xref: /freebsd/sys/dev/cxgbe/iw_cxgbe/qp.c (revision 69718b786d3943ea9a99eeeb5f5f6162f11c78b7)
1 /*
2  * Copyright (c) 2009-2013 Chelsio, Inc. All rights reserved.
3  *
4  * This software is available to you under a choice of one of two
5  * licenses.  You may choose to be licensed under the terms of the GNU
6  * General Public License (GPL) Version 2, available from the file
7  * COPYING in the main directory of this source tree, or the
8  * OpenIB.org BSD license below:
9  *
10  *     Redistribution and use in source and binary forms, with or
11  *     without modification, are permitted provided that the following
12  *     conditions are met:
13  *
14  *      - Redistributions of source code must retain the above
15  *        copyright notice, this list of conditions and the following
16  *        disclaimer.
17  *
18  *      - Redistributions in binary form must reproduce the above
19  *        copyright notice, this list of conditions and the following
20  *        disclaimer in the documentation and/or other materials
21  *        provided with the distribution.
22  *
23  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
24  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
25  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
26  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
27  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
28  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
29  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
30  * SOFTWARE.
31  */
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
34 
35 #include "opt_inet.h"
36 
37 #ifdef TCP_OFFLOAD
38 #include <sys/types.h>
39 #include <sys/malloc.h>
40 #include <sys/socket.h>
41 #include <sys/socketvar.h>
42 #include <sys/sockio.h>
43 #include <sys/taskqueue.h>
44 #include <netinet/in.h>
45 #include <net/route.h>
46 
47 #include <netinet/in_systm.h>
48 #include <netinet/in_pcb.h>
49 #include <netinet/ip.h>
50 #include <netinet/ip_var.h>
51 #include <netinet/tcp_var.h>
52 #include <netinet/tcp.h>
53 #include <netinet/tcpip.h>
54 
55 #include <netinet/toecore.h>
56 
57 struct sge_iq;
58 struct rss_header;
59 struct cpl_set_tcb_rpl;
60 #include <linux/types.h>
61 #include "offload.h"
62 #include "tom/t4_tom.h"
63 
64 #include "iw_cxgbe.h"
65 #include "user.h"
66 
67 static void creds(struct toepcb *toep, size_t wrsize);
68 
69 
70 static void set_state(struct c4iw_qp *qhp, enum c4iw_qp_state state)
71 {
72 	unsigned long flag;
73 	spin_lock_irqsave(&qhp->lock, flag);
74 	qhp->attr.state = state;
75 	spin_unlock_irqrestore(&qhp->lock, flag);
76 }
77 
78 static void dealloc_host_sq(struct c4iw_rdev *rdev, struct t4_sq *sq)
79 {
80 
81 	contigfree(sq->queue, sq->memsize, M_DEVBUF);
82 }
83 
84 static void dealloc_sq(struct c4iw_rdev *rdev, struct t4_sq *sq)
85 {
86 
87 	dealloc_host_sq(rdev, sq);
88 }
89 
90 static int alloc_host_sq(struct c4iw_rdev *rdev, struct t4_sq *sq)
91 {
92 	sq->queue = contigmalloc(sq->memsize, M_DEVBUF, M_NOWAIT, 0ul, ~0ul,
93 	    4096, 0);
94 
95 	if (sq->queue)
96 		sq->dma_addr = vtophys(sq->queue);
97 	else
98 		return -ENOMEM;
99 	sq->phys_addr = vtophys(sq->queue);
100 	pci_unmap_addr_set(sq, mapping, sq->dma_addr);
101 	CTR4(KTR_IW_CXGBE, "%s sq %p dma_addr %p phys_addr %p", __func__,
102 	    sq->queue, sq->dma_addr, sq->phys_addr);
103 	return 0;
104 }
105 
106 static int destroy_qp(struct c4iw_rdev *rdev, struct t4_wq *wq,
107 		      struct c4iw_dev_ucontext *uctx)
108 {
109 	/*
110 	 * uP clears EQ contexts when the connection exits rdma mode,
111 	 * so no need to post a RESET WR for these EQs.
112 	 */
113 	contigfree(wq->rq.queue, wq->rq.memsize, M_DEVBUF);
114 	dealloc_sq(rdev, &wq->sq);
115 	c4iw_rqtpool_free(rdev, wq->rq.rqt_hwaddr, wq->rq.rqt_size);
116 	kfree(wq->rq.sw_rq);
117 	kfree(wq->sq.sw_sq);
118 	c4iw_put_qpid(rdev, wq->rq.qid, uctx);
119 	c4iw_put_qpid(rdev, wq->sq.qid, uctx);
120 	return 0;
121 }
122 
123 static int create_qp(struct c4iw_rdev *rdev, struct t4_wq *wq,
124 		     struct t4_cq *rcq, struct t4_cq *scq,
125 		     struct c4iw_dev_ucontext *uctx)
126 {
127 	struct adapter *sc = rdev->adap;
128 	int user = (uctx != &rdev->uctx);
129 	struct fw_ri_res_wr *res_wr;
130 	struct fw_ri_res *res;
131 	int wr_len;
132 	struct c4iw_wr_wait wr_wait;
133 	int ret;
134 	int eqsize;
135 	struct wrqe *wr;
136 
137 	wq->sq.qid = c4iw_get_qpid(rdev, uctx);
138 	if (!wq->sq.qid)
139 		return -ENOMEM;
140 
141 	wq->rq.qid = c4iw_get_qpid(rdev, uctx);
142 	if (!wq->rq.qid)
143 		goto err1;
144 
145 	if (!user) {
146 		wq->sq.sw_sq = kzalloc(wq->sq.size * sizeof *wq->sq.sw_sq,
147 				 GFP_KERNEL);
148 		if (!wq->sq.sw_sq)
149 			goto err2;
150 
151 		wq->rq.sw_rq = kzalloc(wq->rq.size * sizeof *wq->rq.sw_rq,
152 				 GFP_KERNEL);
153 		if (!wq->rq.sw_rq)
154 			goto err3;
155 	}
156 
157 	/* RQT must be a power of 2. */
158 	wq->rq.rqt_size = roundup_pow_of_two(wq->rq.size);
159 	wq->rq.rqt_hwaddr = c4iw_rqtpool_alloc(rdev, wq->rq.rqt_size);
160 	if (!wq->rq.rqt_hwaddr)
161 		goto err4;
162 
163 	if (alloc_host_sq(rdev, &wq->sq))
164 		goto err5;
165 
166 	memset(wq->sq.queue, 0, wq->sq.memsize);
167 	pci_unmap_addr_set(&wq->sq, mapping, wq->sq.dma_addr);
168 
169 	wq->rq.queue = contigmalloc(wq->rq.memsize,
170             M_DEVBUF, M_NOWAIT, 0ul, ~0ul, 4096, 0);
171         if (wq->rq.queue)
172                 wq->rq.dma_addr = vtophys(wq->rq.queue);
173         else
174                 goto err6;
175 	CTR5(KTR_IW_CXGBE,
176 	    "%s sq base va 0x%p pa 0x%llx rq base va 0x%p pa 0x%llx", __func__,
177 	    wq->sq.queue, (unsigned long long)vtophys(wq->sq.queue),
178 	    wq->rq.queue, (unsigned long long)vtophys(wq->rq.queue));
179 	memset(wq->rq.queue, 0, wq->rq.memsize);
180 	pci_unmap_addr_set(&wq->rq, mapping, wq->rq.dma_addr);
181 
182 	wq->db = (void *)((unsigned long)rman_get_virtual(sc->regs_res) +
183 	    sc->sge_kdoorbell_reg);
184 	wq->gts = (void *)((unsigned long)rman_get_virtual(rdev->adap->regs_res)
185 			   + sc->sge_gts_reg);
186 	if (user) {
187 		wq->sq.udb = (u64)((char*)rman_get_virtual(rdev->adap->udbs_res) +
188 						(wq->sq.qid << rdev->qpshift));
189 		wq->sq.udb &= PAGE_MASK;
190 		wq->rq.udb = (u64)((char*)rman_get_virtual(rdev->adap->udbs_res) +
191 						(wq->rq.qid << rdev->qpshift));
192 		wq->rq.udb &= PAGE_MASK;
193 	}
194 	wq->rdev = rdev;
195 	wq->rq.msn = 1;
196 
197 	/* build fw_ri_res_wr */
198 	wr_len = sizeof *res_wr + 2 * sizeof *res;
199 
200 	wr = alloc_wrqe(wr_len, &sc->sge.mgmtq);
201         if (wr == NULL)
202 		return (0);
203         res_wr = wrtod(wr);
204 
205 	memset(res_wr, 0, wr_len);
206 	res_wr->op_nres = cpu_to_be32(
207 			V_FW_WR_OP(FW_RI_RES_WR) |
208 			V_FW_RI_RES_WR_NRES(2) |
209 			F_FW_WR_COMPL);
