xref: /freebsd/sys/dev/irdma/irdma_cm.c (revision a2464ee12761660f50d0b6f59f233949ebcacc87)
1 /*-
2  * SPDX-License-Identifier: GPL-2.0 or Linux-OpenIB
3  *
4  * Copyright (c) 2015 - 2022 Intel Corporation
5  *
6  * This software is available to you under a choice of one of two
7  * licenses.  You may choose to be licensed under the terms of the GNU
8  * General Public License (GPL) Version 2, available from the file
9  * COPYING in the main directory of this source tree, or the
10  * OpenFabrics.org BSD license below:
11  *
12  *   Redistribution and use in source and binary forms, with or
13  *   without modification, are permitted provided that the following
14  *   conditions are met:
15  *
16  *    - Redistributions of source code must retain the above
17  *	copyright notice, this list of conditions and the following
18  *	disclaimer.
19  *
20  *    - Redistributions in binary form must reproduce the above
21  *	copyright notice, this list of conditions and the following
22  *	disclaimer in the documentation and/or other materials
23  *	provided with the distribution.
24  *
25  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
26  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
27  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
28  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
29  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
30  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
31  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
32  * SOFTWARE.
33  */
34 /*$FreeBSD$*/
35 
36 #include "irdma_main.h"
37 
38 static void irdma_cm_post_event(struct irdma_cm_event *event);
39 static void irdma_disconnect_worker(struct work_struct *work);
40 
41 /**
42  * irdma_free_sqbuf - put back puda buffer if refcount is 0
43  * @vsi: The VSI structure of the device
44  * @bufp: puda buffer to free
45  */
46 void
47 irdma_free_sqbuf(struct irdma_sc_vsi *vsi, void *bufp)
48 {
49 	struct irdma_puda_buf *buf = bufp;
50 	struct irdma_puda_rsrc *ilq = vsi->ilq;
51 
52 	if (atomic_dec_and_test(&buf->refcount))
53 		irdma_puda_ret_bufpool(ilq, buf);
54 }
55 
56 /**
57  * irdma_record_ird_ord - Record IRD/ORD passed in
58  * @cm_node: connection's node
59  * @conn_ird: connection IRD
60  * @conn_ord: connection ORD
61  */
62 static void
63 irdma_record_ird_ord(struct irdma_cm_node *cm_node, u32 conn_ird,
64 		     u32 conn_ord)
65 {
66 	if (conn_ird > cm_node->dev->hw_attrs.max_hw_ird)
67 		conn_ird = cm_node->dev->hw_attrs.max_hw_ird;
68 
69 	if (conn_ord > cm_node->dev->hw_attrs.max_hw_ord)
70 		conn_ord = cm_node->dev->hw_attrs.max_hw_ord;
71 	else if (!conn_ord && cm_node->send_rdma0_op == SEND_RDMA_READ_ZERO)
72 		conn_ord = 1;
73 	cm_node->ird_size = conn_ird;
74 	cm_node->ord_size = conn_ord;
75 }
76 
77 /**
78  * irdma_copy_ip_ntohl - copy IP address from  network to host
79  * @dst: IP address in host order
80  * @src: IP address in network order (big endian)
81  */
82 void
83 irdma_copy_ip_ntohl(u32 *dst, __be32 *src)
84 {
85 	*dst++ = ntohl(*src++);
86 	*dst++ = ntohl(*src++);
87 	*dst++ = ntohl(*src++);
88 	*dst = ntohl(*src);
89 }
90 
91 /**
92  * irdma_copy_ip_htonl - copy IP address from host to network order
93  * @dst: IP address in network order (big endian)
94  * @src: IP address in host order
95  */
96 void
97 irdma_copy_ip_htonl(__be32 *dst, u32 *src)
98 {
99 	*dst++ = htonl(*src++);
100 	*dst++ = htonl(*src++);
101 	*dst++ = htonl(*src++);
102 	*dst = htonl(*src);
103 }
104 
105 /**
106  * irdma_get_addr_info
107  * @cm_node: contains ip/tcp info
108  * @cm_info: to get a copy of the cm_node ip/tcp info
109  */
110 static void
111 irdma_get_addr_info(struct irdma_cm_node *cm_node,
112 		    struct irdma_cm_info *cm_info)
113 {
114 	memset(cm_info, 0, sizeof(*cm_info));
115 	cm_info->ipv4 = cm_node->ipv4;
116 	cm_info->vlan_id = cm_node->vlan_id;
117 	memcpy(cm_info->loc_addr, cm_node->loc_addr, sizeof(cm_info->loc_addr));
118 	memcpy(cm_info->rem_addr, cm_node->rem_addr, sizeof(cm_info->rem_addr));
119 	cm_info->loc_port = cm_node->loc_port;
120 	cm_info->rem_port = cm_node->rem_port;
121 }
122 
123 /**
124  * irdma_fill_sockaddr4 - fill in addr info for IPv4 connection
125  * @cm_node: connection's node
126  * @event: upper layer's cm event
127  */
128 static inline void
129 irdma_fill_sockaddr4(struct irdma_cm_node *cm_node,
130 		     struct iw_cm_event *event)
131 {
132 	struct sockaddr_in *laddr = (struct sockaddr_in *)&event->local_addr;
133 	struct sockaddr_in *raddr = (struct sockaddr_in *)&event->remote_addr;
134 
135 	laddr->sin_family = AF_INET;
136 	raddr->sin_family = AF_INET;
137 
138 	laddr->sin_port = htons(cm_node->loc_port);
139 	raddr->sin_port = htons(cm_node->rem_port);
140 
141 	laddr->sin_addr.s_addr = htonl(cm_node->loc_addr[0]);
142 	raddr->sin_addr.s_addr = htonl(cm_node->rem_addr[0]);
143 }
144 
145 /**
146  * irdma_fill_sockaddr6 - fill in addr info for IPv6 connection
147  * @cm_node: connection's node
148  * @event: upper layer's cm event
149  */
150 static inline void
151 irdma_fill_sockaddr6(struct irdma_cm_node *cm_node,
152 		     struct iw_cm_event *event)
153 {
154 	struct sockaddr_in6 *laddr6 = (struct sockaddr_in6 *)&event->local_addr;
155 	struct sockaddr_in6 *raddr6 = (struct sockaddr_in6 *)&event->remote_addr;
156 
157 	laddr6->sin6_family = AF_INET6;
158 	raddr6->sin6_family = AF_INET6;
159 
160 	laddr6->sin6_port = htons(cm_node->loc_port);
161 	raddr6->sin6_port = htons(cm_node->rem_port);
162 
163 	irdma_copy_ip_htonl(laddr6->sin6_addr.__u6_addr.__u6_addr32,
164 			    cm_node->loc_addr);
165 	irdma_copy_ip_htonl(raddr6->sin6_addr.__u6_addr.__u6_addr32,
166 			    cm_node->rem_addr);
167 }
168 
169 /**
170  * irdma_get_cmevent_info - for cm event upcall
171  * @cm_node: connection's node
172  * @cm_id: upper layers cm struct for the event
173  * @event: upper layer's cm event
174  */
175 static inline void
176 irdma_get_cmevent_info(struct irdma_cm_node *cm_node,
177 		       struct iw_cm_id *cm_id,
178 		       struct iw_cm_event *event)
179 {
180 	memcpy(&event->local_addr, &cm_id->m_local_addr,
181 	       sizeof(event->local_addr));
182 	memcpy(&event->remote_addr, &cm_id->m_remote_addr,
183 	       sizeof(event->remote_addr));
184 	if (cm_node) {
185 		event->private_data = cm_node->pdata_buf;
186 		event->private_data_len = (u8)cm_node->pdata.size;
187 		event->ird = cm_node->ird_size;
188 		event->ord = cm_node->ord_size;
189 	}
190 }
191 
192 /**
193  * irdma_send_cm_event - upcall cm's event handler
194  * @cm_node: connection's node
195  * @cm_id: upper layer's cm info struct
196  * @type: Event type to indicate
197  * @status: status for the event type
198  */
199 static int
200 irdma_send_cm_event(struct irdma_cm_node *cm_node,
201 		    struct iw_cm_id *cm_id,
202 		    enum iw_cm_event_type type, int status)
203 {
204 	struct iw_cm_event event = {0};
205 
206 	event.event = type;
207 	event.status = status;
208 
209 	irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
210 		    "cm_node %p cm_id=%p state=%d accel=%d event_type=%d status=%d\n",
211 		    cm_node, cm_id, cm_node->accelerated, cm_node->state, type, status);
212 
213 	switch (type) {
214 	case IW_CM_EVENT_CONNECT_REQUEST:
215 		if (cm_node->ipv4)
216 			irdma_fill_sockaddr4(cm_node, &event);
217 		else
218 			irdma_fill_sockaddr6(cm_node, &event);
219 		event.provider_data = cm_node;
220 		event.private_data = cm_node->pdata_buf;
221 		event.private_data_len = (u8)cm_node->pdata.size;
222 		event.ird = cm_node->ird_size;
223 		break;
224 	case IW_CM_EVENT_CONNECT_REPLY:
225 		irdma_get_cmevent_info(cm_node, cm_id, &event);
226 		break;
227 	case IW_CM_EVENT_ESTABLISHED:
228 		event.ird = cm_node->ird_size;
229 		event.ord = cm_node->ord_size;
230 		break;
231 	case IW_CM_EVENT_DISCONNECT:
232 	case IW_CM_EVENT_CLOSE:
233 		/* Wait if we are in RTS but havent issued the iwcm event upcall */
234 		if (!cm_node->accelerated)
235 			wait_for_completion(&cm_node->establish_comp);
236 		break;
237 	default:
238 		return -EINVAL;
239 	}
240 
241 	return cm_id->event_handler(cm_id, &event);
242 }
243 
244 /**
245  * irdma_timer_list_prep - add connection nodes to a list to perform timer tasks
246  * @cm_core: cm's core
247  * @timer_list: a timer list to which cm_node will be selected
248  */
249 static void
250 irdma_timer_list_prep(struct irdma_cm_core *cm_core,
251 		      struct list_head *timer_list)
252 {
253 	struct irdma_cm_node *cm_node;
254 	int bkt;
255 
256 	HASH_FOR_EACH_RCU(cm_core->cm_hash_tbl, bkt, cm_node, list) {
257 		if ((cm_node->close_entry || cm_node->send_entry) &&
258 		    atomic_inc_not_zero(&cm_node->refcnt))
259 			list_add(&cm_node->timer_entry, timer_list);
260 	}
261 }
262 
263 /**
264  * irdma_create_event - create cm event
265  * @cm_node: connection's node
266  * @type: Event type to generate
267  */
268 static struct irdma_cm_event *
269 irdma_create_event(struct irdma_cm_node *cm_node,
270 		   enum irdma_cm_event_type type)
271 {
272 	struct irdma_cm_event *event;
273 
274 	if (!cm_node->cm_id)
275 		return NULL;
276 
277 	event = kzalloc(sizeof(*event), GFP_ATOMIC);
278 
279 	if (!event)
280 		return NULL;
281 
282 	event->type = type;
283 	event->cm_node = cm_node;
284 	memcpy(event->cm_info.rem_addr, cm_node->rem_addr,
285 	       sizeof(event->cm_info.rem_addr));
286 	memcpy(event->cm_info.loc_addr, cm_node->loc_addr,
287 	       sizeof(event->cm_info.loc_addr));
288 	event->cm_info.rem_port = cm_node->rem_port;
289 	event->cm_info.loc_port = cm_node->loc_port;
290 	event->cm_info.cm_id = cm_node->cm_id;
291 	irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
292 		    "node=%p event=%p type=%u dst=%pI4 src=%pI4\n", cm_node,
293 		    event, type, event->cm_info.loc_addr,
294 		    event->cm_info.rem_addr);
295 	irdma_cm_post_event(event);
296 
297 	return event;
298 }
299 
300 /**
301  * irdma_free_retrans_entry - free send entry
302  * @cm_node: connection's node
303  */
304 static void
305 irdma_free_retrans_entry(struct irdma_cm_node *cm_node)
306 {
307 	struct irdma_device *iwdev = cm_node->iwdev;
308 	struct irdma_timer_entry *send_entry;
309 
310 	send_entry = cm_node->send_entry;
311 	if (!send_entry)
312 		return;
313 
314 	cm_node->send_entry = NULL;
315 	irdma_free_sqbuf(&iwdev->vsi, send_entry->sqbuf);
316 	kfree(send_entry);
317 	atomic_dec(&cm_node->refcnt);
318 }
319 
320 /**
321  * irdma_cleanup_retrans_entry - free send entry with lock
322  * @cm_node: connection's node
323  */
324 static void
325 irdma_cleanup_retrans_entry(struct irdma_cm_node *cm_node)
326 {
327 	unsigned long flags;
328 
329 	spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
330 	irdma_free_retrans_entry(cm_node);
331 	spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
332 }
333 
334 /**
335  * irdma_form_ah_cm_frame - get a free packet and build frame with address handle
336  * @cm_node: connection's node ionfo to use in frame
337  * @options: pointer to options info
338  * @hdr: pointer mpa header
339  * @pdata: pointer to private data
340  * @flags:  indicates FIN or ACK
341  */
342 static struct irdma_puda_buf *
343 irdma_form_ah_cm_frame(struct irdma_cm_node *cm_node,
344 		       struct irdma_kmem_info *options,
345 		       struct irdma_kmem_info *hdr,
346 		       struct irdma_mpa_priv_info *pdata,
347 		       u8 flags)
348 {
349 	struct irdma_puda_buf *sqbuf;
350 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
351 	u8 *buf;
352 	struct tcphdr *tcph;
353 	u16 pktsize;
354 	u32 opts_len = 0;
355 	u32 pd_len = 0;
356 	u32 hdr_len = 0;
357 
358 	if (!cm_node->ah || !cm_node->ah->ah_info.ah_valid) {
359 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
360 			    "AH invalid\n");
361 		return NULL;
362 	}
363 
364 	sqbuf = irdma_puda_get_bufpool(vsi->ilq);
365 	if (!sqbuf) {
366 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
367 			    "SQ buf NULL\n");
368 		return NULL;
369 	}
370 
371 	sqbuf->ah_id = cm_node->ah->ah_info.ah_idx;
372 	buf = sqbuf->mem.va;
373 	if (options)
374 		opts_len = (u32)options->size;
375 
376 	if (hdr)
377 		hdr_len = hdr->size;
378 
379 	if (pdata)
380 		pd_len = pdata->size;
381 
382 	pktsize = sizeof(*tcph) + opts_len + hdr_len + pd_len;
383 
384 	memset(buf, 0, pktsize);
385 
386 	sqbuf->totallen = pktsize;
387 	sqbuf->tcphlen = sizeof(*tcph) + opts_len;
388 	sqbuf->scratch = cm_node;
389 
390 	tcph = (struct tcphdr *)buf;
391 	buf += sizeof(*tcph);
392 
393 	tcph->th_sport = htons(cm_node->loc_port);
394 	tcph->th_dport = htons(cm_node->rem_port);
395 	tcph->th_seq = htonl(cm_node->tcp_cntxt.loc_seq_num);
396 
397 	if (flags & SET_ACK) {
398 		cm_node->tcp_cntxt.loc_ack_num = cm_node->tcp_cntxt.rcv_nxt;
399 		tcph->th_ack = htonl(cm_node->tcp_cntxt.loc_ack_num);
400 		tcph->th_flags |= TH_ACK;
401 	} else {
402 		tcph->th_ack = 0;
403 	}
404 
405 	if (flags & SET_SYN) {
406 		cm_node->tcp_cntxt.loc_seq_num++;
407 		tcph->th_flags |= TH_SYN;
408 	} else {
409 		cm_node->tcp_cntxt.loc_seq_num += hdr_len + pd_len;
410 	}
411 
412 	if (flags & SET_FIN) {
413 		cm_node->tcp_cntxt.loc_seq_num++;
414 		tcph->th_flags |= TH_FIN;
415 	}
416 
417 	if (flags & SET_RST)
418 		tcph->th_flags |= TH_RST;
419 
420 	tcph->th_off = (u16)((sizeof(*tcph) + opts_len + 3) >> 2);
421 	sqbuf->tcphlen = tcph->th_off << 2;
422 	tcph->th_win = htons(cm_node->tcp_cntxt.rcv_wnd);
423 	tcph->th_urp = 0;
424 
425 	if (opts_len) {
426 		memcpy(buf, options->addr, opts_len);
427 		buf += opts_len;
428 	}
429 
430 	if (hdr_len) {
431 		memcpy(buf, hdr->addr, hdr_len);
432 		buf += hdr_len;
433 	}
434 
435 	if (pdata && pdata->addr)
436 		memcpy(buf, pdata->addr, pdata->size);
437 
438 	atomic_set(&sqbuf->refcount, 1);
439 
440 	irdma_debug_buf(vsi->dev, IRDMA_DEBUG_ILQ, "TRANSMIT ILQ BUFFER",
441 			sqbuf->mem.va, sqbuf->totallen);
442 
443 	return sqbuf;
444 }
445 
446 /**
447  * irdma_form_uda_cm_frame - get a free packet and build frame full tcpip packet
448  * @cm_node: connection's node ionfo to use in frame
449  * @options: pointer to options info
450  * @hdr: pointer mpa header
451  * @pdata: pointer to private data
452  * @flags:  indicates FIN or ACK
453  */
454 static struct irdma_puda_buf *
455 irdma_form_uda_cm_frame(struct irdma_cm_node *cm_node,
456 			struct irdma_kmem_info *options,
457 			struct irdma_kmem_info *hdr,
458 			struct irdma_mpa_priv_info *pdata,
459 			u8 flags)
460 {
461 	struct irdma_puda_buf *sqbuf;
462 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
463 	u8 *buf;
464 
465 	struct tcphdr *tcph;
466 	struct ip *iph;
467 	struct ip6_hdr *ip6h;
468 	struct ether_header *ethh;
469 	u16 pktsize;
470 	u16 eth_hlen = ETH_HLEN;
471 	u32 opts_len = 0;
472 	u32 pd_len = 0;
473 	u32 hdr_len = 0;
474 
475 	u16 vtag;
476 
477 	sqbuf = irdma_puda_get_bufpool(vsi->ilq);
478 	if (!sqbuf)
479 		return NULL;
480 
481 	buf = sqbuf->mem.va;
482 
483 	if (options)
484 		opts_len = (u32)options->size;
485 
486 	if (hdr)
487 		hdr_len = hdr->size;
488 
489 	if (pdata)
490 		pd_len = pdata->size;
491 
492 	if (cm_node->vlan_id < VLAN_N_VID)
493 		eth_hlen += 4;
494 
495 	if (cm_node->ipv4)
496 		pktsize = sizeof(*iph) + sizeof(*tcph);
497 	else
498 		pktsize = sizeof(*ip6h) + sizeof(*tcph);
499 	pktsize += opts_len + hdr_len + pd_len;
500 
501 	memset(buf, 0, eth_hlen + pktsize);
502 
503 	sqbuf->totallen = pktsize + eth_hlen;
504 	sqbuf->maclen = eth_hlen;
505 	sqbuf->tcphlen = sizeof(*tcph) + opts_len;
506 	sqbuf->scratch = cm_node;
507 
508 	ethh = (struct ether_header *)buf;
509 	buf += eth_hlen;
510 
511 	if (cm_node->do_lpb)
512 		sqbuf->do_lpb = true;
513 
514 	if (cm_node->ipv4) {
515 		sqbuf->ipv4 = true;
516 
517 		iph = (struct ip *)buf;
518 		buf += sizeof(*iph);
519 		tcph = (struct tcphdr *)buf;
520 		buf += sizeof(*tcph);
521 
522 		ether_addr_copy(ethh->ether_dhost, cm_node->rem_mac);
523 		ether_addr_copy(ethh->ether_shost, cm_node->loc_mac);
524 		if (cm_node->vlan_id < VLAN_N_VID) {
525 			((struct ether_vlan_header *)ethh)->evl_proto =
526 			    htons(ETH_P_8021Q);
527 			vtag = (cm_node->user_pri << VLAN_PRIO_SHIFT) |
528 			    cm_node->vlan_id;
529 			((struct ether_vlan_header *)ethh)->evl_tag = htons(vtag);
530 
531 			((struct ether_vlan_header *)ethh)->evl_encap_proto =
532 			    htons(ETH_P_IP);
533 		} else {
534 			ethh->ether_type = htons(ETH_P_IP);
535 		}
536 
537 		iph->ip_v = IPVERSION;
538 		iph->ip_hl = 5;	/* 5 * 4Byte words, IP headr len */
539 		iph->ip_tos = cm_node->tos;
540 		iph->ip_len = htons(pktsize);
541 		iph->ip_id = htons(++cm_node->tcp_cntxt.loc_id);
542 
543 		iph->ip_off = htons(0x4000);
544 		iph->ip_ttl = 0x40;
545 		iph->ip_p = IPPROTO_TCP;
546 		iph->ip_src.s_addr = htonl(cm_node->loc_addr[0]);
547 		iph->ip_dst.s_addr = htonl(cm_node->rem_addr[0]);
548 	} else {
549 		sqbuf->ipv4 = false;
550 		ip6h = (struct ip6_hdr *)buf;
551 		buf += sizeof(*ip6h);
552 		tcph = (struct tcphdr *)buf;
553 		buf += sizeof(*tcph);
554 
555 		ether_addr_copy(ethh->ether_dhost, cm_node->rem_mac);
556 		ether_addr_copy(ethh->ether_shost, cm_node->loc_mac);
557 		if (cm_node->vlan_id < VLAN_N_VID) {
558 			((struct ether_vlan_header *)ethh)->evl_proto =
559 			    htons(ETH_P_8021Q);
560 			vtag = (cm_node->user_pri << VLAN_PRIO_SHIFT) |
561 			    cm_node->vlan_id;
562 			((struct ether_vlan_header *)ethh)->evl_tag = htons(vtag);
563 			((struct ether_vlan_header *)ethh)->evl_encap_proto =
564 			    htons(ETH_P_IPV6);
565 		} else {
566 			ethh->ether_type = htons(ETH_P_IPV6);
567 		}
568 		ip6h->ip6_vfc = 6 << 4;
569 		ip6h->ip6_vfc |= cm_node->tos >> 4;
570 		ip6h->ip6_flow = cm_node->tos << 20;
571 		ip6h->ip6_plen = htons(pktsize - sizeof(*ip6h));
572 		ip6h->ip6_nxt = 6;
573 		ip6h->ip6_hops = 128;
574 		irdma_copy_ip_htonl(ip6h->ip6_src.__u6_addr.__u6_addr32,
575 				    cm_node->loc_addr);
576 		irdma_copy_ip_htonl(ip6h->ip6_dst.__u6_addr.__u6_addr32,
577 				    cm_node->rem_addr);
578 	}
579 
580 	tcph->th_sport = htons(cm_node->loc_port);
