xref: /freebsd/sys/dev/irdma/irdma_cm.c (revision 6580f5c38dd5b01aeeaed16b370f1a12423437f0)
1 /*-
2  * SPDX-License-Identifier: GPL-2.0 or Linux-OpenIB
3  *
4  * Copyright (c) 2015 - 2023 Intel Corporation
5  *
6  * This software is available to you under a choice of one of two
7  * licenses.  You may choose to be licensed under the terms of the GNU
8  * General Public License (GPL) Version 2, available from the file
9  * COPYING in the main directory of this source tree, or the
10  * OpenFabrics.org BSD license below:
11  *
12  *   Redistribution and use in source and binary forms, with or
13  *   without modification, are permitted provided that the following
14  *   conditions are met:
15  *
16  *    - Redistributions of source code must retain the above
17  *	copyright notice, this list of conditions and the following
18  *	disclaimer.
19  *
20  *    - Redistributions in binary form must reproduce the above
21  *	copyright notice, this list of conditions and the following
22  *	disclaimer in the documentation and/or other materials
23  *	provided with the distribution.
24  *
25  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
26  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
27  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
28  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
29  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
30  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
31  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
32  * SOFTWARE.
33  */
34 
35 #include "irdma_main.h"
36 
37 static void irdma_cm_post_event(struct irdma_cm_event *event);
38 static void irdma_disconnect_worker(struct work_struct *work);
39 
40 /**
41  * irdma_free_sqbuf - put back puda buffer if refcount is 0
42  * @vsi: The VSI structure of the device
43  * @bufp: puda buffer to free
44  */
45 void
46 irdma_free_sqbuf(struct irdma_sc_vsi *vsi, void *bufp)
47 {
48 	struct irdma_puda_buf *buf = bufp;
49 	struct irdma_puda_rsrc *ilq = vsi->ilq;
50 
51 	if (atomic_dec_and_test(&buf->refcount))
52 		irdma_puda_ret_bufpool(ilq, buf);
53 }
54 
55 /**
56  * irdma_record_ird_ord - Record IRD/ORD passed in
57  * @cm_node: connection's node
58  * @conn_ird: connection IRD
59  * @conn_ord: connection ORD
60  */
61 static void
62 irdma_record_ird_ord(struct irdma_cm_node *cm_node, u32 conn_ird,
63 		     u32 conn_ord)
64 {
65 	if (conn_ird > cm_node->dev->hw_attrs.max_hw_ird)
66 		conn_ird = cm_node->dev->hw_attrs.max_hw_ird;
67 
68 	if (conn_ord > cm_node->dev->hw_attrs.max_hw_ord)
69 		conn_ord = cm_node->dev->hw_attrs.max_hw_ord;
70 	else if (!conn_ord && cm_node->send_rdma0_op == SEND_RDMA_READ_ZERO)
71 		conn_ord = 1;
72 	cm_node->ird_size = conn_ird;
73 	cm_node->ord_size = conn_ord;
74 }
75 
76 /**
77  * irdma_copy_ip_ntohl - copy IP address from  network to host
78  * @dst: IP address in host order
79  * @src: IP address in network order (big endian)
80  */
81 void
82 irdma_copy_ip_ntohl(u32 *dst, __be32 *src)
83 {
84 	*dst++ = ntohl(*src++);
85 	*dst++ = ntohl(*src++);
86 	*dst++ = ntohl(*src++);
87 	*dst = ntohl(*src);
88 }
89 
90 /**
91  * irdma_copy_ip_htonl - copy IP address from host to network order
92  * @dst: IP address in network order (big endian)
93  * @src: IP address in host order
94  */
95 void
96 irdma_copy_ip_htonl(__be32 *dst, u32 *src)
97 {
98 	*dst++ = htonl(*src++);
99 	*dst++ = htonl(*src++);
100 	*dst++ = htonl(*src++);
101 	*dst = htonl(*src);
102 }
103 
104 /**
105  * irdma_get_addr_info
106  * @cm_node: contains ip/tcp info
107  * @cm_info: to get a copy of the cm_node ip/tcp info
108  */
109 static void
110 irdma_get_addr_info(struct irdma_cm_node *cm_node,
111 		    struct irdma_cm_info *cm_info)
112 {
113 	memset(cm_info, 0, sizeof(*cm_info));
114 	cm_info->ipv4 = cm_node->ipv4;
115 	cm_info->vlan_id = cm_node->vlan_id;
116 	memcpy(cm_info->loc_addr, cm_node->loc_addr, sizeof(cm_info->loc_addr));
117 	memcpy(cm_info->rem_addr, cm_node->rem_addr, sizeof(cm_info->rem_addr));
118 	cm_info->loc_port = cm_node->loc_port;
119 	cm_info->rem_port = cm_node->rem_port;
120 }
121 
122 /**
123  * irdma_fill_sockaddr4 - fill in addr info for IPv4 connection
124  * @cm_node: connection's node
125  * @event: upper layer's cm event
126  */
127 static inline void
128 irdma_fill_sockaddr4(struct irdma_cm_node *cm_node,
129 		     struct iw_cm_event *event)
130 {
131 	struct sockaddr_in *laddr = (struct sockaddr_in *)&event->local_addr;
132 	struct sockaddr_in *raddr = (struct sockaddr_in *)&event->remote_addr;
133 
134 	laddr->sin_family = AF_INET;
135 	raddr->sin_family = AF_INET;
136 
137 	laddr->sin_port = htons(cm_node->loc_port);
138 	raddr->sin_port = htons(cm_node->rem_port);
139 
140 	laddr->sin_addr.s_addr = htonl(cm_node->loc_addr[0]);
141 	raddr->sin_addr.s_addr = htonl(cm_node->rem_addr[0]);
142 }
143 
144 /**
145  * irdma_fill_sockaddr6 - fill in addr info for IPv6 connection
146  * @cm_node: connection's node
147  * @event: upper layer's cm event
148  */
149 static inline void
150 irdma_fill_sockaddr6(struct irdma_cm_node *cm_node,
151 		     struct iw_cm_event *event)
152 {
153 	struct sockaddr_in6 *laddr6 = (struct sockaddr_in6 *)&event->local_addr;
154 	struct sockaddr_in6 *raddr6 = (struct sockaddr_in6 *)&event->remote_addr;
155 
156 	laddr6->sin6_family = AF_INET6;
157 	raddr6->sin6_family = AF_INET6;
158 
159 	laddr6->sin6_port = htons(cm_node->loc_port);
160 	raddr6->sin6_port = htons(cm_node->rem_port);
161 
162 	irdma_copy_ip_htonl(laddr6->sin6_addr.__u6_addr.__u6_addr32,
163 			    cm_node->loc_addr);
164 	irdma_copy_ip_htonl(raddr6->sin6_addr.__u6_addr.__u6_addr32,
165 			    cm_node->rem_addr);
166 }
167 
168 /**
169  * irdma_get_cmevent_info - for cm event upcall
170  * @cm_node: connection's node
171  * @cm_id: upper layers cm struct for the event
172  * @event: upper layer's cm event
173  */
174 static inline void
175 irdma_get_cmevent_info(struct irdma_cm_node *cm_node,
176 		       struct iw_cm_id *cm_id,
177 		       struct iw_cm_event *event)
178 {
179 	memcpy(&event->local_addr, &cm_id->m_local_addr,
180 	       sizeof(event->local_addr));
181 	memcpy(&event->remote_addr, &cm_id->m_remote_addr,
182 	       sizeof(event->remote_addr));
183 	if (cm_node) {
184 		event->private_data = cm_node->pdata_buf;
185 		event->private_data_len = (u8)cm_node->pdata.size;
186 		event->ird = cm_node->ird_size;
187 		event->ord = cm_node->ord_size;
188 	}
189 }
190 
191 /**
192  * irdma_send_cm_event - upcall cm's event handler
193  * @cm_node: connection's node
194  * @cm_id: upper layer's cm info struct
195  * @type: Event type to indicate
196  * @status: status for the event type
197  */
198 static int
199 irdma_send_cm_event(struct irdma_cm_node *cm_node,
200 		    struct iw_cm_id *cm_id,
201 		    enum iw_cm_event_type type, int status)
202 {
203 	struct iw_cm_event event = {0};
204 
205 	event.event = type;
206 	event.status = status;
207 
208 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
209 		    "cm_node %p cm_id=%p state=%d accel=%d event_type=%d status=%d\n",
210 		    cm_node, cm_id, cm_node->accelerated, cm_node->state, type,
211 		    status);
212 
213 	switch (type) {
214 	case IW_CM_EVENT_CONNECT_REQUEST:
215 		if (cm_node->ipv4)
216 			irdma_fill_sockaddr4(cm_node, &event);
217 		else
218 			irdma_fill_sockaddr6(cm_node, &event);
219 		event.provider_data = cm_node;
220 		event.private_data = cm_node->pdata_buf;
221 		event.private_data_len = (u8)cm_node->pdata.size;
222 		event.ird = cm_node->ird_size;
223 		break;
224 	case IW_CM_EVENT_CONNECT_REPLY:
225 		irdma_get_cmevent_info(cm_node, cm_id, &event);
226 		break;
227 	case IW_CM_EVENT_ESTABLISHED:
228 		event.ird = cm_node->ird_size;
229 		event.ord = cm_node->ord_size;
230 		break;
231 	case IW_CM_EVENT_DISCONNECT:
232 	case IW_CM_EVENT_CLOSE:
233 		/* Wait if we are in RTS but havent issued the iwcm event upcall */
234 		if (!cm_node->accelerated)
235 			wait_for_completion(&cm_node->establish_comp);
236 		break;
237 	default:
238 		return -EINVAL;
239 	}
240 
241 	return cm_id->event_handler(cm_id, &event);
242 }
243 
244 /**
245  * irdma_timer_list_prep - add connection nodes to a list to perform timer tasks
246  * @cm_core: cm's core
247  * @timer_list: a timer list to which cm_node will be selected
248  */
249 static void
250 irdma_timer_list_prep(struct irdma_cm_core *cm_core,
251 		      struct list_head *timer_list)
252 {
253 	struct irdma_cm_node *cm_node;
254 	int bkt;
255 
256 	HASH_FOR_EACH_RCU(cm_core->cm_hash_tbl, bkt, cm_node, list) {
257 		if ((cm_node->close_entry || cm_node->send_entry) &&
258 		    atomic_inc_not_zero(&cm_node->refcnt))
259 			list_add(&cm_node->timer_entry, timer_list);
260 	}
261 }
262 
263 /**
264  * irdma_create_event - create cm event
265  * @cm_node: connection's node
266  * @type: Event type to generate
267  */
268 static struct irdma_cm_event *
269 irdma_create_event(struct irdma_cm_node *cm_node,
270 		   enum irdma_cm_event_type type)
271 {
272 	struct irdma_cm_event *event;
273 
274 	if (!cm_node->cm_id)
275 		return NULL;
276 
277 	event = kzalloc(sizeof(*event), GFP_ATOMIC);
278 
279 	if (!event)
280 		return NULL;
281 
282 	event->type = type;
283 	event->cm_node = cm_node;
284 	memcpy(event->cm_info.rem_addr, cm_node->rem_addr,
285 	       sizeof(event->cm_info.rem_addr));
286 	memcpy(event->cm_info.loc_addr, cm_node->loc_addr,
287 	       sizeof(event->cm_info.loc_addr));
288 	event->cm_info.rem_port = cm_node->rem_port;
289 	event->cm_info.loc_port = cm_node->loc_port;
290 	event->cm_info.cm_id = cm_node->cm_id;
291 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
292 		    "node=%p event=%p type=%u dst=%x src=%x\n", cm_node, event,
293 		    type, event->cm_info.loc_addr[0],
294 		    event->cm_info.rem_addr[0]);
295 	irdma_cm_post_event(event);
296 
297 	return event;
298 }
299 
300 /**
301  * irdma_free_retrans_entry - free send entry
302  * @cm_node: connection's node
303  */
304 static void
305 irdma_free_retrans_entry(struct irdma_cm_node *cm_node)
306 {
307 	struct irdma_device *iwdev = cm_node->iwdev;
308 	struct irdma_timer_entry *send_entry;
309 
310 	send_entry = cm_node->send_entry;
311 	if (!send_entry)
312 		return;
313 
314 	cm_node->send_entry = NULL;
315 	irdma_free_sqbuf(&iwdev->vsi, send_entry->sqbuf);
316 	kfree(send_entry);
317 	atomic_dec(&cm_node->refcnt);
318 }
319 
320 /**
321  * irdma_cleanup_retrans_entry - free send entry with lock
322  * @cm_node: connection's node
323  */
324 static void
325 irdma_cleanup_retrans_entry(struct irdma_cm_node *cm_node)
326 {
327 	unsigned long flags;
328 
329 	spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
330 	irdma_free_retrans_entry(cm_node);
331 	spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
332 }
333 
334 /**
335  * irdma_form_ah_cm_frame - get a free packet and build frame with address handle
336  * @cm_node: connection's node ionfo to use in frame
337  * @options: pointer to options info
338  * @hdr: pointer mpa header
339  * @pdata: pointer to private data
340  * @flags:  indicates FIN or ACK
341  */
342 static struct irdma_puda_buf *
343 irdma_form_ah_cm_frame(struct irdma_cm_node *cm_node,
344 		       struct irdma_kmem_info *options,
345 		       struct irdma_kmem_info *hdr,
346 		       struct irdma_mpa_priv_info *pdata,
347 		       u8 flags)
348 {
349 	struct irdma_puda_buf *sqbuf;
350 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
351 	u8 *buf;
352 	struct tcphdr *tcph;
353 	u16 pktsize;
354 	u32 opts_len = 0;
355 	u32 pd_len = 0;
356 	u32 hdr_len = 0;
357 
358 	if (!cm_node->ah || !cm_node->ah->ah_info.ah_valid) {
359 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM, "AH invalid\n");
360 		return NULL;
361 	}
362 
363 	sqbuf = irdma_puda_get_bufpool(vsi->ilq);
364 	if (!sqbuf) {
365 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM, "SQ buf NULL\n");
366 		return NULL;
367 	}
368 
369 	sqbuf->ah_id = cm_node->ah->ah_info.ah_idx;
370 	buf = sqbuf->mem.va;
371 	if (options)
372 		opts_len = (u32)options->size;
373 
374 	if (hdr)
375 		hdr_len = hdr->size;
376 
377 	if (pdata)
378 		pd_len = pdata->size;
379 
380 	pktsize = sizeof(*tcph) + opts_len + hdr_len + pd_len;
381 
382 	memset(buf, 0, pktsize);
383 
384 	sqbuf->totallen = pktsize;
385 	sqbuf->tcphlen = sizeof(*tcph) + opts_len;
386 	sqbuf->scratch = cm_node;
387 
388 	tcph = (struct tcphdr *)buf;
389 	buf += sizeof(*tcph);
390 
391 	tcph->th_sport = htons(cm_node->loc_port);
392 	tcph->th_dport = htons(cm_node->rem_port);
393 	tcph->th_seq = htonl(cm_node->tcp_cntxt.loc_seq_num);
394 
395 	if (flags & SET_ACK) {
396 		cm_node->tcp_cntxt.loc_ack_num = cm_node->tcp_cntxt.rcv_nxt;
397 		tcph->th_ack = htonl(cm_node->tcp_cntxt.loc_ack_num);
398 		tcph->th_flags |= TH_ACK;
399 	} else {
400 		tcph->th_ack = 0;
401 	}
402 
403 	if (flags & SET_SYN) {
404 		cm_node->tcp_cntxt.loc_seq_num++;
405 		tcph->th_flags |= TH_SYN;
406 	} else {
407 		cm_node->tcp_cntxt.loc_seq_num += hdr_len + pd_len;
408 	}
409 
410 	if (flags & SET_FIN) {
411 		cm_node->tcp_cntxt.loc_seq_num++;
412 		tcph->th_flags |= TH_FIN;
413 	}
414 
415 	if (flags & SET_RST)
416 		tcph->th_flags |= TH_RST;
417 
418 	tcph->th_off = (u16)((sizeof(*tcph) + opts_len + 3) >> 2);
419 	sqbuf->tcphlen = tcph->th_off << 2;
420 	tcph->th_win = htons(cm_node->tcp_cntxt.rcv_wnd);
421 	tcph->th_urp = 0;
422 
423 	if (opts_len) {
424 		memcpy(buf, options->addr, opts_len);
425 		buf += opts_len;
426 	}
427 
428 	if (hdr_len) {
429 		memcpy(buf, hdr->addr, hdr_len);
430 		buf += hdr_len;
431 	}
432 
433 	if (pdata && pdata->addr)
434 		memcpy(buf, pdata->addr, pdata->size);
435 
436 	atomic_set(&sqbuf->refcount, 1);
437 
438 	irdma_debug_buf(vsi->dev, IRDMA_DEBUG_ILQ, "TRANSMIT ILQ BUFFER",
439 			sqbuf->mem.va, sqbuf->totallen);
440 
441 	return sqbuf;
442 }
443 
444 /**
445  * irdma_form_uda_cm_frame - get a free packet and build frame full tcpip packet
446  * @cm_node: connection's node ionfo to use in frame
447  * @options: pointer to options info
448  * @hdr: pointer mpa header
449  * @pdata: pointer to private data
450  * @flags:  indicates FIN or ACK
451  */
452 static struct irdma_puda_buf *
453 irdma_form_uda_cm_frame(struct irdma_cm_node *cm_node,
454 			struct irdma_kmem_info *options,
455 			struct irdma_kmem_info *hdr,
456 			struct irdma_mpa_priv_info *pdata,
457 			u8 flags)
458 {
459 	struct irdma_puda_buf *sqbuf;
460 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
461 	u8 *buf;
462 
463 	struct tcphdr *tcph;
464 	struct ip *iph;
465 	struct ip6_hdr *ip6h;
466 	struct ether_header *ethh;
467 	u16 pktsize;
468 	u16 eth_hlen = ETH_HLEN;
469 	u32 opts_len = 0;
470 	u32 pd_len = 0;
471 	u32 hdr_len = 0;
472 
473 	u16 vtag;
474 
475 	sqbuf = irdma_puda_get_bufpool(vsi->ilq);
476 	if (!sqbuf)
477 		return NULL;
478 
479 	buf = sqbuf->mem.va;
480 
481 	if (options)
482 		opts_len = (u32)options->size;
483 
484 	if (hdr)
485 		hdr_len = hdr->size;
486 
487 	if (pdata)
488 		pd_len = pdata->size;
489 
490 	if (cm_node->vlan_id < VLAN_N_VID)
491 		eth_hlen += 4;
492 
493 	if (cm_node->ipv4)
494 		pktsize = sizeof(*iph) + sizeof(*tcph);
495 	else
496 		pktsize = sizeof(*ip6h) + sizeof(*tcph);
497 	pktsize += opts_len + hdr_len + pd_len;
498 
499 	memset(buf, 0, eth_hlen + pktsize);
500 
501 	sqbuf->totallen = pktsize + eth_hlen;
502 	sqbuf->maclen = eth_hlen;
503 	sqbuf->tcphlen = sizeof(*tcph) + opts_len;
504 	sqbuf->scratch = cm_node;
505 
506 	ethh = (struct ether_header *)buf;
507 	buf += eth_hlen;
508 
509 	if (cm_node->do_lpb)
510 		sqbuf->do_lpb = true;
511 
512 	if (cm_node->ipv4) {
513 		sqbuf->ipv4 = true;
514 
515 		iph = (struct ip *)buf;
516 		buf += sizeof(*iph);
517 		tcph = (struct tcphdr *)buf;
518 		buf += sizeof(*tcph);
519 
520 		ether_addr_copy(ethh->ether_dhost, cm_node->rem_mac);
521 		ether_addr_copy(ethh->ether_shost, cm_node->loc_mac);
522 		if (cm_node->vlan_id < VLAN_N_VID) {
523 			((struct ether_vlan_header *)ethh)->evl_proto =
524 			    htons(ETH_P_8021Q);
525 			vtag = (cm_node->user_pri << VLAN_PRIO_SHIFT) |
526 			    cm_node->vlan_id;
527 			((struct ether_vlan_header *)ethh)->evl_tag = htons(vtag);
528 
529 			((struct ether_vlan_header *)ethh)->evl_encap_proto =
530 			    htons(ETH_P_IP);
531 		} else {
532 			ethh->ether_type = htons(ETH_P_IP);
533 		}
534 
535 		iph->ip_v = IPVERSION;
536 		iph->ip_hl = 5;	/* 5 * 4Byte words, IP headr len */
537 		iph->ip_tos = cm_node->tos;
538 		iph->ip_len = htons(pktsize);
539 		iph->ip_id = htons(++cm_node->tcp_cntxt.loc_id);
540 
541 		iph->ip_off = htons(0x4000);
542 		iph->ip_ttl = 0x40;
543 		iph->ip_p = IPPROTO_TCP;
544 		iph->ip_src.s_addr = htonl(cm_node->loc_addr[0]);
545 		iph->ip_dst.s_addr = htonl(cm_node->rem_addr[0]);
546 	} else {
547 		sqbuf->ipv4 = false;
548 		ip6h = (struct ip6_hdr *)buf;
549 		buf += sizeof(*ip6h);
550 		tcph = (struct tcphdr *)buf;
551 		buf += sizeof(*tcph);
552 
553 		ether_addr_copy(ethh->ether_dhost, cm_node->rem_mac);
554 		ether_addr_copy(ethh->ether_shost, cm_node->loc_mac);
555 		if (cm_node->vlan_id < VLAN_N_VID) {
556 			((struct ether_vlan_header *)ethh)->evl_proto =
557 			    htons(ETH_P_8021Q);
558 			vtag = (cm_node->user_pri << VLAN_PRIO_SHIFT) |
559 			    cm_node->vlan_id;
560 			((struct ether_vlan_header *)ethh)->evl_tag = htons(vtag);
561 			((struct ether_vlan_header *)ethh)->evl_encap_proto =
562 			    htons(ETH_P_IPV6);
563 		} else {
564 			ethh->ether_type = htons(ETH_P_IPV6);
565 		}
566 		ip6h->ip6_vfc = 6 << 4;
567 		ip6h->ip6_vfc |= cm_node->tos >> 4;
568 		ip6h->ip6_flow = cm_node->tos << 20;
569 		ip6h->ip6_plen = htons(pktsize - sizeof(*ip6h));
570 		ip6h->ip6_nxt = 6;
571 		ip6h->ip6_hops = 128;
572 		irdma_copy_ip_htonl(ip6h->ip6_src.__u6_addr.__u6_addr32,
573 				    cm_node->loc_addr);
574 		irdma_copy_ip_htonl(ip6h->ip6_dst.__u6_addr.__u6_addr32,
575 				    cm_node->rem_addr);
576 	}
577 
