if_ath_tx.c revision 236877
150472Speter/*- 228263Spst * Copyright (c) 2002-2009 Sam Leffler, Errno Consulting 3183242Ssam * All rights reserved. 4183242Ssam * 5100316Sru * Redistribution and use in source and binary forms, with or without 628263Spst * modification, are permitted provided that the following conditions 728263Spst * are met: 828263Spst * 1. Redistributions of source code must retain the above copyright 928263Spst * notice, this list of conditions and the following disclaimer, 1028263Spst * without modification. 11249095Smav * 2. Redistributions in binary form must reproduce at minimum a disclaimer 12154652Smaxim * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any 13156215Sbrueffer * redistribution must be conditioned upon including a substantially 14156215Sbrueffer * similar Disclaimer requirement for further binary redistribution. 15156215Sbrueffer * 1628263Spst * NO WARRANTY 1728263Spst * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 1828263Spst * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 1928263Spst * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY 20183242Ssam * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL 21183242Ssam * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, 22183242Ssam * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23183242Ssam * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24183242Ssam * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 25183242Ssam * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26183242Ssam * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 27183242Ssam * THE POSSIBILITY OF SUCH DAMAGES. 28183242Ssam */ 29183242Ssam 30183242Ssam#include <sys/cdefs.h> 31183242Ssam__FBSDID("$FreeBSD: head/sys/dev/ath/if_ath_tx.c 236877 2012-06-11 07:29:25Z adrian $"); 32183242Ssam 33183242Ssam/* 34183242Ssam * Driver for the Atheros Wireless LAN controller. 35183242Ssam * 36183242Ssam * This software is derived from work of Atsushi Onoe; his contribution 37183242Ssam * is greatly appreciated. 38183242Ssam */ 39183242Ssam 40183242Ssam#include "opt_inet.h" 41183242Ssam#include "opt_ath.h" 42211142Solli#include "opt_wlan.h" 43244484Sbapt 44244484Sbapt#include <sys/param.h> 45211142Solli#include <sys/systm.h> 46211142Solli#include <sys/sysctl.h> 47183242Ssam#include <sys/mbuf.h> 48183242Ssam#include <sys/malloc.h> 49183242Ssam#include <sys/lock.h> 50183242Ssam#include <sys/mutex.h> 51183242Ssam#include <sys/kernel.h> 52183242Ssam#include <sys/socket.h> 53183242Ssam#include <sys/sockio.h> 54183242Ssam#include <sys/errno.h> 55183242Ssam#include <sys/callout.h> 56183242Ssam#include <sys/bus.h> 57183242Ssam#include <sys/endian.h> 58183242Ssam#include <sys/kthread.h> 59183242Ssam#include <sys/taskqueue.h> 60209250Snetchild#include <sys/priv.h> 61209250Snetchild 62209250Snetchild#include <machine/bus.h> 63209250Snetchild 64209250Snetchild#include <net/if.h> 6528263Spst#include <net/if_dl.h> 66#include <net/if_media.h> 67#include <net/if_types.h> 68#include <net/if_arp.h> 69#include <net/ethernet.h> 70#include <net/if_llc.h> 71 72#include <net80211/ieee80211_var.h> 73#include <net80211/ieee80211_regdomain.h> 74#ifdef IEEE80211_SUPPORT_SUPERG 75#include <net80211/ieee80211_superg.h> 76#endif 77#ifdef IEEE80211_SUPPORT_TDMA 78#include <net80211/ieee80211_tdma.h> 79#endif 80#include <net80211/ieee80211_ht.h> 81 82#include <net/bpf.h> 83 84#ifdef INET 85#include <netinet/in.h> 86#include <netinet/if_ether.h> 87#endif 88 89#include <dev/ath/if_athvar.h> 90#include <dev/ath/ath_hal/ah_devid.h> /* XXX for softled */ 91#include <dev/ath/ath_hal/ah_diagcodes.h> 92 93#include <dev/ath/if_ath_debug.h> 94 95#ifdef ATH_TX99_DIAG 96#include <dev/ath/ath_tx99/ath_tx99.h> 97#endif 98 99#include <dev/ath/if_ath_misc.h> 100#include <dev/ath/if_ath_tx.h> 101#include <dev/ath/if_ath_tx_ht.h> 102 103/* 104 * How many retries to perform in software 105 */ 106#define SWMAX_RETRIES 10 107 108static int ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, 109 int tid); 110static int ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, 111 int tid); 112static ieee80211_seq ath_tx_tid_seqno_assign(struct ath_softc *sc, 113 struct ieee80211_node *ni, struct ath_buf *bf, struct mbuf *m0); 114static int ath_tx_action_frame_override_queue(struct ath_softc *sc, 115 struct ieee80211_node *ni, struct mbuf *m0, int *tid); 116 117/* 118 * Whether to use the 11n rate scenario functions or not 119 */ 120static inline int 121ath_tx_is_11n(struct ath_softc *sc) 122{ 123 return (sc->sc_ah->ah_magic == 0x20065416); 124} 125 126/* 127 * Obtain the current TID from the given frame. 128 * 129 * Non-QoS frames need to go into TID 16 (IEEE80211_NONQOS_TID.) 130 * This has implications for which AC/priority the packet is placed 131 * in. 132 */ 133static int 134ath_tx_gettid(struct ath_softc *sc, const struct mbuf *m0) 135{ 136 const struct ieee80211_frame *wh; 137 int pri = M_WME_GETAC(m0); 138 139 wh = mtod(m0, const struct ieee80211_frame *); 140 if (! IEEE80211_QOS_HAS_SEQ(wh)) 141 return IEEE80211_NONQOS_TID; 142 else 143 return WME_AC_TO_TID(pri); 144} 145 146/* 147 * Determine what the correct AC queue for the given frame 148 * should be. 149 * 150 * This code assumes that the TIDs map consistently to 151 * the underlying hardware (or software) ath_txq. 152 * Since the sender may try to set an AC which is 153 * arbitrary, non-QoS TIDs may end up being put on 154 * completely different ACs. There's no way to put a 155 * TID into multiple ath_txq's for scheduling, so 156 * for now we override the AC/TXQ selection and set 157 * non-QOS TID frames into the BE queue. 158 * 159 * This may be completely incorrect - specifically, 160 * some management frames may end up out of order 161 * compared to the QoS traffic they're controlling. 162 * I'll look into this later. 163 */ 164static int 165ath_tx_getac(struct ath_softc *sc, const struct mbuf *m0) 166{ 167 const struct ieee80211_frame *wh; 168 int pri = M_WME_GETAC(m0); 169 wh = mtod(m0, const struct ieee80211_frame *); 170 if (IEEE80211_QOS_HAS_SEQ(wh)) 171 return pri; 172 173 return WME_AC_BE; 174} 175 176void 177ath_txfrag_cleanup(struct ath_softc *sc, 178 ath_bufhead *frags, struct ieee80211_node *ni) 179{ 180 struct ath_buf *bf, *next; 181 182 ATH_TXBUF_LOCK_ASSERT(sc); 183 184 TAILQ_FOREACH_SAFE(bf, frags, bf_list, next) { 185 /* NB: bf assumed clean */ 186 TAILQ_REMOVE(frags, bf, bf_list); 187 TAILQ_INSERT_HEAD(&sc->sc_txbuf, bf, bf_list); 188 ieee80211_node_decref(ni); 189 } 190} 191 192/* 193 * Setup xmit of a fragmented frame. Allocate a buffer 194 * for each frag and bump the node reference count to 195 * reflect the held reference to be setup by ath_tx_start. 196 */ 197int 198ath_txfrag_setup(struct ath_softc *sc, ath_bufhead *frags, 199 struct mbuf *m0, struct ieee80211_node *ni) 200{ 201 struct mbuf *m; 202 struct ath_buf *bf; 203 204 ATH_TXBUF_LOCK(sc); 205 for (m = m0->m_nextpkt; m != NULL; m = m->m_nextpkt) { 206 bf = _ath_getbuf_locked(sc); 207 if (bf == NULL) { /* out of buffers, cleanup */ 208 device_printf(sc->sc_dev, "%s: no buffer?\n", 209 __func__); 210 ath_txfrag_cleanup(sc, frags, ni); 211 break; 212 } 213 ieee80211_node_incref(ni); 214 TAILQ_INSERT_TAIL(frags, bf, bf_list); 215 } 216 ATH_TXBUF_UNLOCK(sc); 217 218 return !TAILQ_EMPTY(frags); 219} 220 221/* 222 * Reclaim mbuf resources. For fragmented frames we 223 * need to claim each frag chained with m_nextpkt. 224 */ 225void 226ath_freetx(struct mbuf *m) 227{ 228 struct mbuf *next; 229 230 do { 231 next = m->m_nextpkt; 232 m->m_nextpkt = NULL; 233 m_freem(m); 234 } while ((m = next) != NULL); 235} 236 237static int 238ath_tx_dmasetup(struct ath_softc *sc, struct ath_buf *bf, struct mbuf *m0) 239{ 240 struct mbuf *m; 241 int error; 242 243 /* 244 * Load the DMA map so any coalescing is done. This 245 * also calculates the number of descriptors we need. 246 */ 247 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 248 bf->bf_segs, &bf->bf_nseg, 249 BUS_DMA_NOWAIT); 250 if (error == EFBIG) { 251 /* XXX packet requires too many descriptors */ 252 bf->bf_nseg = ATH_TXDESC+1; 253 } else if (error != 0) { 254 sc->sc_stats.ast_tx_busdma++; 255 ath_freetx(m0); 256 return error; 257 } 258 /* 259 * Discard null packets and check for packets that 260 * require too many TX descriptors. We try to convert 261 * the latter to a cluster. 262 */ 263 if (bf->bf_nseg > ATH_TXDESC) { /* too many desc's, linearize */ 264 sc->sc_stats.ast_tx_linear++; 265 m = m_collapse(m0, M_DONTWAIT, ATH_TXDESC); 266 if (m == NULL) { 267 ath_freetx(m0); 268 sc->sc_stats.ast_tx_nombuf++; 269 return ENOMEM; 270 } 271 m0 = m; 272 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat, bf->bf_dmamap, m0, 273 bf->bf_segs, &bf->bf_nseg, 274 BUS_DMA_NOWAIT); 275 if (error != 0) { 276 sc->sc_stats.ast_tx_busdma++; 277 ath_freetx(m0); 278 return error; 279 } 280 KASSERT(bf->bf_nseg <= ATH_TXDESC, 281 ("too many segments after defrag; nseg %u", bf->bf_nseg)); 282 } else if (bf->bf_nseg == 0) { /* null packet, discard */ 283 sc->sc_stats.ast_tx_nodata++; 284 ath_freetx(m0); 285 return EIO; 286 } 287 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: m %p len %u\n", 288 __func__, m0, m0->m_pkthdr.len); 289 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, BUS_DMASYNC_PREWRITE); 290 bf->bf_m = m0; 291 292 return 0; 293} 294 295/* 296 * Chain together segments+descriptors for a non-11n frame. 297 */ 298static void 299ath_tx_chaindesclist(struct ath_softc *sc, struct ath_buf *bf) 300{ 301 struct ath_hal *ah = sc->sc_ah; 302 struct ath_desc *ds, *ds0; 303 int i; 304 305 /* 306 * Fillin the remainder of the descriptor info. 307 */ 308 ds0 = ds = bf->bf_desc; 309 for (i = 0; i < bf->bf_nseg; i++, ds++) { 310 ds->ds_data = bf->bf_segs[i].ds_addr; 311 if (i == bf->bf_nseg - 1) 312 ds->ds_link = 0; 313 else 314 ds->ds_link = bf->bf_daddr + sizeof(*ds) * (i + 1); 315 ath_hal_filltxdesc(ah, ds 316 , bf->bf_segs[i].ds_len /* segment length */ 317 , i == 0 /* first segment */ 318 , i == bf->bf_nseg - 1 /* last segment */ 319 , ds0 /* first descriptor */ 320 ); 321 DPRINTF(sc, ATH_DEBUG_XMIT, 322 "%s: %d: %08x %08x %08x %08x %08x %08x\n", 323 __func__, i, ds->ds_link, ds->ds_data, 324 ds->ds_ctl0, ds->ds_ctl1, ds->ds_hw[0], ds->ds_hw[1]); 325 bf->bf_lastds = ds; 326 } 327 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, BUS_DMASYNC_PREWRITE); 328} 329 330/* 331 * Fill in the descriptor list for a aggregate subframe. 332 * 333 * The subframe is returned with the ds_link field in the last subframe 334 * pointing to 0. 335 */ 336static void 337ath_tx_chaindesclist_subframe(struct ath_softc *sc, struct ath_buf *bf) 338{ 339 struct ath_hal *ah = sc->sc_ah; 340 struct ath_desc *ds, *ds0; 341 int i; 342 343 ds0 = ds = bf->bf_desc; 344 345 /* 346 * There's no need to call ath_hal_setupfirsttxdesc here; 347 * That's only going to occur for the first frame in an aggregate. 348 */ 349 for (i = 0; i < bf->bf_nseg; i++, ds++) { 350 ds->ds_data = bf->bf_segs[i].ds_addr; 351 if (i == bf->bf_nseg - 1) 352 ds->ds_link = 0; 353 else 354 ds->ds_link = bf->bf_daddr + sizeof(*ds) * (i + 1); 355 356 /* 357 * This performs the setup for an aggregate frame. 358 * This includes enabling the aggregate flags if needed. 359 */ 360 ath_hal_chaintxdesc(ah, ds, 361 bf->bf_state.bfs_pktlen, 362 bf->bf_state.bfs_hdrlen, 363 HAL_PKT_TYPE_AMPDU, /* forces aggregate bits to be set */ 364 bf->bf_state.bfs_keyix, 365 0, /* cipher, calculated from keyix */ 366 bf->bf_state.bfs_ndelim, 367 bf->bf_segs[i].ds_len, /* segment length */ 368 i == 0, /* first segment */ 369 i == bf->bf_nseg - 1, /* last segment */ 370 bf->bf_next == NULL /* last sub-frame in aggr */ 371 ); 372 373 DPRINTF(sc, ATH_DEBUG_XMIT, 374 "%s: %d: %08x %08x %08x %08x %08x %08x\n", 375 __func__, i, ds->ds_link, ds->ds_data, 376 ds->ds_ctl0, ds->ds_ctl1, ds->ds_hw[0], ds->ds_hw[1]); 377 bf->bf_lastds = ds; 378 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, 379 BUS_DMASYNC_PREWRITE); 380 } 381} 382 383/* 384 * Setup segments+descriptors for an 11n aggregate. 385 * bf_first is the first buffer in the aggregate. 386 * The descriptor list must already been linked together using 387 * bf->bf_next. 388 */ 389static void 390ath_tx_setds_11n(struct ath_softc *sc, struct ath_buf *bf_first) 391{ 392 struct ath_buf *bf, *bf_prev = NULL; 393 394 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: nframes=%d, al=%d\n", 395 __func__, bf_first->bf_state.bfs_nframes, 396 bf_first->bf_state.bfs_al); 397 398 /* 399 * Setup all descriptors of all subframes. 400 */ 401 bf = bf_first; 402 while (bf != NULL) { 403 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 404 "%s: bf=%p, nseg=%d, pktlen=%d, seqno=%d\n", 405 __func__, bf, bf->bf_nseg, bf->bf_state.bfs_pktlen, 406 SEQNO(bf->bf_state.bfs_seqno)); 407 408 /* Sub-frame setup */ 409 ath_tx_chaindesclist_subframe(sc, bf); 410 411 /* 412 * Link the last descriptor of the previous frame 413 * to the beginning descriptor of this frame. 414 */ 415 if (bf_prev != NULL) 416 bf_prev->bf_lastds->ds_link = bf->bf_daddr; 417 418 /* Save a copy so we can link the next descriptor in */ 419 bf_prev = bf; 420 bf = bf->bf_next; 421 } 422 423 /* 424 * Setup first descriptor of first frame. 425 * chaintxdesc() overwrites the descriptor entries; 426 * setupfirsttxdesc() merges in things. 427 * Otherwise various fields aren't set correctly (eg flags). 428 */ 429 ath_hal_setupfirsttxdesc(sc->sc_ah, 430 bf_first->bf_desc, 431 bf_first->bf_state.bfs_al, 432 bf_first->bf_state.bfs_txflags | HAL_TXDESC_INTREQ, 433 bf_first->bf_state.bfs_txpower, 434 bf_first->bf_state.bfs_txrate0, 435 bf_first->bf_state.bfs_try0, 436 bf_first->bf_state.bfs_txantenna, 437 bf_first->bf_state.bfs_ctsrate, 438 bf_first->bf_state.bfs_ctsduration); 439 440 /* 441 * Setup the last descriptor in the list. 442 * bf_prev points to the last; bf is NULL here. 443 */ 444 ath_hal_setuplasttxdesc(sc->sc_ah, bf_prev->bf_desc, 445 bf_first->bf_desc); 446 447 /* 448 * Set the first descriptor bf_lastds field to point to 449 * the last descriptor in the last subframe, that's where 450 * the status update will occur. 451 */ 452 bf_first->bf_lastds = bf_prev->bf_lastds; 453 454 /* 455 * And bf_last in the first descriptor points to the end of 456 * the aggregate list. 457 */ 458 bf_first->bf_last = bf_prev; 459 460 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: end\n", __func__); 461} 462 463static void 464ath_tx_handoff_mcast(struct ath_softc *sc, struct ath_txq *txq, 465 struct ath_buf *bf) 466{ 467 ATH_TXQ_LOCK_ASSERT(txq); 468 KASSERT((bf->bf_flags & ATH_BUF_BUSY) == 0, 469 ("%s: busy status 0x%x", __func__, bf->bf_flags)); 470 if (txq->axq_link != NULL) { 471 struct ath_buf *last = ATH_TXQ_LAST(txq, axq_q_s); 472 struct ieee80211_frame *wh; 473 474 /* mark previous frame */ 475 wh = mtod(last->bf_m, struct ieee80211_frame *); 476 wh->i_fc[1] |= IEEE80211_FC1_MORE_DATA; 477 bus_dmamap_sync(sc->sc_dmat, last->bf_dmamap, 478 BUS_DMASYNC_PREWRITE); 479 480 /* link descriptor */ 481 *txq->axq_link = bf->bf_daddr; 482 } 483 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 484 txq->axq_link = &bf->bf_lastds->ds_link; 485} 486 487/* 488 * Hand-off packet to a hardware queue. 489 */ 490static void 491ath_tx_handoff_hw(struct ath_softc *sc, struct ath_txq *txq, 492 struct ath_buf *bf) 493{ 494 struct ath_hal *ah = sc->sc_ah; 495 496 /* 497 * Insert the frame on the outbound list and pass it on 498 * to the hardware. Multicast frames buffered for power 499 * save stations and transmit from the CAB queue are stored 500 * on a s/w only queue and loaded on to the CAB queue in 501 * the SWBA handler since frames only go out on DTIM and 502 * to avoid possible races. 503 */ 504 ATH_TXQ_LOCK_ASSERT(txq); 505 KASSERT((bf->bf_flags & ATH_BUF_BUSY) == 0, 506 ("%s: busy status 0x%x", __func__, bf->bf_flags)); 507 KASSERT(txq->axq_qnum != ATH_TXQ_SWQ, 508 ("ath_tx_handoff_hw called for mcast queue")); 509 510#if 0 511 /* 512 * This causes a LOR. Find out where the PCU lock is being 513 * held whilst the TXQ lock is grabbed - that shouldn't 514 * be occuring. 515 */ 516 ATH_PCU_LOCK(sc); 517 if (sc->sc_inreset_cnt) { 518 ATH_PCU_UNLOCK(sc); 519 DPRINTF(sc, ATH_DEBUG_RESET, 520 "%s: called with sc_in_reset != 0\n", 521 __func__); 522 DPRINTF(sc, ATH_DEBUG_XMIT, 523 "%s: queued: TXDP[%u] = %p (%p) depth %d\n", 524 __func__, txq->axq_qnum, 525 (caddr_t)bf->bf_daddr, bf->bf_desc, 526 txq->axq_depth); 527 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 528 if (bf->bf_state.bfs_aggr) 529 txq->axq_aggr_depth++; 530 /* 531 * There's no need to update axq_link; the hardware 532 * is in reset and once the reset is complete, any 533 * non-empty queues will simply have DMA restarted. 