if_ath_tx.c revision 238609
1/*- 2 * Copyright (c) 2002-2009 Sam Leffler, Errno Consulting 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer, 10 * without modification. 11 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 12 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any 13 * redistribution must be conditioned upon including a substantially 14 * similar Disclaimer requirement for further binary redistribution. 15 * 16 * NO WARRANTY 17 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY 20 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 21 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, 22 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 25 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 27 * THE POSSIBILITY OF SUCH DAMAGES. 28 */ 29 30#include <sys/cdefs.h> 31__FBSDID("$FreeBSD: head/sys/dev/ath/if_ath_tx.c 238609 2012-07-19 03:51:16Z adrian $"); 32 33/* 34 * Driver for the Atheros Wireless LAN controller. 35 * 36 * This software is derived from work of Atsushi Onoe; his contribution 37 * is greatly appreciated. 38 */ 39 40#include "opt_inet.h" 41#include "opt_ath.h" 42#include "opt_wlan.h" 43 44#include <sys/param.h> 45#include <sys/systm.h> 46#include <sys/sysctl.h> 47#include <sys/mbuf.h> 48#include <sys/malloc.h> 49#include <sys/lock.h> 50#include <sys/mutex.h> 51#include <sys/kernel.h> 52#include <sys/socket.h> 53#include <sys/sockio.h> 54#include <sys/errno.h> 55#include <sys/callout.h> 56#include <sys/bus.h> 57#include <sys/endian.h> 58#include <sys/kthread.h> 59#include <sys/taskqueue.h> 60#include <sys/priv.h> 61 62#include <machine/bus.h> 63 64#include <net/if.h> 65#include <net/if_dl.h> 66#include <net/if_media.h> 67#include <net/if_types.h> 68#include <net/if_arp.h> 69#include <net/ethernet.h> 70#include <net/if_llc.h> 71 72#include <net80211/ieee80211_var.h> 73#include <net80211/ieee80211_regdomain.h> 74#ifdef IEEE80211_SUPPORT_SUPERG 75#include <net80211/ieee80211_superg.h> 76#endif 77#ifdef IEEE80211_SUPPORT_TDMA 78#include <net80211/ieee80211_tdma.h> 79#endif 80#include <net80211/ieee80211_ht.h> 81 82#include <net/bpf.h> 83 84#ifdef INET 85#include <netinet/in.h> 86#include <netinet/if_ether.h> 87#endif 88 89#include <dev/ath/if_athvar.h> 90#include <dev/ath/ath_hal/ah_devid.h> /* XXX for softled */ 91#include <dev/ath/ath_hal/ah_diagcodes.h> 92 93#include <dev/ath/if_ath_debug.h> 94 95#ifdef ATH_TX99_DIAG 96#include <dev/ath/ath_tx99/ath_tx99.h> 97#endif 98 99#include <dev/ath/if_ath_misc.h> 100#include <dev/ath/if_ath_tx.h> 101#include <dev/ath/if_ath_tx_ht.h> 102 103/* 104 * How many retries to perform in software 105 */ 106#define SWMAX_RETRIES 10 107 108static int ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, 109 int tid); 110static int ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, 111 int tid); 112static ieee80211_seq ath_tx_tid_seqno_assign(struct ath_softc *sc, 113 struct ieee80211_node *ni, struct ath_buf *bf, struct mbuf *m0); 114static int ath_tx_action_frame_override_queue(struct ath_softc *sc, 115 struct ieee80211_node *ni, struct mbuf *m0, int *tid); 116 117/* 118 * Whether to use the 11n rate scenario functions or not 119 */ 120static inline int 121ath_tx_is_11n(struct ath_softc *sc) 122{ 123 return (sc->sc_ah->ah_magic == 0x20065416); 124} 125 126/* 127 * Obtain the current TID from the given frame. 128 * 129 * Non-QoS frames need to go into TID 16 (IEEE80211_NONQOS_TID.) 130 * This has implications for which AC/priority the packet is placed 131 * in. 132 */ 133static int 134ath_tx_gettid(struct ath_softc *sc, const struct mbuf *m0) 135{ 136 const struct ieee80211_frame *wh; 137 int pri = M_WME_GETAC(m0); 138 139 wh = mtod(m0, const struct ieee80211_frame *); 140 if (! IEEE80211_QOS_HAS_SEQ(wh)) 141 return IEEE80211_NONQOS_TID; 142 else 143 return WME_AC_TO_TID(pri); 144} 145 146/* 147 * Determine what the correct AC queue for the given frame 148 * should be. 149 * 150 * This code assumes that the TIDs map consistently to 151 * the underlying hardware (or software) ath_txq. 152 * Since the sender may try to set an AC which is 153 * arbitrary, non-QoS TIDs may end up being put on 154 * completely different ACs. There's no way to put a 155 * TID into multiple ath_txq's for scheduling, so 156 * for now we override the AC/TXQ selection and set 157 * non-QOS TID frames into the BE queue. 158 * 159 * This may be completely incorrect - specifically, 160 * some management frames may end up out of order 161 * compared to the QoS traffic they're controlling. 162 * I'll look into this later. 163 */ 164static int 165ath_tx_getac(struct ath_softc *sc, const struct mbuf *m0) 166{ 167 const struct ieee80211_frame *wh; 168 int pri = M_WME_GETAC(m0); 169 wh = mtod(m0, const struct ieee80211_frame *); 170 if (IEEE80211_QOS_HAS_SEQ(wh)) 171 return pri; 172 173 return WME_AC_BE; 174} 175 176void 177ath_txfrag_cleanup(struct ath_softc *sc, 178 ath_bufhead *frags, struct ieee80211_node *ni) 179{ 180 struct ath_buf *bf, *next; 181 182 ATH_TXBUF_LOCK_ASSERT(sc); 183 184 TAILQ_FOREACH_SAFE(bf, frags, bf_list, next) { 185 /* NB: bf assumed clean */ 186 TAILQ_REMOVE(frags, bf, bf_list); 187 ath_returnbuf_head(sc, bf); 188 ieee80211_node_decref(ni); 189 } 190} 191 192/* 193 * Setup xmit of a fragmented frame. Allocate a buffer 194 * for each frag and bump the node reference count to 195 * reflect the held reference to be setup by ath_tx_start. 196 */ 197int 198ath_txfrag_setup(struct ath_softc *sc, ath_bufhead *frags, 199 struct mbuf *m0, struct ieee80211_node *ni) 200{ 201 struct mbuf *m; 202 struct ath_buf *bf; 203 204 ATH_TXBUF_LOCK(sc); 205 for (m = m0->m_nextpkt; m != NULL; m = m->m_nextpkt) { 206 /* XXX non-management? */ 207 bf = _ath_getbuf_locked(sc, ATH_BUFTYPE_NORMAL); 208 if (bf == NULL) { /* out of buffers, cleanup */ 209 device_printf(sc->sc_dev, "%s: no buffer?\n", 210 __func__); 211 ath_txfrag_cleanup(sc, frags, ni); 212 break; 213 } 214 ieee80211_node_incref(ni); 215 TAILQ_INSERT_TAIL(frags, bf, bf_list); 216 } 217 ATH_TXBUF_UNLOCK(sc); 218 219 return !TAILQ_EMPTY(frags); 220} 221 222/* 223 * Reclaim mbuf resources. For fragmented frames we 224 * need to claim each frag chained with m_nextpkt. 225 */ 226void 227ath_freetx(struct mbuf *m) 228{ 229 struct mbuf *next; 230 231 do { 232 next = m->m_nextpkt; 233 m->m_nextpkt = NULL; 234 m_freem(m); 235 } while ((m = next) != NULL); 236} 237 238static int 239ath_tx_dmasetup(struct ath_softc *sc, struct ath_buf *bf, struct mbuf *m0) 240{ 241 struct mbuf *m; 242 int error; 243 244 /* 245 * Load the DMA map so any coalescing is done. This 246 * also calculates the number of descriptors we need. 247 */ 248 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 249 bf->bf_segs, &bf->bf_nseg, 250 BUS_DMA_NOWAIT); 251 if (error == EFBIG) { 252 /* XXX packet requires too many descriptors */ 253 bf->bf_nseg = ATH_TXDESC+1; 254 } else if (error != 0) { 255 sc->sc_stats.ast_tx_busdma++; 256 ath_freetx(m0); 257 return error; 258 } 259 /* 260 * Discard null packets and check for packets that 261 * require too many TX descriptors. We try to convert 262 * the latter to a cluster. 263 */ 264 if (bf->bf_nseg > ATH_TXDESC) { /* too many desc's, linearize */ 265 sc->sc_stats.ast_tx_linear++; 266 m = m_collapse(m0, M_DONTWAIT, ATH_TXDESC); 267 if (m == NULL) { 268 ath_freetx(m0); 269 sc->sc_stats.ast_tx_nombuf++; 270 return ENOMEM; 271 } 272 m0 = m; 273 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 274 bf->bf_segs, &bf->bf_nseg, 275 BUS_DMA_NOWAIT); 276 if (error != 0) { 277 sc->sc_stats.ast_tx_busdma++; 278 ath_freetx(m0); 279 return error; 280 } 281 KASSERT(bf->bf_nseg <= ATH_TXDESC, 282 ("too many segments after defrag; nseg %u", bf->bf_nseg)); 283 } else if (bf->bf_nseg == 0) { /* null packet, discard */ 284 sc->sc_stats.ast_tx_nodata++; 285 ath_freetx(m0); 286 return EIO; 287 } 288 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: m %p len %u\n", 289 __func__, m0, m0->m_pkthdr.len); 290 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, BUS_DMASYNC_PREWRITE); 291 bf->bf_m = m0; 292 293 return 0; 294} 295 296/* 297 * Chain together segments+descriptors for a non-11n frame. 298 */ 299static void 300ath_tx_chaindesclist(struct ath_softc *sc, struct ath_buf *bf) 301{ 302 struct ath_hal *ah = sc->sc_ah; 303 struct ath_desc *ds, *ds0; 304 int i; 305 306 /* 307 * Fillin the remainder of the descriptor info. 308 */ 309 ds0 = ds = bf->bf_desc; 310 for (i = 0; i < bf->bf_nseg; i++, ds++) { 311 ds->ds_data = bf->bf_segs[i].ds_addr; 312 if (i == bf->bf_nseg - 1) 313 ath_hal_settxdesclink(ah, ds, 0); 314 else 315 ath_hal_settxdesclink(ah, ds, 316 bf->bf_daddr + sizeof(*ds) * (i + 1)); 317 ath_hal_filltxdesc(ah, ds 318 , bf->bf_segs[i].ds_len /* segment length */ 319 , i == 0 /* first segment */ 320 , i == bf->bf_nseg - 1 /* last segment */ 321 , ds0 /* first descriptor */ 322 ); 323 DPRINTF(sc, ATH_DEBUG_XMIT, 324 "%s: %d: %08x %08x %08x %08x %08x %08x\n", 325 __func__, i, ds->ds_link, ds->ds_data, 326 ds->ds_ctl0, ds->ds_ctl1, ds->ds_hw[0], ds->ds_hw[1]); 327 bf->bf_lastds = ds; 328 } 329 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, BUS_DMASYNC_PREWRITE); 330} 331 332/* 333 * Fill in the descriptor list for a aggregate subframe. 334 * 335 * The subframe is returned with the ds_link field in the last subframe 336 * pointing to 0. 337 */ 338static void 339ath_tx_chaindesclist_subframe(struct ath_softc *sc, struct ath_buf *bf) 340{ 341 struct ath_hal *ah = sc->sc_ah; 342 struct ath_desc *ds, *ds0; 343 int i; 344 345 ds0 = ds = bf->bf_desc; 346 347 /* 348 * There's no need to call ath_hal_setupfirsttxdesc here; 349 * That's only going to occur for the first frame in an aggregate. 350 */ 351 for (i = 0; i < bf->bf_nseg; i++, ds++) { 352 ds->ds_data = bf->bf_segs[i].ds_addr; 353 if (i == bf->bf_nseg - 1) 354 ath_hal_settxdesclink(ah, ds, 0); 355 else 356 ath_hal_settxdesclink(ah, ds, 357 bf->bf_daddr + sizeof(*ds) * (i + 1)); 358 359 /* 360 * This performs the setup for an aggregate frame. 361 * This includes enabling the aggregate flags if needed. 362 */ 363 ath_hal_chaintxdesc(ah, ds, 364 bf->bf_state.bfs_pktlen, 365 bf->bf_state.bfs_hdrlen, 366 HAL_PKT_TYPE_AMPDU, /* forces aggregate bits to be set */ 367 bf->bf_state.bfs_keyix, 368 0, /* cipher, calculated from keyix */ 369 bf->bf_state.bfs_ndelim, 370 bf->bf_segs[i].ds_len, /* segment length */ 371 i == 0, /* first segment */ 372 i == bf->bf_nseg - 1, /* last segment */ 373 bf->bf_next == NULL /* last sub-frame in aggr */ 374 ); 375 376 DPRINTF(sc, ATH_DEBUG_XMIT, 377 "%s: %d: %08x %08x %08x %08x %08x %08x\n", 378 __func__, i, ds->ds_link, ds->ds_data, 379 ds->ds_ctl0, ds->ds_ctl1, ds->ds_hw[0], ds->ds_hw[1]); 380 bf->bf_lastds = ds; 381 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, 382 BUS_DMASYNC_PREWRITE); 383 } 384} 385 386/* 387 * Setup segments+descriptors for an 11n aggregate. 388 * bf_first is the first buffer in the aggregate. 389 * The descriptor list must already been linked together using 390 * bf->bf_next. 391 */ 392static void 393ath_tx_setds_11n(struct ath_softc *sc, struct ath_buf *bf_first) 394{ 395 struct ath_buf *bf, *bf_prev = NULL; 396 397 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: nframes=%d, al=%d\n", 398 __func__, bf_first->bf_state.bfs_nframes, 399 bf_first->bf_state.bfs_al); 400 401 /* 402 * Setup all descriptors of all subframes. 403 */ 404 bf = bf_first; 405 while (bf != NULL) { 406 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 407 "%s: bf=%p, nseg=%d, pktlen=%d, seqno=%d\n", 408 __func__, bf, bf->bf_nseg, bf->bf_state.bfs_pktlen, 409 SEQNO(bf->bf_state.bfs_seqno)); 410 411 /* Sub-frame setup */ 412 ath_tx_chaindesclist_subframe(sc, bf); 413 414 /* 415 * Link the last descriptor of the previous frame 416 * to the beginning descriptor of this frame. 417 */ 418 if (bf_prev != NULL) 419 ath_hal_settxdesclink(sc->sc_ah, bf_prev->bf_lastds, 420 bf->bf_daddr); 421 422 /* Save a copy so we can link the next descriptor in */ 423 bf_prev = bf; 424 bf = bf->bf_next; 425 } 426 427 /* 428 * Setup first descriptor of first frame. 429 * chaintxdesc() overwrites the descriptor entries; 430 * setupfirsttxdesc() merges in things. 431 * Otherwise various fields aren't set correctly (eg flags). 432 */ 433 ath_hal_setupfirsttxdesc(sc->sc_ah, 434 bf_first->bf_desc, 435 bf_first->bf_state.bfs_al, 436 bf_first->bf_state.bfs_txflags | HAL_TXDESC_INTREQ, 437 bf_first->bf_state.bfs_txpower, 438 bf_first->bf_state.bfs_txrate0, 439 bf_first->bf_state.bfs_try0, 440 bf_first->bf_state.bfs_txantenna, 441 bf_first->bf_state.bfs_ctsrate, 442 bf_first->bf_state.bfs_ctsduration); 443 444 /* 445 * Setup the last descriptor in the list. 446 * bf_prev points to the last; bf is NULL here. 447 */ 448 ath_hal_setuplasttxdesc(sc->sc_ah, bf_prev->bf_desc, 449 bf_first->bf_desc); 450 451 /* 452 * Set the first descriptor bf_lastds field to point to 453 * the last descriptor in the last subframe, that's where 454 * the status update will occur. 455 */ 456 bf_first->bf_lastds = bf_prev->bf_lastds; 457 458 /* 459 * And bf_last in the first descriptor points to the end of 460 * the aggregate list. 461 */ 462 bf_first->bf_last = bf_prev; 463 464 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: end\n", __func__); 465} 466 467static void 468ath_tx_handoff_mcast(struct ath_softc *sc, struct ath_txq *txq, 469 struct ath_buf *bf) 470{ 471 ATH_TXQ_LOCK_ASSERT(txq); 472 KASSERT((bf->bf_flags & ATH_BUF_BUSY) == 0, 473 ("%s: busy status 0x%x", __func__, bf->bf_flags)); 474 if (txq->axq_link != NULL) { 475 struct ath_buf *last = ATH_TXQ_LAST(txq, axq_q_s); 476 struct ieee80211_frame *wh; 477 478 /* mark previous frame */ 479 wh = mtod(last->bf_m, struct ieee80211_frame *); 480 wh->i_fc[1] |= IEEE80211_FC1_MORE_DATA; 481 bus_dmamap_sync(sc->sc_dmat, last->bf_dmamap, 482 BUS_DMASYNC_PREWRITE); 483 484 /* link descriptor */ 485 *txq->axq_link = bf->bf_daddr; 486 } 487 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 488 ath_hal_gettxdesclinkptr(sc->sc_ah, bf->bf_lastds, &txq->axq_link); 489} 490 491/* 492 * Hand-off packet to a hardware queue. 493 */ 494static void 495ath_tx_handoff_hw(struct ath_softc *sc, struct ath_txq *txq, 496 struct ath_buf *bf) 497{ 498 struct ath_hal *ah = sc->sc_ah; 499 500 /* 501 * Insert the frame on the outbound list and pass it on 502 * to the hardware. Multicast frames buffered for power 503 * save stations and transmit from the CAB queue are stored 504 * on a s/w only queue and loaded on to the CAB queue in 505 * the SWBA handler since frames only go out on DTIM and 506 * to avoid possible races. 507 */ 508 ATH_TXQ_LOCK_ASSERT(txq); 509 KASSERT((bf->bf_flags & ATH_BUF_BUSY) == 0, 510 ("%s: busy status 0x%x", __func__, bf->bf_flags)); 511 KASSERT(txq->axq_qnum != ATH_TXQ_SWQ, 512 ("ath_tx_handoff_hw called for mcast queue")); 513 514#if 0 515 /* 516 * This causes a LOR. Find out where the PCU lock is being 517 * held whilst the TXQ lock is grabbed - that shouldn't 518 * be occuring. 519 */ 520 ATH_PCU_LOCK(sc); 521 if (sc->sc_inreset_cnt) { 522 ATH_PCU_UNLOCK(sc); 523 DPRINTF(sc, ATH_DEBUG_RESET, 524 "%s: called with sc_in_reset != 0\n", 525 __func__); 526 DPRINTF(sc, ATH_DEBUG_XMIT, 527 "%s: queued: TXDP[%u] = %p (%p) depth %d\n", 528 __func__, txq->axq_qnum, 529 (caddr_t)bf->bf_daddr, bf->bf_desc, 530 txq->axq_depth); 531 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 532 if (bf->bf_state.bfs_aggr) 533 txq->axq_aggr_depth++; 534 /* 535 * There's no need to update axq_link; the hardware 536 * is in reset and once the reset is complete, any 537 * non-empty queues will simply have DMA restarted. 538 */ 539 return; 540 } 541 ATH_PCU_UNLOCK(sc); 542#endif 543 544 /* For now, so not to generate whitespace diffs */ 545 if (1) { 546#ifdef IEEE80211_SUPPORT_TDMA 547 int qbusy; 548 549 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 550 qbusy = ath_hal_txqenabled(ah, txq->axq_qnum); 551 if (txq->axq_link == NULL) { 552 /* 553 * Be careful writing the address to TXDP. If 554 * the tx q is enabled then this write will be 555 * ignored. Normally this is not an issue but 556 * when tdma is in use and the q is beacon gated 557 * this race can occur. If the q is busy then 558 * defer the work to later--either when another 559 * packet comes along or when we prepare a beacon 560 * frame at SWBA. 561 */ 562 if (!qbusy) { 563 ath_hal_puttxbuf(ah, txq->axq_qnum, 564 bf->bf_daddr); 565 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 566 DPRINTF(sc, ATH_DEBUG_XMIT, 567 "%s: TXDP[%u] = %p (%p) depth %d\n", 568 __func__, txq->axq_qnum, 569 (caddr_t)bf->bf_daddr, bf->bf_desc, 570 txq->axq_depth); 571 } else { 572 txq->axq_flags |= ATH_TXQ_PUTPENDING; 573 DPRINTF(sc, ATH_DEBUG_TDMA | ATH_DEBUG_XMIT, 574 "%s: Q%u busy, defer enable\n", __func__, 575 txq->axq_qnum); 576 } 577 } else { 578 *txq->axq_link = bf->bf_daddr; 579 DPRINTF(sc, ATH_DEBUG_XMIT, 580 "%s: link[%u](%p)=%p (%p) depth %d\n", __func__, 581 txq->axq_qnum, txq->axq_link, 582 (caddr_t)bf->bf_daddr, bf->bf_desc, 583 txq->axq_depth); 584 if ((txq->axq_flags & ATH_TXQ_PUTPENDING) && !qbusy) { 585 /* 586 * The q was busy when we previously tried 587 * to write the address of the first buffer 588 * in the chain. Since it's not busy now 589 * handle this chore. We are certain the 590 * buffer at the front is the right one since 591 * axq_link is NULL only when the buffer list 592 * is/was empty. 