578 	tcph->th_sport = htons(cm_node->loc_port);
579 	tcph->th_dport = htons(cm_node->rem_port);
580 	tcph->th_seq = htonl(cm_node->tcp_cntxt.loc_seq_num);
581 
582 	if (flags & SET_ACK) {
583 		cm_node->tcp_cntxt.loc_ack_num = cm_node->tcp_cntxt.rcv_nxt;
584 		tcph->th_ack = htonl(cm_node->tcp_cntxt.loc_ack_num);
585 		tcph->th_flags |= TH_ACK;
586 	} else {
587 		tcph->th_ack = 0;
588 	}
589 
590 	if (flags & SET_SYN) {
591 		cm_node->tcp_cntxt.loc_seq_num++;
592 		tcph->th_flags |= TH_SYN;
593 	} else {
594 		cm_node->tcp_cntxt.loc_seq_num += hdr_len + pd_len;
595 	}
596 
597 	if (flags & SET_FIN) {
598 		cm_node->tcp_cntxt.loc_seq_num++;
599 		tcph->th_flags |= TH_FIN;
600 	}
601 
602 	if (flags & SET_RST)
603 		tcph->th_flags |= TH_RST;
604 
605 	tcph->th_off = (u16)((sizeof(*tcph) + opts_len + 3) >> 2);
606 	sqbuf->tcphlen = tcph->th_off << 2;
607 	tcph->th_win = htons(cm_node->tcp_cntxt.rcv_wnd);
608 	tcph->th_urp = 0;
609 
610 	if (opts_len) {
611 		memcpy(buf, options->addr, opts_len);
612 		buf += opts_len;
613 	}
614 
615 	if (hdr_len) {
616 		memcpy(buf, hdr->addr, hdr_len);
617 		buf += hdr_len;
618 	}
619 
620 	if (pdata && pdata->addr)
621 		memcpy(buf, pdata->addr, pdata->size);
622 
623 	atomic_set(&sqbuf->refcount, 1);
624 
625 	irdma_debug_buf(vsi->dev, IRDMA_DEBUG_ILQ, "TRANSMIT ILQ BUFFER",
626 			sqbuf->mem.va, sqbuf->totallen);
627 
628 	return sqbuf;
629 }
630 
631 /**
632  * irdma_send_reset - Send RST packet
633  * @cm_node: connection's node
634  */
635 int
636 irdma_send_reset(struct irdma_cm_node *cm_node)
637 {
638 	struct irdma_puda_buf *sqbuf;
639 	int flags = SET_RST | SET_ACK;
640 
641 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL, NULL, NULL,
642 						flags);
643 	if (!sqbuf)
644 		return -ENOMEM;
645 
646 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
647 		    "caller: %pS cm_node %p cm_id=%p accel=%d state=%d rem_port=0x%04x, loc_port=0x%04x rem_addr=%x loc_addr=%x\n",
648 		    __builtin_return_address(0), cm_node, cm_node->cm_id,
649 		    cm_node->accelerated, cm_node->state, cm_node->rem_port,
650 		    cm_node->loc_port, cm_node->rem_addr[0],
651 		    cm_node->loc_addr[0]);
652 
653 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 0,
654 				       1);
655 }
656 
657 /**
658  * irdma_active_open_err - send event for active side cm error
659  * @cm_node: connection's node
660  * @reset: Flag to send reset or not
661  */
662 static void
663 irdma_active_open_err(struct irdma_cm_node *cm_node, bool reset)
664 {
665 	irdma_cleanup_retrans_entry(cm_node);
666 	cm_node->cm_core->stats_connect_errs++;
667 	if (reset) {
668 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
669 			    "cm_node=%p state=%d\n", cm_node, cm_node->state);
670 		atomic_inc(&cm_node->refcnt);
671 		irdma_send_reset(cm_node);
672 	}
673 
674 	cm_node->state = IRDMA_CM_STATE_CLOSED;
675 	irdma_create_event(cm_node, IRDMA_CM_EVENT_ABORTED);
676 }
677 
678 /**
679  * irdma_passive_open_err - handle passive side cm error
680  * @cm_node: connection's node
681  * @reset: send reset or just free cm_node
682  */
683 static void
684 irdma_passive_open_err(struct irdma_cm_node *cm_node, bool reset)
685 {
686 	irdma_cleanup_retrans_entry(cm_node);
687 	cm_node->cm_core->stats_passive_errs++;
688 	cm_node->state = IRDMA_CM_STATE_CLOSED;
689 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
690 		    "cm_node=%p state=%d\n", cm_node, cm_node->state);
691 	if (reset)
692 		irdma_send_reset(cm_node);
693 	else
694 		irdma_rem_ref_cm_node(cm_node);
695 }
696 
697 /**
698  * irdma_event_connect_error - to create connect error event
699  * @event: cm information for connect event
700  */
701 static void
702 irdma_event_connect_error(struct irdma_cm_event *event)
703 {
704 	struct irdma_qp *iwqp;
705 	struct iw_cm_id *cm_id;
706 
707 	cm_id = event->cm_node->cm_id;
708 	if (!cm_id)
709 		return;
710 
711 	iwqp = cm_id->provider_data;
712 
713 	if (!iwqp || !iwqp->iwdev)
714 		return;
715 
716 	iwqp->cm_id = NULL;
717 	cm_id->provider_data = NULL;
718 	irdma_send_cm_event(event->cm_node, cm_id, IW_CM_EVENT_CONNECT_REPLY,
719 			    -ECONNRESET);
720 	irdma_rem_ref_cm_node(event->cm_node);
721 }
722 
723 /**
724  * irdma_process_options - process options from TCP header
725  * @cm_node: connection's node
726  * @optionsloc: point to start of options
727  * @optionsize: size of all options
728  * @syn_pkt: flag if syn packet
729  */
730 static int
731 irdma_process_options(struct irdma_cm_node *cm_node, u8 *optionsloc,
732 		      u32 optionsize, u32 syn_pkt)
733 {
734 	u32 tmp;
735 	u32 offset = 0;
736 	union all_known_options *all_options;
737 	char got_mss_option = 0;
738 
739 	while (offset < optionsize) {
740 		all_options = (union all_known_options *)(optionsloc + offset);
741 		switch (all_options->base.optionnum) {
742 		case OPTION_NUM_EOL:
743 			offset = optionsize;
744 			break;
745 		case OPTION_NUM_NONE:
746 			offset += 1;
747 			continue;
748 		case OPTION_NUM_MSS:
749 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
750 				    "MSS Length: %d Offset: %d Size: %d\n",
751 				    all_options->mss.len, offset, optionsize);
752 			got_mss_option = 1;
753 			if (all_options->mss.len != 4)
754 				return -EINVAL;
755 			tmp = ntohs(all_options->mss.mss);
756 			if ((cm_node->ipv4 &&
757 			     (tmp + IRDMA_MTU_TO_MSS_IPV4) < IRDMA_MIN_MTU_IPV4) ||
758 			    (!cm_node->ipv4 &&
759 			     (tmp + IRDMA_MTU_TO_MSS_IPV6) < IRDMA_MIN_MTU_IPV6))
760 				return -EINVAL;
761 			if (tmp < cm_node->tcp_cntxt.mss)
762 				cm_node->tcp_cntxt.mss = tmp;
763 			break;
764 		case OPTION_NUM_WINDOW_SCALE:
765 			cm_node->tcp_cntxt.snd_wscale =
766 			    all_options->windowscale.shiftcount;
767 			break;
768 		default:
769 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
770 				    "Unsupported TCP Option: %x\n",
771 				    all_options->base.optionnum);
772 			break;
773 		}
774 		offset += all_options->base.len;
775 	}
776 	if (!got_mss_option && syn_pkt)
777 		cm_node->tcp_cntxt.mss = IRDMA_CM_DEFAULT_MSS;
778 
779 	return 0;
780 }
781 
782 /**
783  * irdma_handle_tcp_options - setup TCP context info after parsing TCP options
784  * @cm_node: connection's node
785  * @tcph: pointer tcp header
786  * @optionsize: size of options rcvd
787  * @passive: active or passive flag
788  */
789 static int
790 irdma_handle_tcp_options(struct irdma_cm_node *cm_node,
791 			 struct tcphdr *tcph, int optionsize,
792 			 int passive)
793 {
794 	u8 *optionsloc = (u8 *)&tcph[1];
795 	int ret;
796 
797 	if (optionsize) {
798 		ret = irdma_process_options(cm_node, optionsloc, optionsize,
799 					    (u32)tcph->th_flags & TH_SYN);
800 		if (ret) {
801 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
802 				    "Node %p, Sending Reset\n", cm_node);
803 			if (passive)
804 				irdma_passive_open_err(cm_node, true);
805 			else
806 				irdma_active_open_err(cm_node, true);
807 			return ret;
808 		}
809 	}
810 
811 	cm_node->tcp_cntxt.snd_wnd = ntohs(tcph->th_win)
812 	    << cm_node->tcp_cntxt.snd_wscale;
813 
814 	if (cm_node->tcp_cntxt.snd_wnd > cm_node->tcp_cntxt.max_snd_wnd)
815 		cm_node->tcp_cntxt.max_snd_wnd = cm_node->tcp_cntxt.snd_wnd;
816 
817 	return 0;
818 }
819 
820 /**
821  * irdma_build_mpa_v1 - build a MPA V1 frame
822  * @cm_node: connection's node
823  * @start_addr: address where to build frame
824  * @mpa_key: to do read0 or write0
825  */
826 static void
827 irdma_build_mpa_v1(struct irdma_cm_node *cm_node, void *start_addr,
828 		   u8 mpa_key)
829 {
830 	struct ietf_mpa_v1 *mpa_frame = start_addr;
831 
832 	switch (mpa_key) {
833 	case MPA_KEY_REQUEST:
834 		memcpy(mpa_frame->key, IEFT_MPA_KEY_REQ, IETF_MPA_KEY_SIZE);
835 		break;
836 	case MPA_KEY_REPLY:
837 		memcpy(mpa_frame->key, IEFT_MPA_KEY_REP, IETF_MPA_KEY_SIZE);
838 		break;
839 	default:
840 		break;
841 	}
842 	mpa_frame->flags = IETF_MPA_FLAGS_CRC;
843 	mpa_frame->rev = cm_node->mpa_frame_rev;
844 	mpa_frame->priv_data_len = htons(cm_node->pdata.size);
845 }
846 
847 /**
848  * irdma_build_mpa_v2 - build a MPA V2 frame
849  * @cm_node: connection's node
850  * @start_addr: buffer start address
851  * @mpa_key: to do read0 or write0
852  */
853 static void
854 irdma_build_mpa_v2(struct irdma_cm_node *cm_node, void *start_addr,
855 		   u8 mpa_key)
856 {
857 	struct ietf_mpa_v2 *mpa_frame = start_addr;
858 	struct ietf_rtr_msg *rtr_msg = &mpa_frame->rtr_msg;
859 	u16 ctrl_ird, ctrl_ord;
860 
861 	/* initialize the upper 5 bytes of the frame */
862 	irdma_build_mpa_v1(cm_node, start_addr, mpa_key);
863 	mpa_frame->flags |= IETF_MPA_V2_FLAG;
864 	if (cm_node->iwdev->iw_ooo) {
865 		mpa_frame->flags |= IETF_MPA_FLAGS_MARKERS;
866 		cm_node->rcv_mark_en = true;
867 	}
868 	mpa_frame->priv_data_len = cpu_to_be16(be16_to_cpu(mpa_frame->priv_data_len) +
869 					       IETF_RTR_MSG_SIZE);
870 
871 	/* initialize RTR msg */
872 	if (cm_node->mpav2_ird_ord == IETF_NO_IRD_ORD) {
873 		ctrl_ird = IETF_NO_IRD_ORD;
874 		ctrl_ord = IETF_NO_IRD_ORD;
875 	} else {
876 		ctrl_ird = (cm_node->ird_size > IETF_NO_IRD_ORD) ?
877 		    IETF_NO_IRD_ORD :
878 		    cm_node->ird_size;
879 		ctrl_ord = (cm_node->ord_size > IETF_NO_IRD_ORD) ?
880 		    IETF_NO_IRD_ORD :
881 		    cm_node->ord_size;
882 	}
883 	ctrl_ird |= IETF_PEER_TO_PEER;
884 
885 	switch (mpa_key) {
886 	case MPA_KEY_REQUEST:
887 		ctrl_ord |= IETF_RDMA0_WRITE;
888 		ctrl_ord |= IETF_RDMA0_READ;
889 		break;
890 	case MPA_KEY_REPLY:
891 		switch (cm_node->send_rdma0_op) {
892 		case SEND_RDMA_WRITE_ZERO:
893 			ctrl_ord |= IETF_RDMA0_WRITE;
894 			break;
895 		case SEND_RDMA_READ_ZERO:
896 			ctrl_ord |= IETF_RDMA0_READ;
897 			break;
898 		}
899 		break;
900 	default:
901 		break;
902 	}
903 	rtr_msg->ctrl_ird = htons(ctrl_ird);
904 	rtr_msg->ctrl_ord = htons(ctrl_ord);
905 }
906 
907 /**
908  * irdma_cm_build_mpa_frame - build mpa frame for mpa version 1 or version 2
909  * @cm_node: connection's node
910  * @mpa: mpa: data buffer
911  * @mpa_key: to do read0 or write0
912  */
913 static int
914 irdma_cm_build_mpa_frame(struct irdma_cm_node *cm_node,
915 			 struct irdma_kmem_info *mpa, u8 mpa_key)
916 {
917 	int hdr_len = 0;
918 
919 	switch (cm_node->mpa_frame_rev) {
920 	case IETF_MPA_V1:
921 		hdr_len = sizeof(struct ietf_mpa_v1);
922 		irdma_build_mpa_v1(cm_node, mpa->addr, mpa_key);
923 		break;
924 	case IETF_MPA_V2:
925 		hdr_len = sizeof(struct ietf_mpa_v2);
926 		irdma_build_mpa_v2(cm_node, mpa->addr, mpa_key);
927 		break;
928 	default:
929 		break;
930 	}
931 
932 	return hdr_len;
933 }
934 
935 /**
936  * irdma_send_mpa_request - active node send mpa request to passive node
937  * @cm_node: connection's node
938  */
939 static int
940 irdma_send_mpa_request(struct irdma_cm_node *cm_node)
941 {
942 	struct irdma_puda_buf *sqbuf;
943 
944 	cm_node->mpa_hdr.addr = &cm_node->mpa_v2_frame;
945 	cm_node->mpa_hdr.size = irdma_cm_build_mpa_frame(cm_node,
946 							 &cm_node->mpa_hdr,
947 							 MPA_KEY_REQUEST);
948 	if (!cm_node->mpa_hdr.size) {
949 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
950 			    "mpa size = %d\n", cm_node->mpa_hdr.size);
951 		return -EINVAL;
952 	}
953 
954 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL,
955 						&cm_node->mpa_hdr,
956 						&cm_node->pdata, SET_ACK);
957 	if (!sqbuf)
958 		return -ENOMEM;
959 
960 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
961 				       0);
962 }
963 
964 /**
965  * irdma_send_mpa_reject -
966  * @cm_node: connection's node
967  * @pdata: reject data for connection
968  * @plen: length of reject data
969  */
970 static int
971 irdma_send_mpa_reject(struct irdma_cm_node *cm_node,
972 		      const void *pdata, u8 plen)
973 {
974 	struct irdma_puda_buf *sqbuf;
975 	struct irdma_mpa_priv_info priv_info;
976 
977 	cm_node->mpa_hdr.addr = &cm_node->mpa_v2_frame;
978 	cm_node->mpa_hdr.size = irdma_cm_build_mpa_frame(cm_node,
979 							 &cm_node->mpa_hdr,
980 							 MPA_KEY_REPLY);
981 
982 	cm_node->mpa_v2_frame.flags |= IETF_MPA_FLAGS_REJECT;
983 	priv_info.addr = pdata;
984 	priv_info.size = plen;
985 
986 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL,
987 						&cm_node->mpa_hdr, &priv_info,
988 						SET_ACK | SET_FIN);
989 	if (!sqbuf)
990 		return -ENOMEM;
991 
992 	cm_node->state = IRDMA_CM_STATE_FIN_WAIT1;
993 
994 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
995 				       0);
996 }
997 
998 /**
999  * irdma_negotiate_mpa_v2_ird_ord - negotiate MPAv2 IRD/ORD
1000  * @cm_node: connection's node
1001  * @buf: Data pointer
1002  */
1003 static int
1004 irdma_negotiate_mpa_v2_ird_ord(struct irdma_cm_node *cm_node,
1005 			       u8 *buf)
1006 {
1007 	struct ietf_mpa_v2 *mpa_v2_frame;
1008 	struct ietf_rtr_msg *rtr_msg;
1009 	u16 ird_size;
1010 	u16 ord_size;
1011 	u16 ctrl_ord;
1012 	u16 ctrl_ird;
1013 
1014 	mpa_v2_frame = (struct ietf_mpa_v2 *)buf;
1015 	rtr_msg = &mpa_v2_frame->rtr_msg;
1016 
1017 	/* parse rtr message */
1018 	ctrl_ord = ntohs(rtr_msg->ctrl_ord);
1019 	ctrl_ird = ntohs(rtr_msg->ctrl_ird);
1020 	ird_size = ctrl_ird & IETF_NO_IRD_ORD;
1021 	ord_size = ctrl_ord & IETF_NO_IRD_ORD;
1022 
1023 	if (!(ctrl_ird & IETF_PEER_TO_PEER))
1024 		return -EOPNOTSUPP;
1025 
1026 	if (ird_size == IETF_NO_IRD_ORD || ord_size == IETF_NO_IRD_ORD) {
1027 		cm_node->mpav2_ird_ord = IETF_NO_IRD_ORD;
1028 		goto negotiate_done;
1029 	}
1030 
1031 	if (cm_node->state != IRDMA_CM_STATE_MPAREQ_SENT) {
1032 		/* responder */
1033 		if (!ord_size && (ctrl_ord & IETF_RDMA0_READ))
1034 			cm_node->ird_size = 1;
1035 		if (cm_node->ord_size > ird_size)
1036 			cm_node->ord_size = ird_size;
1037 	} else {
1038 		/* initiator */
1039 		if (!ird_size && (ctrl_ord & IETF_RDMA0_READ))
1040 			/* Remote peer doesn't support RDMA0_READ */
1041 			return -EOPNOTSUPP;
1042 
1043 		if (cm_node->ord_size > ird_size)
1044 			cm_node->ord_size = ird_size;
1045 
1046 		if (cm_node->ird_size < ord_size)
1047 			/* no resources available */
1048 			return -EINVAL;
1049 	}
1050 
1051 negotiate_done:
1052 	if (ctrl_ord & IETF_RDMA0_READ)
1053 		cm_node->send_rdma0_op = SEND_RDMA_READ_ZERO;
1054 	else if (ctrl_ord & IETF_RDMA0_WRITE)
1055 		cm_node->send_rdma0_op = SEND_RDMA_WRITE_ZERO;
1056 	else
1057 		/* Not supported RDMA0 operation */
1058 		return -EOPNOTSUPP;
1059 
1060 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1061 		    "MPAV2 Negotiated ORD: %d, IRD: %d\n", cm_node->ord_size,
1062 		    cm_node->ird_size);
1063 	return 0;
1064 }
1065 
1066 /**
1067  * irdma_parse_mpa - process an IETF MPA frame
1068  * @cm_node: connection's node
1069  * @buf: Data pointer
1070  * @type: to return accept or reject
1071  * @len: Len of mpa buffer
1072  */
1073 static int
1074 irdma_parse_mpa(struct irdma_cm_node *cm_node, u8 *buf, u32 *type,
1075 		u32 len)
1076 {
1077 	struct ietf_mpa_v1 *mpa_frame;
1078 	int mpa_hdr_len, priv_data_len, ret;
1079 
1080 	*type = IRDMA_MPA_REQUEST_ACCEPT;
1081 
1082 	if (len < sizeof(*mpa_frame)) {
1083 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1084 			    "ietf buffer small (%x)\n", len);
1085 		return -EINVAL;
1086 	}
1087 
1088 	mpa_frame = (struct ietf_mpa_v1 *)buf;
1089 	mpa_hdr_len = sizeof(*mpa_frame);
1090 	priv_data_len = ntohs(mpa_frame->priv_data_len);
1091 
1092 	if (priv_data_len > IETF_MAX_PRIV_DATA_LEN) {
1093 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1094 			    "private_data too big %d\n", priv_data_len);
1095 		return -EOVERFLOW;
1096 	}
1097 
1098 	if (mpa_frame->rev != IETF_MPA_V1 && mpa_frame->rev != IETF_MPA_V2) {
1099 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1100 			    "unsupported mpa rev = %d\n", mpa_frame->rev);
1101 		return -EINVAL;
1102 	}
1103 
1104 	if (mpa_frame->rev > cm_node->mpa_frame_rev) {
1105 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1106 			    "rev %d\n", mpa_frame->rev);
1107 		return -EINVAL;
1108 	}
1109 
1110 	cm_node->mpa_frame_rev = mpa_frame->rev;
1111 	if (cm_node->state != IRDMA_CM_STATE_MPAREQ_SENT) {
1112 		if (memcmp(mpa_frame->key, IEFT_MPA_KEY_REQ,
1113 			   IETF_MPA_KEY_SIZE)) {
1114 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1115 				    "Unexpected MPA Key received\n");
1116 			return -EINVAL;
1117 		}
1118 	} else {
1119 		if (memcmp(mpa_frame->key, IEFT_MPA_KEY_REP,
1120 			   IETF_MPA_KEY_SIZE)) {
1121 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1122 				    "Unexpected MPA Key received\n");
1123 			return -EINVAL;
1124 		}
1125 	}
1126 
1127 	if (priv_data_len + mpa_hdr_len > len) {
1128 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1129 			    "ietf buffer len(%x + %x != %x)\n", priv_data_len,
1130 			    mpa_hdr_len, len);
1131 		return -EOVERFLOW;
1132 	}
1133 
1134 	if (len > IRDMA_MAX_CM_BUF) {
1135 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1136 			    "ietf buffer large len = %d\n", len);
1137 		return -EOVERFLOW;
1138 	}
1139 
1140 	switch (mpa_frame->rev) {
1141 	case IETF_MPA_V2:
1142 		mpa_hdr_len += IETF_RTR_MSG_SIZE;
1143 		ret = irdma_negotiate_mpa_v2_ird_ord(cm_node, buf);
1144 		if (ret)
1145 			return ret;
1146 		break;
1147 	case IETF_MPA_V1:
1148 	default:
1149 		break;
1150 	}
1151 
1152 	memcpy(cm_node->pdata_buf, buf + mpa_hdr_len, priv_data_len);
1153 	cm_node->pdata.size = priv_data_len;
1154 
1155 	if (mpa_frame->flags & IETF_MPA_FLAGS_REJECT)
1156 		*type = IRDMA_MPA_REQUEST_REJECT;
1157 
1158 	if (mpa_frame->flags & IETF_MPA_FLAGS_MARKERS)
1159 		cm_node->snd_mark_en = true;
1160 
1161 	return 0;
1162 }
1163 
1164 /**
1165  * irdma_schedule_cm_timer
1166  * @cm_node: connection's node
1167  * @sqbuf: buffer to send
1168  * @type: if it is send or close
1169  * @send_retrans: if rexmits to be done
1170  * @close_when_complete: is cm_node to be removed
1171  *
1172  * note - cm_node needs to be protected before calling this. Encase in:
1173  *		irdma_rem_ref_cm_node(cm_core, cm_node);
1174  *		irdma_schedule_cm_timer(...)
