xref: /freebsd/sys/dev/cxgbe/iw_cxgbe/qp.c (revision eb9da1ada8b6b2c74378a5c17029ec5a7fb199e6)
1 /*
2  * Copyright (c) 2009-2013 Chelsio, Inc. All rights reserved.
3  *
4  * This software is available to you under a choice of one of two
5  * licenses.  You may choose to be licensed under the terms of the GNU
6  * General Public License (GPL) Version 2, available from the file
7  * COPYING in the main directory of this source tree, or the
8  * OpenIB.org BSD license below:
9  *
10  *     Redistribution and use in source and binary forms, with or
11  *     without modification, are permitted provided that the following
12  *     conditions are met:
13  *
14  *      - Redistributions of source code must retain the above
15  *        copyright notice, this list of conditions and the following
16  *        disclaimer.
17  *
18  *      - Redistributions in binary form must reproduce the above
19  *        copyright notice, this list of conditions and the following
20  *        disclaimer in the documentation and/or other materials
21  *        provided with the distribution.
22  *
23  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
24  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
25  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
26  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
27  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
28  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
29  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
30  * SOFTWARE.
31  */
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
34 
35 #include "opt_inet.h"
36 
37 #ifdef TCP_OFFLOAD
38 #include <sys/types.h>
39 #include <sys/malloc.h>
40 #include <sys/socket.h>
41 #include <sys/socketvar.h>
42 #include <sys/sockio.h>
43 #include <sys/taskqueue.h>
44 #include <netinet/in.h>
45 #include <net/route.h>
46 
47 #include <netinet/in_systm.h>
48 #include <netinet/in_pcb.h>
49 #include <netinet/ip.h>
50 #include <netinet/ip_var.h>
51 #include <netinet/tcp_var.h>
52 #include <netinet/tcp.h>
53 #include <netinet/tcpip.h>
54 
55 #include <netinet/toecore.h>
56 
57 struct sge_iq;
58 struct rss_header;
59 struct cpl_set_tcb_rpl;
60 #include <linux/types.h>
61 #include "offload.h"
62 #include "tom/t4_tom.h"
63 
64 #include "iw_cxgbe.h"
65 #include "user.h"
66 
67 extern int db_delay_usecs;
68 extern int db_fc_threshold;
69 static void creds(struct toepcb *toep, size_t wrsize);
70 
71 
72 static void set_state(struct c4iw_qp *qhp, enum c4iw_qp_state state)
73 {
74 	unsigned long flag;
75 	spin_lock_irqsave(&qhp->lock, flag);
76 	qhp->attr.state = state;
77 	spin_unlock_irqrestore(&qhp->lock, flag);
78 }
79 
80 static void dealloc_host_sq(struct c4iw_rdev *rdev, struct t4_sq *sq)
81 {
82 
83 	contigfree(sq->queue, sq->memsize, M_DEVBUF);
84 }
85 
86 static void dealloc_sq(struct c4iw_rdev *rdev, struct t4_sq *sq)
87 {
88 
89 	dealloc_host_sq(rdev, sq);
90 }
91 
92 static int alloc_host_sq(struct c4iw_rdev *rdev, struct t4_sq *sq)
93 {
94 	sq->queue = contigmalloc(sq->memsize, M_DEVBUF, M_NOWAIT, 0ul, ~0ul,
95 	    4096, 0);
96 
97 	if (sq->queue)
98 		sq->dma_addr = vtophys(sq->queue);
99 	else
100 		return -ENOMEM;
101 	sq->phys_addr = vtophys(sq->queue);
102 	pci_unmap_addr_set(sq, mapping, sq->dma_addr);
103 	CTR4(KTR_IW_CXGBE, "%s sq %p dma_addr %p phys_addr %p", __func__,
104 	    sq->queue, sq->dma_addr, sq->phys_addr);
105 	return 0;
106 }
107 
108 static int destroy_qp(struct c4iw_rdev *rdev, struct t4_wq *wq,
109 		      struct c4iw_dev_ucontext *uctx)
110 {
111 	/*
112 	 * uP clears EQ contexts when the connection exits rdma mode,
113 	 * so no need to post a RESET WR for these EQs.
114 	 */
115 	contigfree(wq->rq.queue, wq->rq.memsize, M_DEVBUF);
116 	dealloc_sq(rdev, &wq->sq);
117 	c4iw_rqtpool_free(rdev, wq->rq.rqt_hwaddr, wq->rq.rqt_size);
118 	kfree(wq->rq.sw_rq);
119 	kfree(wq->sq.sw_sq);
120 	c4iw_put_qpid(rdev, wq->rq.qid, uctx);
121 	c4iw_put_qpid(rdev, wq->sq.qid, uctx);
122 	return 0;
123 }
124 
125 static int create_qp(struct c4iw_rdev *rdev, struct t4_wq *wq,
126 		     struct t4_cq *rcq, struct t4_cq *scq,
127 		     struct c4iw_dev_ucontext *uctx)
128 {
129 	struct adapter *sc = rdev->adap;
130 	int user = (uctx != &rdev->uctx);
131 	struct fw_ri_res_wr *res_wr;
132 	struct fw_ri_res *res;
133 	int wr_len;
134 	struct c4iw_wr_wait wr_wait;
135 	int ret;
136 	int eqsize;
137 	struct wrqe *wr;
138 
139 	wq->sq.qid = c4iw_get_qpid(rdev, uctx);
140 	if (!wq->sq.qid)
141 		return -ENOMEM;
142 
143 	wq->rq.qid = c4iw_get_qpid(rdev, uctx);
144 	if (!wq->rq.qid)
145 		goto err1;
146 
147 	if (!user) {
148 		wq->sq.sw_sq = kzalloc(wq->sq.size * sizeof *wq->sq.sw_sq,
149 				 GFP_KERNEL);
150 		if (!wq->sq.sw_sq)
151 			goto err2;
152 
153 		wq->rq.sw_rq = kzalloc(wq->rq.size * sizeof *wq->rq.sw_rq,
154 				 GFP_KERNEL);
155 		if (!wq->rq.sw_rq)
156 			goto err3;
157 	}
158 
159 	/* RQT must be a power of 2. */
160 	wq->rq.rqt_size = roundup_pow_of_two(wq->rq.size);
161 	wq->rq.rqt_hwaddr = c4iw_rqtpool_alloc(rdev, wq->rq.rqt_size);
162 	if (!wq->rq.rqt_hwaddr)
163 		goto err4;
164 
165 	if (alloc_host_sq(rdev, &wq->sq))
166 		goto err5;
167 
168 	memset(wq->sq.queue, 0, wq->sq.memsize);
169 	pci_unmap_addr_set(&wq->sq, mapping, wq->sq.dma_addr);
170 
171 	wq->rq.queue = contigmalloc(wq->rq.memsize,
172             M_DEVBUF, M_NOWAIT, 0ul, ~0ul, 4096, 0);
173         if (wq->rq.queue)
174                 wq->rq.dma_addr = vtophys(wq->rq.queue);
175         else
176                 goto err6;
177 	CTR5(KTR_IW_CXGBE,
178 	    "%s sq base va 0x%p pa 0x%llx rq base va 0x%p pa 0x%llx", __func__,
179 	    wq->sq.queue, (unsigned long long)vtophys(wq->sq.queue),
180 	    wq->rq.queue, (unsigned long long)vtophys(wq->rq.queue));
181 	memset(wq->rq.queue, 0, wq->rq.memsize);
182 	pci_unmap_addr_set(&wq->rq, mapping, wq->rq.dma_addr);
183 
184 	wq->db = (void *)((unsigned long)rman_get_virtual(sc->regs_res) +
185 	    sc->sge_kdoorbell_reg);
186 	wq->gts = (void *)((unsigned long)rman_get_virtual(rdev->adap->regs_res)
187 			   + sc->sge_gts_reg);
188 	if (user) {
189 		wq->sq.udb = (u64)((char*)rman_get_virtual(rdev->adap->udbs_res) +
190 						(wq->sq.qid << rdev->qpshift));
191 		wq->sq.udb &= PAGE_MASK;
192 		wq->rq.udb = (u64)((char*)rman_get_virtual(rdev->adap->udbs_res) +
193 						(wq->rq.qid << rdev->qpshift));
194 		wq->rq.udb &= PAGE_MASK;
195 	}
196 	wq->rdev = rdev;
197 	wq->rq.msn = 1;
198 
199 	/* build fw_ri_res_wr */
200 	wr_len = sizeof *res_wr + 2 * sizeof *res;
201 
202 	wr = alloc_wrqe(wr_len, &sc->sge.mgmtq);
203         if (wr == NULL)
204 		return (0);
205         res_wr = wrtod(wr);
206 
207 	memset(res_wr, 0, wr_len);
208 	res_wr->op_nres = cpu_to_be32(
209 			V_FW_WR_OP(FW_RI_RES_WR) |