593 */ 594 ath_hal_puttxbuf(ah, txq->axq_qnum, 595 TAILQ_FIRST(&txq->axq_q)->bf_daddr); 596 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 597 DPRINTF(sc, ATH_DEBUG_TDMA | ATH_DEBUG_XMIT, 598 "%s: Q%u restarted\n", __func__, 599 txq->axq_qnum); 600 } 601 } 602#else 603 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 604 if (txq->axq_link == NULL) { 605 ath_hal_puttxbuf(ah, txq->axq_qnum, bf->bf_daddr); 606 DPRINTF(sc, ATH_DEBUG_XMIT, 607 "%s: TXDP[%u] = %p (%p) depth %d\n", 608 __func__, txq->axq_qnum, 609 (caddr_t)bf->bf_daddr, bf->bf_desc, 610 txq->axq_depth); 611 } else { 612 *txq->axq_link = bf->bf_daddr; 613 DPRINTF(sc, ATH_DEBUG_XMIT, 614 "%s: link[%u](%p)=%p (%p) depth %d\n", __func__, 615 txq->axq_qnum, txq->axq_link, 616 (caddr_t)bf->bf_daddr, bf->bf_desc, 617 txq->axq_depth); 618 } 619#endif /* IEEE80211_SUPPORT_TDMA */ 620 if (bf->bf_state.bfs_aggr) 621 txq->axq_aggr_depth++; 622 ath_hal_gettxdesclinkptr(ah, bf->bf_lastds, &txq->axq_link); 623 ath_hal_txstart(ah, txq->axq_qnum); 624 } 625} 626 627/* 628 * Restart TX DMA for the given TXQ. 629 * 630 * This must be called whether the queue is empty or not. 631 */ 632void 633ath_txq_restart_dma(struct ath_softc *sc, struct ath_txq *txq) 634{ 635 struct ath_hal *ah = sc->sc_ah; 636 struct ath_buf *bf, *bf_last; 637 638 ATH_TXQ_LOCK_ASSERT(txq); 639 640 /* This is always going to be cleared, empty or not */ 641 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 642 643 /* XXX make this ATH_TXQ_FIRST */ 644 bf = TAILQ_FIRST(&txq->axq_q); 645 bf_last = ATH_TXQ_LAST(txq, axq_q_s); 646 647 if (bf == NULL) 648 return; 649 650 ath_hal_puttxbuf(ah, txq->axq_qnum, bf->bf_daddr); 651 ath_hal_gettxdesclinkptr(ah, bf->bf_lastds, &txq->axq_link); 652 ath_hal_txstart(ah, txq->axq_qnum); 653} 654 655/* 656 * Hand off a packet to the hardware (or mcast queue.) 657 * 658 * The relevant hardware txq should be locked. 659 */ 660static void 661ath_tx_handoff(struct ath_softc *sc, struct ath_txq *txq, struct ath_buf *bf) 662{ 663 ATH_TXQ_LOCK_ASSERT(txq); 664 665 if (txq->axq_qnum == ATH_TXQ_SWQ) 666 ath_tx_handoff_mcast(sc, txq, bf); 667 else 668 ath_tx_handoff_hw(sc, txq, bf); 669} 670 671static int 672ath_tx_tag_crypto(struct ath_softc *sc, struct ieee80211_node *ni, 673 struct mbuf *m0, int iswep, int isfrag, int *hdrlen, int *pktlen, 674 int *keyix) 675{ 676 DPRINTF(sc, ATH_DEBUG_XMIT, 677 "%s: hdrlen=%d, pktlen=%d, isfrag=%d, iswep=%d, m0=%p\n", 678 __func__, 679 *hdrlen, 680 *pktlen, 681 isfrag, 682 iswep, 683 m0); 684 685 if (iswep) { 686 const struct ieee80211_cipher *cip; 687 struct ieee80211_key *k; 688 689 /* 690 * Construct the 802.11 header+trailer for an encrypted 691 * frame. The only reason this can fail is because of an 692 * unknown or unsupported cipher/key type. 693 */ 694 k = ieee80211_crypto_encap(ni, m0); 695 if (k == NULL) { 696 /* 697 * This can happen when the key is yanked after the 698 * frame was queued. Just discard the frame; the 699 * 802.11 layer counts failures and provides 700 * debugging/diagnostics. 701 */ 702 return (0); 703 } 704 /* 705 * Adjust the packet + header lengths for the crypto 706 * additions and calculate the h/w key index. When 707 * a s/w mic is done the frame will have had any mic 708 * added to it prior to entry so m0->m_pkthdr.len will 709 * account for it. Otherwise we need to add it to the 710 * packet length. 711 */ 712 cip = k->wk_cipher; 713 (*hdrlen) += cip->ic_header; 714 (*pktlen) += cip->ic_header + cip->ic_trailer; 715 /* NB: frags always have any TKIP MIC done in s/w */ 716 if ((k->wk_flags & IEEE80211_KEY_SWMIC) == 0 && !isfrag) 717 (*pktlen) += cip->ic_miclen; 718 (*keyix) = k->wk_keyix; 719 } else if (ni->ni_ucastkey.wk_cipher == &ieee80211_cipher_none) { 720 /* 721 * Use station key cache slot, if assigned. 722 */ 723 (*keyix) = ni->ni_ucastkey.wk_keyix; 724 if ((*keyix) == IEEE80211_KEYIX_NONE) 725 (*keyix) = HAL_TXKEYIX_INVALID; 726 } else 727 (*keyix) = HAL_TXKEYIX_INVALID; 728 729 return (1); 730} 731 732/* 733 * Calculate whether interoperability protection is required for 734 * this frame. 735 * 736 * This requires the rate control information be filled in, 737 * as the protection requirement depends upon the current 738 * operating mode / PHY. 739 */ 740static void 741ath_tx_calc_protection(struct ath_softc *sc, struct ath_buf *bf) 742{ 743 struct ieee80211_frame *wh; 744 uint8_t rix; 745 uint16_t flags; 746 int shortPreamble; 747 const HAL_RATE_TABLE *rt = sc->sc_currates; 748 struct ifnet *ifp = sc->sc_ifp; 749 struct ieee80211com *ic = ifp->if_l2com; 750 751 flags = bf->bf_state.bfs_txflags; 752 rix = bf->bf_state.bfs_rc[0].rix; 753 shortPreamble = bf->bf_state.bfs_shpream; 754 wh = mtod(bf->bf_m, struct ieee80211_frame *); 755 756 /* 757 * If 802.11g protection is enabled, determine whether 758 * to use RTS/CTS or just CTS. Note that this is only 759 * done for OFDM unicast frames. 760 */ 761 if ((ic->ic_flags & IEEE80211_F_USEPROT) && 762 rt->info[rix].phy == IEEE80211_T_OFDM && 763 (flags & HAL_TXDESC_NOACK) == 0) { 764 bf->bf_state.bfs_doprot = 1; 765 /* XXX fragments must use CCK rates w/ protection */ 766 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) { 767 flags |= HAL_TXDESC_RTSENA; 768 } else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) { 769 flags |= HAL_TXDESC_CTSENA; 770 } 771 /* 772 * For frags it would be desirable to use the 773 * highest CCK rate for RTS/CTS. But stations 774 * farther away may detect it at a lower CCK rate 775 * so use the configured protection rate instead 776 * (for now). 777 */ 778 sc->sc_stats.ast_tx_protect++; 779 } 780 781 /* 782 * If 11n protection is enabled and it's a HT frame, 783 * enable RTS. 784 * 785 * XXX ic_htprotmode or ic_curhtprotmode? 786 * XXX should it_htprotmode only matter if ic_curhtprotmode 787 * XXX indicates it's not a HT pure environment? 788 */ 789 if ((ic->ic_htprotmode == IEEE80211_PROT_RTSCTS) && 790 rt->info[rix].phy == IEEE80211_T_HT && 791 (flags & HAL_TXDESC_NOACK) == 0) { 792 flags |= HAL_TXDESC_RTSENA; 793 sc->sc_stats.ast_tx_htprotect++; 794 } 795 bf->bf_state.bfs_txflags = flags; 796} 797 798/* 799 * Update the frame duration given the currently selected rate. 800 * 801 * This also updates the frame duration value, so it will require 802 * a DMA flush. 803 */ 804static void 805ath_tx_calc_duration(struct ath_softc *sc, struct ath_buf *bf) 806{ 807 struct ieee80211_frame *wh; 808 uint8_t rix; 809 uint16_t flags; 810 int shortPreamble; 811 struct ath_hal *ah = sc->sc_ah; 812 const HAL_RATE_TABLE *rt = sc->sc_currates; 813 int isfrag = bf->bf_m->m_flags & M_FRAG; 814 815 flags = bf->bf_state.bfs_txflags; 816 rix = bf->bf_state.bfs_rc[0].rix; 817 shortPreamble = bf->bf_state.bfs_shpream; 818 wh = mtod(bf->bf_m, struct ieee80211_frame *); 819 820 /* 821 * Calculate duration. This logically belongs in the 802.11 822 * layer but it lacks sufficient information to calculate it. 823 */ 824 if ((flags & HAL_TXDESC_NOACK) == 0 && 825 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_CTL) { 826 u_int16_t dur; 827 if (shortPreamble) 828 dur = rt->info[rix].spAckDuration; 829 else 830 dur = rt->info[rix].lpAckDuration; 831 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) { 832 dur += dur; /* additional SIFS+ACK */ 833 KASSERT(bf->bf_m->m_nextpkt != NULL, ("no fragment")); 834 /* 835 * Include the size of next fragment so NAV is 836 * updated properly. The last fragment uses only 837 * the ACK duration 838 */ 839 dur += ath_hal_computetxtime(ah, rt, 840 bf->bf_m->m_nextpkt->m_pkthdr.len, 841 rix, shortPreamble); 842 } 843 if (isfrag) { 844 /* 845 * Force hardware to use computed duration for next 846 * fragment by disabling multi-rate retry which updates 847 * duration based on the multi-rate duration table. 848 */ 849 bf->bf_state.bfs_ismrr = 0; 850 bf->bf_state.bfs_try0 = ATH_TXMGTTRY; 851 /* XXX update bfs_rc[0].try? */ 852 } 853 854 /* Update the duration field itself */ 855 *(u_int16_t *)wh->i_dur = htole16(dur); 856 } 857} 858 859static uint8_t 860ath_tx_get_rtscts_rate(struct ath_hal *ah, const HAL_RATE_TABLE *rt, 861 int cix, int shortPreamble) 862{ 863 uint8_t ctsrate; 864 865 /* 866 * CTS transmit rate is derived from the transmit rate 867 * by looking in the h/w rate table. We must also factor 868 * in whether or not a short preamble is to be used. 869 */ 870 /* NB: cix is set above where RTS/CTS is enabled */ 871 KASSERT(cix != 0xff, ("cix not setup")); 872 ctsrate = rt->info[cix].rateCode; 873 874 /* XXX this should only matter for legacy rates */ 875 if (shortPreamble) 876 ctsrate |= rt->info[cix].shortPreamble; 877 878 return (ctsrate); 879} 880 881/* 882 * Calculate the RTS/CTS duration for legacy frames. 883 */ 884static int 885ath_tx_calc_ctsduration(struct ath_hal *ah, int rix, int cix, 886 int shortPreamble, int pktlen, const HAL_RATE_TABLE *rt, 887 int flags) 888{ 889 int ctsduration = 0; 890 891 /* This mustn't be called for HT modes */ 892 if (rt->info[cix].phy == IEEE80211_T_HT) { 893 printf("%s: HT rate where it shouldn't be (0x%x)\n", 894 __func__, rt->info[cix].rateCode); 895 return (-1); 896 } 897 898 /* 899 * Compute the transmit duration based on the frame 900 * size and the size of an ACK frame. We call into the 901 * HAL to do the computation since it depends on the 902 * characteristics of the actual PHY being used. 903 * 904 * NB: CTS is assumed the same size as an ACK so we can 905 * use the precalculated ACK durations. 906 */ 907 if (shortPreamble) { 908 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */ 909 ctsduration += rt->info[cix].spAckDuration; 910 ctsduration += ath_hal_computetxtime(ah, 911 rt, pktlen, rix, AH_TRUE); 912 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */ 913 ctsduration += rt->info[rix].spAckDuration; 914 } else { 915 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */ 916 ctsduration += rt->info[cix].lpAckDuration; 917 ctsduration += ath_hal_computetxtime(ah, 918 rt, pktlen, rix, AH_FALSE); 919 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */ 920 ctsduration += rt->info[rix].lpAckDuration; 921 } 922 923 return (ctsduration); 924} 925 926/* 927 * Update the given ath_buf with updated rts/cts setup and duration 928 * values. 929 * 930 * To support rate lookups for each software retry, the rts/cts rate 931 * and cts duration must be re-calculated. 932 * 933 * This function assumes the RTS/CTS flags have been set as needed; 934 * mrr has been disabled; and the rate control lookup has been done. 935 * 936 * XXX TODO: MRR need only be disabled for the pre-11n NICs. 937 * XXX The 11n NICs support per-rate RTS/CTS configuration. 938 */ 939static void 940ath_tx_set_rtscts(struct ath_softc *sc, struct ath_buf *bf) 941{ 942 uint16_t ctsduration = 0; 943 uint8_t ctsrate = 0; 944 uint8_t rix = bf->bf_state.bfs_rc[0].rix; 945 uint8_t cix = 0; 946 const HAL_RATE_TABLE *rt = sc->sc_currates; 947 948 /* 949 * No RTS/CTS enabled? Don't bother. 950 */ 951 if ((bf->bf_state.bfs_txflags & 952 (HAL_TXDESC_RTSENA | HAL_TXDESC_CTSENA)) == 0) { 953 /* XXX is this really needed? */ 954 bf->bf_state.bfs_ctsrate = 0; 955 bf->bf_state.bfs_ctsduration = 0; 956 return; 957 } 958 959 /* 960 * If protection is enabled, use the protection rix control 961 * rate. Otherwise use the rate0 control rate. 962 */ 963 if (bf->bf_state.bfs_doprot) 964 rix = sc->sc_protrix; 965 else 966 rix = bf->bf_state.bfs_rc[0].rix; 967 968 /* 969 * If the raw path has hard-coded ctsrate0 to something, 970 * use it. 971 */ 972 if (bf->bf_state.bfs_ctsrate0 != 0) 973 cix = ath_tx_findrix(sc, bf->bf_state.bfs_ctsrate0); 974 else 975 /* Control rate from above */ 976 cix = rt->info[rix].controlRate; 977 978 /* Calculate the rtscts rate for the given cix */ 979 ctsrate = ath_tx_get_rtscts_rate(sc->sc_ah, rt, cix, 980 bf->bf_state.bfs_shpream); 981 982 /* The 11n chipsets do ctsduration calculations for you */ 983 if (! ath_tx_is_11n(sc)) 984 ctsduration = ath_tx_calc_ctsduration(sc->sc_ah, rix, cix, 985 bf->bf_state.bfs_shpream, bf->bf_state.bfs_pktlen, 986 rt, bf->bf_state.bfs_txflags); 987 988 /* Squirrel away in ath_buf */ 989 bf->bf_state.bfs_ctsrate = ctsrate; 990 bf->bf_state.bfs_ctsduration = ctsduration; 991 992 /* 993 * Must disable multi-rate retry when using RTS/CTS. 994 * XXX TODO: only for pre-11n NICs. 995 */ 996 bf->bf_state.bfs_ismrr = 0; 997 bf->bf_state.bfs_try0 = 998 bf->bf_state.bfs_rc[0].tries = ATH_TXMGTTRY; /* XXX ew */ 999} 1000 1001/* 1002 * Setup the descriptor chain for a normal or fast-frame 1003 * frame. 1004 */ 1005static void 1006ath_tx_setds(struct ath_softc *sc, struct ath_buf *bf) 1007{ 1008 struct ath_desc *ds = bf->bf_desc; 1009 struct ath_hal *ah = sc->sc_ah; 1010 1011 ath_hal_setuptxdesc(ah, ds 1012 , bf->bf_state.bfs_pktlen /* packet length */ 1013 , bf->bf_state.bfs_hdrlen /* header length */ 1014 , bf->bf_state.bfs_atype /* Atheros packet type */ 1015 , bf->bf_state.bfs_txpower /* txpower */ 1016 , bf->bf_state.bfs_txrate0 1017 , bf->bf_state.bfs_try0 /* series 0 rate/tries */ 1018 , bf->bf_state.bfs_keyix /* key cache index */ 1019 , bf->bf_state.bfs_txantenna /* antenna mode */ 1020 , bf->bf_state.bfs_txflags /* flags */ 1021 , bf->bf_state.bfs_ctsrate /* rts/cts rate */ 1022 , bf->bf_state.bfs_ctsduration /* rts/cts duration */ 1023 ); 1024 1025 /* 1026 * This will be overriden when the descriptor chain is written. 1027 */ 1028 bf->bf_lastds = ds; 1029 bf->bf_last = bf; 1030 1031 /* XXX TODO: Setup descriptor chain */ 1032} 1033 1034/* 1035 * Do a rate lookup. 1036 * 1037 * This performs a rate lookup for the given ath_buf only if it's required. 1038 * Non-data frames and raw frames don't require it. 1039 * 1040 * This populates the primary and MRR entries; MRR values are 1041 * then disabled later on if something requires it (eg RTS/CTS on 1042 * pre-11n chipsets. 1043 * 1044 * This needs to be done before the RTS/CTS fields are calculated 1045 * as they may depend upon the rate chosen. 1046 */ 1047static void 1048ath_tx_do_ratelookup(struct ath_softc *sc, struct ath_buf *bf) 1049{ 1050 uint8_t rate, rix; 1051 int try0; 1052 1053 if (! bf->bf_state.bfs_doratelookup) 1054 return; 1055 1056 /* Get rid of any previous state */ 1057 bzero(bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1058 1059 ATH_NODE_LOCK(ATH_NODE(bf->bf_node)); 1060 ath_rate_findrate(sc, ATH_NODE(bf->bf_node), bf->bf_state.bfs_shpream, 1061 bf->bf_state.bfs_pktlen, &rix, &try0, &rate); 1062 1063 /* In case MRR is disabled, make sure rc[0] is setup correctly */ 1064 bf->bf_state.bfs_rc[0].rix = rix; 1065 bf->bf_state.bfs_rc[0].ratecode = rate; 1066 bf->bf_state.bfs_rc[0].tries = try0; 1067 1068 if (bf->bf_state.bfs_ismrr && try0 != ATH_TXMAXTRY) 1069 ath_rate_getxtxrates(sc, ATH_NODE(bf->bf_node), rix, 1070 bf->bf_state.bfs_rc); 1071 ATH_NODE_UNLOCK(ATH_NODE(bf->bf_node)); 1072 1073 sc->sc_txrix = rix; /* for LED blinking */ 1074 sc->sc_lastdatarix = rix; /* for fast frames */ 1075 bf->bf_state.bfs_try0 = try0; 1076 bf->bf_state.bfs_txrate0 = rate; 1077} 1078 1079/* 1080 * Set the rate control fields in the given descriptor based on 1081 * the bf_state fields and node state. 1082 * 1083 * The bfs fields should already be set with the relevant rate 1084 * control information, including whether MRR is to be enabled. 1085 * 1086 * Since the FreeBSD HAL currently sets up the first TX rate 1087 * in ath_hal_setuptxdesc(), this will setup the MRR 1088 * conditionally for the pre-11n chips, and call ath_buf_set_rate 1089 * unconditionally for 11n chips. These require the 11n rate 1090 * scenario to be set if MCS rates are enabled, so it's easier 1091 * to just always call it. The caller can then only set rates 2, 3 1092 * and 4 if multi-rate retry is needed. 1093 */ 1094static void 1095ath_tx_set_ratectrl(struct ath_softc *sc, struct ieee80211_node *ni, 1096 struct ath_buf *bf) 1097{ 1098 struct ath_rc_series *rc = bf->bf_state.bfs_rc; 1099 1100 /* If mrr is disabled, blank tries 1, 2, 3 */ 1101 if (! bf->bf_state.bfs_ismrr) 1102 rc[1].tries = rc[2].tries = rc[3].tries = 0; 1103 1104 /* 1105 * Always call - that way a retried descriptor will 1106 * have the MRR fields overwritten. 1107 * 1108 * XXX TODO: see if this is really needed - setting up 1109 * the first descriptor should set the MRR fields to 0 1110 * for us anyway. 1111 */ 1112 if (ath_tx_is_11n(sc)) { 1113 ath_buf_set_rate(sc, ni, bf); 1114 } else { 1115 ath_hal_setupxtxdesc(sc->sc_ah, bf->bf_desc 1116 , rc[1].ratecode, rc[1].tries 1117 , rc[2].ratecode, rc[2].tries 1118 , rc[3].ratecode, rc[3].tries 1119 ); 1120 } 1121} 1122 1123/* 1124 * Transmit the given frame to the hardware. 