1175  *		atomic_inc(&cm_node->refcnt);
1176  */
1177 int
1178 irdma_schedule_cm_timer(struct irdma_cm_node *cm_node,
1179 			struct irdma_puda_buf *sqbuf,
1180 			enum irdma_timer_type type, int send_retrans,
1181 			int close_when_complete)
1182 {
1183 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
1184 	struct irdma_cm_core *cm_core = cm_node->cm_core;
1185 	struct irdma_timer_entry *new_send;
1186 	u32 was_timer_set;
1187 	unsigned long flags;
1188 
1189 	new_send = kzalloc(sizeof(*new_send), GFP_ATOMIC);
1190 	if (!new_send) {
1191 		if (type != IRDMA_TIMER_TYPE_CLOSE)
1192 			irdma_free_sqbuf(vsi, sqbuf);
1193 		return -ENOMEM;
1194 	}
1195 
1196 	new_send->retrycount = IRDMA_DEFAULT_RETRYS;
1197 	new_send->retranscount = IRDMA_DEFAULT_RETRANS;
1198 	new_send->sqbuf = sqbuf;
1199 	new_send->timetosend = jiffies;
1200 	new_send->type = type;
1201 	new_send->send_retrans = send_retrans;
1202 	new_send->close_when_complete = close_when_complete;
1203 
1204 	if (type == IRDMA_TIMER_TYPE_CLOSE) {
1205 		new_send->timetosend += (HZ / 10);
1206 		if (cm_node->close_entry) {
1207 			kfree(new_send);
1208 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1209 				    "already close entry\n");
1210 			return -EINVAL;
1211 		}
1212 
1213 		cm_node->close_entry = new_send;
1214 	} else {		/* type == IRDMA_TIMER_TYPE_SEND */
1215 		spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1216 		cm_node->send_entry = new_send;
1217 		atomic_inc(&cm_node->refcnt);
1218 		spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
1219 		new_send->timetosend = jiffies + IRDMA_RETRY_TIMEOUT;
1220 
1221 		atomic_inc(&sqbuf->refcount);
1222 		irdma_puda_send_buf(vsi->ilq, sqbuf);
1223 		if (!send_retrans) {
1224 			irdma_cleanup_retrans_entry(cm_node);
1225 			if (close_when_complete)
1226 				irdma_rem_ref_cm_node(cm_node);
1227 			return 0;
1228 		}
1229 	}
1230 
1231 	spin_lock_irqsave(&cm_core->ht_lock, flags);
1232 	was_timer_set = timer_pending(&cm_core->tcp_timer);
1233 
1234 	if (!was_timer_set) {
1235 		cm_core->tcp_timer.expires = new_send->timetosend;
1236 		add_timer(&cm_core->tcp_timer);
1237 	}
1238 	spin_unlock_irqrestore(&cm_core->ht_lock, flags);
1239 
1240 	return 0;
1241 }
1242 
1243 /**
1244  * irdma_retrans_expired - Could not rexmit the packet
1245  * @cm_node: connection's node
1246  */
1247 static void
1248 irdma_retrans_expired(struct irdma_cm_node *cm_node)
1249 {
1250 	enum irdma_cm_node_state state = cm_node->state;
1251 
1252 	cm_node->state = IRDMA_CM_STATE_CLOSED;
1253 	switch (state) {
1254 	case IRDMA_CM_STATE_SYN_RCVD:
1255 	case IRDMA_CM_STATE_CLOSING:
1256 		irdma_rem_ref_cm_node(cm_node);
1257 		break;
1258 	case IRDMA_CM_STATE_FIN_WAIT1:
1259 	case IRDMA_CM_STATE_LAST_ACK:
1260 		irdma_send_reset(cm_node);
1261 		break;
1262 	default:
1263 		atomic_inc(&cm_node->refcnt);
1264 		irdma_send_reset(cm_node);
1265 		irdma_create_event(cm_node, IRDMA_CM_EVENT_ABORTED);
1266 		break;
1267 	}
1268 }
1269 
1270 /**
1271  * irdma_handle_close_entry - for handling retry/timeouts
1272  * @cm_node: connection's node
1273  * @rem_node: flag for remove cm_node
1274  */
1275 static void
1276 irdma_handle_close_entry(struct irdma_cm_node *cm_node,
1277 			 u32 rem_node)
1278 {
1279 	struct irdma_timer_entry *close_entry = cm_node->close_entry;
1280 	struct irdma_qp *iwqp;
1281 	unsigned long flags;
1282 
1283 	if (!close_entry)
1284 		return;
1285 	iwqp = (struct irdma_qp *)close_entry->sqbuf;
1286 	if (iwqp) {
1287 		spin_lock_irqsave(&iwqp->lock, flags);
1288 		if (iwqp->cm_id) {
1289 			iwqp->hw_tcp_state = IRDMA_TCP_STATE_CLOSED;
1290 			iwqp->hw_iwarp_state = IRDMA_QP_STATE_ERROR;
1291 			iwqp->last_aeq = IRDMA_AE_RESET_SENT;
1292 			iwqp->ibqp_state = IB_QPS_ERR;
1293 			spin_unlock_irqrestore(&iwqp->lock, flags);
1294 			irdma_cm_disconn(iwqp);
1295 		} else {
1296 			spin_unlock_irqrestore(&iwqp->lock, flags);
1297 		}
1298 	} else if (rem_node) {
1299 		/* TIME_WAIT state */
1300 		irdma_rem_ref_cm_node(cm_node);
1301 	}
1302 
1303 	kfree(close_entry);
1304 	cm_node->close_entry = NULL;
1305 }
1306 
1307 /**
1308  * irdma_cm_timer_tick - system's timer expired callback
1309  * @t: Pointer to timer_list
1310  */
1311 static void
1312 irdma_cm_timer_tick(struct timer_list *t)
1313 {
1314 	unsigned long nexttimeout = jiffies + IRDMA_LONG_TIME;
1315 	struct irdma_cm_node *cm_node;
1316 	struct irdma_timer_entry *send_entry, *close_entry;
1317 	struct list_head *list_core_temp;
1318 	struct list_head *list_node;
1319 	struct irdma_cm_core *cm_core = from_timer(cm_core, t, tcp_timer);
1320 	struct irdma_sc_vsi *vsi;
1321 	u32 settimer = 0;
1322 	unsigned long timetosend;
1323 	unsigned long flags;
1324 	struct list_head timer_list;
1325 
1326 	INIT_LIST_HEAD(&timer_list);
1327 
1328 	rcu_read_lock();
1329 	irdma_timer_list_prep(cm_core, &timer_list);
1330 	rcu_read_unlock();
1331 
1332 	list_for_each_safe(list_node, list_core_temp, &timer_list) {
1333 		cm_node = container_of(list_node, struct irdma_cm_node,
1334 				       timer_entry);
1335 		close_entry = cm_node->close_entry;
1336 
1337 		if (close_entry) {
1338 			if (time_after(close_entry->timetosend, jiffies)) {
1339 				if (nexttimeout > close_entry->timetosend ||
1340 				    !settimer) {
1341 					nexttimeout = close_entry->timetosend;
1342 					settimer = 1;
1343 				}
1344 			} else {
1345 				irdma_handle_close_entry(cm_node, 1);
1346 			}
1347 		}
1348 
1349 		spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1350 
1351 		send_entry = cm_node->send_entry;
1352 		if (!send_entry)
1353 			goto done;
1354 		if (time_after(send_entry->timetosend, jiffies)) {
1355 			if (cm_node->state != IRDMA_CM_STATE_OFFLOADED) {
1356 				if (nexttimeout > send_entry->timetosend ||
1357 				    !settimer) {
1358 					nexttimeout = send_entry->timetosend;
1359 					settimer = 1;
1360 				}
1361 			} else {
1362 				irdma_free_retrans_entry(cm_node);
1363 			}
1364 			goto done;
1365 		}
1366 
1367 		if (cm_node->state == IRDMA_CM_STATE_OFFLOADED ||
1368 		    cm_node->state == IRDMA_CM_STATE_CLOSED) {
1369 			irdma_free_retrans_entry(cm_node);
1370 			goto done;
1371 		}
1372 
1373 		if (!send_entry->retranscount || !send_entry->retrycount) {
1374 			irdma_free_retrans_entry(cm_node);
1375 
1376 			spin_unlock_irqrestore(&cm_node->retrans_list_lock,
1377 					       flags);
1378 			irdma_retrans_expired(cm_node);
1379 			cm_node->state = IRDMA_CM_STATE_CLOSED;
1380 			spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1381 			goto done;
1382 		}
1383 		spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
1384 
1385 		vsi = &cm_node->iwdev->vsi;
1386 		if (!cm_node->ack_rcvd) {
1387 			atomic_inc(&send_entry->sqbuf->refcount);
1388 			irdma_puda_send_buf(vsi->ilq, send_entry->sqbuf);
1389 			cm_node->cm_core->stats_pkt_retrans++;
1390 		}
1391 
1392 		spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1393 		if (send_entry->send_retrans) {
1394 			send_entry->retranscount--;
1395 			timetosend = (IRDMA_RETRY_TIMEOUT <<
1396 				      (IRDMA_DEFAULT_RETRANS -
1397 				       send_entry->retranscount));
1398 
1399 			send_entry->timetosend = jiffies +
1400 			    min(timetosend, IRDMA_MAX_TIMEOUT);
1401 			if (nexttimeout > send_entry->timetosend || !settimer) {
1402 				nexttimeout = send_entry->timetosend;
1403 				settimer = 1;
1404 			}
1405 		} else {
1406 			int close_when_complete;
1407 
1408 			close_when_complete = send_entry->close_when_complete;
1409 			irdma_free_retrans_entry(cm_node);
1410 			if (close_when_complete)
1411 				irdma_rem_ref_cm_node(cm_node);
1412 		}
1413 done:
1414 		spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
1415 		irdma_rem_ref_cm_node(cm_node);
1416 	}
1417 
1418 	if (settimer) {
1419 		spin_lock_irqsave(&cm_core->ht_lock, flags);
1420 		if (!timer_pending(&cm_core->tcp_timer)) {
1421 			cm_core->tcp_timer.expires = nexttimeout;
1422 			add_timer(&cm_core->tcp_timer);
1423 		}
1424 		spin_unlock_irqrestore(&cm_core->ht_lock, flags);
1425 	}
1426 }
1427 
1428 /**
1429  * irdma_send_syn - send SYN packet
1430  * @cm_node: connection's node
1431  * @sendack: flag to set ACK bit or not
1432  */
1433 int
1434 irdma_send_syn(struct irdma_cm_node *cm_node, u32 sendack)
1435 {
1436 	struct irdma_puda_buf *sqbuf;
1437 	int flags = SET_SYN;
1438 	char optionsbuf[sizeof(struct option_mss) +
1439 			sizeof(struct option_windowscale) +
1440 			sizeof(struct option_base) + TCP_OPTIONS_PADDING];
1441 	struct irdma_kmem_info opts;
1442 	int optionssize = 0;
1443 
1444 	/* Sending MSS option */
1445 	union all_known_options *options;
1446 
1447 	opts.addr = optionsbuf;
1448 	if (!cm_node)
1449 		return -EINVAL;
1450 
1451 	options = (union all_known_options *)&optionsbuf[optionssize];
1452 	options->mss.optionnum = OPTION_NUM_MSS;
1453 	options->mss.len = sizeof(struct option_mss);
1454 	options->mss.mss = htons(cm_node->tcp_cntxt.mss);
1455 	optionssize += sizeof(struct option_mss);
1456 
1457 	options = (union all_known_options *)&optionsbuf[optionssize];
1458 	options->windowscale.optionnum = OPTION_NUM_WINDOW_SCALE;
1459 	options->windowscale.len = sizeof(struct option_windowscale);
1460 	options->windowscale.shiftcount = cm_node->tcp_cntxt.rcv_wscale;
1461 	optionssize += sizeof(struct option_windowscale);
1462 	options = (union all_known_options *)&optionsbuf[optionssize];
1463 	options->eol = OPTION_NUM_EOL;
1464 	optionssize += 1;
1465 
1466 	if (sendack)
1467 		flags |= SET_ACK;
1468 
1469 	opts.size = optionssize;
1470 
1471 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, &opts, NULL, NULL,
1472 						flags);
1473 	if (!sqbuf)
1474 		return -ENOMEM;
1475 
1476 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
1477 				       0);
1478 }
1479 
1480 /**
1481  * irdma_send_ack - Send ACK packet
1482  * @cm_node: connection's node
1483  */
1484 void
1485 irdma_send_ack(struct irdma_cm_node *cm_node)
1486 {
1487 	struct irdma_puda_buf *sqbuf;
1488 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
1489 
1490 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL, NULL, NULL,
1491 						SET_ACK);
1492 	if (sqbuf)
1493 		irdma_puda_send_buf(vsi->ilq, sqbuf);
1494 }
1495 
1496 /**
1497  * irdma_send_fin - Send FIN pkt
1498  * @cm_node: connection's node
1499  */
1500 static int
1501 irdma_send_fin(struct irdma_cm_node *cm_node)
1502 {
1503 	struct irdma_puda_buf *sqbuf;
1504 
1505 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL, NULL, NULL,
1506 						SET_ACK | SET_FIN);
1507 	if (!sqbuf)
1508 		return -ENOMEM;
1509 
1510 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
1511 				       0);
1512 }
1513 
1514 /**
1515  * irdma_find_listener - find a cm node listening on this addr-port pair
1516  * @cm_core: cm's core
1517  * @dst_addr: listener ip addr
1518  * @ipv4: flag indicating IPv4 when true
1519  * @dst_port: listener tcp port num
1520  * @vlan_id: virtual LAN ID
1521  * @listener_state: state to match with listen node's
1522  */
1523 static struct irdma_cm_listener *
1524 irdma_find_listener(struct irdma_cm_core *cm_core, u32 *dst_addr, bool ipv4, u16 dst_port,
1525 		    u16 vlan_id, enum irdma_cm_listener_state listener_state)
1526 {
1527 	struct irdma_cm_listener *listen_node;
1528 	static const u32 ip_zero[4] = {0, 0, 0, 0};
1529 	u32 listen_addr[4];
1530 	u16 listen_port;
1531 	unsigned long flags;
1532 
1533 	/* walk list and find cm_node associated with this session ID */
1534 	spin_lock_irqsave(&cm_core->listen_list_lock, flags);
1535 	list_for_each_entry(listen_node, &cm_core->listen_list, list) {
1536 		memcpy(listen_addr, listen_node->loc_addr, sizeof(listen_addr));
1537 		listen_port = listen_node->loc_port;
1538 		if (listen_node->ipv4 != ipv4 || listen_port != dst_port ||
1539 		    !(listener_state & listen_node->listener_state))
1540 			continue;
1541 		/* compare node pair, return node handle if a match */
1542 		if (!memcmp(listen_addr, ip_zero, sizeof(listen_addr)) ||
1543 		    (!memcmp(listen_addr, dst_addr, sizeof(listen_addr)) &&
1544 		     vlan_id == listen_node->vlan_id)) {
1545 			atomic_inc(&listen_node->refcnt);
1546 			spin_unlock_irqrestore(&cm_core->listen_list_lock,
1547 					       flags);
1548 			return listen_node;
1549 		}
1550 	}
1551 	spin_unlock_irqrestore(&cm_core->listen_list_lock, flags);
1552 
1553 	return NULL;
1554 }
1555 
1556 /**
1557  * irdma_del_multiple_qhash - Remove qhash and child listens
1558  * @iwdev: iWarp device
1559  * @cm_info: CM info for parent listen node
1560  * @cm_parent_listen_node: The parent listen node
1561  */
1562 static int
1563 irdma_del_multiple_qhash(struct irdma_device *iwdev,
1564 			 struct irdma_cm_info *cm_info,
1565 			 struct irdma_cm_listener *cm_parent_listen_node)
1566 {
1567 	struct irdma_cm_listener *child_listen_node;
1568 	struct list_head *pos, *tpos;
1569 	unsigned long flags;
1570 	int ret = -EINVAL;
1571 
1572 	spin_lock_irqsave(&iwdev->cm_core.listen_list_lock, flags);
1573 	list_for_each_safe(pos, tpos,
1574 			   &cm_parent_listen_node->child_listen_list) {
1575 		child_listen_node = list_entry(pos, struct irdma_cm_listener,
1576 					       child_listen_list);
1577 		if (child_listen_node->ipv4)
1578 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1579 				    "removing child listen for IP=%x, port=%d, vlan=%d\n",
1580 				    child_listen_node->loc_addr[0],
1581 				    child_listen_node->loc_port,
1582 				    child_listen_node->vlan_id);
1583 		else
1584 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1585 				    "removing child listen for IP=%x:%x:%x:%x, port=%d, vlan=%d\n",
1586 				    IRDMA_PRINT_IP6(child_listen_node->loc_addr),
1587 				    child_listen_node->loc_port,
1588 				    child_listen_node->vlan_id);
1589 		list_del(pos);
1590 		memcpy(cm_info->loc_addr, child_listen_node->loc_addr,
1591 		       sizeof(cm_info->loc_addr));
1592 		cm_info->vlan_id = child_listen_node->vlan_id;
1593 		if (child_listen_node->qhash_set) {
1594 			ret = irdma_manage_qhash(iwdev, cm_info,
1595 						 IRDMA_QHASH_TYPE_TCP_SYN,
1596 						 IRDMA_QHASH_MANAGE_TYPE_DELETE,
1597 						 NULL, false);
1598 			child_listen_node->qhash_set = false;
1599 		} else {
1600 			ret = 0;
1601 		}
1602 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1603 			    "Child listen node freed = %p\n",
1604 			    child_listen_node);
1605 		kfree(child_listen_node);
1606 		cm_parent_listen_node->cm_core->stats_listen_nodes_destroyed++;
1607 	}
1608 	spin_unlock_irqrestore(&iwdev->cm_core.listen_list_lock, flags);
1609 
1610 	return ret;
1611 }
1612 
1613 static u8 irdma_iw_get_vlan_prio(u32 *loc_addr, u8 prio, bool ipv4)
1614 {
1615 	return prio;
1616 }
1617 
1618 /**
1619  * irdma_get_vlan_mac_ipv6 - Get the vlan and mac for an IPv6
1620  * address
1621  * @addr: local IPv6 address
1622  * @vlan_id: vlan id for the given IPv6 address
1623  * @mac: mac address for the given IPv6 address
1624  *
1625  * Returns the net_device of the IPv6 address and also sets the
1626  * vlan id and mac for that address.
