1 /*- 2 * Copyright (c) 2012 Chelsio Communications, Inc. 3 * All rights reserved. 4 * Written by: Navdeep Parhar <np@FreeBSD.org> 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28 #include <sys/cdefs.h> 29 __FBSDID("$FreeBSD$"); 30 31 #include "opt_inet.h" 32 33 #include <sys/param.h> 34 #include <sys/aio.h> 35 #include <sys/file.h> 36 #include <sys/systm.h> 37 #include <sys/kernel.h> 38 #include <sys/ktr.h> 39 #include <sys/module.h> 40 #include <sys/protosw.h> 41 #include <sys/proc.h> 42 #include <sys/domain.h> 43 #include <sys/socket.h> 44 #include <sys/socketvar.h> 45 #include <sys/taskqueue.h> 46 #include <sys/uio.h> 47 #include <netinet/in.h> 48 #include <netinet/in_pcb.h> 49 #include <netinet/ip.h> 50 #include <netinet/tcp_var.h> 51 #define TCPSTATES 52 #include <netinet/tcp_fsm.h> 53 #include <netinet/toecore.h> 54 55 #include <vm/vm.h> 56 #include <vm/vm_extern.h> 57 #include <vm/vm_param.h> 58 #include <vm/pmap.h> 59 #include <vm/vm_map.h> 60 #include <vm/vm_page.h> 61 #include <vm/vm_object.h> 62 63 #ifdef TCP_OFFLOAD 64 #include "common/common.h" 65 #include "common/t4_msg.h" 66 #include "common/t4_regs.h" 67 #include "common/t4_tcb.h" 68 #include "tom/t4_tom.h" 69 70 VNET_DECLARE(int, tcp_do_autorcvbuf); 71 #define V_tcp_do_autorcvbuf VNET(tcp_do_autorcvbuf) 72 VNET_DECLARE(int, tcp_autorcvbuf_inc); 73 #define V_tcp_autorcvbuf_inc VNET(tcp_autorcvbuf_inc) 74 VNET_DECLARE(int, tcp_autorcvbuf_max); 75 #define V_tcp_autorcvbuf_max VNET(tcp_autorcvbuf_max) 76 77 /* 78 * Use the 'backend3' field in AIO jobs to store the amount of data 79 * received by the AIO job so far. 80 */ 81 #define aio_received backend3 82 83 static void aio_ddp_requeue_task(void *context, int pending); 84 static void ddp_complete_all(struct toepcb *toep, int error); 85 static void t4_aio_cancel_active(struct kaiocb *job); 86 static void t4_aio_cancel_queued(struct kaiocb *job); 87 88 #define PPOD_SZ(n) ((n) * sizeof(struct pagepod)) 89 #define PPOD_SIZE (PPOD_SZ(1)) 90 91 static TAILQ_HEAD(, pageset) ddp_orphan_pagesets; 92 static struct mtx ddp_orphan_pagesets_lock; 93 static struct task ddp_orphan_task; 94 95 #define MAX_DDP_BUFFER_SIZE (M_TCB_RX_DDP_BUF0_LEN) 96 static int 97 alloc_ppods(struct tom_data *td, int n, u_int *ppod_addr) 98 { 99 vmem_addr_t v; 100 int rc; 101 102 MPASS(n > 0); 103 104 rc = vmem_alloc(td->ppod_arena, PPOD_SZ(n), M_NOWAIT | M_FIRSTFIT, &v); 105 *ppod_addr = (u_int)v; 106 107 return (rc); 108 } 109 110 static void 111 free_ppods(struct tom_data *td, u_int ppod_addr, int n) 112 { 113 114 MPASS(n > 0); 115 116 vmem_free(td->ppod_arena, (vmem_addr_t)ppod_addr, PPOD_SZ(n)); 117 } 118 119 static inline int 120 pages_to_nppods(int npages, int ddp_pgsz) 121 { 122 int nsegs = npages * PAGE_SIZE / ddp_pgsz; 123 124 return (howmany(nsegs, PPOD_PAGES)); 125 } 126 127 /* 128 * A page set holds information about a buffer used for DDP. The page 129 * set holds resources such as the VM pages backing the buffer (either 130 * held or wired) and the page pods associated with the buffer. 131 * Recently used page sets are cached to allow for efficient reuse of 132 * buffers (avoiding the need to re-fault in pages, hold them, etc.). 133 * Note that cached page sets keep the backing pages wired. The 134 * number of wired pages is capped by only allowing for two wired 135 * pagesets per connection. This is not a perfect cap, but is a 136 * trade-off for performance. 137 * 138 * If an application ping-pongs two buffers for a connection via 139 * aio_read(2) then those buffers should remain wired and expensive VM 140 * fault lookups should be avoided after each buffer has been used 141 * once. If an application uses more than two buffers then this will 142 * fall back to doing expensive VM fault lookups for each operation. 143 */ 144 static void 145 free_pageset(struct tom_data *td, struct pageset *ps) 146 { 147 vm_page_t p; 148 int i; 149 150 if (ps->nppods > 0) 151 free_ppods(td, ps->ppod_addr, ps->nppods); 152 153 if (ps->flags & PS_WIRED) { 154 for (i = 0; i < ps->npages; i++) { 155 p = ps->pages[i]; 156 vm_page_lock(p); 157 vm_page_unwire(p, PQ_INACTIVE); 158 vm_page_unlock(p); 159 } 160 } else 161 vm_page_unhold_pages(ps->pages, ps->npages); 162 mtx_lock(&ddp_orphan_pagesets_lock); 163 TAILQ_INSERT_TAIL(&ddp_orphan_pagesets, ps, link); 164 taskqueue_enqueue(taskqueue_thread, &ddp_orphan_task); 165 mtx_unlock(&ddp_orphan_pagesets_lock); 166 } 167 168 static void 169 ddp_free_orphan_pagesets(void *context, int pending) 170 { 171 struct pageset *ps; 172 173 mtx_lock(&ddp_orphan_pagesets_lock); 174 while (!TAILQ_EMPTY(&ddp_orphan_pagesets)) { 175 ps = TAILQ_FIRST(&ddp_orphan_pagesets); 176 TAILQ_REMOVE(&ddp_orphan_pagesets, ps, link); 177 mtx_unlock(&ddp_orphan_pagesets_lock); 178 if (ps->vm) 179 vmspace_free(ps->vm); 180 free(ps, M_CXGBE); 181 mtx_lock(&ddp_orphan_pagesets_lock); 182 } 183 mtx_unlock(&ddp_orphan_pagesets_lock); 184 } 185 186 static void 187 recycle_pageset(struct toepcb *toep, struct pageset *ps) 188 { 189 190 DDP_ASSERT_LOCKED(toep); 191 if (!(toep->ddp_flags & DDP_DEAD) && ps->flags & PS_WIRED) { 192 KASSERT(toep->ddp_cached_count + toep->ddp_active_count < 193 nitems(toep->db), ("too many wired pagesets")); 194 TAILQ_INSERT_HEAD(&toep->ddp_cached_pagesets, ps, link); 195 toep->ddp_cached_count++; 196 } else 197 free_pageset(toep->td, ps); 198 } 199 200 static void 201 ddp_complete_one(struct kaiocb *job, int error) 202 { 203 long copied; 204 205 /* 206 * If this job had copied data out of the socket buffer before 207 * it was cancelled, report it as a short read rather than an 208 * error. 209 */ 210 copied = job->aio_received; 211 if (copied != 0 || error == 0) 212 aio_complete(job, copied, 0); 213 else 214 aio_complete(job, -1, error); 215 } 216 217 static void 218 free_ddp_buffer(struct tom_data *td, struct ddp_buffer *db) 219 { 220 221 if (db->job) { 222 /* 223 * XXX: If we are un-offloading the socket then we 224 * should requeue these on the socket somehow. If we 225 * got a FIN from the remote end, then this completes 226 * any remaining requests with an EOF read. 227 */ 228 if (!aio_clear_cancel_function(db->job)) 229 ddp_complete_one(db->job, 0); 230 } 231 232 if (db->ps) 233 free_pageset(td, db->ps); 234 } 235 236 void 237 ddp_init_toep(struct toepcb *toep) 238 { 239 240 TAILQ_INIT(&toep->ddp_aiojobq); 241 TASK_INIT(&toep->ddp_requeue_task, 0, aio_ddp_requeue_task, toep); 242 toep->ddp_active_id = -1; 243 mtx_init(&toep->ddp_lock, "t4 ddp", NULL, MTX_DEF); 244 } 245 246 void 247 ddp_uninit_toep(struct toepcb *toep) 248 { 249 250 mtx_destroy(&toep->ddp_lock); 251 } 252 253 void 254 release_ddp_resources(struct toepcb *toep) 255 { 256 struct pageset *ps; 257 int i; 258 259 DDP_LOCK(toep); 260 toep->flags |= DDP_DEAD; 261 for (i = 0; i < nitems(toep->db); i++) { 262 free_ddp_buffer(toep->td, &toep->db[i]); 263 } 264 while ((ps = TAILQ_FIRST(&toep->ddp_cached_pagesets)) != NULL) { 265 TAILQ_REMOVE(&toep->ddp_cached_pagesets, ps, link); 266 free_pageset(toep->td, ps); 267 } 268 ddp_complete_all(toep, 0); 269 DDP_UNLOCK(toep); 270 } 271 272 #ifdef INVARIANTS 273 void 274 ddp_assert_empty(struct toepcb *toep) 275 { 276 int i; 277 278 MPASS(!