210 	res_wr->len16_pkd = cpu_to_be32(DIV_ROUND_UP(wr_len, 16));
211 	res_wr->cookie = (unsigned long) &wr_wait;
212 	res = res_wr->res;
213 	res->u.sqrq.restype = FW_RI_RES_TYPE_SQ;
214 	res->u.sqrq.op = FW_RI_RES_OP_WRITE;
215 
216 	/* eqsize is the number of 64B entries plus the status page size. */
217 	eqsize = wq->sq.size * T4_SQ_NUM_SLOTS +
218 	    (sc->params.sge.spg_len / EQ_ESIZE);
219 
220 	res->u.sqrq.fetchszm_to_iqid = cpu_to_be32(
221 		V_FW_RI_RES_WR_HOSTFCMODE(0) |	/* no host cidx updates */
222 		V_FW_RI_RES_WR_CPRIO(0) |	/* don't keep in chip cache */
223 		V_FW_RI_RES_WR_PCIECHN(0) |	/* set by uP at ri_init time */
224 		V_FW_RI_RES_WR_IQID(scq->cqid));
225 	res->u.sqrq.dcaen_to_eqsize = cpu_to_be32(
226 		V_FW_RI_RES_WR_DCAEN(0) |
227 		V_FW_RI_RES_WR_DCACPU(0) |
228 		V_FW_RI_RES_WR_FBMIN(2) |
229 		V_FW_RI_RES_WR_FBMAX(2) |
230 		V_FW_RI_RES_WR_CIDXFTHRESHO(0) |
231 		V_FW_RI_RES_WR_CIDXFTHRESH(0) |
232 		V_FW_RI_RES_WR_EQSIZE(eqsize));
233 	res->u.sqrq.eqid = cpu_to_be32(wq->sq.qid);
234 	res->u.sqrq.eqaddr = cpu_to_be64(wq->sq.dma_addr);
235 	res++;
236 	res->u.sqrq.restype = FW_RI_RES_TYPE_RQ;
237 	res->u.sqrq.op = FW_RI_RES_OP_WRITE;
238 
239 	/* eqsize is the number of 64B entries plus the status page size. */
240 	eqsize = wq->rq.size * T4_RQ_NUM_SLOTS +
241 	    (sc->params.sge.spg_len / EQ_ESIZE);
242 	res->u.sqrq.fetchszm_to_iqid = cpu_to_be32(
243 		V_FW_RI_RES_WR_HOSTFCMODE(0) |	/* no host cidx updates */
244 		V_FW_RI_RES_WR_CPRIO(0) |	/* don't keep in chip cache */
245 		V_FW_RI_RES_WR_PCIECHN(0) |	/* set by uP at ri_init time */
246 		V_FW_RI_RES_WR_IQID(rcq->cqid));
247 	res->u.sqrq.dcaen_to_eqsize = cpu_to_be32(
248 		V_FW_RI_RES_WR_DCAEN(0) |
249 		V_FW_RI_RES_WR_DCACPU(0) |
250 		V_FW_RI_RES_WR_FBMIN(2) |
251 		V_FW_RI_RES_WR_FBMAX(2) |
252 		V_FW_RI_RES_WR_CIDXFTHRESHO(0) |
253 		V_FW_RI_RES_WR_CIDXFTHRESH(0) |
254 		V_FW_RI_RES_WR_EQSIZE(eqsize));
255 	res->u.sqrq.eqid = cpu_to_be32(wq->rq.qid);
256 	res->u.sqrq.eqaddr = cpu_to_be64(wq->rq.dma_addr);
257 
258 	c4iw_init_wr_wait(&wr_wait);
259 
260 	t4_wrq_tx(sc, wr);
261 	ret = c4iw_wait_for_reply(rdev, &wr_wait, 0, wq->sq.qid, __func__);
262 	if (ret)
263 		goto err7;
264 
265 	CTR6(KTR_IW_CXGBE,
266 	    "%s sqid 0x%x rqid 0x%x kdb 0x%p squdb 0x%llx rqudb 0x%llx",
267 	    __func__, wq->sq.qid, wq->rq.qid, wq->db,
268 	    (unsigned long long)wq->sq.udb, (unsigned long long)wq->rq.udb);
269 
270 	return 0;
271 err7:
272 	contigfree(wq->rq.queue, wq->rq.memsize, M_DEVBUF);
273 err6:
274 	dealloc_sq(rdev, &wq->sq);
275 err5:
276 	c4iw_rqtpool_free(rdev, wq->rq.rqt_hwaddr, wq->rq.rqt_size);
277 err4:
278 	kfree(wq->rq.sw_rq);
279 err3:
280 	kfree(wq->sq.sw_sq);
281 err2:
282 	c4iw_put_qpid(rdev, wq->rq.qid, uctx);
283 err1:
284 	c4iw_put_qpid(rdev, wq->sq.qid, uctx);
285 	return -ENOMEM;
286 }
287 
288 static int build_immd(struct t4_sq *sq, struct fw_ri_immd *immdp,
289 		      struct ib_send_wr *wr, int max, u32 *plenp)
290 {
291 	u8 *dstp, *srcp;
292 	u32 plen = 0;
293 	int i;
294 	int rem, len;
295 
296 	dstp = (u8 *)immdp->data;
297 	for (i = 0; i < wr->num_sge; i++) {
298 		if ((plen + wr->sg_list[i].length) > max)
299 			return -EMSGSIZE;
300 		srcp = (u8 *)(unsigned long)wr->sg_list[i].addr;
301 		plen += wr->sg_list[i].length;
302 		rem = wr->sg_list[i].length;
303 		while (rem) {
304 			if (dstp == (u8 *)&sq->queue[sq->size])
305 				dstp = (u8 *)sq->queue;
306 			if (rem <= (u8 *)&sq->queue[sq->size] - dstp)
307 				len = rem;
308 			else
309 				len = (u8 *)&sq->queue[sq->size] - dstp;
310 			memcpy(dstp, srcp, len);
311 			dstp += len;
312 			srcp += len;
313 			rem -= len;
314 		}
315 	}
316 	len = roundup(plen + sizeof *immdp, 16) - (plen + sizeof *immdp);
317 	if (len)
318 		memset(dstp, 0, len);
319 	immdp->op = FW_RI_DATA_IMMD;
320 	immdp->r1 = 0;
321 	immdp->r2 = 0;
322 	immdp->immdlen = cpu_to_be32(plen);
323 	*plenp = plen;
324 	return 0;
325 }
326 
327 static int build_isgl(__be64 *queue_start, __be64 *queue_end,
328 		      struct fw_ri_isgl *isglp, struct ib_sge *sg_list,
329 		      int num_sge, u32 *plenp)
330 
331 {
332 	int i;
333 	u32 plen = 0;
334 	__be64 *flitp = (__be64 *)isglp->sge;
335 
336 	for (i = 0; i < num_sge; i++) {
337 		if ((plen + sg_list[i].length) < plen)
338 			return -EMSGSIZE;
339 		plen += sg_list[i].length;
340 		*flitp = cpu_to_be64(((u64)sg_list[i].lkey << 32) |
341 				     sg_list[i].length);
342 		if (++flitp == queue_end)
343 			flitp = queue_start;
344 		*flitp = cpu_to_be64(sg_list[i].addr);
345 		if (++flitp == queue_end)
346 			flitp = queue_start;
347 	}
348 	*flitp = (__force __be64)0;
349 	isglp->op = FW_RI_DATA_ISGL;
350 	isglp->r1 = 0;
351 	isglp->nsge = cpu_to_be16(num_sge);
352 	isglp->r2 = 0;
353 	if (plenp)
354 		*plenp = plen;
355 	return 0;
356 }
357 
358 static int build_rdma_send(struct t4_sq *sq, union t4_wr *wqe,
359 			   struct ib_send_wr *wr, u8 *len16)
360 {
361 	u32 plen;
362 	int size;
363 	int ret;
364 
365 	if (wr->num_sge > T4_MAX_SEND_SGE)
366 		return -EINVAL;
367 	switch (wr->opcode) {
368 	case IB_WR_SEND:
369 		if (wr->send_flags & IB_SEND_SOLICITED)
370 			wqe->send.sendop_pkd = cpu_to_be32(
371 				V_FW_RI_SEND_WR_SENDOP(FW_RI_SEND_WITH_SE));
372 		else
373 			wqe->send.sendop_pkd = cpu_to_be32(
374 				V_FW_RI_SEND_WR_SENDOP(FW_RI_SEND));
375 		wqe->send.stag_inv = 0;
376 		break;
377 	case IB_WR_SEND_WITH_INV:
378 		if (wr->send_flags & IB_SEND_SOLICITED)
379 			wqe->send.sendop_pkd = cpu_to_be32(
380 				V_FW_RI_SEND_WR_SENDOP(FW_RI_SEND_WITH_SE_INV));
381 		else
382 			wqe->send.sendop_pkd = cpu_to_be32(
383 				V_FW_RI_SEND_WR_SENDOP(FW_RI_SEND_WITH_INV));
384 		wqe->send.stag_inv = cpu_to_be32(wr->ex.invalidate_rkey);
385 		break;
386 
387 	default:
388 		return -EINVAL;
389 	}
390 
391 	plen = 0;
392 	if (wr->num_sge) {
393 		if (wr->send_flags & IB_SEND_INLINE) {
394 			ret = build_immd(sq, wqe->send.u.immd_src, wr,
395 					 T4_MAX_SEND_INLINE, &plen);
396 			if (ret)
397 				return ret;
398 			size = sizeof wqe->send + sizeof(struct fw_ri_immd) +
399 			       plen;
400 		} else {
401 			ret = build_isgl((__be64 *)sq->queue,
402 					 (__be64 *)&sq->queue[sq->size],
403 					 wqe->send.u.isgl_src,
404 					 wr->sg_list, wr->num_sge, &plen);
405 			if (ret)
406 				return ret;
407 			size = sizeof wqe->send + sizeof(struct fw_ri_isgl) +
408 			       wr->num_sge * sizeof(struct fw_ri_sge);
409 		}
410 	} else {
411 		wqe->send.u.immd_src[0].op = FW_RI_DATA_IMMD;
412 		wqe->send.u.immd_src[0].r1 = 0;
413 		wqe->send.u.immd_src[0].r2 = 0;
414 		wqe->send.u.immd_src[0].immdlen = 0;
415 		size = sizeof wqe->send + sizeof(struct fw_ri_immd);
416 		plen = 0;
417 	}
418 	*len16 = DIV_ROUND_UP(size, 16);
