1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2017, Microsoft Corporation.
4 *
5 * Author(s): Long Li <longli@microsoft.com>
6 */
7 #include <linux/module.h>
8 #include <linux/highmem.h>
9 #include <linux/folio_queue.h>
10 #include "../common/smbdirect/smbdirect_pdu.h"
11 #include "smbdirect.h"
12 #include "cifs_debug.h"
13 #include "cifsproto.h"
14 #include "smb2proto.h"
15
smbd_get_parameters(struct smbd_connection * conn)16 const struct smbdirect_socket_parameters *smbd_get_parameters(struct smbd_connection *conn)
17 {
18 struct smbdirect_socket *sc = &conn->socket;
19
20 return &sc->parameters;
21 }
22
23 static struct smbdirect_recv_io *get_receive_buffer(
24 struct smbdirect_socket *sc);
25 static void put_receive_buffer(
26 struct smbdirect_socket *sc,
27 struct smbdirect_recv_io *response);
28 static int allocate_receive_buffers(struct smbdirect_socket *sc, int num_buf);
29 static void destroy_receive_buffers(struct smbdirect_socket *sc);
30
31 static void enqueue_reassembly(
32 struct smbdirect_socket *sc,
33 struct smbdirect_recv_io *response, int data_length);
34 static struct smbdirect_recv_io *_get_first_reassembly(
35 struct smbdirect_socket *sc);
36
37 static int smbd_post_recv(
38 struct smbdirect_socket *sc,
39 struct smbdirect_recv_io *response);
40
41 static int smbd_post_send_empty(struct smbdirect_socket *sc);
42
43 static void destroy_mr_list(struct smbdirect_socket *sc);
44 static int allocate_mr_list(struct smbdirect_socket *sc);
45
46 struct smb_extract_to_rdma {
47 struct ib_sge *sge;
48 unsigned int nr_sge;
49 unsigned int max_sge;
50 struct ib_device *device;
51 u32 local_dma_lkey;
52 enum dma_data_direction direction;
53 };
54 static ssize_t smb_extract_iter_to_rdma(struct iov_iter *iter, size_t len,
55 struct smb_extract_to_rdma *rdma);
56
57 /* Port numbers for SMBD transport */
58 #define SMB_PORT 445
59 #define SMBD_PORT 5445
60
61 /* Address lookup and resolve timeout in ms */
62 #define RDMA_RESOLVE_TIMEOUT 5000
63
64 /* SMBD negotiation timeout in seconds */
65 #define SMBD_NEGOTIATE_TIMEOUT 120
66
67 /* The timeout to wait for a keepalive message from peer in seconds */
68 #define KEEPALIVE_RECV_TIMEOUT 5
69
70 /* SMBD minimum receive size and fragmented sized defined in [MS-SMBD] */
71 #define SMBD_MIN_RECEIVE_SIZE 128
72 #define SMBD_MIN_FRAGMENTED_SIZE 131072
73
74 /*
75 * Default maximum number of RDMA read/write outstanding on this connection
76 * This value is possibly decreased during QP creation on hardware limit
77 */
78 #define SMBD_CM_RESPONDER_RESOURCES 32
79
80 /* Maximum number of retries on data transfer operations */
81 #define SMBD_CM_RETRY 6
82 /* No need to retry on Receiver Not Ready since SMBD manages credits */
83 #define SMBD_CM_RNR_RETRY 0
84
85 /*
86 * User configurable initial values per SMBD transport connection
87 * as defined in [MS-SMBD] 3.1.1.1
88 * Those may change after a SMBD negotiation
89 */
90 /* The local peer's maximum number of credits to grant to the peer */
91 int smbd_receive_credit_max = 255;
92
93 /* The remote peer's credit request of local peer */
94 int smbd_send_credit_target = 255;
95
96 /* The maximum single message size can be sent to remote peer */
97 int smbd_max_send_size = 1364;
98
99 /* The maximum fragmented upper-layer payload receive size supported */
100 int smbd_max_fragmented_recv_size = 1024 * 1024;
101
102 /* The maximum single-message size which can be received */
103 int smbd_max_receive_size = 1364;
104
105 /* The timeout to initiate send of a keepalive message on idle */
106 int smbd_keep_alive_interval = 120;
107
108 /*
109 * User configurable initial values for RDMA transport
110 * The actual values used may be lower and are limited to hardware capabilities
111 */
112 /* Default maximum number of pages in a single RDMA write/read */
113 int smbd_max_frmr_depth = 2048;
114
115 /* If payload is less than this byte, use RDMA send/recv not read/write */
116 int rdma_readwrite_threshold = 4096;
117
118 /* Transport logging functions
119 * Logging are defined as classes. They can be OR'ed to define the actual
120 * logging level via module parameter smbd_logging_class
121 * e.g. cifs.smbd_logging_class=0xa0 will log all log_rdma_recv() and
122 * log_rdma_event()
123 */
124 #define LOG_OUTGOING 0x1
125 #define LOG_INCOMING 0x2
126 #define LOG_READ 0x4
127 #define LOG_WRITE 0x8
128 #define LOG_RDMA_SEND 0x10
129 #define LOG_RDMA_RECV 0x20
130 #define LOG_KEEP_ALIVE 0x40
131 #define LOG_RDMA_EVENT 0x80
132 #define LOG_RDMA_MR 0x100
133 static unsigned int smbd_logging_class;
134 module_param(smbd_logging_class, uint, 0644);
135 MODULE_PARM_DESC(smbd_logging_class,
136 "Logging class for SMBD transport 0x0 to 0x100");
137
138 #define ERR 0x0
139 #define INFO 0x1
140 static unsigned int smbd_logging_level = ERR;
141 module_param(smbd_logging_level, uint, 0644);
142 MODULE_PARM_DESC(smbd_logging_level,
143 "Logging level for SMBD transport, 0 (default): error, 1: info");
144
145 #define log_rdma(level, class, fmt, args...) \
146 do { \
147 if (level <= smbd_logging_level || class & smbd_logging_class) \
148 cifs_dbg(VFS, "%s:%d " fmt, __func__, __LINE__, ##args);\
149 } while (0)
150
151 #define log_outgoing(level, fmt, args...) \
152 log_rdma(level, LOG_OUTGOING, fmt, ##args)
153 #define log_incoming(level, fmt, args...) \
154 log_rdma(level, LOG_INCOMING, fmt, ##args)
155 #define log_read(level, fmt, args...) log_rdma(level, LOG_READ, fmt, ##args)
156 #define log_write(level, fmt, args...) log_rdma(level, LOG_WRITE, fmt, ##args)
157 #define log_rdma_send(level, fmt, args...) \
158 log_rdma(level, LOG_RDMA_SEND, fmt, ##args)
159 #define log_rdma_recv(level, fmt, args...) \
160 log_rdma(level, LOG_RDMA_RECV, fmt, ##args)
161 #define log_keep_alive(level, fmt, args...) \
162 log_rdma(level, LOG_KEEP_ALIVE, fmt, ##args)
163 #define log_rdma_event(level, fmt, args...) \
164 log_rdma(level, LOG_RDMA_EVENT, fmt, ##args)
165 #define log_rdma_mr(level, fmt, args...) \
166 log_rdma(level, LOG_RDMA_MR, fmt, ##args)
167
smbd_disconnect_wake_up_all(struct smbdirect_socket * sc)168 static void smbd_disconnect_wake_up_all(struct smbdirect_socket *sc)
169 {
170 /*
171 * Wake up all waiters in all wait queues
172 * in order to notice the broken connection.
173 */
174 wake_up_all(&sc->status_wait);
175 wake_up_all(&sc->send_io.credits.wait_queue);
176 wake_up_all(&sc->send_io.pending.dec_wait_queue);
177 wake_up_all(&sc->send_io.pending.zero_wait_queue);
178 wake_up_all(&sc->recv_io.reassembly.wait_queue);
179 wake_up_all(&sc->mr_io.ready.wait_queue);
180 wake_up_all(&sc->mr_io.cleanup.wait_queue);
181 }
182
smbd_disconnect_rdma_work(struct work_struct * work)183 static void smbd_disconnect_rdma_work(struct work_struct *work)
184 {
185 struct smbdirect_socket *sc =
186 container_of(work, struct smbdirect_socket, disconnect_work);
187
188 /*
189 * make sure this and other work is not queued again
190 * but here we don't block and avoid
191 * disable[_delayed]_work_sync()
192 */
193 disable_work(&sc->disconnect_work);
194 disable_work(&sc->recv_io.posted.refill_work);
195 disable_work(&sc->mr_io.recovery_work);
196 disable_work(&sc->idle.immediate_work);
197 disable_delayed_work(&sc->idle.timer_work);
198
199 if (sc->first_error == 0)
200 sc->first_error = -ECONNABORTED;
201
202 switch (sc->status) {
203 case SMBDIRECT_SOCKET_NEGOTIATE_NEEDED:
204 case SMBDIRECT_SOCKET_NEGOTIATE_RUNNING:
205 case SMBDIRECT_SOCKET_NEGOTIATE_FAILED:
206 case SMBDIRECT_SOCKET_CONNECTED:
207 case SMBDIRECT_SOCKET_ERROR:
208 sc->status = SMBDIRECT_SOCKET_DISCONNECTING;
209 rdma_disconnect(sc->rdma.cm_id);
210 break;
211
212 case SMBDIRECT_SOCKET_CREATED:
213 case SMBDIRECT_SOCKET_RESOLVE_ADDR_NEEDED:
214 case SMBDIRECT_SOCKET_RESOLVE_ADDR_RUNNING:
215 case SMBDIRECT_SOCKET_RESOLVE_ADDR_FAILED:
216 case SMBDIRECT_SOCKET_RESOLVE_ROUTE_NEEDED:
217 case SMBDIRECT_SOCKET_RESOLVE_ROUTE_RUNNING:
218 case SMBDIRECT_SOCKET_RESOLVE_ROUTE_FAILED:
219 case SMBDIRECT_SOCKET_RDMA_CONNECT_NEEDED:
220 case SMBDIRECT_SOCKET_RDMA_CONNECT_RUNNING:
221 case SMBDIRECT_SOCKET_RDMA_CONNECT_FAILED:
222 /*
223 * rdma_connect() never reached
224 * RDMA_CM_EVENT_ESTABLISHED
225 */
226 sc->status = SMBDIRECT_SOCKET_DISCONNECTED;
227 break;
228
229 case SMBDIRECT_SOCKET_DISCONNECTING:
230 case SMBDIRECT_SOCKET_DISCONNECTED:
231 case SMBDIRECT_SOCKET_DESTROYED:
232 break;
233 }
234
235 /*
236 * Wake up all waiters in all wait queues
237 * in order to notice the broken connection.
238 */
239 smbd_disconnect_wake_up_all(sc);
240 }
241
smbd_disconnect_rdma_connection(struct smbdirect_socket * sc)242 static void smbd_disconnect_rdma_connection(struct smbdirect_socket *sc)
243 {
244 /*
245 * make sure other work (than disconnect_work) is
246 * not queued again but here we don't block and avoid
247 * disable[_delayed]_work_sync()
248 */
249 disable_work(&sc->recv_io.posted.refill_work);
250 disable_work(&sc->mr_io.recovery_work);
251 disable_work(&sc->idle.immediate_work);
252 disable_delayed_work(&sc->idle.timer_work);
253
254 if (sc->first_error == 0)
255 sc->first_error = -ECONNABORTED;
256
257 switch (sc->status) {
258 case SMBDIRECT_SOCKET_RESOLVE_ADDR_FAILED:
259 case SMBDIRECT_SOCKET_RESOLVE_ROUTE_FAILED:
260 case SMBDIRECT_SOCKET_RDMA_CONNECT_FAILED:
261 case SMBDIRECT_SOCKET_NEGOTIATE_FAILED:
262 case SMBDIRECT_SOCKET_ERROR:
263 case SMBDIRECT_SOCKET_DISCONNECTING:
264 case SMBDIRECT_SOCKET_DISCONNECTED:
265 case SMBDIRECT_SOCKET_DESTROYED:
266 /*
267 * Keep the current error status
268 */
269 break;
270
271 case SMBDIRECT_SOCKET_RESOLVE_ADDR_NEEDED:
272 case SMBDIRECT_SOCKET_RESOLVE_ADDR_RUNNING:
273 sc->status = SMBDIRECT_SOCKET_RESOLVE_ADDR_FAILED;
274 break;
275
276 case SMBDIRECT_SOCKET_RESOLVE_ROUTE_NEEDED:
277 case SMBDIRECT_SOCKET_RESOLVE_ROUTE_RUNNING:
278 sc->status = SMBDIRECT_SOCKET_RESOLVE_ROUTE_FAILED;
279 break;
280
281 case SMBDIRECT_SOCKET_RDMA_CONNECT_NEEDED:
282 case SMBDIRECT_SOCKET_RDMA_CONNECT_RUNNING:
283 sc->status = SMBDIRECT_SOCKET_RDMA_CONNECT_FAILED;
284 break;
285
286 case SMBDIRECT_SOCKET_NEGOTIATE_NEEDED:
287 case SMBDIRECT_SOCKET_NEGOTIATE_RUNNING:
288 sc->status = SMBDIRECT_SOCKET_NEGOTIATE_FAILED;
289 break;
290
291 case SMBDIRECT_SOCKET_CREATED:
292 case SMBDIRECT_SOCKET_CONNECTED:
293 sc->status = SMBDIRECT_SOCKET_ERROR;
294 break;
295 }
296
297 /*
298 * Wake up all waiters in all wait queues
299 * in order to notice the broken connection.
300 */
301 smbd_disconnect_wake_up_all(sc);
302
303 queue_work(sc->workqueue, &sc->disconnect_work);
304 }
305
306 /* Upcall from RDMA CM */
smbd_conn_upcall(struct rdma_cm_id * id,struct rdma_cm_event * event)307 static int smbd_conn_upcall(
308 struct rdma_cm_id *id, struct rdma_cm_event *event)
309 {
310 struct smbdirect_socket *sc = id->context;
311 struct smbdirect_socket_parameters *sp = &sc->parameters;
312 const char *event_name = rdma_event_msg(event->event);
313 u8 peer_initiator_depth;
314 u8 peer_responder_resources;
315
316 log_rdma_event(INFO, "event=%s status=%d\n",
317 event_name, event->status);
318
319 switch (event->event) {
320 case RDMA_CM_EVENT_ADDR_RESOLVED:
321 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_RESOLVE_ADDR_RUNNING);
322 sc->status = SMBDIRECT_SOCKET_RESOLVE_ROUTE_NEEDED;
323 wake_up(&sc->status_wait);
324 break;
325
326 case RDMA_CM_EVENT_ROUTE_RESOLVED:
327 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_RESOLVE_ROUTE_RUNNING);
328 sc->status = SMBDIRECT_SOCKET_RDMA_CONNECT_NEEDED;
329 wake_up(&sc->status_wait);
330 break;
331
332 case RDMA_CM_EVENT_ADDR_ERROR:
333 log_rdma_event(ERR, "connecting failed event=%s\n", event_name);
334 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_RESOLVE_ADDR_RUNNING);
335 sc->status = SMBDIRECT_SOCKET_RESOLVE_ADDR_FAILED;
336 smbd_disconnect_rdma_work(&sc->disconnect_work);
337 break;
338
339 case RDMA_CM_EVENT_ROUTE_ERROR:
340 log_rdma_event(ERR, "connecting failed event=%s\n", event_name);
341 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_RESOLVE_ROUTE_RUNNING);
342 sc->status = SMBDIRECT_SOCKET_RESOLVE_ROUTE_FAILED;
343 smbd_disconnect_rdma_work(&sc->disconnect_work);
344 break;
345
346 case RDMA_CM_EVENT_ESTABLISHED:
347 log_rdma_event(INFO, "connected event=%s\n", event_name);
348
349 /*
350 * Here we work around an inconsistency between
351 * iWarp and other devices (at least rxe and irdma using RoCEv2)
352 */
353 if (rdma_protocol_iwarp(id->device, id->port_num)) {
354 /*
355 * iWarp devices report the peer's values
356 * with the perspective of the peer here.