(toep->ddp_flags & DDP_TASK_ACTIVE)); 279 for (i = 0; i < nitems(toep->db); i++) { 280 MPASS(toep->db[i].job == NULL); 281 MPASS(toep->db[i].ps == NULL); 282 } 283 MPASS(TAILQ_EMPTY(&toep->ddp_cached_pagesets)); 284 MPASS(TAILQ_EMPTY(&toep->ddp_aiojobq)); 285 } 286 #endif 287 288 static void 289 complete_ddp_buffer(struct toepcb *toep, struct ddp_buffer *db, 290 unsigned int db_idx) 291 { 292 unsigned int db_flag; 293 294 toep->ddp_active_count--; 295 if (toep->ddp_active_id == db_idx) { 296 if (toep->ddp_active_count == 0) { 297 KASSERT(toep->db[db_idx ^ 1].job == NULL, 298 ("%s: active_count mismatch", __func__)); 299 toep->ddp_active_id = -1; 300 } else 301 toep->ddp_active_id ^= 1; 302 #ifdef VERBOSE_TRACES 303 CTR2(KTR_CXGBE, "%s: ddp_active_id = %d", __func__, 304 toep->ddp_active_id); 305 #endif 306 } else { 307 KASSERT(toep->ddp_active_count != 0 && 308 toep->ddp_active_id != -1, 309 ("%s: active count mismatch", __func__)); 310 } 311 312 db->cancel_pending = 0; 313 db->job = NULL; 314 recycle_pageset(toep, db->ps); 315 db->ps = NULL; 316 317 db_flag = db_idx == 1 ? DDP_BUF1_ACTIVE : DDP_BUF0_ACTIVE; 318 KASSERT(toep->ddp_flags & db_flag, 319 ("%s: DDP buffer not active. toep %p, ddp_flags 0x%x", 320 __func__, toep, toep->ddp_flags)); 321 toep->ddp_flags &= ~db_flag; 322 } 323 324 /* XXX: handle_ddp_data code duplication */ 325 void 326 insert_ddp_data(struct toepcb *toep, uint32_t n) 327 { 328 struct inpcb *inp = toep->inp; 329 struct tcpcb *tp = intotcpcb(inp); 330 struct ddp_buffer *db; 331 struct kaiocb *job; 332 size_t placed; 333 long copied; 334 unsigned int db_flag, db_idx; 335 336 INP_WLOCK_ASSERT(inp); 337 DDP_ASSERT_LOCKED(toep); 338 339 tp->rcv_nxt += n; 340 #ifndef USE_DDP_RX_FLOW_CONTROL 341 KASSERT(tp->rcv_wnd >= n, ("%s: negative window size", __func__)); 342 tp->rcv_wnd -= n; 343 #endif 344 #ifndef USE_DDP_RX_FLOW_CONTROL 345 toep->rx_credits += n; 346 #endif 347 CTR2(KTR_CXGBE, "%s: placed %u bytes before falling out of DDP", 348 __func__, n); 349 while (toep->ddp_active_count > 0) { 350 MPASS(toep->ddp_active_id != -1); 351 db_idx = toep->ddp_active_id; 352 db_flag = db_idx == 1 ? DDP_BUF1_ACTIVE : DDP_BUF0_ACTIVE; 353 MPASS((toep->ddp_flags & db_flag) != 0); 354 db = &toep->db[db_idx]; 355 job = db->job; 356 copied = job->aio_received; 357 placed = n; 358 if (placed > job->uaiocb.aio_nbytes - copied) 359 placed = job->uaiocb.aio_nbytes - copied; 360 if (placed > 0) 361 job->msgrcv = 1; 362 if (!aio_clear_cancel_function(job)) { 363 /* 364 * Update the copied length for when 365 * t4_aio_cancel_active() completes this 366 * request. 367 */ 368 job->aio_received += placed; 369 } else if (copied + placed != 0) { 370 CTR4(KTR_CXGBE, 371 "%s: completing %p (copied %ld, placed %lu)", 372 __func__, job, copied, placed); 373 /* XXX: This always completes if there is some data. */ 374 aio_complete(job, copied + placed, 0); 375 } else if (aio_set_cancel_function(job, t4_aio_cancel_queued)) { 376 TAILQ_INSERT_HEAD(&toep->ddp_aiojobq, job, list); 377 toep->ddp_waiting_count++; 378 } else 379 aio_cancel(job); 380 n -= placed; 381 complete_ddp_buffer(toep, db, db_idx); 382 } 383 384 MPASS(n == 0); 385 } 386 387 /* SET_TCB_FIELD sent as a ULP command looks like this */ 388 #define LEN__SET_TCB_FIELD_ULP (sizeof(struct ulp_txpkt) + \ 389 sizeof(struct ulptx_idata) + sizeof(struct cpl_set_tcb_field_core)) 390 391 /* RX_DATA_ACK sent as a ULP command looks like this */ 392 #define LEN__RX_DATA_ACK_ULP (sizeof(struct ulp_txpkt) + \ 393 sizeof(struct ulptx_idata) + sizeof(struct cpl_rx_data_ack_core)) 394 395 static inline void * 396 mk_set_tcb_field_ulp(struct ulp_txpkt *ulpmc, struct toepcb *toep, 397 uint64_t word, uint64_t mask, uint64_t val) 398 { 399 struct ulptx_idata *ulpsc; 400 struct cpl_set_tcb_field_core *req; 401 402 ulpmc->cmd_dest = htonl(V_ULPTX_CMD(ULP_TX_PKT) | V_ULP_TXPKT_DEST(0)); 403 ulpmc->len = htobe32(howmany(LEN__SET_TCB_FIELD_ULP, 16)); 404 405 ulpsc = (struct ulptx_idata *)(ulpmc + 1); 406 ulpsc->cmd_more = htobe32(V_ULPTX_CMD(ULP_TX_SC_IMM)); 407 ulpsc->len = htobe32(sizeof(*req)); 408 409 req = (struct cpl_set_tcb_field_core *)(ulpsc + 1); 410 OPCODE_TID(req) = htobe32(MK_OPCODE_TID(CPL_SET_TCB_FIELD, toep->tid)); 411 req->reply_ctrl = htobe16(V_NO_REPLY(1) | 412 V_QUEUENO(toep->ofld_rxq->iq.abs_id)); 413 req->word_cookie = htobe16(V_WORD(word) | V_COOKIE(0)); 414 req->mask = htobe64(mask); 415 req->val = htobe64(val); 416 417 ulpsc = (struct ulptx_idata *)(req + 1); 418 if (LEN__SET_TCB_FIELD_ULP % 16) { 419 ulpsc->cmd_more = htobe32(V_ULPTX_CMD(ULP_TX_SC_NOOP)); 420 ulpsc->len = htobe32(0); 421 return (ulpsc + 1); 422 } 423 return (ulpsc); 424 } 425 426 static inline void * 427 mk_rx_data_ack_ulp(struct ulp_txpkt *ulpmc, struct toepcb *toep) 428 { 429 struct ulptx_idata *ulpsc; 430 struct cpl_rx_data_ack_core *req; 431 432 ulpmc->cmd_dest = htonl(V_ULPTX_CMD(ULP_TX_PKT) | V_ULP_TXPKT_DEST(0)); 433 ulpmc->len = htobe32(howmany(LEN__RX_DATA_ACK_ULP, 16)); 434 435 ulpsc = (struct ulptx_idata *)(ulpmc + 1); 436 ulpsc->cmd_more = htobe32(V_ULPTX_CMD(ULP_TX_SC_IMM)); 437 ulpsc->len = htobe32(sizeof(*req)); 438 439 req = (struct cpl_rx_data_ack_core *)(ulpsc + 1); 440 OPCODE_TID(req) = htobe32(MK_OPCODE_TID(CPL_RX_DATA_ACK, toep->tid)); 441 req->credit_dack = htobe32(F_RX_MODULATE_RX); 442 443 ulpsc = (struct ulptx_idata *)(req + 1); 444 if (LEN__RX_DATA_ACK_ULP % 16) { 445 ulpsc->cmd_more = htobe32(V_ULPTX_CMD(ULP_TX_SC_NOOP)); 446 ulpsc->len = htobe32(0); 447 return (ulpsc + 1); 448 } 449 return (ulpsc); 450 } 451 452 static struct wrqe * 453 mk_update_tcb_for_ddp(struct adapter *sc, struct toepcb *toep, int db_idx, 454 struct pageset *ps, int offset, uint64_t ddp_flags, uint64_t ddp_flags_mask) 455 { 456 struct wrqe *wr; 457 struct work_request_hdr *wrh; 458 struct ulp_txpkt *ulpmc; 459 int len; 460 461 KASSERT(db_idx == 0 || db_idx == 1, 462 ("%s: bad DDP buffer index %d", __func__, db_idx)); 463 464 /* 465 * We'll send a compound work request that has 3 SET_TCB_FIELDs and an 466 * RX_DATA_ACK (with RX_MODULATE to speed up delivery). 