210 			V_FW_RI_RES_WR_NRES(2) |
211 			F_FW_WR_COMPL);
212 	res_wr->len16_pkd = cpu_to_be32(DIV_ROUND_UP(wr_len, 16));
213 	res_wr->cookie = (unsigned long) &wr_wait;
214 	res = res_wr->res;
215 	res->u.sqrq.restype = FW_RI_RES_TYPE_SQ;
216 	res->u.sqrq.op = FW_RI_RES_OP_WRITE;
217 
218 	/* eqsize is the number of 64B entries plus the status page size. */
219 	eqsize = wq->sq.size * T4_SQ_NUM_SLOTS +
220 	    (sc->params.sge.spg_len / EQ_ESIZE);
221 
222 	res->u.sqrq.fetchszm_to_iqid = cpu_to_be32(
223 		V_FW_RI_RES_WR_HOSTFCMODE(0) |	/* no host cidx updates */
224 		V_FW_RI_RES_WR_CPRIO(0) |	/* don't keep in chip cache */
225 		V_FW_RI_RES_WR_PCIECHN(0) |	/* set by uP at ri_init time */
226 		V_FW_RI_RES_WR_IQID(scq->cqid));
227 	res->u.sqrq.dcaen_to_eqsize = cpu_to_be32(
228 		V_FW_RI_RES_WR_DCAEN(0) |
229 		V_FW_RI_RES_WR_DCACPU(0) |
230 		V_FW_RI_RES_WR_FBMIN(2) |
231 		V_FW_RI_RES_WR_FBMAX(2) |
232 		V_FW_RI_RES_WR_CIDXFTHRESHO(0) |
233 		V_FW_RI_RES_WR_CIDXFTHRESH(0) |
234 		V_FW_RI_RES_WR_EQSIZE(eqsize));
235 	res->u.sqrq.eqid = cpu_to_be32(wq->sq.qid);
236 	res->u.sqrq.eqaddr = cpu_to_be64(wq->sq.dma_addr);
237 	res++;
238 	res->u.sqrq.restype = FW_RI_RES_TYPE_RQ;
239 	res->u.sqrq.op = FW_RI_RES_OP_WRITE;
240 
241 	/* eqsize is the number of 64B entries plus the status page size. */
242 	eqsize = wq->rq.size * T4_RQ_NUM_SLOTS +
243 	    (sc->params.sge.spg_len / EQ_ESIZE);
244 	res->u.sqrq.fetchszm_to_iqid = cpu_to_be32(
245 		V_FW_RI_RES_WR_HOSTFCMODE(0) |	/* no host cidx updates */
246 		V_FW_RI_RES_WR_CPRIO(0) |	/* don't keep in chip cache */
247 		V_FW_RI_RES_WR_PCIECHN(0) |	/* set by uP at ri_init time */
248 		V_FW_RI_RES_WR_IQID(rcq->cqid));
249 	res->u.sqrq.dcaen_to_eqsize = cpu_to_be32(
250 		V_FW_RI_RES_WR_DCAEN(0) |
251 		V_FW_RI_RES_WR_DCACPU(0) |
252 		V_FW_RI_RES_WR_FBMIN(2) |
253 		V_FW_RI_RES_WR_FBMAX(2) |
254 		V_FW_RI_RES_WR_CIDXFTHRESHO(0) |
255 		V_FW_RI_RES_WR_CIDXFTHRESH(0) |
256 		V_FW_RI_RES_WR_EQSIZE(eqsize));
257 	res->u.sqrq.eqid = cpu_to_be32(wq->rq.qid);
258 	res->u.sqrq.eqaddr = cpu_to_be64(wq->rq.dma_addr);
259 
260 	c4iw_init_wr_wait(&wr_wait);
261 
262 	t4_wrq_tx(sc, wr);
263 	ret = c4iw_wait_for_reply(rdev, &wr_wait, 0, wq->sq.qid, __func__);
264 	if (ret)
265 		goto err7;
266 
267 	CTR6(KTR_IW_CXGBE,
268 	    "%s sqid 0x%x rqid 0x%x kdb 0x%p squdb 0x%llx rqudb 0x%llx",
269 	    __func__, wq->sq.qid, wq->rq.qid, wq->db,
270 	    (unsigned long long)wq->sq.udb, (unsigned long long)wq->rq.udb);
271 
272 	return 0;
273 err7:
274 	contigfree(wq->rq.queue, wq->rq.memsize, M_DEVBUF);
275 err6:
276 	dealloc_sq(rdev, &wq->sq);
277 err5:
278 	c4iw_rqtpool_free(rdev, wq->rq.rqt_hwaddr, wq->rq.rqt_size);
279 err4:
280 	kfree(wq->rq.sw_rq);
281 err3:
282 	kfree(wq->sq.sw_sq);
283 err2:
284 	c4iw_put_qpid(rdev, wq->rq.qid, uctx);
285 err1:
286 	c4iw_put_qpid(rdev, wq->sq.qid, uctx);
287 	return -ENOMEM;
288 }
289 
290 static int build_immd(struct t4_sq *sq, struct fw_ri_immd *immdp,
291 		      struct ib_send_wr *wr, int max, u32 *plenp)
292 {
293 	u8 *dstp, *srcp;
294 	u32 plen = 0;
295 	int i;
296 	int rem, len;
297 
298 	dstp = (u8 *)immdp->data;
299 	for (i = 0; i < wr->num_sge; i++) {
300 		if ((plen + wr->sg_list[i].length) > max)
301 			return -EMSGSIZE;
302 		srcp = (u8 *)(unsigned long)wr->sg_list[i].addr;
303 		plen += wr->sg_list[i].length;
304 		rem = wr->sg_list[i].length;
305 		while (rem) {
306 			if (dstp == (u8 *)&sq->queue[sq->size])
307 				dstp = (u8 *)sq->queue;
308 			if (rem <= (u8 *)&sq->queue[sq->size] - dstp)
309 				len = rem;
310 			else
311 				len = (u8 *)&sq->queue[sq->size] - dstp;
312 			memcpy(dstp, srcp, len);
313 			dstp += len;
314 			srcp += len;
315 			rem -= len;
316 		}
317 	}
318 	len = roundup(plen + sizeof *immdp, 16) - (plen + sizeof *immdp);
319 	if (len)
320 		memset(dstp, 0, len);
321 	immdp->op = FW_RI_DATA_IMMD;
322 	immdp->r1 = 0;
323 	immdp->r2 = 0;
324 	immdp->immdlen = cpu_to_be32(plen);
325 	*plenp = plen;
326 	return 0;
327 }
328 
329 static int build_isgl(__be64 *queue_start, __be64 *queue_end,
330 		      struct fw_ri_isgl *isglp, struct ib_sge *sg_list,
331 		      int num_sge, u32 *plenp)
332 
333 {
334 	int i;
335 	u32 plen = 0;
336 	__be64 *flitp = (__be64 *)isglp->sge;
337 
338 	for (i = 0; i < num_sge; i++) {
339 		if ((plen + sg_list[i].length) < plen)
340 			return -EMSGSIZE;
341 		plen += sg_list[i].length;
342 		*flitp = cpu_to_be64(((u64)sg_list[i].lkey << 32) |
343 				     sg_list[i].length);
344 		if (++flitp == queue_end)
345 			flitp = queue_start;
346 		*flitp = cpu_to_be64(sg_list[i].addr);
347 		if (++flitp == queue_end)
348 			flitp = queue_start;
349 	}
350 	*flitp = (__force __be64)0;
351 	isglp->op = FW_RI_DATA_ISGL;
352 	isglp->r1 = 0;
353 	isglp->nsge = cpu_to_be16(num_sge);
354 	isglp->r2 = 0;
355 	if (plenp)
356 		*plenp = plen;
357 	return 0;
358 }
359 
360 static int build_rdma_send(struct t4_sq *sq, union t4_wr *wqe,
361 			   struct ib_send_wr *wr, u8 *len16)
362 {
363 	u32 plen;
364 	int size;
365 	int ret;
366 
367 	if (wr->num_sge > T4_MAX_SEND_SGE)
368 		return -EINVAL;
369 	switch (wr->opcode) {
370 	case IB_WR_SEND:
371 		if (wr->send_flags & IB_SEND_SOLICITED)
372 			wqe->send.sendop_pkd = cpu_to_be32(
373 				V_FW_RI_SEND_WR_SENDOP(FW_RI_SEND_WITH_SE));
374 		else
375 			wqe->send.sendop_pkd = cpu_to_be32(
376 				V_FW_RI_SEND_WR_SENDOP(FW_RI_SEND));
377 		wqe->send.stag_inv = 0;
378 		break;
379 	case IB_WR_SEND_WITH_INV:
380 		if (wr->send_flags & IB_SEND_SOLICITED)
381 			wqe->send.sendop_pkd = cpu_to_be32(
382 				V_FW_RI_SEND_WR_SENDOP(FW_RI_SEND_WITH_SE_INV));
383 		else
384 			wqe->send.sendop_pkd = cpu_to_be32(
385 				V_FW_RI_SEND_WR_SENDOP(FW_RI_SEND_WITH_INV));
386 		wqe->send.stag_inv = cpu_to_be32(wr->ex.invalidate_rkey);
387 		break;
388 
389 	default:
390 		return -EINVAL;
391 	}
392 
393 	plen = 0;
394 	if (wr->num_sge) {
395 		if (wr->send_flags & IB_SEND_INLINE) {
396 			ret = build_immd(sq, wqe->send.u.immd_src, wr,
397 					 T4_MAX_SEND_INLINE, &plen);
398 			if (ret)
399 				return ret;
400 			size = sizeof wqe->send + sizeof(struct fw_ri_immd) +
401 			       plen;
402 		} else {
403 			ret = build_isgl((__be64 *)sq->queue,
404 					 (__be64 *)&sq->queue[sq->size],
405 					 wqe->send.u.isgl_src,
406 					 wr->sg_list, wr->num_sge, &plen);
407 			if (ret)
408 				return ret;
409 			size = sizeof wqe->send + sizeof(struct fw_ri_isgl) +
410 			       wr->num_sge * sizeof(struct fw_ri_sge);
411 		}
412 	} else {
413 		wqe->send.u.immd_src[0].op = FW_RI_DATA_IMMD;
414 		wqe->send.u.immd_src[0].r1 = 0;
415 		wqe->send.u.immd_src[0].r2 = 0;
416 		wqe->send.u.immd_src[0].immdlen = 0;
417 		size = sizeof wqe->send + sizeof(struct fw_ri_immd);
418 		plen = 0;
419 	}