419 	wqe->send.plen = cpu_to_be32(plen);
420 	return 0;
421 }
422 
423 static int build_rdma_write(struct t4_sq *sq, union t4_wr *wqe,
424 			    struct ib_send_wr *wr, u8 *len16)
425 {
426 	u32 plen;
427 	int size;
428 	int ret;
429 
430 	if (wr->num_sge > T4_MAX_SEND_SGE)
431 		return -EINVAL;
432 	wqe->write.r2 = 0;
433 	wqe->write.stag_sink = cpu_to_be32(wr->wr.rdma.rkey);
434 	wqe->write.to_sink = cpu_to_be64(wr->wr.rdma.remote_addr);
435 	if (wr->num_sge) {
436 		if (wr->send_flags & IB_SEND_INLINE) {
437 			ret = build_immd(sq, wqe->write.u.immd_src, wr,
438 					 T4_MAX_WRITE_INLINE, &plen);
439 			if (ret)
440 				return ret;
441 			size = sizeof wqe->write + sizeof(struct fw_ri_immd) +
442 			       plen;
443 		} else {
444 			ret = build_isgl((__be64 *)sq->queue,
445 					 (__be64 *)&sq->queue[sq->size],
446 					 wqe->write.u.isgl_src,
447 					 wr->sg_list, wr->num_sge, &plen);
448 			if (ret)
449 				return ret;
450 			size = sizeof wqe->write + sizeof(struct fw_ri_isgl) +
451 			       wr->num_sge * sizeof(struct fw_ri_sge);
452 		}
453 	} else {
454 		wqe->write.u.immd_src[0].op = FW_RI_DATA_IMMD;
455 		wqe->write.u.immd_src[0].r1 = 0;
456 		wqe->write.u.immd_src[0].r2 = 0;
457 		wqe->write.u.immd_src[0].immdlen = 0;
458 		size = sizeof wqe->write + sizeof(struct fw_ri_immd);
459 		plen = 0;
460 	}
461 	*len16 = DIV_ROUND_UP(size, 16);
462 	wqe->write.plen = cpu_to_be32(plen);
463 	return 0;
464 }
465 
466 static int build_rdma_read(union t4_wr *wqe, struct ib_send_wr *wr, u8 *len16)
467 {
468 	if (wr->num_sge > 1)
469 		return -EINVAL;
470 	if (wr->num_sge) {
471 		wqe->read.stag_src = cpu_to_be32(wr->wr.rdma.rkey);
472 		wqe->read.to_src_hi = cpu_to_be32((u32)(wr->wr.rdma.remote_addr
473 							>> 32));
474 		wqe->read.to_src_lo = cpu_to_be32((u32)wr->wr.rdma.remote_addr);
475 		wqe->read.stag_sink = cpu_to_be32(wr->sg_list[0].lkey);
476 		wqe->read.plen = cpu_to_be32(wr->sg_list[0].length);
477 		wqe->read.to_sink_hi = cpu_to_be32((u32)(wr->sg_list[0].addr
478 							 >> 32));
479 		wqe->read.to_sink_lo = cpu_to_be32((u32)(wr->sg_list[0].addr));
480 	} else {
481 		wqe->read.stag_src = cpu_to_be32(2);
482 		wqe->read.to_src_hi = 0;
483 		wqe->read.to_src_lo = 0;
484 		wqe->read.stag_sink = cpu_to_be32(2);
485 		wqe->read.plen = 0;
486 		wqe->read.to_sink_hi = 0;
487 		wqe->read.to_sink_lo = 0;
488 	}
489 	wqe->read.r2 = 0;
490 	wqe->read.r5 = 0;
491 	*len16 = DIV_ROUND_UP(sizeof wqe->read, 16);
492 	return 0;
493 }
494 
495 static int build_rdma_recv(struct c4iw_qp *qhp, union t4_recv_wr *wqe,
496 			   struct ib_recv_wr *wr, u8 *len16)
497 {
498 	int ret;
499 
500 	ret = build_isgl((__be64 *)qhp->wq.rq.queue,
501 			 (__be64 *)&qhp->wq.rq.queue[qhp->wq.rq.size],
502 			 &wqe->recv.isgl, wr->sg_list, wr->num_sge, NULL);
503 	if (ret)
504 		return ret;
505 	*len16 = DIV_ROUND_UP(sizeof wqe->recv +
506 			      wr->num_sge * sizeof(struct fw_ri_sge), 16);
507 	return 0;
508 }
509 
510 static int build_fastreg(struct t4_sq *sq, union t4_wr *wqe,
511 			 struct ib_send_wr *wr, u8 *len16)
512 {
513 
514 	struct fw_ri_immd *imdp;
515 	__be64 *p;
516 	int i;
517 	int pbllen = roundup(wr->wr.fast_reg.page_list_len * sizeof(u64), 32);
518 	int rem;
519 
520 	if (wr->wr.fast_reg.page_list_len > T4_MAX_FR_DEPTH)
521 		return -EINVAL;
522 
523 	wqe->fr.qpbinde_to_dcacpu = 0;
524 	wqe->fr.pgsz_shift = wr->wr.fast_reg.page_shift - 12;
525 	wqe->fr.addr_type = FW_RI_VA_BASED_TO;
526 	wqe->fr.mem_perms = c4iw_ib_to_tpt_access(wr->wr.fast_reg.access_flags);
527 	wqe->fr.len_hi = 0;
528 	wqe->fr.len_lo = cpu_to_be32(wr->wr.fast_reg.length);
529 	wqe->fr.stag = cpu_to_be32(wr->wr.fast_reg.rkey);
530 	wqe->fr.va_hi = cpu_to_be32(wr->wr.fast_reg.iova_start >> 32);
531 	wqe->fr.va_lo_fbo = cpu_to_be32(wr->wr.fast_reg.iova_start &
532 					0xffffffff);
533 	WARN_ON(pbllen > T4_MAX_FR_IMMD);
534 	imdp = (struct fw_ri_immd *)(&wqe->fr + 1);
535 	imdp->op = FW_RI_DATA_IMMD;
536 	imdp->r1 = 0;
537 	imdp->r2 = 0;
538 	imdp->immdlen = cpu_to_be32(pbllen);
539 	p = (__be64 *)(imdp + 1);
540 	rem = pbllen;
541 	for (i = 0; i < wr->wr.fast_reg.page_list_len; i++) {
542 		*p = cpu_to_be64((u64)wr->wr.fast_reg.page_list->page_list[i]);
543 		rem -= sizeof *p;
544 		if (++p == (__be64 *)&sq->queue[sq->size])
545 			p = (__be64 *)sq->queue;
546 	}
547 	BUG_ON(rem < 0);
548 	while (rem) {
549 		*p = 0;
550 		rem -= sizeof *p;
551 		if (++p == (__be64 *)&sq->queue[sq->size])
552 			p = (__be64 *)sq->queue;
553 	}
554 	*len16 = DIV_ROUND_UP(sizeof wqe->fr + sizeof *imdp + pbllen, 16);
555 	return 0;
556 }
557 
558 static int build_inv_stag(union t4_wr *wqe, struct ib_send_wr *wr,
559 			  u8 *len16)
560 {
561 	wqe->inv.stag_inv = cpu_to_be32(wr->ex.invalidate_rkey);
562 	wqe->inv.r2 = 0;
563 	*len16 = DIV_ROUND_UP(sizeof wqe->inv, 16);
564 	return 0;
565 }
566 
567 void c4iw_qp_add_ref(struct ib_qp *qp)
568 {
569 	CTR2(KTR_IW_CXGBE, "%s ib_qp %p", __func__, qp);
570 	atomic_inc(&(to_c4iw_qp(qp)->refcnt));
571 }
572 
573 void c4iw_qp_rem_ref(struct ib_qp *qp)
574 {
575 	CTR2(KTR_IW_CXGBE, "%s ib_qp %p", __func__, qp);
576 	if (atomic_dec_and_test(&(to_c4iw_qp(qp)->refcnt)))
577 		wake_up(&(to_c4iw_qp(qp)->wait));
578 }
579 
580 int c4iw_post_send(struct ib_qp *ibqp, struct ib_send_wr *wr,
581 		   struct ib_send_wr **bad_wr)
582 {
583 	int err = 0;
584 	u8 len16 = 0;
585 	enum fw_wr_opcodes fw_opcode = 0;
586 	enum fw_ri_wr_flags fw_flags;
587 	struct c4iw_qp *qhp;
588 	union t4_wr *wqe;
589 	u32 num_wrs;
590 	struct t4_swsqe *swsqe;
591 	unsigned long flag;
592 	u16 idx = 0;
593 
594 	qhp = to_c4iw_qp(ibqp);
595 	spin_lock_irqsave(&qhp->lock, flag);
596 	if (t4_wq_in_error(&qhp->wq)) {
597 		spin_unlock_irqrestore(&qhp->lock, flag);
598 		return -EINVAL;
599 	}
600 	num_wrs = t4_sq_avail(&qhp->wq);
601 	if (num_wrs == 0) {
602 		spin_unlock_irqrestore(&qhp->lock, flag);
603 		return -ENOMEM;
604 	}
605 	while (wr) {
606 		if (num_wrs == 0) {
607 			err = -ENOMEM;
608 			*bad_wr = wr;
609 			break;
610 		}
611 		wqe = (union t4_wr *)((u8 *)qhp->wq.sq.queue +
612 		      qhp->wq.sq.wq_pidx * T4_EQ_ENTRY_SIZE);
613 
614 		fw_flags = 0;
615 		if (wr->send_flags & IB_SEND_SOLICITED)
616 			fw_flags |= FW_RI_SOLICITED_EVENT_FLAG;
617 		if (wr->send_flags & IB_SEND_SIGNALED || qhp->sq_sig_all)
618 			fw_flags |= FW_RI_COMPLETION_FLAG;
619 		swsqe = &qhp->wq.sq.sw_sq[qhp->wq.sq.pidx];
620 		switch (wr->opcode) {
621 		case IB_WR_SEND_WITH_INV:
622 		case IB_WR_SEND:
623 			if (wr->send_flags & IB_SEND_FENCE)
624 				fw_flags |= FW_RI_READ_FENCE_FLAG;
625 			fw_opcode = FW_RI_SEND_WR;
626 			if (wr->opcode == IB_WR_SEND)
627 				swsqe->opcode = FW_RI_SEND;
628 			else
629 				swsqe->opcode = FW_RI_SEND_WITH_INV;
630 			err = build_rdma_send(&qhp->wq.sq, wqe, wr, &len16);
