xref: /freebsd/sys/dev/irdma/irdma_cm.c (revision a91a246563dffa876a52f53a98de4af9fa364c52)
1 /*-
2  * SPDX-License-Identifier: GPL-2.0 or Linux-OpenIB
3  *
4  * Copyright (c) 2015 - 2023 Intel Corporation
5  *
6  * This software is available to you under a choice of one of two
7  * licenses.  You may choose to be licensed under the terms of the GNU
8  * General Public License (GPL) Version 2, available from the file
9  * COPYING in the main directory of this source tree, or the
10  * OpenFabrics.org BSD license below:
11  *
12  *   Redistribution and use in source and binary forms, with or
13  *   without modification, are permitted provided that the following
14  *   conditions are met:
15  *
16  *    - Redistributions of source code must retain the above
17  *	copyright notice, this list of conditions and the following
18  *	disclaimer.
19  *
20  *    - Redistributions in binary form must reproduce the above
21  *	copyright notice, this list of conditions and the following
22  *	disclaimer in the documentation and/or other materials
23  *	provided with the distribution.
24  *
25  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
26  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
27  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
28  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
29  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
30  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
31  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
32  * SOFTWARE.
33  */
34 
35 #include "irdma_main.h"
36 
37 static void irdma_cm_post_event(struct irdma_cm_event *event);
38 static void irdma_disconnect_worker(struct work_struct *work);
39 
40 /**
41  * irdma_free_sqbuf - put back puda buffer if refcount is 0
42  * @vsi: The VSI structure of the device
43  * @bufp: puda buffer to free
44  */
45 void
46 irdma_free_sqbuf(struct irdma_sc_vsi *vsi, void *bufp)
47 {
48 	struct irdma_puda_buf *buf = bufp;
49 	struct irdma_puda_rsrc *ilq = vsi->ilq;
50 
51 	if (atomic_dec_and_test(&buf->refcount))
52 		irdma_puda_ret_bufpool(ilq, buf);
53 }
54 
55 /**
56  * irdma_record_ird_ord - Record IRD/ORD passed in
57  * @cm_node: connection's node
58  * @conn_ird: connection IRD
59  * @conn_ord: connection ORD
60  */
61 static void
62 irdma_record_ird_ord(struct irdma_cm_node *cm_node, u32 conn_ird,
63 		     u32 conn_ord)
64 {
65 	if (conn_ird > cm_node->dev->hw_attrs.max_hw_ird)
66 		conn_ird = cm_node->dev->hw_attrs.max_hw_ird;
67 
68 	if (conn_ord > cm_node->dev->hw_attrs.max_hw_ord)
69 		conn_ord = cm_node->dev->hw_attrs.max_hw_ord;
70 	else if (!conn_ord && cm_node->send_rdma0_op == SEND_RDMA_READ_ZERO)
71 		conn_ord = 1;
72 	cm_node->ird_size = conn_ird;
73 	cm_node->ord_size = conn_ord;
74 }
75 
76 /**
77  * irdma_copy_ip_ntohl - copy IP address from  network to host
78  * @dst: IP address in host order
79  * @src: IP address in network order (big endian)
80  */
81 void
82 irdma_copy_ip_ntohl(u32 *dst, __be32 *src)
83 {
84 	*dst++ = ntohl(*src++);
85 	*dst++ = ntohl(*src++);
86 	*dst++ = ntohl(*src++);
87 	*dst = ntohl(*src);
88 }
89 
90 /**
91  * irdma_copy_ip_htonl - copy IP address from host to network order
92  * @dst: IP address in network order (big endian)
93  * @src: IP address in host order
94  */
95 void
96 irdma_copy_ip_htonl(__be32 *dst, u32 *src)
97 {
98 	*dst++ = htonl(*src++);
99 	*dst++ = htonl(*src++);
100 	*dst++ = htonl(*src++);
101 	*dst = htonl(*src);
102 }
103 
104 /**
105  * irdma_get_addr_info
106  * @cm_node: contains ip/tcp info
107  * @cm_info: to get a copy of the cm_node ip/tcp info
108  */
109 static void
110 irdma_get_addr_info(struct irdma_cm_node *cm_node,
111 		    struct irdma_cm_info *cm_info)
112 {
113 	memset(cm_info, 0, sizeof(*cm_info));
114 	cm_info->ipv4 = cm_node->ipv4;
115 	cm_info->vlan_id = cm_node->vlan_id;
116 	memcpy(cm_info->loc_addr, cm_node->loc_addr, sizeof(cm_info->loc_addr));
117 	memcpy(cm_info->rem_addr, cm_node->rem_addr, sizeof(cm_info->rem_addr));
118 	cm_info->loc_port = cm_node->loc_port;
119 	cm_info->rem_port = cm_node->rem_port;
120 }
121 
122 /**
123  * irdma_fill_sockaddr4 - fill in addr info for IPv4 connection
124  * @cm_node: connection's node
125  * @event: upper layer's cm event
126  */
127 static inline void
128 irdma_fill_sockaddr4(struct irdma_cm_node *cm_node,
129 		     struct iw_cm_event *event)
130 {
131 	struct sockaddr_in *laddr = (struct sockaddr_in *)&event->local_addr;
132 	struct sockaddr_in *raddr = (struct sockaddr_in *)&event->remote_addr;
133 
134 	laddr->sin_family = AF_INET;
135 	raddr->sin_family = AF_INET;
136 
137 	laddr->sin_port = htons(cm_node->loc_port);
138 	raddr->sin_port = htons(cm_node->rem_port);
139 
140 	laddr->sin_addr.s_addr = htonl(cm_node->loc_addr[0]);
141 	raddr->sin_addr.s_addr = htonl(cm_node->rem_addr[0]);
142 }
143 
144 /**
145  * irdma_fill_sockaddr6 - fill in addr info for IPv6 connection
146  * @cm_node: connection's node
147  * @event: upper layer's cm event
148  */
149 static inline void
150 irdma_fill_sockaddr6(struct irdma_cm_node *cm_node,
151 		     struct iw_cm_event *event)
152 {
153 	struct sockaddr_in6 *laddr6 = (struct sockaddr_in6 *)&event->local_addr;
154 	struct sockaddr_in6 *raddr6 = (struct sockaddr_in6 *)&event->remote_addr;
155 
156 	laddr6->sin6_family = AF_INET6;
157 	raddr6->sin6_family = AF_INET6;
158 
159 	laddr6->sin6_port = htons(cm_node->loc_port);
160 	raddr6->sin6_port = htons(cm_node->rem_port);
161 
162 	irdma_copy_ip_htonl(laddr6->sin6_addr.__u6_addr.__u6_addr32,
163 			    cm_node->loc_addr);
164 	irdma_copy_ip_htonl(raddr6->sin6_addr.__u6_addr.__u6_addr32,
165 			    cm_node->rem_addr);
166 }
167 
168 /**
169  * irdma_get_cmevent_info - for cm event upcall
170  * @cm_node: connection's node
171  * @cm_id: upper layers cm struct for the event
172  * @event: upper layer's cm event
173  */
174 static inline void
175 irdma_get_cmevent_info(struct irdma_cm_node *cm_node,
176 		       struct iw_cm_id *cm_id,
177 		       struct iw_cm_event *event)
178 {
179 	memcpy(&event->local_addr, &cm_id->m_local_addr,
180 	       sizeof(event->local_addr));
181 	memcpy(&event->remote_addr, &cm_id->m_remote_addr,
182 	       sizeof(event->remote_addr));
183 	if (cm_node) {
184 		event->private_data = cm_node->pdata_buf;
185 		event->private_data_len = (u8)cm_node->pdata.size;
186 		event->ird = cm_node->ird_size;
187 		event->ord = cm_node->ord_size;
188 	}
189 }
190 
191 /**
192  * irdma_send_cm_event - upcall cm's event handler
193  * @cm_node: connection's node
194  * @cm_id: upper layer's cm info struct
195  * @type: Event type to indicate
196  * @status: status for the event type
197  */
198 static int
199 irdma_send_cm_event(struct irdma_cm_node *cm_node,
200 		    struct iw_cm_id *cm_id,
201 		    enum iw_cm_event_type type, int status)
202 {
203 	struct iw_cm_event event = {0};
204 
205 	event.event = type;
206 	event.status = status;
207 
208 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
209 		    "cm_node %p cm_id=%p state=%d accel=%d event_type=%d status=%d\n",
210 		    cm_node, cm_id, cm_node->accelerated, cm_node->state, type,
211 		    status);
212 
213 	switch (type) {
214 	case IW_CM_EVENT_CONNECT_REQUEST:
215 		if (cm_node->ipv4)
216 			irdma_fill_sockaddr4(cm_node, &event);
217 		else
218 			irdma_fill_sockaddr6(cm_node, &event);
219 		event.provider_data = cm_node;
220 		event.private_data = cm_node->pdata_buf;
221 		event.private_data_len = (u8)cm_node->pdata.size;
222 		event.ird = cm_node->ird_size;
223 		break;
224 	case IW_CM_EVENT_CONNECT_REPLY:
225 		irdma_get_cmevent_info(cm_node, cm_id, &event);
226 		break;
227 	case IW_CM_EVENT_ESTABLISHED:
228 		event.ird = cm_node->ird_size;
229 		event.ord = cm_node->ord_size;
230 		break;
231 	case IW_CM_EVENT_DISCONNECT:
232 	case IW_CM_EVENT_CLOSE:
233 		/* Wait if we are in RTS but havent issued the iwcm event upcall */
234 		if (!cm_node->accelerated)
235 			wait_for_completion(&cm_node->establish_comp);
236 		break;
237 	default:
238 		return -EINVAL;
239 	}
240 
241 	return cm_id->event_handler(cm_id, &event);
242 }
243 
244 /**
245  * irdma_timer_list_prep - add connection nodes to a list to perform timer tasks
246  * @cm_core: cm's core
247  * @timer_list: a timer list to which cm_node will be selected
248  */
249 static void
250 irdma_timer_list_prep(struct irdma_cm_core *cm_core,
251 		      struct list_head *timer_list)
252 {
253 	struct irdma_cm_node *cm_node;
254 	int bkt;
255 
256 	HASH_FOR_EACH_RCU(cm_core->cm_hash_tbl, bkt, cm_node, list) {
257 		if ((cm_node->close_entry || cm_node->send_entry) &&
258 		    atomic_inc_not_zero(&cm_node->refcnt))
259 			list_add(&cm_node->timer_entry, timer_list);
260 	}
261 }
262 
263 /**
264  * irdma_create_event - create cm event
265  * @cm_node: connection's node
266  * @type: Event type to generate
267  */
268 static struct irdma_cm_event *
269 irdma_create_event(struct irdma_cm_node *cm_node,
270 		   enum irdma_cm_event_type type)
271 {
272 	struct irdma_cm_event *event;
273 
274 	if (!cm_node->cm_id)
275 		return NULL;
276 
277 	event = kzalloc(sizeof(*event), GFP_ATOMIC);
278 
279 	if (!event)
280 		return NULL;
281 
282 	event->type = type;
283 	event->cm_node = cm_node;
284 	memcpy(event->cm_info.rem_addr, cm_node->rem_addr,
285 	       sizeof(event->cm_info.rem_addr));
286 	memcpy(event->cm_info.loc_addr, cm_node->loc_addr,
287 	       sizeof(event->cm_info.loc_addr));
288 	event->cm_info.rem_port = cm_node->rem_port;
289 	event->cm_info.loc_port = cm_node->loc_port;
290 	event->cm_info.cm_id = cm_node->cm_id;
291 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
292 		    "node=%p event=%p type=%u dst=%x src=%x\n", cm_node, event,
293 		    type, event->cm_info.loc_addr[0],
294 		    event->cm_info.rem_addr[0]);
295 	irdma_cm_post_event(event);
296 
297 	return event;
298 }
299 
300 /**
301  * irdma_free_retrans_entry - free send entry
302  * @cm_node: connection's node
303  */
304 static void
305 irdma_free_retrans_entry(struct irdma_cm_node *cm_node)
306 {
307 	struct irdma_device *iwdev = cm_node->iwdev;
308 	struct irdma_timer_entry *send_entry;
309 
310 	send_entry = cm_node->send_entry;
311 	if (!send_entry)
312 		return;
313 
314 	cm_node->send_entry = NULL;
315 	irdma_free_sqbuf(&iwdev->vsi, send_entry->sqbuf);
316 	kfree(send_entry);
317 	atomic_dec(&cm_node->refcnt);
318 }
319 
320 /**
321  * irdma_cleanup_retrans_entry - free send entry with lock
322  * @cm_node: connection's node
323  */
324 static void
325 irdma_cleanup_retrans_entry(struct irdma_cm_node *cm_node)
326 {
327 	unsigned long flags;
328 
329 	spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
330 	irdma_free_retrans_entry(cm_node);
331 	spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
332 }
333 
334 /**
335  * irdma_form_ah_cm_frame - get a free packet and build frame with address handle
336  * @cm_node: connection's node ionfo to use in frame
337  * @options: pointer to options info
338  * @hdr: pointer mpa header
339  * @pdata: pointer to private data
340  * @flags:  indicates FIN or ACK
341  */
342 static struct irdma_puda_buf *
343 irdma_form_ah_cm_frame(struct irdma_cm_node *cm_node,
344 		       struct irdma_kmem_info *options,
345 		       struct irdma_kmem_info *hdr,
346 		       struct irdma_mpa_priv_info *pdata,
347 		       u8 flags)
348 {
349 	struct irdma_puda_buf *sqbuf;
350 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
351 	u8 *buf;
352 	struct tcphdr *tcph;
353 	u16 pktsize;
354 	u32 opts_len = 0;
355 	u32 pd_len = 0;
356 	u32 hdr_len = 0;
357 
358 	if (!cm_node->ah || !cm_node->ah->ah_info.ah_valid) {
359 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM, "AH invalid\n");
360 		return NULL;
361 	}
362 
363 	sqbuf = irdma_puda_get_bufpool(vsi->ilq);
364 	if (!sqbuf) {
365 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM, "SQ buf NULL\n");
366 		return NULL;
367 	}
368 
369 	sqbuf->ah_id = cm_node->ah->ah_info.ah_idx;
370 	buf = sqbuf->mem.va;
371 	if (options)
372 		opts_len = (u32)options->size;
373 
374 	if (hdr)
375 		hdr_len = hdr->size;
376 
377 	if (pdata)
378 		pd_len = pdata->size;
379 
380 	pktsize = sizeof(*tcph) + opts_len + hdr_len + pd_len;
381 
382 	memset(buf, 0, pktsize);
383 
384 	sqbuf->totallen = pktsize;
385 	sqbuf->tcphlen = sizeof(*tcph) + opts_len;
386 	sqbuf->scratch = cm_node;
387 
388 	tcph = (struct tcphdr *)buf;
389 	buf += sizeof(*tcph);
390 
391 	tcph->th_sport = htons(cm_node->loc_port);
392 	tcph->th_dport = htons(cm_node->rem_port);
393 	tcph->th_seq = htonl(cm_node->tcp_cntxt.loc_seq_num);
394 
395 	if (flags & SET_ACK) {
396 		cm_node->tcp_cntxt.loc_ack_num = cm_node->tcp_cntxt.rcv_nxt;
397 		tcph->th_ack = htonl(cm_node->tcp_cntxt.loc_ack_num);
398 		tcph->th_flags |= TH_ACK;
399 	} else {
400 		tcph->th_ack = 0;
401 	}
402 
403 	if (flags & SET_SYN) {
404 		cm_node->tcp_cntxt.loc_seq_num++;
405 		tcph->th_flags |= TH_SYN;
406 	} else {
407 		cm_node->tcp_cntxt.loc_seq_num += hdr_len + pd_len;
408 	}
409 
410 	if (flags & SET_FIN) {
411 		cm_node->tcp_cntxt.loc_seq_num++;
412 		tcph->th_flags |= TH_FIN;
413 	}
414 
415 	if (flags & SET_RST)
416 		tcph->th_flags |= TH_RST;
417 
418 	tcph->th_off = (u16)((sizeof(*tcph) + opts_len + 3) >> 2);
419 	sqbuf->tcphlen = tcph->th_off << 2;
420 	tcph->th_win = htons(cm_node->tcp_cntxt.rcv_wnd);
421 	tcph->th_urp = 0;
422 
423 	if (opts_len) {
424 		memcpy(buf, options->addr, opts_len);
425 		buf += opts_len;
426 	}
427 
428 	if (hdr_len) {
429 		memcpy(buf, hdr->addr, hdr_len);
430 		buf += hdr_len;
431 	}
432 
433 	if (pdata && pdata->addr)
434 		memcpy(buf, pdata->addr, pdata->size);
435 
436 	atomic_set(&sqbuf->refcount, 1);
437 
438 	irdma_debug_buf(vsi->dev, IRDMA_DEBUG_ILQ, "TRANSMIT ILQ BUFFER",
439 			sqbuf->mem.va, sqbuf->totallen);
440 
441 	return sqbuf;
442 }
443 
444 /**
445  * irdma_form_uda_cm_frame - get a free packet and build frame full tcpip packet
446  * @cm_node: connection's node ionfo to use in frame
447  * @options: pointer to options info
448  * @hdr: pointer mpa header
449  * @pdata: pointer to private data
450  * @flags:  indicates FIN or ACK
451  */
452 static struct irdma_puda_buf *
453 irdma_form_uda_cm_frame(struct irdma_cm_node *cm_node,
454 			struct irdma_kmem_info *options,
455 			struct irdma_kmem_info *hdr,
456 			struct irdma_mpa_priv_info *pdata,
457 			u8 flags)
458 {
459 	struct irdma_puda_buf *sqbuf;
460 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
461 	u8 *buf;
462 
463 	struct tcphdr *tcph;
464 	struct ip *iph;
465 	struct ip6_hdr *ip6h;
466 	struct ether_header *ethh;
467 	u16 pktsize;
468 	u16 eth_hlen = ETH_HLEN;
469 	u32 opts_len = 0;
470 	u32 pd_len = 0;
471 	u32 hdr_len = 0;
472 
473 	u16 vtag;
474 
475 	sqbuf = irdma_puda_get_bufpool(vsi->ilq);
476 	if (!sqbuf)
477 		return NULL;
478 
479 	buf = sqbuf->mem.va;
480 
481 	if (options)
482 		opts_len = (u32)options->size;
483 
484 	if (hdr)
485 		hdr_len = hdr->size;
486 
487 	if (pdata)
488 		pd_len = pdata->size;
489 
490 	if (cm_node->vlan_id < VLAN_N_VID)
491 		eth_hlen += 4;
492 
493 	if (cm_node->ipv4)
494 		pktsize = sizeof(*iph) + sizeof(*tcph);
495 	else
496 		pktsize = sizeof(*ip6h) + sizeof(*tcph);
497 	pktsize += opts_len + hdr_len + pd_len;
498 
499 	memset(buf, 0, eth_hlen + pktsize);
500 
501 	sqbuf->totallen = pktsize + eth_hlen;
502 	sqbuf->maclen = eth_hlen;
503 	sqbuf->tcphlen = sizeof(*tcph) + opts_len;
504 	sqbuf->scratch = cm_node;
505 
506 	ethh = (struct ether_header *)buf;
507 	buf += eth_hlen;
508 
509 	if (cm_node->do_lpb)
510 		sqbuf->do_lpb = true;
511 
512 	if (cm_node->ipv4) {
513 		sqbuf->ipv4 = true;
514 
515 		iph = (struct ip *)buf;
516 		buf += sizeof(*iph);
517 		tcph = (struct tcphdr *)buf;
518 		buf += sizeof(*tcph);
519 
520 		ether_addr_copy(ethh->ether_dhost, cm_node->rem_mac);
521 		ether_addr_copy(ethh->ether_shost, cm_node->loc_mac);
522 		if (cm_node->vlan_id < VLAN_N_VID) {
523 			((struct ether_vlan_header *)ethh)->evl_proto =
524 			    htons(ETH_P_8021Q);
525 			vtag = (cm_node->user_pri << VLAN_PRIO_SHIFT) |
526 			    cm_node->vlan_id;
527 			((struct ether_vlan_header *)ethh)->evl_tag = htons(vtag);
528 
529 			((struct ether_vlan_header *)ethh)->evl_encap_proto =
530 			    htons(ETH_P_IP);
531 		} else {
532 			ethh->ether_type = htons(ETH_P_IP);
533 		}
534 
535 		iph->ip_v = IPVERSION;
536 		iph->ip_hl = 5;	/* 5 * 4Byte words, IP headr len */
537 		iph->ip_tos = cm_node->tos;
538 		iph->ip_len = htons(pktsize);
539 		iph->ip_id = htons(++cm_node->tcp_cntxt.loc_id);
540 
541 		iph->ip_off = htons(0x4000);
542 		iph->ip_ttl = 0x40;
543 		iph->ip_p = IPPROTO_TCP;
544 		iph->ip_src.s_addr = htonl(cm_node->loc_addr[0]);
545 		iph->ip_dst.s_addr = htonl(cm_node->rem_addr[0]);
546 	} else {
547 		sqbuf->ipv4 = false;
548 		ip6h = (struct ip6_hdr *)buf;
549 		buf += sizeof(*ip6h);
550 		tcph = (struct tcphdr *)buf;
551 		buf += sizeof(*tcph);
552 
553 		ether_addr_copy(ethh->ether_dhost, cm_node->rem_mac);
554 		ether_addr_copy(ethh->ether_shost, cm_node->loc_mac);
555 		if (cm_node->vlan_id < VLAN_N_VID) {
556 			((struct ether_vlan_header *)ethh)->evl_proto =
557 			    htons(ETH_P_8021Q);
558 			vtag = (cm_node->user_pri << VLAN_PRIO_SHIFT) |
559 			    cm_node->vlan_id;
560 			((struct ether_vlan_header *)ethh)->evl_tag = htons(vtag);
561 			((struct ether_vlan_header *)ethh)->evl_encap_proto =
562 			    htons(ETH_P_IPV6);
563 		} else {
564 			ethh->ether_type = htons(ETH_P_IPV6);
565 		}
566 		ip6h->ip6_vfc = 6 << 4;
567 		ip6h->ip6_vfc |= cm_node->tos >> 4;
568 		ip6h->ip6_flow = cm_node->tos << 20;
569 		ip6h->ip6_plen = htons(pktsize - sizeof(*ip6h));
570 		ip6h->ip6_nxt = 6;
571 		ip6h->ip6_hops = 128;
572 		irdma_copy_ip_htonl(ip6h->ip6_src.__u6_addr.__u6_addr32,
573 				    cm_node->loc_addr);
574 		irdma_copy_ip_htonl(ip6h->ip6_dst.__u6_addr.__u6_addr32,
575 				    cm_node->rem_addr);
576 	}
577 