1627  */
1628 void
1629 irdma_get_vlan_mac_ipv6(struct iw_cm_id *cm_id, u32 *addr, u16 *vlan_id, u8 *mac)
1630 {
1631 	if_t ip_dev = NULL;
1632 	struct in6_addr laddr6;
1633 	struct vnet *vnet = &init_net;
1634 	struct ifaddr *ifa;
1635 	u16 scope_id = 0;
1636 
1637 	irdma_copy_ip_htonl(laddr6.__u6_addr.__u6_addr32, addr);
1638 	if (vlan_id)
1639 		*vlan_id = 0xFFFF;	/* Match rdma_vlan_dev_vlan_id() */
1640 	if (mac)
1641 		eth_zero_addr(mac);
1642 
1643 	if (IN6_IS_SCOPE_LINKLOCAL(&laddr6) ||
1644 	    IN6_IS_ADDR_MC_INTFACELOCAL(&laddr6))
1645 		scope_id = ntohs(laddr6.__u6_addr.__u6_addr16[1]);
1646 
1647 #ifdef VIMAGE
1648 	vnet = irdma_cmid_to_vnet(cm_id);
1649 #endif
1650 	ip_dev = ip6_ifp_find(vnet, laddr6, scope_id);
1651 	if (ip_dev) {
1652 		if (vlan_id)
1653 			*vlan_id = rdma_vlan_dev_vlan_id(ip_dev);
1654 		ifa = if_getifaddr(ip_dev);
1655 		if (ifa && ifa->ifa_addr && mac)
1656 			ether_addr_copy(mac, if_getlladdr(ip_dev));
1657 	}
1658 }
1659 
1660 /**
1661  * irdma_get_vlan_ipv4 - Returns the vlan_id for IPv4 address
1662  * @addr: local IPv4 address
1663  */
1664 u16
1665 irdma_get_vlan_ipv4(struct iw_cm_id *cm_id, u32 *addr)
1666 {
1667 	u16 vlan_id = 0xFFFF;
1668 
1669 #ifdef INET
1670 	if_t netdev;
1671 	struct vnet *vnet = &init_net;
1672 
1673 #ifdef VIMAGE
1674 	vnet = irdma_cmid_to_vnet(cm_id);
1675 #endif
1676 	netdev = ip_ifp_find(vnet, htonl(addr[0]));
1677 	if (netdev) {
1678 		vlan_id = rdma_vlan_dev_vlan_id(netdev);
1679 		dev_put(netdev);
1680 	}
1681 #endif
1682 
1683 	return vlan_id;
1684 }
1685 
1686 static int
1687 irdma_manage_qhash_wait(struct irdma_pci_f *rf, struct irdma_cm_info *cm_info)
1688 {
1689 	struct irdma_cqp_request *cqp_request = cm_info->cqp_request;
1690 	int cnt = rf->sc_dev.hw_attrs.max_cqp_compl_wait_time_ms * CQP_TIMEOUT_THRESHOLD;
1691 	u32 ret_val;
1692 
1693 	if (!cqp_request)
1694 		return -ENOMEM;
1695 	do {
1696 		irdma_cqp_ce_handler(rf, &rf->ccq.sc_cq);
1697 		mdelay(1);
1698 	} while (!READ_ONCE(cqp_request->request_done) && --cnt);
1699 
1700 	ret_val = cqp_request->compl_info.op_ret_val;
1701 	irdma_put_cqp_request(&rf->cqp, cqp_request);
1702 	if (cnt) {
1703 		if (!ret_val)
1704 			return 0;
1705 		return -EINVAL;
1706 	}
1707 
1708 	return -ETIMEDOUT;
1709 }
1710 
1711 /**
1712  * irdma_add_mqh_ifa_cb - Adds multiple qhashes for IPv4/IPv6
1713  * @arg: Calback argument structure from irdma_add_mqh
1714  * @ifa: Current address to compute against
1715  * @count: Current cumulative output of all callbacks in this iteration
1716  *
1717  * Adds a qhash and a child listen node for a single IPv4/IPv6 address
1718  * on the adapter and adds the associated qhash filter
1719  */
1720 static u_int
1721 irdma_add_mqh_ifa_cb(void *arg, struct ifaddr *ifa, u_int count)
1722 {
1723 	struct irdma_add_mqh_cbs *cbs = arg;
1724 	struct irdma_cm_listener *child_listen_node;
1725 	struct irdma_cm_info *cm_info = cbs->cm_info;
1726 	struct irdma_device *iwdev = cbs->iwdev;
1727 	struct irdma_cm_listener *cm_parent_listen_node = cbs->cm_listen_node;
1728 	if_t ip_dev = ifa->ifa_ifp;
1729 	unsigned long flags;
1730 	int ret;
1731 
1732 	if (count)
1733 		return 0;
1734 
1735 	child_listen_node = kzalloc(sizeof(*child_listen_node), GFP_ATOMIC);
1736 	if (!child_listen_node) {
1737 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1738 			    "listener memory allocation\n");
1739 		return -ENOMEM;
1740 	}
1741 
1742 	memcpy(child_listen_node, cm_parent_listen_node,
1743 	       sizeof(*child_listen_node));
1744 	cm_info->vlan_id = rdma_vlan_dev_vlan_id(ip_dev);
1745 	child_listen_node->vlan_id = cm_info->vlan_id;
1746 	if (cm_info->ipv4) {
1747 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1748 			    "Allocating child CM Listener forIP=%x, vlan_id=%d, MAC=%x:%x:%x:%x:%x:%x\n",
1749 			    ((struct sockaddr_in *)&ifa->ifa_addr)->sin_addr.s_addr,
1750 			    rdma_vlan_dev_vlan_id(ip_dev),
1751 			    if_getlladdr(ip_dev)[0], if_getlladdr(ip_dev)[1],
1752 			    if_getlladdr(ip_dev)[2], if_getlladdr(ip_dev)[3],
1753 			    if_getlladdr(ip_dev)[4], if_getlladdr(ip_dev)[5]);
1754 		child_listen_node->loc_addr[0] =
1755 		    ntohl(((struct sockaddr_in *)ifa->ifa_addr)->sin_addr.s_addr);
1756 	} else {
1757 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1758 			    "IP=%x:%x:%x:%x, vlan_id=%d, MAC=%x:%x:%x:%x:%x:%x\n",
1759 			    IRDMA_PRINT_IP6(&((struct sockaddr_in6 *)ifa->ifa_addr)->sin6_addr),
1760 			    rdma_vlan_dev_vlan_id(ip_dev),
1761 			    if_getlladdr(ip_dev)[0], if_getlladdr(ip_dev)[1],
1762 			    if_getlladdr(ip_dev)[2], if_getlladdr(ip_dev)[3],
1763 			    if_getlladdr(ip_dev)[4], if_getlladdr(ip_dev)[5]);
1764 		irdma_copy_ip_ntohl(child_listen_node->loc_addr,
1765 				    ((struct sockaddr_in6 *)ifa->ifa_addr)->sin6_addr.__u6_addr.__u6_addr32);
1766 	}
1767 	memcpy(cm_info->loc_addr, child_listen_node->loc_addr,
1768 	       sizeof(cm_info->loc_addr));
1769 	if (!iwdev->vsi.dscp_mode)
1770 		cm_info->user_pri =
1771 		    irdma_iw_get_vlan_prio(child_listen_node->loc_addr,
1772 					   cm_info->user_pri,
1773 					   cm_info->ipv4);
1774 	ret = irdma_manage_qhash(iwdev, cm_info,
1775 				 IRDMA_QHASH_TYPE_TCP_SYN,
1776 				 IRDMA_QHASH_MANAGE_TYPE_ADD,
1777 				 NULL, false);
1778 	if (ret) {
1779 		kfree(child_listen_node);
1780 		return ret;
1781 	}
1782 	/* wait for qhash finish */
1783 	ret = irdma_manage_qhash_wait(iwdev->rf, cm_info);
1784 	if (ret) {
1785 		kfree(child_listen_node);
1786 		return ret;
1787 	}
1788 
1789 	child_listen_node->qhash_set = true;
1790 	spin_lock_irqsave(&iwdev->cm_core.listen_list_lock, flags);
1791 	list_add(&child_listen_node->child_listen_list,
1792 		 &cm_parent_listen_node->child_listen_list);
1793 	spin_unlock_irqrestore(&iwdev->cm_core.listen_list_lock, flags);
1794 	cm_parent_listen_node->cm_core->stats_listen_nodes_created++;
1795 
1796 	return 0;
1797 }
1798 
1799 /**
1800  * irdma_add_mqh - Adds multiple qhashes
1801  * @iwdev: iWarp device
1802  * @cm_info: CM info for parent listen node
1803  * @cm_listen_node: The parent listen node
1804  */
1805 static int
1806 irdma_add_mqh(struct irdma_device *iwdev,
1807 	      struct irdma_cm_info *cm_info,
1808 	      struct irdma_cm_listener *cm_listen_node)
1809 {
1810 	struct epoch_tracker et;
1811 	struct irdma_add_mqh_cbs cbs;
1812 	struct if_iter iter;
1813 	if_t ifp;
1814 	int err = -ENOENT;
1815 
1816 	cbs.iwdev = iwdev;
1817 	cbs.cm_info = cm_info;
1818 	cbs.cm_listen_node = cm_listen_node;
1819 
1820 	VNET_ITERATOR_DECL(vnet_iter);
1821 
1822 	VNET_LIST_RLOCK();
1823 	NET_EPOCH_ENTER(et);
1824 	VNET_FOREACH(vnet_iter) {
1825 		CURVNET_SET_QUIET(vnet_iter);
1826 		for (ifp = if_iter_start(&iter); ifp != NULL; ifp = if_iter_next(&iter)) {
1827 			if (!(if_getflags(ifp) & IFF_UP))
1828 				continue;
1829 
1830 			if (((rdma_vlan_dev_vlan_id(ifp) >= VLAN_N_VID) ||
1831 			     (rdma_vlan_dev_real_dev(ifp) != iwdev->netdev)) &&
1832 			    ifp != iwdev->netdev)
1833 				continue;
1834 
1835 			if_addr_rlock(ifp);
1836 			if (cm_info->ipv4)
1837 				err = if_foreach_addr_type(ifp, AF_INET, irdma_add_mqh_ifa_cb, &cbs);
1838 			else
1839 				err = if_foreach_addr_type(ifp, AF_INET6, irdma_add_mqh_ifa_cb, &cbs);
1840 			if_addr_runlock(ifp);
1841 		}
1842 		if_iter_finish(&iter);
1843 		CURVNET_RESTORE();
1844 	}
1845 	NET_EPOCH_EXIT(et);
1846 	VNET_LIST_RUNLOCK();
1847 
1848 	return err;
1849 }
1850 
1851 /**
1852  * irdma_reset_list_prep - add connection nodes slated for reset to list
1853  * @cm_core: cm's core
1854  * @listener: pointer to listener node
1855  * @reset_list: a list to which cm_node will be selected
1856  */
1857 static void
1858 irdma_reset_list_prep(struct irdma_cm_core *cm_core,
1859 		      struct irdma_cm_listener *listener,
1860 		      struct list_head *reset_list)
1861 {
1862 	struct irdma_cm_node *cm_node;
1863 	int bkt;
1864 
1865 	HASH_FOR_EACH_RCU(cm_core->cm_hash_tbl, bkt, cm_node, list) {
1866 		if (cm_node->listener == listener &&
1867 		    !cm_node->accelerated &&
1868 		    atomic_inc_not_zero(&cm_node->refcnt))
1869 			list_add(&cm_node->reset_entry, reset_list);
1870 	}
1871 }
1872 
1873 /**
1874  * irdma_dec_refcnt_listen - delete listener and associated cm nodes
1875  * @cm_core: cm's core
1876  * @listener: pointer to listener node
1877  * @free_hanging_nodes: to free associated cm_nodes
1878  * @apbvt_del: flag to delete the apbvt
1879  */
1880 static int
1881 irdma_dec_refcnt_listen(struct irdma_cm_core *cm_core,
1882 			struct irdma_cm_listener *listener,
1883 			int free_hanging_nodes, bool apbvt_del)
1884 {
1885 	struct list_head *list_pos;
1886 	struct list_head *list_temp;
1887 	struct irdma_cm_node *cm_node;
1888 	struct list_head reset_list;
1889 	struct irdma_cm_info nfo;
1890 	enum irdma_cm_node_state old_state;
1891 	unsigned long flags;
1892 	int err;
1893 
1894 	/* free non-accelerated child nodes for this listener */
1895 	INIT_LIST_HEAD(&reset_list);
1896 	if (free_hanging_nodes) {
1897 		rcu_read_lock();
1898 		irdma_reset_list_prep(cm_core, listener, &reset_list);
1899 		rcu_read_unlock();
1900 	}
1901 
1902 	list_for_each_safe(list_pos, list_temp, &reset_list) {
1903 		cm_node = container_of(list_pos, struct irdma_cm_node,
1904 				       reset_entry);
1905 		if (cm_node->state >= IRDMA_CM_STATE_FIN_WAIT1) {
1906 			irdma_rem_ref_cm_node(cm_node);
1907 			continue;
1908 		}
1909 
1910 		irdma_cleanup_retrans_entry(cm_node);
1911 		err = irdma_send_reset(cm_node);
1912 		if (err) {
1913 			cm_node->state = IRDMA_CM_STATE_CLOSED;
1914 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1915 				    "send reset failed\n");
1916 		} else {
1917 			old_state = cm_node->state;
1918 			cm_node->state = IRDMA_CM_STATE_LISTENER_DESTROYED;
1919 			if (old_state != IRDMA_CM_STATE_MPAREQ_RCVD)
1920 				irdma_rem_ref_cm_node(cm_node);
1921 		}
1922 	}
1923 
1924 	if (atomic_dec_and_test(&listener->refcnt)) {
1925 		spin_lock_irqsave(&cm_core->listen_list_lock, flags);
1926 		list_del(&listener->list);
1927 		spin_unlock_irqrestore(&cm_core->listen_list_lock, flags);
1928 
1929 		if (apbvt_del)
1930 			irdma_del_apbvt(listener->iwdev,
1931 					listener->apbvt_entry);
1932 		memcpy(nfo.loc_addr, listener->loc_addr, sizeof(nfo.loc_addr));
1933 		nfo.loc_port = listener->loc_port;
1934 		nfo.ipv4 = listener->ipv4;
1935 		nfo.vlan_id = listener->vlan_id;
1936 		nfo.user_pri = listener->user_pri;
1937 		nfo.qh_qpid = listener->iwdev->vsi.ilq->qp_id;
1938 
1939 		if (!list_empty(&listener->child_listen_list)) {
1940 			irdma_del_multiple_qhash(listener->iwdev, &nfo,
1941 						 listener);
1942 		} else {
1943 			if (listener->qhash_set)
1944 				irdma_manage_qhash(listener->iwdev,
1945 						   &nfo,
1946 						   IRDMA_QHASH_TYPE_TCP_SYN,
1947 						   IRDMA_QHASH_MANAGE_TYPE_DELETE,
1948 						   NULL, false);
1949 		}
1950 
1951 		cm_core->stats_listen_destroyed++;
1952 		cm_core->stats_listen_nodes_destroyed++;
1953 		irdma_debug(&listener->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1954 			    "loc_port=0x%04x loc_addr=%x cm_listen_node=%p cm_id=%p qhash_set=%d vlan_id=%d apbvt_del=%d\n",
1955 			    listener->loc_port, listener->loc_addr[0], listener,
1956 			    listener->cm_id, listener->qhash_set,
1957 			    listener->vlan_id, apbvt_del);
1958 		kfree(listener);
1959 		listener = NULL;
1960 		return 0;
1961 	}
1962 
1963 	return -EINVAL;
1964 }
1965 
1966 /**
1967  * irdma_cm_del_listen - delete a listener
1968  * @cm_core: cm's core
1969  * @listener: passive connection's listener
1970  * @apbvt_del: flag to delete apbvt
1971  */
1972 static int
1973 irdma_cm_del_listen(struct irdma_cm_core *cm_core,
1974 		    struct irdma_cm_listener *listener,
1975 		    bool apbvt_del)
1976 {
1977 	listener->listener_state = IRDMA_CM_LISTENER_PASSIVE_STATE;
1978 	listener->cm_id = NULL;
1979 
1980 	return irdma_dec_refcnt_listen(cm_core, listener, 1, apbvt_del);
1981 }
1982 
1983 /**
1984  * irdma_find_node - find a cm node that matches the reference cm node
1985  * @cm_core: cm's core
1986  * @rem_port: remote tcp port num
1987  * @rem_addr: remote ip addr
1988  * @loc_port: local tcp port num
1989  * @loc_addr: local ip addr
1990  * @vlan_id: local VLAN ID
1991  */
1992 struct irdma_cm_node *
1993 irdma_find_node(struct irdma_cm_core *cm_core,
1994 		u16 rem_port, u32 *rem_addr, u16 loc_port,
1995 		u32 *loc_addr, u16 vlan_id)
1996 {
1997 	struct irdma_cm_node *cm_node;
1998 	u32 key = (rem_port << 16) | loc_port;
1999 
2000 	rcu_read_lock();
2001 	HASH_FOR_EACH_POSSIBLE_RCU(cm_core->cm_hash_tbl, cm_node, list, key) {
2002 		if (cm_node->vlan_id == vlan_id &&
2003 		    cm_node->loc_port == loc_port && cm_node->rem_port == rem_port &&
2004 		    !memcmp(cm_node->loc_addr, loc_addr, sizeof(cm_node->loc_addr)) &&
2005 		    !memcmp(cm_node->rem_addr, rem_addr, sizeof(cm_node->rem_addr))) {
2006 			if (!atomic_inc_not_zero(&cm_node->refcnt))
2007 				goto exit;
2008 			rcu_read_unlock();
2009 			return cm_node;
2010 		}
2011 	}
2012 
2013 exit:
2014 	rcu_read_unlock();
2015 
2016 	/* no owner node */
2017 	return NULL;
2018 }
2019 
2020 /**
2021  * irdma_add_hte_node - add a cm node to the hash table
2022  * @cm_core: cm's core
2023  * @cm_node: connection's node
2024  */
2025 static void
2026 irdma_add_hte_node(struct irdma_cm_core *cm_core,
2027 		   struct irdma_cm_node *cm_node)
2028 {
2029 	unsigned long flags;
2030 	u32 key = (cm_node->rem_port << 16) | cm_node->loc_port;
2031 
2032 	spin_lock_irqsave(&cm_core->ht_lock, flags);
2033 	HASH_ADD_RCU(cm_core->cm_hash_tbl, &cm_node->list, key);
2034 	spin_unlock_irqrestore(&cm_core->ht_lock, flags);
2035 }
2036 
2037 /**
2038  * irdma_ipv4_is_lpb - check if loopback
2039  * @loc_addr: local addr to compare
2040  * @rem_addr: remote address
2041  */
2042 bool
2043 irdma_ipv4_is_lpb(u32 loc_addr, u32 rem_addr)
2044 {
2045 	return ipv4_is_loopback(htonl(rem_addr)) || (loc_addr == rem_addr);
2046 }
2047 
2048 /**
2049  * irdma_ipv6_is_lpb - check if loopback
2050  * @loc_addr: local addr to compare
2051  * @rem_addr: remote address
2052  */
2053 bool
2054 irdma_ipv6_is_lpb(u32 *loc_addr, u32 *rem_addr)
2055 {
2056 	struct in6_addr raddr6;
2057 
2058 	irdma_copy_ip_htonl(raddr6.__u6_addr.__u6_addr32, rem_addr);
2059 
2060 	return !memcmp(loc_addr, rem_addr, 16) || ipv6_addr_loopback(&raddr6);
2061 }
2062 
2063 /**
2064  * irdma_cm_create_ah - create a cm address handle
2065  * @cm_node: The connection manager node to create AH for
2066  * @wait: Provides option to wait for ah creation or not
2067  */
2068 static int
2069 irdma_cm_create_ah(struct irdma_cm_node *cm_node, bool wait)
2070 {
2071 	struct irdma_ah_info ah_info = {0};
2072 	struct irdma_device *iwdev = cm_node->iwdev;
2073 #ifdef VIMAGE
2074 	struct vnet *vnet = irdma_cmid_to_vnet(cm_node->cm_id);
2075 #endif
2076 
2077 	ether_addr_copy(ah_info.mac_addr, if_getlladdr(iwdev->netdev));
2078 
2079 	ah_info.hop_ttl = 0x40;
2080 	ah_info.tc_tos = cm_node->tos;
2081 	ah_info.vsi = &iwdev->vsi;
2082 
2083 	if (cm_node->ipv4) {
2084 		ah_info.ipv4_valid = true;
2085 		ah_info.dest_ip_addr[0] = cm_node->rem_addr[0];
2086 		ah_info.src_ip_addr[0] = cm_node->loc_addr[0];
2087 		CURVNET_SET_QUIET(vnet);
2088 		ah_info.do_lpbk = irdma_ipv4_is_lpb(ah_info.src_ip_addr[0],
2089 						    ah_info.dest_ip_addr[0]);
2090 		CURVNET_RESTORE();
2091 	} else {
2092 		memcpy(ah_info.dest_ip_addr, cm_node->rem_addr,
2093 		       sizeof(ah_info.dest_ip_addr));
2094 		memcpy(ah_info.src_ip_addr, cm_node->loc_addr,
2095 		       sizeof(ah_info.src_ip_addr));
2096 		ah_info.do_lpbk = irdma_ipv6_is_lpb(ah_info.src_ip_addr,
2097 						    ah_info.dest_ip_addr);
2098 	}
2099 
2100 	ah_info.vlan_tag = cm_node->vlan_id;
2101 	if (cm_node->vlan_id < VLAN_N_VID) {
2102 		ah_info.insert_vlan_tag = 1;
2103 		ah_info.vlan_tag |= cm_node->user_pri << VLAN_PRIO_SHIFT;
2104 	}
2105 
2106 	ah_info.dst_arpindex =
2107 	    irdma_arp_table(iwdev->rf, ah_info.dest_ip_addr,
2108 			    NULL, IRDMA_ARP_RESOLVE);
2109 
2110 	if (irdma_puda_create_ah(&iwdev->rf->sc_dev, &ah_info, wait,
2111 				 IRDMA_PUDA_RSRC_TYPE_ILQ, cm_node,
2112 				 &cm_node->ah))
2113 		return -ENOMEM;
2114 
2115 	return 0;
2116 }
2117 
2118 /**
2119  * irdma_cm_free_ah - free a cm address handle
2120  * @cm_node: The connection manager node to create AH for
2121  */
2122 static void
2123 irdma_cm_free_ah(struct irdma_cm_node *cm_node)
2124 {
2125 	struct irdma_device *iwdev = cm_node->iwdev;
2126 
2127 	irdma_puda_free_ah(&iwdev->rf->sc_dev, cm_node->ah);
2128 	cm_node->ah = NULL;
2129 }
2130 
2131 /**
2132  * irdma_make_cm_node - create a new instance of a cm node
2133  * @cm_core: cm's core
2134  * @iwdev: iwarp device structure
2135  * @cm_info: quad info for connection
2136  * @listener: passive connection's listener
2137  */
2138 static struct irdma_cm_node *
2139 irdma_make_cm_node(struct irdma_cm_core *cm_core, struct irdma_device *iwdev,
2140 		   struct irdma_cm_info *cm_info,
2141 		   struct irdma_cm_listener *listener)
2142 {
2143 	struct irdma_cm_node *cm_node;
2144 	int arpindex;
2145 	if_t netdev = iwdev->netdev;
2146 
2147 	/* create an hte and cm_node for this instance */
2148 	cm_node = kzalloc(sizeof(*cm_node), GFP_ATOMIC);
2149 	if (!cm_node)
2150 		return NULL;
2151 
2152 	/* set our node specific transport info */
2153 	cm_node->ipv4 = cm_info->ipv4;
2154 	cm_node->vlan_id = cm_info->vlan_id;
2155 	if (cm_node->vlan_id >= VLAN_N_VID && iwdev->dcb_vlan_mode)
2156 		cm_node->vlan_id = 0;
2157 	cm_node->tos = cm_info->tos;
2158 	cm_node->user_pri = cm_info->user_pri;
2159 	if (listener) {
2160 		if (listener->tos != cm_info->tos)
2161 			irdma_dev_warn(&iwdev->ibdev,
2162 				       "application TOS[%d] and remote client TOS[%d] mismatch\n",
2163 				       listener->tos, cm_info->tos);
2164 		if (iwdev->vsi.dscp_mode) {
2165 			cm_node->user_pri = listener->user_pri;
2166 		} else {
2167 			cm_node->tos = max(listener->tos, cm_info->tos);
2168 			cm_node->user_pri = rt_tos2priority(cm_node->tos);
2169 			cm_node->user_pri =
2170 			    irdma_iw_get_vlan_prio(cm_info->loc_addr,
2171 						   cm_node->user_pri,
2172 						   cm_info->ipv4);
2173 		}
2174 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_DCB,
2175 			    "listener: TOS:[%d] UP:[%d]\n", cm_node->tos,
2176 			    cm_node->user_pri);
2177 	}
2178 	memcpy(cm_node->loc_addr, cm_info->loc_addr, sizeof(cm_node->loc_addr));
2179 	memcpy(cm_node->rem_addr, cm_info->rem_addr, sizeof(cm_node->rem_addr));
2180 	cm_node->loc_port = cm_info->loc_port;
2181 	cm_node->rem_port = cm_info->rem_port;
2182 
2183 	cm_node->mpa_frame_rev = IRDMA_CM_DEFAULT_MPA_VER;
2184 	cm_node->send_rdma0_op = SEND_RDMA_READ_ZERO;
2185 	cm_node->iwdev = iwdev;
2186 	cm_node->dev = &iwdev->rf->sc_dev;
2187 
2188 	cm_node->ird_size = cm_node->dev->hw_attrs.max_hw_ird;
2189 	cm_node->ord_size = cm_node->dev->hw_attrs.max_hw_ord;
2190 
2191 	cm_node->listener = listener;
2192 	cm_node->cm_id = cm_info->cm_id;
2193 	ether_addr_copy(cm_node->loc_mac, if_getlladdr(netdev));
2194 	spin_lock_init(&cm_node->retrans_list_lock);
2195 	cm_node->ack_rcvd = false;
2196 
2197 	init_completion(&cm_node->establish_comp);
2198 	atomic_set(&cm_node->refcnt, 1);
2199 	/* associate our parent CM core */
2200 	cm_node->cm_core = cm_core;
2201 	cm_node->tcp_cntxt.loc_id = IRDMA_CM_DEFAULT_LOCAL_ID;
2202 	cm_node->tcp_cntxt.rcv_wscale = iwdev->rcv_wscale;
2203 	cm_node->tcp_cntxt.rcv_wnd = iwdev->rcv_wnd >> cm_node->tcp_cntxt.rcv_wscale;
2204 	kc_set_loc_seq_num_mss(cm_node);
2205 
2206 	arpindex = irdma_resolve_neigh_lpb_chk(iwdev, cm_node, cm_info);
2207 	if (arpindex < 0)
2208 		goto err;
2209 
2210 	ether_addr_copy(cm_node->rem_mac, iwdev->rf->arp_table[arpindex].mac_addr);
2211 	irdma_add_hte_node(cm_core, cm_node);
2212 	cm_core->stats_nodes_created++;
2213 	return cm_node;
2214 
2215 err:
2216 	kfree(cm_node);
2217 
2218 	return NULL;
2219 }
2220 
2221 static void
2222 irdma_destroy_connection(struct irdma_cm_node *cm_node)
2223 {
2224 	struct irdma_cm_core *cm_core = cm_node->cm_core;
2225 	struct irdma_qp *iwqp;
2226 	struct irdma_cm_info nfo;
2227 
2228 	/* if the node is destroyed before connection was accelerated */
2229 	if (!cm_node->accelerated && cm_node->accept_pend) {
2230 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2231 			    "node destroyed before established\n");
2232 		atomic_dec(&cm_node->listener->pend_accepts_cnt);
2233 	}
2234 	if (cm_node->close_entry)
2235 		irdma_handle_close_entry(cm_node, 0);
2236 	if (cm_node->listener) {
2237 		irdma_dec_refcnt_listen(cm_core, cm_node->listener, 0, true);
2238 	} else {
2239 		if (cm_node->apbvt_set) {
2240 			irdma_del_apbvt(cm_node->iwdev, cm_node->apbvt_entry);
2241 			cm_node->apbvt_set = 0;
2242 		}
2243 		irdma_get_addr_info(cm_node, &nfo);
2244 		if (cm_node->qhash_set) {
2245 			nfo.qh_qpid = cm_node->iwdev->vsi.ilq->qp_id;
2246 			irdma_manage_qhash(cm_node->iwdev, &nfo,
2247 					   IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
2248 					   IRDMA_QHASH_MANAGE_TYPE_DELETE, NULL,
2249 					   false);
2250 			cm_node->qhash_set = 0;
2251 		}
2252 	}
2253 
2254 	iwqp = cm_node->iwqp;
2255 	if (iwqp) {
2256 		cm_node->cm_id->rem_ref(cm_node->cm_id);
2257 		cm_node->cm_id = NULL;
2258 		iwqp->cm_id = NULL;
2259 		irdma_qp_rem_ref(&iwqp->ibqp);
2260 		cm_node->iwqp = NULL;
2261 	} else if (cm_node->qhash_set) {
2262 		irdma_get_addr_info(cm_node, &nfo);
2263 		nfo.qh_qpid = cm_node->iwdev->vsi.ilq->qp_id;
2264 		irdma_manage_qhash(cm_node->iwdev, &nfo,
2265 				   IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
2266 				   IRDMA_QHASH_MANAGE_TYPE_DELETE, NULL, false);
2267 		cm_node->qhash_set = 0;
2268 	}
2269 
2270 	cm_core->cm_free_ah(cm_node);
2271 }
2272 
2273 /**
2274  * irdma_rem_ref_cm_node - destroy an instance of a cm node
2275  * @cm_node: connection's node
2276  */
2277 void
2278 irdma_rem_ref_cm_node(struct irdma_cm_node *cm_node)
2279 {
2280 	struct irdma_cm_core *cm_core = cm_node->cm_core;
2281 	unsigned long flags;
2282 
2283 	spin_lock_irqsave(&cm_core->ht_lock, flags);
2284 
2285 	if (!atomic_dec_and_test(&cm_node->refcnt)) {
2286 		spin_unlock_irqrestore(&cm_core->ht_lock, flags);
2287 		return;
2288 	}
2289 	if (cm_node->iwqp) {
2290 		cm_node->iwqp->cm_node = NULL;
2291 		cm_node->iwqp->cm_id = NULL;
2292 	}
2293 	HASH_DEL_RCU(cm_core->cm_hash_tbl, &cm_node->list);
2294 	cm_node->cm_core->stats_nodes_destroyed++;
2295 
2296 	spin_unlock_irqrestore(&cm_core->ht_lock, flags);
2297 
2298 	irdma_destroy_connection(cm_node);
2299 
2300 	kfree_rcu(cm_node, rcu_head);
2301 }
2302 
2303 /**
2304  * irdma_handle_fin_pkt - FIN packet received
2305  * @cm_node: connection's node
2306  */
2307 static void
2308 irdma_handle_fin_pkt(struct irdma_cm_node *cm_node)
2309 {
2310 	switch (cm_node->state) {
2311 	case IRDMA_CM_STATE_SYN_RCVD:
2312 	case IRDMA_CM_STATE_SYN_SENT:
2313 	case IRDMA_CM_STATE_ESTABLISHED:
2314 	case IRDMA_CM_STATE_MPAREJ_RCVD:
2315 		cm_node->tcp_cntxt.rcv_nxt++;
2316 		irdma_cleanup_retrans_entry(cm_node);
2317 		cm_node->state = IRDMA_CM_STATE_LAST_ACK;
2318 		irdma_send_fin(cm_node);
2319 		break;
2320 	case IRDMA_CM_STATE_MPAREQ_SENT:
2321 		irdma_create_event(cm_node, IRDMA_CM_EVENT_ABORTED);
2322 		cm_node->tcp_cntxt.rcv_nxt++;
2323 		irdma_cleanup_retrans_entry(cm_node);
2324 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2325 		atomic_inc(&cm_node->refcnt);
2326 		irdma_send_reset(cm_node);
2327 		break;
2328 	case IRDMA_CM_STATE_FIN_WAIT1:
2329 		cm_node->tcp_cntxt.rcv_nxt++;
2330 		irdma_cleanup_retrans_entry(cm_node);
2331 		cm_node->state = IRDMA_CM_STATE_CLOSING;
2332 		irdma_send_ack(cm_node);
2333 		/*
2334 		 * Wait for ACK as this is simultaneous close. After we receive ACK, do not send anything. Just rm the
2335 		 * node.