631 			break;
632 		case IB_WR_RDMA_WRITE:
633 			fw_opcode = FW_RI_RDMA_WRITE_WR;
634 			swsqe->opcode = FW_RI_RDMA_WRITE;
635 			err = build_rdma_write(&qhp->wq.sq, wqe, wr, &len16);
636 			break;
637 		case IB_WR_RDMA_READ:
638 		case IB_WR_RDMA_READ_WITH_INV:
639 			fw_opcode = FW_RI_RDMA_READ_WR;
640 			swsqe->opcode = FW_RI_READ_REQ;
641 			if (wr->opcode == IB_WR_RDMA_READ_WITH_INV)
642 				fw_flags = FW_RI_RDMA_READ_INVALIDATE;
643 			else
644 				fw_flags = 0;
645 			err = build_rdma_read(wqe, wr, &len16);
646 			if (err)
647 				break;
648 			swsqe->read_len = wr->sg_list[0].length;
649 			if (!qhp->wq.sq.oldest_read)
650 				qhp->wq.sq.oldest_read = swsqe;
651 			break;
652 		case IB_WR_FAST_REG_MR:
653 			fw_opcode = FW_RI_FR_NSMR_WR;
654 			swsqe->opcode = FW_RI_FAST_REGISTER;
655 			err = build_fastreg(&qhp->wq.sq, wqe, wr, &len16);
656 			break;
657 		case IB_WR_LOCAL_INV:
658 			if (wr->send_flags & IB_SEND_FENCE)
659 				fw_flags |= FW_RI_LOCAL_FENCE_FLAG;
660 			fw_opcode = FW_RI_INV_LSTAG_WR;
661 			swsqe->opcode = FW_RI_LOCAL_INV;
662 			err = build_inv_stag(wqe, wr, &len16);
663 			break;
664 		default:
665 			CTR2(KTR_IW_CXGBE, "%s post of type =%d TBD!", __func__,
666 			     wr->opcode);
667 			err = -EINVAL;
668 		}
669 		if (err) {
670 			*bad_wr = wr;
671 			break;
672 		}
673 		swsqe->idx = qhp->wq.sq.pidx;
674 		swsqe->complete = 0;
675 		swsqe->signaled = (wr->send_flags & IB_SEND_SIGNALED) ||
676 					qhp->sq_sig_all;
677 		swsqe->wr_id = wr->wr_id;
678 
679 		init_wr_hdr(wqe, qhp->wq.sq.pidx, fw_opcode, fw_flags, len16);
680 
681 		CTR5(KTR_IW_CXGBE,
682 		    "%s cookie 0x%llx pidx 0x%x opcode 0x%x read_len %u",
683 		    __func__, (unsigned long long)wr->wr_id, qhp->wq.sq.pidx,
684 		    swsqe->opcode, swsqe->read_len);
685 		wr = wr->next;
686 		num_wrs--;
687 		t4_sq_produce(&qhp->wq, len16);
688 		idx += DIV_ROUND_UP(len16*16, T4_EQ_ENTRY_SIZE);
689 	}
690 
691 	t4_ring_sq_db(&qhp->wq, idx);
692 	spin_unlock_irqrestore(&qhp->lock, flag);
693 	return err;
694 }
695 
696 int c4iw_post_receive(struct ib_qp *ibqp, struct ib_recv_wr *wr,
697 		      struct ib_recv_wr **bad_wr)
698 {
699 	int err = 0;
700 	struct c4iw_qp *qhp;
701 	union t4_recv_wr *wqe;
702 	u32 num_wrs;
703 	u8 len16 = 0;
704 	unsigned long flag;
705 	u16 idx = 0;
706 
707 	qhp = to_c4iw_qp(ibqp);
708 	spin_lock_irqsave(&qhp->lock, flag);
709 	if (t4_wq_in_error(&qhp->wq)) {
710 		spin_unlock_irqrestore(&qhp->lock, flag);
711 		return -EINVAL;
712 	}
713 	num_wrs = t4_rq_avail(&qhp->wq);
714 	if (num_wrs == 0) {
715 		spin_unlock_irqrestore(&qhp->lock, flag);
716 		return -ENOMEM;
717 	}
718 	while (wr) {
719 		if (wr->num_sge > T4_MAX_RECV_SGE) {
720 			err = -EINVAL;
721 			*bad_wr = wr;
722 			break;
723 		}
724 		wqe = (union t4_recv_wr *)((u8 *)qhp->wq.rq.queue +
725 					   qhp->wq.rq.wq_pidx *
726 					   T4_EQ_ENTRY_SIZE);
727 		if (num_wrs)
728 			err = build_rdma_recv(qhp, wqe, wr, &len16);
729 		else
730 			err = -ENOMEM;
731 		if (err) {
732 			*bad_wr = wr;
733 			break;
734 		}
735 
736 		qhp->wq.rq.sw_rq[qhp->wq.rq.pidx].wr_id = wr->wr_id;
737 
738 		wqe->recv.opcode = FW_RI_RECV_WR;
739 		wqe->recv.r1 = 0;
740 		wqe->recv.wrid = qhp->wq.rq.pidx;
741 		wqe->recv.r2[0] = 0;
742 		wqe->recv.r2[1] = 0;
743 		wqe->recv.r2[2] = 0;
744 		wqe->recv.len16 = len16;
745 		CTR3(KTR_IW_CXGBE, "%s cookie 0x%llx pidx %u", __func__,
746 		     (unsigned long long) wr->wr_id, qhp->wq.rq.pidx);
747 		t4_rq_produce(&qhp->wq, len16);
748 		idx += DIV_ROUND_UP(len16*16, T4_EQ_ENTRY_SIZE);
749 		wr = wr->next;
750 		num_wrs--;
751 	}
752 
753 	t4_ring_rq_db(&qhp->wq, idx);
754 	spin_unlock_irqrestore(&qhp->lock, flag);
755 	return err;
756 }
757 
758 int c4iw_bind_mw(struct ib_qp *qp, struct ib_mw *mw, struct ib_mw_bind *mw_bind)
759 {
760 	return -ENOSYS;
761 }
762 
763 static inline void build_term_codes(struct t4_cqe *err_cqe, u8 *layer_type,
764 				    u8 *ecode)
765 {
766 	int status;
767 	int tagged;
768 	int opcode;
769 	int rqtype;
770 	int send_inv;
771 
772 	if (!err_cqe) {
773 		*layer_type = LAYER_RDMAP|DDP_LOCAL_CATA;
774 		*ecode = 0;
775 		return;
776 	}
777 
778 	status = CQE_STATUS(err_cqe);
779 	opcode = CQE_OPCODE(err_cqe);
780 	rqtype = RQ_TYPE(err_cqe);
781 	send_inv = (opcode == FW_RI_SEND_WITH_INV) ||
782 		   (opcode == FW_RI_SEND_WITH_SE_INV);
783 	tagged = (opcode == FW_RI_RDMA_WRITE) ||
784 		 (rqtype && (opcode == FW_RI_READ_RESP));
785 
786 	switch (status) {
787 	case T4_ERR_STAG:
788 		if (send_inv) {
789 			*layer_type = LAYER_RDMAP|RDMAP_REMOTE_OP;
790 			*ecode = RDMAP_CANT_INV_STAG;
791 		} else {
792 			*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
793 			*ecode = RDMAP_INV_STAG;
794 		}
795 		break;
796 	case T4_ERR_PDID:
797 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
798 		if ((opcode == FW_RI_SEND_WITH_INV) ||
799 		    (opcode == FW_RI_SEND_WITH_SE_INV))
800 			*ecode = RDMAP_CANT_INV_STAG;
801 		else
802 			*ecode = RDMAP_STAG_NOT_ASSOC;
803 		break;
804 	case T4_ERR_QPID:
805 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
806 		*ecode = RDMAP_STAG_NOT_ASSOC;
807 		break;
808 	case T4_ERR_ACCESS:
809 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
810 		*ecode = RDMAP_ACC_VIOL;
811 		break;
812 	case T4_ERR_WRAP:
813 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
814 		*ecode = RDMAP_TO_WRAP;
815 		break;
816 	case T4_ERR_BOUND:
817 		if (tagged) {
818 			*layer_type = LAYER_DDP|DDP_TAGGED_ERR;
819 			*ecode = DDPT_BASE_BOUNDS;
820 		} else {
821 			*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
822 			*ecode = RDMAP_BASE_BOUNDS;
823 		}
824 		break;
825 	case T4_ERR_INVALIDATE_SHARED_MR:
826 	case T4_ERR_INVALIDATE_MR_WITH_MW_BOUND:
827 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_OP;
828 		*ecode = RDMAP_CANT_INV_STAG;
829 		break;
830 	case T4_ERR_ECC:
831 	case T4_ERR_ECC_PSTAG:
832 	case T4_ERR_INTERNAL_ERR:
833 		*layer_type = LAYER_RDMAP|RDMAP_LOCAL_CATA;
834 		*ecode = 0;
835 		break;
836 	case T4_ERR_OUT_OF_RQE:
837 		*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
838 		*ecode = DDPU_INV_MSN_NOBUF;
839 		break;
840 	case T4_ERR_PBL_ADDR_BOUND:
841 		*layer_type = LAYER_DDP|DDP_TAGGED_ERR;
842 		*ecode = DDPT_BASE_BOUNDS;
843 		break;
844 	case T4_ERR_CRC:
845 		*layer_type = LAYER_MPA|DDP_LLP;
846 		*ecode = MPA_CRC_ERR;
847 		break;
848 	case T4_ERR_MARKER:
849 		*layer_type = LAYER_MPA|DDP_LLP;
850 		*ecode = MPA_MARKER_ERR;
851 		break;
852 	case T4_ERR_PDU_LEN_ERR:
853 		*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
854 		*ecode = DDPU_MSG_TOOBIG;
855 		break;
856 	case T4_ERR_DDP_VERSION:
857 		if (tagged) {
858 			*layer_type = LAYER_DDP|DDP_TAGGED_ERR;