581 	tcph->th_dport = htons(cm_node->rem_port);
582 	tcph->th_seq = htonl(cm_node->tcp_cntxt.loc_seq_num);
583 
584 	if (flags & SET_ACK) {
585 		cm_node->tcp_cntxt.loc_ack_num = cm_node->tcp_cntxt.rcv_nxt;
586 		tcph->th_ack = htonl(cm_node->tcp_cntxt.loc_ack_num);
587 		tcph->th_flags |= TH_ACK;
588 	} else {
589 		tcph->th_ack = 0;
590 	}
591 
592 	if (flags & SET_SYN) {
593 		cm_node->tcp_cntxt.loc_seq_num++;
594 		tcph->th_flags |= TH_SYN;
595 	} else {
596 		cm_node->tcp_cntxt.loc_seq_num += hdr_len + pd_len;
597 	}
598 
599 	if (flags & SET_FIN) {
600 		cm_node->tcp_cntxt.loc_seq_num++;
601 		tcph->th_flags |= TH_FIN;
602 	}
603 
604 	if (flags & SET_RST)
605 		tcph->th_flags |= TH_RST;
606 
607 	tcph->th_off = (u16)((sizeof(*tcph) + opts_len + 3) >> 2);
608 	sqbuf->tcphlen = tcph->th_off << 2;
609 	tcph->th_win = htons(cm_node->tcp_cntxt.rcv_wnd);
610 	tcph->th_urp = 0;
611 
612 	if (opts_len) {
613 		memcpy(buf, options->addr, opts_len);
614 		buf += opts_len;
615 	}
616 
617 	if (hdr_len) {
618 		memcpy(buf, hdr->addr, hdr_len);
619 		buf += hdr_len;
620 	}
621 
622 	if (pdata && pdata->addr)
623 		memcpy(buf, pdata->addr, pdata->size);
624 
625 	atomic_set(&sqbuf->refcount, 1);
626 
627 	irdma_debug_buf(vsi->dev, IRDMA_DEBUG_ILQ, "TRANSMIT ILQ BUFFER",
628 			sqbuf->mem.va, sqbuf->totallen);
629 
630 	return sqbuf;
631 }
632 
633 /**
634  * irdma_send_reset - Send RST packet
635  * @cm_node: connection's node
636  */
637 int
638 irdma_send_reset(struct irdma_cm_node *cm_node)
639 {
640 	struct irdma_puda_buf *sqbuf;
641 	int flags = SET_RST | SET_ACK;
642 
643 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL, NULL, NULL,
644 						flags);
645 	if (!sqbuf)
646 		return -ENOMEM;
647 
648 	irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
649 		    "caller: %pS cm_node %p cm_id=%p accel=%d state=%d rem_port=0x%04x, loc_port=0x%04x rem_addr=%pI4 loc_addr=%pI4\n",
650 		    __builtin_return_address(0), cm_node, cm_node->cm_id,
651 		    cm_node->accelerated, cm_node->state, cm_node->rem_port,
652 		    cm_node->loc_port, cm_node->rem_addr, cm_node->loc_addr);
653 
654 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 0,
655 				       1);
656 }
657 
658 /**
659  * irdma_active_open_err - send event for active side cm error
660  * @cm_node: connection's node
661  * @reset: Flag to send reset or not
662  */
663 static void
664 irdma_active_open_err(struct irdma_cm_node *cm_node, bool reset)
665 {
666 	irdma_cleanup_retrans_entry(cm_node);
667 	cm_node->cm_core->stats_connect_errs++;
668 	if (reset) {
669 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
670 			    "cm_node=%p state=%d\n", cm_node, cm_node->state);
671 		atomic_inc(&cm_node->refcnt);
672 		irdma_send_reset(cm_node);
673 	}
674 
675 	cm_node->state = IRDMA_CM_STATE_CLOSED;
676 	irdma_create_event(cm_node, IRDMA_CM_EVENT_ABORTED);
677 }
678 
679 /**
680  * irdma_passive_open_err - handle passive side cm error
681  * @cm_node: connection's node
682  * @reset: send reset or just free cm_node
683  */
684 static void
685 irdma_passive_open_err(struct irdma_cm_node *cm_node, bool reset)
686 {
687 	irdma_cleanup_retrans_entry(cm_node);
688 	cm_node->cm_core->stats_passive_errs++;
689 	cm_node->state = IRDMA_CM_STATE_CLOSED;
690 	irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
691 		    "cm_node=%p state =%d\n", cm_node, cm_node->state);
692 	if (reset)
693 		irdma_send_reset(cm_node);
694 	else
695 		irdma_rem_ref_cm_node(cm_node);
696 }
697 
698 /**
699  * irdma_event_connect_error - to create connect error event
700  * @event: cm information for connect event
701  */
702 static void
703 irdma_event_connect_error(struct irdma_cm_event *event)
704 {
705 	struct irdma_qp *iwqp;
706 	struct iw_cm_id *cm_id;
707 
708 	cm_id = event->cm_node->cm_id;
709 	if (!cm_id)
710 		return;
711 
712 	iwqp = cm_id->provider_data;
713 
714 	if (!iwqp || !iwqp->iwdev)
715 		return;
716 
717 	iwqp->cm_id = NULL;
718 	cm_id->provider_data = NULL;
719 	irdma_send_cm_event(event->cm_node, cm_id, IW_CM_EVENT_CONNECT_REPLY,
720 			    -ECONNRESET);
721 	irdma_rem_ref_cm_node(event->cm_node);
722 }
723 
724 /**
725  * irdma_process_options - process options from TCP header
726  * @cm_node: connection's node
727  * @optionsloc: point to start of options
728  * @optionsize: size of all options
729  * @syn_pkt: flag if syn packet
730  */
731 static int
732 irdma_process_options(struct irdma_cm_node *cm_node, u8 *optionsloc,
733 		      u32 optionsize, u32 syn_pkt)
734 {
735 	u32 tmp;
736 	u32 offset = 0;
737 	union all_known_options *all_options;
738 	char got_mss_option = 0;
739 
740 	while (offset < optionsize) {
741 		all_options = (union all_known_options *)(optionsloc + offset);
742 		switch (all_options->base.optionnum) {
743 		case OPTION_NUM_EOL:
744 			offset = optionsize;
745 			break;
746 		case OPTION_NUM_NONE:
747 			offset += 1;
748 			continue;
749 		case OPTION_NUM_MSS:
750 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
751 				    IRDMA_DEBUG_CM,
752 				    "MSS Length: %d Offset: %d Size: %d\n",
753 				    all_options->mss.len, offset, optionsize);
754 			got_mss_option = 1;
755 			if (all_options->mss.len != 4)
756 				return -EINVAL;
757 			tmp = ntohs(all_options->mss.mss);
758 			if ((cm_node->ipv4 &&
759 			     (tmp + IRDMA_MTU_TO_MSS_IPV4) < IRDMA_MIN_MTU_IPV4) ||
760 			    (!cm_node->ipv4 &&
761 			     (tmp + IRDMA_MTU_TO_MSS_IPV6) < IRDMA_MIN_MTU_IPV6))
762 				return -EINVAL;
763 			if (tmp < cm_node->tcp_cntxt.mss)
764 				cm_node->tcp_cntxt.mss = tmp;
765 			break;
766 		case OPTION_NUM_WINDOW_SCALE:
767 			cm_node->tcp_cntxt.snd_wscale =
768 			    all_options->windowscale.shiftcount;
769 			break;
770 		default:
771 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
772 				    IRDMA_DEBUG_CM,
773 				    "Unsupported TCP Option: %x\n",
774 				    all_options->base.optionnum);
775 			break;
776 		}
777 		offset += all_options->base.len;
778 	}
779 	if (!got_mss_option && syn_pkt)
780 		cm_node->tcp_cntxt.mss = IRDMA_CM_DEFAULT_MSS;
781 
782 	return 0;
783 }
784 
785 /**
786  * irdma_handle_tcp_options - setup TCP context info after parsing TCP options
787  * @cm_node: connection's node
788  * @tcph: pointer tcp header
789  * @optionsize: size of options rcvd
790  * @passive: active or passive flag
791  */
792 static int
793 irdma_handle_tcp_options(struct irdma_cm_node *cm_node,
794 			 struct tcphdr *tcph, int optionsize,
795 			 int passive)
796 {
797 	u8 *optionsloc = (u8 *)&tcph[1];
798 	int ret;
799 
800 	if (optionsize) {
801 		ret = irdma_process_options(cm_node, optionsloc, optionsize,
802 					    (u32)tcph->th_flags & TH_SYN);
803 		if (ret) {
804 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
805 				    IRDMA_DEBUG_CM,
806 				    "Node %p, Sending Reset\n", cm_node);
807 			if (passive)
808 				irdma_passive_open_err(cm_node, true);
809 			else
810 				irdma_active_open_err(cm_node, true);
811 			return ret;
812 		}
813 	}
814 
815 	cm_node->tcp_cntxt.snd_wnd = ntohs(tcph->th_win)
816 	    << cm_node->tcp_cntxt.snd_wscale;
817 
818 	if (cm_node->tcp_cntxt.snd_wnd > cm_node->tcp_cntxt.max_snd_wnd)
819 		cm_node->tcp_cntxt.max_snd_wnd = cm_node->tcp_cntxt.snd_wnd;
820 
821 	return 0;
822 }
823 
824 /**
825  * irdma_build_mpa_v1 - build a MPA V1 frame
826  * @cm_node: connection's node
827  * @start_addr: address where to build frame
828  * @mpa_key: to do read0 or write0
829  */
830 static void
831 irdma_build_mpa_v1(struct irdma_cm_node *cm_node, void *start_addr,
832 		   u8 mpa_key)
833 {
834 	struct ietf_mpa_v1 *mpa_frame = start_addr;
835 
836 	switch (mpa_key) {
837 	case MPA_KEY_REQUEST:
838 		memcpy(mpa_frame->key, IEFT_MPA_KEY_REQ, IETF_MPA_KEY_SIZE);
839 		break;
840 	case MPA_KEY_REPLY:
841 		memcpy(mpa_frame->key, IEFT_MPA_KEY_REP, IETF_MPA_KEY_SIZE);
842 		break;
843 	default:
844 		break;
845 	}
846 	mpa_frame->flags = IETF_MPA_FLAGS_CRC;
847 	mpa_frame->rev = cm_node->mpa_frame_rev;
848 	mpa_frame->priv_data_len = htons(cm_node->pdata.size);
849 }
850 
851 /**
852  * irdma_build_mpa_v2 - build a MPA V2 frame
853  * @cm_node: connection's node
854  * @start_addr: buffer start address
855  * @mpa_key: to do read0 or write0
856  */
857 static void
858 irdma_build_mpa_v2(struct irdma_cm_node *cm_node, void *start_addr,
859 		   u8 mpa_key)
860 {
861 	struct ietf_mpa_v2 *mpa_frame = start_addr;
862 	struct ietf_rtr_msg *rtr_msg = &mpa_frame->rtr_msg;
863 	u16 ctrl_ird, ctrl_ord;
864 
865 	/* initialize the upper 5 bytes of the frame */
866 	irdma_build_mpa_v1(cm_node, start_addr, mpa_key);
867 	mpa_frame->flags |= IETF_MPA_V2_FLAG;
868 	if (cm_node->iwdev->iw_ooo) {
869 		mpa_frame->flags |= IETF_MPA_FLAGS_MARKERS;
870 		cm_node->rcv_mark_en = true;
871 	}
872 	mpa_frame->priv_data_len = cpu_to_be16(be16_to_cpu(mpa_frame->priv_data_len) +
873 					       IETF_RTR_MSG_SIZE);
874 
875 	/* initialize RTR msg */
876 	if (cm_node->mpav2_ird_ord == IETF_NO_IRD_ORD) {
877 		ctrl_ird = IETF_NO_IRD_ORD;
878 		ctrl_ord = IETF_NO_IRD_ORD;
879 	} else {
880 		ctrl_ird = (cm_node->ird_size > IETF_NO_IRD_ORD) ?
881 		    IETF_NO_IRD_ORD :
882 		    cm_node->ird_size;
883 		ctrl_ord = (cm_node->ord_size > IETF_NO_IRD_ORD) ?
884 		    IETF_NO_IRD_ORD :
885 		    cm_node->ord_size;
886 	}
887 	ctrl_ird |= IETF_PEER_TO_PEER;
888 
889 	switch (mpa_key) {
890 	case MPA_KEY_REQUEST:
891 		ctrl_ord |= IETF_RDMA0_WRITE;
892 		ctrl_ord |= IETF_RDMA0_READ;
893 		break;
894 	case MPA_KEY_REPLY:
895 		switch (cm_node->send_rdma0_op) {
896 		case SEND_RDMA_WRITE_ZERO:
897 			ctrl_ord |= IETF_RDMA0_WRITE;
898 			break;
899 		case SEND_RDMA_READ_ZERO:
900 			ctrl_ord |= IETF_RDMA0_READ;
901 			break;
902 		}
903 		break;
904 	default:
905 		break;
906 	}
907 	rtr_msg->ctrl_ird = htons(ctrl_ird);
908 	rtr_msg->ctrl_ord = htons(ctrl_ord);
909 }
910 
911 /**
912  * irdma_cm_build_mpa_frame - build mpa frame for mpa version 1 or version 2
913  * @cm_node: connection's node
914  * @mpa: mpa: data buffer
915  * @mpa_key: to do read0 or write0
916  */
917 static int
918 irdma_cm_build_mpa_frame(struct irdma_cm_node *cm_node,
919 			 struct irdma_kmem_info *mpa, u8 mpa_key)
920 {
921 	int hdr_len = 0;
922 
923 	switch (cm_node->mpa_frame_rev) {
924 	case IETF_MPA_V1:
925 		hdr_len = sizeof(struct ietf_mpa_v1);
926 		irdma_build_mpa_v1(cm_node, mpa->addr, mpa_key);
927 		break;
928 	case IETF_MPA_V2:
929 		hdr_len = sizeof(struct ietf_mpa_v2);
930 		irdma_build_mpa_v2(cm_node, mpa->addr, mpa_key);
931 		break;
932 	default:
933 		break;
934 	}
935 
936 	return hdr_len;
937 }
938 
939 /**
940  * irdma_send_mpa_request - active node send mpa request to passive node
941  * @cm_node: connection's node
942  */
943 static int
944 irdma_send_mpa_request(struct irdma_cm_node *cm_node)
945 {
946 	struct irdma_puda_buf *sqbuf;
947 
948 	cm_node->mpa_hdr.addr = &cm_node->mpa_v2_frame;
949 	cm_node->mpa_hdr.size = irdma_cm_build_mpa_frame(cm_node,
950 							 &cm_node->mpa_hdr,
951 							 MPA_KEY_REQUEST);
952 	if (!cm_node->mpa_hdr.size) {
953 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
954 			    "mpa size = %d\n", cm_node->mpa_hdr.size);
955 		return -EINVAL;
956 	}
957 
958 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL,
959 						&cm_node->mpa_hdr,
960 						&cm_node->pdata, SET_ACK);
961 	if (!sqbuf)
962 		return -ENOMEM;
963 
964 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
965 				       0);
966 }
967 
968 /**
969  * irdma_send_mpa_reject -
970  * @cm_node: connection's node
971  * @pdata: reject data for connection
972  * @plen: length of reject data
973  */
974 static int
975 irdma_send_mpa_reject(struct irdma_cm_node *cm_node,
976 		      const void *pdata, u8 plen)
977 {
978 	struct irdma_puda_buf *sqbuf;
979 	struct irdma_mpa_priv_info priv_info;
980 
981 	cm_node->mpa_hdr.addr = &cm_node->mpa_v2_frame;
982 	cm_node->mpa_hdr.size = irdma_cm_build_mpa_frame(cm_node,
983 							 &cm_node->mpa_hdr,
984 							 MPA_KEY_REPLY);
985 
986 	cm_node->mpa_v2_frame.flags |= IETF_MPA_FLAGS_REJECT;
987 	priv_info.addr = pdata;
988 	priv_info.size = plen;
989 
990 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL,
991 						&cm_node->mpa_hdr, &priv_info,
992 						SET_ACK | SET_FIN);
993 	if (!sqbuf)
994 		return -ENOMEM;
995 
996 	cm_node->state = IRDMA_CM_STATE_FIN_WAIT1;
997 
998 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
999 				       0);
1000 }
1001 
1002 /**
1003  * irdma_negotiate_mpa_v2_ird_ord - negotiate MPAv2 IRD/ORD
1004  * @cm_node: connection's node
1005  * @buf: Data pointer
1006  */
1007 static int
1008 irdma_negotiate_mpa_v2_ird_ord(struct irdma_cm_node *cm_node,
1009 			       u8 *buf)
1010 {
1011 	struct ietf_mpa_v2 *mpa_v2_frame;
1012 	struct ietf_rtr_msg *rtr_msg;
1013 	u16 ird_size;
1014 	u16 ord_size;
1015 	u16 ctrl_ord;
1016 	u16 ctrl_ird;
1017 
1018 	mpa_v2_frame = (struct ietf_mpa_v2 *)buf;
1019 	rtr_msg = &mpa_v2_frame->rtr_msg;
1020 
1021 	/* parse rtr message */
1022 	ctrl_ord = ntohs(rtr_msg->ctrl_ord);
1023 	ctrl_ird = ntohs(rtr_msg->ctrl_ird);
1024 	ird_size = ctrl_ird & IETF_NO_IRD_ORD;
1025 	ord_size = ctrl_ord & IETF_NO_IRD_ORD;
1026 
1027 	if (!(ctrl_ird & IETF_PEER_TO_PEER))
1028 		return -EOPNOTSUPP;
1029 
1030 	if (ird_size == IETF_NO_IRD_ORD || ord_size == IETF_NO_IRD_ORD) {
1031 		cm_node->mpav2_ird_ord = IETF_NO_IRD_ORD;
1032 		goto negotiate_done;
1033 	}
1034 
1035 	if (cm_node->state != IRDMA_CM_STATE_MPAREQ_SENT) {
1036 		/* responder */
1037 		if (!ord_size && (ctrl_ord & IETF_RDMA0_READ))
1038 			cm_node->ird_size = 1;
1039 		if (cm_node->ord_size > ird_size)
1040 			cm_node->ord_size = ird_size;
1041 	} else {
1042 		/* initiator */
1043 		if (!ird_size && (ctrl_ord & IETF_RDMA0_READ))
1044 			/* Remote peer doesn't support RDMA0_READ */
1045 			return -EOPNOTSUPP;
1046 
1047 		if (cm_node->ord_size > ird_size)
1048 			cm_node->ord_size = ird_size;
1049 
1050 		if (cm_node->ird_size < ord_size)
1051 			/* no resources available */
1052 			return -EINVAL;
1053 	}
1054 
1055 negotiate_done:
1056 	if (ctrl_ord & IETF_RDMA0_READ)
1057 		cm_node->send_rdma0_op = SEND_RDMA_READ_ZERO;
1058 	else if (ctrl_ord & IETF_RDMA0_WRITE)
1059 		cm_node->send_rdma0_op = SEND_RDMA_WRITE_ZERO;
1060 	else
1061 		/* Not supported RDMA0 operation */
1062 		return -EOPNOTSUPP;
1063 
1064 	irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
1065 		    "MPAV2 Negotiated ORD: %d, IRD: %d\n", cm_node->ord_size,
1066 		    cm_node->ird_size);
1067 	return 0;
1068 }
1069 
1070 /**
1071  * irdma_parse_mpa - process an IETF MPA frame
1072  * @cm_node: connection's node
1073  * @buf: Data pointer
1074  * @type: to return accept or reject
1075  * @len: Len of mpa buffer
1076  */
1077 static int
1078 irdma_parse_mpa(struct irdma_cm_node *cm_node, u8 *buf, u32 *type,
1079 		u32 len)
1080 {
1081 	struct ietf_mpa_v1 *mpa_frame;
1082 	int mpa_hdr_len, priv_data_len, ret;
1083 
1084 	*type = IRDMA_MPA_REQUEST_ACCEPT;
1085 
1086 	if (len < sizeof(struct ietf_mpa_v1)) {
1087 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
1088 			    "ietf buffer small (%x)\n", len);
1089 		return -EINVAL;
1090 	}
1091 
1092 	mpa_frame = (struct ietf_mpa_v1 *)buf;
1093 	mpa_hdr_len = sizeof(struct ietf_mpa_v1);
1094 	priv_data_len = ntohs(mpa_frame->priv_data_len);
1095 
1096 	if (priv_data_len > IETF_MAX_PRIV_DATA_LEN) {
1097 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
1098 			    "private_data too big %d\n", priv_data_len);
1099 		return -EOVERFLOW;
1100 	}
1101 
1102 	if (mpa_frame->rev != IETF_MPA_V1 && mpa_frame->rev != IETF_MPA_V2) {
1103 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
1104 			    "unsupported mpa rev = %d\n", mpa_frame->rev);
1105 		return -EINVAL;
1106 	}
1107 
1108 	if (mpa_frame->rev > cm_node->mpa_frame_rev) {
1109 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
1110 			    "rev %d\n", mpa_frame->rev);
1111 		return -EINVAL;
1112 	}
1113 
1114 	cm_node->mpa_frame_rev = mpa_frame->rev;
1115 	if (cm_node->state != IRDMA_CM_STATE_MPAREQ_SENT) {
1116 		if (memcmp(mpa_frame->key, IEFT_MPA_KEY_REQ,
1117 			   IETF_MPA_KEY_SIZE)) {
1118 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
1119 				    IRDMA_DEBUG_CM,
1120 				    "Unexpected MPA Key received\n");
1121 			return -EINVAL;
1122 		}
1123 	} else {
1124 		if (memcmp(mpa_frame->key, IEFT_MPA_KEY_REP,
1125 			   IETF_MPA_KEY_SIZE)) {
1126 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
1127 				    IRDMA_DEBUG_CM,
1128 				    "Unexpected MPA Key received\n");
1129 			return -EINVAL;
1130 		}
1131 	}
1132 
1133 	if (priv_data_len + mpa_hdr_len > len) {
1134 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
1135 			    "ietf buffer len(%x + %x != %x)\n", priv_data_len,
1136 			    mpa_hdr_len, len);
1137 		return -EOVERFLOW;
1138 	}
1139 
1140 	if (len > IRDMA_MAX_CM_BUF) {
1141 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
1142 			    "ietf buffer large len = %d\n", len);
1143 		return -EOVERFLOW;
1144 	}
1145 
1146 	switch (mpa_frame->rev) {
1147 	case IETF_MPA_V2:
1148 		mpa_hdr_len += IETF_RTR_MSG_SIZE;
1149 		ret = irdma_negotiate_mpa_v2_ird_ord(cm_node, buf);
1150 		if (ret)
1151 			return ret;
1152 		break;
1153 	case IETF_MPA_V1:
1154 	default:
1155 		break;
1156 	}
1157 
1158 	memcpy(cm_node->pdata_buf, buf + mpa_hdr_len, priv_data_len);
1159 	cm_node->pdata.size = priv_data_len;
1160 
1161 	if (mpa_frame->flags & IETF_MPA_FLAGS_REJECT)
1162 		*type = IRDMA_MPA_REQUEST_REJECT;
1163 
1164 	if (mpa_frame->flags & IETF_MPA_FLAGS_MARKERS)
1165 		cm_node->snd_mark_en = true;
1166 
1167 	return 0;
1168 }
1169 
1170 /**
1171  * irdma_schedule_cm_timer
1172  * @cm_node: connection's node
1173  * @sqbuf: buffer to send
1174  * @type: if it is send or close
1175  * @send_retrans: if rexmits to be done
1176  * @close_when_complete: is cm_node to be removed
1177  *
1178  * note - cm_node needs to be protected before calling this. Encase in:
1179  *		irdma_rem_ref_cm_node(cm_core, cm_node);
1180  *		irdma_schedule_cm_timer(...)