578 	tcph->th_sport = htons(cm_node->loc_port);
579 	tcph->th_dport = htons(cm_node->rem_port);
580 	tcph->th_seq = htonl(cm_node->tcp_cntxt.loc_seq_num);
581 
582 	if (flags & SET_ACK) {
583 		cm_node->tcp_cntxt.loc_ack_num = cm_node->tcp_cntxt.rcv_nxt;
584 		tcph->th_ack = htonl(cm_node->tcp_cntxt.loc_ack_num);
585 		tcph->th_flags |= TH_ACK;
586 	} else {
587 		tcph->th_ack = 0;
588 	}
589 
590 	if (flags & SET_SYN) {
591 		cm_node->tcp_cntxt.loc_seq_num++;
592 		tcph->th_flags |= TH_SYN;
593 	} else {
594 		cm_node->tcp_cntxt.loc_seq_num += hdr_len + pd_len;
595 	}
596 
597 	if (flags & SET_FIN) {
598 		cm_node->tcp_cntxt.loc_seq_num++;
599 		tcph->th_flags |= TH_FIN;
600 	}
601 
602 	if (flags & SET_RST)
603 		tcph->th_flags |= TH_RST;
604 
605 	tcph->th_off = (u16)((sizeof(*tcph) + opts_len + 3) >> 2);
606 	sqbuf->tcphlen = tcph->th_off << 2;
607 	tcph->th_win = htons(cm_node->tcp_cntxt.rcv_wnd);
608 	tcph->th_urp = 0;
609 
610 	if (opts_len) {
611 		memcpy(buf, options->addr, opts_len);
612 		buf += opts_len;
613 	}
614 
615 	if (hdr_len) {
616 		memcpy(buf, hdr->addr, hdr_len);
617 		buf += hdr_len;
618 	}
619 
620 	if (pdata && pdata->addr)
621 		memcpy(buf, pdata->addr, pdata->size);
622 
623 	atomic_set(&sqbuf->refcount, 1);
624 
625 	irdma_debug_buf(vsi->dev, IRDMA_DEBUG_ILQ, "TRANSMIT ILQ BUFFER",
626 			sqbuf->mem.va, sqbuf->totallen);
627 
628 	return sqbuf;
629 }
630 
631 /**
632  * irdma_send_reset - Send RST packet
633  * @cm_node: connection's node
634  */
635 int
636 irdma_send_reset(struct irdma_cm_node *cm_node)
637 {
638 	struct irdma_puda_buf *sqbuf;
639 	int flags = SET_RST | SET_ACK;
640 
641 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL, NULL, NULL,
642 						flags);
643 	if (!sqbuf)
644 		return -ENOMEM;
645 
646 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
647 		    "caller: %pS cm_node %p cm_id=%p accel=%d state=%d rem_port=0x%04x, loc_port=0x%04x rem_addr=%x loc_addr=%x\n",
648 		    __builtin_return_address(0), cm_node, cm_node->cm_id,
649 		    cm_node->accelerated, cm_node->state, cm_node->rem_port,
650 		    cm_node->loc_port, cm_node->rem_addr[0],
651 		    cm_node->loc_addr[0]);
652 
653 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 0,
654 				       1);
655 }
656 
657 /**
658  * irdma_active_open_err - send event for active side cm error
659  * @cm_node: connection's node
660  * @reset: Flag to send reset or not
661  */
662 static void
663 irdma_active_open_err(struct irdma_cm_node *cm_node, bool reset)
664 {
665 	irdma_cleanup_retrans_entry(cm_node);
666 	cm_node->cm_core->stats_connect_errs++;
667 	if (reset) {
668 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
669 			    "cm_node=%p state=%d\n", cm_node, cm_node->state);
670 		atomic_inc(&cm_node->refcnt);
671 		irdma_send_reset(cm_node);
672 	}
673 
674 	cm_node->state = IRDMA_CM_STATE_CLOSED;
675 	irdma_create_event(cm_node, IRDMA_CM_EVENT_ABORTED);
676 }
677 
678 /**
679  * irdma_passive_open_err - handle passive side cm error
680  * @cm_node: connection's node
681  * @reset: send reset or just free cm_node
682  */
683 static void
684 irdma_passive_open_err(struct irdma_cm_node *cm_node, bool reset)
685 {
686 	irdma_cleanup_retrans_entry(cm_node);
687 	cm_node->cm_core->stats_passive_errs++;
688 	cm_node->state = IRDMA_CM_STATE_CLOSED;
689 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
690 		    "cm_node=%p state=%d\n", cm_node, cm_node->state);
691 	if (reset)
692 		irdma_send_reset(cm_node);
693 	else
694 		irdma_rem_ref_cm_node(cm_node);
695 }
696 
697 /**
698  * irdma_event_connect_error - to create connect error event
699  * @event: cm information for connect event
700  */
701 static void
702 irdma_event_connect_error(struct irdma_cm_event *event)
703 {
704 	struct irdma_qp *iwqp;
705 	struct iw_cm_id *cm_id;
706 
707 	cm_id = event->cm_node->cm_id;
708 	if (!cm_id)
709 		return;
710 
711 	iwqp = cm_id->provider_data;
712 
713 	if (!iwqp || !iwqp->iwdev)
714 		return;
715 
716 	iwqp->cm_id = NULL;
717 	cm_id->provider_data = NULL;
718 	irdma_send_cm_event(event->cm_node, cm_id, IW_CM_EVENT_CONNECT_REPLY,
719 			    -ECONNRESET);
720 	irdma_rem_ref_cm_node(event->cm_node);
721 }
722 
723 /**
724  * irdma_process_options - process options from TCP header
725  * @cm_node: connection's node
726  * @optionsloc: point to start of options
727  * @optionsize: size of all options
728  * @syn_pkt: flag if syn packet
729  */
730 static int
731 irdma_process_options(struct irdma_cm_node *cm_node, u8 *optionsloc,
732 		      u32 optionsize, u32 syn_pkt)
733 {
734 	u32 tmp;
735 	u32 offset = 0;
736 	union all_known_options *all_options;
737 	char got_mss_option = 0;
738 
739 	while (offset < optionsize) {
740 		all_options = (union all_known_options *)(optionsloc + offset);
741 		switch (all_options->base.optionnum) {
742 		case OPTION_NUM_EOL:
743 			offset = optionsize;
744 			break;
745 		case OPTION_NUM_NONE:
746 			offset += 1;
747 			continue;
748 		case OPTION_NUM_MSS:
749 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
750 				    "MSS Length: %d Offset: %d Size: %d\n",
751 				    all_options->mss.len, offset, optionsize);
752 			got_mss_option = 1;
753 			if (all_options->mss.len != 4)
754 				return -EINVAL;
755 			tmp = ntohs(all_options->mss.mss);
756 			if ((cm_node->ipv4 &&
757 			     (tmp + IRDMA_MTU_TO_MSS_IPV4) < IRDMA_MIN_MTU_IPV4) ||
758 			    (!cm_node->ipv4 &&
759 			     (tmp + IRDMA_MTU_TO_MSS_IPV6) < IRDMA_MIN_MTU_IPV6))
760 				return -EINVAL;
761 			if (tmp < cm_node->tcp_cntxt.mss)
762 				cm_node->tcp_cntxt.mss = tmp;
763 			break;
764 		case OPTION_NUM_WINDOW_SCALE:
765 			cm_node->tcp_cntxt.snd_wscale =
766 			    all_options->windowscale.shiftcount;
767 			break;
768 		default:
769 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
770 				    "Unsupported TCP Option: %x\n",
771 				    all_options->base.optionnum);
772 			break;
773 		}
774 		offset += all_options->base.len;
775 	}
776 	if (!got_mss_option && syn_pkt)
777 		cm_node->tcp_cntxt.mss = IRDMA_CM_DEFAULT_MSS;
778 
779 	return 0;
780 }
781 
782 /**
783  * irdma_handle_tcp_options - setup TCP context info after parsing TCP options
784  * @cm_node: connection's node
785  * @tcph: pointer tcp header
786  * @optionsize: size of options rcvd
787  * @passive: active or passive flag
788  */
789 static int
790 irdma_handle_tcp_options(struct irdma_cm_node *cm_node,
791 			 struct tcphdr *tcph, int optionsize,
792 			 int passive)
793 {
794 	u8 *optionsloc = (u8 *)&tcph[1];
795 	int ret;
796 
797 	if (optionsize) {
798 		ret = irdma_process_options(cm_node, optionsloc, optionsize,
799 					    (u32)tcph->th_flags & TH_SYN);
800 		if (ret) {
801 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
802 				    "Node %p, Sending Reset\n", cm_node);
803 			if (passive)
804 				irdma_passive_open_err(cm_node, true);
805 			else
806 				irdma_active_open_err(cm_node, true);
807 			return ret;
808 		}
809 	}
810 
811 	cm_node->tcp_cntxt.snd_wnd = ntohs(tcph->th_win)
812 	    << cm_node->tcp_cntxt.snd_wscale;
813 
814 	if (cm_node->tcp_cntxt.snd_wnd > cm_node->tcp_cntxt.max_snd_wnd)
815 		cm_node->tcp_cntxt.max_snd_wnd = cm_node->tcp_cntxt.snd_wnd;
816 
817 	return 0;
818 }
819 
820 /**
821  * irdma_build_mpa_v1 - build a MPA V1 frame
822  * @cm_node: connection's node
823  * @start_addr: address where to build frame
824  * @mpa_key: to do read0 or write0
825  */
826 static void
827 irdma_build_mpa_v1(struct irdma_cm_node *cm_node, void *start_addr,
828 		   u8 mpa_key)
829 {
830 	struct ietf_mpa_v1 *mpa_frame = start_addr;
831 
832 	switch (mpa_key) {
833 	case MPA_KEY_REQUEST:
834 		memcpy(mpa_frame->key, IEFT_MPA_KEY_REQ, IETF_MPA_KEY_SIZE);
835 		break;
836 	case MPA_KEY_REPLY:
837 		memcpy(mpa_frame->key, IEFT_MPA_KEY_REP, IETF_MPA_KEY_SIZE);
838 		break;
839 	default:
840 		break;
841 	}
842 	mpa_frame->flags = IETF_MPA_FLAGS_CRC;
843 	mpa_frame->rev = cm_node->mpa_frame_rev;
844 	mpa_frame->priv_data_len = htons(cm_node->pdata.size);
845 }
846 
847 /**
848  * irdma_build_mpa_v2 - build a MPA V2 frame
849  * @cm_node: connection's node
850  * @start_addr: buffer start address
851  * @mpa_key: to do read0 or write0
852  */
853 static void
854 irdma_build_mpa_v2(struct irdma_cm_node *cm_node, void *start_addr,
855 		   u8 mpa_key)
856 {
857 	struct ietf_mpa_v2 *mpa_frame = start_addr;
858 	struct ietf_rtr_msg *rtr_msg = &mpa_frame->rtr_msg;
859 	u16 ctrl_ird, ctrl_ord;
860 
861 	/* initialize the upper 5 bytes of the frame */
862 	irdma_build_mpa_v1(cm_node, start_addr, mpa_key);
863 	mpa_frame->flags |= IETF_MPA_V2_FLAG;
864 	if (cm_node->iwdev->iw_ooo) {
865 		mpa_frame->flags |= IETF_MPA_FLAGS_MARKERS;
866 		cm_node->rcv_mark_en = true;
867 	}
868 	mpa_frame->priv_data_len = cpu_to_be16(be16_to_cpu(mpa_frame->priv_data_len) +
869 					       IETF_RTR_MSG_SIZE);
870 
871 	/* initialize RTR msg */
872 	if (cm_node->mpav2_ird_ord == IETF_NO_IRD_ORD) {
873 		ctrl_ird = IETF_NO_IRD_ORD;
874 		ctrl_ord = IETF_NO_IRD_ORD;
875 	} else {
876 		ctrl_ird = (cm_node->ird_size > IETF_NO_IRD_ORD) ?
877 		    IETF_NO_IRD_ORD :
878 		    cm_node->ird_size;
879 		ctrl_ord = (cm_node->ord_size > IETF_NO_IRD_ORD) ?
880 		    IETF_NO_IRD_ORD :
881 		    cm_node->ord_size;
882 	}
883 	ctrl_ird |= IETF_PEER_TO_PEER;
884 
885 	switch (mpa_key) {
886 	case MPA_KEY_REQUEST:
887 		ctrl_ord |= IETF_RDMA0_WRITE;
888 		ctrl_ord |= IETF_RDMA0_READ;
889 		break;
890 	case MPA_KEY_REPLY:
891 		switch (cm_node->send_rdma0_op) {
892 		case SEND_RDMA_WRITE_ZERO:
893 			ctrl_ord |= IETF_RDMA0_WRITE;
894 			break;
895 		case SEND_RDMA_READ_ZERO:
896 			ctrl_ord |= IETF_RDMA0_READ;
897 			break;
898 		}
899 		break;
900 	default:
901 		break;
902 	}
903 	rtr_msg->ctrl_ird = htons(ctrl_ird);
904 	rtr_msg->ctrl_ord = htons(ctrl_ord);
905 }
906 
907 /**
908  * irdma_cm_build_mpa_frame - build mpa frame for mpa version 1 or version 2
909  * @cm_node: connection's node
910  * @mpa: mpa: data buffer
911  * @mpa_key: to do read0 or write0
912  */
913 static int
914 irdma_cm_build_mpa_frame(struct irdma_cm_node *cm_node,
915 			 struct irdma_kmem_info *mpa, u8 mpa_key)
916 {
917 	int hdr_len = 0;
918 
919 	switch (cm_node->mpa_frame_rev) {
920 	case IETF_MPA_V1:
921 		hdr_len = sizeof(struct ietf_mpa_v1);
922 		irdma_build_mpa_v1(cm_node, mpa->addr, mpa_key);
923 		break;
924 	case IETF_MPA_V2:
925 		hdr_len = sizeof(struct ietf_mpa_v2);
926 		irdma_build_mpa_v2(cm_node, mpa->addr, mpa_key);
927 		break;
928 	default:
929 		break;
930 	}
931 
932 	return hdr_len;
933 }
934 
935 /**
936  * irdma_send_mpa_request - active node send mpa request to passive node
937  * @cm_node: connection's node
938  */
939 static int
940 irdma_send_mpa_request(struct irdma_cm_node *cm_node)
941 {
942 	struct irdma_puda_buf *sqbuf;
943 
944 	cm_node->mpa_hdr.addr = &cm_node->mpa_v2_frame;
945 	cm_node->mpa_hdr.size = irdma_cm_build_mpa_frame(cm_node,
946 							 &cm_node->mpa_hdr,
947 							 MPA_KEY_REQUEST);
948 	if (!cm_node->mpa_hdr.size) {
949 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
950 			    "mpa size = %d\n", cm_node->mpa_hdr.size);
951 		return -EINVAL;
952 	}
953 
954 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL,
955 						&cm_node->mpa_hdr,
956 						&cm_node->pdata, SET_ACK);
957 	if (!sqbuf)
958 		return -ENOMEM;
959 
960 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
961 				       0);
962 }
963 
964 /**
965  * irdma_send_mpa_reject -
966  * @cm_node: connection's node
967  * @pdata: reject data for connection
968  * @plen: length of reject data
969  */
970 static int
971 irdma_send_mpa_reject(struct irdma_cm_node *cm_node,
972 		      const void *pdata, u8 plen)
973 {
974 	struct irdma_puda_buf *sqbuf;
975 	struct irdma_mpa_priv_info priv_info;
976 
977 	cm_node->mpa_hdr.addr = &cm_node->mpa_v2_frame;
978 	cm_node->mpa_hdr.size = irdma_cm_build_mpa_frame(cm_node,
979 							 &cm_node->mpa_hdr,
980 							 MPA_KEY_REPLY);
981 
982 	cm_node->mpa_v2_frame.flags |= IETF_MPA_FLAGS_REJECT;
983 	priv_info.addr = pdata;
984 	priv_info.size = plen;
985 
986 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL,
987 						&cm_node->mpa_hdr, &priv_info,
988 						SET_ACK | SET_FIN);
989 	if (!sqbuf)
990 		return -ENOMEM;
991 
992 	cm_node->state = IRDMA_CM_STATE_FIN_WAIT1;
993 
994 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
995 				       0);
996 }
997 
998 /**
999  * irdma_negotiate_mpa_v2_ird_ord - negotiate MPAv2 IRD/ORD
1000  * @cm_node: connection's node
1001  * @buf: Data pointer
1002  */
1003 static int
1004 irdma_negotiate_mpa_v2_ird_ord(struct irdma_cm_node *cm_node,
1005 			       u8 *buf)
1006 {
1007 	struct ietf_mpa_v2 *mpa_v2_frame;
1008 	struct ietf_rtr_msg *rtr_msg;
1009 	u16 ird_size;
1010 	u16 ord_size;
1011 	u16 ctrl_ord;
1012 	u16 ctrl_ird;
1013 
1014 	mpa_v2_frame = (struct ietf_mpa_v2 *)buf;
1015 	rtr_msg = &mpa_v2_frame->rtr_msg;
1016 
1017 	/* parse rtr message */
1018 	ctrl_ord = ntohs(rtr_msg->ctrl_ord);
1019 	ctrl_ird = ntohs(rtr_msg->ctrl_ird);
1020 	ird_size = ctrl_ird & IETF_NO_IRD_ORD;
1021 	ord_size = ctrl_ord & IETF_NO_IRD_ORD;
1022 
1023 	if (!(ctrl_ird & IETF_PEER_TO_PEER))
1024 		return -EOPNOTSUPP;
1025 
1026 	if (ird_size == IETF_NO_IRD_ORD || ord_size == IETF_NO_IRD_ORD) {
1027 		cm_node->mpav2_ird_ord = IETF_NO_IRD_ORD;
1028 		goto negotiate_done;
1029 	}
1030 
1031 	if (cm_node->state != IRDMA_CM_STATE_MPAREQ_SENT) {
1032 		/* responder */
1033 		if (!ord_size && (ctrl_ord & IETF_RDMA0_READ))
1034 			cm_node->ird_size = 1;
1035 		if (cm_node->ord_size > ird_size)
1036 			cm_node->ord_size = ird_size;
1037 	} else {
1038 		/* initiator */
1039 		if (!ird_size && (ctrl_ord & IETF_RDMA0_READ))
1040 			/* Remote peer doesn't support RDMA0_READ */
1041 			return -EOPNOTSUPP;
1042 
1043 		if (cm_node->ord_size > ird_size)
1044 			cm_node->ord_size = ird_size;
1045 
1046 		if (cm_node->ird_size < ord_size)
1047 			/* no resources available */
1048 			return -EINVAL;
1049 	}
1050 
1051 negotiate_done:
1052 	if (ctrl_ord & IETF_RDMA0_READ)
1053 		cm_node->send_rdma0_op = SEND_RDMA_READ_ZERO;
1054 	else if (ctrl_ord & IETF_RDMA0_WRITE)
1055 		cm_node->send_rdma0_op = SEND_RDMA_WRITE_ZERO;
1056 	else
1057 		/* Not supported RDMA0 operation */
1058 		return -EOPNOTSUPP;
1059 
1060 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1061 		    "MPAV2 Negotiated ORD: %d, IRD: %d\n", cm_node->ord_size,
1062 		    cm_node->ird_size);
1063 	return 0;
1064 }
1065 
1066 /**
1067  * irdma_parse_mpa - process an IETF MPA frame
1068  * @cm_node: connection's node
1069  * @buf: Data pointer
1070  * @type: to return accept or reject
1071  * @len: Len of mpa buffer
1072  */
1073 static int
1074 irdma_parse_mpa(struct irdma_cm_node *cm_node, u8 *buf, u32 *type,
1075 		u32 len)
1076 {
1077 	struct ietf_mpa_v1 *mpa_frame;
1078 	int mpa_hdr_len, priv_data_len, ret;
1079 
1080 	*type = IRDMA_MPA_REQUEST_ACCEPT;
1081 
1082 	if (len < sizeof(*mpa_frame)) {
1083 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1084 			    "ietf buffer small (%x)\n", len);
1085 		return -EINVAL;
1086 	}
1087 
1088 	mpa_frame = (struct ietf_mpa_v1 *)buf;
1089 	mpa_hdr_len = sizeof(*mpa_frame);
1090 	priv_data_len = ntohs(mpa_frame->priv_data_len);
1091 
1092 	if (priv_data_len > IETF_MAX_PRIV_DATA_LEN) {
1093 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1094 			    "private_data too big %d\n", priv_data_len);
1095 		return -EOVERFLOW;
1096 	}
1097 
1098 	if (mpa_frame->rev != IETF_MPA_V1 && mpa_frame->rev != IETF_MPA_V2) {
1099 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1100 			    "unsupported mpa rev = %d\n", mpa_frame->rev);
1101 		return -EINVAL;
1102 	}
1103 
1104 	if (mpa_frame->rev > cm_node->mpa_frame_rev) {
1105 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1106 			    "rev %d\n", mpa_frame->rev);
1107 		return -EINVAL;
1108 	}
1109 
1110 	cm_node->mpa_frame_rev = mpa_frame->rev;
1111 	if (cm_node->state != IRDMA_CM_STATE_MPAREQ_SENT) {
1112 		if (memcmp(mpa_frame->key, IEFT_MPA_KEY_REQ,
1113 			   IETF_MPA_KEY_SIZE)) {
1114 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1115 				    "Unexpected MPA Key received\n");
1116 			return -EINVAL;
1117 		}
1118 	} else {
1119 		if (memcmp(mpa_frame->key, IEFT_MPA_KEY_REP,
1120 			   IETF_MPA_KEY_SIZE)) {
1121 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1122 				    "Unexpected MPA Key received\n");
1123 			return -EINVAL;
1124 		}
1125 	}
1126 
1127 	if (priv_data_len + mpa_hdr_len > len) {
1128 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1129 			    "ietf buffer len(%x + %x != %x)\n", priv_data_len,
1130 			    mpa_hdr_len, len);
1131 		return -EOVERFLOW;
1132 	}
1133 
1134 	if (len > IRDMA_MAX_CM_BUF) {
1135 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1136 			    "ietf buffer large len = %d\n", len);
1137 		return -EOVERFLOW;
1138 	}
1139 
1140 	switch (mpa_frame->rev) {
1141 	case IETF_MPA_V2:
1142 		mpa_hdr_len += IETF_RTR_MSG_SIZE;
1143 		ret = irdma_negotiate_mpa_v2_ird_ord(cm_node, buf);
1144 		if (ret)
1145 			return ret;
1146 		break;
1147 	case IETF_MPA_V1:
1148 	default:
1149 		break;
1150 	}
1151 
1152 	memcpy(cm_node->pdata_buf, buf + mpa_hdr_len, priv_data_len);
1153 	cm_node->pdata.size = priv_data_len;
1154 
1155 	if (mpa_frame->flags & IETF_MPA_FLAGS_REJECT)
1156 		*type = IRDMA_MPA_REQUEST_REJECT;
1157 
1158 	if (mpa_frame->flags & IETF_MPA_FLAGS_MARKERS)
1159 		cm_node->snd_mark_en = true;
1160 
1161 	return 0;
1162 }
1163 
1164 /**
1165  * irdma_schedule_cm_timer
1166  * @cm_node: connection's node
1167  * @sqbuf: buffer to send
1168  * @type: if it is send or close
1169  * @send_retrans: if rexmits to be done
1170  * @close_when_complete: is cm_node to be removed
1171  *
1172  * note - cm_node needs to be protected before calling this. Encase in:
1173  *		irdma_rem_ref_cm_node(cm_core, cm_node);
1174  *		irdma_schedule_cm_timer(...)
