2 * Copyright (c) 2012 Adrian Chadd <adrian@FreeBSD.org>
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer,
10 * without modification.
11 * 2. Redistributions in binary form must reproduce at minimum a disclaimer
12 * similar to the "NO WARRANTY" disclaimer below ("Disclaimer") and any
13 * redistribution must be conditioned upon including a substantially
14 * similar Disclaimer requirement for further binary redistribution.
17 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19 * LIMITED TO, THE IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTIBILITY
20 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21 * THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY,
22 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
25 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
27 * THE POSSIBILITY OF SUCH DAMAGES.
30 #include <sys/cdefs.h>
31 __FBSDID("$FreeBSD$");
34 * Driver for the Atheros Wireless LAN controller.
36 * This software is derived from work of Atsushi Onoe; his contribution
37 * is greatly appreciated.
43 * This is needed for register operations which are performed
44 * by the driver - eg, calls to ath_hal_gettsf32().
46 * It's also required for any AH_DEBUG checks in here, eg the
47 * module dependencies.
52 #include <sys/param.h>
53 #include <sys/systm.h>
54 #include <sys/sysctl.h>
56 #include <sys/malloc.h>
58 #include <sys/mutex.h>
59 #include <sys/kernel.h>
60 #include <sys/socket.h>
61 #include <sys/sockio.h>
62 #include <sys/errno.h>
63 #include <sys/callout.h>
65 #include <sys/endian.h>
66 #include <sys/kthread.h>
67 #include <sys/taskqueue.h>
69 #include <sys/module.h>
71 #include <sys/smp.h> /* for mp_ncpus */
73 #include <machine/bus.h>
76 #include <net/if_dl.h>
77 #include <net/if_media.h>
78 #include <net/if_types.h>
79 #include <net/if_arp.h>
80 #include <net/ethernet.h>
81 #include <net/if_llc.h>
83 #include <net80211/ieee80211_var.h>
84 #include <net80211/ieee80211_regdomain.h>
85 #ifdef IEEE80211_SUPPORT_SUPERG
86 #include <net80211/ieee80211_superg.h>
88 #ifdef IEEE80211_SUPPORT_TDMA
89 #include <net80211/ieee80211_tdma.h>
95 #include <netinet/in.h>
96 #include <netinet/if_ether.h>
99 #include <dev/ath/if_athvar.h>
100 #include <dev/ath/ath_hal/ah_devid.h> /* XXX for softled */
101 #include <dev/ath/ath_hal/ah_diagcodes.h>
103 #include <dev/ath/if_ath_debug.h>
104 #include <dev/ath/if_ath_misc.h>
105 #include <dev/ath/if_ath_tsf.h>
106 #include <dev/ath/if_ath_tx.h>
107 #include <dev/ath/if_ath_sysctl.h>
108 #include <dev/ath/if_ath_led.h>
109 #include <dev/ath/if_ath_keycache.h>
110 #include <dev/ath/if_ath_rx.h>
111 #include <dev/ath/if_ath_beacon.h>
112 #include <dev/ath/if_athdfs.h>
115 #include <dev/ath/ath_tx99/ath_tx99.h>
118 #include <dev/ath/if_ath_rx_edma.h>
121 * some general macros
123 #define INCR(_l, _sz) (_l) ++; (_l) &= ((_sz) - 1)
124 #define DECR(_l, _sz) (_l) --; (_l) &= ((_sz) - 1)
126 MALLOC_DECLARE(M_ATHDEV);
131 * + Add an RX lock, just to ensure we don't have things clash;
132 * + Make sure the FIFO is correctly flushed and reinitialised
134 * + Handle the "kickpcu" state where the FIFO overflows.
135 * + Implement a "flush" routine, which doesn't push any
136 * new frames into the FIFO.
137 * + Verify multi-descriptor frames work!
138 * + There's a "memory use after free" which needs to be tracked down
139 * and fixed ASAP. I've seen this in the legacy path too, so it
140 * may be a generic RX path issue.
