 * Send a raw frame. 1777 * 1778 * This can be called by net80211. 1779 */ 1780int 1781ath_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 1782 const struct ieee80211_bpf_params *params) 1783{ 1784 struct ieee80211com *ic = ni->ni_ic; 1785 struct ifnet *ifp = ic->ic_ifp; 1786 struct ath_softc *sc = ifp->if_softc; 1787 struct ath_buf *bf; 1788 struct ieee80211_frame *wh = mtod(m, struct ieee80211_frame *); 1789 int error = 0; 1790 1791 ATH_PCU_LOCK(sc); 1792 if (sc->sc_inreset_cnt > 0) { 1793 device_printf(sc->sc_dev, "%s: sc_inreset_cnt > 0; bailing\n", 1794 __func__); 1795 error = EIO; 1796 ATH_PCU_UNLOCK(sc); 1797 goto bad0; 1798 } 1799 sc->sc_txstart_cnt++; 1800 ATH_PCU_UNLOCK(sc); 1801 1802 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || sc->sc_invalid) { 1803 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: discard frame, %s", __func__, 1804 (ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 ? 1805 "!running" : "invalid"); 1806 m_freem(m); 1807 error = ENETDOWN; 1808 goto bad; 1809 } 1810 1811 /* 1812 * Enforce how deep the multicast queue can grow. 1813 * 1814 * XXX duplicated in ath_tx_start(). 1815 */ 1816 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1817 ATH_TXQ_LOCK(sc->sc_cabq); 1818 1819 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) { 1820 sc->sc_stats.ast_tx_mcastq_overflow++; 1821 error = ENOBUFS; 1822 } 1823 1824 ATH_TXQ_UNLOCK(sc->sc_cabq); 1825 1826 if (error != 0) { 1827 m_freem(m); 1828 goto bad; 1829 } 1830 } 1831 1832 /* 1833 * Grab a TX buffer and associated resources. 1834 */ 1835 bf = ath_getbuf(sc); 1836 if (bf == NULL) { 1837 sc->sc_stats.ast_tx_nobuf++; 1838 m_freem(m); 1839 error = ENOBUFS; 1840 goto bad; 1841 } 1842 1843 if (params == NULL) { 1844 /* 1845 * Legacy path; interpret frame contents to decide 1846 * precisely how to send the frame. 1847 */ 1848 if (ath_tx_start(sc, ni, bf, m)) { 1849 error = EIO; /* XXX */ 1850 goto bad2; 1851 } 1852 } else { 1853 /* 1854 * Caller supplied explicit parameters to use in 1855 * sending the frame. 1856 */ 1857 if (ath_tx_raw_start(sc, ni, bf, m, params)) { 1858 error = EIO; /* XXX */ 1859 goto bad2; 1860 } 1861 } 1862 sc->sc_wd_timer = 5; 1863 ifp->if_opackets++; 1864 sc->sc_stats.ast_tx_raw++; 1865 1866 ATH_PCU_LOCK(sc); 1867 sc->sc_txstart_cnt--; 1868 ATH_PCU_UNLOCK(sc); 1869 1870 return 0; 1871bad2: 1872 ATH_TXBUF_LOCK(sc); 1873 TAILQ_INSERT_HEAD(&sc->sc_txbuf, bf, bf_list); 1874 ATH_TXBUF_UNLOCK(sc); 1875bad: 1876 ATH_PCU_LOCK(sc); 1877 sc->sc_txstart_cnt--; 1878 ATH_PCU_UNLOCK(sc); 1879bad0: 1880 ifp->if_oerrors++; 1881 sc->sc_stats.ast_tx_raw_fail++; 1882 ieee80211_free_node(ni); 1883 1884 return error; 1885} 1886 1887/* Some helper functions */ 1888 1889/* 1890 * ADDBA (and potentially others) need to be placed in the same 1891 * hardware queue as the TID/node it's relating to. This is so 1892 * it goes out after any pending non-aggregate frames to the 1893 * same node/TID. 1894 * 1895 * If this isn't done, the ADDBA can go out before the frames 1896 * queued in hardware. Even though these frames have a sequence 1897 * number -earlier- than the ADDBA can be transmitted (but 1898 * no frames whose sequence numbers are after the ADDBA should 1899 * be!) they'll arrive after the ADDBA - and the receiving end 1900 * will simply drop them as being out of the BAW. 1901 * 1902 * The frames can't be appended to the TID software queue - it'll 1903 * never be sent out. So these frames have to be directly 1904 * dispatched to the hardware, rather than queued in software. 1905 * So if this function returns true, the TXQ has to be 1906 * overridden and it has to be directly dispatched. 1907 * 1908 * It's a dirty hack, but someone's gotta do it. 1909 */ 1910 1911/* 1912 * XXX doesn't belong here! 1913 */ 1914static int 1915ieee80211_is_action(struct ieee80211_frame *wh) 1916{ 1917 /* Type: Management frame? */ 1918 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != 1919 IEEE80211_FC0_TYPE_MGT) 1920 return 0; 1921 1922 /* Subtype: Action frame? */ 1923 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) != 1924 IEEE80211_FC0_SUBTYPE_ACTION) 1925 return 0; 1926 1927 return 1; 1928} 1929 1930#define MS(_v, _f) (((_v) & _f) >> _f##_S) 1931/* 1932 * Return an alternate TID for ADDBA request frames. 1933 * 1934 * Yes, this likely should be done in the net80211 layer. 1935 */ 1936static int 1937ath_tx_action_frame_override_queue(struct ath_softc *sc, 1938 struct ieee80211_node *ni, 1939 struct mbuf *m0, int *tid) 1940{ 1941 struct ieee80211_frame *wh = mtod(m0, struct ieee80211_frame *); 1942 struct ieee80211_action_ba_addbarequest *ia; 1943 uint8_t *frm; 1944 uint16_t baparamset; 1945 1946 /* Not action frame? Bail */ 1947 if (! ieee80211_is_action(wh)) 1948 return 0; 1949 1950 /* XXX Not needed for frames we send? */ 1951#if 0 1952 /* Correct length? */ 1953 if (! ieee80211_parse_action(ni, m)) 1954 return 0; 1955#endif 1956 1957 /* Extract out action frame */ 1958 frm = (u_int8_t *)&wh[1]; 1959 ia = (struct ieee80211_action_ba_addbarequest *) frm; 1960 1961 /* Not ADDBA? Bail */ 1962 if (ia->rq_header.ia_category != IEEE80211_ACTION_CAT_BA) 1963 return 0; 1964 if (ia->rq_header.ia_action != IEEE80211_ACTION_BA_ADDBA_REQUEST) 1965 return 0; 1966 1967 /* Extract TID, return it */ 1968 baparamset = le16toh(ia->rq_baparamset); 1969 *tid = (int) MS(baparamset, IEEE80211_BAPS_TID); 1970 1971 return 1; 1972} 1973#undef MS 1974 1975/* Per-node software queue operations */ 1976 1977/* 1978 * Add the current packet to the given BAW. 1979 * It is assumed that the current packet 1980 * 1981 * + fits inside the BAW; 1982 * + already has had a sequence number allocated. 1983 * 1984 * Since the BAW status may be modified by both the ath task and 1985 * the net80211/ifnet contexts, the TID must be locked. 1986 */ 1987void 1988ath_tx_addto_baw(struct ath_softc *sc, struct ath_node *an, 1989 struct ath_tid *tid, struct ath_buf *bf) 1990{ 1991 int index, cindex; 1992 struct ieee80211_tx_ampdu *tap; 1993 1994 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 1995 1996 if (bf->bf_state.bfs_isretried) 1997 return; 1998 1999 /* 2000 * If this occurs we're in a lot of trouble. We should try to 2001 * recover from this without the session hanging? 2002 */ 2003 if (! bf->bf_state.bfs_seqno_assigned) { 2004 device_printf(sc->sc_dev, 2005 "%s: bf=%p, seqno_assigned is 0?!\n", __func__, bf); 2006 return; 2007 } 2008 2009 tap = ath_tx_get_tx_tid(an, tid->tid); 2010 2011 if (bf->bf_state.bfs_addedbaw) 2012 device_printf(sc->sc_dev, 2013 "%s: re-added? bf=%p, tid=%d, seqno %d; window %d:%d; " 2014 "baw head=%d tail=%d\n", 2015 __func__, bf, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 2016 tap->txa_start, tap->txa_wnd, tid->baw_head, 2017 tid->baw_tail); 2018 2019 /* 2020 * Verify that the given sequence number is not outside of the 2021 * BAW. Complain loudly if that's the case. 2022 */ 2023 if (! BAW_WITHIN(tap->txa_start, tap->txa_wnd, 2024 SEQNO(bf->bf_state.bfs_seqno))) { 2025 device_printf(sc->sc_dev, 2026 "%s: bf=%p: outside of BAW?? tid=%d, seqno %d; window %d:%d; " 2027 "baw head=%d tail=%d\n", 2028 __func__, bf, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 2029 tap->txa_start, tap->txa_wnd, tid->baw_head, 2030 tid->baw_tail); 2031 2032 } 2033 2034 /* 2035 * ni->ni_txseqs[] is the currently allocated seqno. 2036 * the txa state contains the current baw start. 2037 */ 2038 index = ATH_BA_INDEX(tap->txa_start, SEQNO(bf->bf_state.bfs_seqno)); 2039 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2040 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2041 "%s: bf=%p, tid=%d, seqno %d; window %d:%d; index=%d cindex=%d " 2042 "baw head=%d tail=%d\n", 2043 __func__, bf, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 2044 tap->txa_start, tap->txa_wnd, index, cindex, tid->baw_head, 2045 tid->baw_tail); 2046 2047 2048#if 0 2049 assert(tid->tx_buf[cindex] == NULL); 2050#endif 2051 if (tid->tx_buf[cindex] != NULL) { 2052 device_printf(sc->sc_dev, 2053 "%s: ba packet dup (index=%d, cindex=%d, " 2054 "head=%d, tail=%d)\n", 2055 __func__, index, cindex, tid->baw_head, tid->baw_tail); 2056 device_printf(sc->sc_dev, 2057 "%s: BA bf: %p; seqno=%d ; new bf: %p; seqno=%d\n", 2058 __func__, 2059 tid->tx_buf[cindex], 2060 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno), 2061 bf, 2062 SEQNO(bf->bf_state.bfs_seqno) 2063 ); 2064 } 2065 tid->tx_buf[cindex] = bf; 2066 2067 if (index >= ((tid->baw_tail - tid->baw_head) & 2068 (ATH_TID_MAX_BUFS - 1))) { 2069 tid->baw_tail = cindex; 2070 INCR(tid->baw_tail, ATH_TID_MAX_BUFS); 2071 } 2072} 2073 2074/* 2075 * Flip the BAW buffer entry over from the existing one to the new one. 2076 * 2077 * When software retransmitting a (sub-)frame, it is entirely possible that 2078 * the frame ath_buf is marked as BUSY and can't be immediately reused. 2079 * In that instance the buffer is cloned and the new buffer is used for 2080 * retransmit. We thus need to update the ath_buf slot in the BAW buf 2081 * tracking array to maintain consistency. 2082 */ 2083static void 2084ath_tx_switch_baw_buf(struct ath_softc *sc, struct ath_node *an, 2085 struct ath_tid *tid, struct ath_buf *old_bf, struct ath_buf *new_bf) 2086{ 2087 int index, cindex; 2088 struct ieee80211_tx_ampdu *tap; 2089 int seqno = SEQNO(old_bf->bf_state.bfs_seqno); 2090 2091 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2092 2093 tap = ath_tx_get_tx_tid(an, tid->tid); 2094 index = ATH_BA_INDEX(tap->txa_start, seqno); 2095 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2096 2097 /* 2098 * Just warn for now; if it happens then we should find out 2099 * about it. It's highly likely the aggregation session will 2100 * soon hang. 2101 */ 2102 if (old_bf->bf_state.bfs_seqno != new_bf->bf_state.bfs_seqno) { 2103 device_printf(sc->sc_dev, "%s: retransmitted buffer" 2104 " has mismatching seqno's, BA session may hang.