1175  *		atomic_inc(&cm_node->refcnt);
1176  */
1177 int
1178 irdma_schedule_cm_timer(struct irdma_cm_node *cm_node,
1179 			struct irdma_puda_buf *sqbuf,
1180 			enum irdma_timer_type type, int send_retrans,
1181 			int close_when_complete)
1182 {
1183 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
1184 	struct irdma_cm_core *cm_core = cm_node->cm_core;
1185 	struct irdma_timer_entry *new_send;
1186 	u32 was_timer_set;
1187 	unsigned long flags;
1188 
1189 	new_send = kzalloc(sizeof(*new_send), GFP_ATOMIC);
1190 	if (!new_send) {
1191 		if (type != IRDMA_TIMER_TYPE_CLOSE)
1192 			irdma_free_sqbuf(vsi, sqbuf);
1193 		return -ENOMEM;
1194 	}
1195 
1196 	new_send->retrycount = IRDMA_DEFAULT_RETRYS;
1197 	new_send->retranscount = IRDMA_DEFAULT_RETRANS;
1198 	new_send->sqbuf = sqbuf;
1199 	new_send->timetosend = jiffies;
1200 	new_send->type = type;
1201 	new_send->send_retrans = send_retrans;
1202 	new_send->close_when_complete = close_when_complete;
1203 
1204 	if (type == IRDMA_TIMER_TYPE_CLOSE) {
1205 		new_send->timetosend += (HZ / 10);
1206 		if (cm_node->close_entry) {
1207 			kfree(new_send);
1208 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1209 				    "already close entry\n");
1210 			return -EINVAL;
1211 		}
1212 
1213 		cm_node->close_entry = new_send;
1214 	} else {		/* type == IRDMA_TIMER_TYPE_SEND */
1215 		spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1216 		cm_node->send_entry = new_send;
1217 		atomic_inc(&cm_node->refcnt);
1218 		spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
1219 		new_send->timetosend = jiffies + IRDMA_RETRY_TIMEOUT;
1220 
1221 		atomic_inc(&sqbuf->refcount);
1222 		irdma_puda_send_buf(vsi->ilq, sqbuf);
1223 		if (!send_retrans) {
1224 			irdma_cleanup_retrans_entry(cm_node);
1225 			if (close_when_complete)
1226 				irdma_rem_ref_cm_node(cm_node);
1227 			return 0;
1228 		}
1229 	}
1230 
1231 	spin_lock_irqsave(&cm_core->ht_lock, flags);
1232 	was_timer_set = timer_pending(&cm_core->tcp_timer);
1233 
1234 	if (!was_timer_set) {
1235 		cm_core->tcp_timer.expires = new_send->timetosend;
1236 		add_timer(&cm_core->tcp_timer);
1237 	}
1238 	spin_unlock_irqrestore(&cm_core->ht_lock, flags);
1239 
1240 	return 0;
1241 }
1242 
1243 /**
1244  * irdma_retrans_expired - Could not rexmit the packet
1245  * @cm_node: connection's node
1246  */
1247 static void
1248 irdma_retrans_expired(struct irdma_cm_node *cm_node)
1249 {
1250 	enum irdma_cm_node_state state = cm_node->state;
1251 
1252 	cm_node->state = IRDMA_CM_STATE_CLOSED;
1253 	switch (state) {
1254 	case IRDMA_CM_STATE_SYN_RCVD:
1255 	case IRDMA_CM_STATE_CLOSING:
1256 		irdma_rem_ref_cm_node(cm_node);
1257 		break;
1258 	case IRDMA_CM_STATE_FIN_WAIT1:
1259 	case IRDMA_CM_STATE_LAST_ACK:
1260 		irdma_send_reset(cm_node);
1261 		break;
1262 	default:
1263 		atomic_inc(&cm_node->refcnt);
1264 		irdma_send_reset(cm_node);
1265 		irdma_create_event(cm_node, IRDMA_CM_EVENT_ABORTED);
1266 		break;
1267 	}
1268 }
1269 
1270 /**
1271  * irdma_handle_close_entry - for handling retry/timeouts
1272  * @cm_node: connection's node
1273  * @rem_node: flag for remove cm_node
1274  */
1275 static void
1276 irdma_handle_close_entry(struct irdma_cm_node *cm_node,
1277 			 u32 rem_node)
1278 {
1279 	struct irdma_timer_entry *close_entry = cm_node->close_entry;
1280 	struct irdma_qp *iwqp;
1281 	unsigned long flags;
1282 
1283 	if (!close_entry)
1284 		return;
1285 	iwqp = (struct irdma_qp *)close_entry->sqbuf;
1286 	if (iwqp) {
1287 		spin_lock_irqsave(&iwqp->lock, flags);
1288 		if (iwqp->cm_id) {
1289 			iwqp->hw_tcp_state = IRDMA_TCP_STATE_CLOSED;
1290 			iwqp->hw_iwarp_state = IRDMA_QP_STATE_ERROR;
1291 			iwqp->last_aeq = IRDMA_AE_RESET_SENT;
1292 			iwqp->ibqp_state = IB_QPS_ERR;
1293 			spin_unlock_irqrestore(&iwqp->lock, flags);
1294 			irdma_cm_disconn(iwqp);
1295 		} else {
1296 			spin_unlock_irqrestore(&iwqp->lock, flags);
1297 		}
1298 	} else if (rem_node) {
1299 		/* TIME_WAIT state */
1300 		irdma_rem_ref_cm_node(cm_node);
1301 	}
1302 
1303 	kfree(close_entry);
1304 	cm_node->close_entry = NULL;
1305 }
1306 
1307 /**
1308  * irdma_cm_timer_tick - system's timer expired callback
1309  * @t: Pointer to timer_list
1310  */
1311 static void
1312 irdma_cm_timer_tick(struct timer_list *t)
1313 {
1314 	unsigned long nexttimeout = jiffies + IRDMA_LONG_TIME;
1315 	struct irdma_cm_node *cm_node;
1316 	struct irdma_timer_entry *send_entry, *close_entry;
1317 	struct list_head *list_core_temp;
1318 	struct list_head *list_node;
1319 	struct irdma_cm_core *cm_core = from_timer(cm_core, t, tcp_timer);
1320 	struct irdma_sc_vsi *vsi;
1321 	u32 settimer = 0;
1322 	unsigned long timetosend;
1323 	unsigned long flags;
1324 	struct list_head timer_list;
1325 
1326 	INIT_LIST_HEAD(&timer_list);
1327 
1328 	rcu_read_lock();
1329 	irdma_timer_list_prep(cm_core, &timer_list);
1330 	rcu_read_unlock();
1331 
1332 	list_for_each_safe(list_node, list_core_temp, &timer_list) {
1333 		cm_node = container_of(list_node, struct irdma_cm_node,
1334 				       timer_entry);
1335 		close_entry = cm_node->close_entry;
1336 
1337 		if (close_entry) {
1338 			if (time_after(close_entry->timetosend, jiffies)) {
1339 				if (nexttimeout > close_entry->timetosend ||
1340 				    !settimer) {
1341 					nexttimeout = close_entry->timetosend;
1342 					settimer = 1;
1343 				}
1344 			} else {
1345 				irdma_handle_close_entry(cm_node, 1);
1346 			}
1347 		}
1348 
1349 		spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1350 
1351 		send_entry = cm_node->send_entry;
1352 		if (!send_entry)
1353 			goto done;
1354 		if (time_after(send_entry->timetosend, jiffies)) {
1355 			if (cm_node->state != IRDMA_CM_STATE_OFFLOADED) {
1356 				if (nexttimeout > send_entry->timetosend ||
1357 				    !settimer) {
1358 					nexttimeout = send_entry->timetosend;
1359 					settimer = 1;
1360 				}
1361 			} else {
1362 				irdma_free_retrans_entry(cm_node);
1363 			}
1364 			goto done;
1365 		}
1366 
1367 		if (cm_node->state == IRDMA_CM_STATE_OFFLOADED ||
1368 		    cm_node->state == IRDMA_CM_STATE_CLOSED) {
1369 			irdma_free_retrans_entry(cm_node);
1370 			goto done;
1371 		}
1372 
1373 		if (!send_entry->retranscount || !send_entry->retrycount) {
1374 			irdma_free_retrans_entry(cm_node);
1375 
1376 			spin_unlock_irqrestore(&cm_node->retrans_list_lock,
1377 					       flags);
1378 			irdma_retrans_expired(cm_node);
1379 			cm_node->state = IRDMA_CM_STATE_CLOSED;
1380 			spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1381 			goto done;
1382 		}
1383 		spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
1384 
1385 		vsi = &cm_node->iwdev->vsi;
1386 		if (!cm_node->ack_rcvd) {
1387 			atomic_inc(&send_entry->sqbuf->refcount);
1388 			irdma_puda_send_buf(vsi->ilq, send_entry->sqbuf);
1389 			cm_node->cm_core->stats_pkt_retrans++;
1390 		}
1391 
1392 		spin_lock_irqsave(&cm_node->retrans_list_lock, flags);
1393 		if (send_entry->send_retrans) {
1394 			send_entry->retranscount--;
1395 			timetosend = (IRDMA_RETRY_TIMEOUT <<
1396 				      (IRDMA_DEFAULT_RETRANS -
1397 				       send_entry->retranscount));
1398 
1399 			send_entry->timetosend = jiffies +
1400 			    min(timetosend, IRDMA_MAX_TIMEOUT);
1401 			if (nexttimeout > send_entry->timetosend || !settimer) {
1402 				nexttimeout = send_entry->timetosend;
1403 				settimer = 1;
1404 			}
1405 		} else {
1406 			int close_when_complete;
1407 
1408 			close_when_complete = send_entry->close_when_complete;
1409 			irdma_free_retrans_entry(cm_node);
1410 			if (close_when_complete)
1411 				irdma_rem_ref_cm_node(cm_node);
1412 		}
1413 done:
1414 		spin_unlock_irqrestore(&cm_node->retrans_list_lock, flags);
1415 		irdma_rem_ref_cm_node(cm_node);
1416 	}
1417 
1418 	if (settimer) {
1419 		spin_lock_irqsave(&cm_core->ht_lock, flags);
1420 		if (!timer_pending(&cm_core->tcp_timer)) {
1421 			cm_core->tcp_timer.expires = nexttimeout;
1422 			add_timer(&cm_core->tcp_timer);
1423 		}
1424 		spin_unlock_irqrestore(&cm_core->ht_lock, flags);
1425 	}
1426 }
1427 
1428 /**
1429  * irdma_send_syn - send SYN packet
1430  * @cm_node: connection's node
1431  * @sendack: flag to set ACK bit or not
1432  */
1433 int
1434 irdma_send_syn(struct irdma_cm_node *cm_node, u32 sendack)
1435 {
1436 	struct irdma_puda_buf *sqbuf;
1437 	int flags = SET_SYN;
1438 	char optionsbuf[sizeof(struct option_mss) +
1439 			sizeof(struct option_windowscale) +
1440 			sizeof(struct option_base) + TCP_OPTIONS_PADDING];
1441 	struct irdma_kmem_info opts;
1442 	int optionssize = 0;
1443 
1444 	/* Sending MSS option */
1445 	union all_known_options *options;
1446 
1447 	opts.addr = optionsbuf;
1448 	if (!cm_node)
1449 		return -EINVAL;
1450 
1451 	options = (union all_known_options *)&optionsbuf[optionssize];
1452 	options->mss.optionnum = OPTION_NUM_MSS;
1453 	options->mss.len = sizeof(struct option_mss);
1454 	options->mss.mss = htons(cm_node->tcp_cntxt.mss);
1455 	optionssize += sizeof(struct option_mss);
1456 
1457 	options = (union all_known_options *)&optionsbuf[optionssize];
1458 	options->windowscale.optionnum = OPTION_NUM_WINDOW_SCALE;
1459 	options->windowscale.len = sizeof(struct option_windowscale);
1460 	options->windowscale.shiftcount = cm_node->tcp_cntxt.rcv_wscale;
1461 	optionssize += sizeof(struct option_windowscale);
1462 	options = (union all_known_options *)&optionsbuf[optionssize];
1463 	options->eol = OPTION_NUM_EOL;
1464 	optionssize += 1;
1465 
1466 	if (sendack)
1467 		flags |= SET_ACK;
1468 
1469 	opts.size = optionssize;
1470 
1471 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, &opts, NULL, NULL,
1472 						flags);
1473 	if (!sqbuf)
1474 		return -ENOMEM;
1475 
1476 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
1477 				       0);
1478 }
1479 
1480 /**
1481  * irdma_send_ack - Send ACK packet
1482  * @cm_node: connection's node
1483  */
1484 void
1485 irdma_send_ack(struct irdma_cm_node *cm_node)
1486 {
1487 	struct irdma_puda_buf *sqbuf;
1488 	struct irdma_sc_vsi *vsi = &cm_node->iwdev->vsi;
1489 
1490 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL, NULL, NULL,
1491 						SET_ACK);
1492 	if (sqbuf)
1493 		irdma_puda_send_buf(vsi->ilq, sqbuf);
1494 }
1495 
1496 /**
1497  * irdma_send_fin - Send FIN pkt
1498  * @cm_node: connection's node
1499  */
1500 static int
1501 irdma_send_fin(struct irdma_cm_node *cm_node)
1502 {
1503 	struct irdma_puda_buf *sqbuf;
1504 
1505 	sqbuf = cm_node->cm_core->form_cm_frame(cm_node, NULL, NULL, NULL,
1506 						SET_ACK | SET_FIN);
1507 	if (!sqbuf)
1508 		return -ENOMEM;
1509 
1510 	return irdma_schedule_cm_timer(cm_node, sqbuf, IRDMA_TIMER_TYPE_SEND, 1,
1511 				       0);
1512 }
1513 
1514 /**
1515  * irdma_find_listener - find a cm node listening on this addr-port pair
1516  * @cm_core: cm's core
1517  * @dst_addr: listener ip addr
1518  * @ipv4: flag indicating IPv4 when true
1519  * @dst_port: listener tcp port num
1520  * @vlan_id: virtual LAN ID
1521  * @listener_state: state to match with listen node's
1522  */
1523 static struct irdma_cm_listener *
1524 irdma_find_listener(struct irdma_cm_core *cm_core, u32 *dst_addr, bool ipv4, u16 dst_port,
1525 		    u16 vlan_id, enum irdma_cm_listener_state listener_state)
1526 {
1527 	struct irdma_cm_listener *listen_node;
1528 	static const u32 ip_zero[4] = {0, 0, 0, 0};
1529 	u32 listen_addr[4];
1530 	u16 listen_port;
1531 	unsigned long flags;
1532 
1533 	/* walk list and find cm_node associated with this session ID */
1534 	spin_lock_irqsave(&cm_core->listen_list_lock, flags);
1535 	list_for_each_entry(listen_node, &cm_core->listen_list, list) {
1536 		memcpy(listen_addr, listen_node->loc_addr, sizeof(listen_addr));
1537 		listen_port = listen_node->loc_port;
1538 		if (listen_node->ipv4 != ipv4 || listen_port != dst_port ||
1539 		    !(listener_state & listen_node->listener_state))
1540 			continue;
1541 		/* compare node pair, return node handle if a match */
1542 		if (!memcmp(listen_addr, ip_zero, sizeof(listen_addr)) ||
1543 		    (!memcmp(listen_addr, dst_addr, sizeof(listen_addr)) &&
1544 		     vlan_id == listen_node->vlan_id)) {
1545 			atomic_inc(&listen_node->refcnt);
1546 			spin_unlock_irqrestore(&cm_core->listen_list_lock,
1547 					       flags);
1548 			return listen_node;
1549 		}
1550 	}
1551 	spin_unlock_irqrestore(&cm_core->listen_list_lock, flags);
1552 
1553 	return NULL;
1554 }
1555 
1556 /**
1557  * irdma_del_multiple_qhash - Remove qhash and child listens
1558  * @iwdev: iWarp device
1559  * @cm_info: CM info for parent listen node
1560  * @cm_parent_listen_node: The parent listen node
1561  */
1562 static int
1563 irdma_del_multiple_qhash(struct irdma_device *iwdev,
1564 			 struct irdma_cm_info *cm_info,
1565 			 struct irdma_cm_listener *cm_parent_listen_node)
1566 {
1567 	struct irdma_cm_listener *child_listen_node;
1568 	struct list_head *pos, *tpos;
1569 	unsigned long flags;
1570 	int ret = -EINVAL;
1571 
1572 	spin_lock_irqsave(&iwdev->cm_core.listen_list_lock, flags);
1573 	list_for_each_safe(pos, tpos,
1574 			   &cm_parent_listen_node->child_listen_list) {
1575 		child_listen_node = list_entry(pos, struct irdma_cm_listener,
1576 					       child_listen_list);
1577 		if (child_listen_node->ipv4)
1578 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1579 				    "removing child listen for IP=%x, port=%d, vlan=%d\n",
1580 				    child_listen_node->loc_addr[0],
1581 				    child_listen_node->loc_port,
1582 				    child_listen_node->vlan_id);
1583 		else
1584 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1585 				    "removing child listen for IP=%x:%x:%x:%x, port=%d, vlan=%d\n",
1586 				    IRDMA_PRINT_IP6(child_listen_node->loc_addr),
1587 				    child_listen_node->loc_port,
1588 				    child_listen_node->vlan_id);
1589 		list_del(pos);
1590 		memcpy(cm_info->loc_addr, child_listen_node->loc_addr,
1591 		       sizeof(cm_info->loc_addr));
1592 		cm_info->vlan_id = child_listen_node->vlan_id;
1593 		if (child_listen_node->qhash_set) {
1594 			ret = irdma_manage_qhash(iwdev, cm_info,
1595 						 IRDMA_QHASH_TYPE_TCP_SYN,
1596 						 IRDMA_QHASH_MANAGE_TYPE_DELETE,
1597 						 NULL, false);
1598 			child_listen_node->qhash_set = false;
1599 		} else {
1600 			ret = 0;
1601 		}
1602 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1603 			    "Child listen node freed = %p\n",
1604 			    child_listen_node);
1605 		kfree(child_listen_node);
1606 		cm_parent_listen_node->cm_core->stats_listen_nodes_destroyed++;
1607 	}
1608 	spin_unlock_irqrestore(&iwdev->cm_core.listen_list_lock, flags);
1609 
1610 	return ret;
1611 }
1612 
1613 static u8 irdma_iw_get_vlan_prio(u32 *loc_addr, u8 prio, bool ipv4)
1614 {
1615 	return prio;
1616 }
1617 
1618 /**
1619  * irdma_get_vlan_mac_ipv6 - Get the vlan and mac for an IPv6
1620  * address
1621  * @addr: local IPv6 address
1622  * @vlan_id: vlan id for the given IPv6 address
1623  * @mac: mac address for the given IPv6 address
1624  *
1625  * Returns the net_device of the IPv6 address and also sets the
1626  * vlan id and mac for that address.
