1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright(c) 2016 - 2020 Intel Corporation. 4 */ 5 6 #include <linux/hash.h> 7 #include <linux/bitops.h> 8 #include <linux/lockdep.h> 9 #include <linux/vmalloc.h> 10 #include <linux/slab.h> 11 #include <rdma/ib_verbs.h> 12 #include <rdma/ib_hdrs.h> 13 #include <rdma/opa_addr.h> 14 #include <rdma/uverbs_ioctl.h> 15 #include "qp.h" 16 #include "vt.h" 17 #include "trace.h" 18 19 #define RVT_RWQ_COUNT_THRESHOLD 16 20 21 static void rvt_rc_timeout(struct timer_list *t); 22 static void rvt_reset_qp(struct rvt_dev_info *rdi, struct rvt_qp *qp, 23 enum ib_qp_type type); 24 25 /* 26 * Convert the AETH RNR timeout code into the number of microseconds. 27 */ 28 static const u32 ib_rvt_rnr_table[32] = { 29 655360, /* 00: 655.36 */ 30 10, /* 01: .01 */ 31 20, /* 02 .02 */ 32 30, /* 03: .03 */ 33 40, /* 04: .04 */ 34 60, /* 05: .06 */ 35 80, /* 06: .08 */ 36 120, /* 07: .12 */ 37 160, /* 08: .16 */ 38 240, /* 09: .24 */ 39 320, /* 0A: .32 */ 40 480, /* 0B: .48 */ 41 640, /* 0C: .64 */ 42 960, /* 0D: .96 */ 43 1280, /* 0E: 1.28 */ 44 1920, /* 0F: 1.92 */ 45 2560, /* 10: 2.56 */ 46 3840, /* 11: 3.84 */ 47 5120, /* 12: 5.12 */ 48 7680, /* 13: 7.68 */ 49 10240, /* 14: 10.24 */ 50 15360, /* 15: 15.36 */ 51 20480, /* 16: 20.48 */ 52 30720, /* 17: 30.72 */ 53 40960, /* 18: 40.96 */ 54 61440, /* 19: 61.44 */ 55 81920, /* 1A: 81.92 */ 56 122880, /* 1B: 122.88 */ 57 163840, /* 1C: 163.84 */ 58 245760, /* 1D: 245.76 */ 59 327680, /* 1E: 327.68 */ 60 491520 /* 1F: 491.52 */ 61 }; 62 63 /* 64 * Note that it is OK to post send work requests in the SQE and ERR 65 * states; rvt_do_send() will process them and generate error 66 * completions as per IB 1.2 C10-96. 67 */ 68 const int ib_rvt_state_ops[IB_QPS_ERR + 1] = { 69 [IB_QPS_RESET] = 0, 70 [IB_QPS_INIT] = RVT_POST_RECV_OK, 71 [IB_QPS_RTR] = RVT_POST_RECV_OK | RVT_PROCESS_RECV_OK, 72 [IB_QPS_RTS] = RVT_POST_RECV_OK | RVT_PROCESS_RECV_OK | 73 RVT_POST_SEND_OK | RVT_PROCESS_SEND_OK | 74 RVT_PROCESS_NEXT_SEND_OK, 75 [IB_QPS_SQD] = RVT_POST_RECV_OK | RVT_PROCESS_RECV_OK | 76 RVT_POST_SEND_OK | RVT_PROCESS_SEND_OK, 77 [IB_QPS_SQE] = RVT_POST_RECV_OK | RVT_PROCESS_RECV_OK | 78 RVT_POST_SEND_OK | RVT_FLUSH_SEND, 79 [IB_QPS_ERR] = RVT_POST_RECV_OK | RVT_FLUSH_RECV | 80 RVT_POST_SEND_OK | RVT_FLUSH_SEND, 81 }; 82 EXPORT_SYMBOL(ib_rvt_state_ops); 83 84 /* platform specific: return the last level cache (llc) size, in KiB */ 85 static int rvt_wss_llc_size(void) 86 { 87 /* assume that the boot CPU value is universal for all CPUs */ 88 return boot_cpu_data.x86_cache_size; 89 } 90 91 /* platform specific: cacheless copy */ 92 static void cacheless_memcpy(void *dst, void *src, size_t n) 93 { 94 /* 95 * Use the only available X64 cacheless copy. Add a __user cast 96 * to quiet sparse. The src agument is already in the kernel so 97 * there are no security issues. The extra fault recovery machinery 98 * is not invoked. 99 */ 100 __copy_user_nocache(dst, (void __user *)src, n); 101 } 102 103 void rvt_wss_exit(struct rvt_dev_info *rdi) 104 { 105 struct rvt_wss *wss = rdi->wss; 106 107 if (!wss) 108 return; 109 110 /* coded to handle partially initialized and repeat callers */ 111 kfree(wss->entries); 112 wss->entries = NULL; 113 kfree(rdi->wss); 114 rdi->wss = NULL; 115 } 116 117 /* 118 * rvt_wss_init - Init wss data structures 119 * 120 * Return: 0 on success 121 */ 122 int rvt_wss_init(struct rvt_dev_info *rdi) 123 { 124 unsigned int sge_copy_mode = rdi->dparms.sge_copy_mode; 125 unsigned int wss_threshold = rdi->dparms.wss_threshold; 126 unsigned int wss_clean_period = rdi->dparms.wss_clean_period; 127 long llc_size; 128 long llc_bits; 129 long table_size; 130 long table_bits; 131 struct rvt_wss *wss; 132 int node = rdi->dparms.node; 133 134 if (sge_copy_mode != RVT_SGE_COPY_ADAPTIVE) { 135 rdi->wss = NULL; 136 return 0; 137 } 138 139 rdi->wss = kzalloc_node(sizeof(*rdi->wss), GFP_KERNEL, node); 140 if (!rdi->wss) 141 return -ENOMEM; 142 wss = rdi->wss; 143 144 /* check for a valid percent range - default to 80 if none or invalid */ 145 if (wss_threshold < 1 || wss_threshold > 100) 146 wss_threshold = 80; 147 148 /* reject a wildly large period */ 149 if (wss_clean_period > 1000000) 150 wss_clean_period = 256; 151 152 /* reject a zero period */ 153 if (wss_clean_period == 0) 154 wss_clean_period = 1; 155 156 /* 157 * Calculate the table size - the next power of 2 larger than the 158 * LLC size. LLC size is in KiB. 159 */ 160 llc_size = rvt_wss_llc_size() * 1024; 161 table_size = roundup_pow_of_two(llc_size); 162 163 /* one bit per page in rounded up table */ 164 llc_bits = llc_size / PAGE_SIZE; 165 table_bits = table_size / PAGE_SIZE; 166 wss->pages_mask = table_bits - 1; 167 wss->num_entries = table_bits / BITS_PER_LONG; 168 169 wss->threshold = (llc_bits * wss_threshold) / 100; 170 if (wss->threshold == 0) 171 wss->threshold = 1; 172 173 wss->clean_period = wss_clean_period; 174 atomic_set(&wss->clean_counter, wss_clean_period); 175 176 wss->entries = kcalloc_node(wss->num_entries, sizeof(*wss->entries), 177 GFP_KERNEL, node); 178 if (!wss->entries) { 179 rvt_wss_exit(rdi); 180 return -ENOMEM; 181 } 182 183 return 0; 184 } 185 186 /* 187 * Advance the clean counter. When the clean period has expired, 188 * clean an entry. 189 * 190 * This is implemented in atomics to avoid locking. Because multiple 191 * variables are involved, it can be racy which can lead to slightly 192 * inaccurate information. Since this is only a heuristic, this is 193 * OK. Any innaccuracies will clean themselves out as the counter 194 * advances. That said, it is unlikely the entry clean operation will 195 * race - the next possible racer will not start until the next clean 196 * period. 197 * 198 * The clean counter is implemented as a decrement to zero. When zero 199 * is reached an entry is cleaned. 200 */ 201 static void wss_advance_clean_counter(struct rvt_wss *wss) 202 { 203 int entry; 204 int weight; 205 unsigned long bits; 206 207 /* become the cleaner if we decrement the counter to zero */ 208 if (atomic_dec_and_test(&wss->clean_counter)) { 209 /* 210 * Set, not add, the clean period. This avoids an issue 211 * where the counter could decrement below the clean period. 212 * Doing a set can result in lost decrements, slowing the 213 * clean advance. Since this a heuristic, this possible 214 * slowdown is OK. 215 * 216 * An alternative is to loop, advancing the counter by a 217 * clean period until the result is > 0. However, this could 218 * lead to several threads keeping another in the clean loop. 219 * This could be mitigated by limiting the number of times 220 * we stay in the loop. 221 */ 222 atomic_set(&wss->clean_counter, wss->clean_period); 223 224 /* 225 * Uniquely grab the entry to clean and move to next. 226 * The current entry is always the lower bits of 227 * wss.clean_entry. The table size, wss.num_entries, 228 * is always a power-of-2. 229 */ 230 entry = (atomic_inc_return(&wss->clean_entry) - 1) 231 & (wss->num_entries - 1); 232 233 /* clear the entry and count the bits */ 234 bits = xchg(&wss->entries[entry], 0); 235 weight = hweight64((u64)bits); 236 /* only adjust the contended total count if needed */ 237 if (weight) 238 atomic_sub(weight, &wss->total_count); 239 } 240 } 241 242 /* 243 * Insert the given address into the working set array. 244 */ 245 static void wss_insert(struct rvt_wss *wss, void *address) 246 { 247 u32 page = ((unsigned long)address >> PAGE_SHIFT) & wss->pages_mask; 248 u32 entry = page / BITS_PER_LONG; /* assumes this ends up a shift */ 249 u32 nr = page & (BITS_PER_LONG - 1); 250 251 if (!test_and_set_bit(nr, &wss->entries[entry])) 252 atomic_inc(&wss->total_count); 253 254 wss_advance_clean_counter(wss); 255 } 256 257 /* 258 * Is the working set larger than the threshold? 259 */ 260 static inline bool wss_exceeds_threshold(struct rvt_wss *wss) 261 { 262 return atomic_read(&wss->total_count) >= wss->threshold; 263 } 264 265 static void get_map_page(struct rvt_qpn_table *qpt, 266 struct rvt_qpn_map *map) 267 { 268 unsigned long page = get_zeroed_page(GFP_KERNEL); 269 270 /* 271 * Free the page if someone raced with us installing it. 272 */ 273 274 spin_lock(&qpt->lock); 275 if (map->page) 276 free_page(page); 277 else 278 map->page = (void *)page; 279 spin_unlock(&qpt->lock); 280 } 281 282 /** 283 * init_qpn_table - initialize the QP number table for a device 284 * @rdi: rvt dev struct 285 * @qpt: the QPN table 286 */ 287 static int init_qpn_table(struct rvt_dev_info *rdi, struct rvt_qpn_table *qpt) 288 { 289 u32 offset, i; 290 struct rvt_qpn_map *map; 291 int ret = 0; 292 293 if (!