467 * 468 * The work request header is 16B and always ends at a 16B boundary. 469 * The ULPTX master commands that follow must all end at 16B boundaries 470 * too so we round up the size to 16. 471 */ 472 len = sizeof(*wrh) + 3 * roundup2(LEN__SET_TCB_FIELD_ULP, 16) + 473 roundup2(LEN__RX_DATA_ACK_ULP, 16); 474 475 wr = alloc_wrqe(len, toep->ctrlq); 476 if (wr == NULL) 477 return (NULL); 478 wrh = wrtod(wr); 479 INIT_ULPTX_WRH(wrh, len, 1, 0); /* atomic */ 480 ulpmc = (struct ulp_txpkt *)(wrh + 1); 481 482 /* Write the buffer's tag */ 483 ulpmc = mk_set_tcb_field_ulp(ulpmc, toep, 484 W_TCB_RX_DDP_BUF0_TAG + db_idx, 485 V_TCB_RX_DDP_BUF0_TAG(M_TCB_RX_DDP_BUF0_TAG), 486 V_TCB_RX_DDP_BUF0_TAG(ps->tag)); 487 488 /* Update the current offset in the DDP buffer and its total length */ 489 if (db_idx == 0) 490 ulpmc = mk_set_tcb_field_ulp(ulpmc, toep, 491 W_TCB_RX_DDP_BUF0_OFFSET, 492 V_TCB_RX_DDP_BUF0_OFFSET(M_TCB_RX_DDP_BUF0_OFFSET) | 493 V_TCB_RX_DDP_BUF0_LEN(M_TCB_RX_DDP_BUF0_LEN), 494 V_TCB_RX_DDP_BUF0_OFFSET(offset) | 495 V_TCB_RX_DDP_BUF0_LEN(ps->len)); 496 else 497 ulpmc = mk_set_tcb_field_ulp(ulpmc, toep, 498 W_TCB_RX_DDP_BUF1_OFFSET, 499 V_TCB_RX_DDP_BUF1_OFFSET(M_TCB_RX_DDP_BUF1_OFFSET) | 500 V_TCB_RX_DDP_BUF1_LEN((u64)M_TCB_RX_DDP_BUF1_LEN << 32), 501 V_TCB_RX_DDP_BUF1_OFFSET(offset) | 502 V_TCB_RX_DDP_BUF1_LEN((u64)ps->len << 32)); 503 504 /* Update DDP flags */ 505 ulpmc = mk_set_tcb_field_ulp(ulpmc, toep, W_TCB_RX_DDP_FLAGS, 506 ddp_flags_mask, ddp_flags); 507 508 /* Gratuitous RX_DATA_ACK with RX_MODULATE set to speed up delivery. */ 509 ulpmc = mk_rx_data_ack_ulp(ulpmc, toep); 510 511 return (wr); 512 } 513 514 static int 515 handle_ddp_data(struct toepcb *toep, __be32 ddp_report, __be32 rcv_nxt, int len) 516 { 517 uint32_t report = be32toh(ddp_report); 518 unsigned int db_idx; 519 struct inpcb *inp = toep->inp; 520 struct ddp_buffer *db; 521 struct tcpcb *tp; 522 struct socket *so; 523 struct sockbuf *sb; 524 struct kaiocb *job; 525 long copied; 526 527 db_idx = report & F_DDP_BUF_IDX ? 1 : 0; 528 529 if (__predict_false(!(report & F_DDP_INV))) 530 CXGBE_UNIMPLEMENTED("DDP buffer still valid"); 531 532 INP_WLOCK(inp); 533 so = inp_inpcbtosocket(inp); 534 sb = &so->so_rcv; 535 DDP_LOCK(toep); 536 537 KASSERT(toep->ddp_active_id == db_idx, 538 ("completed DDP buffer (%d) != active_id (%d) for tid %d", db_idx, 539 toep->ddp_active_id, toep->tid)); 540 db = &toep->db[db_idx]; 541 job = db->job; 542 543 if (__predict_false(inp->inp_flags & (INP_DROPPED | INP_TIMEWAIT))) { 544 /* 545 * This can happen due to an administrative tcpdrop(8). 546 * Just fail the request with ECONNRESET. 547 */ 548 CTR5(KTR_CXGBE, "%s: tid %u, seq 0x%x, len %d, inp_flags 0x%x", 549 __func__, toep->tid, be32toh(rcv_nxt), len, inp->inp_flags); 550 if (aio_clear_cancel_function(job)) 551 ddp_complete_one(job, ECONNRESET); 552 goto completed; 553 } 554 555 tp = intotcpcb(inp); 556 557 /* 558 * For RX_DDP_COMPLETE, len will be zero and rcv_nxt is the 559 * sequence number of the next byte to receive. The length of 560 * the data received for this message must be computed by 561 * comparing the new and old values of rcv_nxt. 562 * 563 * For RX_DATA_DDP, len might be non-zero, but it is only the 564 * length of the most recent DMA. It does not include the 565 * total length of the data received since the previous update 566 * for this DDP buffer. rcv_nxt is the sequence number of the 567 * first received byte from the most recent DMA. 568 */ 569 len += be32toh(rcv_nxt) - tp->rcv_nxt; 570 tp->rcv_nxt += len; 571 tp->t_rcvtime = ticks; 572 #ifndef USE_DDP_RX_FLOW_CONTROL 573 KASSERT(tp->rcv_wnd >= len, ("%s: negative window size", __func__)); 574 tp->rcv_wnd -= len; 575 #endif 576 #ifdef VERBOSE_TRACES 577 CTR4(KTR_CXGBE, "%s: DDP[%d] placed %d bytes (%#x)", __func__, db_idx, 578 len, report); 579 #endif 580 581 /* receive buffer autosize */ 582 CURVNET_SET(so->so_vnet); 583 SOCKBUF_LOCK(sb); 584 if (sb->sb_flags & SB_AUTOSIZE && 585 V_tcp_do_autorcvbuf && 586 sb->sb_hiwat < V_tcp_autorcvbuf_max && 587 len > (sbspace(sb) / 8 * 7)) { 588 unsigned int hiwat = sb->sb_hiwat; 589 unsigned int newsize = min(hiwat + V_tcp_autorcvbuf_inc, 590 V_tcp_autorcvbuf_max); 591 592 if (!sbreserve_locked(sb, newsize, so, NULL)) 593 sb->sb_flags &= ~SB_AUTOSIZE; 594 else 595 toep->rx_credits += newsize - hiwat; 596 } 597 SOCKBUF_UNLOCK(sb); 598 CURVNET_RESTORE(); 599 600 #ifndef USE_DDP_RX_FLOW_CONTROL 601 toep->rx_credits += len; 602 #endif 603 604 job->msgrcv = 1; 605 if (db->cancel_pending) { 606 /* 607 * Update the job's length but defer completion to the 608 * TCB_RPL callback. 609 */ 610 job->aio_received += len; 611 goto out; 612 } else if (!aio_clear_cancel_function(job)) { 613 /* 614 * Update the copied length for when 615 * t4_aio_cancel_active() completes this request. 616 */ 617 job->aio_received += len; 618 } else { 619 copied = job->aio_received; 620 #ifdef VERBOSE_TRACES 621 CTR4(KTR_CXGBE, "%s: completing %p (copied %ld, placed %d)", 622 __func__, job, copied, len); 623 #endif 624 aio_complete(job, copied + len, 0); 625 t4_rcvd(&toep->td->tod, tp); 626 } 627 628 completed: 629 complete_ddp_buffer(toep, db, db_idx); 630 if (toep->ddp_waiting_count > 0) 631 ddp_queue_toep(toep); 632 out: 633 DDP_UNLOCK(toep); 634 INP_WUNLOCK(inp); 635 636 return (0); 637 } 638 639 void 640 handle_ddp_indicate(struct toepcb *toep) 641 { 642 643 DDP_ASSERT_LOCKED(toep); 644 MPASS(toep->ddp_active_count == 0); 645 MPASS((toep->ddp_flags & (DDP_BUF0_ACTIVE | DDP_BUF1_ACTIVE)) == 0); 646 if (toep->ddp_waiting_count == 0) { 647 /* 648 * The pending requests that triggered the request for an 649 * an indicate were cancelled. Those cancels should have 650 * already disabled DDP. Just ignore this as the data is 651 * going into the socket buffer anyway. 652 */ 653 return; 654 } 655 CTR3(KTR_CXGBE, "%s: tid %d indicated (%d waiting)", __func__, 656 toep->tid, toep->ddp_waiting_count); 657 ddp_queue_toep(toep); 658 } 659 660 enum { 661 DDP_BUF0_INVALIDATED = 0x2, 662 DDP_BUF1_INVALIDATED 663 }; 664 665 void 666 handle_ddp_tcb_rpl(struct toepcb *toep, const struct cpl_set_tcb_rpl *cpl) 667 { 668 unsigned int db_idx; 669 struct inpcb *inp = toep->inp; 670 struct ddp_buffer *db; 671 struct kaiocb *job; 672 long copied; 673 674 if (cpl->status != CPL_ERR_NONE) 675 panic("XXX: tcp_rpl failed: %d", cpl->status); 676 677 switch (cpl->cookie) { 678 case V_WORD(W_TCB_RX_DDP_FLAGS) | V_COOKIE(DDP_BUF0_INVALIDATED): 679 case V_WORD(W_TCB_RX_DDP_FLAGS) | V_COOKIE(DDP_BUF1_INVALIDATED): 680 /* 681 * XXX: This duplicates a lot of code with handle_ddp_data(). 