1125 * 1126 * The frame must already be setup; rate control must already have 1127 * been done. 1128 * 1129 * XXX since the TXQ lock is being held here (and I dislike holding 1130 * it for this long when not doing software aggregation), later on 1131 * break this function into "setup_normal" and "xmit_normal". The 1132 * lock only needs to be held for the ath_tx_handoff call. 1133 */ 1134static void 1135ath_tx_xmit_normal(struct ath_softc *sc, struct ath_txq *txq, 1136 struct ath_buf *bf) 1137{ 1138 1139 ATH_TXQ_LOCK_ASSERT(txq); 1140 1141 /* Setup the descriptor before handoff */ 1142 ath_tx_do_ratelookup(sc, bf); 1143 ath_tx_calc_duration(sc, bf); 1144 ath_tx_calc_protection(sc, bf); 1145 ath_tx_set_rtscts(sc, bf); 1146 ath_tx_rate_fill_rcflags(sc, bf); 1147 ath_tx_setds(sc, bf); 1148 ath_tx_set_ratectrl(sc, bf->bf_node, bf); 1149 ath_tx_chaindesclist(sc, bf); 1150 1151 /* Hand off to hardware */ 1152 ath_tx_handoff(sc, txq, bf); 1153} 1154 1155 1156 1157static int 1158ath_tx_normal_setup(struct ath_softc *sc, struct ieee80211_node *ni, 1159 struct ath_buf *bf, struct mbuf *m0, struct ath_txq *txq) 1160{ 1161 struct ieee80211vap *vap = ni->ni_vap; 1162 struct ath_hal *ah = sc->sc_ah; 1163 struct ifnet *ifp = sc->sc_ifp; 1164 struct ieee80211com *ic = ifp->if_l2com; 1165 const struct chanAccParams *cap = &ic->ic_wme.wme_chanParams; 1166 int error, iswep, ismcast, isfrag, ismrr; 1167 int keyix, hdrlen, pktlen, try0 = 0; 1168 u_int8_t rix = 0, txrate = 0; 1169 struct ath_desc *ds; 1170 struct ieee80211_frame *wh; 1171 u_int subtype, flags; 1172 HAL_PKT_TYPE atype; 1173 const HAL_RATE_TABLE *rt; 1174 HAL_BOOL shortPreamble; 1175 struct ath_node *an; 1176 u_int pri; 1177 1178 /* 1179 * To ensure that both sequence numbers and the CCMP PN handling 1180 * is "correct", make sure that the relevant TID queue is locked. 1181 * Otherwise the CCMP PN and seqno may appear out of order, causing 1182 * re-ordered frames to have out of order CCMP PN's, resulting 1183 * in many, many frame drops. 1184 */ 1185 ATH_TXQ_LOCK_ASSERT(txq); 1186 1187 wh = mtod(m0, struct ieee80211_frame *); 1188 iswep = wh->i_fc[1] & IEEE80211_FC1_WEP; 1189 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1190 isfrag = m0->m_flags & M_FRAG; 1191 hdrlen = ieee80211_anyhdrsize(wh); 1192 /* 1193 * Packet length must not include any 1194 * pad bytes; deduct them here. 1195 */ 1196 pktlen = m0->m_pkthdr.len - (hdrlen & 3); 1197 1198 /* Handle encryption twiddling if needed */ 1199 if (! ath_tx_tag_crypto(sc, ni, m0, iswep, isfrag, &hdrlen, 1200 &pktlen, &keyix)) { 1201 ath_freetx(m0); 1202 return EIO; 1203 } 1204 1205 /* packet header may have moved, reset our local pointer */ 1206 wh = mtod(m0, struct ieee80211_frame *); 1207 1208 pktlen += IEEE80211_CRC_LEN; 1209 1210 /* 1211 * Load the DMA map so any coalescing is done. This 1212 * also calculates the number of descriptors we need. 1213 */ 1214 error = ath_tx_dmasetup(sc, bf, m0); 1215 if (error != 0) 1216 return error; 1217 bf->bf_node = ni; /* NB: held reference */ 1218 m0 = bf->bf_m; /* NB: may have changed */ 1219 wh = mtod(m0, struct ieee80211_frame *); 1220 1221 /* setup descriptors */ 1222 ds = bf->bf_desc; 1223 rt = sc->sc_currates; 1224 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode)); 1225 1226 /* 1227 * NB: the 802.11 layer marks whether or not we should 1228 * use short preamble based on the current mode and 1229 * negotiated parameters. 1230 */ 1231 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 1232 (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE)) { 1233 shortPreamble = AH_TRUE; 1234 sc->sc_stats.ast_tx_shortpre++; 1235 } else { 1236 shortPreamble = AH_FALSE; 1237 } 1238 1239 an = ATH_NODE(ni); 1240 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */ 1241 ismrr = 0; /* default no multi-rate retry*/ 1242 pri = M_WME_GETAC(m0); /* honor classification */ 1243 /* XXX use txparams instead of fixed values */ 1244 /* 1245 * Calculate Atheros packet type from IEEE80211 packet header, 1246 * setup for rate calculations, and select h/w transmit queue. 1247 */ 1248 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) { 1249 case IEEE80211_FC0_TYPE_MGT: 1250 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1251 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON) 1252 atype = HAL_PKT_TYPE_BEACON; 1253 else if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1254 atype = HAL_PKT_TYPE_PROBE_RESP; 1255 else if (subtype == IEEE80211_FC0_SUBTYPE_ATIM) 1256 atype = HAL_PKT_TYPE_ATIM; 1257 else 1258 atype = HAL_PKT_TYPE_NORMAL; /* XXX */ 1259 rix = an->an_mgmtrix; 1260 txrate = rt->info[rix].rateCode; 1261 if (shortPreamble) 1262 txrate |= rt->info[rix].shortPreamble; 1263 try0 = ATH_TXMGTTRY; 1264 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1265 break; 1266 case IEEE80211_FC0_TYPE_CTL: 1267 atype = HAL_PKT_TYPE_PSPOLL; /* stop setting of duration */ 1268 rix = an->an_mgmtrix; 1269 txrate = rt->info[rix].rateCode; 1270 if (shortPreamble) 1271 txrate |= rt->info[rix].shortPreamble; 1272 try0 = ATH_TXMGTTRY; 1273 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1274 break; 1275 case IEEE80211_FC0_TYPE_DATA: 1276 atype = HAL_PKT_TYPE_NORMAL; /* default */ 1277 /* 1278 * Data frames: multicast frames go out at a fixed rate, 1279 * EAPOL frames use the mgmt frame rate; otherwise consult 1280 * the rate control module for the rate to use. 1281 */ 1282 if (ismcast) { 1283 rix = an->an_mcastrix; 1284 txrate = rt->info[rix].rateCode; 1285 if (shortPreamble) 1286 txrate |= rt->info[rix].shortPreamble; 1287 try0 = 1; 1288 } else if (m0->m_flags & M_EAPOL) { 1289 /* XXX? maybe always use long preamble? */ 1290 rix = an->an_mgmtrix; 1291 txrate = rt->info[rix].rateCode; 1292 if (shortPreamble) 1293 txrate |= rt->info[rix].shortPreamble; 1294 try0 = ATH_TXMAXTRY; /* XXX?too many? */ 1295 } else { 1296 /* 1297 * Do rate lookup on each TX, rather than using 1298 * the hard-coded TX information decided here. 1299 */ 1300 ismrr = 1; 1301 bf->bf_state.bfs_doratelookup = 1; 1302 } 1303 if (cap->cap_wmeParams[pri].wmep_noackPolicy) 1304 flags |= HAL_TXDESC_NOACK; 1305 break; 1306 default: 1307 if_printf(ifp, "bogus frame type 0x%x (%s)\n", 1308 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, __func__); 1309 /* XXX statistic */ 1310 ath_freetx(m0); 1311 return EIO; 1312 } 1313 1314 /* 1315 * There are two known scenarios where the frame AC doesn't match 1316 * what the destination TXQ is. 1317 * 1318 * + non-QoS frames (eg management?) that the net80211 stack has 1319 * assigned a higher AC to, but since it's a non-QoS TID, it's 1320 * being thrown into TID 16. TID 16 gets the AC_BE queue. 1321 * It's quite possible that management frames should just be 1322 * direct dispatched to hardware rather than go via the software 1323 * queue; that should be investigated in the future. There are 1324 * some specific scenarios where this doesn't make sense, mostly 1325 * surrounding ADDBA request/response - hence why that is special 1326 * cased. 1327 * 1328 * + Multicast frames going into the VAP mcast queue. That shows up 1329 * as "TXQ 11". 1330 * 1331 * This driver should eventually support separate TID and TXQ locking, 1332 * allowing for arbitrary AC frames to appear on arbitrary software 1333 * queues, being queued to the "correct" hardware queue when needed. 1334 */ 1335#if 0 1336 if (txq != sc->sc_ac2q[pri]) { 1337 device_printf(sc->sc_dev, 1338 "%s: txq=%p (%d), pri=%d, pri txq=%p (%d)\n", 1339 __func__, 1340 txq, 1341 txq->axq_qnum, 1342 pri, 1343 sc->sc_ac2q[pri], 1344 sc->sc_ac2q[pri]->axq_qnum); 1345 } 1346#endif 1347 1348 /* 1349 * Calculate miscellaneous flags. 1350 */ 1351 if (ismcast) { 1352 flags |= HAL_TXDESC_NOACK; /* no ack on broad/multicast */ 1353 } else if (pktlen > vap->iv_rtsthreshold && 1354 (ni->ni_ath_flags & IEEE80211_NODE_FF) == 0) { 1355 flags |= HAL_TXDESC_RTSENA; /* RTS based on frame length */ 1356 sc->sc_stats.ast_tx_rts++; 1357 } 1358 if (flags & HAL_TXDESC_NOACK) /* NB: avoid double counting */ 1359 sc->sc_stats.ast_tx_noack++; 1360#ifdef IEEE80211_SUPPORT_TDMA 1361 if (sc->sc_tdma && (flags & HAL_TXDESC_NOACK) == 0) { 1362 DPRINTF(sc, ATH_DEBUG_TDMA, 1363 "%s: discard frame, ACK required w/ TDMA\n", __func__); 1364 sc->sc_stats.ast_tdma_ack++; 1365 ath_freetx(m0); 1366 return EIO; 1367 } 1368#endif 1369 1370 /* 1371 * Determine if a tx interrupt should be generated for 1372 * this descriptor. We take a tx interrupt to reap 1373 * descriptors when the h/w hits an EOL condition or 1374 * when the descriptor is specifically marked to generate 1375 * an interrupt. We periodically mark descriptors in this 1376 * way to insure timely replenishing of the supply needed 1377 * for sending frames. Defering interrupts reduces system 1378 * load and potentially allows more concurrent work to be 1379 * done but if done to aggressively can cause senders to 1380 * backup. 1381 * 1382 * NB: use >= to deal with sc_txintrperiod changing 1383 * dynamically through sysctl. 1384 */ 1385 if (flags & HAL_TXDESC_INTREQ) { 1386 txq->axq_intrcnt = 0; 1387 } else if (++txq->axq_intrcnt >= sc->sc_txintrperiod) { 1388 flags |= HAL_TXDESC_INTREQ; 1389 txq->axq_intrcnt = 0; 1390 } 1391 1392 /* This point forward is actual TX bits */ 1393 1394 /* 1395 * At this point we are committed to sending the frame 1396 * and we don't need to look at m_nextpkt; clear it in 1397 * case this frame is part of frag chain. 1398 */ 1399 m0->m_nextpkt = NULL; 1400 1401 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT)) 1402 ieee80211_dump_pkt(ic, mtod(m0, const uint8_t *), m0->m_len, 1403 sc->sc_hwmap[rix].ieeerate, -1); 1404 1405 if (ieee80211_radiotap_active_vap(vap)) { 1406 u_int64_t tsf = ath_hal_gettsf64(ah); 1407 1408 sc->sc_tx_th.wt_tsf = htole64(tsf); 1409 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags; 1410 if (iswep) 1411 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1412 if (isfrag) 1413 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1414 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate; 1415 sc->sc_tx_th.wt_txpower = ni->ni_txpower; 1416 sc->sc_tx_th.wt_antenna = sc->sc_txantenna; 1417 1418 ieee80211_radiotap_tx(vap, m0); 1419 } 1420 1421 /* Blank the legacy rate array */ 1422 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1423 1424 /* 1425 * ath_buf_set_rate needs at least one rate/try to setup 1426 * the rate scenario. 1427 */ 1428 bf->bf_state.bfs_rc[0].rix = rix; 1429 bf->bf_state.bfs_rc[0].tries = try0; 1430 bf->bf_state.bfs_rc[0].ratecode = txrate; 1431 1432 /* Store the decided rate index values away */ 1433 bf->bf_state.bfs_pktlen = pktlen; 1434 bf->bf_state.bfs_hdrlen = hdrlen; 1435 bf->bf_state.bfs_atype = atype; 1436 bf->bf_state.bfs_txpower = ni->ni_txpower; 1437 bf->bf_state.bfs_txrate0 = txrate; 1438 bf->bf_state.bfs_try0 = try0; 1439 bf->bf_state.bfs_keyix = keyix; 1440 bf->bf_state.bfs_txantenna = sc->sc_txantenna; 1441 bf->bf_state.bfs_txflags = flags; 1442 bf->bf_state.bfs_shpream = shortPreamble; 1443 1444 /* XXX this should be done in ath_tx_setrate() */ 1445 bf->bf_state.bfs_ctsrate0 = 0; /* ie, no hard-coded ctsrate */ 1446 bf->bf_state.bfs_ctsrate = 0; /* calculated later */ 1447 bf->bf_state.bfs_ctsduration = 0; 1448 bf->bf_state.bfs_ismrr = ismrr; 1449 1450 return 0; 1451} 1452 1453/* 1454 * Direct-dispatch the current frame to the hardware. 1455 * 1456 * This can be called by the net80211 code. 1457 * 1458 * XXX what about locking? Or, push the seqno assign into the 1459 * XXX aggregate scheduler so its serialised? 1460 */ 1461int 1462ath_tx_start(struct ath_softc *sc, struct ieee80211_node *ni, 1463 struct ath_buf *bf, struct mbuf *m0) 1464{ 1465 struct ieee80211vap *vap = ni->ni_vap; 1466 struct ath_vap *avp = ATH_VAP(vap); 1467 int r = 0; 1468 u_int pri; 1469 int tid; 1470 struct ath_txq *txq; 1471 int ismcast; 1472 const struct ieee80211_frame *wh; 1473 int is_ampdu, is_ampdu_tx, is_ampdu_pending; 1474 ieee80211_seq seqno; 1475 uint8_t type, subtype; 1476 1477 /* 1478 * Determine the target hardware queue. 1479 * 1480 * For multicast frames, the txq gets overridden appropriately 1481 * depending upon the state of PS. 1482 * 1483 * For any other frame, we do a TID/QoS lookup inside the frame 1484 * to see what the TID should be. If it's a non-QoS frame, the 1485 * AC and TID are overridden. The TID/TXQ code assumes the 1486 * TID is on a predictable hardware TXQ, so we don't support 1487 * having a node TID queued to multiple hardware TXQs. 1488 * This may change in the future but would require some locking 1489 * fudgery. 1490 */ 1491 pri = ath_tx_getac(sc, m0); 1492 tid = ath_tx_gettid(sc, m0); 1493 1494 txq = sc->sc_ac2q[pri]; 1495 wh = mtod(m0, struct ieee80211_frame *); 1496 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1497 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 1498 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1499 1500 /* 1501 * Enforce how deep the multicast queue can grow. 1502 * 1503 * XXX duplicated in ath_raw_xmit(). 1504 */ 1505 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1506 ATH_TXQ_LOCK(sc->sc_cabq); 1507 1508 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) { 1509 sc->sc_stats.ast_tx_mcastq_overflow++; 1510 r = ENOBUFS; 1511 } 1512 1513 ATH_TXQ_UNLOCK(sc->sc_cabq); 1514 1515 if (r != 0) { 1516 m_freem(m0); 1517 return r; 1518 } 1519 } 1520 1521 /* A-MPDU TX */ 1522 is_ampdu_tx = ath_tx_ampdu_running(sc, ATH_NODE(ni), tid); 1523 is_ampdu_pending = ath_tx_ampdu_pending(sc, ATH_NODE(ni), tid); 1524 is_ampdu = is_ampdu_tx | is_ampdu_pending; 1525 1526 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, ac=%d, is_ampdu=%d\n", 1527 __func__, tid, pri, is_ampdu); 1528 1529 /* 1530 * When servicing one or more stations in power-save mode 1531 * (or) if there is some mcast data waiting on the mcast 1532 * queue (to prevent out of order delivery) multicast frames 1533 * must be bufferd until after the beacon. 1534 * 1535 * TODO: we should lock the mcastq before we check the length. 1536 */ 1537 if (ismcast && (vap->iv_ps_sta || avp->av_mcastq.axq_depth)) 1538 txq = &avp->av_mcastq; 1539 1540 /* Do the generic frame setup */ 1541 /* XXX should just bzero the bf_state? */ 1542 bf->bf_state.bfs_dobaw = 0; 1543 1544 /* 1545 * Acquire the TXQ lock early, so both the encap and seqno 1546 * are allocated together. 1547 */ 1548 ATH_TXQ_LOCK(txq); 1549 1550 /* A-MPDU TX? Manually set sequence number */ 1551 /* 1552 * Don't do it whilst pending; the net80211 layer still 1553 * assigns them. 1554 */ 1555 if (is_ampdu_tx) { 1556 /* 1557 * Always call; this function will 1558 * handle making sure that null data frames 1559 * don't get a sequence number from the current 1560 * TID and thus mess with the BAW. 1561 */ 1562 seqno = ath_tx_tid_seqno_assign(sc, ni, bf, m0); 1563 1564 /* 1565 * Don't add QoS NULL frames to the BAW. 1566 */ 1567 if (IEEE80211_QOS_HAS_SEQ(wh) && 1568 subtype != IEEE80211_FC0_SUBTYPE_QOS_NULL) { 1569 bf->bf_state.bfs_dobaw = 1; 1570 } 1571 } 1572 1573 /* 1574 * If needed, the sequence number has been assigned. 1575 * Squirrel it away somewhere easy to get to. 1576 */ 1577 bf->bf_state.bfs_seqno = M_SEQNO_GET(m0) << IEEE80211_SEQ_SEQ_SHIFT; 1578 1579 /* Is ampdu pending? fetch the seqno and print it out */ 1580 if (is_ampdu_pending) 1581 DPRINTF(sc, ATH_DEBUG_SW_TX, 1582 "%s: tid %d: ampdu pending, seqno %d\n", 1583 __func__, tid, M_SEQNO_GET(m0)); 1584 1585 /* This also sets up the DMA map */ 1586 r = ath_tx_normal_setup(sc, ni, bf, m0, txq); 1587 1588 if (r != 0) 1589 goto done; 1590 1591 /* At this point m0 could have changed! */ 1592 m0 = bf->bf_m; 1593 1594#if 1 1595 /* 1596 * If it's a multicast frame, do a direct-dispatch to the 1597 * destination hardware queue. Don't bother software 1598 * queuing it. 1599 */ 1600 /* 1601 * If it's a BAR frame, do a direct dispatch to the 1602 * destination hardware queue. Don't bother software 1603 * queuing it, as the TID will now be paused. 1604 * Sending a BAR frame can occur from the net80211 txa timer 1605 * (ie, retries) or from the ath txtask (completion call.) 1606 * It queues directly to hardware because the TID is paused 1607 * at this point (and won't be unpaused until the BAR has 1608 * either been TXed successfully or max retries has been 1609 * reached.) 1610 */ 1611 if (txq == &avp->av_mcastq) { 1612 DPRINTF(sc, ATH_DEBUG_SW_TX, 1613 "%s: bf=%p: mcastq: TX'ing\n", __func__, bf); 1614 ath_tx_xmit_normal(sc, txq, bf); 1615 } else if (type == IEEE80211_FC0_TYPE_CTL && 1616 subtype == IEEE80211_FC0_SUBTYPE_BAR) { 1617 DPRINTF(sc, ATH_DEBUG_SW_TX, 1618 "%s: BAR: TX'ing direct\n", __func__); 1619 ath_tx_xmit_normal(sc, txq, bf); 1620 } else { 1621 /* add to software queue */ 1622 DPRINTF(sc, ATH_DEBUG_SW_TX, 1623 "%s: bf=%p: swq: TX'ing\n", __func__, bf); 1624 ath_tx_swq(sc, ni, txq, bf); 1625 } 1626#else 1627 /* 1628 * For now, since there's no software queue, 1629 * direct-dispatch to the hardware. 