1181  *		atomic_inc(&cm_node->refcnt);
1182  */
1183 int
1184 irdma_schedule_cm_timer(struct irdma_cm_node *cm_node,
1185 			struct irdma_puda_buf *sqbuf,
1186 			enum irdma_timer_type type, int send_retrans,
1187 			int close_when_complete)
1188 {
1189 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
1190 	struct irdma_cm_core *cm_core = cm_node->cm_core;
1191 	struct irdma_timer_entry *new_send;
1192 	u32 was_timer_set;
1193 	unsigned long flags;
1194 
1195 	new_send = kzalloc(sizeof(*new_send), GFP_ATOMIC);
1196 	if (!new_send) {
1197 		if (type != IRDMA_TIMER_TYPE_CLOSE)
1198 			irdma_free_sqbuf(vsi, sqbuf);
1199 		return -ENOMEM;
1200 	}
1201 
1202 	new_send->retrycount = IRDMA_DEFAULT_RETRYS;
1203 	new_send->retranscount = IRDMA_DEFAULT_RETRANS;
1204 	new_send->sqbuf = sqbuf;
1205 	new_send->timetosend = jiffies;
1206 	new_send->type = type;
1207 	new_send->send_retrans = send_retrans;
1208 	new_send->close_when_complete = close_when_complete;
1209 
1210 	if (type == IRDMA_TIMER_TYPE_CLOSE) {
1211 		new_send->timetosend += (HZ / 10);
1212 		if (cm_node->close_entry) {
1213 			kfree(new_send);
1214 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
1215 				    IRDMA_DEBUG_CM, "already close entry\n");
1216 			return -EINVAL;
1217 		}
1218 
1219 		cm_node->close_entry = new_send;
1220 	} else {		/* type == IRDMA_TIMER_TYPE_SEND */
1221 		spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1222 		cm_node->send_entry = new_send;
1223 		atomic_inc(&cm_node->refcnt);
1224 		spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
1225 		new_send->timetosend = jiffies + IRDMA_RETRY_TIMEOUT;
1226 
1227 		atomic_inc(&sqbuf->refcount);
1228 		irdma_puda_send_buf(vsi->ilq, sqbuf);
1229 		if (!send_retrans) {
1230 			irdma_cleanup_retrans_entry(cm_node);
1231 			if (close_when_complete)
1232 				irdma_rem_ref_cm_node(cm_node);
1233 			return 0;
1234 		}
1235 	}
1236 
1237 	spin_lock_irqsave(&cm_core->ht_lock, flags);
1238 	was_timer_set = timer_pending(&cm_core->tcp_timer);
1239 
1240 	if (!was_timer_set) {
1241 		cm_core->tcp_timer.expires = new_send->timetosend;
1242 		add_timer(&cm_core->tcp_timer);
1243 	}
1244 	spin_unlock_irqrestore(&cm_core->ht_lock, flags);
1245 
1246 	return 0;
1247 }
1248 
1249 /**
1250  * irdma_retrans_expired - Could not rexmit the packet
1251  * @cm_node: connection's node
1252  */
1253 static void
1254 irdma_retrans_expired(struct irdma_cm_node *cm_node)
1255 {
1256 	enum irdma_cm_node_state state = cm_node->state;
1257 
1258 	cm_node->state = IRDMA_CM_STATE_CLOSED;
1259 	switch (state) {
1260 	case IRDMA_CM_STATE_SYN_RCVD:
1261 	case IRDMA_CM_STATE_CLOSING:
1262 		irdma_rem_ref_cm_node(cm_node);
1263 		break;
1264 	case IRDMA_CM_STATE_FIN_WAIT1:
1265 	case IRDMA_CM_STATE_LAST_ACK:
1266 		irdma_send_reset(cm_node);
1267 		break;
1268 	default:
1269 		atomic_inc(&cm_node->refcnt);
1270 		irdma_send_reset(cm_node);
1271 		irdma_create_event(cm_node, IRDMA_CM_EVENT_ABORTED);
1272 		break;
1273 	}
1274 }
1275 
1276 /**
1277  * irdma_handle_close_entry - for handling retry/timeouts
1278  * @cm_node: connection's node
1279  * @rem_node: flag for remove cm_node
1280  */
1281 static void
1282 irdma_handle_close_entry(struct irdma_cm_node *cm_node,
1283 			 u32 rem_node)
1284 {
1285 	struct irdma_timer_entry *close_entry = cm_node->close_entry;
1286 	struct irdma_qp *iwqp;
1287 	unsigned long flags;
1288 
1289 	if (!close_entry)
1290 		return;
1291 	iwqp = (struct irdma_qp *)close_entry->sqbuf;
1292 	if (iwqp) {
1293 		spin_lock_irqsave(&iwqp->lock, flags);
1294 		if (iwqp->cm_id) {
1295 			iwqp->hw_tcp_state = IRDMA_TCP_STATE_CLOSED;
1296 			iwqp->hw_iwarp_state = IRDMA_QP_STATE_ERROR;
1297 			iwqp->last_aeq = IRDMA_AE_RESET_SENT;
1298 			iwqp->ibqp_state = IB_QPS_ERR;
1299 			spin_unlock_irqrestore(&iwqp->lock, flags);
1300 			irdma_cm_disconn(iwqp);
1301 		} else {
1302 			spin_unlock_irqrestore(&iwqp->lock, flags);
1303 		}
1304 	} else if (rem_node) {
1305 		/* TIME_WAIT state */
1306 		irdma_rem_ref_cm_node(cm_node);
1307 	}
1308 
1309 	kfree(close_entry);
1310 	cm_node->close_entry = NULL;
1311 }
1312 
1313 /**
1314  * irdma_cm_timer_tick - system's timer expired callback
1315  * @t: Pointer to timer_list
1316  */
1317 static void
1318 irdma_cm_timer_tick(struct timer_list *t)
1319 {
1320 	unsigned long nexttimeout = jiffies + IRDMA_LONG_TIME;
1321 	struct irdma_cm_node *cm_node;
1322 	struct irdma_timer_entry *send_entry, *close_entry;
1323 	struct list_head *list_core_temp;
1324 	struct list_head *list_node;
1325 	struct irdma_cm_core *cm_core = from_timer(cm_core, t, tcp_timer);
1326 	struct irdma_sc_vsi *vsi;
1327 	u32 settimer = 0;
1328 	unsigned long timetosend;
1329 	unsigned long flags;
1330 	struct list_head timer_list;
1331 
1332 	INIT_LIST_HEAD(&timer_list);
1333 
1334 	rcu_read_lock();
1335 	irdma_timer_list_prep(cm_core, &timer_list);
1336 	rcu_read_unlock();
1337 
1338 	list_for_each_safe(list_node, list_core_temp, &timer_list) {
1339 		cm_node = container_of(list_node, struct irdma_cm_node,
1340 				       timer_entry);
1341 		close_entry = cm_node->close_entry;
1342 
1343 		if (close_entry) {
1344 			if (time_after(close_entry->timetosend, jiffies)) {
1345 				if (nexttimeout > close_entry->timetosend ||
1346 				    !settimer) {
1347 					nexttimeout = close_entry->timetosend;
1348 					settimer = 1;
1349 				}
1350 			} else {
1351 				irdma_handle_close_entry(cm_node, 1);
1352 			}
1353 		}
1354 
1355 		spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1356 
1357 		send_entry = cm_node->send_entry;
1358 		if (!send_entry)
1359 			goto done;
1360 		if (time_after(send_entry->timetosend, jiffies)) {
1361 			if (cm_node->state != IRDMA_CM_STATE_OFFLOADED) {
1362 				if (nexttimeout > send_entry->timetosend ||
1363 				    !settimer) {
1364 					nexttimeout = send_entry->timetosend;
1365 					settimer = 1;
1366 				}
1367 			} else {
1368 				irdma_free_retrans_entry(cm_node);
1369 			}
1370 			goto done;
1371 		}
1372 
1373 		if (cm_node->state == IRDMA_CM_STATE_OFFLOADED ||
1374 		    cm_node->state == IRDMA_CM_STATE_CLOSED) {
1375 			irdma_free_retrans_entry(cm_node);
1376 			goto done;
1377 		}
1378 
1379 		if (!send_entry->retranscount || !send_entry->retrycount) {
1380 			irdma_free_retrans_entry(cm_node);
1381 
1382 			spin_unlock_irqrestore(&cm_node->retrans_list_lock,
1383 					       flags);
1384 			irdma_retrans_expired(cm_node);
1385 			cm_node->state = IRDMA_CM_STATE_CLOSED;
1386 			spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1387 			goto done;
1388 		}
1389 		spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
1390 
1391 		vsi = &cm_node->iwdev->vsi;
1392 		if (!cm_node->ack_rcvd) {
1393 			atomic_inc(&send_entry->sqbuf->refcount);
1394 			irdma_puda_send_buf(vsi->ilq, send_entry->sqbuf);
1395 			cm_node->cm_core->stats_pkt_retrans++;
1396 		}
1397 
1398 		spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1399 		if (send_entry->send_retrans) {
1400 			send_entry->retranscount--;
1401 			timetosend = (IRDMA_RETRY_TIMEOUT <<
1402 				      (IRDMA_DEFAULT_RETRANS -
1403 				       send_entry->retranscount));
1404 
1405 			send_entry->timetosend = jiffies +
1406 			    min(timetosend, IRDMA_MAX_TIMEOUT);
1407 			if (nexttimeout > send_entry->timetosend || !settimer) {
1408 				nexttimeout = send_entry->timetosend;
1409 				settimer = 1;
1410 			}
1411 		} else {
1412 			int close_when_complete;
1413 
1414 			close_when_complete = send_entry->close_when_complete;
1415 			irdma_free_retrans_entry(cm_node);
1416 			if (close_when_complete)
1417 				irdma_rem_ref_cm_node(cm_node);
1418 		}
1419 done:
1420 		spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
1421 		irdma_rem_ref_cm_node(cm_node);
1422 	}
1423 
1424 	if (settimer) {
1425 		spin_lock_irqsave(&cm_core->ht_lock, flags);
1426 		if (!timer_pending(&cm_core->tcp_timer)) {
1427 			cm_core->tcp_timer.expires = nexttimeout;
1428 			add_timer(&cm_core->tcp_timer);
1429 		}
1430 		spin_unlock_irqrestore(&cm_core->ht_lock, flags);
1431 	}
1432 }
1433 
1434 /**
1435  * irdma_send_syn - send SYN packet
1436  * @cm_node: connection's node
1437  * @sendack: flag to set ACK bit or not
1438  */
1439 int
1440 irdma_send_syn(struct irdma_cm_node *cm_node, u32 sendack)
1441 {
1442 	struct irdma_puda_buf *sqbuf;
1443 	int flags = SET_SYN;
1444 	char optionsbuf[sizeof(struct option_mss) +
1445 			sizeof(struct option_windowscale) +
1446 			sizeof(struct option_base) + TCP_OPTIONS_PADDING];
1447 	struct irdma_kmem_info opts;
1448 	int optionssize = 0;
1449 	/* Sending MSS option */
1450 	union all_known_options *options;
1451 
1452 	opts.addr = optionsbuf;
1453 	if (!cm_node)
1454 		return -EINVAL;
1455 
1456 	options = (union all_known_options *)&optionsbuf[optionssize];
1457 	options->mss.optionnum = OPTION_NUM_MSS;
1458 	options->mss.len = sizeof(struct option_mss);
1459 	options->mss.mss = htons(cm_node->tcp_cntxt.mss);
1460 	optionssize += sizeof(struct option_mss);
1461 
1462 	options = (union all_known_options *)&optionsbuf[optionssize];
1463 	options->windowscale.optionnum = OPTION_NUM_WINDOW_SCALE;
1464 	options->windowscale.len = sizeof(struct option_windowscale);
1465 	options->windowscale.shiftcount = cm_node->tcp_cntxt.rcv_wscale;
1466 	optionssize += sizeof(struct option_windowscale);
1467 	options = (union all_known_options *)&optionsbuf[optionssize];
1468 	options->eol = OPTION_NUM_EOL;
1469 	optionssize += 1;
1470 
1471 	if (sendack)
1472 		flags |= SET_ACK;
1473 
1474 	opts.size = optionssize;
1475 
1476 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, &opts, NULL, NULL,
1477 						flags);
1478 	if (!sqbuf)
1479 		return -ENOMEM;
1480 
1481 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
1482 				       0);
1483 }
1484 
1485 /**
1486  * irdma_send_ack - Send ACK packet
1487  * @cm_node: connection's node
1488  */
1489 void
1490 irdma_send_ack(struct irdma_cm_node *cm_node)
1491 {
1492 	struct irdma_puda_buf *sqbuf;
1493 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
1494 
1495 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL, NULL, NULL,
1496 						SET_ACK);
1497 	if (sqbuf)
1498 		irdma_puda_send_buf(vsi->ilq, sqbuf);
1499 }
1500 
1501 /**
1502  * irdma_send_fin - Send FIN pkt
1503  * @cm_node: connection's node
1504  */
1505 static int
1506 irdma_send_fin(struct irdma_cm_node *cm_node)
1507 {
1508 	struct irdma_puda_buf *sqbuf;
1509 
1510 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL, NULL, NULL,
1511 						SET_ACK | SET_FIN);
1512 	if (!sqbuf)
1513 		return -ENOMEM;
1514 
1515 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
1516 				       0);
1517 }
1518 
1519 /**
1520  * irdma_find_listener - find a cm node listening on this addr-port pair
1521  * @cm_core: cm's core
1522  * @dst_addr: listener ip addr
1523  * @dst_port: listener tcp port num
1524  * @vlan_id: virtual LAN ID
1525  * @listener_state: state to match with listen node's
1526  */
1527 static struct irdma_cm_listener *
1528 irdma_find_listener(struct irdma_cm_core *cm_core, u32 *dst_addr, u16 dst_port,
1529 		    u16 vlan_id, enum irdma_cm_listener_state listener_state)
1530 {
1531 	struct irdma_cm_listener *listen_node;
1532 	static const u32 ip_zero[4] = {0, 0, 0, 0};
1533 	u32 listen_addr[4];
1534 	u16 listen_port;
1535 	unsigned long flags;
1536 
1537 	/* walk list and find cm_node associated with this session ID */
1538 	spin_lock_irqsave(&cm_core->listen_list_lock, flags);
1539 	list_for_each_entry(listen_node, &cm_core->listen_list, list) {
1540 		memcpy(listen_addr, listen_node->loc_addr, sizeof(listen_addr));
1541 		listen_port = listen_node->loc_port;
1542 		if (listen_port != dst_port ||
1543 		    !(listener_state & listen_node->listener_state))
1544 			continue;
1545 		/* compare node pair, return node handle if a match */
1546 		if (!memcmp(listen_addr, ip_zero, sizeof(listen_addr)) ||
1547 		    (!memcmp(listen_addr, dst_addr, sizeof(listen_addr)) &&
1548 		     vlan_id == listen_node->vlan_id)) {
1549 			atomic_inc(&listen_node->refcnt);
1550 			spin_unlock_irqrestore(&cm_core->listen_list_lock,
1551 					       flags);
1552 			return listen_node;
1553 		}
1554 	}
1555 	spin_unlock_irqrestore(&cm_core->listen_list_lock, flags);
1556 
1557 	return NULL;
1558 }
1559 
1560 /**
1561  * irdma_del_multiple_qhash - Remove qhash and child listens
1562  * @iwdev: iWarp device
1563  * @cm_info: CM info for parent listen node
1564  * @cm_parent_listen_node: The parent listen node
1565  */
1566 static int
1567 irdma_del_multiple_qhash(struct irdma_device *iwdev,
1568 			 struct irdma_cm_info *cm_info,
1569 			 struct irdma_cm_listener *cm_parent_listen_node)
1570 {
1571 	struct irdma_cm_listener *child_listen_node;
1572 	struct list_head *pos, *tpos;
1573 	unsigned long flags;
1574 	int ret = -EINVAL;
1575 
1576 	spin_lock_irqsave(&iwdev->cm_core.listen_list_lock, flags);
1577 	list_for_each_safe(pos, tpos,
1578 			   &cm_parent_listen_node->child_listen_list) {
1579 		child_listen_node = list_entry(pos, struct irdma_cm_listener,
1580 					       child_listen_list);
1581 		if (child_listen_node->ipv4)
1582 			irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
1583 				    "removing child listen for IP=%pI4, port=%d, vlan=%d\n",
1584 				    child_listen_node->loc_addr,
1585 				    child_listen_node->loc_port,
1586 				    child_listen_node->vlan_id);
1587 		else
1588 			irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
1589 				    "removing child listen for IP=%pI6, port=%d, vlan=%d\n",
1590 				    child_listen_node->loc_addr,
1591 				    child_listen_node->loc_port,
1592 				    child_listen_node->vlan_id);
1593 		list_del(pos);
1594 		memcpy(cm_info->loc_addr, child_listen_node->loc_addr,
1595 		       sizeof(cm_info->loc_addr));
1596 		cm_info->vlan_id = child_listen_node->vlan_id;
1597 		if (child_listen_node->qhash_set) {
1598 			ret = irdma_manage_qhash(iwdev, cm_info,
1599 						 IRDMA_QHASH_TYPE_TCP_SYN,
1600 						 IRDMA_QHASH_MANAGE_TYPE_DELETE,
1601 						 NULL, false);
1602 			child_listen_node->qhash_set = false;
1603 		} else {
1604 			ret = 0;
1605 		}
1606 		irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
1607 			    "Child listen node freed = %p\n",
1608 			    child_listen_node);
1609 		kfree(child_listen_node);
1610 		cm_parent_listen_node->cm_core->stats_listen_nodes_destroyed++;
1611 	}
1612 	spin_unlock_irqrestore(&iwdev->cm_core.listen_list_lock, flags);
1613 
1614 	return ret;
1615 }
1616 
1617 /**
1618  * irdma_netdev_vlan_ipv6 - Gets the netdev and mac
1619  * @addr: local IPv6 address
1620  * @vlan_id: vlan id for the given IPv6 address
1621  * @mac: mac address for the given IPv6 address
1622  *
1623  * Returns the net_device of the IPv6 address and also sets the
1624  * vlan id and mac for that address.