2336 		 */
2337 		break;
2338 	case IRDMA_CM_STATE_FIN_WAIT2:
2339 		cm_node->tcp_cntxt.rcv_nxt++;
2340 		irdma_cleanup_retrans_entry(cm_node);
2341 		cm_node->state = IRDMA_CM_STATE_TIME_WAIT;
2342 		irdma_send_ack(cm_node);
2343 		irdma_schedule_cm_timer(cm_node, NULL, IRDMA_TIMER_TYPE_CLOSE,
2344 					1, 0);
2345 		break;
2346 	case IRDMA_CM_STATE_TIME_WAIT:
2347 		cm_node->tcp_cntxt.rcv_nxt++;
2348 		irdma_cleanup_retrans_entry(cm_node);
2349 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2350 		irdma_rem_ref_cm_node(cm_node);
2351 		break;
2352 	case IRDMA_CM_STATE_OFFLOADED:
2353 	default:
2354 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2355 			    "bad state node state = %d\n", cm_node->state);
2356 		break;
2357 	}
2358 }
2359 
2360 /**
2361  * irdma_handle_rst_pkt - process received RST packet
2362  * @cm_node: connection's node
2363  * @rbuf: receive buffer
2364  */
2365 static void
2366 irdma_handle_rst_pkt(struct irdma_cm_node *cm_node,
2367 		     struct irdma_puda_buf *rbuf)
2368 {
2369 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2370 		    "caller: %pS cm_node=%p state=%d rem_port=0x%04x loc_port=0x%04x rem_addr=%x loc_addr=%x\n",
2371 		    __builtin_return_address(0), cm_node, cm_node->state,
2372 		    cm_node->rem_port, cm_node->loc_port, cm_node->rem_addr[0],
2373 		    cm_node->loc_addr[0]);
2374 
2375 	irdma_cleanup_retrans_entry(cm_node);
2376 	switch (cm_node->state) {
2377 	case IRDMA_CM_STATE_SYN_SENT:
2378 	case IRDMA_CM_STATE_MPAREQ_SENT:
2379 		switch (cm_node->mpa_frame_rev) {
2380 		case IETF_MPA_V2:
2381 			/* Drop down to MPA_V1 */
2382 			cm_node->mpa_frame_rev = IETF_MPA_V1;
2383 			/* send a syn and goto syn sent state */
2384 			cm_node->state = IRDMA_CM_STATE_SYN_SENT;
2385 			if (irdma_send_syn(cm_node, 0))
2386 				irdma_active_open_err(cm_node, false);
2387 			break;
2388 		case IETF_MPA_V1:
2389 		default:
2390 			irdma_active_open_err(cm_node, false);
2391 			break;
2392 		}
2393 		break;
2394 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2395 		atomic_inc(&cm_node->passive_state);
2396 		break;
2397 	case IRDMA_CM_STATE_ESTABLISHED:
2398 	case IRDMA_CM_STATE_SYN_RCVD:
2399 	case IRDMA_CM_STATE_LISTENING:
2400 		irdma_passive_open_err(cm_node, false);
2401 		break;
2402 	case IRDMA_CM_STATE_OFFLOADED:
2403 		irdma_active_open_err(cm_node, false);
2404 		break;
2405 	case IRDMA_CM_STATE_CLOSED:
2406 		break;
2407 	case IRDMA_CM_STATE_FIN_WAIT2:
2408 	case IRDMA_CM_STATE_FIN_WAIT1:
2409 	case IRDMA_CM_STATE_LAST_ACK:
2410 	case IRDMA_CM_STATE_TIME_WAIT:
2411 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2412 		irdma_rem_ref_cm_node(cm_node);
2413 		break;
2414 	default:
2415 		break;
2416 	}
2417 }
2418 
2419 /**
2420  * irdma_handle_rcv_mpa - Process a recv'd mpa buffer
2421  * @cm_node: connection's node
2422  * @rbuf: receive buffer
2423  */
2424 static void
2425 irdma_handle_rcv_mpa(struct irdma_cm_node *cm_node,
2426 		     struct irdma_puda_buf *rbuf)
2427 {
2428 	int err;
2429 	int datasize = rbuf->datalen;
2430 	u8 *dataloc = rbuf->data;
2431 
2432 	enum irdma_cm_event_type type = IRDMA_CM_EVENT_UNKNOWN;
2433 	u32 res_type;
2434 
2435 	err = irdma_parse_mpa(cm_node, dataloc, &res_type, datasize);
2436 	if (err) {
2437 		if (cm_node->state == IRDMA_CM_STATE_MPAREQ_SENT)
2438 			irdma_active_open_err(cm_node, true);
2439 		else
2440 			irdma_passive_open_err(cm_node, true);
2441 		return;
2442 	}
2443 
2444 	switch (cm_node->state) {
2445 	case IRDMA_CM_STATE_ESTABLISHED:
2446 		if (res_type == IRDMA_MPA_REQUEST_REJECT)
2447 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2448 				    "state for reject\n");
2449 		cm_node->state = IRDMA_CM_STATE_MPAREQ_RCVD;
2450 		type = IRDMA_CM_EVENT_MPA_REQ;
2451 		irdma_send_ack(cm_node);	/* ACK received MPA request */
2452 		atomic_set(&cm_node->passive_state,
2453 			   IRDMA_PASSIVE_STATE_INDICATED);
2454 		break;
2455 	case IRDMA_CM_STATE_MPAREQ_SENT:
2456 		irdma_cleanup_retrans_entry(cm_node);
2457 		if (res_type == IRDMA_MPA_REQUEST_REJECT) {
2458 			type = IRDMA_CM_EVENT_MPA_REJECT;
2459 			cm_node->state = IRDMA_CM_STATE_MPAREJ_RCVD;
2460 		} else {
2461 			type = IRDMA_CM_EVENT_CONNECTED;
2462 			cm_node->state = IRDMA_CM_STATE_OFFLOADED;
2463 		}
2464 		irdma_send_ack(cm_node);
2465 		break;
2466 	default:
2467 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2468 			    "wrong cm_node state=%d\n", cm_node->state);
2469 		break;
2470 	}
2471 	irdma_create_event(cm_node, type);
2472 }
2473 
2474 /**
2475  * irdma_check_syn - Check for error on received syn ack
2476  * @cm_node: connection's node
2477  * @tcph: pointer tcp header
2478  */
2479 static int
2480 irdma_check_syn(struct irdma_cm_node *cm_node, struct tcphdr *tcph)
2481 {
2482 	if (ntohl(tcph->th_ack) != cm_node->tcp_cntxt.loc_seq_num) {
2483 		irdma_active_open_err(cm_node, true);
2484 		return 1;
2485 	}
2486 
2487 	return 0;
2488 }
2489 
2490 /**
2491  * irdma_check_seq - check seq numbers if OK
2492  * @cm_node: connection's node
2493  * @tcph: pointer tcp header
2494  */
2495 static int
2496 irdma_check_seq(struct irdma_cm_node *cm_node, struct tcphdr *tcph)
2497 {
2498 	u32 seq;
2499 	u32 ack_seq;
2500 	u32 loc_seq_num = cm_node->tcp_cntxt.loc_seq_num;
2501 	u32 rcv_nxt = cm_node->tcp_cntxt.rcv_nxt;
2502 	u32 rcv_wnd;
2503 	int err = 0;
2504 
2505 	seq = ntohl(tcph->th_seq);
2506 	ack_seq = ntohl(tcph->th_ack);
2507 	rcv_wnd = cm_node->tcp_cntxt.rcv_wnd;
2508 	if (ack_seq != loc_seq_num ||
2509 	    !between(seq, rcv_nxt, (rcv_nxt + rcv_wnd)))
2510 		err = -1;
2511 	if (err)
2512 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2513 			    "seq number err\n");
2514 
2515 	return err;
2516 }
2517 
2518 void
2519 irdma_add_conn_est_qh(struct irdma_cm_node *cm_node)
2520 {
2521 	struct irdma_cm_info nfo;
2522 
2523 	irdma_get_addr_info(cm_node, &nfo);
2524 	nfo.qh_qpid = cm_node->iwdev->vsi.ilq->qp_id;
2525 	irdma_manage_qhash(cm_node->iwdev, &nfo,
2526 			   IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
2527 			   IRDMA_QHASH_MANAGE_TYPE_ADD,
2528 			   cm_node, false);
2529 	cm_node->qhash_set = true;
2530 }
2531 
2532 /**
2533  * irdma_handle_syn_pkt - is for Passive node
2534  * @cm_node: connection's node
2535  * @rbuf: receive buffer
2536  */
2537 static void
2538 irdma_handle_syn_pkt(struct irdma_cm_node *cm_node,
2539 		     struct irdma_puda_buf *rbuf)
2540 {
2541 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2542 	int err;
2543 	u32 inc_sequence;
2544 	int optionsize;
2545 
2546 	optionsize = (tcph->th_off << 2) - sizeof(*tcph);
2547 	inc_sequence = ntohl(tcph->th_seq);
2548 
2549 	switch (cm_node->state) {
2550 	case IRDMA_CM_STATE_SYN_SENT:
2551 	case IRDMA_CM_STATE_MPAREQ_SENT:
2552 		/* Rcvd syn on active open connection */
2553 		irdma_active_open_err(cm_node, 1);
2554 		break;
2555 	case IRDMA_CM_STATE_LISTENING:
2556 		/* Passive OPEN */
2557 		if (atomic_read(&cm_node->listener->pend_accepts_cnt) >
2558 		    cm_node->listener->backlog) {
2559 			cm_node->cm_core->stats_backlog_drops++;
2560 			irdma_passive_open_err(cm_node, false);
2561 			break;
2562 		}
2563 		err = irdma_handle_tcp_options(cm_node, tcph, optionsize, 1);
2564 		if (err) {
2565 			irdma_passive_open_err(cm_node, false);
2566 			/* drop pkt */
2567 			break;
2568 		}
2569 		err = cm_node->cm_core->cm_create_ah(cm_node, false);
2570 		if (err) {
2571 			irdma_passive_open_err(cm_node, false);
2572 			/* drop pkt */
2573 			break;
2574 		}
2575 		cm_node->tcp_cntxt.rcv_nxt = inc_sequence + 1;
2576 		cm_node->accept_pend = 1;
2577 		atomic_inc(&cm_node->listener->pend_accepts_cnt);
2578 
2579 		cm_node->state = IRDMA_CM_STATE_SYN_RCVD;
2580 		break;
2581 	case IRDMA_CM_STATE_CLOSED:
2582 		irdma_cleanup_retrans_entry(cm_node);
2583 		atomic_inc(&cm_node->refcnt);
2584 		irdma_send_reset(cm_node);
2585 		break;
2586 	case IRDMA_CM_STATE_OFFLOADED:
2587 	case IRDMA_CM_STATE_ESTABLISHED:
2588 	case IRDMA_CM_STATE_FIN_WAIT1:
2589 	case IRDMA_CM_STATE_FIN_WAIT2:
2590 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2591 	case IRDMA_CM_STATE_LAST_ACK:
2592 	case IRDMA_CM_STATE_CLOSING:
2593 	case IRDMA_CM_STATE_UNKNOWN:
2594 	default:
2595 		break;
2596 	}
2597 }
2598 
2599 /**
2600  * irdma_handle_synack_pkt - Process SYN+ACK packet (active side)
2601  * @cm_node: connection's node
2602  * @rbuf: receive buffer
2603  */
2604 static void
2605 irdma_handle_synack_pkt(struct irdma_cm_node *cm_node,
2606 			struct irdma_puda_buf *rbuf)
2607 {
2608 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2609 	int err;
2610 	u32 inc_sequence;
2611 	int optionsize;
2612 
2613 	optionsize = (tcph->th_off << 2) - sizeof(*tcph);
2614 	inc_sequence = ntohl(tcph->th_seq);
2615 	switch (cm_node->state) {
2616 	case IRDMA_CM_STATE_SYN_SENT:
2617 		irdma_cleanup_retrans_entry(cm_node);
2618 		/* active open */
2619 		if (irdma_check_syn(cm_node, tcph)) {
2620 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2621 				    "check syn fail\n");
2622 			return;
2623 		}
2624 		cm_node->tcp_cntxt.rem_ack_num = ntohl(tcph->th_ack);
2625 		/* setup options */
2626 		err = irdma_handle_tcp_options(cm_node, tcph, optionsize, 0);
2627 		if (err) {
2628 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2629 				    "cm_node=%p tcp_options failed\n", cm_node);
2630 			break;
2631 		}
2632 		irdma_cleanup_retrans_entry(cm_node);
2633 		cm_node->tcp_cntxt.rcv_nxt = inc_sequence + 1;
2634 		irdma_send_ack(cm_node);	/* ACK  for the syn_ack */
2635 		err = irdma_send_mpa_request(cm_node);
2636 		if (err) {
2637 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2638 				    "cm_node=%p irdma_send_mpa_request failed\n",
2639 				    cm_node);
2640 			break;
2641 		}
2642 		cm_node->state = IRDMA_CM_STATE_MPAREQ_SENT;
2643 		break;
2644 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2645 		irdma_passive_open_err(cm_node, true);
2646 		break;
2647 	case IRDMA_CM_STATE_LISTENING:
2648 		cm_node->tcp_cntxt.loc_seq_num = ntohl(tcph->th_ack);
2649 		irdma_cleanup_retrans_entry(cm_node);
2650 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2651 		irdma_send_reset(cm_node);
2652 		break;
2653 	case IRDMA_CM_STATE_CLOSED:
2654 		cm_node->tcp_cntxt.loc_seq_num = ntohl(tcph->th_ack);
2655 		irdma_cleanup_retrans_entry(cm_node);
2656 		atomic_inc(&cm_node->refcnt);
2657 		irdma_send_reset(cm_node);
2658 		break;
2659 	case IRDMA_CM_STATE_ESTABLISHED:
2660 	case IRDMA_CM_STATE_FIN_WAIT1:
2661 	case IRDMA_CM_STATE_FIN_WAIT2:
2662 	case IRDMA_CM_STATE_LAST_ACK:
2663 	case IRDMA_CM_STATE_OFFLOADED:
2664 	case IRDMA_CM_STATE_CLOSING:
2665 	case IRDMA_CM_STATE_UNKNOWN:
2666 	case IRDMA_CM_STATE_MPAREQ_SENT:
2667 	default:
2668 		break;
2669 	}
2670 }
2671 
2672 /**
2673  * irdma_handle_ack_pkt - process packet with ACK
2674  * @cm_node: connection's node
2675  * @rbuf: receive buffer
2676  */
2677 static int
2678 irdma_handle_ack_pkt(struct irdma_cm_node *cm_node,
2679 		     struct irdma_puda_buf *rbuf)
2680 {
2681 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2682 	u32 inc_sequence;
2683 	int ret;
2684 	int optionsize;
2685 	u32 datasize = rbuf->datalen;
2686 
2687 	optionsize = (tcph->th_off << 2) - sizeof(*tcph);
2688 
2689 	if (irdma_check_seq(cm_node, tcph))
2690 		return -EINVAL;
2691 
2692 	inc_sequence = ntohl(tcph->th_seq);
2693 	switch (cm_node->state) {
2694 	case IRDMA_CM_STATE_SYN_RCVD:
2695 		irdma_cleanup_retrans_entry(cm_node);
2696 		ret = irdma_handle_tcp_options(cm_node, tcph, optionsize, 1);
2697 		if (ret)
2698 			return ret;
2699 		cm_node->tcp_cntxt.rem_ack_num = ntohl(tcph->th_ack);
2700 		cm_node->state = IRDMA_CM_STATE_ESTABLISHED;
2701 		if (datasize) {
2702 			cm_node->tcp_cntxt.rcv_nxt = inc_sequence + datasize;
2703 			irdma_handle_rcv_mpa(cm_node, rbuf);
2704 		}
2705 		break;
2706 	case IRDMA_CM_STATE_ESTABLISHED:
2707 		irdma_cleanup_retrans_entry(cm_node);
2708 		if (datasize) {
2709 			cm_node->tcp_cntxt.rcv_nxt = inc_sequence + datasize;
2710 			irdma_handle_rcv_mpa(cm_node, rbuf);
2711 		}
2712 		break;
2713 	case IRDMA_CM_STATE_MPAREQ_SENT:
2714 		cm_node->tcp_cntxt.rem_ack_num = ntohl(tcph->th_ack);
2715 		if (datasize) {
2716 			cm_node->tcp_cntxt.rcv_nxt = inc_sequence + datasize;
2717 			cm_node->ack_rcvd = false;
2718 			irdma_handle_rcv_mpa(cm_node, rbuf);
2719 		} else {
2720 			cm_node->ack_rcvd = true;
2721 		}
2722 		break;
2723 	case IRDMA_CM_STATE_LISTENING:
2724 		irdma_cleanup_retrans_entry(cm_node);
2725 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2726 		irdma_send_reset(cm_node);
2727 		break;
2728 	case IRDMA_CM_STATE_CLOSED:
2729 		irdma_cleanup_retrans_entry(cm_node);
2730 		atomic_inc(&cm_node->refcnt);
2731 		irdma_send_reset(cm_node);
2732 		break;
2733 	case IRDMA_CM_STATE_LAST_ACK:
2734 	case IRDMA_CM_STATE_CLOSING:
2735 		irdma_cleanup_retrans_entry(cm_node);
2736 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2737 		irdma_rem_ref_cm_node(cm_node);
2738 		break;
2739 	case IRDMA_CM_STATE_FIN_WAIT1:
2740 		irdma_cleanup_retrans_entry(cm_node);
2741 		cm_node->state = IRDMA_CM_STATE_FIN_WAIT2;
2742 		break;
2743 	case IRDMA_CM_STATE_SYN_SENT:
2744 	case IRDMA_CM_STATE_FIN_WAIT2:
2745 	case IRDMA_CM_STATE_OFFLOADED:
2746 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2747 	case IRDMA_CM_STATE_UNKNOWN:
2748 	default:
2749 		irdma_cleanup_retrans_entry(cm_node);
2750 		break;
2751 	}
2752 
2753 	return 0;
2754 }
2755 
2756 /**
2757  * irdma_process_pkt - process cm packet
2758  * @cm_node: connection's node
2759  * @rbuf: receive buffer
2760  */
2761 static void
2762 irdma_process_pkt(struct irdma_cm_node *cm_node,
2763 		  struct irdma_puda_buf *rbuf)
2764 {
2765 	enum irdma_tcpip_pkt_type pkt_type = IRDMA_PKT_TYPE_UNKNOWN;
2766 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2767 	u32 fin_set = 0;
2768 	int err;
2769 
2770 	if (tcph->th_flags & TH_RST) {
2771 		pkt_type = IRDMA_PKT_TYPE_RST;
2772 	} else if (tcph->th_flags & TH_SYN) {
2773 		pkt_type = IRDMA_PKT_TYPE_SYN;
2774 		if (tcph->th_flags & TH_ACK)
2775 			pkt_type = IRDMA_PKT_TYPE_SYNACK;
2776 	} else if (tcph->th_flags & TH_ACK) {
2777 		pkt_type = IRDMA_PKT_TYPE_ACK;
2778 	}
2779 	if (tcph->th_flags & TH_FIN)
2780 		fin_set = 1;
2781 
2782 	switch (pkt_type) {
2783 	case IRDMA_PKT_TYPE_SYN:
2784 		irdma_handle_syn_pkt(cm_node, rbuf);
2785 		break;
2786 	case IRDMA_PKT_TYPE_SYNACK:
2787 		irdma_handle_synack_pkt(cm_node, rbuf);
2788 		break;
2789 	case IRDMA_PKT_TYPE_ACK:
2790 		err = irdma_handle_ack_pkt(cm_node, rbuf);
2791 		if (fin_set && !err)
2792 			irdma_handle_fin_pkt(cm_node);
2793 		break;
2794 	case IRDMA_PKT_TYPE_RST:
2795 		irdma_handle_rst_pkt(cm_node, rbuf);
2796 		break;
2797 	default:
2798 		if (fin_set &&
2799 		    (!irdma_check_seq(cm_node, (struct tcphdr *)rbuf->tcph)))
2800 			irdma_handle_fin_pkt(cm_node);
2801 		break;
2802 	}
2803 }
2804 
2805 /**
2806  * irdma_make_listen_node - create a listen node with params
2807  * @cm_core: cm's core
2808  * @iwdev: iwarp device structure
2809  * @cm_info: quad info for connection
2810  */
2811 static struct irdma_cm_listener *
2812 irdma_make_listen_node(struct irdma_cm_core *cm_core,
2813 		       struct irdma_device *iwdev,
2814 		       struct irdma_cm_info *cm_info)
2815 {
2816 	struct irdma_cm_listener *listener;
2817 	unsigned long flags;
2818 
2819 	/* cannot have multiple matching listeners */
2820 	listener = irdma_find_listener(cm_core, cm_info->loc_addr, cm_info->ipv4,
2821 				       cm_info->loc_port, cm_info->vlan_id,
2822 				       IRDMA_CM_LISTENER_EITHER_STATE);
2823 	if (listener &&
2824 	    listener->listener_state == IRDMA_CM_LISTENER_ACTIVE_STATE) {
2825 		atomic_dec(&listener->refcnt);
2826 		return NULL;
2827 	}
2828 