\n", 2105 __func__); 2106 device_printf(sc->sc_dev, "%s: old seqno=%d, new_seqno=%d\n", 2107 __func__, 2108 old_bf->bf_state.bfs_seqno, 2109 new_bf->bf_state.bfs_seqno); 2110 } 2111 2112 if (tid->tx_buf[cindex] != old_bf) { 2113 device_printf(sc->sc_dev, "%s: ath_buf pointer incorrect; " 2114 " has m BA session may hang.\n", 2115 __func__); 2116 device_printf(sc->sc_dev, "%s: old bf=%p, new bf=%p\n", 2117 __func__, 2118 old_bf, new_bf); 2119 } 2120 2121 tid->tx_buf[cindex] = new_bf; 2122} 2123 2124/* 2125 * seq_start - left edge of BAW 2126 * seq_next - current/next sequence number to allocate 2127 * 2128 * Since the BAW status may be modified by both the ath task and 2129 * the net80211/ifnet contexts, the TID must be locked. 2130 */ 2131static void 2132ath_tx_update_baw(struct ath_softc *sc, struct ath_node *an, 2133 struct ath_tid *tid, const struct ath_buf *bf) 2134{ 2135 int index, cindex; 2136 struct ieee80211_tx_ampdu *tap; 2137 int seqno = SEQNO(bf->bf_state.bfs_seqno); 2138 2139 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2140 2141 tap = ath_tx_get_tx_tid(an, tid->tid); 2142 index = ATH_BA_INDEX(tap->txa_start, seqno); 2143 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2144 2145 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2146 "%s: bf=%p: tid=%d, baw=%d:%d, seqno=%d, index=%d, cindex=%d, " 2147 "baw head=%d, tail=%d\n", 2148 __func__, bf, tid->tid, tap->txa_start, tap->txa_wnd, seqno, index, 2149 cindex, tid->baw_head, tid->baw_tail); 2150 2151 /* 2152 * If this occurs then we have a big problem - something else 2153 * has slid tap->txa_start along without updating the BAW 2154 * tracking start/end pointers. Thus the TX BAW state is now 2155 * completely busted. 2156 * 2157 * But for now, since I haven't yet fixed TDMA and buffer cloning, 2158 * it's quite possible that a cloned buffer is making its way 2159 * here and causing it to fire off. Disable TDMA for now. 2160 */ 2161 if (tid->tx_buf[cindex] != bf) { 2162 device_printf(sc->sc_dev, 2163 "%s: comp bf=%p, seq=%d; slot bf=%p, seqno=%d\n", 2164 __func__, 2165 bf, SEQNO(bf->bf_state.bfs_seqno), 2166 tid->tx_buf[cindex], 2167 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno)); 2168 } 2169 2170 tid->tx_buf[cindex] = NULL; 2171 2172 while (tid->baw_head != tid->baw_tail && 2173 !tid->tx_buf[tid->baw_head]) { 2174 INCR(tap->txa_start, IEEE80211_SEQ_RANGE); 2175 INCR(tid->baw_head, ATH_TID_MAX_BUFS); 2176 } 2177 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2178 "%s: baw is now %d:%d, baw head=%d\n", 2179 __func__, tap->txa_start, tap->txa_wnd, tid->baw_head); 2180} 2181 2182/* 2183 * Mark the current node/TID as ready to TX. 2184 * 2185 * This is done to make it easy for the software scheduler to 2186 * find which nodes have data to send. 2187 * 2188 * The TXQ lock must be held. 2189 */ 2190static void 2191ath_tx_tid_sched(struct ath_softc *sc, struct ath_tid *tid) 2192{ 2193 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2194 2195 ATH_TXQ_LOCK_ASSERT(txq); 2196 2197 if (tid->paused) 2198 return; /* paused, can't schedule yet */ 2199 2200 if (tid->sched) 2201 return; /* already scheduled */ 2202 2203 tid->sched = 1; 2204 2205 TAILQ_INSERT_TAIL(&txq->axq_tidq, tid, axq_qelem); 2206} 2207 2208/* 2209 * Mark the current node as no longer needing to be polled for 2210 * TX packets. 2211 * 2212 * The TXQ lock must be held. 2213 */ 2214static void 2215ath_tx_tid_unsched(struct ath_softc *sc, struct ath_tid *tid) 2216{ 2217 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2218 2219 ATH_TXQ_LOCK_ASSERT(txq); 2220 2221 if (tid->sched == 0) 2222 return; 2223 2224 tid->sched = 0; 2225 TAILQ_REMOVE(&txq->axq_tidq, tid, axq_qelem); 2226} 2227 2228/* 2229 * Return whether a sequence number is actually required. 2230 * 2231 * A sequence number must only be allocated at the time that a frame 2232 * is considered for addition to the BAW/aggregate and being TXed. 2233 * The sequence number must not be allocated before the frame 2234 * is added to the BAW (protected by the same lock instance) 2235 * otherwise a the multi-entrant TX path may result in a later seqno 2236 * being added to the BAW first. The subsequent addition of the 2237 * earlier seqno would then not go into the BAW as it's now outside 2238 * of said BAW. 2239 * 2240 * This routine is used by ath_tx_start() to mark whether the frame 2241 * should get a sequence number before adding it to the BAW. 2242 * 2243 * Then the actual aggregate TX routines will check whether this 2244 * flag is set and if the frame needs to go into the BAW, it'll 2245 * have a sequence number allocated for it. 2246 */ 2247static int 2248ath_tx_seqno_required(struct ath_softc *sc, struct ieee80211_node *ni, 2249 struct ath_buf *bf, struct mbuf *m0) 2250{ 2251 const struct ieee80211_frame *wh; 2252 uint8_t subtype; 2253 2254 wh = mtod(m0, const struct ieee80211_frame *); 2255 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2256 2257 /* XXX assert txq lock */ 2258 /* XXX assert ampdu is set */ 2259 2260 return ((IEEE80211_QOS_HAS_SEQ(wh) && 2261 subtype != IEEE80211_FC0_SUBTYPE_QOS_NULL)); 2262} 2263 2264/* 2265 * Assign a sequence number manually to the given frame. 2266 * 2267 * This should only be called for A-MPDU TX frames. 2268 * 2269 * If this is called after the initial frame setup, make sure you've flushed 2270 * the DMA map or you'll risk sending stale data to the NIC. This routine 2271 * updates the actual frame contents with the relevant seqno. 2272 */ 2273int 2274ath_tx_tid_seqno_assign(struct ath_softc *sc, struct ieee80211_node *ni, 2275 struct ath_buf *bf, struct mbuf *m0) 2276{ 2277 struct ieee80211_frame *wh; 2278 int tid, pri; 2279 ieee80211_seq seqno; 2280 uint8_t subtype; 2281 2282 /* TID lookup */ 2283 wh = mtod(m0, struct ieee80211_frame *); 2284 pri = M_WME_GETAC(m0); /* honor classification */ 2285 tid = WME_AC_TO_TID(pri); 2286 DPRINTF(sc, ATH_DEBUG_SW_TX, 2287 "%s: bf=%p, pri=%d, tid=%d, qos has seq=%d\n", 2288 __func__, bf, pri, tid, IEEE80211_QOS_HAS_SEQ(wh)); 2289 2290 if (! bf->bf_state.bfs_need_seqno) { 2291 device_printf(sc->sc_dev, "%s: bf=%p: need_seqno not set?!\n", 2292 __func__, bf); 2293 return -1; 2294 } 2295 /* XXX check for bfs_need_seqno? */ 2296 if (bf->bf_state.bfs_seqno_assigned) { 2297 device_printf(sc->sc_dev, 2298 "%s: bf=%p: seqno already assigned (%d)?!\n", 2299 __func__, bf, SEQNO(bf->bf_state.bfs_seqno)); 2300 return bf->bf_state.bfs_seqno >> IEEE80211_SEQ_SEQ_SHIFT; 2301 } 2302 2303 /* XXX Is it a control frame? Ignore */ 2304 2305 /* Does the packet require a sequence number? */ 2306 if (! IEEE80211_QOS_HAS_SEQ(wh)) 2307 return -1; 2308 2309 /* 2310 * Is it a QOS NULL Data frame? Give it a sequence number from 2311 * the default TID (IEEE80211_NONQOS_TID.) 2312 * 2313 * The RX path of everything I've looked at doesn't include the NULL 2314 * data frame sequence number in the aggregation state updates, so 2315 * assigning it a sequence number there will cause a BAW hole on the 2316 * RX side. 2317 */ 2318 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2319 if (subtype == IEEE80211_FC0_SUBTYPE_QOS_NULL) { 2320 seqno = ni->ni_txseqs[IEEE80211_NONQOS_TID]; 2321 INCR(ni->ni_txseqs[IEEE80211_NONQOS_TID], IEEE80211_SEQ_RANGE); 2322 } else { 2323 /* Manually assign sequence number */ 2324 seqno = ni->ni_txseqs[tid]; 2325 INCR(ni->ni_txseqs[tid], IEEE80211_SEQ_RANGE); 2326 } 2327 *(uint16_t *)&wh->i_seq[0] = htole16(seqno << IEEE80211_SEQ_SEQ_SHIFT); 2328 M_SEQNO_SET(m0, seqno); 2329 bf->bf_state.bfs_seqno = seqno << IEEE80211_SEQ_SEQ_SHIFT; 2330 bf->bf_state.bfs_seqno_assigned = 1; 2331 2332 /* Return so caller can do something with it if needed */ 2333 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: -> seqno=%d\n", 2334 __func__, 2335 bf, 2336 seqno); 2337 return seqno; 2338} 2339 2340/* 2341 * Attempt to direct dispatch an aggregate frame to hardware. 2342 * If the frame is out of BAW, queue. 2343 * Otherwise, schedule it as a single frame. 2344 */ 2345static void 2346ath_tx_xmit_aggr(struct ath_softc *sc, struct ath_node *an, struct ath_buf *bf) 2347{ 2348 struct ieee80211_node *ni = &an->an_node; 2349 struct ath_tid *tid = &an->an_tid[bf->bf_state.bfs_tid]; 2350 struct ath_txq *txq = bf->bf_state.bfs_txq; 2351 struct ieee80211_tx_ampdu *tap; 2352 2353 ATH_TXQ_LOCK_ASSERT(txq); 2354 2355 tap = ath_tx_get_tx_tid(an, tid->tid); 2356 2357 /* paused? queue */ 2358 if (tid->paused) { 2359 ATH_TXQ_INSERT_TAIL(tid, bf, bf_list); 2360 /* XXX don't sched - we're paused! */ 2361 return; 2362 } 2363 2364 /* 2365 * TODO: If it's _before_ the BAW left edge, complain very loudly. 2366 * This means something (else) has slid the left edge along 2367 * before we got a chance to be TXed. 2368 */ 2369 2370 /* 2371 * Is there space in this BAW for another frame? 2372 * If not, don't bother trying to schedule it; just 2373 * throw it back on the queue. 2374 * 2375 * If we allocate the sequence number before we add 2376 * it to the BAW, we risk racing with another TX 2377 * thread that gets in a frame into the BAW with 2378 * seqno greater than ours. We'd then fail the 2379 * below check and throw the frame on the tail of 2380 * the queue. The sender would then have a hole. 2381 * 2382 * XXX again, we're protecting ni->ni_txseqs[tid] 2383 * behind this hardware TXQ lock, like the rest of 2384 * the TIDs that map to it. Ugh. 2385 */ 2386 if (bf->bf_state.bfs_dobaw) { 2387 ieee80211_seq seqno; 2388 2389 /* 2390 * If the sequence number is allocated, use it. 2391 * Otherwise, use the sequence number we WOULD 2392 * allocate. 