144 * XXX shuffle the function orders so these pre-declarations aren't
147 static int ath_edma_rxfifo_alloc(struct ath_softc *sc, HAL_RX_QUEUE qtype,
149 static int ath_edma_rxfifo_flush(struct ath_softc *sc, HAL_RX_QUEUE qtype);
150 static void ath_edma_rxbuf_free(struct ath_softc *sc, struct ath_buf *bf);
151 static int ath_edma_recv_proc_queue(struct ath_softc *sc,
152 HAL_RX_QUEUE qtype, int dosched);
155 ath_edma_stoprecv(struct ath_softc *sc, int dodelay)
157 struct ath_hal *ah = sc->sc_ah;
160 ath_hal_stoppcurecv(ah);
161 ath_hal_setrxfilter(ah, 0);
162 ath_hal_stopdmarecv(ah);
166 /* Flush RX pending for each queue */
167 /* XXX should generic-ify this */
168 if (sc->sc_rxedma[HAL_RX_QUEUE_HP].m_rxpending) {
169 m_freem(sc->sc_rxedma[HAL_RX_QUEUE_HP].m_rxpending);
170 sc->sc_rxedma[HAL_RX_QUEUE_HP].m_rxpending = NULL;
173 if (sc->sc_rxedma[HAL_RX_QUEUE_LP].m_rxpending) {
174 m_freem(sc->sc_rxedma[HAL_RX_QUEUE_LP].m_rxpending);
175 sc->sc_rxedma[HAL_RX_QUEUE_LP].m_rxpending = NULL;
181 * Re-initialise the FIFO given the current buffer contents.
182 * Specifically, walk from head -> tail, pushing the FIFO contents
183 * back into the FIFO.
186 ath_edma_reinit_fifo(struct ath_softc *sc, HAL_RX_QUEUE qtype)
188 struct ath_rx_edma *re = &sc->sc_rxedma[qtype];
192 ATH_RX_LOCK_ASSERT(sc);
195 for (j = 0; j < re->m_fifo_depth; j++) {
197 DPRINTF(sc, ATH_DEBUG_EDMA_RX,
198 "%s: Q%d: pos=%i, addr=0x%jx\n",
202 (uintmax_t)bf->bf_daddr);
203 ath_hal_putrxbuf(sc->sc_ah, bf->bf_daddr, qtype);
204 INCR(i, re->m_fifolen);
207 /* Ensure this worked out right */
208 if (i != re->m_fifo_tail) {
209 device_printf(sc->sc_dev, "%s: i (%d) != tail! (%d)\n",
219 * XXX TODO: this needs to reallocate the FIFO entries when a reset
220 * occurs, in case the FIFO is filled up and no new descriptors get
221 * thrown into the FIFO.
224 ath_edma_startrecv(struct ath_softc *sc)
226 struct ath_hal *ah = sc->sc_ah;
234 * Entries should only be written out if the
237 * XXX This isn't correct. I should be looking
238 * at the value of AR_RXDP_SIZE (0x0070) to determine
239 * how many entries are in here.
241 * A warm reset will clear the registers but not the FIFO.
243 * And I believe this is actually the address of the last
244 * handled buffer rather than the current FIFO pointer.
245 * So if no frames have been (yet) seen, we'll reinit the
248 * I'll chase that up at some point.