2829 	if (!listener) {
2830 		/*
2831 		 * create a CM listen node 1/2 node to compare incoming traffic to
2832 		 */
2833 		listener = kzalloc(sizeof(*listener), GFP_KERNEL);
2834 		if (!listener)
2835 			return NULL;
2836 		cm_core->stats_listen_nodes_created++;
2837 		memcpy(listener->loc_addr, cm_info->loc_addr,
2838 		       sizeof(listener->loc_addr));
2839 		listener->loc_port = cm_info->loc_port;
2840 
2841 		INIT_LIST_HEAD(&listener->child_listen_list);
2842 
2843 		atomic_set(&listener->refcnt, 1);
2844 	} else {
2845 		listener->reused_node = 1;
2846 	}
2847 
2848 	listener->cm_id = cm_info->cm_id;
2849 	listener->ipv4 = cm_info->ipv4;
2850 	listener->vlan_id = cm_info->vlan_id;
2851 	atomic_set(&listener->pend_accepts_cnt, 0);
2852 	listener->cm_core = cm_core;
2853 	listener->iwdev = iwdev;
2854 
2855 	listener->backlog = cm_info->backlog;
2856 	listener->listener_state = IRDMA_CM_LISTENER_ACTIVE_STATE;
2857 
2858 	if (!listener->reused_node) {
2859 		spin_lock_irqsave(&cm_core->listen_list_lock, flags);
2860 		list_add(&listener->list, &cm_core->listen_list);
2861 		spin_unlock_irqrestore(&cm_core->listen_list_lock, flags);
2862 	}
2863 
2864 	return listener;
2865 }
2866 
2867 /**
2868  * irdma_create_cm_node - make a connection node with params
2869  * @cm_core: cm's core
2870  * @iwdev: iwarp device structure
2871  * @conn_param: connection parameters
2872  * @cm_info: quad info for connection
2873  * @caller_cm_node: pointer to cm_node structure to return
2874  */
2875 static int
2876 irdma_create_cm_node(struct irdma_cm_core *cm_core,
2877 		     struct irdma_device *iwdev,
2878 		     struct iw_cm_conn_param *conn_param,
2879 		     struct irdma_cm_info *cm_info,
2880 		     struct irdma_cm_node **caller_cm_node)
2881 {
2882 	struct irdma_cm_node *cm_node;
2883 	u16 private_data_len = conn_param->private_data_len;
2884 	const void *private_data = conn_param->private_data;
2885 
2886 	/* create a CM connection node */
2887 	cm_node = irdma_make_cm_node(cm_core, iwdev, cm_info, NULL);
2888 	if (!cm_node)
2889 		return -ENOMEM;
2890 
2891 	/* set our node side to client (active) side */
2892 	cm_node->tcp_cntxt.client = 1;
2893 	cm_node->tcp_cntxt.rcv_wscale = IRDMA_CM_DEFAULT_RCV_WND_SCALE;
2894 
2895 	irdma_record_ird_ord(cm_node, conn_param->ird, conn_param->ord);
2896 
2897 	cm_node->pdata.size = private_data_len;
2898 	cm_node->pdata.addr = cm_node->pdata_buf;
2899 
2900 	memcpy(cm_node->pdata_buf, private_data, private_data_len);
2901 	*caller_cm_node = cm_node;
2902 
2903 	return 0;
2904 }
2905 
2906 /**
2907  * irdma_cm_reject - reject and teardown a connection
2908  * @cm_node: connection's node
2909  * @pdata: ptr to private data for reject
2910  * @plen: size of private data
2911  */
2912 static int
2913 irdma_cm_reject(struct irdma_cm_node *cm_node, const void *pdata,
2914 		u8 plen)
2915 {
2916 	int ret;
2917 	int passive_state;
2918 
2919 	if (cm_node->tcp_cntxt.client)
2920 		return 0;
2921 
2922 	irdma_cleanup_retrans_entry(cm_node);
2923 
2924 	passive_state = atomic_add_return(1, &cm_node->passive_state);
2925 	if (passive_state == IRDMA_SEND_RESET_EVENT) {
2926 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2927 		irdma_rem_ref_cm_node(cm_node);
2928 		return 0;
2929 	}
2930 
2931 	if (cm_node->state == IRDMA_CM_STATE_LISTENER_DESTROYED) {
2932 		irdma_rem_ref_cm_node(cm_node);
2933 		return 0;
2934 	}
2935 
2936 	ret = irdma_send_mpa_reject(cm_node, pdata, plen);
2937 	if (!ret)
2938 		return 0;
2939 
2940 	cm_node->state = IRDMA_CM_STATE_CLOSED;
2941 	if (irdma_send_reset(cm_node))
2942 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2943 			    "send reset failed\n");
2944 
2945 	return ret;
2946 }
2947 
2948 /**
2949  * irdma_cm_close - close of cm connection
2950  * @cm_node: connection's node
2951  */
2952 static int
2953 irdma_cm_close(struct irdma_cm_node *cm_node)
2954 {
2955 	switch (cm_node->state) {
2956 	case IRDMA_CM_STATE_SYN_RCVD:
2957 	case IRDMA_CM_STATE_SYN_SENT:
2958 	case IRDMA_CM_STATE_ONE_SIDE_ESTABLISHED:
2959 	case IRDMA_CM_STATE_ESTABLISHED:
2960 	case IRDMA_CM_STATE_ACCEPTING:
2961 	case IRDMA_CM_STATE_MPAREQ_SENT:
2962 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2963 		irdma_cleanup_retrans_entry(cm_node);
2964 		irdma_send_reset(cm_node);
2965 		break;
2966 	case IRDMA_CM_STATE_CLOSE_WAIT:
2967 		cm_node->state = IRDMA_CM_STATE_LAST_ACK;
2968 		irdma_send_fin(cm_node);
2969 		break;
2970 	case IRDMA_CM_STATE_FIN_WAIT1:
2971 	case IRDMA_CM_STATE_FIN_WAIT2:
2972 	case IRDMA_CM_STATE_LAST_ACK:
2973 	case IRDMA_CM_STATE_TIME_WAIT:
2974 	case IRDMA_CM_STATE_CLOSING:
2975 		return -EINVAL;
2976 	case IRDMA_CM_STATE_LISTENING:
2977 		irdma_cleanup_retrans_entry(cm_node);
2978 		irdma_send_reset(cm_node);
2979 		break;
2980 	case IRDMA_CM_STATE_MPAREJ_RCVD:
2981 	case IRDMA_CM_STATE_UNKNOWN:
2982 	case IRDMA_CM_STATE_INITED:
2983 	case IRDMA_CM_STATE_CLOSED:
2984 	case IRDMA_CM_STATE_LISTENER_DESTROYED:
2985 		irdma_rem_ref_cm_node(cm_node);
2986 		break;
2987 	case IRDMA_CM_STATE_OFFLOADED:
2988 		if (cm_node->send_entry)
2989 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2990 				    "CM send_entry in OFFLOADED state\n");
2991 		irdma_rem_ref_cm_node(cm_node);
2992 		break;
2993 	}
2994 
2995 	return 0;
2996 }
2997 
2998 /**
2999  * irdma_receive_ilq - recv an ETHERNET packet, and process it
3000  * through CM
3001  * @vsi: VSI structure of dev
3002  * @rbuf: receive buffer
3003  */
3004 void
3005 irdma_receive_ilq(struct irdma_sc_vsi *vsi, struct irdma_puda_buf *rbuf)
3006 {
3007 	struct irdma_cm_node *cm_node;
3008 	struct irdma_cm_listener *listener;
3009 	struct ip *iph;
3010 	struct ip6_hdr *ip6h;
3011 	struct tcphdr *tcph;
3012 	struct irdma_cm_info cm_info = {0};
3013 	struct irdma_device *iwdev = vsi->back_vsi;
3014 	struct irdma_cm_core *cm_core = &iwdev->cm_core;
3015 	struct ether_vlan_header *ethh;
3016 	u16 vtag;
3017 
3018 	/* if vlan, then maclen = 18 else 14 */
3019 	iph = (struct ip *)rbuf->iph;
3020 	irdma_debug_buf(vsi->dev, IRDMA_DEBUG_ILQ, "RECEIVE ILQ BUFFER",
3021 			rbuf->mem.va, rbuf->totallen);
3022 	if (iwdev->rf->sc_dev.hw_attrs.uk_attrs.hw_rev >= IRDMA_GEN_2) {
3023 		if (rbuf->vlan_valid) {
3024 			vtag = rbuf->vlan_id;
3025 			cm_info.user_pri = (vtag & EVL_PRI_MASK) >>
3026 			    VLAN_PRIO_SHIFT;
3027 			cm_info.vlan_id = vtag & EVL_VLID_MASK;
3028 		} else {
3029 			cm_info.vlan_id = 0xFFFF;
3030 		}
3031 	} else {
3032 		ethh = rbuf->mem.va;
3033 
3034 		if (ethh->evl_proto == htons(ETH_P_8021Q)) {
3035 			vtag = ntohs(ethh->evl_tag);
3036 			cm_info.user_pri = (vtag & EVL_PRI_MASK) >>
3037 			    VLAN_PRIO_SHIFT;
3038 			cm_info.vlan_id = vtag & EVL_VLID_MASK;
3039 			irdma_debug(&cm_core->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3040 				    "vlan_id=%d\n", cm_info.vlan_id);
3041 		} else {
3042 			cm_info.vlan_id = 0xFFFF;
3043 		}
3044 	}
3045 	tcph = (struct tcphdr *)rbuf->tcph;
3046 
3047 	if (rbuf->ipv4) {
3048 		cm_info.loc_addr[0] = ntohl(iph->ip_dst.s_addr);
3049 		cm_info.rem_addr[0] = ntohl(iph->ip_src.s_addr);
3050 		cm_info.ipv4 = true;
3051 		cm_info.tos = iph->ip_tos;
3052 	} else {
3053 		ip6h = (struct ip6_hdr *)rbuf->iph;
3054 		irdma_copy_ip_ntohl(cm_info.loc_addr,
3055 				    ip6h->ip6_dst.__u6_addr.__u6_addr32);
3056 		irdma_copy_ip_ntohl(cm_info.rem_addr,
3057 				    ip6h->ip6_src.__u6_addr.__u6_addr32);
3058 		cm_info.ipv4 = false;
3059 		cm_info.tos = (ip6h->ip6_vfc << 4) | ip6h->ip6_flow;
3060 	}
3061 	cm_info.loc_port = ntohs(tcph->th_dport);
3062 	cm_info.rem_port = ntohs(tcph->th_sport);
3063 	cm_node = irdma_find_node(cm_core, cm_info.rem_port, cm_info.rem_addr,
3064 				  cm_info.loc_port, cm_info.loc_addr, cm_info.vlan_id);
3065 
3066 	if (!cm_node) {
3067 		/*
3068 		 * Only type of packet accepted are for the PASSIVE open (syn only)
3069 		 */
3070 		if (!(tcph->th_flags & TH_SYN) || tcph->th_flags & TH_ACK)
3071 			return;
3072 
3073 		listener = irdma_find_listener(cm_core,
3074 					       cm_info.loc_addr,
3075 					       cm_info.ipv4,
3076 					       cm_info.loc_port,
3077 					       cm_info.vlan_id,
3078 					       IRDMA_CM_LISTENER_ACTIVE_STATE);
3079 		if (!listener) {
3080 			cm_info.cm_id = NULL;
3081 			irdma_debug(&cm_core->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3082 				    "no listener found\n");
3083 			return;
3084 		}
3085 
3086 		cm_info.cm_id = listener->cm_id;
3087 		cm_node = irdma_make_cm_node(cm_core, iwdev, &cm_info,
3088 					     listener);
3089 		if (!cm_node) {
3090 			irdma_debug(&cm_core->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3091 				    "allocate node failed\n");
3092 			atomic_dec(&listener->refcnt);
3093 			return;
3094 		}
3095 
3096 		if (!(tcph->th_flags & (TH_RST | TH_FIN))) {
3097 			cm_node->state = IRDMA_CM_STATE_LISTENING;
3098 		} else {
3099 			irdma_rem_ref_cm_node(cm_node);
3100 			return;
3101 		}
3102 
3103 		atomic_inc(&cm_node->refcnt);
3104 	} else if (cm_node->state == IRDMA_CM_STATE_OFFLOADED) {
3105 		irdma_rem_ref_cm_node(cm_node);
3106 		return;
3107 	}
3108 
3109 	irdma_process_pkt(cm_node, rbuf);
3110 	irdma_rem_ref_cm_node(cm_node);
3111 }
3112 
3113 static int
3114 irdma_add_qh(struct irdma_cm_node *cm_node, bool active)
3115 {
3116 	if (!active)
3117 		irdma_add_conn_est_qh(cm_node);
3118 	return 0;
3119 }
3120 
3121 static void
3122 irdma_cm_free_ah_nop(struct irdma_cm_node *cm_node)
3123 {
3124 }
3125 
3126 /**
3127  * irdma_setup_cm_core - setup top level instance of a cm core
3128  * @iwdev: iwarp device structure
3129  * @rdma_ver: HW version
3130  */
3131 int
3132 irdma_setup_cm_core(struct irdma_device *iwdev, u8 rdma_ver)
3133 {
3134 	struct irdma_cm_core *cm_core = &iwdev->cm_core;
3135 
3136 	cm_core->iwdev = iwdev;
3137 	cm_core->dev = &iwdev->rf->sc_dev;
3138 
3139 	/* Handles CM event work items send to Iwarp core */
3140 	cm_core->event_wq = alloc_ordered_workqueue("iwarp-event-wq", 0);
3141 	if (!cm_core->event_wq)
3142 		return -ENOMEM;
3143 
3144 	INIT_LIST_HEAD(&cm_core->listen_list);
3145 
3146 	timer_setup(&cm_core->tcp_timer, irdma_cm_timer_tick, 0);
3147 
3148 	spin_lock_init(&cm_core->ht_lock);
3149 	spin_lock_init(&cm_core->listen_list_lock);
3150 	spin_lock_init(&cm_core->apbvt_lock);
3151 	switch (rdma_ver) {
3152 	case IRDMA_GEN_1:
3153 		cm_core->form_cm_frame = irdma_form_uda_cm_frame;
3154 		cm_core->cm_create_ah = irdma_add_qh;
3155 		cm_core->cm_free_ah = irdma_cm_free_ah_nop;
3156 		break;
3157 	case IRDMA_GEN_2:
3158 	default:
3159 		cm_core->form_cm_frame = irdma_form_ah_cm_frame;
3160 		cm_core->cm_create_ah = irdma_cm_create_ah;
3161 		cm_core->cm_free_ah = irdma_cm_free_ah;
3162 	}
3163 
3164 	return 0;
3165 }
3166 
3167 /**
3168  * irdma_cleanup_cm_core - deallocate a top level instance of a
3169  * cm core
3170  * @cm_core: cm's core
3171  */
3172 void
3173 irdma_cleanup_cm_core(struct irdma_cm_core *cm_core)
3174 {
3175 	if (!cm_core)
3176 		return;
3177 
3178 	del_timer_sync(&cm_core->tcp_timer);
3179 
3180 	destroy_workqueue(cm_core->event_wq);
3181 	cm_core->dev->ws_reset(&cm_core->iwdev->vsi);
3182 }
3183 
3184 /**
3185  * irdma_init_tcp_ctx - setup qp context
3186  * @cm_node: connection's node
3187  * @tcp_info: offload info for tcp
3188  * @iwqp: associate qp for the connection
3189  */
3190 static void
3191 irdma_init_tcp_ctx(struct irdma_cm_node *cm_node,
3192 		   struct irdma_tcp_offload_info *tcp_info,
3193 		   struct irdma_qp *iwqp)
3194 {
3195 	tcp_info->ipv4 = cm_node->ipv4;
3196 	tcp_info->drop_ooo_seg = !iwqp->iwdev->iw_ooo;
3197 	tcp_info->wscale = true;
3198 	tcp_info->ignore_tcp_opt = true;
3199 	tcp_info->ignore_tcp_uns_opt = true;
3200 	tcp_info->no_nagle = false;
3201 
3202 	tcp_info->ttl = IRDMA_DEFAULT_TTL;
3203 	tcp_info->rtt_var = IRDMA_DEFAULT_RTT_VAR;
3204 	tcp_info->ss_thresh = IRDMA_DEFAULT_SS_THRESH;
3205 	tcp_info->rexmit_thresh = IRDMA_DEFAULT_REXMIT_THRESH;
3206 
3207 	tcp_info->tcp_state = IRDMA_TCP_STATE_ESTABLISHED;
3208 	tcp_info->snd_wscale = cm_node->tcp_cntxt.snd_wscale;
3209 	tcp_info->rcv_wscale = cm_node->tcp_cntxt.rcv_wscale;
3210 
3211 	tcp_info->snd_nxt = cm_node->tcp_cntxt.loc_seq_num;
3212 	tcp_info->snd_wnd = cm_node->tcp_cntxt.snd_wnd;
3213 	tcp_info->rcv_nxt = cm_node->tcp_cntxt.rcv_nxt;
3214 	tcp_info->snd_max = cm_node->tcp_cntxt.loc_seq_num;
3215 
3216 	tcp_info->snd_una = cm_node->tcp_cntxt.loc_seq_num;
3217 	tcp_info->cwnd = 2 * cm_node->tcp_cntxt.mss;
3218 	tcp_info->snd_wl1 = cm_node->tcp_cntxt.rcv_nxt;
3219 	tcp_info->snd_wl2 = cm_node->tcp_cntxt.loc_seq_num;
3220 	tcp_info->max_snd_window = cm_node->tcp_cntxt.max_snd_wnd;
3221 	tcp_info->rcv_wnd = cm_node->tcp_cntxt.rcv_wnd
3222 	    << cm_node->tcp_cntxt.rcv_wscale;
3223 
3224 	tcp_info->flow_label = 0;
3225 	tcp_info->snd_mss = (u32)cm_node->tcp_cntxt.mss;
3226 	tcp_info->tos = cm_node->tos;
3227 	if (cm_node->vlan_id < VLAN_N_VID) {
3228 		tcp_info->insert_vlan_tag = true;
3229 		tcp_info->vlan_tag = cm_node->vlan_id;
3230 		tcp_info->vlan_tag |= cm_node->user_pri << VLAN_PRIO_SHIFT;
3231 	}
3232 	tcp_info->src_port = cm_node->loc_port;
3233 	tcp_info->dst_port = cm_node->rem_port;
3234 	tcp_info->arp_idx = (u16)irdma_arp_table(iwqp->iwdev->rf,
3235 						  cm_node->rem_addr, NULL,
3236 						  IRDMA_ARP_RESOLVE);
3237 	if (cm_node->ipv4) {
3238 		tcp_info->dest_ip_addr[3] = cm_node->rem_addr[0];
3239 		tcp_info->local_ipaddr[3] = cm_node->loc_addr[0];
3240 	} else {
3241 		memcpy(tcp_info->dest_ip_addr, cm_node->rem_addr,
3242 		       sizeof(tcp_info->dest_ip_addr));
3243 		memcpy(tcp_info->local_ipaddr, cm_node->loc_addr,
3244 		       sizeof(tcp_info->local_ipaddr));
3245 	}
3246 }
3247 
3248 /**
3249  * irdma_cm_init_tsa_conn - setup qp for RTS
3250  * @iwqp: associate qp for the connection
3251  * @cm_node: connection's node
3252  */
3253 static void
3254 irdma_cm_init_tsa_conn(struct irdma_qp *iwqp,
3255 		       struct irdma_cm_node *cm_node)
3256 {
3257 	struct irdma_iwarp_offload_info *iwarp_info;
3258 	struct irdma_qp_host_ctx_info *ctx_info;
3259 
3260 	iwarp_info = &iwqp->iwarp_info;
3261 	ctx_info = &iwqp->ctx_info;
3262 
3263 	ctx_info->tcp_info = &iwqp->tcp_info;
3264 	ctx_info->send_cq_num = iwqp->iwscq->sc_cq.cq_uk.cq_id;
3265 	ctx_info->rcv_cq_num = iwqp->iwrcq->sc_cq.cq_uk.cq_id;
3266 
3267 	iwarp_info->ord_size = cm_node->ord_size;
3268 	iwarp_info->ird_size = cm_node->ird_size;
3269 	iwarp_info->rd_en = true;
3270 	iwarp_info->rdmap_ver = 1;
3271 	iwarp_info->ddp_ver = 1;
3272 	iwarp_info->pd_id = iwqp->iwpd->sc_pd.pd_id;
3273 
3274 	ctx_info->tcp_info_valid = true;
3275 	ctx_info->iwarp_info_valid = true;
3276 	ctx_info->user_pri = cm_node->user_pri;
3277 
3278 	irdma_init_tcp_ctx(cm_node, &iwqp->tcp_info, iwqp);
3279 	if (cm_node->snd_mark_en) {
3280 		iwarp_info->snd_mark_en = true;
3281 		iwarp_info->snd_mark_offset = (iwqp->tcp_info.snd_nxt & SNDMARKER_SEQNMASK) +
3282 		    cm_node->lsmm_size;
3283 	}
3284 
3285 	cm_node->state = IRDMA_CM_STATE_OFFLOADED;
3286 	iwqp->tcp_info.tcp_state = IRDMA_TCP_STATE_ESTABLISHED;
3287 	iwqp->tcp_info.src_mac_addr_idx = iwqp->iwdev->mac_ip_table_idx;
3288 
3289 	if (cm_node->rcv_mark_en) {
3290 		iwarp_info->rcv_mark_en = true;
3291 		iwarp_info->align_hdrs = true;
3292 	}
3293 
3294 	irdma_sc_qp_setctx(&iwqp->sc_qp, iwqp->host_ctx.va, ctx_info);
3295 
3296 	/* once tcp_info is set, no need to do it again */
3297 	ctx_info->tcp_info_valid = false;
3298 	ctx_info->iwarp_info_valid = false;
3299 }
3300 
3301 /**
3302  * irdma_cm_disconn - when a connection is being closed
3303  * @iwqp: associated qp for the connection
3304  */
3305 void
3306 irdma_cm_disconn(struct irdma_qp *iwqp)
3307 {
3308 	struct irdma_device *iwdev = iwqp->iwdev;
3309 	struct disconn_work *work;