1630 */ 1631 ath_tx_xmit_normal(sc, txq, bf); 1632#endif 1633done: 1634 ATH_TXQ_UNLOCK(txq); 1635 1636 return 0; 1637} 1638 1639static int 1640ath_tx_raw_start(struct ath_softc *sc, struct ieee80211_node *ni, 1641 struct ath_buf *bf, struct mbuf *m0, 1642 const struct ieee80211_bpf_params *params) 1643{ 1644 struct ifnet *ifp = sc->sc_ifp; 1645 struct ieee80211com *ic = ifp->if_l2com; 1646 struct ath_hal *ah = sc->sc_ah; 1647 struct ieee80211vap *vap = ni->ni_vap; 1648 int error, ismcast, ismrr; 1649 int keyix, hdrlen, pktlen, try0, txantenna; 1650 u_int8_t rix, txrate; 1651 struct ieee80211_frame *wh; 1652 u_int flags; 1653 HAL_PKT_TYPE atype; 1654 const HAL_RATE_TABLE *rt; 1655 struct ath_desc *ds; 1656 u_int pri; 1657 int o_tid = -1; 1658 int do_override; 1659 1660 wh = mtod(m0, struct ieee80211_frame *); 1661 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1662 hdrlen = ieee80211_anyhdrsize(wh); 1663 /* 1664 * Packet length must not include any 1665 * pad bytes; deduct them here. 1666 */ 1667 /* XXX honor IEEE80211_BPF_DATAPAD */ 1668 pktlen = m0->m_pkthdr.len - (hdrlen & 3) + IEEE80211_CRC_LEN; 1669 1670 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: ismcast=%d\n", 1671 __func__, ismcast); 1672 1673 pri = params->ibp_pri & 3; 1674 /* Override pri if the frame isn't a QoS one */ 1675 if (! IEEE80211_QOS_HAS_SEQ(wh)) 1676 pri = ath_tx_getac(sc, m0); 1677 1678 /* XXX If it's an ADDBA, override the correct queue */ 1679 do_override = ath_tx_action_frame_override_queue(sc, ni, m0, &o_tid); 1680 1681 /* Map ADDBA to the correct priority */ 1682 if (do_override) { 1683#if 0 1684 device_printf(sc->sc_dev, 1685 "%s: overriding tid %d pri %d -> %d\n", 1686 __func__, o_tid, pri, TID_TO_WME_AC(o_tid)); 1687#endif 1688 pri = TID_TO_WME_AC(o_tid); 1689 } 1690 1691 ATH_TXQ_LOCK(sc->sc_ac2q[pri]); 1692 1693 /* Handle encryption twiddling if needed */ 1694 if (! ath_tx_tag_crypto(sc, ni, 1695 m0, params->ibp_flags & IEEE80211_BPF_CRYPTO, 0, 1696 &hdrlen, &pktlen, &keyix)) { 1697 ath_freetx(m0); 1698 return EIO; 1699 } 1700 /* packet header may have moved, reset our local pointer */ 1701 wh = mtod(m0, struct ieee80211_frame *); 1702 1703 /* Do the generic frame setup */ 1704 /* XXX should just bzero the bf_state? */ 1705 bf->bf_state.bfs_dobaw = 0; 1706 1707 error = ath_tx_dmasetup(sc, bf, m0); 1708 if (error != 0) 1709 return error; 1710 m0 = bf->bf_m; /* NB: may have changed */ 1711 wh = mtod(m0, struct ieee80211_frame *); 1712 bf->bf_node = ni; /* NB: held reference */ 1713 1714 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */ 1715 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1716 if (params->ibp_flags & IEEE80211_BPF_RTS) 1717 flags |= HAL_TXDESC_RTSENA; 1718 else if (params->ibp_flags & IEEE80211_BPF_CTS) { 1719 /* XXX assume 11g/11n protection? */ 1720 bf->bf_state.bfs_doprot = 1; 1721 flags |= HAL_TXDESC_CTSENA; 1722 } 1723 /* XXX leave ismcast to injector? */ 1724 if ((params->ibp_flags & IEEE80211_BPF_NOACK) || ismcast) 1725 flags |= HAL_TXDESC_NOACK; 1726 1727 rt = sc->sc_currates; 1728 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode)); 1729 rix = ath_tx_findrix(sc, params->ibp_rate0); 1730 txrate = rt->info[rix].rateCode; 1731 if (params->ibp_flags & IEEE80211_BPF_SHORTPRE) 1732 txrate |= rt->info[rix].shortPreamble; 1733 sc->sc_txrix = rix; 1734 try0 = params->ibp_try0; 1735 ismrr = (params->ibp_try1 != 0); 1736 txantenna = params->ibp_pri >> 2; 1737 if (txantenna == 0) /* XXX? */ 1738 txantenna = sc->sc_txantenna; 1739 1740 /* 1741 * Since ctsrate is fixed, store it away for later 1742 * use when the descriptor fields are being set. 1743 */ 1744 if (flags & (HAL_TXDESC_RTSENA|HAL_TXDESC_CTSENA)) 1745 bf->bf_state.bfs_ctsrate0 = params->ibp_ctsrate; 1746 1747 /* 1748 * NB: we mark all packets as type PSPOLL so the h/w won't 1749 * set the sequence number, duration, etc. 1750 */ 1751 atype = HAL_PKT_TYPE_PSPOLL; 1752 1753 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT)) 1754 ieee80211_dump_pkt(ic, mtod(m0, caddr_t), m0->m_len, 1755 sc->sc_hwmap[rix].ieeerate, -1); 1756 1757 if (ieee80211_radiotap_active_vap(vap)) { 1758 u_int64_t tsf = ath_hal_gettsf64(ah); 1759 1760 sc->sc_tx_th.wt_tsf = htole64(tsf); 1761 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags; 1762 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1763 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1764 if (m0->m_flags & M_FRAG) 1765 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1766 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate; 1767 sc->sc_tx_th.wt_txpower = ni->ni_txpower; 1768 sc->sc_tx_th.wt_antenna = sc->sc_txantenna; 1769 1770 ieee80211_radiotap_tx(vap, m0); 1771 } 1772 1773 /* 1774 * Formulate first tx descriptor with tx controls. 1775 */ 1776 ds = bf->bf_desc; 1777 /* XXX check return value? */ 1778 1779 /* Store the decided rate index values away */ 1780 bf->bf_state.bfs_pktlen = pktlen; 1781 bf->bf_state.bfs_hdrlen = hdrlen; 1782 bf->bf_state.bfs_atype = atype; 1783 bf->bf_state.bfs_txpower = params->ibp_power; 1784 bf->bf_state.bfs_txrate0 = txrate; 1785 bf->bf_state.bfs_try0 = try0; 1786 bf->bf_state.bfs_keyix = keyix; 1787 bf->bf_state.bfs_txantenna = txantenna; 1788 bf->bf_state.bfs_txflags = flags; 1789 bf->bf_state.bfs_shpream = 1790 !! (params->ibp_flags & IEEE80211_BPF_SHORTPRE); 1791 1792 /* XXX this should be done in ath_tx_setrate() */ 1793 bf->bf_state.bfs_ctsrate = 0; 1794 bf->bf_state.bfs_ctsduration = 0; 1795 bf->bf_state.bfs_ismrr = ismrr; 1796 1797 /* Blank the legacy rate array */ 1798 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1799 1800 bf->bf_state.bfs_rc[0].rix = 1801 ath_tx_findrix(sc, params->ibp_rate0); 1802 bf->bf_state.bfs_rc[0].tries = try0; 1803 bf->bf_state.bfs_rc[0].ratecode = txrate; 1804 1805 if (ismrr) { 1806 int rix; 1807 1808 rix = ath_tx_findrix(sc, params->ibp_rate1); 1809 bf->bf_state.bfs_rc[1].rix = rix; 1810 bf->bf_state.bfs_rc[1].tries = params->ibp_try1; 1811 1812 rix = ath_tx_findrix(sc, params->ibp_rate2); 1813 bf->bf_state.bfs_rc[2].rix = rix; 1814 bf->bf_state.bfs_rc[2].tries = params->ibp_try2; 1815 1816 rix = ath_tx_findrix(sc, params->ibp_rate3); 1817 bf->bf_state.bfs_rc[3].rix = rix; 1818 bf->bf_state.bfs_rc[3].tries = params->ibp_try3; 1819 } 1820 /* 1821 * All the required rate control decisions have been made; 1822 * fill in the rc flags. 1823 */ 1824 ath_tx_rate_fill_rcflags(sc, bf); 1825 1826 /* NB: no buffered multicast in power save support */ 1827 1828 /* 1829 * If we're overiding the ADDBA destination, dump directly 1830 * into the hardware queue, right after any pending 1831 * frames to that node are. 1832 */ 1833 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: dooverride=%d\n", 1834 __func__, do_override); 1835 1836 if (do_override) { 1837 ath_tx_xmit_normal(sc, sc->sc_ac2q[pri], bf); 1838 } else { 1839 /* Queue to software queue */ 1840 ath_tx_swq(sc, ni, sc->sc_ac2q[pri], bf); 1841 } 1842 ATH_TXQ_UNLOCK(sc->sc_ac2q[pri]); 1843 1844 return 0; 1845} 1846 1847/* 1848 * Send a raw frame. 1849 * 1850 * This can be called by net80211. 1851 */ 1852int 1853ath_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 1854 const struct ieee80211_bpf_params *params) 1855{ 1856 struct ieee80211com *ic = ni->ni_ic; 1857 struct ifnet *ifp = ic->ic_ifp; 1858 struct ath_softc *sc = ifp->if_softc; 1859 struct ath_buf *bf; 1860 struct ieee80211_frame *wh = mtod(m, struct ieee80211_frame *); 1861 int error = 0; 1862 1863 ATH_PCU_LOCK(sc); 1864 if (sc->sc_inreset_cnt > 0) { 1865 device_printf(sc->sc_dev, "%s: sc_inreset_cnt > 0; bailing\n", 1866 __func__); 1867 error = EIO; 1868 ATH_PCU_UNLOCK(sc); 1869 goto bad0; 1870 } 1871 sc->sc_txstart_cnt++; 1872 ATH_PCU_UNLOCK(sc); 1873 1874 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || sc->sc_invalid) { 1875 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: discard frame, %s", __func__, 1876 (ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 ? 1877 "!running" : "invalid"); 1878 m_freem(m); 1879 error = ENETDOWN; 1880 goto bad; 1881 } 1882 1883 /* 1884 * Enforce how deep the multicast queue can grow. 1885 * 1886 * XXX duplicated in ath_tx_start(). 1887 */ 1888 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1889 ATH_TXQ_LOCK(sc->sc_cabq); 1890 1891 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) { 1892 sc->sc_stats.ast_tx_mcastq_overflow++; 1893 error = ENOBUFS; 1894 } 1895 1896 ATH_TXQ_UNLOCK(sc->sc_cabq); 1897 1898 if (error != 0) { 1899 m_freem(m); 1900 goto bad; 1901 } 1902 } 1903 1904 /* 1905 * Grab a TX buffer and associated resources. 1906 */ 1907 bf = ath_getbuf(sc, ATH_BUFTYPE_MGMT); 1908 if (bf == NULL) { 1909 sc->sc_stats.ast_tx_nobuf++; 1910 m_freem(m); 1911 error = ENOBUFS; 1912 goto bad; 1913 } 1914 1915 if (params == NULL) { 1916 /* 1917 * Legacy path; interpret frame contents to decide 1918 * precisely how to send the frame. 1919 */ 1920 if (ath_tx_start(sc, ni, bf, m)) { 1921 error = EIO; /* XXX */ 1922 goto bad2; 1923 } 1924 } else { 1925 /* 1926 * Caller supplied explicit parameters to use in 1927 * sending the frame. 1928 */ 1929 if (ath_tx_raw_start(sc, ni, bf, m, params)) { 1930 error = EIO; /* XXX */ 1931 goto bad2; 1932 } 1933 } 1934 sc->sc_wd_timer = 5; 1935 ifp->if_opackets++; 1936 sc->sc_stats.ast_tx_raw++; 1937 1938 ATH_PCU_LOCK(sc); 1939 sc->sc_txstart_cnt--; 1940 ATH_PCU_UNLOCK(sc); 1941 1942 return 0; 1943bad2: 1944 ATH_TXBUF_LOCK(sc); 1945 ath_returnbuf_head(sc, bf); 1946 ATH_TXBUF_UNLOCK(sc); 1947bad: 1948 ATH_PCU_LOCK(sc); 1949 sc->sc_txstart_cnt--; 1950 ATH_PCU_UNLOCK(sc); 1951bad0: 1952 ifp->if_oerrors++; 1953 sc->sc_stats.ast_tx_raw_fail++; 1954 ieee80211_free_node(ni); 1955 1956 return error; 1957} 1958 1959/* Some helper functions */ 1960 1961/* 1962 * ADDBA (and potentially others) need to be placed in the same 1963 * hardware queue as the TID/node it's relating to. This is so 1964 * it goes out after any pending non-aggregate frames to the 1965 * same node/TID. 1966 * 1967 * If this isn't done, the ADDBA can go out before the frames 1968 * queued in hardware. Even though these frames have a sequence 1969 * number -earlier- than the ADDBA can be transmitted (but 1970 * no frames whose sequence numbers are after the ADDBA should 1971 * be!) they'll arrive after the ADDBA - and the receiving end 1972 * will simply drop them as being out of the BAW. 1973 * 1974 * The frames can't be appended to the TID software queue - it'll 1975 * never be sent out. So these frames have to be directly 1976 * dispatched to the hardware, rather than queued in software. 1977 * So if this function returns true, the TXQ has to be 1978 * overridden and it has to be directly dispatched. 1979 * 1980 * It's a dirty hack, but someone's gotta do it. 1981 */ 1982 1983/* 1984 * XXX doesn't belong here! 1985 */ 1986static int 1987ieee80211_is_action(struct ieee80211_frame *wh) 1988{ 1989 /* Type: Management frame? */ 1990 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != 1991 IEEE80211_FC0_TYPE_MGT) 1992 return 0; 1993 1994 /* Subtype: Action frame? */ 1995 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) != 1996 IEEE80211_FC0_SUBTYPE_ACTION) 1997 return 0; 1998 1999 return 1; 2000} 2001 2002#define MS(_v, _f) (((_v) & _f) >> _f##_S) 2003/* 2004 * Return an alternate TID for ADDBA request frames. 2005 * 2006 * Yes, this likely should be done in the net80211 layer. 2007 */ 2008static int 2009ath_tx_action_frame_override_queue(struct ath_softc *sc, 2010 struct ieee80211_node *ni, 2011 struct mbuf *m0, int *tid) 2012{ 2013 struct ieee80211_frame *wh = mtod(m0, struct ieee80211_frame *); 2014 struct ieee80211_action_ba_addbarequest *ia; 2015 uint8_t *frm; 2016 uint16_t baparamset; 2017 2018 /* Not action frame? Bail */ 2019 if (! ieee80211_is_action(wh)) 2020 return 0; 2021 2022 /* XXX Not needed for frames we send? */ 2023#if 0 2024 /* Correct length? */ 2025 if (! ieee80211_parse_action(ni, m)) 2026 return 0; 2027#endif 2028 2029 /* Extract out action frame */ 2030 frm = (u_int8_t *)&wh[1]; 2031 ia = (struct ieee80211_action_ba_addbarequest *) frm; 2032 2033 /* Not ADDBA? Bail */ 2034 if (ia->rq_header.ia_category != IEEE80211_ACTION_CAT_BA) 2035 return 0; 2036 if (ia->rq_header.ia_action != IEEE80211_ACTION_BA_ADDBA_REQUEST) 2037 return 0; 2038 2039 /* Extract TID, return it */ 2040 baparamset = le16toh(ia->rq_baparamset); 2041 *tid = (int) MS(baparamset, IEEE80211_BAPS_TID); 2042 2043 return 1; 2044} 2045#undef MS 2046 2047/* Per-node software queue operations */ 2048 2049/* 2050 * Add the current packet to the given BAW. 2051 * It is assumed that the current packet 2052 * 2053 * + fits inside the BAW; 2054 * + already has had a sequence number allocated. 2055 * 2056 * Since the BAW status may be modified by both the ath task and 2057 * the net80211/ifnet contexts, the TID must be locked. 2058 */ 2059void 2060ath_tx_addto_baw(struct ath_softc *sc, struct ath_node *an, 2061 struct ath_tid *tid, struct ath_buf *bf) 2062{ 2063 int index, cindex; 2064 struct ieee80211_tx_ampdu *tap; 2065 2066 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2067 ATH_TID_LOCK_ASSERT(sc, tid); 2068 2069 if (bf->bf_state.bfs_isretried) 2070 return; 2071 2072 tap = ath_tx_get_tx_tid(an, tid->tid); 2073 2074 if (! bf->bf_state.bfs_dobaw) { 2075 device_printf(sc->sc_dev, 2076 "%s: dobaw=0, seqno=%d, window %d:%d\n", 2077 __func__, 2078 SEQNO(bf->bf_state.bfs_seqno), 2079 tap->txa_start, 2080 tap->txa_wnd); 2081 } 2082 2083 if (bf->bf_state.bfs_addedbaw) 2084 device_printf(sc->sc_dev, 2085 "%s: re-added? tid=%d, seqno %d; window %d:%d; " 2086 "baw head=%d tail=%d\n", 2087 __func__, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 2088 tap->txa_start, tap->txa_wnd, tid->baw_head, 2089 tid->baw_tail); 2090 2091 /* 2092 * Verify that the given sequence number is not outside of the 2093 * BAW. Complain loudly if that's the case. 2094 */ 2095 if (! BAW_WITHIN(tap->txa_start, tap->txa_wnd, 2096 SEQNO(bf->bf_state.bfs_seqno))) { 2097 device_printf(sc->sc_dev, 2098 "%s: bf=%p: outside of BAW?? tid=%d, seqno %d; window %d:%d; " 2099 "baw head=%d tail=%d\n", 2100 __func__, bf, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 2101 tap->txa_start, tap->txa_wnd, tid->baw_head, 2102 tid->baw_tail); 2103 } 2104 2105 /* 2106 * ni->ni_txseqs[] is the currently allocated seqno. 2107 * the txa state contains the current baw start. 2108 */ 2109 index = ATH_BA_INDEX(tap->txa_start, SEQNO(bf->bf_state.bfs_seqno)); 2110 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2111 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2112 "%s: tid=%d, seqno %d; window %d:%d; index=%d cindex=%d " 2113 "baw head=%d tail=%d\n", 2114 __func__, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 2115 tap->txa_start, tap->txa_wnd, index, cindex, tid->baw_head, 2116 tid->baw_tail); 2117 2118 2119#if 0 2120 assert(tid->tx_buf[cindex] == NULL); 2121#endif 2122 if (tid->tx_buf[cindex] != NULL) { 2123 device_printf(sc->sc_dev, 2124 "%s: ba packet dup (index=%d, cindex=%d, " 2125 "head=%d, tail=%d)\n", 2126 __func__, index, cindex, tid->baw_head, tid->baw_tail); 2127 device_printf(sc->sc_dev, 2128 "%s: BA bf: %p; seqno=%d ; new bf: %p; seqno=%d\n", 2129 __func__, 2130 tid->tx_buf[cindex], 2131 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno), 2132 bf, 2133 SEQNO(bf->bf_state.bfs_seqno) 2134 ); 2135 } 2136 tid->tx_buf[cindex] = bf; 2137 2138 if (index >= ((tid->baw_tail - tid->baw_head) & 2139 (ATH_TID_MAX_BUFS - 1))) { 2140 tid->baw_tail = cindex; 2141 INCR(tid->baw_tail, ATH_TID_MAX_BUFS); 2142 } 2143} 2144 2145/* 2146 * Flip the BAW buffer entry over from the existing one to the new one. 2147 * 2148 * When software retransmitting a (sub-)frame, it is entirely possible that 2149 * the frame ath_buf is marked as BUSY and can't be immediately reused. 2150 * In that instance the buffer is cloned and the new buffer is used for 2151 * retransmit. We thus need to update the ath_buf slot in the BAW buf 2152 * tracking array to maintain consistency. 2153 */ 2154static void 2155ath_tx_switch_baw_buf(struct ath_softc *sc, struct ath_node *an, 2156 struct ath_tid *tid, struct ath_buf *old_bf, struct ath_buf *new_bf) 2157{ 2158 int index, cindex; 2159 struct ieee80211_tx_ampdu *tap; 2160 int seqno = SEQNO(old_bf->bf_state.bfs_seqno); 2161 2162 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2163 ATH_TID_LOCK_ASSERT(sc, tid); 2164 2165 tap = ath_tx_get_tx_tid(an, tid->tid); 2166 index = ATH_BA_INDEX(tap->txa_start, seqno); 2167 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2168 2169 /* 2170 * Just warn for now; if it happens then we should find out 2171 * about it. It's highly likely the aggregation session will 2172 * soon hang. 2173 */ 2174 if (old_bf->bf_state.bfs_seqno != new_bf->bf_state.bfs_seqno) { 2175 device_printf(sc->sc_dev, "%s: retransmitted buffer" 2176 " has mismatching seqno's, BA session may hang.\n", 2177 __func__); 2178 device_printf(sc->sc_dev, "%s: old seqno=%d, new_seqno=%d\n", 2179 __func__, 2180 old_bf->bf_state.bfs_seqno, 2181 new_bf->bf_state.bfs_seqno); 2182 } 2183 2184 if (tid->tx_buf[cindex] != old_bf) { 2185 device_printf(sc->sc_dev, "%s: ath_buf pointer incorrect; " 2186 " has m BA session may hang.\n", 2187 __func__); 2188 device_printf(sc->sc_dev, "%s: old bf=%p, new bf=%p\n", 2189 __func__, 2190 old_bf, new_bf); 2191 } 2192 2193 tid->tx_buf[cindex] = new_bf; 2194} 2195 2196/* 2197 * seq_start - left edge of BAW 2198 * seq_next - current/next sequence number to allocate 2199 * 2200 * Since the BAW status may be modified by both the ath task and 2201 * the net80211/ifnet contexts, the TID must be locked. 2202 */ 2203static void 2204ath_tx_update_baw(struct ath_softc *sc, struct ath_node *an, 2205 struct ath_tid *tid, const struct ath_buf *bf) 2206{ 2207 int index, cindex; 2208 struct ieee80211_tx_ampdu *tap; 2209 int seqno = SEQNO(bf->bf_state.bfs_seqno); 2210 2211 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2212 ATH_TID_LOCK_ASSERT(sc, tid); 2213 2214 tap = ath_tx_get_tx_tid(an, tid->tid); 2215 index = ATH_BA_INDEX(tap->txa_start, seqno); 2216 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2217 2218 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2219 "%s: tid=%d, baw=%d:%d, seqno=%d, index=%d, cindex=%d, " 2220 "baw head=%d, tail=%d\n", 2221 __func__, tid->tid, tap->txa_start, tap->txa_wnd, seqno, index, 2222 cindex, tid->baw_head, tid->baw_tail); 2223 2224 /* 2225 * If this occurs then we have a big problem - something else 2226 * has slid tap->txa_start along without updating the BAW 2227 * tracking start/end pointers. Thus the TX BAW state is now 2228 * completely busted. 