859 			*ecode = DDPT_INV_VERS;
860 		} else {
861 			*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
862 			*ecode = DDPU_INV_VERS;
863 		}
864 		break;
865 	case T4_ERR_RDMA_VERSION:
866 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_OP;
867 		*ecode = RDMAP_INV_VERS;
868 		break;
869 	case T4_ERR_OPCODE:
870 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_OP;
871 		*ecode = RDMAP_INV_OPCODE;
872 		break;
873 	case T4_ERR_DDP_QUEUE_NUM:
874 		*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
875 		*ecode = DDPU_INV_QN;
876 		break;
877 	case T4_ERR_MSN:
878 	case T4_ERR_MSN_GAP:
879 	case T4_ERR_MSN_RANGE:
880 	case T4_ERR_IRD_OVERFLOW:
881 		*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
882 		*ecode = DDPU_INV_MSN_RANGE;
883 		break;
884 	case T4_ERR_TBIT:
885 		*layer_type = LAYER_DDP|DDP_LOCAL_CATA;
886 		*ecode = 0;
887 		break;
888 	case T4_ERR_MO:
889 		*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
890 		*ecode = DDPU_INV_MO;
891 		break;
892 	default:
893 		*layer_type = LAYER_RDMAP|DDP_LOCAL_CATA;
894 		*ecode = 0;
895 		break;
896 	}
897 }
898 
899 static void post_terminate(struct c4iw_qp *qhp, struct t4_cqe *err_cqe,
900 			   gfp_t gfp)
901 {
902 	struct fw_ri_wr *wqe;
903 	struct terminate_message *term;
904 	struct wrqe *wr;
905 	struct socket *so = qhp->ep->com.so;
906         struct inpcb *inp = sotoinpcb(so);
907         struct tcpcb *tp = intotcpcb(inp);
908         struct toepcb *toep = tp->t_toe;
909 
910 	CTR4(KTR_IW_CXGBE, "%s qhp %p qid 0x%x tid %u", __func__, qhp,
911 	    qhp->wq.sq.qid, qhp->ep->hwtid);
912 
913 	wr = alloc_wrqe(sizeof(*wqe), toep->ofld_txq);
914 	if (wr == NULL)
915 		return;
916         wqe = wrtod(wr);
917 
918 	memset(wqe, 0, sizeof *wqe);
919 	wqe->op_compl = cpu_to_be32(V_FW_WR_OP(FW_RI_WR));
920 	wqe->flowid_len16 = cpu_to_be32(
921 		V_FW_WR_FLOWID(qhp->ep->hwtid) |
922 		V_FW_WR_LEN16(DIV_ROUND_UP(sizeof *wqe, 16)));
923 
924 	wqe->u.terminate.type = FW_RI_TYPE_TERMINATE;
925 	wqe->u.terminate.immdlen = cpu_to_be32(sizeof *term);
926 	term = (struct terminate_message *)wqe->u.terminate.termmsg;
927 	if (qhp->attr.layer_etype == (LAYER_MPA|DDP_LLP)) {
928 		term->layer_etype = qhp->attr.layer_etype;
929 		term->ecode = qhp->attr.ecode;
930 	} else
931 		build_term_codes(err_cqe, &term->layer_etype, &term->ecode);
932         creds(toep, sizeof(*wqe));
933 	t4_wrq_tx(qhp->rhp->rdev.adap, wr);
934 }
935 
936 /* Assumes qhp lock is held. */
937 static void __flush_qp(struct c4iw_qp *qhp, struct c4iw_cq *rchp,
938 		       struct c4iw_cq *schp)
939 {
940 	int count;
941 	int flushed;
942 	unsigned long flag;
943 
944 	CTR4(KTR_IW_CXGBE, "%s qhp %p rchp %p schp %p", __func__, qhp, rchp,
945 	    schp);
946 
947 	/* locking hierarchy: cq lock first, then qp lock. */
948 	spin_lock_irqsave(&rchp->lock, flag);
949 	spin_lock(&qhp->lock);
950 	c4iw_flush_hw_cq(&rchp->cq);
951 	c4iw_count_rcqes(&rchp->cq, &qhp->wq, &count);
952 	flushed = c4iw_flush_rq(&qhp->wq, &rchp->cq, count);
953 	spin_unlock(&qhp->lock);
954 	spin_unlock_irqrestore(&rchp->lock, flag);
955 	if (flushed && rchp->ibcq.comp_handler) {
956 		spin_lock_irqsave(&rchp->comp_handler_lock, flag);
957 		(*rchp->ibcq.comp_handler)(&rchp->ibcq, rchp->ibcq.cq_context);
958 		spin_unlock_irqrestore(&rchp->comp_handler_lock, flag);
959 	}
960 
961 	/* locking hierarchy: cq lock first, then qp lock. */
962 	spin_lock_irqsave(&schp->lock, flag);
963 	spin_lock(&qhp->lock);
964 	c4iw_flush_hw_cq(&schp->cq);
965 	c4iw_count_scqes(&schp->cq, &qhp->wq, &count);
966 	flushed = c4iw_flush_sq(&qhp->wq, &schp->cq, count);
967 	spin_unlock(&qhp->lock);
968 	spin_unlock_irqrestore(&schp->lock, flag);
969 	if (flushed && schp->ibcq.comp_handler) {
970 		spin_lock_irqsave(&schp->comp_handler_lock, flag);
971 		(*schp->ibcq.comp_handler)(&schp->ibcq, schp->ibcq.cq_context);
972 		spin_unlock_irqrestore(&schp->comp_handler_lock, flag);
973 	}
974 }
975 
976 static void flush_qp(struct c4iw_qp *qhp)
977 {
978 	struct c4iw_cq *rchp, *schp;
979 	unsigned long flag;
980 
981 	rchp = get_chp(qhp->rhp, qhp->attr.rcq);
982 	schp = get_chp(qhp->rhp, qhp->attr.scq);
983 
984 	if (qhp->ibqp.uobject) {
985 		t4_set_wq_in_error(&qhp->wq);
986 		t4_set_cq_in_error(&rchp->cq);
987 		spin_lock_irqsave(&rchp->comp_handler_lock, flag);
988 		(*rchp->ibcq.comp_handler)(&rchp->ibcq, rchp->ibcq.cq_context);
989 		spin_unlock_irqrestore(&rchp->comp_handler_lock, flag);
990 		if (schp != rchp) {
991 			t4_set_cq_in_error(&schp->cq);
992 			spin_lock_irqsave(&schp->comp_handler_lock, flag);
993 			(*schp->ibcq.comp_handler)(&schp->ibcq,
994 					schp->ibcq.cq_context);
995 			spin_unlock_irqrestore(&schp->comp_handler_lock, flag);
996 		}
997 		return;
998 	}
999 	__flush_qp(qhp, rchp, schp);
1000 }
1001 
1002 static int
1003 rdma_fini(struct c4iw_dev *rhp, struct c4iw_qp *qhp, struct c4iw_ep *ep)
1004 {
1005 	struct c4iw_rdev *rdev = &rhp->rdev;
1006 	struct adapter *sc = rdev->adap;
1007 	struct fw_ri_wr *wqe;
1008 	int ret;
1009 	struct wrqe *wr;
1010 	struct socket *so = ep->com.so;
1011         struct inpcb *inp = sotoinpcb(so);
1012         struct tcpcb *tp = intotcpcb(inp);
1013         struct toepcb *toep = tp->t_toe;
1014 
1015 	KASSERT(rhp == qhp->rhp && ep == qhp->ep, ("%s: EDOOFUS", __func__));
1016 
1017 	CTR4(KTR_IW_CXGBE, "%s qhp %p qid 0x%x tid %u", __func__, qhp,
1018 	    qhp->wq.sq.qid, ep->hwtid);
1019 
1020 	wr = alloc_wrqe(sizeof(*wqe), toep->ofld_txq);
1021 	if (wr == NULL)
1022 		return (0);
1023 	wqe = wrtod(wr);
1024 
1025 	memset(wqe, 0, sizeof *wqe);
1026 
1027 	wqe->op_compl = cpu_to_be32(V_FW_WR_OP(FW_RI_WR) | F_FW_WR_COMPL);
1028 	wqe->flowid_len16 = cpu_to_be32(V_FW_WR_FLOWID(ep->hwtid) |
1029 	    V_FW_WR_LEN16(DIV_ROUND_UP(sizeof *wqe, 16)));
1030 	wqe->cookie = (unsigned long) &ep->com.wr_wait;
1031 	wqe->u.fini.type = FW_RI_TYPE_FINI;
1032 
1033 	c4iw_init_wr_wait(&ep->com.wr_wait);
1034 
1035         creds(toep, sizeof(*wqe));
1036 	t4_wrq_tx(sc, wr);
1037 
1038 	ret = c4iw_wait_for_reply(rdev, &ep->com.wr_wait, ep->hwtid,
1039 	    qhp->wq.sq.qid, __func__);
1040 	return ret;
1041 }
1042 
1043 static void build_rtr_msg(u8 p2p_type, struct fw_ri_init *init)
1044 {
1045 	CTR2(KTR_IW_CXGBE, "%s p2p_type = %d", __func__, p2p_type);
1046 	memset(&init->u, 0, sizeof init->u);
1047 	switch (p2p_type) {
1048 	case FW_RI_INIT_P2PTYPE_RDMA_WRITE:
1049 		init->u.write.opcode = FW_RI_RDMA_WRITE_WR;
1050 		init->u.write.stag_sink = cpu_to_be32(1);
1051 		init->u.write.to_sink = cpu_to_be64(1);
1052 		init->u.write.u.immd_src[0].op = FW_RI_DATA_IMMD;
1053 		init->u.write.len16 = DIV_ROUND_UP(sizeof init->u.write +
1054 						   sizeof(struct fw_ri_immd),
1055 						   16);
1056 		break;