682 */ 683 db_idx = G_COOKIE(cpl->cookie) - DDP_BUF0_INVALIDATED; 684 INP_WLOCK(inp); 685 DDP_LOCK(toep); 686 db = &toep->db[db_idx]; 687 688 /* 689 * handle_ddp_data() should leave the job around until 690 * this callback runs once a cancel is pending. 691 */ 692 MPASS(db != NULL); 693 MPASS(db->job != NULL); 694 MPASS(db->cancel_pending); 695 696 /* 697 * XXX: It's not clear what happens if there is data 698 * placed when the buffer is invalidated. I suspect we 699 * need to read the TCB to see how much data was placed. 700 * 701 * For now this just pretends like nothing was placed. 702 * 703 * XXX: Note that if we did check the PCB we would need to 704 * also take care of updating the tp, etc. 705 */ 706 job = db->job; 707 copied = job->aio_received; 708 if (copied == 0) { 709 CTR2(KTR_CXGBE, "%s: cancelling %p", __func__, job); 710 aio_cancel(job); 711 } else { 712 CTR3(KTR_CXGBE, "%s: completing %p (copied %ld)", 713 __func__, job, copied); 714 aio_complete(job, copied, 0); 715 t4_rcvd(&toep->td->tod, intotcpcb(inp)); 716 } 717 718 complete_ddp_buffer(toep, db, db_idx); 719 if (toep->ddp_waiting_count > 0) 720 ddp_queue_toep(toep); 721 DDP_UNLOCK(toep); 722 INP_WUNLOCK(inp); 723 break; 724 default: 725 panic("XXX: unknown tcb_rpl offset %#x, cookie %#x", 726 G_WORD(cpl->cookie), G_COOKIE(cpl->cookie)); 727 } 728 } 729 730 void 731 handle_ddp_close(struct toepcb *toep, struct tcpcb *tp, __be32 rcv_nxt) 732 { 733 struct ddp_buffer *db; 734 struct kaiocb *job; 735 long copied; 736 unsigned int db_flag, db_idx; 737 int len, placed; 738 739 INP_WLOCK_ASSERT(toep->inp); 740 DDP_ASSERT_LOCKED(toep); 741 len = be32toh(rcv_nxt) - tp->rcv_nxt; 742 743 tp->rcv_nxt += len; 744 #ifndef USE_DDP_RX_FLOW_CONTROL 745 toep->rx_credits += len; 746 #endif 747 748 while (toep->ddp_active_count > 0) { 749 MPASS(toep->ddp_active_id != -1); 750 db_idx = toep->ddp_active_id; 751 db_flag = db_idx == 1 ? DDP_BUF1_ACTIVE : DDP_BUF0_ACTIVE; 752 MPASS((toep->ddp_flags & db_flag) != 0); 753 db = &toep->db[db_idx]; 754 job = db->job; 755 copied = job->aio_received; 756 placed = len; 757 if (placed > job->uaiocb.aio_nbytes - copied) 758 placed = job->uaiocb.aio_nbytes - copied; 759 if (placed > 0) 760 job->msgrcv = 1; 761 if (!aio_clear_cancel_function(job)) { 762 /* 763 * Update the copied length for when 764 * t4_aio_cancel_active() completes this 765 * request. 766 */ 767 job->aio_received += placed; 768 } else { 769 CTR4(KTR_CXGBE, "%s: tid %d completed buf %d len %d", 770 __func__, toep->tid, db_idx, placed); 771 aio_complete(job, copied + placed, 0); 772 } 773 len -= placed; 774 complete_ddp_buffer(toep, db, db_idx); 775 } 776 777 MPASS(len == 0); 778 ddp_complete_all(toep, 0); 779 } 780 781 #define DDP_ERR (F_DDP_PPOD_MISMATCH | F_DDP_LLIMIT_ERR | F_DDP_ULIMIT_ERR |\ 782 F_DDP_PPOD_PARITY_ERR | F_DDP_PADDING_ERR | F_DDP_OFFSET_ERR |\ 783 F_DDP_INVALID_TAG | F_DDP_COLOR_ERR | F_DDP_TID_MISMATCH |\ 784 F_DDP_INVALID_PPOD | F_DDP_HDRCRC_ERR | F_DDP_DATACRC_ERR) 785 786 extern cpl_handler_t t4_cpl_handler[]; 787 788 static int 789 do_rx_data_ddp(struct sge_iq *iq, const struct rss_header *rss, struct mbuf *m) 790 { 791 struct adapter *sc = iq->adapter; 792 const struct cpl_rx_data_ddp *cpl = (const void *)(rss + 1); 793 unsigned int tid = GET_TID(cpl); 794 uint32_t vld; 795 struct toepcb *toep = lookup_tid(sc, tid); 796 797 KASSERT(m == NULL, ("%s: wasn't expecting payload", __func__)); 798 KASSERT(toep->tid == tid, ("%s: toep tid/atid mismatch", __func__)); 799 KASSERT(!(toep->flags & TPF_SYNQE), 800 ("%s: toep %p claims to be a synq entry", __func__, toep)); 801 802 vld = be32toh(cpl->ddpvld); 803 if (__predict_false(vld & DDP_ERR)) { 804 panic("%s: DDP error 0x%x (tid %d, toep %p)", 805 __func__, vld, tid, toep); 806 } 807 808 if (toep->ulp_mode == ULP_MODE_ISCSI) { 809 t4_cpl_handler[CPL_RX_ISCSI_DDP](iq, rss, m); 810 return (0); 811 } 812 813 handle_ddp_data(toep, cpl->u.ddp_report, cpl->seq, be16toh(cpl->len)); 814 815 return (0); 816 } 817 818 static int 819 do_rx_ddp_complete(struct sge_iq *iq, const struct rss_header *rss, 820 struct mbuf *m) 821 { 822 struct adapter *sc = iq->adapter; 823 const struct cpl_rx_ddp_complete *cpl = (const void *)(rss + 1); 824 unsigned int tid = GET_TID(cpl); 825 struct toepcb *toep = lookup_tid(sc, tid); 826 827 KASSERT(m == NULL, ("%s: wasn't expecting payload", __func__)); 828 KASSERT(toep->tid == tid, ("%s: toep tid/atid mismatch", __func__)); 829 KASSERT(!(toep->flags & TPF_SYNQE), 830 ("%s: toep %p claims to be a synq entry", __func__, toep)); 831 832 handle_ddp_data(toep, cpl->ddp_report, cpl->rcv_nxt, 0); 833 834 return (0); 835 } 836 837 static void 838 enable_ddp(struct adapter *sc, struct toepcb *toep) 839 { 840 841 KASSERT((toep->ddp_flags & (DDP_ON | DDP_OK | DDP_SC_REQ)) == DDP_OK, 842 ("%s: toep %p has bad ddp_flags 0x%x", 843 __func__, toep, toep->ddp_flags)); 844 845 CTR3(KTR_CXGBE, "%s: tid %u (time %u)", 846 __func__, toep->tid, time_uptime); 847 848 DDP_ASSERT_LOCKED(toep); 849 toep->ddp_flags |= DDP_SC_REQ; 850 t4_set_tcb_field(sc, toep->ctrlq, toep->tid, W_TCB_RX_DDP_FLAGS, 851 V_TF_DDP_OFF(1) | V_TF_DDP_INDICATE_OUT(1) | 852 V_TF_DDP_BUF0_INDICATE(1) | V_TF_DDP_BUF1_INDICATE(1) | 853 V_TF_DDP_BUF0_VALID(1) | V_TF_DDP_BUF1_VALID(1), 854 V_TF_DDP_BUF0_INDICATE(1) | V_TF_DDP_BUF1_INDICATE(1), 0, 0, 855 toep->ofld_rxq->iq.abs_id); 856 t4_set_tcb_field(sc, toep->ctrlq, toep->tid, W_TCB_T_FLAGS, 857 V_TF_RCV_COALESCE_ENABLE(1), 0, 0, 0, toep->ofld_rxq->iq.abs_id); 858 } 859 860 static int 861 calculate_hcf(int n1, int n2) 862 { 863 int a, b, t; 864 865 if (n1 <= n2) { 866 a = n1; 867 b = n2; 868 } else { 869 a = n2; 870 b = n1; 871 } 872 873 while (a != 0) { 874 t = a; 875 a = b % a; 876 b = t; 877 } 878 879 return (b); 880 } 881 882 static int 883 alloc_page_pods(struct tom_data *td, struct pageset *ps) 884 { 885 int i, hcf, seglen, idx, ppod, nppods; 886 u_int ppod_addr; 887 888 KASSERT(ps->nppods == 0, ("%s: page pods already allocated", __func__)); 889 890 /* 891 * The DDP page size is unrelated to the VM page size. We combine 892 * contiguous physical pages into larger segments to get the best DDP 893 * page size