420 	*len16 = DIV_ROUND_UP(size, 16);
421 	wqe->send.plen = cpu_to_be32(plen);
422 	return 0;
423 }
424 
425 static int build_rdma_write(struct t4_sq *sq, union t4_wr *wqe,
426 			    struct ib_send_wr *wr, u8 *len16)
427 {
428 	u32 plen;
429 	int size;
430 	int ret;
431 
432 	if (wr->num_sge > T4_MAX_SEND_SGE)
433 		return -EINVAL;
434 	wqe->write.r2 = 0;
435 	wqe->write.stag_sink = cpu_to_be32(wr->wr.rdma.rkey);
436 	wqe->write.to_sink = cpu_to_be64(wr->wr.rdma.remote_addr);
437 	if (wr->num_sge) {
438 		if (wr->send_flags & IB_SEND_INLINE) {
439 			ret = build_immd(sq, wqe->write.u.immd_src, wr,
440 					 T4_MAX_WRITE_INLINE, &plen);
441 			if (ret)
442 				return ret;
443 			size = sizeof wqe->write + sizeof(struct fw_ri_immd) +
444 			       plen;
445 		} else {
446 			ret = build_isgl((__be64 *)sq->queue,
447 					 (__be64 *)&sq->queue[sq->size],
448 					 wqe->write.u.isgl_src,
449 					 wr->sg_list, wr->num_sge, &plen);
450 			if (ret)
451 				return ret;
452 			size = sizeof wqe->write + sizeof(struct fw_ri_isgl) +
453 			       wr->num_sge * sizeof(struct fw_ri_sge);
454 		}
455 	} else {
456 		wqe->write.u.immd_src[0].op = FW_RI_DATA_IMMD;
457 		wqe->write.u.immd_src[0].r1 = 0;
458 		wqe->write.u.immd_src[0].r2 = 0;
459 		wqe->write.u.immd_src[0].immdlen = 0;
460 		size = sizeof wqe->write + sizeof(struct fw_ri_immd);
461 		plen = 0;
462 	}
463 	*len16 = DIV_ROUND_UP(size, 16);
464 	wqe->write.plen = cpu_to_be32(plen);
465 	return 0;
466 }
467 
468 static int build_rdma_read(union t4_wr *wqe, struct ib_send_wr *wr, u8 *len16)
469 {
470 	if (wr->num_sge > 1)
471 		return -EINVAL;
472 	if (wr->num_sge) {
473 		wqe->read.stag_src = cpu_to_be32(wr->wr.rdma.rkey);
474 		wqe->read.to_src_hi = cpu_to_be32((u32)(wr->wr.rdma.remote_addr
475 							>> 32));
476 		wqe->read.to_src_lo = cpu_to_be32((u32)wr->wr.rdma.remote_addr);
477 		wqe->read.stag_sink = cpu_to_be32(wr->sg_list[0].lkey);
478 		wqe->read.plen = cpu_to_be32(wr->sg_list[0].length);
479 		wqe->read.to_sink_hi = cpu_to_be32((u32)(wr->sg_list[0].addr
480 							 >> 32));
481 		wqe->read.to_sink_lo = cpu_to_be32((u32)(wr->sg_list[0].addr));
482 	} else {
483 		wqe->read.stag_src = cpu_to_be32(2);
484 		wqe->read.to_src_hi = 0;
485 		wqe->read.to_src_lo = 0;
486 		wqe->read.stag_sink = cpu_to_be32(2);
487 		wqe->read.plen = 0;
488 		wqe->read.to_sink_hi = 0;
489 		wqe->read.to_sink_lo = 0;
490 	}
491 	wqe->read.r2 = 0;
492 	wqe->read.r5 = 0;
493 	*len16 = DIV_ROUND_UP(sizeof wqe->read, 16);
494 	return 0;
495 }
496 
497 static int build_rdma_recv(struct c4iw_qp *qhp, union t4_recv_wr *wqe,
498 			   struct ib_recv_wr *wr, u8 *len16)
499 {
500 	int ret;
501 
502 	ret = build_isgl((__be64 *)qhp->wq.rq.queue,
503 			 (__be64 *)&qhp->wq.rq.queue[qhp->wq.rq.size],
504 			 &wqe->recv.isgl, wr->sg_list, wr->num_sge, NULL);
505 	if (ret)
506 		return ret;
507 	*len16 = DIV_ROUND_UP(sizeof wqe->recv +
508 			      wr->num_sge * sizeof(struct fw_ri_sge), 16);
509 	return 0;
510 }
511 
512 static int build_fastreg(struct t4_sq *sq, union t4_wr *wqe,
513 			 struct ib_send_wr *wr, u8 *len16)
514 {
515 
516 	struct fw_ri_immd *imdp;
517 	__be64 *p;
518 	int i;
519 	int pbllen = roundup(wr->wr.fast_reg.page_list_len * sizeof(u64), 32);
520 	int rem;
521 
522 	if (wr->wr.fast_reg.page_list_len > T4_MAX_FR_DEPTH)
523 		return -EINVAL;
524 
525 	wqe->fr.qpbinde_to_dcacpu = 0;
526 	wqe->fr.pgsz_shift = wr->wr.fast_reg.page_shift - 12;
527 	wqe->fr.addr_type = FW_RI_VA_BASED_TO;
528 	wqe->fr.mem_perms = c4iw_ib_to_tpt_access(wr->wr.fast_reg.access_flags);
529 	wqe->fr.len_hi = 0;
530 	wqe->fr.len_lo = cpu_to_be32(wr->wr.fast_reg.length);
531 	wqe->fr.stag = cpu_to_be32(wr->wr.fast_reg.rkey);
532 	wqe->fr.va_hi = cpu_to_be32(wr->wr.fast_reg.iova_start >> 32);
533 	wqe->fr.va_lo_fbo = cpu_to_be32(wr->wr.fast_reg.iova_start &
534 					0xffffffff);
535 	WARN_ON(pbllen > T4_MAX_FR_IMMD);
536 	imdp = (struct fw_ri_immd *)(&wqe->fr + 1);
537 	imdp->op = FW_RI_DATA_IMMD;
538 	imdp->r1 = 0;
539 	imdp->r2 = 0;
540 	imdp->immdlen = cpu_to_be32(pbllen);
541 	p = (__be64 *)(imdp + 1);
542 	rem = pbllen;
543 	for (i = 0; i < wr->wr.fast_reg.page_list_len; i++) {
544 		*p = cpu_to_be64((u64)wr->wr.fast_reg.page_list->page_list[i]);
545 		rem -= sizeof *p;
546 		if (++p == (__be64 *)&sq->queue[sq->size])
547 			p = (__be64 *)sq->queue;
548 	}
549 	BUG_ON(rem < 0);
550 	while (rem) {
551 		*p = 0;
552 		rem -= sizeof *p;
553 		if (++p == (__be64 *)&sq->queue[sq->size])
554 			p = (__be64 *)sq->queue;
555 	}
556 	*len16 = DIV_ROUND_UP(sizeof wqe->fr + sizeof *imdp + pbllen, 16);
557 	return 0;
558 }
559 
560 static int build_inv_stag(union t4_wr *wqe, struct ib_send_wr *wr,
561 			  u8 *len16)
562 {
563 	wqe->inv.stag_inv = cpu_to_be32(wr->ex.invalidate_rkey);
564 	wqe->inv.r2 = 0;
565 	*len16 = DIV_ROUND_UP(sizeof wqe->inv, 16);
566 	return 0;
567 }
568 
569 void c4iw_qp_add_ref(struct ib_qp *qp)
570 {
571 	CTR2(KTR_IW_CXGBE, "%s ib_qp %p", __func__, qp);
572 	atomic_inc(&(to_c4iw_qp(qp)->refcnt));
573 }
574 
575 void c4iw_qp_rem_ref(struct ib_qp *qp)
576 {
577 	CTR2(KTR_IW_CXGBE, "%s ib_qp %p", __func__, qp);
578 	if (atomic_dec_and_test(&(to_c4iw_qp(qp)->refcnt)))
579 		wake_up(&(to_c4iw_qp(qp)->wait));
580 }
581 
582 int c4iw_post_send(struct ib_qp *ibqp, struct ib_send_wr *wr,
583 		   struct ib_send_wr **bad_wr)
584 {
585 	int err = 0;
586 	u8 len16 = 0;
587 	enum fw_wr_opcodes fw_opcode = 0;
588 	enum fw_ri_wr_flags fw_flags;
589 	struct c4iw_qp *qhp;
590 	union t4_wr *wqe;
591 	u32 num_wrs;
592 	struct t4_swsqe *swsqe;
593 	unsigned long flag;
594 	u16 idx = 0;
595 
596 	qhp = to_c4iw_qp(ibqp);
597 	spin_lock_irqsave(&qhp->lock, flag);
598 	if (t4_wq_in_error(&qhp->wq)) {
599 		spin_unlock_irqrestore(&qhp->lock, flag);
600 		return -EINVAL;
601 	}
602 	num_wrs = t4_sq_avail(&qhp->wq);
603 	if (num_wrs == 0) {
604 		spin_unlock_irqrestore(&qhp->lock, flag);
605 		return -ENOMEM;
606 	}
607 	while (wr) {
608 		if (num_wrs == 0) {
609 			err = -ENOMEM;
610 			*bad_wr = wr;
611 			break;
612 		}
613 		wqe = (union t4_wr *)((u8 *)qhp->wq.sq.queue +
614 		      qhp->wq.sq.wq_pidx * T4_EQ_ENTRY_SIZE);
615 
616 		fw_flags = 0;
617 		if (wr->send_flags & IB_SEND_SOLICITED)
618 			fw_flags |= FW_RI_SOLICITED_EVENT_FLAG;
619 		if (wr->send_flags & IB_SEND_SIGNALED || qhp->sq_sig_all)
620 			fw_flags |= FW_RI_COMPLETION_FLAG;
621 		swsqe = &qhp->wq.sq.sw_sq[qhp->wq.sq.pidx];
622 		switch (wr->opcode) {
623 		case IB_WR_SEND_WITH_INV:
624 		case IB_WR_SEND:
625 			if (wr->send_flags & IB_SEND_FENCE)
626 				fw_flags |= FW_RI_READ_FENCE_FLAG;
627 			fw_opcode = FW_RI_SEND_WR;
628 			if (wr->opcode == IB_WR_SEND)
629 				swsqe->opcode = FW_RI_SEND;
630 			else
631 				swsqe->opcode = FW_RI_SEND_WITH_INV;