2229 * 2230 * But for now, since I haven't yet fixed TDMA and buffer cloning, 2231 * it's quite possible that a cloned buffer is making its way 2232 * here and causing it to fire off. Disable TDMA for now. 2233 */ 2234 if (tid->tx_buf[cindex] != bf) { 2235 device_printf(sc->sc_dev, 2236 "%s: comp bf=%p, seq=%d; slot bf=%p, seqno=%d\n", 2237 __func__, 2238 bf, SEQNO(bf->bf_state.bfs_seqno), 2239 tid->tx_buf[cindex], 2240 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno)); 2241 } 2242 2243 tid->tx_buf[cindex] = NULL; 2244 2245 while (tid->baw_head != tid->baw_tail && 2246 !tid->tx_buf[tid->baw_head]) { 2247 INCR(tap->txa_start, IEEE80211_SEQ_RANGE); 2248 INCR(tid->baw_head, ATH_TID_MAX_BUFS); 2249 } 2250 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2251 "%s: baw is now %d:%d, baw head=%d\n", 2252 __func__, tap->txa_start, tap->txa_wnd, tid->baw_head); 2253} 2254 2255/* 2256 * Mark the current node/TID as ready to TX. 2257 * 2258 * This is done to make it easy for the software scheduler to 2259 * find which nodes have data to send. 2260 * 2261 * The TXQ lock must be held. 2262 */ 2263static void 2264ath_tx_tid_sched(struct ath_softc *sc, struct ath_tid *tid) 2265{ 2266 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2267 2268 ATH_TXQ_LOCK_ASSERT(txq); 2269 2270 if (tid->paused) 2271 return; /* paused, can't schedule yet */ 2272 2273 if (tid->sched) 2274 return; /* already scheduled */ 2275 2276 tid->sched = 1; 2277 2278 TAILQ_INSERT_TAIL(&txq->axq_tidq, tid, axq_qelem); 2279} 2280 2281/* 2282 * Mark the current node as no longer needing to be polled for 2283 * TX packets. 2284 * 2285 * The TXQ lock must be held. 2286 */ 2287static void 2288ath_tx_tid_unsched(struct ath_softc *sc, struct ath_tid *tid) 2289{ 2290 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2291 2292 ATH_TXQ_LOCK_ASSERT(txq); 2293 2294 if (tid->sched == 0) 2295 return; 2296 2297 tid->sched = 0; 2298 TAILQ_REMOVE(&txq->axq_tidq, tid, axq_qelem); 2299} 2300 2301/* 2302 * Assign a sequence number manually to the given frame. 2303 * 2304 * This should only be called for A-MPDU TX frames. 2305 */ 2306static ieee80211_seq 2307ath_tx_tid_seqno_assign(struct ath_softc *sc, struct ieee80211_node *ni, 2308 struct ath_buf *bf, struct mbuf *m0) 2309{ 2310 struct ieee80211_frame *wh; 2311 int tid, pri; 2312 ieee80211_seq seqno; 2313 uint8_t subtype; 2314 2315 /* TID lookup */ 2316 wh = mtod(m0, struct ieee80211_frame *); 2317 pri = M_WME_GETAC(m0); /* honor classification */ 2318 tid = WME_AC_TO_TID(pri); 2319 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: pri=%d, tid=%d, qos has seq=%d\n", 2320 __func__, pri, tid, IEEE80211_QOS_HAS_SEQ(wh)); 2321 2322 /* XXX Is it a control frame? Ignore */ 2323 2324 /* Does the packet require a sequence number? */ 2325 if (! IEEE80211_QOS_HAS_SEQ(wh)) 2326 return -1; 2327 2328 ATH_TID_LOCK_ASSERT(sc, &(ATH_NODE(ni)->an_tid[tid])); 2329 2330 /* 2331 * Is it a QOS NULL Data frame? Give it a sequence number from 2332 * the default TID (IEEE80211_NONQOS_TID.) 2333 * 2334 * The RX path of everything I've looked at doesn't include the NULL 2335 * data frame sequence number in the aggregation state updates, so 2336 * assigning it a sequence number there will cause a BAW hole on the 2337 * RX side. 2338 */ 2339 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2340 if (subtype == IEEE80211_FC0_SUBTYPE_QOS_NULL) { 2341 /* XXX no locking for this TID? This is a bit of a problem. */ 2342 seqno = ni->ni_txseqs[IEEE80211_NONQOS_TID]; 2343 INCR(ni->ni_txseqs[IEEE80211_NONQOS_TID], IEEE80211_SEQ_RANGE); 2344 } else { 2345 /* Manually assign sequence number */ 2346 seqno = ni->ni_txseqs[tid]; 2347 INCR(ni->ni_txseqs[tid], IEEE80211_SEQ_RANGE); 2348 } 2349 *(uint16_t *)&wh->i_seq[0] = htole16(seqno << IEEE80211_SEQ_SEQ_SHIFT); 2350 M_SEQNO_SET(m0, seqno); 2351 2352 /* Return so caller can do something with it if needed */ 2353 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: -> seqno=%d\n", __func__, seqno); 2354 return seqno; 2355} 2356 2357/* 2358 * Attempt to direct dispatch an aggregate frame to hardware. 2359 * If the frame is out of BAW, queue. 2360 * Otherwise, schedule it as a single frame. 2361 */ 2362static void 2363ath_tx_xmit_aggr(struct ath_softc *sc, struct ath_node *an, struct ath_buf *bf) 2364{ 2365 struct ath_tid *tid = &an->an_tid[bf->bf_state.bfs_tid]; 2366 struct ath_txq *txq = bf->bf_state.bfs_txq; 2367 struct ieee80211_tx_ampdu *tap; 2368 2369 ATH_TXQ_LOCK_ASSERT(txq); 2370 ATH_TID_LOCK_ASSERT(sc, tid); 2371 2372 tap = ath_tx_get_tx_tid(an, tid->tid); 2373 2374 /* paused? queue */ 2375 if (tid->paused) { 2376 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list); 2377 /* XXX don't sched - we're paused! */ 2378 return; 2379 } 2380 2381 /* outside baw? queue */ 2382 if (bf->bf_state.bfs_dobaw && 2383 (! BAW_WITHIN(tap->txa_start, tap->txa_wnd, 2384 SEQNO(bf->bf_state.bfs_seqno)))) { 2385 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list); 2386 ath_tx_tid_sched(sc, tid); 2387 return; 2388 } 2389 2390 /* Direct dispatch to hardware */ 2391 ath_tx_do_ratelookup(sc, bf); 2392 ath_tx_calc_duration(sc, bf); 2393 ath_tx_calc_protection(sc, bf); 2394 ath_tx_set_rtscts(sc, bf); 2395 ath_tx_rate_fill_rcflags(sc, bf); 2396 ath_tx_setds(sc, bf); 2397 ath_tx_set_ratectrl(sc, bf->bf_node, bf); 2398 ath_tx_chaindesclist(sc, bf); 2399 2400 /* Statistics */ 2401 sc->sc_aggr_stats.aggr_low_hwq_single_pkt++; 2402 2403 /* Track per-TID hardware queue depth correctly */ 2404 tid->hwq_depth++; 2405 2406 /* Add to BAW */ 2407 if (bf->bf_state.bfs_dobaw) { 2408 ath_tx_addto_baw(sc, an, tid, bf); 2409 bf->bf_state.bfs_addedbaw = 1; 2410 } 2411 2412 /* Set completion handler, multi-frame aggregate or not */ 2413 bf->bf_comp = ath_tx_aggr_comp; 2414 2415 /* Hand off to hardware */ 2416 ath_tx_handoff(sc, txq, bf); 2417} 2418 2419/* 2420 * Attempt to send the packet. 2421 * If the queue isn't busy, direct-dispatch. 2422 * If the queue is busy enough, queue the given packet on the 2423 * relevant software queue. 2424 */ 2425void 2426ath_tx_swq(struct ath_softc *sc, struct ieee80211_node *ni, struct ath_txq *txq, 2427 struct ath_buf *bf) 2428{ 2429 struct ath_node *an = ATH_NODE(ni); 2430 struct ieee80211_frame *wh; 2431 struct ath_tid *atid; 2432 int pri, tid; 2433 struct mbuf *m0 = bf->bf_m; 2434 2435 ATH_TXQ_LOCK_ASSERT(txq); 2436 2437 /* Fetch the TID - non-QoS frames get assigned to TID 16 */ 2438 wh = mtod(m0, struct ieee80211_frame *); 2439 pri = ath_tx_getac(sc, m0); 2440 tid = ath_tx_gettid(sc, m0); 2441 atid = &an->an_tid[tid]; 2442 2443 ATH_TID_LOCK_ASSERT(sc, atid); 2444 2445 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p, pri=%d, tid=%d, qos=%d\n", 2446 __func__, bf, pri, tid, IEEE80211_QOS_HAS_SEQ(wh)); 2447 2448 /* Set local packet state, used to queue packets to hardware */ 2449 bf->bf_state.bfs_tid = tid; 2450 bf->bf_state.bfs_txq = txq; 2451 bf->bf_state.bfs_pri = pri; 2452 2453 /* 2454 * If the hardware queue isn't busy, queue it directly. 2455 * If the hardware queue is busy, queue it. 2456 * If the TID is paused or the traffic it outside BAW, software 2457 * queue it. 2458 */ 2459 if (atid->paused) { 2460 /* TID is paused, queue */ 2461 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: paused\n", __func__); 2462 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2463 } else if (ath_tx_ampdu_pending(sc, an, tid)) { 2464 /* AMPDU pending; queue */ 2465 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: pending\n", __func__); 2466 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2467 /* XXX sched? */ 2468 } else if (ath_tx_ampdu_running(sc, an, tid)) { 2469 /* AMPDU running, attempt direct dispatch if possible */ 2470 2471 /* 2472 * Always queue the frame to the tail of the list. 2473 */ 2474 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2475 2476 /* 2477 * If the hardware queue isn't busy, direct dispatch 2478 * the head frame in the list. Don't schedule the 2479 * TID - let it build some more frames first? 2480 * 2481 * Otherwise, schedule the TID. 2482 */ 2483 if (txq->axq_depth < sc->sc_hwq_limit) { 2484 bf = TAILQ_FIRST(&atid->axq_q); 2485 ATH_TXQ_REMOVE(atid, bf, bf_list); 2486 ath_tx_xmit_aggr(sc, an, bf); 2487 DPRINTF(sc, ATH_DEBUG_SW_TX, 2488 "%s: xmit_aggr\n", 2489 __func__); 2490 } else { 2491 DPRINTF(sc, ATH_DEBUG_SW_TX, 2492 "%s: ampdu; swq'ing\n", 2493 __func__); 2494 ath_tx_tid_sched(sc, atid); 2495 } 2496 } else if (txq->axq_depth < sc->sc_hwq_limit) { 2497 /* AMPDU not running, attempt direct dispatch */ 2498 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: xmit_normal\n", __func__); 2499 ath_tx_xmit_normal(sc, txq, bf); 2500 } else { 2501 /* Busy; queue */ 2502 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: swq'ing\n", __func__); 2503 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2504 ath_tx_tid_sched(sc, atid); 2505 } 2506} 2507 2508/* 2509 * Do the basic frame setup stuff that's required before the frame 2510 * is added to a software queue. 2511 * 2512 * All frames get mostly the same treatment and it's done once. 2513 * Retransmits fiddle with things like the rate control setup, 2514 * setting the retransmit bit in the packet; doing relevant DMA/bus 2515 * syncing and relinking it (back) into the hardware TX queue. 2516 * 2517 * Note that this may cause the mbuf to be reallocated, so 2518 * m0 may not be valid. 2519 */ 2520 2521 2522/* 2523 * Configure the per-TID node state. 2524 * 2525 * This likely belongs in if_ath_node.c but I can't think of anywhere 2526 * else to put it just yet. 2527 * 2528 * This sets up the SLISTs and the mutex as appropriate. 2529 */ 2530void 2531ath_tx_tid_init(struct ath_softc *sc, struct ath_node *an) 2532{ 2533 int i, j; 2534 struct ath_tid *atid; 2535 2536 for (i = 0; i < IEEE80211_TID_SIZE; i++) { 2537 atid = &an->an_tid[i]; 2538 TAILQ_INIT(&atid->axq_q); 2539 atid->tid = i; 2540 atid->an = an; 2541 for (j = 0; j < ATH_TID_MAX_BUFS; j++) 2542 atid->tx_buf[j] = NULL; 2543 atid->baw_head = atid->baw_tail = 0; 2544 atid->paused = 0; 2545 atid->sched = 0; 2546 atid->hwq_depth = 0; 2547 atid->cleanup_inprogress = 0; 2548 if (i == IEEE80211_NONQOS_TID) 2549 atid->ac = WME_AC_BE; 2550 else 2551 atid->ac = TID_TO_WME_AC(i); 2552 } 2553} 2554 2555/* 2556 * Pause the current TID. This stops packets from being transmitted 2557 * on it. 2558 * 2559 * Since this is also called from upper layers as well as the driver, 2560 * it will get the TID lock. 2561 */ 2562static void 2563ath_tx_tid_pause(struct ath_softc *sc, struct ath_tid *tid) 2564{ 2565 2566 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2567 tid->paused++; 2568 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: paused = %d\n", 2569 __func__, tid->paused); 2570} 2571 2572/* 2573 * Unpause the current TID, and schedule it if needed. 2574 */ 2575static void 2576ath_tx_tid_resume(struct ath_softc *sc, struct ath_tid *tid) 2577{ 2578 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2579 2580 tid->paused--; 2581 2582 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: unpaused = %d\n", 2583 __func__, tid->paused); 2584 2585 if (tid->paused || tid->axq_depth == 0) { 2586 return; 2587 } 2588 2589 ath_tx_tid_sched(sc, tid); 2590 /* Punt some frames to the hardware if needed */ 2591 //ath_txq_sched(sc, sc->sc_ac2q[tid->ac]); 2592 taskqueue_enqueue(sc->sc_tq, &sc->sc_txqtask); 2593} 2594 2595/* 2596 * Suspend the queue because we need to TX a BAR. 2597 */ 2598static void 2599ath_tx_tid_bar_suspend(struct ath_softc *sc, struct ath_tid *tid) 2600{ 2601 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2602 2603 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 2604 "%s: tid=%p, bar_wait=%d, bar_tx=%d, called\n", 2605 __func__, 2606 tid, 2607 tid->bar_wait, 2608 tid->bar_tx); 2609 2610 /* We shouldn't be called when bar_tx is 1 */ 2611 if (tid->bar_tx) { 2612 device_printf(sc->sc_dev, "%s: bar_tx is 1?!\n", 2613 __func__); 2614 } 2615 2616 /* If we've already been called, just be patient. */ 2617 if (tid->bar_wait) 2618 return; 2619 2620 /* Wait! */ 2621 tid->bar_wait = 1; 2622 2623 /* Only one pause, no matter how many frames fail */ 2624 ath_tx_tid_pause(sc, tid); 2625} 2626 2627/* 2628 * We've finished with BAR handling - either we succeeded or 2629 * failed. Either way, unsuspend TX. 2630 */ 2631static void 2632ath_tx_tid_bar_unsuspend(struct ath_softc *sc, struct ath_tid *tid) 2633{ 2634 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2635 2636 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 2637 "%s: tid=%p, called\n", 2638 __func__, 2639 tid); 2640 2641 if (tid->bar_tx == 0 || tid->bar_wait == 0) { 2642 device_printf(sc->sc_dev, "%s: bar_tx=%d, bar_wait=%d: ?\n", 2643 __func__, tid->bar_tx, tid->bar_wait); 2644 } 2645 2646 tid->bar_tx = tid->bar_wait = 0; 2647 ath_tx_tid_resume(sc, tid); 2648} 2649 2650/* 2651 * Return whether we're ready to TX a BAR frame. 2652 * 2653 * Requires the TID lock be held. 2654 */ 2655static int 2656ath_tx_tid_bar_tx_ready(struct ath_softc *sc, struct ath_tid *tid) 2657{ 2658 2659 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2660 2661 if (tid->bar_wait == 0 || tid->hwq_depth > 0) 2662 return (0); 2663 2664 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, "%s: tid=%p (%d), bar ready\n", 2665 __func__, tid, tid->tid); 2666 2667 return (1); 2668} 2669 2670/* 2671 * Check whether the current TID is ready to have a BAR 2672 * TXed and if so, do the TX. 2673 * 2674 * Since the TID/TXQ lock can't be held during a call to 2675 * ieee80211_send_bar(), we have to do the dirty thing of unlocking it, 2676 * sending the BAR and locking it again. 2677 * 2678 * Eventually, the code to send the BAR should be broken out 2679 * from this routine so the lock doesn't have to be reacquired 2680 * just to be immediately dropped by the caller. 2681 */ 2682static void 2683ath_tx_tid_bar_tx(struct ath_softc *sc, struct ath_tid *tid) 2684{ 2685 struct ieee80211_tx_ampdu *tap; 2686 2687 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2688 2689 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 2690 "%s: tid=%p, called\n", 2691 __func__, 2692 tid); 2693 2694 tap = ath_tx_get_tx_tid(tid->an, tid->tid); 2695 2696 /* 2697 * This is an error condition! 2698 */ 2699 if (tid->bar_wait == 0 || tid->bar_tx == 1) { 2700 device_printf(sc->sc_dev, 2701 "%s: tid=%p, bar_tx=%d, bar_wait=%d: ?\n", 2702 __func__, 2703 tid, 2704 tid->bar_tx, 2705 tid->bar_wait); 2706 return; 2707 } 2708 2709 /* Don't do anything if we still have pending frames */ 2710 if (tid->hwq_depth > 0) { 2711 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 2712 "%s: tid=%p, hwq_depth=%d, waiting\n", 2713 __func__, 2714 tid, 2715 tid->hwq_depth); 2716 return; 2717 } 2718 2719 /* We're now about to TX */ 2720 tid->bar_tx = 1; 2721 2722 /* 2723 * Calculate new BAW left edge, now that all frames have either 2724 * succeeded or failed. 2725 * 2726 * XXX verify this is _actually_ the valid value to begin at! 2727 */ 2728 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 2729 "%s: tid=%p, new BAW left edge=%d\n", 2730 __func__, 2731 tid, 2732 tap->txa_start); 2733 2734 /* Try sending the BAR frame */ 2735 /* We can't hold the lock here! */ 2736 2737 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 2738 if (ieee80211_send_bar(&tid->an->an_node, tap, tap->txa_start) == 0) { 2739 /* Success? Now we wait for notification that it's done */ 2740 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 2741 return; 2742 } 2743 2744 /* Failure? For now, warn loudly and continue */ 2745 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 2746 device_printf(sc->sc_dev, "%s: tid=%p, failed to TX BAR, continue!\n", 2747 __func__, tid); 2748 ath_tx_tid_bar_unsuspend(sc, tid); 2749} 2750 2751 2752/* 2753 * Free any packets currently pending in the software TX queue. 2754 * 2755 * This will be called when a node is being deleted. 2756 * 2757 * It can also be called on an active node during an interface 2758 * reset or state transition. 2759 * 2760 * (From Linux/reference): 2761 * 2762 * TODO: For frame(s) that are in the retry state, we will reuse the 2763 * sequence number(s) without setting the retry bit. The 2764 * alternative is to give up on these and BAR the receiver's window 2765 * forward. 