357 * Tested with siw and irdma (in iwarp mode)
358 * We need to change to our perspective here,
359 * so we need to switch the values.
360 */
361 peer_initiator_depth = event->param.conn.responder_resources;
362 peer_responder_resources = event->param.conn.initiator_depth;
363 } else {
364 /*
365 * Non iWarp devices report the peer's values
366 * already changed to our perspective here.
367 * Tested with rxe and irdma (in roce mode).
368 */
369 peer_initiator_depth = event->param.conn.initiator_depth;
370 peer_responder_resources = event->param.conn.responder_resources;
371 }
372 if (rdma_protocol_iwarp(id->device, id->port_num) &&
373 event->param.conn.private_data_len == 8) {
374 /*
375 * Legacy clients with only iWarp MPA v1 support
376 * need a private blob in order to negotiate
377 * the IRD/ORD values.
378 */
379 const __be32 *ird_ord_hdr = event->param.conn.private_data;
380 u32 ird32 = be32_to_cpu(ird_ord_hdr[0]);
381 u32 ord32 = be32_to_cpu(ird_ord_hdr[1]);
382
383 /*
384 * cifs.ko sends the legacy IRD/ORD negotiation
385 * event if iWarp MPA v2 was used.
386 *
387 * Here we check that the values match and only
388 * mark the client as legacy if they don't match.
389 */
390 if ((u32)event->param.conn.initiator_depth != ird32 ||
391 (u32)event->param.conn.responder_resources != ord32) {
392 /*
393 * There are broken clients (old cifs.ko)
394 * using little endian and also
395 * struct rdma_conn_param only uses u8
396 * for initiator_depth and responder_resources,
397 * so we truncate the value to U8_MAX.
398 *
399 * smb_direct_accept_client() will then
400 * do the real negotiation in order to
401 * select the minimum between client and
402 * server.
403 */
404 ird32 = min_t(u32, ird32, U8_MAX);
405 ord32 = min_t(u32, ord32, U8_MAX);
406
407 sc->rdma.legacy_iwarp = true;
408 peer_initiator_depth = (u8)ird32;
409 peer_responder_resources = (u8)ord32;
410 }
411 }
412
413 /*
414 * negotiate the value by using the minimum
415 * between client and server if the client provided
416 * non 0 values.
417 */
418 if (peer_initiator_depth != 0)
419 sp->initiator_depth =
420 min_t(u8, sp->initiator_depth,
421 peer_initiator_depth);
422 if (peer_responder_resources != 0)
423 sp->responder_resources =
424 min_t(u8, sp->responder_resources,
425 peer_responder_resources);
426
427 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_RDMA_CONNECT_RUNNING);
428 sc->status = SMBDIRECT_SOCKET_NEGOTIATE_NEEDED;
429 wake_up(&sc->status_wait);
430 break;
431
432 case RDMA_CM_EVENT_CONNECT_ERROR:
433 case RDMA_CM_EVENT_UNREACHABLE:
434 case RDMA_CM_EVENT_REJECTED:
435 log_rdma_event(ERR, "connecting failed event=%s\n", event_name);
436 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_RDMA_CONNECT_RUNNING);
437 sc->status = SMBDIRECT_SOCKET_RDMA_CONNECT_FAILED;
438 smbd_disconnect_rdma_work(&sc->disconnect_work);
439 break;
440
441 case RDMA_CM_EVENT_DEVICE_REMOVAL:
442 case RDMA_CM_EVENT_DISCONNECTED:
443 /* This happens when we fail the negotiation */
444 if (sc->status == SMBDIRECT_SOCKET_NEGOTIATE_FAILED) {
445 log_rdma_event(ERR, "event=%s during negotiation\n", event_name);
446 }
447
448 sc->status = SMBDIRECT_SOCKET_DISCONNECTED;
449 smbd_disconnect_rdma_work(&sc->disconnect_work);
450 break;
451
452 default:
453 log_rdma_event(ERR, "unexpected event=%s status=%d\n",
454 event_name, event->status);
455 break;
456 }
457
458 return 0;
459 }
460
461 /* Upcall from RDMA QP */
462 static void
smbd_qp_async_error_upcall(struct ib_event * event,void * context)463 smbd_qp_async_error_upcall(struct ib_event *event, void *context)
464 {
465 struct smbdirect_socket *sc = context;
466
467 log_rdma_event(ERR, "%s on device %s socket %p\n",
468 ib_event_msg(event->event), event->device->name, sc);
469
470 switch (event->event) {
471 case IB_EVENT_CQ_ERR:
472 case IB_EVENT_QP_FATAL:
473 smbd_disconnect_rdma_connection(sc);
474 break;
475
476 default:
477 break;
478 }
479 }
480
smbdirect_send_io_payload(struct smbdirect_send_io * request)481 static inline void *smbdirect_send_io_payload(struct smbdirect_send_io *request)
482 {
483 return (void *)request->packet;
484 }
485
smbdirect_recv_io_payload(struct smbdirect_recv_io * response)486 static inline void *smbdirect_recv_io_payload(struct smbdirect_recv_io *response)
487 {
488 return (void *)response->packet;
489 }
490
491 /* Called when a RDMA send is done */
send_done(struct ib_cq * cq,struct ib_wc * wc)492 static void send_done(struct ib_cq *cq, struct ib_wc *wc)
493 {
494 int i;
495 struct smbdirect_send_io *request =
496 container_of(wc->wr_cqe, struct smbdirect_send_io, cqe);
497 struct smbdirect_socket *sc = request->socket;
498
499 log_rdma_send(INFO, "smbdirect_send_io 0x%p completed wc->status=%s\n",
500 request, ib_wc_status_msg(wc->status));
501
502 for (i = 0; i < request->num_sge; i++)
503 ib_dma_unmap_single(sc->ib.dev,
504 request->sge[i].addr,
505 request->sge[i].length,
506 DMA_TO_DEVICE);
507
508 if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_SEND) {
509 if (wc->status != IB_WC_WR_FLUSH_ERR)
510 log_rdma_send(ERR, "wc->status=%s wc->opcode=%d\n",
511 ib_wc_status_msg(wc->status), wc->opcode);
512 mempool_free(request, sc->send_io.mem.pool);
513 smbd_disconnect_rdma_connection(sc);
514 return;
515 }
516
517 if (atomic_dec_and_test(&sc->send_io.pending.count))
518 wake_up(&sc->send_io.pending.zero_wait_queue);
519
520 wake_up(&sc->send_io.pending.dec_wait_queue);
521
522 mempool_free(request, sc->send_io.mem.pool);
523 }
524
dump_smbdirect_negotiate_resp(struct smbdirect_negotiate_resp * resp)525 static void dump_smbdirect_negotiate_resp(struct smbdirect_negotiate_resp *resp)
526 {
527 log_rdma_event(INFO, "resp message min_version %u max_version %u negotiated_version %u credits_requested %u credits_granted %u status %u max_readwrite_size %u preferred_send_size %u max_receive_size %u max_fragmented_size %u\n",
528 resp->min_version, resp->max_version,
529 resp->negotiated_version, resp->credits_requested,
530 resp->credits_granted, resp->status,
531 resp->max_readwrite_size, resp->preferred_send_size,
532 resp->max_receive_size, resp->max_fragmented_size);
533 }
534
535 /*
536 * Process a negotiation response message, according to [MS-SMBD]3.1.5.7
537 * response, packet_length: the negotiation response message
538 * return value: true if negotiation is a success, false if failed
539 */
process_negotiation_response(struct smbdirect_recv_io * response,int packet_length)540 static bool process_negotiation_response(
541 struct smbdirect_recv_io *response, int packet_length)
542 {
543 struct smbdirect_socket *sc = response->socket;
544 struct smbdirect_socket_parameters *sp = &sc->parameters;
545 struct smbdirect_negotiate_resp *packet = smbdirect_recv_io_payload(response);
546
547 if (packet_length < sizeof(struct smbdirect_negotiate_resp)) {
548 log_rdma_event(ERR,
549 "error: packet_length=%d\n", packet_length);
550 return false;
551 }
552
553 if (le16_to_cpu(packet->negotiated_version) != SMBDIRECT_V1) {
554 log_rdma_event(ERR, "error: negotiated_version=%x\n",
555 le16_to_cpu(packet->negotiated_version));
556 return false;
557 }
558
559 if (packet->credits_requested == 0) {
560 log_rdma_event(ERR, "error: credits_requested==0\n");
561 return false;
562 }
563 sc->recv_io.credits.target = le16_to_cpu(packet->credits_requested);
564 sc->recv_io.credits.target = min_t(u16, sc->recv_io.credits.target, sp->recv_credit_max);
565
566 if (packet->credits_granted == 0) {
567 log_rdma_event(ERR, "error: credits_granted==0\n");
568 return false;
569 }
570 atomic_set(&sc->send_io.credits.count, le16_to_cpu(packet->credits_granted));
571
572 if (le32_to_cpu(packet->preferred_send_size) > sp->max_recv_size) {
573 log_rdma_event(ERR, "error: preferred_send_size=%d\n",
574 le32_to_cpu(packet->preferred_send_size));
575 return false;
576 }
577 sp->max_recv_size = le32_to_cpu(packet->preferred_send_size);
578
579 if (le32_to_cpu(packet->max_receive_size) < SMBD_MIN_RECEIVE_SIZE) {
580 log_rdma_event(ERR, "error: max_receive_size=%d\n",
581 le32_to_cpu(packet->max_receive_size));
582 return false;
583 }
584 sp->max_send_size = min_t(u32, sp->max_send_size,
585 le32_to_cpu(packet->max_receive_size));
586
587 if (le32_to_cpu(packet->max_fragmented_size) <
588 SMBD_MIN_FRAGMENTED_SIZE) {
589 log_rdma_event(ERR, "error: max_fragmented_size=%d\n",
590 le32_to_cpu(packet->max_fragmented_size));
591 return false;
592 }
593 sp->max_fragmented_send_size =
594 le32_to_cpu(packet->max_fragmented_size);
595
596
597 sp->max_read_write_size = min_t(u32,
598 le32_to_cpu(packet->max_readwrite_size),
599 sp->max_frmr_depth * PAGE_SIZE);
600 sp->max_frmr_depth = sp->max_read_write_size / PAGE_SIZE;
601
602 sc->recv_io.expected = SMBDIRECT_EXPECT_DATA_TRANSFER;
603 return true;
604 }
605
smbd_post_send_credits(struct work_struct * work)606 static void smbd_post_send_credits(struct work_struct *work)
607 {
608 int rc;
609 struct smbdirect_recv_io *response;
610 struct smbdirect_socket *sc =
611 container_of(work, struct smbdirect_socket, recv_io.posted.refill_work);
612
613 if (sc->status != SMBDIRECT_SOCKET_CONNECTED) {
614 return;
615 }
616
617 if (sc->recv_io.credits.target >
618 atomic_read(&sc->recv_io.credits.count)) {
619 while (true) {
620 response = get_receive_buffer(sc);
621 if (!response)
622 break;
623
624 response->first_segment = false;
625 rc = smbd_post_recv(sc, response);
626 if (rc) {
627 log_rdma_recv(ERR,
628 "post_recv failed rc=%d\n", rc);
629 put_receive_buffer(sc, response);
630 break;
631 }
632
633 atomic_inc(&sc->recv_io.posted.count);
634 }
635 }
636
637 /* Promptly send an immediate packet as defined in [MS-SMBD] 3.1.1.1 */
638 if (atomic_read(&sc->recv_io.credits.count) <
639 sc->recv_io.credits.target - 1) {
640 log_keep_alive(INFO, "schedule send of an empty message\n");
641 queue_work(sc->workqueue, &sc->idle.immediate_work);
642 }
643 }
644
645 /* Called from softirq, when recv is done */
recv_done(struct ib_cq * cq,struct ib_wc * wc)646 static void recv_done(struct ib_cq *cq, struct ib_wc *wc)
647 {
648 struct smbdirect_data_transfer *data_transfer;
649 struct smbdirect_recv_io *response =
650 container_of(wc->wr_cqe, struct smbdirect_recv_io, cqe);
651 struct smbdirect_socket *sc = response->socket;
652 struct smbdirect_socket_parameters *sp = &sc->parameters;
653 u16 old_recv_credit_target;
654 u32 data_offset = 0;
655 u32 data_length = 0;
656 u32 remaining_data_length = 0;
657 bool negotiate_done = false;
658
659 log_rdma_recv(INFO,
660 "response=0x%p type=%d wc status=%s wc opcode %d byte_len=%d pkey_index=%u\n",
661 response, sc->recv_io.expected,
662 ib_wc_status_msg(wc->status), wc->opcode,
663 wc->byte_len, wc->pkey_index);
664
665 if (wc->status != IB_WC_SUCCESS || wc->opcode != IB_WC_RECV) {
666 if (wc->status != IB_WC_WR_FLUSH_ERR)
667 log_rdma_recv(ERR, "wc->status=%s opcode=%d\n",
668 ib_wc_status_msg(wc->status), wc->opcode);
669 goto error;
670 }
671
672 ib_dma_sync_single_for_cpu(
673 wc->qp->device,
674 response->sge.addr,
675 response->sge.length,
676 DMA_FROM_DEVICE);
677
678 /*
679 * Reset timer to the keepalive interval in
680 * order to trigger our next keepalive message.