1625  */
1626 struct ifnet *
1627 irdma_netdev_vlan_ipv6(u32 *addr, u16 *vlan_id, u8 *mac)
1628 {
1629 	struct ifnet *ip_dev = NULL;
1630 	struct in6_addr laddr6;
1631 
1632 	irdma_copy_ip_htonl(laddr6.__u6_addr.__u6_addr32, addr);
1633 	if (vlan_id)
1634 		*vlan_id = 0xFFFF;	/* Match rdma_vlan_dev_vlan_id() */
1635 	if (mac)
1636 		eth_zero_addr(mac);
1637 
1638 	ip_dev = ip6_ifp_find(&init_net, laddr6, 0);
1639 	if (ip_dev) {
1640 		if (vlan_id)
1641 			*vlan_id = rdma_vlan_dev_vlan_id(ip_dev);
1642 		if (ip_dev->if_addr && ip_dev->if_addr->ifa_addr && mac)
1643 			ether_addr_copy(mac, IF_LLADDR(ip_dev));
1644 	}
1645 
1646 	return ip_dev;
1647 }
1648 
1649 /**
1650  * irdma_get_vlan_ipv4 - Returns the vlan_id for IPv4 address
1651  * @addr: local IPv4 address
1652  */
1653 u16
1654 irdma_get_vlan_ipv4(u32 *addr)
1655 {
1656 	struct ifnet *netdev;
1657 	u16 vlan_id = 0xFFFF;
1658 
1659 	netdev = ip_ifp_find(&init_net, htonl(addr[0]));
1660 	if (netdev) {
1661 		vlan_id = rdma_vlan_dev_vlan_id(netdev);
1662 		dev_put(netdev);
1663 	}
1664 
1665 	return vlan_id;
1666 }
1667 
1668 /**
1669  * irdma_add_mqh_6 - Adds multiple qhashes for IPv6
1670  * @iwdev: iWarp device
1671  * @cm_info: CM info for parent listen node
1672  * @cm_parent_listen_node: The parent listen node
1673  *
1674  * Adds a qhash and a child listen node for every IPv6 address
1675  * on the adapter and adds the associated qhash filter
1676  */
1677 static int
1678 irdma_add_mqh_6(struct irdma_device *iwdev,
1679 		struct irdma_cm_info *cm_info,
1680 		struct irdma_cm_listener *cm_parent_listen_node)
1681 {
1682 	struct ifnet *ip_dev;
1683 	struct ifaddr *ifp;
1684 	struct irdma_cm_listener *child_listen_node;
1685 	unsigned long flags;
1686 	int ret = 0;
1687 
1688 	IFNET_RLOCK();
1689 	IRDMA_TAILQ_FOREACH((ip_dev), &V_ifnet, if_link) {
1690 		if (!(ip_dev->if_flags & IFF_UP))
1691 			continue;
1692 
1693 		if (((rdma_vlan_dev_vlan_id(ip_dev) >= VLAN_N_VID) ||
1694 		     (rdma_vlan_dev_real_dev(ip_dev) != iwdev->netdev)) &&
1695 		    ip_dev != iwdev->netdev)
1696 			continue;
1697 
1698 		if_addr_rlock(ip_dev);
1699 		IRDMA_TAILQ_FOREACH(ifp, &ip_dev->if_addrhead, ifa_link) {
1700 			irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
1701 				    "IP=%pI6, vlan_id=%d, MAC=%pM\n",
1702 				    &((struct sockaddr_in6 *)ifp->ifa_addr)->sin6_addr, rdma_vlan_dev_vlan_id(ip_dev),
1703 				    IF_LLADDR(ip_dev));
1704 			if (((struct sockaddr_in6 *)ifp->ifa_addr)->sin6_family != AF_INET6)
1705 				continue;
1706 			child_listen_node = kzalloc(sizeof(*child_listen_node), GFP_KERNEL);
1707 			irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
1708 				    "Allocating child listener %p\n",
1709 				    child_listen_node);
1710 			if (!child_listen_node) {
1711 				irdma_debug(iwdev_to_idev(iwdev),
1712 					    IRDMA_DEBUG_CM,
1713 					    "listener memory allocation\n");
1714 				ret = -ENOMEM;
1715 				if_addr_runlock(ip_dev);
1716 				goto exit;
1717 			}
1718 
1719 			memcpy(child_listen_node, cm_parent_listen_node,
1720 			       sizeof(*child_listen_node));
1721 			cm_info->vlan_id = rdma_vlan_dev_vlan_id(ip_dev);
1722 			child_listen_node->vlan_id = cm_info->vlan_id;
1723 			irdma_copy_ip_ntohl(child_listen_node->loc_addr,
1724 					    ((struct sockaddr_in6 *)ifp->ifa_addr)->sin6_addr.__u6_addr.__u6_addr32);
1725 			memcpy(cm_info->loc_addr, child_listen_node->loc_addr,
1726 			       sizeof(cm_info->loc_addr));
1727 			ret = irdma_manage_qhash(iwdev, cm_info,
1728 						 IRDMA_QHASH_TYPE_TCP_SYN,
1729 						 IRDMA_QHASH_MANAGE_TYPE_ADD,
1730 						 NULL, true);
1731 			if (ret) {
1732 				kfree(child_listen_node);
1733 				continue;
1734 			}
1735 
1736 			child_listen_node->qhash_set = true;
1737 			spin_lock_irqsave(&iwdev->cm_core.listen_list_lock, flags);
1738 			list_add(&child_listen_node->child_listen_list,
1739 				 &cm_parent_listen_node->child_listen_list);
1740 			spin_unlock_irqrestore(&iwdev->cm_core.listen_list_lock, flags);
1741 			cm_parent_listen_node->cm_core->stats_listen_nodes_created++;
1742 		}
1743 		if_addr_runlock(ip_dev);
1744 	}
1745 exit:
1746 	IFNET_RUNLOCK();
1747 
1748 	return ret;
1749 }
1750 
1751 /**
1752  * irdma_add_mqh_4 - Adds multiple qhashes for IPv4
1753  * @iwdev: iWarp device
1754  * @cm_info: CM info for parent listen node
1755  * @cm_parent_listen_node: The parent listen node
1756  *
1757  * Adds a qhash and a child listen node for every IPv4 address
1758  * on the adapter and adds the associated qhash filter
1759  */
1760 static int
1761 irdma_add_mqh_4(struct irdma_device *iwdev,
1762 		struct irdma_cm_info *cm_info,
1763 		struct irdma_cm_listener *cm_parent_listen_node)
1764 {
1765 	struct ifnet *ip_dev;
1766 	struct irdma_cm_listener *child_listen_node;
1767 	unsigned long flags;
1768 	struct ifaddr *ifa;
1769 	int ret = 0;
1770 
1771 	IFNET_RLOCK();
1772 	IRDMA_TAILQ_FOREACH((ip_dev), &V_ifnet, if_link) {
1773 		if (!(ip_dev->if_flags & IFF_UP))
1774 			continue;
1775 
1776 		if (((rdma_vlan_dev_vlan_id(ip_dev) >= VLAN_N_VID) ||
1777 		     (rdma_vlan_dev_real_dev(ip_dev) != iwdev->netdev)) &&
1778 		    ip_dev != iwdev->netdev)
1779 			continue;
1780 
1781 		if_addr_rlock(ip_dev);
1782 		IRDMA_TAILQ_FOREACH(ifa, &ip_dev->if_addrhead, ifa_link) {
1783 			irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
1784 				    "Allocating child CM Listener forIP=%pI4, vlan_id=%d, MAC=%pM\n",
1785 				    &ifa->ifa_addr,
1786 				    rdma_vlan_dev_vlan_id(ip_dev), IF_LLADDR(ip_dev));
1787 			if (((struct sockaddr_in *)ifa->ifa_addr)->sin_family != AF_INET)
1788 				continue;
1789 			child_listen_node = kzalloc(sizeof(*child_listen_node), GFP_KERNEL);
1790 			cm_parent_listen_node->cm_core->stats_listen_nodes_created++;
1791 			irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
1792 				    "Allocating child listener %p\n",
1793 				    child_listen_node);
1794 			if (!child_listen_node) {
1795 				irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
1796 					    "listener memory allocation\n");
1797 				if_addr_runlock(ip_dev);
1798 				ret = -ENOMEM;
1799 				goto exit;
1800 			}
1801 
1802 			memcpy(child_listen_node, cm_parent_listen_node,
1803 			       sizeof(*child_listen_node));
1804 			child_listen_node->vlan_id = rdma_vlan_dev_vlan_id(ip_dev);
1805 			cm_info->vlan_id = child_listen_node->vlan_id;
1806 			child_listen_node->loc_addr[0] =
1807 			    ntohl(((struct sockaddr_in *)ifa->ifa_addr)->sin_addr.s_addr);
1808 			memcpy(cm_info->loc_addr, child_listen_node->loc_addr,
1809 			       sizeof(cm_info->loc_addr));
1810 			ret = irdma_manage_qhash(iwdev, cm_info,
1811 						 IRDMA_QHASH_TYPE_TCP_SYN,
1812 						 IRDMA_QHASH_MANAGE_TYPE_ADD,
1813 						 NULL, true);
1814 			if (ret) {
1815 				kfree(child_listen_node);
1816 				cm_parent_listen_node->cm_core
1817 				    ->stats_listen_nodes_created--;
1818 				continue;
1819 			}
1820 
1821 			child_listen_node->qhash_set = true;
1822 			spin_lock_irqsave(&iwdev->cm_core.listen_list_lock,
1823 					  flags);
1824 			list_add(&child_listen_node->child_listen_list,
1825 				 &cm_parent_listen_node->child_listen_list);
1826 			spin_unlock_irqrestore(&iwdev->cm_core.listen_list_lock, flags);
1827 		}
1828 		if_addr_runlock(ip_dev);
1829 	}
1830 exit:
1831 	IFNET_RUNLOCK();
1832 
1833 	return ret;
1834 }
1835 
1836 /**
1837  * irdma_add_mqh - Adds multiple qhashes
1838  * @iwdev: iWarp device
1839  * @cm_info: CM info for parent listen node
1840  * @cm_listen_node: The parent listen node
1841  */
1842 static int
1843 irdma_add_mqh(struct irdma_device *iwdev,
1844 	      struct irdma_cm_info *cm_info,
1845 	      struct irdma_cm_listener *cm_listen_node)
1846 {
1847 	int err;
1848 	VNET_ITERATOR_DECL(vnet_iter);
1849 
1850 	VNET_LIST_RLOCK();
1851 	VNET_FOREACH(vnet_iter) {
1852 		IFNET_RLOCK();
1853 		CURVNET_SET_QUIET(vnet_iter);
1854 
1855 		if (cm_info->ipv4)
1856 			err = irdma_add_mqh_4(iwdev, cm_info, cm_listen_node);
1857 		else
1858 			err = irdma_add_mqh_6(iwdev, cm_info, cm_listen_node);
1859 		CURVNET_RESTORE();
1860 		IFNET_RUNLOCK();
1861 	}
1862 	VNET_LIST_RUNLOCK();
1863 
1864 	return err;
1865 }
1866 
1867 /**
1868  * irdma_reset_list_prep - add connection nodes slated for reset to list
1869  * @cm_core: cm's core
1870  * @listener: pointer to listener node
1871  * @reset_list: a list to which cm_node will be selected
1872  */
1873 static void
1874 irdma_reset_list_prep(struct irdma_cm_core *cm_core,
1875 		      struct irdma_cm_listener *listener,
1876 		      struct list_head *reset_list)
1877 {
1878 	struct irdma_cm_node *cm_node;
1879 	int bkt;
1880 
1881 	HASH_FOR_EACH_RCU(cm_core->cm_hash_tbl, bkt, cm_node, list) {
1882 		if (cm_node->listener == listener &&
1883 		    !cm_node->accelerated &&
1884 		    atomic_inc_not_zero(&cm_node->refcnt))
1885 			list_add(&cm_node->reset_entry, reset_list);
1886 	}
1887 }
1888 
1889 /**
1890  * irdma_dec_refcnt_listen - delete listener and associated cm nodes
1891  * @cm_core: cm's core
1892  * @listener: pointer to listener node
1893  * @free_hanging_nodes: to free associated cm_nodes
1894  * @apbvt_del: flag to delete the apbvt
1895  */
1896 static int
1897 irdma_dec_refcnt_listen(struct irdma_cm_core *cm_core,
1898 			struct irdma_cm_listener *listener,
1899 			int free_hanging_nodes, bool apbvt_del)
1900 {
1901 	struct list_head *list_pos;
1902 	struct list_head *list_temp;
1903 	struct irdma_cm_node *cm_node;
1904 	struct list_head reset_list;
1905 	struct irdma_cm_info nfo;
1906 	enum irdma_cm_node_state old_state;
1907 	unsigned long flags;
1908 	int err;
1909 
1910 	/* free non-accelerated child nodes for this listener */
1911 	INIT_LIST_HEAD(&reset_list);
1912 	if (free_hanging_nodes) {
1913 		rcu_read_lock();
1914 		irdma_reset_list_prep(cm_core, listener, &reset_list);
1915 		rcu_read_unlock();
1916 	}
1917 
1918 	list_for_each_safe(list_pos, list_temp, &reset_list) {
1919 		cm_node = container_of(list_pos, struct irdma_cm_node,
1920 				       reset_entry);
1921 		if (cm_node->state >= IRDMA_CM_STATE_FIN_WAIT1) {
1922 			irdma_rem_ref_cm_node(cm_node);
1923 			continue;
1924 		}
1925 
1926 		irdma_cleanup_retrans_entry(cm_node);
1927 		err = irdma_send_reset(cm_node);
1928 		if (err) {
1929 			cm_node->state = IRDMA_CM_STATE_CLOSED;
1930 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
1931 				    IRDMA_DEBUG_CM, "send reset failed\n");
1932 		} else {
1933 			old_state = cm_node->state;
1934 			cm_node->state = IRDMA_CM_STATE_LISTENER_DESTROYED;
1935 			if (old_state != IRDMA_CM_STATE_MPAREQ_RCVD)
1936 				irdma_rem_ref_cm_node(cm_node);
1937 		}
1938 	}
1939 
1940 	if (atomic_dec_and_test(&listener->refcnt)) {
1941 		spin_lock_irqsave(&cm_core->listen_list_lock, flags);
1942 		list_del(&listener->list);
1943 		spin_unlock_irqrestore(&cm_core->listen_list_lock, flags);
1944 
1945 		if (apbvt_del)
1946 			irdma_del_apbvt(listener->iwdev,
1947 					listener->apbvt_entry);
1948 		memcpy(nfo.loc_addr, listener->loc_addr, sizeof(nfo.loc_addr));
1949 		nfo.loc_port = listener->loc_port;
1950 		nfo.ipv4 = listener->ipv4;
1951 		nfo.vlan_id = listener->vlan_id;
1952 		nfo.user_pri = listener->user_pri;
1953 		nfo.qh_qpid = listener->iwdev->vsi.ilq->qp_id;
1954 
1955 		if (!list_empty(&listener->child_listen_list)) {
1956 			irdma_del_multiple_qhash(listener->iwdev, &nfo,
1957 						 listener);
1958 		} else {
1959 			if (listener->qhash_set)
1960 				irdma_manage_qhash(listener->iwdev,
1961 						   &nfo,
1962 						   IRDMA_QHASH_TYPE_TCP_SYN,
1963 						   IRDMA_QHASH_MANAGE_TYPE_DELETE,
1964 						   NULL, false);
1965 		}
1966 
1967 		cm_core->stats_listen_destroyed++;
1968 		cm_core->stats_listen_nodes_destroyed++;
1969 		irdma_debug(iwdev_to_idev(listener->iwdev), IRDMA_DEBUG_CM,
1970 		    "loc_port=0x%04x loc_addr=%pI4 cm_listen_node=%p cm_id=%p qhash_set=%d vlan_id=%d apbvt_del=%d\n",
1971 			    listener->loc_port, listener->loc_addr, listener, listener->cm_id, listener->qhash_set,
1972 			    listener->vlan_id, apbvt_del);
1973 		kfree(listener);
1974 		listener = NULL;
1975 		return 0;
1976 	}
1977 
1978 	return -EINVAL;
1979 }
1980 
1981 /**
1982  * irdma_cm_del_listen - delete a listener
1983  * @cm_core: cm's core
1984  * @listener: passive connection's listener
1985  * @apbvt_del: flag to delete apbvt
1986  */
1987 static int
1988 irdma_cm_del_listen(struct irdma_cm_core *cm_core,
1989 		    struct irdma_cm_listener *listener,
1990 		    bool apbvt_del)
1991 {
1992 	listener->listener_state = IRDMA_CM_LISTENER_PASSIVE_STATE;
1993 	listener->cm_id = NULL;
1994 
1995 	return irdma_dec_refcnt_listen(cm_core, listener, 1, apbvt_del);
1996 }
1997 
1998 /**
1999  * irdma_find_node - find a cm node that matches the reference cm node
2000  * @cm_core: cm's core
2001  * @rem_port: remote tcp port num
2002  * @rem_addr: remote ip addr
2003  * @loc_port: local tcp port num
2004  * @loc_addr: local ip addr
2005  * @vlan_id: local VLAN ID
2006  */
2007 struct irdma_cm_node *
2008 irdma_find_node(struct irdma_cm_core *cm_core,
2009 		u16 rem_port, u32 *rem_addr, u16 loc_port,
2010 		u32 *loc_addr, u16 vlan_id)
2011 {
2012 	struct irdma_cm_node *cm_node;
2013 	u32 key = (rem_port << 16) | loc_port;
2014 
2015 	rcu_read_lock();
2016 	HASH_FOR_EACH_POSSIBLE_RCU(cm_core->cm_hash_tbl, cm_node, list, key) {
2017 		if (cm_node->vlan_id == vlan_id &&
2018 		    cm_node->loc_port == loc_port && cm_node->rem_port == rem_port &&
2019 		    !memcmp(cm_node->loc_addr, loc_addr, sizeof(cm_node->loc_addr)) &&
2020 		    !memcmp(cm_node->rem_addr, rem_addr, sizeof(cm_node->rem_addr))) {
2021 			if (!atomic_inc_not_zero(&cm_node->refcnt))
2022 				goto exit;
2023 			rcu_read_unlock();
2024 			return cm_node;
2025 		}
2026 	}
2027 
2028 exit:
2029 	rcu_read_unlock();
2030 
2031 	/* no owner node */
2032 	return NULL;
2033 }
2034 
2035 /**
2036  * irdma_add_hte_node - add a cm node to the hash table
2037  * @cm_core: cm's core
2038  * @cm_node: connection's node
2039  */
2040 static void
2041 irdma_add_hte_node(struct irdma_cm_core *cm_core,
2042 		   struct irdma_cm_node *cm_node)
2043 {
2044 	unsigned long flags;
2045 	u32 key = (cm_node->rem_port << 16) | cm_node->loc_port;
2046 
2047 	spin_lock_irqsave(&cm_core->ht_lock, flags);
2048 	HASH_ADD_RCU(cm_core->cm_hash_tbl, &cm_node->list, key);
2049 	spin_unlock_irqrestore(&cm_core->ht_lock, flags);
2050 }
2051 
2052 /**
2053  * irdma_ipv4_is_lpb - check if loopback
2054  * @loc_addr: local addr to compare
2055  * @rem_addr: remote address
2056  */
2057 bool
2058 irdma_ipv4_is_lpb(struct vnet *vnet, u32 loc_addr, u32 rem_addr)
2059 {
2060 	bool ret;
2061 
2062 	CURVNET_SET_QUIET(vnet);
2063 	ret = ipv4_is_loopback(htonl(rem_addr)) || (loc_addr == rem_addr);
2064 	CURVNET_RESTORE();
2065 
2066 	return (ret);
2067 }
2068 
2069 /**
2070  * irdma_ipv6_is_lpb - check if loopback
2071  * @loc_addr: local addr to compare
2072  * @rem_addr: remote address
2073  */
2074 bool
2075 irdma_ipv6_is_lpb(u32 *loc_addr, u32 *rem_addr)
2076 {
2077 	struct in6_addr raddr6;
2078 
2079 	irdma_copy_ip_htonl(raddr6.__u6_addr.__u6_addr32, rem_addr);
2080 
2081 	return !memcmp(loc_addr, rem_addr, 16) || ipv6_addr_loopback(&raddr6);
2082 }
2083 
2084 /**
2085  * irdma_cm_create_ah - create a cm address handle
2086  * @cm_node: The connection manager node to create AH for
2087  * @wait: Provides option to wait for ah creation or not
2088  */
2089 static int
2090 irdma_cm_create_ah(struct irdma_cm_node *cm_node, bool wait)
2091 {
2092 	struct rdma_cm_id *rdma_id = (struct rdma_cm_id *)cm_node->cm_id->context;
2093 	struct vnet *vnet = rdma_id->route.addr.dev_addr.net;
2094 	struct irdma_ah_info ah_info = {0};
2095 	struct irdma_device *iwdev = cm_node->iwdev;
2096 
2097 	ether_addr_copy(ah_info.mac_addr, IF_LLADDR(iwdev->netdev));
2098 
2099 	ah_info.hop_ttl = 0x40;
2100 	ah_info.tc_tos = cm_node->tos;
2101 	ah_info.vsi = &iwdev->vsi;
2102 
2103 	if (cm_node->ipv4) {
2104 		ah_info.ipv4_valid = true;
2105 		ah_info.dest_ip_addr[0] = cm_node->rem_addr[0];
2106 		ah_info.src_ip_addr[0] = cm_node->loc_addr[0];
2107 		ah_info.do_lpbk = irdma_ipv4_is_lpb(vnet,
2108 						    ah_info.src_ip_addr[0],
2109 						    ah_info.dest_ip_addr[0]);
2110 	} else {
2111 		memcpy(ah_info.dest_ip_addr, cm_node->rem_addr,
2112 		       sizeof(ah_info.dest_ip_addr));
2113 		memcpy(ah_info.src_ip_addr, cm_node->loc_addr,
2114 		       sizeof(ah_info.src_ip_addr));
2115 		ah_info.do_lpbk = irdma_ipv6_is_lpb(ah_info.src_ip_addr,
2116 						    ah_info.dest_ip_addr);
2117 	}
2118 
2119 	ah_info.vlan_tag = cm_node->vlan_id;
2120 	if (cm_node->vlan_id < VLAN_N_VID) {
2121 		ah_info.insert_vlan_tag = 1;
2122 		ah_info.vlan_tag |= cm_node->user_pri << VLAN_PRIO_SHIFT;
2123 	}
2124 
2125 	ah_info.dst_arpindex =
2126 	    irdma_arp_table(iwdev->rf, ah_info.dest_ip_addr,
2127 			    NULL, IRDMA_ARP_RESOLVE);
2128 
2129 	if (irdma_puda_create_ah(&iwdev->rf->sc_dev, &ah_info, wait,
2130 				 IRDMA_PUDA_RSRC_TYPE_ILQ, cm_node,
2131 				 &cm_node->ah))
2132 		return -ENOMEM;
2133 
2134 	return 0;
2135 }
2136 
2137 /**
2138  * irdma_cm_free_ah - free a cm address handle
2139  * @cm_node: The connection manager node to create AH for
2140  */
2141 static void
2142 irdma_cm_free_ah(struct irdma_cm_node *cm_node)
2143 {
2144 	struct irdma_device *iwdev = cm_node->iwdev;
2145 
2146 	irdma_puda_free_ah(&iwdev->rf->sc_dev, cm_node->ah);
2147 	cm_node->ah = NULL;
2148 }
2149 
2150 /**
2151  * irdma_make_cm_node - create a new instance of a cm node
2152  * @cm_core: cm's core
2153  * @iwdev: iwarp device structure
2154  * @cm_info: quad info for connection
2155  * @listener: passive connection's listener
2156  */
2157 static struct irdma_cm_node *
2158 irdma_make_cm_node(struct irdma_cm_core *cm_core, struct irdma_device *iwdev,
2159 		   struct irdma_cm_info *cm_info,
2160 		   struct irdma_cm_listener *listener)
2161 {
2162 	struct irdma_cm_node *cm_node;
2163 	int arpindex;
2164 	struct ifnet *netdev = iwdev->netdev;
2165 
2166 	/* create an hte and cm_node for this instance */
2167 	cm_node = kzalloc(sizeof(*cm_node), GFP_ATOMIC);
2168 	if (!cm_node)
2169 		return NULL;
2170 
2171 	/* set our node specific transport info */
2172 	cm_node->ipv4 = cm_info->ipv4;
2173 	cm_node->vlan_id = cm_info->vlan_id;
2174 	if (cm_node->vlan_id >= VLAN_N_VID && iwdev->dcb_vlan_mode)
2175 		cm_node->vlan_id = 0;
2176 	cm_node->tos = cm_info->tos;
2177 	cm_node->user_pri = cm_info->user_pri;
2178 	if (listener) {
2179 		if (listener->tos != cm_info->tos)
2180 			irdma_dev_warn(
2181 				       &iwdev->rf->sc_dev,
2182 				       "application TOS[%d] and remote client TOS[%d] mismatch\n",
2183 				       listener->tos, cm_info->tos);
2184 		if (iwdev->vsi.dscp_mode) {
2185 			cm_node->user_pri = listener->user_pri;
2186 		} else {
2187 			cm_node->tos = max(listener->tos, cm_info->tos);
2188 			cm_node->user_pri = rt_tos2priority(cm_node->tos);
2189 		}
2190 		irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_DCB,
2191 			    "listener: TOS:[%d] UP:[%d]\n", cm_node->tos,
2192 			    cm_node->user_pri);
2193 	}
2194 	memcpy(cm_node->loc_addr, cm_info->loc_addr, sizeof(cm_node->loc_addr));
2195 	memcpy(cm_node->rem_addr, cm_info->rem_addr, sizeof(cm_node->rem_addr));
2196 	cm_node->loc_port = cm_info->loc_port;
2197 	cm_node->rem_port = cm_info->rem_port;
2198 
2199 	cm_node->mpa_frame_rev = IRDMA_CM_DEFAULT_MPA_VER;
2200 	cm_node->send_rdma0_op = SEND_RDMA_READ_ZERO;
2201 	cm_node->iwdev = iwdev;
2202 	cm_node->dev = &iwdev->rf->sc_dev;
2203 
2204 	cm_node->ird_size = cm_node->dev->hw_attrs.max_hw_ird;
2205 	cm_node->ord_size = cm_node->dev->hw_attrs.max_hw_ord;
2206 
2207 	cm_node->listener = listener;
2208 	cm_node->cm_id = cm_info->cm_id;
2209 	ether_addr_copy(cm_node->loc_mac, IF_LLADDR(netdev));
2210 	spin_lock_init(&cm_node->retrans_list_lock);
2211 	cm_node->ack_rcvd = false;
2212 
2213 	init_completion(&cm_node->establish_comp);
2214 	atomic_set(&cm_node->refcnt, 1);
2215 	/* associate our parent CM core */
2216 	cm_node->cm_core = cm_core;
2217 	cm_node->tcp_cntxt.loc_id = IRDMA_CM_DEFAULT_LOCAL_ID;
2218 	cm_node->tcp_cntxt.rcv_wscale = iwdev->rcv_wscale;
2219 	cm_node->tcp_cntxt.rcv_wnd = iwdev->rcv_wnd >> cm_node->tcp_cntxt.rcv_wscale;
2220 	kc_set_loc_seq_num_mss(cm_node);
2221 
2222 	arpindex = irdma_resolve_neigh_lpb_chk(iwdev, cm_node, cm_info);
2223 	if (arpindex < 0)
2224 		goto err;
2225 
2226 	ether_addr_copy(cm_node->rem_mac, iwdev->rf->arp_table[arpindex].mac_addr);
2227 	irdma_add_hte_node(cm_core, cm_node);
2228 	cm_core->stats_nodes_created++;
2229 	return cm_node;
2230 
2231 err:
2232 	kfree(cm_node);
2233 
2234 	return NULL;
2235 }
2236 
2237 static void
2238 irdma_cm_node_free_cb(struct rcu_head *rcu_head)
2239 {
2240 	struct irdma_cm_node *cm_node =
2241 	container_of(rcu_head, struct irdma_cm_node, rcu_head);
2242 	struct irdma_cm_core *cm_core = cm_node->cm_core;
2243 	struct irdma_qp *iwqp;
2244 	struct irdma_cm_info nfo;
2245 
2246 	/* if the node is destroyed before connection was accelerated */
2247 	if (!cm_node->accelerated && cm_node->accept_pend) {
2248 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
2249 			    "node destroyed before established\n");
2250 		atomic_dec(&cm_node->listener->pend_accepts_cnt);
2251 	}
2252 	if (cm_node->close_entry)
2253 		irdma_handle_close_entry(cm_node, 0);
2254 	if (cm_node->listener) {
2255 		irdma_dec_refcnt_listen(cm_core, cm_node->listener, 0, true);
2256 	} else {
2257 		if (cm_node->apbvt_set) {
2258 			irdma_del_apbvt(cm_node->iwdev, cm_node->apbvt_entry);
2259 			cm_node->apbvt_set = 0;
2260 		}
2261 		irdma_get_addr_info(cm_node, &nfo);
2262 		if (cm_node->qhash_set) {
2263 			nfo.qh_qpid = cm_node->iwdev->vsi.ilq->qp_id;
2264 			irdma_manage_qhash(cm_node->iwdev, &nfo,
2265 					   IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
2266 					   IRDMA_QHASH_MANAGE_TYPE_DELETE, NULL,
2267 					   false);
2268 			cm_node->qhash_set = 0;
2269 		}
2270 	}
2271 
2272 	iwqp = cm_node->iwqp;
2273 	if (iwqp) {
2274 		cm_node->cm_id->rem_ref(cm_node->cm_id);
2275 		cm_node->cm_id = NULL;
2276 		iwqp->cm_id = NULL;
2277 		irdma_qp_rem_ref(&iwqp->ibqp);
2278 		cm_node->iwqp = NULL;
2279 	} else if (cm_node->qhash_set) {
2280 		irdma_get_addr_info(cm_node, &nfo);
2281 		nfo.qh_qpid = cm_node->iwdev->vsi.ilq->qp_id;
2282 		irdma_manage_qhash(cm_node->iwdev, &nfo,
2283 				   IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
2284 				   IRDMA_QHASH_MANAGE_TYPE_DELETE, NULL, false);
2285 		cm_node->qhash_set = 0;
2286 	}
2287 
2288 	cm_core->cm_free_ah(cm_node);
2289 	kfree(cm_node);
2290 }
2291 
2292 /**
2293  * irdma_rem_ref_cm_node - destroy an instance of a cm node
2294  * @cm_node: connection's node
2295  */
2296 void
2297 irdma_rem_ref_cm_node(struct irdma_cm_node *cm_node)
2298 {
2299 	struct irdma_cm_core *cm_core = cm_node->cm_core;
2300 	unsigned long flags;
2301 
2302 	spin_lock_irqsave(&cm_core->ht_lock, flags);
2303 
2304 	if (!atomic_dec_and_test(&cm_node->refcnt)) {
2305 		spin_unlock_irqrestore(&cm_core->ht_lock, flags);
2306 		return;
2307 	}
2308 	if (cm_node->iwqp) {
2309 		cm_node->iwqp->cm_node = NULL;
2310 		cm_node->iwqp->cm_id = NULL;
2311 	}
2312 	HASH_DEL_RCU(cm_core->cm_hash_tbl, &cm_node->list);
2313 	cm_node->cm_core->stats_nodes_destroyed++;
2314 
2315 	spin_unlock_irqrestore(&cm_core->ht_lock, flags);
2316 
2317 	/* wait for all list walkers to exit their grace period */
2318 	call_rcu(&cm_node->rcu_head, irdma_cm_node_free_cb);
2319 }
2320 
2321 /**
2322  * irdma_handle_fin_pkt - FIN packet received
2323  * @cm_node: connection's node
2324  */
2325 static void
2326 irdma_handle_fin_pkt(struct irdma_cm_node *cm_node)
2327 {
2328 	switch (cm_node->state) {
2329 	case IRDMA_CM_STATE_SYN_RCVD:
2330 	case IRDMA_CM_STATE_SYN_SENT:
2331 	case IRDMA_CM_STATE_ESTABLISHED:
2332 	case IRDMA_CM_STATE_MPAREJ_RCVD:
2333 		cm_node->tcp_cntxt.rcv_nxt++;
2334 		irdma_cleanup_retrans_entry(cm_node);
2335 		cm_node->state = IRDMA_CM_STATE_LAST_ACK;
2336 		irdma_send_fin(cm_node);
2337 		break;
2338 	case IRDMA_CM_STATE_MPAREQ_SENT:
2339 		irdma_create_event(cm_node, IRDMA_CM_EVENT_ABORTED);
2340 		cm_node->tcp_cntxt.rcv_nxt++;
2341 		irdma_cleanup_retrans_entry(cm_node);
2342 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2343 		atomic_inc(&cm_node->refcnt);
2344 		irdma_send_reset(cm_node);
2345 		break;
2346 	case IRDMA_CM_STATE_FIN_WAIT1:
2347 		cm_node->tcp_cntxt.rcv_nxt++;
2348 		irdma_cleanup_retrans_entry(cm_node);
2349 		cm_node->state = IRDMA_CM_STATE_CLOSING;
2350 		irdma_send_ack(cm_node);
2351 		/*
2352 		 * Wait for ACK as this is simultaneous close. After we receive ACK, do not send anything. Just rm the
2353 		 * node.