2766 */ 2767static void 2768ath_tx_tid_drain(struct ath_softc *sc, struct ath_node *an, 2769 struct ath_tid *tid, ath_bufhead *bf_cq) 2770{ 2771 struct ath_buf *bf; 2772 struct ieee80211_tx_ampdu *tap; 2773 struct ieee80211_node *ni = &an->an_node; 2774 int t = 0; 2775 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2776 2777 tap = ath_tx_get_tx_tid(an, tid->tid); 2778 2779 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2780 2781 /* Walk the queue, free frames */ 2782 for (;;) { 2783 bf = TAILQ_FIRST(&tid->axq_q); 2784 if (bf == NULL) { 2785 break; 2786 } 2787 2788 if (t == 0) { 2789 device_printf(sc->sc_dev, 2790 "%s: node %p: bf=%p: addbaw=%d, dobaw=%d, " 2791 "seqno=%d, retry=%d\n", 2792 __func__, ni, bf, 2793 bf->bf_state.bfs_addedbaw, 2794 bf->bf_state.bfs_dobaw, 2795 SEQNO(bf->bf_state.bfs_seqno), 2796 bf->bf_state.bfs_retries); 2797 device_printf(sc->sc_dev, 2798 "%s: node %p: bf=%p: tid txq_depth=%d hwq_depth=%d, bar_wait=%d\n", 2799 __func__, ni, bf, 2800 tid->axq_depth, 2801 tid->hwq_depth, 2802 tid->bar_wait); 2803 device_printf(sc->sc_dev, 2804 "%s: node %p: tid %d: txq_depth=%d, " 2805 "txq_aggr_depth=%d, sched=%d, paused=%d, " 2806 "hwq_depth=%d, incomp=%d, baw_head=%d, " 2807 "baw_tail=%d txa_start=%d, ni_txseqs=%d\n", 2808 __func__, ni, tid->tid, txq->axq_depth, 2809 txq->axq_aggr_depth, tid->sched, tid->paused, 2810 tid->hwq_depth, tid->incomp, tid->baw_head, 2811 tid->baw_tail, tap == NULL ? -1 : tap->txa_start, 2812 ni->ni_txseqs[tid->tid]); 2813 2814 /* XXX Dump the frame, see what it is? */ 2815 ieee80211_dump_pkt(ni->ni_ic, 2816 mtod(bf->bf_m, const uint8_t *), 2817 bf->bf_m->m_len, 0, -1); 2818 2819 t = 1; 2820 } 2821 2822 2823 /* 2824 * If the current TID is running AMPDU, update 2825 * the BAW. 2826 */ 2827 if (ath_tx_ampdu_running(sc, an, tid->tid) && 2828 bf->bf_state.bfs_dobaw) { 2829 /* 2830 * Only remove the frame from the BAW if it's 2831 * been transmitted at least once; this means 2832 * the frame was in the BAW to begin with. 2833 */ 2834 if (bf->bf_state.bfs_retries > 0) { 2835 ath_tx_update_baw(sc, an, tid, bf); 2836 bf->bf_state.bfs_dobaw = 0; 2837 } 2838 /* 2839 * This has become a non-fatal error now 2840 */ 2841 if (! bf->bf_state.bfs_addedbaw) 2842 device_printf(sc->sc_dev, 2843 "%s: wasn't added: seqno %d\n", 2844 __func__, SEQNO(bf->bf_state.bfs_seqno)); 2845 } 2846 ATH_TXQ_REMOVE(tid, bf, bf_list); 2847 TAILQ_INSERT_TAIL(bf_cq, bf, bf_list); 2848 } 2849 2850 /* 2851 * Now that it's completed, grab the TID lock and update 2852 * the sequence number and BAW window. 2853 * Because sequence numbers have been assigned to frames 2854 * that haven't been sent yet, it's entirely possible 2855 * we'll be called with some pending frames that have not 2856 * been transmitted. 2857 * 2858 * The cleaner solution is to do the sequence number allocation 2859 * when the packet is first transmitted - and thus the "retries" 2860 * check above would be enough to update the BAW/seqno. 2861 */ 2862 2863 /* But don't do it for non-QoS TIDs */ 2864 if (tap) { 2865#if 0 2866 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2867 "%s: node %p: TID %d: sliding BAW left edge to %d\n", 2868 __func__, an, tid->tid, tap->txa_start); 2869#endif 2870 ni->ni_txseqs[tid->tid] = tap->txa_start; 2871 tid->baw_tail = tid->baw_head; 2872 } 2873} 2874 2875/* 2876 * Flush all software queued packets for the given node. 2877 * 2878 * This occurs when a completion handler frees the last buffer 2879 * for a node, and the node is thus freed. This causes the node 2880 * to be cleaned up, which ends up calling ath_tx_node_flush. 2881 */ 2882void 2883ath_tx_node_flush(struct ath_softc *sc, struct ath_node *an) 2884{ 2885 int tid; 2886 ath_bufhead bf_cq; 2887 struct ath_buf *bf; 2888 2889 TAILQ_INIT(&bf_cq); 2890 2891 for (tid = 0; tid < IEEE80211_TID_SIZE; tid++) { 2892 struct ath_tid *atid = &an->an_tid[tid]; 2893 struct ath_txq *txq = sc->sc_ac2q[atid->ac]; 2894 2895 /* Remove this tid from the list of active tids */ 2896 ATH_TXQ_LOCK(txq); 2897 ath_tx_tid_unsched(sc, atid); 2898 2899 /* Free packets */ 2900 ath_tx_tid_drain(sc, an, atid, &bf_cq); 2901 ATH_TXQ_UNLOCK(txq); 2902 } 2903 2904 /* Handle completed frames */ 2905 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2906 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2907 ath_tx_default_comp(sc, bf, 0); 2908 } 2909} 2910 2911/* 2912 * Drain all the software TXQs currently with traffic queued. 2913 */ 2914void 2915ath_tx_txq_drain(struct ath_softc *sc, struct ath_txq *txq) 2916{ 2917 struct ath_tid *tid; 2918 ath_bufhead bf_cq; 2919 struct ath_buf *bf; 2920 2921 TAILQ_INIT(&bf_cq); 2922 ATH_TXQ_LOCK(txq); 2923 2924 /* 2925 * Iterate over all active tids for the given txq, 2926 * flushing and unsched'ing them 2927 */ 2928 while (! TAILQ_EMPTY(&txq->axq_tidq)) { 2929 tid = TAILQ_FIRST(&txq->axq_tidq); 2930 ath_tx_tid_drain(sc, tid->an, tid, &bf_cq); 2931 ath_tx_tid_unsched(sc, tid); 2932 } 2933 2934 ATH_TXQ_UNLOCK(txq); 2935 2936 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2937 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2938 ath_tx_default_comp(sc, bf, 0); 2939 } 2940} 2941 2942/* 2943 * Handle completion of non-aggregate session frames. 2944 */ 2945void 2946ath_tx_normal_comp(struct ath_softc *sc, struct ath_buf *bf, int fail) 2947{ 2948 struct ieee80211_node *ni = bf->bf_node; 2949 struct ath_node *an = ATH_NODE(ni); 2950 int tid = bf->bf_state.bfs_tid; 2951 struct ath_tid *atid = &an->an_tid[tid]; 2952 struct ath_tx_status *ts = &bf->bf_status.ds_txstat; 2953 2954 /* The TID state is protected behind the TXQ lock */ 2955 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2956 2957 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: fail=%d, hwq_depth now %d\n", 2958 __func__, bf, fail, atid->hwq_depth - 1); 2959 2960 atid->hwq_depth--; 2961 if (atid->hwq_depth < 0) 2962 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 2963 __func__, atid->hwq_depth); 2964 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2965 2966 /* 2967 * punt to rate control if we're not being cleaned up 2968 * during a hw queue drain and the frame wanted an ACK. 2969 */ 2970 if (fail == 0 && ((bf->bf_state.bfs_txflags & HAL_TXDESC_NOACK) == 0)) 2971 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc, 2972 ts, bf->bf_state.bfs_pktlen, 2973 1, (ts->ts_status == 0) ? 0 : 1); 2974 2975 ath_tx_default_comp(sc, bf, fail); 2976} 2977 2978/* 2979 * Handle cleanup of aggregate session packets that aren't 2980 * an A-MPDU. 2981 * 2982 * There's no need to update the BAW here - the session is being 2983 * torn down. 2984 */ 2985static void 2986ath_tx_comp_cleanup_unaggr(struct ath_softc *sc, struct ath_buf *bf) 2987{ 2988 struct ieee80211_node *ni = bf->bf_node; 2989 struct ath_node *an = ATH_NODE(ni); 2990 int tid = bf->bf_state.bfs_tid; 2991 struct ath_tid *atid = &an->an_tid[tid]; 2992 2993 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: TID %d: incomp=%d\n", 2994 __func__, tid, atid->incomp); 2995 2996 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2997 atid->incomp--; 2998 if (atid->incomp == 0) { 2999 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3000 "%s: TID %d: cleaned up! resume!\n", 3001 __func__, tid); 3002 atid->cleanup_inprogress = 0; 3003 ath_tx_tid_resume(sc, atid); 3004 } 3005 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3006 3007 ath_tx_default_comp(sc, bf, 0); 3008} 3009 3010/* 3011 * Performs transmit side cleanup when TID changes from aggregated to 3012 * unaggregated. 3013 * 3014 * - Discard all retry frames from the s/w queue. 3015 * - Fix the tx completion function for all buffers in s/w queue. 3016 * - Count the number of unacked frames, and let transmit completion 3017 * handle it later. 3018 * 3019 * The caller is responsible for pausing the TID. 3020 */ 3021static void 3022ath_tx_tid_cleanup(struct ath_softc *sc, struct ath_node *an, int tid) 3023{ 3024 struct ath_tid *atid = &an->an_tid[tid]; 3025 struct ieee80211_tx_ampdu *tap; 3026 struct ath_buf *bf, *bf_next; 3027 ath_bufhead bf_cq; 3028 3029 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 3030 "%s: TID %d: called\n", __func__, tid); 3031 3032 TAILQ_INIT(&bf_cq); 3033 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3034 3035 /* 3036 * Update the frames in the software TX queue: 3037 * 3038 * + Discard retry frames in the queue 3039 * + Fix the completion function to be non-aggregate 3040 */ 3041 bf = TAILQ_FIRST(&atid->axq_q); 3042 while (bf) { 3043 if (bf->bf_state.bfs_isretried) { 3044 bf_next = TAILQ_NEXT(bf, bf_list); 3045 TAILQ_REMOVE(&atid->axq_q, bf, bf_list); 3046 atid->axq_depth--; 3047 if (bf->bf_state.bfs_dobaw) { 3048 ath_tx_update_baw(sc, an, atid, bf); 3049 if (! bf->bf_state.bfs_addedbaw) 3050 device_printf(sc->sc_dev, 3051 "%s: wasn't added: seqno %d\n", 3052 __func__, 3053 SEQNO(bf->bf_state.bfs_seqno)); 3054 } 3055 bf->bf_state.bfs_dobaw = 0; 3056 /* 3057 * Call the default completion handler with "fail" just 3058 * so upper levels are suitably notified about this. 3059 */ 3060 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3061 bf = bf_next; 3062 continue; 3063 } 3064 /* Give these the default completion handler */ 3065 bf->bf_comp = ath_tx_normal_comp; 3066 bf = TAILQ_NEXT(bf, bf_list); 3067 } 3068 3069 /* The caller is required to pause the TID */ 3070#if 0 3071 /* Pause the TID */ 3072 ath_tx_tid_pause(sc, atid); 3073#endif 3074 3075 /* 3076 * Calculate what hardware-queued frames exist based 3077 * on the current BAW size. Ie, what frames have been 3078 * added to the TX hardware queue for this TID but 3079 * not yet ACKed. 3080 */ 3081 tap = ath_tx_get_tx_tid(an, tid); 3082 /* Need the lock - fiddling with BAW */ 3083 while (atid->baw_head != atid->baw_tail) { 3084 if (atid->tx_buf[atid->baw_head]) { 3085 atid->incomp++; 3086 atid->cleanup_inprogress = 1; 3087 atid->tx_buf[atid->baw_head] = NULL; 3088 } 3089 INCR(atid->baw_head, ATH_TID_MAX_BUFS); 3090 INCR(tap->txa_start, IEEE80211_SEQ_RANGE); 3091 } 3092 3093 /* 3094 * If cleanup is required, defer TID scheduling 3095 * until all the HW queued packets have been 3096 * sent. 3097 */ 3098 if (! atid->cleanup_inprogress) 3099 ath_tx_tid_resume(sc, atid); 3100 3101 if (atid->cleanup_inprogress) 3102 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3103 "%s: TID %d: cleanup needed: %d packets\n", 3104 __func__, tid, atid->incomp); 3105 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3106 3107 /* Handle completing frames and fail them */ 3108 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3109 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3110 ath_tx_default_comp(sc, bf, 1); 3111 } 3112} 3113 3114static void 3115ath_tx_set_retry(struct ath_softc *sc, struct ath_buf *bf) 3116{ 3117 struct ieee80211_frame *wh; 3118 3119 wh = mtod(bf->bf_m, struct ieee80211_frame *); 3120 /* Only update/resync if needed */ 3121 if (bf->bf_state.bfs_isretried == 0) { 3122 wh->i_fc[1] |= IEEE80211_FC1_RETRY; 3123 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, 3124 BUS_DMASYNC_PREWRITE); 3125 } 3126 sc->sc_stats.ast_tx_swretries++; 3127 bf->bf_state.bfs_isretried = 1; 3128 bf->bf_state.bfs_retries ++; 3129} 3130 3131static struct ath_buf * 3132ath_tx_retry_clone(struct ath_softc *sc, struct ath_node *an, 3133 struct ath_tid *tid, struct ath_buf *bf) 3134{ 3135 struct ath_buf *nbf; 3136 int error; 3137 3138 nbf = ath_buf_clone(sc, bf); 3139 3140#if 0 3141 device_printf(sc->sc_dev, "%s: ATH_BUF_BUSY; cloning\n", 3142 __func__); 3143#endif 3144 3145 if (nbf == NULL) { 3146 /* Failed to clone */ 3147 device_printf(sc->sc_dev, 3148 "%s: failed to clone a busy buffer\n", 3149 __func__); 3150 return NULL; 3151 } 3152 3153 /* Setup the dma for the new buffer */ 3154 error = ath_tx_dmasetup(sc, nbf, nbf->bf_m); 3155 if (error != 0) { 3156 device_printf(sc->sc_dev, 3157 "%s: failed to setup dma for clone\n", 3158 __func__); 3159 /* 3160 * Put this at the head of the list, not tail; 3161 * that way it doesn't interfere with the 3162 * busy buffer logic (which uses the tail of 3163 * the list.) 3164 */ 3165 ATH_TXBUF_LOCK(sc); 3166 ath_returnbuf_head(sc, nbf); 3167 ATH_TXBUF_UNLOCK(sc); 3168 return NULL; 3169 } 3170 3171 /* Update BAW if required, before we free the original buf */ 3172 if (bf->bf_state.bfs_dobaw) 3173 ath_tx_switch_baw_buf(sc, an, tid, bf, nbf); 3174 3175 /* Free current buffer; return the older buffer */ 3176 bf->bf_m = NULL; 3177 bf->bf_node = NULL; 3178 ath_freebuf(sc, bf); 3179 return nbf; 3180} 3181 3182/* 3183 * Handle retrying an unaggregate frame in an aggregate 3184 * session. 3185 * 3186 * If too many retries occur, pause the TID, wait for 3187 * any further retransmits (as there's no reason why 3188 * non-aggregate frames in an aggregate session are 3189 * transmitted in-order; they just have to be in-BAW) 3190 * and then queue a BAR. 3191 */ 3192static void 3193ath_tx_aggr_retry_unaggr(struct ath_softc *sc, struct ath_buf *bf) 3194{ 3195 struct ieee80211_node *ni = bf->bf_node; 3196 struct ath_node *an = ATH_NODE(ni); 3197 int tid = bf->bf_state.bfs_tid; 3198 struct ath_tid *atid = &an->an_tid[tid]; 3199 struct ieee80211_tx_ampdu *tap; 3200 3201 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3202 3203 tap = ath_tx_get_tx_tid(an, tid); 3204 3205 /* 3206 * If the buffer is marked as busy, we can't directly 3207 * reuse it. Instead, try to clone the buffer. 3208 * If the clone is successful, recycle the old buffer. 3209 * If the clone is unsuccessful, set bfs_retries to max 3210 * to force the next bit of code to free the buffer 3211 * for us. 3212 */ 3213 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) && 3214 (bf->bf_flags & ATH_BUF_BUSY)) { 3215 struct ath_buf *nbf; 3216 nbf = ath_tx_retry_clone(sc, an, atid, bf); 3217 if (nbf) 3218 /* bf has been freed at this point */ 3219 bf = nbf; 3220 else 3221 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1; 3222 } 3223 3224 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) { 3225 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES, 3226 "%s: exceeded retries; seqno %d\n", 3227 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3228 sc->sc_stats.ast_tx_swretrymax++; 3229 3230 /* Update BAW anyway */ 3231 if (bf->bf_state.bfs_dobaw) { 3232 ath_tx_update_baw(sc, an, atid, bf); 3233 if (! bf->bf_state.bfs_addedbaw) 3234 device_printf(sc->sc_dev, 3235 "%s: wasn't added: seqno %d\n", 3236 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3237 } 3238 bf->bf_state.bfs_dobaw = 0; 3239 3240 /* Suspend the TX queue and get ready to send the BAR */ 3241 ath_tx_tid_bar_suspend(sc, atid); 3242 3243 /* Send the BAR if there are no other frames waiting */ 3244 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3245 ath_tx_tid_bar_tx(sc, atid); 3246 3247 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3248 3249 /* Free buffer, bf is free after this call */ 3250 ath_tx_default_comp(sc, bf, 0); 3251 return; 3252 } 3253 3254 /* 3255 * This increments the retry counter as well as 3256 * sets the retry flag in the ath_buf and packet 3257 * body. 3258 */ 3259 ath_tx_set_retry(sc, bf); 3260 3261 /* 3262 * Insert this at the head of the queue, so it's 3263 * retried before any current/subsequent frames. 3264 */ 3265 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list); 3266 ath_tx_tid_sched(sc, atid); 3267 /* Send the BAR if there are no other frames waiting */ 3268 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3269 ath_tx_tid_bar_tx(sc, atid); 3270 3271 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3272} 3273 3274/* 3275 * Common code for aggregate excessive retry/subframe retry. 3276 * If retrying, queues buffers to bf_q. If not, frees the 3277 * buffers. 3278 * 3279 * XXX should unify this with ath_tx_aggr_retry_unaggr() 3280 */ 3281static int 3282ath_tx_retry_subframe(struct ath_softc *sc, struct ath_buf *bf, 3283 ath_bufhead *bf_q) 3284{ 3285 struct ieee80211_node *ni = bf->bf_node; 3286 struct ath_node *an = ATH_NODE(ni); 3287 int tid = bf->bf_state.bfs_tid; 3288 struct ath_tid *atid = &an->an_tid[tid]; 3289 3290 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[atid->ac]); 3291 3292 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3293 ath_hal_set11nburstduration(sc->sc_ah, bf->bf_desc, 0); 3294 /* ath_hal_set11n_virtualmorefrag(sc->sc_ah, bf->bf_desc, 0); */ 3295 3296 /* 3297 * If the buffer is marked as busy, we can't directly 3298 * reuse it. Instead, try to clone the buffer. 3299 * If the clone is successful, recycle the old buffer. 3300 * If the clone is unsuccessful, set bfs_retries to max 3301 * to force the next bit of code to free the buffer 3302 * for us. 3303 */ 3304 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) && 3305 (bf->bf_flags & ATH_BUF_BUSY)) { 3306 struct ath_buf *nbf; 3307 nbf = ath_tx_retry_clone(sc, an, atid, bf); 3308 if (nbf) 3309 /* bf has been freed at this point */ 3310 bf = nbf; 3311 else 3312 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1; 3313 } 3314 3315 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) { 3316 sc->sc_stats.ast_tx_swretrymax++; 3317 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES, 3318 "%s: max retries: seqno %d\n", 3319 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3320 ath_tx_update_baw(sc, an, atid, bf); 3321 if (! bf->bf_state.bfs_addedbaw) 3322 device_printf(sc->sc_dev, 3323 "%s: wasn't added: seqno %d\n", 3324 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3325 bf->bf_state.bfs_dobaw = 0; 3326 return 1; 3327 } 3328 3329 ath_tx_set_retry(sc, bf); 3330 bf->bf_next = NULL; /* Just to make sure */ 3331 3332 TAILQ_INSERT_TAIL(bf_q, bf, bf_list); 3333 return 0; 3334} 3335 3336/* 3337 * error pkt completion for an aggregate destination 3338 */ 3339static void 3340ath_tx_comp_aggr_error(struct ath_softc *sc, struct ath_buf *bf_first, 3341 struct ath_tid *tid) 3342{ 3343 struct ieee80211_node *ni = bf_first->bf_node; 3344 struct ath_node *an = ATH_NODE(ni); 3345 struct ath_buf *bf_next, *bf; 3346 ath_bufhead bf_q; 3347 int drops = 0; 3348 struct ieee80211_tx_ampdu *tap; 3349 ath_bufhead bf_cq; 3350 3351 TAILQ_INIT(&bf_q); 3352 TAILQ_INIT(&bf_cq); 3353 3354 /* 3355 * Update rate control - all frames have failed. 