681 */
682 sc->idle.keepalive = SMBDIRECT_KEEPALIVE_NONE;
683 mod_delayed_work(sc->workqueue, &sc->idle.timer_work,
684 msecs_to_jiffies(sp->keepalive_interval_msec));
685
686 switch (sc->recv_io.expected) {
687 /* SMBD negotiation response */
688 case SMBDIRECT_EXPECT_NEGOTIATE_REP:
689 dump_smbdirect_negotiate_resp(smbdirect_recv_io_payload(response));
690 sc->recv_io.reassembly.full_packet_received = true;
691 negotiate_done =
692 process_negotiation_response(response, wc->byte_len);
693 put_receive_buffer(sc, response);
694 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_NEGOTIATE_RUNNING);
695 if (!negotiate_done) {
696 sc->status = SMBDIRECT_SOCKET_NEGOTIATE_FAILED;
697 smbd_disconnect_rdma_connection(sc);
698 } else {
699 sc->status = SMBDIRECT_SOCKET_CONNECTED;
700 wake_up(&sc->status_wait);
701 }
702
703 return;
704
705 /* SMBD data transfer packet */
706 case SMBDIRECT_EXPECT_DATA_TRANSFER:
707 data_transfer = smbdirect_recv_io_payload(response);
708
709 if (wc->byte_len <
710 offsetof(struct smbdirect_data_transfer, padding))
711 goto error;
712
713 remaining_data_length = le32_to_cpu(data_transfer->remaining_data_length);
714 data_offset = le32_to_cpu(data_transfer->data_offset);
715 data_length = le32_to_cpu(data_transfer->data_length);
716 if (wc->byte_len < data_offset ||
717 (u64)wc->byte_len < (u64)data_offset + data_length)
718 goto error;
719
720 if (remaining_data_length > sp->max_fragmented_recv_size ||
721 data_length > sp->max_fragmented_recv_size ||
722 (u64)remaining_data_length + (u64)data_length > (u64)sp->max_fragmented_recv_size)
723 goto error;
724
725 if (data_length) {
726 if (sc->recv_io.reassembly.full_packet_received)
727 response->first_segment = true;
728
729 if (le32_to_cpu(data_transfer->remaining_data_length))
730 sc->recv_io.reassembly.full_packet_received = false;
731 else
732 sc->recv_io.reassembly.full_packet_received = true;
733 }
734
735 atomic_dec(&sc->recv_io.posted.count);
736 atomic_dec(&sc->recv_io.credits.count);
737 old_recv_credit_target = sc->recv_io.credits.target;
738 sc->recv_io.credits.target =
739 le16_to_cpu(data_transfer->credits_requested);
740 sc->recv_io.credits.target =
741 min_t(u16, sc->recv_io.credits.target, sp->recv_credit_max);
742 sc->recv_io.credits.target =
743 max_t(u16, sc->recv_io.credits.target, 1);
744 if (le16_to_cpu(data_transfer->credits_granted)) {
745 atomic_add(le16_to_cpu(data_transfer->credits_granted),
746 &sc->send_io.credits.count);
747 /*
748 * We have new send credits granted from remote peer
749 * If any sender is waiting for credits, unblock it
750 */
751 wake_up(&sc->send_io.credits.wait_queue);
752 }
753
754 log_incoming(INFO, "data flags %d data_offset %d data_length %d remaining_data_length %d\n",
755 le16_to_cpu(data_transfer->flags),
756 le32_to_cpu(data_transfer->data_offset),
757 le32_to_cpu(data_transfer->data_length),
758 le32_to_cpu(data_transfer->remaining_data_length));
759
760 /* Send an immediate response right away if requested */
761 if (le16_to_cpu(data_transfer->flags) &
762 SMBDIRECT_FLAG_RESPONSE_REQUESTED) {
763 log_keep_alive(INFO, "schedule send of immediate response\n");
764 queue_work(sc->workqueue, &sc->idle.immediate_work);
765 }
766
767 /*
768 * If this is a packet with data playload place the data in
769 * reassembly queue and wake up the reading thread
770 */
771 if (data_length) {
772 if (sc->recv_io.credits.target > old_recv_credit_target)
773 queue_work(sc->workqueue, &sc->recv_io.posted.refill_work);
774
775 enqueue_reassembly(sc, response, data_length);
776 wake_up(&sc->recv_io.reassembly.wait_queue);
777 } else
778 put_receive_buffer(sc, response);
779
780 return;
781
782 case SMBDIRECT_EXPECT_NEGOTIATE_REQ:
783 /* Only server... */
784 break;
785 }
786
787 /*
788 * This is an internal error!
789 */
790 log_rdma_recv(ERR, "unexpected response type=%d\n", sc->recv_io.expected);
791 WARN_ON_ONCE(sc->recv_io.expected != SMBDIRECT_EXPECT_DATA_TRANSFER);
792 error:
793 put_receive_buffer(sc, response);
794 smbd_disconnect_rdma_connection(sc);
795 }
796
smbd_create_id(struct smbdirect_socket * sc,struct sockaddr * dstaddr,int port)797 static struct rdma_cm_id *smbd_create_id(
798 struct smbdirect_socket *sc,
799 struct sockaddr *dstaddr, int port)
800 {
801 struct smbdirect_socket_parameters *sp = &sc->parameters;
802 struct rdma_cm_id *id;
803 int rc;
804 __be16 *sport;
805
806 id = rdma_create_id(&init_net, smbd_conn_upcall, sc,
807 RDMA_PS_TCP, IB_QPT_RC);
808 if (IS_ERR(id)) {
809 rc = PTR_ERR(id);
810 log_rdma_event(ERR, "rdma_create_id() failed %i\n", rc);
811 return id;
812 }
813
814 if (dstaddr->sa_family == AF_INET6)
815 sport = &((struct sockaddr_in6 *)dstaddr)->sin6_port;
816 else
817 sport = &((struct sockaddr_in *)dstaddr)->sin_port;
818
819 *sport = htons(port);
820
821 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_RESOLVE_ADDR_NEEDED);
822 sc->status = SMBDIRECT_SOCKET_RESOLVE_ADDR_RUNNING;
823 rc = rdma_resolve_addr(id, NULL, (struct sockaddr *)dstaddr,
824 sp->resolve_addr_timeout_msec);
825 if (rc) {
826 log_rdma_event(ERR, "rdma_resolve_addr() failed %i\n", rc);
827 goto out;
828 }
829 rc = wait_event_interruptible_timeout(
830 sc->status_wait,
831 sc->status != SMBDIRECT_SOCKET_RESOLVE_ADDR_RUNNING,
832 msecs_to_jiffies(sp->resolve_addr_timeout_msec));
833 /* e.g. if interrupted returns -ERESTARTSYS */
834 if (rc < 0) {
835 log_rdma_event(ERR, "rdma_resolve_addr timeout rc: %i\n", rc);
836 goto out;
837 }
838 if (sc->status == SMBDIRECT_SOCKET_RESOLVE_ADDR_RUNNING) {
839 rc = -ETIMEDOUT;
840 log_rdma_event(ERR, "rdma_resolve_addr() completed %i\n", rc);
841 goto out;
842 }
843 if (sc->status != SMBDIRECT_SOCKET_RESOLVE_ROUTE_NEEDED) {
844 rc = -EHOSTUNREACH;
845 log_rdma_event(ERR, "rdma_resolve_addr() completed %i\n", rc);
846 goto out;
847 }
848
849 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_RESOLVE_ROUTE_NEEDED);
850 sc->status = SMBDIRECT_SOCKET_RESOLVE_ROUTE_RUNNING;
851 rc = rdma_resolve_route(id, sp->resolve_route_timeout_msec);
852 if (rc) {
853 log_rdma_event(ERR, "rdma_resolve_route() failed %i\n", rc);
854 goto out;
855 }
856 rc = wait_event_interruptible_timeout(
857 sc->status_wait,
858 sc->status != SMBDIRECT_SOCKET_RESOLVE_ROUTE_RUNNING,
859 msecs_to_jiffies(sp->resolve_route_timeout_msec));
860 /* e.g. if interrupted returns -ERESTARTSYS */
861 if (rc < 0) {
862 log_rdma_event(ERR, "rdma_resolve_addr timeout rc: %i\n", rc);
863 goto out;
864 }
865 if (sc->status == SMBDIRECT_SOCKET_RESOLVE_ROUTE_RUNNING) {
866 rc = -ETIMEDOUT;
867 log_rdma_event(ERR, "rdma_resolve_route() completed %i\n", rc);
868 goto out;
869 }
870 if (sc->status != SMBDIRECT_SOCKET_RDMA_CONNECT_NEEDED) {
871 rc = -ENETUNREACH;
872 log_rdma_event(ERR, "rdma_resolve_route() completed %i\n", rc);
873 goto out;
874 }
875
876 return id;
877
878 out:
879 rdma_destroy_id(id);
880 return ERR_PTR(rc);
881 }
882
883 /*
884 * Test if FRWR (Fast Registration Work Requests) is supported on the device
885 * This implementation requires FRWR on RDMA read/write
886 * return value: true if it is supported
887 */
frwr_is_supported(struct ib_device_attr * attrs)888 static bool frwr_is_supported(struct ib_device_attr *attrs)
889 {
890 if (!(attrs->device_cap_flags & IB_DEVICE_MEM_MGT_EXTENSIONS))
891 return false;
892 if (attrs->max_fast_reg_page_list_len == 0)
893 return false;
894 return true;
895 }
896
smbd_ia_open(struct smbdirect_socket * sc,struct sockaddr * dstaddr,int port)897 static int smbd_ia_open(
898 struct smbdirect_socket *sc,
899 struct sockaddr *dstaddr, int port)
900 {
901 struct smbdirect_socket_parameters *sp = &sc->parameters;
902 int rc;
903
904 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_CREATED);
905 sc->status = SMBDIRECT_SOCKET_RESOLVE_ADDR_NEEDED;
906
907 sc->rdma.cm_id = smbd_create_id(sc, dstaddr, port);
908 if (IS_ERR(sc->rdma.cm_id)) {
909 rc = PTR_ERR(sc->rdma.cm_id);
910 goto out1;
911 }
912 sc->ib.dev = sc->rdma.cm_id->device;
913
914 if (!frwr_is_supported(&sc->ib.dev->attrs)) {
915 log_rdma_event(ERR, "Fast Registration Work Requests (FRWR) is not supported\n");
916 log_rdma_event(ERR, "Device capability flags = %llx max_fast_reg_page_list_len = %u\n",
917 sc->ib.dev->attrs.device_cap_flags,
918 sc->ib.dev->attrs.max_fast_reg_page_list_len);
919 rc = -EPROTONOSUPPORT;
920 goto out2;
921 }
922 sp->max_frmr_depth = min_t(u32,
923 sp->max_frmr_depth,
924 sc->ib.dev->attrs.max_fast_reg_page_list_len);
925 sc->mr_io.type = IB_MR_TYPE_MEM_REG;
926 if (sc->ib.dev->attrs.kernel_cap_flags & IBK_SG_GAPS_REG)
927 sc->mr_io.type = IB_MR_TYPE_SG_GAPS;
928
929 return 0;
930
931 out2:
932 rdma_destroy_id(sc->rdma.cm_id);
933 sc->rdma.cm_id = NULL;
934
935 out1:
936 return rc;
937 }
938
939 /*
940 * Send a negotiation request message to the peer
941 * The negotiation procedure is in [MS-SMBD] 3.1.5.2 and 3.1.5.3
942 * After negotiation, the transport is connected and ready for
943 * carrying upper layer SMB payload
944 */
smbd_post_send_negotiate_req(struct smbdirect_socket * sc)945 static int smbd_post_send_negotiate_req(struct smbdirect_socket *sc)
946 {
947 struct smbdirect_socket_parameters *sp = &sc->parameters;
948 struct ib_send_wr send_wr;
949 int rc = -ENOMEM;
950 struct smbdirect_send_io *request;
951 struct smbdirect_negotiate_req *packet;
952
953 request = mempool_alloc(sc->send_io.mem.pool, GFP_KERNEL);
954 if (!request)
955 return rc;
956
957 request->socket = sc;
958
959 packet = smbdirect_send_io_payload(request);
960 packet->min_version = cpu_to_le16(SMBDIRECT_V1);
961 packet->max_version = cpu_to_le16(SMBDIRECT_V1);
962 packet->reserved = 0;
963 packet->credits_requested = cpu_to_le16(sp->send_credit_target);
964 packet->preferred_send_size = cpu_to_le32(sp->max_send_size);
965 packet->max_receive_size = cpu_to_le32(sp->max_recv_size);
966 packet->max_fragmented_size =
967 cpu_to_le32(sp->max_fragmented_recv_size);
968
969 request->num_sge = 1;
970 request->sge[0].addr = ib_dma_map_single(
971 sc->ib.dev, (void *)packet,
972 sizeof(*packet), DMA_TO_DEVICE);
973 if (ib_dma_mapping_error(sc->ib.dev, request->sge[0].addr)) {
974 rc = -EIO;
975 goto dma_mapping_failed;
976 }
977
978 request->sge[0].length = sizeof(*packet);
979 request->sge[0].lkey = sc->ib.pd->local_dma_lkey;
980
981 ib_dma_sync_single_for_device(
982 sc->ib.dev, request->sge[0].addr,
983 request->sge[0].length, DMA_TO_DEVICE);
984
985 request->cqe.done = send_done;
986
987 send_wr.next = NULL;
988 send_wr.wr_cqe = &request->cqe;
989 send_wr.sg_list = request->sge;
990 send_wr.num_sge = request->num_sge;
991 send_wr.opcode = IB_WR_SEND;
992 send_wr.send_flags = IB_SEND_SIGNALED;
993
994 log_rdma_send(INFO, "sge addr=0x%llx length=%u lkey=0x%x\n",
995 request->sge[0].addr,
996 request->sge[0].length, request->sge[0].lkey);
997
998 atomic_inc(&sc->send_io.pending.count);
999 rc = ib_post_send(sc->ib.qp, &send_wr, NULL);
1000 if (!rc)
1001 return 0;
1002
1003 /* if we reach here, post send failed */
1004 log_rdma_send(ERR, "ib_post_send failed rc=%d\n", rc);
1005 atomic_dec(&sc->send_io.pending.count);
1006 ib_dma_unmap_single(sc->ib.dev, request->sge[0].addr,
1007 request->sge[0].length, DMA_TO_DEVICE);
1008
1009 smbd_disconnect_rdma_connection(sc);
1010
1011 dma_mapping_failed:
1012 mempool_free(request, sc->send_io.mem.pool);
1013 return rc;
1014 }
1015
1016 /*
1017 * Extend the credits to remote peer
1018 * This implements [MS-SMBD] 3.1.5.9
1019 * The idea is that we should extend credits to remote peer as quickly as
1020 * it's allowed, to maintain data flow. We allocate as much receive
1021 * buffer as possible, and extend the receive credits to remote peer
1022 * return value: the new credtis being granted.
1023 */
manage_credits_prior_sending(struct smbdirect_socket * sc)1024 static int manage_credits_prior_sending(struct smbdirect_socket *sc)
1025 {
1026 int new_credits;
1027
1028 if (atomic_read(&sc->recv_io.credits.count) >= sc->recv_io.credits.target)
1029 return 0;
1030
1031 new_credits = atomic_read(&sc->recv_io.posted.count);
1032 if (new_credits == 0)
1033 return 0;
1034
1035 new_credits -= atomic_read(&sc->recv_io.credits.count);
1036 if (new_credits <= 0)
1037 return 0;
1038
1039 return new_credits;
1040 }
1041
1042 /*
1043 * Check if we need to send a KEEP_ALIVE message
1044 * The idle connection timer triggers a KEEP_ALIVE message when expires
1045 * SMBDIRECT_FLAG_RESPONSE_REQUESTED is set in the message flag to have peer send
1046 * back a response.