534 */ 535 return; 536 } 537 ATH_PCU_UNLOCK(sc); 538#endif 539 540 /* For now, so not to generate whitespace diffs */ 541 if (1) { 542#ifdef IEEE80211_SUPPORT_TDMA 543 int qbusy; 544 545 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 546 qbusy = ath_hal_txqenabled(ah, txq->axq_qnum); 547 if (txq->axq_link == NULL) { 548 /* 549 * Be careful writing the address to TXDP. If 550 * the tx q is enabled then this write will be 551 * ignored. Normally this is not an issue but 552 * when tdma is in use and the q is beacon gated 553 * this race can occur. If the q is busy then 554 * defer the work to later--either when another 555 * packet comes along or when we prepare a beacon 556 * frame at SWBA. 557 */ 558 if (!qbusy) { 559 ath_hal_puttxbuf(ah, txq->axq_qnum, 560 bf->bf_daddr); 561 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 562 DPRINTF(sc, ATH_DEBUG_XMIT, 563 "%s: TXDP[%u] = %p (%p) depth %d\n", 564 __func__, txq->axq_qnum, 565 (caddr_t)bf->bf_daddr, bf->bf_desc, 566 txq->axq_depth); 567 } else { 568 txq->axq_flags |= ATH_TXQ_PUTPENDING; 569 DPRINTF(sc, ATH_DEBUG_TDMA | ATH_DEBUG_XMIT, 570 "%s: Q%u busy, defer enable\n", __func__, 571 txq->axq_qnum); 572 } 573 } else { 574 *txq->axq_link = bf->bf_daddr; 575 DPRINTF(sc, ATH_DEBUG_XMIT, 576 "%s: link[%u](%p)=%p (%p) depth %d\n", __func__, 577 txq->axq_qnum, txq->axq_link, 578 (caddr_t)bf->bf_daddr, bf->bf_desc, 579 txq->axq_depth); 580 if ((txq->axq_flags & ATH_TXQ_PUTPENDING) && !qbusy) { 581 /* 582 * The q was busy when we previously tried 583 * to write the address of the first buffer 584 * in the chain. Since it's not busy now 585 * handle this chore. We are certain the 586 * buffer at the front is the right one since 587 * axq_link is NULL only when the buffer list 588 * is/was empty. 589 */ 590 ath_hal_puttxbuf(ah, txq->axq_qnum, 591 TAILQ_FIRST(&txq->axq_q)->bf_daddr); 592 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 593 DPRINTF(sc, ATH_DEBUG_TDMA | ATH_DEBUG_XMIT, 594 "%s: Q%u restarted\n", __func__, 595 txq->axq_qnum); 596 } 597 } 598#else 599 ATH_TXQ_INSERT_TAIL(txq, bf, bf_list); 600 if (txq->axq_link == NULL) { 601 ath_hal_puttxbuf(ah, txq->axq_qnum, bf->bf_daddr); 602 DPRINTF(sc, ATH_DEBUG_XMIT, 603 "%s: TXDP[%u] = %p (%p) depth %d\n", 604 __func__, txq->axq_qnum, 605 (caddr_t)bf->bf_daddr, bf->bf_desc, 606 txq->axq_depth); 607 } else { 608 *txq->axq_link = bf->bf_daddr; 609 DPRINTF(sc, ATH_DEBUG_XMIT, 610 "%s: link[%u](%p)=%p (%p) depth %d\n", __func__, 611 txq->axq_qnum, txq->axq_link, 612 (caddr_t)bf->bf_daddr, bf->bf_desc, 613 txq->axq_depth); 614 } 615#endif /* IEEE80211_SUPPORT_TDMA */ 616 if (bf->bf_state.bfs_aggr) 617 txq->axq_aggr_depth++; 618 txq->axq_link = &bf->bf_lastds->ds_link; 619 ath_hal_txstart(ah, txq->axq_qnum); 620 } 621} 622 623/* 624 * Restart TX DMA for the given TXQ. 625 * 626 * This must be called whether the queue is empty or not. 627 */ 628void 629ath_txq_restart_dma(struct ath_softc *sc, struct ath_txq *txq) 630{ 631 struct ath_hal *ah = sc->sc_ah; 632 struct ath_buf *bf, *bf_last; 633 634 ATH_TXQ_LOCK_ASSERT(txq); 635 636 /* This is always going to be cleared, empty or not */ 637 txq->axq_flags &= ~ATH_TXQ_PUTPENDING; 638 639 /* XXX make this ATH_TXQ_FIRST */ 640 bf = TAILQ_FIRST(&txq->axq_q); 641 bf_last = ATH_TXQ_LAST(txq, axq_q_s); 642 643 if (bf == NULL) 644 return; 645 646 ath_hal_puttxbuf(ah, txq->axq_qnum, bf->bf_daddr); 647 txq->axq_link = &bf_last->bf_lastds->ds_link; 648 ath_hal_txstart(ah, txq->axq_qnum); 649} 650 651/* 652 * Hand off a packet to the hardware (or mcast queue.) 653 * 654 * The relevant hardware txq should be locked. 655 */ 656static void 657ath_tx_handoff(struct ath_softc *sc, struct ath_txq *txq, struct ath_buf *bf) 658{ 659 ATH_TXQ_LOCK_ASSERT(txq); 660 661 if (txq->axq_qnum == ATH_TXQ_SWQ) 662 ath_tx_handoff_mcast(sc, txq, bf); 663 else 664 ath_tx_handoff_hw(sc, txq, bf); 665} 666 667static int 668ath_tx_tag_crypto(struct ath_softc *sc, struct ieee80211_node *ni, 669 struct mbuf *m0, int iswep, int isfrag, int *hdrlen, int *pktlen, 670 int *keyix) 671{ 672 DPRINTF(sc, ATH_DEBUG_XMIT, 673 "%s: hdrlen=%d, pktlen=%d, isfrag=%d, iswep=%d, m0=%p\n", 674 __func__, 675 *hdrlen, 676 *pktlen, 677 isfrag, 678 iswep, 679 m0); 680 681 if (iswep) { 682 const struct ieee80211_cipher *cip; 683 struct ieee80211_key *k; 684 685 /* 686 * Construct the 802.11 header+trailer for an encrypted 687 * frame. The only reason this can fail is because of an 688 * unknown or unsupported cipher/key type. 689 */ 690 k = ieee80211_crypto_encap(ni, m0); 691 if (k == NULL) { 692 /* 693 * This can happen when the key is yanked after the 694 * frame was queued. Just discard the frame; the 695 * 802.11 layer counts failures and provides 696 * debugging/diagnostics. 697 */ 698 return (0); 699 } 700 /* 701 * Adjust the packet + header lengths for the crypto 702 * additions and calculate the h/w key index. When 703 * a s/w mic is done the frame will have had any mic 704 * added to it prior to entry so m0->m_pkthdr.len will 705 * account for it. Otherwise we need to add it to the 706 * packet length. 707 */ 708 cip = k->wk_cipher; 709 (*hdrlen) += cip->ic_header; 710 (*pktlen) += cip->ic_header + cip->ic_trailer; 711 /* NB: frags always have any TKIP MIC done in s/w */ 712 if ((k->wk_flags & IEEE80211_KEY_SWMIC) == 0 && !isfrag) 713 (*pktlen) += cip->ic_miclen; 714 (*keyix) = k->wk_keyix; 715 } else if (ni->ni_ucastkey.wk_cipher == &ieee80211_cipher_none) { 716 /* 717 * Use station key cache slot, if assigned. 718 */ 719 (*keyix) = ni->ni_ucastkey.wk_keyix; 720 if ((*keyix) == IEEE80211_KEYIX_NONE) 721 (*keyix) = HAL_TXKEYIX_INVALID; 722 } else 723 (*keyix) = HAL_TXKEYIX_INVALID; 724 725 return (1); 726} 727 728/* 729 * Calculate whether interoperability protection is required for 730 * this frame. 731 * 732 * This requires the rate control information be filled in, 733 * as the protection requirement depends upon the current 734 * operating mode / PHY. 735 */ 736static void 737ath_tx_calc_protection(struct ath_softc *sc, struct ath_buf *bf) 738{ 739 struct ieee80211_frame *wh; 740 uint8_t rix; 741 uint16_t flags; 742 int shortPreamble; 743 const HAL_RATE_TABLE *rt = sc->sc_currates; 744 struct ifnet *ifp = sc->sc_ifp; 745 struct ieee80211com *ic = ifp->if_l2com; 746 747 flags = bf->bf_state.bfs_txflags; 748 rix = bf->bf_state.bfs_rc[0].rix; 749 shortPreamble = bf->bf_state.bfs_shpream; 750 wh = mtod(bf->bf_m, struct ieee80211_frame *); 751 752 /* 753 * If 802.11g protection is enabled, determine whether 754 * to use RTS/CTS or just CTS. Note that this is only 755 * done for OFDM unicast frames. 756 */ 757 if ((ic->ic_flags & IEEE80211_F_USEPROT) && 758 rt->info[rix].phy == IEEE80211_T_OFDM && 759 (flags & HAL_TXDESC_NOACK) == 0) { 760 bf->bf_state.bfs_doprot = 1; 761 /* XXX fragments must use CCK rates w/ protection */ 762 if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) { 763 flags |= HAL_TXDESC_RTSENA; 764 } else if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) { 765 flags |= HAL_TXDESC_CTSENA; 766 } 767 /* 768 * For frags it would be desirable to use the 769 * highest CCK rate for RTS/CTS. But stations 770 * farther away may detect it at a lower CCK rate 771 * so use the configured protection rate instead 772 * (for now). 773 */ 774 sc->sc_stats.ast_tx_protect++; 775 } 776 777 /* 778 * If 11n protection is enabled and it's a HT frame, 779 * enable RTS. 780 * 781 * XXX ic_htprotmode or ic_curhtprotmode? 782 * XXX should it_htprotmode only matter if ic_curhtprotmode 783 * XXX indicates it's not a HT pure environment? 784 */ 785 if ((ic->ic_htprotmode == IEEE80211_PROT_RTSCTS) && 786 rt->info[rix].phy == IEEE80211_T_HT && 787 (flags & HAL_TXDESC_NOACK) == 0) { 788 flags |= HAL_TXDESC_RTSENA; 789 sc->sc_stats.ast_tx_htprotect++; 790 } 791 bf->bf_state.bfs_txflags = flags; 792} 793 794/* 795 * Update the frame duration given the currently selected rate. 796 * 797 * This also updates the frame duration value, so it will require 798 * a DMA flush. 799 */ 800static void 801ath_tx_calc_duration(struct ath_softc *sc, struct ath_buf *bf) 802{ 803 struct ieee80211_frame *wh; 804 uint8_t rix; 805 uint16_t flags; 806 int shortPreamble; 807 struct ath_hal *ah = sc->sc_ah; 808 const HAL_RATE_TABLE *rt = sc->sc_currates; 809 int isfrag = bf->bf_m->m_flags & M_FRAG; 810 811 flags = bf->bf_state.bfs_txflags; 812 rix = bf->bf_state.bfs_rc[0].rix; 813 shortPreamble = bf->bf_state.bfs_shpream; 814 wh = mtod(bf->bf_m, struct ieee80211_frame *); 815 816 /* 817 * Calculate duration. This logically belongs in the 802.11 818 * layer but it lacks sufficient information to calculate it. 819 */ 820 if ((flags & HAL_TXDESC_NOACK) == 0 && 821 (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_CTL) { 822 u_int16_t dur; 823 if (shortPreamble) 824 dur = rt->info[rix].spAckDuration; 825 else 826 dur = rt->info[rix].lpAckDuration; 827 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) { 828 dur += dur; /* additional SIFS+ACK */ 829 KASSERT(bf->bf_m->m_nextpkt != NULL, ("no fragment")); 830 /* 831 * Include the size of next fragment so NAV is 832 * updated properly. The last fragment uses only 833 * the ACK duration 834 */ 835 dur += ath_hal_computetxtime(ah, rt, 836 bf->bf_m->m_nextpkt->m_pkthdr.len, 837 rix, shortPreamble); 838 } 839 if (isfrag) { 840 /* 841 * Force hardware to use computed duration for next 842 * fragment by disabling multi-rate retry which updates 843 * duration based on the multi-rate duration table. 844 */ 845 bf->bf_state.bfs_ismrr = 0; 846 bf->bf_state.bfs_try0 = ATH_TXMGTTRY; 847 /* XXX update bfs_rc[0].try? */ 848 } 849 850 /* Update the duration field itself */ 851 *(u_int16_t *)wh->i_dur = htole16(dur); 852 } 853} 854 855static uint8_t 856ath_tx_get_rtscts_rate(struct ath_hal *ah, const HAL_RATE_TABLE *rt, 857 int cix, int shortPreamble) 858{ 859 uint8_t ctsrate; 860 861 /* 862 * CTS transmit rate is derived from the transmit rate 863 * by looking in the h/w rate table. We must also factor 864 * in whether or not a short preamble is to be used. 865 */ 866 /* NB: cix is set above where RTS/CTS is enabled */ 867 KASSERT(cix != 0xff, ("cix not setup")); 868 ctsrate = rt->info[cix].rateCode; 869 870 /* XXX this should only matter for legacy rates */ 871 if (shortPreamble) 872 ctsrate |= rt->info[cix].shortPreamble; 873 874 return (ctsrate); 875} 876 877/* 878 * Calculate the RTS/CTS duration for legacy frames. 879 */ 880static int 881ath_tx_calc_ctsduration(struct ath_hal *ah, int rix, int cix, 882 int shortPreamble, int pktlen, const HAL_RATE_TABLE *rt, 883 int flags) 884{ 885 int ctsduration = 0; 886 887 /* This mustn't be called for HT modes */ 888 if (rt->info[cix].phy == IEEE80211_T_HT) { 889 printf("%s: HT rate where it shouldn't be (0x%x)\n", 890 __func__, rt->info[cix].rateCode); 891 return (-1); 892 } 893 894 /* 895 * Compute the transmit duration based on the frame 896 * size and the size of an ACK frame. We call into the 897 * HAL to do the computation since it depends on the 898 * characteristics of the actual PHY being used. 899 * 900 * NB: CTS is assumed the same size as an ACK so we can 901 * use the precalculated ACK durations. 902 */ 903 if (shortPreamble) { 904 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */ 905 ctsduration += rt->info[cix].spAckDuration; 906 ctsduration += ath_hal_computetxtime(ah, 907 rt, pktlen, rix, AH_TRUE); 908 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */ 909 ctsduration += rt->info[rix].spAckDuration; 910 } else { 911 if (flags & HAL_TXDESC_RTSENA) /* SIFS + CTS */ 912 ctsduration += rt->info[cix].lpAckDuration; 913 ctsduration += ath_hal_computetxtime(ah, 914 rt, pktlen, rix, AH_FALSE); 915 if ((flags & HAL_TXDESC_NOACK) == 0) /* SIFS + ACK */ 916 ctsduration += rt->info[rix].lpAckDuration; 917 } 918 919 return (ctsduration); 920} 921 922/* 923 * Update the given ath_buf with updated rts/cts setup and duration 924 * values. 925 * 926 * To support rate lookups for each software retry, the rts/cts rate 927 * and cts duration must be re-calculated. 928 * 929 * This function assumes the RTS/CTS flags have been set as needed; 930 * mrr has been disabled; and the rate control lookup has been done. 931 * 932 * XXX TODO: MRR need only be disabled for the pre-11n NICs. 933 * XXX The 11n NICs support per-rate RTS/CTS configuration. 934 */ 935static void 936ath_tx_set_rtscts(struct ath_softc *sc, struct ath_buf *bf) 937{ 938 uint16_t ctsduration = 0; 939 uint8_t ctsrate = 0; 940 uint8_t rix = bf->bf_state.bfs_rc[0].rix; 941 uint8_t cix = 0; 942 const HAL_RATE_TABLE *rt = sc->sc_currates; 943 944 /* 945 * No RTS/CTS enabled? Don't bother. 946 */ 947 if ((bf->bf_state.bfs_txflags & 948 (HAL_TXDESC_RTSENA | HAL_TXDESC_CTSENA)) == 0) { 949 /* XXX is this really needed? */ 950 bf->bf_state.bfs_ctsrate = 0; 951 bf->bf_state.bfs_ctsduration = 0; 952 return; 953 } 954 955 /* 956 * If protection is enabled, use the protection rix control 957 * rate. Otherwise use the rate0 control rate. 958 */ 959 if (bf->bf_state.bfs_doprot) 960 rix = sc->sc_protrix; 961 else 962 rix = bf->bf_state.bfs_rc[0].rix; 963 964 /* 965 * If the raw path has hard-coded ctsrate0 to something, 966 * use it. 967 */ 968 if (bf->bf_state.bfs_ctsrate0 != 0) 969 cix = ath_tx_findrix(sc, bf->bf_state.bfs_ctsrate0); 970 else 971 /* Control rate from above */ 972 cix = rt->info[rix].controlRate; 973 974 /* Calculate the rtscts rate for the given cix */ 975 ctsrate = ath_tx_get_rtscts_rate(sc->sc_ah, rt, cix, 976 bf->bf_state.bfs_shpream); 977 978 /* The 11n chipsets do ctsduration calculations for you */ 979 if (! ath_tx_is_11n(sc)) 980 ctsduration = ath_tx_calc_ctsduration(sc->sc_ah, rix, cix, 981 bf->bf_state.bfs_shpream, bf->bf_state.bfs_pktlen, 982 rt, bf->bf_state.bfs_txflags); 983 984 /* Squirrel away in ath_buf */ 985 bf->bf_state.bfs_ctsrate = ctsrate; 986 bf->bf_state.bfs_ctsduration = ctsduration; 987 988 /* 989 * Must disable multi-rate retry when using RTS/CTS. 990 * XXX TODO: only for pre-11n NICs. 991 */ 992 bf->bf_state.bfs_ismrr = 0; 993 bf->bf_state.bfs_try0 = 994 bf->bf_state.bfs_rc[0].tries = ATH_TXMGTTRY; /* XXX ew */ 995} 996 997/* 998 * Setup the descriptor chain for a normal or fast-frame 999 * frame. 1000 */ 1001static void 1002ath_tx_setds(struct ath_softc *sc, struct ath_buf *bf) 1003{ 1004 struct ath_desc *ds = bf->bf_desc; 1005 struct ath_hal *ah = sc->sc_ah; 1006 1007 ath_hal_setuptxdesc(ah, ds 1008 , bf->bf_state.bfs_pktlen /* packet length */ 1009 , bf->bf_state.bfs_hdrlen /* header length */ 1010 , bf->bf_state.bfs_atype /* Atheros packet type */ 1011 , bf->bf_state.bfs_txpower /* txpower */ 1012 , bf->bf_state.bfs_txrate0 1013 , bf->bf_state.bfs_try0 /* series 0 rate/tries */ 1014 , bf->bf_state.bfs_keyix /* key cache index */ 1015 , bf->bf_state.bfs_txantenna /* antenna mode */ 1016 , bf->bf_state.bfs_txflags /* flags */ 1017 , bf->bf_state.bfs_ctsrate /* rts/cts rate */ 1018 , bf->bf_state.bfs_ctsduration /* rts/cts duration */ 1019 ); 1020 1021 /* 1022 * This will be overriden when the descriptor chain is written. 1023 */ 1024 bf->bf_lastds = ds; 1025 bf->bf_last = bf; 1026 1027 /* XXX TODO: Setup descriptor chain */ 1028} 1029 1030/* 1031 * Do a rate lookup. 1032 * 1033 * This performs a rate lookup for the given ath_buf only if it's required. 1034 * Non-data frames and raw frames don't require it. 1035 * 1036 * This populates the primary and MRR entries; MRR values are 1037 * then disabled later on if something requires it (eg RTS/CTS on 1038 * pre-11n chipsets. 1039 * 1040 * This needs to be done before the RTS/CTS fields are calculated 1041 * as they may depend upon the rate chosen. 1042 */ 1043static void 1044ath_tx_do_ratelookup(struct ath_softc *sc, struct ath_buf *bf) 1045{ 1046 uint8_t rate, rix; 1047 int try0; 1048 1049 if (! bf->bf_state.bfs_doratelookup) 1050 return; 1051 1052 /* Get rid of any previous state */ 1053 bzero(bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1054 1055 ATH_NODE_LOCK(ATH_NODE(bf->bf_node)); 1056 ath_rate_findrate(sc, ATH_NODE(bf->bf_node), bf->bf_state.bfs_shpream, 1057 bf->bf_state.bfs_pktlen, &rix, &try0, &rate); 1058 1059 /* In case MRR is disabled, make sure rc[0] is setup correctly */ 1060 bf->bf_state.bfs_rc[0].rix = rix; 1061 bf->bf_state.bfs_rc[0].ratecode = rate; 1062 bf->bf_state.bfs_rc[0].tries = try0; 1063 1064 if (bf->bf_state.bfs_ismrr && try0 != ATH_TXMAXTRY) 1065 ath_rate_getxtxrates(sc, ATH_NODE(bf->bf_node), rix, 1066 bf->bf_state.bfs_rc); 1067 ATH_NODE_UNLOCK(ATH_NODE(bf->bf_node)); 1068 1069 sc->sc_txrix = rix; /* for LED blinking */ 1070 sc->sc_lastdatarix = rix; /* for fast frames */ 1071 bf->bf_state.bfs_try0 = try0; 1072 bf->bf_state.bfs_txrate0 = rate; 1073} 1074 1075/* 1076 * Set the rate control fields in the given descriptor based on 1077 * the bf_state fields and node state. 1078 * 1079 * The bfs fields should already be set with the relevant rate 1080 * control information, including whether MRR is to be enabled. 1081 * 1082 * Since the FreeBSD HAL currently sets up the first TX rate 1083 * in ath_hal_setuptxdesc(), this will setup the MRR 1084 * conditionally for the pre-11n chips, and call ath_buf_set_rate 1085 * unconditionally for 11n chips. These require the 11n rate 1086 * scenario to be set if MCS rates are enabled, so it's easier 1087 * to just always call it. The caller can then only set rates 2, 3 1088 * and 4 if multi-rate retry is needed. 