1627  */
1628 void
1629 irdma_get_vlan_mac_ipv6(struct iw_cm_id *cm_id, u32 *addr, u16 *vlan_id, u8 *mac)
1630 {
1631 	if_t ip_dev = NULL;
1632 	struct in6_addr laddr6;
1633 	struct vnet *vnet = &init_net;
1634 	struct ifaddr *ifa;
1635 	u16 scope_id = 0;
1636 
1637 	irdma_copy_ip_htonl(laddr6.__u6_addr.__u6_addr32, addr);
1638 	if (vlan_id)
1639 		*vlan_id = 0xFFFF;	/* Match rdma_vlan_dev_vlan_id() */
1640 	if (mac)
1641 		eth_zero_addr(mac);
1642 
1643 	if (IN6_IS_SCOPE_LINKLOCAL(&laddr6) ||
1644 	    IN6_IS_ADDR_MC_INTFACELOCAL(&laddr6))
1645 		scope_id = ntohs(laddr6.__u6_addr.__u6_addr16[1]);
1646 
1647 #ifdef VIMAGE
1648 	vnet = irdma_cmid_to_vnet(cm_id);
1649 #endif
1650 	ip_dev = ip6_ifp_find(vnet, laddr6, scope_id);
1651 	if (ip_dev) {
1652 		if (vlan_id)
1653 			*vlan_id = rdma_vlan_dev_vlan_id(ip_dev);
1654 		ifa = if_getifaddr(ip_dev);
1655 		if (ifa && ifa->ifa_addr && mac)
1656 			ether_addr_copy(mac, if_getlladdr(ip_dev));
1657 	}
1658 }
1659 
1660 /**
1661  * irdma_get_vlan_ipv4 - Returns the vlan_id for IPv4 address
1662  * @addr: local IPv4 address
1663  */
1664 u16
1665 irdma_get_vlan_ipv4(struct iw_cm_id *cm_id, u32 *addr)
1666 {
1667 	if_t netdev;
1668 	struct vnet *vnet = &init_net;
1669 	u16 vlan_id = 0xFFFF;
1670 
1671 #ifdef VIMAGE
1672 	vnet = irdma_cmid_to_vnet(cm_id);
1673 #endif
1674 	netdev = ip_ifp_find(vnet, htonl(addr[0]));
1675 	if (netdev) {
1676 		vlan_id = rdma_vlan_dev_vlan_id(netdev);
1677 		dev_put(netdev);
1678 	}
1679 
1680 	return vlan_id;
1681 }
1682 
1683 static int
1684 irdma_manage_qhash_wait(struct irdma_pci_f *rf, struct irdma_cm_info *cm_info)
1685 {
1686 	struct irdma_cqp_request *cqp_request = cm_info->cqp_request;
1687 	int cnt = rf->sc_dev.hw_attrs.max_cqp_compl_wait_time_ms * CQP_TIMEOUT_THRESHOLD;
1688 	u32 ret_val;
1689 
1690 	if (!cqp_request)
1691 		return -ENOMEM;
1692 	do {
1693 		irdma_cqp_ce_handler(rf, &rf->ccq.sc_cq);
1694 		mdelay(1);
1695 	} while (!READ_ONCE(cqp_request->request_done) && --cnt);
1696 
1697 	ret_val = cqp_request->compl_info.op_ret_val;
1698 	irdma_put_cqp_request(&rf->cqp, cqp_request);
1699 	if (cnt) {
1700 		if (!ret_val)
1701 			return 0;
1702 		return -EINVAL;
1703 	}
1704 
1705 	return -ETIMEDOUT;
1706 }
1707 
1708 /**
1709  * irdma_add_mqh_ifa_cb - Adds multiple qhashes for IPv4/IPv6
1710  * @arg: Calback argument structure from irdma_add_mqh
1711  * @ifa: Current address to compute against
1712  * @count: Current cumulative output of all callbacks in this iteration
1713  *
1714  * Adds a qhash and a child listen node for a single IPv4/IPv6 address
1715  * on the adapter and adds the associated qhash filter
1716  */
1717 static u_int
1718 irdma_add_mqh_ifa_cb(void *arg, struct ifaddr *ifa, u_int count)
1719 {
1720 	struct irdma_add_mqh_cbs *cbs = arg;
1721 	struct irdma_cm_listener *child_listen_node;
1722 	struct irdma_cm_info *cm_info = cbs->cm_info;
1723 	struct irdma_device *iwdev = cbs->iwdev;
1724 	struct irdma_cm_listener *cm_parent_listen_node = cbs->cm_listen_node;
1725 	if_t ip_dev = ifa->ifa_ifp;
1726 	unsigned long flags;
1727 	int ret;
1728 
1729 	if (count)
1730 		return 0;
1731 
1732 	child_listen_node = kzalloc(sizeof(*child_listen_node), GFP_ATOMIC);
1733 	if (!child_listen_node) {
1734 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1735 			    "listener memory allocation\n");
1736 		return -ENOMEM;
1737 	}
1738 
1739 	memcpy(child_listen_node, cm_parent_listen_node,
1740 	       sizeof(*child_listen_node));
1741 	cm_info->vlan_id = rdma_vlan_dev_vlan_id(ip_dev);
1742 	child_listen_node->vlan_id = cm_info->vlan_id;
1743 	if (cm_info->ipv4) {
1744 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1745 			    "Allocating child CM Listener forIP=%x, vlan_id=%d, MAC=%x:%x:%x:%x:%x:%x\n",
1746 			    ((struct sockaddr_in *)&ifa->ifa_addr)->sin_addr.s_addr,
1747 			    rdma_vlan_dev_vlan_id(ip_dev),
1748 			    if_getlladdr(ip_dev)[0], if_getlladdr(ip_dev)[1],
1749 			    if_getlladdr(ip_dev)[2], if_getlladdr(ip_dev)[3],
1750 			    if_getlladdr(ip_dev)[4], if_getlladdr(ip_dev)[5]);
1751 		child_listen_node->loc_addr[0] =
1752 		    ntohl(((struct sockaddr_in *)ifa->ifa_addr)->sin_addr.s_addr);
1753 	} else {
1754 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1755 			    "IP=%x:%x:%x:%x, vlan_id=%d, MAC=%x:%x:%x:%x:%x:%x\n",
1756 			    IRDMA_PRINT_IP6(&((struct sockaddr_in6 *)ifa->ifa_addr)->sin6_addr),
1757 			    rdma_vlan_dev_vlan_id(ip_dev),
1758 			    if_getlladdr(ip_dev)[0], if_getlladdr(ip_dev)[1],
1759 			    if_getlladdr(ip_dev)[2], if_getlladdr(ip_dev)[3],
1760 			    if_getlladdr(ip_dev)[4], if_getlladdr(ip_dev)[5]);
1761 		irdma_copy_ip_ntohl(child_listen_node->loc_addr,
1762 				    ((struct sockaddr_in6 *)ifa->ifa_addr)->sin6_addr.__u6_addr.__u6_addr32);
1763 	}
1764 	memcpy(cm_info->loc_addr, child_listen_node->loc_addr,
1765 	       sizeof(cm_info->loc_addr));
1766 	if (!iwdev->vsi.dscp_mode)
1767 		cm_info->user_pri =
1768 		    irdma_iw_get_vlan_prio(child_listen_node->loc_addr,
1769 					   cm_info->user_pri,
1770 					   cm_info->ipv4);
1771 	ret = irdma_manage_qhash(iwdev, cm_info,
1772 				 IRDMA_QHASH_TYPE_TCP_SYN,
1773 				 IRDMA_QHASH_MANAGE_TYPE_ADD,
1774 				 NULL, false);
1775 	if (ret) {
1776 		kfree(child_listen_node);
1777 		return ret;
1778 	}
1779 	/* wait for qhash finish */
1780 	ret = irdma_manage_qhash_wait(iwdev->rf, cm_info);
1781 	if (ret) {
1782 		kfree(child_listen_node);
1783 		return ret;
1784 	}
1785 
1786 	child_listen_node->qhash_set = true;
1787 	spin_lock_irqsave(&iwdev->cm_core.listen_list_lock, flags);
1788 	list_add(&child_listen_node->child_listen_list,
1789 		 &cm_parent_listen_node->child_listen_list);
1790 	spin_unlock_irqrestore(&iwdev->cm_core.listen_list_lock, flags);
1791 	cm_parent_listen_node->cm_core->stats_listen_nodes_created++;
1792 
1793 	return 0;
1794 }
1795 
1796 /**
1797  * irdma_add_mqh - Adds multiple qhashes
1798  * @iwdev: iWarp device
1799  * @cm_info: CM info for parent listen node
1800  * @cm_listen_node: The parent listen node
1801  */
1802 static int
1803 irdma_add_mqh(struct irdma_device *iwdev,
1804 	      struct irdma_cm_info *cm_info,
1805 	      struct irdma_cm_listener *cm_listen_node)
1806 {
1807 	struct epoch_tracker et;
1808 	struct irdma_add_mqh_cbs cbs;
1809 	struct if_iter iter;
1810 	if_t ifp;
1811 	int err = -ENOENT;
1812 
1813 	cbs.iwdev = iwdev;
1814 	cbs.cm_info = cm_info;
1815 	cbs.cm_listen_node = cm_listen_node;
1816 
1817 	VNET_ITERATOR_DECL(vnet_iter);
1818 
1819 	VNET_LIST_RLOCK();
1820 	NET_EPOCH_ENTER(et);
1821 	VNET_FOREACH(vnet_iter) {
1822 		CURVNET_SET_QUIET(vnet_iter);
1823 		for (ifp = if_iter_start(&iter); ifp != NULL; ifp = if_iter_next(&iter)) {
1824 			if (!(if_getflags(ifp) & IFF_UP))
1825 				continue;
1826 
1827 			if (((rdma_vlan_dev_vlan_id(ifp) >= VLAN_N_VID) ||
1828 			     (rdma_vlan_dev_real_dev(ifp) != iwdev->netdev)) &&
1829 			    ifp != iwdev->netdev)
1830 				continue;
1831 
1832 			if_addr_rlock(ifp);
1833 			if (cm_info->ipv4)
1834 				err = if_foreach_addr_type(ifp, AF_INET, irdma_add_mqh_ifa_cb, &cbs);
1835 			else
1836 				err = if_foreach_addr_type(ifp, AF_INET6, irdma_add_mqh_ifa_cb, &cbs);
1837 			if_addr_runlock(ifp);
1838 		}
1839 		if_iter_finish(&iter);
1840 		CURVNET_RESTORE();
1841 	}
1842 	NET_EPOCH_EXIT(et);
1843 	VNET_LIST_RUNLOCK();
1844 
1845 	return err;
1846 }
1847 
1848 /**
1849  * irdma_reset_list_prep - add connection nodes slated for reset to list
1850  * @cm_core: cm's core
1851  * @listener: pointer to listener node
1852  * @reset_list: a list to which cm_node will be selected
1853  */
1854 static void
1855 irdma_reset_list_prep(struct irdma_cm_core *cm_core,
1856 		      struct irdma_cm_listener *listener,
1857 		      struct list_head *reset_list)
1858 {
1859 	struct irdma_cm_node *cm_node;
1860 	int bkt;
1861 
1862 	HASH_FOR_EACH_RCU(cm_core->cm_hash_tbl, bkt, cm_node, list) {
1863 		if (cm_node->listener == listener &&
1864 		    !cm_node->accelerated &&
1865 		    atomic_inc_not_zero(&cm_node->refcnt))
1866 			list_add(&cm_node->reset_entry, reset_list);
1867 	}
1868 }
1869 
1870 /**
1871  * irdma_dec_refcnt_listen - delete listener and associated cm nodes
1872  * @cm_core: cm's core
1873  * @listener: pointer to listener node
1874  * @free_hanging_nodes: to free associated cm_nodes
1875  * @apbvt_del: flag to delete the apbvt
1876  */
1877 static int
1878 irdma_dec_refcnt_listen(struct irdma_cm_core *cm_core,
1879 			struct irdma_cm_listener *listener,
1880 			int free_hanging_nodes, bool apbvt_del)
1881 {
1882 	struct list_head *list_pos;
1883 	struct list_head *list_temp;
1884 	struct irdma_cm_node *cm_node;
1885 	struct list_head reset_list;
1886 	struct irdma_cm_info nfo;
1887 	enum irdma_cm_node_state old_state;
1888 	unsigned long flags;
1889 	int err;
1890 
1891 	/* free non-accelerated child nodes for this listener */
1892 	INIT_LIST_HEAD(&reset_list);
1893 	if (free_hanging_nodes) {
1894 		rcu_read_lock();
1895 		irdma_reset_list_prep(cm_core, listener, &reset_list);
1896 		rcu_read_unlock();
1897 	}
1898 
1899 	list_for_each_safe(list_pos, list_temp, &reset_list) {
1900 		cm_node = container_of(list_pos, struct irdma_cm_node,
1901 				       reset_entry);
1902 		if (cm_node->state >= IRDMA_CM_STATE_FIN_WAIT1) {
1903 			irdma_rem_ref_cm_node(cm_node);
1904 			continue;
1905 		}
1906 
1907 		irdma_cleanup_retrans_entry(cm_node);
1908 		err = irdma_send_reset(cm_node);
1909 		if (err) {
1910 			cm_node->state = IRDMA_CM_STATE_CLOSED;
1911 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1912 				    "send reset failed\n");
1913 		} else {
1914 			old_state = cm_node->state;
1915 			cm_node->state = IRDMA_CM_STATE_LISTENER_DESTROYED;
1916 			if (old_state != IRDMA_CM_STATE_MPAREQ_RCVD)
1917 				irdma_rem_ref_cm_node(cm_node);
1918 		}
1919 	}
1920 
1921 	if (atomic_dec_and_test(&listener->refcnt)) {
1922 		spin_lock_irqsave(&cm_core->listen_list_lock, flags);
1923 		list_del(&listener->list);
1924 		spin_unlock_irqrestore(&cm_core->listen_list_lock, flags);
1925 
1926 		if (apbvt_del)
1927 			irdma_del_apbvt(listener->iwdev,
1928 					listener->apbvt_entry);
1929 		memcpy(nfo.loc_addr, listener->loc_addr, sizeof(nfo.loc_addr));
1930 		nfo.loc_port = listener->loc_port;
1931 		nfo.ipv4 = listener->ipv4;
1932 		nfo.vlan_id = listener->vlan_id;
1933 		nfo.user_pri = listener->user_pri;
1934 		nfo.qh_qpid = listener->iwdev->vsi.ilq->qp_id;
1935 
1936 		if (!list_empty(&listener->child_listen_list)) {
1937 			irdma_del_multiple_qhash(listener->iwdev, &nfo,
1938 						 listener);
1939 		} else {
1940 			if (listener->qhash_set)
1941 				irdma_manage_qhash(listener->iwdev,
1942 						   &nfo,
1943 						   IRDMA_QHASH_TYPE_TCP_SYN,
1944 						   IRDMA_QHASH_MANAGE_TYPE_DELETE,
1945 						   NULL, false);
1946 		}
1947 
1948 		cm_core->stats_listen_destroyed++;
1949 		cm_core->stats_listen_nodes_destroyed++;
1950 		irdma_debug(&listener->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
1951 			    "loc_port=0x%04x loc_addr=%x cm_listen_node=%p cm_id=%p qhash_set=%d vlan_id=%d apbvt_del=%d\n",
1952 			    listener->loc_port, listener->loc_addr[0], listener,
1953 			    listener->cm_id, listener->qhash_set,
1954 			    listener->vlan_id, apbvt_del);
1955 		kfree(listener);
1956 		listener = NULL;
1957 		return 0;
1958 	}
1959 
1960 	return -EINVAL;
1961 }
1962 
1963 /**
1964  * irdma_cm_del_listen - delete a listener
1965  * @cm_core: cm's core
1966  * @listener: passive connection's listener
1967  * @apbvt_del: flag to delete apbvt
1968  */
1969 static int
1970 irdma_cm_del_listen(struct irdma_cm_core *cm_core,
1971 		    struct irdma_cm_listener *listener,
1972 		    bool apbvt_del)
1973 {
1974 	listener->listener_state = IRDMA_CM_LISTENER_PASSIVE_STATE;
1975 	listener->cm_id = NULL;
1976 
1977 	return irdma_dec_refcnt_listen(cm_core, listener, 1, apbvt_del);
1978 }
1979 
1980 /**
1981  * irdma_find_node - find a cm node that matches the reference cm node
1982  * @cm_core: cm's core
1983  * @rem_port: remote tcp port num
1984  * @rem_addr: remote ip addr
1985  * @loc_port: local tcp port num
1986  * @loc_addr: local ip addr
1987  * @vlan_id: local VLAN ID
1988  */
1989 struct irdma_cm_node *
1990 irdma_find_node(struct irdma_cm_core *cm_core,
1991 		u16 rem_port, u32 *rem_addr, u16 loc_port,
1992 		u32 *loc_addr, u16 vlan_id)
1993 {
1994 	struct irdma_cm_node *cm_node;
1995 	u32 key = (rem_port << 16) | loc_port;
1996 
1997 	rcu_read_lock();
1998 	HASH_FOR_EACH_POSSIBLE_RCU(cm_core->cm_hash_tbl, cm_node, list, key) {
1999 		if (cm_node->vlan_id == vlan_id &&
2000 		    cm_node->loc_port == loc_port && cm_node->rem_port == rem_port &&
2001 		    !memcmp(cm_node->loc_addr, loc_addr, sizeof(cm_node->loc_addr)) &&
2002 		    !memcmp(cm_node->rem_addr, rem_addr, sizeof(cm_node->rem_addr))) {
2003 			if (!atomic_inc_not_zero(&cm_node->refcnt))
2004 				goto exit;
2005 			rcu_read_unlock();
2006 			return cm_node;
2007 		}
2008 	}
2009 
2010 exit:
2011 	rcu_read_unlock();
2012 
2013 	/* no owner node */
2014 	return NULL;
2015 }
2016 
2017 /**
2018  * irdma_add_hte_node - add a cm node to the hash table
2019  * @cm_core: cm's core
2020  * @cm_node: connection's node
2021  */
2022 static void
2023 irdma_add_hte_node(struct irdma_cm_core *cm_core,
2024 		   struct irdma_cm_node *cm_node)
2025 {
2026 	unsigned long flags;
2027 	u32 key = (cm_node->rem_port << 16) | cm_node->loc_port;
2028 
2029 	spin_lock_irqsave(&cm_core->ht_lock, flags);
2030 	HASH_ADD_RCU(cm_core->cm_hash_tbl, &cm_node->list, key);
2031 	spin_unlock_irqrestore(&cm_core->ht_lock, flags);
2032 }
2033 
2034 /**
2035  * irdma_ipv4_is_lpb - check if loopback
2036  * @loc_addr: local addr to compare
2037  * @rem_addr: remote address
2038  */
2039 bool
2040 irdma_ipv4_is_lpb(u32 loc_addr, u32 rem_addr)
2041 {
2042 	return ipv4_is_loopback(htonl(rem_addr)) || (loc_addr == rem_addr);
2043 }
2044 
2045 /**
2046  * irdma_ipv6_is_lpb - check if loopback
2047  * @loc_addr: local addr to compare
2048  * @rem_addr: remote address
2049  */
2050 bool
2051 irdma_ipv6_is_lpb(u32 *loc_addr, u32 *rem_addr)
2052 {
2053 	struct in6_addr raddr6;
2054 
2055 	irdma_copy_ip_htonl(raddr6.__u6_addr.__u6_addr32, rem_addr);
2056 
2057 	return !memcmp(loc_addr, rem_addr, 16) || ipv6_addr_loopback(&raddr6);
2058 }
2059 
2060 /**
2061  * irdma_cm_create_ah - create a cm address handle
2062  * @cm_node: The connection manager node to create AH for
2063  * @wait: Provides option to wait for ah creation or not
2064  */
2065 static int
2066 irdma_cm_create_ah(struct irdma_cm_node *cm_node, bool wait)
2067 {
2068 	struct irdma_ah_info ah_info = {0};
2069 	struct irdma_device *iwdev = cm_node->iwdev;
2070 #ifdef VIMAGE
2071 	struct vnet *vnet = irdma_cmid_to_vnet(cm_node->cm_id);
2072 #endif
2073 
2074 	ether_addr_copy(ah_info.mac_addr, if_getlladdr(iwdev->netdev));
2075 
2076 	ah_info.hop_ttl = 0x40;
2077 	ah_info.tc_tos = cm_node->tos;
2078 	ah_info.vsi = &iwdev->vsi;
2079 
2080 	if (cm_node->ipv4) {
2081 		ah_info.ipv4_valid = true;
2082 		ah_info.dest_ip_addr[0] = cm_node->rem_addr[0];
2083 		ah_info.src_ip_addr[0] = cm_node->loc_addr[0];
2084 		CURVNET_SET_QUIET(vnet);
2085 		ah_info.do_lpbk = irdma_ipv4_is_lpb(ah_info.src_ip_addr[0],
2086 						    ah_info.dest_ip_addr[0]);
2087 		CURVNET_RESTORE();
2088 	} else {
2089 		memcpy(ah_info.dest_ip_addr, cm_node->rem_addr,
2090 		       sizeof(ah_info.dest_ip_addr));
2091 		memcpy(ah_info.src_ip_addr, cm_node->loc_addr,
2092 		       sizeof(ah_info.src_ip_addr));
2093 		ah_info.do_lpbk = irdma_ipv6_is_lpb(ah_info.src_ip_addr,
2094 						    ah_info.dest_ip_addr);
2095 	}
2096 
2097 	ah_info.vlan_tag = cm_node->vlan_id;
2098 	if (cm_node->vlan_id < VLAN_N_VID) {
2099 		ah_info.insert_vlan_tag = 1;
2100 		ah_info.vlan_tag |= cm_node->user_pri << VLAN_PRIO_SHIFT;
2101 	}
2102 
2103 	ah_info.dst_arpindex =
2104 	    irdma_arp_table(iwdev->rf, ah_info.dest_ip_addr,
2105 			    NULL, IRDMA_ARP_RESOLVE);
2106 
2107 	if (irdma_puda_create_ah(&iwdev->rf->sc_dev, &ah_info, wait,
2108 				 IRDMA_PUDA_RSRC_TYPE_ILQ, cm_node,
2109 				 &cm_node->ah))
2110 		return -ENOMEM;
2111 
2112 	return 0;
2113 }
2114 
2115 /**
2116  * irdma_cm_free_ah - free a cm address handle
2117  * @cm_node: The connection manager node to create AH for
2118  */
2119 static void
2120 irdma_cm_free_ah(struct irdma_cm_node *cm_node)
2121 {
2122 	struct irdma_device *iwdev = cm_node->iwdev;
2123 
2124 	irdma_puda_free_ah(&iwdev->rf->sc_dev, cm_node->ah);
2125 	cm_node->ah = NULL;
2126 }
2127 
2128 /**
2129  * irdma_make_cm_node - create a new instance of a cm node
2130  * @cm_core: cm's core
2131  * @iwdev: iwarp device structure
2132  * @cm_info: quad info for connection
2133  * @listener: passive connection's listener
2134  */
2135 static struct irdma_cm_node *
2136 irdma_make_cm_node(struct irdma_cm_core *cm_core, struct irdma_device *iwdev,
2137 		   struct irdma_cm_info *cm_info,
2138 		   struct irdma_cm_listener *listener)
2139 {
2140 	struct irdma_cm_node *cm_node;
2141 	int arpindex;
2142 	if_t netdev = iwdev->netdev;
2143 
2144 	/* create an hte and cm_node for this instance */
2145 	cm_node = kzalloc(sizeof(*cm_node), GFP_ATOMIC);
2146 	if (!cm_node)
2147 		return NULL;
2148 
2149 	/* set our node specific transport info */
2150 	cm_node->ipv4 = cm_info->ipv4;
2151 	cm_node->vlan_id = cm_info->vlan_id;
2152 	if (cm_node->vlan_id >= VLAN_N_VID && iwdev->dcb_vlan_mode)
2153 		cm_node->vlan_id = 0;
2154 	cm_node->tos = cm_info->tos;
2155 	cm_node->user_pri = cm_info->user_pri;
2156 	if (listener) {
2157 		if (listener->tos != cm_info->tos)
2158 			irdma_dev_warn(&iwdev->ibdev,
2159 				       "application TOS[%d] and remote client TOS[%d] mismatch\n",
2160 				       listener->tos, cm_info->tos);
2161 		if (iwdev->vsi.dscp_mode) {
2162 			cm_node->user_pri = listener->user_pri;
2163 		} else {
2164 			cm_node->tos = max(listener->tos, cm_info->tos);
2165 			cm_node->user_pri = rt_tos2priority(cm_node->tos);
2166 			cm_node->user_pri =
2167 			    irdma_iw_get_vlan_prio(cm_info->loc_addr,
2168 						   cm_node->user_pri,
2169 						   cm_info->ipv4);
2170 		}
2171 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_DCB,
2172 			    "listener: TOS:[%d] UP:[%d]\n", cm_node->tos,
2173 			    cm_node->user_pri);
2174 	}
2175 	memcpy(cm_node->loc_addr, cm_info->loc_addr, sizeof(cm_node->loc_addr));
2176 	memcpy(cm_node->rem_addr, cm_info->rem_addr, sizeof(cm_node->rem_addr));
2177 	cm_node->loc_port = cm_info->loc_port;
2178 	cm_node->rem_port = cm_info->rem_port;
2179 
2180 	cm_node->mpa_frame_rev = IRDMA_CM_DEFAULT_MPA_VER;
2181 	cm_node->send_rdma0_op = SEND_RDMA_READ_ZERO;
2182 	cm_node->iwdev = iwdev;
2183 	cm_node->dev = &iwdev->rf->sc_dev;
2184 
2185 	cm_node->ird_size = cm_node->dev->hw_attrs.max_hw_ird;
2186 	cm_node->ord_size = cm_node->dev->hw_attrs.max_hw_ord;
2187 
2188 	cm_node->listener = listener;
2189 	cm_node->cm_id = cm_info->cm_id;
2190 	ether_addr_copy(cm_node->loc_mac, if_getlladdr(netdev));
2191 	spin_lock_init(&cm_node->retrans_list_lock);
2192 	cm_node->ack_rcvd = false;
2193 
2194 	init_completion(&cm_node->establish_comp);
2195 	atomic_set(&cm_node->refcnt, 1);
2196 	/* associate our parent CM core */
2197 	cm_node->cm_core = cm_core;
2198 	cm_node->tcp_cntxt.loc_id = IRDMA_CM_DEFAULT_LOCAL_ID;
2199 	cm_node->tcp_cntxt.rcv_wscale = iwdev->rcv_wscale;
2200 	cm_node->tcp_cntxt.rcv_wnd = iwdev->rcv_wnd >> cm_node->tcp_cntxt.rcv_wscale;
2201 	kc_set_loc_seq_num_mss(cm_node);
2202 
2203 	arpindex = irdma_resolve_neigh_lpb_chk(iwdev, cm_node, cm_info);
2204 	if (arpindex < 0)
2205 		goto err;
2206 
2207 	ether_addr_copy(cm_node->rem_mac, iwdev->rf->arp_table[arpindex].mac_addr);
2208 	irdma_add_hte_node(cm_core, cm_node);
2209 	cm_core->stats_nodes_created++;
2210 	return cm_node;
2211 
2212 err:
2213 	kfree(cm_node);
2214 
2215 	return NULL;
2216 }
2217 
2218 static void
2219 irdma_destroy_connection(struct irdma_cm_node *cm_node)
2220 {
2221 	struct irdma_cm_core *cm_core = cm_node->cm_core;
2222 	struct irdma_qp *iwqp;
2223 	struct irdma_cm_info nfo;
2224 
2225 	/* if the node is destroyed before connection was accelerated */
2226 	if (!cm_node->accelerated && cm_node->accept_pend) {
2227 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2228 			    "node destroyed before established\n");
2229 		atomic_dec(&cm_node->listener->pend_accepts_cnt);
2230 	}
2231 	if (cm_node->close_entry)
2232 		irdma_handle_close_entry(cm_node, 0);
2233 	if (cm_node->listener) {
2234 		irdma_dec_refcnt_listen(cm_core, cm_node->listener, 0, true);
2235 	} else {
2236 		if (cm_node->apbvt_set) {
2237 			irdma_del_apbvt(cm_node->iwdev, cm_node->apbvt_entry);
2238 			cm_node->apbvt_set = 0;
2239 		}
2240 		irdma_get_addr_info(cm_node, &nfo);
2241 		if (cm_node->qhash_set) {
2242 			nfo.qh_qpid = cm_node->iwdev->vsi.ilq->qp_id;
2243 			irdma_manage_qhash(cm_node->iwdev, &nfo,
2244 					   IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
2245 					   IRDMA_QHASH_MANAGE_TYPE_DELETE, NULL,
2246 					   false);
2247 			cm_node->qhash_set = 0;
2248 		}
2249 	}
2250 
2251 	iwqp = cm_node->iwqp;
2252 	if (iwqp) {
2253 		cm_node->cm_id->rem_ref(cm_node->cm_id);
2254 		cm_node->cm_id = NULL;
2255 		iwqp->cm_id = NULL;
2256 		irdma_qp_rem_ref(&iwqp->ibqp);
2257 		cm_node->iwqp = NULL;
2258 	} else if (cm_node->qhash_set) {
2259 		irdma_get_addr_info(cm_node, &nfo);
2260 		nfo.qh_qpid = cm_node->iwdev->vsi.ilq->qp_id;
2261 		irdma_manage_qhash(cm_node->iwdev, &nfo,
2262 				   IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
2263 				   IRDMA_QHASH_MANAGE_TYPE_DELETE, NULL, false);
2264 		cm_node->qhash_set = 0;
2265 	}
2266 
2267 	cm_core->cm_free_ah(cm_node);
2268 }
2269 
2270 /**
2271  * irdma_rem_ref_cm_node - destroy an instance of a cm node
2272  * @cm_node: connection's node
2273  */
2274 void
2275 irdma_rem_ref_cm_node(struct irdma_cm_node *cm_node)
2276 {
2277 	struct irdma_cm_core *cm_core = cm_node->cm_core;
2278 	unsigned long flags;
2279 
2280 	spin_lock_irqsave(&cm_core->ht_lock, flags);
2281 
2282 	if (!atomic_dec_and_test(&cm_node->refcnt)) {
2283 		spin_unlock_irqrestore(&cm_core->ht_lock, flags);
2284 		return;
2285 	}
2286 	if (cm_node->iwqp) {
2287 		cm_node->iwqp->cm_node = NULL;
2288 		cm_node->iwqp->cm_id = NULL;
2289 	}
2290 	HASH_DEL_RCU(cm_core->cm_hash_tbl, &cm_node->list);
2291 	cm_node->cm_core->stats_nodes_destroyed++;
2292 
2293 	spin_unlock_irqrestore(&cm_core->ht_lock, flags);
2294 
2295 	irdma_destroy_connection(cm_node);
2296 
2297 	kfree_rcu(cm_node, rcu_head);
2298 }
2299 
2300 /**
2301  * irdma_handle_fin_pkt - FIN packet received
2302  * @cm_node: connection's node
2303  */
2304 static void
2305 irdma_handle_fin_pkt(struct irdma_cm_node *cm_node)
2306 {
2307 	switch (cm_node->state) {
2308 	case IRDMA_CM_STATE_SYN_RCVD:
2309 	case IRDMA_CM_STATE_SYN_SENT:
2310 	case IRDMA_CM_STATE_ESTABLISHED:
2311 	case IRDMA_CM_STATE_MPAREJ_RCVD:
2312 		cm_node->tcp_cntxt.rcv_nxt++;
2313 		irdma_cleanup_retrans_entry(cm_node);
2314 		cm_node->state = IRDMA_CM_STATE_LAST_ACK;
2315 		irdma_send_fin(cm_node);
2316 		break;
2317 	case IRDMA_CM_STATE_MPAREQ_SENT:
2318 		irdma_create_event(cm_node, IRDMA_CM_EVENT_ABORTED);
2319 		cm_node->tcp_cntxt.rcv_nxt++;
2320 		irdma_cleanup_retrans_entry(cm_node);
2321 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2322 		atomic_inc(&cm_node->refcnt);
2323 		irdma_send_reset(cm_node);
2324 		break;
2325 	case IRDMA_CM_STATE_FIN_WAIT1:
2326 		cm_node->tcp_cntxt.rcv_nxt++;
2327 		irdma_cleanup_retrans_entry(cm_node);
2328 		cm_node->state = IRDMA_CM_STATE_CLOSING;
2329 		irdma_send_ack(cm_node);
2330 		/*
2331 		 * Wait for ACK as this is simultaneous close. After we receive ACK, do not send anything. Just rm the
2332 		 * node.