possible. This is the largest of the four sizes in 894 * A_ULP_RX_TDDP_PSZ that evenly divides the HCF of the segment sizes in 895 * the page list. 896 */ 897 hcf = 0; 898 for (i = 0; i < ps->npages; i++) { 899 seglen = PAGE_SIZE; 900 while (i < ps->npages - 1 && 901 ps->pages[i]->phys_addr + PAGE_SIZE == 902 ps->pages[i + 1]->phys_addr) { 903 seglen += PAGE_SIZE; 904 i++; 905 } 906 907 hcf = calculate_hcf(hcf, seglen); 908 if (hcf < td->ddp_pgsz[1]) { 909 idx = 0; 910 goto have_pgsz; /* give up, short circuit */ 911 } 912 } 913 914 if (hcf % td->ddp_pgsz[0] != 0) { 915 /* hmmm. This could only happen when PAGE_SIZE < 4K */ 916 KASSERT(PAGE_SIZE < 4096, 917 ("%s: PAGE_SIZE %d, hcf %d", __func__, PAGE_SIZE, hcf)); 918 CTR3(KTR_CXGBE, "%s: PAGE_SIZE %d, hcf %d", 919 __func__, PAGE_SIZE, hcf); 920 return (0); 921 } 922 923 for (idx = nitems(td->ddp_pgsz) - 1; idx > 0; idx--) { 924 if (hcf % td->ddp_pgsz[idx] == 0) 925 break; 926 } 927 have_pgsz: 928 MPASS(idx <= M_PPOD_PGSZ); 929 930 nppods = pages_to_nppods(ps->npages, td->ddp_pgsz[idx]); 931 if (alloc_ppods(td, nppods, &ppod_addr) != 0) { 932 CTR4(KTR_CXGBE, "%s: no pods, nppods %d, npages %d, pgsz %d", 933 __func__, nppods, ps->npages, td->ddp_pgsz[idx]); 934 return (0); 935 } 936 937 ppod = (ppod_addr - td->ppod_start) / PPOD_SIZE; 938 ps->tag = V_PPOD_PGSZ(idx) | V_PPOD_TAG(ppod); 939 ps->ppod_addr = ppod_addr; 940 ps->nppods = nppods; 941 942 CTR5(KTR_CXGBE, "New page pods. " 943 "ps %p, ddp_pgsz %d, ppod 0x%x, npages %d, nppods %d", 944 ps, td->ddp_pgsz[idx], ppod, ps->npages, ps->nppods); 945 946 return (1); 947 } 948 949 #define NUM_ULP_TX_SC_IMM_PPODS (256 / PPOD_SIZE) 950 951 static int 952 write_page_pods(struct adapter *sc, struct toepcb *toep, struct pageset *ps) 953 { 954 struct wrqe *wr; 955 struct ulp_mem_io *ulpmc; 956 struct ulptx_idata *ulpsc; 957 struct pagepod *ppod; 958 struct tom_data *td = sc->tom_softc; 959 int i, j, k, n, chunk, len, ddp_pgsz, idx; 960 u_int ppod_addr; 961 uint32_t cmd; 962 963 KASSERT(!(ps->flags & PS_PPODS_WRITTEN), 964 ("%s: page pods already written", __func__)); 965 966 cmd = htobe32(V_ULPTX_CMD(ULP_TX_MEM_WRITE)); 967 if (is_t4(sc)) 968 cmd |= htobe32(F_ULP_MEMIO_ORDER); 969 else 970 cmd |= htobe32(F_T5_ULP_MEMIO_IMM); 971 ddp_pgsz = td->ddp_pgsz[G_PPOD_PGSZ(ps->tag)]; 972 ppod_addr = ps->ppod_addr; 973 for (i = 0; i < ps->nppods; ppod_addr += chunk) { 974 975 /* How many page pods are we writing in this cycle */ 976 n = min(ps->nppods - i, NUM_ULP_TX_SC_IMM_PPODS); 977 chunk = PPOD_SZ(n); 978 len = roundup2(sizeof(*ulpmc) + sizeof(*ulpsc) + chunk, 16); 979 980 wr = alloc_wrqe(len, toep->ctrlq); 981 if (wr == NULL) 982 return (ENOMEM); /* ok to just bail out */ 983 ulpmc = wrtod(wr); 984 985 INIT_ULPTX_WR(ulpmc, len, 0, 0); 986 ulpmc->cmd = cmd; 987 ulpmc->dlen = htobe32(V_ULP_MEMIO_DATA_LEN(chunk / 32)); 988 ulpmc->len16 = htobe32(howmany(len - sizeof(ulpmc->wr), 16)); 989 ulpmc->lock_addr = htobe32(V_ULP_MEMIO_ADDR(ppod_addr >> 5)); 990 991 ulpsc = (struct ulptx_idata *)(ulpmc + 1); 992 ulpsc->cmd_more = htobe32(V_ULPTX_CMD(ULP_TX_SC_IMM)); 993 ulpsc->len = htobe32(chunk); 994 995 ppod = (struct pagepod *)(ulpsc + 1); 996 for (j = 0; j < n; i++, j++, ppod++) { 997 ppod->vld_tid_pgsz_tag_color = htobe64(F_PPOD_VALID | 998 V_PPOD_TID(toep->tid) | ps->tag); 999 ppod->len_offset = htobe64(V_PPOD_LEN(ps->len) | 1000 V_PPOD_OFST(ps->offset)); 1001 ppod->rsvd = 0; 1002 idx = i * PPOD_PAGES * (ddp_pgsz / PAGE_SIZE); 1003 for (k = 0; k < nitems(ppod->addr); k++) { 1004 if (idx < ps->npages) { 1005 ppod->addr[k] = 1006 htobe64(ps->pages[idx]->phys_addr); 1007 idx += ddp_pgsz / PAGE_SIZE; 1008 } else 1009 ppod->addr[k] = 0; 1010 #if 0 1011 CTR5(KTR_CXGBE, 1012 "%s: tid %d ppod[%d]->addr[%d] = %p", 1013 __func__, toep->tid, i, k, 1014 htobe64(ppod->addr[k])); 1015 #endif 1016 } 1017 1018 } 1019 1020 t4_wrq_tx(sc, wr); 1021 } 1022 ps->flags |= PS_PPODS_WRITTEN; 1023 1024 return (0); 1025 } 1026 1027 static void 1028 wire_pageset(struct pageset *ps) 1029 { 1030 vm_page_t p; 1031 int i; 1032 1033 KASSERT(!(ps->flags & PS_WIRED), ("pageset already wired")); 1034 1035 for (i = 0; i < ps->npages; i++) { 1036 p = ps->pages[i]; 1037 vm_page_lock(p); 1038 vm_page_wire(p); 1039 vm_page_unhold(p); 1040 vm_page_unlock(p); 1041 } 1042 ps->flags |= PS_WIRED; 1043 } 1044 1045 /* 1046 * Prepare a pageset for DDP. This wires the pageset and sets up page 1047 * pods. 1048 */ 1049 static int 1050 prep_pageset(struct adapter *sc, struct toepcb *toep, struct pageset *ps) 1051 { 1052 struct tom_data *td = sc->tom_softc; 1053 1054 if (!(ps->flags & PS_WIRED)) 1055 wire_pageset(ps); 1056 if (ps->nppods == 0 && !alloc_page_pods(td, ps)) { 1057 return (0); 1058 } 1059 if (!(ps->flags & PS_PPODS_WRITTEN) && 1060 write_page_pods(sc, toep, ps) != 0) { 1061 return (0); 1062 } 1063 1064 return (1); 1065 } 1066 1067 void 1068 t4_init_ddp(struct adapter *sc, struct tom_data *td) 1069 { 1070 int i; 1071 uint32_t r; 1072 1073 r = t4_read_reg(sc, A_ULP_RX_TDDP_PSZ); 1074 td->ddp_pgsz[0] = 4096 << G_HPZ0(r); 1075 td->ddp_pgsz[1] = 4096 << G_HPZ1(r); 1076 td->ddp_pgsz[2] = 4096 << G_HPZ2(r); 1077 td->ddp_pgsz[3] = 4096 << G_HPZ3(r); 1078 1079 /* 1080 * The SGL -> page pod algorithm requires the sizes to be in increasing 1081 * order. 1082 */ 1083 for (i = 1; i < nitems(td->ddp_pgsz); i++) { 1084 if (td->ddp_pgsz[i] <= td->ddp_pgsz[i - 1]) 1085 return; 1086 } 1087 1088 td->ppod_start = sc->vres.ddp.start; 1089 td->ppod_arena = vmem_create("DDP page pods", sc->vres.ddp.start, 1090 sc->vres.ddp.size, PPOD_SIZE, 512, M_FIRSTFIT | M_NOWAIT); 1091 } 1092 1093 void 1094 t4_uninit_ddp(struct adapter *sc __unused, struct tom_data *td) 1095 { 1096 1097 if (td->ppod_arena != NULL) { 1098 vmem_destroy(td->ppod_arena); 1099 td->ppod_arena = NULL; 1100 } 1101 } 1102 1103 static int 1104 pscmp(struct pageset *ps, struct vmspace *vm, vm_offset_t start, int npages, 1105 int pgoff, int len) 1106 { 1107 1108 if (ps->npages != npages || ps->offset != pgoff || ps->len != len) 1109 return (1); 1110 1111 return (ps->vm != vm || ps->vm_timestamp != vm->vm_map.timestamp); 1112 } 1113 1114 static int 1115 hold_aio(struct toepcb *toep, struct kaiocb *job, struct pageset **pps) 1116 { 1117 struct vmspace *vm; 1118 vm_map_t map; 1119 vm_offset_t start, end, pgoff; 1120 struct pageset *ps; 1121 int n; 1122 1123 DDP_ASSERT_LOCKED(toep); 1124 1125 /* 1126 * The AIO subsystem will cancel and drain all requests before 1127 * permitting a process to exit or exec, so p_vmspace should 1128 * be stable here. 1129 */ 1130 vm = job->userproc->p_vmspace; 1131 map = &vm->vm_map; 1132 start = (uintptr_t)job->uaiocb.aio_buf; 1133 pgoff = start & PAGE_MASK; 1134 end = round_page(start + job->uaiocb.aio_nbytes); 1135 start = trunc_page(start); 1136 1137 if (end - start > MAX_DDP_BUFFER_SIZE) { 1138 /* 1139 * Truncate the request to a short read. 1140 * Alternatively, we could DDP in chunks to the larger 1141 * buffer, but that would be quite a bit more work. 1142 * 1143 * When truncating, round the request down to avoid 1144 * crossing a cache line on the final transaction. 