(rdi->dparms.qpn_res_end >= rdi->dparms.qpn_res_start)) 294 return -EINVAL; 295 296 spin_lock_init(&qpt->lock); 297 298 qpt->last = rdi->dparms.qpn_start; 299 qpt->incr = rdi->dparms.qpn_inc << rdi->dparms.qos_shift; 300 301 /* 302 * Drivers may want some QPs beyond what we need for verbs let them use 303 * our qpn table. No need for two. Lets go ahead and mark the bitmaps 304 * for those. The reserved range must be *after* the range which verbs 305 * will pick from. 306 */ 307 308 /* Figure out number of bit maps needed before reserved range */ 309 qpt->nmaps = rdi->dparms.qpn_res_start / RVT_BITS_PER_PAGE; 310 311 /* This should always be zero */ 312 offset = rdi->dparms.qpn_res_start & RVT_BITS_PER_PAGE_MASK; 313 314 /* Starting with the first reserved bit map */ 315 map = &qpt->map[qpt->nmaps]; 316 317 rvt_pr_info(rdi, "Reserving QPNs from 0x%x to 0x%x for non-verbs use\n", 318 rdi->dparms.qpn_res_start, rdi->dparms.qpn_res_end); 319 for (i = rdi->dparms.qpn_res_start; i <= rdi->dparms.qpn_res_end; i++) { 320 if (!map->page) { 321 get_map_page(qpt, map); 322 if (!map->page) { 323 ret = -ENOMEM; 324 break; 325 } 326 } 327 set_bit(offset, map->page); 328 offset++; 329 if (offset == RVT_BITS_PER_PAGE) { 330 /* next page */ 331 qpt->nmaps++; 332 map++; 333 offset = 0; 334 } 335 } 336 return ret; 337 } 338 339 /** 340 * free_qpn_table - free the QP number table for a device 341 * @qpt: the QPN table 342 */ 343 static void free_qpn_table(struct rvt_qpn_table *qpt) 344 { 345 int i; 346 347 for (i = 0; i < ARRAY_SIZE(qpt->map); i++) 348 free_page((unsigned long)qpt->map[i].page); 349 } 350 351 /** 352 * rvt_driver_qp_init - Init driver qp resources 353 * @rdi: rvt dev strucutre 354 * 355 * Return: 0 on success 356 */ 357 int rvt_driver_qp_init(struct rvt_dev_info *rdi) 358 { 359 int i; 360 int ret = -ENOMEM; 361 362 if (!rdi->dparms.qp_table_size) 363 return -EINVAL; 364 365 /* 366 * If driver is not doing any QP allocation then make sure it is 367 * providing the necessary QP functions. 368 */ 369 if (!rdi->driver_f.free_all_qps || 370 !rdi->driver_f.qp_priv_alloc || 371 !rdi->driver_f.qp_priv_free || 372 !rdi->driver_f.notify_qp_reset || 373 !rdi->driver_f.notify_restart_rc) 374 return -EINVAL; 375 376 /* allocate parent object */ 377 rdi->qp_dev = kzalloc_node(sizeof(*rdi->qp_dev), GFP_KERNEL, 378 rdi->dparms.node); 379 if (!rdi->qp_dev) 380 return -ENOMEM; 381 382 /* allocate hash table */ 383 rdi->qp_dev->qp_table_size = rdi->dparms.qp_table_size; 384 rdi->qp_dev->qp_table_bits = ilog2(rdi->dparms.qp_table_size); 385 rdi->qp_dev->qp_table = 386 kmalloc_array_node(rdi->qp_dev->qp_table_size, 387 sizeof(*rdi->qp_dev->qp_table), 388 GFP_KERNEL, rdi->dparms.node); 389 if (!rdi->qp_dev->qp_table) 390 goto no_qp_table; 391 392 for (i = 0; i < rdi->qp_dev->qp_table_size; i++) 393 RCU_INIT_POINTER(rdi->qp_dev->qp_table[i], NULL); 394 395 spin_lock_init(&rdi->qp_dev->qpt_lock); 396 397 /* initialize qpn map */ 398 if (init_qpn_table(rdi, &rdi->qp_dev->qpn_table)) 399 goto fail_table; 400 401 spin_lock_init(&rdi->n_qps_lock); 402 403 return 0; 404 405 fail_table: 406 kfree(rdi->qp_dev->qp_table); 407 free_qpn_table(&rdi->qp_dev->qpn_table); 408 409 no_qp_table: 410 kfree(rdi->qp_dev); 411 412 return ret; 413 } 414 415 /** 416 * rvt_free_qp_cb - callback function to reset a qp 417 * @qp: the qp to reset 418 * @v: a 64-bit value 419 * 420 * This function resets the qp and removes it from the 421 * qp hash table. 422 */ 423 static void rvt_free_qp_cb(struct rvt_qp *qp, u64 v) 424 { 425 unsigned int *qp_inuse = (unsigned int *)v; 426 struct rvt_dev_info *rdi = ib_to_rvt(qp->ibqp.device); 427 428 /* Reset the qp and remove it from the qp hash list */ 429 rvt_reset_qp(rdi, qp, qp->ibqp.qp_type); 430 431 /* Increment the qp_inuse count */ 432 (*qp_inuse)++; 433 } 434 435 /** 436 * rvt_free_all_qps - check for QPs still in use 437 * @rdi: rvt device info structure 438 * 439 * There should not be any QPs still in use. 440 * Free memory for table. 441 * Return the number of QPs still in use. 442 */ 443 static unsigned rvt_free_all_qps(struct rvt_dev_info *rdi) 444 { 445 unsigned int qp_inuse = 0; 446 447 qp_inuse += rvt_mcast_tree_empty(rdi); 448 449 rvt_qp_iter(rdi, (u64)&qp_inuse, rvt_free_qp_cb); 450 451 return qp_inuse; 452 } 453 454 /** 455 * rvt_qp_exit - clean up qps on device exit 456 * @rdi: rvt dev structure 457 * 458 * Check for qp leaks and free resources. 459 */ 460 void rvt_qp_exit(struct rvt_dev_info *rdi) 461 { 462 u32 qps_inuse = rvt_free_all_qps(rdi); 463 464 if (qps_inuse) 465 rvt_pr_err(rdi, "QP memory leak! %u still in use\n", 466 qps_inuse); 467 468 kfree(rdi->qp_dev->qp_table); 469 free_qpn_table(&rdi->qp_dev->qpn_table); 470 kfree(rdi->qp_dev); 471 } 472 473 static inline unsigned mk_qpn(struct rvt_qpn_table *qpt, 474 struct rvt_qpn_map *map, unsigned off) 475 { 476 return (map - qpt->map) * RVT_BITS_PER_PAGE + off; 477 } 478 479 /** 480 * alloc_qpn - Allocate the next available qpn or zero/one for QP type 481 * IB_QPT_SMI/IB_QPT_GSI 482 * @rdi: rvt device info structure 483 * @qpt: queue pair number table pointer 484 * @type: the QP type 485 * @port_num: IB port number, 1 based, comes from core 486 * @exclude_prefix: prefix of special queue pair number being allocated 487 * 488 * Return: The queue pair number 489 */ 490 static int alloc_qpn(struct rvt_dev_info *rdi, struct rvt_qpn_table *qpt, 491 enum ib_qp_type type, u8 port_num, u8 exclude_prefix) 492 { 493 u32 i, offset, max_scan, qpn; 494 struct rvt_qpn_map *map; 495 int ret; 496 u32 max_qpn = exclude_prefix == RVT_AIP_QP_PREFIX ? 497 RVT_AIP_QPN_MAX : RVT_QPN_MAX; 498 499 if (rdi->driver_f.alloc_qpn) 500 return rdi->driver_f.alloc_qpn(rdi, qpt, type, port_num); 501 502 if (type == IB_QPT_SMI || type == IB_QPT_GSI) { 503 unsigned n; 504 505 ret = type == IB_QPT_GSI; 506 n = 1 << (ret + 2 * (port_num - 1)); 507 spin_lock(&qpt->lock); 508 if (qpt->flags & n) 509 ret = -EINVAL; 510 else 511 qpt->flags |= n; 512 spin_unlock(&qpt->lock); 513 514 return ret; 515 } 516 517 qpn = qpt->last + qpt->incr; 518 if (qpn >= max_qpn) 519 qpn = qpt->incr | ((qpt->last & 1) ^ 1); 520 /* offset carries bit 0 */ 521 offset = qpn & RVT_BITS_PER_PAGE_MASK; 522 map = &qpt->map[qpn / RVT_BITS_PER_PAGE]; 523 max_scan = qpt->nmaps - !offset; 524 for (i = 0;;) { 525 if (unlikely(!map->page)) { 526 get_map_page(qpt, map); 527 if (unlikely(!map->page)) 528 break; 529 } 530 do { 531 if (!test_and_set_bit(offset, map->page)) { 532 qpt->last = qpn; 533 ret = qpn; 534 535 return ret; 536 } 537 offset += qpt->incr; 538 /* 539 * This qpn might be bogus if offset >= BITS_PER_PAGE. 540 * That is OK. It gets re-assigned below 541 */ 542 qpn = mk_qpn(qpt, map, offset); 543 } while (offset < RVT_BITS_PER_PAGE && qpn < RVT_QPN_MAX); 544 /* 545 * In order to keep the number of pages allocated to a 546 * minimum, we scan the all existing pages before increasing 547 * the size of the bitmap table. 548 */ 549 if (++i > max_scan) { 550 if (qpt->nmaps == RVT_QPNMAP_ENTRIES) 551 break; 552 map = &qpt->map[qpt->nmaps++]; 553 /* start at incr with current bit 0 */ 554 offset = qpt->incr | (offset & 1); 555 } else if (map < &qpt->map[qpt->nmaps]) { 556 ++map; 557 /* start at incr with current bit 0 */ 558 offset = qpt->incr | (offset & 1); 559 } else { 560 map = &qpt->map[0]; 561 /* wrap to first map page, invert bit 0 */ 562 offset = qpt->incr | ((offset & 1) ^ 1); 563 } 564 /* there can be no set bits in low-order QoS bits */ 565 WARN_ON(rdi->dparms.qos_shift > 1 && 566 offset & ((BIT(rdi->dparms.qos_shift - 1) - 1) << 1)); 567 qpn = mk_qpn(qpt, map, offset); 568 } 569 570 return -ENOMEM; 571 } 572 573 /** 574 * rvt_clear_mr_refs - Drop help mr refs 575 * @qp: rvt qp data structure 576 * @clr_sends: If shoudl clear send side or not 577 */ 578 static void rvt_clear_mr_refs(struct rvt_qp *qp, int clr_sends) 579 { 580 unsigned n; 581 struct rvt_dev_info *rdi = ib_to_rvt(qp->ibqp.device); 582 583 if (test_and_clear_bit(RVT_R_REWIND_SGE, &qp->r_aflags)) 584 rvt_put_ss(&qp->s_rdma_read_sge); 585 586 rvt_put_ss(&qp->r_sge); 587 588 if (clr_sends) { 589 while (qp->s_last != qp->s_head) { 590 struct rvt_swqe *wqe = rvt_get_swqe_ptr(qp, qp->s_last); 591 592 rvt_put_qp_swqe(qp, wqe); 593 if (++qp->s_last >= qp->s_size) 594 qp->s_last = 0; 595 smp_wmb(); /* see qp_set_savail */ 596 } 597 if (qp->s_rdma_mr) { 598 rvt_put_mr(qp->s_rdma_mr); 599 qp->s_rdma_mr = NULL; 600 } 601 } 602 603 for (n = 0; qp->s_ack_queue && n < rvt_max_atomic(rdi); n++) { 604 struct rvt_ack_entry *e = &qp->s_ack_queue[n]; 605 606 if (e->rdma_sge.mr) { 607 rvt_put_mr(e->rdma_sge.mr); 608 e->rdma_sge.mr = NULL; 609 } 610 } 611 } 612 613 /** 614 * rvt_swqe_has_lkey - return true if lkey is used by swqe 615 * @wqe: the send wqe 616 * @lkey: the lkey 617 * 618 * Test the swqe for using lkey 619 */ 620 static bool rvt_swqe_has_lkey(struct rvt_swqe *wqe, u32 lkey) 621 { 622 int i; 623 624 for (i = 0; i < wqe->wr.num_sge; i++) { 625 struct rvt_sge *sge = &wqe->sg_list[i]; 626 627 if (rvt_mr_has_lkey(sge->mr, lkey)) 628 return true; 629 } 630 return false; 631 } 632 633 /** 634 * rvt_qp_sends_has_lkey - return true is qp sends use lkey 635 * @qp: the rvt_qp 636 * @lkey: the lkey 637 */ 638 static bool rvt_qp_sends_has_lkey(struct rvt_qp *qp, u32 lkey) 639 { 640 u32 s_last = qp->s_last; 641 642 while (s_last != qp->s_head) { 643 struct rvt_swqe *wqe = rvt_get_swqe_ptr(qp, s_last); 644 645 if (rvt_swqe_has_lkey(wqe, lkey)) 646 return true; 647 648 if (++s_last >= qp->s_size) 649 s_last = 0; 650 } 651 if (qp->s_rdma_mr) 652 if (rvt_mr_has_lkey(qp->s_rdma_mr, lkey)) 653 return true; 654 return false; 655 } 656 657 /** 658 * rvt_qp_acks_has_lkey - return true if acks have lkey 659 * @qp: the qp 660 * @lkey: the lkey 661 */ 662 static bool rvt_qp_acks_has_lkey(struct rvt_qp *qp, u32 lkey) 663 { 664 int i; 665 struct rvt_dev_info *rdi = ib_to_rvt(qp->ibqp.device); 666 667 for (i = 0; qp->s_ack_queue && i < rvt_max_atomic(rdi); i++) { 668 struct rvt_ack_entry *e = &qp->s_ack_queue[i]; 669 670 if (rvt_mr_has_lkey(e->rdma_sge.mr, lkey)) 671 return true; 672 } 673 return false; 674 } 675 676 /** 677 * rvt_qp_mr_clean - clean up remote ops for lkey 678 * @qp: the qp 679 * @lkey: the lkey that is being de-registered 680 * 681 * This routine checks if the lkey is being used by 682 * the qp. 683 * 684 * If so, the qp is put into an error state to elminate 685 * any references from the qp. 686 */ 687 void rvt_qp_mr_clean(struct rvt_qp *qp, u32 lkey) 688 { 689 bool lastwqe = false; 690 691 if (qp->ibqp.qp_type == IB_QPT_SMI || 692 qp->ibqp.qp_type == IB_QPT_GSI) 693 /* avoid special QPs */ 694 return; 695 spin_lock_irq(&qp->r_lock); 696 spin_lock(&qp->s_hlock); 697 spin_lock(&qp->s_lock); 698 699 if (qp->state == IB_QPS_ERR || qp->state == IB_QPS_RESET) 700 goto check_lwqe; 701 702 if (rvt_ss_has_lkey(&qp->r_sge, lkey) || 703 rvt_qp_sends_has_lkey(qp, lkey) || 704 rvt_qp_acks_has_lkey(qp, lkey)) 705 lastwqe = rvt_error_qp(qp, IB_WC_LOC_PROT_ERR); 706 check_lwqe: 707 spin_unlock(&qp->s_lock); 708 spin_unlock(&qp->s_hlock); 709 spin_unlock_irq(&qp->r_lock); 710 if (lastwqe) { 711 struct ib_event ev; 712 713 ev.device = qp->ibqp.device; 714 ev.element.qp = &qp->ibqp; 715 ev.event = IB_EVENT_QP_LAST_WQE_REACHED; 716 qp->ibqp.event_handler(&ev, qp->ibqp.qp_context); 717 } 718 } 719 720 /** 721 * rvt_remove_qp - remove qp form table 722 * @rdi: rvt dev struct 723 * @qp: qp to remove 724 * 725 * Remove the QP from the table so it can't be found asynchronously by 726 * the receive routine. 727 */ 728 static void rvt_remove_qp(struct rvt_dev_info *rdi, struct rvt_qp *qp) 729 { 730 struct rvt_ibport *rvp = rdi->ports[qp->port_num - 1]; 731 u32 n = hash_32(qp->ibqp.qp_num, rdi->qp_dev->qp_table_bits); 732 unsigned long flags; 733 int removed = 1; 734 735 spin_lock_irqsave(&rdi->qp_dev->qpt_lock, flags); 736 737 if (rcu_dereference_protected(rvp->qp[0], 738 lockdep_is_held(&rdi->qp_dev->qpt_lock)) == qp) { 739 RCU_INIT_POINTER(rvp->qp[0], NULL); 740 } else if (rcu_dereference_protected(rvp->qp[1], 741 lockdep_is_held(&rdi->qp_dev->qpt_lock)) == qp) { 742 RCU_INIT_POINTER(rvp->qp[1], NULL); 743 } else { 744 struct rvt_qp *q; 745 struct rvt_qp __rcu **qpp; 746 747 removed = 0; 748 qpp = &rdi->qp_dev->qp_table[n]; 749 for (; (q = rcu_dereference_protected(*qpp, 750 lockdep_is_held(&rdi->qp_dev->qpt_lock))) != NULL; 751 qpp = &q->next) { 752 if (q == qp) { 753 RCU_INIT_POINTER(*qpp, 754 rcu_dereference_protected(qp->next, 755 lockdep_is_held(&rdi->qp_dev->qpt_lock))); 756 removed = 1; 757 trace_rvt_qpremove(qp, n); 758 break; 759 } 760 } 761 } 762 763 spin_unlock_irqrestore(&rdi->qp_dev->qpt_lock, flags); 764 if (removed) { 765 synchronize_rcu(); 766 rvt_put_qp(qp); 767 } 768 } 769 770 /** 771 * rvt_alloc_rq - allocate memory for user or kernel buffer 772 * @rq: receive queue data structure 773 * @size: number of request queue entries 774 * @node: The NUMA node 775 * @udata: True if user data is available or not false 776 * 777 * Return: If memory allocation failed, return -ENONEM 778 * This function is used by both shared receive 779 * queues and non-shared receive queues to allocate 780 * memory. 781 */ 782 int rvt_alloc_rq(struct rvt_rq *rq, u32 size, int node, 783 struct ib_udata *udata) 784 { 785 if (udata) { 786 rq->wq = vmalloc_user(sizeof(struct rvt_rwq) + size); 787 if (!rq->wq) 788 goto bail; 789 /* need kwq with no buffers */ 790 rq->kwq = kzalloc_node(sizeof(*rq->kwq), GFP_KERNEL, node); 791 if (!rq->kwq) 792 goto bail; 793 rq->kwq->curr_wq = rq->wq->wq; 794 } else { 795 /* need kwq with buffers */ 796 rq->kwq = 797 vzalloc_node(sizeof(struct rvt_krwq) + size, node); 798 if (!rq->kwq) 799 goto bail; 800 rq->kwq->curr_wq = rq->kwq->wq; 801 } 802 803 spin_lock_init(&rq->kwq->p_lock); 804 spin_lock_init(&rq->kwq->c_lock); 805 return 0; 806 bail: 807 rvt_free_rq(rq); 808 return -ENOMEM; 809 } 810 811 /** 812 * rvt_init_qp - initialize the QP state to the reset state 813 * @rdi: rvt dev struct 814 * @qp: the QP to init or reinit 815 * @type: the QP type 816 * 817 * This function is called from both rvt_create_qp() and 818 * rvt_reset_qp(). The difference is that the reset 819 * patch the necessary locks to protect against concurent 820 * access. 821 */ 822 static void rvt_init_qp(struct rvt_dev_info *rdi, struct rvt_qp *qp, 823 enum ib_qp_type type) 824 { 825 qp->remote_qpn = 0; 826 qp->qkey = 0; 827 qp->qp_access_flags = 0; 828 qp->s_flags &= RVT_S_SIGNAL_REQ_WR; 829 qp->s_hdrwords = 0; 830 qp->s_wqe = NULL; 831 qp->s_draining = 0; 832 qp->s_next_psn = 0; 833 qp->s_last_psn = 0; 834 qp->s_sending_psn = 0; 835 qp->s_sending_hpsn = 0; 836 qp->s_psn = 0; 837 qp->r_psn = 0; 838 qp->r_msn = 0; 839 if (type == IB_QPT_RC) { 840 qp->s_state = IB_OPCODE_RC_SEND_LAST; 841 qp->r_state = IB_OPCODE_RC_SEND_LAST; 842 } else { 843 qp->s_state = IB_OPCODE_UC_SEND_LAST; 844 qp->r_state = IB_OPCODE_UC_SEND_LAST; 845 } 846 qp->s_ack_state = IB_OPCODE_RC_ACKNOWLEDGE; 847 qp->r_nak_state = 0; 848 qp->r_aflags = 0; 849 qp->r_flags = 0; 850 qp->s_head = 0; 851 qp->s_tail = 0; 852 qp->s_cur = 0; 853 qp->s_acked = 0; 854 qp->s_last = 0; 855 qp->s_ssn = 1; 856 qp->s_lsn = 0; 857 qp->s_mig_state = IB_MIG_MIGRATED; 858 qp->r_head_ack_queue = 0; 859 qp->s_tail_ack_queue = 0; 860 qp->s_acked_ack_queue = 0; 861 qp->s_num_rd_atomic = 0; 862 qp->r_sge.num_sge = 0; 863 atomic_set(&qp->s_reserved_used, 0); 864 } 865 866 /** 867 * _rvt_reset_qp - initialize the QP state to the reset state 868 * @rdi: rvt dev struct 869 * @qp: the QP to reset 870 * @type: the QP type 871 * 872 * r_lock, s_hlock, and s_lock are required to be held by the caller 873 */ 874 static void _rvt_reset_qp(struct rvt_dev_info *rdi, struct rvt_qp *qp, 875 enum ib_qp_type type) 876 __must_hold(&qp->s_lock) 877 __must_hold(&qp->s_hlock) 878 __must_hold(&qp->r_lock) 879 { 880 lockdep_assert_held(&qp->r_lock); 881 lockdep_assert_held(&qp->s_hlock); 882 lockdep_assert_held(&qp->s_lock); 883 if (qp->state != IB_QPS_RESET) { 884 qp->state = IB_QPS_RESET; 885 886 /* Let drivers flush their waitlist */ 887 rdi->driver_f.flush_qp_waiters(qp); 888 rvt_stop_rc_timers(qp); 889 qp->s_flags &= ~(RVT_S_TIMER | RVT_S_ANY_WAIT); 890 spin_unlock(&qp->s_lock); 891 spin_unlock(&qp->s_hlock); 892 spin_unlock_irq(&qp->r_lock); 893 894 /* Stop the send queue and the retry timer */ 895 rdi->driver_f.stop_send_queue(qp); 896 rvt_del_timers_sync(qp); 897 /* Wait for things to stop */ 898 rdi->driver_f.quiesce_qp(qp); 899 900 /* take qp out the hash and wait for it to be unused */ 901 rvt_remove_qp(rdi, qp); 902 903 /* grab the lock b/c it was locked at call time */ 904 spin_lock_irq(&qp->r_lock); 905 spin_lock(&qp->s_hlock); 906 spin_lock(&qp->s_lock); 907 908 rvt_clear_mr_refs(qp, 1); 909 /* 910 * Let the driver do any tear down or re-init it needs to for 911 * a qp that has been reset 912 */ 913 rdi->driver_f.notify_qp_reset(qp); 914 } 915 rvt_init_qp(rdi, qp, type); 916 lockdep_assert_held(&qp->r_lock); 917 lockdep_assert_held(&qp->s_hlock); 918 lockdep_assert_held(&qp->s_lock); 919 } 920 921 /** 922 * rvt_reset_qp - initialize the QP state to the reset state 923 * @rdi: the device info 924 * @qp: the QP to reset 925 * @type: the QP type 926 * 927 * This is the wrapper function to acquire the r_lock, s_hlock, and s_lock 928 * before calling _rvt_reset_qp(). 929 */ 930 static void rvt_reset_qp(struct rvt_dev_info *rdi, struct rvt_qp *qp, 931 enum ib_qp_type type) 932 { 933 spin_lock_irq(&qp->r_lock); 934 spin_lock(&qp->s_hlock); 935 spin_lock(&qp->s_lock); 936 _rvt_reset_qp(rdi, qp, type); 937 spin_unlock(&qp->s_lock); 938 spin_unlock(&qp->s_hlock); 939 spin_unlock_irq(&qp->r_lock); 940 } 941 942 /** 943 * rvt_free_qpn - Free a qpn from the bit map 944 * @qpt: QP table 945 * @qpn: queue pair number to free 946 */ 947 static void rvt_free_qpn(struct rvt_qpn_table *qpt, u32 qpn) 948 { 949 struct rvt_qpn_map *map; 950 951 if ((qpn & RVT_AIP_QP_PREFIX_MASK) == RVT_AIP_QP_BASE) 952 qpn &= RVT_AIP_QP_SUFFIX; 953 954 map = qpt->map + (qpn & RVT_QPN_MASK) / RVT_BITS_PER_PAGE; 955 if (map->page) 956 clear_bit(qpn & RVT_BITS_PER_PAGE_MASK, map->page); 957 } 958 959 /** 960 * get_allowed_ops - Given a QP type return the appropriate allowed OP 961 * @type: valid, supported, QP type 962 */ 963 static u8 get_allowed_ops(enum ib_qp_type type) 964 { 965 return type == IB_QPT_RC ? IB_OPCODE_RC : type == IB_QPT_UC ? 