250 if (ath_hal_getrxbuf(sc->sc_ah, HAL_RX_QUEUE_HP) == 0) {
251 DPRINTF(sc, ATH_DEBUG_EDMA_RX,
252 "%s: Re-initing HP FIFO\n", __func__);
253 ath_edma_reinit_fifo(sc, HAL_RX_QUEUE_HP);
255 if (ath_hal_getrxbuf(sc->sc_ah, HAL_RX_QUEUE_LP) == 0) {
256 DPRINTF(sc, ATH_DEBUG_EDMA_RX,
257 "%s: Re-initing LP FIFO\n", __func__);
258 ath_edma_reinit_fifo(sc, HAL_RX_QUEUE_LP);
261 /* Add up to m_fifolen entries in each queue */
263 * These must occur after the above write so the FIFO buffers
264 * are pushed/tracked in the same order as the hardware will
267 ath_edma_rxfifo_alloc(sc, HAL_RX_QUEUE_HP,
268 sc->sc_rxedma[HAL_RX_QUEUE_HP].m_fifolen);
270 ath_edma_rxfifo_alloc(sc, HAL_RX_QUEUE_LP,
271 sc->sc_rxedma[HAL_RX_QUEUE_LP].m_fifolen);
274 ath_hal_startpcurecv(ah);
282 ath_edma_recv_flush(struct ath_softc *sc)
285 device_printf(sc->sc_dev, "%s: called\n", __func__);
287 ath_edma_recv_proc_queue(sc, HAL_RX_QUEUE_HP, 0);
288 ath_edma_recv_proc_queue(sc, HAL_RX_QUEUE_LP, 0);
292 * Process frames from the current queue.
296 * + Add a "dosched" flag, so we don't reschedule any FIFO frames
297 * to the hardware or re-kick the PCU after 'kickpcu' is set.
299 * + Perhaps split "check FIFO contents" and "handle frames", so
300 * we can run the "check FIFO contents" in ath_intr(), but
301 * "handle frames" in the RX tasklet.
304 ath_edma_recv_proc_queue(struct ath_softc *sc, HAL_RX_QUEUE qtype,
307 struct ath_rx_edma *re = &sc->sc_rxedma[qtype];
308 struct ath_rx_status *rs;
312 struct ath_hal *ah = sc->sc_ah;
317 struct ath_buf *next;
321 tsf = ath_hal_gettsf64(ah);
322 nf = ath_hal_getchannoise(ah, sc->sc_curchan);
323 sc->sc_stats.ast_rx_noise = nf;
328 bf = re->m_fifo[re->m_fifo_head];
329 /* This shouldn't occur! */
331 device_printf(sc->sc_dev, "%s: Q%d: NULL bf?\n",
340 * Sync descriptor memory - this also syncs the buffer for us.
342 * EDMA descriptors are in cached memory.
344 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap,
345 BUS_DMASYNC_POSTREAD);
346 rs = &bf->bf_status.ds_rxstat;
347 bf->bf_rxstatus = ath_hal_rxprocdesc(ah, ds, bf->bf_daddr,
350 if (sc->sc_debug & ATH_DEBUG_RECV_DESC)
351 ath_printrxbuf(sc, bf, 0, bf->bf_rxstatus == HAL_OK);
353 if (bf->bf_rxstatus == HAL_EINPROGRESS)
357 * Completed descriptor.
359 * In the future we'll call ath_rx_pkt(), but it first
360 * has to be taught about EDMA RX queues (so it can
361 * access sc_rxpending correctly.)
363 DPRINTF(sc, ATH_DEBUG_EDMA_RX,
364 "%s: Q%d: completed!\n", __func__, qtype);
367 * Remove the FIFO entry and place it on the completion
370 re->m_fifo[re->m_fifo_head] = NULL;
371 TAILQ_INSERT_TAIL(&rxlist, bf, bf_list);
373 /* Bump the descriptor FIFO stats */
374 INCR(re->m_fifo_head, re->m_fifolen);
376 /* XXX check it doesn't fall below 0 */
377 } while (re->m_fifo_depth > 0);
379 /* Append some more fresh frames to the FIFO */
381 ath_edma_rxfifo_alloc(sc, qtype, re->m_fifolen);
385 /* Handle the completed descriptors */
386 TAILQ_FOREACH_SAFE(bf, &rxlist, bf_list, next) {
388 * Skip the RX descriptor status - start at the data offset
390 m_adj(bf->bf_m, sc->sc_rx_statuslen);
392 /* Handle the frame */
394 * Note: this may or may not free bf->bf_m and sync/unmap
397 rs = &bf->bf_status.ds_rxstat;
398 if (ath_rx_pkt(sc, rs, bf->bf_rxstatus, tsf, nf, qtype, bf))
402 /* Free in one set, inside the lock */
404 TAILQ_FOREACH_SAFE(bf, &rxlist, bf_list, next) {
405 /* Free the buffer/mbuf */
406 ath_edma_rxbuf_free(sc, bf);
410 /* Handle resched and kickpcu appropriately */
412 if (dosched && sc->sc_kickpcu) {
413 CTR0(ATH_KTR_ERR, "ath_edma_recv_proc_queue(): kickpcu");
414 device_printf(sc->sc_dev, "%s: handled %d descriptors\n",
418 * XXX TODO: what should occur here? Just re-poke and
419 * re-enable the RX FIFO?