1089 */ 1090static void 1091ath_tx_set_ratectrl(struct ath_softc *sc, struct ieee80211_node *ni, 1092 struct ath_buf *bf) 1093{ 1094 struct ath_rc_series *rc = bf->bf_state.bfs_rc; 1095 1096 /* If mrr is disabled, blank tries 1, 2, 3 */ 1097 if (! bf->bf_state.bfs_ismrr) 1098 rc[1].tries = rc[2].tries = rc[3].tries = 0; 1099 1100 /* 1101 * Always call - that way a retried descriptor will 1102 * have the MRR fields overwritten. 1103 * 1104 * XXX TODO: see if this is really needed - setting up 1105 * the first descriptor should set the MRR fields to 0 1106 * for us anyway. 1107 */ 1108 if (ath_tx_is_11n(sc)) { 1109 ath_buf_set_rate(sc, ni, bf); 1110 } else { 1111 ath_hal_setupxtxdesc(sc->sc_ah, bf->bf_desc 1112 , rc[1].ratecode, rc[1].tries 1113 , rc[2].ratecode, rc[2].tries 1114 , rc[3].ratecode, rc[3].tries 1115 ); 1116 } 1117} 1118 1119/* 1120 * Transmit the given frame to the hardware. 1121 * 1122 * The frame must already be setup; rate control must already have 1123 * been done. 1124 * 1125 * XXX since the TXQ lock is being held here (and I dislike holding 1126 * it for this long when not doing software aggregation), later on 1127 * break this function into "setup_normal" and "xmit_normal". The 1128 * lock only needs to be held for the ath_tx_handoff call. 1129 */ 1130static void 1131ath_tx_xmit_normal(struct ath_softc *sc, struct ath_txq *txq, 1132 struct ath_buf *bf) 1133{ 1134 1135 ATH_TXQ_LOCK_ASSERT(txq); 1136 1137 /* Setup the descriptor before handoff */ 1138 ath_tx_do_ratelookup(sc, bf); 1139 ath_tx_calc_duration(sc, bf); 1140 ath_tx_calc_protection(sc, bf); 1141 ath_tx_set_rtscts(sc, bf); 1142 ath_tx_rate_fill_rcflags(sc, bf); 1143 ath_tx_setds(sc, bf); 1144 ath_tx_set_ratectrl(sc, bf->bf_node, bf); 1145 ath_tx_chaindesclist(sc, bf); 1146 1147 /* Hand off to hardware */ 1148 ath_tx_handoff(sc, txq, bf); 1149} 1150 1151 1152 1153static int 1154ath_tx_normal_setup(struct ath_softc *sc, struct ieee80211_node *ni, 1155 struct ath_buf *bf, struct mbuf *m0, struct ath_txq *txq) 1156{ 1157 struct ieee80211vap *vap = ni->ni_vap; 1158 struct ath_hal *ah = sc->sc_ah; 1159 struct ifnet *ifp = sc->sc_ifp; 1160 struct ieee80211com *ic = ifp->if_l2com; 1161 const struct chanAccParams *cap = &ic->ic_wme.wme_chanParams; 1162 int error, iswep, ismcast, isfrag, ismrr; 1163 int keyix, hdrlen, pktlen, try0 = 0; 1164 u_int8_t rix = 0, txrate = 0; 1165 struct ath_desc *ds; 1166 struct ieee80211_frame *wh; 1167 u_int subtype, flags; 1168 HAL_PKT_TYPE atype; 1169 const HAL_RATE_TABLE *rt; 1170 HAL_BOOL shortPreamble; 1171 struct ath_node *an; 1172 u_int pri; 1173 1174 wh = mtod(m0, struct ieee80211_frame *); 1175 iswep = wh->i_fc[1] & IEEE80211_FC1_WEP; 1176 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1177 isfrag = m0->m_flags & M_FRAG; 1178 hdrlen = ieee80211_anyhdrsize(wh); 1179 /* 1180 * Packet length must not include any 1181 * pad bytes; deduct them here. 1182 */ 1183 pktlen = m0->m_pkthdr.len - (hdrlen & 3); 1184 1185 /* Handle encryption twiddling if needed */ 1186 if (! ath_tx_tag_crypto(sc, ni, m0, iswep, isfrag, &hdrlen, 1187 &pktlen, &keyix)) { 1188 ath_freetx(m0); 1189 return EIO; 1190 } 1191 1192 /* packet header may have moved, reset our local pointer */ 1193 wh = mtod(m0, struct ieee80211_frame *); 1194 1195 pktlen += IEEE80211_CRC_LEN; 1196 1197 /* 1198 * Load the DMA map so any coalescing is done. This 1199 * also calculates the number of descriptors we need. 1200 */ 1201 error = ath_tx_dmasetup(sc, bf, m0); 1202 if (error != 0) 1203 return error; 1204 bf->bf_node = ni; /* NB: held reference */ 1205 m0 = bf->bf_m; /* NB: may have changed */ 1206 wh = mtod(m0, struct ieee80211_frame *); 1207 1208 /* setup descriptors */ 1209 ds = bf->bf_desc; 1210 rt = sc->sc_currates; 1211 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode)); 1212 1213 /* 1214 * NB: the 802.11 layer marks whether or not we should 1215 * use short preamble based on the current mode and 1216 * negotiated parameters. 1217 */ 1218 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 1219 (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE)) { 1220 shortPreamble = AH_TRUE; 1221 sc->sc_stats.ast_tx_shortpre++; 1222 } else { 1223 shortPreamble = AH_FALSE; 1224 } 1225 1226 an = ATH_NODE(ni); 1227 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */ 1228 ismrr = 0; /* default no multi-rate retry*/ 1229 pri = M_WME_GETAC(m0); /* honor classification */ 1230 /* XXX use txparams instead of fixed values */ 1231 /* 1232 * Calculate Atheros packet type from IEEE80211 packet header, 1233 * setup for rate calculations, and select h/w transmit queue. 1234 */ 1235 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) { 1236 case IEEE80211_FC0_TYPE_MGT: 1237 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1238 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON) 1239 atype = HAL_PKT_TYPE_BEACON; 1240 else if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1241 atype = HAL_PKT_TYPE_PROBE_RESP; 1242 else if (subtype == IEEE80211_FC0_SUBTYPE_ATIM) 1243 atype = HAL_PKT_TYPE_ATIM; 1244 else 1245 atype = HAL_PKT_TYPE_NORMAL; /* XXX */ 1246 rix = an->an_mgmtrix; 1247 txrate = rt->info[rix].rateCode; 1248 if (shortPreamble) 1249 txrate |= rt->info[rix].shortPreamble; 1250 try0 = ATH_TXMGTTRY; 1251 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1252 break; 1253 case IEEE80211_FC0_TYPE_CTL: 1254 atype = HAL_PKT_TYPE_PSPOLL; /* stop setting of duration */ 1255 rix = an->an_mgmtrix; 1256 txrate = rt->info[rix].rateCode; 1257 if (shortPreamble) 1258 txrate |= rt->info[rix].shortPreamble; 1259 try0 = ATH_TXMGTTRY; 1260 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1261 break; 1262 case IEEE80211_FC0_TYPE_DATA: 1263 atype = HAL_PKT_TYPE_NORMAL; /* default */ 1264 /* 1265 * Data frames: multicast frames go out at a fixed rate, 1266 * EAPOL frames use the mgmt frame rate; otherwise consult 1267 * the rate control module for the rate to use. 1268 */ 1269 if (ismcast) { 1270 rix = an->an_mcastrix; 1271 txrate = rt->info[rix].rateCode; 1272 if (shortPreamble) 1273 txrate |= rt->info[rix].shortPreamble; 1274 try0 = 1; 1275 } else if (m0->m_flags & M_EAPOL) { 1276 /* XXX? maybe always use long preamble? */ 1277 rix = an->an_mgmtrix; 1278 txrate = rt->info[rix].rateCode; 1279 if (shortPreamble) 1280 txrate |= rt->info[rix].shortPreamble; 1281 try0 = ATH_TXMAXTRY; /* XXX?too many? */ 1282 } else { 1283 /* 1284 * Do rate lookup on each TX, rather than using 1285 * the hard-coded TX information decided here. 1286 */ 1287 ismrr = 1; 1288 bf->bf_state.bfs_doratelookup = 1; 1289 } 1290 if (cap->cap_wmeParams[pri].wmep_noackPolicy) 1291 flags |= HAL_TXDESC_NOACK; 1292 break; 1293 default: 1294 if_printf(ifp, "bogus frame type 0x%x (%s)\n", 1295 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, __func__); 1296 /* XXX statistic */ 1297 ath_freetx(m0); 1298 return EIO; 1299 } 1300 1301 /* Check if the TXQ wouldn't match what the hardware TXQ is! */ 1302 if (txq != sc->sc_ac2q[pri]) { 1303 device_printf(sc->sc_dev, 1304 "%s: txq=%p (%d), pri=%d, pri txq=%p (%d)\n", 1305 __func__, 1306 txq, 1307 txq->axq_qnum, 1308 pri, 1309 sc->sc_ac2q[pri], 1310 sc->sc_ac2q[pri]->axq_qnum); 1311 } 1312 1313 /* 1314 * Calculate miscellaneous flags. 1315 */ 1316 if (ismcast) { 1317 flags |= HAL_TXDESC_NOACK; /* no ack on broad/multicast */ 1318 } else if (pktlen > vap->iv_rtsthreshold && 1319 (ni->ni_ath_flags & IEEE80211_NODE_FF) == 0) { 1320 flags |= HAL_TXDESC_RTSENA; /* RTS based on frame length */ 1321 sc->sc_stats.ast_tx_rts++; 1322 } 1323 if (flags & HAL_TXDESC_NOACK) /* NB: avoid double counting */ 1324 sc->sc_stats.ast_tx_noack++; 1325#ifdef IEEE80211_SUPPORT_TDMA 1326 if (sc->sc_tdma && (flags & HAL_TXDESC_NOACK) == 0) { 1327 DPRINTF(sc, ATH_DEBUG_TDMA, 1328 "%s: discard frame, ACK required w/ TDMA\n", __func__); 1329 sc->sc_stats.ast_tdma_ack++; 1330 ath_freetx(m0); 1331 return EIO; 1332 } 1333#endif 1334 1335 /* 1336 * Determine if a tx interrupt should be generated for 1337 * this descriptor. We take a tx interrupt to reap 1338 * descriptors when the h/w hits an EOL condition or 1339 * when the descriptor is specifically marked to generate 1340 * an interrupt. We periodically mark descriptors in this 1341 * way to insure timely replenishing of the supply needed 1342 * for sending frames. Defering interrupts reduces system 1343 * load and potentially allows more concurrent work to be 1344 * done but if done to aggressively can cause senders to 1345 * backup. 1346 * 1347 * NB: use >= to deal with sc_txintrperiod changing 1348 * dynamically through sysctl. 1349 */ 1350 if (flags & HAL_TXDESC_INTREQ) { 1351 txq->axq_intrcnt = 0; 1352 } else if (++txq->axq_intrcnt >= sc->sc_txintrperiod) { 1353 flags |= HAL_TXDESC_INTREQ; 1354 txq->axq_intrcnt = 0; 1355 } 1356 1357 /* This point forward is actual TX bits */ 1358 1359 /* 1360 * At this point we are committed to sending the frame 1361 * and we don't need to look at m_nextpkt; clear it in 1362 * case this frame is part of frag chain. 1363 */ 1364 m0->m_nextpkt = NULL; 1365 1366 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT)) 1367 ieee80211_dump_pkt(ic, mtod(m0, const uint8_t *), m0->m_len, 1368 sc->sc_hwmap[rix].ieeerate, -1); 1369 1370 if (ieee80211_radiotap_active_vap(vap)) { 1371 u_int64_t tsf = ath_hal_gettsf64(ah); 1372 1373 sc->sc_tx_th.wt_tsf = htole64(tsf); 1374 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags; 1375 if (iswep) 1376 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1377 if (isfrag) 1378 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1379 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate; 1380 sc->sc_tx_th.wt_txpower = ni->ni_txpower; 1381 sc->sc_tx_th.wt_antenna = sc->sc_txantenna; 1382 1383 ieee80211_radiotap_tx(vap, m0); 1384 } 1385 1386 /* Blank the legacy rate array */ 1387 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1388 1389 /* 1390 * ath_buf_set_rate needs at least one rate/try to setup 1391 * the rate scenario. 1392 */ 1393 bf->bf_state.bfs_rc[0].rix = rix; 1394 bf->bf_state.bfs_rc[0].tries = try0; 1395 bf->bf_state.bfs_rc[0].ratecode = txrate; 1396 1397 /* Store the decided rate index values away */ 1398 bf->bf_state.bfs_pktlen = pktlen; 1399 bf->bf_state.bfs_hdrlen = hdrlen; 1400 bf->bf_state.bfs_atype = atype; 1401 bf->bf_state.bfs_txpower = ni->ni_txpower; 1402 bf->bf_state.bfs_txrate0 = txrate; 1403 bf->bf_state.bfs_try0 = try0; 1404 bf->bf_state.bfs_keyix = keyix; 1405 bf->bf_state.bfs_txantenna = sc->sc_txantenna; 1406 bf->bf_state.bfs_txflags = flags; 1407 bf->bf_state.bfs_shpream = shortPreamble; 1408 1409 /* XXX this should be done in ath_tx_setrate() */ 1410 bf->bf_state.bfs_ctsrate0 = 0; /* ie, no hard-coded ctsrate */ 1411 bf->bf_state.bfs_ctsrate = 0; /* calculated later */ 1412 bf->bf_state.bfs_ctsduration = 0; 1413 bf->bf_state.bfs_ismrr = ismrr; 1414 1415 return 0; 1416} 1417 1418/* 1419 * Direct-dispatch the current frame to the hardware. 1420 * 1421 * This can be called by the net80211 code. 1422 * 1423 * XXX what about locking? Or, push the seqno assign into the 1424 * XXX aggregate scheduler so its serialised? 1425 */ 1426int 1427ath_tx_start(struct ath_softc *sc, struct ieee80211_node *ni, 1428 struct ath_buf *bf, struct mbuf *m0) 1429{ 1430 struct ieee80211vap *vap = ni->ni_vap; 1431 struct ath_vap *avp = ATH_VAP(vap); 1432 int r = 0; 1433 u_int pri; 1434 int tid; 1435 struct ath_txq *txq; 1436 int ismcast; 1437 const struct ieee80211_frame *wh; 1438 int is_ampdu, is_ampdu_tx, is_ampdu_pending; 1439 ieee80211_seq seqno; 1440 uint8_t type, subtype; 1441 1442 /* 1443 * Determine the target hardware queue. 1444 * 1445 * For multicast frames, the txq gets overridden appropriately 1446 * depending upon the state of PS. 1447 * 1448 * For any other frame, we do a TID/QoS lookup inside the frame 1449 * to see what the TID should be. If it's a non-QoS frame, the 1450 * AC and TID are overridden. The TID/TXQ code assumes the 1451 * TID is on a predictable hardware TXQ, so we don't support 1452 * having a node TID queued to multiple hardware TXQs. 1453 * This may change in the future but would require some locking 1454 * fudgery. 1455 */ 1456 pri = ath_tx_getac(sc, m0); 1457 tid = ath_tx_gettid(sc, m0); 1458 1459 txq = sc->sc_ac2q[pri]; 1460 wh = mtod(m0, struct ieee80211_frame *); 1461 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1462 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 1463 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1464 1465 /* 1466 * Enforce how deep the multicast queue can grow. 1467 * 1468 * XXX duplicated in ath_raw_xmit(). 1469 */ 1470 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1471 ATH_TXQ_LOCK(sc->sc_cabq); 1472 1473 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) { 1474 sc->sc_stats.ast_tx_mcastq_overflow++; 1475 r = ENOBUFS; 1476 } 1477 1478 ATH_TXQ_UNLOCK(sc->sc_cabq); 1479 1480 if (r != 0) { 1481 m_freem(m0); 1482 return r; 1483 } 1484 } 1485 1486 /* A-MPDU TX */ 1487 is_ampdu_tx = ath_tx_ampdu_running(sc, ATH_NODE(ni), tid); 1488 is_ampdu_pending = ath_tx_ampdu_pending(sc, ATH_NODE(ni), tid); 1489 is_ampdu = is_ampdu_tx | is_ampdu_pending; 1490 1491 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, ac=%d, is_ampdu=%d\n", 1492 __func__, tid, pri, is_ampdu); 1493 1494 /* 1495 * When servicing one or more stations in power-save mode 1496 * (or) if there is some mcast data waiting on the mcast 1497 * queue (to prevent out of order delivery) multicast frames 1498 * must be bufferd until after the beacon. 1499 * 1500 * TODO: we should lock the mcastq before we check the length. 1501 */ 1502 if (ismcast && (vap->iv_ps_sta || avp->av_mcastq.axq_depth)) 1503 txq = &avp->av_mcastq; 1504 1505 /* Do the generic frame setup */ 1506 /* XXX should just bzero the bf_state? */ 1507 bf->bf_state.bfs_dobaw = 0; 1508 1509 /* A-MPDU TX? Manually set sequence number */ 1510 /* Don't do it whilst pending; the net80211 layer still assigns them */ 1511 /* XXX do we need locking here? */ 1512 if (is_ampdu_tx) { 1513 ATH_TXQ_LOCK(txq); 1514 /* 1515 * Always call; this function will 1516 * handle making sure that null data frames 1517 * don't get a sequence number from the current 1518 * TID and thus mess with the BAW. 1519 */ 1520 seqno = ath_tx_tid_seqno_assign(sc, ni, bf, m0); 1521 1522 /* 1523 * Don't add QoS NULL frames to the BAW. 1524 */ 1525 if (IEEE80211_QOS_HAS_SEQ(wh) && 1526 subtype != IEEE80211_FC0_SUBTYPE_QOS_NULL) { 1527 bf->bf_state.bfs_dobaw = 1; 1528 } 1529 ATH_TXQ_UNLOCK(txq); 1530 } 1531 1532 /* 1533 * If needed, the sequence number has been assigned. 1534 * Squirrel it away somewhere easy to get to. 1535 */ 1536 bf->bf_state.bfs_seqno = M_SEQNO_GET(m0) << IEEE80211_SEQ_SEQ_SHIFT; 1537 1538 /* Is ampdu pending? fetch the seqno and print it out */ 1539 if (is_ampdu_pending) 1540 DPRINTF(sc, ATH_DEBUG_SW_TX, 1541 "%s: tid %d: ampdu pending, seqno %d\n", 1542 __func__, tid, M_SEQNO_GET(m0)); 1543 1544 /* This also sets up the DMA map */ 1545 r = ath_tx_normal_setup(sc, ni, bf, m0, txq); 1546 1547 if (r != 0) 1548 return r; 1549 1550 /* At this point m0 could have changed! */ 1551 m0 = bf->bf_m; 1552 1553#if 1 1554 /* 1555 * If it's a multicast frame, do a direct-dispatch to the 1556 * destination hardware queue. Don't bother software 1557 * queuing it. 1558 */ 1559 /* 1560 * If it's a BAR frame, do a direct dispatch to the 1561 * destination hardware queue. Don't bother software 1562 * queuing it, as the TID will now be paused. 1563 * Sending a BAR frame can occur from the net80211 txa timer 1564 * (ie, retries) or from the ath txtask (completion call.) 1565 * It queues directly to hardware because the TID is paused 1566 * at this point (and won't be unpaused until the BAR has 1567 * either been TXed successfully or max retries has been 1568 * reached.) 1569 */ 1570 if (txq == &avp->av_mcastq) { 1571 DPRINTF(sc, ATH_DEBUG_SW_TX, 1572 "%s: bf=%p: mcastq: TX'ing\n", __func__, bf); 1573 ATH_TXQ_LOCK(txq); 1574 ath_tx_xmit_normal(sc, txq, bf); 1575 ATH_TXQ_UNLOCK(txq); 1576 } else if (type == IEEE80211_FC0_TYPE_CTL && 1577 subtype == IEEE80211_FC0_SUBTYPE_BAR) { 1578 DPRINTF(sc, ATH_DEBUG_SW_TX, 1579 "%s: BAR: TX'ing direct\n", __func__); 1580 ATH_TXQ_LOCK(txq); 1581 ath_tx_xmit_normal(sc, txq, bf); 1582 ATH_TXQ_UNLOCK(txq); 1583 } else { 1584 /* add to software queue */ 1585 DPRINTF(sc, ATH_DEBUG_SW_TX, 1586 "%s: bf=%p: swq: TX'ing\n", __func__, bf); 1587 ath_tx_swq(sc, ni, txq, bf); 1588 } 1589#else 1590 /* 1591 * For now, since there's no software queue, 1592 * direct-dispatch to the hardware. 