966 IB_OPCODE_UC : IB_OPCODE_UD; 967 } 968 969 /** 970 * free_ud_wq_attr - Clean up AH attribute cache for UD QPs 971 * @qp: Valid QP with allowed_ops set 972 * 973 * The rvt_swqe data structure being used is a union, so this is 974 * only valid for UD QPs. 975 */ 976 static void free_ud_wq_attr(struct rvt_qp *qp) 977 { 978 struct rvt_swqe *wqe; 979 int i; 980 981 for (i = 0; qp->allowed_ops == IB_OPCODE_UD && i < qp->s_size; i++) { 982 wqe = rvt_get_swqe_ptr(qp, i); 983 kfree(wqe->ud_wr.attr); 984 wqe->ud_wr.attr = NULL; 985 } 986 } 987 988 /** 989 * alloc_ud_wq_attr - AH attribute cache for UD QPs 990 * @qp: Valid QP with allowed_ops set 991 * @node: Numa node for allocation 992 * 993 * The rvt_swqe data structure being used is a union, so this is 994 * only valid for UD QPs. 995 */ 996 static int alloc_ud_wq_attr(struct rvt_qp *qp, int node) 997 { 998 struct rvt_swqe *wqe; 999 int i; 1000 1001 for (i = 0; qp->allowed_ops == IB_OPCODE_UD && i < qp->s_size; i++) { 1002 wqe = rvt_get_swqe_ptr(qp, i); 1003 wqe->ud_wr.attr = kzalloc_node(sizeof(*wqe->ud_wr.attr), 1004 GFP_KERNEL, node); 1005 if (!wqe->ud_wr.attr) { 1006 free_ud_wq_attr(qp); 1007 return -ENOMEM; 1008 } 1009 } 1010 1011 return 0; 1012 } 1013 1014 /** 1015 * rvt_create_qp - create a queue pair for a device 1016 * @ibqp: the queue pair 1017 * @init_attr: the attributes of the queue pair 1018 * @udata: user data for libibverbs.so 1019 * 1020 * Queue pair creation is mostly an rvt issue. However, drivers have their own 1021 * unique idea of what queue pair numbers mean. For instance there is a reserved 1022 * range for PSM. 1023 * 1024 * Return: 0 on success, otherwise returns an errno. 1025 * 1026 * Called by the ib_create_qp() core verbs function. 1027 */ 1028 int rvt_create_qp(struct ib_qp *ibqp, struct ib_qp_init_attr *init_attr, 1029 struct ib_udata *udata) 1030 { 1031 struct rvt_qp *qp = ibqp_to_rvtqp(ibqp); 1032 int ret = -ENOMEM; 1033 struct rvt_swqe *swq = NULL; 1034 size_t sz; 1035 size_t sg_list_sz = 0; 1036 struct rvt_dev_info *rdi = ib_to_rvt(ibqp->device); 1037 void *priv = NULL; 1038 size_t sqsize; 1039 u8 exclude_prefix = 0; 1040 1041 if (!rdi) 1042 return -EINVAL; 1043 1044 if (init_attr->create_flags & ~IB_QP_CREATE_NETDEV_USE) 1045 return -EOPNOTSUPP; 1046 1047 if (init_attr->cap.max_send_sge > rdi->dparms.props.max_send_sge || 1048 init_attr->cap.max_send_wr > rdi->dparms.props.max_qp_wr) 1049 return -EINVAL; 1050 1051 /* Check receive queue parameters if no SRQ is specified. */ 1052 if (!init_attr->srq) { 1053 if (init_attr->cap.max_recv_sge > 1054 rdi->dparms.props.max_recv_sge || 1055 init_attr->cap.max_recv_wr > rdi->dparms.props.max_qp_wr) 1056 return -EINVAL; 1057 1058 if (init_attr->cap.max_send_sge + 1059 init_attr->cap.max_send_wr + 1060 init_attr->cap.max_recv_sge + 1061 init_attr->cap.max_recv_wr == 0) 1062 return -EINVAL; 1063 } 1064 sqsize = 1065 init_attr->cap.max_send_wr + 1 + 1066 rdi->dparms.reserved_operations; 1067 switch (init_attr->qp_type) { 1068 case IB_QPT_SMI: 1069 case IB_QPT_GSI: 1070 if (init_attr->port_num == 0 || 1071 init_attr->port_num > ibqp->device->phys_port_cnt) 1072 return -EINVAL; 1073 fallthrough; 1074 case IB_QPT_UC: 1075 case IB_QPT_RC: 1076 case IB_QPT_UD: 1077 sz = struct_size(swq, sg_list, init_attr->cap.max_send_sge); 1078 swq = vzalloc_node(array_size(sz, sqsize), rdi->dparms.node); 1079 if (!swq) 1080 return -ENOMEM; 1081 1082 if (init_attr->srq) { 1083 struct rvt_srq *srq = ibsrq_to_rvtsrq(init_attr->srq); 1084 1085 if (srq->rq.max_sge > 1) 1086 sg_list_sz = sizeof(*qp->r_sg_list) * 1087 (srq->rq.max_sge - 1); 1088 } else if (init_attr->cap.max_recv_sge > 1) 1089 sg_list_sz = sizeof(*qp->r_sg_list) * 1090 (init_attr->cap.max_recv_sge - 1); 1091 qp->r_sg_list = 1092 kzalloc_node(sg_list_sz, GFP_KERNEL, rdi->dparms.node); 1093 if (!qp->r_sg_list) 1094 goto bail_qp; 1095 qp->allowed_ops = get_allowed_ops(init_attr->qp_type); 1096 1097 RCU_INIT_POINTER(qp->next, NULL); 1098 if (init_attr->qp_type == IB_QPT_RC) { 1099 qp->s_ack_queue = 1100 kcalloc_node(rvt_max_atomic(rdi), 1101 sizeof(*qp->s_ack_queue), 1102 GFP_KERNEL, 1103 rdi->dparms.node); 1104 if (!qp->s_ack_queue) 1105 goto bail_qp; 1106 } 1107 /* initialize timers needed for rc qp */ 1108 timer_setup(&qp->s_timer, rvt_rc_timeout, 0); 1109 hrtimer_setup(&qp->s_rnr_timer, rvt_rc_rnr_retry, CLOCK_MONOTONIC, 1110 HRTIMER_MODE_REL); 1111 1112 /* 1113 * Driver needs to set up it's private QP structure and do any 1114 * initialization that is needed. 1115 */ 1116 priv = rdi->driver_f.qp_priv_alloc(rdi, qp); 1117 if (IS_ERR(priv)) { 1118 ret = PTR_ERR(priv); 1119 goto bail_qp; 1120 } 1121 qp->priv = priv; 1122 qp->timeout_jiffies = 1123 usecs_to_jiffies((4096UL * (1UL << qp->timeout)) / 1124 1000UL); 1125 if (init_attr->srq) { 1126 sz = 0; 1127 } else { 1128 qp->r_rq.size = init_attr->cap.max_recv_wr + 1; 1129 qp->r_rq.max_sge = init_attr->cap.max_recv_sge; 1130 sz = (sizeof(struct ib_sge) * qp->r_rq.max_sge) + 1131 sizeof(struct rvt_rwqe); 1132 ret = rvt_alloc_rq(&qp->r_rq, qp->r_rq.size * sz, 1133 rdi->dparms.node, udata); 1134 if (ret) 1135 goto bail_driver_priv; 1136 } 1137 1138 /* 1139 * ib_create_qp() will initialize qp->ibqp 1140 * except for qp->ibqp.qp_num. 1141 */ 1142 spin_lock_init(&qp->r_lock); 1143 spin_lock_init(&qp->s_hlock); 1144 spin_lock_init(&qp->s_lock); 1145 atomic_set(&qp->refcount, 0); 1146 atomic_set(&qp->local_ops_pending, 0); 1147 init_waitqueue_head(&qp->wait); 1148 INIT_LIST_HEAD(&qp->rspwait); 1149 qp->state = IB_QPS_RESET; 1150 qp->s_wq = swq; 1151 qp->s_size = sqsize; 1152 qp->s_avail = init_attr->cap.max_send_wr; 1153 qp->s_max_sge = init_attr->cap.max_send_sge; 1154 if (init_attr->sq_sig_type == IB_SIGNAL_REQ_WR) 1155 qp->s_flags = RVT_S_SIGNAL_REQ_WR; 1156 ret = alloc_ud_wq_attr(qp, rdi->dparms.node); 1157 if (ret) 1158 goto bail_rq_rvt; 1159 1160 if (init_attr->create_flags & IB_QP_CREATE_NETDEV_USE) 1161 exclude_prefix = RVT_AIP_QP_PREFIX; 1162 1163 ret = alloc_qpn(rdi, &rdi->qp_dev->qpn_table, 1164 init_attr->qp_type, 1165 init_attr->port_num, 1166 exclude_prefix); 1167 if (ret < 0) 1168 goto bail_rq_wq; 1169 1170 qp->ibqp.qp_num = ret; 1171 if (init_attr->create_flags & IB_QP_CREATE_NETDEV_USE) 1172 qp->ibqp.qp_num |= RVT_AIP_QP_BASE; 1173 qp->port_num = init_attr->port_num; 1174 rvt_init_qp(rdi, qp, init_attr->qp_type); 1175 if (rdi->driver_f.qp_priv_init) { 1176 ret = rdi->driver_f.qp_priv_init(rdi, qp, init_attr); 1177 if (ret) 1178 goto bail_rq_wq; 1179 } 1180 break; 1181 1182 default: 1183 /* Don't support raw QPs */ 1184 return -EOPNOTSUPP; 1185 } 1186 1187 init_attr->cap.max_inline_data = 0; 1188 1189 /* 1190 * Return the address of the RWQ as the offset to mmap. 1191 * See rvt_mmap() for details. 1192 */ 1193 if (udata && udata->outlen >= sizeof(__u64)) { 1194 if (!qp->r_rq.wq) { 1195 __u64 offset = 0; 1196 1197 ret = ib_copy_to_udata(udata, &offset, 1198 sizeof(offset)); 1199 if (ret) 1200 goto bail_qpn; 1201 } else { 1202 u32 s = sizeof(struct rvt_rwq) + qp->r_rq.size * sz; 1203 1204 qp->ip = rvt_create_mmap_info(rdi, s, udata, 1205 qp->r_rq.wq); 1206 if (IS_ERR(qp->ip)) { 1207 ret = PTR_ERR(qp->ip); 1208 goto bail_qpn; 1209 } 1210 1211 ret = ib_copy_to_udata(udata, &qp->ip->offset, 1212 sizeof(qp->ip->offset)); 1213 if (ret) 1214 goto bail_ip; 1215 } 1216 qp->pid = current->pid; 1217 } 1218 1219 spin_lock(&rdi->n_qps_lock); 1220 if (rdi->n_qps_allocated == rdi->dparms.props.max_qp) { 1221 spin_unlock(&rdi->n_qps_lock); 1222 ret = -ENOMEM; 1223 goto bail_ip; 1224 } 1225 1226 rdi->n_qps_allocated++; 1227 /* 1228 * Maintain a busy_jiffies variable that will be added to the timeout 1229 * period in mod_retry_timer and add_retry_timer. This busy jiffies 1230 * is scaled by the number of rc qps created for the device to reduce 1231 * the number of timeouts occurring when there is a large number of 1232 * qps. busy_jiffies is incremented every rc qp scaling interval. 1233 * The scaling interval is selected based on extensive performance 1234 * evaluation of targeted workloads. 1235 */ 1236 if (init_attr->qp_type == IB_QPT_RC) { 1237 rdi->n_rc_qps++; 1238 rdi->busy_jiffies = rdi->n_rc_qps / RC_QP_SCALING_INTERVAL; 1239 } 1240 spin_unlock(&rdi->n_qps_lock); 1241 1242 if (qp->ip) { 1243 spin_lock_irq(&rdi->pending_lock); 1244 list_add(&qp->ip->pending_mmaps, &rdi->pending_mmaps); 1245 spin_unlock_irq(&rdi->pending_lock); 1246 } 1247 1248 return 0; 1249 1250 bail_ip: 1251 if (qp->ip) 1252 kref_put(&qp->ip->ref, rvt_release_mmap_info); 1253 1254 bail_qpn: 1255 rvt_free_qpn(&rdi->qp_dev->qpn_table, qp->ibqp.qp_num); 1256 1257 bail_rq_wq: 1258 free_ud_wq_attr(qp); 1259 1260 bail_rq_rvt: 1261 rvt_free_rq(&qp->r_rq); 1262 1263 bail_driver_priv: 1264 rdi->driver_f.qp_priv_free(rdi, qp); 1265 1266 bail_qp: 1267 kfree(qp->s_ack_queue); 1268 kfree(qp->r_sg_list); 1269 vfree(swq); 1270 return ret; 1271 } 1272 1273 /** 1274 * rvt_error_qp - put a QP into the error state 1275 * @qp: the QP to put into the error state 1276 * @err: the receive completion error to signal if a RWQE is active 1277 * 1278 * Flushes both send and receive work queues. 1279 * 1280 * Return: true if last WQE event should be generated. 1281 * The QP r_lock and s_lock should be held and interrupts disabled. 1282 * If we are already in error state, just return. 