2393 */ 2394 if (bf->bf_state.bfs_seqno_assigned) 2395 seqno = SEQNO(bf->bf_state.bfs_seqno); 2396 else 2397 seqno = ni->ni_txseqs[bf->bf_state.bfs_tid]; 2398 2399 /* 2400 * Check whether either the currently allocated 2401 * sequence number _OR_ the to-be allocated 2402 * sequence number is inside the BAW. 2403 */ 2404 if (! BAW_WITHIN(tap->txa_start, tap->txa_wnd, seqno)) { 2405 ATH_TXQ_INSERT_TAIL(tid, bf, bf_list); 2406 ath_tx_tid_sched(sc, tid); 2407 return; 2408 } 2409 if (! bf->bf_state.bfs_seqno_assigned) { 2410 int seqno; 2411 2412 seqno = ath_tx_tid_seqno_assign(sc, ni, bf, bf->bf_m); 2413 if (seqno < 0) { 2414 device_printf(sc->sc_dev, 2415 "%s: bf=%p, huh, seqno=-1?\n", 2416 __func__, 2417 bf); 2418 /* XXX what can we even do here? */ 2419 } 2420 /* Flush seqno update to RAM */ 2421 /* 2422 * XXX This is required because the dmasetup 2423 * XXX is done early rather than at dispatch 2424 * XXX time. Ew, we should fix this! 2425 */ 2426 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, 2427 BUS_DMASYNC_PREWRITE); 2428 } 2429 } 2430 2431 /* outside baw? queue */ 2432 if (bf->bf_state.bfs_dobaw && 2433 (! BAW_WITHIN(tap->txa_start, tap->txa_wnd, 2434 SEQNO(bf->bf_state.bfs_seqno)))) { 2435 device_printf(sc->sc_dev, 2436 "%s: bf=%p, shouldn't be outside BAW now?!\n", 2437 __func__, 2438 bf); 2439 ATH_TXQ_INSERT_TAIL(tid, bf, bf_list); 2440 ath_tx_tid_sched(sc, tid); 2441 return; 2442 } 2443 2444 /* Direct dispatch to hardware */ 2445 ath_tx_do_ratelookup(sc, bf); 2446 ath_tx_rate_fill_rcflags(sc, bf); 2447 ath_tx_set_rtscts(sc, bf); 2448 ath_tx_setds(sc, bf); 2449 ath_tx_set_ratectrl(sc, bf->bf_node, bf); 2450 ath_tx_chaindesclist(sc, bf); 2451 2452 /* Statistics */ 2453 sc->sc_aggr_stats.aggr_low_hwq_single_pkt++; 2454 2455 /* Track per-TID hardware queue depth correctly */ 2456 tid->hwq_depth++; 2457 2458 /* Add to BAW */ 2459 if (bf->bf_state.bfs_dobaw) { 2460 ath_tx_addto_baw(sc, an, tid, bf); 2461 bf->bf_state.bfs_addedbaw = 1; 2462 } 2463 2464 /* Set completion handler, multi-frame aggregate or not */ 2465 bf->bf_comp = ath_tx_aggr_comp; 2466 2467 /* Hand off to hardware */ 2468 ath_tx_handoff(sc, txq, bf); 2469} 2470 2471/* 2472 * Attempt to send the packet. 2473 * If the queue isn't busy, direct-dispatch. 2474 * If the queue is busy enough, queue the given packet on the 2475 * relevant software queue. 2476 */ 2477void 2478ath_tx_swq(struct ath_softc *sc, struct ieee80211_node *ni, struct ath_txq *txq, 2479 struct ath_buf *bf) 2480{ 2481 struct ath_node *an = ATH_NODE(ni); 2482 struct ieee80211_frame *wh; 2483 struct ath_tid *atid; 2484 int pri, tid; 2485 struct mbuf *m0 = bf->bf_m; 2486 2487 /* Fetch the TID - non-QoS frames get assigned to TID 16 */ 2488 wh = mtod(m0, struct ieee80211_frame *); 2489 pri = ath_tx_getac(sc, m0); 2490 tid = ath_tx_gettid(sc, m0); 2491 atid = &an->an_tid[tid]; 2492 2493 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p, pri=%d, tid=%d, qos=%d, seqno=%d\n", 2494 __func__, bf, pri, tid, IEEE80211_QOS_HAS_SEQ(wh), SEQNO(bf->bf_state.bfs_seqno)); 2495 2496 /* Set local packet state, used to queue packets to hardware */ 2497 bf->bf_state.bfs_tid = tid; 2498 bf->bf_state.bfs_txq = txq; 2499 bf->bf_state.bfs_pri = pri; 2500 2501 /* 2502 * If the hardware queue isn't busy, queue it directly. 2503 * If the hardware queue is busy, queue it. 2504 * If the TID is paused or the traffic it outside BAW, software 2505 * queue it. 2506 */ 2507 ATH_TXQ_LOCK(txq); 2508 if (atid->paused) { 2509 /* TID is paused, queue */ 2510 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: paused\n", __func__, bf); 2511 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2512 } else if (ath_tx_ampdu_pending(sc, an, tid)) { 2513 /* AMPDU pending; queue */ 2514 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: pending\n", __func__, bf); 2515 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2516 /* XXX sched? */ 2517 } else if (ath_tx_ampdu_running(sc, an, tid)) { 2518 /* AMPDU running, attempt direct dispatch if possible */ 2519 if (txq->axq_depth < sc->sc_hwq_limit) { 2520 DPRINTF(sc, ATH_DEBUG_SW_TX, 2521 "%s: bf=%p: xmit_aggr\n", 2522 __func__, bf); 2523 ath_tx_xmit_aggr(sc, an, bf); 2524 } else { 2525 DPRINTF(sc, ATH_DEBUG_SW_TX, 2526 "%s: bf=%p: ampdu; swq'ing\n", 2527 __func__, bf); 2528 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2529 ath_tx_tid_sched(sc, atid); 2530 } 2531 } else if (txq->axq_depth < sc->sc_hwq_limit) { 2532 /* AMPDU not running, attempt direct dispatch */ 2533 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: xmit_normal\n", __func__, bf); 2534 ath_tx_xmit_normal(sc, txq, bf); 2535 } else { 2536 /* Busy; queue */ 2537 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: swq'ing\n", __func__, bf); 2538 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2539 ath_tx_tid_sched(sc, atid); 2540 } 2541 ATH_TXQ_UNLOCK(txq); 2542} 2543 2544/* 2545 * Do the basic frame setup stuff that's required before the frame 2546 * is added to a software queue. 2547 * 2548 * All frames get mostly the same treatment and it's done once. 2549 * Retransmits fiddle with things like the rate control setup, 2550 * setting the retransmit bit in the packet; doing relevant DMA/bus 2551 * syncing and relinking it (back) into the hardware TX queue. 2552 * 2553 * Note that this may cause the mbuf to be reallocated, so 2554 * m0 may not be valid. 2555 */ 2556 2557 2558/* 2559 * Configure the per-TID node state. 2560 * 2561 * This likely belongs in if_ath_node.c but I can't think of anywhere 2562 * else to put it just yet. 2563 * 2564 * This sets up the SLISTs and the mutex as appropriate. 2565 */ 2566void 2567ath_tx_tid_init(struct ath_softc *sc, struct ath_node *an) 2568{ 2569 int i, j; 2570 struct ath_tid *atid; 2571 2572 for (i = 0; i < IEEE80211_TID_SIZE; i++) { 2573 atid = &an->an_tid[i]; 2574 TAILQ_INIT(&atid->axq_q); 2575 atid->tid = i; 2576 atid->an = an; 2577 for (j = 0; j < ATH_TID_MAX_BUFS; j++) 2578 atid->tx_buf[j] = NULL; 2579 atid->baw_head = atid->baw_tail = 0; 2580 atid->paused = 0; 2581 atid->sched = 0; 2582 atid->hwq_depth = 0; 2583 atid->cleanup_inprogress = 0; 2584 if (i == IEEE80211_NONQOS_TID) 2585 atid->ac = WME_AC_BE; 2586 else 2587 atid->ac = TID_TO_WME_AC(i); 2588 } 2589} 2590 2591/* 2592 * Pause the current TID. This stops packets from being transmitted 2593 * on it. 2594 * 2595 * Since this is also called from upper layers as well as the driver, 2596 * it will get the TID lock. 2597 */ 2598static void 2599ath_tx_tid_pause(struct ath_softc *sc, struct ath_tid *tid) 2600{ 2601 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 2602 tid->paused++; 2603 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: paused = %d\n", 2604 __func__, tid->paused); 2605 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 2606} 2607 2608/* 2609 * Unpause the current TID, and schedule it if needed. 2610 */ 2611static void 2612ath_tx_tid_resume(struct ath_softc *sc, struct ath_tid *tid) 2613{ 2614 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2615 2616 tid->paused--; 2617 2618 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: unpaused = %d\n", 2619 __func__, tid->paused); 2620 2621 if (tid->paused || tid->axq_depth == 0) { 2622 return; 2623 } 2624 2625 ath_tx_tid_sched(sc, tid); 2626 /* Punt some frames to the hardware if needed */ 2627 //ath_txq_sched(sc, sc->sc_ac2q[tid->ac]); 2628 taskqueue_enqueue(sc->sc_tq, &sc->sc_txqtask); 2629} 2630 2631/* 2632 * Free any packets currently pending in the software TX queue. 2633 * 2634 * This will be called when a node is being deleted. 2635 * 2636 * It can also be called on an active node during an interface 2637 * reset or state transition. 2638 * 2639 * (From Linux/reference): 2640 * 2641 * TODO: For frame(s) that are in the retry state, we will reuse the 2642 * sequence number(s) without setting the retry bit. The 2643 * alternative is to give up on these and BAR the receiver's window 2644 * forward. 2645 */ 2646static void 2647ath_tx_tid_drain(struct ath_softc *sc, struct ath_node *an, 2648 struct ath_tid *tid, ath_bufhead *bf_cq) 2649{ 2650 struct ath_buf *bf; 2651 struct ieee80211_tx_ampdu *tap; 2652 struct ieee80211_node *ni = &an->an_node; 2653 int t = 0; 2654 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2655 2656 tap = ath_tx_get_tx_tid(an, tid->tid); 2657 2658 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2659 2660 /* Walk the queue, free frames */ 2661 for (;;) { 2662 bf = TAILQ_FIRST(&tid->axq_q); 2663 if (bf == NULL) { 2664 break; 2665 } 2666 2667 if (t == 0) { 2668 device_printf(sc->sc_dev, 2669 "%s: node %p: bf=%p: addbaw=%d, dobaw=%d, " 2670 "seqno_assign=%d, seqno_required=%d, seqno=%d, retry=%d\n", 2671 __func__, ni, bf, 2672 bf->bf_state.bfs_addedbaw, 2673 bf->bf_state.bfs_dobaw, 2674 bf->bf_state.bfs_need_seqno, 2675 bf->bf_state.bfs_seqno_assigned, 2676 SEQNO(bf->bf_state.bfs_seqno), 2677 bf->bf_state.bfs_retries); 2678 device_printf(sc->sc_dev, 2679 "%s: node %p: bf=%p: tid txq_depth=%d hwq_depth=%d\n", 2680 __func__, ni, bf, 2681 tid->axq_depth, 2682 tid->hwq_depth); 2683 device_printf(sc->sc_dev, 2684 "%s: node %p: bf=%p: tid %d: txq_depth=%d, " 2685 "txq_aggr_depth=%d, sched=%d, paused=%d, " 2686 "hwq_depth=%d, incomp=%d, baw_head=%d, " 2687 "baw_tail=%d txa_start=%d, ni_txseqs=%d\n", 2688 __func__, ni, bf, tid->tid, txq->axq_depth, 2689 txq->axq_aggr_depth, tid->sched, tid->paused, 2690 tid->hwq_depth, tid->incomp, tid->baw_head, 2691 tid->baw_tail, tap == NULL ? -1 : tap->txa_start, 2692 ni->ni_txseqs[tid->tid]); 2693 2694 /* XXX Dump the frame, see what it is? */ 2695 ieee80211_dump_pkt(ni->ni_ic, 2696 mtod(bf->bf_m, const uint8_t *), 2697 bf->bf_m->m_len, 0, -1); 2698 2699 t = 1; 2700 } 2701 2702 2703 /* 2704 * If the current TID is running AMPDU, update 2705 * the BAW. 2706 */ 2707 if (ath_tx_ampdu_running(sc, an, tid->tid) && 2708 bf->bf_state.bfs_dobaw) { 2709 /* 2710 * Only remove the frame from the BAW if it's 2711 * been transmitted at least once; this means 2712 * the frame was in the BAW to begin with. 2713 */ 2714 if (bf->bf_state.bfs_retries > 0) { 2715 ath_tx_update_baw(sc, an, tid, bf); 2716 bf->bf_state.bfs_dobaw = 0; 2717 } 2718 /* 2719 * This has become a non-fatal error now 2720 */ 2721 if (! bf->bf_state.bfs_addedbaw) 2722 device_printf(sc->sc_dev, 2723 "%s: wasn't added: seqno %d\n", 2724 __func__, SEQNO(bf->bf_state.bfs_seqno)); 2725 } 2726 ATH_TXQ_REMOVE(tid, bf, bf_list); 2727 TAILQ_INSERT_TAIL(bf_cq, bf, bf_list); 2728 } 2729 2730 /* 2731 * Now that it's completed, grab the TID lock and update 2732 * the sequence number and BAW window. 