1593 */ 1594 ATH_TXQ_LOCK(txq); 1595 ath_tx_xmit_normal(sc, txq, bf); 1596 ATH_TXQ_UNLOCK(txq); 1597#endif 1598 1599 return 0; 1600} 1601 1602static int 1603ath_tx_raw_start(struct ath_softc *sc, struct ieee80211_node *ni, 1604 struct ath_buf *bf, struct mbuf *m0, 1605 const struct ieee80211_bpf_params *params) 1606{ 1607 struct ifnet *ifp = sc->sc_ifp; 1608 struct ieee80211com *ic = ifp->if_l2com; 1609 struct ath_hal *ah = sc->sc_ah; 1610 struct ieee80211vap *vap = ni->ni_vap; 1611 int error, ismcast, ismrr; 1612 int keyix, hdrlen, pktlen, try0, txantenna; 1613 u_int8_t rix, txrate; 1614 struct ieee80211_frame *wh; 1615 u_int flags; 1616 HAL_PKT_TYPE atype; 1617 const HAL_RATE_TABLE *rt; 1618 struct ath_desc *ds; 1619 u_int pri; 1620 int o_tid = -1; 1621 int do_override; 1622 1623 wh = mtod(m0, struct ieee80211_frame *); 1624 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1625 hdrlen = ieee80211_anyhdrsize(wh); 1626 /* 1627 * Packet length must not include any 1628 * pad bytes; deduct them here. 1629 */ 1630 /* XXX honor IEEE80211_BPF_DATAPAD */ 1631 pktlen = m0->m_pkthdr.len - (hdrlen & 3) + IEEE80211_CRC_LEN; 1632 1633 1634 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: ismcast=%d\n", 1635 __func__, ismcast); 1636 1637 /* Handle encryption twiddling if needed */ 1638 if (! ath_tx_tag_crypto(sc, ni, 1639 m0, params->ibp_flags & IEEE80211_BPF_CRYPTO, 0, 1640 &hdrlen, &pktlen, &keyix)) { 1641 ath_freetx(m0); 1642 return EIO; 1643 } 1644 /* packet header may have moved, reset our local pointer */ 1645 wh = mtod(m0, struct ieee80211_frame *); 1646 1647 /* Do the generic frame setup */ 1648 /* XXX should just bzero the bf_state? */ 1649 bf->bf_state.bfs_dobaw = 0; 1650 1651 error = ath_tx_dmasetup(sc, bf, m0); 1652 if (error != 0) 1653 return error; 1654 m0 = bf->bf_m; /* NB: may have changed */ 1655 wh = mtod(m0, struct ieee80211_frame *); 1656 bf->bf_node = ni; /* NB: held reference */ 1657 1658 flags = HAL_TXDESC_CLRDMASK; /* XXX needed for crypto errs */ 1659 flags |= HAL_TXDESC_INTREQ; /* force interrupt */ 1660 if (params->ibp_flags & IEEE80211_BPF_RTS) 1661 flags |= HAL_TXDESC_RTSENA; 1662 else if (params->ibp_flags & IEEE80211_BPF_CTS) { 1663 /* XXX assume 11g/11n protection? */ 1664 bf->bf_state.bfs_doprot = 1; 1665 flags |= HAL_TXDESC_CTSENA; 1666 } 1667 /* XXX leave ismcast to injector? */ 1668 if ((params->ibp_flags & IEEE80211_BPF_NOACK) || ismcast) 1669 flags |= HAL_TXDESC_NOACK; 1670 1671 rt = sc->sc_currates; 1672 KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode)); 1673 rix = ath_tx_findrix(sc, params->ibp_rate0); 1674 txrate = rt->info[rix].rateCode; 1675 if (params->ibp_flags & IEEE80211_BPF_SHORTPRE) 1676 txrate |= rt->info[rix].shortPreamble; 1677 sc->sc_txrix = rix; 1678 try0 = params->ibp_try0; 1679 ismrr = (params->ibp_try1 != 0); 1680 txantenna = params->ibp_pri >> 2; 1681 if (txantenna == 0) /* XXX? */ 1682 txantenna = sc->sc_txantenna; 1683 1684 /* 1685 * Since ctsrate is fixed, store it away for later 1686 * use when the descriptor fields are being set. 1687 */ 1688 if (flags & (HAL_TXDESC_RTSENA|HAL_TXDESC_CTSENA)) 1689 bf->bf_state.bfs_ctsrate0 = params->ibp_ctsrate; 1690 1691 pri = params->ibp_pri & 3; 1692 /* Override pri if the frame isn't a QoS one */ 1693 if (! IEEE80211_QOS_HAS_SEQ(wh)) 1694 pri = ath_tx_getac(sc, m0); 1695 1696 /* 1697 * NB: we mark all packets as type PSPOLL so the h/w won't 1698 * set the sequence number, duration, etc. 1699 */ 1700 atype = HAL_PKT_TYPE_PSPOLL; 1701 1702 if (IFF_DUMPPKTS(sc, ATH_DEBUG_XMIT)) 1703 ieee80211_dump_pkt(ic, mtod(m0, caddr_t), m0->m_len, 1704 sc->sc_hwmap[rix].ieeerate, -1); 1705 1706 if (ieee80211_radiotap_active_vap(vap)) { 1707 u_int64_t tsf = ath_hal_gettsf64(ah); 1708 1709 sc->sc_tx_th.wt_tsf = htole64(tsf); 1710 sc->sc_tx_th.wt_flags = sc->sc_hwmap[rix].txflags; 1711 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1712 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1713 if (m0->m_flags & M_FRAG) 1714 sc->sc_tx_th.wt_flags |= IEEE80211_RADIOTAP_F_FRAG; 1715 sc->sc_tx_th.wt_rate = sc->sc_hwmap[rix].ieeerate; 1716 sc->sc_tx_th.wt_txpower = ni->ni_txpower; 1717 sc->sc_tx_th.wt_antenna = sc->sc_txantenna; 1718 1719 ieee80211_radiotap_tx(vap, m0); 1720 } 1721 1722 /* 1723 * Formulate first tx descriptor with tx controls. 1724 */ 1725 ds = bf->bf_desc; 1726 /* XXX check return value? */ 1727 1728 /* Store the decided rate index values away */ 1729 bf->bf_state.bfs_pktlen = pktlen; 1730 bf->bf_state.bfs_hdrlen = hdrlen; 1731 bf->bf_state.bfs_atype = atype; 1732 bf->bf_state.bfs_txpower = params->ibp_power; 1733 bf->bf_state.bfs_txrate0 = txrate; 1734 bf->bf_state.bfs_try0 = try0; 1735 bf->bf_state.bfs_keyix = keyix; 1736 bf->bf_state.bfs_txantenna = txantenna; 1737 bf->bf_state.bfs_txflags = flags; 1738 bf->bf_state.bfs_shpream = 1739 !! (params->ibp_flags & IEEE80211_BPF_SHORTPRE); 1740 1741 /* XXX this should be done in ath_tx_setrate() */ 1742 bf->bf_state.bfs_ctsrate = 0; 1743 bf->bf_state.bfs_ctsduration = 0; 1744 bf->bf_state.bfs_ismrr = ismrr; 1745 1746 /* Blank the legacy rate array */ 1747 bzero(&bf->bf_state.bfs_rc, sizeof(bf->bf_state.bfs_rc)); 1748 1749 bf->bf_state.bfs_rc[0].rix = 1750 ath_tx_findrix(sc, params->ibp_rate0); 1751 bf->bf_state.bfs_rc[0].tries = try0; 1752 bf->bf_state.bfs_rc[0].ratecode = txrate; 1753 1754 if (ismrr) { 1755 int rix; 1756 1757 rix = ath_tx_findrix(sc, params->ibp_rate1); 1758 bf->bf_state.bfs_rc[1].rix = rix; 1759 bf->bf_state.bfs_rc[1].tries = params->ibp_try1; 1760 1761 rix = ath_tx_findrix(sc, params->ibp_rate2); 1762 bf->bf_state.bfs_rc[2].rix = rix; 1763 bf->bf_state.bfs_rc[2].tries = params->ibp_try2; 1764 1765 rix = ath_tx_findrix(sc, params->ibp_rate3); 1766 bf->bf_state.bfs_rc[3].rix = rix; 1767 bf->bf_state.bfs_rc[3].tries = params->ibp_try3; 1768 } 1769 /* 1770 * All the required rate control decisions have been made; 1771 * fill in the rc flags. 1772 */ 1773 ath_tx_rate_fill_rcflags(sc, bf); 1774 1775 /* NB: no buffered multicast in power save support */ 1776 1777 /* XXX If it's an ADDBA, override the correct queue */ 1778 do_override = ath_tx_action_frame_override_queue(sc, ni, m0, &o_tid); 1779 1780 /* Map ADDBA to the correct priority */ 1781 if (do_override) { 1782#if 0 1783 device_printf(sc->sc_dev, 1784 "%s: overriding tid %d pri %d -> %d\n", 1785 __func__, o_tid, pri, TID_TO_WME_AC(o_tid)); 1786#endif 1787 pri = TID_TO_WME_AC(o_tid); 1788 } 1789 1790 /* 1791 * If we're overiding the ADDBA destination, dump directly 1792 * into the hardware queue, right after any pending 1793 * frames to that node are. 1794 */ 1795 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: dooverride=%d\n", 1796 __func__, do_override); 1797 1798 if (do_override) { 1799 ATH_TXQ_LOCK(sc->sc_ac2q[pri]); 1800 ath_tx_xmit_normal(sc, sc->sc_ac2q[pri], bf); 1801 ATH_TXQ_UNLOCK(sc->sc_ac2q[pri]); 1802 } else { 1803 /* Queue to software queue */ 1804 ath_tx_swq(sc, ni, sc->sc_ac2q[pri], bf); 1805 } 1806 1807 return 0; 1808} 1809 1810/* 1811 * Send a raw frame. 1812 * 1813 * This can be called by net80211. 1814 */ 1815int 1816ath_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 1817 const struct ieee80211_bpf_params *params) 1818{ 1819 struct ieee80211com *ic = ni->ni_ic; 1820 struct ifnet *ifp = ic->ic_ifp; 1821 struct ath_softc *sc = ifp->if_softc; 1822 struct ath_buf *bf; 1823 struct ieee80211_frame *wh = mtod(m, struct ieee80211_frame *); 1824 int error = 0; 1825 1826 ATH_PCU_LOCK(sc); 1827 if (sc->sc_inreset_cnt > 0) { 1828 device_printf(sc->sc_dev, "%s: sc_inreset_cnt > 0; bailing\n", 1829 __func__); 1830 error = EIO; 1831 ATH_PCU_UNLOCK(sc); 1832 goto bad0; 1833 } 1834 sc->sc_txstart_cnt++; 1835 ATH_PCU_UNLOCK(sc); 1836 1837 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || sc->sc_invalid) { 1838 DPRINTF(sc, ATH_DEBUG_XMIT, "%s: discard frame, %s", __func__, 1839 (ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 ? 1840 "!running" : "invalid"); 1841 m_freem(m); 1842 error = ENETDOWN; 1843 goto bad; 1844 } 1845 1846 /* 1847 * Enforce how deep the multicast queue can grow. 1848 * 1849 * XXX duplicated in ath_tx_start(). 1850 */ 1851 if (IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1852 ATH_TXQ_LOCK(sc->sc_cabq); 1853 1854 if (sc->sc_cabq->axq_depth > sc->sc_txq_mcastq_maxdepth) { 1855 sc->sc_stats.ast_tx_mcastq_overflow++; 1856 error = ENOBUFS; 1857 } 1858 1859 ATH_TXQ_UNLOCK(sc->sc_cabq); 1860 1861 if (error != 0) { 1862 m_freem(m); 1863 goto bad; 1864 } 1865 } 1866 1867 /* 1868 * Grab a TX buffer and associated resources. 1869 */ 1870 bf = ath_getbuf(sc); 1871 if (bf == NULL) { 1872 sc->sc_stats.ast_tx_nobuf++; 1873 m_freem(m); 1874 error = ENOBUFS; 1875 goto bad; 1876 } 1877 1878 if (params == NULL) { 1879 /* 1880 * Legacy path; interpret frame contents to decide 1881 * precisely how to send the frame. 1882 */ 1883 if (ath_tx_start(sc, ni, bf, m)) { 1884 error = EIO; /* XXX */ 1885 goto bad2; 1886 } 1887 } else { 1888 /* 1889 * Caller supplied explicit parameters to use in 1890 * sending the frame. 1891 */ 1892 if (ath_tx_raw_start(sc, ni, bf, m, params)) { 1893 error = EIO; /* XXX */ 1894 goto bad2; 1895 } 1896 } 1897 sc->sc_wd_timer = 5; 1898 ifp->if_opackets++; 1899 sc->sc_stats.ast_tx_raw++; 1900 1901 ATH_PCU_LOCK(sc); 1902 sc->sc_txstart_cnt--; 1903 ATH_PCU_UNLOCK(sc); 1904 1905 return 0; 1906bad2: 1907 ATH_TXBUF_LOCK(sc); 1908 TAILQ_INSERT_HEAD(&sc->sc_txbuf, bf, bf_list); 1909 ATH_TXBUF_UNLOCK(sc); 1910bad: 1911 ATH_PCU_LOCK(sc); 1912 sc->sc_txstart_cnt--; 1913 ATH_PCU_UNLOCK(sc); 1914bad0: 1915 ifp->if_oerrors++; 1916 sc->sc_stats.ast_tx_raw_fail++; 1917 ieee80211_free_node(ni); 1918 1919 return error; 1920} 1921 1922/* Some helper functions */ 1923 1924/* 1925 * ADDBA (and potentially others) need to be placed in the same 1926 * hardware queue as the TID/node it's relating to. This is so 1927 * it goes out after any pending non-aggregate frames to the 1928 * same node/TID. 1929 * 1930 * If this isn't done, the ADDBA can go out before the frames 1931 * queued in hardware. Even though these frames have a sequence 1932 * number -earlier- than the ADDBA can be transmitted (but 1933 * no frames whose sequence numbers are after the ADDBA should 1934 * be!) they'll arrive after the ADDBA - and the receiving end 1935 * will simply drop them as being out of the BAW. 1936 * 1937 * The frames can't be appended to the TID software queue - it'll 1938 * never be sent out. So these frames have to be directly 1939 * dispatched to the hardware, rather than queued in software. 1940 * So if this function returns true, the TXQ has to be 1941 * overridden and it has to be directly dispatched. 1942 * 1943 * It's a dirty hack, but someone's gotta do it. 1944 */ 1945 1946/* 1947 * XXX doesn't belong here! 1948 */ 1949static int 1950ieee80211_is_action(struct ieee80211_frame *wh) 1951{ 1952 /* Type: Management frame? */ 1953 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != 1954 IEEE80211_FC0_TYPE_MGT) 1955 return 0; 1956 1957 /* Subtype: Action frame? */ 1958 if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) != 1959 IEEE80211_FC0_SUBTYPE_ACTION) 1960 return 0; 1961 1962 return 1; 1963} 1964 1965#define MS(_v, _f) (((_v) & _f) >> _f##_S) 1966/* 1967 * Return an alternate TID for ADDBA request frames. 1968 * 1969 * Yes, this likely should be done in the net80211 layer. 1970 */ 1971static int 1972ath_tx_action_frame_override_queue(struct ath_softc *sc, 1973 struct ieee80211_node *ni, 1974 struct mbuf *m0, int *tid) 1975{ 1976 struct ieee80211_frame *wh = mtod(m0, struct ieee80211_frame *); 1977 struct ieee80211_action_ba_addbarequest *ia; 1978 uint8_t *frm; 1979 uint16_t baparamset; 1980 1981 /* Not action frame? Bail */ 1982 if (! ieee80211_is_action(wh)) 1983 return 0; 1984 1985 /* XXX Not needed for frames we send? */ 1986#if 0 1987 /* Correct length? */ 1988 if (! ieee80211_parse_action(ni, m)) 1989 return 0; 1990#endif 1991 1992 /* Extract out action frame */ 1993 frm = (u_int8_t *)&wh[1]; 1994 ia = (struct ieee80211_action_ba_addbarequest *) frm; 1995 1996 /* Not ADDBA? Bail */ 1997 if (ia->rq_header.ia_category != IEEE80211_ACTION_CAT_BA) 1998 return 0; 1999 if (ia->rq_header.ia_action != IEEE80211_ACTION_BA_ADDBA_REQUEST) 2000 return 0; 2001 2002 /* Extract TID, return it */ 2003 baparamset = le16toh(ia->rq_baparamset); 2004 *tid = (int) MS(baparamset, IEEE80211_BAPS_TID); 2005 2006 return 1; 2007} 2008#undef MS 2009 2010/* Per-node software queue operations */ 2011 2012/* 2013 * Add the current packet to the given BAW. 2014 * It is assumed that the current packet 2015 * 2016 * + fits inside the BAW; 2017 * + already has had a sequence number allocated. 2018 * 2019 * Since the BAW status may be modified by both the ath task and 2020 * the net80211/ifnet contexts, the TID must be locked. 2021 */ 2022void 2023ath_tx_addto_baw(struct ath_softc *sc, struct ath_node *an, 2024 struct ath_tid *tid, struct ath_buf *bf) 2025{ 2026 int index, cindex; 2027 struct ieee80211_tx_ampdu *tap; 2028 2029 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2030 ATH_TID_LOCK_ASSERT(sc, tid); 2031 2032 if (bf->bf_state.bfs_isretried) 2033 return; 2034 2035 tap = ath_tx_get_tx_tid(an, tid->tid); 2036 2037 if (bf->bf_state.bfs_addedbaw) 2038 device_printf(sc->sc_dev, 2039 "%s: re-added? tid=%d, seqno %d; window %d:%d; " 2040 "baw head=%d tail=%d\n", 2041 __func__, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 2042 tap->txa_start, tap->txa_wnd, tid->baw_head, 2043 tid->baw_tail); 2044 2045 /* 2046 * ni->ni_txseqs[] is the currently allocated seqno. 2047 * the txa state contains the current baw start. 2048 */ 2049 index = ATH_BA_INDEX(tap->txa_start, SEQNO(bf->bf_state.bfs_seqno)); 2050 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2051 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2052 "%s: tid=%d, seqno %d; window %d:%d; index=%d cindex=%d " 2053 "baw head=%d tail=%d\n", 2054 __func__, tid->tid, SEQNO(bf->bf_state.bfs_seqno), 2055 tap->txa_start, tap->txa_wnd, index, cindex, tid->baw_head, 2056 tid->baw_tail); 2057 2058 2059#if 0 2060 assert(tid->tx_buf[cindex] == NULL); 2061#endif 2062 if (tid->tx_buf[cindex] != NULL) { 2063 device_printf(sc->sc_dev, 2064 "%s: ba packet dup (index=%d, cindex=%d, " 2065 "head=%d, tail=%d)\n", 2066 __func__, index, cindex, tid->baw_head, tid->baw_tail); 2067 device_printf(sc->sc_dev, 2068 "%s: BA bf: %p; seqno=%d ; new bf: %p; seqno=%d\n", 2069 __func__, 2070 tid->tx_buf[cindex], 2071 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno), 2072 bf, 2073 SEQNO(bf->bf_state.bfs_seqno) 2074 ); 2075 } 2076 tid->tx_buf[cindex] = bf; 2077 2078 if (index >= ((tid->baw_tail - tid->baw_head) & 2079 (ATH_TID_MAX_BUFS - 1))) { 2080 tid->baw_tail = cindex; 2081 INCR(tid->baw_tail, ATH_TID_MAX_BUFS); 2082 } 2083} 2084 2085/* 2086 * Flip the BAW buffer entry over from the existing one to the new one. 2087 * 2088 * When software retransmitting a (sub-)frame, it is entirely possible that 2089 * the frame ath_buf is marked as BUSY and can't be immediately reused. 2090 * In that instance the buffer is cloned and the new buffer is used for 2091 * retransmit. We thus need to update the ath_buf slot in the BAW buf 2092 * tracking array to maintain consistency. 2093 */ 2094static void 2095ath_tx_switch_baw_buf(struct ath_softc *sc, struct ath_node *an, 2096 struct ath_tid *tid, struct ath_buf *old_bf, struct ath_buf *new_bf) 2097{ 2098 int index, cindex; 2099 struct ieee80211_tx_ampdu *tap; 2100 int seqno = SEQNO(old_bf->bf_state.bfs_seqno); 2101 2102 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2103 ATH_TID_LOCK_ASSERT(sc, tid); 2104 2105 tap = ath_tx_get_tx_tid(an, tid->tid); 2106 index = ATH_BA_INDEX(tap->txa_start, seqno); 2107 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2108 2109 /* 2110 * Just warn for now; if it happens then we should find out 2111 * about it. It's highly likely the aggregation session will 2112 * soon hang. 2113 */ 2114 if (old_bf->bf_state.bfs_seqno != new_bf->bf_state.bfs_seqno) { 2115 device_printf(sc->sc_dev, "%s: retransmitted buffer" 2116 " has mismatching seqno's, BA session may hang.\n", 2117 __func__); 2118 device_printf(sc->sc_dev, "%s: old seqno=%d, new_seqno=%d\n", 2119 __func__, 2120 old_bf->bf_state.bfs_seqno, 2121 new_bf->bf_state.bfs_seqno); 2122 } 2123 2124 if (tid->tx_buf[cindex] != old_bf) { 2125 device_printf(sc->sc_dev, "%s: ath_buf pointer incorrect; " 2126 " has m BA session may hang.\n", 2127 __func__); 2128 device_printf(sc->sc_dev, "%s: old bf=%p, new bf=%p\n", 2129 __func__, 2130 old_bf, new_bf); 2131 } 2132 2133 tid->tx_buf[cindex] = new_bf; 2134} 2135 2136/* 2137 * seq_start - left edge of BAW 2138 * seq_next - current/next sequence number to allocate 2139 * 2140 * Since the BAW status may be modified by both the ath task and 2141 * the net80211/ifnet contexts, the TID must be locked. 2142 */ 2143static void 2144ath_tx_update_baw(struct ath_softc *sc, struct ath_node *an, 2145 struct ath_tid *tid, const struct ath_buf *bf) 2146{ 2147 int index, cindex; 2148 struct ieee80211_tx_ampdu *tap; 2149 int seqno = SEQNO(bf->bf_state.bfs_seqno); 2150 2151 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2152 2153 tap = ath_tx_get_tx_tid(an, tid->tid); 2154 index = ATH_BA_INDEX(tap->txa_start, seqno); 2155 cindex = (tid->baw_head + index) & (ATH_TID_MAX_BUFS - 1); 2156 2157 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2158 "%s: tid=%d, baw=%d:%d, seqno=%d, index=%d, cindex=%d, " 2159 "baw head=%d, tail=%d\n", 2160 __func__, tid->tid, tap->txa_start, tap->txa_wnd, seqno, index, 2161 cindex, tid->baw_head, tid->baw_tail); 2162 2163 /* 2164 * If this occurs then we have a big problem - something else 2165 * has slid tap->txa_start along without updating the BAW 2166 * tracking start/end pointers. Thus the TX BAW state is now 2167 * completely busted. 