1047 * return value:
1048 * 1 if SMBDIRECT_FLAG_RESPONSE_REQUESTED needs to be set
1049 * 0: otherwise
1050 */
manage_keep_alive_before_sending(struct smbdirect_socket * sc)1051 static int manage_keep_alive_before_sending(struct smbdirect_socket *sc)
1052 {
1053 struct smbdirect_socket_parameters *sp = &sc->parameters;
1054
1055 if (sc->idle.keepalive == SMBDIRECT_KEEPALIVE_PENDING) {
1056 sc->idle.keepalive = SMBDIRECT_KEEPALIVE_SENT;
1057 /*
1058 * Now use the keepalive timeout (instead of keepalive interval)
1059 * in order to wait for a response
1060 */
1061 mod_delayed_work(sc->workqueue, &sc->idle.timer_work,
1062 msecs_to_jiffies(sp->keepalive_timeout_msec));
1063 return 1;
1064 }
1065 return 0;
1066 }
1067
1068 /* Post the send request */
smbd_post_send(struct smbdirect_socket * sc,struct smbdirect_send_io * request)1069 static int smbd_post_send(struct smbdirect_socket *sc,
1070 struct smbdirect_send_io *request)
1071 {
1072 struct ib_send_wr send_wr;
1073 int rc, i;
1074
1075 for (i = 0; i < request->num_sge; i++) {
1076 log_rdma_send(INFO,
1077 "rdma_request sge[%d] addr=0x%llx length=%u\n",
1078 i, request->sge[i].addr, request->sge[i].length);
1079 ib_dma_sync_single_for_device(
1080 sc->ib.dev,
1081 request->sge[i].addr,
1082 request->sge[i].length,
1083 DMA_TO_DEVICE);
1084 }
1085
1086 request->cqe.done = send_done;
1087
1088 send_wr.next = NULL;
1089 send_wr.wr_cqe = &request->cqe;
1090 send_wr.sg_list = request->sge;
1091 send_wr.num_sge = request->num_sge;
1092 send_wr.opcode = IB_WR_SEND;
1093 send_wr.send_flags = IB_SEND_SIGNALED;
1094
1095 rc = ib_post_send(sc->ib.qp, &send_wr, NULL);
1096 if (rc) {
1097 log_rdma_send(ERR, "ib_post_send failed rc=%d\n", rc);
1098 smbd_disconnect_rdma_connection(sc);
1099 rc = -EAGAIN;
1100 }
1101
1102 return rc;
1103 }
1104
smbd_post_send_iter(struct smbdirect_socket * sc,struct iov_iter * iter,int * _remaining_data_length)1105 static int smbd_post_send_iter(struct smbdirect_socket *sc,
1106 struct iov_iter *iter,
1107 int *_remaining_data_length)
1108 {
1109 struct smbdirect_socket_parameters *sp = &sc->parameters;
1110 int i, rc;
1111 int header_length;
1112 int data_length;
1113 struct smbdirect_send_io *request;
1114 struct smbdirect_data_transfer *packet;
1115 int new_credits = 0;
1116
1117 wait_credit:
1118 /* Wait for send credits. A SMBD packet needs one credit */
1119 rc = wait_event_interruptible(sc->send_io.credits.wait_queue,
1120 atomic_read(&sc->send_io.credits.count) > 0 ||
1121 sc->status != SMBDIRECT_SOCKET_CONNECTED);
1122 if (rc)
1123 goto err_wait_credit;
1124
1125 if (sc->status != SMBDIRECT_SOCKET_CONNECTED) {
1126 log_outgoing(ERR, "disconnected not sending on wait_credit\n");
1127 rc = -EAGAIN;
1128 goto err_wait_credit;
1129 }
1130 if (unlikely(atomic_dec_return(&sc->send_io.credits.count) < 0)) {
1131 atomic_inc(&sc->send_io.credits.count);
1132 goto wait_credit;
1133 }
1134
1135 wait_send_queue:
1136 wait_event(sc->send_io.pending.dec_wait_queue,
1137 atomic_read(&sc->send_io.pending.count) < sp->send_credit_target ||
1138 sc->status != SMBDIRECT_SOCKET_CONNECTED);
1139
1140 if (sc->status != SMBDIRECT_SOCKET_CONNECTED) {
1141 log_outgoing(ERR, "disconnected not sending on wait_send_queue\n");
1142 rc = -EAGAIN;
1143 goto err_wait_send_queue;
1144 }
1145
1146 if (unlikely(atomic_inc_return(&sc->send_io.pending.count) >
1147 sp->send_credit_target)) {
1148 atomic_dec(&sc->send_io.pending.count);
1149 goto wait_send_queue;
1150 }
1151
1152 request = mempool_alloc(sc->send_io.mem.pool, GFP_KERNEL);
1153 if (!request) {
1154 rc = -ENOMEM;
1155 goto err_alloc;
1156 }
1157
1158 request->socket = sc;
1159 memset(request->sge, 0, sizeof(request->sge));
1160
1161 /* Map the packet to DMA */
1162 header_length = sizeof(struct smbdirect_data_transfer);
1163 /* If this is a packet without payload, don't send padding */
1164 if (!iter)
1165 header_length = offsetof(struct smbdirect_data_transfer, padding);
1166
1167 packet = smbdirect_send_io_payload(request);
1168 request->sge[0].addr = ib_dma_map_single(sc->ib.dev,
1169 (void *)packet,
1170 header_length,
1171 DMA_TO_DEVICE);
1172 if (ib_dma_mapping_error(sc->ib.dev, request->sge[0].addr)) {
1173 rc = -EIO;
1174 goto err_dma;
1175 }
1176
1177 request->sge[0].length = header_length;
1178 request->sge[0].lkey = sc->ib.pd->local_dma_lkey;
1179 request->num_sge = 1;
1180
1181 /* Fill in the data payload to find out how much data we can add */
1182 if (iter) {
1183 struct smb_extract_to_rdma extract = {
1184 .nr_sge = request->num_sge,
1185 .max_sge = SMBDIRECT_SEND_IO_MAX_SGE,
1186 .sge = request->sge,
1187 .device = sc->ib.dev,
1188 .local_dma_lkey = sc->ib.pd->local_dma_lkey,
1189 .direction = DMA_TO_DEVICE,
1190 };
1191 size_t payload_len = umin(*_remaining_data_length,
1192 sp->max_send_size - sizeof(*packet));
1193
1194 rc = smb_extract_iter_to_rdma(iter, payload_len,
1195 &extract);
1196 if (rc < 0)
1197 goto err_dma;
1198 data_length = rc;
1199 request->num_sge = extract.nr_sge;
1200 *_remaining_data_length -= data_length;
1201 } else {
1202 data_length = 0;
1203 }
1204
1205 /* Fill in the packet header */
1206 packet->credits_requested = cpu_to_le16(sp->send_credit_target);
1207
1208 new_credits = manage_credits_prior_sending(sc);
1209 atomic_add(new_credits, &sc->recv_io.credits.count);
1210 packet->credits_granted = cpu_to_le16(new_credits);
1211
1212 packet->flags = 0;
1213 if (manage_keep_alive_before_sending(sc))
1214 packet->flags |= cpu_to_le16(SMBDIRECT_FLAG_RESPONSE_REQUESTED);
1215
1216 packet->reserved = 0;
1217 if (!data_length)
1218 packet->data_offset = 0;
1219 else
1220 packet->data_offset = cpu_to_le32(24);
1221 packet->data_length = cpu_to_le32(data_length);
1222 packet->remaining_data_length = cpu_to_le32(*_remaining_data_length);
1223 packet->padding = 0;
1224
1225 log_outgoing(INFO, "credits_requested=%d credits_granted=%d data_offset=%d data_length=%d remaining_data_length=%d\n",
1226 le16_to_cpu(packet->credits_requested),
1227 le16_to_cpu(packet->credits_granted),
1228 le32_to_cpu(packet->data_offset),
1229 le32_to_cpu(packet->data_length),
1230 le32_to_cpu(packet->remaining_data_length));
1231
1232 rc = smbd_post_send(sc, request);
1233 if (!rc)
1234 return 0;
1235
1236 err_dma:
1237 for (i = 0; i < request->num_sge; i++)
1238 if (request->sge[i].addr)
1239 ib_dma_unmap_single(sc->ib.dev,
1240 request->sge[i].addr,
1241 request->sge[i].length,
1242 DMA_TO_DEVICE);
1243 mempool_free(request, sc->send_io.mem.pool);
1244
1245 /* roll back the granted receive credits */
1246 atomic_sub(new_credits, &sc->recv_io.credits.count);
1247
1248 err_alloc:
1249 if (atomic_dec_and_test(&sc->send_io.pending.count))
1250 wake_up(&sc->send_io.pending.zero_wait_queue);
1251
1252 err_wait_send_queue:
1253 /* roll back send credits and pending */
1254 atomic_inc(&sc->send_io.credits.count);
1255
1256 err_wait_credit:
1257 return rc;
1258 }
1259
1260 /*
1261 * Send an empty message
1262 * Empty message is used to extend credits to peer to for keep live
1263 * while there is no upper layer payload to send at the time
1264 */
smbd_post_send_empty(struct smbdirect_socket * sc)1265 static int smbd_post_send_empty(struct smbdirect_socket *sc)
1266 {
1267 int remaining_data_length = 0;
1268
1269 sc->statistics.send_empty++;
1270 return smbd_post_send_iter(sc, NULL, &remaining_data_length);
1271 }
1272
smbd_post_send_full_iter(struct smbdirect_socket * sc,struct iov_iter * iter,int * _remaining_data_length)1273 static int smbd_post_send_full_iter(struct smbdirect_socket *sc,
1274 struct iov_iter *iter,
1275 int *_remaining_data_length)
1276 {
1277 int rc = 0;
1278
1279 /*
1280 * smbd_post_send_iter() respects the
1281 * negotiated max_send_size, so we need to
1282 * loop until the full iter is posted
1283 */
1284
1285 while (iov_iter_count(iter) > 0) {
1286 rc = smbd_post_send_iter(sc, iter, _remaining_data_length);
1287 if (rc < 0)
1288 break;
1289 }
1290
1291 return rc;
1292 }
1293
1294 /*
1295 * Post a receive request to the transport
1296 * The remote peer can only send data when a receive request is posted
1297 * The interaction is controlled by send/receive credit system
1298 */
smbd_post_recv(struct smbdirect_socket * sc,struct smbdirect_recv_io * response)1299 static int smbd_post_recv(
1300 struct smbdirect_socket *sc, struct smbdirect_recv_io *response)
1301 {
1302 struct smbdirect_socket_parameters *sp = &sc->parameters;
1303 struct ib_recv_wr recv_wr;
1304 int rc = -EIO;
1305
1306 response->sge.addr = ib_dma_map_single(
1307 sc->ib.dev, response->packet,
1308 sp->max_recv_size, DMA_FROM_DEVICE);
1309 if (ib_dma_mapping_error(sc->ib.dev, response->sge.addr))
1310 return rc;
1311
1312 response->sge.length = sp->max_recv_size;
1313 response->sge.lkey = sc->ib.pd->local_dma_lkey;
1314
1315 response->cqe.done = recv_done;
1316
1317 recv_wr.wr_cqe = &response->cqe;
1318 recv_wr.next = NULL;
1319 recv_wr.sg_list = &response->sge;
1320 recv_wr.num_sge = 1;
1321
1322 rc = ib_post_recv(sc->ib.qp, &recv_wr, NULL);
1323 if (rc) {
1324 ib_dma_unmap_single(sc->ib.dev, response->sge.addr,
1325 response->sge.length, DMA_FROM_DEVICE);
1326 response->sge.length = 0;
1327 smbd_disconnect_rdma_connection(sc);
1328 log_rdma_recv(ERR, "ib_post_recv failed rc=%d\n", rc);
1329 }
1330
1331 return rc;
1332 }
1333
1334 /* Perform SMBD negotiate according to [MS-SMBD] 3.1.5.2 */
smbd_negotiate(struct smbdirect_socket * sc)1335 static int smbd_negotiate(struct smbdirect_socket *sc)
1336 {
1337 struct smbdirect_socket_parameters *sp = &sc->parameters;
1338 int rc;
1339 struct smbdirect_recv_io *response = get_receive_buffer(sc);
1340
1341 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_NEGOTIATE_NEEDED);
1342 sc->status = SMBDIRECT_SOCKET_NEGOTIATE_RUNNING;
1343
1344 sc->recv_io.expected = SMBDIRECT_EXPECT_NEGOTIATE_REP;
1345 rc = smbd_post_recv(sc, response);
1346 log_rdma_event(INFO, "smbd_post_recv rc=%d iov.addr=0x%llx iov.length=%u iov.lkey=0x%x\n",
1347 rc, response->sge.addr,
1348 response->sge.length, response->sge.lkey);
1349 if (rc) {
1350 put_receive_buffer(sc, response);
1351 return rc;
1352 }
1353
1354 rc = smbd_post_send_negotiate_req(sc);
1355 if (rc)
1356 return rc;
1357
1358 rc = wait_event_interruptible_timeout(
1359 sc->status_wait,
1360 sc->status != SMBDIRECT_SOCKET_NEGOTIATE_RUNNING,
1361 msecs_to_jiffies(sp->negotiate_timeout_msec));
1362 log_rdma_event(INFO, "wait_event_interruptible_timeout rc=%d\n", rc);
1363
1364 if (sc->status == SMBDIRECT_SOCKET_CONNECTED)
1365 return 0;
1366
1367 if (rc == 0)
1368 rc = -ETIMEDOUT;
1369 else if (rc == -ERESTARTSYS)
1370 rc = -EINTR;
1371 else
1372 rc = -ENOTCONN;
1373
1374 return rc;
1375 }
1376
1377 /*
1378 * Implement Connection.FragmentReassemblyBuffer defined in [MS-SMBD] 3.1.1.1
1379 * This is a queue for reassembling upper layer payload and present to upper
1380 * layer. All the inncoming payload go to the reassembly queue, regardless of
1381 * if reassembly is required. The uuper layer code reads from the queue for all
1382 * incoming payloads.
1383 * Put a received packet to the reassembly queue
1384 * response: the packet received
1385 * data_length: the size of payload in this packet
1386 */
enqueue_reassembly(struct smbdirect_socket * sc,struct smbdirect_recv_io * response,int data_length)1387 static void enqueue_reassembly(
1388 struct smbdirect_socket *sc,
1389 struct smbdirect_recv_io *response,
1390 int data_length)
1391 {
1392 unsigned long flags;
1393
1394 spin_lock_irqsave(&sc->recv_io.reassembly.lock, flags);
1395 list_add_tail(&response->list, &sc->recv_io.reassembly.list);
1396 sc->recv_io.reassembly.queue_length++;
1397 /*
1398 * Make sure reassembly_data_length is updated after list and
1399 * reassembly_queue_length are updated. On the dequeue side
1400 * reassembly_data_length is checked without a lock to determine
1401 * if reassembly_queue_length and list is up to date
1402 */
1403 virt_wmb();
1404 sc->recv_io.reassembly.data_length += data_length;
1405 spin_unlock_irqrestore(&sc->recv_io.reassembly.lock, flags);
1406 sc->statistics.enqueue_reassembly_queue++;
1407 }
1408
1409 /*
1410 * Get the first entry at the front of reassembly queue
1411 * Caller is responsible for locking
1412 * return value: the first entry if any, NULL if queue is empty
1413 */
_get_first_reassembly(struct smbdirect_socket * sc)1414 static struct smbdirect_recv_io *_get_first_reassembly(struct smbdirect_socket *sc)
1415 {
1416 struct smbdirect_recv_io *ret = NULL;
1417
1418 if (!list_empty(&sc->recv_io.reassembly.list)) {
1419 ret = list_first_entry(
1420 &sc->recv_io.reassembly.list,
1421 struct smbdirect_recv_io, list);
1422 }
1423 return ret;
1424 }
1425
1426 /*
1427 * Get a receive buffer
1428 * For each remote send, we need to post a receive. The receive buffers are
1429 * pre-allocated in advance.
1430 * return value: the receive buffer, NULL if none is available
1431 */
get_receive_buffer(struct smbdirect_socket * sc)1432 static struct smbdirect_recv_io *get_receive_buffer(struct smbdirect_socket *sc)
1433 {
1434 struct smbdirect_recv_io *ret = NULL;
1435 unsigned long flags;
1436
1437 spin_lock_irqsave(&sc->recv_io.free.lock, flags);
1438 if (!list_empty(&sc->recv_io.free.list)) {
1439 ret = list_first_entry(
1440 &sc->recv_io.free.list,
1441 struct smbdirect_recv_io, list);
1442 list_del(&ret->list);
1443 sc->statistics.get_receive_buffer++;
1444 }
1445 spin_unlock_irqrestore(&sc->recv_io.free.lock, flags);
1446
1447 return ret;
1448 }
1449
1450 /*
1451 * Return a receive buffer
1452 * Upon returning of a receive buffer, we can post new receive and extend
1453 * more receive credits to remote peer. This is done immediately after a
1454 * receive buffer is returned.