2733 * Because sequence numbers have been assigned to frames 2734 * that haven't been sent yet, it's entirely possible 2735 * we'll be called with some pending frames that have not 2736 * been transmitted. 2737 * 2738 * The cleaner solution is to do the sequence number allocation 2739 * when the packet is first transmitted - and thus the "retries" 2740 * check above would be enough to update the BAW/seqno. 2741 */ 2742 2743 /* But don't do it for non-QoS TIDs */ 2744 if (tap) { 2745#if 0 2746 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2747 "%s: node %p: TID %d: sliding BAW left edge to %d\n", 2748 __func__, an, tid->tid, tap->txa_start); 2749#endif 2750 ni->ni_txseqs[tid->tid] = tap->txa_start; 2751 tid->baw_tail = tid->baw_head; 2752 } 2753} 2754 2755/* 2756 * Flush all software queued packets for the given node. 2757 * 2758 * This occurs when a completion handler frees the last buffer 2759 * for a node, and the node is thus freed. This causes the node 2760 * to be cleaned up, which ends up calling ath_tx_node_flush. 2761 */ 2762void 2763ath_tx_node_flush(struct ath_softc *sc, struct ath_node *an) 2764{ 2765 int tid; 2766 ath_bufhead bf_cq; 2767 struct ath_buf *bf; 2768 2769 TAILQ_INIT(&bf_cq); 2770 2771 for (tid = 0; tid < IEEE80211_TID_SIZE; tid++) { 2772 struct ath_tid *atid = &an->an_tid[tid]; 2773 struct ath_txq *txq = sc->sc_ac2q[atid->ac]; 2774 2775 /* Remove this tid from the list of active tids */ 2776 ATH_TXQ_LOCK(txq); 2777 ath_tx_tid_unsched(sc, atid); 2778 2779 /* Free packets */ 2780 ath_tx_tid_drain(sc, an, atid, &bf_cq); 2781 ATH_TXQ_UNLOCK(txq); 2782 } 2783 2784 /* Handle completed frames */ 2785 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2786 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2787 ath_tx_default_comp(sc, bf, 0); 2788 } 2789} 2790 2791/* 2792 * Drain all the software TXQs currently with traffic queued. 2793 */ 2794void 2795ath_tx_txq_drain(struct ath_softc *sc, struct ath_txq *txq) 2796{ 2797 struct ath_tid *tid; 2798 ath_bufhead bf_cq; 2799 struct ath_buf *bf; 2800 2801 TAILQ_INIT(&bf_cq); 2802 ATH_TXQ_LOCK(txq); 2803 2804 /* 2805 * Iterate over all active tids for the given txq, 2806 * flushing and unsched'ing them 2807 */ 2808 while (! TAILQ_EMPTY(&txq->axq_tidq)) { 2809 tid = TAILQ_FIRST(&txq->axq_tidq); 2810 ath_tx_tid_drain(sc, tid->an, tid, &bf_cq); 2811 ath_tx_tid_unsched(sc, tid); 2812 } 2813 2814 ATH_TXQ_UNLOCK(txq); 2815 2816 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2817 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2818 ath_tx_default_comp(sc, bf, 0); 2819 } 2820} 2821 2822/* 2823 * Handle completion of non-aggregate session frames. 2824 */ 2825void 2826ath_tx_normal_comp(struct ath_softc *sc, struct ath_buf *bf, int fail) 2827{ 2828 struct ieee80211_node *ni = bf->bf_node; 2829 struct ath_node *an = ATH_NODE(ni); 2830 int tid = bf->bf_state.bfs_tid; 2831 struct ath_tid *atid = &an->an_tid[tid]; 2832 struct ath_tx_status *ts = &bf->bf_status.ds_txstat; 2833 2834 /* The TID state is protected behind the TXQ lock */ 2835 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2836 2837 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: fail=%d, hwq_depth now %d\n", 2838 __func__, bf, fail, atid->hwq_depth - 1); 2839 2840 atid->hwq_depth--; 2841 if (atid->hwq_depth < 0) 2842 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 2843 __func__, atid->hwq_depth); 2844 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2845 2846 /* 2847 * punt to rate control if we're not being cleaned up 2848 * during a hw queue drain and the frame wanted an ACK. 2849 */ 2850 if (fail == 0 && ((bf->bf_txflags & HAL_TXDESC_NOACK) == 0)) 2851 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc, 2852 ts, bf->bf_state.bfs_pktlen, 2853 1, (ts->ts_status == 0) ? 0 : 1); 2854 2855 ath_tx_default_comp(sc, bf, fail); 2856} 2857 2858/* 2859 * Handle cleanup of aggregate session packets that aren't 2860 * an A-MPDU. 2861 * 2862 * There's no need to update the BAW here - the session is being 2863 * torn down. 2864 */ 2865static void 2866ath_tx_comp_cleanup_unaggr(struct ath_softc *sc, struct ath_buf *bf) 2867{ 2868 struct ieee80211_node *ni = bf->bf_node; 2869 struct ath_node *an = ATH_NODE(ni); 2870 int tid = bf->bf_state.bfs_tid; 2871 struct ath_tid *atid = &an->an_tid[tid]; 2872 2873 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: TID %d: incomp=%d\n", 2874 __func__, tid, atid->incomp); 2875 2876 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2877 atid->incomp--; 2878 if (atid->incomp == 0) { 2879 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2880 "%s: TID %d: cleaned up! resume!\n", 2881 __func__, tid); 2882 atid->cleanup_inprogress = 0; 2883 ath_tx_tid_resume(sc, atid); 2884 } 2885 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2886 2887 ath_tx_default_comp(sc, bf, 0); 2888} 2889 2890/* 2891 * Performs transmit side cleanup when TID changes from aggregated to 2892 * unaggregated. 2893 * 2894 * - Discard all retry frames from the s/w queue. 2895 * - Fix the tx completion function for all buffers in s/w queue. 2896 * - Count the number of unacked frames, and let transmit completion 2897 * handle it later. 2898 * 2899 * The caller is responsible for pausing the TID. 2900 */ 2901static void 2902ath_tx_cleanup(struct ath_softc *sc, struct ath_node *an, int tid) 2903{ 2904 struct ath_tid *atid = &an->an_tid[tid]; 2905 struct ieee80211_tx_ampdu *tap; 2906 struct ath_buf *bf, *bf_next; 2907 ath_bufhead bf_cq; 2908 2909 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2910 "%s: TID %d: called\n", __func__, tid); 2911 2912 TAILQ_INIT(&bf_cq); 2913 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2914 2915 /* 2916 * Update the frames in the software TX queue: 2917 * 2918 * + Discard retry frames in the queue 2919 * + Fix the completion function to be non-aggregate 2920 */ 2921 bf = TAILQ_FIRST(&atid->axq_q); 2922 while (bf) { 2923 if (bf->bf_state.bfs_isretried) { 2924 bf_next = TAILQ_NEXT(bf, bf_list); 2925 TAILQ_REMOVE(&atid->axq_q, bf, bf_list); 2926 atid->axq_depth--; 2927 if (bf->bf_state.bfs_dobaw) { 2928 ath_tx_update_baw(sc, an, atid, bf); 2929 if (! bf->bf_state.bfs_addedbaw) 2930 device_printf(sc->sc_dev, 2931 "%s: wasn't added: seqno %d\n", 2932 __func__, 2933 SEQNO(bf->bf_state.bfs_seqno)); 2934 } 2935 bf->bf_state.bfs_dobaw = 0; 2936 /* 2937 * Call the default completion handler with "fail" just 2938 * so upper levels are suitably notified about this. 2939 */ 2940 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 2941 bf = bf_next; 2942 continue; 2943 } 2944 /* Give these the default completion handler */ 2945 bf->bf_comp = ath_tx_normal_comp; 2946 bf = TAILQ_NEXT(bf, bf_list); 2947 } 2948 2949 /* The caller is required to pause the TID */ 2950#if 0 2951 /* Pause the TID */ 2952 ath_tx_tid_pause(sc, atid); 2953#endif 2954 2955 /* 2956 * Calculate what hardware-queued frames exist based 2957 * on the current BAW size. Ie, what frames have been 2958 * added to the TX hardware queue for this TID but 2959 * not yet ACKed. 