1283 */ 1284 int rvt_error_qp(struct rvt_qp *qp, enum ib_wc_status err) 1285 { 1286 struct ib_wc wc; 1287 int ret = 0; 1288 struct rvt_dev_info *rdi = ib_to_rvt(qp->ibqp.device); 1289 1290 lockdep_assert_held(&qp->r_lock); 1291 lockdep_assert_held(&qp->s_lock); 1292 if (qp->state == IB_QPS_ERR || qp->state == IB_QPS_RESET) 1293 goto bail; 1294 1295 qp->state = IB_QPS_ERR; 1296 1297 if (qp->s_flags & (RVT_S_TIMER | RVT_S_WAIT_RNR)) { 1298 qp->s_flags &= ~(RVT_S_TIMER | RVT_S_WAIT_RNR); 1299 timer_delete(&qp->s_timer); 1300 } 1301 1302 if (qp->s_flags & RVT_S_ANY_WAIT_SEND) 1303 qp->s_flags &= ~RVT_S_ANY_WAIT_SEND; 1304 1305 rdi->driver_f.notify_error_qp(qp); 1306 1307 /* Schedule the sending tasklet to drain the send work queue. */ 1308 if (READ_ONCE(qp->s_last) != qp->s_head) 1309 rdi->driver_f.schedule_send(qp); 1310 1311 rvt_clear_mr_refs(qp, 0); 1312 1313 memset(&wc, 0, sizeof(wc)); 1314 wc.qp = &qp->ibqp; 1315 wc.opcode = IB_WC_RECV; 1316 1317 if (test_and_clear_bit(RVT_R_WRID_VALID, &qp->r_aflags)) { 1318 wc.wr_id = qp->r_wr_id; 1319 wc.status = err; 1320 rvt_cq_enter(ibcq_to_rvtcq(qp->ibqp.recv_cq), &wc, 1); 1321 } 1322 wc.status = IB_WC_WR_FLUSH_ERR; 1323 1324 if (qp->r_rq.kwq) { 1325 u32 head; 1326 u32 tail; 1327 struct rvt_rwq *wq = NULL; 1328 struct rvt_krwq *kwq = NULL; 1329 1330 spin_lock(&qp->r_rq.kwq->c_lock); 1331 /* qp->ip used to validate if there is a user buffer mmaped */ 1332 if (qp->ip) { 1333 wq = qp->r_rq.wq; 1334 head = RDMA_READ_UAPI_ATOMIC(wq->head); 1335 tail = RDMA_READ_UAPI_ATOMIC(wq->tail); 1336 } else { 1337 kwq = qp->r_rq.kwq; 1338 head = kwq->head; 1339 tail = kwq->tail; 1340 } 1341 /* sanity check pointers before trusting them */ 1342 if (head >= qp->r_rq.size) 1343 head = 0; 1344 if (tail >= qp->r_rq.size) 1345 tail = 0; 1346 while (tail != head) { 1347 wc.wr_id = rvt_get_rwqe_ptr(&qp->r_rq, tail)->wr_id; 1348 if (++tail >= qp->r_rq.size) 1349 tail = 0; 1350 rvt_cq_enter(ibcq_to_rvtcq(qp->ibqp.recv_cq), &wc, 1); 1351 } 1352 if (qp->ip) 1353 RDMA_WRITE_UAPI_ATOMIC(wq->tail, tail); 1354 else 1355 kwq->tail = tail; 1356 spin_unlock(&qp->r_rq.kwq->c_lock); 1357 } else if (qp->ibqp.event_handler) { 1358 ret = 1; 1359 } 1360 1361 bail: 1362 return ret; 1363 } 1364 EXPORT_SYMBOL(rvt_error_qp); 1365 1366 /* 1367 * Put the QP into the hash table. 1368 * The hash table holds a reference to the QP. 1369 */ 1370 static void rvt_insert_qp(struct rvt_dev_info *rdi, struct rvt_qp *qp) 1371 { 1372 struct rvt_ibport *rvp = rdi->ports[qp->port_num - 1]; 1373 unsigned long flags; 1374 1375 rvt_get_qp(qp); 1376 spin_lock_irqsave(&rdi->qp_dev->qpt_lock, flags); 1377 1378 if (qp->ibqp.qp_num <= 1) { 1379 rcu_assign_pointer(rvp->qp[qp->ibqp.qp_num], qp); 1380 } else { 1381 u32 n = hash_32(qp->ibqp.qp_num, rdi->qp_dev->qp_table_bits); 1382 1383 qp->next = rdi->qp_dev->qp_table[n]; 1384 rcu_assign_pointer(rdi->qp_dev->qp_table[n], qp); 1385 trace_rvt_qpinsert(qp, n); 1386 } 1387 1388 spin_unlock_irqrestore(&rdi->qp_dev->qpt_lock, flags); 1389 } 1390 1391 /** 1392 * rvt_modify_qp - modify the attributes of a queue pair 1393 * @ibqp: the queue pair who's attributes we're modifying 1394 * @attr: the new attributes 1395 * @attr_mask: the mask of attributes to modify 1396 * @udata: user data for libibverbs.so 1397 * 1398 * Return: 0 on success, otherwise returns an errno. 1399 */ 1400 int rvt_modify_qp(struct ib_qp *ibqp, struct ib_qp_attr *attr, 1401 int attr_mask, struct ib_udata *udata) 1402 { 1403 struct rvt_dev_info *rdi = ib_to_rvt(ibqp->device); 1404 struct rvt_qp *qp = ibqp_to_rvtqp(ibqp); 1405 enum ib_qp_state cur_state, new_state; 1406 struct ib_event ev; 1407 int lastwqe = 0; 1408 int mig = 0; 1409 int pmtu = 0; /* for gcc warning only */ 1410 int opa_ah; 1411 1412 if (attr_mask & ~IB_QP_ATTR_STANDARD_BITS) 1413 return -EOPNOTSUPP; 1414 1415 spin_lock_irq(&qp->r_lock); 1416 spin_lock(&qp->s_hlock); 1417 spin_lock(&qp->s_lock); 1418 1419 cur_state = attr_mask & IB_QP_CUR_STATE ? 1420 attr->cur_qp_state : qp->state; 1421 new_state = attr_mask & IB_QP_STATE ? attr->qp_state : cur_state; 1422 opa_ah = rdma_cap_opa_ah(ibqp->device, qp->port_num); 1423 1424 if (!ib_modify_qp_is_ok(cur_state, new_state, ibqp->qp_type, 1425 attr_mask)) 1426 goto inval; 1427 1428 if (rdi->driver_f.check_modify_qp && 1429 rdi->driver_f.check_modify_qp(qp, attr, attr_mask, udata)) 1430 goto inval; 1431 1432 if (attr_mask & IB_QP_AV) { 1433 if (opa_ah) { 1434 if (rdma_ah_get_dlid(&attr->ah_attr) >= 1435 opa_get_mcast_base(OPA_MCAST_NR)) 1436 goto inval; 1437 } else { 1438 if (rdma_ah_get_dlid(&attr->ah_attr) >= 1439 be16_to_cpu(IB_MULTICAST_LID_BASE)) 1440 goto inval; 1441 } 1442 1443 if (rvt_check_ah(qp->ibqp.device, &attr->ah_attr)) 1444 goto inval; 1445 } 1446 1447 if (attr_mask & IB_QP_ALT_PATH) { 1448 if (opa_ah) { 1449 if (rdma_ah_get_dlid(&attr->alt_ah_attr) >= 1450 opa_get_mcast_base(OPA_MCAST_NR)) 1451 goto inval; 1452 } else { 1453 if (rdma_ah_get_dlid(&attr->alt_ah_attr) >= 1454 be16_to_cpu(IB_MULTICAST_LID_BASE)) 1455 goto inval; 1456 } 1457 1458 if (rvt_check_ah(qp->ibqp.device, &attr->alt_ah_attr)) 1459 goto inval; 1460 if (attr->alt_pkey_index >= rvt_get_npkeys(rdi)) 1461 goto inval; 1462 } 1463 1464 if (attr_mask & IB_QP_PKEY_INDEX) 1465 if (attr->pkey_index >= rvt_get_npkeys(rdi)) 1466 goto inval; 1467 1468 if (attr_mask & IB_QP_MIN_RNR_TIMER) 1469 if (attr->min_rnr_timer > 31) 1470 goto inval; 1471 1472 if (attr_mask & IB_QP_PORT) 1473 if (qp->ibqp.qp_type == IB_QPT_SMI || 1474 qp->ibqp.qp_type == IB_QPT_GSI || 1475 attr->port_num == 0 || 1476 attr->port_num > ibqp->device->phys_port_cnt) 1477 goto inval; 1478 1479 if (attr_mask & IB_QP_DEST_QPN) 1480 if (attr->dest_qp_num > RVT_QPN_MASK) 1481 goto inval; 1482 1483 if (attr_mask & IB_QP_RETRY_CNT) 1484 if (attr->retry_cnt > 7) 1485 goto inval; 1486 1487 if (attr_mask & IB_QP_RNR_RETRY) 1488 if (attr->rnr_retry > 7) 1489 goto inval; 1490 1491 /* 1492 * Don't allow invalid path_mtu values. OK to set greater 1493 * than the active mtu (or even the max_cap, if we have tuned 1494 * that to a small mtu. We'll set qp->path_mtu 1495 * to the lesser of requested attribute mtu and active, 1496 * for packetizing messages. 1497 * Note that the QP port has to be set in INIT and MTU in RTR. 1498 */ 1499 if (attr_mask & IB_QP_PATH_MTU) { 1500 pmtu = rdi->driver_f.get_pmtu_from_attr(rdi, qp, attr); 1501 if (pmtu < 0) 1502 goto inval; 1503 } 1504 1505 if (attr_mask & IB_QP_PATH_MIG_STATE) { 1506 if (attr->path_mig_state == IB_MIG_REARM) { 1507 if (qp->s_mig_state == IB_MIG_ARMED) 1508 goto inval; 1509 if (new_state != IB_QPS_RTS) 1510 goto inval; 1511 } else if (attr->path_mig_state == IB_MIG_MIGRATED) { 1512 if (qp->s_mig_state == IB_MIG_REARM) 1513 goto inval; 1514 if (new_state != IB_QPS_RTS && new_state != IB_QPS_SQD) 1515 goto inval; 1516 if (qp->s_mig_state == IB_MIG_ARMED) 1517 mig = 1; 1518 } else { 1519 goto inval; 1520 } 1521 } 1522 1523 if (attr_mask & IB_QP_MAX_DEST_RD_ATOMIC) 1524 if (attr->max_dest_rd_atomic > rdi->dparms.max_rdma_atomic) 1525 goto inval; 1526 1527 switch (new_state) { 1528 case IB_QPS_RESET: 1529 if (qp->state != IB_QPS_RESET) 1530 _rvt_reset_qp(rdi, qp, ibqp->qp_type); 1531 break; 1532 1533 case IB_QPS_RTR: 1534 /* Allow event to re-trigger if QP set to RTR more than once */ 1535 qp->r_flags &= ~RVT_R_COMM_EST; 1536 qp->state = new_state; 1537 break; 1538 1539 case IB_QPS_SQD: 1540 qp->s_draining = qp->s_last != qp->s_cur; 1541 qp->state = new_state; 1542 break; 1543 1544 case IB_QPS_SQE: 1545 if (qp->ibqp.qp_type == IB_QPT_RC) 1546 goto inval; 1547 qp->state = new_state; 1548 break; 1549 1550 case IB_QPS_ERR: 1551 lastwqe = rvt_error_qp(qp, IB_WC_WR_FLUSH_ERR); 1552 break; 1553 1554 default: 1555 qp->state = new_state; 1556 break; 1557 } 1558 1559 if (attr_mask & IB_QP_PKEY_INDEX) 1560 qp->s_pkey_index = attr->pkey_index; 1561 1562 if (attr_mask & IB_QP_PORT) 1563 qp->port_num = attr->port_num; 1564 1565 if (attr_mask & IB_QP_DEST_QPN) 1566 qp->remote_qpn = attr->dest_qp_num; 1567 1568 if (attr_mask & IB_QP_SQ_PSN) { 1569 qp->s_next_psn = attr->sq_psn & rdi->dparms.psn_modify_mask; 1570 qp->s_psn = qp->s_next_psn; 1571 qp->s_sending_psn = qp->s_next_psn; 1572 qp->s_last_psn = qp->s_next_psn - 1; 1573 qp->s_sending_hpsn = qp->s_last_psn; 1574 } 1575 1576 if (attr_mask & IB_QP_RQ_PSN) 1577 qp->r_psn = attr->rq_psn & rdi->dparms.psn_modify_mask; 1578 1579 if (attr_mask & IB_QP_ACCESS_FLAGS) 1580 qp->qp_access_flags = attr->qp_access_flags; 1581 1582 if (attr_mask & IB_QP_AV) { 1583 rdma_replace_ah_attr(&qp->remote_ah_attr, &attr->ah_attr); 1584 qp->s_srate = rdma_ah_get_static_rate(&attr->ah_attr); 1585 qp->srate_mbps = ib_rate_to_mbps(qp->s_srate); 1586 } 1587 1588 if (attr_mask & IB_QP_ALT_PATH) { 1589 rdma_replace_ah_attr(&qp->alt_ah_attr, &attr->alt_ah_attr); 1590 qp->s_alt_pkey_index = attr->alt_pkey_index; 1591 } 1592 1593 if (attr_mask & IB_QP_PATH_MIG_STATE) { 1594 qp->s_mig_state = attr->path_mig_state; 1595 if (mig) { 1596 qp->remote_ah_attr = qp->alt_ah_attr; 1597 qp->port_num = rdma_ah_get_port_num(&qp->alt_ah_attr); 1598 qp->s_pkey_index = qp->s_alt_pkey_index; 1599 } 1600 } 1601 1602 if (attr_mask & IB_QP_PATH_MTU) { 1603 qp->pmtu = rdi->driver_f.mtu_from_qp(rdi, qp, pmtu); 1604 qp->log_pmtu = ilog2(qp->pmtu); 1605 } 1606 1607 if (attr_mask & IB_QP_RETRY_CNT) { 1608 qp->s_retry_cnt = attr->retry_cnt; 1609 qp->s_retry = attr->retry_cnt; 1610 } 1611 1612 if (attr_mask & IB_QP_RNR_RETRY) { 1613 qp->s_rnr_retry_cnt = attr->rnr_retry; 1614 qp->s_rnr_retry = attr->rnr_retry; 1615 } 1616 1617 if (attr_mask & IB_QP_MIN_RNR_TIMER) 1618 qp->r_min_rnr_timer = attr->min_rnr_timer; 1619 1620 if (attr_mask & IB_QP_TIMEOUT) { 1621 qp->timeout = attr->timeout; 1622 qp->timeout_jiffies = rvt_timeout_to_jiffies(qp->timeout); 1623 } 1624 1625 if (attr_mask & IB_QP_QKEY) 1626 qp->qkey = attr->qkey; 1627 1628 if (attr_mask & IB_QP_MAX_DEST_RD_ATOMIC) 1629 qp->r_max_rd_atomic = attr->max_dest_rd_atomic; 1630 1631 if (attr_mask & IB_QP_MAX_QP_RD_ATOMIC) 1632 qp->s_max_rd_atomic = attr->max_rd_atomic; 1633 1634 if (rdi->driver_f.modify_qp) 1635 rdi->driver_f.modify_qp(qp, attr, attr_mask, udata); 1636 1637 spin_unlock(&qp->s_lock); 1638 spin_unlock(&qp->s_hlock); 1639 spin_unlock_irq(&qp->r_lock); 1640 1641 if (cur_state == IB_QPS_RESET && new_state == IB_QPS_INIT) 1642 rvt_insert_qp(rdi, qp); 1643 1644 if (lastwqe) { 1645 ev.device = qp->ibqp.device; 1646 ev.element.qp = &qp->ibqp; 1647 ev.event = IB_EVENT_QP_LAST_WQE_REACHED; 1648 qp->ibqp.event_handler(&ev, qp->ibqp.qp_context); 1649 } 1650 if (mig) { 1651 ev.device = qp->ibqp.device; 1652 ev.element.qp = &qp->ibqp; 1653 ev.event = IB_EVENT_PATH_MIG; 1654 qp->ibqp.event_handler(&ev, qp->ibqp.qp_context); 1655 } 1656 return 0; 1657 1658 inval: 1659 spin_unlock(&qp->s_lock); 1660 spin_unlock(&qp->s_hlock); 1661 spin_unlock_irq(&qp->r_lock); 1662 return -EINVAL; 1663 } 1664 1665 /** 1666 * rvt_destroy_qp - destroy a queue pair 1667 * @ibqp: the queue pair to destroy 1668 * @udata: unused by the driver 1669 * 1670 * Note that this can be called while the QP is actively sending or 1671 * receiving! 1672 * 1673 * Return: 0 on success. 1674 */ 1675 int rvt_destroy_qp(struct ib_qp *ibqp, struct ib_udata *udata) 1676 { 1677 struct rvt_qp *qp = ibqp_to_rvtqp(ibqp); 1678 struct rvt_dev_info *rdi = ib_to_rvt(ibqp->device); 1679 1680 rvt_reset_qp(rdi, qp, ibqp->qp_type); 1681 1682 wait_event(qp->wait, !atomic_read(&qp->refcount)); 1683 /* qpn is now available for use again */ 1684 rvt_free_qpn(&rdi->qp_dev->qpn_table, qp->ibqp.qp_num); 1685 1686 spin_lock(&rdi->n_qps_lock); 1687 rdi->n_qps_allocated--; 1688 if (qp->ibqp.qp_type == IB_QPT_RC) { 1689 rdi->n_rc_qps--; 1690 rdi->busy_jiffies = rdi->n_rc_qps / RC_QP_SCALING_INTERVAL; 1691 } 1692 spin_unlock(&rdi->n_qps_lock); 1693 1694 if (qp->ip) 1695 kref_put(&qp->ip->ref, rvt_release_mmap_info); 1696 kvfree(qp->r_rq.kwq); 1697 rdi->driver_f.qp_priv_free(rdi, qp); 1698 kfree(qp->s_ack_queue); 1699 kfree(qp->r_sg_list); 1700 rdma_destroy_ah_attr(&qp->remote_ah_attr); 1701 rdma_destroy_ah_attr(&qp->alt_ah_attr); 1702 free_ud_wq_attr(qp); 1703 vfree(qp->s_wq); 1704 return 0; 1705 } 1706 1707 /** 1708 * rvt_query_qp - query an ipbq 1709 * @ibqp: IB qp to query 1710 * @attr: attr struct to fill in 1711 * @attr_mask: attr mask ignored 1712 * @init_attr: struct to fill in 1713 * 1714 * Return: always 0 1715 */ 1716 int rvt_query_qp(struct ib_qp *ibqp, struct ib_qp_attr *attr, 1717 int attr_mask, struct ib_qp_init_attr *init_attr) 1718 { 1719 struct rvt_qp *qp = ibqp_to_rvtqp(ibqp); 1720 struct rvt_dev_info *rdi = ib_to_rvt(ibqp->device); 1721 1722 attr->qp_state = qp->state; 1723 attr->cur_qp_state = attr->qp_state; 1724 attr->path_mtu = rdi->driver_f.mtu_to_path_mtu(qp->pmtu); 1725 attr->path_mig_state = qp->s_mig_state; 1726 attr->qkey = qp->qkey; 1727 attr->rq_psn = qp->r_psn & rdi->dparms.psn_mask; 1728 attr->sq_psn = qp->s_next_psn & rdi->dparms.psn_mask; 1729 attr->dest_qp_num = qp->remote_qpn; 1730 attr->qp_access_flags = qp->qp_access_flags; 1731 attr->cap.max_send_wr = qp->s_size - 1 - 1732 rdi->dparms.reserved_operations; 1733 attr->cap.max_recv_wr = qp->ibqp.srq ? 0 : qp->r_rq.size - 1; 1734 attr->cap.max_send_sge = qp->s_max_sge; 1735 attr->cap.max_recv_sge = qp->r_rq.max_sge; 1736 attr->cap.max_inline_data = 0; 1737 attr->ah_attr = qp->remote_ah_attr; 1738 attr->alt_ah_attr = qp->alt_ah_attr; 1739 attr->pkey_index = qp->s_pkey_index; 1740 attr->alt_pkey_index = qp->s_alt_pkey_index; 1741 attr->en_sqd_async_notify = 0; 1742 attr->sq_draining = qp->s_draining; 1743 attr->max_rd_atomic = qp->s_max_rd_atomic; 1744 attr->max_dest_rd_atomic = qp->r_max_rd_atomic; 1745 attr->min_rnr_timer = qp->r_min_rnr_timer; 1746 attr->port_num = qp->port_num; 1747 attr->timeout = qp->timeout; 1748 attr->retry_cnt = qp->s_retry_cnt; 1749 attr->rnr_retry = qp->s_rnr_retry_cnt; 1750 attr->alt_port_num = 1751 rdma_ah_get_port_num(&qp->alt_ah_attr); 1752 attr->alt_timeout = qp->alt_timeout; 1753 1754 init_attr->event_handler = qp->ibqp.event_handler; 1755 init_attr->qp_context = qp->ibqp.qp_context; 1756 init_attr->send_cq = qp->ibqp.send_cq; 1757 init_attr->recv_cq = qp->ibqp.recv_cq; 1758 init_attr->srq = qp->ibqp.srq; 1759 init_attr->cap = attr->cap; 1760 if (qp->s_flags & RVT_S_SIGNAL_REQ_WR) 1761 init_attr->sq_sig_type = IB_SIGNAL_REQ_WR; 1762 else 1763 init_attr->sq_sig_type = IB_SIGNAL_ALL_WR; 1764 init_attr->qp_type = qp->ibqp.qp_type; 1765 init_attr->port_num = qp->port_num; 1766 return 0; 1767 } 1768 1769 /** 1770 * rvt_post_recv - post a receive on a QP 1771 * @ibqp: the QP to post the receive on 1772 * @wr: the WR to post 1773 * @bad_wr: the first bad WR is put here 1774 * 1775 * This may be called from interrupt context. 1776 * 1777 * Return: 0 on success otherwise errno 1778 */ 1779 int rvt_post_recv(struct ib_qp *ibqp, const struct ib_recv_wr *wr, 1780 const struct ib_recv_wr **bad_wr) 1781 { 1782 struct rvt_qp *qp = ibqp_to_rvtqp(ibqp); 1783 struct rvt_krwq *wq = qp->r_rq.kwq; 1784 unsigned long flags; 1785 int qp_err_flush = (ib_rvt_state_ops[qp->state] & RVT_FLUSH_RECV) && 1786 !qp->ibqp.srq; 1787 1788 /* Check that state is OK to post receive. */ 1789 if (!(ib_rvt_state_ops[qp->state] & RVT_POST_RECV_OK) || !wq) { 1790 *bad_wr = wr; 1791 return -EINVAL; 1792 } 1793 1794 for (; wr; wr = wr->next) { 1795 struct rvt_rwqe *wqe; 1796 u32 next; 1797 int i; 1798 1799 if ((unsigned)wr->num_sge > qp->r_rq.max_sge) { 1800 *bad_wr = wr; 1801 return -EINVAL; 1802 } 1803 1804 spin_lock_irqsave(&qp->r_rq.kwq->p_lock, flags); 1805 next = wq->head + 1; 1806 if (next >= qp->r_rq.size) 1807 next = 0; 1808 if (next == READ_ONCE(wq->tail)) { 1809 spin_unlock_irqrestore(&qp->r_rq.kwq->p_lock, flags); 1810 *bad_wr = wr; 1811 return -ENOMEM; 1812 } 1813 if (unlikely(qp_err_flush)) { 1814 struct ib_wc wc; 1815 1816 memset(&wc, 0, sizeof(wc)); 1817 wc.qp = &qp->ibqp; 1818 wc.opcode = IB_WC_RECV; 1819 wc.wr_id = wr->wr_id; 1820 wc.status = IB_WC_WR_FLUSH_ERR; 1821 rvt_cq_enter(ibcq_to_rvtcq(qp->ibqp.recv_cq), &wc, 1); 1822 } else { 1823 wqe = rvt_get_rwqe_ptr(&qp->r_rq, wq->head); 1824 wqe->wr_id = wr->wr_id; 1825 wqe->num_sge = wr->num_sge; 1826 for (i = 0; i < wr->num_sge; i++) { 1827 wqe->sg_list[i].addr = wr->sg_list[i].addr; 1828 wqe->sg_list[i].length = wr->sg_list[i].length; 1829 wqe->sg_list[i].lkey = wr->sg_list[i].lkey; 1830 } 1831 /* 1832 * Make sure queue entry is written 1833 * before the head index. 1834 */ 1835 smp_store_release(&wq->head, next); 1836 } 1837 spin_unlock_irqrestore(&qp->r_rq.kwq->p_lock, flags); 1838 } 1839 return 0; 1840 } 1841 1842 /** 1843 * rvt_qp_valid_operation - validate post send wr request 1844 * @qp: the qp 1845 * @post_parms: the post send table for the driver 1846 * @wr: the work request 1847 * 1848 * The routine validates the operation based on the 1849 * validation table an returns the length of the operation 1850 * which can extend beyond the ib_send_bw. Operation 1851 * dependent flags key atomic operation validation. 1852 * 1853 * There is an exception for UD qps that validates the pd and 1854 * overrides the length to include the additional UD specific 1855 * length. 1856 * 1857 * Returns a negative error or the length of the work request 1858 * for building the swqe. 1859 */ 1860 static inline int rvt_qp_valid_operation( 1861 struct rvt_qp *qp, 1862 const struct rvt_operation_params *post_parms, 1863 const struct ib_send_wr *wr) 1864 { 1865 int len; 1866 1867 if (wr->opcode >= RVT_OPERATION_MAX || !post_parms[wr->opcode].length) 1868 return -EINVAL; 1869 if (!(post_parms[wr->opcode].qpt_support & BIT(qp->ibqp.qp_type))) 1870 return -EINVAL; 1871 if ((post_parms[wr->opcode].flags & RVT_OPERATION_PRIV) && 1872 ibpd_to_rvtpd(qp->ibqp.pd)->user) 1873 return -EINVAL; 1874 if (post_parms[wr->opcode].flags & RVT_OPERATION_ATOMIC_SGE && 1875 (wr->num_sge == 0 || 1876 wr->sg_list[0].length < sizeof(u64) || 1877 wr->sg_list[0].addr & (sizeof(u64) - 1))) 1878 return -EINVAL; 1879 if (post_parms[wr->opcode].flags & RVT_OPERATION_ATOMIC && 1880 !qp->s_max_rd_atomic) 1881 return -EINVAL; 1882 len = post_parms[wr->opcode].length; 1883 /* UD specific */ 1884 if (qp->ibqp.qp_type != IB_QPT_UC && 1885 qp->ibqp.qp_type != IB_QPT_RC) { 1886 if (qp->ibqp.pd != ud_wr(wr)->ah->pd) 1887 return -EINVAL; 1888 len = sizeof(struct ib_ud_wr); 1889 } 1890 return len; 1891 } 1892 1893 /** 1894 * rvt_qp_is_avail - determine queue capacity 1895 * @qp: the qp 1896 * @rdi: the rdmavt device 1897 * @reserved_op: is reserved operation 1898 * 1899 * This assumes the s_hlock is held but the s_last 1900 * qp variable is uncontrolled. 