429 ath_edma_recv_tasklet(void *arg, int npending)
431 struct ath_softc *sc = (struct ath_softc *) arg;
433 DPRINTF(sc, ATH_DEBUG_EDMA_RX, "%s: called; npending=%d\n",
438 if (sc->sc_inreset_cnt > 0) {
439 device_printf(sc->sc_dev, "%s: sc_inreset_cnt > 0; skipping\n",
446 ath_edma_recv_proc_queue(sc, HAL_RX_QUEUE_HP, 1);
447 ath_edma_recv_proc_queue(sc, HAL_RX_QUEUE_LP, 1);
451 * Allocate an RX mbuf for the given ath_buf and initialise
454 * + Allocate a 4KB mbuf;
455 * + Setup the DMA map for the given buffer;
456 * + Keep a pointer to the start of the mbuf - that's where the
458 * + Take a pointer to the start of the RX buffer, set the
459 * mbuf "start" to be there;
463 ath_edma_rxbuf_init(struct ath_softc *sc, struct ath_buf *bf)
470 ATH_RX_LOCK_ASSERT(sc);
472 // device_printf(sc->sc_dev, "%s: called; bf=%p\n", __func__, bf);
474 m = m_getm(NULL, sc->sc_edma_bufsize, M_DONTWAIT, MT_DATA);
476 return (ENOBUFS); /* XXX ?*/
478 /* XXX warn/enforce alignment */
480 len = m->m_ext.ext_size;
482 device_printf(sc->sc_dev, "%s: called: m=%p, size=%d, mtod=%p\n",
489 m->m_pkthdr.len = m->m_len = m->m_ext.ext_size;
492 * Create DMA mapping.
494 error = bus_dmamap_load_mbuf_sg(sc->sc_dmat,
495 bf->bf_dmamap, m, bf->bf_segs, &bf->bf_nseg, BUS_DMA_NOWAIT);
497 device_printf(sc->sc_dev, "%s: failed; error=%d\n",
505 * Populate ath_buf fields.
508 bf->bf_desc = mtod(m, struct ath_desc *);
509 bf->bf_daddr = bf->bf_segs[0].ds_addr;
510 bf->bf_lastds = bf->bf_desc; /* XXX only really for TX? */
513 /* Zero the descriptor */
514 memset(bf->bf_desc, '\0', sc->sc_rx_statuslen);
518 * Adjust mbuf header and length/size to compensate for the
521 m_adj(m, sc->sc_rx_statuslen);
529 static struct ath_buf *
530 ath_edma_rxbuf_alloc(struct ath_softc *sc)
535 ATH_RX_LOCK_ASSERT(sc);
537 /* Allocate buffer */
538 bf = TAILQ_FIRST(&sc->sc_rxbuf);
539 /* XXX shouldn't happen upon startup? */
543 /* Remove it from the free list */
544 TAILQ_REMOVE(&sc->sc_rxbuf, bf, bf_list);
546 /* Assign RX mbuf to it */
547 error = ath_edma_rxbuf_init(sc, bf);
549 device_printf(sc->sc_dev,
550 "%s: bf=%p, rxbuf alloc failed! error=%d\n",
554 TAILQ_INSERT_TAIL(&sc->sc_rxbuf, bf, bf_list);
562 ath_edma_rxbuf_free(struct ath_softc *sc, struct ath_buf *bf)
565 ATH_RX_LOCK_ASSERT(sc);
567 /* We're doing this multiple times? */
568 bus_dmamap_unload(sc->sc_dmat, bf->bf_dmamap);
576 TAILQ_INSERT_TAIL(&sc->sc_rxbuf, bf, bf_list);
580 * Allocate up to 'n' entries and push them onto the hardware FIFO.