2168 * 2169 * But for now, since I haven't yet fixed TDMA and buffer cloning, 2170 * it's quite possible that a cloned buffer is making its way 2171 * here and causing it to fire off. Disable TDMA for now. 2172 */ 2173 if (tid->tx_buf[cindex] != bf) { 2174 device_printf(sc->sc_dev, 2175 "%s: comp bf=%p, seq=%d; slot bf=%p, seqno=%d\n", 2176 __func__, 2177 bf, SEQNO(bf->bf_state.bfs_seqno), 2178 tid->tx_buf[cindex], 2179 SEQNO(tid->tx_buf[cindex]->bf_state.bfs_seqno)); 2180 } 2181 2182 tid->tx_buf[cindex] = NULL; 2183 2184 while (tid->baw_head != tid->baw_tail && 2185 !tid->tx_buf[tid->baw_head]) { 2186 INCR(tap->txa_start, IEEE80211_SEQ_RANGE); 2187 INCR(tid->baw_head, ATH_TID_MAX_BUFS); 2188 } 2189 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2190 "%s: baw is now %d:%d, baw head=%d\n", 2191 __func__, tap->txa_start, tap->txa_wnd, tid->baw_head); 2192} 2193 2194/* 2195 * Mark the current node/TID as ready to TX. 2196 * 2197 * This is done to make it easy for the software scheduler to 2198 * find which nodes have data to send. 2199 * 2200 * The TXQ lock must be held. 2201 */ 2202static void 2203ath_tx_tid_sched(struct ath_softc *sc, struct ath_tid *tid) 2204{ 2205 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2206 2207 ATH_TXQ_LOCK_ASSERT(txq); 2208 2209 if (tid->paused) 2210 return; /* paused, can't schedule yet */ 2211 2212 if (tid->sched) 2213 return; /* already scheduled */ 2214 2215 tid->sched = 1; 2216 2217 TAILQ_INSERT_TAIL(&txq->axq_tidq, tid, axq_qelem); 2218} 2219 2220/* 2221 * Mark the current node as no longer needing to be polled for 2222 * TX packets. 2223 * 2224 * The TXQ lock must be held. 2225 */ 2226static void 2227ath_tx_tid_unsched(struct ath_softc *sc, struct ath_tid *tid) 2228{ 2229 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2230 2231 ATH_TXQ_LOCK_ASSERT(txq); 2232 2233 if (tid->sched == 0) 2234 return; 2235 2236 tid->sched = 0; 2237 TAILQ_REMOVE(&txq->axq_tidq, tid, axq_qelem); 2238} 2239 2240/* 2241 * Assign a sequence number manually to the given frame. 2242 * 2243 * This should only be called for A-MPDU TX frames. 2244 */ 2245static ieee80211_seq 2246ath_tx_tid_seqno_assign(struct ath_softc *sc, struct ieee80211_node *ni, 2247 struct ath_buf *bf, struct mbuf *m0) 2248{ 2249 struct ieee80211_frame *wh; 2250 int tid, pri; 2251 ieee80211_seq seqno; 2252 uint8_t subtype; 2253 2254 /* TID lookup */ 2255 wh = mtod(m0, struct ieee80211_frame *); 2256 pri = M_WME_GETAC(m0); /* honor classification */ 2257 tid = WME_AC_TO_TID(pri); 2258 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: pri=%d, tid=%d, qos has seq=%d\n", 2259 __func__, pri, tid, IEEE80211_QOS_HAS_SEQ(wh)); 2260 2261 /* XXX Is it a control frame? Ignore */ 2262 2263 /* Does the packet require a sequence number? */ 2264 if (! IEEE80211_QOS_HAS_SEQ(wh)) 2265 return -1; 2266 2267 /* 2268 * Is it a QOS NULL Data frame? Give it a sequence number from 2269 * the default TID (IEEE80211_NONQOS_TID.) 2270 * 2271 * The RX path of everything I've looked at doesn't include the NULL 2272 * data frame sequence number in the aggregation state updates, so 2273 * assigning it a sequence number there will cause a BAW hole on the 2274 * RX side. 2275 */ 2276 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2277 if (subtype == IEEE80211_FC0_SUBTYPE_QOS_NULL) { 2278 seqno = ni->ni_txseqs[IEEE80211_NONQOS_TID]; 2279 INCR(ni->ni_txseqs[IEEE80211_NONQOS_TID], IEEE80211_SEQ_RANGE); 2280 } else { 2281 /* Manually assign sequence number */ 2282 seqno = ni->ni_txseqs[tid]; 2283 INCR(ni->ni_txseqs[tid], IEEE80211_SEQ_RANGE); 2284 } 2285 *(uint16_t *)&wh->i_seq[0] = htole16(seqno << IEEE80211_SEQ_SEQ_SHIFT); 2286 M_SEQNO_SET(m0, seqno); 2287 2288 /* Return so caller can do something with it if needed */ 2289 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: -> seqno=%d\n", __func__, seqno); 2290 return seqno; 2291} 2292 2293/* 2294 * Attempt to direct dispatch an aggregate frame to hardware. 2295 * If the frame is out of BAW, queue. 2296 * Otherwise, schedule it as a single frame. 2297 */ 2298static void 2299ath_tx_xmit_aggr(struct ath_softc *sc, struct ath_node *an, struct ath_buf *bf) 2300{ 2301 struct ath_tid *tid = &an->an_tid[bf->bf_state.bfs_tid]; 2302 struct ath_txq *txq = bf->bf_state.bfs_txq; 2303 struct ieee80211_tx_ampdu *tap; 2304 2305 ATH_TXQ_LOCK_ASSERT(txq); 2306 ATH_TID_LOCK_ASSERT(sc, tid); 2307 2308 tap = ath_tx_get_tx_tid(an, tid->tid); 2309 2310 /* paused? queue */ 2311 if (tid->paused) { 2312 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list); 2313 /* XXX don't sched - we're paused! */ 2314 return; 2315 } 2316 2317 /* outside baw? queue */ 2318 if (bf->bf_state.bfs_dobaw && 2319 (! BAW_WITHIN(tap->txa_start, tap->txa_wnd, 2320 SEQNO(bf->bf_state.bfs_seqno)))) { 2321 ATH_TXQ_INSERT_TAIL(tid, bf, bf_list); 2322 ath_tx_tid_sched(sc, tid); 2323 return; 2324 } 2325 2326 /* Direct dispatch to hardware */ 2327 ath_tx_do_ratelookup(sc, bf); 2328 ath_tx_calc_duration(sc, bf); 2329 ath_tx_calc_protection(sc, bf); 2330 ath_tx_set_rtscts(sc, bf); 2331 ath_tx_rate_fill_rcflags(sc, bf); 2332 ath_tx_setds(sc, bf); 2333 ath_tx_set_ratectrl(sc, bf->bf_node, bf); 2334 ath_tx_chaindesclist(sc, bf); 2335 2336 /* Statistics */ 2337 sc->sc_aggr_stats.aggr_low_hwq_single_pkt++; 2338 2339 /* Track per-TID hardware queue depth correctly */ 2340 tid->hwq_depth++; 2341 2342 /* Add to BAW */ 2343 if (bf->bf_state.bfs_dobaw) { 2344 ath_tx_addto_baw(sc, an, tid, bf); 2345 bf->bf_state.bfs_addedbaw = 1; 2346 } 2347 2348 /* Set completion handler, multi-frame aggregate or not */ 2349 bf->bf_comp = ath_tx_aggr_comp; 2350 2351 /* Hand off to hardware */ 2352 ath_tx_handoff(sc, txq, bf); 2353} 2354 2355/* 2356 * Attempt to send the packet. 2357 * If the queue isn't busy, direct-dispatch. 2358 * If the queue is busy enough, queue the given packet on the 2359 * relevant software queue. 2360 */ 2361void 2362ath_tx_swq(struct ath_softc *sc, struct ieee80211_node *ni, struct ath_txq *txq, 2363 struct ath_buf *bf) 2364{ 2365 struct ath_node *an = ATH_NODE(ni); 2366 struct ieee80211_frame *wh; 2367 struct ath_tid *atid; 2368 int pri, tid; 2369 struct mbuf *m0 = bf->bf_m; 2370 2371 /* Fetch the TID - non-QoS frames get assigned to TID 16 */ 2372 wh = mtod(m0, struct ieee80211_frame *); 2373 pri = ath_tx_getac(sc, m0); 2374 tid = ath_tx_gettid(sc, m0); 2375 atid = &an->an_tid[tid]; 2376 2377 ATH_TID_LOCK_ASSERT(sc, atid); 2378 2379 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p, pri=%d, tid=%d, qos=%d\n", 2380 __func__, bf, pri, tid, IEEE80211_QOS_HAS_SEQ(wh)); 2381 2382 /* Set local packet state, used to queue packets to hardware */ 2383 bf->bf_state.bfs_tid = tid; 2384 bf->bf_state.bfs_txq = txq; 2385 bf->bf_state.bfs_pri = pri; 2386 2387 /* 2388 * If the hardware queue isn't busy, queue it directly. 2389 * If the hardware queue is busy, queue it. 2390 * If the TID is paused or the traffic it outside BAW, software 2391 * queue it. 2392 */ 2393 ATH_TXQ_LOCK(txq); 2394 if (atid->paused) { 2395 /* TID is paused, queue */ 2396 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: paused\n", __func__); 2397 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2398 } else if (ath_tx_ampdu_pending(sc, an, tid)) { 2399 /* AMPDU pending; queue */ 2400 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: pending\n", __func__); 2401 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2402 /* XXX sched? */ 2403 } else if (ath_tx_ampdu_running(sc, an, tid)) { 2404 /* AMPDU running, attempt direct dispatch if possible */ 2405 2406 /* 2407 * Always queue the frame to the tail of the list. 2408 */ 2409 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2410 2411 /* 2412 * If the hardware queue isn't busy, direct dispatch 2413 * the head frame in the list. Don't schedule the 2414 * TID - let it build some more frames first? 2415 * 2416 * Otherwise, schedule the TID. 2417 */ 2418 if (txq->axq_depth < sc->sc_hwq_limit) { 2419 bf = TAILQ_FIRST(&atid->axq_q); 2420 ATH_TXQ_REMOVE(atid, bf, bf_list); 2421 ath_tx_xmit_aggr(sc, an, bf); 2422 DPRINTF(sc, ATH_DEBUG_SW_TX, 2423 "%s: xmit_aggr\n", 2424 __func__); 2425 } else { 2426 DPRINTF(sc, ATH_DEBUG_SW_TX, 2427 "%s: ampdu; swq'ing\n", 2428 __func__); 2429 ath_tx_tid_sched(sc, atid); 2430 } 2431 } else if (txq->axq_depth < sc->sc_hwq_limit) { 2432 /* AMPDU not running, attempt direct dispatch */ 2433 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: xmit_normal\n", __func__); 2434 ath_tx_xmit_normal(sc, txq, bf); 2435 } else { 2436 /* Busy; queue */ 2437 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: swq'ing\n", __func__); 2438 ATH_TXQ_INSERT_TAIL(atid, bf, bf_list); 2439 ath_tx_tid_sched(sc, atid); 2440 } 2441 ATH_TXQ_UNLOCK(txq); 2442} 2443 2444/* 2445 * Do the basic frame setup stuff that's required before the frame 2446 * is added to a software queue. 2447 * 2448 * All frames get mostly the same treatment and it's done once. 2449 * Retransmits fiddle with things like the rate control setup, 2450 * setting the retransmit bit in the packet; doing relevant DMA/bus 2451 * syncing and relinking it (back) into the hardware TX queue. 2452 * 2453 * Note that this may cause the mbuf to be reallocated, so 2454 * m0 may not be valid. 2455 */ 2456 2457 2458/* 2459 * Configure the per-TID node state. 2460 * 2461 * This likely belongs in if_ath_node.c but I can't think of anywhere 2462 * else to put it just yet. 2463 * 2464 * This sets up the SLISTs and the mutex as appropriate. 2465 */ 2466void 2467ath_tx_tid_init(struct ath_softc *sc, struct ath_node *an) 2468{ 2469 int i, j; 2470 struct ath_tid *atid; 2471 2472 for (i = 0; i < IEEE80211_TID_SIZE; i++) { 2473 atid = &an->an_tid[i]; 2474 TAILQ_INIT(&atid->axq_q); 2475 atid->tid = i; 2476 atid->an = an; 2477 for (j = 0; j < ATH_TID_MAX_BUFS; j++) 2478 atid->tx_buf[j] = NULL; 2479 atid->baw_head = atid->baw_tail = 0; 2480 atid->paused = 0; 2481 atid->sched = 0; 2482 atid->hwq_depth = 0; 2483 atid->cleanup_inprogress = 0; 2484 if (i == IEEE80211_NONQOS_TID) 2485 atid->ac = WME_AC_BE; 2486 else 2487 atid->ac = TID_TO_WME_AC(i); 2488 } 2489} 2490 2491/* 2492 * Pause the current TID. This stops packets from being transmitted 2493 * on it. 2494 * 2495 * Since this is also called from upper layers as well as the driver, 2496 * it will get the TID lock. 2497 */ 2498static void 2499ath_tx_tid_pause(struct ath_softc *sc, struct ath_tid *tid) 2500{ 2501 2502 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2503 tid->paused++; 2504 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: paused = %d\n", 2505 __func__, tid->paused); 2506} 2507 2508/* 2509 * Unpause the current TID, and schedule it if needed. 2510 */ 2511static void 2512ath_tx_tid_resume(struct ath_softc *sc, struct ath_tid *tid) 2513{ 2514 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2515 2516 tid->paused--; 2517 2518 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: unpaused = %d\n", 2519 __func__, tid->paused); 2520 2521 if (tid->paused || tid->axq_depth == 0) { 2522 return; 2523 } 2524 2525 ath_tx_tid_sched(sc, tid); 2526 /* Punt some frames to the hardware if needed */ 2527 //ath_txq_sched(sc, sc->sc_ac2q[tid->ac]); 2528 taskqueue_enqueue(sc->sc_tq, &sc->sc_txqtask); 2529} 2530 2531/* 2532 * Suspend the queue because we need to TX a BAR. 2533 */ 2534static void 2535ath_tx_tid_bar_suspend(struct ath_softc *sc, struct ath_tid *tid) 2536{ 2537 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2538 2539 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 2540 "%s: tid=%p, bar_wait=%d, bar_tx=%d, called\n", 2541 __func__, 2542 tid, 2543 tid->bar_wait, 2544 tid->bar_tx); 2545 2546 /* We shouldn't be called when bar_tx is 1 */ 2547 if (tid->bar_tx) { 2548 device_printf(sc->sc_dev, "%s: bar_tx is 1?!\n", 2549 __func__); 2550 } 2551 2552 /* If we've already been called, just be patient. */ 2553 if (tid->bar_wait) 2554 return; 2555 2556 /* Wait! */ 2557 tid->bar_wait = 1; 2558 2559 /* Only one pause, no matter how many frames fail */ 2560 ath_tx_tid_pause(sc, tid); 2561} 2562 2563/* 2564 * We've finished with BAR handling - either we succeeded or 2565 * failed. Either way, unsuspend TX. 2566 */ 2567static void 2568ath_tx_tid_bar_unsuspend(struct ath_softc *sc, struct ath_tid *tid) 2569{ 2570 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2571 2572 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 2573 "%s: tid=%p, called\n", 2574 __func__, 2575 tid); 2576 2577 if (tid->bar_tx == 0 || tid->bar_wait == 0) { 2578 device_printf(sc->sc_dev, "%s: bar_tx=%d, bar_wait=%d: ?\n", 2579 __func__, tid->bar_tx, tid->bar_wait); 2580 } 2581 2582 tid->bar_tx = tid->bar_wait = 0; 2583 ath_tx_tid_resume(sc, tid); 2584} 2585 2586/* 2587 * Return whether we're ready to TX a BAR frame. 2588 * 2589 * Requires the TID lock be held. 2590 */ 2591static int 2592ath_tx_tid_bar_tx_ready(struct ath_softc *sc, struct ath_tid *tid) 2593{ 2594 2595 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2596 2597 if (tid->bar_wait == 0 || tid->hwq_depth > 0) 2598 return (0); 2599 2600 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, "%s: tid=%p (%d), bar ready\n", 2601 __func__, tid, tid->tid); 2602 2603 return (1); 2604} 2605 2606/* 2607 * Check whether the current TID is ready to have a BAR 2608 * TXed and if so, do the TX. 2609 * 2610 * Since the TID/TXQ lock can't be held during a call to 2611 * ieee80211_send_bar(), we have to do the dirty thing of unlocking it, 2612 * sending the BAR and locking it again. 2613 * 2614 * Eventually, the code to send the BAR should be broken out 2615 * from this routine so the lock doesn't have to be reacquired 2616 * just to be immediately dropped by the caller. 2617 */ 2618static void 2619ath_tx_tid_bar_tx(struct ath_softc *sc, struct ath_tid *tid) 2620{ 2621 struct ieee80211_tx_ampdu *tap; 2622 2623 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2624 2625 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 2626 "%s: tid=%p, called\n", 2627 __func__, 2628 tid); 2629 2630 tap = ath_tx_get_tx_tid(tid->an, tid->tid); 2631 2632 /* 2633 * This is an error condition! 2634 */ 2635 if (tid->bar_wait == 0 || tid->bar_tx == 1) { 2636 device_printf(sc->sc_dev, 2637 "%s: tid=%p, bar_tx=%d, bar_wait=%d: ?\n", 2638 __func__, 2639 tid, 2640 tid->bar_tx, 2641 tid->bar_wait); 2642 return; 2643 } 2644 2645 /* Don't do anything if we still have pending frames */ 2646 if (tid->hwq_depth > 0) { 2647 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 2648 "%s: tid=%p, hwq_depth=%d, waiting\n", 2649 __func__, 2650 tid, 2651 tid->hwq_depth); 2652 return; 2653 } 2654 2655 /* We're now about to TX */ 2656 tid->bar_tx = 1; 2657 2658 /* 2659 * Calculate new BAW left edge, now that all frames have either 2660 * succeeded or failed. 2661 * 2662 * XXX verify this is _actually_ the valid value to begin at! 2663 */ 2664 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 2665 "%s: tid=%p, new BAW left edge=%d\n", 2666 __func__, 2667 tid, 2668 tap->txa_start); 2669 2670 /* Try sending the BAR frame */ 2671 /* We can't hold the lock here! */ 2672 2673 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 2674 if (ieee80211_send_bar(&tid->an->an_node, tap, tap->txa_start) == 0) { 2675 /* Success? Now we wait for notification that it's done */ 2676 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 2677 return; 2678 } 2679 2680 /* Failure? For now, warn loudly and continue */ 2681 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 2682 device_printf(sc->sc_dev, "%s: tid=%p, failed to TX BAR, continue!\n", 2683 __func__, tid); 2684 ath_tx_tid_bar_unsuspend(sc, tid); 2685} 2686 2687 2688/* 2689 * Free any packets currently pending in the software TX queue. 2690 * 2691 * This will be called when a node is being deleted. 2692 * 2693 * It can also be called on an active node during an interface 2694 * reset or state transition. 2695 * 2696 * (From Linux/reference): 2697 * 2698 * TODO: For frame(s) that are in the retry state, we will reuse the 2699 * sequence number(s) without setting the retry bit. The 2700 * alternative is to give up on these and BAR the receiver's window 2701 * forward. 