1057 	case FW_RI_INIT_P2PTYPE_READ_REQ:
1058 		init->u.write.opcode = FW_RI_RDMA_READ_WR;
1059 		init->u.read.stag_src = cpu_to_be32(1);
1060 		init->u.read.to_src_lo = cpu_to_be32(1);
1061 		init->u.read.stag_sink = cpu_to_be32(1);
1062 		init->u.read.to_sink_lo = cpu_to_be32(1);
1063 		init->u.read.len16 = DIV_ROUND_UP(sizeof init->u.read, 16);
1064 		break;
1065 	}
1066 }
1067 
1068 static void
1069 creds(struct toepcb *toep, size_t wrsize)
1070 {
1071 	struct ofld_tx_sdesc *txsd;
1072 
1073 	CTR3(KTR_IW_CXGBE, "%s:creB  %p %u", __func__, toep , wrsize);
1074 	INP_WLOCK(toep->inp);
1075 	txsd = &toep->txsd[toep->txsd_pidx];
1076 	txsd->tx_credits = howmany(wrsize, 16);
1077 	txsd->plen = 0;
1078 	KASSERT(toep->tx_credits >= txsd->tx_credits && toep->txsd_avail > 0,
1079 			("%s: not enough credits (%d)", __func__, toep->tx_credits));
1080 	toep->tx_credits -= txsd->tx_credits;
1081 	if (__predict_false(++toep->txsd_pidx == toep->txsd_total))
1082 		toep->txsd_pidx = 0;
1083 	toep->txsd_avail--;
1084 	INP_WUNLOCK(toep->inp);
1085 	CTR5(KTR_IW_CXGBE, "%s:creE  %p %u %u %u", __func__, toep ,
1086 	    txsd->tx_credits, toep->tx_credits, toep->txsd_pidx);
1087 }
1088 
1089 static int rdma_init(struct c4iw_dev *rhp, struct c4iw_qp *qhp)
1090 {
1091 	struct fw_ri_wr *wqe;
1092 	int ret;
1093 	struct wrqe *wr;
1094 	struct c4iw_ep *ep = qhp->ep;
1095 	struct c4iw_rdev *rdev = &qhp->rhp->rdev;
1096 	struct adapter *sc = rdev->adap;
1097 	struct socket *so = ep->com.so;
1098         struct inpcb *inp = sotoinpcb(so);
1099         struct tcpcb *tp = intotcpcb(inp);
1100         struct toepcb *toep = tp->t_toe;
1101 
1102 	CTR4(KTR_IW_CXGBE, "%s qhp %p qid 0x%x tid %u", __func__, qhp,
1103 	    qhp->wq.sq.qid, ep->hwtid);
1104 
1105 	wr = alloc_wrqe(sizeof(*wqe), toep->ofld_txq);
1106 	if (wr == NULL)
1107 		return (0);
1108 	wqe = wrtod(wr);
1109 
1110 	memset(wqe, 0, sizeof *wqe);
1111 
1112 	wqe->op_compl = cpu_to_be32(
1113 		V_FW_WR_OP(FW_RI_WR) |
1114 		F_FW_WR_COMPL);
1115 	wqe->flowid_len16 = cpu_to_be32(V_FW_WR_FLOWID(ep->hwtid) |
1116 	    V_FW_WR_LEN16(DIV_ROUND_UP(sizeof *wqe, 16)));
1117 
1118 	wqe->cookie = (unsigned long) &ep->com.wr_wait;
1119 
1120 	wqe->u.init.type = FW_RI_TYPE_INIT;
1121 	wqe->u.init.mpareqbit_p2ptype =
1122 		V_FW_RI_WR_MPAREQBIT(qhp->attr.mpa_attr.initiator) |
1123 		V_FW_RI_WR_P2PTYPE(qhp->attr.mpa_attr.p2p_type);
1124 	wqe->u.init.mpa_attrs = FW_RI_MPA_IETF_ENABLE;
1125 	if (qhp->attr.mpa_attr.recv_marker_enabled)
1126 		wqe->u.init.mpa_attrs |= FW_RI_MPA_RX_MARKER_ENABLE;
1127 	if (qhp->attr.mpa_attr.xmit_marker_enabled)
1128 		wqe->u.init.mpa_attrs |= FW_RI_MPA_TX_MARKER_ENABLE;
1129 	if (qhp->attr.mpa_attr.crc_enabled)
1130 		wqe->u.init.mpa_attrs |= FW_RI_MPA_CRC_ENABLE;
1131 
1132 	wqe->u.init.qp_caps = FW_RI_QP_RDMA_READ_ENABLE |
1133 			    FW_RI_QP_RDMA_WRITE_ENABLE |
1134 			    FW_RI_QP_BIND_ENABLE;
1135 	if (!qhp->ibqp.uobject)
1136 		wqe->u.init.qp_caps |= FW_RI_QP_FAST_REGISTER_ENABLE |
1137 				     FW_RI_QP_STAG0_ENABLE;
1138 	wqe->u.init.nrqe = cpu_to_be16(t4_rqes_posted(&qhp->wq));
1139 	wqe->u.init.pdid = cpu_to_be32(qhp->attr.pd);
1140 	wqe->u.init.qpid = cpu_to_be32(qhp->wq.sq.qid);
1141 	wqe->u.init.sq_eqid = cpu_to_be32(qhp->wq.sq.qid);
1142 	wqe->u.init.rq_eqid = cpu_to_be32(qhp->wq.rq.qid);
1143 	wqe->u.init.scqid = cpu_to_be32(qhp->attr.scq);
1144 	wqe->u.init.rcqid = cpu_to_be32(qhp->attr.rcq);
1145 	wqe->u.init.ord_max = cpu_to_be32(qhp->attr.max_ord);
1146 	wqe->u.init.ird_max = cpu_to_be32(qhp->attr.max_ird);
1147 	wqe->u.init.iss = cpu_to_be32(ep->snd_seq);
1148 	wqe->u.init.irs = cpu_to_be32(ep->rcv_seq);
1149 	wqe->u.init.hwrqsize = cpu_to_be32(qhp->wq.rq.rqt_size);
1150 	wqe->u.init.hwrqaddr = cpu_to_be32(qhp->wq.rq.rqt_hwaddr -
1151 	    sc->vres.rq.start);
1152 	if (qhp->attr.mpa_attr.initiator)
1153 		build_rtr_msg(qhp->attr.mpa_attr.p2p_type, &wqe->u.init);
1154 
1155 	c4iw_init_wr_wait(&ep->com.wr_wait);
1156 
1157 	creds(toep, sizeof(*wqe));
1158 	t4_wrq_tx(sc, wr);
1159 
1160 	ret = c4iw_wait_for_reply(rdev, &ep->com.wr_wait, ep->hwtid,
1161 	    qhp->wq.sq.qid, __func__);
1162 
1163 	toep->ulp_mode = ULP_MODE_RDMA;
1164 
1165 	return ret;
1166 }
1167 
1168 int c4iw_modify_qp(struct c4iw_dev *rhp, struct c4iw_qp *qhp,
1169 		   enum c4iw_qp_attr_mask mask,
1170 		   struct c4iw_qp_attributes *attrs,
1171 		   int internal)
1172 {
1173 	int ret = 0;
1174 	struct c4iw_qp_attributes newattr = qhp->attr;
1175 	int disconnect = 0;
1176 	int terminate = 0;
1177 	int abort = 0;
1178 	int free = 0;
1179 	struct c4iw_ep *ep = NULL;
1180 
1181 	CTR5(KTR_IW_CXGBE, "%s qhp %p sqid 0x%x rqid 0x%x ep %p", __func__, qhp,
1182 	    qhp->wq.sq.qid, qhp->wq.rq.qid, qhp->ep);
1183 	CTR3(KTR_IW_CXGBE, "%s state %d -> %d", __func__, qhp->attr.state,
1184 	    (mask & C4IW_QP_ATTR_NEXT_STATE) ? attrs->next_state : -1);
1185 
1186 	mutex_lock(&qhp->mutex);
1187 
1188 	/* Process attr changes if in IDLE */
1189 	if (mask & C4IW_QP_ATTR_VALID_MODIFY) {
1190 		if (qhp->attr.state != C4IW_QP_STATE_IDLE) {
1191 			ret = -EIO;
1192 			goto out;
1193 		}
1194 		if (mask & C4IW_QP_ATTR_ENABLE_RDMA_READ)
1195 			newattr.enable_rdma_read = attrs->enable_rdma_read;
1196 		if (mask & C4IW_QP_ATTR_ENABLE_RDMA_WRITE)
1197 			newattr.enable_rdma_write = attrs->enable_rdma_write;
1198 		if (mask & C4IW_QP_ATTR_ENABLE_RDMA_BIND)
1199 			newattr.enable_bind = attrs->enable_bind;
1200 		if (mask & C4IW_QP_ATTR_MAX_ORD) {
1201 			if (attrs->max_ord > c4iw_max_read_depth) {
1202 				ret = -EINVAL;
1203 				goto out;
1204 			}
1205 			newattr.max_ord = attrs->max_ord;
1206 		}
1207 		if (mask & C4IW_QP_ATTR_MAX_IRD) {
1208 			if (attrs->max_ird > c4iw_max_read_depth) {
1209 				ret = -EINVAL;
1210 				goto out;
1211 			}
1212 			newattr.max_ird = attrs->max_ird;
1213 		}
1214 		qhp->attr = newattr;
1215 	}
1216 
1217 	if (!(mask & C4IW_QP_ATTR_NEXT_STATE))
1218 		goto out;
1219 	if (qhp->attr.state == attrs->next_state)
1220 		goto out;
1221 
1222 	switch (qhp->attr.state) {
1223 	case C4IW_QP_STATE_IDLE:
1224 		switch (attrs->next_state) {
1225 		case C4IW_QP_STATE_RTS:
1226 			if (!(mask & C4IW_QP_ATTR_LLP_STREAM_HANDLE)) {
1227 				ret = -EINVAL;
1228 				goto out;
1229 			}
1230 			if (!(mask & C4IW_QP_ATTR_MPA_ATTR)) {
1231 				ret = -EINVAL;
1232 				goto out;
1233 			}
1234 			qhp->attr.mpa_attr = attrs->mpa_attr;
1235 			qhp->attr.llp_stream_handle = attrs->llp_stream_handle;
1236 			qhp->ep = qhp->attr.llp_stream_handle;
1237 			set_state(qhp, C4IW_QP_STATE_RTS);
1238 
1239 			/*
1240 			 * Ref the endpoint here and deref when we
1241 			 * disassociate the endpoint from the QP.  This
1242 			 * happens in CLOSING->IDLE transition or *->ERROR
1243 			 * transition.