1901 * 1902 * For non reserved operations, the qp->s_avail 1903 * may be changed. 1904 * 1905 * The return value is zero or a -ENOMEM. 1906 */ 1907 static inline int rvt_qp_is_avail( 1908 struct rvt_qp *qp, 1909 struct rvt_dev_info *rdi, 1910 bool reserved_op) 1911 { 1912 u32 slast; 1913 u32 avail; 1914 u32 reserved_used; 1915 1916 /* see rvt_qp_wqe_unreserve() */ 1917 smp_mb__before_atomic(); 1918 if (unlikely(reserved_op)) { 1919 /* see rvt_qp_wqe_unreserve() */ 1920 reserved_used = atomic_read(&qp->s_reserved_used); 1921 if (reserved_used >= rdi->dparms.reserved_operations) 1922 return -ENOMEM; 1923 return 0; 1924 } 1925 /* non-reserved operations */ 1926 if (likely(qp->s_avail)) 1927 return 0; 1928 /* See rvt_qp_complete_swqe() */ 1929 slast = smp_load_acquire(&qp->s_last); 1930 if (qp->s_head >= slast) 1931 avail = qp->s_size - (qp->s_head - slast); 1932 else 1933 avail = slast - qp->s_head; 1934 1935 reserved_used = atomic_read(&qp->s_reserved_used); 1936 avail = avail - 1 - 1937 (rdi->dparms.reserved_operations - reserved_used); 1938 /* insure we don't assign a negative s_avail */ 1939 if ((s32)avail <= 0) 1940 return -ENOMEM; 1941 qp->s_avail = avail; 1942 if (WARN_ON(qp->s_avail > 1943 (qp->s_size - 1 - rdi->dparms.reserved_operations))) 1944 rvt_pr_err(rdi, 1945 "More avail entries than QP RB size.\nQP: %u, size: %u, avail: %u\nhead: %u, tail: %u, cur: %u, acked: %u, last: %u", 1946 qp->ibqp.qp_num, qp->s_size, qp->s_avail, 1947 qp->s_head, qp->s_tail, qp->s_cur, 1948 qp->s_acked, qp->s_last); 1949 return 0; 1950 } 1951 1952 /** 1953 * rvt_post_one_wr - post one RC, UC, or UD send work request 1954 * @qp: the QP to post on 1955 * @wr: the work request to send 1956 * @call_send: kick the send engine into gear 1957 */ 1958 static int rvt_post_one_wr(struct rvt_qp *qp, 1959 const struct ib_send_wr *wr, 1960 bool *call_send) 1961 { 1962 struct rvt_swqe *wqe; 1963 u32 next; 1964 int i; 1965 int j; 1966 int acc; 1967 struct rvt_lkey_table *rkt; 1968 struct rvt_pd *pd; 1969 struct rvt_dev_info *rdi = ib_to_rvt(qp->ibqp.device); 1970 u8 log_pmtu; 1971 int ret; 1972 size_t cplen; 1973 bool reserved_op; 1974 int local_ops_delayed = 0; 1975 1976 BUILD_BUG_ON(IB_QPT_MAX >= (sizeof(u32) * BITS_PER_BYTE)); 1977 1978 /* IB spec says that num_sge == 0 is OK. */ 1979 if (unlikely(wr->num_sge > qp->s_max_sge)) 1980 return -EINVAL; 1981 1982 ret = rvt_qp_valid_operation(qp, rdi->post_parms, wr); 1983 if (ret < 0) 1984 return ret; 1985 cplen = ret; 1986 1987 /* 1988 * Local operations include fast register and local invalidate. 1989 * Fast register needs to be processed immediately because the 1990 * registered lkey may be used by following work requests and the 1991 * lkey needs to be valid at the time those requests are posted. 1992 * Local invalidate can be processed immediately if fencing is 1993 * not required and no previous local invalidate ops are pending. 1994 * Signaled local operations that have been processed immediately 1995 * need to have requests with "completion only" flags set posted 1996 * to the send queue in order to generate completions. 1997 */ 1998 if ((rdi->post_parms[wr->opcode].flags & RVT_OPERATION_LOCAL)) { 1999 switch (wr->opcode) { 2000 case IB_WR_REG_MR: 2001 ret = rvt_fast_reg_mr(qp, 2002 reg_wr(wr)->mr, 2003 reg_wr(wr)->key, 2004 reg_wr(wr)->access); 2005 if (ret || !(wr->send_flags & IB_SEND_SIGNALED)) 2006 return ret; 2007 break; 2008 case IB_WR_LOCAL_INV: 2009 if ((wr->send_flags & IB_SEND_FENCE) || 2010 atomic_read(&qp->local_ops_pending)) { 2011 local_ops_delayed = 1; 2012 } else { 2013 ret = rvt_invalidate_rkey( 2014 qp, wr->ex.invalidate_rkey); 2015 if (ret || !(wr->send_flags & IB_SEND_SIGNALED)) 2016 return ret; 2017 } 2018 break; 2019 default: 2020 return -EINVAL; 2021 } 2022 } 2023 2024 reserved_op = rdi->post_parms[wr->opcode].flags & 2025 RVT_OPERATION_USE_RESERVE; 2026 /* check for avail */ 2027 ret = rvt_qp_is_avail(qp, rdi, reserved_op); 2028 if (ret) 2029 return ret; 2030 next = qp->s_head + 1; 2031 if (next >= qp->s_size) 2032 next = 0; 2033 2034 rkt = &rdi->lkey_table; 2035 pd = ibpd_to_rvtpd(qp->ibqp.pd); 2036 wqe = rvt_get_swqe_ptr(qp, qp->s_head); 2037 2038 /* cplen has length from above */ 2039 memcpy(&wqe->ud_wr, wr, cplen); 2040 2041 wqe->length = 0; 2042 j = 0; 2043 if (wr->num_sge) { 2044 struct rvt_sge *last_sge = NULL; 2045 2046 acc = wr->opcode >= IB_WR_RDMA_READ ? 2047 IB_ACCESS_LOCAL_WRITE : 0; 2048 for (i = 0; i < wr->num_sge; i++) { 2049 u32 length = wr->sg_list[i].length; 2050 2051 if (length == 0) 2052 continue; 2053 ret = rvt_lkey_ok(rkt, pd, &wqe->sg_list[j], last_sge, 2054 &wr->sg_list[i], acc); 2055 if (unlikely(ret < 0)) 2056 goto bail_inval_free; 2057 wqe->length += length; 2058 if (ret) 2059 last_sge = &wqe->sg_list[j]; 2060 j += ret; 2061 } 2062 wqe->wr.num_sge = j; 2063 } 2064 2065 /* 2066 * Calculate and set SWQE PSN values prior to handing it off 2067 * to the driver's check routine. This give the driver the 2068 * opportunity to adjust PSN values based on internal checks. 2069 */ 2070 log_pmtu = qp->log_pmtu; 2071 if (qp->allowed_ops == IB_OPCODE_UD) { 2072 struct rvt_ah *ah = rvt_get_swqe_ah(wqe); 2073 2074 log_pmtu = ah->log_pmtu; 2075 rdma_copy_ah_attr(wqe->ud_wr.attr, &ah->attr); 2076 } 2077 2078 if (rdi->post_parms[wr->opcode].flags & RVT_OPERATION_LOCAL) { 2079 if (local_ops_delayed) 2080 atomic_inc(&qp->local_ops_pending); 2081 else 2082 wqe->wr.send_flags |= RVT_SEND_COMPLETION_ONLY; 2083 wqe->ssn = 0; 2084 wqe->psn = 0; 2085 wqe->lpsn = 0; 2086 } else { 2087 wqe->ssn = qp->s_ssn++; 2088 wqe->psn = qp->s_next_psn; 2089 wqe->lpsn = wqe->psn + 2090 (wqe->length ? 2091 ((wqe->length - 1) >> log_pmtu) : 2092 0); 2093 } 2094 2095 /* general part of wqe valid - allow for driver checks */ 2096 if (rdi->driver_f.setup_wqe) { 2097 ret = rdi->driver_f.setup_wqe(qp, wqe, call_send); 2098 if (ret < 0) 2099 goto bail_inval_free_ref; 2100 } 2101 2102 if (!(rdi->post_parms[wr->opcode].flags & RVT_OPERATION_LOCAL)) 2103 qp->s_next_psn = wqe->lpsn + 1; 2104 2105 if (unlikely(reserved_op)) { 2106 wqe->wr.send_flags |= RVT_SEND_RESERVE_USED; 2107 rvt_qp_wqe_reserve(qp, wqe); 2108 } else { 2109 wqe->wr.send_flags &= ~RVT_SEND_RESERVE_USED; 2110 qp->s_avail--; 2111 } 2112 trace_rvt_post_one_wr(qp, wqe, wr->num_sge); 2113 smp_wmb(); /* see request builders */ 2114 qp->s_head = next; 2115 2116 return 0; 2117 2118 bail_inval_free_ref: 2119 if (qp->allowed_ops == IB_OPCODE_UD) 2120 rdma_destroy_ah_attr(wqe->ud_wr.attr); 2121 bail_inval_free: 2122 /* release mr holds */ 2123 while (j) { 2124 struct rvt_sge *sge = &wqe->sg_list[--j]; 2125 2126 rvt_put_mr(sge->mr); 2127 } 2128 return ret; 2129 } 2130 2131 /** 2132 * rvt_post_send - post a send on a QP 2133 * @ibqp: the QP to post the send on 2134 * @wr: the list of work requests to post 2135 * @bad_wr: the first bad WR is put here 2136 * 2137 * This may be called from interrupt context. 2138 * 2139 * Return: 0 on success else errno 2140 */ 2141 int rvt_post_send(struct ib_qp *ibqp, const struct ib_send_wr *wr, 2142 const struct ib_send_wr **bad_wr) 2143 { 2144 struct rvt_qp *qp = ibqp_to_rvtqp(ibqp); 2145 struct rvt_dev_info *rdi = ib_to_rvt(ibqp->device); 2146 unsigned long flags = 0; 2147 bool call_send; 2148 unsigned nreq = 0; 2149 int err = 0; 2150 2151 spin_lock_irqsave(&qp->s_hlock, flags); 2152 2153 /* 2154 * Ensure QP state is such that we can send. If not bail out early, 2155 * there is no need to do this every time we post a send. 2156 */ 2157 if (unlikely(!(ib_rvt_state_ops[qp->state] & RVT_POST_SEND_OK))) { 2158 spin_unlock_irqrestore(&qp->s_hlock, flags); 2159 return -EINVAL; 2160 } 2161 2162 /* 2163 * If the send queue is empty, and we only have a single WR then just go 2164 * ahead and kick the send engine into gear. Otherwise we will always 2165 * just schedule the send to happen later. 2166 */ 2167 call_send = qp->s_head == READ_ONCE(qp->s_last) && !wr->next; 2168 2169 for (; wr; wr = wr->next) { 2170 err = rvt_post_one_wr(qp, wr, &call_send); 2171 if (unlikely(err)) { 2172 *bad_wr = wr; 2173 goto bail; 2174 } 2175 nreq++; 2176 } 2177 bail: 2178 spin_unlock_irqrestore(&qp->s_hlock, flags); 2179 if (nreq) { 2180 /* 2181 * Only call do_send if there is exactly one packet, and the 2182 * driver said it was ok. 2183 */ 2184 if (nreq == 1 && call_send) 2185 rdi->driver_f.do_send(qp); 2186 else 2187 rdi->driver_f.schedule_send_no_lock(qp); 2188 } 2189 return err; 2190 } 2191 2192 /** 2193 * rvt_post_srq_recv - post a receive on a shared receive queue 2194 * @ibsrq: the SRQ to post the receive on 2195 * @wr: the list of work requests to post 2196 * @bad_wr: A pointer to the first WR to cause a problem is put here 2197 * 2198 * This may be called from interrupt context. 