3310 	unsigned long flags;
3311 
3312 	work = kzalloc(sizeof(*work), GFP_ATOMIC);
3313 	if (!work)
3314 		return;
3315 
3316 	spin_lock_irqsave(&iwdev->rf->qptable_lock, flags);
3317 	if (!iwdev->rf->qp_table[iwqp->ibqp.qp_num]) {
3318 		spin_unlock_irqrestore(&iwdev->rf->qptable_lock, flags);
3319 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3320 			    "qp_id %d is already freed\n", iwqp->ibqp.qp_num);
3321 		kfree(work);
3322 		return;
3323 	}
3324 	irdma_qp_add_ref(&iwqp->ibqp);
3325 	spin_unlock_irqrestore(&iwdev->rf->qptable_lock, flags);
3326 
3327 	work->iwqp = iwqp;
3328 	INIT_WORK(&work->work, irdma_disconnect_worker);
3329 	queue_work(iwdev->cleanup_wq, &work->work);
3330 }
3331 
3332 /**
3333  * irdma_qp_disconnect - free qp and close cm
3334  * @iwqp: associate qp for the connection
3335  */
3336 static void
3337 irdma_qp_disconnect(struct irdma_qp *iwqp)
3338 {
3339 	struct irdma_device *iwdev = iwqp->iwdev;
3340 
3341 	iwqp->active_conn = 0;
3342 	/* close the CM node down if it is still active */
3343 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM, "Call close API\n");
3344 	irdma_cm_close(iwqp->cm_node);
3345 }
3346 
3347 /**
3348  * irdma_cm_disconn_true - called by worker thread to disconnect qp
3349  * @iwqp: associate qp for the connection
3350  */
3351 static void
3352 irdma_cm_disconn_true(struct irdma_qp *iwqp)
3353 {
3354 	struct iw_cm_id *cm_id;
3355 	struct irdma_device *iwdev;
3356 	struct irdma_sc_qp *qp = &iwqp->sc_qp;
3357 	u16 last_ae;
3358 	u8 original_hw_tcp_state;
3359 	u8 original_ibqp_state;
3360 	int disconn_status = 0;
3361 	int issue_disconn = 0;
3362 	int issue_close = 0;
3363 	int issue_flush = 0;
3364 	unsigned long flags;
3365 	int err;
3366 
3367 	iwdev = iwqp->iwdev;
3368 	spin_lock_irqsave(&iwqp->lock, flags);
3369 	if (rdma_protocol_roce(&iwdev->ibdev, 1)) {
3370 		struct ib_qp_attr attr;
3371 
3372 		if (iwqp->flush_issued || iwqp->sc_qp.qp_uk.destroy_pending) {
3373 			spin_unlock_irqrestore(&iwqp->lock, flags);
3374 			return;
3375 		}
3376 
3377 		spin_unlock_irqrestore(&iwqp->lock, flags);
3378 
3379 		attr.qp_state = IB_QPS_ERR;
3380 		irdma_modify_qp_roce(&iwqp->ibqp, &attr, IB_QP_STATE, NULL);
3381 		irdma_ib_qp_event(iwqp, qp->event_type);
3382 		return;
3383 	}
3384 
3385 	cm_id = iwqp->cm_id;
3386 	original_hw_tcp_state = iwqp->hw_tcp_state;
3387 	original_ibqp_state = iwqp->ibqp_state;
3388 	last_ae = iwqp->last_aeq;
3389 
3390 	if (qp->term_flags) {
3391 		issue_disconn = 1;
3392 		issue_close = 1;
3393 		iwqp->cm_id = NULL;
3394 		irdma_terminate_del_timer(qp);
3395 		if (!iwqp->flush_issued) {
3396 			iwqp->flush_issued = 1;
3397 			issue_flush = 1;
3398 		}
3399 	} else if ((original_hw_tcp_state == IRDMA_TCP_STATE_CLOSE_WAIT) ||
3400 		   ((original_ibqp_state == IB_QPS_RTS) &&
3401 		    (last_ae == IRDMA_AE_LLP_CONNECTION_RESET))) {
3402 		issue_disconn = 1;
3403 		if (last_ae == IRDMA_AE_LLP_CONNECTION_RESET)
3404 			disconn_status = -ECONNRESET;
3405 	}
3406 
3407 	if (original_hw_tcp_state == IRDMA_TCP_STATE_CLOSED ||
3408 	    original_hw_tcp_state == IRDMA_TCP_STATE_TIME_WAIT ||
3409 	    last_ae == IRDMA_AE_RDMAP_ROE_BAD_LLP_CLOSE ||
3410 	    last_ae == IRDMA_AE_BAD_CLOSE ||
3411 	    last_ae == IRDMA_AE_LLP_CONNECTION_RESET || iwdev->rf->reset || !cm_id) {
3412 		issue_close = 1;
3413 		iwqp->cm_id = NULL;
3414 		qp->term_flags = 0;
3415 		if (!iwqp->flush_issued) {
3416 			iwqp->flush_issued = 1;
3417 			issue_flush = 1;
3418 		}
3419 	}
3420 
3421 	spin_unlock_irqrestore(&iwqp->lock, flags);
3422 	if (issue_flush && !iwqp->sc_qp.qp_uk.destroy_pending) {
3423 		irdma_flush_wqes(iwqp, IRDMA_FLUSH_SQ | IRDMA_FLUSH_RQ |
3424 				 IRDMA_FLUSH_WAIT);
3425 
3426 		if (qp->term_flags)
3427 			irdma_ib_qp_event(iwqp, qp->event_type);
3428 	}
3429 
3430 	if (!cm_id || !cm_id->event_handler)
3431 		return;
3432 
3433 	spin_lock_irqsave(&iwdev->cm_core.ht_lock, flags);
3434 	if (!iwqp->cm_node) {
3435 		spin_unlock_irqrestore(&iwdev->cm_core.ht_lock, flags);
3436 		return;
3437 	}
3438 	atomic_inc(&iwqp->cm_node->refcnt);
3439 
3440 	spin_unlock_irqrestore(&iwdev->cm_core.ht_lock, flags);
3441 
3442 	if (issue_disconn) {
3443 		err = irdma_send_cm_event(iwqp->cm_node, cm_id,
3444 					  IW_CM_EVENT_DISCONNECT,
3445 					  disconn_status);
3446 		if (err)
3447 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3448 				    "disconnect event failed: - cm_id = %p\n",
3449 				    cm_id);
3450 	}
3451 	if (issue_close) {
3452 		cm_id->provider_data = iwqp;
3453 		err = irdma_send_cm_event(iwqp->cm_node, cm_id,
3454 					  IW_CM_EVENT_CLOSE, 0);
3455 		if (err)
3456 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3457 				    "close event failed: - cm_id = %p\n",
3458 				    cm_id);
3459 		irdma_qp_disconnect(iwqp);
3460 	}
3461 	irdma_rem_ref_cm_node(iwqp->cm_node);
3462 }
3463 
3464 /**
3465  * irdma_disconnect_worker - worker for connection close
3466  * @work: points or disconn structure
3467  */
3468 static void
3469 irdma_disconnect_worker(struct work_struct *work)
3470 {
3471 	struct disconn_work *dwork = container_of(work, struct disconn_work, work);
3472 	struct irdma_qp *iwqp = dwork->iwqp;
3473 
3474 	kfree(dwork);
3475 	irdma_cm_disconn_true(iwqp);
3476 	irdma_qp_rem_ref(&iwqp->ibqp);
3477 }
3478 
3479 /**
3480  * irdma_free_lsmm_rsrc - free lsmm memory and deregister
3481  * @iwqp: associate qp for the connection
3482  */
3483 void
3484 irdma_free_lsmm_rsrc(struct irdma_qp *iwqp)
3485 {
3486 	struct irdma_device *iwdev;
3487 
3488 	iwdev = iwqp->iwdev;
3489 
3490 	if (iwqp->ietf_mem.va) {
3491 		if (iwqp->lsmm_mr)
3492 			iwdev->ibdev.dereg_mr(iwqp->lsmm_mr, NULL);
3493 
3494 		irdma_free_dma_mem(iwdev->rf->sc_dev.hw,
3495 				   &iwqp->ietf_mem);
3496 		iwqp->ietf_mem.va = NULL;
3497 	}
3498 }
3499 
3500 /**
3501  * irdma_accept - registered call for connection to be accepted
3502  * @cm_id: cm information for passive connection
3503  * @conn_param: accpet parameters
3504  */
3505 int
3506 irdma_accept(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param)
3507 {
3508 	struct ib_qp *ibqp;
3509 	struct irdma_qp *iwqp;
3510 	struct irdma_device *iwdev;
3511 	struct irdma_sc_dev *dev;
3512 	struct irdma_cm_node *cm_node;
3513 	struct ib_qp_attr attr = {0};
3514 	int passive_state;
3515 	struct ib_mr *ibmr;
3516 	struct irdma_pd *iwpd;
3517 	u16 buf_len = 0;
3518 	struct irdma_kmem_info accept;
3519 	u64 tagged_offset;
3520 	int wait_ret;
3521 	int ret = 0;
3522 
3523 	ibqp = irdma_get_qp(cm_id->device, conn_param->qpn);
3524 	if (!ibqp)
3525 		return -EINVAL;
3526 
3527 	iwqp = to_iwqp(ibqp);
3528 	iwdev = iwqp->iwdev;
3529 	dev = &iwdev->rf->sc_dev;
3530 	cm_node = cm_id->provider_data;
3531 
3532 	if (((struct sockaddr_in *)&cm_id->local_addr)->sin_family == AF_INET) {
3533 		cm_node->ipv4 = true;
3534 		cm_node->vlan_id = irdma_get_vlan_ipv4(cm_id, cm_node->loc_addr);
3535 	} else {
3536 		cm_node->ipv4 = false;
3537 		irdma_get_vlan_mac_ipv6(cm_id, cm_node->loc_addr, &cm_node->vlan_id,
3538 					NULL);
3539 	}
3540 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM, "Accept vlan_id=%d\n",
3541 		    cm_node->vlan_id);
3542 
3543 	if (cm_node->state == IRDMA_CM_STATE_LISTENER_DESTROYED) {
3544 		ret = -EINVAL;
3545 		goto error;
3546 	}
3547 
3548 	passive_state = atomic_add_return(1, &cm_node->passive_state);
3549 	if (passive_state == IRDMA_SEND_RESET_EVENT) {
3550 		ret = -ECONNRESET;
3551 		goto error;
3552 	}
3553 
3554 	buf_len = conn_param->private_data_len + IRDMA_MAX_IETF_SIZE;
3555 	iwqp->ietf_mem.size = buf_len;
3556 	iwqp->ietf_mem.va = irdma_allocate_dma_mem(dev->hw, &iwqp->ietf_mem,
3557 						   iwqp->ietf_mem.size, 1);
3558 	if (!iwqp->ietf_mem.va) {
3559 		ret = -ENOMEM;
3560 		goto error;
3561 	}
3562 
3563 	cm_node->pdata.size = conn_param->private_data_len;
3564 	accept.addr = iwqp->ietf_mem.va;
3565 	accept.size = irdma_cm_build_mpa_frame(cm_node, &accept, MPA_KEY_REPLY);
3566 	memcpy((u8 *)accept.addr + accept.size, conn_param->private_data,
3567 	       conn_param->private_data_len);
3568 
3569 	if (cm_node->dev->ws_add(iwqp->sc_qp.vsi, cm_node->user_pri)) {
3570 		ret = -ENOMEM;
3571 		goto error;
3572 	}
3573 	iwqp->sc_qp.user_pri = cm_node->user_pri;
3574 	irdma_qp_add_qos(&iwqp->sc_qp);
3575 	if (cm_node->dev->hw_attrs.uk_attrs.hw_rev == IRDMA_GEN_2)
3576 		iwdev->rf->check_fc(&iwdev->vsi, &iwqp->sc_qp);
3577 	/* setup our first outgoing iWarp send WQE (the IETF frame response) */
3578 	iwpd = iwqp->iwpd;
3579 	tagged_offset = (uintptr_t)iwqp->ietf_mem.va;
3580 	ibmr = irdma_reg_phys_mr(&iwpd->ibpd, iwqp->ietf_mem.pa, buf_len,
3581 				 IB_ACCESS_LOCAL_WRITE, &tagged_offset);
3582 	if (IS_ERR(ibmr)) {
3583 		ret = -ENOMEM;
3584 		goto error;
3585 	}
3586 
3587 	ibmr->pd = &iwpd->ibpd;
3588 	ibmr->device = iwpd->ibpd.device;
3589 	iwqp->lsmm_mr = ibmr;
3590 	if (iwqp->page)
3591 		iwqp->sc_qp.qp_uk.sq_base = kmap_local_page(iwqp->page);
3592 
3593 	cm_node->lsmm_size = accept.size + conn_param->private_data_len;
3594 	irdma_sc_send_lsmm(&iwqp->sc_qp, iwqp->ietf_mem.va, cm_node->lsmm_size,
3595 			   ibmr->lkey);
3596 
3597 	if (iwqp->page)
3598 		kunmap_local(iwqp->sc_qp.qp_uk.sq_base);
3599 
3600 	iwqp->cm_id = cm_id;
3601 	cm_node->cm_id = cm_id;
3602 
3603 	cm_id->provider_data = iwqp;
3604 	iwqp->active_conn = 0;
3605 	iwqp->cm_node = cm_node;
3606 	cm_node->iwqp = iwqp;
3607 	irdma_cm_init_tsa_conn(iwqp, cm_node);
3608 	irdma_qp_add_ref(&iwqp->ibqp);
3609 	cm_id->add_ref(cm_id);
3610 
3611 	attr.qp_state = IB_QPS_RTS;
3612 	cm_node->qhash_set = false;
3613 	cm_node->cm_core->cm_free_ah(cm_node);
3614 
3615 	irdma_modify_qp(&iwqp->ibqp, &attr, IB_QP_STATE, NULL);
3616 	if (dev->hw_attrs.uk_attrs.feature_flags & IRDMA_FEATURE_RTS_AE) {
3617 		wait_ret = wait_event_interruptible_timeout(iwqp->waitq,
3618 							    iwqp->rts_ae_rcvd,
3619 							    IRDMA_MAX_TIMEOUT);
3620 		if (!wait_ret) {
3621 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3622 				    "Slow Connection: cm_node=%p, loc_port=%d, rem_port=%d, cm_id=%p\n",
3623 				    cm_node, cm_node->loc_port,
3624 				    cm_node->rem_port, cm_node->cm_id);
3625 			ret = -ECONNRESET;
3626 			goto error;
3627 		}
3628 	}
3629 
3630 	irdma_send_cm_event(cm_node, cm_id, IW_CM_EVENT_ESTABLISHED, 0);
3631 	cm_node->accelerated = true;
3632 	complete(&cm_node->establish_comp);
3633 
3634 	if (cm_node->accept_pend) {
3635 		atomic_dec(&cm_node->listener->pend_accepts_cnt);
3636 		cm_node->accept_pend = 0;
3637 	}
3638 
3639 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3640 		    "rem_port=0x%04x, loc_port=0x%04x rem_addr=%x loc_addr=%x cm_node=%p cm_id=%p qp_id=%d\n\n",
3641 		    cm_node->rem_port, cm_node->loc_port, cm_node->rem_addr[0],
3642 		    cm_node->loc_addr[0], cm_node, cm_id, ibqp->qp_num);
3643 	cm_node->cm_core->stats_accepts++;
3644 
3645 	return 0;
3646 error:
3647 	irdma_free_lsmm_rsrc(iwqp);
3648 	irdma_rem_ref_cm_node(cm_node);
3649 
3650 	return ret;
3651 }
3652 
3653 /**
3654  * irdma_reject - registered call for connection to be rejected
3655  * @cm_id: cm information for passive connection
3656  * @pdata: private data to be sent
3657  * @pdata_len: private data length
3658  */
3659 int
3660 irdma_reject(struct iw_cm_id *cm_id, const void *pdata, u8 pdata_len)
3661 {
3662 	struct irdma_device *iwdev;
3663 	struct irdma_cm_node *cm_node;
3664 
3665 	cm_node = cm_id->provider_data;
3666 	cm_node->pdata.size = pdata_len;
3667 
3668 	iwdev = to_iwdev(cm_id->device);
3669 	if (!iwdev)
3670 		return -EINVAL;
3671 
3672 	cm_node->cm_core->stats_rejects++;
3673 
3674 	if (pdata_len + sizeof(struct ietf_mpa_v2) > IRDMA_MAX_CM_BUF)
3675 		return -EINVAL;
3676 
3677 	return irdma_cm_reject(cm_node, pdata, pdata_len);
3678 }
3679 
3680 /**
3681  * irdma_connect - registered call for connection to be established
3682  * @cm_id: cm information for passive connection
3683  * @conn_param: Information about the connection
3684  */
3685 int
3686 irdma_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param)
3687 {
3688 	struct ib_qp *ibqp;
3689 	struct irdma_qp *iwqp;
3690 	struct irdma_device *iwdev;
3691 	struct irdma_cm_node *cm_node;
3692 	struct irdma_cm_info cm_info;
3693 	struct sockaddr_in *laddr;
3694 	struct sockaddr_in *raddr;
3695 	struct sockaddr_in6 *laddr6;
3696 	struct sockaddr_in6 *raddr6;
3697 	int ret = 0;
3698 
3699 	ibqp = irdma_get_qp(cm_id->device, conn_param->qpn);
3700 	if (!ibqp)
3701 		return -EINVAL;
3702 	iwqp = to_iwqp(ibqp);
3703 	if (!iwqp)
3704 		return -EINVAL;
3705 	iwdev = iwqp->iwdev;
3706 	if (!iwdev)
3707 		return -EINVAL;
3708 
3709 	laddr = (struct sockaddr_in *)&cm_id->m_local_addr;
3710 	raddr = (struct sockaddr_in *)&cm_id->m_remote_addr;
3711 	laddr6 = (struct sockaddr_in6 *)&cm_id->m_local_addr;
3712 	raddr6 = (struct sockaddr_in6 *)&cm_id->m_remote_addr;
3713 
3714 	if (!(laddr->sin_port) || !(raddr->sin_port))
3715 		return -EINVAL;
3716 
3717 	iwqp->active_conn = 1;
3718 	iwqp->cm_id = NULL;
3719 	cm_id->provider_data = iwqp;
3720 
3721 	/* set up the connection params for the node */
3722 	if (cm_id->remote_addr.ss_family == AF_INET) {
3723 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV4)
3724 			return -EINVAL;
3725 
3726 		cm_info.ipv4 = true;
3727 		memset(cm_info.loc_addr, 0, sizeof(cm_info.loc_addr));
3728 		memset(cm_info.rem_addr, 0, sizeof(cm_info.rem_addr));
3729 		cm_info.loc_addr[0] = ntohl(laddr->sin_addr.s_addr);
3730 		cm_info.rem_addr[0] = ntohl(raddr->sin_addr.s_addr);
3731 		cm_info.loc_port = ntohs(laddr->sin_port);
3732 		cm_info.rem_port = ntohs(raddr->sin_port);
3733 		cm_info.vlan_id = irdma_get_vlan_ipv4(cm_id, cm_info.loc_addr);
3734 	} else {
3735 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV6)
3736 			return -EINVAL;
3737 
3738 		cm_info.ipv4 = false;
3739 		irdma_copy_ip_ntohl(cm_info.loc_addr,
3740 				    laddr6->sin6_addr.__u6_addr.__u6_addr32);
3741 		irdma_copy_ip_ntohl(cm_info.rem_addr,
3742 				    raddr6->sin6_addr.__u6_addr.__u6_addr32);
3743 		cm_info.loc_port = ntohs(laddr6->sin6_port);
3744 		cm_info.rem_port = ntohs(raddr6->sin6_port);
3745 		irdma_get_vlan_mac_ipv6(cm_id, cm_info.loc_addr, &cm_info.vlan_id, NULL);
3746 	}
3747 	cm_info.cm_id = cm_id;
3748 	cm_info.qh_qpid = iwdev->vsi.ilq->qp_id;
3749 	cm_info.tos = cm_id->tos;
3750 	if (iwdev->vsi.dscp_mode) {
3751 		cm_info.user_pri =
3752 		    iwqp->sc_qp.vsi->dscp_map[irdma_tos2dscp(cm_info.tos)];
3753 	} else {
3754 		cm_info.user_pri = rt_tos2priority(cm_id->tos);
3755 		cm_info.user_pri =
3756 		    irdma_iw_get_vlan_prio(cm_info.loc_addr,
3757 					   cm_info.user_pri,
3758 					   cm_info.ipv4);
3759 	}
3760 
3761 	if (iwqp->sc_qp.dev->ws_add(iwqp->sc_qp.vsi, cm_info.user_pri))
3762 		return -ENOMEM;
3763 	iwqp->sc_qp.user_pri = cm_info.user_pri;
3764 	irdma_qp_add_qos(&iwqp->sc_qp);
3765 	if (iwdev->rf->sc_dev.hw_attrs.uk_attrs.hw_rev == IRDMA_GEN_2)
3766 		iwdev->rf->check_fc(&iwdev->vsi, &iwqp->sc_qp);
3767 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_DCB, "TOS:[%d] UP:[%d]\n",
3768 		    cm_id->tos, cm_info.user_pri);
3769 
3770 	ret = irdma_create_cm_node(&iwdev->cm_core, iwdev, conn_param, &cm_info,
3771 				   &cm_node);
3772 	if (ret)
3773 		return ret;
3774 	ret = cm_node->cm_core->cm_create_ah(cm_node, true);
3775 	if (ret)
3776 		goto err;
3777 	if (irdma_manage_qhash(iwdev, &cm_info,
3778 			       IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
3779 			       IRDMA_QHASH_MANAGE_TYPE_ADD, NULL, true)) {
3780 		ret = -EINVAL;
3781 		goto err;
3782 	}
3783 	cm_node->qhash_set = true;
3784 
3785 	cm_node->apbvt_entry = irdma_add_apbvt(iwdev, cm_info.loc_port);
3786 	if (!cm_node->apbvt_entry) {
3787 		ret = -EINVAL;
3788 		goto err;
3789 	}
3790 