2702 */ 2703static void 2704ath_tx_tid_drain(struct ath_softc *sc, struct ath_node *an, 2705 struct ath_tid *tid, ath_bufhead *bf_cq) 2706{ 2707 struct ath_buf *bf; 2708 struct ieee80211_tx_ampdu *tap; 2709 struct ieee80211_node *ni = &an->an_node; 2710 int t = 0; 2711 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 2712 2713 tap = ath_tx_get_tx_tid(an, tid->tid); 2714 2715 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[tid->ac]); 2716 2717 /* Walk the queue, free frames */ 2718 for (;;) { 2719 bf = TAILQ_FIRST(&tid->axq_q); 2720 if (bf == NULL) { 2721 break; 2722 } 2723 2724 if (t == 0) { 2725 device_printf(sc->sc_dev, 2726 "%s: node %p: bf=%p: addbaw=%d, dobaw=%d, " 2727 "seqno=%d, retry=%d\n", 2728 __func__, ni, bf, 2729 bf->bf_state.bfs_addedbaw, 2730 bf->bf_state.bfs_dobaw, 2731 SEQNO(bf->bf_state.bfs_seqno), 2732 bf->bf_state.bfs_retries); 2733 device_printf(sc->sc_dev, 2734 "%s: node %p: bf=%p: tid txq_depth=%d hwq_depth=%d, bar_wait=%d\n", 2735 __func__, ni, bf, 2736 tid->axq_depth, 2737 tid->hwq_depth, 2738 tid->bar_wait); 2739 device_printf(sc->sc_dev, 2740 "%s: node %p: tid %d: txq_depth=%d, " 2741 "txq_aggr_depth=%d, sched=%d, paused=%d, " 2742 "hwq_depth=%d, incomp=%d, baw_head=%d, " 2743 "baw_tail=%d txa_start=%d, ni_txseqs=%d\n", 2744 __func__, ni, tid->tid, txq->axq_depth, 2745 txq->axq_aggr_depth, tid->sched, tid->paused, 2746 tid->hwq_depth, tid->incomp, tid->baw_head, 2747 tid->baw_tail, tap == NULL ? -1 : tap->txa_start, 2748 ni->ni_txseqs[tid->tid]); 2749 2750 /* XXX Dump the frame, see what it is? */ 2751 ieee80211_dump_pkt(ni->ni_ic, 2752 mtod(bf->bf_m, const uint8_t *), 2753 bf->bf_m->m_len, 0, -1); 2754 2755 t = 1; 2756 } 2757 2758 2759 /* 2760 * If the current TID is running AMPDU, update 2761 * the BAW. 2762 */ 2763 if (ath_tx_ampdu_running(sc, an, tid->tid) && 2764 bf->bf_state.bfs_dobaw) { 2765 /* 2766 * Only remove the frame from the BAW if it's 2767 * been transmitted at least once; this means 2768 * the frame was in the BAW to begin with. 2769 */ 2770 if (bf->bf_state.bfs_retries > 0) { 2771 ath_tx_update_baw(sc, an, tid, bf); 2772 bf->bf_state.bfs_dobaw = 0; 2773 } 2774 /* 2775 * This has become a non-fatal error now 2776 */ 2777 if (! bf->bf_state.bfs_addedbaw) 2778 device_printf(sc->sc_dev, 2779 "%s: wasn't added: seqno %d\n", 2780 __func__, SEQNO(bf->bf_state.bfs_seqno)); 2781 } 2782 ATH_TXQ_REMOVE(tid, bf, bf_list); 2783 TAILQ_INSERT_TAIL(bf_cq, bf, bf_list); 2784 } 2785 2786 /* 2787 * Now that it's completed, grab the TID lock and update 2788 * the sequence number and BAW window. 2789 * Because sequence numbers have been assigned to frames 2790 * that haven't been sent yet, it's entirely possible 2791 * we'll be called with some pending frames that have not 2792 * been transmitted. 2793 * 2794 * The cleaner solution is to do the sequence number allocation 2795 * when the packet is first transmitted - and thus the "retries" 2796 * check above would be enough to update the BAW/seqno. 2797 */ 2798 2799 /* But don't do it for non-QoS TIDs */ 2800 if (tap) { 2801#if 0 2802 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2803 "%s: node %p: TID %d: sliding BAW left edge to %d\n", 2804 __func__, an, tid->tid, tap->txa_start); 2805#endif 2806 ni->ni_txseqs[tid->tid] = tap->txa_start; 2807 tid->baw_tail = tid->baw_head; 2808 } 2809} 2810 2811/* 2812 * Flush all software queued packets for the given node. 2813 * 2814 * This occurs when a completion handler frees the last buffer 2815 * for a node, and the node is thus freed. This causes the node 2816 * to be cleaned up, which ends up calling ath_tx_node_flush. 2817 */ 2818void 2819ath_tx_node_flush(struct ath_softc *sc, struct ath_node *an) 2820{ 2821 int tid; 2822 ath_bufhead bf_cq; 2823 struct ath_buf *bf; 2824 2825 TAILQ_INIT(&bf_cq); 2826 2827 for (tid = 0; tid < IEEE80211_TID_SIZE; tid++) { 2828 struct ath_tid *atid = &an->an_tid[tid]; 2829 struct ath_txq *txq = sc->sc_ac2q[atid->ac]; 2830 2831 /* Remove this tid from the list of active tids */ 2832 ATH_TXQ_LOCK(txq); 2833 ath_tx_tid_unsched(sc, atid); 2834 2835 /* Free packets */ 2836 ath_tx_tid_drain(sc, an, atid, &bf_cq); 2837 ATH_TXQ_UNLOCK(txq); 2838 } 2839 2840 /* Handle completed frames */ 2841 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2842 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2843 ath_tx_default_comp(sc, bf, 0); 2844 } 2845} 2846 2847/* 2848 * Drain all the software TXQs currently with traffic queued. 2849 */ 2850void 2851ath_tx_txq_drain(struct ath_softc *sc, struct ath_txq *txq) 2852{ 2853 struct ath_tid *tid; 2854 ath_bufhead bf_cq; 2855 struct ath_buf *bf; 2856 2857 TAILQ_INIT(&bf_cq); 2858 ATH_TXQ_LOCK(txq); 2859 2860 /* 2861 * Iterate over all active tids for the given txq, 2862 * flushing and unsched'ing them 2863 */ 2864 while (! TAILQ_EMPTY(&txq->axq_tidq)) { 2865 tid = TAILQ_FIRST(&txq->axq_tidq); 2866 ath_tx_tid_drain(sc, tid->an, tid, &bf_cq); 2867 ath_tx_tid_unsched(sc, tid); 2868 } 2869 2870 ATH_TXQ_UNLOCK(txq); 2871 2872 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 2873 TAILQ_REMOVE(&bf_cq, bf, bf_list); 2874 ath_tx_default_comp(sc, bf, 0); 2875 } 2876} 2877 2878/* 2879 * Handle completion of non-aggregate session frames. 2880 */ 2881void 2882ath_tx_normal_comp(struct ath_softc *sc, struct ath_buf *bf, int fail) 2883{ 2884 struct ieee80211_node *ni = bf->bf_node; 2885 struct ath_node *an = ATH_NODE(ni); 2886 int tid = bf->bf_state.bfs_tid; 2887 struct ath_tid *atid = &an->an_tid[tid]; 2888 struct ath_tx_status *ts = &bf->bf_status.ds_txstat; 2889 2890 /* The TID state is protected behind the TXQ lock */ 2891 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2892 2893 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: bf=%p: fail=%d, hwq_depth now %d\n", 2894 __func__, bf, fail, atid->hwq_depth - 1); 2895 2896 atid->hwq_depth--; 2897 if (atid->hwq_depth < 0) 2898 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 2899 __func__, atid->hwq_depth); 2900 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2901 2902 /* 2903 * punt to rate control if we're not being cleaned up 2904 * during a hw queue drain and the frame wanted an ACK. 2905 */ 2906 if (fail == 0 && ((bf->bf_state.bfs_txflags & HAL_TXDESC_NOACK) == 0)) 2907 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc, 2908 ts, bf->bf_state.bfs_pktlen, 2909 1, (ts->ts_status == 0) ? 0 : 1); 2910 2911 ath_tx_default_comp(sc, bf, fail); 2912} 2913 2914/* 2915 * Handle cleanup of aggregate session packets that aren't 2916 * an A-MPDU. 2917 * 2918 * There's no need to update the BAW here - the session is being 2919 * torn down. 2920 */ 2921static void 2922ath_tx_comp_cleanup_unaggr(struct ath_softc *sc, struct ath_buf *bf) 2923{ 2924 struct ieee80211_node *ni = bf->bf_node; 2925 struct ath_node *an = ATH_NODE(ni); 2926 int tid = bf->bf_state.bfs_tid; 2927 struct ath_tid *atid = &an->an_tid[tid]; 2928 2929 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: TID %d: incomp=%d\n", 2930 __func__, tid, atid->incomp); 2931 2932 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2933 atid->incomp--; 2934 if (atid->incomp == 0) { 2935 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 2936 "%s: TID %d: cleaned up! resume!\n", 2937 __func__, tid); 2938 atid->cleanup_inprogress = 0; 2939 ath_tx_tid_resume(sc, atid); 2940 } 2941 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 2942 2943 ath_tx_default_comp(sc, bf, 0); 2944} 2945 2946/* 2947 * Performs transmit side cleanup when TID changes from aggregated to 2948 * unaggregated. 2949 * 2950 * - Discard all retry frames from the s/w queue. 2951 * - Fix the tx completion function for all buffers in s/w queue. 2952 * - Count the number of unacked frames, and let transmit completion 2953 * handle it later. 2954 * 2955 * The caller is responsible for pausing the TID. 2956 */ 2957static void 2958ath_tx_tid_cleanup(struct ath_softc *sc, struct ath_node *an, int tid) 2959{ 2960 struct ath_tid *atid = &an->an_tid[tid]; 2961 struct ieee80211_tx_ampdu *tap; 2962 struct ath_buf *bf, *bf_next; 2963 ath_bufhead bf_cq; 2964 2965 DPRINTF(sc, ATH_DEBUG_SW_TX_BAW, 2966 "%s: TID %d: called\n", __func__, tid); 2967 2968 TAILQ_INIT(&bf_cq); 2969 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 2970 2971 /* 2972 * Update the frames in the software TX queue: 2973 * 2974 * + Discard retry frames in the queue 2975 * + Fix the completion function to be non-aggregate 2976 */ 2977 bf = TAILQ_FIRST(&atid->axq_q); 2978 while (bf) { 2979 if (bf->bf_state.bfs_isretried) { 2980 bf_next = TAILQ_NEXT(bf, bf_list); 2981 TAILQ_REMOVE(&atid->axq_q, bf, bf_list); 2982 atid->axq_depth--; 2983 if (bf->bf_state.bfs_dobaw) { 2984 ath_tx_update_baw(sc, an, atid, bf); 2985 if (! bf->bf_state.bfs_addedbaw) 2986 device_printf(sc->sc_dev, 2987 "%s: wasn't added: seqno %d\n", 2988 __func__, 2989 SEQNO(bf->bf_state.bfs_seqno)); 2990 } 2991 bf->bf_state.bfs_dobaw = 0; 2992 /* 2993 * Call the default completion handler with "fail" just 2994 * so upper levels are suitably notified about this. 2995 */ 2996 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 2997 bf = bf_next; 2998 continue; 2999 } 3000 /* Give these the default completion handler */ 3001 bf->bf_comp = ath_tx_normal_comp; 3002 bf = TAILQ_NEXT(bf, bf_list); 3003 } 3004 3005 /* The caller is required to pause the TID */ 3006#if 0 3007 /* Pause the TID */ 3008 ath_tx_tid_pause(sc, atid); 3009#endif 3010 3011 /* 3012 * Calculate what hardware-queued frames exist based 3013 * on the current BAW size. Ie, what frames have been 3014 * added to the TX hardware queue for this TID but 3015 * not yet ACKed. 3016 */ 3017 tap = ath_tx_get_tx_tid(an, tid); 3018 /* Need the lock - fiddling with BAW */ 3019 while (atid->baw_head != atid->baw_tail) { 3020 if (atid->tx_buf[atid->baw_head]) { 3021 atid->incomp++; 3022 atid->cleanup_inprogress = 1; 3023 atid->tx_buf[atid->baw_head] = NULL; 3024 } 3025 INCR(atid->baw_head, ATH_TID_MAX_BUFS); 3026 INCR(tap->txa_start, IEEE80211_SEQ_RANGE); 3027 } 3028 3029 /* 3030 * If cleanup is required, defer TID scheduling 3031 * until all the HW queued packets have been 3032 * sent. 3033 */ 3034 if (! atid->cleanup_inprogress) 3035 ath_tx_tid_resume(sc, atid); 3036 3037 if (atid->cleanup_inprogress) 3038 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3039 "%s: TID %d: cleanup needed: %d packets\n", 3040 __func__, tid, atid->incomp); 3041 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3042 3043 /* Handle completing frames and fail them */ 3044 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3045 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3046 ath_tx_default_comp(sc, bf, 1); 3047 } 3048} 3049 3050static void 3051ath_tx_set_retry(struct ath_softc *sc, struct ath_buf *bf) 3052{ 3053 struct ieee80211_frame *wh; 3054 3055 wh = mtod(bf->bf_m, struct ieee80211_frame *); 3056 /* Only update/resync if needed */ 3057 if (bf->bf_state.bfs_isretried == 0) { 3058 wh->i_fc[1] |= IEEE80211_FC1_RETRY; 3059 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap, 3060 BUS_DMASYNC_PREWRITE); 3061 } 3062 sc->sc_stats.ast_tx_swretries++; 3063 bf->bf_state.bfs_isretried = 1; 3064 bf->bf_state.bfs_retries ++; 3065} 3066 3067static struct ath_buf * 3068ath_tx_retry_clone(struct ath_softc *sc, struct ath_node *an, 3069 struct ath_tid *tid, struct ath_buf *bf) 3070{ 3071 struct ath_buf *nbf; 3072 int error; 3073 3074 nbf = ath_buf_clone(sc, bf); 3075 3076#if 0 3077 device_printf(sc->sc_dev, "%s: ATH_BUF_BUSY; cloning\n", 3078 __func__); 3079#endif 3080 3081 if (nbf == NULL) { 3082 /* Failed to clone */ 3083 device_printf(sc->sc_dev, 3084 "%s: failed to clone a busy buffer\n", 3085 __func__); 3086 return NULL; 3087 } 3088 3089 /* Setup the dma for the new buffer */ 3090 error = ath_tx_dmasetup(sc, nbf, nbf->bf_m); 3091 if (error != 0) { 3092 device_printf(sc->sc_dev, 3093 "%s: failed to setup dma for clone\n", 3094 __func__); 3095 /* 3096 * Put this at the head of the list, not tail; 3097 * that way it doesn't interfere with the 3098 * busy buffer logic (which uses the tail of 3099 * the list.) 3100 */ 3101 ATH_TXBUF_LOCK(sc); 3102 TAILQ_INSERT_HEAD(&sc->sc_txbuf, nbf, bf_list); 3103 ATH_TXBUF_UNLOCK(sc); 3104 return NULL; 3105 } 3106 3107 /* Update BAW if required, before we free the original buf */ 3108 if (bf->bf_state.bfs_dobaw) 3109 ath_tx_switch_baw_buf(sc, an, tid, bf, nbf); 3110 3111 /* Free current buffer; return the older buffer */ 3112 bf->bf_m = NULL; 3113 bf->bf_node = NULL; 3114 ath_freebuf(sc, bf); 3115 return nbf; 3116} 3117 3118/* 3119 * Handle retrying an unaggregate frame in an aggregate 3120 * session. 3121 * 3122 * If too many retries occur, pause the TID, wait for 3123 * any further retransmits (as there's no reason why 3124 * non-aggregate frames in an aggregate session are 3125 * transmitted in-order; they just have to be in-BAW) 3126 * and then queue a BAR. 3127 */ 3128static void 3129ath_tx_aggr_retry_unaggr(struct ath_softc *sc, struct ath_buf *bf) 3130{ 3131 struct ieee80211_node *ni = bf->bf_node; 3132 struct ath_node *an = ATH_NODE(ni); 3133 int tid = bf->bf_state.bfs_tid; 3134 struct ath_tid *atid = &an->an_tid[tid]; 3135 struct ieee80211_tx_ampdu *tap; 3136 3137 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3138 3139 tap = ath_tx_get_tx_tid(an, tid); 3140 3141 /* 3142 * If the buffer is marked as busy, we can't directly 3143 * reuse it. Instead, try to clone the buffer. 3144 * If the clone is successful, recycle the old buffer. 3145 * If the clone is unsuccessful, set bfs_retries to max 3146 * to force the next bit of code to free the buffer 3147 * for us. 3148 */ 3149 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) && 3150 (bf->bf_flags & ATH_BUF_BUSY)) { 3151 struct ath_buf *nbf; 3152 nbf = ath_tx_retry_clone(sc, an, atid, bf); 3153 if (nbf) 3154 /* bf has been freed at this point */ 3155 bf = nbf; 3156 else 3157 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1; 3158 } 3159 3160 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) { 3161 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES, 3162 "%s: exceeded retries; seqno %d\n", 3163 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3164 sc->sc_stats.ast_tx_swretrymax++; 3165 3166 /* Update BAW anyway */ 3167 if (bf->bf_state.bfs_dobaw) { 3168 ath_tx_update_baw(sc, an, atid, bf); 3169 if (! bf->bf_state.bfs_addedbaw) 3170 device_printf(sc->sc_dev, 3171 "%s: wasn't added: seqno %d\n", 3172 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3173 } 3174 bf->bf_state.bfs_dobaw = 0; 3175 3176 /* Suspend the TX queue and get ready to send the BAR */ 3177 ath_tx_tid_bar_suspend(sc, atid); 3178 3179 /* Send the BAR if there are no other frames waiting */ 3180 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3181 ath_tx_tid_bar_tx(sc, atid); 3182 3183 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3184 3185 /* Free buffer, bf is free after this call */ 3186 ath_tx_default_comp(sc, bf, 0); 3187 return; 3188 } 3189 3190 /* 3191 * This increments the retry counter as well as 3192 * sets the retry flag in the ath_buf and packet 3193 * body. 3194 */ 3195 ath_tx_set_retry(sc, bf); 3196 3197 /* 3198 * Insert this at the head of the queue, so it's 3199 * retried before any current/subsequent frames. 3200 */ 3201 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list); 3202 ath_tx_tid_sched(sc, atid); 3203 /* Send the BAR if there are no other frames waiting */ 3204 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3205 ath_tx_tid_bar_tx(sc, atid); 3206 3207 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3208} 3209 3210/* 3211 * Common code for aggregate excessive retry/subframe retry. 3212 * If retrying, queues buffers to bf_q. If not, frees the 3213 * buffers. 3214 * 3215 * XXX should unify this with ath_tx_aggr_retry_unaggr() 3216 */ 3217static int 3218ath_tx_retry_subframe(struct ath_softc *sc, struct ath_buf *bf, 3219 ath_bufhead *bf_q) 3220{ 3221 struct ieee80211_node *ni = bf->bf_node; 3222 struct ath_node *an = ATH_NODE(ni); 3223 int tid = bf->bf_state.bfs_tid; 3224 struct ath_tid *atid = &an->an_tid[tid]; 3225 3226 ATH_TXQ_LOCK_ASSERT(sc->sc_ac2q[atid->ac]); 3227 3228 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3229 ath_hal_set11nburstduration(sc->sc_ah, bf->bf_desc, 0); 3230 /* ath_hal_set11n_virtualmorefrag(sc->sc_ah, bf->bf_desc, 0); */ 3231 3232 /* 3233 * If the buffer is marked as busy, we can't directly 3234 * reuse it. Instead, try to clone the buffer. 3235 * If the clone is successful, recycle the old buffer. 3236 * If the clone is unsuccessful, set bfs_retries to max 3237 * to force the next bit of code to free the buffer 3238 * for us. 3239 */ 3240 if ((bf->bf_state.bfs_retries < SWMAX_RETRIES) && 3241 (bf->bf_flags & ATH_BUF_BUSY)) { 3242 struct ath_buf *nbf; 3243 nbf = ath_tx_retry_clone(sc, an, atid, bf); 3244 if (nbf) 3245 /* bf has been freed at this point */ 3246 bf = nbf; 3247 else 3248 bf->bf_state.bfs_retries = SWMAX_RETRIES + 1; 3249 } 3250 3251 if (bf->bf_state.bfs_retries >= SWMAX_RETRIES) { 3252 sc->sc_stats.ast_tx_swretrymax++; 3253 DPRINTF(sc, ATH_DEBUG_SW_TX_RETRIES, 3254 "%s: max retries: seqno %d\n", 3255 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3256 ath_tx_update_baw(sc, an, atid, bf); 3257 if (! bf->bf_state.bfs_addedbaw) 3258 device_printf(sc->sc_dev, 3259 "%s: wasn't added: seqno %d\n", 3260 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3261 bf->bf_state.bfs_dobaw = 0; 3262 return 1; 3263 } 3264 3265 ath_tx_set_retry(sc, bf); 3266 bf->bf_next = NULL; /* Just to make sure */ 3267 3268 TAILQ_INSERT_TAIL(bf_q, bf, bf_list); 3269 return 0; 3270} 3271 3272/* 3273 * error pkt completion for an aggregate destination 3274 */ 3275static void 3276ath_tx_comp_aggr_error(struct ath_softc *sc, struct ath_buf *bf_first, 3277 struct ath_tid *tid) 3278{ 3279 struct ieee80211_node *ni = bf_first->bf_node; 3280 struct ath_node *an = ATH_NODE(ni); 3281 struct ath_buf *bf_next, *bf; 3282 ath_bufhead bf_q; 3283 int drops = 0; 3284 struct ieee80211_tx_ampdu *tap; 3285 ath_bufhead bf_cq; 3286 3287 TAILQ_INIT(&bf_q); 3288 TAILQ_INIT(&bf_cq); 3289 3290 /* 3291 * Update rate control - all frames have failed. 