1244 			 */
1245 			c4iw_get_ep(&qhp->ep->com);
1246 			ret = rdma_init(rhp, qhp);
1247 			if (ret)
1248 				goto err;
1249 			break;
1250 		case C4IW_QP_STATE_ERROR:
1251 			set_state(qhp, C4IW_QP_STATE_ERROR);
1252 			flush_qp(qhp);
1253 			break;
1254 		default:
1255 			ret = -EINVAL;
1256 			goto out;
1257 		}
1258 		break;
1259 	case C4IW_QP_STATE_RTS:
1260 		switch (attrs->next_state) {
1261 		case C4IW_QP_STATE_CLOSING:
1262 			BUG_ON(atomic_read(&qhp->ep->com.kref.refcount) < 2);
1263 			set_state(qhp, C4IW_QP_STATE_CLOSING);
1264 			ep = qhp->ep;
1265 			if (!internal) {
1266 				abort = 0;
1267 				disconnect = 1;
1268 				c4iw_get_ep(&qhp->ep->com);
1269 			}
1270 			if (qhp->ibqp.uobject)
1271 				t4_set_wq_in_error(&qhp->wq);
1272 			ret = rdma_fini(rhp, qhp, ep);
1273 			if (ret)
1274 				goto err;
1275 			break;
1276 		case C4IW_QP_STATE_TERMINATE:
1277 			set_state(qhp, C4IW_QP_STATE_TERMINATE);
1278 			qhp->attr.layer_etype = attrs->layer_etype;
1279 			qhp->attr.ecode = attrs->ecode;
1280 			if (qhp->ibqp.uobject)
1281 				t4_set_wq_in_error(&qhp->wq);
1282 			ep = qhp->ep;
1283 			if (!internal)
1284 				terminate = 1;
1285 			disconnect = 1;
1286 			c4iw_get_ep(&qhp->ep->com);
1287 			break;
1288 		case C4IW_QP_STATE_ERROR:
1289 			set_state(qhp, C4IW_QP_STATE_ERROR);
1290 			if (qhp->ibqp.uobject)
1291 				t4_set_wq_in_error(&qhp->wq);
1292 			if (!internal) {
1293 				abort = 1;
1294 				disconnect = 1;
1295 				ep = qhp->ep;
1296 				c4iw_get_ep(&qhp->ep->com);
1297 			}
1298 			goto err;
1299 			break;
1300 		default:
1301 			ret = -EINVAL;
1302 			goto out;
1303 		}
1304 		break;
1305 	case C4IW_QP_STATE_CLOSING:
1306 		if (!internal) {
1307 			ret = -EINVAL;
1308 			goto out;
1309 		}
1310 		switch (attrs->next_state) {
1311 		case C4IW_QP_STATE_IDLE:
1312 			flush_qp(qhp);
1313 			set_state(qhp, C4IW_QP_STATE_IDLE);
1314 			qhp->attr.llp_stream_handle = NULL;
1315 			c4iw_put_ep(&qhp->ep->com);
1316 			qhp->ep = NULL;
1317 			wake_up(&qhp->wait);
1318 			break;
1319 		case C4IW_QP_STATE_ERROR:
1320 			goto err;
1321 		default:
1322 			ret = -EINVAL;
1323 			goto err;
1324 		}
1325 		break;
1326 	case C4IW_QP_STATE_ERROR:
1327 		if (attrs->next_state != C4IW_QP_STATE_IDLE) {
1328 			ret = -EINVAL;
1329 			goto out;
1330 		}
1331 		if (!t4_sq_empty(&qhp->wq) || !t4_rq_empty(&qhp->wq)) {
1332 			ret = -EINVAL;
1333 			goto out;
1334 		}
1335 		set_state(qhp, C4IW_QP_STATE_IDLE);
1336 		break;
1337 	case C4IW_QP_STATE_TERMINATE:
1338 		if (!internal) {
1339 			ret = -EINVAL;
1340 			goto out;
1341 		}
1342 		goto err;
1343 		break;
1344 	default:
1345 		printf("%s in a bad state %d\n",
1346 		       __func__, qhp->attr.state);
1347 		ret = -EINVAL;
1348 		goto err;
1349 		break;
1350 	}
1351 	goto out;
1352 err:
1353 	CTR3(KTR_IW_CXGBE, "%s disassociating ep %p qpid 0x%x", __func__,
1354 	    qhp->ep, qhp->wq.sq.qid);
1355 
1356 	/* disassociate the LLP connection */
1357 	qhp->attr.llp_stream_handle = NULL;
1358 	if (!ep)
1359 		ep = qhp->ep;
1360 	qhp->ep = NULL;
1361 	set_state(qhp, C4IW_QP_STATE_ERROR);
1362 	free = 1;
1363 	BUG_ON(!ep);
1364 	flush_qp(qhp);
1365 	wake_up(&qhp->wait);
1366 out:
1367 	mutex_unlock(&qhp->mutex);
1368 
1369 	if (terminate)
1370 		post_terminate(qhp, NULL, internal ? GFP_ATOMIC : GFP_KERNEL);
1371 
1372 	/*
1373 	 * If disconnect is 1, then we need to initiate a disconnect
1374 	 * on the EP.  This can be a normal close (RTS->CLOSING) or
1375 	 * an abnormal close (RTS/CLOSING->ERROR).
1376 	 */
1377 	if (disconnect) {
1378 		c4iw_ep_disconnect(ep, abort, internal ? GFP_ATOMIC :
1379 							 GFP_KERNEL);
1380 		c4iw_put_ep(&ep->com);
1381 	}
1382 
1383 	/*
1384 	 * If free is 1, then we've disassociated the EP from the QP
1385 	 * and we need to dereference the EP.
1386 	 */
1387 	if (free)
1388 		c4iw_put_ep(&ep->com);
1389 	CTR2(KTR_IW_CXGBE, "%s exit state %d", __func__, qhp->attr.state);
1390 	return ret;
1391 }
1392 
1393 int c4iw_destroy_qp(struct ib_qp *ib_qp)
1394 {
1395 	struct c4iw_dev *rhp;
1396 	struct c4iw_qp *qhp;
1397 	struct c4iw_qp_attributes attrs;
1398 	struct c4iw_ucontext *ucontext;
1399 
1400 	CTR2(KTR_IW_CXGBE, "%s ib_qp %p", __func__, ib_qp);
1401 	qhp = to_c4iw_qp(ib_qp);
1402 	rhp = qhp->rhp;
1403 
1404 	attrs.next_state = C4IW_QP_STATE_ERROR;
1405 	if (qhp->attr.state == C4IW_QP_STATE_TERMINATE)
1406 		c4iw_modify_qp(rhp, qhp, C4IW_QP_ATTR_NEXT_STATE, &attrs, 1);
1407 	else
1408 		c4iw_modify_qp(rhp, qhp, C4IW_QP_ATTR_NEXT_STATE, &attrs, 0);
1409 	wait_event(qhp->wait, !qhp->ep);
1410 
1411 	spin_lock_irq(&rhp->lock);
1412 	remove_handle_nolock(rhp, &rhp->qpidr, qhp->wq.sq.qid);
1413 	spin_unlock_irq(&rhp->lock);
1414 	atomic_dec(&qhp->refcnt);
1415 	wait_event(qhp->wait, !atomic_read(&qhp->refcnt));
1416 
1417 	ucontext = ib_qp->uobject ?
1418 		   to_c4iw_ucontext(ib_qp->uobject->context) : NULL;
1419 	destroy_qp(&rhp->rdev, &qhp->wq,
1420 		   ucontext ? &ucontext->uctx : &rhp->rdev.uctx);
1421 
1422 	CTR3(KTR_IW_CXGBE, "%s ib_qp %p qpid 0x%0x", __func__, ib_qp,
1423 	    qhp->wq.sq.qid);
1424 	kfree(qhp);
1425 	return 0;
1426 }
1427 
1428 struct ib_qp *
1429 c4iw_create_qp(struct ib_pd *pd, struct ib_qp_init_attr *attrs,
1430     struct ib_udata *udata)
1431 {
1432 	struct c4iw_dev *rhp;
1433 	struct c4iw_qp *qhp;
1434 	struct c4iw_pd *php;
1435 	struct c4iw_cq *schp;
1436 	struct c4iw_cq *rchp;
1437 	struct c4iw_create_qp_resp uresp;
1438 	int sqsize, rqsize;
1439 	struct c4iw_ucontext *ucontext;
1440 	int ret;
1441 	struct c4iw_mm_entry *mm1, *mm2, *mm3, *mm4;
1442 
1443 	CTR2(KTR_IW_CXGBE, "%s ib_pd %p", __func__, pd);
1444 
1445 	if (attrs->qp_type != IB_QPT_RC)
1446 		return ERR_PTR(-EINVAL);
1447 
1448 	php = to_c4iw_pd(pd);
1449 	rhp = php->rhp;
1450 	schp = get_chp(rhp, ((struct c4iw_cq *)attrs->send_cq)->cq.cqid);
1451 	rchp = get_chp(rhp, ((struct c4iw_cq *)attrs->recv_cq)->cq.cqid);
1452 	if (!schp || !rchp)
1453 		return ERR_PTR(-EINVAL);
1454 
1455 	if (attrs->cap.max_inline_data > T4_MAX_SEND_INLINE)
1456 		return ERR_PTR(-EINVAL);
1457 
1458 	rqsize = roundup(attrs->cap.max_recv_wr + 1, 16);
1459 	if (rqsize > T4_MAX_RQ_SIZE)
1460 		return ERR_PTR(-E2BIG);
1461 
1462 	sqsize = roundup(attrs->cap.max_send_wr + 1, 16);
1463 	if (sqsize > T4_MAX_SQ_SIZE)
1464 		return ERR_PTR(-E2BIG);
1465 
1466 	ucontext = pd->uobject ? to_c4iw_ucontext(pd->uobject->context) : NULL;
1467 
1468 
1469 	qhp = kzalloc(sizeof(*qhp), GFP_KERNEL);
1470 	if (!qhp)
1471 		return ERR_PTR(-ENOMEM);
1472 	qhp->wq.sq.size = sqsize;
1473 	qhp->wq.sq.memsize = (sqsize + 1) * sizeof *qhp->wq.sq.queue;
1474 	qhp->wq.rq.size = rqsize;
1475 	qhp->wq.rq.memsize = (rqsize + 1) * sizeof *qhp->wq.rq.queue;
1476 
1477 	if (ucontext) {
1478 		qhp->wq.sq.memsize = roundup(qhp->wq.sq.memsize, PAGE_SIZE);
1479 		qhp->wq.rq.memsize = roundup(qhp->wq.rq.memsize, PAGE_SIZE);
1480 	}