2960 */ 2961 tap = ath_tx_get_tx_tid(an, tid); 2962 /* Need the lock - fiddling with BAW */ 2963 while (atid->baw_head != atid->baw_tail) { 2964 if (atid->tx_buf[atid->baw_head]) { 2965 atid->incomp++; 2966 atid->cleanup_inprogress = 1; 2967 atid->tx_buf[atid->baw_head] = NULL; 2968 } 2969 INCR(atid->baw_head, ATH_TID_MAX_BUFS); 2970 INCR(tap->txa_start, IEEE80211_SEQ_RANGE); 2971 } 2972 2973 /* 2974 * If cleanup is required, defer TID scheduling 2975 * until all the HW queued packets have been 2976 * sent. 2977 */ 2978 if (! atid->cleanup_inprogress) 2979 ath_tx_tid_resume(sc, atid); 2980 2981 if (atid->cleanup_inprogress) 2982 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2983 "%s: TID %d: cleanup needed: %d packets\n", 2984 __func__, tid, atid->incomp); 2985 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2986 2987 /* Handle completing frames and fail them */ 2988 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2989 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2990 ath_tx_default_comp(sc, bf, 1); 2991 } 2992} 2993 2994static void 2995ath_tx_set_retry(struct ath_softc *sc, struct ath_buf *bf) 2996{ 2997 struct ieee80211_frame *wh; 2998 2999 wh = mtod(bf->bf_m, struct ieee80211_frame *); 3000 /* Only update/resync if needed */ 3001 if (bf->bf_state.bfs_isretried == 0) { 3002 wh->i_fc[1] |= IEEE80211_FC1_RETRY; 3003 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, 3004 BUS_DMASYNC_PREWRITE); 3005 } 3006 sc->sc_stats.ast_tx_swretries++; 3007 bf->bf_state.bfs_isretried = 1; 3008 bf->bf_state.bfs_retries ++; 3009} 3010 3011static struct ath_buf * 3012ath_tx_retry_clone(struct ath_softc *sc, struct ath_node *an, 3013 struct ath_tid *tid, struct ath_buf *bf) 3014{ 3015 struct ath_buf *nbf; 3016 int error; 3017 3018 nbf = ath_buf_clone(sc, bf); 3019 3020#if 0 3021 device_printf(sc->sc_dev, "%s: ATH_BUF_BUSY; cloning\n", 3022 __func__); 3023#endif 3024 3025 if (nbf == NULL) { 3026 /* Failed to clone */ 3027 device_printf(sc->sc_dev, 3028 "%s: failed to clone a busy buffer\n", 3029 __func__); 3030 return NULL; 3031 } 3032 3033 /* Setup the dma for the new buffer */ 3034 error = ath_tx_dmasetup(sc, nbf, nbf->bf_m); 3035 if (error != 0) { 3036 device_printf(sc->sc_dev, 3037 "%s: failed to setup dma for clone\n", 3038 __func__); 3039 /* 3040 * Put this at the head of the list, not tail; 3041 * that way it doesn't interfere with the 3042 * busy buffer logic (which uses the tail of 3043 * the list.) 3044 */ 3045 ATH_TXBUF_LOCK(sc); 3046 TAILQ_INSERT_HEAD(&sc->sc_txbuf, nbf, bf_list); 3047 ATH_TXBUF_UNLOCK(sc); 3048 return NULL; 3049 } 3050 3051 /* Update BAW if required, before we free the original buf */ 3052 if (bf->bf_state.bfs_dobaw) 3053 ath_tx_switch_baw_buf(sc, an, tid, bf, nbf); 3054 3055 /* Free current buffer; return the older buffer */ 3056 bf->bf_m = NULL; 3057 bf->bf_node = NULL; 3058 ath_freebuf(sc, bf); 3059 return nbf; 3060} 3061 3062/* 3063 * Handle retrying an unaggregate frame in an aggregate 3064 * session. 3065 * 3066 * If too many retries occur, pause the TID, wait for 3067 * any further retransmits (as there's no reason why 3068 * non-aggregate frames in an aggregate session are 3069 * transmitted in-order; they just have to be in-BAW) 3070 * and then queue a BAR. 3071 */ 3072static void 3073ath_tx_aggr_retry_unaggr(struct ath_softc *sc, struct ath_buf *bf) 3074{ 3075 struct ieee80211_node *ni = bf->bf_node; 3076 struct ath_node *an = ATH_NODE(ni); 3077 int tid = bf->bf_state.bfs_tid; 3078 struct ath_tid *atid = &an->an_tid[tid]; 3079 struct ieee80211_tx_ampdu *tap; 3080 int txseq; 3081 3082 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3083 3084 tap = ath_tx_get_tx_tid(an, tid); 3085 3086 /* 3087 * If the buffer is marked as busy, we can't directly 3088 * reuse it. Instead, try to clone the buffer. 3089 * If the clone is successful, recycle the old buffer. 3090 * If the clone is unsuccessful, set bfs_retries to max 3091 * to force the next bit of code to free the buffer 3092 * for us. 3093 */ 3094 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) && 3095 (bf->bf_flags & ATH_BUF_BUSY)) { 3096 struct ath_buf *nbf; 3097 nbf = ath_tx_retry_clone(sc, an, atid, bf); 3098 if (nbf) 3099 /* bf has been freed at this point */ 3100 bf = nbf; 3101 else 3102 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1; 3103 } 3104 3105 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) { 3106 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES, 3107 "%s: exceeded retries; seqno %d\n", 3108 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3109 sc->sc_stats.ast_tx_swretrymax++; 3110 3111 /* Update BAW anyway */ 3112 if (bf->bf_state.bfs_dobaw) { 3113 ath_tx_update_baw(sc, an, atid, bf); 3114 if (! bf->bf_state.bfs_addedbaw) 3115 device_printf(sc->sc_dev, 3116 "%s: wasn't added: seqno %d\n", 3117 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3118 } 3119 bf->bf_state.bfs_dobaw = 0; 3120 3121 /* Send BAR frame */ 3122 /* 3123 * This'll end up going into net80211 and back out 3124 * again, via ic->ic_raw_xmit(). 3125 */ 3126 txseq = tap->txa_start; 3127 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3128 3129 device_printf(sc->sc_dev, 3130 "%s: TID %d: send BAR; seq %d\n", __func__, tid, txseq); 3131 3132 /* XXX TODO: send BAR */ 3133 3134 /* Free buffer, bf is free after this call */ 3135 ath_tx_default_comp(sc, bf, 0); 3136 return; 3137 } 3138 3139 /* 3140 * This increments the retry counter as well as 3141 * sets the retry flag in the ath_buf and packet 3142 * body. 3143 */ 3144 ath_tx_set_retry(sc, bf); 3145 3146 /* 3147 * Insert this at the head of the queue, so it's 3148 * retried before any current/subsequent frames. 3149 */ 3150 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list); 3151 ath_tx_tid_sched(sc, atid); 3152 3153 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3154} 3155 3156/* 3157 * Common code for aggregate excessive retry/subframe retry. 3158 * If retrying, queues buffers to bf_q. If not, frees the 3159 * buffers. 3160 * 3161 * XXX should unify this with ath_tx_aggr_retry_unaggr() 3162 */ 3163static int 3164ath_tx_retry_subframe(struct ath_softc *sc, struct ath_buf *bf, 3165 ath_bufhead *bf_q) 3166{ 3167 struct ieee80211_node *ni = bf->bf_node; 3168 struct ath_node *an = ATH_NODE(ni); 3169 int tid = bf->bf_state.bfs_tid; 3170 struct ath_tid *atid = &an->an_tid[tid]; 3171 3172 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[atid->ac]); 3173 3174 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3175 ath_hal_set11nburstduration(sc->sc_ah, bf->bf_desc, 0); 3176 /* ath_hal_set11n_virtualmorefrag(sc->sc_ah, bf->bf_desc, 0); */ 3177 3178 /* 3179 * If the buffer is marked as busy, we can't directly 3180 * reuse it. Instead, try to clone the buffer. 3181 * If the clone is successful, recycle the old buffer. 3182 * If the clone is unsuccessful, set bfs_retries to max 3183 * to force the next bit of code to free the buffer 3184 * for us. 3185 */ 3186 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) && 3187 (bf->bf_flags & ATH_BUF_BUSY)) { 3188 struct ath_buf *nbf; 3189 nbf = ath_tx_retry_clone(sc, an, atid, bf); 3190 if (nbf) 3191 /* bf has been freed at this point */ 3192 bf = nbf; 3193 else 3194 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1; 3195 } 3196 3197 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) { 3198 sc->sc_stats.ast_tx_swretrymax++; 3199 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES, 3200 "%s: max retries: seqno %d\n", 3201 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3202 ath_tx_update_baw(sc, an, atid, bf); 3203 if (! bf->bf_state.bfs_addedbaw) 3204 device_printf(sc->sc_dev, 3205 "%s: wasn't added: seqno %d\n", 3206 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3207 bf->bf_state.bfs_dobaw = 0; 3208 return 1; 3209 } 3210 3211 ath_tx_set_retry(sc, bf); 3212 bf->bf_next = NULL; /* Just to make sure */ 3213 3214 TAILQ_INSERT_TAIL(bf_q, bf, bf_list); 3215 return 0; 3216} 3217 3218/* 3219 * error pkt completion for an aggregate destination 3220 */ 3221static void 3222ath_tx_comp_aggr_error(struct ath_softc *sc, struct ath_buf *bf_first, 3223 struct ath_tid *tid) 3224{ 3225 struct ieee80211_node *ni = bf_first->bf_node; 3226 struct ath_node *an = ATH_NODE(ni); 3227 struct ath_buf *bf_next, *bf; 3228 ath_bufhead bf_q; 3229 int drops = 0; 3230 struct ieee80211_tx_ampdu *tap; 3231 ath_bufhead bf_cq; 3232 3233 TAILQ_INIT(&bf_q); 3234 TAILQ_INIT(&bf_cq); 3235 3236 /* 3237 * Update rate control - all frames have failed. 3238 * 3239 * XXX use the length in the first frame in the series; 3240 * XXX just so things are consistent for now. 3241 */ 3242 ath_tx_update_ratectrl(sc, ni, bf_first->bf_state.bfs_rc, 3243 &bf_first->bf_status.ds_txstat, 3244 bf_first->bf_state.bfs_pktlen, 3245 bf_first->bf_state.bfs_nframes, bf_first->bf_state.bfs_nframes); 3246 3247 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 3248 tap = ath_tx_get_tx_tid(an, tid->tid); 3249 sc->sc_stats.ast_tx_aggr_failall++; 3250 3251 /* Retry all subframes */ 3252 bf = bf_first; 3253 while (bf) { 3254 bf_next = bf->bf_next; 3255 bf->bf_next = NULL; /* Remove it from the aggr list */ 3256 sc->sc_stats.ast_tx_aggr_fail++; 3257 if (ath_tx_retry_subframe(sc, bf, &bf_q)) { 3258 drops++; 3259 bf->bf_next = NULL; 3260 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3261 } 3262 bf = bf_next; 3263 } 3264 3265 /* Prepend all frames to the beginning of the queue */ 3266 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) { 3267 TAILQ_REMOVE(&bf_q, bf, bf_list); 3268 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list); 3269 } 3270 3271 ath_tx_tid_sched(sc, tid); 3272 3273 /* 3274 * send bar if we dropped any frames 3275 * 3276 * Keep the txq lock held for now, as we need to ensure 3277 * that ni_txseqs[] is consistent (as it's being updated 3278 * in the ifnet TX context or raw TX context.) 3279 */ 3280 if (drops) { 3281 int txseq = tap->txa_start; 3282 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 3283 device_printf(sc->sc_dev, 3284 "%s: TID %d: send BAR; seq %d\n", 3285 __func__, tid->tid, txseq); 3286 3287 /* XXX TODO: send BAR */ 3288 } else { 3289 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 3290 } 3291 3292 /* Complete frames which errored out */ 3293 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3294 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3295 ath_tx_default_comp(sc, bf, 0); 3296 } 3297} 3298 3299/* 3300 * Handle clean-up of packets from an aggregate list. 3301 * 3302 * There's no need to update the BAW here - the session is being 3303 * torn down. 3304 */ 3305static void 3306ath_tx_comp_cleanup_aggr(struct ath_softc *sc, struct ath_buf *bf_first) 3307{ 3308 struct ath_buf *bf, *bf_next; 3309 struct ieee80211_node *ni = bf_first->bf_node; 3310 struct ath_node *an = ATH_NODE(ni); 3311 int tid = bf_first->bf_state.bfs_tid; 3312 struct ath_tid *atid = &an->an_tid[tid]; 3313 3314 bf = bf_first; 3315 3316 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3317 3318 /* update incomp */ 3319 while (bf) { 3320 atid->incomp--; 3321 bf = bf->bf_next; 3322 } 3323 3324 if (atid->incomp == 0) { 3325 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3326 "%s: TID %d: cleaned up! resume!