1455 */
put_receive_buffer(struct smbdirect_socket * sc,struct smbdirect_recv_io * response)1456 static void put_receive_buffer(
1457 struct smbdirect_socket *sc, struct smbdirect_recv_io *response)
1458 {
1459 unsigned long flags;
1460
1461 if (likely(response->sge.length != 0)) {
1462 ib_dma_unmap_single(sc->ib.dev,
1463 response->sge.addr,
1464 response->sge.length,
1465 DMA_FROM_DEVICE);
1466 response->sge.length = 0;
1467 }
1468
1469 spin_lock_irqsave(&sc->recv_io.free.lock, flags);
1470 list_add_tail(&response->list, &sc->recv_io.free.list);
1471 sc->statistics.put_receive_buffer++;
1472 spin_unlock_irqrestore(&sc->recv_io.free.lock, flags);
1473
1474 queue_work(sc->workqueue, &sc->recv_io.posted.refill_work);
1475 }
1476
1477 /* Preallocate all receive buffer on transport establishment */
allocate_receive_buffers(struct smbdirect_socket * sc,int num_buf)1478 static int allocate_receive_buffers(struct smbdirect_socket *sc, int num_buf)
1479 {
1480 struct smbdirect_recv_io *response;
1481 int i;
1482
1483 for (i = 0; i < num_buf; i++) {
1484 response = mempool_alloc(sc->recv_io.mem.pool, GFP_KERNEL);
1485 if (!response)
1486 goto allocate_failed;
1487
1488 response->socket = sc;
1489 response->sge.length = 0;
1490 list_add_tail(&response->list, &sc->recv_io.free.list);
1491 }
1492
1493 return 0;
1494
1495 allocate_failed:
1496 while (!list_empty(&sc->recv_io.free.list)) {
1497 response = list_first_entry(
1498 &sc->recv_io.free.list,
1499 struct smbdirect_recv_io, list);
1500 list_del(&response->list);
1501
1502 mempool_free(response, sc->recv_io.mem.pool);
1503 }
1504 return -ENOMEM;
1505 }
1506
destroy_receive_buffers(struct smbdirect_socket * sc)1507 static void destroy_receive_buffers(struct smbdirect_socket *sc)
1508 {
1509 struct smbdirect_recv_io *response;
1510
1511 while ((response = get_receive_buffer(sc)))
1512 mempool_free(response, sc->recv_io.mem.pool);
1513 }
1514
send_immediate_empty_message(struct work_struct * work)1515 static void send_immediate_empty_message(struct work_struct *work)
1516 {
1517 struct smbdirect_socket *sc =
1518 container_of(work, struct smbdirect_socket, idle.immediate_work);
1519
1520 if (sc->status != SMBDIRECT_SOCKET_CONNECTED)
1521 return;
1522
1523 log_keep_alive(INFO, "send an empty message\n");
1524 smbd_post_send_empty(sc);
1525 }
1526
1527 /* Implement idle connection timer [MS-SMBD] 3.1.6.2 */
idle_connection_timer(struct work_struct * work)1528 static void idle_connection_timer(struct work_struct *work)
1529 {
1530 struct smbdirect_socket *sc =
1531 container_of(work, struct smbdirect_socket, idle.timer_work.work);
1532 struct smbdirect_socket_parameters *sp = &sc->parameters;
1533
1534 if (sc->idle.keepalive != SMBDIRECT_KEEPALIVE_NONE) {
1535 log_keep_alive(ERR,
1536 "error status sc->idle.keepalive=%d\n",
1537 sc->idle.keepalive);
1538 smbd_disconnect_rdma_connection(sc);
1539 return;
1540 }
1541
1542 if (sc->status != SMBDIRECT_SOCKET_CONNECTED)
1543 return;
1544
1545 /*
1546 * Now use the keepalive timeout (instead of keepalive interval)
1547 * in order to wait for a response
1548 */
1549 sc->idle.keepalive = SMBDIRECT_KEEPALIVE_PENDING;
1550 mod_delayed_work(sc->workqueue, &sc->idle.timer_work,
1551 msecs_to_jiffies(sp->keepalive_timeout_msec));
1552 log_keep_alive(INFO, "schedule send of empty idle message\n");
1553 queue_work(sc->workqueue, &sc->idle.immediate_work);
1554 }
1555
1556 /*
1557 * Destroy the transport and related RDMA and memory resources
1558 * Need to go through all the pending counters and make sure on one is using
1559 * the transport while it is destroyed
1560 */
smbd_destroy(struct TCP_Server_Info * server)1561 void smbd_destroy(struct TCP_Server_Info *server)
1562 {
1563 struct smbd_connection *info = server->smbd_conn;
1564 struct smbdirect_socket *sc;
1565 struct smbdirect_recv_io *response;
1566 unsigned long flags;
1567
1568 if (!info) {
1569 log_rdma_event(INFO, "rdma session already destroyed\n");
1570 return;
1571 }
1572 sc = &info->socket;
1573
1574 log_rdma_event(INFO, "cancelling and disable disconnect_work\n");
1575 disable_work_sync(&sc->disconnect_work);
1576
1577 log_rdma_event(INFO, "destroying rdma session\n");
1578 if (sc->status < SMBDIRECT_SOCKET_DISCONNECTING) {
1579 smbd_disconnect_rdma_work(&sc->disconnect_work);
1580 log_rdma_event(INFO, "wait for transport being disconnected\n");
1581 wait_event_interruptible(
1582 sc->status_wait,
1583 sc->status == SMBDIRECT_SOCKET_DISCONNECTED);
1584 }
1585
1586 /*
1587 * Wake up all waiters in all wait queues
1588 * in order to notice the broken connection.
1589 *
1590 * Most likely this was already called via
1591 * smbd_disconnect_rdma_work(), but call it again...
1592 */
1593 smbd_disconnect_wake_up_all(sc);
1594
1595 log_rdma_event(INFO, "cancelling recv_io.posted.refill_work\n");
1596 disable_work_sync(&sc->recv_io.posted.refill_work);
1597
1598 log_rdma_event(INFO, "destroying qp\n");
1599 ib_drain_qp(sc->ib.qp);
1600 rdma_destroy_qp(sc->rdma.cm_id);
1601 sc->ib.qp = NULL;
1602
1603 log_rdma_event(INFO, "cancelling idle timer\n");
1604 disable_delayed_work_sync(&sc->idle.timer_work);
1605 log_rdma_event(INFO, "cancelling send immediate work\n");
1606 disable_work_sync(&sc->idle.immediate_work);
1607
1608 /* It's not possible for upper layer to get to reassembly */
1609 log_rdma_event(INFO, "drain the reassembly queue\n");
1610 do {
1611 spin_lock_irqsave(&sc->recv_io.reassembly.lock, flags);
1612 response = _get_first_reassembly(sc);
1613 if (response) {
1614 list_del(&response->list);
1615 spin_unlock_irqrestore(
1616 &sc->recv_io.reassembly.lock, flags);
1617 put_receive_buffer(sc, response);
1618 } else
1619 spin_unlock_irqrestore(
1620 &sc->recv_io.reassembly.lock, flags);
1621 } while (response);
1622 sc->recv_io.reassembly.data_length = 0;
1623
1624 log_rdma_event(INFO, "free receive buffers\n");
1625 destroy_receive_buffers(sc);
1626
1627 /*
1628 * For performance reasons, memory registration and deregistration
1629 * are not locked by srv_mutex. It is possible some processes are
1630 * blocked on transport srv_mutex while holding memory registration.
1631 * Release the transport srv_mutex to allow them to hit the failure
1632 * path when sending data, and then release memory registrations.
1633 */
1634 log_rdma_event(INFO, "freeing mr list\n");
1635 while (atomic_read(&sc->mr_io.used.count)) {
1636 cifs_server_unlock(server);
1637 msleep(1000);
1638 cifs_server_lock(server);
1639 }
1640 destroy_mr_list(sc);
1641
1642 ib_free_cq(sc->ib.send_cq);
1643 ib_free_cq(sc->ib.recv_cq);
1644 ib_dealloc_pd(sc->ib.pd);
1645 rdma_destroy_id(sc->rdma.cm_id);
1646
1647 /* free mempools */
1648 mempool_destroy(sc->send_io.mem.pool);
1649 kmem_cache_destroy(sc->send_io.mem.cache);
1650
1651 mempool_destroy(sc->recv_io.mem.pool);
1652 kmem_cache_destroy(sc->recv_io.mem.cache);
1653
1654 sc->status = SMBDIRECT_SOCKET_DESTROYED;
1655
1656 destroy_workqueue(sc->workqueue);
1657 log_rdma_event(INFO, "rdma session destroyed\n");
1658 kfree(info);
1659 server->smbd_conn = NULL;
1660 }
1661
1662 /*
1663 * Reconnect this SMBD connection, called from upper layer
1664 * return value: 0 on success, or actual error code
1665 */
smbd_reconnect(struct TCP_Server_Info * server)1666 int smbd_reconnect(struct TCP_Server_Info *server)
1667 {
1668 log_rdma_event(INFO, "reconnecting rdma session\n");
1669
1670 if (!server->smbd_conn) {
1671 log_rdma_event(INFO, "rdma session already destroyed\n");
1672 goto create_conn;
1673 }
1674
1675 /*
1676 * This is possible if transport is disconnected and we haven't received
1677 * notification from RDMA, but upper layer has detected timeout
1678 */
1679 if (server->smbd_conn->socket.status == SMBDIRECT_SOCKET_CONNECTED) {
1680 log_rdma_event(INFO, "disconnecting transport\n");
1681 smbd_destroy(server);
1682 }
1683
1684 create_conn:
1685 log_rdma_event(INFO, "creating rdma session\n");
1686 server->smbd_conn = smbd_get_connection(
1687 server, (struct sockaddr *) &server->dstaddr);
1688
1689 if (server->smbd_conn) {
1690 cifs_dbg(VFS, "RDMA transport re-established\n");
1691 trace_smb3_smbd_connect_done(server->hostname, server->conn_id, &server->dstaddr);
1692 return 0;
1693 }
1694 trace_smb3_smbd_connect_err(server->hostname, server->conn_id, &server->dstaddr);
1695 return -ENOENT;
1696 }
1697
destroy_caches(struct smbdirect_socket * sc)1698 static void destroy_caches(struct smbdirect_socket *sc)
1699 {
1700 destroy_receive_buffers(sc);
1701 mempool_destroy(sc->recv_io.mem.pool);
1702 kmem_cache_destroy(sc->recv_io.mem.cache);
1703 mempool_destroy(sc->send_io.mem.pool);
1704 kmem_cache_destroy(sc->send_io.mem.cache);
1705 }
1706
1707 #define MAX_NAME_LEN 80
allocate_caches(struct smbdirect_socket * sc)1708 static int allocate_caches(struct smbdirect_socket *sc)
1709 {
1710 struct smbdirect_socket_parameters *sp = &sc->parameters;
1711 char name[MAX_NAME_LEN];
1712 int rc;
1713
1714 if (WARN_ON_ONCE(sp->max_recv_size < sizeof(struct smbdirect_data_transfer)))
1715 return -ENOMEM;
1716
1717 scnprintf(name, MAX_NAME_LEN, "smbdirect_send_io_%p", sc);
1718 sc->send_io.mem.cache =
1719 kmem_cache_create(
1720 name,
1721 sizeof(struct smbdirect_send_io) +
1722 sizeof(struct smbdirect_data_transfer),
1723 0, SLAB_HWCACHE_ALIGN, NULL);
1724 if (!sc->send_io.mem.cache)
1725 return -ENOMEM;
1726
1727 sc->send_io.mem.pool =
1728 mempool_create(sp->send_credit_target, mempool_alloc_slab,
1729 mempool_free_slab, sc->send_io.mem.cache);
1730 if (!sc->send_io.mem.pool)
1731 goto out1;
1732
1733 scnprintf(name, MAX_NAME_LEN, "smbdirect_recv_io_%p", sc);
1734
1735 struct kmem_cache_args response_args = {
1736 .align = __alignof__(struct smbdirect_recv_io),
1737 .useroffset = (offsetof(struct smbdirect_recv_io, packet) +
1738 sizeof(struct smbdirect_data_transfer)),
1739 .usersize = sp->max_recv_size - sizeof(struct smbdirect_data_transfer),
1740 };
1741 sc->recv_io.mem.cache =
1742 kmem_cache_create(name,
1743 sizeof(struct smbdirect_recv_io) + sp->max_recv_size,
1744 &response_args, SLAB_HWCACHE_ALIGN);
1745 if (!sc->recv_io.mem.cache)
1746 goto out2;
1747
1748 sc->recv_io.mem.pool =
1749 mempool_create(sp->recv_credit_max, mempool_alloc_slab,
1750 mempool_free_slab, sc->recv_io.mem.cache);
1751 if (!sc->recv_io.mem.pool)
1752 goto out3;
1753
1754 rc = allocate_receive_buffers(sc, sp->recv_credit_max);
1755 if (rc) {
1756 log_rdma_event(ERR, "failed to allocate receive buffers\n");
1757 goto out4;
1758 }
1759
1760 return 0;
1761
1762 out4:
1763 mempool_destroy(sc->recv_io.mem.pool);
1764 out3:
1765 kmem_cache_destroy(sc->recv_io.mem.cache);
1766 out2:
1767 mempool_destroy(sc->send_io.mem.pool);
1768 out1:
1769 kmem_cache_destroy(sc->send_io.mem.cache);
1770 return -ENOMEM;
1771 }
1772
1773 /* Create a SMBD connection, called by upper layer */
_smbd_get_connection(struct TCP_Server_Info * server,struct sockaddr * dstaddr,int port)1774 static struct smbd_connection *_smbd_get_connection(
1775 struct TCP_Server_Info *server, struct sockaddr *dstaddr, int port)
1776 {
1777 int rc;
1778 struct smbd_connection *info;
1779 struct smbdirect_socket *sc;
1780 struct smbdirect_socket_parameters *sp;
1781 struct rdma_conn_param conn_param;
1782 struct ib_qp_init_attr qp_attr;
1783 struct sockaddr_in *addr_in = (struct sockaddr_in *) dstaddr;
1784 struct ib_port_immutable port_immutable;
1785 __be32 ird_ord_hdr[2];
1786 char wq_name[80];
1787 struct workqueue_struct *workqueue;
1788
1789 info = kzalloc(sizeof(struct smbd_connection), GFP_KERNEL);
1790 if (!info)
1791 return NULL;
1792 sc = &info->socket;
1793 scnprintf(wq_name, ARRAY_SIZE(wq_name), "smbd_%p", sc);
1794 workqueue = create_workqueue(wq_name);
1795 if (!workqueue)
1796 goto create_wq_failed;
1797 smbdirect_socket_init(sc);
1798 sc->workqueue = workqueue;
1799 sp = &sc->parameters;
1800
1801 INIT_WORK(&sc->disconnect_work, smbd_disconnect_rdma_work);
1802
1803 sp->resolve_addr_timeout_msec = RDMA_RESOLVE_TIMEOUT;
1804 sp->resolve_route_timeout_msec = RDMA_RESOLVE_TIMEOUT;
1805 sp->rdma_connect_timeout_msec = RDMA_RESOLVE_TIMEOUT;
1806 sp->negotiate_timeout_msec = SMBD_NEGOTIATE_TIMEOUT * 1000;
1807 sp->initiator_depth = 1;
1808 sp->responder_resources = SMBD_CM_RESPONDER_RESOURCES;
1809 sp->recv_credit_max = smbd_receive_credit_max;
1810 sp->send_credit_target = smbd_send_credit_target;
1811 sp->max_send_size = smbd_max_send_size;
1812 sp->max_fragmented_recv_size = smbd_max_fragmented_recv_size;
1813 sp->max_recv_size = smbd_max_receive_size;
1814 sp->max_frmr_depth = smbd_max_frmr_depth;
1815 sp->keepalive_interval_msec = smbd_keep_alive_interval * 1000;
1816 sp->keepalive_timeout_msec = KEEPALIVE_RECV_TIMEOUT * 1000;
1817
1818 rc = smbd_ia_open(sc, dstaddr, port);
1819 if (rc) {
1820 log_rdma_event(INFO, "smbd_ia_open rc=%d\n", rc);
1821 goto create_id_failed;
1822 }
1823
1824 if (sp->send_credit_target > sc->ib.dev->attrs.max_cqe ||
1825 sp->send_credit_target > sc->ib.dev->attrs.max_qp_wr) {
1826 log_rdma_event(ERR, "consider lowering send_credit_target = %d. Possible CQE overrun, device reporting max_cqe %d max_qp_wr %d\n",
1827 sp->send_credit_target,
1828 sc->ib.dev->attrs.max_cqe,
1829 sc->ib.dev->attrs.max_qp_wr);
1830 goto config_failed;
1831 }
1832
1833 if (sp->recv_credit_max > sc->ib.dev->attrs.max_cqe ||
1834 sp->recv_credit_max > sc->ib.dev->attrs.max_qp_wr) {
1835 log_rdma_event(ERR, "consider lowering receive_credit_max = %d. Possible CQE overrun, device reporting max_cqe %d max_qp_wr %d\n",
1836 sp->recv_credit_max,
1837 sc->ib.dev->attrs.max_cqe,
1838 sc->ib.dev->attrs.max_qp_wr);
1839 goto config_failed;
1840 }
1841
1842 if (sc->ib.dev->attrs.max_send_sge < SMBDIRECT_SEND_IO_MAX_SGE ||
1843 sc->ib.dev->attrs.max_recv_sge < SMBDIRECT_RECV_IO_MAX_SGE) {
1844 log_rdma_event(ERR,
1845 "device %.*s max_send_sge/max_recv_sge = %d/%d too small\n",
1846 IB_DEVICE_NAME_MAX,
1847 sc->ib.dev->name,
1848 sc->ib.dev->attrs.max_send_sge,
1849 sc->ib.dev->attrs.max_recv_sge);
1850 goto config_failed;
1851 }
1852
1853 sc->ib.pd = ib_alloc_pd(sc->ib.dev, 0);
1854 if (IS_ERR(sc->ib.pd)) {
1855 rc = PTR_ERR(sc->ib.pd);
1856 sc->ib.pd = NULL;
1857 log_rdma_event(ERR, "ib_alloc_pd() returned %d\n", rc);