632 			err = build_rdma_send(&qhp->wq.sq, wqe, wr, &len16);
633 			break;
634 		case IB_WR_RDMA_WRITE:
635 			fw_opcode = FW_RI_RDMA_WRITE_WR;
636 			swsqe->opcode = FW_RI_RDMA_WRITE;
637 			err = build_rdma_write(&qhp->wq.sq, wqe, wr, &len16);
638 			break;
639 		case IB_WR_RDMA_READ:
640 		case IB_WR_RDMA_READ_WITH_INV:
641 			fw_opcode = FW_RI_RDMA_READ_WR;
642 			swsqe->opcode = FW_RI_READ_REQ;
643 			if (wr->opcode == IB_WR_RDMA_READ_WITH_INV)
644 				fw_flags = FW_RI_RDMA_READ_INVALIDATE;
645 			else
646 				fw_flags = 0;
647 			err = build_rdma_read(wqe, wr, &len16);
648 			if (err)
649 				break;
650 			swsqe->read_len = wr->sg_list[0].length;
651 			if (!qhp->wq.sq.oldest_read)
652 				qhp->wq.sq.oldest_read = swsqe;
653 			break;
654 		case IB_WR_FAST_REG_MR:
655 			fw_opcode = FW_RI_FR_NSMR_WR;
656 			swsqe->opcode = FW_RI_FAST_REGISTER;
657 			err = build_fastreg(&qhp->wq.sq, wqe, wr, &len16);
658 			break;
659 		case IB_WR_LOCAL_INV:
660 			if (wr->send_flags & IB_SEND_FENCE)
661 				fw_flags |= FW_RI_LOCAL_FENCE_FLAG;
662 			fw_opcode = FW_RI_INV_LSTAG_WR;
663 			swsqe->opcode = FW_RI_LOCAL_INV;
664 			err = build_inv_stag(wqe, wr, &len16);
665 			break;
666 		default:
667 			CTR2(KTR_IW_CXGBE, "%s post of type =%d TBD!", __func__,
668 			     wr->opcode);
669 			err = -EINVAL;
670 		}
671 		if (err) {
672 			*bad_wr = wr;
673 			break;
674 		}
675 		swsqe->idx = qhp->wq.sq.pidx;
676 		swsqe->complete = 0;
677 		swsqe->signaled = (wr->send_flags & IB_SEND_SIGNALED) ||
678 					qhp->sq_sig_all;
679 		swsqe->wr_id = wr->wr_id;
680 
681 		init_wr_hdr(wqe, qhp->wq.sq.pidx, fw_opcode, fw_flags, len16);
682 
683 		CTR5(KTR_IW_CXGBE,
684 		    "%s cookie 0x%llx pidx 0x%x opcode 0x%x read_len %u",
685 		    __func__, (unsigned long long)wr->wr_id, qhp->wq.sq.pidx,
686 		    swsqe->opcode, swsqe->read_len);
687 		wr = wr->next;
688 		num_wrs--;
689 		t4_sq_produce(&qhp->wq, len16);
690 		idx += DIV_ROUND_UP(len16*16, T4_EQ_ENTRY_SIZE);
691 	}
692 	if (t4_wq_db_enabled(&qhp->wq))
693 		t4_ring_sq_db(&qhp->wq, idx);
694 	spin_unlock_irqrestore(&qhp->lock, flag);
695 	return err;
696 }
697 
698 int c4iw_post_receive(struct ib_qp *ibqp, struct ib_recv_wr *wr,
699 		      struct ib_recv_wr **bad_wr)
700 {
701 	int err = 0;
702 	struct c4iw_qp *qhp;
703 	union t4_recv_wr *wqe;
704 	u32 num_wrs;
705 	u8 len16 = 0;
706 	unsigned long flag;
707 	u16 idx = 0;
708 
709 	qhp = to_c4iw_qp(ibqp);
710 	spin_lock_irqsave(&qhp->lock, flag);
711 	if (t4_wq_in_error(&qhp->wq)) {
712 		spin_unlock_irqrestore(&qhp->lock, flag);
713 		return -EINVAL;
714 	}
715 	num_wrs = t4_rq_avail(&qhp->wq);
716 	if (num_wrs == 0) {
717 		spin_unlock_irqrestore(&qhp->lock, flag);
718 		return -ENOMEM;
719 	}
720 	while (wr) {
721 		if (wr->num_sge > T4_MAX_RECV_SGE) {
722 			err = -EINVAL;
723 			*bad_wr = wr;
724 			break;
725 		}
726 		wqe = (union t4_recv_wr *)((u8 *)qhp->wq.rq.queue +
727 					   qhp->wq.rq.wq_pidx *
728 					   T4_EQ_ENTRY_SIZE);
729 		if (num_wrs)
730 			err = build_rdma_recv(qhp, wqe, wr, &len16);
731 		else
732 			err = -ENOMEM;
733 		if (err) {
734 			*bad_wr = wr;
735 			break;
736 		}
737 
738 		qhp->wq.rq.sw_rq[qhp->wq.rq.pidx].wr_id = wr->wr_id;
739 
740 		wqe->recv.opcode = FW_RI_RECV_WR;
741 		wqe->recv.r1 = 0;
742 		wqe->recv.wrid = qhp->wq.rq.pidx;
743 		wqe->recv.r2[0] = 0;
744 		wqe->recv.r2[1] = 0;
745 		wqe->recv.r2[2] = 0;
746 		wqe->recv.len16 = len16;
747 		CTR3(KTR_IW_CXGBE, "%s cookie 0x%llx pidx %u", __func__,
748 		     (unsigned long long) wr->wr_id, qhp->wq.rq.pidx);
749 		t4_rq_produce(&qhp->wq, len16);
750 		idx += DIV_ROUND_UP(len16*16, T4_EQ_ENTRY_SIZE);
751 		wr = wr->next;
752 		num_wrs--;
753 	}
754 	if (t4_wq_db_enabled(&qhp->wq))
755 		t4_ring_rq_db(&qhp->wq, idx);
756 	spin_unlock_irqrestore(&qhp->lock, flag);
757 	return err;
758 }
759 
760 int c4iw_bind_mw(struct ib_qp *qp, struct ib_mw *mw, struct ib_mw_bind *mw_bind)
761 {
762 	return -ENOSYS;
763 }
764 
765 static inline void build_term_codes(struct t4_cqe *err_cqe, u8 *layer_type,
766 				    u8 *ecode)
767 {
768 	int status;
769 	int tagged;
770 	int opcode;
771 	int rqtype;
772 	int send_inv;
773 
774 	if (!err_cqe) {
775 		*layer_type = LAYER_RDMAP|DDP_LOCAL_CATA;
776 		*ecode = 0;
777 		return;
778 	}
779 
780 	status = CQE_STATUS(err_cqe);
781 	opcode = CQE_OPCODE(err_cqe);
782 	rqtype = RQ_TYPE(err_cqe);
783 	send_inv = (opcode == FW_RI_SEND_WITH_INV) ||
784 		   (opcode == FW_RI_SEND_WITH_SE_INV);
785 	tagged = (opcode == FW_RI_RDMA_WRITE) ||
786 		 (rqtype && (opcode == FW_RI_READ_RESP));
787 
788 	switch (status) {
789 	case T4_ERR_STAG:
790 		if (send_inv) {
791 			*layer_type = LAYER_RDMAP|RDMAP_REMOTE_OP;
792 			*ecode = RDMAP_CANT_INV_STAG;
793 		} else {
794 			*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
795 			*ecode = RDMAP_INV_STAG;
796 		}
797 		break;
798 	case T4_ERR_PDID:
799 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
800 		if ((opcode == FW_RI_SEND_WITH_INV) ||
801 		    (opcode == FW_RI_SEND_WITH_SE_INV))
802 			*ecode = RDMAP_CANT_INV_STAG;
803 		else
804 			*ecode = RDMAP_STAG_NOT_ASSOC;
805 		break;
806 	case T4_ERR_QPID:
807 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
808 		*ecode = RDMAP_STAG_NOT_ASSOC;
809 		break;
810 	case T4_ERR_ACCESS:
811 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
812 		*ecode = RDMAP_ACC_VIOL;
813 		break;
814 	case T4_ERR_WRAP:
815 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
816 		*ecode = RDMAP_TO_WRAP;
817 		break;
818 	case T4_ERR_BOUND:
819 		if (tagged) {
820 			*layer_type = LAYER_DDP|DDP_TAGGED_ERR;
821 			*ecode = DDPT_BASE_BOUNDS;
822 		} else {
823 			*layer_type = LAYER_RDMAP|RDMAP_REMOTE_PROT;
824 			*ecode = RDMAP_BASE_BOUNDS;
825 		}
826 		break;
827 	case T4_ERR_INVALIDATE_SHARED_MR:
828 	case T4_ERR_INVALIDATE_MR_WITH_MW_BOUND:
829 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_OP;
830 		*ecode = RDMAP_CANT_INV_STAG;
831 		break;
832 	case T4_ERR_ECC:
833 	case T4_ERR_ECC_PSTAG:
834 	case T4_ERR_INTERNAL_ERR:
835 		*layer_type = LAYER_RDMAP|RDMAP_LOCAL_CATA;
836 		*ecode = 0;
837 		break;
838 	case T4_ERR_OUT_OF_RQE:
839 		*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
840 		*ecode = DDPU_INV_MSN_NOBUF;
841 		break;
842 	case T4_ERR_PBL_ADDR_BOUND:
843 		*layer_type = LAYER_DDP|DDP_TAGGED_ERR;
844 		*ecode = DDPT_BASE_BOUNDS;
845 		break;
846 	case T4_ERR_CRC:
847 		*layer_type = LAYER_MPA|DDP_LLP;
848 		*ecode = MPA_CRC_ERR;
849 		break;
850 	case T4_ERR_MARKER:
851 		*layer_type = LAYER_MPA|DDP_LLP;
852 		*ecode = MPA_MARKER_ERR;
853 		break;
854 	case T4_ERR_PDU_LEN_ERR:
855 		*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
856 		*ecode = DDPU_MSG_TOOBIG;
857 		break;
858 	case T4_ERR_DDP_VERSION:
859 		if (tagged) {