2333 		 */
2334 		break;
2335 	case IRDMA_CM_STATE_FIN_WAIT2:
2336 		cm_node->tcp_cntxt.rcv_nxt++;
2337 		irdma_cleanup_retrans_entry(cm_node);
2338 		cm_node->state = IRDMA_CM_STATE_TIME_WAIT;
2339 		irdma_send_ack(cm_node);
2340 		irdma_schedule_cm_timer(cm_node, NULL, IRDMA_TIMER_TYPE_CLOSE,
2341 					1, 0);
2342 		break;
2343 	case IRDMA_CM_STATE_TIME_WAIT:
2344 		cm_node->tcp_cntxt.rcv_nxt++;
2345 		irdma_cleanup_retrans_entry(cm_node);
2346 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2347 		irdma_rem_ref_cm_node(cm_node);
2348 		break;
2349 	case IRDMA_CM_STATE_OFFLOADED:
2350 	default:
2351 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2352 			    "bad state node state = %d\n", cm_node->state);
2353 		break;
2354 	}
2355 }
2356 
2357 /**
2358  * irdma_handle_rst_pkt - process received RST packet
2359  * @cm_node: connection's node
2360  * @rbuf: receive buffer
2361  */
2362 static void
2363 irdma_handle_rst_pkt(struct irdma_cm_node *cm_node,
2364 		     struct irdma_puda_buf *rbuf)
2365 {
2366 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2367 		    "caller: %pS cm_node=%p state=%d rem_port=0x%04x loc_port=0x%04x rem_addr=%x loc_addr=%x\n",
2368 		    __builtin_return_address(0), cm_node, cm_node->state,
2369 		    cm_node->rem_port, cm_node->loc_port, cm_node->rem_addr[0],
2370 		    cm_node->loc_addr[0]);
2371 
2372 	irdma_cleanup_retrans_entry(cm_node);
2373 	switch (cm_node->state) {
2374 	case IRDMA_CM_STATE_SYN_SENT:
2375 	case IRDMA_CM_STATE_MPAREQ_SENT:
2376 		switch (cm_node->mpa_frame_rev) {
2377 		case IETF_MPA_V2:
2378 			/* Drop down to MPA_V1 */
2379 			cm_node->mpa_frame_rev = IETF_MPA_V1;
2380 			/* send a syn and goto syn sent state */
2381 			cm_node->state = IRDMA_CM_STATE_SYN_SENT;
2382 			if (irdma_send_syn(cm_node, 0))
2383 				irdma_active_open_err(cm_node, false);
2384 			break;
2385 		case IETF_MPA_V1:
2386 		default:
2387 			irdma_active_open_err(cm_node, false);
2388 			break;
2389 		}
2390 		break;
2391 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2392 		atomic_inc(&cm_node->passive_state);
2393 		break;
2394 	case IRDMA_CM_STATE_ESTABLISHED:
2395 	case IRDMA_CM_STATE_SYN_RCVD:
2396 	case IRDMA_CM_STATE_LISTENING:
2397 		irdma_passive_open_err(cm_node, false);
2398 		break;
2399 	case IRDMA_CM_STATE_OFFLOADED:
2400 		irdma_active_open_err(cm_node, false);
2401 		break;
2402 	case IRDMA_CM_STATE_CLOSED:
2403 		break;
2404 	case IRDMA_CM_STATE_FIN_WAIT2:
2405 	case IRDMA_CM_STATE_FIN_WAIT1:
2406 	case IRDMA_CM_STATE_LAST_ACK:
2407 	case IRDMA_CM_STATE_TIME_WAIT:
2408 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2409 		irdma_rem_ref_cm_node(cm_node);
2410 		break;
2411 	default:
2412 		break;
2413 	}
2414 }
2415 
2416 /**
2417  * irdma_handle_rcv_mpa - Process a recv'd mpa buffer
2418  * @cm_node: connection's node
2419  * @rbuf: receive buffer
2420  */
2421 static void
2422 irdma_handle_rcv_mpa(struct irdma_cm_node *cm_node,
2423 		     struct irdma_puda_buf *rbuf)
2424 {
2425 	int err;
2426 	int datasize = rbuf->datalen;
2427 	u8 *dataloc = rbuf->data;
2428 
2429 	enum irdma_cm_event_type type = IRDMA_CM_EVENT_UNKNOWN;
2430 	u32 res_type;
2431 
2432 	err = irdma_parse_mpa(cm_node, dataloc, &res_type, datasize);
2433 	if (err) {
2434 		if (cm_node->state == IRDMA_CM_STATE_MPAREQ_SENT)
2435 			irdma_active_open_err(cm_node, true);
2436 		else
2437 			irdma_passive_open_err(cm_node, true);
2438 		return;
2439 	}
2440 
2441 	switch (cm_node->state) {
2442 	case IRDMA_CM_STATE_ESTABLISHED:
2443 		if (res_type == IRDMA_MPA_REQUEST_REJECT)
2444 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2445 				    "state for reject\n");
2446 		cm_node->state = IRDMA_CM_STATE_MPAREQ_RCVD;
2447 		type = IRDMA_CM_EVENT_MPA_REQ;
2448 		irdma_send_ack(cm_node);	/* ACK received MPA request */
2449 		atomic_set(&cm_node->passive_state,
2450 			   IRDMA_PASSIVE_STATE_INDICATED);
2451 		break;
2452 	case IRDMA_CM_STATE_MPAREQ_SENT:
2453 		irdma_cleanup_retrans_entry(cm_node);
2454 		if (res_type == IRDMA_MPA_REQUEST_REJECT) {
2455 			type = IRDMA_CM_EVENT_MPA_REJECT;
2456 			cm_node->state = IRDMA_CM_STATE_MPAREJ_RCVD;
2457 		} else {
2458 			type = IRDMA_CM_EVENT_CONNECTED;
2459 			cm_node->state = IRDMA_CM_STATE_OFFLOADED;
2460 		}
2461 		irdma_send_ack(cm_node);
2462 		break;
2463 	default:
2464 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2465 			    "wrong cm_node state=%d\n", cm_node->state);
2466 		break;
2467 	}
2468 	irdma_create_event(cm_node, type);
2469 }
2470 
2471 /**
2472  * irdma_check_syn - Check for error on received syn ack
2473  * @cm_node: connection's node
2474  * @tcph: pointer tcp header
2475  */
2476 static int
2477 irdma_check_syn(struct irdma_cm_node *cm_node, struct tcphdr *tcph)
2478 {
2479 	if (ntohl(tcph->th_ack) != cm_node->tcp_cntxt.loc_seq_num) {
2480 		irdma_active_open_err(cm_node, true);
2481 		return 1;
2482 	}
2483 
2484 	return 0;
2485 }
2486 
2487 /**
2488  * irdma_check_seq - check seq numbers if OK
2489  * @cm_node: connection's node
2490  * @tcph: pointer tcp header
2491  */
2492 static int
2493 irdma_check_seq(struct irdma_cm_node *cm_node, struct tcphdr *tcph)
2494 {
2495 	u32 seq;
2496 	u32 ack_seq;
2497 	u32 loc_seq_num = cm_node->tcp_cntxt.loc_seq_num;
2498 	u32 rcv_nxt = cm_node->tcp_cntxt.rcv_nxt;
2499 	u32 rcv_wnd;
2500 	int err = 0;
2501 
2502 	seq = ntohl(tcph->th_seq);
2503 	ack_seq = ntohl(tcph->th_ack);
2504 	rcv_wnd = cm_node->tcp_cntxt.rcv_wnd;
2505 	if (ack_seq != loc_seq_num ||
2506 	    !between(seq, rcv_nxt, (rcv_nxt + rcv_wnd)))
2507 		err = -1;
2508 	if (err)
2509 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2510 			    "seq number err\n");
2511 
2512 	return err;
2513 }
2514 
2515 void
2516 irdma_add_conn_est_qh(struct irdma_cm_node *cm_node)
2517 {
2518 	struct irdma_cm_info nfo;
2519 
2520 	irdma_get_addr_info(cm_node, &nfo);
2521 	nfo.qh_qpid = cm_node->iwdev->vsi.ilq->qp_id;
2522 	irdma_manage_qhash(cm_node->iwdev, &nfo,
2523 			   IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
2524 			   IRDMA_QHASH_MANAGE_TYPE_ADD,
2525 			   cm_node, false);
2526 	cm_node->qhash_set = true;
2527 }
2528 
2529 /**
2530  * irdma_handle_syn_pkt - is for Passive node
2531  * @cm_node: connection's node
2532  * @rbuf: receive buffer
2533  */
2534 static void
2535 irdma_handle_syn_pkt(struct irdma_cm_node *cm_node,
2536 		     struct irdma_puda_buf *rbuf)
2537 {
2538 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2539 	int err;
2540 	u32 inc_sequence;
2541 	int optionsize;
2542 
2543 	optionsize = (tcph->th_off << 2) - sizeof(*tcph);
2544 	inc_sequence = ntohl(tcph->th_seq);
2545 
2546 	switch (cm_node->state) {
2547 	case IRDMA_CM_STATE_SYN_SENT:
2548 	case IRDMA_CM_STATE_MPAREQ_SENT:
2549 		/* Rcvd syn on active open connection */
2550 		irdma_active_open_err(cm_node, 1);
2551 		break;
2552 	case IRDMA_CM_STATE_LISTENING:
2553 		/* Passive OPEN */
2554 		if (atomic_read(&cm_node->listener->pend_accepts_cnt) >
2555 		    cm_node->listener->backlog) {
2556 			cm_node->cm_core->stats_backlog_drops++;
2557 			irdma_passive_open_err(cm_node, false);
2558 			break;
2559 		}
2560 		err = irdma_handle_tcp_options(cm_node, tcph, optionsize, 1);
2561 		if (err) {
2562 			irdma_passive_open_err(cm_node, false);
2563 			/* drop pkt */
2564 			break;
2565 		}
2566 		err = cm_node->cm_core->cm_create_ah(cm_node, false);
2567 		if (err) {
2568 			irdma_passive_open_err(cm_node, false);
2569 			/* drop pkt */
2570 			break;
2571 		}
2572 		cm_node->tcp_cntxt.rcv_nxt = inc_sequence + 1;
2573 		cm_node->accept_pend = 1;
2574 		atomic_inc(&cm_node->listener->pend_accepts_cnt);
2575 
2576 		cm_node->state = IRDMA_CM_STATE_SYN_RCVD;
2577 		break;
2578 	case IRDMA_CM_STATE_CLOSED:
2579 		irdma_cleanup_retrans_entry(cm_node);
2580 		atomic_inc(&cm_node->refcnt);
2581 		irdma_send_reset(cm_node);
2582 		break;
2583 	case IRDMA_CM_STATE_OFFLOADED:
2584 	case IRDMA_CM_STATE_ESTABLISHED:
2585 	case IRDMA_CM_STATE_FIN_WAIT1:
2586 	case IRDMA_CM_STATE_FIN_WAIT2:
2587 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2588 	case IRDMA_CM_STATE_LAST_ACK:
2589 	case IRDMA_CM_STATE_CLOSING:
2590 	case IRDMA_CM_STATE_UNKNOWN:
2591 	default:
2592 		break;
2593 	}
2594 }
2595 
2596 /**
2597  * irdma_handle_synack_pkt - Process SYN+ACK packet (active side)
2598  * @cm_node: connection's node
2599  * @rbuf: receive buffer
2600  */
2601 static void
2602 irdma_handle_synack_pkt(struct irdma_cm_node *cm_node,
2603 			struct irdma_puda_buf *rbuf)
2604 {
2605 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2606 	int err;
2607 	u32 inc_sequence;
2608 	int optionsize;
2609 
2610 	optionsize = (tcph->th_off << 2) - sizeof(*tcph);
2611 	inc_sequence = ntohl(tcph->th_seq);
2612 	switch (cm_node->state) {
2613 	case IRDMA_CM_STATE_SYN_SENT:
2614 		irdma_cleanup_retrans_entry(cm_node);
2615 		/* active open */
2616 		if (irdma_check_syn(cm_node, tcph)) {
2617 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2618 				    "check syn fail\n");
2619 			return;
2620 		}
2621 		cm_node->tcp_cntxt.rem_ack_num = ntohl(tcph->th_ack);
2622 		/* setup options */
2623 		err = irdma_handle_tcp_options(cm_node, tcph, optionsize, 0);
2624 		if (err) {
2625 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2626 				    "cm_node=%p tcp_options failed\n", cm_node);
2627 			break;
2628 		}
2629 		irdma_cleanup_retrans_entry(cm_node);
2630 		cm_node->tcp_cntxt.rcv_nxt = inc_sequence + 1;
2631 		irdma_send_ack(cm_node);	/* ACK  for the syn_ack */
2632 		err = irdma_send_mpa_request(cm_node);
2633 		if (err) {
2634 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2635 				    "cm_node=%p irdma_send_mpa_request failed\n",
2636 				    cm_node);
2637 			break;
2638 		}
2639 		cm_node->state = IRDMA_CM_STATE_MPAREQ_SENT;
2640 		break;
2641 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2642 		irdma_passive_open_err(cm_node, true);
2643 		break;
2644 	case IRDMA_CM_STATE_LISTENING:
2645 		cm_node->tcp_cntxt.loc_seq_num = ntohl(tcph->th_ack);
2646 		irdma_cleanup_retrans_entry(cm_node);
2647 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2648 		irdma_send_reset(cm_node);
2649 		break;
2650 	case IRDMA_CM_STATE_CLOSED:
2651 		cm_node->tcp_cntxt.loc_seq_num = ntohl(tcph->th_ack);
2652 		irdma_cleanup_retrans_entry(cm_node);
2653 		atomic_inc(&cm_node->refcnt);
2654 		irdma_send_reset(cm_node);
2655 		break;
2656 	case IRDMA_CM_STATE_ESTABLISHED:
2657 	case IRDMA_CM_STATE_FIN_WAIT1:
2658 	case IRDMA_CM_STATE_FIN_WAIT2:
2659 	case IRDMA_CM_STATE_LAST_ACK:
2660 	case IRDMA_CM_STATE_OFFLOADED:
2661 	case IRDMA_CM_STATE_CLOSING:
2662 	case IRDMA_CM_STATE_UNKNOWN:
2663 	case IRDMA_CM_STATE_MPAREQ_SENT:
2664 	default:
2665 		break;
2666 	}
2667 }
2668 
2669 /**
2670  * irdma_handle_ack_pkt - process packet with ACK
2671  * @cm_node: connection's node
2672  * @rbuf: receive buffer
2673  */
2674 static int
2675 irdma_handle_ack_pkt(struct irdma_cm_node *cm_node,
2676 		     struct irdma_puda_buf *rbuf)
2677 {
2678 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2679 	u32 inc_sequence;
2680 	int ret;
2681 	int optionsize;
2682 	u32 datasize = rbuf->datalen;
2683 
2684 	optionsize = (tcph->th_off << 2) - sizeof(*tcph);
2685 
2686 	if (irdma_check_seq(cm_node, tcph))
2687 		return -EINVAL;
2688 
2689 	inc_sequence = ntohl(tcph->th_seq);
2690 	switch (cm_node->state) {
2691 	case IRDMA_CM_STATE_SYN_RCVD:
2692 		irdma_cleanup_retrans_entry(cm_node);
2693 		ret = irdma_handle_tcp_options(cm_node, tcph, optionsize, 1);
2694 		if (ret)
2695 			return ret;
2696 		cm_node->tcp_cntxt.rem_ack_num = ntohl(tcph->th_ack);
2697 		cm_node->state = IRDMA_CM_STATE_ESTABLISHED;
2698 		if (datasize) {
2699 			cm_node->tcp_cntxt.rcv_nxt = inc_sequence + datasize;
2700 			irdma_handle_rcv_mpa(cm_node, rbuf);
2701 		}
2702 		break;
2703 	case IRDMA_CM_STATE_ESTABLISHED:
2704 		irdma_cleanup_retrans_entry(cm_node);
2705 		if (datasize) {
2706 			cm_node->tcp_cntxt.rcv_nxt = inc_sequence + datasize;
2707 			irdma_handle_rcv_mpa(cm_node, rbuf);
2708 		}
2709 		break;
2710 	case IRDMA_CM_STATE_MPAREQ_SENT:
2711 		cm_node->tcp_cntxt.rem_ack_num = ntohl(tcph->th_ack);
2712 		if (datasize) {
2713 			cm_node->tcp_cntxt.rcv_nxt = inc_sequence + datasize;
2714 			cm_node->ack_rcvd = false;
2715 			irdma_handle_rcv_mpa(cm_node, rbuf);
2716 		} else {
2717 			cm_node->ack_rcvd = true;
2718 		}
2719 		break;
2720 	case IRDMA_CM_STATE_LISTENING:
2721 		irdma_cleanup_retrans_entry(cm_node);
2722 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2723 		irdma_send_reset(cm_node);
2724 		break;
2725 	case IRDMA_CM_STATE_CLOSED:
2726 		irdma_cleanup_retrans_entry(cm_node);
2727 		atomic_inc(&cm_node->refcnt);
2728 		irdma_send_reset(cm_node);
2729 		break;
2730 	case IRDMA_CM_STATE_LAST_ACK:
2731 	case IRDMA_CM_STATE_CLOSING:
2732 		irdma_cleanup_retrans_entry(cm_node);
2733 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2734 		irdma_rem_ref_cm_node(cm_node);
2735 		break;
2736 	case IRDMA_CM_STATE_FIN_WAIT1:
2737 		irdma_cleanup_retrans_entry(cm_node);
2738 		cm_node->state = IRDMA_CM_STATE_FIN_WAIT2;
2739 		break;
2740 	case IRDMA_CM_STATE_SYN_SENT:
2741 	case IRDMA_CM_STATE_FIN_WAIT2:
2742 	case IRDMA_CM_STATE_OFFLOADED:
2743 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2744 	case IRDMA_CM_STATE_UNKNOWN:
2745 	default:
2746 		irdma_cleanup_retrans_entry(cm_node);
2747 		break;
2748 	}
2749 
2750 	return 0;
2751 }
2752 
2753 /**
2754  * irdma_process_pkt - process cm packet
2755  * @cm_node: connection's node
2756  * @rbuf: receive buffer
2757  */
2758 static void
2759 irdma_process_pkt(struct irdma_cm_node *cm_node,
2760 		  struct irdma_puda_buf *rbuf)
2761 {
2762 	enum irdma_tcpip_pkt_type pkt_type = IRDMA_PKT_TYPE_UNKNOWN;
2763 	struct tcphdr *tcph = (struct tcphdr *)rbuf->tcph;
2764 	u32 fin_set = 0;
2765 	int err;
2766 
2767 	if (tcph->th_flags & TH_RST) {
2768 		pkt_type = IRDMA_PKT_TYPE_RST;
2769 	} else if (tcph->th_flags & TH_SYN) {
2770 		pkt_type = IRDMA_PKT_TYPE_SYN;
2771 		if (tcph->th_flags & TH_ACK)
2772 			pkt_type = IRDMA_PKT_TYPE_SYNACK;
2773 	} else if (tcph->th_flags & TH_ACK) {
2774 		pkt_type = IRDMA_PKT_TYPE_ACK;
2775 	}
2776 	if (tcph->th_flags & TH_FIN)
2777 		fin_set = 1;
2778 
2779 	switch (pkt_type) {
2780 	case IRDMA_PKT_TYPE_SYN:
2781 		irdma_handle_syn_pkt(cm_node, rbuf);
2782 		break;
2783 	case IRDMA_PKT_TYPE_SYNACK:
2784 		irdma_handle_synack_pkt(cm_node, rbuf);
2785 		break;
2786 	case IRDMA_PKT_TYPE_ACK:
2787 		err = irdma_handle_ack_pkt(cm_node, rbuf);
2788 		if (fin_set && !err)
2789 			irdma_handle_fin_pkt(cm_node);
2790 		break;
2791 	case IRDMA_PKT_TYPE_RST:
2792 		irdma_handle_rst_pkt(cm_node, rbuf);
2793 		break;
2794 	default:
2795 		if (fin_set &&
2796 		    (!irdma_check_seq(cm_node, (struct tcphdr *)rbuf->tcph)))
2797 			irdma_handle_fin_pkt(cm_node);
2798 		break;
2799 	}
2800 }
2801 
2802 /**
2803  * irdma_make_listen_node - create a listen node with params
2804  * @cm_core: cm's core
2805  * @iwdev: iwarp device structure
2806  * @cm_info: quad info for connection
2807  */
2808 static struct irdma_cm_listener *
2809 irdma_make_listen_node(struct irdma_cm_core *cm_core,
2810 		       struct irdma_device *iwdev,
2811 		       struct irdma_cm_info *cm_info)
2812 {
2813 	struct irdma_cm_listener *listener;
2814 	unsigned long flags;
2815 
2816 	/* cannot have multiple matching listeners */
2817 	listener = irdma_find_listener(cm_core, cm_info->loc_addr, cm_info->ipv4,
2818 				       cm_info->loc_port, cm_info->vlan_id,
2819 				       IRDMA_CM_LISTENER_EITHER_STATE);
2820 	if (listener &&
2821 	    listener->listener_state == IRDMA_CM_LISTENER_ACTIVE_STATE) {
2822 		atomic_dec(&listener->refcnt);
2823 		return NULL;
2824 	}
2825 