582 * Return how many entries were successfully pushed onto the
586 ath_edma_rxfifo_alloc(struct ath_softc *sc, HAL_RX_QUEUE qtype, int nbufs)
588 struct ath_rx_edma *re = &sc->sc_rxedma[qtype];
592 ATH_RX_LOCK_ASSERT(sc);
595 * Allocate buffers until the FIFO is full or nbufs is reached.
597 for (i = 0; i < nbufs && re->m_fifo_depth < re->m_fifolen; i++) {
598 /* Ensure the FIFO is already blank, complain loudly! */
599 if (re->m_fifo[re->m_fifo_tail] != NULL) {
600 device_printf(sc->sc_dev,
601 "%s: Q%d: fifo[%d] != NULL (%p)\n",
605 re->m_fifo[re->m_fifo_tail]);
608 ath_edma_rxbuf_free(sc, re->m_fifo[re->m_fifo_tail]);
610 /* XXX check it's not < 0 */
611 re->m_fifo[re->m_fifo_tail] = NULL;
614 bf = ath_edma_rxbuf_alloc(sc);
615 /* XXX should ensure the FIFO is not NULL? */
617 device_printf(sc->sc_dev, "%s: Q%d: alloc failed?\n",
623 re->m_fifo[re->m_fifo_tail] = bf;
626 * Flush the descriptor contents before it's handed to the
629 bus_dmamap_sync(sc->sc_dmat, bf->bf_dmamap,
630 BUS_DMASYNC_PREREAD);
632 /* Write to the RX FIFO */
633 DPRINTF(sc, ATH_DEBUG_EDMA_RX, "%s: Q%d: putrxbuf=%p\n",
637 ath_hal_putrxbuf(sc->sc_ah, bf->bf_daddr, qtype);
640 INCR(re->m_fifo_tail, re->m_fifolen);
644 * Return how many were allocated.
646 DPRINTF(sc, ATH_DEBUG_EDMA_RX, "%s: Q%d: nbufs=%d, nalloced=%d\n",
655 ath_edma_rxfifo_flush(struct ath_softc *sc, HAL_RX_QUEUE qtype)
657 struct ath_rx_edma *re = &sc->sc_rxedma[qtype];
660 ATH_RX_LOCK_ASSERT(sc);
662 for (i = 0; i < re->m_fifolen; i++) {
663 if (re->m_fifo[i] != NULL) {
665 struct ath_buf *bf = re->m_fifo[i];
667 if (sc->sc_debug & ATH_DEBUG_RECV_DESC)
668 ath_printrxbuf(sc, bf, 0, HAL_OK);
670 ath_edma_rxbuf_free(sc, re->m_fifo[i]);
671 re->m_fifo[i] = NULL;
676 if (re->m_rxpending != NULL) {
677 m_freem(re->m_rxpending);
678 re->m_rxpending = NULL;
680 re->m_fifo_head = re->m_fifo_tail = re->m_fifo_depth = 0;
686 * Setup the initial RX FIFO structure.
689 ath_edma_setup_rxfifo(struct ath_softc *sc, HAL_RX_QUEUE qtype)
691 struct ath_rx_edma *re = &sc->sc_rxedma[qtype];
693 ATH_RX_LOCK_ASSERT(sc);
695 if (! ath_hal_getrxfifodepth(sc->sc_ah, qtype, &re->m_fifolen)) {
696 device_printf(sc->sc_dev, "%s: qtype=%d, failed\n",
701 device_printf(sc->sc_dev, "%s: type=%d, FIFO depth = %d entries\n",
706 /* Allocate ath_buf FIFO array, pre-zero'ed */
707 re->m_fifo = malloc(sizeof(struct ath_buf *) * re->m_fifolen,
710 if (re->m_fifo == NULL) {
711 device_printf(sc->sc_dev, "%s: malloc failed\n",
717 * Set initial "empty" state.