860 			*layer_type = LAYER_DDP|DDP_TAGGED_ERR;
861 			*ecode = DDPT_INV_VERS;
862 		} else {
863 			*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
864 			*ecode = DDPU_INV_VERS;
865 		}
866 		break;
867 	case T4_ERR_RDMA_VERSION:
868 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_OP;
869 		*ecode = RDMAP_INV_VERS;
870 		break;
871 	case T4_ERR_OPCODE:
872 		*layer_type = LAYER_RDMAP|RDMAP_REMOTE_OP;
873 		*ecode = RDMAP_INV_OPCODE;
874 		break;
875 	case T4_ERR_DDP_QUEUE_NUM:
876 		*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
877 		*ecode = DDPU_INV_QN;
878 		break;
879 	case T4_ERR_MSN:
880 	case T4_ERR_MSN_GAP:
881 	case T4_ERR_MSN_RANGE:
882 	case T4_ERR_IRD_OVERFLOW:
883 		*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
884 		*ecode = DDPU_INV_MSN_RANGE;
885 		break;
886 	case T4_ERR_TBIT:
887 		*layer_type = LAYER_DDP|DDP_LOCAL_CATA;
888 		*ecode = 0;
889 		break;
890 	case T4_ERR_MO:
891 		*layer_type = LAYER_DDP|DDP_UNTAGGED_ERR;
892 		*ecode = DDPU_INV_MO;
893 		break;
894 	default:
895 		*layer_type = LAYER_RDMAP|DDP_LOCAL_CATA;
896 		*ecode = 0;
897 		break;
898 	}
899 }
900 
901 static void post_terminate(struct c4iw_qp *qhp, struct t4_cqe *err_cqe,
902 			   gfp_t gfp)
903 {
904 	struct fw_ri_wr *wqe;
905 	struct terminate_message *term;
906 	struct wrqe *wr;
907 	struct socket *so = qhp->ep->com.so;
908         struct inpcb *inp = sotoinpcb(so);
909         struct tcpcb *tp = intotcpcb(inp);
910         struct toepcb *toep = tp->t_toe;
911 
912 	CTR4(KTR_IW_CXGBE, "%s qhp %p qid 0x%x tid %u", __func__, qhp,
913 	    qhp->wq.sq.qid, qhp->ep->hwtid);
914 
915 	wr = alloc_wrqe(sizeof(*wqe), toep->ofld_txq);
916 	if (wr == NULL)
917 		return;
918         wqe = wrtod(wr);
919 
920 	memset(wqe, 0, sizeof *wqe);
921 	wqe->op_compl = cpu_to_be32(V_FW_WR_OP(FW_RI_WR));
922 	wqe->flowid_len16 = cpu_to_be32(
923 		V_FW_WR_FLOWID(qhp->ep->hwtid) |
924 		V_FW_WR_LEN16(DIV_ROUND_UP(sizeof *wqe, 16)));
925 
926 	wqe->u.terminate.type = FW_RI_TYPE_TERMINATE;
927 	wqe->u.terminate.immdlen = cpu_to_be32(sizeof *term);
928 	term = (struct terminate_message *)wqe->u.terminate.termmsg;
929 	if (qhp->attr.layer_etype == (LAYER_MPA|DDP_LLP)) {
930 		term->layer_etype = qhp->attr.layer_etype;
931 		term->ecode = qhp->attr.ecode;
932 	} else
933 		build_term_codes(err_cqe, &term->layer_etype, &term->ecode);
934         creds(toep, sizeof(*wqe));
935 	t4_wrq_tx(qhp->rhp->rdev.adap, wr);
936 }
937 
938 /* Assumes qhp lock is held. */
939 static void __flush_qp(struct c4iw_qp *qhp, struct c4iw_cq *rchp,
940 		       struct c4iw_cq *schp)
941 {
942 	int count;
943 	int flushed;
944 	unsigned long flag;
945 
946 	CTR4(KTR_IW_CXGBE, "%s qhp %p rchp %p schp %p", __func__, qhp, rchp,
947 	    schp);
948 
949 	/* locking hierarchy: cq lock first, then qp lock. */
950 	spin_lock_irqsave(&rchp->lock, flag);
951 	spin_lock(&qhp->lock);
952 	c4iw_flush_hw_cq(&rchp->cq);
953 	c4iw_count_rcqes(&rchp->cq, &qhp->wq, &count);
954 	flushed = c4iw_flush_rq(&qhp->wq, &rchp->cq, count);
955 	spin_unlock(&qhp->lock);
956 	spin_unlock_irqrestore(&rchp->lock, flag);
957 	if (flushed && rchp->ibcq.comp_handler) {
958 		spin_lock_irqsave(&rchp->comp_handler_lock, flag);
959 		(*rchp->ibcq.comp_handler)(&rchp->ibcq, rchp->ibcq.cq_context);
960 		spin_unlock_irqrestore(&rchp->comp_handler_lock, flag);
961 	}
962 
963 	/* locking hierarchy: cq lock first, then qp lock. */
964 	spin_lock_irqsave(&schp->lock, flag);
965 	spin_lock(&qhp->lock);
966 	c4iw_flush_hw_cq(&schp->cq);
967 	c4iw_count_scqes(&schp->cq, &qhp->wq, &count);
968 	flushed = c4iw_flush_sq(&qhp->wq, &schp->cq, count);
969 	spin_unlock(&qhp->lock);
970 	spin_unlock_irqrestore(&schp->lock, flag);
971 	if (flushed && schp->ibcq.comp_handler) {
972 		spin_lock_irqsave(&schp->comp_handler_lock, flag);
973 		(*schp->ibcq.comp_handler)(&schp->ibcq, schp->ibcq.cq_context);
974 		spin_unlock_irqrestore(&schp->comp_handler_lock, flag);
975 	}
976 }
977 
978 static void flush_qp(struct c4iw_qp *qhp)
979 {
980 	struct c4iw_cq *rchp, *schp;
981 	unsigned long flag;
982 
983 	rchp = get_chp(qhp->rhp, qhp->attr.rcq);
984 	schp = get_chp(qhp->rhp, qhp->attr.scq);
985 
986 	if (qhp->ibqp.uobject) {
987 		t4_set_wq_in_error(&qhp->wq);
988 		t4_set_cq_in_error(&rchp->cq);
989 		spin_lock_irqsave(&rchp->comp_handler_lock, flag);
990 		(*rchp->ibcq.comp_handler)(&rchp->ibcq, rchp->ibcq.cq_context);
991 		spin_unlock_irqrestore(&rchp->comp_handler_lock, flag);
992 		if (schp != rchp) {
993 			t4_set_cq_in_error(&schp->cq);
994 			spin_lock_irqsave(&schp->comp_handler_lock, flag);
995 			(*schp->ibcq.comp_handler)(&schp->ibcq,
996 					schp->ibcq.cq_context);
997 			spin_unlock_irqrestore(&schp->comp_handler_lock, flag);
998 		}
999 		return;
1000 	}
1001 	__flush_qp(qhp, rchp, schp);
1002 }
1003 
1004 static int
1005 rdma_fini(struct c4iw_dev *rhp, struct c4iw_qp *qhp, struct c4iw_ep *ep)
1006 {
1007 	struct c4iw_rdev *rdev = &rhp->rdev;
1008 	struct adapter *sc = rdev->adap;
1009 	struct fw_ri_wr *wqe;
1010 	int ret;
1011 	struct wrqe *wr;
1012 	struct socket *so = ep->com.so;
1013         struct inpcb *inp = sotoinpcb(so);
1014         struct tcpcb *tp = intotcpcb(inp);
1015         struct toepcb *toep = tp->t_toe;
1016 
1017 	KASSERT(rhp == qhp->rhp && ep == qhp->ep, ("%s: EDOOFUS", __func__));
1018 
1019 	CTR4(KTR_IW_CXGBE, "%s qhp %p qid 0x%x tid %u", __func__, qhp,
1020 	    qhp->wq.sq.qid, ep->hwtid);
1021 
1022 	wr = alloc_wrqe(sizeof(*wqe), toep->ofld_txq);
1023 	if (wr == NULL)
1024 		return (0);
1025 	wqe = wrtod(wr);
1026 
1027 	memset(wqe, 0, sizeof *wqe);
1028 
1029 	wqe->op_compl = cpu_to_be32(V_FW_WR_OP(FW_RI_WR) | F_FW_WR_COMPL);
1030 	wqe->flowid_len16 = cpu_to_be32(V_FW_WR_FLOWID(ep->hwtid) |
1031 	    V_FW_WR_LEN16(DIV_ROUND_UP(sizeof *wqe, 16)));
1032 	wqe->cookie = (unsigned long) &ep->com.wr_wait;
1033 	wqe->u.fini.type = FW_RI_TYPE_FINI;
1034 
1035 	c4iw_init_wr_wait(&ep->com.wr_wait);
1036 
1037         creds(toep, sizeof(*wqe));
1038 	t4_wrq_tx(sc, wr);
1039 
1040 	ret = c4iw_wait_for_reply(rdev, &ep->com.wr_wait, ep->hwtid,
1041 	    qhp->wq.sq.qid, __func__);
1042 	return ret;
1043 }
1044 
1045 static void build_rtr_msg(u8 p2p_type, struct fw_ri_init *init)
1046 {
1047 	CTR2(KTR_IW_CXGBE, "%s p2p_type = %d", __func__, p2p_type);
1048 	memset(&init->u, 0, sizeof init->u);
1049 	switch (p2p_type) {
1050 	case FW_RI_INIT_P2PTYPE_RDMA_WRITE:
1051 		init->u.write.opcode = FW_RI_RDMA_WRITE_WR;
1052 		init->u.write.stag_sink = cpu_to_be32(1);
1053 		init->u.write.to_sink = cpu_to_be64(1);
1054 		init->u.write.u.immd_src[0].op = FW_RI_DATA_IMMD;
1055 		init->u.write.len16 = DIV_ROUND_UP(sizeof init->u.write +
1056 						   sizeof(struct fw_ri_immd),
1057 						   16);