\n", 3327 __func__, tid); 3328 atid->cleanup_inprogress = 0; 3329 ath_tx_tid_resume(sc, atid); 3330 } 3331 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3332 3333 /* Handle frame completion */ 3334 while (bf) { 3335 bf_next = bf->bf_next; 3336 ath_tx_default_comp(sc, bf, 1); 3337 bf = bf_next; 3338 } 3339} 3340 3341/* 3342 * Handle completion of an set of aggregate frames. 3343 * 3344 * XXX for now, simply complete each sub-frame. 3345 * 3346 * Note: the completion handler is the last descriptor in the aggregate, 3347 * not the last descriptor in the first frame. 3348 */ 3349static void 3350ath_tx_aggr_comp_aggr(struct ath_softc *sc, struct ath_buf *bf_first, 3351 int fail) 3352{ 3353 //struct ath_desc *ds = bf->bf_lastds; 3354 struct ieee80211_node *ni = bf_first->bf_node; 3355 struct ath_node *an = ATH_NODE(ni); 3356 int tid = bf_first->bf_state.bfs_tid; 3357 struct ath_tid *atid = &an->an_tid[tid]; 3358 struct ath_tx_status ts; 3359 struct ieee80211_tx_ampdu *tap; 3360 ath_bufhead bf_q; 3361 ath_bufhead bf_cq; 3362 int seq_st, tx_ok; 3363 int hasba, isaggr; 3364 uint32_t ba[2]; 3365 struct ath_buf *bf, *bf_next; 3366 int ba_index; 3367 int drops = 0; 3368 int nframes = 0, nbad = 0, nf; 3369 int pktlen; 3370 /* XXX there's too much on the stack? */ 3371 struct ath_rc_series rc[4]; 3372 int txseq; 3373 3374 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: called; hwq_depth=%d\n", 3375 __func__, atid->hwq_depth); 3376 3377 /* The TID state is kept behind the TXQ lock */ 3378 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3379 3380 atid->hwq_depth--; 3381 if (atid->hwq_depth < 0) 3382 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 3383 __func__, atid->hwq_depth); 3384 3385 /* 3386 * Punt cleanup to the relevant function, not our problem now 3387 */ 3388 if (atid->cleanup_inprogress) { 3389 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3390 ath_tx_comp_cleanup_aggr(sc, bf_first); 3391 return; 3392 } 3393 3394 /* 3395 * Take a copy; this may be needed -after- bf_first 3396 * has been completed and freed. 3397 */ 3398 ts = bf_first->bf_status.ds_txstat; 3399 /* 3400 * XXX for now, use the first frame in the aggregate for 3401 * XXX rate control completion; it's at least consistent. 3402 */ 3403 pktlen = bf_first->bf_state.bfs_pktlen; 3404 3405 /* 3406 * handle errors first 3407 */ 3408 if (ts.ts_status & HAL_TXERR_XRETRY) { 3409 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3410 ath_tx_comp_aggr_error(sc, bf_first, atid); 3411 return; 3412 } 3413 3414 TAILQ_INIT(&bf_q); 3415 TAILQ_INIT(&bf_cq); 3416 tap = ath_tx_get_tx_tid(an, tid); 3417 3418 /* 3419 * extract starting sequence and block-ack bitmap 3420 */ 3421 /* XXX endian-ness of seq_st, ba? */ 3422 seq_st = ts.ts_seqnum; 3423 hasba = !! (ts.ts_flags & HAL_TX_BA); 3424 tx_ok = (ts.ts_status == 0); 3425 isaggr = bf_first->bf_state.bfs_aggr; 3426 ba[0] = ts.ts_ba_low; 3427 ba[1] = ts.ts_ba_high; 3428 3429 /* 3430 * Copy the TX completion status and the rate control 3431 * series from the first descriptor, as it may be freed 3432 * before the rate control code can get its grubby fingers 3433 * into things. 3434 */ 3435 memcpy(rc, bf_first->bf_state.bfs_rc, sizeof(rc)); 3436 3437 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3438 "%s: txa_start=%d, tx_ok=%d, status=%.8x, flags=%.8x, " 3439 "isaggr=%d, seq_st=%d, hasba=%d, ba=%.8x, %.8x\n", 3440 __func__, tap->txa_start, tx_ok, ts.ts_status, ts.ts_flags, 3441 isaggr, seq_st, hasba, ba[0], ba[1]); 3442 3443 /* Occasionally, the MAC sends a tx status for the wrong TID. */ 3444 if (tid != ts.ts_tid) { 3445 device_printf(sc->sc_dev, "%s: tid %d != hw tid %d\n", 3446 __func__, tid, ts.ts_tid); 3447 tx_ok = 0; 3448 } 3449 3450 /* AR5416 BA bug; this requires an interface reset */ 3451 if (isaggr && tx_ok && (! hasba)) { 3452 device_printf(sc->sc_dev, 3453 "%s: AR5416 bug: hasba=%d; txok=%d, isaggr=%d, " 3454 "seq_st=%d\n", 3455 __func__, hasba, tx_ok, isaggr, seq_st); 3456 /* XXX TODO: schedule an interface reset */ 3457 } 3458 3459 /* 3460 * Walk the list of frames, figure out which ones were correctly 3461 * sent and which weren't. 3462 */ 3463 bf = bf_first; 3464 nf = bf_first->bf_state.bfs_nframes; 3465 3466 /* bf_first is going to be invalid once this list is walked */ 3467 bf_first = NULL; 3468 3469 /* 3470 * Walk the list of completed frames and determine 3471 * which need to be completed and which need to be 3472 * retransmitted. 3473 * 3474 * For completed frames, the completion functions need 3475 * to be called at the end of this function as the last 3476 * node reference may free the node. 3477 * 3478 * Finally, since the TXQ lock can't be held during the 3479 * completion callback (to avoid lock recursion), 3480 * the completion calls have to be done outside of the 3481 * lock. 3482 */ 3483 while (bf) { 3484 nframes++; 3485 ba_index = ATH_BA_INDEX(seq_st, 3486 SEQNO(bf->bf_state.bfs_seqno)); 3487 bf_next = bf->bf_next; 3488 bf->bf_next = NULL; /* Remove it from the aggr list */ 3489 3490 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3491 "%s: checking bf=%p seqno=%d; ack=%d\n", 3492 __func__, bf, SEQNO(bf->bf_state.bfs_seqno), 3493 ATH_BA_ISSET(ba, ba_index)); 3494 3495 if (tx_ok && ATH_BA_ISSET(ba, ba_index)) { 3496 sc->sc_stats.ast_tx_aggr_ok++; 3497 ath_tx_update_baw(sc, an, atid, bf); 3498 bf->bf_state.bfs_dobaw = 0; 3499 if (! bf->bf_state.bfs_addedbaw) 3500 device_printf(sc->sc_dev, 3501 "%s: wasn't added: seqno %d\n", 3502 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3503 bf->bf_next = NULL; 3504 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3505 } else { 3506 sc->sc_stats.ast_tx_aggr_fail++; 3507 if (ath_tx_retry_subframe(sc, bf, &bf_q)) { 3508 drops++; 3509 bf->bf_next = NULL; 3510 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3511 } 3512 nbad++; 3513 } 3514 bf = bf_next; 3515 } 3516 3517 /* 3518 * Now that the BAW updates have been done, unlock 3519 * 3520 * txseq is grabbed before the lock is released so we 3521 * have a consistent view of what -was- in the BAW. 3522 * Anything after this point will not yet have been 3523 * TXed. 3524 */ 3525 txseq = tap->txa_start; 3526 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3527 3528 if (nframes != nf) 3529 device_printf(sc->sc_dev, 3530 "%s: num frames seen=%d; bf nframes=%d\n", 3531 __func__, nframes, nf); 3532 3533 /* 3534 * Now we know how many frames were bad, call the rate 3535 * control code. 3536 */ 3537 if (fail == 0) 3538 ath_tx_update_ratectrl(sc, ni, rc, &ts, pktlen, nframes, 3539 nbad); 3540 3541 /* 3542 * send bar if we dropped any frames 3543 */ 3544 if (drops) { 3545 device_printf(sc->sc_dev, 3546 "%s: TID %d: send BAR; seq %d\n", __func__, tid, txseq); 3547 /* XXX TODO: send BAR */ 3548 } 3549 3550 /* Prepend all frames to the beginning of the queue */ 3551 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3552 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) { 3553 TAILQ_REMOVE(&bf_q, bf, bf_list); 3554 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list); 3555 } 3556 ath_tx_tid_sched(sc, atid); 3557 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3558 3559 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3560 "%s: txa_start now %d\n", __func__, tap->txa_start); 3561 3562 /* Do deferred completion */ 3563 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3564 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3565 ath_tx_default_comp(sc, bf, 0); 3566 } 3567} 3568 3569/* 3570 * Handle completion of unaggregated frames in an ADDBA 3571 * session. 3572 * 3573 * Fail is set to 1 if the entry is being freed via a call to 3574 * ath_tx_draintxq(). 3575 */ 3576static void 3577ath_tx_aggr_comp_unaggr(struct ath_softc *sc, struct ath_buf *bf, int fail) 3578{ 3579 struct ieee80211_node *ni = bf->bf_node; 3580 struct ath_node *an = ATH_NODE(ni); 3581 int tid = bf->bf_state.bfs_tid; 3582 struct ath_tid *atid = &an->an_tid[tid]; 3583 struct ath_tx_status *ts = &bf->bf_status.ds_txstat; 3584 3585 /* 3586 * Update rate control status here, before we possibly 3587 * punt to retry or cleanup. 3588 * 3589 * Do it outside of the TXQ lock. 3590 */ 3591 if (fail == 0 && ((bf->bf_txflags & HAL_TXDESC_NOACK) == 0)) 3592 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc, 3593 &bf->bf_status.ds_txstat, 3594 bf->bf_state.bfs_pktlen, 3595 1, (ts->ts_status == 0) ? 0 : 1); 3596 3597 /* 3598 * This is called early so atid->hwq_depth can be tracked. 3599 * This unfortunately means that it's released and regrabbed 3600 * during retry and cleanup. That's rather inefficient. 3601 */ 3602 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3603 3604 if (tid == IEEE80211_NONQOS_TID) 3605 device_printf(sc->sc_dev, "%s: TID=16!\n", __func__); 3606 3607 DPRINTF(sc, ATH_DEBUG_SW_TX, 3608 "%s: bf=%p: tid=%d, hwq_depth=%d, seqno=%d\n", 3609 __func__, bf, bf->bf_state.bfs_tid, atid->hwq_depth, 3610 SEQNO(bf->bf_state.bfs_seqno)); 3611 3612 atid->hwq_depth--; 3613 if (atid->hwq_depth < 0) 3614 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 3615 __func__, atid->hwq_depth); 3616 3617 /* 3618 * If a cleanup is in progress, punt to comp_cleanup; 3619 * rather than handling it here. It's thus their 3620 * responsibility to clean up, call the completion 3621 * function in net80211, etc. 3622 */ 3623 if (atid->cleanup_inprogress) { 3624 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3625 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: cleanup_unaggr\n", 3626 __func__); 3627 ath_tx_comp_cleanup_unaggr(sc, bf); 3628 return; 3629 } 3630 3631 /* 3632 * Don't bother with the retry check if all frames 3633 * are being failed (eg during queue deletion.) 