1145 */ 1146 end = rounddown2(start + MAX_DDP_BUFFER_SIZE, CACHE_LINE_SIZE); 1147 #ifdef VERBOSE_TRACES 1148 CTR4(KTR_CXGBE, "%s: tid %d, truncating size from %lu to %lu", 1149 __func__, toep->tid, (unsigned long)job->uaiocb.aio_nbytes, 1150 (unsigned long)(end - (start + pgoff))); 1151 job->uaiocb.aio_nbytes = end - (start + pgoff); 1152 #endif 1153 end = round_page(end); 1154 } 1155 1156 n = atop(end - start); 1157 1158 /* 1159 * Try to reuse a cached pageset. 1160 */ 1161 TAILQ_FOREACH(ps, &toep->ddp_cached_pagesets, link) { 1162 if (pscmp(ps, vm, start, n, pgoff, 1163 job->uaiocb.aio_nbytes) == 0) { 1164 TAILQ_REMOVE(&toep->ddp_cached_pagesets, ps, link); 1165 toep->ddp_cached_count--; 1166 *pps = ps; 1167 return (0); 1168 } 1169 } 1170 1171 /* 1172 * If there are too many cached pagesets to create a new one, 1173 * free a pageset before creating a new one. 1174 */ 1175 KASSERT(toep->ddp_active_count + toep->ddp_cached_count <= 1176 nitems(toep->db), ("%s: too many wired pagesets", __func__)); 1177 if (toep->ddp_active_count + toep->ddp_cached_count == 1178 nitems(toep->db)) { 1179 KASSERT(toep->ddp_cached_count > 0, 1180 ("no cached pageset to free")); 1181 ps = TAILQ_LAST(&toep->ddp_cached_pagesets, pagesetq); 1182 TAILQ_REMOVE(&toep->ddp_cached_pagesets, ps, link); 1183 toep->ddp_cached_count--; 1184 free_pageset(toep->td, ps); 1185 } 1186 DDP_UNLOCK(toep); 1187 1188 /* Create a new pageset. */ 1189 ps = malloc(sizeof(*ps) + n * sizeof(vm_page_t), M_CXGBE, M_WAITOK | 1190 M_ZERO); 1191 ps->pages = (vm_page_t *)(ps + 1); 1192 ps->vm_timestamp = map->timestamp; 1193 ps->npages = vm_fault_quick_hold_pages(map, start, end - start, 1194 VM_PROT_WRITE, ps->pages, n); 1195 1196 DDP_LOCK(toep); 1197 if (ps->npages < 0) { 1198 free(ps, M_CXGBE); 1199 return (EFAULT); 1200 } 1201 1202 KASSERT(ps->npages == n, ("hold_aio: page count mismatch: %d vs %d", 1203 ps->npages, n)); 1204 1205 ps->offset = pgoff; 1206 ps->len = job->uaiocb.aio_nbytes; 1207 atomic_add_int(&vm->vm_refcnt, 1); 1208 ps->vm = vm; 1209 1210 CTR5(KTR_CXGBE, "%s: tid %d, new pageset %p for job %p, npages %d", 1211 __func__, toep->tid, ps, job, ps->npages); 1212 *pps = ps; 1213 return (0); 1214 } 1215 1216 static void 1217 ddp_complete_all(struct toepcb *toep, int error) 1218 { 1219 struct kaiocb *job; 1220 1221 DDP_ASSERT_LOCKED(toep); 1222 while (!TAILQ_EMPTY(&toep->ddp_aiojobq)) { 1223 job = TAILQ_FIRST(&toep->ddp_aiojobq); 1224 TAILQ_REMOVE(&toep->ddp_aiojobq, job, list); 1225 toep->ddp_waiting_count--; 1226 if (aio_clear_cancel_function(job)) 1227 ddp_complete_one(job, error); 1228 } 1229 } 1230 1231 static void 1232 aio_ddp_cancel_one(struct kaiocb *job) 1233 { 1234 long copied; 1235 1236 /* 1237 * If this job had copied data out of the socket buffer before 1238 * it was cancelled, report it as a short read rather than an 1239 * error. 1240 */ 1241 copied = job->aio_received; 1242 if (copied != 0) 1243 aio_complete(job, copied, 0); 1244 else 1245 aio_cancel(job); 1246 } 1247 1248 /* 1249 * Called when the main loop wants to requeue a job to retry it later. 1250 * Deals with the race of the job being cancelled while it was being 1251 * examined. 1252 */ 1253 static void 1254 aio_ddp_requeue_one(struct toepcb *toep, struct kaiocb *job) 1255 { 1256 1257 DDP_ASSERT_LOCKED(toep); 1258 if (!(toep->ddp_flags & DDP_DEAD) && 1259 aio_set_cancel_function(job, t4_aio_cancel_queued)) { 1260 TAILQ_INSERT_HEAD(&toep->ddp_aiojobq, job, list); 1261 toep->ddp_waiting_count++; 1262 } else 1263 aio_ddp_cancel_one(job); 1264 } 1265 1266 static void 1267 aio_ddp_requeue(struct toepcb *toep) 1268 { 1269 struct adapter *sc = td_adapter(toep->td); 1270 struct socket *so; 1271 struct sockbuf *sb; 1272 struct inpcb *inp; 1273 struct kaiocb *job; 1274 struct ddp_buffer *db; 1275 size_t copied, offset, resid; 1276 struct pageset *ps; 1277 struct mbuf *m; 1278 uint64_t ddp_flags, ddp_flags_mask; 1279 struct wrqe *wr; 1280 int buf_flag, db_idx, error; 1281 1282 DDP_ASSERT_LOCKED(toep); 1283 1284 restart: 1285 if (toep->ddp_flags & DDP_DEAD) { 1286 MPASS(toep->ddp_waiting_count == 0); 1287 MPASS(toep->ddp_active_count == 0); 1288 return; 1289 } 1290 1291 if (toep->ddp_waiting_count == 0 || 1292 toep->ddp_active_count == nitems(toep->db)) { 1293 return; 1294 } 1295 1296 job = TAILQ_FIRST(&toep->ddp_aiojobq); 1297 so = job->fd_file->f_data; 1298 sb = &so->so_rcv; 1299 SOCKBUF_LOCK(sb); 1300 1301 /* We will never get anything unless we are or were connected. */ 1302 if (!(so->so_state & (SS_ISCONNECTED|SS_ISDISCONNECTED))) { 1303 SOCKBUF_UNLOCK(sb); 1304 ddp_complete_all(toep, ENOTCONN); 1305 return; 1306 } 1307 1308 KASSERT(toep->ddp_active_count == 0 || sbavail(sb) == 0, 1309 ("%s: pending sockbuf data and DDP is active", __func__)); 1310 1311 /* Abort if socket has reported problems. */ 1312 /* XXX: Wait for any queued DDP's to finish and/or flush them? */ 1313 if (so->so_error && sbavail(sb) == 0) { 1314 toep->ddp_waiting_count--; 1315 TAILQ_REMOVE(&toep->ddp_aiojobq, job, list); 1316 if (!aio_clear_cancel_function(job)) { 1317 SOCKBUF_UNLOCK(sb); 1318 goto restart; 1319 } 1320 1321 /* 1322 * If this job has previously copied some data, report 1323 * a short read and leave the error to be reported by 1324 * a future request. 1325 */ 1326 copied = job->aio_received; 1327 if (copied != 0) { 1328 SOCKBUF_UNLOCK(sb); 1329 aio_complete(job, copied, 0); 1330 goto restart; 1331 } 1332 error = so->so_error; 1333 so->so_error = 0; 1334 SOCKBUF_UNLOCK(sb); 1335 aio_complete(job, -1, error); 1336 goto restart; 1337 } 1338 1339 /* 1340 * Door is closed. If there is pending data in the socket buffer, 1341 * deliver it. If there are pending DDP requests, wait for those 1342 * to complete. Once they have completed, return EOF reads. 