3292 * 3293 * XXX use the length in the first frame in the series; 3294 * XXX just so things are consistent for now. 3295 */ 3296 ath_tx_update_ratectrl(sc, ni, bf_first->bf_state.bfs_rc, 3297 &bf_first->bf_status.ds_txstat, 3298 bf_first->bf_state.bfs_pktlen, 3299 bf_first->bf_state.bfs_nframes, bf_first->bf_state.bfs_nframes); 3300 3301 ATH_TXQ_LOCK(sc->sc_ac2q[tid->ac]); 3302 tap = ath_tx_get_tx_tid(an, tid->tid); 3303 sc->sc_stats.ast_tx_aggr_failall++; 3304 3305 /* Retry all subframes */ 3306 bf = bf_first; 3307 while (bf) { 3308 bf_next = bf->bf_next; 3309 bf->bf_next = NULL; /* Remove it from the aggr list */ 3310 sc->sc_stats.ast_tx_aggr_fail++; 3311 if (ath_tx_retry_subframe(sc, bf, &bf_q)) { 3312 drops++; 3313 bf->bf_next = NULL; 3314 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3315 } 3316 bf = bf_next; 3317 } 3318 3319 /* Prepend all frames to the beginning of the queue */ 3320 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) { 3321 TAILQ_REMOVE(&bf_q, bf, bf_list); 3322 ATH_TXQ_INSERT_HEAD(tid, bf, bf_list); 3323 } 3324 3325 /* 3326 * Schedule the TID to be re-tried. 3327 */ 3328 ath_tx_tid_sched(sc, tid); 3329 3330 /* 3331 * send bar if we dropped any frames 3332 * 3333 * Keep the txq lock held for now, as we need to ensure 3334 * that ni_txseqs[] is consistent (as it's being updated 3335 * in the ifnet TX context or raw TX context.) 3336 */ 3337 if (drops) { 3338 /* Suspend the TX queue and get ready to send the BAR */ 3339 ath_tx_tid_bar_suspend(sc, tid); 3340 } 3341 3342 /* 3343 * Send BAR if required 3344 */ 3345 if (ath_tx_tid_bar_tx_ready(sc, tid)) 3346 ath_tx_tid_bar_tx(sc, tid); 3347 ATH_TXQ_UNLOCK(sc->sc_ac2q[tid->ac]); 3348 3349 /* Complete frames which errored out */ 3350 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3351 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3352 ath_tx_default_comp(sc, bf, 0); 3353 } 3354} 3355 3356/* 3357 * Handle clean-up of packets from an aggregate list. 3358 * 3359 * There's no need to update the BAW here - the session is being 3360 * torn down. 3361 */ 3362static void 3363ath_tx_comp_cleanup_aggr(struct ath_softc *sc, struct ath_buf *bf_first) 3364{ 3365 struct ath_buf *bf, *bf_next; 3366 struct ieee80211_node *ni = bf_first->bf_node; 3367 struct ath_node *an = ATH_NODE(ni); 3368 int tid = bf_first->bf_state.bfs_tid; 3369 struct ath_tid *atid = &an->an_tid[tid]; 3370 3371 bf = bf_first; 3372 3373 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3374 3375 /* update incomp */ 3376 while (bf) { 3377 atid->incomp--; 3378 bf = bf->bf_next; 3379 } 3380 3381 if (atid->incomp == 0) { 3382 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 3383 "%s: TID %d: cleaned up! resume!\n", 3384 __func__, tid); 3385 atid->cleanup_inprogress = 0; 3386 ath_tx_tid_resume(sc, atid); 3387 } 3388 3389 /* Send BAR if required */ 3390 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3391 ath_tx_tid_bar_tx(sc, atid); 3392 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3393 3394 /* Handle frame completion */ 3395 while (bf) { 3396 bf_next = bf->bf_next; 3397 ath_tx_default_comp(sc, bf, 1); 3398 bf = bf_next; 3399 } 3400} 3401 3402/* 3403 * Handle completion of an set of aggregate frames. 3404 * 3405 * XXX for now, simply complete each sub-frame. 3406 * 3407 * Note: the completion handler is the last descriptor in the aggregate, 3408 * not the last descriptor in the first frame. 3409 */ 3410static void 3411ath_tx_aggr_comp_aggr(struct ath_softc *sc, struct ath_buf *bf_first, 3412 int fail) 3413{ 3414 //struct ath_desc *ds = bf->bf_lastds; 3415 struct ieee80211_node *ni = bf_first->bf_node; 3416 struct ath_node *an = ATH_NODE(ni); 3417 int tid = bf_first->bf_state.bfs_tid; 3418 struct ath_tid *atid = &an->an_tid[tid]; 3419 struct ath_tx_status ts; 3420 struct ieee80211_tx_ampdu *tap; 3421 ath_bufhead bf_q; 3422 ath_bufhead bf_cq; 3423 int seq_st, tx_ok; 3424 int hasba, isaggr; 3425 uint32_t ba[2]; 3426 struct ath_buf *bf, *bf_next; 3427 int ba_index; 3428 int drops = 0; 3429 int nframes = 0, nbad = 0, nf; 3430 int pktlen; 3431 /* XXX there's too much on the stack? */ 3432 struct ath_rc_series rc[ATH_RC_NUM]; 3433 int txseq; 3434 3435 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, "%s: called; hwq_depth=%d\n", 3436 __func__, atid->hwq_depth); 3437 3438 /* The TID state is kept behind the TXQ lock */ 3439 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3440 3441 atid->hwq_depth--; 3442 if (atid->hwq_depth < 0) 3443 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 3444 __func__, atid->hwq_depth); 3445 3446 /* 3447 * Punt cleanup to the relevant function, not our problem now 3448 */ 3449 if (atid->cleanup_inprogress) { 3450 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3451 ath_tx_comp_cleanup_aggr(sc, bf_first); 3452 return; 3453 } 3454 3455 /* 3456 * Take a copy; this may be needed -after- bf_first 3457 * has been completed and freed. 3458 */ 3459 ts = bf_first->bf_status.ds_txstat; 3460 /* 3461 * XXX for now, use the first frame in the aggregate for 3462 * XXX rate control completion; it's at least consistent. 3463 */ 3464 pktlen = bf_first->bf_state.bfs_pktlen; 3465 3466 /* 3467 * Handle errors first! 3468 * 3469 * Here, handle _any_ error as a "exceeded retries" error. 3470 * Later on (when filtered frames are to be specially handled) 3471 * it'll have to be expanded. 3472 */ 3473#if 0 3474 if (ts.ts_status & HAL_TXERR_XRETRY) { 3475#endif 3476 if (ts.ts_status != 0) { 3477 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3478 ath_tx_comp_aggr_error(sc, bf_first, atid); 3479 return; 3480 } 3481 3482 TAILQ_INIT(&bf_q); 3483 TAILQ_INIT(&bf_cq); 3484 tap = ath_tx_get_tx_tid(an, tid); 3485 3486 /* 3487 * extract starting sequence and block-ack bitmap 3488 */ 3489 /* XXX endian-ness of seq_st, ba? */ 3490 seq_st = ts.ts_seqnum; 3491 hasba = !! (ts.ts_flags & HAL_TX_BA); 3492 tx_ok = (ts.ts_status == 0); 3493 isaggr = bf_first->bf_state.bfs_aggr; 3494 ba[0] = ts.ts_ba_low; 3495 ba[1] = ts.ts_ba_high; 3496 3497 /* 3498 * Copy the TX completion status and the rate control 3499 * series from the first descriptor, as it may be freed 3500 * before the rate control code can get its grubby fingers 3501 * into things. 3502 */ 3503 memcpy(rc, bf_first->bf_state.bfs_rc, sizeof(rc)); 3504 3505 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3506 "%s: txa_start=%d, tx_ok=%d, status=%.8x, flags=%.8x, " 3507 "isaggr=%d, seq_st=%d, hasba=%d, ba=%.8x, %.8x\n", 3508 __func__, tap->txa_start, tx_ok, ts.ts_status, ts.ts_flags, 3509 isaggr, seq_st, hasba, ba[0], ba[1]); 3510 3511 /* Occasionally, the MAC sends a tx status for the wrong TID. */ 3512 if (tid != ts.ts_tid) { 3513 device_printf(sc->sc_dev, "%s: tid %d != hw tid %d\n", 3514 __func__, tid, ts.ts_tid); 3515 tx_ok = 0; 3516 } 3517 3518 /* AR5416 BA bug; this requires an interface reset */ 3519 if (isaggr && tx_ok && (! hasba)) { 3520 device_printf(sc->sc_dev, 3521 "%s: AR5416 bug: hasba=%d; txok=%d, isaggr=%d, " 3522 "seq_st=%d\n", 3523 __func__, hasba, tx_ok, isaggr, seq_st); 3524 /* XXX TODO: schedule an interface reset */ 3525 } 3526 3527 /* 3528 * Walk the list of frames, figure out which ones were correctly 3529 * sent and which weren't. 3530 */ 3531 bf = bf_first; 3532 nf = bf_first->bf_state.bfs_nframes; 3533 3534 /* bf_first is going to be invalid once this list is walked */ 3535 bf_first = NULL; 3536 3537 /* 3538 * Walk the list of completed frames and determine 3539 * which need to be completed and which need to be 3540 * retransmitted. 3541 * 3542 * For completed frames, the completion functions need 3543 * to be called at the end of this function as the last 3544 * node reference may free the node. 3545 * 3546 * Finally, since the TXQ lock can't be held during the 3547 * completion callback (to avoid lock recursion), 3548 * the completion calls have to be done outside of the 3549 * lock. 3550 */ 3551 while (bf) { 3552 nframes++; 3553 ba_index = ATH_BA_INDEX(seq_st, 3554 SEQNO(bf->bf_state.bfs_seqno)); 3555 bf_next = bf->bf_next; 3556 bf->bf_next = NULL; /* Remove it from the aggr list */ 3557 3558 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3559 "%s: checking bf=%p seqno=%d; ack=%d\n", 3560 __func__, bf, SEQNO(bf->bf_state.bfs_seqno), 3561 ATH_BA_ISSET(ba, ba_index)); 3562 3563 if (tx_ok && ATH_BA_ISSET(ba, ba_index)) { 3564 sc->sc_stats.ast_tx_aggr_ok++; 3565 ath_tx_update_baw(sc, an, atid, bf); 3566 bf->bf_state.bfs_dobaw = 0; 3567 if (! bf->bf_state.bfs_addedbaw) 3568 device_printf(sc->sc_dev, 3569 "%s: wasn't added: seqno %d\n", 3570 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3571 bf->bf_next = NULL; 3572 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3573 } else { 3574 sc->sc_stats.ast_tx_aggr_fail++; 3575 if (ath_tx_retry_subframe(sc, bf, &bf_q)) { 3576 drops++; 3577 bf->bf_next = NULL; 3578 TAILQ_INSERT_TAIL(&bf_cq, bf, bf_list); 3579 } 3580 nbad++; 3581 } 3582 bf = bf_next; 3583 } 3584 3585 /* 3586 * Now that the BAW updates have been done, unlock 3587 * 3588 * txseq is grabbed before the lock is released so we 3589 * have a consistent view of what -was- in the BAW. 3590 * Anything after this point will not yet have been 3591 * TXed. 3592 */ 3593 txseq = tap->txa_start; 3594 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3595 3596 if (nframes != nf) 3597 device_printf(sc->sc_dev, 3598 "%s: num frames seen=%d; bf nframes=%d\n", 3599 __func__, nframes, nf); 3600 3601 /* 3602 * Now we know how many frames were bad, call the rate 3603 * control code. 3604 */ 3605 if (fail == 0) 3606 ath_tx_update_ratectrl(sc, ni, rc, &ts, pktlen, nframes, 3607 nbad); 3608 3609 /* 3610 * send bar if we dropped any frames 3611 */ 3612 if (drops) { 3613 /* Suspend the TX queue and get ready to send the BAR */ 3614 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3615 ath_tx_tid_bar_suspend(sc, atid); 3616 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3617 } 3618 3619 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3620 "%s: txa_start now %d\n", __func__, tap->txa_start); 3621 3622 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3623 3624 /* Prepend all frames to the beginning of the queue */ 3625 while ((bf = TAILQ_LAST(&bf_q, ath_bufhead_s)) != NULL) { 3626 TAILQ_REMOVE(&bf_q, bf, bf_list); 3627 ATH_TXQ_INSERT_HEAD(atid, bf, bf_list); 3628 } 3629 3630 /* 3631 * Reschedule to grab some further frames. 3632 */ 3633 ath_tx_tid_sched(sc, atid); 3634 3635 /* 3636 * Send BAR if required 3637 */ 3638 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3639 ath_tx_tid_bar_tx(sc, atid); 3640 3641 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3642 3643 /* Do deferred completion */ 3644 while ((bf = TAILQ_FIRST(&bf_cq)) != NULL) { 3645 TAILQ_REMOVE(&bf_cq, bf, bf_list); 3646 ath_tx_default_comp(sc, bf, 0); 3647 } 3648} 3649 3650/* 3651 * Handle completion of unaggregated frames in an ADDBA 3652 * session. 3653 * 3654 * Fail is set to 1 if the entry is being freed via a call to 3655 * ath_tx_draintxq(). 3656 */ 3657static void 3658ath_tx_aggr_comp_unaggr(struct ath_softc *sc, struct ath_buf *bf, int fail) 3659{ 3660 struct ieee80211_node *ni = bf->bf_node; 3661 struct ath_node *an = ATH_NODE(ni); 3662 int tid = bf->bf_state.bfs_tid; 3663 struct ath_tid *atid = &an->an_tid[tid]; 3664 struct ath_tx_status *ts = &bf->bf_status.ds_txstat; 3665 3666 /* 3667 * Update rate control status here, before we possibly 3668 * punt to retry or cleanup. 3669 * 3670 * Do it outside of the TXQ lock. 3671 */ 3672 if (fail == 0 && ((bf->bf_state.bfs_txflags & HAL_TXDESC_NOACK) == 0)) 3673 ath_tx_update_ratectrl(sc, ni, bf->bf_state.bfs_rc, 3674 &bf->bf_status.ds_txstat, 3675 bf->bf_state.bfs_pktlen, 3676 1, (ts->ts_status == 0) ? 0 : 1); 3677 3678 /* 3679 * This is called early so atid->hwq_depth can be tracked. 3680 * This unfortunately means that it's released and regrabbed 3681 * during retry and cleanup. That's rather inefficient. 3682 */ 3683 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 3684 3685 if (tid == IEEE80211_NONQOS_TID) 3686 device_printf(sc->sc_dev, "%s: TID=16!\n", __func__); 3687 3688 DPRINTF(sc, ATH_DEBUG_SW_TX, 3689 "%s: bf=%p: tid=%d, hwq_depth=%d, seqno=%d\n", 3690 __func__, bf, bf->bf_state.bfs_tid, atid->hwq_depth, 3691 SEQNO(bf->bf_state.bfs_seqno)); 3692 3693 atid->hwq_depth--; 3694 if (atid->hwq_depth < 0) 3695 device_printf(sc->sc_dev, "%s: hwq_depth < 0: %d\n", 3696 __func__, atid->hwq_depth); 3697 3698 /* 3699 * If a cleanup is in progress, punt to comp_cleanup; 3700 * rather than handling it here. It's thus their 3701 * responsibility to clean up, call the completion 3702 * function in net80211, etc. 3703 */ 3704 if (atid->cleanup_inprogress) { 3705 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3706 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: cleanup_unaggr\n", 3707 __func__); 3708 ath_tx_comp_cleanup_unaggr(sc, bf); 3709 return; 3710 } 3711 3712 /* 3713 * Don't bother with the retry check if all frames 3714 * are being failed (eg during queue deletion.) 3715 */ 3716#if 0 3717 if (fail == 0 && ts->ts_status & HAL_TXERR_XRETRY) { 3718#endif 3719 if (fail == 0 && ts->ts_status != 0) { 3720 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3721 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: retry_unaggr\n", 3722 __func__); 3723 ath_tx_aggr_retry_unaggr(sc, bf); 3724 return; 3725 } 3726 3727 /* Success? Complete */ 3728 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: TID=%d, seqno %d\n", 3729 __func__, tid, SEQNO(bf->bf_state.bfs_seqno)); 3730 if (bf->bf_state.bfs_dobaw) { 3731 ath_tx_update_baw(sc, an, atid, bf); 3732 bf->bf_state.bfs_dobaw = 0; 3733 if (! bf->bf_state.bfs_addedbaw) 3734 device_printf(sc->sc_dev, 3735 "%s: wasn't added: seqno %d\n", 3736 __func__, SEQNO(bf->bf_state.bfs_seqno)); 3737 } 3738 3739 /* 3740 * Send BAR if required 3741 */ 3742 if (ath_tx_tid_bar_tx_ready(sc, atid)) 3743 ath_tx_tid_bar_tx(sc, atid); 3744 3745 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 3746 3747 ath_tx_default_comp(sc, bf, fail); 3748 /* bf is freed at this point */ 3749} 3750 3751void 3752ath_tx_aggr_comp(struct ath_softc *sc, struct ath_buf *bf, int fail) 3753{ 3754 if (bf->bf_state.bfs_aggr) 3755 ath_tx_aggr_comp_aggr(sc, bf, fail); 3756 else 3757 ath_tx_aggr_comp_unaggr(sc, bf, fail); 3758} 3759 3760/* 3761 * Schedule some packets from the given node/TID to the hardware. 3762 * 3763 * This is the aggregate version. 3764 */ 3765void 3766ath_tx_tid_hw_queue_aggr(struct ath_softc *sc, struct ath_node *an, 3767 struct ath_tid *tid) 3768{ 3769 struct ath_buf *bf; 3770 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 3771 struct ieee80211_tx_ampdu *tap; 3772 struct ieee80211_node *ni = &an->an_node; 3773 ATH_AGGR_STATUS status; 3774 ath_bufhead bf_q; 3775 3776 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d\n", __func__, tid->tid); 3777 ATH_TXQ_LOCK_ASSERT(txq); 3778 3779 tap = ath_tx_get_tx_tid(an, tid->tid); 3780 3781 if (tid->tid == IEEE80211_NONQOS_TID) 3782 device_printf(sc->sc_dev, "%s: called for TID=NONQOS_TID?\n", 3783 __func__); 3784 3785 for (;;) { 3786 status = ATH_AGGR_DONE; 3787 3788 /* 3789 * If the upper layer has paused the TID, don't 3790 * queue any further packets. 3791 * 3792 * This can also occur from the completion task because 3793 * of packet loss; but as its serialised with this code, 3794 * it won't "appear" half way through queuing packets. 3795 */ 3796 if (tid->paused) 3797 break; 3798 3799 bf = TAILQ_FIRST(&tid->axq_q); 3800 if (bf == NULL) { 3801 break; 3802 } 3803 3804 /* 3805 * If the packet doesn't fall within the BAW (eg a NULL 3806 * data frame), schedule it directly; continue. 3807 */ 3808 if (! bf->bf_state.bfs_dobaw) { 3809 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3810 "%s: non-baw packet\n", 3811 __func__); 3812 ATH_TXQ_REMOVE(tid, bf, bf_list); 3813 bf->bf_state.bfs_aggr = 0; 3814 ath_tx_do_ratelookup(sc, bf); 3815 ath_tx_calc_duration(sc, bf); 3816 ath_tx_calc_protection(sc, bf); 3817 ath_tx_set_rtscts(sc, bf); 3818 ath_tx_rate_fill_rcflags(sc, bf); 3819 ath_tx_setds(sc, bf); 3820 ath_tx_chaindesclist(sc, bf); 3821 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3822 ath_tx_set_ratectrl(sc, ni, bf); 3823 3824 sc->sc_aggr_stats.aggr_nonbaw_pkt++; 3825 3826 /* Queue the packet; continue */ 3827 goto queuepkt; 3828 } 3829 3830 TAILQ_INIT(&bf_q); 3831 3832 /* 3833 * Do a rate control lookup on the first frame in the 3834 * list. The rate control code needs that to occur 3835 * before it can determine whether to TX. 3836 * It's inaccurate because the rate control code doesn't 3837 * really "do" aggregate lookups, so it only considers 3838 * the size of the first frame. 