3356 * 3357 * XXX use the length in the first frame in the series; 3358 * XXX just so things are consistent for now. 3359 */ 3360 ath_tx_update_ratectrl(sc, ni, bf_first->bf_state.bfs_rc, 3361 &bf_first->bf_status.ds_txstat, 3362 bf_first->bf_state.bfs_pktlen, 3363 bf_first->bf_state.bfs_nframes, bf_first->bf_state.bfs_nframes); 3364 3365 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 3366 tap = ath_tx_get_tx_tid(an, tid->tid); 3367 sc->sc_stats.ast_tx_aggr_failall++; 3368 3369 /* Retry all subframes */ 3370 bf = bf_first; 3371 while (bf) { 3372 bf_next = bf->bf_next; 3373 bf->bf_next = NULL; /* Remove it from the aggr list */ 3374 sc->sc_stats.ast_tx_aggr_fail++; 3375 if (ath_tx_retry_subframe(sc, bf, &bf_q)) { 3376 drops++; 3377 bf->bf_next = NULL; 3378 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3379 } 3380 bf = bf_next; 3381 } 3382 3383 /* Prepend all frames to the beginning of the queue */ 3384 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) { 3385 TAILQ_REMOVE(&bf_q, bf, bf_list); 3386 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list); 3387 } 3388 3389 /* 3390 * Schedule the TID to be re-tried. 3391 */ 3392 ath_tx_tid_sched(sc, tid); 3393 3394 /* 3395 * send bar if we dropped any frames 3396 * 3397 * Keep the txq lock held for now, as we need to ensure 3398 * that ni_txseqs[] is consistent (as it's being updated 3399 * in the ifnet TX context or raw TX context.) 3400 */ 3401 if (drops) { 3402 /* Suspend the TX queue and get ready to send the BAR */ 3403 ath_tx_tid_bar_suspend(sc, tid); 3404 } 3405 3406 /* 3407 * Send BAR if required 3408 */ 3409 if (ath_tx_tid_bar_tx_ready(sc, tid)) 3410 ath_tx_tid_bar_tx(sc, tid); 3411 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 3412 3413 /* Complete frames which errored out */ 3414 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3415 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3416 ath_tx_default_comp(sc, bf, 0); 3417 } 3418} 3419 3420/* 3421 * Handle clean-up of packets from an aggregate list. 3422 * 3423 * There's no need to update the BAW here - the session is being 3424 * torn down. 3425 */ 3426static void 3427ath_tx_comp_cleanup_aggr(struct ath_softc *sc, struct ath_buf *bf_first) 3428{ 3429 struct ath_buf *bf, *bf_next; 3430 struct ieee80211_node *ni = bf_first->bf_node; 3431 struct ath_node *an = ATH_NODE(ni); 3432 int tid = bf_first->bf_state.bfs_tid; 3433 struct ath_tid *atid = &an->an_tid[tid]; 3434 3435 bf = bf_first; 3436 3437 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3438 3439 /* update incomp */ 3440 while (bf) { 3441 atid->incomp--; 3442 bf = bf->bf_next; 3443 } 3444 3445 if (atid->incomp == 0) { 3446 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3447 "%s: TID %d: cleaned up! resume!\n", 3448 __func__, tid); 3449 atid->cleanup_inprogress = 0; 3450 ath_tx_tid_resume(sc, atid); 3451 } 3452 3453 /* Send BAR if required */ 3454 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3455 ath_tx_tid_bar_tx(sc, atid); 3456 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3457 3458 /* Handle frame completion */ 3459 while (bf) { 3460 bf_next = bf->bf_next; 3461 ath_tx_default_comp(sc, bf, 1); 3462 bf = bf_next; 3463 } 3464} 3465 3466/* 3467 * Handle completion of an set of aggregate frames. 3468 * 3469 * XXX for now, simply complete each sub-frame. 3470 * 3471 * Note: the completion handler is the last descriptor in the aggregate, 3472 * not the last descriptor in the first frame. 3473 */ 3474static void 3475ath_tx_aggr_comp_aggr(struct ath_softc *sc, struct ath_buf *bf_first, 3476 int fail) 3477{ 3478 //struct ath_desc *ds = bf->bf_lastds; 3479 struct ieee80211_node *ni = bf_first->bf_node; 3480 struct ath_node *an = ATH_NODE(ni); 3481 int tid = bf_first->bf_state.bfs_tid; 3482 struct ath_tid *atid = &an->an_tid[tid]; 3483 struct ath_tx_status ts; 3484 struct ieee80211_tx_ampdu *tap; 3485 ath_bufhead bf_q; 3486 ath_bufhead bf_cq; 3487 int seq_st, tx_ok; 3488 int hasba, isaggr; 3489 uint32_t ba[2]; 3490 struct ath_buf *bf, *bf_next; 3491 int ba_index; 3492 int drops = 0; 3493 int nframes = 0, nbad = 0, nf; 3494 int pktlen; 3495 /* XXX there's too much on the stack? */ 3496 struct ath_rc_series rc[ATH_RC_NUM]; 3497 int txseq; 3498 3499 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: called; hwq_depth=%d\n", 3500 __func__, atid->hwq_depth); 3501 3502 /* The TID state is kept behind the TXQ lock */ 3503 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3504 3505 atid->hwq_depth--; 3506 if (atid->hwq_depth < 0) 3507 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 3508 __func__, atid->hwq_depth); 3509 3510 /* 3511 * Punt cleanup to the relevant function, not our problem now 3512 */ 3513 if (atid->cleanup_inprogress) { 3514 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3515 ath_tx_comp_cleanup_aggr(sc, bf_first); 3516 return; 3517 } 3518 3519 /* 3520 * Take a copy; this may be needed -after- bf_first 3521 * has been completed and freed. 3522 */ 3523 ts = bf_first->bf_status.ds_txstat; 3524 /* 3525 * XXX for now, use the first frame in the aggregate for 3526 * XXX rate control completion; it's at least consistent. 3527 */ 3528 pktlen = bf_first->bf_state.bfs_pktlen; 3529 3530 /* 3531 * Handle errors first! 3532 * 3533 * Here, handle _any_ error as a "exceeded retries" error. 3534 * Later on (when filtered frames are to be specially handled) 3535 * it'll have to be expanded. 3536 */ 3537#if 0 3538 if (ts.ts_status & HAL_TXERR_XRETRY) { 3539#endif 3540 if (ts.ts_status != 0) { 3541 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3542 ath_tx_comp_aggr_error(sc, bf_first, atid); 3543 return; 3544 } 3545 3546 TAILQ_INIT(&bf_q); 3547 TAILQ_INIT(&bf_cq); 3548 tap = ath_tx_get_tx_tid(an, tid); 3549 3550 /* 3551 * extract starting sequence and block-ack bitmap 3552 */ 3553 /* XXX endian-ness of seq_st, ba? */ 3554 seq_st = ts.ts_seqnum; 3555 hasba = !! (ts.ts_flags & HAL_TX_BA); 3556 tx_ok = (ts.ts_status == 0); 3557 isaggr = bf_first->bf_state.bfs_aggr; 3558 ba[0] = ts.ts_ba_low; 3559 ba[1] = ts.ts_ba_high; 3560 3561 /* 3562 * Copy the TX completion status and the rate control 3563 * series from the first descriptor, as it may be freed 3564 * before the rate control code can get its grubby fingers 3565 * into things. 3566 */ 3567 memcpy(rc, bf_first->bf_state.bfs_rc, sizeof(rc)); 3568 3569 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3570 "%s: txa_start=%d, tx_ok=%d, status=%.8x, flags=%.8x, " 3571 "isaggr=%d, seq_st=%d, hasba=%d, ba=%.8x, %.8x\n", 3572 __func__, tap->txa_start, tx_ok, ts.ts_status, ts.ts_flags, 3573 isaggr, seq_st, hasba, ba[0], ba[1]); 3574 3575 /* Occasionally, the MAC sends a tx status for the wrong TID. */ 3576 if (tid != ts.ts_tid) { 3577 device_printf(sc->sc_dev, "%s: tid %d != hw tid %d\n", 3578 __func__, tid, ts.ts_tid); 3579 tx_ok = 0; 3580 } 3581 3582 /* AR5416 BA bug; this requires an interface reset */ 3583 if (isaggr && tx_ok && (! hasba)) { 3584 device_printf(sc->sc_dev, 3585 "%s: AR5416 bug: hasba=%d; txok=%d, isaggr=%d, " 3586 "seq_st=%d\n", 3587 __func__, hasba, tx_ok, isaggr, seq_st); 3588 /* XXX TODO: schedule an interface reset */ 3589#ifdef ATH_DEBUG 3590 ath_printtxbuf(sc, bf_first, 3591 sc->sc_ac2q[atid->ac]->axq_qnum, 0, 0); 3592#endif 3593 } 3594 3595 /* 3596 * Walk the list of frames, figure out which ones were correctly 3597 * sent and which weren't. 3598 */ 3599 bf = bf_first; 3600 nf = bf_first->bf_state.bfs_nframes; 3601 3602 /* bf_first is going to be invalid once this list is walked */ 3603 bf_first = NULL; 3604 3605 /* 3606 * Walk the list of completed frames and determine 3607 * which need to be completed and which need to be 3608 * retransmitted. 3609 * 3610 * For completed frames, the completion functions need 3611 * to be called at the end of this function as the last 3612 * node reference may free the node. 3613 * 3614 * Finally, since the TXQ lock can't be held during the 3615 * completion callback (to avoid lock recursion), 3616 * the completion calls have to be done outside of the 3617 * lock. 3618 */ 3619 while (bf) { 3620 nframes++; 3621 ba_index = ATH_BA_INDEX(seq_st, 3622 SEQNO(bf->bf_state.bfs_seqno)); 3623 bf_next = bf->bf_next; 3624 bf->bf_next = NULL; /* Remove it from the aggr list */ 3625 3626 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3627 "%s: checking bf=%p seqno=%d; ack=%d\n", 3628 __func__, bf, SEQNO(bf->bf_state.bfs_seqno), 3629 ATH_BA_ISSET(ba, ba_index)); 3630 3631 if (tx_ok && ATH_BA_ISSET(ba, ba_index)) { 3632 sc->sc_stats.ast_tx_aggr_ok++; 3633 ath_tx_update_baw(sc, an, atid, bf); 3634 bf->bf_state.bfs_dobaw = 0; 3635 if (! bf->bf_state.bfs_addedbaw) 3636 device_printf(sc->sc_dev, 3637 "%s: wasn't added: seqno %d\n", 3638 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3639 bf->bf_next = NULL; 3640 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3641 } else { 3642 sc->sc_stats.ast_tx_aggr_fail++; 3643 if (ath_tx_retry_subframe(sc, bf, &bf_q)) { 3644 drops++; 3645 bf->bf_next = NULL; 3646 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3647 } 3648 nbad++; 3649 } 3650 bf = bf_next; 3651 } 3652 3653 /* 3654 * Now that the BAW updates have been done, unlock 3655 * 3656 * txseq is grabbed before the lock is released so we 3657 * have a consistent view of what -was- in the BAW. 3658 * Anything after this point will not yet have been 3659 * TXed. 3660 */ 3661 txseq = tap->txa_start; 3662 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3663 3664 if (nframes != nf) 3665 device_printf(sc->sc_dev, 3666 "%s: num frames seen=%d; bf nframes=%d\n", 3667 __func__, nframes, nf); 3668 3669 /* 3670 * Now we know how many frames were bad, call the rate 3671 * control code. 3672 */ 3673 if (fail == 0) 3674 ath_tx_update_ratectrl(sc, ni, rc, &ts, pktlen, nframes, 3675 nbad); 3676 3677 /* 3678 * send bar if we dropped any frames 3679 */ 3680 if (drops) { 3681 /* Suspend the TX queue and get ready to send the BAR */ 3682 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3683 ath_tx_tid_bar_suspend(sc, atid); 3684 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3685 } 3686 3687 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3688 "%s: txa_start now %d\n", __func__, tap->txa_start); 3689 3690 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3691 3692 /* Prepend all frames to the beginning of the queue */ 3693 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) { 3694 TAILQ_REMOVE(&bf_q, bf, bf_list); 3695 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list); 3696 } 3697 3698 /* 3699 * Reschedule to grab some further frames. 3700 */ 3701 ath_tx_tid_sched(sc, atid); 3702 3703 /* 3704 * Send BAR if required 3705 */ 3706 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3707 ath_tx_tid_bar_tx(sc, atid); 3708 3709 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3710 3711 /* Do deferred completion */ 3712 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3713 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3714 ath_tx_default_comp(sc, bf, 0); 3715 } 3716} 3717 3718/* 3719 * Handle completion of unaggregated frames in an ADDBA 3720 * session. 3721 * 3722 * Fail is set to 1 if the entry is being freed via a call to 3723 * ath_tx_draintxq(). 3724 */ 3725static void 3726ath_tx_aggr_comp_unaggr(struct ath_softc *sc, struct ath_buf *bf, int fail) 3727{ 3728 struct ieee80211_node *ni = bf->bf_node; 3729 struct ath_node *an = ATH_NODE(ni); 3730 int tid = bf->bf_state.bfs_tid; 3731 struct ath_tid *atid = &an->an_tid[tid]; 3732 struct ath_tx_status *ts = &bf->bf_status.ds_txstat; 3733 3734 /* 3735 * Update rate control status here, before we possibly 3736 * punt to retry or cleanup. 3737 * 3738 * Do it outside of the TXQ lock. 3739 */ 3740 if (fail == 0 && ((bf->bf_state.bfs_txflags & HAL_TXDESC_NOACK) == 0)) 3741 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc, 3742 &bf->bf_status.ds_txstat, 3743 bf->bf_state.bfs_pktlen, 3744 1, (ts->ts_status == 0) ? 0 : 1); 3745 3746 /* 3747 * This is called early so atid->hwq_depth can be tracked. 3748 * This unfortunately means that it's released and regrabbed 3749 * during retry and cleanup. That's rather inefficient. 3750 */ 3751 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3752 3753 if (tid == IEEE80211_NONQOS_TID) 3754 device_printf(sc->sc_dev, "%s: TID=16!\n", __func__); 3755 3756 DPRINTF(sc, ATH_DEBUG_SW_TX, 3757 "%s: bf=%p: tid=%d, hwq_depth=%d, seqno=%d\n", 3758 __func__, bf, bf->bf_state.bfs_tid, atid->hwq_depth, 3759 SEQNO(bf->bf_state.bfs_seqno)); 3760 3761 atid->hwq_depth--; 3762 if (atid->hwq_depth < 0) 3763 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 3764 __func__, atid->hwq_depth); 3765 3766 /* 3767 * If a cleanup is in progress, punt to comp_cleanup; 3768 * rather than handling it here. It's thus their 3769 * responsibility to clean up, call the completion 3770 * function in net80211, etc. 3771 */ 3772 if (atid->cleanup_inprogress) { 3773 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3774 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: cleanup_unaggr\n", 3775 __func__); 3776 ath_tx_comp_cleanup_unaggr(sc, bf); 3777 return; 3778 } 3779 3780 /* 3781 * Don't bother with the retry check if all frames 3782 * are being failed (eg during queue deletion.) 3783 */ 3784#if 0 3785 if (fail == 0 && ts->ts_status & HAL_TXERR_XRETRY) { 3786#endif 3787 if (fail == 0 && ts->ts_status != 0) { 3788 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3789 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: retry_unaggr\n", 3790 __func__); 3791 ath_tx_aggr_retry_unaggr(sc, bf); 3792 return; 3793 } 3794 3795 /* Success? Complete */ 3796 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: TID=%d, seqno %d\n", 3797 __func__, tid, SEQNO(bf->bf_state.bfs_seqno)); 3798 if (bf->bf_state.bfs_dobaw) { 3799 ath_tx_update_baw(sc, an, atid, bf); 3800 bf->bf_state.bfs_dobaw = 0; 3801 if (! bf->bf_state.bfs_addedbaw) 3802 device_printf(sc->sc_dev, 3803 "%s: wasn't added: seqno %d\n", 3804 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3805 } 3806 3807 /* 3808 * Send BAR if required 3809 */ 3810 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3811 ath_tx_tid_bar_tx(sc, atid); 3812 3813 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3814 3815 ath_tx_default_comp(sc, bf, fail); 3816 /* bf is freed at this point */ 3817} 3818 3819void 3820ath_tx_aggr_comp(struct ath_softc *sc, struct ath_buf *bf, int fail) 3821{ 3822 if (bf->bf_state.bfs_aggr) 3823 ath_tx_aggr_comp_aggr(sc, bf, fail); 3824 else 3825 ath_tx_aggr_comp_unaggr(sc, bf, fail); 3826} 3827 3828/* 3829 * Schedule some packets from the given node/TID to the hardware. 3830 * 3831 * This is the aggregate version. 3832 */ 3833void 3834ath_tx_tid_hw_queue_aggr(struct ath_softc *sc, struct ath_node *an, 3835 struct ath_tid *tid) 3836{ 3837 struct ath_buf *bf; 3838 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 3839 struct ieee80211_tx_ampdu *tap; 3840 struct ieee80211_node *ni = &an->an_node; 3841 ATH_AGGR_STATUS status; 3842 ath_bufhead bf_q; 3843 3844 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d\n", __func__, tid->tid); 3845 ATH_TXQ_LOCK_ASSERT(txq); 3846 3847 tap = ath_tx_get_tx_tid(an, tid->tid); 3848 3849 if (tid->tid == IEEE80211_NONQOS_TID) 3850 device_printf(sc->sc_dev, "%s: called for TID=NONQOS_TID?\n", 3851 __func__); 3852 3853 for (;;) { 3854 status = ATH_AGGR_DONE; 3855 3856 /* 3857 * If the upper layer has paused the TID, don't 3858 * queue any further packets. 3859 * 3860 * This can also occur from the completion task because 3861 * of packet loss; but as its serialised with this code, 3862 * it won't "appear" half way through queuing packets. 3863 */ 3864 if (tid->paused) 3865 break; 3866 3867 bf = TAILQ_FIRST(&tid->axq_q); 3868 if (bf == NULL) { 3869 break; 3870 } 3871 3872 /* 3873 * If the packet doesn't fall within the BAW (eg a NULL 3874 * data frame), schedule it directly; continue. 3875 */ 3876 if (! bf->bf_state.bfs_dobaw) { 3877 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3878 "%s: non-baw packet\n", 3879 __func__); 3880 ATH_TXQ_REMOVE(tid, bf, bf_list); 3881 bf->bf_state.bfs_aggr = 0; 3882 ath_tx_do_ratelookup(sc, bf); 3883 ath_tx_calc_duration(sc, bf); 3884 ath_tx_calc_protection(sc, bf); 3885 ath_tx_set_rtscts(sc, bf); 3886 ath_tx_rate_fill_rcflags(sc, bf); 3887 ath_tx_setds(sc, bf); 3888 ath_tx_chaindesclist(sc, bf); 3889 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3890 ath_tx_set_ratectrl(sc, ni, bf); 3891 3892 sc->sc_aggr_stats.aggr_nonbaw_pkt++; 3893 3894 /* Queue the packet; continue */ 3895 goto queuepkt; 3896 } 3897 3898 TAILQ_INIT(&bf_q); 3899 3900 /* 3901 * Do a rate control lookup on the first frame in the 3902 * list. The rate control code needs that to occur 3903 * before it can determine whether to TX. 3904 * It's inaccurate because the rate control code doesn't 3905 * really "do" aggregate lookups, so it only considers 3906 * the size of the first frame. 