719 re->m_rxpending = NULL;
720 re->m_fifo_head = re->m_fifo_tail = re->m_fifo_depth = 0;
726 ath_edma_rxfifo_free(struct ath_softc *sc, HAL_RX_QUEUE qtype)
728 struct ath_rx_edma *re = &sc->sc_rxedma[qtype];
730 device_printf(sc->sc_dev, "%s: called; qtype=%d\n",
734 free(re->m_fifo, M_ATHDEV);
740 ath_edma_dma_rxsetup(struct ath_softc *sc)
745 * Create RX DMA tag and buffers.
747 error = ath_descdma_setup_rx_edma(sc, &sc->sc_rxdma, &sc->sc_rxbuf,
748 "rx", ath_rxbuf, sc->sc_rx_statuslen);
753 (void) ath_edma_setup_rxfifo(sc, HAL_RX_QUEUE_HP);
754 (void) ath_edma_setup_rxfifo(sc, HAL_RX_QUEUE_LP);
761 ath_edma_dma_rxteardown(struct ath_softc *sc)
764 device_printf(sc->sc_dev, "%s: called\n", __func__);
767 ath_edma_rxfifo_flush(sc, HAL_RX_QUEUE_HP);
768 ath_edma_rxfifo_free(sc, HAL_RX_QUEUE_HP);
770 ath_edma_rxfifo_flush(sc, HAL_RX_QUEUE_LP);
771 ath_edma_rxfifo_free(sc, HAL_RX_QUEUE_LP);
774 /* Free RX ath_buf */
775 /* Free RX DMA tag */
776 if (sc->sc_rxdma.dd_desc_len != 0)
777 ath_descdma_cleanup(sc, &sc->sc_rxdma, &sc->sc_rxbuf);
783 ath_recv_setup_edma(struct ath_softc *sc)
786 device_printf(sc->sc_dev, "DMA setup: EDMA\n");
788 /* Set buffer size to 4k */
789 sc->sc_edma_bufsize = 4096;
791 /* Fetch EDMA field and buffer sizes */
792 (void) ath_hal_getrxstatuslen(sc->sc_ah, &sc->sc_rx_statuslen);
793 (void) ath_hal_gettxdesclen(sc->sc_ah, &sc->sc_tx_desclen);
794 (void) ath_hal_gettxstatuslen(sc->sc_ah, &sc->sc_tx_statuslen);
795 (void) ath_hal_getntxmaps(sc->sc_ah, &sc->sc_tx_nmaps);
797 /* Configure the hardware with the RX buffer size */
798 (void) ath_hal_setrxbufsize(sc->sc_ah, sc->sc_edma_bufsize -
799 sc->sc_rx_statuslen);
801 device_printf(sc->sc_dev, "RX status length: %d\n",
802 sc->sc_rx_statuslen);
803 device_printf(sc->sc_dev, "TX descriptor length: %d\n",
805 device_printf(sc->sc_dev, "TX status length: %d\n",
806 sc->sc_tx_statuslen);
807 device_printf(sc->sc_dev, "TX/RX buffer size: %d\n",
808 sc->sc_edma_bufsize);
809 device_printf(sc->sc_dev, "TX buffers per descriptor: %d\n",
812 sc->sc_rx.recv_stop = ath_edma_stoprecv;
813 sc->sc_rx.recv_start = ath_edma_startrecv;
814 sc->sc_rx.recv_flush = ath_edma_recv_flush;
815 sc->sc_rx.recv_tasklet = ath_edma_recv_tasklet;
816 sc->sc_rx.recv_rxbuf_init = ath_edma_rxbuf_init;
818 sc->sc_rx.recv_setup = ath_edma_dma_rxsetup;
819 sc->sc_rx.recv_teardown = ath_edma_dma_rxteardown;
projects / FreeBSD / FreeBSD.git / blob