1343 */ 1344 if (sb->sb_state & SBS_CANTRCVMORE && sbavail(sb) == 0) { 1345 SOCKBUF_UNLOCK(sb); 1346 if (toep->ddp_active_count != 0) 1347 return; 1348 ddp_complete_all(toep, 0); 1349 return; 1350 } 1351 1352 /* 1353 * If DDP is not enabled and there is no pending socket buffer 1354 * data, try to enable DDP. 1355 */ 1356 if (sbavail(sb) == 0 && (toep->ddp_flags & DDP_ON) == 0) { 1357 SOCKBUF_UNLOCK(sb); 1358 1359 /* 1360 * Wait for the card to ACK that DDP is enabled before 1361 * queueing any buffers. Currently this waits for an 1362 * indicate to arrive. This could use a TCB_SET_FIELD_RPL 1363 * message to know that DDP was enabled instead of waiting 1364 * for the indicate which would avoid copying the indicate 1365 * if no data is pending. 1366 * 1367 * XXX: Might want to limit the indicate size to the size 1368 * of the first queued request. 1369 */ 1370 if ((toep->ddp_flags & DDP_SC_REQ) == 0) 1371 enable_ddp(sc, toep); 1372 return; 1373 } 1374 SOCKBUF_UNLOCK(sb); 1375 1376 /* 1377 * If another thread is queueing a buffer for DDP, let it 1378 * drain any work and return. 1379 */ 1380 if (toep->ddp_queueing != NULL) 1381 return; 1382 1383 /* Take the next job to prep it for DDP. */ 1384 toep->ddp_waiting_count--; 1385 TAILQ_REMOVE(&toep->ddp_aiojobq, job, list); 1386 if (!aio_clear_cancel_function(job)) 1387 goto restart; 1388 toep->ddp_queueing = job; 1389 1390 /* NB: This drops DDP_LOCK while it holds the backing VM pages. */ 1391 error = hold_aio(toep, job, &ps); 1392 if (error != 0) { 1393 ddp_complete_one(job, error); 1394 toep->ddp_queueing = NULL; 1395 goto restart; 1396 } 1397 1398 SOCKBUF_LOCK(sb); 1399 if (so->so_error && sbavail(sb) == 0) { 1400 copied = job->aio_received; 1401 if (copied != 0) { 1402 SOCKBUF_UNLOCK(sb); 1403 recycle_pageset(toep, ps); 1404 aio_complete(job, copied, 0); 1405 toep->ddp_queueing = NULL; 1406 goto restart; 1407 } 1408 1409 error = so->so_error; 1410 so->so_error = 0; 1411 SOCKBUF_UNLOCK(sb); 1412 recycle_pageset(toep, ps); 1413 aio_complete(job, -1, error); 1414 toep->ddp_queueing = NULL; 1415 goto restart; 1416 } 1417 1418 if (sb->sb_state & SBS_CANTRCVMORE && sbavail(sb) == 0) { 1419 SOCKBUF_UNLOCK(sb); 1420 recycle_pageset(toep, ps); 1421 if (toep->ddp_active_count != 0) { 1422 /* 1423 * The door is closed, but there are still pending 1424 * DDP buffers. Requeue. These jobs will all be 1425 * completed once those buffers drain. 1426 */ 1427 aio_ddp_requeue_one(toep, job); 1428 toep->ddp_queueing = NULL; 1429 return; 1430 } 1431 ddp_complete_one(job, 0); 1432 ddp_complete_all(toep, 0); 1433 toep->ddp_queueing = NULL; 1434 return; 1435 } 1436 1437 sbcopy: 1438 /* 1439 * If the toep is dead, there shouldn't be any data in the socket 1440 * buffer, so the above case should have handled this. 1441 */ 1442 MPASS(!(toep->ddp_flags & DDP_DEAD)); 1443 1444 /* 1445 * If there is pending data in the socket buffer (either 1446 * from before the requests were queued or a DDP indicate), 1447 * copy those mbufs out directly. 1448 */ 1449 copied = 0; 1450 offset = ps->offset + job->aio_received; 1451 MPASS(job->aio_received <= job->uaiocb.aio_nbytes); 1452 resid = job->uaiocb.aio_nbytes - job->aio_received; 1453 m = sb->sb_mb; 1454 KASSERT(m == NULL || toep->ddp_active_count == 0, 1455 ("%s: sockbuf data with active DDP", __func__)); 1456 while (m != NULL && resid > 0) { 1457 struct iovec iov[1]; 1458 struct uio uio; 1459 int error; 1460 1461 iov[0].iov_base = mtod(m, void *); 1462 iov[0].iov_len = m->m_len; 1463 if (iov[0].iov_len > resid) 1464 iov[0].iov_len = resid; 1465 uio.uio_iov = iov; 1466 uio.uio_iovcnt = 1; 1467 uio.uio_offset = 0; 1468 uio.uio_resid = iov[0].iov_len; 1469 uio.uio_segflg = UIO_SYSSPACE; 1470 uio.uio_rw = UIO_WRITE; 1471 error = uiomove_fromphys(ps->pages, offset + copied, 1472 uio.uio_resid, &uio); 1473 MPASS(error == 0 && uio.uio_resid == 0); 1474 copied += uio.uio_offset; 1475 resid -= uio.uio_offset; 1476 m = m->m_next; 1477 } 1478 if (copied != 0) { 1479 sbdrop_locked(sb, copied); 1480 job->aio_received += copied; 1481 job->msgrcv = 1; 1482 copied = job->aio_received; 1483 inp = sotoinpcb(so); 1484 if (!INP_TRY_WLOCK(inp)) { 1485 /* 1486 * The reference on the socket file descriptor in 1487 * the AIO job should keep 'sb' and 'inp' stable. 1488 * Our caller has a reference on the 'toep' that 1489 * keeps it stable. 1490 */ 1491 SOCKBUF_UNLOCK(sb); 1492 DDP_UNLOCK(toep); 1493 INP_WLOCK(inp); 1494 DDP_LOCK(toep); 1495 SOCKBUF_LOCK(sb); 1496 1497 /* 1498 * If the socket has been closed, we should detect 1499 * that and complete this request if needed on 1500 * the next trip around the loop. 1501 */ 1502 } 1503 t4_rcvd_locked(&toep->td->tod, intotcpcb(inp)); 1504 INP_WUNLOCK(inp); 1505 if (resid == 0 || toep->ddp_flags & DDP_DEAD) { 1506 /* 1507 * We filled the entire buffer with socket 1508 * data, DDP is not being used, or the socket 1509 * is being shut down, so complete the 1510 * request. 1511 */ 1512 SOCKBUF_UNLOCK(sb); 1513 recycle_pageset(toep, ps); 1514 aio_complete(job, copied, 0); 1515 toep->ddp_queueing = NULL; 1516 goto restart; 1517 } 1518 1519 /* 1520 * If DDP is not enabled, requeue this request and restart. 1521 * This will either enable DDP or wait for more data to 1522 * arrive on the socket buffer. 1523 */ 1524 if ((toep->ddp_flags & (DDP_ON | DDP_SC_REQ)) != DDP_ON) { 1525 SOCKBUF_UNLOCK(sb); 1526 recycle_pageset(toep, ps); 1527 aio_ddp_requeue_one(toep, job); 1528 toep->ddp_queueing = NULL; 1529 goto restart; 1530 } 1531 1532 /* 1533 * An indicate might have arrived and been added to 1534 * the socket buffer while it was unlocked after the 1535 * copy to lock the INP. If so, restart the copy. 1536 */ 1537 if (sbavail(sb) != 0) 1538 goto sbcopy; 1539 } 1540 SOCKBUF_UNLOCK(sb); 1541 1542 if (prep_pageset(sc, toep, ps) == 0) { 1543 recycle_pageset(toep, ps); 1544 aio_ddp_requeue_one(toep, job); 1545 toep->ddp_queueing = NULL; 1546 1547 /* 1548 * XXX: Need to retry this later. Mostly need a trigger 1549 * when page pods are freed up. 1550 */ 1551 printf("%s: prep_pageset failed\n", __func__); 1552 return; 1553 } 1554 1555 /* Determine which DDP buffer to use. */ 1556 if (toep->db[0].job == NULL) { 1557 db_idx = 0; 1558 } else { 1559 MPASS(toep->db[1].job == NULL); 1560 db_idx = 1; 1561 } 1562 1563 ddp_flags = 0; 1564 ddp_flags_mask = 0; 1565 if (db_idx == 0) { 1566 ddp_flags |= V_TF_DDP_BUF0_VALID(1); 1567 if (so->so_state & SS_NBIO) 1568 ddp_flags |= V_TF_DDP_BUF0_FLUSH(1); 1569 ddp_flags_mask |= V_TF_DDP_PSH_NO_INVALIDATE0(1) | 1570 V_TF_DDP_PUSH_DISABLE_0(1) | V_TF_DDP_PSHF_ENABLE_0(1) | 1571 V_TF_DDP_BUF0_FLUSH(1) | V_TF_DDP_BUF0_VALID(1); 1572 buf_flag = DDP_BUF0_ACTIVE; 1573 } else { 1574 ddp_flags |= V_TF_DDP_BUF1_VALID(1); 1575 if (so->so_state & SS_NBIO) 1576 ddp_flags |= V_TF_DDP_BUF1_FLUSH(1); 1577 ddp_flags_mask |= V_TF_DDP_PSH_NO_INVALIDATE1(1) | 1578 V_TF_DDP_PUSH_DISABLE_1(1) | V_TF_DDP_PSHF_ENABLE_1(1) | 1579 V_TF_DDP_BUF1_FLUSH(1) | V_TF_DDP_BUF1_VALID(1); 1580 buf_flag = DDP_BUF1_ACTIVE; 1581 } 1582 MPASS((toep->ddp_flags & buf_flag) == 0); 1583 if ((toep->ddp_flags & (DDP_BUF0_ACTIVE | DDP_BUF1_ACTIVE)) == 0) { 1584 MPASS(db_idx == 0); 1585 MPASS(toep->ddp_active_id == -1); 1586 MPASS(toep->ddp_active_count == 0); 1587 ddp_flags_mask |= V_TF_DDP_ACTIVE_BUF(1); 1588 } 1589 1590 /* 1591 * The TID for this connection should still be valid. If DDP_DEAD 1592 * is set, SBS_CANTRCVMORE should be set, so we shouldn't be 1593 * this far anyway. Even if the socket is closing on the other 1594 * end, the AIO job holds a reference on this end of the socket 1595 * which will keep it open and keep the TCP PCB attached until 1596 * after the job is completed. 1597 */ 1598 wr = mk_update_tcb_for_ddp(sc, toep, db_idx, ps, job->aio_received, 1599 ddp_flags, ddp_flags_mask); 1600 if (wr == NULL) { 1601 recycle_pageset(toep, ps); 1602 aio_ddp_requeue_one(toep, job); 1603 toep->ddp_queueing = NULL; 1604 1605 /* 1606 * XXX: Need a way to kick a retry here. 1607 * 1608 * XXX: We know the fixed size needed and could 1609 * preallocate this using a blocking request at the 1610 * start of the task to avoid having to handle this 1611 * edge case. 1612 */ 1613 printf("%s: mk_update_tcb_for_ddp failed\n", __func__); 1614 return; 1615 } 1616 1617 if (!aio_set_cancel_function(job, t4_aio_cancel_active)) { 1618 free_wrqe(wr); 1619 recycle_pageset(toep, ps); 1620 aio_ddp_cancel_one(job); 1621 toep->ddp_queueing = NULL; 1622 goto restart; 1623 } 1624 1625 #ifdef VERBOSE_TRACES 1626 CTR5(KTR_CXGBE, "%s: scheduling %p for DDP[%d] (flags %#lx/%#lx)", 1627 __func__, job, db_idx, ddp_flags, ddp_flags_mask); 1628 #endif 1629 /* Give the chip the go-ahead. */ 1630 t4_wrq_tx(sc, wr); 1631 db = &toep->db[db_idx]; 1632 db->cancel_pending = 0; 1633 db->job = job; 1634 db->ps = ps; 1635 toep->ddp_queueing = NULL; 1636 toep->ddp_flags |= buf_flag; 1637 toep->ddp_active_count++; 1638 if (toep->ddp_active_count == 1) { 1639 MPASS(toep->ddp_active_id == -1); 1640 toep->ddp_active_id = db_idx; 1641 CTR2(KTR_CXGBE, "%s: ddp_active_id = %d", __func__, 1642 toep->ddp_active_id); 1643 } 1644 goto restart; 1645 } 1646 1647 void 1648 ddp_queue_toep(struct toepcb *toep) 1649 { 1650 1651 DDP_ASSERT_LOCKED(toep); 1652 if (toep->ddp_flags & DDP_TASK_ACTIVE) 1653 return; 1654 toep->ddp_flags |= DDP_TASK_ACTIVE; 1655 hold_toepcb(toep); 1656 soaio_enqueue(&toep->ddp_requeue_task); 1657 } 1658 1659 static void 1660 aio_ddp_requeue_task(void *context, int pending) 1661 { 1662 struct toepcb *toep = context; 1663 1664 DDP_LOCK(toep); 1665 aio_ddp_requeue(toep); 1666 toep->ddp_flags &= ~DDP_TASK_ACTIVE; 1667 DDP_UNLOCK(toep); 1668 1669 free_toepcb(toep); 1670 } 1671 1672 static void 1673 t4_aio_cancel_active(struct kaiocb *job) 1674 { 1675 struct socket *so = job->fd_file->f_data; 1676 struct tcpcb *tp = so_sototcpcb(so); 1677 struct toepcb *toep = tp->t_toe; 1678 struct adapter *sc = td_adapter(toep->td); 1679 uint64_t valid_flag; 1680 int i; 1681 1682 DDP_LOCK(toep); 1683 if (aio_cancel_cleared(job)) { 1684 DDP_UNLOCK(toep); 1685 aio_ddp_cancel_one(job); 1686 return; 1687 } 1688 1689 for (i = 0; i < nitems(toep->db); i++) { 1690 if (toep->db[i].job == job) { 1691 /* Should only ever get one cancel request for a job. */ 1692 MPASS(toep->db[i].cancel_pending == 0); 1693 1694 /* 1695 * Invalidate this buffer. It will be 1696 * cancelled or partially completed once the 1697 * card ACKs the invalidate. 1698 */ 1699 valid_flag = i == 0 ? V_TF_DDP_BUF0_VALID(1) : 1700 V_TF_DDP_BUF1_VALID(1); 1701 t4_set_tcb_field(sc, toep->ctrlq, toep->tid, 1702 W_TCB_RX_DDP_FLAGS, valid_flag, 0, 1, 1703 i + DDP_BUF0_INVALIDATED, 1704 toep->ofld_rxq->iq.abs_id); 1705 toep->db[i].cancel_pending = 1; 1706 CTR2(KTR_CXGBE, "%s: request %p marked pending", 1707 __func__, job); 1708 break; 1709 } 1710 } 1711 DDP_UNLOCK(toep); 1712 } 1713 1714 static void 1715 t4_aio_cancel_queued(struct kaiocb *job) 1716 { 1717 struct socket *so = job->fd_file->f_data; 1718 struct tcpcb *tp = so_sototcpcb(so); 1719 struct toepcb *toep = tp->t_toe; 1720 1721 DDP_LOCK(toep); 1722 if (!aio_cancel_cleared(job)) { 1723 TAILQ_REMOVE(&toep->ddp_aiojobq, job, list); 1724 toep->ddp_waiting_count--; 1725 if (toep->ddp_waiting_count == 0) 1726 ddp_queue_toep(toep); 1727 } 1728 CTR2(KTR_CXGBE, "%s: request %p cancelled", __func__, job); 1729 DDP_UNLOCK(toep); 1730 1731 aio_ddp_cancel_one(job); 1732 } 1733 1734 int 1735 t4_aio_queue_ddp(struct socket *so, struct kaiocb *job) 1736 { 1737 struct tcpcb *tp = so_sototcpcb(so); 1738 struct toepcb *toep = tp->t_toe; 1739 1740 1741 /* Ignore writes. */ 1742 if (job->uaiocb.aio_lio_opcode != LIO_READ) 1743 return (EOPNOTSUPP); 1744 1745 DDP_LOCK(toep); 1746 1747 /* 1748 * XXX: Think about possibly returning errors for ENOTCONN, 1749 * etc. Perhaps the caller would only queue the request 1750 * if it failed with EOPNOTSUPP? 1751 */ 1752 1753 #ifdef VERBOSE_TRACES 1754 CTR2(KTR_CXGBE, "%s: queueing %p", __func__, job); 1755 #endif 1756 if (!aio_set_cancel_function(job, t4_aio_cancel_queued)) 1757 panic("new job was cancelled"); 1758 TAILQ_INSERT_TAIL(&toep->ddp_aiojobq, job, list); 1759 toep->ddp_waiting_count++; 1760 toep->ddp_flags |= DDP_OK; 1761 1762 /* 1763 * Try to handle this request synchronously. If this has 1764 * to block because the task is running, it will just bail 1765 * and let the task handle it instead. 1766 */ 1767 aio_ddp_requeue(toep); 1768 DDP_UNLOCK(toep); 1769 return (0); 1770 } 1771 1772 int 1773 t4_ddp_mod_load(void) 1774 { 1775 1776 t4_register_cpl_handler(CPL_RX_DATA_DDP, do_rx_data_ddp); 1777 t4_register_cpl_handler(CPL_RX_DDP_COMPLETE, do_rx_ddp_complete); 1778 TAILQ_INIT(&ddp_orphan_pagesets); 1779 mtx_init(&ddp_orphan_pagesets_lock, "ddp orphans", NULL, MTX_DEF); 1780 TASK_INIT(&ddp_orphan_task, 0, ddp_free_orphan_pagesets, NULL); 1781 return (0); 1782 } 1783 1784 void 1785 t4_ddp_mod_unload(void) 1786 { 1787 1788 taskqueue_drain(taskqueue_thread, &ddp_orphan_task); 1789 MPASS(TAILQ_EMPTY(&ddp_orphan_pagesets)); 1790 mtx_destroy(&ddp_orphan_pagesets_lock); 1791 t4_register_cpl_handler(CPL_RX_DATA_DDP, NULL); 1792 t4_register_cpl_handler(CPL_RX_DDP_COMPLETE, NULL); 1793 } 1794 #endif 1795