1058 		break;
1059 	case FW_RI_INIT_P2PTYPE_READ_REQ:
1060 		init->u.write.opcode = FW_RI_RDMA_READ_WR;
1061 		init->u.read.stag_src = cpu_to_be32(1);
1062 		init->u.read.to_src_lo = cpu_to_be32(1);
1063 		init->u.read.stag_sink = cpu_to_be32(1);
1064 		init->u.read.to_sink_lo = cpu_to_be32(1);
1065 		init->u.read.len16 = DIV_ROUND_UP(sizeof init->u.read, 16);
1066 		break;
1067 	}
1068 }
1069 
1070 static void
1071 creds(struct toepcb *toep, size_t wrsize)
1072 {
1073 	struct ofld_tx_sdesc *txsd;
1074 
1075 	CTR3(KTR_IW_CXGBE, "%s:creB  %p %u", __func__, toep , wrsize);
1076 	INP_WLOCK(toep->inp);
1077 	txsd = &toep->txsd[toep->txsd_pidx];
1078 	txsd->tx_credits = howmany(wrsize, 16);
1079 	txsd->plen = 0;
1080 	KASSERT(toep->tx_credits >= txsd->tx_credits && toep->txsd_avail > 0,
1081 			("%s: not enough credits (%d)", __func__, toep->tx_credits));
1082 	toep->tx_credits -= txsd->tx_credits;
1083 	if (__predict_false(++toep->txsd_pidx == toep->txsd_total))
1084 		toep->txsd_pidx = 0;
1085 	toep->txsd_avail--;
1086 	INP_WUNLOCK(toep->inp);
1087 	CTR5(KTR_IW_CXGBE, "%s:creE  %p %u %u %u", __func__, toep ,
1088 	    txsd->tx_credits, toep->tx_credits, toep->txsd_pidx);
1089 }
1090 
1091 static int rdma_init(struct c4iw_dev *rhp, struct c4iw_qp *qhp)
1092 {
1093 	struct fw_ri_wr *wqe;
1094 	int ret;
1095 	struct wrqe *wr;
1096 	struct c4iw_ep *ep = qhp->ep;
1097 	struct c4iw_rdev *rdev = &qhp->rhp->rdev;
1098 	struct adapter *sc = rdev->adap;
1099 	struct socket *so = ep->com.so;
1100         struct inpcb *inp = sotoinpcb(so);
1101         struct tcpcb *tp = intotcpcb(inp);
1102         struct toepcb *toep = tp->t_toe;
1103 
1104 	CTR4(KTR_IW_CXGBE, "%s qhp %p qid 0x%x tid %u", __func__, qhp,
1105 	    qhp->wq.sq.qid, ep->hwtid);
1106 
1107 	wr = alloc_wrqe(sizeof(*wqe), toep->ofld_txq);
1108 	if (wr == NULL)
1109 		return (0);
1110 	wqe = wrtod(wr);
1111 
1112 	memset(wqe, 0, sizeof *wqe);
1113 
1114 	wqe->op_compl = cpu_to_be32(
1115 		V_FW_WR_OP(FW_RI_WR) |
1116 		F_FW_WR_COMPL);
1117 	wqe->flowid_len16 = cpu_to_be32(V_FW_WR_FLOWID(ep->hwtid) |
1118 	    V_FW_WR_LEN16(DIV_ROUND_UP(sizeof *wqe, 16)));
1119 
1120 	wqe->cookie = (unsigned long) &ep->com.wr_wait;
1121 
1122 	wqe->u.init.type = FW_RI_TYPE_INIT;
1123 	wqe->u.init.mpareqbit_p2ptype =
1124 		V_FW_RI_WR_MPAREQBIT(qhp->attr.mpa_attr.initiator) |
1125 		V_FW_RI_WR_P2PTYPE(qhp->attr.mpa_attr.p2p_type);
1126 	wqe->u.init.mpa_attrs = FW_RI_MPA_IETF_ENABLE;
1127 	if (qhp->attr.mpa_attr.recv_marker_enabled)
1128 		wqe->u.init.mpa_attrs |= FW_RI_MPA_RX_MARKER_ENABLE;
1129 	if (qhp->attr.mpa_attr.xmit_marker_enabled)
1130 		wqe->u.init.mpa_attrs |= FW_RI_MPA_TX_MARKER_ENABLE;
1131 	if (qhp->attr.mpa_attr.crc_enabled)
1132 		wqe->u.init.mpa_attrs |= FW_RI_MPA_CRC_ENABLE;
1133 
1134 	wqe->u.init.qp_caps = FW_RI_QP_RDMA_READ_ENABLE |
1135 			    FW_RI_QP_RDMA_WRITE_ENABLE |
1136 			    FW_RI_QP_BIND_ENABLE;
1137 	if (!qhp->ibqp.uobject)
1138 		wqe->u.init.qp_caps |= FW_RI_QP_FAST_REGISTER_ENABLE |
1139 				     FW_RI_QP_STAG0_ENABLE;
1140 	wqe->u.init.nrqe = cpu_to_be16(t4_rqes_posted(&qhp->wq));
1141 	wqe->u.init.pdid = cpu_to_be32(qhp->attr.pd);
1142 	wqe->u.init.qpid = cpu_to_be32(qhp->wq.sq.qid);
1143 	wqe->u.init.sq_eqid = cpu_to_be32(qhp->wq.sq.qid);
1144 	wqe->u.init.rq_eqid = cpu_to_be32(qhp->wq.rq.qid);
1145 	wqe->u.init.scqid = cpu_to_be32(qhp->attr.scq);
1146 	wqe->u.init.rcqid = cpu_to_be32(qhp->attr.rcq);
1147 	wqe->u.init.ord_max = cpu_to_be32(qhp->attr.max_ord);
1148 	wqe->u.init.ird_max = cpu_to_be32(qhp->attr.max_ird);
1149 	wqe->u.init.iss = cpu_to_be32(ep->snd_seq);
1150 	wqe->u.init.irs = cpu_to_be32(ep->rcv_seq);
1151 	wqe->u.init.hwrqsize = cpu_to_be32(qhp->wq.rq.rqt_size);
1152 	wqe->u.init.hwrqaddr = cpu_to_be32(qhp->wq.rq.rqt_hwaddr -
1153 	    sc->vres.rq.start);
1154 	if (qhp->attr.mpa_attr.initiator)
1155 		build_rtr_msg(qhp->attr.mpa_attr.p2p_type, &wqe->u.init);
1156 
1157 	c4iw_init_wr_wait(&ep->com.wr_wait);
1158 
1159 	creds(toep, sizeof(*wqe));
1160 	t4_wrq_tx(sc, wr);
1161 
1162 	ret = c4iw_wait_for_reply(rdev, &ep->com.wr_wait, ep->hwtid,
1163 	    qhp->wq.sq.qid, __func__);
1164 
1165 	toep->ulp_mode = ULP_MODE_RDMA;
1166 
1167 	return ret;
1168 }
1169 
1170 int c4iw_modify_qp(struct c4iw_dev *rhp, struct c4iw_qp *qhp,
1171 		   enum c4iw_qp_attr_mask mask,
1172 		   struct c4iw_qp_attributes *attrs,
1173 		   int internal)
1174 {
1175 	int ret = 0;
1176 	struct c4iw_qp_attributes newattr = qhp->attr;
1177 	int disconnect = 0;
1178 	int terminate = 0;
1179 	int abort = 0;
1180 	int free = 0;
1181 	struct c4iw_ep *ep = NULL;
1182 
1183 	CTR5(KTR_IW_CXGBE, "%s qhp %p sqid 0x%x rqid 0x%x ep %p", __func__, qhp,
1184 	    qhp->wq.sq.qid, qhp->wq.rq.qid, qhp->ep);
1185 	CTR3(KTR_IW_CXGBE, "%s state %d -> %d", __func__, qhp->attr.state,
1186 	    (mask & C4IW_QP_ATTR_NEXT_STATE) ? attrs->next_state : -1);
1187 
1188 	mutex_lock(&qhp->mutex);
1189 
1190 	/* Process attr changes if in IDLE */
1191 	if (mask & C4IW_QP_ATTR_VALID_MODIFY) {
1192 		if (qhp->attr.state != C4IW_QP_STATE_IDLE) {
1193 			ret = -EIO;
1194 			goto out;
1195 		}
1196 		if (mask & C4IW_QP_ATTR_ENABLE_RDMA_READ)
1197 			newattr.enable_rdma_read = attrs->enable_rdma_read;
1198 		if (mask & C4IW_QP_ATTR_ENABLE_RDMA_WRITE)
1199 			newattr.enable_rdma_write = attrs->enable_rdma_write;
1200 		if (mask & C4IW_QP_ATTR_ENABLE_RDMA_BIND)
1201 			newattr.enable_bind = attrs->enable_bind;
1202 		if (mask & C4IW_QP_ATTR_MAX_ORD) {
1203 			if (attrs->max_ord > c4iw_max_read_depth) {
1204 				ret = -EINVAL;
1205 				goto out;
1206 			}
1207 			newattr.max_ord = attrs->max_ord;
1208 		}
1209 		if (mask & C4IW_QP_ATTR_MAX_IRD) {
1210 			if (attrs->max_ird > c4iw_max_read_depth) {
1211 				ret = -EINVAL;
1212 				goto out;
1213 			}
1214 			newattr.max_ird = attrs->max_ird;
1215 		}
1216 		qhp->attr = newattr;
1217 	}
1218 
1219 	if (!(mask & C4IW_QP_ATTR_NEXT_STATE))
1220 		goto out;
1221 	if (qhp->attr.state == attrs->next_state)
1222 		goto out;
1223 
1224 	switch (qhp->attr.state) {
1225 	case C4IW_QP_STATE_IDLE:
1226 		switch (attrs->next_state) {
1227 		case C4IW_QP_STATE_RTS:
1228 			if (!(mask & C4IW_QP_ATTR_LLP_STREAM_HANDLE)) {
1229 				ret = -EINVAL;
1230 				goto out;
1231 			}
1232 			if (!(mask & C4IW_QP_ATTR_MPA_ATTR)) {
1233 				ret = -EINVAL;
1234 				goto out;
1235 			}
1236 			qhp->attr.mpa_attr = attrs->mpa_attr;
1237 			qhp->attr.llp_stream_handle = attrs->llp_stream_handle;
1238 			qhp->ep = qhp->attr.llp_stream_handle;
1239 			set_state(qhp, C4IW_QP_STATE_RTS);
1240 
1241 			/*
1242 			 * Ref the endpoint here and deref when we
1243 			 * disassociate the endpoint from the QP.  This
1244 			 * happens in CLOSING->IDLE transition or *->ERROR
1245 			 * transition.