2354 		 */
2355 		break;
2356 	case IRDMA_CM_STATE_FIN_WAIT2:
2357 		cm_node->tcp_cntxt.rcv_nxt++;
2358 		irdma_cleanup_retrans_entry(cm_node);
2359 		cm_node->state = IRDMA_CM_STATE_TIME_WAIT;
2360 		irdma_send_ack(cm_node);
2361 		irdma_schedule_cm_timer(cm_node, NULL, IRDMA_TIMER_TYPE_CLOSE,
2362 					1, 0);
2363 		break;
2364 	case IRDMA_CM_STATE_TIME_WAIT:
2365 		cm_node->tcp_cntxt.rcv_nxt++;
2366 		irdma_cleanup_retrans_entry(cm_node);
2367 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2368 		irdma_rem_ref_cm_node(cm_node);
2369 		break;
2370 	case IRDMA_CM_STATE_OFFLOADED:
2371 	default:
2372 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
2373 			    "bad state node state = %d\n", cm_node->state);
2374 		break;
2375 	}
2376 }
2377 
2378 /**
2379  * irdma_handle_rst_pkt - process received RST packet
2380  * @cm_node: connection's node
2381  * @rbuf: receive buffer
2382  */
2383 static void
2384 irdma_handle_rst_pkt(struct irdma_cm_node *cm_node,
2385 		     struct irdma_puda_buf *rbuf)
2386 {
2387 	irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
2388 		    "caller: %pS cm_node=%p state=%d rem_port=0x%04x loc_port=0x%04x rem_addr=%pI4 loc_addr=%pI4\n",
2389 		    __builtin_return_address(0), cm_node, cm_node->state,
2390 		    cm_node->rem_port, cm_node->loc_port, cm_node->rem_addr, cm_node->loc_addr);
2391 
2392 	irdma_cleanup_retrans_entry(cm_node);
2393 	switch (cm_node->state) {
2394 	case IRDMA_CM_STATE_SYN_SENT:
2395 	case IRDMA_CM_STATE_MPAREQ_SENT:
2396 		switch (cm_node->mpa_frame_rev) {
2397 		case IETF_MPA_V2:
2398 			/* Drop down to MPA_V1 */
2399 			cm_node->mpa_frame_rev = IETF_MPA_V1;
2400 			/* send a syn and goto syn sent state */
2401 			cm_node->state = IRDMA_CM_STATE_SYN_SENT;
2402 			if (irdma_send_syn(cm_node, 0))
2403 				irdma_active_open_err(cm_node, false);
2404 			break;
2405 		case IETF_MPA_V1:
2406 		default:
2407 			irdma_active_open_err(cm_node, false);
2408 			break;
2409 		}
2410 		break;
2411 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2412 		atomic_inc(&cm_node->passive_state);
2413 		break;
2414 	case IRDMA_CM_STATE_ESTABLISHED:
2415 	case IRDMA_CM_STATE_SYN_RCVD:
2416 	case IRDMA_CM_STATE_LISTENING:
2417 		irdma_passive_open_err(cm_node, false);
2418 		break;
2419 	case IRDMA_CM_STATE_OFFLOADED:
2420 		irdma_active_open_err(cm_node, false);
2421 		break;
2422 	case IRDMA_CM_STATE_CLOSED:
2423 		break;
2424 	case IRDMA_CM_STATE_FIN_WAIT2:
2425 	case IRDMA_CM_STATE_FIN_WAIT1:
2426 	case IRDMA_CM_STATE_LAST_ACK:
2427 	case IRDMA_CM_STATE_TIME_WAIT:
2428 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2429 		irdma_rem_ref_cm_node(cm_node);
2430 		break;
2431 	default:
2432 		break;
2433 	}
2434 }
2435 
2436 /**
2437  * irdma_handle_rcv_mpa - Process a recv'd mpa buffer
2438  * @cm_node: connection's node
2439  * @rbuf: receive buffer
2440  */
2441 static void
2442 irdma_handle_rcv_mpa(struct irdma_cm_node *cm_node,
2443 		     struct irdma_puda_buf *rbuf)
2444 {
2445 	int err;
2446 	int datasize = rbuf->datalen;
2447 	u8 *dataloc = rbuf->data;
2448 
2449 	enum irdma_cm_event_type type = IRDMA_CM_EVENT_UNKNOWN;
2450 	u32 res_type;
2451 
2452 	err = irdma_parse_mpa(cm_node, dataloc, &res_type, datasize);
2453 	if (err) {
2454 		if (cm_node->state == IRDMA_CM_STATE_MPAREQ_SENT)
2455 			irdma_active_open_err(cm_node, true);
2456 		else
2457 			irdma_passive_open_err(cm_node, true);
2458 		return;
2459 	}
2460 
2461 	switch (cm_node->state) {
2462 	case IRDMA_CM_STATE_ESTABLISHED:
2463 		if (res_type == IRDMA_MPA_REQUEST_REJECT)
2464 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
2465 				    IRDMA_DEBUG_CM, "state for reject\n");
2466 		cm_node->state = IRDMA_CM_STATE_MPAREQ_RCVD;
2467 		type = IRDMA_CM_EVENT_MPA_REQ;
2468 		irdma_send_ack(cm_node);	/* ACK received MPA request */
2469 		atomic_set(&cm_node->passive_state,
2470 			   IRDMA_PASSIVE_STATE_INDICATED);
2471 		break;
2472 	case IRDMA_CM_STATE_MPAREQ_SENT:
2473 		irdma_cleanup_retrans_entry(cm_node);
2474 		if (res_type == IRDMA_MPA_REQUEST_REJECT) {
2475 			type = IRDMA_CM_EVENT_MPA_REJECT;
2476 			cm_node->state = IRDMA_CM_STATE_MPAREJ_RCVD;
2477 		} else {
2478 			type = IRDMA_CM_EVENT_CONNECTED;
2479 			cm_node->state = IRDMA_CM_STATE_OFFLOADED;
2480 		}
2481 		irdma_send_ack(cm_node);
2482 		break;
2483 	default:
2484 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
2485 			    "wrong cm_node state =%d\n", cm_node->state);
2486 		break;
2487 	}
2488 	irdma_create_event(cm_node, type);
2489 }
2490 
2491 /**
2492  * irdma_check_syn - Check for error on received syn ack
2493  * @cm_node: connection's node
2494  * @tcph: pointer tcp header
2495  */
2496 static int
2497 irdma_check_syn(struct irdma_cm_node *cm_node, struct tcphdr *tcph)
2498 {
2499 	if (ntohl(tcph->th_ack) != cm_node->tcp_cntxt.loc_seq_num) {
2500 		irdma_active_open_err(cm_node, true);
2501 		return 1;
2502 	}
2503 
2504 	return 0;
2505 }
2506 
2507 /**
2508  * irdma_check_seq - check seq numbers if OK
2509  * @cm_node: connection's node
2510  * @tcph: pointer tcp header
2511  */
2512 static int
2513 irdma_check_seq(struct irdma_cm_node *cm_node, struct tcphdr *tcph)
2514 {
2515 	u32 seq;
2516 	u32 ack_seq;
2517 	u32 loc_seq_num = cm_node->tcp_cntxt.loc_seq_num;
2518 	u32 rcv_nxt = cm_node->tcp_cntxt.rcv_nxt;
2519 	u32 rcv_wnd;
2520 	int err = 0;
2521 
2522 	seq = ntohl(tcph->th_seq);
2523 	ack_seq = ntohl(tcph->th_ack);
2524 	rcv_wnd = cm_node->tcp_cntxt.rcv_wnd;
2525 	if (ack_seq != loc_seq_num ||
2526 	    !between(seq, rcv_nxt, (rcv_nxt + rcv_wnd)))
2527 		err = -1;
2528 	if (err)
2529 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
2530 			    "seq number err\n");
2531 
2532 	return err;
2533 }
2534 
2535 void
2536 irdma_add_conn_est_qh(struct irdma_cm_node *cm_node)
2537 {
2538 	struct irdma_cm_info nfo;
2539 
2540 	irdma_get_addr_info(cm_node, &nfo);
2541 	nfo.qh_qpid = cm_node->iwdev->vsi.ilq->qp_id;
2542 	irdma_manage_qhash(cm_node->iwdev, &nfo,
2543 			   IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
2544 			   IRDMA_QHASH_MANAGE_TYPE_ADD,
2545 			   cm_node, false);
2546 	cm_node->qhash_set = true;
2547 }
2548 
2549 /**
2550  * irdma_handle_syn_pkt - is for Passive node
2551  * @cm_node: connection's node
2552  * @rbuf: receive buffer
2553  */
2554 static void
2555 irdma_handle_syn_pkt(struct irdma_cm_node *cm_node,
2556 		     struct irdma_puda_buf *rbuf)
2557 {
2558 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2559 	int err;
2560 	u32 inc_sequence;
2561 	int optionsize;
2562 
2563 	optionsize = (tcph->th_off << 2) - sizeof(struct tcphdr);
2564 	inc_sequence = ntohl(tcph->th_seq);
2565 
2566 	switch (cm_node->state) {
2567 	case IRDMA_CM_STATE_SYN_SENT:
2568 	case IRDMA_CM_STATE_MPAREQ_SENT:
2569 		/* Rcvd syn on active open connection */
2570 		irdma_active_open_err(cm_node, 1);
2571 		break;
2572 	case IRDMA_CM_STATE_LISTENING:
2573 		/* Passive OPEN */
2574 		if (atomic_read(&cm_node->listener->pend_accepts_cnt) >
2575 		    cm_node->listener->backlog) {
2576 			cm_node->cm_core->stats_backlog_drops++;
2577 			irdma_passive_open_err(cm_node, false);
2578 			break;
2579 		}
2580 		err = irdma_handle_tcp_options(cm_node, tcph, optionsize, 1);
2581 		if (err) {
2582 			irdma_passive_open_err(cm_node, false);
2583 			/* drop pkt */
2584 			break;
2585 		}
2586 		err = cm_node->cm_core->cm_create_ah(cm_node, false);
2587 		if (err) {
2588 			irdma_passive_open_err(cm_node, false);
2589 			/* drop pkt */
2590 			break;
2591 		}
2592 		cm_node->tcp_cntxt.rcv_nxt = inc_sequence + 1;
2593 		cm_node->accept_pend = 1;
2594 		atomic_inc(&cm_node->listener->pend_accepts_cnt);
2595 
2596 		cm_node->state = IRDMA_CM_STATE_SYN_RCVD;
2597 		break;
2598 	case IRDMA_CM_STATE_CLOSED:
2599 		irdma_cleanup_retrans_entry(cm_node);
2600 		atomic_inc(&cm_node->refcnt);
2601 		irdma_send_reset(cm_node);
2602 		break;
2603 	case IRDMA_CM_STATE_OFFLOADED:
2604 	case IRDMA_CM_STATE_ESTABLISHED:
2605 	case IRDMA_CM_STATE_FIN_WAIT1:
2606 	case IRDMA_CM_STATE_FIN_WAIT2:
2607 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2608 	case IRDMA_CM_STATE_LAST_ACK:
2609 	case IRDMA_CM_STATE_CLOSING:
2610 	case IRDMA_CM_STATE_UNKNOWN:
2611 	default:
2612 		break;
2613 	}
2614 }
2615 
2616 /**
2617  * irdma_handle_synack_pkt - Process SYN+ACK packet (active side)
2618  * @cm_node: connection's node
2619  * @rbuf: receive buffer
2620  */
2621 static void
2622 irdma_handle_synack_pkt(struct irdma_cm_node *cm_node,
2623 			struct irdma_puda_buf *rbuf)
2624 {
2625 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2626 	int err;
2627 	u32 inc_sequence;
2628 	int optionsize;
2629 
2630 	optionsize = (tcph->th_off << 2) - sizeof(struct tcphdr);
2631 	inc_sequence = ntohl(tcph->th_seq);
2632 	switch (cm_node->state) {
2633 	case IRDMA_CM_STATE_SYN_SENT:
2634 		irdma_cleanup_retrans_entry(cm_node);
2635 		/* active open */
2636 		if (irdma_check_syn(cm_node, tcph)) {
2637 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
2638 				    IRDMA_DEBUG_CM, "check syn fail\n");
2639 			return;
2640 		}
2641 		cm_node->tcp_cntxt.rem_ack_num = ntohl(tcph->th_ack);
2642 		/* setup options */
2643 		err = irdma_handle_tcp_options(cm_node, tcph, optionsize, 0);
2644 		if (err) {
2645 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
2646 				    IRDMA_DEBUG_CM,
2647 				    "cm_node=%p tcp_options failed\n",
2648 				    cm_node);
2649 			break;
2650 		}
2651 		irdma_cleanup_retrans_entry(cm_node);
2652 		cm_node->tcp_cntxt.rcv_nxt = inc_sequence + 1;
2653 		irdma_send_ack(cm_node);	/* ACK  for the syn_ack */
2654 		err = irdma_send_mpa_request(cm_node);
2655 		if (err) {
2656 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
2657 				    IRDMA_DEBUG_CM,
2658 				    "cm_node=%p irdma_send_mpa_request failed\n",
2659 				    cm_node);
2660 			break;
2661 		}
2662 		cm_node->state = IRDMA_CM_STATE_MPAREQ_SENT;
2663 		break;
2664 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2665 		irdma_passive_open_err(cm_node, true);
2666 		break;
2667 	case IRDMA_CM_STATE_LISTENING:
2668 		cm_node->tcp_cntxt.loc_seq_num = ntohl(tcph->th_ack);
2669 		irdma_cleanup_retrans_entry(cm_node);
2670 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2671 		irdma_send_reset(cm_node);
2672 		break;
2673 	case IRDMA_CM_STATE_CLOSED:
2674 		cm_node->tcp_cntxt.loc_seq_num = ntohl(tcph->th_ack);
2675 		irdma_cleanup_retrans_entry(cm_node);
2676 		atomic_inc(&cm_node->refcnt);
2677 		irdma_send_reset(cm_node);
2678 		break;
2679 	case IRDMA_CM_STATE_ESTABLISHED:
2680 	case IRDMA_CM_STATE_FIN_WAIT1:
2681 	case IRDMA_CM_STATE_FIN_WAIT2:
2682 	case IRDMA_CM_STATE_LAST_ACK:
2683 	case IRDMA_CM_STATE_OFFLOADED:
2684 	case IRDMA_CM_STATE_CLOSING:
2685 	case IRDMA_CM_STATE_UNKNOWN:
2686 	case IRDMA_CM_STATE_MPAREQ_SENT:
2687 	default:
2688 		break;
2689 	}
2690 }
2691 
2692 /**
2693  * irdma_handle_ack_pkt - process packet with ACK
2694  * @cm_node: connection's node
2695  * @rbuf: receive buffer
2696  */
2697 static int
2698 irdma_handle_ack_pkt(struct irdma_cm_node *cm_node,
2699 		     struct irdma_puda_buf *rbuf)
2700 {
2701 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2702 	u32 inc_sequence;
2703 	int ret;
2704 	int optionsize;
2705 	u32 datasize = rbuf->datalen;
2706 
2707 	optionsize = (tcph->th_off << 2) - sizeof(struct tcphdr);
2708 
2709 	if (irdma_check_seq(cm_node, tcph))
2710 		return -EINVAL;
2711 
2712 	inc_sequence = ntohl(tcph->th_seq);
2713 	switch (cm_node->state) {
2714 	case IRDMA_CM_STATE_SYN_RCVD:
2715 		irdma_cleanup_retrans_entry(cm_node);
2716 		ret = irdma_handle_tcp_options(cm_node, tcph, optionsize, 1);
2717 		if (ret)
2718 			return ret;
2719 		cm_node->tcp_cntxt.rem_ack_num = ntohl(tcph->th_ack);
2720 		cm_node->state = IRDMA_CM_STATE_ESTABLISHED;
2721 		if (datasize) {
2722 			cm_node->tcp_cntxt.rcv_nxt = inc_sequence + datasize;
2723 			irdma_handle_rcv_mpa(cm_node, rbuf);
2724 		}
2725 		break;
2726 	case IRDMA_CM_STATE_ESTABLISHED:
2727 		irdma_cleanup_retrans_entry(cm_node);
2728 		if (datasize) {
2729 			cm_node->tcp_cntxt.rcv_nxt = inc_sequence + datasize;
2730 			irdma_handle_rcv_mpa(cm_node, rbuf);
2731 		}
2732 		break;
2733 	case IRDMA_CM_STATE_MPAREQ_SENT:
2734 		cm_node->tcp_cntxt.rem_ack_num = ntohl(tcph->th_ack);
2735 		if (datasize) {
2736 			cm_node->tcp_cntxt.rcv_nxt = inc_sequence + datasize;
2737 			cm_node->ack_rcvd = false;
2738 			irdma_handle_rcv_mpa(cm_node, rbuf);
2739 		} else {
2740 			cm_node->ack_rcvd = true;
2741 		}
2742 		break;
2743 	case IRDMA_CM_STATE_LISTENING:
2744 		irdma_cleanup_retrans_entry(cm_node);
2745 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2746 		irdma_send_reset(cm_node);
2747 		break;
2748 	case IRDMA_CM_STATE_CLOSED:
2749 		irdma_cleanup_retrans_entry(cm_node);
2750 		atomic_inc(&cm_node->refcnt);
2751 		irdma_send_reset(cm_node);
2752 		break;
2753 	case IRDMA_CM_STATE_LAST_ACK:
2754 	case IRDMA_CM_STATE_CLOSING:
2755 		irdma_cleanup_retrans_entry(cm_node);
2756 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2757 		irdma_rem_ref_cm_node(cm_node);
2758 		break;
2759 	case IRDMA_CM_STATE_FIN_WAIT1:
2760 		irdma_cleanup_retrans_entry(cm_node);
2761 		cm_node->state = IRDMA_CM_STATE_FIN_WAIT2;
2762 		break;
2763 	case IRDMA_CM_STATE_SYN_SENT:
2764 	case IRDMA_CM_STATE_FIN_WAIT2:
2765 	case IRDMA_CM_STATE_OFFLOADED:
2766 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2767 	case IRDMA_CM_STATE_UNKNOWN:
2768 	default:
2769 		irdma_cleanup_retrans_entry(cm_node);
2770 		break;
2771 	}
2772 
2773 	return 0;
2774 }
2775 
2776 /**
2777  * irdma_process_pkt - process cm packet
2778  * @cm_node: connection's node
2779  * @rbuf: receive buffer
2780  */
2781 static void
2782 irdma_process_pkt(struct irdma_cm_node *cm_node,
2783 		  struct irdma_puda_buf *rbuf)
2784 {
2785 	enum irdma_tcpip_pkt_type pkt_type = IRDMA_PKT_TYPE_UNKNOWN;
2786 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2787 	u32 fin_set = 0;
2788 	int err;
2789 
2790 	if (tcph->th_flags & TH_RST) {
2791 		pkt_type = IRDMA_PKT_TYPE_RST;
2792 	} else if (tcph->th_flags & TH_SYN) {
2793 		pkt_type = IRDMA_PKT_TYPE_SYN;
2794 		if (tcph->th_flags & TH_ACK)
2795 			pkt_type = IRDMA_PKT_TYPE_SYNACK;
2796 	} else if (tcph->th_flags & TH_ACK) {
2797 		pkt_type = IRDMA_PKT_TYPE_ACK;
2798 	}
2799 	if (tcph->th_flags & TH_FIN)
2800 		fin_set = 1;
2801 
2802 	switch (pkt_type) {
2803 	case IRDMA_PKT_TYPE_SYN:
2804 		irdma_handle_syn_pkt(cm_node, rbuf);
2805 		break;
2806 	case IRDMA_PKT_TYPE_SYNACK:
2807 		irdma_handle_synack_pkt(cm_node, rbuf);
2808 		break;
2809 	case IRDMA_PKT_TYPE_ACK:
2810 		err = irdma_handle_ack_pkt(cm_node, rbuf);
2811 		if (fin_set && !err)
2812 			irdma_handle_fin_pkt(cm_node);
2813 		break;
2814 	case IRDMA_PKT_TYPE_RST:
2815 		irdma_handle_rst_pkt(cm_node, rbuf);
2816 		break;
2817 	default:
2818 		if (fin_set &&
2819 		    (!irdma_check_seq(cm_node, (struct tcphdr *)rbuf->tcph)))
2820 			irdma_handle_fin_pkt(cm_node);
2821 		break;
2822 	}
2823 }
2824 
2825 /**
2826  * irdma_make_listen_node - create a listen node with params
2827  * @cm_core: cm's core
2828  * @iwdev: iwarp device structure
2829  * @cm_info: quad info for connection
2830  */
2831 static struct irdma_cm_listener *
2832 irdma_make_listen_node(struct irdma_cm_core *cm_core,
2833 		       struct irdma_device *iwdev,
2834 		       struct irdma_cm_info *cm_info)
2835 {
2836 	struct irdma_cm_listener *listener;
2837 	unsigned long flags;
2838 
2839 	/* cannot have multiple matching listeners */