3791 	cm_node->apbvt_set = true;
3792 	iwqp->cm_node = cm_node;
3793 	cm_node->iwqp = iwqp;
3794 	iwqp->cm_id = cm_id;
3795 	irdma_qp_add_ref(&iwqp->ibqp);
3796 	cm_id->add_ref(cm_id);
3797 
3798 	if (cm_node->state != IRDMA_CM_STATE_OFFLOADED) {
3799 		cm_node->state = IRDMA_CM_STATE_SYN_SENT;
3800 		ret = irdma_send_syn(cm_node, 0);
3801 		if (ret)
3802 			goto err;
3803 	}
3804 
3805 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3806 		    "rem_port=0x%04x, loc_port=0x%04x rem_addr=%x loc_addr=%x cm_node=%p cm_id=%p qp_id = %d\n\n",
3807 		    cm_node->rem_port, cm_node->loc_port, cm_node->rem_addr[0],
3808 		    cm_node->loc_addr[0], cm_node, cm_id, ibqp->qp_num);
3809 
3810 	return 0;
3811 
3812 err:
3813 	if (cm_info.ipv4)
3814 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3815 			    "connect() FAILED: dest addr=%x",
3816 			    cm_info.rem_addr[0]);
3817 	else
3818 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3819 			    "connect() FAILED: dest addr=%x:%x:%x:%x",
3820 			    IRDMA_PRINT_IP6(cm_info.rem_addr));
3821 	irdma_rem_ref_cm_node(cm_node);
3822 	iwdev->cm_core.stats_connect_errs++;
3823 
3824 	return ret;
3825 }
3826 
3827 /**
3828  * irdma_create_listen - registered call creating listener
3829  * @cm_id: cm information for passive connection
3830  * @backlog: to max accept pending count
3831  */
3832 int
3833 irdma_create_listen(struct iw_cm_id *cm_id, int backlog)
3834 {
3835 	struct irdma_device *iwdev;
3836 	struct irdma_cm_listener *cm_listen_node;
3837 	struct irdma_cm_info cm_info = {0};
3838 	struct sockaddr_in *laddr;
3839 	struct sockaddr_in6 *laddr6;
3840 	bool wildcard = false;
3841 	int err;
3842 
3843 	iwdev = to_iwdev(cm_id->device);
3844 	if (!iwdev)
3845 		return -EINVAL;
3846 
3847 	laddr = (struct sockaddr_in *)&cm_id->m_local_addr;
3848 	laddr6 = (struct sockaddr_in6 *)&cm_id->m_local_addr;
3849 	cm_info.qh_qpid = iwdev->vsi.ilq->qp_id;
3850 
3851 	if (laddr->sin_family == AF_INET) {
3852 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV4)
3853 			return -EINVAL;
3854 
3855 		cm_info.ipv4 = true;
3856 		cm_info.loc_addr[0] = ntohl(laddr->sin_addr.s_addr);
3857 		cm_info.loc_port = ntohs(laddr->sin_port);
3858 
3859 		if (laddr->sin_addr.s_addr != htonl(INADDR_ANY)) {
3860 			cm_info.vlan_id = irdma_get_vlan_ipv4(cm_id, cm_info.loc_addr);
3861 		} else {
3862 			cm_info.vlan_id = 0xFFFF;
3863 			wildcard = true;
3864 		}
3865 	} else {
3866 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV6)
3867 			return -EINVAL;
3868 
3869 		cm_info.ipv4 = false;
3870 		irdma_copy_ip_ntohl(cm_info.loc_addr,
3871 				    laddr6->sin6_addr.__u6_addr.__u6_addr32);
3872 		cm_info.loc_port = ntohs(laddr6->sin6_port);
3873 		if (!IN6_IS_ADDR_UNSPECIFIED(&laddr6->sin6_addr)) {
3874 			irdma_get_vlan_mac_ipv6(cm_id, cm_info.loc_addr,
3875 						&cm_info.vlan_id, NULL);
3876 		} else {
3877 			cm_info.vlan_id = 0xFFFF;
3878 			wildcard = true;
3879 		}
3880 	}
3881 
3882 	if (cm_info.vlan_id >= VLAN_N_VID && iwdev->dcb_vlan_mode)
3883 		cm_info.vlan_id = 0;
3884 	cm_info.backlog = backlog;
3885 	cm_info.cm_id = cm_id;
3886 
3887 	cm_listen_node = irdma_make_listen_node(&iwdev->cm_core, iwdev,
3888 						&cm_info);
3889 	if (!cm_listen_node) {
3890 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3891 			    "cm_listen_node == NULL\n");
3892 		return -ENOMEM;
3893 	}
3894 
3895 	cm_id->provider_data = cm_listen_node;
3896 
3897 	cm_listen_node->tos = cm_id->tos;
3898 	if (iwdev->vsi.dscp_mode)
3899 		cm_listen_node->user_pri =
3900 		    iwdev->vsi.dscp_map[irdma_tos2dscp(cm_id->tos)];
3901 	else
3902 		cm_listen_node->user_pri = rt_tos2priority(cm_id->tos);
3903 	cm_info.user_pri = cm_listen_node->user_pri;
3904 	if (!cm_listen_node->reused_node) {
3905 		if (wildcard) {
3906 			err = irdma_add_mqh(iwdev, &cm_info, cm_listen_node);
3907 			if (err)
3908 				goto error;
3909 		} else {
3910 			if (!iwdev->vsi.dscp_mode)
3911 				cm_info.user_pri = cm_listen_node->user_pri =
3912 				    irdma_iw_get_vlan_prio(cm_info.loc_addr,
3913 							   cm_info.user_pri,
3914 							   cm_info.ipv4);
3915 			err = irdma_manage_qhash(iwdev, &cm_info,
3916 						 IRDMA_QHASH_TYPE_TCP_SYN,
3917 						 IRDMA_QHASH_MANAGE_TYPE_ADD,
3918 						 NULL, true);
3919 			if (err)
3920 				goto error;
3921 
3922 			cm_listen_node->qhash_set = true;
3923 		}
3924 
3925 		cm_listen_node->apbvt_entry = irdma_add_apbvt(iwdev,
3926 							      cm_info.loc_port);
3927 		if (!cm_listen_node->apbvt_entry)
3928 			goto error;
3929 	}
3930 	cm_id->add_ref(cm_id);
3931 	cm_listen_node->cm_core->stats_listen_created++;
3932 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3933 		    "loc_port=0x%04x loc_addr=%x cm_listen_node=%p cm_id=%p qhash_set=%d vlan_id=%d\n",
3934 		    cm_listen_node->loc_port, cm_listen_node->loc_addr[0],
3935 		    cm_listen_node, cm_listen_node->cm_id,
3936 		    cm_listen_node->qhash_set, cm_listen_node->vlan_id);
3937 
3938 	return 0;
3939 
3940 error:
3941 
3942 	irdma_cm_del_listen(&iwdev->cm_core, cm_listen_node, false);
3943 
3944 	return -EINVAL;
3945 }
3946 
3947 /**
3948  * irdma_destroy_listen - registered call to destroy listener
3949  * @cm_id: cm information for passive connection
3950  */
3951 int
3952 irdma_destroy_listen(struct iw_cm_id *cm_id)
3953 {
3954 	struct irdma_device *iwdev;
3955 
3956 	iwdev = to_iwdev(cm_id->device);
3957 	if (cm_id->provider_data)
3958 		irdma_cm_del_listen(&iwdev->cm_core, cm_id->provider_data,
3959 				    true);
3960 	else
3961 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3962 			    "cm_id->provider_data was NULL\n");
3963 
3964 	cm_id->rem_ref(cm_id);
3965 
3966 	return 0;
3967 }
3968 
3969 /**
3970  * irdma_iw_teardown_list_prep - add conn nodes slated for tear
3971  * down to list
3972  * @cm_core: cm's core
3973  * @teardown_list: a list to which cm_node will be selected
3974  * @ipaddr: pointer to ip address
3975  * @nfo: pointer to cm_info structure instance
3976  * @disconnect_all: flag indicating disconnect all QPs
3977  */
3978 static void
3979 irdma_iw_teardown_list_prep(struct irdma_cm_core *cm_core,
3980 			    struct list_head *teardown_list,
3981 			    u32 *ipaddr,
3982 			    struct irdma_cm_info *nfo,
3983 			    bool disconnect_all)
3984 {
3985 	struct irdma_cm_node *cm_node;
3986 	int bkt;
3987 
3988 	HASH_FOR_EACH_RCU(cm_core->cm_hash_tbl, bkt, cm_node, list) {
3989 		if ((disconnect_all ||
3990 		     (nfo->vlan_id == cm_node->vlan_id &&
3991 		      !memcmp(cm_node->loc_addr, ipaddr, nfo->ipv4 ? 4 : 16))) &&
3992 		    atomic_inc_not_zero(&cm_node->refcnt))
3993 			list_add(&cm_node->teardown_entry, teardown_list);
3994 	}
3995 }
3996 
3997 static inline bool
3998 irdma_ip_vlan_match(u32 *ip1, u16 vlan_id1,
3999 		    bool check_vlan, u32 *ip2,
4000 		    u16 vlan_id2, bool ipv4)
4001 {
4002 	return (!check_vlan || vlan_id1 == vlan_id2) &&
4003 	    !memcmp(ip1, ip2, ipv4 ? 4 : 16);
4004 }
4005 
4006 /**
4007  * irdma_roce_teardown_list_prep - add conn nodes slated for
4008  * tear down to list
4009  * @iwdev: RDMA device
4010  * @teardown_list: a list to which cm_node will be selected
4011  * @ipaddr: pointer to ip address
4012  * @nfo: pointer to cm_info structure instance
4013  * @disconnect_all: flag indicating disconnect all QPs
4014  */
4015 static void
4016 irdma_roce_teardown_list_prep(struct irdma_device *iwdev,
4017 			      struct list_head *teardown_list,
4018 			      u32 *ipaddr,
4019 			      struct irdma_cm_info *nfo,
4020 			      bool disconnect_all)
4021 {
4022 	struct irdma_sc_vsi *vsi = &iwdev->vsi;
4023 	struct irdma_sc_qp *sc_qp;
4024 	struct list_head *list_node;
4025 	struct irdma_qp *qp;
4026 	unsigned long flags;
4027 	int i;
4028 
4029 	for (i = 0; i < IRDMA_MAX_USER_PRIORITY; i++) {
4030 		mutex_lock(&vsi->qos[i].qos_mutex);
4031 		list_for_each(list_node, &vsi->qos[i].qplist) {
4032 			u32 qp_ip[4];
4033 
4034 			sc_qp = container_of(list_node, struct irdma_sc_qp,
4035 					     list);
4036 			if (sc_qp->qp_uk.qp_type != IRDMA_QP_TYPE_ROCE_RC)
4037 				continue;
4038 
4039 			qp = sc_qp->qp_uk.back_qp;
4040 			if (!disconnect_all) {
4041 				if (nfo->ipv4)
4042 					qp_ip[0] = qp->udp_info.local_ipaddr[3];
4043 				else
4044 					memcpy(qp_ip,
4045 					       &qp->udp_info.local_ipaddr[0],
4046 					       sizeof(qp_ip));
4047 			}
4048 
4049 			if (disconnect_all ||
4050 			    irdma_ip_vlan_match(qp_ip,
4051 						qp->udp_info.vlan_tag & EVL_VLID_MASK,
4052 						qp->udp_info.insert_vlan_tag,
4053 						ipaddr, nfo->vlan_id, nfo->ipv4)) {
4054 				spin_lock_irqsave(&iwdev->rf->qptable_lock, flags);
4055 				if (iwdev->rf->qp_table[sc_qp->qp_uk.qp_id]) {
4056 					irdma_qp_add_ref(&qp->ibqp);
4057 					list_add(&qp->teardown_entry, teardown_list);
4058 				}
4059 				spin_unlock_irqrestore(&iwdev->rf->qptable_lock, flags);
4060 			}
4061 		}
4062 		mutex_unlock(&vsi->qos[i].qos_mutex);
4063 	}
4064 }
4065 
4066 /**
4067  * irdma_cm_event_connected - handle connected active node
4068  * @event: the info for cm_node of connection
4069  */
4070 static void
4071 irdma_cm_event_connected(struct irdma_cm_event *event)
4072 {
4073 	struct irdma_qp *iwqp;
4074 	struct irdma_device *iwdev;
4075 	struct irdma_cm_node *cm_node;
4076 	struct irdma_sc_dev *dev;
4077 	struct ib_qp_attr attr = {0};
4078 	struct iw_cm_id *cm_id;
4079 	int status;
4080 	bool read0;
4081 	int wait_ret = 0;
4082 
4083 	cm_node = event->cm_node;
4084 	cm_id = cm_node->cm_id;
4085 	iwqp = cm_id->provider_data;
4086 	iwdev = iwqp->iwdev;
4087 	dev = &iwdev->rf->sc_dev;
4088 	if (iwqp->sc_qp.qp_uk.destroy_pending) {
4089 		status = -ETIMEDOUT;
4090 		goto error;
4091 	}
4092 
4093 	irdma_cm_init_tsa_conn(iwqp, cm_node);
4094 	read0 = (cm_node->send_rdma0_op == SEND_RDMA_READ_ZERO);
4095 	if (iwqp->page)
4096 		iwqp->sc_qp.qp_uk.sq_base = kmap_local_page(iwqp->page);
4097 	irdma_sc_send_rtt(&iwqp->sc_qp, read0);
4098 	if (iwqp->page)
4099 		kunmap_local(iwqp->sc_qp.qp_uk.sq_base);
4100 
4101 	attr.qp_state = IB_QPS_RTS;
4102 	cm_node->qhash_set = false;
4103 	irdma_modify_qp(&iwqp->ibqp, &attr, IB_QP_STATE, NULL);
4104 	if (dev->hw_attrs.uk_attrs.feature_flags & IRDMA_FEATURE_RTS_AE) {
4105 		wait_ret = wait_event_interruptible_timeout(iwqp->waitq,
4106 							    iwqp->rts_ae_rcvd,
4107 							    IRDMA_MAX_TIMEOUT);
4108 		if (!wait_ret)
4109 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
4110 				    "Slow Connection: cm_node=%p, loc_port=%d, rem_port=%d, cm_id=%p\n",
4111 				    cm_node, cm_node->loc_port,
4112 				    cm_node->rem_port, cm_node->cm_id);
4113 	}
4114 
4115 	irdma_send_cm_event(cm_node, cm_id, IW_CM_EVENT_CONNECT_REPLY, 0);
4116 	cm_node->accelerated = true;
4117 	complete(&cm_node->establish_comp);
4118 	cm_node->cm_core->cm_free_ah(cm_node);
4119 	return;
4120 
4121 error:
4122 	iwqp->cm_id = NULL;
4123 	cm_id->provider_data = NULL;
4124 	irdma_send_cm_event(event->cm_node, cm_id, IW_CM_EVENT_CONNECT_REPLY,
4125 			    status);
4126 	irdma_rem_ref_cm_node(event->cm_node);
4127 }
4128 
4129 /**
4130  * irdma_cm_event_reset - handle reset
4131  * @event: the info for cm_node of connection
4132  */
4133 static void
4134 irdma_cm_event_reset(struct irdma_cm_event *event)
4135 {
4136 	struct irdma_cm_node *cm_node = event->cm_node;
4137 	struct iw_cm_id *cm_id = cm_node->cm_id;
4138 	struct irdma_qp *iwqp;
4139 
4140 	if (!cm_id)
4141 		return;
4142 
4143 	iwqp = cm_id->provider_data;
4144 	if (!iwqp)
4145 		return;
4146 
4147 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
4148 		    "reset event %p - cm_id = %p\n", event->cm_node, cm_id);
4149 	iwqp->cm_id = NULL;
4150 
4151 	irdma_send_cm_event(cm_node, cm_node->cm_id, IW_CM_EVENT_DISCONNECT,
4152 			    -ECONNRESET);
4153 	irdma_send_cm_event(cm_node, cm_node->cm_id, IW_CM_EVENT_CLOSE, 0);
4154 }
4155 
4156 /**
4157  * irdma_cm_event_handler - send event to cm upper layer
4158  * @work: pointer of cm event info.
4159  */
4160 static void
4161 irdma_cm_event_handler(struct work_struct *work)
4162 {
4163 	struct irdma_cm_event *event = container_of(work, struct irdma_cm_event, event_work);
4164 	struct irdma_cm_node *cm_node;
4165 
4166 	if (!event || !event->cm_node || !event->cm_node->cm_core)
4167 		return;
4168 
4169 	cm_node = event->cm_node;
4170 
4171 	switch (event->type) {
4172 	case IRDMA_CM_EVENT_MPA_REQ:
4173 		irdma_send_cm_event(cm_node, cm_node->cm_id,
4174 				    IW_CM_EVENT_CONNECT_REQUEST, 0);
4175 		break;
4176 	case IRDMA_CM_EVENT_RESET:
4177 		irdma_cm_event_reset(event);
4178 		break;
4179 	case IRDMA_CM_EVENT_CONNECTED:
4180 		if (!event->cm_node->cm_id ||
4181 		    event->cm_node->state != IRDMA_CM_STATE_OFFLOADED)
4182 			break;
4183 		irdma_cm_event_connected(event);
4184 		break;
4185 	case IRDMA_CM_EVENT_MPA_REJECT:
4186 		if (!event->cm_node->cm_id ||
4187 		    cm_node->state == IRDMA_CM_STATE_OFFLOADED)
4188 			break;
4189 		irdma_send_cm_event(cm_node, cm_node->cm_id,
4190 				    IW_CM_EVENT_CONNECT_REPLY, -ECONNREFUSED);
4191 		break;
4192 	case IRDMA_CM_EVENT_ABORTED:
4193 		if (!event->cm_node->cm_id ||
4194 		    event->cm_node->state == IRDMA_CM_STATE_OFFLOADED)
4195 			break;
4196 		irdma_event_connect_error(event);
4197 		break;
4198 	default:
4199 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
4200 			    "bad event type = %d\n", event->type);
4201 		break;
4202 	}
4203 
4204 	irdma_rem_ref_cm_node(event->cm_node);
4205 	kfree(event);
4206 }
4207 
4208 /**
4209  * irdma_cm_post_event - queue event request for worker thread
4210  * @event: cm node's info for up event call
4211  */
4212 static void
4213 irdma_cm_post_event(struct irdma_cm_event *event)
4214 {
4215 	atomic_inc(&event->cm_node->refcnt);
4216 	INIT_WORK(&event->event_work, irdma_cm_event_handler);
4217 	queue_work(event->cm_node->cm_core->event_wq, &event->event_work);
4218 }
4219 
4220 /**
4221  * irdma_cm_teardown_connections - teardown QPs
4222  * @iwdev: device pointer
4223  * @ipaddr: Pointer to IPv4 or IPv6 address
4224  * @nfo: Connection info
4225  * @disconnect_all: flag indicating disconnect all QPs
4226  *
4227  * teardown QPs where source or destination addr matches ip addr
4228  */
4229 static void __unused
4230 irdma_cm_teardown_connections(struct irdma_device *iwdev,
4231 			      u32 *ipaddr,
4232 			      struct irdma_cm_info *nfo,
4233 			      bool disconnect_all)
4234 {
4235 	struct irdma_cm_core *cm_core = &iwdev->cm_core;
4236 	struct list_head *list_core_temp;
4237 	struct list_head *list_node;
4238 	struct irdma_cm_node *cm_node;
4239 	struct list_head teardown_list;
4240 	struct ib_qp_attr attr;
4241 	struct irdma_qp *qp;
4242 
4243 	INIT_LIST_HEAD(&teardown_list);
4244 
4245 	rcu_read_lock();
4246 	irdma_iw_teardown_list_prep(cm_core, &teardown_list, ipaddr, nfo, disconnect_all);
4247 	rcu_read_unlock();
4248 
4249 	attr.qp_state = IB_QPS_ERR;
4250 	list_for_each_safe(list_node, list_core_temp, &teardown_list) {
4251 		cm_node = container_of(list_node, struct irdma_cm_node,
4252 				       teardown_entry);
4253 		irdma_modify_qp(&cm_node->iwqp->ibqp, &attr, IB_QP_STATE, NULL);
4254 		if (iwdev->rf->reset)
4255 			irdma_cm_disconn(cm_node->iwqp);
4256 		irdma_rem_ref_cm_node(cm_node);
4257 	}
4258 
4259 	if (!rdma_protocol_roce(&iwdev->ibdev, 1))
4260 		return;
4261 
4262 	INIT_LIST_HEAD(&teardown_list);
4263 	irdma_roce_teardown_list_prep(iwdev, &teardown_list, ipaddr, nfo, disconnect_all);
4264 
4265 	list_for_each_safe(list_node, list_core_temp, &teardown_list) {
4266 		qp = container_of(list_node, struct irdma_qp, teardown_entry);
4267 		irdma_modify_qp_roce(&qp->ibqp, &attr, IB_QP_STATE, NULL);
4268 		irdma_ib_qp_event(qp, IRDMA_QP_EVENT_CATASTROPHIC);
4269 		irdma_qp_rem_ref(&qp->ibqp);
4270 	}
4271 }
4272