2826 	if (!listener) {
2827 		/*
2828 		 * create a CM listen node 1/2 node to compare incoming traffic to
2829 		 */
2830 		listener = kzalloc(sizeof(*listener), GFP_KERNEL);
2831 		if (!listener)
2832 			return NULL;
2833 		cm_core->stats_listen_nodes_created++;
2834 		memcpy(listener->loc_addr, cm_info->loc_addr,
2835 		       sizeof(listener->loc_addr));
2836 		listener->loc_port = cm_info->loc_port;
2837 
2838 		INIT_LIST_HEAD(&listener->child_listen_list);
2839 
2840 		atomic_set(&listener->refcnt, 1);
2841 	} else {
2842 		listener->reused_node = 1;
2843 	}
2844 
2845 	listener->cm_id = cm_info->cm_id;
2846 	listener->ipv4 = cm_info->ipv4;
2847 	listener->vlan_id = cm_info->vlan_id;
2848 	atomic_set(&listener->pend_accepts_cnt, 0);
2849 	listener->cm_core = cm_core;
2850 	listener->iwdev = iwdev;
2851 
2852 	listener->backlog = cm_info->backlog;
2853 	listener->listener_state = IRDMA_CM_LISTENER_ACTIVE_STATE;
2854 
2855 	if (!listener->reused_node) {
2856 		spin_lock_irqsave(&cm_core->listen_list_lock, flags);
2857 		list_add(&listener->list, &cm_core->listen_list);
2858 		spin_unlock_irqrestore(&cm_core->listen_list_lock, flags);
2859 	}
2860 
2861 	return listener;
2862 }
2863 
2864 /**
2865  * irdma_create_cm_node - make a connection node with params
2866  * @cm_core: cm's core
2867  * @iwdev: iwarp device structure
2868  * @conn_param: connection parameters
2869  * @cm_info: quad info for connection
2870  * @caller_cm_node: pointer to cm_node structure to return
2871  */
2872 static int
2873 irdma_create_cm_node(struct irdma_cm_core *cm_core,
2874 		     struct irdma_device *iwdev,
2875 		     struct iw_cm_conn_param *conn_param,
2876 		     struct irdma_cm_info *cm_info,
2877 		     struct irdma_cm_node **caller_cm_node)
2878 {
2879 	struct irdma_cm_node *cm_node;
2880 	u16 private_data_len = conn_param->private_data_len;
2881 	const void *private_data = conn_param->private_data;
2882 
2883 	/* create a CM connection node */
2884 	cm_node = irdma_make_cm_node(cm_core, iwdev, cm_info, NULL);
2885 	if (!cm_node)
2886 		return -ENOMEM;
2887 
2888 	/* set our node side to client (active) side */
2889 	cm_node->tcp_cntxt.client = 1;
2890 	cm_node->tcp_cntxt.rcv_wscale = IRDMA_CM_DEFAULT_RCV_WND_SCALE;
2891 
2892 	irdma_record_ird_ord(cm_node, conn_param->ird, conn_param->ord);
2893 
2894 	cm_node->pdata.size = private_data_len;
2895 	cm_node->pdata.addr = cm_node->pdata_buf;
2896 
2897 	memcpy(cm_node->pdata_buf, private_data, private_data_len);
2898 	*caller_cm_node = cm_node;
2899 
2900 	return 0;
2901 }
2902 
2903 /**
2904  * irdma_cm_reject - reject and teardown a connection
2905  * @cm_node: connection's node
2906  * @pdata: ptr to private data for reject
2907  * @plen: size of private data
2908  */
2909 static int
2910 irdma_cm_reject(struct irdma_cm_node *cm_node, const void *pdata,
2911 		u8 plen)
2912 {
2913 	int ret;
2914 	int passive_state;
2915 
2916 	if (cm_node->tcp_cntxt.client)
2917 		return 0;
2918 
2919 	irdma_cleanup_retrans_entry(cm_node);
2920 
2921 	passive_state = atomic_add_return(1, &cm_node->passive_state);
2922 	if (passive_state == IRDMA_SEND_RESET_EVENT) {
2923 		cm_node->state = IRDMA_CM_STATE_CLOSED;
2924 		irdma_rem_ref_cm_node(cm_node);
2925 		return 0;
2926 	}
2927 
2928 	if (cm_node->state == IRDMA_CM_STATE_LISTENER_DESTROYED) {
2929 		irdma_rem_ref_cm_node(cm_node);
2930 		return 0;
2931 	}
2932 
2933 	ret = irdma_send_mpa_reject(cm_node, pdata, plen);
2934 	if (!ret)
2935 		return 0;
2936 
2937 	cm_node->state = IRDMA_CM_STATE_CLOSED;
2938 	if (irdma_send_reset(cm_node))
2939 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2940 			    "send reset failed\n");
2941 
2942 	return ret;
2943 }
2944 
2945 /**
2946  * irdma_cm_close - close of cm connection
2947  * @cm_node: connection's node
2948  */
2949 static int
2950 irdma_cm_close(struct irdma_cm_node *cm_node)
2951 {
2952 	switch (cm_node->state) {
2953 	case IRDMA_CM_STATE_SYN_RCVD:
2954 	case IRDMA_CM_STATE_SYN_SENT:
2955 	case IRDMA_CM_STATE_ONE_SIDE_ESTABLISHED:
2956 	case IRDMA_CM_STATE_ESTABLISHED:
2957 	case IRDMA_CM_STATE_ACCEPTING:
2958 	case IRDMA_CM_STATE_MPAREQ_SENT:
2959 	case IRDMA_CM_STATE_MPAREQ_RCVD:
2960 		irdma_cleanup_retrans_entry(cm_node);
2961 		irdma_send_reset(cm_node);
2962 		break;
2963 	case IRDMA_CM_STATE_CLOSE_WAIT:
2964 		cm_node->state = IRDMA_CM_STATE_LAST_ACK;
2965 		irdma_send_fin(cm_node);
2966 		break;
2967 	case IRDMA_CM_STATE_FIN_WAIT1:
2968 	case IRDMA_CM_STATE_FIN_WAIT2:
2969 	case IRDMA_CM_STATE_LAST_ACK:
2970 	case IRDMA_CM_STATE_TIME_WAIT:
2971 	case IRDMA_CM_STATE_CLOSING:
2972 		return -EINVAL;
2973 	case IRDMA_CM_STATE_LISTENING:
2974 		irdma_cleanup_retrans_entry(cm_node);
2975 		irdma_send_reset(cm_node);
2976 		break;
2977 	case IRDMA_CM_STATE_MPAREJ_RCVD:
2978 	case IRDMA_CM_STATE_UNKNOWN:
2979 	case IRDMA_CM_STATE_INITED:
2980 	case IRDMA_CM_STATE_CLOSED:
2981 	case IRDMA_CM_STATE_LISTENER_DESTROYED:
2982 		irdma_rem_ref_cm_node(cm_node);
2983 		break;
2984 	case IRDMA_CM_STATE_OFFLOADED:
2985 		if (cm_node->send_entry)
2986 			irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
2987 				    "CM send_entry in OFFLOADED state\n");
2988 		irdma_rem_ref_cm_node(cm_node);
2989 		break;
2990 	}
2991 
2992 	return 0;
2993 }
2994 
2995 /**
2996  * irdma_receive_ilq - recv an ETHERNET packet, and process it
2997  * through CM
2998  * @vsi: VSI structure of dev
2999  * @rbuf: receive buffer
3000  */
3001 void
3002 irdma_receive_ilq(struct irdma_sc_vsi *vsi, struct irdma_puda_buf *rbuf)
3003 {
3004 	struct irdma_cm_node *cm_node;
3005 	struct irdma_cm_listener *listener;
3006 	struct ip *iph;
3007 	struct ip6_hdr *ip6h;
3008 	struct tcphdr *tcph;
3009 	struct irdma_cm_info cm_info = {0};
3010 	struct irdma_device *iwdev = vsi->back_vsi;
3011 	struct irdma_cm_core *cm_core = &iwdev->cm_core;
3012 	struct ether_vlan_header *ethh;
3013 	u16 vtag;
3014 
3015 	/* if vlan, then maclen = 18 else 14 */
3016 	iph = (struct ip *)rbuf->iph;
3017 	irdma_debug_buf(vsi->dev, IRDMA_DEBUG_ILQ, "RECEIVE ILQ BUFFER",
3018 			rbuf->mem.va, rbuf->totallen);
3019 	if (iwdev->rf->sc_dev.hw_attrs.uk_attrs.hw_rev >= IRDMA_GEN_2) {
3020 		if (rbuf->vlan_valid) {
3021 			vtag = rbuf->vlan_id;
3022 			cm_info.user_pri = (vtag & EVL_PRI_MASK) >>
3023 			    VLAN_PRIO_SHIFT;
3024 			cm_info.vlan_id = vtag & EVL_VLID_MASK;
3025 		} else {
3026 			cm_info.vlan_id = 0xFFFF;
3027 		}
3028 	} else {
3029 		ethh = rbuf->mem.va;
3030 
3031 		if (ethh->evl_proto == htons(ETH_P_8021Q)) {
3032 			vtag = ntohs(ethh->evl_tag);
3033 			cm_info.user_pri = (vtag & EVL_PRI_MASK) >>
3034 			    VLAN_PRIO_SHIFT;
3035 			cm_info.vlan_id = vtag & EVL_VLID_MASK;
3036 			irdma_debug(&cm_core->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3037 				    "vlan_id=%d\n", cm_info.vlan_id);
3038 		} else {
3039 			cm_info.vlan_id = 0xFFFF;
3040 		}
3041 	}
3042 	tcph = (struct tcphdr *)rbuf->tcph;
3043 
3044 	if (rbuf->ipv4) {
3045 		cm_info.loc_addr[0] = ntohl(iph->ip_dst.s_addr);
3046 		cm_info.rem_addr[0] = ntohl(iph->ip_src.s_addr);
3047 		cm_info.ipv4 = true;
3048 		cm_info.tos = iph->ip_tos;
3049 	} else {
3050 		ip6h = (struct ip6_hdr *)rbuf->iph;
3051 		irdma_copy_ip_ntohl(cm_info.loc_addr,
3052 				    ip6h->ip6_dst.__u6_addr.__u6_addr32);
3053 		irdma_copy_ip_ntohl(cm_info.rem_addr,
3054 				    ip6h->ip6_src.__u6_addr.__u6_addr32);
3055 		cm_info.ipv4 = false;
3056 		cm_info.tos = (ip6h->ip6_vfc << 4) | ip6h->ip6_flow;
3057 	}
3058 	cm_info.loc_port = ntohs(tcph->th_dport);
3059 	cm_info.rem_port = ntohs(tcph->th_sport);
3060 	cm_node = irdma_find_node(cm_core, cm_info.rem_port, cm_info.rem_addr,
3061 				  cm_info.loc_port, cm_info.loc_addr, cm_info.vlan_id);
3062 
3063 	if (!cm_node) {
3064 		/*
3065 		 * Only type of packet accepted are for the PASSIVE open (syn only)
3066 		 */
3067 		if (!(tcph->th_flags & TH_SYN) || tcph->th_flags & TH_ACK)
3068 			return;
3069 
3070 		listener = irdma_find_listener(cm_core,
3071 					       cm_info.loc_addr,
3072 					       cm_info.ipv4,
3073 					       cm_info.loc_port,
3074 					       cm_info.vlan_id,
3075 					       IRDMA_CM_LISTENER_ACTIVE_STATE);
3076 		if (!listener) {
3077 			cm_info.cm_id = NULL;
3078 			irdma_debug(&cm_core->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3079 				    "no listener found\n");
3080 			return;
3081 		}
3082 
3083 		cm_info.cm_id = listener->cm_id;
3084 		cm_node = irdma_make_cm_node(cm_core, iwdev, &cm_info,
3085 					     listener);
3086 		if (!cm_node) {
3087 			irdma_debug(&cm_core->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3088 				    "allocate node failed\n");
3089 			atomic_dec(&listener->refcnt);
3090 			return;
3091 		}
3092 
3093 		if (!(tcph->th_flags & (TH_RST | TH_FIN))) {
3094 			cm_node->state = IRDMA_CM_STATE_LISTENING;
3095 		} else {
3096 			irdma_rem_ref_cm_node(cm_node);
3097 			return;
3098 		}
3099 
3100 		atomic_inc(&cm_node->refcnt);
3101 	} else if (cm_node->state == IRDMA_CM_STATE_OFFLOADED) {
3102 		irdma_rem_ref_cm_node(cm_node);
3103 		return;
3104 	}
3105 
3106 	irdma_process_pkt(cm_node, rbuf);
3107 	irdma_rem_ref_cm_node(cm_node);
3108 }
3109 
3110 static int
3111 irdma_add_qh(struct irdma_cm_node *cm_node, bool active)
3112 {
3113 	if (!active)
3114 		irdma_add_conn_est_qh(cm_node);
3115 	return 0;
3116 }
3117 
3118 static void
3119 irdma_cm_free_ah_nop(struct irdma_cm_node *cm_node)
3120 {
3121 }
3122 
3123 /**
3124  * irdma_setup_cm_core - setup top level instance of a cm core
3125  * @iwdev: iwarp device structure
3126  * @rdma_ver: HW version
3127  */
3128 int
3129 irdma_setup_cm_core(struct irdma_device *iwdev, u8 rdma_ver)
3130 {
3131 	struct irdma_cm_core *cm_core = &iwdev->cm_core;
3132 
3133 	cm_core->iwdev = iwdev;
3134 	cm_core->dev = &iwdev->rf->sc_dev;
3135 
3136 	/* Handles CM event work items send to Iwarp core */
3137 	cm_core->event_wq = alloc_ordered_workqueue("iwarp-event-wq", 0);
3138 	if (!cm_core->event_wq)
3139 		return -ENOMEM;
3140 
3141 	INIT_LIST_HEAD(&cm_core->listen_list);
3142 
3143 	timer_setup(&cm_core->tcp_timer, irdma_cm_timer_tick, 0);
3144 
3145 	spin_lock_init(&cm_core->ht_lock);
3146 	spin_lock_init(&cm_core->listen_list_lock);
3147 	spin_lock_init(&cm_core->apbvt_lock);
3148 	switch (rdma_ver) {
3149 	case IRDMA_GEN_1:
3150 		cm_core->form_cm_frame = irdma_form_uda_cm_frame;
3151 		cm_core->cm_create_ah = irdma_add_qh;
3152 		cm_core->cm_free_ah = irdma_cm_free_ah_nop;
3153 		break;
3154 	case IRDMA_GEN_2:
3155 	default:
3156 		cm_core->form_cm_frame = irdma_form_ah_cm_frame;
3157 		cm_core->cm_create_ah = irdma_cm_create_ah;
3158 		cm_core->cm_free_ah = irdma_cm_free_ah;
3159 	}
3160 
3161 	return 0;
3162 }
3163 
3164 /**
3165  * irdma_cleanup_cm_core - deallocate a top level instance of a
3166  * cm core
3167  * @cm_core: cm's core
3168  */
3169 void
3170 irdma_cleanup_cm_core(struct irdma_cm_core *cm_core)
3171 {
3172 	if (!cm_core)
3173 		return;
3174 
3175 	del_timer_sync(&cm_core->tcp_timer);
3176 
3177 	destroy_workqueue(cm_core->event_wq);
3178 	cm_core->dev->ws_reset(&cm_core->iwdev->vsi);
3179 }
3180 
3181 /**
3182  * irdma_init_tcp_ctx - setup qp context
3183  * @cm_node: connection's node
3184  * @tcp_info: offload info for tcp
3185  * @iwqp: associate qp for the connection
3186  */
3187 static void
3188 irdma_init_tcp_ctx(struct irdma_cm_node *cm_node,
3189 		   struct irdma_tcp_offload_info *tcp_info,
3190 		   struct irdma_qp *iwqp)
3191 {
3192 	tcp_info->ipv4 = cm_node->ipv4;
3193 	tcp_info->drop_ooo_seg = !iwqp->iwdev->iw_ooo;
3194 	tcp_info->wscale = true;
3195 	tcp_info->ignore_tcp_opt = true;
3196 	tcp_info->ignore_tcp_uns_opt = true;
3197 	tcp_info->no_nagle = false;
3198 
3199 	tcp_info->ttl = IRDMA_DEFAULT_TTL;
3200 	tcp_info->rtt_var = IRDMA_DEFAULT_RTT_VAR;
3201 	tcp_info->ss_thresh = IRDMA_DEFAULT_SS_THRESH;
3202 	tcp_info->rexmit_thresh = IRDMA_DEFAULT_REXMIT_THRESH;
3203 
3204 	tcp_info->tcp_state = IRDMA_TCP_STATE_ESTABLISHED;
3205 	tcp_info->snd_wscale = cm_node->tcp_cntxt.snd_wscale;
3206 	tcp_info->rcv_wscale = cm_node->tcp_cntxt.rcv_wscale;
3207 
3208 	tcp_info->snd_nxt = cm_node->tcp_cntxt.loc_seq_num;
3209 	tcp_info->snd_wnd = cm_node->tcp_cntxt.snd_wnd;
3210 	tcp_info->rcv_nxt = cm_node->tcp_cntxt.rcv_nxt;
3211 	tcp_info->snd_max = cm_node->tcp_cntxt.loc_seq_num;
3212 
3213 	tcp_info->snd_una = cm_node->tcp_cntxt.loc_seq_num;
3214 	tcp_info->cwnd = 2 * cm_node->tcp_cntxt.mss;
3215 	tcp_info->snd_wl1 = cm_node->tcp_cntxt.rcv_nxt;
3216 	tcp_info->snd_wl2 = cm_node->tcp_cntxt.loc_seq_num;
3217 	tcp_info->max_snd_window = cm_node->tcp_cntxt.max_snd_wnd;
3218 	tcp_info->rcv_wnd = cm_node->tcp_cntxt.rcv_wnd
3219 	    << cm_node->tcp_cntxt.rcv_wscale;
3220 
3221 	tcp_info->flow_label = 0;
3222 	tcp_info->snd_mss = (u32)cm_node->tcp_cntxt.mss;
3223 	tcp_info->tos = cm_node->tos;
3224 	if (cm_node->vlan_id < VLAN_N_VID) {
3225 		tcp_info->insert_vlan_tag = true;
3226 		tcp_info->vlan_tag = cm_node->vlan_id;
3227 		tcp_info->vlan_tag |= cm_node->user_pri << VLAN_PRIO_SHIFT;
3228 	}
3229 	tcp_info->src_port = cm_node->loc_port;
3230 	tcp_info->dst_port = cm_node->rem_port;
3231 	tcp_info->arp_idx = (u16)irdma_arp_table(iwqp->iwdev->rf,
3232 						  cm_node->rem_addr, NULL,
3233 						  IRDMA_ARP_RESOLVE);
3234 	if (cm_node->ipv4) {
3235 		tcp_info->dest_ip_addr[3] = cm_node->rem_addr[0];
3236 		tcp_info->local_ipaddr[3] = cm_node->loc_addr[0];
3237 	} else {
3238 		memcpy(tcp_info->dest_ip_addr, cm_node->rem_addr,
3239 		       sizeof(tcp_info->dest_ip_addr));
3240 		memcpy(tcp_info->local_ipaddr, cm_node->loc_addr,
3241 		       sizeof(tcp_info->local_ipaddr));
3242 	}
3243 }
3244 
3245 /**
3246  * irdma_cm_init_tsa_conn - setup qp for RTS
3247  * @iwqp: associate qp for the connection
3248  * @cm_node: connection's node
3249  */
3250 static void
3251 irdma_cm_init_tsa_conn(struct irdma_qp *iwqp,
3252 		       struct irdma_cm_node *cm_node)
3253 {
3254 	struct irdma_iwarp_offload_info *iwarp_info;
3255 	struct irdma_qp_host_ctx_info *ctx_info;
3256 
3257 	iwarp_info = &iwqp->iwarp_info;
3258 	ctx_info = &iwqp->ctx_info;
3259 
3260 	ctx_info->tcp_info = &iwqp->tcp_info;
3261 	ctx_info->send_cq_num = iwqp->iwscq->sc_cq.cq_uk.cq_id;
3262 	ctx_info->rcv_cq_num = iwqp->iwrcq->sc_cq.cq_uk.cq_id;
3263 
3264 	iwarp_info->ord_size = cm_node->ord_size;
3265 	iwarp_info->ird_size = cm_node->ird_size;
3266 	iwarp_info->rd_en = true;
3267 	iwarp_info->rdmap_ver = 1;
3268 	iwarp_info->ddp_ver = 1;
3269 	iwarp_info->pd_id = iwqp->iwpd->sc_pd.pd_id;
3270 
3271 	ctx_info->tcp_info_valid = true;
3272 	ctx_info->iwarp_info_valid = true;
3273 	ctx_info->user_pri = cm_node->user_pri;
3274 
3275 	irdma_init_tcp_ctx(cm_node, &iwqp->tcp_info, iwqp);
3276 	if (cm_node->snd_mark_en) {
3277 		iwarp_info->snd_mark_en = true;
3278 		iwarp_info->snd_mark_offset = (iwqp->tcp_info.snd_nxt & SNDMARKER_SEQNMASK) +
3279 		    cm_node->lsmm_size;
3280 	}
3281 
3282 	cm_node->state = IRDMA_CM_STATE_OFFLOADED;
3283 	iwqp->tcp_info.tcp_state = IRDMA_TCP_STATE_ESTABLISHED;
3284 	iwqp->tcp_info.src_mac_addr_idx = iwqp->iwdev->mac_ip_table_idx;
3285 
3286 	if (cm_node->rcv_mark_en) {
3287 		iwarp_info->rcv_mark_en = true;
3288 		iwarp_info->align_hdrs = true;
3289 	}
3290 
3291 	irdma_sc_qp_setctx(&iwqp->sc_qp, iwqp->host_ctx.va, ctx_info);
3292 
3293 	/* once tcp_info is set, no need to do it again */
3294 	ctx_info->tcp_info_valid = false;
3295 	ctx_info->iwarp_info_valid = false;
3296 }
3297 
3298 /**
3299  * irdma_cm_disconn - when a connection is being closed
3300  * @iwqp: associated qp for the connection
3301  */
3302 void
3303 irdma_cm_disconn(struct irdma_qp *iwqp)
3304 {
3305 	struct irdma_device *iwdev = iwqp->iwdev;
3306 	struct disconn_work *work;