2840 	listener = irdma_find_listener(cm_core, cm_info->loc_addr,
2841 				       cm_info->loc_port, cm_info->vlan_id,
2842 				       IRDMA_CM_LISTENER_EITHER_STATE);
2843 	if (listener &&
2844 	    listener->listener_state == IRDMA_CM_LISTENER_ACTIVE_STATE) {
2845 		atomic_dec(&listener->refcnt);
2846 		return NULL;
2847 	}
2848 
2849 	if (!listener) {
2850 		/*
2851 		 * create a CM listen node 1/2 node to compare incoming traffic to
2852 		 */
2853 		listener = kzalloc(sizeof(*listener), GFP_KERNEL);
2854 		if (!listener)
2855 			return NULL;
2856 		cm_core->stats_listen_nodes_created++;
2857 		memcpy(listener->loc_addr, cm_info->loc_addr,
2858 		       sizeof(listener->loc_addr));
2859 		listener->loc_port = cm_info->loc_port;
2860 
2861 		INIT_LIST_HEAD(&listener->child_listen_list);
2862 
2863 		atomic_set(&listener->refcnt, 1);
2864 	} else {
2865 		listener->reused_node = 1;
2866 	}
2867 
2868 	listener->cm_id = cm_info->cm_id;
2869 	listener->ipv4 = cm_info->ipv4;
2870 	listener->vlan_id = cm_info->vlan_id;
2871 	atomic_set(&listener->pend_accepts_cnt, 0);
2872 	listener->cm_core = cm_core;
2873 	listener->iwdev = iwdev;
2874 
2875 	listener->backlog = cm_info->backlog;
2876 	listener->listener_state = IRDMA_CM_LISTENER_ACTIVE_STATE;
2877 
2878 	if (!listener->reused_node) {
2879 		spin_lock_irqsave(&cm_core->listen_list_lock, flags);
2880 		list_add(&listener->list, &cm_core->listen_list);
2881 		spin_unlock_irqrestore(&cm_core->listen_list_lock, flags);
2882 	}
2883 
2884 	return listener;
2885 }
2886 
2887 /**
2888  * irdma_create_cm_node - make a connection node with params
2889  * @cm_core: cm's core
2890  * @iwdev: iwarp device structure
2891  * @conn_param: connection parameters
2892  * @cm_info: quad info for connection
2893  * @caller_cm_node: pointer to cm_node structure to return
2894  */
2895 static int
2896 irdma_create_cm_node(struct irdma_cm_core *cm_core,
2897 		     struct irdma_device *iwdev,
2898 		     struct iw_cm_conn_param *conn_param,
2899 		     struct irdma_cm_info *cm_info,
2900 		     struct irdma_cm_node **caller_cm_node)
2901 {
2902 	struct irdma_cm_node *cm_node;
2903 	u16 private_data_len = conn_param->private_data_len;
2904 	const void *private_data = conn_param->private_data;
2905 
2906 	/* create a CM connection node */
2907 	cm_node = irdma_make_cm_node(cm_core, iwdev, cm_info, NULL);
2908 	if (!cm_node)
2909 		return -ENOMEM;
2910 
2911 	/* set our node side to client (active) side */
2912 	cm_node->tcp_cntxt.client = 1;
2913 	cm_node->tcp_cntxt.rcv_wscale = IRDMA_CM_DEFAULT_RCV_WND_SCALE;
2914 
2915 	irdma_record_ird_ord(cm_node, conn_param->ird, conn_param->ord);
2916 
2917 	cm_node->pdata.size = private_data_len;
2918 	cm_node->pdata.addr = cm_node->pdata_buf;
2919 
2920 	memcpy(cm_node->pdata_buf, private_data, private_data_len);
2921 	*caller_cm_node = cm_node;
2922 
2923 	return 0;
2924 }
2925 
2926 /**
2927  * irdma_cm_reject - reject and teardown a connection
2928  * @cm_node: connection's node
2929  * @pdata: ptr to private data for reject
2930  * @plen: size of private data
2931  */
2932 static int
2933 irdma_cm_reject(struct irdma_cm_node *cm_node, const void *pdata,
2934 		u8 plen)
2935 {
2936 	int ret;
2937 	int passive_state;
2938 
2939 	if (cm_node->tcp_cntxt.client)
2940 		return 0;
2941 
2942 	irdma_cleanup_retrans_entry(cm_node);
2943 
2944 	passive_state = atomic_add_return(1, &cm_node->passive_state);
2945 	if (passive_state == IRDMA_SEND_RESET_EVENT) {
2946 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2947 		irdma_rem_ref_cm_node(cm_node);
2948 		return 0;
2949 	}
2950 
2951 	if (cm_node->state == IRDMA_CM_STATE_LISTENER_DESTROYED) {
2952 		irdma_rem_ref_cm_node(cm_node);
2953 		return 0;
2954 	}
2955 
2956 	ret = irdma_send_mpa_reject(cm_node, pdata, plen);
2957 	if (!ret)
2958 		return 0;
2959 
2960 	cm_node->state = IRDMA_CM_STATE_CLOSED;
2961 	if (irdma_send_reset(cm_node))
2962 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
2963 			    "send reset failed\n");
2964 
2965 	return ret;
2966 }
2967 
2968 /**
2969  * irdma_cm_close - close of cm connection
2970  * @cm_node: connection's node
2971  */
2972 static int
2973 irdma_cm_close(struct irdma_cm_node *cm_node)
2974 {
2975 	switch (cm_node->state) {
2976 	case IRDMA_CM_STATE_SYN_RCVD:
2977 	case IRDMA_CM_STATE_SYN_SENT:
2978 	case IRDMA_CM_STATE_ONE_SIDE_ESTABLISHED:
2979 	case IRDMA_CM_STATE_ESTABLISHED:
2980 	case IRDMA_CM_STATE_ACCEPTING:
2981 	case IRDMA_CM_STATE_MPAREQ_SENT:
2982 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2983 		irdma_cleanup_retrans_entry(cm_node);
2984 		irdma_send_reset(cm_node);
2985 		break;
2986 	case IRDMA_CM_STATE_CLOSE_WAIT:
2987 		cm_node->state = IRDMA_CM_STATE_LAST_ACK;
2988 		irdma_send_fin(cm_node);
2989 		break;
2990 	case IRDMA_CM_STATE_FIN_WAIT1:
2991 	case IRDMA_CM_STATE_FIN_WAIT2:
2992 	case IRDMA_CM_STATE_LAST_ACK:
2993 	case IRDMA_CM_STATE_TIME_WAIT:
2994 	case IRDMA_CM_STATE_CLOSING:
2995 		return -EINVAL;
2996 	case IRDMA_CM_STATE_LISTENING:
2997 		irdma_cleanup_retrans_entry(cm_node);
2998 		irdma_send_reset(cm_node);
2999 		break;
3000 	case IRDMA_CM_STATE_MPAREJ_RCVD:
3001 	case IRDMA_CM_STATE_UNKNOWN:
3002 	case IRDMA_CM_STATE_INITED:
3003 	case IRDMA_CM_STATE_CLOSED:
3004 	case IRDMA_CM_STATE_LISTENER_DESTROYED:
3005 		irdma_rem_ref_cm_node(cm_node);
3006 		break;
3007 	case IRDMA_CM_STATE_OFFLOADED:
3008 		if (cm_node->send_entry)
3009 			irdma_debug(iwdev_to_idev(cm_node->iwdev),
3010 				    IRDMA_DEBUG_CM,
3011 				    "CM send_entry in OFFLOADED state\n");
3012 		irdma_rem_ref_cm_node(cm_node);
3013 		break;
3014 	}
3015 
3016 	return 0;
3017 }
3018 
3019 /**
3020  * irdma_receive_ilq - recv an ETHERNET packet, and process it
3021  * through CM
3022  * @vsi: VSI structure of dev
3023  * @rbuf: receive buffer
3024  */
3025 void
3026 irdma_receive_ilq(struct irdma_sc_vsi *vsi, struct irdma_puda_buf *rbuf)
3027 {
3028 	struct irdma_cm_node *cm_node;
3029 	struct irdma_cm_listener *listener;
3030 	struct ip *iph;
3031 	struct ip6_hdr *ip6h;
3032 	struct tcphdr *tcph;
3033 	struct irdma_cm_info cm_info = {0};
3034 	struct irdma_device *iwdev = vsi->back_vsi;
3035 	struct irdma_cm_core *cm_core = &iwdev->cm_core;
3036 	struct ether_vlan_header *ethh;
3037 	u16 vtag;
3038 
3039 	/* if vlan, then maclen = 18 else 14 */
3040 	iph = (struct ip *)rbuf->iph;
3041 	irdma_debug_buf(vsi->dev, IRDMA_DEBUG_ILQ, "RECEIVE ILQ BUFFER",
3042 			rbuf->mem.va, rbuf->totallen);
3043 	if (iwdev->rf->sc_dev.hw_attrs.uk_attrs.hw_rev >= IRDMA_GEN_2) {
3044 		if (rbuf->vlan_valid) {
3045 			vtag = rbuf->vlan_id;
3046 			cm_info.user_pri = (vtag & EVL_PRI_MASK) >>
3047 			    VLAN_PRIO_SHIFT;
3048 			cm_info.vlan_id = vtag & EVL_VLID_MASK;
3049 		} else {
3050 			cm_info.vlan_id = 0xFFFF;
3051 		}
3052 	} else {
3053 		ethh = rbuf->mem.va;
3054 
3055 		if (ethh->evl_proto == htons(ETH_P_8021Q)) {
3056 			vtag = ntohs(ethh->evl_tag);
3057 			cm_info.user_pri = (vtag & EVL_PRI_MASK) >>
3058 			    VLAN_PRIO_SHIFT;
3059 			cm_info.vlan_id = vtag & EVL_VLID_MASK;
3060 			irdma_debug(iwdev_to_idev(cm_core->iwdev),
3061 				    IRDMA_DEBUG_CM, "vlan_id=%d\n",
3062 				    cm_info.vlan_id);
3063 		} else {
3064 			cm_info.vlan_id = 0xFFFF;
3065 		}
3066 	}
3067 	tcph = (struct tcphdr *)rbuf->tcph;
3068 
3069 	if (rbuf->ipv4) {
3070 		cm_info.loc_addr[0] = ntohl(iph->ip_dst.s_addr);
3071 		cm_info.rem_addr[0] = ntohl(iph->ip_src.s_addr);
3072 		cm_info.ipv4 = true;
3073 		cm_info.tos = iph->ip_tos;
3074 	} else {
3075 		ip6h = (struct ip6_hdr *)rbuf->iph;
3076 		irdma_copy_ip_ntohl(cm_info.loc_addr,
3077 				    ip6h->ip6_dst.__u6_addr.__u6_addr32);
3078 		irdma_copy_ip_ntohl(cm_info.rem_addr,
3079 				    ip6h->ip6_src.__u6_addr.__u6_addr32);
3080 		cm_info.ipv4 = false;
3081 		cm_info.tos = (ip6h->ip6_vfc << 4) | ip6h->ip6_flow;
3082 	}
3083 	cm_info.loc_port = ntohs(tcph->th_dport);
3084 	cm_info.rem_port = ntohs(tcph->th_sport);
3085 	cm_node = irdma_find_node(cm_core, cm_info.rem_port, cm_info.rem_addr,
3086 				  cm_info.loc_port, cm_info.loc_addr, cm_info.vlan_id);
3087 
3088 	if (!cm_node) {
3089 		/*
3090 		 * Only type of packet accepted are for the PASSIVE open (syn only)
3091 		 */
3092 		if (!(tcph->th_flags & TH_SYN) || tcph->th_flags & TH_ACK)
3093 			return;
3094 
3095 		listener = irdma_find_listener(cm_core,
3096 					       cm_info.loc_addr,
3097 					       cm_info.loc_port,
3098 					       cm_info.vlan_id,
3099 					       IRDMA_CM_LISTENER_ACTIVE_STATE);
3100 		if (!listener) {
3101 			cm_info.cm_id = NULL;
3102 			irdma_debug(iwdev_to_idev(cm_core->iwdev),
3103 				    IRDMA_DEBUG_CM, "no listener found\n");
3104 			return;
3105 		}
3106 
3107 		cm_info.cm_id = listener->cm_id;
3108 		cm_node = irdma_make_cm_node(cm_core, iwdev, &cm_info,
3109 					     listener);
3110 		if (!cm_node) {
3111 			irdma_debug(iwdev_to_idev(cm_core->iwdev),
3112 				    IRDMA_DEBUG_CM, "allocate node failed\n");
3113 			atomic_dec(&listener->refcnt);
3114 			return;
3115 		}
3116 
3117 		if (!(tcph->th_flags & (TH_RST | TH_FIN))) {
3118 			cm_node->state = IRDMA_CM_STATE_LISTENING;
3119 		} else {
3120 			irdma_rem_ref_cm_node(cm_node);
3121 			return;
3122 		}
3123 
3124 		atomic_inc(&cm_node->refcnt);
3125 	} else if (cm_node->state == IRDMA_CM_STATE_OFFLOADED) {
3126 		irdma_rem_ref_cm_node(cm_node);
3127 		return;
3128 	}
3129 
3130 	irdma_process_pkt(cm_node, rbuf);
3131 	irdma_rem_ref_cm_node(cm_node);
3132 }
3133 
3134 static int
3135 irdma_add_qh(struct irdma_cm_node *cm_node, bool active)
3136 {
3137 	if (!active)
3138 		irdma_add_conn_est_qh(cm_node);
3139 	return 0;
3140 }
3141 
3142 static void
3143 irdma_cm_free_ah_nop(struct irdma_cm_node *cm_node)
3144 {
3145 }
3146 
3147 /**
3148  * irdma_setup_cm_core - setup top level instance of a cm core
3149  * @iwdev: iwarp device structure
3150  * @rdma_ver: HW version
3151  */
3152 int
3153 irdma_setup_cm_core(struct irdma_device *iwdev, u8 rdma_ver)
3154 {
3155 	struct irdma_cm_core *cm_core = &iwdev->cm_core;
3156 
3157 	cm_core->iwdev = iwdev;
3158 	cm_core->dev = &iwdev->rf->sc_dev;
3159 
3160 	/* Handles CM event work items send to Iwarp core */
3161 	cm_core->event_wq = alloc_ordered_workqueue("iwarp-event-wq", 0);
3162 	if (!cm_core->event_wq)
3163 		return -ENOMEM;
3164 
3165 	INIT_LIST_HEAD(&cm_core->listen_list);
3166 
3167 	timer_setup(&cm_core->tcp_timer, irdma_cm_timer_tick, 0);
3168 
3169 	spin_lock_init(&cm_core->ht_lock);
3170 	spin_lock_init(&cm_core->listen_list_lock);
3171 	spin_lock_init(&cm_core->apbvt_lock);
3172 	switch (rdma_ver) {
3173 	case IRDMA_GEN_1:
3174 		cm_core->form_cm_frame = irdma_form_uda_cm_frame;
3175 		cm_core->cm_create_ah = irdma_add_qh;
3176 		cm_core->cm_free_ah = irdma_cm_free_ah_nop;
3177 		break;
3178 	case IRDMA_GEN_2:
3179 	default:
3180 		cm_core->form_cm_frame = irdma_form_ah_cm_frame;
3181 		cm_core->cm_create_ah = irdma_cm_create_ah;
3182 		cm_core->cm_free_ah = irdma_cm_free_ah;
3183 	}
3184 
3185 	return 0;
3186 }
3187 
3188 /**
3189  * irdma_cleanup_cm_core - deallocate a top level instance of a
3190  * cm core
3191  * @cm_core: cm's core
3192  */
3193 void
3194 irdma_cleanup_cm_core(struct irdma_cm_core *cm_core)
3195 {
3196 	unsigned long flags;
3197 
3198 	if (!cm_core)
3199 		return;
3200 
3201 	spin_lock_irqsave(&cm_core->ht_lock, flags);
3202 	if (timer_pending(&cm_core->tcp_timer))
3203 		del_timer_sync(&cm_core->tcp_timer);
3204 	spin_unlock_irqrestore(&cm_core->ht_lock, flags);
3205 
3206 	destroy_workqueue(cm_core->event_wq);
3207 	cm_core->dev->ws_reset(&cm_core->iwdev->vsi);
3208 }
3209 
3210 /**
3211  * irdma_init_tcp_ctx - setup qp context
3212  * @cm_node: connection's node
3213  * @tcp_info: offload info for tcp
3214  * @iwqp: associate qp for the connection
3215  */
3216 static void
3217 irdma_init_tcp_ctx(struct irdma_cm_node *cm_node,
3218 		   struct irdma_tcp_offload_info *tcp_info,
3219 		   struct irdma_qp *iwqp)
3220 {
3221 	tcp_info->ipv4 = cm_node->ipv4;
3222 	tcp_info->drop_ooo_seg = !iwqp->iwdev->iw_ooo;
3223 	tcp_info->wscale = true;
3224 	tcp_info->ignore_tcp_opt = true;
3225 	tcp_info->ignore_tcp_uns_opt = true;
3226 	tcp_info->no_nagle = false;
3227 
3228 	tcp_info->ttl = IRDMA_DEFAULT_TTL;
3229 	tcp_info->rtt_var = IRDMA_DEFAULT_RTT_VAR;
3230 	tcp_info->ss_thresh = IRDMA_DEFAULT_SS_THRESH;
3231 	tcp_info->rexmit_thresh = IRDMA_DEFAULT_REXMIT_THRESH;
3232 
3233 	tcp_info->tcp_state = IRDMA_TCP_STATE_ESTABLISHED;
3234 	tcp_info->snd_wscale = cm_node->tcp_cntxt.snd_wscale;
3235 	tcp_info->rcv_wscale = cm_node->tcp_cntxt.rcv_wscale;
3236 
3237 	tcp_info->snd_nxt = cm_node->tcp_cntxt.loc_seq_num;
3238 	tcp_info->snd_wnd = cm_node->tcp_cntxt.snd_wnd;
3239 	tcp_info->rcv_nxt = cm_node->tcp_cntxt.rcv_nxt;
3240 	tcp_info->snd_max = cm_node->tcp_cntxt.loc_seq_num;
3241 
3242 	tcp_info->snd_una = cm_node->tcp_cntxt.loc_seq_num;
3243 	tcp_info->cwnd = 2 * cm_node->tcp_cntxt.mss;
3244 	tcp_info->snd_wl1 = cm_node->tcp_cntxt.rcv_nxt;
3245 	tcp_info->snd_wl2 = cm_node->tcp_cntxt.loc_seq_num;
3246 	tcp_info->max_snd_window = cm_node->tcp_cntxt.max_snd_wnd;
3247 	tcp_info->rcv_wnd = cm_node->tcp_cntxt.rcv_wnd
3248 	    << cm_node->tcp_cntxt.rcv_wscale;
3249 
3250 	tcp_info->flow_label = 0;
3251 	tcp_info->snd_mss = (u32)cm_node->tcp_cntxt.mss;
3252 	tcp_info->tos = cm_node->tos;
3253 	if (cm_node->vlan_id < VLAN_N_VID) {
3254 		tcp_info->insert_vlan_tag = true;
3255 		tcp_info->vlan_tag = cm_node->vlan_id;
3256 		tcp_info->vlan_tag |= cm_node->user_pri << VLAN_PRIO_SHIFT;
3257 	}
3258 	tcp_info->src_port = cm_node->loc_port;
3259 	tcp_info->dst_port = cm_node->rem_port;
3260 	tcp_info->arp_idx = (u16)irdma_arp_table(iwqp->iwdev->rf,
3261 						  cm_node->rem_addr, NULL,
3262 						  IRDMA_ARP_RESOLVE);
3263 	if (cm_node->ipv4) {
3264 		tcp_info->dest_ip_addr[3] = cm_node->rem_addr[0];
3265 		tcp_info->local_ipaddr[3] = cm_node->loc_addr[0];
3266 	} else {
3267 		memcpy(tcp_info->dest_ip_addr, cm_node->rem_addr,
3268 		       sizeof(tcp_info->dest_ip_addr));
3269 		memcpy(tcp_info->local_ipaddr, cm_node->loc_addr,
3270 		       sizeof(tcp_info->local_ipaddr));
3271 	}
3272 }
3273 
3274 /**
3275  * irdma_cm_init_tsa_conn - setup qp for RTS
3276  * @iwqp: associate qp for the connection
3277  * @cm_node: connection's node
3278  */
3279 static void
3280 irdma_cm_init_tsa_conn(struct irdma_qp *iwqp,
3281 		       struct irdma_cm_node *cm_node)
3282 {
3283 	struct irdma_iwarp_offload_info *iwarp_info;
3284 	struct irdma_qp_host_ctx_info *ctx_info;
3285 
3286 	iwarp_info = &iwqp->iwarp_info;
3287 	ctx_info = &iwqp->ctx_info;
3288 
3289 	ctx_info->tcp_info = &iwqp->tcp_info;
3290 	ctx_info->send_cq_num = iwqp->iwscq->sc_cq.cq_uk.cq_id;
3291 	ctx_info->rcv_cq_num = iwqp->iwrcq->sc_cq.cq_uk.cq_id;
3292 
3293 	iwarp_info->ord_size = cm_node->ord_size;
3294 	iwarp_info->ird_size = cm_node->ird_size;
3295 	iwarp_info->rd_en = true;
3296 	iwarp_info->rdmap_ver = 1;
3297 	iwarp_info->ddp_ver = 1;
3298 	iwarp_info->pd_id = iwqp->iwpd->sc_pd.pd_id;
3299 
3300 	ctx_info->tcp_info_valid = true;
3301 	ctx_info->iwarp_info_valid = true;
3302 	ctx_info->user_pri = cm_node->user_pri;
3303 
3304 	irdma_init_tcp_ctx(cm_node, &iwqp->tcp_info, iwqp);
3305 	if (cm_node->snd_mark_en) {
3306 		iwarp_info->snd_mark_en = true;
3307 		iwarp_info->snd_mark_offset = (iwqp->tcp_info.snd_nxt & SNDMARKER_SEQNMASK) +
3308 		    cm_node->lsmm_size;
3309 	}
3310 
3311 	cm_node->state = IRDMA_CM_STATE_OFFLOADED;