3634 */ 3635 if (fail == 0 && ts->ts_status & HAL_TXERR_XRETRY) { 3636 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3637 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: retry_unaggr\n", 3638 __func__); 3639 ath_tx_aggr_retry_unaggr(sc, bf); 3640 return; 3641 } 3642 3643 /* Success? Complete */ 3644 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: TID=%d, seqno %d\n", 3645 __func__, tid, SEQNO(bf->bf_state.bfs_seqno)); 3646 if (bf->bf_state.bfs_dobaw) { 3647 ath_tx_update_baw(sc, an, atid, bf); 3648 bf->bf_state.bfs_dobaw = 0; 3649 if (! bf->bf_state.bfs_addedbaw) 3650 device_printf(sc->sc_dev, 3651 "%s: wasn't added: seqno %d\n", 3652 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3653 } 3654 3655 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3656 3657 ath_tx_default_comp(sc, bf, fail); 3658 /* bf is freed at this point */ 3659} 3660 3661void 3662ath_tx_aggr_comp(struct ath_softc *sc, struct ath_buf *bf, int fail) 3663{ 3664 if (bf->bf_state.bfs_aggr) 3665 ath_tx_aggr_comp_aggr(sc, bf, fail); 3666 else 3667 ath_tx_aggr_comp_unaggr(sc, bf, fail); 3668} 3669 3670/* 3671 * Schedule some packets from the given node/TID to the hardware. 3672 * 3673 * This is the aggregate version. 3674 */ 3675void 3676ath_tx_tid_hw_queue_aggr(struct ath_softc *sc, struct ath_node *an, 3677 struct ath_tid *tid) 3678{ 3679 struct ath_buf *bf; 3680 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 3681 struct ieee80211_tx_ampdu *tap; 3682 struct ieee80211_node *ni = &an->an_node; 3683 ATH_AGGR_STATUS status; 3684 ath_bufhead bf_q; 3685 3686 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d\n", __func__, tid->tid); 3687 ATH_TXQ_LOCK_ASSERT(txq); 3688 3689 tap = ath_tx_get_tx_tid(an, tid->tid); 3690 3691 if (tid->tid == IEEE80211_NONQOS_TID) 3692 device_printf(sc->sc_dev, "%s: called for TID=NONQOS_TID?\n", 3693 __func__); 3694 3695 for (;;) { 3696 status = ATH_AGGR_DONE; 3697 3698 /* 3699 * If the upper layer has paused the TID, don't 3700 * queue any further packets. 3701 * 3702 * This can also occur from the completion task because 3703 * of packet loss; but as its serialised with this code, 3704 * it won't "appear" half way through queuing packets. 3705 */ 3706 if (tid->paused) 3707 break; 3708 3709 bf = TAILQ_FIRST(&tid->axq_q); 3710 if (bf == NULL) { 3711 break; 3712 } 3713 3714 /* 3715 * If the packet doesn't fall within the BAW (eg a NULL 3716 * data frame), schedule it directly; continue. 3717 */ 3718 if (! bf->bf_state.bfs_dobaw) { 3719 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3720 "%s: non-baw packet\n", 3721 __func__); 3722 ATH_TXQ_REMOVE(tid, bf, bf_list); 3723 bf->bf_state.bfs_aggr = 0; 3724 ath_tx_do_ratelookup(sc, bf); 3725 ath_tx_rate_fill_rcflags(sc, bf); 3726 ath_tx_set_rtscts(sc, bf); 3727 ath_tx_setds(sc, bf); 3728 ath_tx_chaindesclist(sc, bf); 3729 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3730 ath_tx_set_ratectrl(sc, ni, bf); 3731 3732 sc->sc_aggr_stats.aggr_nonbaw_pkt++; 3733 3734 /* Queue the packet; continue */ 3735 goto queuepkt; 3736 } 3737 3738 TAILQ_INIT(&bf_q); 3739 3740 /* 3741 * Do a rate control lookup on the first frame in the 3742 * list. The rate control code needs that to occur 3743 * before it can determine whether to TX. 3744 * It's inaccurate because the rate control code doesn't 3745 * really "do" aggregate lookups, so it only considers 3746 * the size of the first frame. 3747 */ 3748 ath_tx_do_ratelookup(sc, bf); 3749 bf->bf_state.bfs_rc[3].rix = 0; 3750 bf->bf_state.bfs_rc[3].tries = 0; 3751 ath_tx_rate_fill_rcflags(sc, bf); 3752 3753 status = ath_tx_form_aggr(sc, an, tid, &bf_q); 3754 3755 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3756 "%s: ath_tx_form_aggr() status=%d\n", __func__, status); 3757 3758 /* 3759 * No frames to be picked up - out of BAW 3760 */ 3761 if (TAILQ_EMPTY(&bf_q)) 3762 break; 3763 3764 /* 3765 * This assumes that the descriptor list in the ath_bufhead 3766 * are already linked together via bf_next pointers. 3767 */ 3768 bf = TAILQ_FIRST(&bf_q); 3769 3770 /* 3771 * If it's the only frame send as non-aggregate 3772 * assume that ath_tx_form_aggr() has checked 3773 * whether it's in the BAW and added it appropriately. 3774 */ 3775 if (bf->bf_state.bfs_nframes == 1) { 3776 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3777 "%s: single-frame aggregate\n", __func__); 3778 bf->bf_state.bfs_aggr = 0; 3779 ath_tx_set_rtscts(sc, bf); 3780 ath_tx_setds(sc, bf); 3781 ath_tx_chaindesclist(sc, bf); 3782 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3783 ath_tx_set_ratectrl(sc, ni, bf); 3784 if (status == ATH_AGGR_BAW_CLOSED) 3785 sc->sc_aggr_stats.aggr_baw_closed_single_pkt++; 3786 else 3787 sc->sc_aggr_stats.aggr_single_pkt++; 3788 } else { 3789 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3790 "%s: multi-frame aggregate: %d frames, " 3791 "length %d\n", 3792 __func__, bf->bf_state.bfs_nframes, 3793 bf->bf_state.bfs_al); 3794 bf->bf_state.bfs_aggr = 1; 3795 sc->sc_aggr_stats.aggr_pkts[bf->bf_state.bfs_nframes]++; 3796 sc->sc_aggr_stats.aggr_aggr_pkt++; 3797 3798 /* 3799 * Update the rate and rtscts information based on the 3800 * rate decision made by the rate control code; 3801 * the first frame in the aggregate needs it. 3802 */ 3803 ath_tx_set_rtscts(sc, bf); 3804 3805 /* 3806 * Setup the relevant descriptor fields 3807 * for aggregation. The first descriptor 3808 * already points to the rest in the chain. 3809 */ 3810 ath_tx_setds_11n(sc, bf); 3811 3812 /* 3813 * setup first desc with rate and aggr info 3814 */ 3815 ath_tx_set_ratectrl(sc, ni, bf); 3816 } 3817 queuepkt: 3818 //txq = bf->bf_state.bfs_txq; 3819 3820 /* Set completion handler, multi-frame aggregate or not */ 3821 bf->bf_comp = ath_tx_aggr_comp; 3822 3823 if (bf->bf_state.bfs_tid == IEEE80211_NONQOS_TID) 3824 device_printf(sc->sc_dev, "%s: TID=16?\n", __func__); 3825 3826 /* Punt to txq */ 3827 ath_tx_handoff(sc, txq, bf); 3828 3829 /* Track outstanding buffer count to hardware */ 3830 /* aggregates are "one" buffer */ 3831 tid->hwq_depth++; 3832 3833 /* 3834 * Break out if ath_tx_form_aggr() indicated 3835 * there can't be any further progress (eg BAW is full.) 3836 * Checking for an empty txq is done above. 3837 * 3838 * XXX locking on txq here? 3839 */ 3840 if (txq->axq_aggr_depth >= sc->sc_hwq_limit || 3841 status == ATH_AGGR_BAW_CLOSED) 3842 break; 3843 } 3844} 3845 3846/* 3847 * Schedule some packets from the given node/TID to the hardware. 3848 */ 3849void 3850ath_tx_tid_hw_queue_norm(struct ath_softc *sc, struct ath_node *an, 3851 struct ath_tid *tid) 3852{ 3853 struct ath_buf *bf; 3854 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 3855 struct ieee80211_node *ni = &an->an_node; 3856 3857 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: node %p: TID %d: called\n", 3858 __func__, an, tid->tid); 3859 3860 ATH_TXQ_LOCK_ASSERT(txq); 3861 3862 /* Check - is AMPDU pending or running? then print out something */ 3863 if (ath_tx_ampdu_pending(sc, an, tid->tid)) 3864 device_printf(sc->sc_dev, "%s: tid=%d, ampdu pending?\n", 3865 __func__, tid->tid); 3866 if (ath_tx_ampdu_running(sc, an, tid->tid)) 3867 device_printf(sc->sc_dev, "%s: tid=%d, ampdu running?\n", 3868 __func__, tid->tid); 3869 3870 for (;;) { 3871 3872 /* 3873 * If the upper layers have paused the TID, don't 3874 * queue any further packets. 3875 */ 3876 if (tid->paused) 3877 break; 3878 3879 bf = TAILQ_FIRST(&tid->axq_q); 3880 if (bf == NULL) { 3881 break; 3882 } 3883 3884 ATH_TXQ_REMOVE(tid, bf, bf_list); 3885 3886 KASSERT(txq == bf->bf_state.bfs_txq, ("txqs not equal!\n")); 3887 3888 /* Sanity check! */ 3889 if (tid->tid != bf->bf_state.bfs_tid) { 3890 device_printf(sc->sc_dev, "%s: bfs_tid %d !=" 3891 " tid %d\n", 3892 __func__, bf->bf_state.bfs_tid, tid->tid); 3893 } 3894 /* Normal completion handler */ 3895 bf->bf_comp = ath_tx_normal_comp; 3896 3897 /* Program descriptors + rate control */ 3898 ath_tx_do_ratelookup(sc, bf); 3899 ath_tx_rate_fill_rcflags(sc, bf); 3900 ath_tx_set_rtscts(sc, bf); 3901 ath_tx_setds(sc, bf); 3902 ath_tx_chaindesclist(sc, bf); 3903 ath_tx_set_ratectrl(sc, ni, bf); 3904 3905 /* Track outstanding buffer count to hardware */ 3906 /* aggregates are "one" buffer */ 3907 tid->hwq_depth++; 3908 3909 /* Punt to hardware or software txq */ 3910 ath_tx_handoff(sc, txq, bf); 3911 } 3912} 3913 3914/* 3915 * Schedule some packets to the given hardware queue. 3916 * 3917 * This function walks the list of TIDs (ie, ath_node TIDs 3918 * with queued traffic) and attempts to schedule traffic 3919 * from them. 3920 * 3921 * TID scheduling is implemented as a FIFO, with TIDs being 3922 * added to the end of the queue after some frames have been 3923 * scheduled. 3924 */ 3925void 3926ath_txq_sched(struct ath_softc *sc, struct ath_txq *txq) 3927{ 3928 struct ath_tid *tid, *next, *last; 3929 3930 ATH_TXQ_LOCK_ASSERT(txq); 3931 3932 /* 3933 * Don't schedule if the hardware queue is busy. 3934 * This (hopefully) gives some more time to aggregate 3935 * some packets in the aggregation queue. 