1858 goto alloc_pd_failed;
1859 }
1860
1861 sc->ib.send_cq =
1862 ib_alloc_cq_any(sc->ib.dev, sc,
1863 sp->send_credit_target, IB_POLL_SOFTIRQ);
1864 if (IS_ERR(sc->ib.send_cq)) {
1865 sc->ib.send_cq = NULL;
1866 goto alloc_cq_failed;
1867 }
1868
1869 sc->ib.recv_cq =
1870 ib_alloc_cq_any(sc->ib.dev, sc,
1871 sp->recv_credit_max, IB_POLL_SOFTIRQ);
1872 if (IS_ERR(sc->ib.recv_cq)) {
1873 sc->ib.recv_cq = NULL;
1874 goto alloc_cq_failed;
1875 }
1876
1877 memset(&qp_attr, 0, sizeof(qp_attr));
1878 qp_attr.event_handler = smbd_qp_async_error_upcall;
1879 qp_attr.qp_context = sc;
1880 qp_attr.cap.max_send_wr = sp->send_credit_target;
1881 qp_attr.cap.max_recv_wr = sp->recv_credit_max;
1882 qp_attr.cap.max_send_sge = SMBDIRECT_SEND_IO_MAX_SGE;
1883 qp_attr.cap.max_recv_sge = SMBDIRECT_RECV_IO_MAX_SGE;
1884 qp_attr.cap.max_inline_data = 0;
1885 qp_attr.sq_sig_type = IB_SIGNAL_REQ_WR;
1886 qp_attr.qp_type = IB_QPT_RC;
1887 qp_attr.send_cq = sc->ib.send_cq;
1888 qp_attr.recv_cq = sc->ib.recv_cq;
1889 qp_attr.port_num = ~0;
1890
1891 rc = rdma_create_qp(sc->rdma.cm_id, sc->ib.pd, &qp_attr);
1892 if (rc) {
1893 log_rdma_event(ERR, "rdma_create_qp failed %i\n", rc);
1894 goto create_qp_failed;
1895 }
1896 sc->ib.qp = sc->rdma.cm_id->qp;
1897
1898 sp->responder_resources =
1899 min_t(u8, sp->responder_resources,
1900 sc->ib.dev->attrs.max_qp_rd_atom);
1901 log_rdma_mr(INFO, "responder_resources=%d\n",
1902 sp->responder_resources);
1903
1904 memset(&conn_param, 0, sizeof(conn_param));
1905 conn_param.initiator_depth = sp->initiator_depth;
1906 conn_param.responder_resources = sp->responder_resources;
1907
1908 /* Need to send IRD/ORD in private data for iWARP */
1909 sc->ib.dev->ops.get_port_immutable(
1910 sc->ib.dev, sc->rdma.cm_id->port_num, &port_immutable);
1911 if (port_immutable.core_cap_flags & RDMA_CORE_PORT_IWARP) {
1912 ird_ord_hdr[0] = cpu_to_be32(conn_param.responder_resources);
1913 ird_ord_hdr[1] = cpu_to_be32(conn_param.initiator_depth);
1914 conn_param.private_data = ird_ord_hdr;
1915 conn_param.private_data_len = sizeof(ird_ord_hdr);
1916 } else {
1917 conn_param.private_data = NULL;
1918 conn_param.private_data_len = 0;
1919 }
1920
1921 conn_param.retry_count = SMBD_CM_RETRY;
1922 conn_param.rnr_retry_count = SMBD_CM_RNR_RETRY;
1923 conn_param.flow_control = 0;
1924
1925 log_rdma_event(INFO, "connecting to IP %pI4 port %d\n",
1926 &addr_in->sin_addr, port);
1927
1928 WARN_ON_ONCE(sc->status != SMBDIRECT_SOCKET_RDMA_CONNECT_NEEDED);
1929 sc->status = SMBDIRECT_SOCKET_RDMA_CONNECT_RUNNING;
1930 rc = rdma_connect(sc->rdma.cm_id, &conn_param);
1931 if (rc) {
1932 log_rdma_event(ERR, "rdma_connect() failed with %i\n", rc);
1933 goto rdma_connect_failed;
1934 }
1935
1936 wait_event_interruptible_timeout(
1937 sc->status_wait,
1938 sc->status != SMBDIRECT_SOCKET_RDMA_CONNECT_RUNNING,
1939 msecs_to_jiffies(sp->rdma_connect_timeout_msec));
1940
1941 if (sc->status != SMBDIRECT_SOCKET_NEGOTIATE_NEEDED) {
1942 log_rdma_event(ERR, "rdma_connect failed port=%d\n", port);
1943 goto rdma_connect_failed;
1944 }
1945
1946 log_rdma_event(INFO, "rdma_connect connected\n");
1947
1948 rc = allocate_caches(sc);
1949 if (rc) {
1950 log_rdma_event(ERR, "cache allocation failed\n");
1951 goto allocate_cache_failed;
1952 }
1953
1954 INIT_WORK(&sc->idle.immediate_work, send_immediate_empty_message);
1955 INIT_DELAYED_WORK(&sc->idle.timer_work, idle_connection_timer);
1956 /*
1957 * start with the negotiate timeout and SMBDIRECT_KEEPALIVE_PENDING
1958 * so that the timer will cause a disconnect.
1959 */
1960 sc->idle.keepalive = SMBDIRECT_KEEPALIVE_PENDING;
1961 mod_delayed_work(sc->workqueue, &sc->idle.timer_work,
1962 msecs_to_jiffies(sp->negotiate_timeout_msec));
1963
1964 INIT_WORK(&sc->recv_io.posted.refill_work, smbd_post_send_credits);
1965
1966 rc = smbd_negotiate(sc);
1967 if (rc) {
1968 log_rdma_event(ERR, "smbd_negotiate rc=%d\n", rc);
1969 goto negotiation_failed;
1970 }
1971
1972 rc = allocate_mr_list(sc);
1973 if (rc) {
1974 log_rdma_mr(ERR, "memory registration allocation failed\n");
1975 goto allocate_mr_failed;
1976 }
1977
1978 return info;
1979
1980 allocate_mr_failed:
1981 /* At this point, need to a full transport shutdown */
1982 server->smbd_conn = info;
1983 smbd_destroy(server);
1984 return NULL;
1985
1986 negotiation_failed:
1987 disable_delayed_work_sync(&sc->idle.timer_work);
1988 destroy_caches(sc);
1989 sc->status = SMBDIRECT_SOCKET_NEGOTIATE_FAILED;
1990 rdma_disconnect(sc->rdma.cm_id);
1991 wait_event(sc->status_wait,
1992 sc->status == SMBDIRECT_SOCKET_DISCONNECTED);
1993
1994 allocate_cache_failed:
1995 rdma_connect_failed:
1996 rdma_destroy_qp(sc->rdma.cm_id);
1997
1998 create_qp_failed:
1999 alloc_cq_failed:
2000 if (sc->ib.send_cq)
2001 ib_free_cq(sc->ib.send_cq);
2002 if (sc->ib.recv_cq)
2003 ib_free_cq(sc->ib.recv_cq);
2004
2005 ib_dealloc_pd(sc->ib.pd);
2006
2007 alloc_pd_failed:
2008 config_failed:
2009 rdma_destroy_id(sc->rdma.cm_id);
2010
2011 create_id_failed:
2012 destroy_workqueue(sc->workqueue);
2013 create_wq_failed:
2014 kfree(info);
2015 return NULL;
2016 }
2017
smbd_get_connection(struct TCP_Server_Info * server,struct sockaddr * dstaddr)2018 struct smbd_connection *smbd_get_connection(
2019 struct TCP_Server_Info *server, struct sockaddr *dstaddr)
2020 {
2021 struct smbd_connection *ret;
2022 const struct smbdirect_socket_parameters *sp;
2023 int port = SMBD_PORT;
2024
2025 try_again:
2026 ret = _smbd_get_connection(server, dstaddr, port);
2027
2028 /* Try SMB_PORT if SMBD_PORT doesn't work */
2029 if (!ret && port == SMBD_PORT) {
2030 port = SMB_PORT;
2031 goto try_again;
2032 }
2033 if (!ret)
2034 return NULL;
2035
2036 sp = &ret->socket.parameters;
2037
2038 server->rdma_readwrite_threshold =
2039 rdma_readwrite_threshold > sp->max_fragmented_send_size ?
2040 sp->max_fragmented_send_size :
2041 rdma_readwrite_threshold;
2042
2043 return ret;
2044 }
2045
2046 /*
2047 * Receive data from the transport's receive reassembly queue
2048 * All the incoming data packets are placed in reassembly queue
2049 * iter: the buffer to read data into
2050 * size: the length of data to read
2051 * return value: actual data read
2052 *
2053 * Note: this implementation copies the data from reassembly queue to receive
2054 * buffers used by upper layer. This is not the optimal code path. A better way
2055 * to do it is to not have upper layer allocate its receive buffers but rather
2056 * borrow the buffer from reassembly queue, and return it after data is
2057 * consumed. But this will require more changes to upper layer code, and also
2058 * need to consider packet boundaries while they still being reassembled.
2059 */
smbd_recv(struct smbd_connection * info,struct msghdr * msg)2060 int smbd_recv(struct smbd_connection *info, struct msghdr *msg)
2061 {
2062 struct smbdirect_socket *sc = &info->socket;
2063 struct smbdirect_recv_io *response;
2064 struct smbdirect_data_transfer *data_transfer;
2065 size_t size = iov_iter_count(&msg->msg_iter);
2066 int to_copy, to_read, data_read, offset;
2067 u32 data_length, remaining_data_length, data_offset;
2068 int rc;
2069
2070 if (WARN_ON_ONCE(iov_iter_rw(&msg->msg_iter) == WRITE))
2071 return -EINVAL; /* It's a bug in upper layer to get there */
2072
2073 again:
2074 /*
2075 * No need to hold the reassembly queue lock all the time as we are
2076 * the only one reading from the front of the queue. The transport
2077 * may add more entries to the back of the queue at the same time
2078 */
2079 log_read(INFO, "size=%zd sc->recv_io.reassembly.data_length=%d\n", size,
2080 sc->recv_io.reassembly.data_length);
2081 if (sc->recv_io.reassembly.data_length >= size) {
2082 int queue_length;
2083 int queue_removed = 0;
2084 unsigned long flags;
2085
2086 /*
2087 * Need to make sure reassembly_data_length is read before
2088 * reading reassembly_queue_length and calling
2089 * _get_first_reassembly. This call is lock free
2090 * as we never read at the end of the queue which are being
2091 * updated in SOFTIRQ as more data is received
2092 */
2093 virt_rmb();
2094 queue_length = sc->recv_io.reassembly.queue_length;
2095 data_read = 0;
2096 to_read = size;
2097 offset = sc->recv_io.reassembly.first_entry_offset;
2098 while (data_read < size) {
2099 response = _get_first_reassembly(sc);
2100 data_transfer = smbdirect_recv_io_payload(response);
2101 data_length = le32_to_cpu(data_transfer->data_length);
2102 remaining_data_length =
2103 le32_to_cpu(
2104 data_transfer->remaining_data_length);
2105 data_offset = le32_to_cpu(data_transfer->data_offset);
2106
2107 /*
2108 * The upper layer expects RFC1002 length at the
2109 * beginning of the payload. Return it to indicate
2110 * the total length of the packet. This minimize the
2111 * change to upper layer packet processing logic. This
2112 * will be eventually remove when an intermediate
2113 * transport layer is added
2114 */
2115 if (response->first_segment && size == 4) {
2116 unsigned int rfc1002_len =
2117 data_length + remaining_data_length;
2118 __be32 rfc1002_hdr = cpu_to_be32(rfc1002_len);
2119 if (copy_to_iter(&rfc1002_hdr, sizeof(rfc1002_hdr),
2120 &msg->msg_iter) != sizeof(rfc1002_hdr))
2121 return -EFAULT;
2122 data_read = 4;
2123 response->first_segment = false;
2124 log_read(INFO, "returning rfc1002 length %d\n",
2125 rfc1002_len);
2126 goto read_rfc1002_done;
2127 }
2128
2129 to_copy = min_t(int, data_length - offset, to_read);
2130 if (copy_to_iter((char *)data_transfer + data_offset + offset,
2131 to_copy, &msg->msg_iter) != to_copy)
2132 return -EFAULT;
2133
2134 /* move on to the next buffer? */
2135 if (to_copy == data_length - offset) {
2136 queue_length--;
2137 /*
2138 * No need to lock if we are not at the
2139 * end of the queue
2140 */
2141 if (queue_length)
2142 list_del(&response->list);
2143 else {
2144 spin_lock_irqsave(
2145 &sc->recv_io.reassembly.lock, flags);
2146 list_del(&response->list);
2147 spin_unlock_irqrestore(
2148 &sc->recv_io.reassembly.lock, flags);
2149 }
2150 queue_removed++;
2151 sc->statistics.dequeue_reassembly_queue++;
2152 put_receive_buffer(sc, response);
2153 offset = 0;
2154 log_read(INFO, "put_receive_buffer offset=0\n");
2155 } else
2156 offset += to_copy;
2157
2158 to_read -= to_copy;
2159 data_read += to_copy;
2160
2161 log_read(INFO, "_get_first_reassembly memcpy %d bytes data_transfer_length-offset=%d after that to_read=%d data_read=%d offset=%d\n",
2162 to_copy, data_length - offset,
2163 to_read, data_read, offset);
2164 }
2165
2166 spin_lock_irqsave(&sc->recv_io.reassembly.lock, flags);
2167 sc->recv_io.reassembly.data_length -= data_read;
2168 sc->recv_io.reassembly.queue_length -= queue_removed;
2169 spin_unlock_irqrestore(&sc->recv_io.reassembly.lock, flags);
2170
2171 sc->recv_io.reassembly.first_entry_offset = offset;
2172 log_read(INFO, "returning to thread data_read=%d reassembly_data_length=%d first_entry_offset=%d\n",
2173 data_read, sc->recv_io.reassembly.data_length,
2174 sc->recv_io.reassembly.first_entry_offset);
2175 read_rfc1002_done:
2176 return data_read;
2177 }
2178
2179 log_read(INFO, "wait_event on more data\n");
2180 rc = wait_event_interruptible(
2181 sc->recv_io.reassembly.wait_queue,
2182 sc->recv_io.reassembly.data_length >= size ||
2183 sc->status != SMBDIRECT_SOCKET_CONNECTED);
2184 /* Don't return any data if interrupted */
2185 if (rc)
2186 return rc;
2187
2188 if (sc->status != SMBDIRECT_SOCKET_CONNECTED) {
2189 log_read(ERR, "disconnected\n");
2190 return -ECONNABORTED;
2191 }
2192
2193 goto again;
2194 }
2195
2196 /*
2197 * Send data to transport
2198 * Each rqst is transported as a SMBDirect payload
2199 * rqst: the data to write
2200 * return value: 0 if successfully write, otherwise error code
2201 */
smbd_send(struct TCP_Server_Info * server,int num_rqst,struct smb_rqst * rqst_array)2202 int smbd_send(struct TCP_Server_Info *server,
2203 int num_rqst, struct smb_rqst *rqst_array)
2204 {
2205 struct smbd_connection *info = server->smbd_conn;
2206 struct smbdirect_socket *sc = &info->socket;
2207 struct smbdirect_socket_parameters *sp = &sc->parameters;
2208 struct smb_rqst *rqst;
2209 struct iov_iter iter;
2210 unsigned int remaining_data_length, klen;
2211 int rc, i, rqst_idx;
2212
2213 if (sc->status != SMBDIRECT_SOCKET_CONNECTED)
2214 return -EAGAIN;
2215
2216 /*
2217 * Add in the page array if there is one. The caller needs to set
2218 * rq_tailsz to PAGE_SIZE when the buffer has multiple pages and
2219 * ends at page boundary
2220 */
2221 remaining_data_length = 0;
2222 for (i = 0; i < num_rqst; i++)
2223 remaining_data_length += smb_rqst_len(server, &rqst_array[i]);
2224
2225 if (unlikely(remaining_data_length > sp->max_fragmented_send_size)) {
2226 /* assertion: payload never exceeds negotiated maximum */
2227 log_write(ERR, "payload size %d > max size %d\n",
2228 remaining_data_length, sp->max_fragmented_send_size);
2229 return -EINVAL;
2230 }
2231
2232 log_write(INFO, "num_rqst=%d total length=%u\n",
2233 num_rqst, remaining_data_length);
2234
2235 rqst_idx = 0;
2236 do {
2237 rqst = &rqst_array[rqst_idx];
2238
2239 cifs_dbg(FYI, "Sending smb (RDMA): idx=%d smb_len=%lu\n",
2240 rqst_idx, smb_rqst_len(server, rqst));
2241 for (i = 0; i < rqst->rq_nvec; i++)
2242 dump_smb(rqst->rq_iov[i].iov_base, rqst->rq_iov[i].iov_len);
2243
2244 log_write(INFO, "RDMA-WR[%u] nvec=%d len=%u iter=%zu rqlen=%lu\n",
2245 rqst_idx, rqst->rq_nvec, remaining_data_length,
2246 iov_iter_count(&rqst->rq_iter), smb_rqst_len(server, rqst));
2247
2248 /* Send the metadata pages. */
2249 klen = 0;
2250 for (i = 0; i < rqst->rq_nvec; i++)
2251 klen += rqst->rq_iov[i].iov_len;
2252 iov_iter_kvec(&iter, ITER_SOURCE, rqst->rq_iov, rqst->rq_nvec, klen);
2253
2254 rc = smbd_post_send_full_iter(sc, &iter, &remaining_data_length);
2255 if (rc < 0)
2256 break;
2257
2258 if (iov_iter_count(&rqst->rq_iter) > 0) {
2259 /* And then the data pages if there are any */
2260 rc = smbd_post_send_full_iter(sc, &rqst->rq_iter,
2261 &remaining_data_length);
2262 if (rc < 0)
2263 break;
2264 }
2265
2266 } while (++rqst_idx < num_rqst);
2267
2268 /*
2269 * As an optimization, we don't wait for individual I/O to finish
2270 * before sending the next one.