3307 	unsigned long flags;
3308 
3309 	work = kzalloc(sizeof(*work), GFP_ATOMIC);
3310 	if (!work)
3311 		return;
3312 
3313 	spin_lock_irqsave(&iwdev->rf->qptable_lock, flags);
3314 	if (!iwdev->rf->qp_table[iwqp->ibqp.qp_num]) {
3315 		spin_unlock_irqrestore(&iwdev->rf->qptable_lock, flags);
3316 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3317 			    "qp_id %d is already freed\n", iwqp->ibqp.qp_num);
3318 		kfree(work);
3319 		return;
3320 	}
3321 	irdma_qp_add_ref(&iwqp->ibqp);
3322 	spin_unlock_irqrestore(&iwdev->rf->qptable_lock, flags);
3323 
3324 	work->iwqp = iwqp;
3325 	INIT_WORK(&work->work, irdma_disconnect_worker);
3326 	queue_work(iwdev->cleanup_wq, &work->work);
3327 }
3328 
3329 /**
3330  * irdma_qp_disconnect - free qp and close cm
3331  * @iwqp: associate qp for the connection
3332  */
3333 static void
3334 irdma_qp_disconnect(struct irdma_qp *iwqp)
3335 {
3336 	struct irdma_device *iwdev = iwqp->iwdev;
3337 
3338 	iwqp->active_conn = 0;
3339 	/* close the CM node down if it is still active */
3340 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM, "Call close API\n");
3341 	irdma_cm_close(iwqp->cm_node);
3342 }
3343 
3344 /**
3345  * irdma_cm_disconn_true - called by worker thread to disconnect qp
3346  * @iwqp: associate qp for the connection
3347  */
3348 static void
3349 irdma_cm_disconn_true(struct irdma_qp *iwqp)
3350 {
3351 	struct iw_cm_id *cm_id;
3352 	struct irdma_device *iwdev;
3353 	struct irdma_sc_qp *qp = &iwqp->sc_qp;
3354 	u16 last_ae;
3355 	u8 original_hw_tcp_state;
3356 	u8 original_ibqp_state;
3357 	int disconn_status = 0;
3358 	int issue_disconn = 0;
3359 	int issue_close = 0;
3360 	int issue_flush = 0;
3361 	unsigned long flags;
3362 	int err;
3363 
3364 	iwdev = iwqp->iwdev;
3365 	spin_lock_irqsave(&iwqp->lock, flags);
3366 	if (rdma_protocol_roce(&iwdev->ibdev, 1)) {
3367 		struct ib_qp_attr attr;
3368 
3369 		if (iwqp->flush_issued || iwqp->sc_qp.qp_uk.destroy_pending) {
3370 			spin_unlock_irqrestore(&iwqp->lock, flags);
3371 			return;
3372 		}
3373 
3374 		spin_unlock_irqrestore(&iwqp->lock, flags);
3375 
3376 		attr.qp_state = IB_QPS_ERR;
3377 		irdma_modify_qp_roce(&iwqp->ibqp, &attr, IB_QP_STATE, NULL);
3378 		irdma_ib_qp_event(iwqp, qp->event_type);
3379 		return;
3380 	}
3381 
3382 	cm_id = iwqp->cm_id;
3383 	original_hw_tcp_state = iwqp->hw_tcp_state;
3384 	original_ibqp_state = iwqp->ibqp_state;
3385 	last_ae = iwqp->last_aeq;
3386 
3387 	if (qp->term_flags) {
3388 		issue_disconn = 1;
3389 		issue_close = 1;
3390 		iwqp->cm_id = NULL;
3391 		irdma_terminate_del_timer(qp);
3392 		if (!iwqp->flush_issued) {
3393 			iwqp->flush_issued = 1;
3394 			issue_flush = 1;
3395 		}
3396 	} else if ((original_hw_tcp_state == IRDMA_TCP_STATE_CLOSE_WAIT) ||
3397 		   ((original_ibqp_state == IB_QPS_RTS) &&
3398 		    (last_ae == IRDMA_AE_LLP_CONNECTION_RESET))) {
3399 		issue_disconn = 1;
3400 		if (last_ae == IRDMA_AE_LLP_CONNECTION_RESET)
3401 			disconn_status = -ECONNRESET;
3402 	}
3403 
3404 	if (original_hw_tcp_state == IRDMA_TCP_STATE_CLOSED ||
3405 	    original_hw_tcp_state == IRDMA_TCP_STATE_TIME_WAIT ||
3406 	    last_ae == IRDMA_AE_RDMAP_ROE_BAD_LLP_CLOSE ||
3407 	    last_ae == IRDMA_AE_BAD_CLOSE ||
3408 	    last_ae == IRDMA_AE_LLP_CONNECTION_RESET || iwdev->rf->reset || !cm_id) {
3409 		issue_close = 1;
3410 		iwqp->cm_id = NULL;
3411 		qp->term_flags = 0;
3412 		if (!iwqp->flush_issued) {
3413 			iwqp->flush_issued = 1;
3414 			issue_flush = 1;
3415 		}
3416 	}
3417 
3418 	spin_unlock_irqrestore(&iwqp->lock, flags);
3419 	if (issue_flush && !iwqp->sc_qp.qp_uk.destroy_pending) {
3420 		irdma_flush_wqes(iwqp, IRDMA_FLUSH_SQ | IRDMA_FLUSH_RQ |
3421 				 IRDMA_FLUSH_WAIT);
3422 
3423 		if (qp->term_flags)
3424 			irdma_ib_qp_event(iwqp, qp->event_type);
3425 	}
3426 
3427 	if (!cm_id || !cm_id->event_handler)
3428 		return;
3429 
3430 	spin_lock_irqsave(&iwdev->cm_core.ht_lock, flags);
3431 	if (!iwqp->cm_node) {
3432 		spin_unlock_irqrestore(&iwdev->cm_core.ht_lock, flags);
3433 		return;
3434 	}
3435 	atomic_inc(&iwqp->cm_node->refcnt);
3436 
3437 	spin_unlock_irqrestore(&iwdev->cm_core.ht_lock, flags);
3438 
3439 	if (issue_disconn) {
3440 		err = irdma_send_cm_event(iwqp->cm_node, cm_id,
3441 					  IW_CM_EVENT_DISCONNECT,
3442 					  disconn_status);
3443 		if (err)
3444 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3445 				    "disconnect event failed: - cm_id = %p\n",
3446 				    cm_id);
3447 	}
3448 	if (issue_close) {
3449 		cm_id->provider_data = iwqp;
3450 		err = irdma_send_cm_event(iwqp->cm_node, cm_id,
3451 					  IW_CM_EVENT_CLOSE, 0);
3452 		if (err)
3453 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3454 				    "close event failed: - cm_id = %p\n",
3455 				    cm_id);
3456 		irdma_qp_disconnect(iwqp);
3457 	}
3458 	irdma_rem_ref_cm_node(iwqp->cm_node);
3459 }
3460 
3461 /**
3462  * irdma_disconnect_worker - worker for connection close
3463  * @work: points or disconn structure
3464  */
3465 static void
3466 irdma_disconnect_worker(struct work_struct *work)
3467 {
3468 	struct disconn_work *dwork = container_of(work, struct disconn_work, work);
3469 	struct irdma_qp *iwqp = dwork->iwqp;
3470 
3471 	kfree(dwork);
3472 	irdma_cm_disconn_true(iwqp);
3473 	irdma_qp_rem_ref(&iwqp->ibqp);
3474 }
3475 
3476 /**
3477  * irdma_free_lsmm_rsrc - free lsmm memory and deregister
3478  * @iwqp: associate qp for the connection
3479  */
3480 void
3481 irdma_free_lsmm_rsrc(struct irdma_qp *iwqp)
3482 {
3483 	struct irdma_device *iwdev;
3484 
3485 	iwdev = iwqp->iwdev;
3486 
3487 	if (iwqp->ietf_mem.va) {
3488 		if (iwqp->lsmm_mr)
3489 			iwdev->ibdev.dereg_mr(iwqp->lsmm_mr, NULL);
3490 
3491 		irdma_free_dma_mem(iwdev->rf->sc_dev.hw,
3492 				   &iwqp->ietf_mem);
3493 		iwqp->ietf_mem.va = NULL;
3494 	}
3495 }
3496 
3497 /**
3498  * irdma_accept - registered call for connection to be accepted
3499  * @cm_id: cm information for passive connection
3500  * @conn_param: accpet parameters
3501  */
3502 int
3503 irdma_accept(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param)
3504 {
3505 	struct ib_qp *ibqp;
3506 	struct irdma_qp *iwqp;
3507 	struct irdma_device *iwdev;
3508 	struct irdma_sc_dev *dev;
3509 	struct irdma_cm_node *cm_node;
3510 	struct ib_qp_attr attr = {0};
3511 	int passive_state;
3512 	struct ib_mr *ibmr;
3513 	struct irdma_pd *iwpd;
3514 	u16 buf_len = 0;
3515 	struct irdma_kmem_info accept;
3516 	u64 tagged_offset;
3517 	int wait_ret;
3518 	int ret = 0;
3519 
3520 	ibqp = irdma_get_qp(cm_id->device, conn_param->qpn);
3521 	if (!ibqp)
3522 		return -EINVAL;
3523 
3524 	iwqp = to_iwqp(ibqp);
3525 	iwdev = iwqp->iwdev;
3526 	dev = &iwdev->rf->sc_dev;
3527 	cm_node = cm_id->provider_data;
3528 
3529 	if (((struct sockaddr_in *)&cm_id->local_addr)->sin_family == AF_INET) {
3530 		cm_node->ipv4 = true;
3531 		cm_node->vlan_id = irdma_get_vlan_ipv4(cm_id, cm_node->loc_addr);
3532 	} else {
3533 		cm_node->ipv4 = false;
3534 		irdma_get_vlan_mac_ipv6(cm_id, cm_node->loc_addr, &cm_node->vlan_id,
3535 					NULL);
3536 	}
3537 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM, "Accept vlan_id=%d\n",
3538 		    cm_node->vlan_id);
3539 
3540 	if (cm_node->state == IRDMA_CM_STATE_LISTENER_DESTROYED) {
3541 		ret = -EINVAL;
3542 		goto error;
3543 	}
3544 
3545 	passive_state = atomic_add_return(1, &cm_node->passive_state);
3546 	if (passive_state == IRDMA_SEND_RESET_EVENT) {
3547 		ret = -ECONNRESET;
3548 		goto error;
3549 	}
3550 
3551 	buf_len = conn_param->private_data_len + IRDMA_MAX_IETF_SIZE;
3552 	iwqp->ietf_mem.size = buf_len;
3553 	iwqp->ietf_mem.va = irdma_allocate_dma_mem(dev->hw, &iwqp->ietf_mem,
3554 						   iwqp->ietf_mem.size, 1);
3555 	if (!iwqp->ietf_mem.va) {
3556 		ret = -ENOMEM;
3557 		goto error;
3558 	}
3559 
3560 	cm_node->pdata.size = conn_param->private_data_len;
3561 	accept.addr = iwqp->ietf_mem.va;
3562 	accept.size = irdma_cm_build_mpa_frame(cm_node, &accept, MPA_KEY_REPLY);
3563 	memcpy((u8 *)accept.addr + accept.size, conn_param->private_data,
3564 	       conn_param->private_data_len);
3565 
3566 	if (cm_node->dev->ws_add(iwqp->sc_qp.vsi, cm_node->user_pri)) {
3567 		ret = -ENOMEM;
3568 		goto error;
3569 	}
3570 	iwqp->sc_qp.user_pri = cm_node->user_pri;
3571 	irdma_qp_add_qos(&iwqp->sc_qp);
3572 	if (cm_node->dev->hw_attrs.uk_attrs.hw_rev == IRDMA_GEN_2)
3573 		iwdev->rf->check_fc(&iwdev->vsi, &iwqp->sc_qp);
3574 	/* setup our first outgoing iWarp send WQE (the IETF frame response) */
3575 	iwpd = iwqp->iwpd;
3576 	tagged_offset = (uintptr_t)iwqp->ietf_mem.va;
3577 	ibmr = irdma_reg_phys_mr(&iwpd->ibpd, iwqp->ietf_mem.pa, buf_len,
3578 				 IB_ACCESS_LOCAL_WRITE, &tagged_offset);
3579 	if (IS_ERR(ibmr)) {
3580 		ret = -ENOMEM;
3581 		goto error;
3582 	}
3583 
3584 	ibmr->pd = &iwpd->ibpd;
3585 	ibmr->device = iwpd->ibpd.device;
3586 	iwqp->lsmm_mr = ibmr;
3587 	if (iwqp->page)
3588 		iwqp->sc_qp.qp_uk.sq_base = kmap_local_page(iwqp->page);
3589 
3590 	cm_node->lsmm_size = accept.size + conn_param->private_data_len;
3591 	irdma_sc_send_lsmm(&iwqp->sc_qp, iwqp->ietf_mem.va, cm_node->lsmm_size,
3592 			   ibmr->lkey);
3593 
3594 	if (iwqp->page)
3595 		kunmap_local(iwqp->sc_qp.qp_uk.sq_base);
3596 
3597 	iwqp->cm_id = cm_id;
3598 	cm_node->cm_id = cm_id;
3599 
3600 	cm_id->provider_data = iwqp;
3601 	iwqp->active_conn = 0;
3602 	iwqp->cm_node = cm_node;
3603 	cm_node->iwqp = iwqp;
3604 	irdma_cm_init_tsa_conn(iwqp, cm_node);
3605 	irdma_qp_add_ref(&iwqp->ibqp);
3606 	cm_id->add_ref(cm_id);
3607 
3608 	attr.qp_state = IB_QPS_RTS;
3609 	cm_node->qhash_set = false;
3610 	cm_node->cm_core->cm_free_ah(cm_node);
3611 
3612 	irdma_modify_qp(&iwqp->ibqp, &attr, IB_QP_STATE, NULL);
3613 	if (dev->hw_attrs.uk_attrs.feature_flags & IRDMA_FEATURE_RTS_AE) {
3614 		wait_ret = wait_event_interruptible_timeout(iwqp->waitq,
3615 							    iwqp->rts_ae_rcvd,
3616 							    IRDMA_MAX_TIMEOUT);
3617 		if (!wait_ret) {
3618 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3619 				    "Slow Connection: cm_node=%p, loc_port=%d, rem_port=%d, cm_id=%p\n",
3620 				    cm_node, cm_node->loc_port,
3621 				    cm_node->rem_port, cm_node->cm_id);
3622 			ret = -ECONNRESET;
3623 			goto error;
3624 		}
3625 	}
3626 
3627 	irdma_send_cm_event(cm_node, cm_id, IW_CM_EVENT_ESTABLISHED, 0);
3628 	cm_node->accelerated = true;
3629 	complete(&cm_node->establish_comp);
3630 
3631 	if (cm_node->accept_pend) {
3632 		atomic_dec(&cm_node->listener->pend_accepts_cnt);
3633 		cm_node->accept_pend = 0;
3634 	}
3635 
3636 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3637 		    "rem_port=0x%04x, loc_port=0x%04x rem_addr=%x loc_addr=%x cm_node=%p cm_id=%p qp_id=%d\n\n",
3638 		    cm_node->rem_port, cm_node->loc_port, cm_node->rem_addr[0],
3639 		    cm_node->loc_addr[0], cm_node, cm_id, ibqp->qp_num);
3640 	cm_node->cm_core->stats_accepts++;
3641 
3642 	return 0;
3643 error:
3644 	irdma_free_lsmm_rsrc(iwqp);
3645 	irdma_rem_ref_cm_node(cm_node);
3646 
3647 	return ret;
3648 }
3649 
3650 /**
3651  * irdma_reject - registered call for connection to be rejected
3652  * @cm_id: cm information for passive connection
3653  * @pdata: private data to be sent
3654  * @pdata_len: private data length
3655  */
3656 int
3657 irdma_reject(struct iw_cm_id *cm_id, const void *pdata, u8 pdata_len)
3658 {
3659 	struct irdma_device *iwdev;
3660 	struct irdma_cm_node *cm_node;
3661 
3662 	cm_node = cm_id->provider_data;
3663 	cm_node->pdata.size = pdata_len;
3664 
3665 	iwdev = to_iwdev(cm_id->device);
3666 	if (!iwdev)
3667 		return -EINVAL;
3668 
3669 	cm_node->cm_core->stats_rejects++;
3670 
3671 	if (pdata_len + sizeof(struct ietf_mpa_v2) > IRDMA_MAX_CM_BUF)
3672 		return -EINVAL;
3673 
3674 	return irdma_cm_reject(cm_node, pdata, pdata_len);
3675 }
3676 
3677 /**
3678  * irdma_connect - registered call for connection to be established
3679  * @cm_id: cm information for passive connection
3680  * @conn_param: Information about the connection
3681  */
3682 int
3683 irdma_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param)
3684 {
3685 	struct ib_qp *ibqp;
3686 	struct irdma_qp *iwqp;
3687 	struct irdma_device *iwdev;
3688 	struct irdma_cm_node *cm_node;
3689 	struct irdma_cm_info cm_info;
3690 	struct sockaddr_in *laddr;
3691 	struct sockaddr_in *raddr;
3692 	struct sockaddr_in6 *laddr6;
3693 	struct sockaddr_in6 *raddr6;
3694 	int ret = 0;
3695 
3696 	ibqp = irdma_get_qp(cm_id->device, conn_param->qpn);
3697 	if (!ibqp)
3698 		return -EINVAL;
3699 	iwqp = to_iwqp(ibqp);
3700 	if (!iwqp)
3701 		return -EINVAL;
3702 	iwdev = iwqp->iwdev;
3703 	if (!iwdev)
3704 		return -EINVAL;
3705 
3706 	laddr = (struct sockaddr_in *)&cm_id->m_local_addr;
3707 	raddr = (struct sockaddr_in *)&cm_id->m_remote_addr;
3708 	laddr6 = (struct sockaddr_in6 *)&cm_id->m_local_addr;
3709 	raddr6 = (struct sockaddr_in6 *)&cm_id->m_remote_addr;
3710 
3711 	if (!(laddr->sin_port) || !(raddr->sin_port))
3712 		return -EINVAL;
3713 
3714 	iwqp->active_conn = 1;
3715 	iwqp->cm_id = NULL;
3716 	cm_id->provider_data = iwqp;
3717 
3718 	/* set up the connection params for the node */
3719 	if (cm_id->remote_addr.ss_family == AF_INET) {
3720 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV4)
3721 			return -EINVAL;
3722 
3723 		cm_info.ipv4 = true;
3724 		memset(cm_info.loc_addr, 0, sizeof(cm_info.loc_addr));
3725 		memset(cm_info.rem_addr, 0, sizeof(cm_info.rem_addr));
3726 		cm_info.loc_addr[0] = ntohl(laddr->sin_addr.s_addr);
3727 		cm_info.rem_addr[0] = ntohl(raddr->sin_addr.s_addr);
3728 		cm_info.loc_port = ntohs(laddr->sin_port);
3729 		cm_info.rem_port = ntohs(raddr->sin_port);
3730 		cm_info.vlan_id = irdma_get_vlan_ipv4(cm_id, cm_info.loc_addr);
3731 	} else {
3732 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV6)
3733 			return -EINVAL;
3734 
3735 		cm_info.ipv4 = false;
3736 		irdma_copy_ip_ntohl(cm_info.loc_addr,
3737 				    laddr6->sin6_addr.__u6_addr.__u6_addr32);
3738 		irdma_copy_ip_ntohl(cm_info.rem_addr,
3739 				    raddr6->sin6_addr.__u6_addr.__u6_addr32);
3740 		cm_info.loc_port = ntohs(laddr6->sin6_port);
3741 		cm_info.rem_port = ntohs(raddr6->sin6_port);
3742 		irdma_get_vlan_mac_ipv6(cm_id, cm_info.loc_addr, &cm_info.vlan_id, NULL);
3743 	}
3744 	cm_info.cm_id = cm_id;
3745 	cm_info.qh_qpid = iwdev->vsi.ilq->qp_id;
3746 	cm_info.tos = cm_id->tos;
3747 	if (iwdev->vsi.dscp_mode) {
3748 		cm_info.user_pri =
3749 		    iwqp->sc_qp.vsi->dscp_map[irdma_tos2dscp(cm_info.tos)];
3750 	} else {
3751 		cm_info.user_pri = rt_tos2priority(cm_id->tos);
3752 		cm_info.user_pri =
3753 		    irdma_iw_get_vlan_prio(cm_info.loc_addr,
3754 					   cm_info.user_pri,
3755 					   cm_info.ipv4);
3756 	}
3757 
3758 	if (iwqp->sc_qp.dev->ws_add(iwqp->sc_qp.vsi, cm_info.user_pri))
3759 		return -ENOMEM;
3760 	iwqp->sc_qp.user_pri = cm_info.user_pri;
3761 	irdma_qp_add_qos(&iwqp->sc_qp);
3762 	if (iwdev->rf->sc_dev.hw_attrs.uk_attrs.hw_rev == IRDMA_GEN_2)
3763 		iwdev->rf->check_fc(&iwdev->vsi, &iwqp->sc_qp);
3764 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_DCB, "TOS:[%d] UP:[%d]\n",
3765 		    cm_id->tos, cm_info.user_pri);
3766 
3767 	ret = irdma_create_cm_node(&iwdev->cm_core, iwdev, conn_param, &cm_info,
3768 				   &cm_node);
3769 	if (ret)
3770 		return ret;
3771 	ret = cm_node->cm_core->cm_create_ah(cm_node, true);
3772 	if (ret)
3773 		goto err;
3774 	if (irdma_manage_qhash(iwdev, &cm_info,
3775 			       IRDMA_QHASH_TYPE_TCP_ESTABLISHED,
3776 			       IRDMA_QHASH_MANAGE_TYPE_ADD, NULL, true)) {
3777 		ret = -EINVAL;
3778 		goto err;
3779 	}
3780 	cm_node->qhash_set = true;
3781 
3782 	cm_node->apbvt_entry = irdma_add_apbvt(iwdev, cm_info.loc_port);
3783 	if (!cm_node->apbvt_entry) {
3784 		ret = -EINVAL;
3785 		goto err;
3786 	}
3787 
3788 	cm_node->apbvt_set = true;