3936 */ 3937 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) { 3938 sc->sc_aggr_stats.aggr_sched_nopkt++; 3939 return; 3940 } 3941 3942 last = TAILQ_LAST(&txq->axq_tidq, axq_t_s); 3943 3944 TAILQ_FOREACH_SAFE(tid, &txq->axq_tidq, axq_qelem, next) { 3945 /* 3946 * Suspend paused queues here; they'll be resumed 3947 * once the addba completes or times out. 3948 */ 3949 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, paused=%d\n", 3950 __func__, tid->tid, tid->paused); 3951 ath_tx_tid_unsched(sc, tid); 3952 if (tid->paused) { 3953 continue; 3954 } 3955 if (ath_tx_ampdu_running(sc, tid->an, tid->tid)) 3956 ath_tx_tid_hw_queue_aggr(sc, tid->an, tid); 3957 else 3958 ath_tx_tid_hw_queue_norm(sc, tid->an, tid); 3959 3960 /* Not empty? Re-schedule */ 3961 if (tid->axq_depth != 0) 3962 ath_tx_tid_sched(sc, tid); 3963 3964 /* Give the software queue time to aggregate more packets */ 3965 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) { 3966 break; 3967 } 3968 3969 /* 3970 * If this was the last entry on the original list, stop. 3971 * Otherwise nodes that have been rescheduled onto the end 3972 * of the TID FIFO list will just keep being rescheduled. 3973 */ 3974 if (tid == last) 3975 break; 3976 } 3977} 3978 3979/* 3980 * TX addba handling 3981 */ 3982 3983/* 3984 * Return net80211 TID struct pointer, or NULL for none 3985 */ 3986struct ieee80211_tx_ampdu * 3987ath_tx_get_tx_tid(struct ath_node *an, int tid) 3988{ 3989 struct ieee80211_node *ni = &an->an_node; 3990 struct ieee80211_tx_ampdu *tap; 3991 int ac; 3992 3993 if (tid == IEEE80211_NONQOS_TID) 3994 return NULL; 3995 3996 ac = TID_TO_WME_AC(tid); 3997 3998 tap = &ni->ni_tx_ampdu[ac]; 3999 return tap; 4000} 4001 4002/* 4003 * Is AMPDU-TX running? 4004 */ 4005static int 4006ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, int tid) 4007{ 4008 struct ieee80211_tx_ampdu *tap; 4009 4010 if (tid == IEEE80211_NONQOS_TID) 4011 return 0; 4012 4013 tap = ath_tx_get_tx_tid(an, tid); 4014 if (tap == NULL) 4015 return 0; /* Not valid; default to not running */ 4016 4017 return !! (tap->txa_flags & IEEE80211_AGGR_RUNNING); 4018} 4019 4020/* 4021 * Is AMPDU-TX negotiation pending? 4022 */ 4023static int 4024ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, int tid) 4025{ 4026 struct ieee80211_tx_ampdu *tap; 4027 4028 if (tid == IEEE80211_NONQOS_TID) 4029 return 0; 4030 4031 tap = ath_tx_get_tx_tid(an, tid); 4032 if (tap == NULL) 4033 return 0; /* Not valid; default to not pending */ 4034 4035 return !! (tap->txa_flags & IEEE80211_AGGR_XCHGPEND); 4036} 4037 4038/* 4039 * Is AMPDU-TX pending for the given TID? 4040 */ 4041 4042 4043/* 4044 * Method to handle sending an ADDBA request. 4045 * 4046 * We tap this so the relevant flags can be set to pause the TID 4047 * whilst waiting for the response. 4048 * 4049 * XXX there's no timeout handler we can override? 4050 */ 4051int 4052ath_addba_request(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4053 int dialogtoken, int baparamset, int batimeout) 4054{ 4055 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4056 int tid = WME_AC_TO_TID(tap->txa_ac); 4057 struct ath_node *an = ATH_NODE(ni); 4058 struct ath_tid *atid = &an->an_tid[tid]; 4059 4060 /* 4061 * XXX danger Will Robinson! 4062 * 4063 * Although the taskqueue may be running and scheduling some more 4064 * packets, these should all be _before_ the addba sequence number. 4065 * However, net80211 will keep self-assigning sequence numbers 4066 * until addba has been negotiated. 4067 * 4068 * In the past, these packets would be "paused" (which still works 4069 * fine, as they're being scheduled to the driver in the same 4070 * serialised method which is calling the addba request routine) 4071 * and when the aggregation session begins, they'll be dequeued 4072 * as aggregate packets and added to the BAW. However, now there's 4073 * a "bf->bf_state.bfs_dobaw" flag, and this isn't set for these 4074 * packets. Thus they never get included in the BAW tracking and 4075 * this can cause the initial burst of packets after the addba 4076 * negotiation to "hang", as they quickly fall outside the BAW. 4077 * 4078 * The "eventual" solution should be to tag these packets with 4079 * dobaw. Although net80211 has given us a sequence number, 4080 * it'll be "after" the left edge of the BAW and thus it'll 4081 * fall within it. 4082 */ 4083 ath_tx_tid_pause(sc, atid); 4084 4085 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4086 "%s: called; dialogtoken=%d, baparamset=%d, batimeout=%d\n", 4087 __func__, dialogtoken, baparamset, batimeout); 4088 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4089 "%s: txa_start=%d, ni_txseqs=%d\n", 4090 __func__, tap->txa_start, ni->ni_txseqs[tid]); 4091 4092 return sc->sc_addba_request(ni, tap, dialogtoken, baparamset, 4093 batimeout); 4094} 4095 4096/* 4097 * Handle an ADDBA response. 4098 * 4099 * We unpause the queue so TX'ing can resume. 4100 * 4101 * Any packets TX'ed from this point should be "aggregate" (whether 4102 * aggregate or not) so the BAW is updated. 4103 * 4104 * Note! net80211 keeps self-assigning sequence numbers until 4105 * ampdu is negotiated. This means the initially-negotiated BAW left 4106 * edge won't match the ni->ni_txseq. 4107 * 4108 * So, being very dirty, the BAW left edge is "slid" here to match 4109 * ni->ni_txseq. 4110 * 4111 * What likely SHOULD happen is that all packets subsequent to the 4112 * addba request should be tagged as aggregate and queued as non-aggregate 4113 * frames; thus updating the BAW. For now though, I'll just slide the 4114 * window. 4115 */ 4116int 4117ath_addba_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4118 int status, int code, int batimeout) 4119{ 4120 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4121 int tid = WME_AC_TO_TID(tap->txa_ac); 4122 struct ath_node *an = ATH_NODE(ni); 4123 struct ath_tid *atid = &an->an_tid[tid]; 4124 int r; 4125 4126 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4127 "%s: called; status=%d, code=%d, batimeout=%d\n", __func__, 4128 status, code, batimeout); 4129 4130 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4131 "%s: txa_start=%d, ni_txseqs=%d\n", 4132 __func__, tap->txa_start, ni->ni_txseqs[tid]); 4133 4134 /* 4135 * Call this first, so the interface flags get updated 4136 * before the TID is unpaused. Otherwise a race condition 4137 * exists where the unpaused TID still doesn't yet have 4138 * IEEE80211_AGGR_RUNNING set. 4139 */ 4140 r = sc->sc_addba_response(ni, tap, status, code, batimeout); 4141 4142 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4143 /* 4144 * XXX dirty! 4145 * Slide the BAW left edge to wherever net80211 left it for us. 4146 * Read above for more information. 4147 */ 4148 tap->txa_start = ni->ni_txseqs[tid]; 4149 ath_tx_tid_resume(sc, atid); 4150 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4151 return r; 4152} 4153 4154 4155/* 4156 * Stop ADDBA on a queue. 4157 */ 4158void 4159ath_addba_stop(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 4160{ 4161 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4162 int tid = WME_AC_TO_TID(tap->txa_ac); 4163 struct ath_node *an = ATH_NODE(ni); 4164 struct ath_tid *atid = &an->an_tid[tid]; 4165 4166 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: called\n", __func__); 4167 4168 /* Pause TID traffic early, so there aren't any races */ 4169 ath_tx_tid_pause(sc, atid); 4170 4171 /* There's no need to hold the TXQ lock here */ 4172 sc->sc_addba_stop(ni, tap); 4173 4174 /* 4175 * ath_tx_cleanup will resume the TID if possible, otherwise 4176 * it'll set the cleanup flag, and it'll be unpaused once 4177 * things have been cleaned up. 4178 */ 4179 ath_tx_cleanup(sc, an, tid); 4180} 4181 4182/* 4183 * Note: net80211 bar_timeout() doesn't call this function on BAR failure; 4184 * it simply tears down the aggregation session. Ew. 4185 * 4186 * It however will call ieee80211_ampdu_stop() which will call 4187 * ic->ic_addba_stop(). 4188 * 4189 * XXX This uses a hard-coded max BAR count value; the whole 4190 * XXX BAR TX success or failure should be better handled! 4191 */ 4192void 4193ath_bar_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4194 int status) 4195{ 4196 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4197 int tid = WME_AC_TO_TID(tap->txa_ac); 4198 struct ath_node *an = ATH_NODE(ni); 4199 struct ath_tid *atid = &an->an_tid[tid]; 4200 int attempts = tap->txa_attempts; 4201 4202 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4203 "%s: called; status=%d\n", __func__, status); 4204 4205 /* Note: This may update the BAW details */ 4206 sc->sc_bar_response(ni, tap, status); 4207 4208 /* Unpause the TID */ 4209 /* 4210 * XXX if this is attempt=50, the TID will be downgraded 4211 * XXX to a non-aggregate session. So we must unpause the 4212 * XXX TID here or it'll never be done. 4213 */ 4214 if (status == 0 || attempts == 50) { 4215 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4216 ath_tx_tid_resume(sc, atid); 4217 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4218 } 4219} 4220 4221/* 4222 * This is called whenever the pending ADDBA request times out. 4223 * Unpause and reschedule the TID. 4224 */ 4225void 4226ath_addba_response_timeout(struct ieee80211_node *ni, 4227 struct ieee80211_tx_ampdu *tap) 4228{ 4229 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4230 int tid = WME_AC_TO_TID(tap->txa_ac); 4231 struct ath_node *an = ATH_NODE(ni); 4232 struct ath_tid *atid = &an->an_tid[tid]; 4233 4234 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4235 "%s: called; resuming\n", __func__); 4236 4237 /* Note: This updates the aggregate state to (again) pending */ 4238 sc->sc_addba_response_timeout(ni, tap); 4239 4240 /* Unpause the TID; which reschedules it */ 4241 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4242 ath_tx_tid_resume(sc, atid); 4243 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4244} 4245