1246 			 */
1247 			c4iw_get_ep(&qhp->ep->com);
1248 			ret = rdma_init(rhp, qhp);
1249 			if (ret)
1250 				goto err;
1251 			break;
1252 		case C4IW_QP_STATE_ERROR:
1253 			set_state(qhp, C4IW_QP_STATE_ERROR);
1254 			flush_qp(qhp);
1255 			break;
1256 		default:
1257 			ret = -EINVAL;
1258 			goto out;
1259 		}
1260 		break;
1261 	case C4IW_QP_STATE_RTS:
1262 		switch (attrs->next_state) {
1263 		case C4IW_QP_STATE_CLOSING:
1264 			BUG_ON(atomic_read(&qhp->ep->com.kref.refcount) < 2);
1265 			set_state(qhp, C4IW_QP_STATE_CLOSING);
1266 			ep = qhp->ep;
1267 			if (!internal) {
1268 				abort = 0;
1269 				disconnect = 1;
1270 				c4iw_get_ep(&qhp->ep->com);
1271 			}
1272 			if (qhp->ibqp.uobject)
1273 				t4_set_wq_in_error(&qhp->wq);
1274 			ret = rdma_fini(rhp, qhp, ep);
1275 			if (ret)
1276 				goto err;
1277 			break;
1278 		case C4IW_QP_STATE_TERMINATE:
1279 			set_state(qhp, C4IW_QP_STATE_TERMINATE);
1280 			qhp->attr.layer_etype = attrs->layer_etype;
1281 			qhp->attr.ecode = attrs->ecode;
1282 			if (qhp->ibqp.uobject)
1283 				t4_set_wq_in_error(&qhp->wq);
1284 			ep = qhp->ep;
1285 			if (!internal)
1286 				terminate = 1;
1287 			disconnect = 1;
1288 			c4iw_get_ep(&qhp->ep->com);
1289 			break;
1290 		case C4IW_QP_STATE_ERROR:
1291 			set_state(qhp, C4IW_QP_STATE_ERROR);
1292 			if (qhp->ibqp.uobject)
1293 				t4_set_wq_in_error(&qhp->wq);
1294 			if (!internal) {
1295 				abort = 1;
1296 				disconnect = 1;
1297 				ep = qhp->ep;
1298 				c4iw_get_ep(&qhp->ep->com);
1299 			}
1300 			goto err;
1301 			break;
1302 		default:
1303 			ret = -EINVAL;
1304 			goto out;
1305 		}
1306 		break;
1307 	case C4IW_QP_STATE_CLOSING:
1308 		if (!internal) {
1309 			ret = -EINVAL;
1310 			goto out;
1311 		}
1312 		switch (attrs->next_state) {
1313 		case C4IW_QP_STATE_IDLE:
1314 			flush_qp(qhp);
1315 			set_state(qhp, C4IW_QP_STATE_IDLE);
1316 			qhp->attr.llp_stream_handle = NULL;
1317 			c4iw_put_ep(&qhp->ep->com);
1318 			qhp->ep = NULL;
1319 			wake_up(&qhp->wait);
1320 			break;
1321 		case C4IW_QP_STATE_ERROR:
1322 			goto err;
1323 		default:
1324 			ret = -EINVAL;
1325 			goto err;
1326 		}
1327 		break;
1328 	case C4IW_QP_STATE_ERROR:
1329 		if (attrs->next_state != C4IW_QP_STATE_IDLE) {
1330 			ret = -EINVAL;
1331 			goto out;
1332 		}
1333 		if (!t4_sq_empty(&qhp->wq) || !t4_rq_empty(&qhp->wq)) {
1334 			ret = -EINVAL;
1335 			goto out;
1336 		}
1337 		set_state(qhp, C4IW_QP_STATE_IDLE);
1338 		break;
1339 	case C4IW_QP_STATE_TERMINATE:
1340 		if (!internal) {
1341 			ret = -EINVAL;
1342 			goto out;
1343 		}
1344 		goto err;
1345 		break;
1346 	default:
1347 		printf("%s in a bad state %d\n",
1348 		       __func__, qhp->attr.state);
1349 		ret = -EINVAL;
1350 		goto err;
1351 		break;
1352 	}
1353 	goto out;
1354 err:
1355 	CTR3(KTR_IW_CXGBE, "%s disassociating ep %p qpid 0x%x", __func__,
1356 	    qhp->ep, qhp->wq.sq.qid);
1357 
1358 	/* disassociate the LLP connection */
1359 	qhp->attr.llp_stream_handle = NULL;
1360 	if (!ep)
1361 		ep = qhp->ep;
1362 	qhp->ep = NULL;
1363 	set_state(qhp, C4IW_QP_STATE_ERROR);
1364 	free = 1;
1365 	BUG_ON(!ep);
1366 	flush_qp(qhp);
1367 	wake_up(&qhp->wait);
1368 out:
1369 	mutex_unlock(&qhp->mutex);
1370 
1371 	if (terminate)
1372 		post_terminate(qhp, NULL, internal ? GFP_ATOMIC : GFP_KERNEL);
1373 
1374 	/*
1375 	 * If disconnect is 1, then we need to initiate a disconnect
1376 	 * on the EP.  This can be a normal close (RTS->CLOSING) or
1377 	 * an abnormal close (RTS/CLOSING->ERROR).
1378 	 */
1379 	if (disconnect) {
1380 		c4iw_ep_disconnect(ep, abort, internal ? GFP_ATOMIC :
1381 							 GFP_KERNEL);
1382 		c4iw_put_ep(&ep->com);
1383 	}
1384 
1385 	/*
1386 	 * If free is 1, then we've disassociated the EP from the QP
1387 	 * and we need to dereference the EP.
1388 	 */
1389 	if (free)
1390 		c4iw_put_ep(&ep->com);
1391 	CTR2(KTR_IW_CXGBE, "%s exit state %d", __func__, qhp->attr.state);
1392 	return ret;
1393 }
1394 
1395 static int enable_qp_db(int id, void *p, void *data)
1396 {
1397 	struct c4iw_qp *qp = p;
1398 
1399 	t4_enable_wq_db(&qp->wq);
1400 	return 0;
1401 }
1402 
1403 int c4iw_destroy_qp(struct ib_qp *ib_qp)
1404 {
1405 	struct c4iw_dev *rhp;
1406 	struct c4iw_qp *qhp;
1407 	struct c4iw_qp_attributes attrs;
1408 	struct c4iw_ucontext *ucontext;
1409 
1410 	CTR2(KTR_IW_CXGBE, "%s ib_qp %p", __func__, ib_qp);
1411 	qhp = to_c4iw_qp(ib_qp);
1412 	rhp = qhp->rhp;
1413 
1414 	attrs.next_state = C4IW_QP_STATE_ERROR;
1415 	if (qhp->attr.state == C4IW_QP_STATE_TERMINATE)
1416 		c4iw_modify_qp(rhp, qhp, C4IW_QP_ATTR_NEXT_STATE, &attrs, 1);
1417 	else
1418 		c4iw_modify_qp(rhp, qhp, C4IW_QP_ATTR_NEXT_STATE, &attrs, 0);
1419 	wait_event(qhp->wait, !qhp->ep);
1420 
1421 	spin_lock_irq(&rhp->lock);
1422 	remove_handle_nolock(rhp, &rhp->qpidr, qhp->wq.sq.qid);
1423 	rhp->qpcnt--;
1424 	BUG_ON(rhp->qpcnt < 0);
1425 	if (rhp->qpcnt <= db_fc_threshold && rhp->db_state == FLOW_CONTROL) {
1426 		rhp->rdev.stats.db_state_transitions++;
1427 		rhp->db_state = NORMAL;
1428 		idr_for_each(&rhp->qpidr, enable_qp_db, NULL);
1429 	}
1430 	spin_unlock_irq(&rhp->lock);
1431 	atomic_dec(&qhp->refcnt);
1432 	wait_event(qhp->wait, !atomic_read(&qhp->refcnt));
1433 
1434 	ucontext = ib_qp->uobject ?
1435 		   to_c4iw_ucontext(ib_qp->uobject->context) : NULL;
1436 	destroy_qp(&rhp->rdev, &qhp->wq,
1437 		   ucontext ? &ucontext->uctx : &rhp->rdev.uctx);
1438 
1439 	CTR3(KTR_IW_CXGBE, "%s ib_qp %p qpid 0x%0x", __func__, ib_qp,
1440 	    qhp->wq.sq.qid);
1441 	kfree(qhp);
1442 	return 0;
1443 }
1444 
1445 static int disable_qp_db(int id, void *p, void *data)
1446 {
1447 	struct c4iw_qp *qp = p;
1448 
1449 	t4_disable_wq_db(&qp->wq);
1450 	return 0;
1451 }
1452 
1453 struct ib_qp *
1454 c4iw_create_qp(struct ib_pd *pd, struct ib_qp_init_attr *attrs,
1455     struct ib_udata *udata)
1456 {
1457 	struct c4iw_dev *rhp;
1458 	struct c4iw_qp *qhp;
1459 	struct c4iw_pd *php;
1460 	struct c4iw_cq *schp;
1461 	struct c4iw_cq *rchp;
1462 	struct c4iw_create_qp_resp uresp;
1463 	int sqsize, rqsize;
1464 	struct c4iw_ucontext *ucontext;
1465 	int ret;
1466 	struct c4iw_mm_entry *mm1, *mm2, *mm3, *mm4;
1467 
1468 	CTR2(KTR_IW_CXGBE, "%s ib_pd %p", __func__, pd);
1469 
1470 	if (attrs->qp_type != IB_QPT_RC)
1471 		return ERR_PTR(-EINVAL);
1472 
1473 	php = to_c4iw_pd(pd);
1474 	rhp = php->rhp;
1475 	schp = get_chp(rhp, ((struct c4iw_cq *)attrs->send_cq)->cq.cqid);
1476 	rchp = get_chp(rhp, ((struct c4iw_cq *)attrs->recv_cq)->cq.cqid);
1477 	if (!schp || !rchp)
1478 		return ERR_PTR(-EINVAL);
1479 
1480 	if (attrs->cap.max_inline_data > T4_MAX_SEND_INLINE)
1481 		return ERR_PTR(-EINVAL);
1482 
1483 	rqsize = roundup(attrs->cap.max_recv_wr + 1, 16);
1484 	if (rqsize > T4_MAX_RQ_SIZE)
1485 		return ERR_PTR(-E2BIG);
1486 
1487 	sqsize = roundup(attrs->cap.max_send_wr + 1, 16);
1488 	if (sqsize > T4_MAX_SQ_SIZE)
1489 		return ERR_PTR(-E2BIG);
1490 
1491 	ucontext = pd->uobject ? to_c4iw_ucontext(pd->uobject->context) : NULL;
1492 
1493 
1494 	qhp = kzalloc(sizeof(*qhp), GFP_KERNEL);
1495 	if (!qhp)
1496 		return ERR_PTR(-ENOMEM);
1497 	qhp->wq.sq.size = sqsize;
1498 	qhp->wq.sq.memsize = (sqsize + 1) * sizeof *qhp->wq.sq.queue;
1499 	qhp->wq.rq.size = rqsize;
1500 	qhp->wq.rq.memsize = (rqsize + 1) * sizeof *qhp->wq.rq.queue;
1501 
1502 	if (ucontext) {
1503 		qhp->wq.sq.memsize = roundup(qhp->wq.sq.memsize, PAGE_SIZE);
1504 		qhp->wq.rq.memsize = roundup(qhp->wq.rq.memsize, PAGE_SIZE);
1505 	}
1506 