3839 */ 3840 ath_tx_do_ratelookup(sc, bf); 3841 bf->bf_state.bfs_rc[3].rix = 0; 3842 bf->bf_state.bfs_rc[3].tries = 0; 3843 3844 ath_tx_calc_duration(sc, bf); 3845 ath_tx_calc_protection(sc, bf); 3846 3847 ath_tx_set_rtscts(sc, bf); 3848 ath_tx_rate_fill_rcflags(sc, bf); 3849 3850 status = ath_tx_form_aggr(sc, an, tid, &bf_q); 3851 3852 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3853 "%s: ath_tx_form_aggr() status=%d\n", __func__, status); 3854 3855 /* 3856 * No frames to be picked up - out of BAW 3857 */ 3858 if (TAILQ_EMPTY(&bf_q)) 3859 break; 3860 3861 /* 3862 * This assumes that the descriptor list in the ath_bufhead 3863 * are already linked together via bf_next pointers. 3864 */ 3865 bf = TAILQ_FIRST(&bf_q); 3866 3867 if (status == ATH_AGGR_8K_LIMITED) 3868 sc->sc_aggr_stats.aggr_rts_aggr_limited++; 3869 3870 /* 3871 * If it's the only frame send as non-aggregate 3872 * assume that ath_tx_form_aggr() has checked 3873 * whether it's in the BAW and added it appropriately. 3874 */ 3875 if (bf->bf_state.bfs_nframes == 1) { 3876 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3877 "%s: single-frame aggregate\n", __func__); 3878 bf->bf_state.bfs_aggr = 0; 3879 ath_tx_setds(sc, bf); 3880 ath_tx_chaindesclist(sc, bf); 3881 ath_hal_clr11n_aggr(sc->sc_ah, bf->bf_desc); 3882 ath_tx_set_ratectrl(sc, ni, bf); 3883 if (status == ATH_AGGR_BAW_CLOSED) 3884 sc->sc_aggr_stats.aggr_baw_closed_single_pkt++; 3885 else 3886 sc->sc_aggr_stats.aggr_single_pkt++; 3887 } else { 3888 DPRINTF(sc, ATH_DEBUG_SW_TX_AGGR, 3889 "%s: multi-frame aggregate: %d frames, " 3890 "length %d\n", 3891 __func__, bf->bf_state.bfs_nframes, 3892 bf->bf_state.bfs_al); 3893 bf->bf_state.bfs_aggr = 1; 3894 sc->sc_aggr_stats.aggr_pkts[bf->bf_state.bfs_nframes]++; 3895 sc->sc_aggr_stats.aggr_aggr_pkt++; 3896 3897 /* 3898 * Calculate the duration/protection as required. 3899 */ 3900 ath_tx_calc_duration(sc, bf); 3901 ath_tx_calc_protection(sc, bf); 3902 3903 /* 3904 * Update the rate and rtscts information based on the 3905 * rate decision made by the rate control code; 3906 * the first frame in the aggregate needs it. 3907 */ 3908 ath_tx_set_rtscts(sc, bf); 3909 3910 /* 3911 * Setup the relevant descriptor fields 3912 * for aggregation. The first descriptor 3913 * already points to the rest in the chain. 3914 */ 3915 ath_tx_setds_11n(sc, bf); 3916 3917 /* 3918 * setup first desc with rate and aggr info 3919 */ 3920 ath_tx_set_ratectrl(sc, ni, bf); 3921 } 3922 queuepkt: 3923 //txq = bf->bf_state.bfs_txq; 3924 3925 /* Set completion handler, multi-frame aggregate or not */ 3926 bf->bf_comp = ath_tx_aggr_comp; 3927 3928 if (bf->bf_state.bfs_tid == IEEE80211_NONQOS_TID) 3929 device_printf(sc->sc_dev, "%s: TID=16?\n", __func__); 3930 3931 /* Punt to txq */ 3932 ath_tx_handoff(sc, txq, bf); 3933 3934 /* Track outstanding buffer count to hardware */ 3935 /* aggregates are "one" buffer */ 3936 tid->hwq_depth++; 3937 3938 /* 3939 * Break out if ath_tx_form_aggr() indicated 3940 * there can't be any further progress (eg BAW is full.) 3941 * Checking for an empty txq is done above. 3942 * 3943 * XXX locking on txq here? 3944 */ 3945 if (txq->axq_aggr_depth >= sc->sc_hwq_limit || 3946 status == ATH_AGGR_BAW_CLOSED) 3947 break; 3948 } 3949} 3950 3951/* 3952 * Schedule some packets from the given node/TID to the hardware. 3953 */ 3954void 3955ath_tx_tid_hw_queue_norm(struct ath_softc *sc, struct ath_node *an, 3956 struct ath_tid *tid) 3957{ 3958 struct ath_buf *bf; 3959 struct ath_txq *txq = sc->sc_ac2q[tid->ac]; 3960 struct ieee80211_node *ni = &an->an_node; 3961 3962 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: node %p: TID %d: called\n", 3963 __func__, an, tid->tid); 3964 3965 ATH_TXQ_LOCK_ASSERT(txq); 3966 3967 /* Check - is AMPDU pending or running? then print out something */ 3968 if (ath_tx_ampdu_pending(sc, an, tid->tid)) 3969 device_printf(sc->sc_dev, "%s: tid=%d, ampdu pending?\n", 3970 __func__, tid->tid); 3971 if (ath_tx_ampdu_running(sc, an, tid->tid)) 3972 device_printf(sc->sc_dev, "%s: tid=%d, ampdu running?\n", 3973 __func__, tid->tid); 3974 3975 for (;;) { 3976 3977 /* 3978 * If the upper layers have paused the TID, don't 3979 * queue any further packets. 3980 */ 3981 if (tid->paused) 3982 break; 3983 3984 bf = TAILQ_FIRST(&tid->axq_q); 3985 if (bf == NULL) { 3986 break; 3987 } 3988 3989 ATH_TXQ_REMOVE(tid, bf, bf_list); 3990 3991 KASSERT(txq == bf->bf_state.bfs_txq, ("txqs not equal!\n")); 3992 3993 /* Sanity check! */ 3994 if (tid->tid != bf->bf_state.bfs_tid) { 3995 device_printf(sc->sc_dev, "%s: bfs_tid %d !=" 3996 " tid %d\n", 3997 __func__, bf->bf_state.bfs_tid, tid->tid); 3998 } 3999 /* Normal completion handler */ 4000 bf->bf_comp = ath_tx_normal_comp; 4001 4002 /* Program descriptors + rate control */ 4003 ath_tx_do_ratelookup(sc, bf); 4004 ath_tx_calc_duration(sc, bf); 4005 ath_tx_calc_protection(sc, bf); 4006 ath_tx_set_rtscts(sc, bf); 4007 ath_tx_rate_fill_rcflags(sc, bf); 4008 ath_tx_setds(sc, bf); 4009 ath_tx_chaindesclist(sc, bf); 4010 ath_tx_set_ratectrl(sc, ni, bf); 4011 4012 /* Track outstanding buffer count to hardware */ 4013 /* aggregates are "one" buffer */ 4014 tid->hwq_depth++; 4015 4016 /* Punt to hardware or software txq */ 4017 ath_tx_handoff(sc, txq, bf); 4018 } 4019} 4020 4021/* 4022 * Schedule some packets to the given hardware queue. 4023 * 4024 * This function walks the list of TIDs (ie, ath_node TIDs 4025 * with queued traffic) and attempts to schedule traffic 4026 * from them. 4027 * 4028 * TID scheduling is implemented as a FIFO, with TIDs being 4029 * added to the end of the queue after some frames have been 4030 * scheduled. 4031 */ 4032void 4033ath_txq_sched(struct ath_softc *sc, struct ath_txq *txq) 4034{ 4035 struct ath_tid *tid, *next, *last; 4036 4037 ATH_TXQ_LOCK_ASSERT(txq); 4038 4039 /* 4040 * Don't schedule if the hardware queue is busy. 4041 * This (hopefully) gives some more time to aggregate 4042 * some packets in the aggregation queue. 4043 */ 4044 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) { 4045 sc->sc_aggr_stats.aggr_sched_nopkt++; 4046 return; 4047 } 4048 4049 last = TAILQ_LAST(&txq->axq_tidq, axq_t_s); 4050 4051 TAILQ_FOREACH_SAFE(tid, &txq->axq_tidq, axq_qelem, next) { 4052 /* 4053 * Suspend paused queues here; they'll be resumed 4054 * once the addba completes or times out. 4055 */ 4056 DPRINTF(sc, ATH_DEBUG_SW_TX, "%s: tid=%d, paused=%d\n", 4057 __func__, tid->tid, tid->paused); 4058 ath_tx_tid_unsched(sc, tid); 4059 if (tid->paused) { 4060 continue; 4061 } 4062 if (ath_tx_ampdu_running(sc, tid->an, tid->tid)) 4063 ath_tx_tid_hw_queue_aggr(sc, tid->an, tid); 4064 else 4065 ath_tx_tid_hw_queue_norm(sc, tid->an, tid); 4066 4067 /* Not empty? Re-schedule */ 4068 if (tid->axq_depth != 0) 4069 ath_tx_tid_sched(sc, tid); 4070 4071 /* Give the software queue time to aggregate more packets */ 4072 if (txq->axq_aggr_depth >= sc->sc_hwq_limit) { 4073 break; 4074 } 4075 4076 /* 4077 * If this was the last entry on the original list, stop. 4078 * Otherwise nodes that have been rescheduled onto the end 4079 * of the TID FIFO list will just keep being rescheduled. 4080 */ 4081 if (tid == last) 4082 break; 4083 } 4084} 4085 4086/* 4087 * TX addba handling 4088 */ 4089 4090/* 4091 * Return net80211 TID struct pointer, or NULL for none 4092 */ 4093struct ieee80211_tx_ampdu * 4094ath_tx_get_tx_tid(struct ath_node *an, int tid) 4095{ 4096 struct ieee80211_node *ni = &an->an_node; 4097 struct ieee80211_tx_ampdu *tap; 4098 4099 if (tid == IEEE80211_NONQOS_TID) 4100 return NULL; 4101 4102 tap = &ni->ni_tx_ampdu[tid]; 4103 return tap; 4104} 4105 4106/* 4107 * Is AMPDU-TX running? 4108 */ 4109static int 4110ath_tx_ampdu_running(struct ath_softc *sc, struct ath_node *an, int tid) 4111{ 4112 struct ieee80211_tx_ampdu *tap; 4113 4114 if (tid == IEEE80211_NONQOS_TID) 4115 return 0; 4116 4117 tap = ath_tx_get_tx_tid(an, tid); 4118 if (tap == NULL) 4119 return 0; /* Not valid; default to not running */ 4120 4121 return !! (tap->txa_flags & IEEE80211_AGGR_RUNNING); 4122} 4123 4124/* 4125 * Is AMPDU-TX negotiation pending? 4126 */ 4127static int 4128ath_tx_ampdu_pending(struct ath_softc *sc, struct ath_node *an, int tid) 4129{ 4130 struct ieee80211_tx_ampdu *tap; 4131 4132 if (tid == IEEE80211_NONQOS_TID) 4133 return 0; 4134 4135 tap = ath_tx_get_tx_tid(an, tid); 4136 if (tap == NULL) 4137 return 0; /* Not valid; default to not pending */ 4138 4139 return !! (tap->txa_flags & IEEE80211_AGGR_XCHGPEND); 4140} 4141 4142/* 4143 * Is AMPDU-TX pending for the given TID? 4144 */ 4145 4146 4147/* 4148 * Method to handle sending an ADDBA request. 4149 * 4150 * We tap this so the relevant flags can be set to pause the TID 4151 * whilst waiting for the response. 4152 * 4153 * XXX there's no timeout handler we can override? 4154 */ 4155int 4156ath_addba_request(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4157 int dialogtoken, int baparamset, int batimeout) 4158{ 4159 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4160 int tid = tap->txa_tid; 4161 struct ath_node *an = ATH_NODE(ni); 4162 struct ath_tid *atid = &an->an_tid[tid]; 4163 4164 /* 4165 * XXX danger Will Robinson! 4166 * 4167 * Although the taskqueue may be running and scheduling some more 4168 * packets, these should all be _before_ the addba sequence number. 4169 * However, net80211 will keep self-assigning sequence numbers 4170 * until addba has been negotiated. 4171 * 4172 * In the past, these packets would be "paused" (which still works 4173 * fine, as they're being scheduled to the driver in the same 4174 * serialised method which is calling the addba request routine) 4175 * and when the aggregation session begins, they'll be dequeued 4176 * as aggregate packets and added to the BAW. However, now there's 4177 * a "bf->bf_state.bfs_dobaw" flag, and this isn't set for these 4178 * packets. Thus they never get included in the BAW tracking and 4179 * this can cause the initial burst of packets after the addba 4180 * negotiation to "hang", as they quickly fall outside the BAW. 4181 * 4182 * The "eventual" solution should be to tag these packets with 4183 * dobaw. Although net80211 has given us a sequence number, 4184 * it'll be "after" the left edge of the BAW and thus it'll 4185 * fall within it. 4186 */ 4187 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4188 /* 4189 * This is a bit annoying. Until net80211 HT code inherits some 4190 * (any) locking, we may have this called in parallel BUT only 4191 * one response/timeout will be called. Grr. 4192 */ 4193 if (atid->addba_tx_pending == 0) { 4194 ath_tx_tid_pause(sc, atid); 4195 atid->addba_tx_pending = 1; 4196 } 4197 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4198 4199 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4200 "%s: called; dialogtoken=%d, baparamset=%d, batimeout=%d\n", 4201 __func__, dialogtoken, baparamset, batimeout); 4202 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4203 "%s: txa_start=%d, ni_txseqs=%d\n", 4204 __func__, tap->txa_start, ni->ni_txseqs[tid]); 4205 4206 return sc->sc_addba_request(ni, tap, dialogtoken, baparamset, 4207 batimeout); 4208} 4209 4210/* 4211 * Handle an ADDBA response. 4212 * 4213 * We unpause the queue so TX'ing can resume. 4214 * 4215 * Any packets TX'ed from this point should be "aggregate" (whether 4216 * aggregate or not) so the BAW is updated. 4217 * 4218 * Note! net80211 keeps self-assigning sequence numbers until 4219 * ampdu is negotiated. This means the initially-negotiated BAW left 4220 * edge won't match the ni->ni_txseq. 4221 * 4222 * So, being very dirty, the BAW left edge is "slid" here to match 4223 * ni->ni_txseq. 4224 * 4225 * What likely SHOULD happen is that all packets subsequent to the 4226 * addba request should be tagged as aggregate and queued as non-aggregate 4227 * frames; thus updating the BAW. For now though, I'll just slide the 4228 * window. 4229 */ 4230int 4231ath_addba_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4232 int status, int code, int batimeout) 4233{ 4234 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4235 int tid = tap->txa_tid; 4236 struct ath_node *an = ATH_NODE(ni); 4237 struct ath_tid *atid = &an->an_tid[tid]; 4238 int r; 4239 4240 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4241 "%s: called; status=%d, code=%d, batimeout=%d\n", __func__, 4242 status, code, batimeout); 4243 4244 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4245 "%s: txa_start=%d, ni_txseqs=%d\n", 4246 __func__, tap->txa_start, ni->ni_txseqs[tid]); 4247 4248 /* 4249 * Call this first, so the interface flags get updated 4250 * before the TID is unpaused. Otherwise a race condition 4251 * exists where the unpaused TID still doesn't yet have 4252 * IEEE80211_AGGR_RUNNING set. 4253 */ 4254 r = sc->sc_addba_response(ni, tap, status, code, batimeout); 4255 4256 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4257 atid->addba_tx_pending = 0; 4258 /* 4259 * XXX dirty! 4260 * Slide the BAW left edge to wherever net80211 left it for us. 4261 * Read above for more information. 4262 */ 4263 tap->txa_start = ni->ni_txseqs[tid]; 4264 ath_tx_tid_resume(sc, atid); 4265 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4266 return r; 4267} 4268 4269 4270/* 4271 * Stop ADDBA on a queue. 4272 */ 4273void 4274ath_addba_stop(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap) 4275{ 4276 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4277 int tid = tap->txa_tid; 4278 struct ath_node *an = ATH_NODE(ni); 4279 struct ath_tid *atid = &an->an_tid[tid]; 4280 4281 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, "%s: called\n", __func__); 4282 4283 /* Pause TID traffic early, so there aren't any races */ 4284 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4285 ath_tx_tid_pause(sc, atid); 4286 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4287 4288 /* There's no need to hold the TXQ lock here */ 4289 sc->sc_addba_stop(ni, tap); 4290 4291 /* 4292 * ath_tx_tid_cleanup will resume the TID if possible, otherwise 4293 * it'll set the cleanup flag, and it'll be unpaused once 4294 * things have been cleaned up. 4295 */ 4296 ath_tx_tid_cleanup(sc, an, tid); 4297} 4298 4299/* 4300 * Note: net80211 bar_timeout() doesn't call this function on BAR failure; 4301 * it simply tears down the aggregation session. Ew. 4302 * 4303 * It however will call ieee80211_ampdu_stop() which will call 4304 * ic->ic_addba_stop(). 4305 * 4306 * XXX This uses a hard-coded max BAR count value; the whole 4307 * XXX BAR TX success or failure should be better handled! 4308 */ 4309void 4310ath_bar_response(struct ieee80211_node *ni, struct ieee80211_tx_ampdu *tap, 4311 int status) 4312{ 4313 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4314 int tid = tap->txa_tid; 4315 struct ath_node *an = ATH_NODE(ni); 4316 struct ath_tid *atid = &an->an_tid[tid]; 4317 int attempts = tap->txa_attempts; 4318 4319 DPRINTF(sc, ATH_DEBUG_SW_TX_BAR, 4320 "%s: called; tap=%p, atid=%p, txa_tid=%d, atid->tid=%d, status=%d, attempts=%d\n", 4321 __func__, 4322 tap, 4323 atid, 4324 tap->txa_tid, 4325 atid->tid, 4326 status, 4327 attempts); 4328 4329 /* Note: This may update the BAW details */ 4330 sc->sc_bar_response(ni, tap, status); 4331 4332 /* Unpause the TID */ 4333 /* 4334 * XXX if this is attempt=50, the TID will be downgraded 4335 * XXX to a non-aggregate session. So we must unpause the 4336 * XXX TID here or it'll never be done. 4337 */ 4338 if (status == 0 || attempts == 50) { 4339 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4340 ath_tx_tid_bar_unsuspend(sc, atid); 4341 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4342 } 4343} 4344 4345/* 4346 * This is called whenever the pending ADDBA request times out. 4347 * Unpause and reschedule the TID. 4348 */ 4349void 4350ath_addba_response_timeout(struct ieee80211_node *ni, 4351 struct ieee80211_tx_ampdu *tap) 4352{ 4353 struct ath_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4354 int tid = tap->txa_tid; 4355 struct ath_node *an = ATH_NODE(ni); 4356 struct ath_tid *atid = &an->an_tid[tid]; 4357 4358 DPRINTF(sc, ATH_DEBUG_SW_TX_CTRL, 4359 "%s: called; resuming\n", __func__); 4360 4361 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4362 atid->addba_tx_pending = 0; 4363 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4364 4365 /* Note: This updates the aggregate state to (again) pending */ 4366 sc->sc_addba_response_timeout(ni, tap); 4367 4368 /* Unpause the TID; which reschedules it */ 4369 ATH_TXQ_LOCK(sc->sc_ac2q[atid->ac]); 4370 ath_tx_tid_resume(sc, atid); 4371 ATH_TXQ_UNLOCK(sc->sc_ac2q[atid->ac]); 4372} 4373