2271 * Send them all and wait for pending send count to get to 0
2272 * that means all the I/Os have been out and we are good to return
2273 */
2274
2275 wait_event(sc->send_io.pending.zero_wait_queue,
2276 atomic_read(&sc->send_io.pending.count) == 0 ||
2277 sc->status != SMBDIRECT_SOCKET_CONNECTED);
2278
2279 if (sc->status != SMBDIRECT_SOCKET_CONNECTED && rc == 0)
2280 rc = -EAGAIN;
2281
2282 return rc;
2283 }
2284
register_mr_done(struct ib_cq * cq,struct ib_wc * wc)2285 static void register_mr_done(struct ib_cq *cq, struct ib_wc *wc)
2286 {
2287 struct smbdirect_mr_io *mr =
2288 container_of(wc->wr_cqe, struct smbdirect_mr_io, cqe);
2289 struct smbdirect_socket *sc = mr->socket;
2290
2291 if (wc->status) {
2292 log_rdma_mr(ERR, "status=%d\n", wc->status);
2293 smbd_disconnect_rdma_connection(sc);
2294 }
2295 }
2296
2297 /*
2298 * The work queue function that recovers MRs
2299 * We need to call ib_dereg_mr() and ib_alloc_mr() before this MR can be used
2300 * again. Both calls are slow, so finish them in a workqueue. This will not
2301 * block I/O path.
2302 * There is one workqueue that recovers MRs, there is no need to lock as the
2303 * I/O requests calling smbd_register_mr will never update the links in the
2304 * mr_list.
2305 */
smbd_mr_recovery_work(struct work_struct * work)2306 static void smbd_mr_recovery_work(struct work_struct *work)
2307 {
2308 struct smbdirect_socket *sc =
2309 container_of(work, struct smbdirect_socket, mr_io.recovery_work);
2310 struct smbdirect_socket_parameters *sp = &sc->parameters;
2311 struct smbdirect_mr_io *smbdirect_mr;
2312 int rc;
2313
2314 list_for_each_entry(smbdirect_mr, &sc->mr_io.all.list, list) {
2315 if (smbdirect_mr->state == SMBDIRECT_MR_ERROR) {
2316
2317 /* recover this MR entry */
2318 rc = ib_dereg_mr(smbdirect_mr->mr);
2319 if (rc) {
2320 log_rdma_mr(ERR,
2321 "ib_dereg_mr failed rc=%x\n",
2322 rc);
2323 smbd_disconnect_rdma_connection(sc);
2324 continue;
2325 }
2326
2327 smbdirect_mr->mr = ib_alloc_mr(
2328 sc->ib.pd, sc->mr_io.type,
2329 sp->max_frmr_depth);
2330 if (IS_ERR(smbdirect_mr->mr)) {
2331 log_rdma_mr(ERR, "ib_alloc_mr failed mr_type=%x max_frmr_depth=%x\n",
2332 sc->mr_io.type,
2333 sp->max_frmr_depth);
2334 smbd_disconnect_rdma_connection(sc);
2335 continue;
2336 }
2337 } else
2338 /* This MR is being used, don't recover it */
2339 continue;
2340
2341 smbdirect_mr->state = SMBDIRECT_MR_READY;
2342
2343 /* smbdirect_mr->state is updated by this function
2344 * and is read and updated by I/O issuing CPUs trying
2345 * to get a MR, the call to atomic_inc_return
2346 * implicates a memory barrier and guarantees this
2347 * value is updated before waking up any calls to
2348 * get_mr() from the I/O issuing CPUs
2349 */
2350 if (atomic_inc_return(&sc->mr_io.ready.count) == 1)
2351 wake_up(&sc->mr_io.ready.wait_queue);
2352 }
2353 }
2354
destroy_mr_list(struct smbdirect_socket * sc)2355 static void destroy_mr_list(struct smbdirect_socket *sc)
2356 {
2357 struct smbdirect_mr_io *mr, *tmp;
2358
2359 disable_work_sync(&sc->mr_io.recovery_work);
2360 list_for_each_entry_safe(mr, tmp, &sc->mr_io.all.list, list) {
2361 if (mr->state == SMBDIRECT_MR_INVALIDATED)
2362 ib_dma_unmap_sg(sc->ib.dev, mr->sgt.sgl,
2363 mr->sgt.nents, mr->dir);
2364 ib_dereg_mr(mr->mr);
2365 kfree(mr->sgt.sgl);
2366 kfree(mr);
2367 }
2368 }
2369
2370 /*
2371 * Allocate MRs used for RDMA read/write
2372 * The number of MRs will not exceed hardware capability in responder_resources
2373 * All MRs are kept in mr_list. The MR can be recovered after it's used
2374 * Recovery is done in smbd_mr_recovery_work. The content of list entry changes
2375 * as MRs are used and recovered for I/O, but the list links will not change
2376 */
allocate_mr_list(struct smbdirect_socket * sc)2377 static int allocate_mr_list(struct smbdirect_socket *sc)
2378 {
2379 struct smbdirect_socket_parameters *sp = &sc->parameters;
2380 int i;
2381 struct smbdirect_mr_io *smbdirect_mr, *tmp;
2382
2383 INIT_WORK(&sc->mr_io.recovery_work, smbd_mr_recovery_work);
2384
2385 if (sp->responder_resources == 0) {
2386 log_rdma_mr(ERR, "responder_resources negotiated as 0\n");
2387 return -EINVAL;
2388 }
2389
2390 /* Allocate more MRs (2x) than hardware responder_resources */
2391 for (i = 0; i < sp->responder_resources * 2; i++) {
2392 smbdirect_mr = kzalloc(sizeof(*smbdirect_mr), GFP_KERNEL);
2393 if (!smbdirect_mr)
2394 goto cleanup_entries;
2395 smbdirect_mr->mr = ib_alloc_mr(sc->ib.pd, sc->mr_io.type,
2396 sp->max_frmr_depth);
2397 if (IS_ERR(smbdirect_mr->mr)) {
2398 log_rdma_mr(ERR, "ib_alloc_mr failed mr_type=%x max_frmr_depth=%x\n",
2399 sc->mr_io.type, sp->max_frmr_depth);
2400 goto out;
2401 }
2402 smbdirect_mr->sgt.sgl = kcalloc(sp->max_frmr_depth,
2403 sizeof(struct scatterlist),
2404 GFP_KERNEL);
2405 if (!smbdirect_mr->sgt.sgl) {
2406 log_rdma_mr(ERR, "failed to allocate sgl\n");
2407 ib_dereg_mr(smbdirect_mr->mr);
2408 goto out;
2409 }
2410 smbdirect_mr->state = SMBDIRECT_MR_READY;
2411 smbdirect_mr->socket = sc;
2412
2413 list_add_tail(&smbdirect_mr->list, &sc->mr_io.all.list);
2414 atomic_inc(&sc->mr_io.ready.count);
2415 }
2416 return 0;
2417
2418 out:
2419 kfree(smbdirect_mr);
2420 cleanup_entries:
2421 list_for_each_entry_safe(smbdirect_mr, tmp, &sc->mr_io.all.list, list) {
2422 list_del(&smbdirect_mr->list);
2423 ib_dereg_mr(smbdirect_mr->mr);
2424 kfree(smbdirect_mr->sgt.sgl);
2425 kfree(smbdirect_mr);
2426 }
2427 return -ENOMEM;
2428 }
2429
2430 /*
2431 * Get a MR from mr_list. This function waits until there is at least one
2432 * MR available in the list. It may access the list while the
2433 * smbd_mr_recovery_work is recovering the MR list. This doesn't need a lock
2434 * as they never modify the same places. However, there may be several CPUs
2435 * issuing I/O trying to get MR at the same time, mr_list_lock is used to
2436 * protect this situation.
2437 */
get_mr(struct smbdirect_socket * sc)2438 static struct smbdirect_mr_io *get_mr(struct smbdirect_socket *sc)
2439 {
2440 struct smbdirect_mr_io *ret;
2441 unsigned long flags;
2442 int rc;
2443 again:
2444 rc = wait_event_interruptible(sc->mr_io.ready.wait_queue,
2445 atomic_read(&sc->mr_io.ready.count) ||
2446 sc->status != SMBDIRECT_SOCKET_CONNECTED);
2447 if (rc) {
2448 log_rdma_mr(ERR, "wait_event_interruptible rc=%x\n", rc);
2449 return NULL;
2450 }
2451
2452 if (sc->status != SMBDIRECT_SOCKET_CONNECTED) {
2453 log_rdma_mr(ERR, "sc->status=%x\n", sc->status);
2454 return NULL;
2455 }
2456
2457 spin_lock_irqsave(&sc->mr_io.all.lock, flags);
2458 list_for_each_entry(ret, &sc->mr_io.all.list, list) {
2459 if (ret->state == SMBDIRECT_MR_READY) {
2460 ret->state = SMBDIRECT_MR_REGISTERED;
2461 spin_unlock_irqrestore(&sc->mr_io.all.lock, flags);
2462 atomic_dec(&sc->mr_io.ready.count);
2463 atomic_inc(&sc->mr_io.used.count);
2464 return ret;
2465 }
2466 }
2467
2468 spin_unlock_irqrestore(&sc->mr_io.all.lock, flags);
2469 /*
2470 * It is possible that we could fail to get MR because other processes may
2471 * try to acquire a MR at the same time. If this is the case, retry it.
2472 */
2473 goto again;
2474 }
2475
2476 /*
2477 * Transcribe the pages from an iterator into an MR scatterlist.
2478 */
smbd_iter_to_mr(struct iov_iter * iter,struct sg_table * sgt,unsigned int max_sg)2479 static int smbd_iter_to_mr(struct iov_iter *iter,
2480 struct sg_table *sgt,
2481 unsigned int max_sg)
2482 {
2483 int ret;
2484
2485 memset(sgt->sgl, 0, max_sg * sizeof(struct scatterlist));
2486
2487 ret = extract_iter_to_sg(iter, iov_iter_count(iter), sgt, max_sg, 0);
2488 WARN_ON(ret < 0);
2489 if (sgt->nents > 0)
2490 sg_mark_end(&sgt->sgl[sgt->nents - 1]);
2491 return ret;
2492 }
2493
2494 /*
2495 * Register memory for RDMA read/write
2496 * iter: the buffer to register memory with
2497 * writing: true if this is a RDMA write (SMB read), false for RDMA read
2498 * need_invalidate: true if this MR needs to be locally invalidated after I/O
2499 * return value: the MR registered, NULL if failed.