3907 */ 3908 ath_tx_do_ratelookup(sc, bf); 3909 bf->bf_state.bfs_rc[3].rix = 0; 3910 bf->bf_state.bfs_rc[3].tries = 0; 3911 3912 ath_tx_calc_duration(sc, bf); 3913 ath_tx_calc_protection(sc, bf); 3914 3915 ath_tx_set_rtscts(sc, bf); 3916 ath_tx_rate_fill_rcflags(sc, bf); 3917 3918 status = ath_tx_form_aggr(sc, an, tid, &bf_q); 3919 3920 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3921 "%s: ath_tx_form_aggr() status=%d\n", __func__, status); 3922 3923 /* 3924 * No frames to be picked up - out of BAW 3925 */ 3926 if (TAILQ_EMPTY(&bf_q)) 3927 break; 3928 3929 /* 3930 * This assumes that the descriptor list in the ath_bufhead 3931 * are already linked together via bf_next pointers. 3932 */ 3933 bf = TAILQ_FIRST(&bf_q); 3934 3935 if (status == ATH_AGGR_8K_LIMITED) 3936 sc->sc_aggr_stats.aggr_rts_aggr_limited++; 3937 3938 /* 3939 * If it's the only frame send as non-aggregate 3940 * assume that ath_tx_form_aggr() has checked 3941 * whether it's in the BAW and added it appropriately. 3942 */ 3943 if (bf->bf_state.bfs_nframes == 1) { 3944 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3945 "%s: single-frame aggregate\n", __func__); 3946 bf->bf_state.bfs_aggr = 0; 3947 ath_tx_setds(sc, bf); 3948 ath_tx_chaindesclist(sc, bf); 3949 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3950 ath_tx_set_ratectrl(sc, ni, bf); 3951 if (status == ATH_AGGR_BAW_CLOSED) 3952 sc->sc_aggr_stats.aggr_baw_closed_single_pkt++; 3953 else 3954 sc->sc_aggr_stats.aggr_single_pkt++; 3955 } else { 3956 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3957 "%s: multi-frame aggregate: %d frames, " 3958 "length %d\n", 3959 __func__, bf->bf_state.bfs_nframes, 3960 bf->bf_state.bfs_al); 3961 bf->bf_state.bfs_aggr = 1; 3962 sc->sc_aggr_stats.aggr_pkts[bf->bf_state.bfs_nframes]++; 3963 sc->sc_aggr_stats.aggr_aggr_pkt++; 3964 3965 /* 3966 * Calculate the duration/protection as required. 3967 */ 3968 ath_tx_calc_duration(sc, bf); 3969 ath_tx_calc_protection(sc, bf); 3970 3971 /* 3972 * Update the rate and rtscts information based on the 3973 * rate decision made by the rate control code; 3974 * the first frame in the aggregate needs it. 3975 */ 3976 ath_tx_set_rtscts(sc, bf); 3977 3978 /* 3979 * Setup the relevant descriptor fields 3980 * for aggregation. The first descriptor 3981 * already points to the rest in the chain. 3982 */ 3983 ath_tx_setds_11n(sc, bf); 3984 3985 /* 3986 * setup first desc with rate and aggr info 3987 */ 3988 ath_tx_set_ratectrl(sc, ni, bf); 3989 } 3990 queuepkt: 3991 //txq = bf->bf_state.bfs_txq; 3992 3993 /* Set completion handler, multi-frame aggregate or not */ 3994 bf->bf_comp = ath_tx_aggr_comp; 3995 3996 if (bf->bf_state.bfs_tid == IEEE80211_NONQOS_TID) 3997 device_printf(sc->sc_dev, "%s: TID=16?\n", __func__); 3998 3999 /* Punt to txq */ 4000 ath_tx_handoff(sc, txq, bf); 4001 4002 /* Track outstanding buffer count to hardware */ 4003 /* aggregates are "one" buffer */ 4004 tid->hwq_depth++; 4005 4006 /* 4007 * Break out if ath_tx_form_aggr() indicated 4008 * there can't be any further progress (eg BAW is full.) 4009 * Checking for an empty txq is done above. 4010 * 4011 * XXX locking on txq here? 4012 */ 4013 if (txq->axq_aggr_depth >= sc->sc_hwq_limit || 4014 status == ATH_AGGR_BAW_CLOSED) 4015 break; 4016 } 4017} 4018 4019/* 4020 * Schedule some packets from the given node/TID to the hardware. 4021 */ 4022void 4023ath_tx_tid_hw_queue_norm(struct ath_softc *sc, struct ath_node *an, 4024 struct ath_tid *tid) 4025{ 4026 struct ath_buf *bf; 4027 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 4028 struct ieee80211_node *ni = &an->an_node; 4029 4030 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: node %p: TID %d: called\n", 4031 __func__, an, tid->tid); 4032 4033 ATH_TXQ_LOCK_ASSERT(txq); 4034 4035 /* Check - is AMPDU pending or running? then print out something */ 4036 if (ath_tx_ampdu_pending(sc, an, tid->tid)) 4037 device_printf(sc->sc_dev, "%s: tid=%d, ampdu pending?\n", 4038 __func__, tid->tid); 4039 if (ath_tx_ampdu_running(sc, an, tid->tid)) 4040 device_printf(sc->sc_dev, "%s: tid=%d, ampdu running?\n", 4041 __func__, tid->tid); 4042 4043 for (;;) { 4044 4045 /* 4046 * If the upper layers have paused the TID, don't 4047 * queue any further packets. 4048 */ 4049 if (tid->paused) 4050 break; 4051 4052 bf = TAILQ_FIRST(&tid->axq_q); 4053 if (bf == NULL) { 4054 break; 4055 } 4056 4057 ATH_TXQ_REMOVE(tid, bf, bf_list); 4058 4059 KASSERT(txq == bf->bf_state.bfs_txq, ("txqs not equal!\n")); 4060 4061 /* Sanity check! */ 4062 if (tid->tid != bf->bf_state.bfs_tid) { 4063 device_printf(sc->sc_dev, "%s: bfs_tid %d !=" 4064 " tid %d\n", 4065 __func__, bf->bf_state.bfs_tid, tid->tid); 4066 } 4067 /* Normal completion handler */ 4068 bf->bf_comp = ath_tx_normal_comp; 4069 4070 /* Program descriptors + rate control */ 4071 ath_tx_do_ratelookup(sc, bf); 4072 ath_tx_calc_duration(sc, bf); 4073 ath_tx_calc_protection(sc, bf); 4074 ath_tx_set_rtscts(sc, bf); 4075 ath_tx_rate_fill_rcflags(sc, bf); 4076 ath_tx_setds(sc, bf); 4077 ath_tx_chaindesclist(sc, bf); 4078 ath_tx_set_ratectrl(sc, ni, bf); 4079 4080 /* Track outstanding buffer count to hardware */ 4081 /* aggregates are "one" buffer */ 4082 tid->hwq_depth++; 4083 4084 /* Punt to hardware or software txq */ 4085 ath_tx_handoff(sc, txq, bf); 4086 } 4087} 4088 4089/* 4090 * Schedule some packets to the given hardware queue. 4091 * 4092 * This function walks the list of TIDs (ie, ath_node TIDs 4093 * with queued traffic) and attempts to schedule traffic 4094 * from them. 4095 * 4096 * TID scheduling is implemented as a FIFO, with TIDs being 4097 * added to the end of the queue after some frames have been 4098 * scheduled. 4099 */ 4100void 4101ath_txq_sched(struct ath_softc *sc, struct ath_txq *txq) 4102{ 4103 struct ath_tid *tid, *next, *last; 4104 4105 ATH_TXQ_LOCK_ASSERT(txq); 4106 4107 /* 4108 * Don't schedule if the hardware queue is busy. 4109 * This (hopefully) gives some more time to aggregate 4110 * some packets in the aggregation queue. 4111 */ 4112 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) { 4113 sc->sc_aggr_stats.aggr_sched_nopkt++; 4114 return; 4115 } 4116 4117 last = TAILQ_LAST(&txq->axq_tidq, axq_t_s); 4118 4119 TAILQ_FOREACH_SAFE(tid, &txq->axq_tidq, axq_qelem, next) { 4120 /* 4121 * Suspend paused queues here; they'll be resumed 4122 * once the addba completes or times out. 4123 */ 4124 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, paused=%d\n", 4125 __func__, tid->tid, tid->paused); 4126 ath_tx_tid_unsched(sc, tid); 4127 if (tid->paused) { 4128 continue; 4129 } 4130 if (ath_tx_ampdu_running(sc, tid->an, tid->tid)) 4131 ath_tx_tid_hw_queue_aggr(sc, tid->an, tid); 4132 else 4133 ath_tx_tid_hw_queue_norm(sc, tid->an, tid); 4134 4135 /* Not empty? Re-schedule */ 4136 if (tid->axq_depth != 0) 4137 ath_tx_tid_sched(sc, tid); 4138 4139 /* Give the software queue time to aggregate more packets */ 4140 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) { 4141 break; 4142 } 4143 4144 /* 4145 * If this was the last entry on the original list, stop. 4146 * Otherwise nodes that have been rescheduled onto the end 4147 * of the TID FIFO list will just keep being rescheduled. 4148 */ 4149 if (tid == last) 4150 break; 4151 } 4152} 4153 4154/* 4155 * TX addba handling 4156 */ 4157 4158/* 4159 * Return net80211 TID struct pointer, or NULL for none 4160 */ 4161struct ieee80211_tx_ampdu * 4162ath_tx_get_tx_tid(struct ath_node *an, int tid) 4163{ 4164 struct ieee80211_node *ni = &an->an_node; 4165 struct ieee80211_tx_ampdu *tap; 4166 4167 if (tid == IEEE80211_NONQOS_TID) 4168 return NULL; 4169 4170 tap = &ni->ni_tx_ampdu[tid]; 4171 return tap; 4172} 4173 4174/* 4175 * Is AMPDU-TX running? 4176 */ 4177static int 4178ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, int tid) 4179{ 4180 struct ieee80211_tx_ampdu *tap; 4181 4182 if (tid == IEEE80211_NONQOS_TID) 4183 return 0; 4184 4185 tap = ath_tx_get_tx_tid(an, tid); 4186 if (tap == NULL) 4187 return 0; /* Not valid; default to not running */ 4188 4189 return !! (tap->txa_flags & IEEE80211_AGGR_RUNNING); 4190} 4191 4192/* 4193 * Is AMPDU-TX negotiation pending? 4194 */ 4195static int 4196ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, int tid) 4197{ 4198 struct ieee80211_tx_ampdu *tap; 4199 4200 if (tid == IEEE80211_NONQOS_TID) 4201 return 0; 4202 4203 tap = ath_tx_get_tx_tid(an, tid); 4204 if (tap == NULL) 4205 return 0; /* Not valid; default to not pending */ 4206 4207 return !! (tap->txa_flags & IEEE80211_AGGR_XCHGPEND); 4208} 4209 4210/* 4211 * Is AMPDU-TX pending for the given TID? 4212 */ 4213 4214 4215/* 4216 * Method to handle sending an ADDBA request. 4217 * 4218 * We tap this so the relevant flags can be set to pause the TID 4219 * whilst waiting for the response. 4220 * 4221 * XXX there's no timeout handler we can override? 4222 */ 4223int 4224ath_addba_request(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4225 int dialogtoken, int baparamset, int batimeout) 4226{ 4227 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4228 int tid = tap->txa_tid; 4229 struct ath_node *an = ATH_NODE(ni); 4230 struct ath_tid *atid = &an->an_tid[tid]; 4231 4232 /* 4233 * XXX danger Will Robinson! 4234 * 4235 * Although the taskqueue may be running and scheduling some more 4236 * packets, these should all be _before_ the addba sequence number. 4237 * However, net80211 will keep self-assigning sequence numbers 4238 * until addba has been negotiated. 4239 * 4240 * In the past, these packets would be "paused" (which still works 4241 * fine, as they're being scheduled to the driver in the same 4242 * serialised method which is calling the addba request routine) 4243 * and when the aggregation session begins, they'll be dequeued 4244 * as aggregate packets and added to the BAW. However, now there's 4245 * a "bf->bf_state.bfs_dobaw" flag, and this isn't set for these 4246 * packets. Thus they never get included in the BAW tracking and 4247 * this can cause the initial burst of packets after the addba 4248 * negotiation to "hang", as they quickly fall outside the BAW. 4249 * 4250 * The "eventual" solution should be to tag these packets with 4251 * dobaw. Although net80211 has given us a sequence number, 4252 * it'll be "after" the left edge of the BAW and thus it'll 4253 * fall within it. 4254 */ 4255 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4256 /* 4257 * This is a bit annoying. Until net80211 HT code inherits some 4258 * (any) locking, we may have this called in parallel BUT only 4259 * one response/timeout will be called. Grr. 4260 */ 4261 if (atid->addba_tx_pending == 0) { 4262 ath_tx_tid_pause(sc, atid); 4263 atid->addba_tx_pending = 1; 4264 } 4265 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4266 4267 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4268 "%s: called; dialogtoken=%d, baparamset=%d, batimeout=%d\n", 4269 __func__, dialogtoken, baparamset, batimeout); 4270 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4271 "%s: txa_start=%d, ni_txseqs=%d\n", 4272 __func__, tap->txa_start, ni->ni_txseqs[tid]); 4273 4274 return sc->sc_addba_request(ni, tap, dialogtoken, baparamset, 4275 batimeout); 4276} 4277 4278/* 4279 * Handle an ADDBA response. 4280 * 4281 * We unpause the queue so TX'ing can resume. 4282 * 4283 * Any packets TX'ed from this point should be "aggregate" (whether 4284 * aggregate or not) so the BAW is updated. 4285 * 4286 * Note! net80211 keeps self-assigning sequence numbers until 4287 * ampdu is negotiated. This means the initially-negotiated BAW left 4288 * edge won't match the ni->ni_txseq. 4289 * 4290 * So, being very dirty, the BAW left edge is "slid" here to match 4291 * ni->ni_txseq. 4292 * 4293 * What likely SHOULD happen is that all packets subsequent to the 4294 * addba request should be tagged as aggregate and queued as non-aggregate 4295 * frames; thus updating the BAW. For now though, I'll just slide the 4296 * window. 4297 */ 4298int 4299ath_addba_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4300 int status, int code, int batimeout) 4301{ 4302 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4303 int tid = tap->txa_tid; 4304 struct ath_node *an = ATH_NODE(ni); 4305 struct ath_tid *atid = &an->an_tid[tid]; 4306 int r; 4307 4308 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4309 "%s: called; status=%d, code=%d, batimeout=%d\n", __func__, 4310 status, code, batimeout); 4311 4312 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4313 "%s: txa_start=%d, ni_txseqs=%d\n", 4314 __func__, tap->txa_start, ni->ni_txseqs[tid]); 4315 4316 /* 4317 * Call this first, so the interface flags get updated 4318 * before the TID is unpaused. Otherwise a race condition 4319 * exists where the unpaused TID still doesn't yet have 4320 * IEEE80211_AGGR_RUNNING set. 4321 */ 4322 r = sc->sc_addba_response(ni, tap, status, code, batimeout); 4323 4324 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4325 atid->addba_tx_pending = 0; 4326 /* 4327 * XXX dirty! 4328 * Slide the BAW left edge to wherever net80211 left it for us. 4329 * Read above for more information. 4330 */ 4331 tap->txa_start = ni->ni_txseqs[tid]; 4332 ath_tx_tid_resume(sc, atid); 4333 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4334 return r; 4335} 4336 4337 4338/* 4339 * Stop ADDBA on a queue. 4340 * 4341 * This can be called whilst BAR TX is currently active on the queue, 4342 * so make sure this is unblocked before continuing. 4343 */ 4344void 4345ath_addba_stop(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 4346{ 4347 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4348 int tid = tap->txa_tid; 4349 struct ath_node *an = ATH_NODE(ni); 4350 struct ath_tid *atid = &an->an_tid[tid]; 4351 4352 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: called\n", __func__); 4353 4354 /* 4355 * Pause TID traffic early, so there aren't any races 4356 * Unblock the pending BAR held traffic, if it's currently paused. 4357 */ 4358 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4359 ath_tx_tid_pause(sc, atid); 4360 if (atid->bar_wait) { 4361 /* 4362 * bar_unsuspend() expects bar_tx == 1, as it should be 4363 * called from the TX completion path. This quietens 4364 * the warning. It's cleared for us anyway. 4365 */ 4366 atid->bar_tx = 1; 4367 ath_tx_tid_bar_unsuspend(sc, atid); 4368 } 4369 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4370 4371 /* There's no need to hold the TXQ lock here */ 4372 sc->sc_addba_stop(ni, tap); 4373 4374 /* 4375 * ath_tx_tid_cleanup will resume the TID if possible, otherwise 4376 * it'll set the cleanup flag, and it'll be unpaused once 4377 * things have been cleaned up. 4378 */ 4379 ath_tx_tid_cleanup(sc, an, tid); 4380} 4381 4382/* 4383 * Note: net80211 bar_timeout() doesn't call this function on BAR failure; 4384 * it simply tears down the aggregation session. Ew. 4385 * 4386 * It however will call ieee80211_ampdu_stop() which will call 4387 * ic->ic_addba_stop(). 4388 * 4389 * XXX This uses a hard-coded max BAR count value; the whole 4390 * XXX BAR TX success or failure should be better handled! 4391 */ 4392void 4393ath_bar_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4394 int status) 4395{ 4396 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4397 int tid = tap->txa_tid; 4398 struct ath_node *an = ATH_NODE(ni); 4399 struct ath_tid *atid = &an->an_tid[tid]; 4400 int attempts = tap->txa_attempts; 4401 4402 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 4403 "%s: called; tap=%p, atid=%p, txa_tid=%d, atid->tid=%d, status=%d, attempts=%d\n", 4404 __func__, 4405 tap, 4406 atid, 4407 tap->txa_tid, 4408 atid->tid, 4409 status, 4410 attempts); 4411 4412 /* Note: This may update the BAW details */ 4413 sc->sc_bar_response(ni, tap, status); 4414 4415 /* Unpause the TID */ 4416 /* 4417 * XXX if this is attempt=50, the TID will be downgraded 4418 * XXX to a non-aggregate session. So we must unpause the 4419 * XXX TID here or it'll never be done. 4420 */ 4421 if (status == 0 || attempts == 50) { 4422 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4423 ath_tx_tid_bar_unsuspend(sc, atid); 4424 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4425 } 4426} 4427 4428/* 4429 * This is called whenever the pending ADDBA request times out. 4430 * Unpause and reschedule the TID. 4431 */ 4432void 4433ath_addba_response_timeout(struct ieee80211_node *ni, 4434 struct ieee80211_tx_ampdu *tap) 4435{ 4436 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4437 int tid = tap->txa_tid; 4438 struct ath_node *an = ATH_NODE(ni); 4439 struct ath_tid *atid = &an->an_tid[tid]; 4440 4441 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4442 "%s: called; resuming\n", __func__); 4443 4444 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4445 atid->addba_tx_pending = 0; 4446 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4447 4448 /* Note: This updates the aggregate state to (again) pending */ 4449 sc->sc_addba_response_timeout(ni, tap); 4450 4451 /* Unpause the TID; which reschedules it */ 4452 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4453 ath_tx_tid_resume(sc, atid); 4454 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4455} 4456