3789 	iwqp->cm_node = cm_node;
3790 	cm_node->iwqp = iwqp;
3791 	iwqp->cm_id = cm_id;
3792 	irdma_qp_add_ref(&iwqp->ibqp);
3793 	cm_id->add_ref(cm_id);
3794 
3795 	if (cm_node->state != IRDMA_CM_STATE_OFFLOADED) {
3796 		cm_node->state = IRDMA_CM_STATE_SYN_SENT;
3797 		ret = irdma_send_syn(cm_node, 0);
3798 		if (ret)
3799 			goto err;
3800 	}
3801 
3802 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3803 		    "rem_port=0x%04x, loc_port=0x%04x rem_addr=%x loc_addr=%x cm_node=%p cm_id=%p qp_id = %d\n\n",
3804 		    cm_node->rem_port, cm_node->loc_port, cm_node->rem_addr[0],
3805 		    cm_node->loc_addr[0], cm_node, cm_id, ibqp->qp_num);
3806 
3807 	return 0;
3808 
3809 err:
3810 	if (cm_info.ipv4)
3811 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3812 			    "connect() FAILED: dest addr=%x",
3813 			    cm_info.rem_addr[0]);
3814 	else
3815 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3816 			    "connect() FAILED: dest addr=%x:%x:%x:%x",
3817 			    IRDMA_PRINT_IP6(cm_info.rem_addr));
3818 	irdma_rem_ref_cm_node(cm_node);
3819 	iwdev->cm_core.stats_connect_errs++;
3820 
3821 	return ret;
3822 }
3823 
3824 /**
3825  * irdma_create_listen - registered call creating listener
3826  * @cm_id: cm information for passive connection
3827  * @backlog: to max accept pending count
3828  */
3829 int
3830 irdma_create_listen(struct iw_cm_id *cm_id, int backlog)
3831 {
3832 	struct irdma_device *iwdev;
3833 	struct irdma_cm_listener *cm_listen_node;
3834 	struct irdma_cm_info cm_info = {0};
3835 	struct sockaddr_in *laddr;
3836 	struct sockaddr_in6 *laddr6;
3837 	bool wildcard = false;
3838 	int err;
3839 
3840 	iwdev = to_iwdev(cm_id->device);
3841 	if (!iwdev)
3842 		return -EINVAL;
3843 
3844 	laddr = (struct sockaddr_in *)&cm_id->m_local_addr;
3845 	laddr6 = (struct sockaddr_in6 *)&cm_id->m_local_addr;
3846 	cm_info.qh_qpid = iwdev->vsi.ilq->qp_id;
3847 
3848 	if (laddr->sin_family == AF_INET) {
3849 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV4)
3850 			return -EINVAL;
3851 
3852 		cm_info.ipv4 = true;
3853 		cm_info.loc_addr[0] = ntohl(laddr->sin_addr.s_addr);
3854 		cm_info.loc_port = ntohs(laddr->sin_port);
3855 
3856 		if (laddr->sin_addr.s_addr != htonl(INADDR_ANY)) {
3857 			cm_info.vlan_id = irdma_get_vlan_ipv4(cm_id, cm_info.loc_addr);
3858 		} else {
3859 			cm_info.vlan_id = 0xFFFF;
3860 			wildcard = true;
3861 		}
3862 	} else {
3863 		if (iwdev->vsi.mtu < IRDMA_MIN_MTU_IPV6)
3864 			return -EINVAL;
3865 
3866 		cm_info.ipv4 = false;
3867 		irdma_copy_ip_ntohl(cm_info.loc_addr,
3868 				    laddr6->sin6_addr.__u6_addr.__u6_addr32);
3869 		cm_info.loc_port = ntohs(laddr6->sin6_port);
3870 		if (!IN6_IS_ADDR_UNSPECIFIED(&laddr6->sin6_addr)) {
3871 			irdma_get_vlan_mac_ipv6(cm_id, cm_info.loc_addr,
3872 						&cm_info.vlan_id, NULL);
3873 		} else {
3874 			cm_info.vlan_id = 0xFFFF;
3875 			wildcard = true;
3876 		}
3877 	}
3878 
3879 	if (cm_info.vlan_id >= VLAN_N_VID && iwdev->dcb_vlan_mode)
3880 		cm_info.vlan_id = 0;
3881 	cm_info.backlog = backlog;
3882 	cm_info.cm_id = cm_id;
3883 
3884 	cm_listen_node = irdma_make_listen_node(&iwdev->cm_core, iwdev,
3885 						&cm_info);
3886 	if (!cm_listen_node) {
3887 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3888 			    "cm_listen_node == NULL\n");
3889 		return -ENOMEM;
3890 	}
3891 
3892 	cm_id->provider_data = cm_listen_node;
3893 
3894 	cm_listen_node->tos = cm_id->tos;
3895 	if (iwdev->vsi.dscp_mode)
3896 		cm_listen_node->user_pri =
3897 		    iwdev->vsi.dscp_map[irdma_tos2dscp(cm_id->tos)];
3898 	else
3899 		cm_listen_node->user_pri = rt_tos2priority(cm_id->tos);
3900 	cm_info.user_pri = cm_listen_node->user_pri;
3901 	if (!cm_listen_node->reused_node) {
3902 		if (wildcard) {
3903 			err = irdma_add_mqh(iwdev, &cm_info, cm_listen_node);
3904 			if (err)
3905 				goto error;
3906 		} else {
3907 			if (!iwdev->vsi.dscp_mode)
3908 				cm_info.user_pri = cm_listen_node->user_pri =
3909 				    irdma_iw_get_vlan_prio(cm_info.loc_addr,
3910 							   cm_info.user_pri,
3911 							   cm_info.ipv4);
3912 			err = irdma_manage_qhash(iwdev, &cm_info,
3913 						 IRDMA_QHASH_TYPE_TCP_SYN,
3914 						 IRDMA_QHASH_MANAGE_TYPE_ADD,
3915 						 NULL, true);
3916 			if (err)
3917 				goto error;
3918 
3919 			cm_listen_node->qhash_set = true;
3920 		}
3921 
3922 		cm_listen_node->apbvt_entry = irdma_add_apbvt(iwdev,
3923 							      cm_info.loc_port);
3924 		if (!cm_listen_node->apbvt_entry)
3925 			goto error;
3926 	}
3927 	cm_id->add_ref(cm_id);
3928 	cm_listen_node->cm_core->stats_listen_created++;
3929 	irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3930 		    "loc_port=0x%04x loc_addr=%x cm_listen_node=%p cm_id=%p qhash_set=%d vlan_id=%d\n",
3931 		    cm_listen_node->loc_port, cm_listen_node->loc_addr[0],
3932 		    cm_listen_node, cm_listen_node->cm_id,
3933 		    cm_listen_node->qhash_set, cm_listen_node->vlan_id);
3934 
3935 	return 0;
3936 
3937 error:
3938 
3939 	irdma_cm_del_listen(&iwdev->cm_core, cm_listen_node, false);
3940 
3941 	return -EINVAL;
3942 }
3943 
3944 /**
3945  * irdma_destroy_listen - registered call to destroy listener
3946  * @cm_id: cm information for passive connection
3947  */
3948 int
3949 irdma_destroy_listen(struct iw_cm_id *cm_id)
3950 {
3951 	struct irdma_device *iwdev;
3952 
3953 	iwdev = to_iwdev(cm_id->device);
3954 	if (cm_id->provider_data)
3955 		irdma_cm_del_listen(&iwdev->cm_core, cm_id->provider_data,
3956 				    true);
3957 	else
3958 		irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
3959 			    "cm_id->provider_data was NULL\n");
3960 
3961 	cm_id->rem_ref(cm_id);
3962 
3963 	return 0;
3964 }
3965 
3966 /**
3967  * irdma_iw_teardown_list_prep - add conn nodes slated for tear
3968  * down to list
3969  * @cm_core: cm's core
3970  * @teardown_list: a list to which cm_node will be selected
3971  * @ipaddr: pointer to ip address
3972  * @nfo: pointer to cm_info structure instance
3973  * @disconnect_all: flag indicating disconnect all QPs
3974  */
3975 static void
3976 irdma_iw_teardown_list_prep(struct irdma_cm_core *cm_core,
3977 			    struct list_head *teardown_list,
3978 			    u32 *ipaddr,
3979 			    struct irdma_cm_info *nfo,
3980 			    bool disconnect_all)
3981 {
3982 	struct irdma_cm_node *cm_node;
3983 	int bkt;
3984 
3985 	HASH_FOR_EACH_RCU(cm_core->cm_hash_tbl, bkt, cm_node, list) {
3986 		if ((disconnect_all ||
3987 		     (nfo->vlan_id == cm_node->vlan_id &&
3988 		      !memcmp(cm_node->loc_addr, ipaddr, nfo->ipv4 ? 4 : 16))) &&
3989 		    atomic_inc_not_zero(&cm_node->refcnt))
3990 			list_add(&cm_node->teardown_entry, teardown_list);
3991 	}
3992 }
3993 
3994 static inline bool
3995 irdma_ip_vlan_match(u32 *ip1, u16 vlan_id1,
3996 		    bool check_vlan, u32 *ip2,
3997 		    u16 vlan_id2, bool ipv4)
3998 {
3999 	return (!check_vlan || vlan_id1 == vlan_id2) &&
4000 	    !memcmp(ip1, ip2, ipv4 ? 4 : 16);
4001 }
4002 
4003 /**
4004  * irdma_roce_teardown_list_prep - add conn nodes slated for
4005  * tear down to list
4006  * @iwdev: RDMA device
4007  * @teardown_list: a list to which cm_node will be selected
4008  * @ipaddr: pointer to ip address
4009  * @nfo: pointer to cm_info structure instance
4010  * @disconnect_all: flag indicating disconnect all QPs
4011  */
4012 static void
4013 irdma_roce_teardown_list_prep(struct irdma_device *iwdev,
4014 			      struct list_head *teardown_list,
4015 			      u32 *ipaddr,
4016 			      struct irdma_cm_info *nfo,
4017 			      bool disconnect_all)
4018 {
4019 	struct irdma_sc_vsi *vsi = &iwdev->vsi;
4020 	struct irdma_sc_qp *sc_qp;
4021 	struct list_head *list_node;
4022 	struct irdma_qp *qp;
4023 	unsigned long flags;
4024 	int i;
4025 
4026 	for (i = 0; i < IRDMA_MAX_USER_PRIORITY; i++) {
4027 		mutex_lock(&vsi->qos[i].qos_mutex);
4028 		list_for_each(list_node, &vsi->qos[i].qplist) {
4029 			u32 qp_ip[4];
4030 
4031 			sc_qp = container_of(list_node, struct irdma_sc_qp,
4032 					     list);
4033 			if (sc_qp->qp_uk.qp_type != IRDMA_QP_TYPE_ROCE_RC)
4034 				continue;
4035 
4036 			qp = sc_qp->qp_uk.back_qp;
4037 			if (!disconnect_all) {
4038 				if (nfo->ipv4)
4039 					qp_ip[0] = qp->udp_info.local_ipaddr[3];
4040 				else
4041 					memcpy(qp_ip,
4042 					       &qp->udp_info.local_ipaddr[0],
4043 					       sizeof(qp_ip));
4044 			}
4045 
4046 			if (disconnect_all ||
4047 			    irdma_ip_vlan_match(qp_ip,
4048 						qp->udp_info.vlan_tag & EVL_VLID_MASK,
4049 						qp->udp_info.insert_vlan_tag,
4050 						ipaddr, nfo->vlan_id, nfo->ipv4)) {
4051 				spin_lock_irqsave(&iwdev->rf->qptable_lock, flags);
4052 				if (iwdev->rf->qp_table[sc_qp->qp_uk.qp_id]) {
4053 					irdma_qp_add_ref(&qp->ibqp);
4054 					list_add(&qp->teardown_entry, teardown_list);
4055 				}
4056 				spin_unlock_irqrestore(&iwdev->rf->qptable_lock, flags);
4057 			}
4058 		}
4059 		mutex_unlock(&vsi->qos[i].qos_mutex);
4060 	}
4061 }
4062 
4063 /**
4064  * irdma_cm_event_connected - handle connected active node
4065  * @event: the info for cm_node of connection
4066  */
4067 static void
4068 irdma_cm_event_connected(struct irdma_cm_event *event)
4069 {
4070 	struct irdma_qp *iwqp;
4071 	struct irdma_device *iwdev;
4072 	struct irdma_cm_node *cm_node;
4073 	struct irdma_sc_dev *dev;
4074 	struct ib_qp_attr attr = {0};
4075 	struct iw_cm_id *cm_id;
4076 	int status;
4077 	bool read0;
4078 	int wait_ret = 0;
4079 
4080 	cm_node = event->cm_node;
4081 	cm_id = cm_node->cm_id;
4082 	iwqp = cm_id->provider_data;
4083 	iwdev = iwqp->iwdev;
4084 	dev = &iwdev->rf->sc_dev;
4085 	if (iwqp->sc_qp.qp_uk.destroy_pending) {
4086 		status = -ETIMEDOUT;
4087 		goto error;
4088 	}
4089 
4090 	irdma_cm_init_tsa_conn(iwqp, cm_node);
4091 	read0 = (cm_node->send_rdma0_op == SEND_RDMA_READ_ZERO);
4092 	if (iwqp->page)
4093 		iwqp->sc_qp.qp_uk.sq_base = kmap_local_page(iwqp->page);
4094 	irdma_sc_send_rtt(&iwqp->sc_qp, read0);
4095 	if (iwqp->page)
4096 		kunmap_local(iwqp->sc_qp.qp_uk.sq_base);
4097 
4098 	attr.qp_state = IB_QPS_RTS;
4099 	cm_node->qhash_set = false;
4100 	irdma_modify_qp(&iwqp->ibqp, &attr, IB_QP_STATE, NULL);
4101 	if (dev->hw_attrs.uk_attrs.feature_flags & IRDMA_FEATURE_RTS_AE) {
4102 		wait_ret = wait_event_interruptible_timeout(iwqp->waitq,
4103 							    iwqp->rts_ae_rcvd,
4104 							    IRDMA_MAX_TIMEOUT);
4105 		if (!wait_ret)
4106 			irdma_debug(&iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
4107 				    "Slow Connection: cm_node=%p, loc_port=%d, rem_port=%d, cm_id=%p\n",
4108 				    cm_node, cm_node->loc_port,
4109 				    cm_node->rem_port, cm_node->cm_id);
4110 	}
4111 
4112 	irdma_send_cm_event(cm_node, cm_id, IW_CM_EVENT_CONNECT_REPLY, 0);
4113 	cm_node->accelerated = true;
4114 	complete(&cm_node->establish_comp);
4115 	cm_node->cm_core->cm_free_ah(cm_node);
4116 	return;
4117 
4118 error:
4119 	iwqp->cm_id = NULL;
4120 	cm_id->provider_data = NULL;
4121 	irdma_send_cm_event(event->cm_node, cm_id, IW_CM_EVENT_CONNECT_REPLY,
4122 			    status);
4123 	irdma_rem_ref_cm_node(event->cm_node);
4124 }
4125 
4126 /**
4127  * irdma_cm_event_reset - handle reset
4128  * @event: the info for cm_node of connection
4129  */
4130 static void
4131 irdma_cm_event_reset(struct irdma_cm_event *event)
4132 {
4133 	struct irdma_cm_node *cm_node = event->cm_node;
4134 	struct iw_cm_id *cm_id = cm_node->cm_id;
4135 	struct irdma_qp *iwqp;
4136 
4137 	if (!cm_id)
4138 		return;
4139 
4140 	iwqp = cm_id->provider_data;
4141 	if (!iwqp)
4142 		return;
4143 
4144 	irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
4145 		    "reset event %p - cm_id = %p\n", event->cm_node, cm_id);
4146 	iwqp->cm_id = NULL;
4147 
4148 	irdma_send_cm_event(cm_node, cm_node->cm_id, IW_CM_EVENT_DISCONNECT,
4149 			    -ECONNRESET);
4150 	irdma_send_cm_event(cm_node, cm_node->cm_id, IW_CM_EVENT_CLOSE, 0);
4151 }
4152 
4153 /**
4154  * irdma_cm_event_handler - send event to cm upper layer
4155  * @work: pointer of cm event info.
4156  */
4157 static void
4158 irdma_cm_event_handler(struct work_struct *work)
4159 {
4160 	struct irdma_cm_event *event = container_of(work, struct irdma_cm_event, event_work);
4161 	struct irdma_cm_node *cm_node;
4162 
4163 	if (!event || !event->cm_node || !event->cm_node->cm_core)
4164 		return;
4165 
4166 	cm_node = event->cm_node;
4167 
4168 	switch (event->type) {
4169 	case IRDMA_CM_EVENT_MPA_REQ:
4170 		irdma_send_cm_event(cm_node, cm_node->cm_id,
4171 				    IW_CM_EVENT_CONNECT_REQUEST, 0);
4172 		break;
4173 	case IRDMA_CM_EVENT_RESET:
4174 		irdma_cm_event_reset(event);
4175 		break;
4176 	case IRDMA_CM_EVENT_CONNECTED:
4177 		if (!event->cm_node->cm_id ||
4178 		    event->cm_node->state != IRDMA_CM_STATE_OFFLOADED)
4179 			break;
4180 		irdma_cm_event_connected(event);
4181 		break;
4182 	case IRDMA_CM_EVENT_MPA_REJECT:
4183 		if (!event->cm_node->cm_id ||
4184 		    cm_node->state == IRDMA_CM_STATE_OFFLOADED)
4185 			break;
4186 		irdma_send_cm_event(cm_node, cm_node->cm_id,
4187 				    IW_CM_EVENT_CONNECT_REPLY, -ECONNREFUSED);
4188 		break;
4189 	case IRDMA_CM_EVENT_ABORTED:
4190 		if (!event->cm_node->cm_id ||
4191 		    event->cm_node->state == IRDMA_CM_STATE_OFFLOADED)
4192 			break;
4193 		irdma_event_connect_error(event);
4194 		break;
4195 	default:
4196 		irdma_debug(&cm_node->iwdev->rf->sc_dev, IRDMA_DEBUG_CM,
4197 			    "bad event type = %d\n", event->type);
4198 		break;
4199 	}
4200 
4201 	irdma_rem_ref_cm_node(event->cm_node);
4202 	kfree(event);
4203 }
4204 
4205 /**
4206  * irdma_cm_post_event - queue event request for worker thread
4207  * @event: cm node's info for up event call
4208  */
4209 static void
4210 irdma_cm_post_event(struct irdma_cm_event *event)
4211 {
4212 	atomic_inc(&event->cm_node->refcnt);
4213 	INIT_WORK(&event->event_work, irdma_cm_event_handler);
4214 	queue_work(event->cm_node->cm_core->event_wq, &event->event_work);
4215 }
4216 
4217 /**
4218  * irdma_cm_teardown_connections - teardown QPs
4219  * @iwdev: device pointer
4220  * @ipaddr: Pointer to IPv4 or IPv6 address
4221  * @nfo: Connection info
4222  * @disconnect_all: flag indicating disconnect all QPs
4223  *
4224  * teardown QPs where source or destination addr matches ip addr
4225  */
4226 static void __unused
4227 irdma_cm_teardown_connections(struct irdma_device *iwdev,
4228 			      u32 *ipaddr,
4229 			      struct irdma_cm_info *nfo,
4230 			      bool disconnect_all)
4231 {
4232 	struct irdma_cm_core *cm_core = &iwdev->cm_core;
4233 	struct list_head *list_core_temp;
4234 	struct list_head *list_node;
4235 	struct irdma_cm_node *cm_node;
4236 	struct list_head teardown_list;
4237 	struct ib_qp_attr attr;
4238 	struct irdma_qp *qp;
4239 
4240 	INIT_LIST_HEAD(&teardown_list);
4241 
4242 	rcu_read_lock();
4243 	irdma_iw_teardown_list_prep(cm_core, &teardown_list, ipaddr, nfo, disconnect_all);
4244 	rcu_read_unlock();
4245 
4246 	attr.qp_state = IB_QPS_ERR;
4247 	list_for_each_safe(list_node, list_core_temp, &teardown_list) {
4248 		cm_node = container_of(list_node, struct irdma_cm_node,
4249 				       teardown_entry);
4250 		irdma_modify_qp(&cm_node->iwqp->ibqp, &attr, IB_QP_STATE, NULL);
4251 		if (iwdev->rf->reset)
4252 			irdma_cm_disconn(cm_node->iwqp);
4253 		irdma_rem_ref_cm_node(cm_node);
4254 	}
4255 
4256 	if (!rdma_protocol_roce(&iwdev->ibdev, 1))
4257 		return;
4258 
4259 	INIT_LIST_HEAD(&teardown_list);
4260 	irdma_roce_teardown_list_prep(iwdev, &teardown_list, ipaddr, nfo, disconnect_all);
4261 
4262 	list_for_each_safe(list_node, list_core_temp, &teardown_list) {
4263 		qp = container_of(list_node, struct irdma_qp, teardown_entry);
4264 		irdma_modify_qp_roce(&qp->ibqp, &attr, IB_QP_STATE, NULL);
4265 		irdma_ib_qp_event(qp, IRDMA_QP_EVENT_CATASTROPHIC);
4266 		irdma_qp_rem_ref(&qp->ibqp);
4267 	}
4268 }
4269