2500 */
smbd_register_mr(struct smbd_connection * info,struct iov_iter * iter,bool writing,bool need_invalidate)2501 struct smbdirect_mr_io *smbd_register_mr(struct smbd_connection *info,
2502 struct iov_iter *iter,
2503 bool writing, bool need_invalidate)
2504 {
2505 struct smbdirect_socket *sc = &info->socket;
2506 struct smbdirect_socket_parameters *sp = &sc->parameters;
2507 struct smbdirect_mr_io *smbdirect_mr;
2508 int rc, num_pages;
2509 enum dma_data_direction dir;
2510 struct ib_reg_wr *reg_wr;
2511
2512 num_pages = iov_iter_npages(iter, sp->max_frmr_depth + 1);
2513 if (num_pages > sp->max_frmr_depth) {
2514 log_rdma_mr(ERR, "num_pages=%d max_frmr_depth=%d\n",
2515 num_pages, sp->max_frmr_depth);
2516 WARN_ON_ONCE(1);
2517 return NULL;
2518 }
2519
2520 smbdirect_mr = get_mr(sc);
2521 if (!smbdirect_mr) {
2522 log_rdma_mr(ERR, "get_mr returning NULL\n");
2523 return NULL;
2524 }
2525
2526 dir = writing ? DMA_FROM_DEVICE : DMA_TO_DEVICE;
2527 smbdirect_mr->dir = dir;
2528 smbdirect_mr->need_invalidate = need_invalidate;
2529 smbdirect_mr->sgt.nents = 0;
2530 smbdirect_mr->sgt.orig_nents = 0;
2531
2532 log_rdma_mr(INFO, "num_pages=0x%x count=0x%zx depth=%u\n",
2533 num_pages, iov_iter_count(iter), sp->max_frmr_depth);
2534 smbd_iter_to_mr(iter, &smbdirect_mr->sgt, sp->max_frmr_depth);
2535
2536 rc = ib_dma_map_sg(sc->ib.dev, smbdirect_mr->sgt.sgl,
2537 smbdirect_mr->sgt.nents, dir);
2538 if (!rc) {
2539 log_rdma_mr(ERR, "ib_dma_map_sg num_pages=%x dir=%x rc=%x\n",
2540 num_pages, dir, rc);
2541 goto dma_map_error;
2542 }
2543
2544 rc = ib_map_mr_sg(smbdirect_mr->mr, smbdirect_mr->sgt.sgl,
2545 smbdirect_mr->sgt.nents, NULL, PAGE_SIZE);
2546 if (rc != smbdirect_mr->sgt.nents) {
2547 log_rdma_mr(ERR,
2548 "ib_map_mr_sg failed rc = %d nents = %x\n",
2549 rc, smbdirect_mr->sgt.nents);
2550 goto map_mr_error;
2551 }
2552
2553 ib_update_fast_reg_key(smbdirect_mr->mr,
2554 ib_inc_rkey(smbdirect_mr->mr->rkey));
2555 reg_wr = &smbdirect_mr->wr;
2556 reg_wr->wr.opcode = IB_WR_REG_MR;
2557 smbdirect_mr->cqe.done = register_mr_done;
2558 reg_wr->wr.wr_cqe = &smbdirect_mr->cqe;
2559 reg_wr->wr.num_sge = 0;
2560 reg_wr->wr.send_flags = IB_SEND_SIGNALED;
2561 reg_wr->mr = smbdirect_mr->mr;
2562 reg_wr->key = smbdirect_mr->mr->rkey;
2563 reg_wr->access = writing ?
2564 IB_ACCESS_REMOTE_WRITE | IB_ACCESS_LOCAL_WRITE :
2565 IB_ACCESS_REMOTE_READ;
2566
2567 /*
2568 * There is no need for waiting for complemtion on ib_post_send
2569 * on IB_WR_REG_MR. Hardware enforces a barrier and order of execution
2570 * on the next ib_post_send when we actually send I/O to remote peer
2571 */
2572 rc = ib_post_send(sc->ib.qp, ®_wr->wr, NULL);
2573 if (!rc)
2574 return smbdirect_mr;
2575
2576 log_rdma_mr(ERR, "ib_post_send failed rc=%x reg_wr->key=%x\n",
2577 rc, reg_wr->key);
2578
2579 /* If all failed, attempt to recover this MR by setting it SMBDIRECT_MR_ERROR*/
2580 map_mr_error:
2581 ib_dma_unmap_sg(sc->ib.dev, smbdirect_mr->sgt.sgl,
2582 smbdirect_mr->sgt.nents, smbdirect_mr->dir);
2583
2584 dma_map_error:
2585 smbdirect_mr->state = SMBDIRECT_MR_ERROR;
2586 if (atomic_dec_and_test(&sc->mr_io.used.count))
2587 wake_up(&sc->mr_io.cleanup.wait_queue);
2588
2589 smbd_disconnect_rdma_connection(sc);
2590
2591 return NULL;
2592 }
2593
local_inv_done(struct ib_cq * cq,struct ib_wc * wc)2594 static void local_inv_done(struct ib_cq *cq, struct ib_wc *wc)
2595 {
2596 struct smbdirect_mr_io *smbdirect_mr;
2597 struct ib_cqe *cqe;
2598
2599 cqe = wc->wr_cqe;
2600 smbdirect_mr = container_of(cqe, struct smbdirect_mr_io, cqe);
2601 smbdirect_mr->state = SMBDIRECT_MR_INVALIDATED;
2602 if (wc->status != IB_WC_SUCCESS) {
2603 log_rdma_mr(ERR, "invalidate failed status=%x\n", wc->status);
2604 smbdirect_mr->state = SMBDIRECT_MR_ERROR;
2605 }
2606 complete(&smbdirect_mr->invalidate_done);
2607 }
2608
2609 /*
2610 * Deregister a MR after I/O is done
2611 * This function may wait if remote invalidation is not used
2612 * and we have to locally invalidate the buffer to prevent data is being
2613 * modified by remote peer after upper layer consumes it
2614 */
smbd_deregister_mr(struct smbdirect_mr_io * smbdirect_mr)2615 int smbd_deregister_mr(struct smbdirect_mr_io *smbdirect_mr)
2616 {
2617 struct ib_send_wr *wr;
2618 struct smbdirect_socket *sc = smbdirect_mr->socket;
2619 int rc = 0;
2620
2621 if (smbdirect_mr->need_invalidate) {
2622 /* Need to finish local invalidation before returning */
2623 wr = &smbdirect_mr->inv_wr;
2624 wr->opcode = IB_WR_LOCAL_INV;
2625 smbdirect_mr->cqe.done = local_inv_done;
2626 wr->wr_cqe = &smbdirect_mr->cqe;
2627 wr->num_sge = 0;
2628 wr->ex.invalidate_rkey = smbdirect_mr->mr->rkey;
2629 wr->send_flags = IB_SEND_SIGNALED;
2630
2631 init_completion(&smbdirect_mr->invalidate_done);
2632 rc = ib_post_send(sc->ib.qp, wr, NULL);
2633 if (rc) {
2634 log_rdma_mr(ERR, "ib_post_send failed rc=%x\n", rc);
2635 smbd_disconnect_rdma_connection(sc);
2636 goto done;
2637 }
2638 wait_for_completion(&smbdirect_mr->invalidate_done);
2639 smbdirect_mr->need_invalidate = false;
2640 } else
2641 /*
2642 * For remote invalidation, just set it to SMBDIRECT_MR_INVALIDATED
2643 * and defer to mr_recovery_work to recover the MR for next use
2644 */
2645 smbdirect_mr->state = SMBDIRECT_MR_INVALIDATED;
2646
2647 if (smbdirect_mr->state == SMBDIRECT_MR_INVALIDATED) {
2648 ib_dma_unmap_sg(
2649 sc->ib.dev, smbdirect_mr->sgt.sgl,
2650 smbdirect_mr->sgt.nents,
2651 smbdirect_mr->dir);
2652 smbdirect_mr->state = SMBDIRECT_MR_READY;
2653 if (atomic_inc_return(&sc->mr_io.ready.count) == 1)
2654 wake_up(&sc->mr_io.ready.wait_queue);
2655 } else
2656 /*
2657 * Schedule the work to do MR recovery for future I/Os MR
2658 * recovery is slow and don't want it to block current I/O
2659 */
2660 queue_work(sc->workqueue, &sc->mr_io.recovery_work);
2661
2662 done:
2663 if (atomic_dec_and_test(&sc->mr_io.used.count))
2664 wake_up(&sc->mr_io.cleanup.wait_queue);
2665
2666 return rc;
2667 }
2668
smb_set_sge(struct smb_extract_to_rdma * rdma,struct page * lowest_page,size_t off,size_t len)2669 static bool smb_set_sge(struct smb_extract_to_rdma *rdma,
2670 struct page *lowest_page, size_t off, size_t len)
2671 {
2672 struct ib_sge *sge = &rdma->sge[rdma->nr_sge];
2673 u64 addr;
2674
2675 addr = ib_dma_map_page(rdma->device, lowest_page,
2676 off, len, rdma->direction);
2677 if (ib_dma_mapping_error(rdma->device, addr))
2678 return false;
2679
2680 sge->addr = addr;
2681 sge->length = len;
2682 sge->lkey = rdma->local_dma_lkey;
2683 rdma->nr_sge++;
2684 return true;
2685 }
2686
2687 /*
2688 * Extract page fragments from a BVEC-class iterator and add them to an RDMA
2689 * element list. The pages are not pinned.
2690 */
smb_extract_bvec_to_rdma(struct iov_iter * iter,struct smb_extract_to_rdma * rdma,ssize_t maxsize)2691 static ssize_t smb_extract_bvec_to_rdma(struct iov_iter *iter,
2692 struct smb_extract_to_rdma *rdma,
2693 ssize_t maxsize)
2694 {
2695 const struct bio_vec *bv = iter->bvec;
2696 unsigned long start = iter->iov_offset;
2697 unsigned int i;
2698 ssize_t ret = 0;
2699
2700 for (i = 0; i < iter->nr_segs; i++) {
2701 size_t off, len;
2702
2703 len = bv[i].bv_len;
2704 if (start >= len) {
2705 start -= len;
2706 continue;
2707 }
2708
2709 len = min_t(size_t, maxsize, len - start);
2710 off = bv[i].bv_offset + start;
2711
2712 if (!smb_set_sge(rdma, bv[i].bv_page, off, len))
2713 return -EIO;
2714
2715 ret += len;
2716 maxsize -= len;
2717 if (rdma->nr_sge >= rdma->max_sge || maxsize <= 0)
2718 break;
2719 start = 0;
2720 }
2721
2722 if (ret > 0)
2723 iov_iter_advance(iter, ret);
2724 return ret;
2725 }
2726
2727 /*
2728 * Extract fragments from a KVEC-class iterator and add them to an RDMA list.
2729 * This can deal with vmalloc'd buffers as well as kmalloc'd or static buffers.
2730 * The pages are not pinned.
2731 */
smb_extract_kvec_to_rdma(struct iov_iter * iter,struct smb_extract_to_rdma * rdma,ssize_t maxsize)2732 static ssize_t smb_extract_kvec_to_rdma(struct iov_iter *iter,
2733 struct smb_extract_to_rdma *rdma,
2734 ssize_t maxsize)
2735 {
2736 const struct kvec *kv = iter->kvec;
2737 unsigned long start = iter->iov_offset;
2738 unsigned int i;
2739 ssize_t ret = 0;
2740
2741 for (i = 0; i < iter->nr_segs; i++) {
2742 struct page *page;
2743 unsigned long kaddr;
2744 size_t off, len, seg;
2745
2746 len = kv[i].iov_len;
2747 if (start >= len) {
2748 start -= len;
2749 continue;
2750 }
2751
2752 kaddr = (unsigned long)kv[i].iov_base + start;
2753 off = kaddr & ~PAGE_MASK;
2754 len = min_t(size_t, maxsize, len - start);
2755 kaddr &= PAGE_MASK;
2756
2757 maxsize -= len;
2758 do {
2759 seg = min_t(size_t, len, PAGE_SIZE - off);
2760
2761 if (is_vmalloc_or_module_addr((void *)kaddr))
2762 page = vmalloc_to_page((void *)kaddr);
2763 else
2764 page = virt_to_page((void *)kaddr);
2765
2766 if (!smb_set_sge(rdma, page, off, seg))
2767 return -EIO;
2768
2769 ret += seg;
2770 len -= seg;
2771 kaddr += PAGE_SIZE;
2772 off = 0;
2773 } while (len > 0 && rdma->nr_sge < rdma->max_sge);
2774
2775 if (rdma->nr_sge >= rdma->max_sge || maxsize <= 0)
2776 break;
2777 start = 0;
2778 }
2779
2780 if (ret > 0)
2781 iov_iter_advance(iter, ret);
2782 return ret;
2783 }
2784
2785 /*
2786 * Extract folio fragments from a FOLIOQ-class iterator and add them to an RDMA
2787 * list. The folios are not pinned.
2788 */
smb_extract_folioq_to_rdma(struct iov_iter * iter,struct smb_extract_to_rdma * rdma,ssize_t maxsize)2789 static ssize_t smb_extract_folioq_to_rdma(struct iov_iter *iter,
2790 struct smb_extract_to_rdma *rdma,
2791 ssize_t maxsize)
2792 {
2793 const struct folio_queue *folioq = iter->folioq;
2794 unsigned int slot = iter->folioq_slot;
2795 ssize_t ret = 0;
2796 size_t offset = iter->iov_offset;
2797
2798 BUG_ON(!folioq);
2799
2800 if (slot >= folioq_nr_slots(folioq)) {
2801 folioq = folioq->next;
2802 if (WARN_ON_ONCE(!folioq))
2803 return -EIO;
2804 slot = 0;
2805 }
2806
2807 do {
2808 struct folio *folio = folioq_folio(folioq, slot);
2809 size_t fsize = folioq_folio_size(folioq, slot);
2810
2811 if (offset < fsize) {
2812 size_t part = umin(maxsize, fsize - offset);
2813
2814 if (!smb_set_sge(rdma, folio_page(folio, 0), offset, part))
2815 return -EIO;
2816
2817 offset += part;
2818 ret += part;
2819 maxsize -= part;
2820 }
2821
2822 if (offset >= fsize) {
2823 offset = 0;
2824 slot++;
2825 if (slot >= folioq_nr_slots(folioq)) {
2826 if (!folioq->next) {
2827 WARN_ON_ONCE(ret < iter->count);
2828 break;
2829 }
2830 folioq = folioq->next;
2831 slot = 0;
2832 }
2833 }
2834 } while (rdma->nr_sge < rdma->max_sge && maxsize > 0);
2835
2836 iter->folioq = folioq;
2837 iter->folioq_slot = slot;
2838 iter->iov_offset = offset;
2839 iter->count -= ret;
2840 return ret;
2841 }
2842
2843 /*
2844 * Extract page fragments from up to the given amount of the source iterator
2845 * and build up an RDMA list that refers to all of those bits. The RDMA list
2846 * is appended to, up to the maximum number of elements set in the parameter
2847 * block.
2848 *
2849 * The extracted page fragments are not pinned or ref'd in any way; if an
2850 * IOVEC/UBUF-type iterator is to be used, it should be converted to a
2851 * BVEC-type iterator and the pages pinned, ref'd or otherwise held in some
2852 * way.
2853 */
smb_extract_iter_to_rdma(struct iov_iter * iter,size_t len,struct smb_extract_to_rdma * rdma)2854 static ssize_t smb_extract_iter_to_rdma(struct iov_iter *iter, size_t len,
2855 struct smb_extract_to_rdma *rdma)
2856 {
2857 ssize_t ret;
2858 int before = rdma->nr_sge;
2859
2860 switch (iov_iter_type(iter)) {
2861 case ITER_BVEC:
2862 ret = smb_extract_bvec_to_rdma(iter, rdma, len);
2863 break;
2864 case ITER_KVEC:
2865 ret = smb_extract_kvec_to_rdma(iter, rdma, len);
2866 break;
2867 case ITER_FOLIOQ:
2868 ret = smb_extract_folioq_to_rdma(iter, rdma, len);
2869 break;
2870 default:
2871 WARN_ON_ONCE(1);
2872 return -EIO;
2873 }
2874
2875 if (ret < 0) {
2876 while (rdma->nr_sge > before) {
2877 struct ib_sge *sge = &rdma->sge[rdma->nr_sge--];
2878
2879 ib_dma_unmap_single(rdma->device, sge->addr, sge->length,
2880 rdma->direction);
2881 sge->addr = 0;
2882 }
2883 }
2884
2885 return ret;
2886 }
2887