3312 	iwqp->tcp_info.tcp_state = IRDMA_TCP_STATE_ESTABLISHED;
3313 	iwqp->tcp_info.src_mac_addr_idx = iwqp->iwdev->mac_ip_table_idx;
3314 
3315 	if (cm_node->rcv_mark_en) {
3316 		iwarp_info->rcv_mark_en = true;
3317 		iwarp_info->align_hdrs = true;
3318 	}
3319 
3320 	irdma_sc_qp_setctx(&iwqp->sc_qp, iwqp->host_ctx.va, ctx_info);
3321 
3322 	/* once tcp_info is set, no need to do it again */
3323 	ctx_info->tcp_info_valid = false;
3324 	ctx_info->iwarp_info_valid = false;
3325 }
3326 
3327 /**
3328  * irdma_cm_disconn - when a connection is being closed
3329  * @iwqp: associated qp for the connection
3330  */
3331 void
3332 irdma_cm_disconn(struct irdma_qp *iwqp)
3333 {
3334 	struct irdma_device *iwdev = iwqp->iwdev;
3335 	struct disconn_work *work;
3336 	unsigned long flags;
3337 
3338 	work = kzalloc(sizeof(*work), GFP_ATOMIC);
3339 	if (!work)
3340 		return;
3341 
3342 	spin_lock_irqsave(&iwdev->rf->qptable_lock, flags);
3343 	if (!iwdev->rf->qp_table[iwqp->ibqp.qp_num]) {
3344 		spin_unlock_irqrestore(&iwdev->rf->qptable_lock, flags);
3345 		irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3346 			    "qp_id %d is already freed\n", iwqp->ibqp.qp_num);
3347 		kfree(work);
3348 		return;
3349 	}
3350 	irdma_qp_add_ref(&iwqp->ibqp);
3351 	spin_unlock_irqrestore(&iwdev->rf->qptable_lock, flags);
3352 
3353 	work->iwqp = iwqp;
3354 	INIT_WORK(&work->work, irdma_disconnect_worker);
3355 	queue_work(iwdev->cleanup_wq, &work->work);
3356 }
3357 
3358 /**
3359  * irdma_qp_disconnect - free qp and close cm
3360  * @iwqp: associate qp for the connection
3361  */
3362 static void
3363 irdma_qp_disconnect(struct irdma_qp *iwqp)
3364 {
3365 	struct irdma_device *iwdev = iwqp->iwdev;
3366 
3367 	iwqp->active_conn = 0;
3368 	/* close the CM node down if it is still active */
3369 	irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3370 		    "Call close API\n");
3371 	irdma_cm_close(iwqp->cm_node);
3372 }
3373 
3374 /**
3375  * irdma_cm_disconn_true - called by worker thread to disconnect qp
3376  * @iwqp: associate qp for the connection
3377  */
3378 static void
3379 irdma_cm_disconn_true(struct irdma_qp *iwqp)
3380 {
3381 	struct iw_cm_id *cm_id;
3382 	struct irdma_device *iwdev;
3383 	struct irdma_sc_qp *qp = &iwqp->sc_qp;
3384 	u16 last_ae;
3385 	u8 original_hw_tcp_state;
3386 	u8 original_ibqp_state;
3387 	int disconn_status = 0;
3388 	int issue_disconn = 0;
3389 	int issue_close = 0;
3390 	int issue_flush = 0;
3391 	unsigned long flags;
3392 	int err;
3393 
3394 	iwdev = iwqp->iwdev;
3395 	spin_lock_irqsave(&iwqp->lock, flags);
3396 	if (rdma_protocol_roce(&iwdev->ibdev, 1)) {
3397 		struct ib_qp_attr attr;
3398 
3399 		if (iwqp->flush_issued || iwqp->sc_qp.qp_uk.destroy_pending) {
3400 			spin_unlock_irqrestore(&iwqp->lock, flags);
3401 			return;
3402 		}
3403 
3404 		spin_unlock_irqrestore(&iwqp->lock, flags);
3405 
3406 		attr.qp_state = IB_QPS_ERR;
3407 		irdma_modify_qp_roce(&iwqp->ibqp, &attr, IB_QP_STATE, NULL);
3408 		irdma_ib_qp_event(iwqp, qp->event_type);
3409 		return;
3410 	}
3411 
3412 	cm_id = iwqp->cm_id;
3413 	/* make sure we havent already closed this connection */
3414 	if (!cm_id) {
3415 		spin_unlock_irqrestore(&iwqp->lock, flags);
3416 		return;
3417 	}
3418 
3419 	original_hw_tcp_state = iwqp->hw_tcp_state;
3420 	original_ibqp_state = iwqp->ibqp_state;
3421 	last_ae = iwqp->last_aeq;
3422 
3423 	if (qp->term_flags) {
3424 		issue_disconn = 1;
3425 		issue_close = 1;
3426 		iwqp->cm_id = NULL;
3427 		irdma_terminate_del_timer(qp);
3428 		if (!iwqp->flush_issued) {
3429 			iwqp->flush_issued = 1;
3430 			issue_flush = 1;
3431 		}
3432 	} else if ((original_hw_tcp_state == IRDMA_TCP_STATE_CLOSE_WAIT) ||
3433 		   ((original_ibqp_state == IB_QPS_RTS) &&
3434 		    (last_ae == IRDMA_AE_LLP_CONNECTION_RESET))) {
3435 		issue_disconn = 1;
3436 		if (last_ae == IRDMA_AE_LLP_CONNECTION_RESET)
3437 			disconn_status = -ECONNRESET;
3438 	}
3439 
3440 	if ((original_hw_tcp_state == IRDMA_TCP_STATE_CLOSED ||
3441 	     original_hw_tcp_state == IRDMA_TCP_STATE_TIME_WAIT ||
3442 	     last_ae == IRDMA_AE_RDMAP_ROE_BAD_LLP_CLOSE ||
3443 	     last_ae == IRDMA_AE_BAD_CLOSE ||
3444 	     last_ae == IRDMA_AE_LLP_CONNECTION_RESET || iwdev->rf->reset)) {
3445 		issue_close = 1;
3446 		iwqp->cm_id = NULL;
3447 		qp->term_flags = 0;
3448 		if (!iwqp->flush_issued) {
3449 			iwqp->flush_issued = 1;
3450 			issue_flush = 1;
3451 		}
3452 	}
3453 
3454 	spin_unlock_irqrestore(&iwqp->lock, flags);
3455 	if (issue_flush && !iwqp->sc_qp.qp_uk.destroy_pending) {
3456 		if (!iwqp->user_mode)
3457 			queue_delayed_work(iwqp->iwdev->cleanup_wq,
3458 					   &iwqp->dwork_flush,
3459 					   msecs_to_jiffies(IRDMA_FLUSH_DELAY_MS));
3460 		irdma_flush_wqes(iwqp, IRDMA_FLUSH_SQ | IRDMA_FLUSH_RQ |
3461 				 IRDMA_FLUSH_WAIT);
3462 
3463 		if (qp->term_flags)
3464 			irdma_ib_qp_event(iwqp, qp->event_type);
3465 	}
3466 
3467 	if (!cm_id || !cm_id->event_handler)
3468 		return;
3469 
3470 	spin_lock_irqsave(&iwdev->cm_core.ht_lock, flags);
3471 	if (!iwqp->cm_node) {
3472 		spin_unlock_irqrestore(&iwdev->cm_core.ht_lock, flags);
3473 		return;
3474 	}
3475 	atomic_inc(&iwqp->cm_node->refcnt);
3476 
3477 	spin_unlock_irqrestore(&iwdev->cm_core.ht_lock, flags);
3478 
3479 	if (issue_disconn) {
3480 		err = irdma_send_cm_event(iwqp->cm_node, cm_id,
3481 					  IW_CM_EVENT_DISCONNECT,
3482 					  disconn_status);
3483 		if (err)
3484 			irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3485 				    "disconnect event failed: - cm_id = %p\n",
3486 				    cm_id);
3487 	}
3488 	if (issue_close) {
3489 		cm_id->provider_data = iwqp;
3490 		err = irdma_send_cm_event(iwqp->cm_node, cm_id,
3491 					  IW_CM_EVENT_CLOSE, 0);
3492 		if (err)
3493 			irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3494 				    "close event failed: - cm_id = %p\n",
3495 				    cm_id);
3496 		irdma_qp_disconnect(iwqp);
3497 	}
3498 	irdma_rem_ref_cm_node(iwqp->cm_node);
3499 }
3500 
3501 /**
3502  * irdma_disconnect_worker - worker for connection close
3503  * @work: points or disconn structure
3504  */
3505 static void
3506 irdma_disconnect_worker(struct work_struct *work)
3507 {
3508 	struct disconn_work *dwork = container_of(work, struct disconn_work, work);
3509 	struct irdma_qp *iwqp = dwork->iwqp;
3510 
3511 	kfree(dwork);
3512 	irdma_cm_disconn_true(iwqp);
3513 	irdma_qp_rem_ref(&iwqp->ibqp);
3514 }
3515 
3516 /**
3517  * irdma_free_lsmm_rsrc - free lsmm memory and deregister
3518  * @iwqp: associate qp for the connection
3519  */
3520 void
3521 irdma_free_lsmm_rsrc(struct irdma_qp *iwqp)
3522 {
3523 	struct irdma_device *iwdev;
3524 
3525 	iwdev = iwqp->iwdev;
3526 
3527 	if (iwqp->ietf_mem.va) {
3528 		if (iwqp->lsmm_mr)
3529 			kc_free_lsmm_dereg_mr(iwdev, iwqp);
3530 		irdma_free_dma_mem(iwdev->rf->sc_dev.hw,
3531 				   &iwqp->ietf_mem);
3532 		iwqp->ietf_mem.va = NULL;
3533 	}
3534 }
3535 
3536 /**
3537  * irdma_accept - registered call for connection to be accepted
3538  * @cm_id: cm information for passive connection
3539  * @conn_param: accpet parameters
3540  */
3541 int
3542 irdma_accept(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param)
3543 {
3544 	struct ib_qp *ibqp;
3545 	struct irdma_qp *iwqp;
3546 	struct irdma_device *iwdev;
3547 	struct irdma_sc_dev *dev;
3548 	struct irdma_cm_node *cm_node;
3549 	struct ib_qp_attr attr = {0};
3550 	int passive_state;
3551 	struct ib_mr *ibmr;
3552 	struct irdma_pd *iwpd;
3553 	u16 buf_len = 0;
3554 	struct irdma_kmem_info accept;
3555 	u64 tagged_offset;
3556 	int wait_ret;
3557 	int ret = 0;
3558 
3559 	ibqp = irdma_get_qp(cm_id->device, conn_param->qpn);
3560 	if (!ibqp)
3561 		return -EINVAL;
3562 
3563 	iwqp = to_iwqp(ibqp);
3564 	iwdev = iwqp->iwdev;
3565 	dev = &iwdev->rf->sc_dev;
3566 	cm_node = cm_id->provider_data;
3567 
3568 	if (((struct sockaddr_in *)&cm_id->local_addr)->sin_family == AF_INET) {
3569 		cm_node->ipv4 = true;
3570 		cm_node->vlan_id = irdma_get_vlan_ipv4(cm_node->loc_addr);
3571 	} else {
3572 		cm_node->ipv4 = false;
3573 		irdma_netdev_vlan_ipv6(cm_node->loc_addr, &cm_node->vlan_id,
3574 				       NULL);
3575 	}
3576 	irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3577 		    "Accept vlan_id=%d\n", cm_node->vlan_id);
3578 
3579 	if (cm_node->state == IRDMA_CM_STATE_LISTENER_DESTROYED) {
3580 		ret = -EINVAL;
3581 		goto error;
3582 	}
3583 
3584 	passive_state = atomic_add_return(1, &cm_node->passive_state);
3585 	if (passive_state == IRDMA_SEND_RESET_EVENT) {
3586 		ret = -ECONNRESET;
3587 		goto error;
3588 	}
3589 
3590 	buf_len = conn_param->private_data_len + IRDMA_MAX_IETF_SIZE;
3591 	iwqp->ietf_mem.size = buf_len;
3592 	iwqp->ietf_mem.va = irdma_allocate_dma_mem(dev->hw, &iwqp->ietf_mem,
3593 						   iwqp->ietf_mem.size, 1);
3594 	if (!iwqp->ietf_mem.va) {
3595 		ret = -ENOMEM;
3596 		goto error;
3597 	}
3598 
3599 	cm_node->pdata.size = conn_param->private_data_len;
3600 	accept.addr = iwqp->ietf_mem.va;
3601 	accept.size = irdma_cm_build_mpa_frame(cm_node, &accept, MPA_KEY_REPLY);
3602 	memcpy((u8 *)accept.addr + accept.size, conn_param->private_data,
3603 	       conn_param->private_data_len);
3604 
3605 	if (cm_node->dev->ws_add(iwqp->sc_qp.vsi, cm_node->user_pri)) {
3606 		ret = -ENOMEM;
3607 		goto error;
3608 	}
3609 	iwqp->sc_qp.user_pri = cm_node->user_pri;
3610 	irdma_qp_add_qos(&iwqp->sc_qp);
3611 	if (cm_node->dev->hw_attrs.uk_attrs.hw_rev == IRDMA_GEN_2)
3612 		iwdev->rf->check_fc(&iwdev->vsi, &iwqp->sc_qp);
3613 	/* setup our first outgoing iWarp send WQE (the IETF frame response) */
3614 	iwpd = iwqp->iwpd;
3615 	tagged_offset = (uintptr_t)iwqp->ietf_mem.va;
3616 	ibmr = irdma_reg_phys_mr(&iwpd->ibpd, iwqp->ietf_mem.pa, buf_len,
3617 				 IB_ACCESS_LOCAL_WRITE, &tagged_offset);
3618 	if (IS_ERR(ibmr)) {
3619 		ret = -ENOMEM;
3620 		goto error;
3621 	}
3622 
3623 	ibmr->pd = &iwpd->ibpd;
3624 	ibmr->device = iwpd->ibpd.device;
3625 	iwqp->lsmm_mr = ibmr;
3626 	if (iwqp->page)
3627 		iwqp->sc_qp.qp_uk.sq_base = kmap_local_page(iwqp->page);
3628 
3629 	cm_node->lsmm_size = accept.size + conn_param->private_data_len;
3630 	irdma_sc_send_lsmm(&iwqp->sc_qp, iwqp->ietf_mem.va, cm_node->lsmm_size,
3631 			   ibmr->lkey);
3632 
3633 	if (iwqp->page)
3634 		kunmap_local(iwqp->sc_qp.qp_uk.sq_base);
3635 
3636 	iwqp->cm_id = cm_id;
3637 	cm_node->cm_id = cm_id;
3638 
3639 	cm_id->provider_data = iwqp;
3640 	iwqp->active_conn = 0;
3641 	iwqp->cm_node = cm_node;
3642 	cm_node->iwqp = iwqp;
3643 	irdma_cm_init_tsa_conn(iwqp, cm_node);
3644 	irdma_qp_add_ref(&iwqp->ibqp);
3645 	cm_id->add_ref(cm_id);
3646 
3647 	attr.qp_state = IB_QPS_RTS;
3648 	cm_node->qhash_set = false;
3649 	cm_node->cm_core->cm_free_ah(cm_node);
3650 
3651 	irdma_modify_qp(&iwqp->ibqp, &attr, IB_QP_STATE, NULL);
3652 	if (dev->hw_attrs.uk_attrs.feature_flags & IRDMA_FEATURE_RTS_AE) {
3653 		wait_ret = wait_event_interruptible_timeout(iwqp->waitq,
3654 							    iwqp->rts_ae_rcvd,
3655 							    IRDMA_MAX_TIMEOUT);
3656 		if (!wait_ret) {
3657 			irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3658 				    "Slow Connection: cm_node=%p, loc_port=%d, rem_port=%d, cm_id=%p\n",
3659 				    cm_node, cm_node->loc_port,
3660 				    cm_node->rem_port, cm_node->cm_id);
3661 			ret = -ECONNRESET;
3662 			goto error;
3663 		}
3664 	}
3665 
3666 	irdma_send_cm_event(cm_node, cm_id, IW_CM_EVENT_ESTABLISHED, 0);
3667 	cm_node->accelerated = true;
3668 	complete(&cm_node->establish_comp);
3669 
3670 	if (cm_node->accept_pend) {
3671 		atomic_dec(&cm_node->listener->pend_accepts_cnt);
3672 		cm_node->accept_pend = 0;
3673 	}
3674 
3675 	irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3676 		    "rem_port=0x%04x, loc_port=0x%04x rem_addr=%pI4 loc_addr=%pI4 cm_node=%p cm_id=%p qp_id = %d\n\n",
3677 		    cm_node->rem_port, cm_node->loc_port, cm_node->rem_addr,
3678 		    cm_node->loc_addr, cm_node, cm_id, ibqp->qp_num);
3679 	cm_node->cm_core->stats_accepts++;
3680 
3681 	return 0;
3682 error:
3683 	irdma_free_lsmm_rsrc(iwqp);
3684 	irdma_rem_ref_cm_node(cm_node);
3685 
3686 	return ret;
3687 }
3688 
3689 /**
3690  * irdma_reject - registered call for connection to be rejected
3691  * @cm_id: cm information for passive connection
3692  * @pdata: private data to be sent
3693  * @pdata_len: private data length
3694  */
3695 int
3696 irdma_reject(struct iw_cm_id *cm_id, const void *pdata, u8 pdata_len)
3697 {
3698 	struct irdma_device *iwdev;
3699 	struct irdma_cm_node *cm_node;
3700 
3701 	cm_node = cm_id->provider_data;
3702 	cm_node->pdata.size = pdata_len;
3703 
3704 	iwdev = to_iwdev(cm_id->device);
3705 	if (!iwdev)
3706 		return -EINVAL;
3707 
3708 	cm_node->cm_core->stats_rejects++;
3709 
3710 	if (pdata_len + sizeof(struct ietf_mpa_v2) > IRDMA_MAX_CM_BUF)
3711 		return -EINVAL;
3712 
3713 	return irdma_cm_reject(cm_node, pdata, pdata_len);
3714 }
3715 
3716 /**
3717  * irdma_connect - registered call for connection to be established
3718  * @cm_id: cm information for passive connection
3719  * @conn_param: Information about the connection
3720  */
3721 int
3722 irdma_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param)
3723 {
3724 	struct ib_qp *ibqp;
3725 	struct irdma_qp *iwqp;
3726 	struct irdma_device *iwdev;
3727 	struct irdma_cm_node *cm_node;
3728 	struct irdma_cm_info cm_info;
3729 	struct sockaddr_in *laddr;
3730 	struct sockaddr_in *raddr;
3731 	struct sockaddr_in6 *laddr6;
3732 	struct sockaddr_in6 *raddr6;
3733 	int ret = 0;
3734 
3735 	ibqp = irdma_get_qp(cm_id->device, conn_param->qpn);
3736 	if (!ibqp)
3737 		return -EINVAL;
3738 	iwqp = to_iwqp(ibqp);
3739 	if (!iwqp)
3740 		return -EINVAL;
3741 	iwdev = iwqp->iwdev;
3742 	if (!iwdev)
3743 		return -EINVAL;
3744 
3745 	laddr = (struct sockaddr_in *)&cm_id->m_local_addr;
3746 	raddr = (struct sockaddr_in *)&cm_id->m_remote_addr;
3747 	laddr6 = (struct sockaddr_in6 *)&cm_id->m_local_addr;
3748 	raddr6 = (struct sockaddr_in6 *)&cm_id->m_remote_addr;
3749 
3750 	if (!(laddr->sin_port) || !(raddr->sin_port))
3751 		return -EINVAL;
3752 
3753 	iwqp->active_conn = 1;
3754 	iwqp->cm_id = NULL;
3755 	cm_id->provider_data = iwqp;
3756 
3757 	/* set up the connection params for the node */
3758 	if (cm_id->remote_addr.ss_family == AF_INET) {
3759 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV4)
3760 			return -EINVAL;
3761 
3762 		cm_info.ipv4 = true;
3763 		memset(cm_info.loc_addr, 0, sizeof(cm_info.loc_addr));
3764 		memset(cm_info.rem_addr, 0, sizeof(cm_info.rem_addr));
3765 		cm_info.loc_addr[0] = ntohl(laddr->sin_addr.s_addr);
3766 		cm_info.rem_addr[0] = ntohl(raddr->sin_addr.s_addr);
3767 		cm_info.loc_port = ntohs(laddr->sin_port);
3768 		cm_info.rem_port = ntohs(raddr->sin_port);
3769 		cm_info.vlan_id = irdma_get_vlan_ipv4(cm_info.loc_addr);
3770 	} else {
3771 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV6)
3772 			return -EINVAL;
3773 
3774 		cm_info.ipv4 = false;
3775 		irdma_copy_ip_ntohl(cm_info.loc_addr,
3776 				    laddr6->sin6_addr.__u6_addr.__u6_addr32);
3777 		irdma_copy_ip_ntohl(cm_info.rem_addr,
3778 				    raddr6->sin6_addr.__u6_addr.__u6_addr32);
3779 		cm_info.loc_port = ntohs(laddr6->sin6_port);
3780 		cm_info.rem_port = ntohs(raddr6->sin6_port);
3781 		irdma_netdev_vlan_ipv6(cm_info.loc_addr, &cm_info.vlan_id,
3782 				       NULL);
3783 	}
3784 	cm_info.cm_id = cm_id;
3785 	cm_info.qh_qpid = iwdev->vsi.ilq->qp_id;
3786 	cm_info.tos = cm_id->tos;
3787 	if (iwdev->vsi.dscp_mode)
3788 		cm_info.user_pri =
3789 		    iwqp->sc_qp.vsi->dscp_map[irdma_tos2dscp(cm_info.tos)];