1481 
1482 	CTR5(KTR_IW_CXGBE, "%s sqsize %u sqmemsize %zu rqsize %u rqmemsize %zu",
1483 	    __func__, sqsize, qhp->wq.sq.memsize, rqsize, qhp->wq.rq.memsize);
1484 
1485 	ret = create_qp(&rhp->rdev, &qhp->wq, &schp->cq, &rchp->cq,
1486 			ucontext ? &ucontext->uctx : &rhp->rdev.uctx);
1487 	if (ret)
1488 		goto err1;
1489 
1490 	attrs->cap.max_recv_wr = rqsize - 1;
1491 	attrs->cap.max_send_wr = sqsize - 1;
1492 	attrs->cap.max_inline_data = T4_MAX_SEND_INLINE;
1493 
1494 	qhp->rhp = rhp;
1495 	qhp->attr.pd = php->pdid;
1496 	qhp->attr.scq = ((struct c4iw_cq *) attrs->send_cq)->cq.cqid;
1497 	qhp->attr.rcq = ((struct c4iw_cq *) attrs->recv_cq)->cq.cqid;
1498 	qhp->attr.sq_num_entries = attrs->cap.max_send_wr;
1499 	qhp->attr.rq_num_entries = attrs->cap.max_recv_wr;
1500 	qhp->attr.sq_max_sges = attrs->cap.max_send_sge;
1501 	qhp->attr.sq_max_sges_rdma_write = attrs->cap.max_send_sge;
1502 	qhp->attr.rq_max_sges = attrs->cap.max_recv_sge;
1503 	qhp->attr.state = C4IW_QP_STATE_IDLE;
1504 	qhp->attr.next_state = C4IW_QP_STATE_IDLE;
1505 	qhp->attr.enable_rdma_read = 1;
1506 	qhp->attr.enable_rdma_write = 1;
1507 	qhp->attr.enable_bind = 1;
1508 	qhp->attr.max_ord = 1;
1509 	qhp->attr.max_ird = 1;
1510 	qhp->sq_sig_all = attrs->sq_sig_type == IB_SIGNAL_ALL_WR;
1511 	spin_lock_init(&qhp->lock);
1512 	mutex_init(&qhp->mutex);
1513 	init_waitqueue_head(&qhp->wait);
1514 	atomic_set(&qhp->refcnt, 1);
1515 
1516 	spin_lock_irq(&rhp->lock);
1517 	ret = insert_handle_nolock(rhp, &rhp->qpidr, qhp, qhp->wq.sq.qid);
1518 	spin_unlock_irq(&rhp->lock);
1519 	if (ret)
1520 		goto err2;
1521 
1522 	if (udata) {
1523 		mm1 = kmalloc(sizeof *mm1, GFP_KERNEL);
1524 		if (!mm1) {
1525 			ret = -ENOMEM;
1526 			goto err3;
1527 		}
1528 		mm2 = kmalloc(sizeof *mm2, GFP_KERNEL);
1529 		if (!mm2) {
1530 			ret = -ENOMEM;
1531 			goto err4;
1532 		}
1533 		mm3 = kmalloc(sizeof *mm3, GFP_KERNEL);
1534 		if (!mm3) {
1535 			ret = -ENOMEM;
1536 			goto err5;
1537 		}
1538 		mm4 = kmalloc(sizeof *mm4, GFP_KERNEL);
1539 		if (!mm4) {
1540 			ret = -ENOMEM;
1541 			goto err6;
1542 		}
1543 		uresp.flags = 0;
1544 		uresp.qid_mask = rhp->rdev.qpmask;
1545 		uresp.sqid = qhp->wq.sq.qid;
1546 		uresp.sq_size = qhp->wq.sq.size;
1547 		uresp.sq_memsize = qhp->wq.sq.memsize;
1548 		uresp.rqid = qhp->wq.rq.qid;
1549 		uresp.rq_size = qhp->wq.rq.size;
1550 		uresp.rq_memsize = qhp->wq.rq.memsize;
1551 		spin_lock(&ucontext->mmap_lock);
1552 		uresp.sq_key = ucontext->key;
1553 		ucontext->key += PAGE_SIZE;
1554 		uresp.rq_key = ucontext->key;
1555 		ucontext->key += PAGE_SIZE;
1556 		uresp.sq_db_gts_key = ucontext->key;
1557 		ucontext->key += PAGE_SIZE;
1558 		uresp.rq_db_gts_key = ucontext->key;
1559 		ucontext->key += PAGE_SIZE;
1560 		spin_unlock(&ucontext->mmap_lock);
1561 		ret = ib_copy_to_udata(udata, &uresp, sizeof uresp);
1562 		if (ret)
1563 			goto err7;
1564 		mm1->key = uresp.sq_key;
1565 		mm1->addr = qhp->wq.sq.phys_addr;
1566 		mm1->len = PAGE_ALIGN(qhp->wq.sq.memsize);
1567 		CTR4(KTR_IW_CXGBE, "%s mm1 %x, %x, %d", __func__, mm1->key,
1568 		    mm1->addr, mm1->len);
1569 		insert_mmap(ucontext, mm1);
1570 		mm2->key = uresp.rq_key;
1571 		mm2->addr = vtophys(qhp->wq.rq.queue);
1572 		mm2->len = PAGE_ALIGN(qhp->wq.rq.memsize);
1573 		CTR4(KTR_IW_CXGBE, "%s mm2 %x, %x, %d", __func__, mm2->key,
1574 		    mm2->addr, mm2->len);
1575 		insert_mmap(ucontext, mm2);
1576 		mm3->key = uresp.sq_db_gts_key;
1577 		mm3->addr = qhp->wq.sq.udb;
1578 		mm3->len = PAGE_SIZE;
1579 		CTR4(KTR_IW_CXGBE, "%s mm3 %x, %x, %d", __func__, mm3->key,
1580 		    mm3->addr, mm3->len);
1581 		insert_mmap(ucontext, mm3);
1582 		mm4->key = uresp.rq_db_gts_key;
1583 		mm4->addr = qhp->wq.rq.udb;
1584 		mm4->len = PAGE_SIZE;
1585 		CTR4(KTR_IW_CXGBE, "%s mm4 %x, %x, %d", __func__, mm4->key,
1586 		    mm4->addr, mm4->len);
1587 		insert_mmap(ucontext, mm4);
1588 	}
1589 	qhp->ibqp.qp_num = qhp->wq.sq.qid;
1590 	init_timer(&(qhp->timer));
1591 	CTR5(KTR_IW_CXGBE,
1592 	    "%s qhp %p sq_num_entries %d, rq_num_entries %d qpid 0x%0x",
1593 	    __func__, qhp, qhp->attr.sq_num_entries, qhp->attr.rq_num_entries,
1594 	    qhp->wq.sq.qid);
1595 	return &qhp->ibqp;
1596 err7:
1597 	kfree(mm4);
1598 err6:
1599 	kfree(mm3);
1600 err5:
1601 	kfree(mm2);
1602 err4:
1603 	kfree(mm1);
1604 err3:
1605 	remove_handle(rhp, &rhp->qpidr, qhp->wq.sq.qid);
1606 err2:
1607 	destroy_qp(&rhp->rdev, &qhp->wq,
1608 		   ucontext ? &ucontext->uctx : &rhp->rdev.uctx);
1609 err1:
1610 	kfree(qhp);
1611 	return ERR_PTR(ret);
1612 }
1613 
1614 int c4iw_ib_modify_qp(struct ib_qp *ibqp, struct ib_qp_attr *attr,
1615 		      int attr_mask, struct ib_udata *udata)
1616 {
1617 	struct c4iw_dev *rhp;
1618 	struct c4iw_qp *qhp;
1619 	enum c4iw_qp_attr_mask mask = 0;
1620 	struct c4iw_qp_attributes attrs;
1621 
1622 	CTR2(KTR_IW_CXGBE, "%s ib_qp %p", __func__, ibqp);
1623 
1624 	/* iwarp does not support the RTR state */
1625 	if ((attr_mask & IB_QP_STATE) && (attr->qp_state == IB_QPS_RTR))
1626 		attr_mask &= ~IB_QP_STATE;
1627 
1628 	/* Make sure we still have something left to do */
1629 	if (!attr_mask)
1630 		return 0;
1631 
1632 	memset(&attrs, 0, sizeof attrs);
1633 	qhp = to_c4iw_qp(ibqp);
1634 	rhp = qhp->rhp;
1635 
1636 	attrs.next_state = c4iw_convert_state(attr->qp_state);
1637 	attrs.enable_rdma_read = (attr->qp_access_flags &
1638 			       IB_ACCESS_REMOTE_READ) ?  1 : 0;
1639 	attrs.enable_rdma_write = (attr->qp_access_flags &
1640 				IB_ACCESS_REMOTE_WRITE) ? 1 : 0;
1641 	attrs.enable_bind = (attr->qp_access_flags & IB_ACCESS_MW_BIND) ? 1 : 0;
1642 
1643 
1644 	mask |= (attr_mask & IB_QP_STATE) ? C4IW_QP_ATTR_NEXT_STATE : 0;
1645 	mask |= (attr_mask & IB_QP_ACCESS_FLAGS) ?
1646 			(C4IW_QP_ATTR_ENABLE_RDMA_READ |
1647 			 C4IW_QP_ATTR_ENABLE_RDMA_WRITE |
1648 			 C4IW_QP_ATTR_ENABLE_RDMA_BIND) : 0;
1649 
1650 	return c4iw_modify_qp(rhp, qhp, mask, &attrs, 0);
1651 }
1652 
1653 struct ib_qp *c4iw_get_qp(struct ib_device *dev, int qpn)
1654 {
1655 	CTR3(KTR_IW_CXGBE, "%s ib_dev %p qpn 0x%x", __func__, dev, qpn);
1656 	return (struct ib_qp *)get_qhp(to_c4iw_dev(dev), qpn);
1657 }
1658 
1659 int c4iw_ib_query_qp(struct ib_qp *ibqp, struct ib_qp_attr *attr,
1660 		     int attr_mask, struct ib_qp_init_attr *init_attr)
1661 {
1662 	struct c4iw_qp *qhp = to_c4iw_qp(ibqp);
1663 
1664 	memset(attr, 0, sizeof *attr);
1665 	memset(init_attr, 0, sizeof *init_attr);
1666 	attr->qp_state = to_ib_qp_state(qhp->attr.state);
1667 	init_attr->cap.max_send_wr = qhp->attr.sq_num_entries;
1668 	init_attr->cap.max_recv_wr = qhp->attr.rq_num_entries;
1669 	init_attr->cap.max_send_sge = qhp->attr.sq_max_sges;
1670 	init_attr->cap.max_recv_sge = qhp->attr.sq_max_sges;
1671 	init_attr->cap.max_inline_data = T4_MAX_SEND_INLINE;
1672 	init_attr->sq_sig_type = qhp->sq_sig_all ? IB_SIGNAL_ALL_WR : 0;
1673 	return 0;
1674 }
1675 #endif
1676