1507 	CTR5(KTR_IW_CXGBE, "%s sqsize %u sqmemsize %zu rqsize %u rqmemsize %zu",
1508 	    __func__, sqsize, qhp->wq.sq.memsize, rqsize, qhp->wq.rq.memsize);
1509 
1510 	ret = create_qp(&rhp->rdev, &qhp->wq, &schp->cq, &rchp->cq,
1511 			ucontext ? &ucontext->uctx : &rhp->rdev.uctx);
1512 	if (ret)
1513 		goto err1;
1514 
1515 	attrs->cap.max_recv_wr = rqsize - 1;
1516 	attrs->cap.max_send_wr = sqsize - 1;
1517 	attrs->cap.max_inline_data = T4_MAX_SEND_INLINE;
1518 
1519 	qhp->rhp = rhp;
1520 	qhp->attr.pd = php->pdid;
1521 	qhp->attr.scq = ((struct c4iw_cq *) attrs->send_cq)->cq.cqid;
1522 	qhp->attr.rcq = ((struct c4iw_cq *) attrs->recv_cq)->cq.cqid;
1523 	qhp->attr.sq_num_entries = attrs->cap.max_send_wr;
1524 	qhp->attr.rq_num_entries = attrs->cap.max_recv_wr;
1525 	qhp->attr.sq_max_sges = attrs->cap.max_send_sge;
1526 	qhp->attr.sq_max_sges_rdma_write = attrs->cap.max_send_sge;
1527 	qhp->attr.rq_max_sges = attrs->cap.max_recv_sge;
1528 	qhp->attr.state = C4IW_QP_STATE_IDLE;
1529 	qhp->attr.next_state = C4IW_QP_STATE_IDLE;
1530 	qhp->attr.enable_rdma_read = 1;
1531 	qhp->attr.enable_rdma_write = 1;
1532 	qhp->attr.enable_bind = 1;
1533 	qhp->attr.max_ord = 1;
1534 	qhp->attr.max_ird = 1;
1535 	qhp->sq_sig_all = attrs->sq_sig_type == IB_SIGNAL_ALL_WR;
1536 	spin_lock_init(&qhp->lock);
1537 	mutex_init(&qhp->mutex);
1538 	init_waitqueue_head(&qhp->wait);
1539 	atomic_set(&qhp->refcnt, 1);
1540 
1541 	spin_lock_irq(&rhp->lock);
1542 	if (rhp->db_state != NORMAL)
1543 		t4_disable_wq_db(&qhp->wq);
1544 	if (++rhp->qpcnt > db_fc_threshold && rhp->db_state == NORMAL) {
1545 		rhp->rdev.stats.db_state_transitions++;
1546 		rhp->db_state = FLOW_CONTROL;
1547 		idr_for_each(&rhp->qpidr, disable_qp_db, NULL);
1548 	}
1549 	ret = insert_handle_nolock(rhp, &rhp->qpidr, qhp, qhp->wq.sq.qid);
1550 	spin_unlock_irq(&rhp->lock);
1551 	if (ret)
1552 		goto err2;
1553 
1554 	if (udata) {
1555 		mm1 = kmalloc(sizeof *mm1, GFP_KERNEL);
1556 		if (!mm1) {
1557 			ret = -ENOMEM;
1558 			goto err3;
1559 		}
1560 		mm2 = kmalloc(sizeof *mm2, GFP_KERNEL);
1561 		if (!mm2) {
1562 			ret = -ENOMEM;
1563 			goto err4;
1564 		}
1565 		mm3 = kmalloc(sizeof *mm3, GFP_KERNEL);
1566 		if (!mm3) {
1567 			ret = -ENOMEM;
1568 			goto err5;
1569 		}
1570 		mm4 = kmalloc(sizeof *mm4, GFP_KERNEL);
1571 		if (!mm4) {
1572 			ret = -ENOMEM;
1573 			goto err6;
1574 		}
1575 		uresp.flags = 0;
1576 		uresp.qid_mask = rhp->rdev.qpmask;
1577 		uresp.sqid = qhp->wq.sq.qid;
1578 		uresp.sq_size = qhp->wq.sq.size;
1579 		uresp.sq_memsize = qhp->wq.sq.memsize;
1580 		uresp.rqid = qhp->wq.rq.qid;
1581 		uresp.rq_size = qhp->wq.rq.size;
1582 		uresp.rq_memsize = qhp->wq.rq.memsize;
1583 		spin_lock(&ucontext->mmap_lock);
1584 		uresp.sq_key = ucontext->key;
1585 		ucontext->key += PAGE_SIZE;
1586 		uresp.rq_key = ucontext->key;
1587 		ucontext->key += PAGE_SIZE;
1588 		uresp.sq_db_gts_key = ucontext->key;
1589 		ucontext->key += PAGE_SIZE;
1590 		uresp.rq_db_gts_key = ucontext->key;
1591 		ucontext->key += PAGE_SIZE;
1592 		spin_unlock(&ucontext->mmap_lock);
1593 		ret = ib_copy_to_udata(udata, &uresp, sizeof uresp);
1594 		if (ret)
1595 			goto err7;
1596 		mm1->key = uresp.sq_key;
1597 		mm1->addr = qhp->wq.sq.phys_addr;
1598 		mm1->len = PAGE_ALIGN(qhp->wq.sq.memsize);
1599 		CTR4(KTR_IW_CXGBE, "%s mm1 %x, %x, %d", __func__, mm1->key,
1600 		    mm1->addr, mm1->len);
1601 		insert_mmap(ucontext, mm1);
1602 		mm2->key = uresp.rq_key;
1603 		mm2->addr = vtophys(qhp->wq.rq.queue);
1604 		mm2->len = PAGE_ALIGN(qhp->wq.rq.memsize);
1605 		CTR4(KTR_IW_CXGBE, "%s mm2 %x, %x, %d", __func__, mm2->key,
1606 		    mm2->addr, mm2->len);
1607 		insert_mmap(ucontext, mm2);
1608 		mm3->key = uresp.sq_db_gts_key;
1609 		mm3->addr = qhp->wq.sq.udb;
1610 		mm3->len = PAGE_SIZE;
1611 		CTR4(KTR_IW_CXGBE, "%s mm3 %x, %x, %d", __func__, mm3->key,
1612 		    mm3->addr, mm3->len);
1613 		insert_mmap(ucontext, mm3);
1614 		mm4->key = uresp.rq_db_gts_key;
1615 		mm4->addr = qhp->wq.rq.udb;
1616 		mm4->len = PAGE_SIZE;
1617 		CTR4(KTR_IW_CXGBE, "%s mm4 %x, %x, %d", __func__, mm4->key,
1618 		    mm4->addr, mm4->len);
1619 		insert_mmap(ucontext, mm4);
1620 	}
1621 	qhp->ibqp.qp_num = qhp->wq.sq.qid;
1622 	init_timer(&(qhp->timer));
1623 	CTR5(KTR_IW_CXGBE,
1624 	    "%s qhp %p sq_num_entries %d, rq_num_entries %d qpid 0x%0x",
1625 	    __func__, qhp, qhp->attr.sq_num_entries, qhp->attr.rq_num_entries,
1626 	    qhp->wq.sq.qid);
1627 	return &qhp->ibqp;
1628 err7:
1629 	kfree(mm4);
1630 err6:
1631 	kfree(mm3);
1632 err5:
1633 	kfree(mm2);
1634 err4:
1635 	kfree(mm1);
1636 err3:
1637 	remove_handle(rhp, &rhp->qpidr, qhp->wq.sq.qid);
1638 err2:
1639 	destroy_qp(&rhp->rdev, &qhp->wq,
1640 		   ucontext ? &ucontext->uctx : &rhp->rdev.uctx);
1641 err1:
1642 	kfree(qhp);
1643 	return ERR_PTR(ret);
1644 }
1645 
1646 int c4iw_ib_modify_qp(struct ib_qp *ibqp, struct ib_qp_attr *attr,
1647 		      int attr_mask, struct ib_udata *udata)
1648 {
1649 	struct c4iw_dev *rhp;
1650 	struct c4iw_qp *qhp;
1651 	enum c4iw_qp_attr_mask mask = 0;
1652 	struct c4iw_qp_attributes attrs;
1653 
1654 	CTR2(KTR_IW_CXGBE, "%s ib_qp %p", __func__, ibqp);
1655 
1656 	/* iwarp does not support the RTR state */
1657 	if ((attr_mask & IB_QP_STATE) && (attr->qp_state == IB_QPS_RTR))
1658 		attr_mask &= ~IB_QP_STATE;
1659 
1660 	/* Make sure we still have something left to do */
1661 	if (!attr_mask)
1662 		return 0;
1663 
1664 	memset(&attrs, 0, sizeof attrs);
1665 	qhp = to_c4iw_qp(ibqp);
1666 	rhp = qhp->rhp;
1667 
1668 	attrs.next_state = c4iw_convert_state(attr->qp_state);
1669 	attrs.enable_rdma_read = (attr->qp_access_flags &
1670 			       IB_ACCESS_REMOTE_READ) ?  1 : 0;
1671 	attrs.enable_rdma_write = (attr->qp_access_flags &
1672 				IB_ACCESS_REMOTE_WRITE) ? 1 : 0;
1673 	attrs.enable_bind = (attr->qp_access_flags & IB_ACCESS_MW_BIND) ? 1 : 0;
1674 
1675 
1676 	mask |= (attr_mask & IB_QP_STATE) ? C4IW_QP_ATTR_NEXT_STATE : 0;
1677 	mask |= (attr_mask & IB_QP_ACCESS_FLAGS) ?
1678 			(C4IW_QP_ATTR_ENABLE_RDMA_READ |
1679 			 C4IW_QP_ATTR_ENABLE_RDMA_WRITE |
1680 			 C4IW_QP_ATTR_ENABLE_RDMA_BIND) : 0;
1681 
1682 	/*
1683 	 * Use SQ_PSN and RQ_PSN to pass in IDX_INC values for
1684 	 * ringing the queue db when we're in DB_FULL mode.
1685 	 */
1686 	attrs.sq_db_inc = attr->sq_psn;
1687 	attrs.rq_db_inc = attr->rq_psn;
1688 	mask |= (attr_mask & IB_QP_SQ_PSN) ? C4IW_QP_ATTR_SQ_DB : 0;
1689 	mask |= (attr_mask & IB_QP_RQ_PSN) ? C4IW_QP_ATTR_RQ_DB : 0;
1690 
1691 	return c4iw_modify_qp(rhp, qhp, mask, &attrs, 0);
1692 }
1693 
1694 struct ib_qp *c4iw_get_qp(struct ib_device *dev, int qpn)
1695 {
1696 	CTR3(KTR_IW_CXGBE, "%s ib_dev %p qpn 0x%x", __func__, dev, qpn);
1697 	return (struct ib_qp *)get_qhp(to_c4iw_dev(dev), qpn);
1698 }
1699 
1700 int c4iw_ib_query_qp(struct ib_qp *ibqp, struct ib_qp_attr *attr,
1701 		     int attr_mask, struct ib_qp_init_attr *init_attr)
1702 {
1703 	struct c4iw_qp *qhp = to_c4iw_qp(ibqp);
1704 
1705 	memset(attr, 0, sizeof *attr);
1706 	memset(init_attr, 0, sizeof *init_attr);
1707 	attr->qp_state = to_ib_qp_state(qhp->attr.state);
1708 	init_attr->cap.max_send_wr = qhp->attr.sq_num_entries;
1709 	init_attr->cap.max_recv_wr = qhp->attr.rq_num_entries;
1710 	init_attr->cap.max_send_sge = qhp->attr.sq_max_sges;
1711 	init_attr->cap.max_recv_sge = qhp->attr.sq_max_sges;
1712 	init_attr->cap.max_inline_data = T4_MAX_SEND_INLINE;
1713 	init_attr->sq_sig_type = qhp->sq_sig_all ? IB_SIGNAL_ALL_WR : 0;
1714 	return 0;
1715 }
1716 #endif
1717