3790 	else
3791 		cm_info.user_pri = rt_tos2priority(cm_id->tos);
3792 
3793 	if (iwqp->sc_qp.dev->ws_add(iwqp->sc_qp.vsi, cm_info.user_pri))
3794 		return -ENOMEM;
3795 	iwqp->sc_qp.user_pri = cm_info.user_pri;
3796 	irdma_qp_add_qos(&iwqp->sc_qp);
3797 	if (iwdev->rf->sc_dev.hw_attrs.uk_attrs.hw_rev == IRDMA_GEN_2)
3798 		iwdev->rf->check_fc(&iwdev->vsi, &iwqp->sc_qp);
3799 	irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_DCB,
3800 		    "TOS:[%d] UP:[%d]\n", cm_id->tos, cm_info.user_pri);
3801 
3802 	ret = irdma_create_cm_node(&iwdev->cm_core, iwdev, conn_param, &cm_info,
3803 				   &cm_node);
3804 	if (ret)
3805 		return ret;
3806 	ret = cm_node->cm_core->cm_create_ah(cm_node, true);
3807 	if (ret)
3808 		goto err;
3809 	if (irdma_manage_qhash(iwdev, &cm_info,
3810 			       IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
3811 			       IRDMA_QHASH_MANAGE_TYPE_ADD, NULL, true)) {
3812 		ret = -EINVAL;
3813 		goto err;
3814 	}
3815 	cm_node->qhash_set = true;
3816 
3817 	cm_node->apbvt_entry = irdma_add_apbvt(iwdev, cm_info.loc_port);
3818 	if (!cm_node->apbvt_entry) {
3819 		ret = -EINVAL;
3820 		goto err;
3821 	}
3822 
3823 	cm_node->apbvt_set = true;
3824 	iwqp->cm_node = cm_node;
3825 	cm_node->iwqp = iwqp;
3826 	iwqp->cm_id = cm_id;
3827 	irdma_qp_add_ref(&iwqp->ibqp);
3828 	cm_id->add_ref(cm_id);
3829 
3830 	if (cm_node->state != IRDMA_CM_STATE_OFFLOADED) {
3831 		cm_node->state = IRDMA_CM_STATE_SYN_SENT;
3832 		ret = irdma_send_syn(cm_node, 0);
3833 		if (ret)
3834 			goto err;
3835 	}
3836 
3837 	irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3838 		    "rem_port=0x%04x, loc_port=0x%04x rem_addr=%pI4 loc_addr=%pI4 cm_node=%p cm_id=%p qp_id = %d\n\n",
3839 		    cm_node->rem_port, cm_node->loc_port, cm_node->rem_addr,
3840 		    cm_node->loc_addr, cm_node, cm_id, ibqp->qp_num);
3841 
3842 	return 0;
3843 
3844 err:
3845 	if (cm_info.ipv4)
3846 		irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3847 			    "connect() FAILED: dest addr=%pI4",
3848 			    cm_info.rem_addr);
3849 	else
3850 		irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3851 			    "connect() FAILED: dest addr=%pI6",
3852 			    cm_info.rem_addr);
3853 	irdma_rem_ref_cm_node(cm_node);
3854 	iwdev->cm_core.stats_connect_errs++;
3855 
3856 	return ret;
3857 }
3858 
3859 /**
3860  * irdma_create_listen - registered call creating listener
3861  * @cm_id: cm information for passive connection
3862  * @backlog: to max accept pending count
3863  */
3864 int
3865 irdma_create_listen(struct iw_cm_id *cm_id, int backlog)
3866 {
3867 	struct irdma_device *iwdev;
3868 	struct irdma_cm_listener *cm_listen_node;
3869 	struct irdma_cm_info cm_info = {0};
3870 	struct sockaddr_in *laddr;
3871 	struct sockaddr_in6 *laddr6;
3872 	bool wildcard = false;
3873 	int err;
3874 
3875 	iwdev = to_iwdev(cm_id->device);
3876 	if (!iwdev)
3877 		return -EINVAL;
3878 
3879 	laddr = (struct sockaddr_in *)&cm_id->m_local_addr;
3880 	laddr6 = (struct sockaddr_in6 *)&cm_id->m_local_addr;
3881 	cm_info.qh_qpid = iwdev->vsi.ilq->qp_id;
3882 
3883 	if (laddr->sin_family == AF_INET) {
3884 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV4)
3885 			return -EINVAL;
3886 
3887 		cm_info.ipv4 = true;
3888 		cm_info.loc_addr[0] = ntohl(laddr->sin_addr.s_addr);
3889 		cm_info.loc_port = ntohs(laddr->sin_port);
3890 
3891 		if (laddr->sin_addr.s_addr != htonl(INADDR_ANY)) {
3892 			cm_info.vlan_id = irdma_get_vlan_ipv4(cm_info.loc_addr);
3893 		} else {
3894 			cm_info.vlan_id = 0xFFFF;
3895 			wildcard = true;
3896 		}
3897 	} else {
3898 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV6)
3899 			return -EINVAL;
3900 
3901 		cm_info.ipv4 = false;
3902 		irdma_copy_ip_ntohl(cm_info.loc_addr,
3903 				    laddr6->sin6_addr.__u6_addr.__u6_addr32);
3904 		cm_info.loc_port = ntohs(laddr6->sin6_port);
3905 		if (!IN6_IS_ADDR_UNSPECIFIED(&laddr6->sin6_addr)) {
3906 			irdma_netdev_vlan_ipv6(cm_info.loc_addr,
3907 					       &cm_info.vlan_id, NULL);
3908 		} else {
3909 			cm_info.vlan_id = 0xFFFF;
3910 			wildcard = true;
3911 		}
3912 	}
3913 
3914 	if (cm_info.vlan_id >= VLAN_N_VID && iwdev->dcb_vlan_mode)
3915 		cm_info.vlan_id = 0;
3916 	cm_info.backlog = backlog;
3917 	cm_info.cm_id = cm_id;
3918 
3919 	cm_listen_node = irdma_make_listen_node(&iwdev->cm_core, iwdev,
3920 						&cm_info);
3921 	if (!cm_listen_node) {
3922 		irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3923 			    "cm_listen_node == NULL\n");
3924 		return -ENOMEM;
3925 	}
3926 
3927 	cm_id->provider_data = cm_listen_node;
3928 
3929 	cm_listen_node->tos = cm_id->tos;
3930 	if (iwdev->vsi.dscp_mode)
3931 		cm_listen_node->user_pri =
3932 		    iwdev->vsi.dscp_map[irdma_tos2dscp(cm_id->tos)];
3933 	else
3934 		cm_listen_node->user_pri = rt_tos2priority(cm_id->tos);
3935 	cm_info.user_pri = cm_listen_node->user_pri;
3936 	if (!cm_listen_node->reused_node) {
3937 		if (wildcard) {
3938 			err = irdma_add_mqh(iwdev, &cm_info, cm_listen_node);
3939 			if (err)
3940 				goto error;
3941 		} else {
3942 			err = irdma_manage_qhash(iwdev, &cm_info,
3943 						 IRDMA_QHASH_TYPE_TCP_SYN,
3944 						 IRDMA_QHASH_MANAGE_TYPE_ADD,
3945 						 NULL, true);
3946 			if (err)
3947 				goto error;
3948 
3949 			cm_listen_node->qhash_set = true;
3950 		}
3951 
3952 		cm_listen_node->apbvt_entry = irdma_add_apbvt(iwdev,
3953 							      cm_info.loc_port);
3954 		if (!cm_listen_node->apbvt_entry)
3955 			goto error;
3956 	}
3957 	cm_id->add_ref(cm_id);
3958 	cm_listen_node->cm_core->stats_listen_created++;
3959 	irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3960 		    "loc_port=0x%04x loc_addr=%pI4 cm_listen_node=%p cm_id=%p qhash_set=%d vlan_id=%d\n",
3961 		    cm_listen_node->loc_port, cm_listen_node->loc_addr, cm_listen_node, cm_listen_node->cm_id,
3962 		    cm_listen_node->qhash_set, cm_listen_node->vlan_id);
3963 
3964 	return 0;
3965 
3966 error:
3967 
3968 	irdma_cm_del_listen(&iwdev->cm_core, cm_listen_node, false);
3969 
3970 	return -EINVAL;
3971 }
3972 
3973 /**
3974  * irdma_destroy_listen - registered call to destroy listener
3975  * @cm_id: cm information for passive connection
3976  */
3977 int
3978 irdma_destroy_listen(struct iw_cm_id *cm_id)
3979 {
3980 	struct irdma_device *iwdev;
3981 
3982 	iwdev = to_iwdev(cm_id->device);
3983 	if (cm_id->provider_data)
3984 		irdma_cm_del_listen(&iwdev->cm_core, cm_id->provider_data,
3985 				    true);
3986 	else
3987 		irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
3988 			    "cm_id->provider_data was NULL\n");
3989 
3990 	cm_id->rem_ref(cm_id);
3991 
3992 	return 0;
3993 }
3994 
3995 /**
3996  * irdma_teardown_list_prep - add conn nodes slated for tear down to list
3997  * @cm_core: cm's core
3998  * @teardown_list: a list to which cm_node will be selected
3999  * @ipaddr: pointer to ip address
4000  * @nfo: pointer to cm_info structure instance
4001  * @disconnect_all: flag indicating disconnect all QPs
4002  */
4003 static void
4004 irdma_teardown_list_prep(struct irdma_cm_core *cm_core,
4005 			 struct list_head *teardown_list,
4006 			 u32 *ipaddr,
4007 			 struct irdma_cm_info *nfo,
4008 			 bool disconnect_all)
4009 {
4010 	struct irdma_cm_node *cm_node;
4011 	int bkt;
4012 
4013 	HASH_FOR_EACH_RCU(cm_core->cm_hash_tbl, bkt, cm_node, list) {
4014 		if ((disconnect_all ||
4015 		     (nfo->vlan_id == cm_node->vlan_id &&
4016 		      !memcmp(cm_node->loc_addr, ipaddr, nfo->ipv4 ? 4 : 16))) &&
4017 		    atomic_inc_not_zero(&cm_node->refcnt))
4018 			list_add(&cm_node->teardown_entry, teardown_list);
4019 	}
4020 }
4021 
4022 /**
4023  * irdma_cm_event_connected - handle connected active node
4024  * @event: the info for cm_node of connection
4025  */
4026 static void
4027 irdma_cm_event_connected(struct irdma_cm_event *event)
4028 {
4029 	struct irdma_qp *iwqp;
4030 	struct irdma_device *iwdev;
4031 	struct irdma_cm_node *cm_node;
4032 	struct irdma_sc_dev *dev;
4033 	struct ib_qp_attr attr = {0};
4034 	struct iw_cm_id *cm_id;
4035 	int status;
4036 	bool read0;
4037 	int wait_ret = 0;
4038 
4039 	cm_node = event->cm_node;
4040 	cm_id = cm_node->cm_id;
4041 	iwqp = cm_id->provider_data;
4042 	iwdev = iwqp->iwdev;
4043 	dev = &iwdev->rf->sc_dev;
4044 	if (iwqp->sc_qp.qp_uk.destroy_pending) {
4045 		status = -ETIMEDOUT;
4046 		goto error;
4047 	}
4048 
4049 	irdma_cm_init_tsa_conn(iwqp, cm_node);
4050 	read0 = (cm_node->send_rdma0_op == SEND_RDMA_READ_ZERO);
4051 	if (iwqp->page)
4052 		iwqp->sc_qp.qp_uk.sq_base = kmap_local_page(iwqp->page);
4053 	irdma_sc_send_rtt(&iwqp->sc_qp, read0);
4054 	if (iwqp->page)
4055 		kunmap_local(iwqp->sc_qp.qp_uk.sq_base);
4056 
4057 	attr.qp_state = IB_QPS_RTS;
4058 	cm_node->qhash_set = false;
4059 	irdma_modify_qp(&iwqp->ibqp, &attr, IB_QP_STATE, NULL);
4060 	if (dev->hw_attrs.uk_attrs.feature_flags & IRDMA_FEATURE_RTS_AE) {
4061 		wait_ret = wait_event_interruptible_timeout(iwqp->waitq,
4062 							    iwqp->rts_ae_rcvd,
4063 							    IRDMA_MAX_TIMEOUT);
4064 		if (!wait_ret)
4065 			irdma_debug(iwdev_to_idev(iwdev), IRDMA_DEBUG_CM,
4066 				    "Slow Connection: cm_node=%p, loc_port=%d, rem_port=%d, cm_id=%p\n",
4067 				    cm_node, cm_node->loc_port,
4068 				    cm_node->rem_port, cm_node->cm_id);
4069 	}
4070 
4071 	irdma_send_cm_event(cm_node, cm_id, IW_CM_EVENT_CONNECT_REPLY, 0);
4072 	cm_node->accelerated = true;
4073 	complete(&cm_node->establish_comp);
4074 	cm_node->cm_core->cm_free_ah(cm_node);
4075 	return;
4076 
4077 error:
4078 	iwqp->cm_id = NULL;
4079 	cm_id->provider_data = NULL;
4080 	irdma_send_cm_event(event->cm_node, cm_id, IW_CM_EVENT_CONNECT_REPLY,
4081 			    status);
4082 	irdma_rem_ref_cm_node(event->cm_node);
4083 }
4084 
4085 /**
4086  * irdma_cm_event_reset - handle reset
4087  * @event: the info for cm_node of connection
4088  */
4089 static void
4090 irdma_cm_event_reset(struct irdma_cm_event *event)
4091 {
4092 	struct irdma_cm_node *cm_node = event->cm_node;
4093 	struct iw_cm_id *cm_id = cm_node->cm_id;
4094 	struct irdma_qp *iwqp;
4095 
4096 	if (!cm_id)
4097 		return;
4098 
4099 	iwqp = cm_id->provider_data;
4100 	if (!iwqp)
4101 		return;
4102 
4103 	irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
4104 		    "reset event %p - cm_id = %p\n", event->cm_node, cm_id);
4105 	iwqp->cm_id = NULL;
4106 
4107 	irdma_send_cm_event(cm_node, cm_node->cm_id, IW_CM_EVENT_DISCONNECT,
4108 			    -ECONNRESET);
4109 	irdma_send_cm_event(cm_node, cm_node->cm_id, IW_CM_EVENT_CLOSE, 0);
4110 }
4111 
4112 /**
4113  * irdma_cm_event_handler - send event to cm upper layer
4114  * @work: pointer of cm event info.
4115  */
4116 static void
4117 irdma_cm_event_handler(struct work_struct *work)
4118 {
4119 	struct irdma_cm_event *event = container_of(work, struct irdma_cm_event, event_work);
4120 	struct irdma_cm_node *cm_node;
4121 
4122 	if (!event || !event->cm_node || !event->cm_node->cm_core)
4123 		return;
4124 
4125 	cm_node = event->cm_node;
4126 
4127 	switch (event->type) {
4128 	case IRDMA_CM_EVENT_MPA_REQ:
4129 		irdma_send_cm_event(cm_node, cm_node->cm_id,
4130 				    IW_CM_EVENT_CONNECT_REQUEST, 0);
4131 		break;
4132 	case IRDMA_CM_EVENT_RESET:
4133 		irdma_cm_event_reset(event);
4134 		break;
4135 	case IRDMA_CM_EVENT_CONNECTED:
4136 		if (!event->cm_node->cm_id ||
4137 		    event->cm_node->state != IRDMA_CM_STATE_OFFLOADED)
4138 			break;
4139 		irdma_cm_event_connected(event);
4140 		break;
4141 	case IRDMA_CM_EVENT_MPA_REJECT:
4142 		if (!event->cm_node->cm_id ||
4143 		    cm_node->state == IRDMA_CM_STATE_OFFLOADED)
4144 			break;
4145 		irdma_send_cm_event(cm_node, cm_node->cm_id,
4146 				    IW_CM_EVENT_CONNECT_REPLY, -ECONNREFUSED);
4147 		break;
4148 	case IRDMA_CM_EVENT_ABORTED:
4149 		if (!event->cm_node->cm_id ||
4150 		    event->cm_node->state == IRDMA_CM_STATE_OFFLOADED)
4151 			break;
4152 		irdma_event_connect_error(event);
4153 		break;
4154 	default:
4155 		irdma_debug(iwdev_to_idev(cm_node->iwdev), IRDMA_DEBUG_CM,
4156 			    "bad event type = %d\n", event->type);
4157 		break;
4158 	}
4159 
4160 	irdma_rem_ref_cm_node(event->cm_node);
4161 	kfree(event);
4162 }
4163 
4164 /**
4165  * irdma_cm_post_event - queue event request for worker thread
4166  * @event: cm node's info for up event call
4167  */
4168 static void
4169 irdma_cm_post_event(struct irdma_cm_event *event)
4170 {
4171 	atomic_inc(&event->cm_node->refcnt);
4172 	INIT_WORK(&event->event_work, irdma_cm_event_handler);
4173 	queue_work(event->cm_node->cm_core->event_wq, &event->event_work);
4174 }
4175 
4176 /**
4177  * irdma_cm_teardown_connections - teardown QPs
4178  * @iwdev: device pointer
4179  * @ipaddr: Pointer to IPv4 or IPv6 address
4180  * @nfo: Connection info
4181  * @disconnect_all: flag indicating disconnect all QPs
4182  *
4183  * teardown QPs where source or destination addr matches ip addr
4184  */
4185 void
4186 irdma_cm_teardown_connections(struct irdma_device *iwdev, u32 *ipaddr,
4187 			      struct irdma_cm_info *nfo,
4188 			      bool disconnect_all)
4189 {
4190 	struct irdma_cm_core *cm_core = &iwdev->cm_core;
4191 	struct list_head *list_core_temp;
4192 	struct list_head *list_node;
4193 	struct irdma_cm_node *cm_node;
4194 	struct list_head teardown_list;
4195 	struct ib_qp_attr attr;
4196 	struct irdma_sc_vsi *vsi = &iwdev->vsi;
4197 	struct irdma_sc_qp *sc_qp;
4198 	struct irdma_qp *qp;
4199 	int i;
4200 
4201 	INIT_LIST_HEAD(&teardown_list);
4202 
4203 	rcu_read_lock();
4204 	irdma_teardown_list_prep(cm_core, &teardown_list, ipaddr, nfo, disconnect_all);
4205 	rcu_read_unlock();
4206 
4207 	list_for_each_safe(list_node, list_core_temp, &teardown_list) {
4208 		cm_node = container_of(list_node, struct irdma_cm_node,
4209 				       teardown_entry);
4210 		attr.qp_state = IB_QPS_ERR;
4211 		irdma_modify_qp(&cm_node->iwqp->ibqp, &attr, IB_QP_STATE, NULL);
4212 		if (iwdev->rf->reset)
4213 			irdma_cm_disconn(cm_node->iwqp);
4214 		irdma_rem_ref_cm_node(cm_node);
4215 	}
4216 	if (!iwdev->roce_mode)
4217 		return;
4218 
4219 	INIT_LIST_HEAD(&teardown_list);
4220 	for (i = 0; i < IRDMA_MAX_USER_PRIORITY; i++) {
4221 		mutex_lock(&vsi->qos[i].qos_mutex);
4222 		list_for_each_safe(list_node, list_core_temp,
4223 				   &vsi->qos[i].qplist) {
4224 			u32 qp_ip[4];
4225 
4226 			sc_qp = container_of(list_node, struct irdma_sc_qp,
4227 					     list);
4228 			if (sc_qp->qp_uk.qp_type != IRDMA_QP_TYPE_ROCE_RC)
4229 				continue;
4230 
4231 			qp = sc_qp->qp_uk.back_qp;
4232 			if (!disconnect_all) {
4233 				if (nfo->ipv4)
4234 					qp_ip[0] = qp->udp_info.local_ipaddr[3];
4235 				else
4236 					memcpy(qp_ip,
4237 					       &qp->udp_info.local_ipaddr[0],
4238 					       sizeof(qp_ip));
4239 			}
4240 
4241 			if (disconnect_all ||
4242 			    (nfo->vlan_id == (qp->udp_info.vlan_tag & EVL_VLID_MASK) &&
4243 			     !memcmp(qp_ip, ipaddr, nfo->ipv4 ? 4 : 16))) {
4244 				spin_lock(&iwdev->rf->qptable_lock);
4245 				if (iwdev->rf->qp_table[sc_qp->qp_uk.qp_id]) {
4246 					irdma_qp_add_ref(&qp->ibqp);
4247 					list_add(&qp->teardown_entry,
4248 						 &teardown_list);
4249 				}
4250 				spin_unlock(&iwdev->rf->qptable_lock);
4251 			}
4252 		}
4253 		mutex_unlock(&vsi->qos[i].qos_mutex);
4254 	}
4255 
4256 	list_for_each_safe(list_node, list_core_temp, &teardown_list) {
4257 		qp = container_of(list_node, struct irdma_qp, teardown_entry);
4258 		attr.qp_state = IB_QPS_ERR;
4259 		irdma_modify_qp_roce(&qp->ibqp, &attr, IB_QP_STATE, NULL);
4260 		irdma_qp_rem_ref(&qp->ibqp);
4261 	}
4262 }
4263