2199 * 2200 * Return: 0 on success else errno 2201 */ 2202 int rvt_post_srq_recv(struct ib_srq *ibsrq, const struct ib_recv_wr *wr, 2203 const struct ib_recv_wr **bad_wr) 2204 { 2205 struct rvt_srq *srq = ibsrq_to_rvtsrq(ibsrq); 2206 struct rvt_krwq *wq; 2207 unsigned long flags; 2208 2209 for (; wr; wr = wr->next) { 2210 struct rvt_rwqe *wqe; 2211 u32 next; 2212 int i; 2213 2214 if ((unsigned)wr->num_sge > srq->rq.max_sge) { 2215 *bad_wr = wr; 2216 return -EINVAL; 2217 } 2218 2219 spin_lock_irqsave(&srq->rq.kwq->p_lock, flags); 2220 wq = srq->rq.kwq; 2221 next = wq->head + 1; 2222 if (next >= srq->rq.size) 2223 next = 0; 2224 if (next == READ_ONCE(wq->tail)) { 2225 spin_unlock_irqrestore(&srq->rq.kwq->p_lock, flags); 2226 *bad_wr = wr; 2227 return -ENOMEM; 2228 } 2229 2230 wqe = rvt_get_rwqe_ptr(&srq->rq, wq->head); 2231 wqe->wr_id = wr->wr_id; 2232 wqe->num_sge = wr->num_sge; 2233 for (i = 0; i < wr->num_sge; i++) { 2234 wqe->sg_list[i].addr = wr->sg_list[i].addr; 2235 wqe->sg_list[i].length = wr->sg_list[i].length; 2236 wqe->sg_list[i].lkey = wr->sg_list[i].lkey; 2237 } 2238 /* Make sure queue entry is written before the head index. */ 2239 smp_store_release(&wq->head, next); 2240 spin_unlock_irqrestore(&srq->rq.kwq->p_lock, flags); 2241 } 2242 return 0; 2243 } 2244 2245 /* 2246 * rvt used the internal kernel struct as part of its ABI, for now make sure 2247 * the kernel struct does not change layout. FIXME: rvt should never cast the 2248 * user struct to a kernel struct. 2249 */ 2250 static struct ib_sge *rvt_cast_sge(struct rvt_wqe_sge *sge) 2251 { 2252 BUILD_BUG_ON(offsetof(struct ib_sge, addr) != 2253 offsetof(struct rvt_wqe_sge, addr)); 2254 BUILD_BUG_ON(offsetof(struct ib_sge, length) != 2255 offsetof(struct rvt_wqe_sge, length)); 2256 BUILD_BUG_ON(offsetof(struct ib_sge, lkey) != 2257 offsetof(struct rvt_wqe_sge, lkey)); 2258 return (struct ib_sge *)sge; 2259 } 2260 2261 /* 2262 * Validate a RWQE and fill in the SGE state. 2263 * Return 1 if OK. 2264 */ 2265 static int init_sge(struct rvt_qp *qp, struct rvt_rwqe *wqe) 2266 { 2267 int i, j, ret; 2268 struct ib_wc wc; 2269 struct rvt_lkey_table *rkt; 2270 struct rvt_pd *pd; 2271 struct rvt_sge_state *ss; 2272 struct rvt_dev_info *rdi = ib_to_rvt(qp->ibqp.device); 2273 2274 rkt = &rdi->lkey_table; 2275 pd = ibpd_to_rvtpd(qp->ibqp.srq ? qp->ibqp.srq->pd : qp->ibqp.pd); 2276 ss = &qp->r_sge; 2277 ss->sg_list = qp->r_sg_list; 2278 qp->r_len = 0; 2279 for (i = j = 0; i < wqe->num_sge; i++) { 2280 if (wqe->sg_list[i].length == 0) 2281 continue; 2282 /* Check LKEY */ 2283 ret = rvt_lkey_ok(rkt, pd, j ? &ss->sg_list[j - 1] : &ss->sge, 2284 NULL, rvt_cast_sge(&wqe->sg_list[i]), 2285 IB_ACCESS_LOCAL_WRITE); 2286 if (unlikely(ret <= 0)) 2287 goto bad_lkey; 2288 qp->r_len += wqe->sg_list[i].length; 2289 j++; 2290 } 2291 ss->num_sge = j; 2292 ss->total_len = qp->r_len; 2293 return 1; 2294 2295 bad_lkey: 2296 while (j) { 2297 struct rvt_sge *sge = --j ? &ss->sg_list[j - 1] : &ss->sge; 2298 2299 rvt_put_mr(sge->mr); 2300 } 2301 ss->num_sge = 0; 2302 memset(&wc, 0, sizeof(wc)); 2303 wc.wr_id = wqe->wr_id; 2304 wc.status = IB_WC_LOC_PROT_ERR; 2305 wc.opcode = IB_WC_RECV; 2306 wc.qp = &qp->ibqp; 2307 /* Signal solicited completion event. */ 2308 rvt_cq_enter(ibcq_to_rvtcq(qp->ibqp.recv_cq), &wc, 1); 2309 return 0; 2310 } 2311 2312 /** 2313 * get_rvt_head - get head indices of the circular buffer 2314 * @rq: data structure for request queue entry 2315 * @ip: the QP 2316 * 2317 * Return - head index value 2318 */ 2319 static inline u32 get_rvt_head(struct rvt_rq *rq, void *ip) 2320 { 2321 u32 head; 2322 2323 if (ip) 2324 head = RDMA_READ_UAPI_ATOMIC(rq->wq->head); 2325 else 2326 head = rq->kwq->head; 2327 2328 return head; 2329 } 2330 2331 /** 2332 * rvt_get_rwqe - copy the next RWQE into the QP's RWQE 2333 * @qp: the QP 2334 * @wr_id_only: update qp->r_wr_id only, not qp->r_sge 2335 * 2336 * Return -1 if there is a local error, 0 if no RWQE is available, 2337 * otherwise return 1. 2338 * 2339 * Can be called from interrupt level. 2340 */ 2341 int rvt_get_rwqe(struct rvt_qp *qp, bool wr_id_only) 2342 { 2343 unsigned long flags; 2344 struct rvt_rq *rq; 2345 struct rvt_krwq *kwq = NULL; 2346 struct rvt_rwq *wq; 2347 struct rvt_srq *srq; 2348 struct rvt_rwqe *wqe; 2349 void (*handler)(struct ib_event *, void *); 2350 u32 tail; 2351 u32 head; 2352 int ret; 2353 void *ip = NULL; 2354 2355 if (qp->ibqp.srq) { 2356 srq = ibsrq_to_rvtsrq(qp->ibqp.srq); 2357 handler = srq->ibsrq.event_handler; 2358 rq = &srq->rq; 2359 ip = srq->ip; 2360 } else { 2361 srq = NULL; 2362 handler = NULL; 2363 rq = &qp->r_rq; 2364 ip = qp->ip; 2365 } 2366 2367 spin_lock_irqsave(&rq->kwq->c_lock, flags); 2368 if (!(ib_rvt_state_ops[qp->state] & RVT_PROCESS_RECV_OK)) { 2369 ret = 0; 2370 goto unlock; 2371 } 2372 kwq = rq->kwq; 2373 if (ip) { 2374 wq = rq->wq; 2375 tail = RDMA_READ_UAPI_ATOMIC(wq->tail); 2376 } else { 2377 tail = kwq->tail; 2378 } 2379 2380 /* Validate tail before using it since it is user writable. */ 2381 if (tail >= rq->size) 2382 tail = 0; 2383 2384 if (kwq->count < RVT_RWQ_COUNT_THRESHOLD) { 2385 head = get_rvt_head(rq, ip); 2386 kwq->count = rvt_get_rq_count(rq, head, tail); 2387 } 2388 if (unlikely(kwq->count == 0)) { 2389 ret = 0; 2390 goto unlock; 2391 } 2392 /* Make sure entry is read after the count is read. */ 2393 smp_rmb(); 2394 wqe = rvt_get_rwqe_ptr(rq, tail); 2395 /* 2396 * Even though we update the tail index in memory, the verbs 2397 * consumer is not supposed to post more entries until a 2398 * completion is generated. 2399 */ 2400 if (++tail >= rq->size) 2401 tail = 0; 2402 if (ip) 2403 RDMA_WRITE_UAPI_ATOMIC(wq->tail, tail); 2404 else 2405 kwq->tail = tail; 2406 if (!wr_id_only && !init_sge(qp, wqe)) { 2407 ret = -1; 2408 goto unlock; 2409 } 2410 qp->r_wr_id = wqe->wr_id; 2411 2412 kwq->count--; 2413 ret = 1; 2414 set_bit(RVT_R_WRID_VALID, &qp->r_aflags); 2415 if (handler) { 2416 /* 2417 * Validate head pointer value and compute 2418 * the number of remaining WQEs. 2419 */ 2420 if (kwq->count < srq->limit) { 2421 kwq->count = 2422 rvt_get_rq_count(rq, 2423 get_rvt_head(rq, ip), tail); 2424 if (kwq->count < srq->limit) { 2425 struct ib_event ev; 2426 2427 srq->limit = 0; 2428 spin_unlock_irqrestore(&rq->kwq->c_lock, flags); 2429 ev.device = qp->ibqp.device; 2430 ev.element.srq = qp->ibqp.srq; 2431 ev.event = IB_EVENT_SRQ_LIMIT_REACHED; 2432 handler(&ev, srq->ibsrq.srq_context); 2433 goto bail; 2434 } 2435 } 2436 } 2437 unlock: 2438 spin_unlock_irqrestore(&rq->kwq->c_lock, flags); 2439 bail: 2440 return ret; 2441 } 2442 EXPORT_SYMBOL(rvt_get_rwqe); 2443 2444 /** 2445 * rvt_comm_est - handle trap with QP established 2446 * @qp: the QP 2447 */ 2448 void rvt_comm_est(struct rvt_qp *qp) 2449 { 2450 qp->r_flags |= RVT_R_COMM_EST; 2451 if (qp->ibqp.event_handler) { 2452 struct ib_event ev; 2453 2454 ev.device = qp->ibqp.device; 2455 ev.element.qp = &qp->ibqp; 2456 ev.event = IB_EVENT_COMM_EST; 2457 qp->ibqp.event_handler(&ev, qp->ibqp.qp_context); 2458 } 2459 } 2460 EXPORT_SYMBOL(rvt_comm_est); 2461 2462 void rvt_rc_error(struct rvt_qp *qp, enum ib_wc_status err) 2463 { 2464 unsigned long flags; 2465 int lastwqe; 2466 2467 spin_lock_irqsave(&qp->s_lock, flags); 2468 lastwqe = rvt_error_qp(qp, err); 2469 spin_unlock_irqrestore(&qp->s_lock, flags); 2470 2471 if (lastwqe) { 2472 struct ib_event ev; 2473 2474 ev.device = qp->ibqp.device; 2475 ev.element.qp = &qp->ibqp; 2476 ev.event = IB_EVENT_QP_LAST_WQE_REACHED; 2477 qp->ibqp.event_handler(&ev, qp->ibqp.qp_context); 2478 } 2479 } 2480 EXPORT_SYMBOL(rvt_rc_error); 2481 2482 /* 2483 * rvt_rnr_tbl_to_usec - return index into ib_rvt_rnr_table 2484 * @index - the index 2485 * return usec from an index into ib_rvt_rnr_table 2486 */ 2487 unsigned long rvt_rnr_tbl_to_usec(u32 index) 2488 { 2489 return ib_rvt_rnr_table[(index & IB_AETH_CREDIT_MASK)]; 2490 } 2491 EXPORT_SYMBOL(rvt_rnr_tbl_to_usec); 2492 2493 static inline unsigned long rvt_aeth_to_usec(u32 aeth) 2494 { 2495 return ib_rvt_rnr_table[(aeth >> IB_AETH_CREDIT_SHIFT) & 2496 IB_AETH_CREDIT_MASK]; 2497 } 2498 2499 /* 2500 * rvt_add_retry_timer_ext - add/start a retry timer 2501 * @qp - the QP 2502 * @shift - timeout shift to wait for multiple packets 2503 * add a retry timer on the QP 2504 */ 2505 void rvt_add_retry_timer_ext(struct rvt_qp *qp, u8 shift) 2506 { 2507 struct ib_qp *ibqp = &qp->ibqp; 2508 struct rvt_dev_info *rdi = ib_to_rvt(ibqp->device); 2509 2510 lockdep_assert_held(&qp->s_lock); 2511 qp->s_flags |= RVT_S_TIMER; 2512 /* 4.096 usec. * (1 << qp->timeout) */ 2513 qp->s_timer.expires = jiffies + rdi->busy_jiffies + 2514 (qp->timeout_jiffies << shift); 2515 add_timer(&qp->s_timer); 2516 } 2517 EXPORT_SYMBOL(rvt_add_retry_timer_ext); 2518 2519 /** 2520 * rvt_add_rnr_timer - add/start an rnr timer on the QP 2521 * @qp: the QP 2522 * @aeth: aeth of RNR timeout, simulated aeth for loopback 2523 */ 2524 void rvt_add_rnr_timer(struct rvt_qp *qp, u32 aeth) 2525 { 2526 u32 to; 2527 2528 lockdep_assert_held(&qp->s_lock); 2529 qp->s_flags |= RVT_S_WAIT_RNR; 2530 to = rvt_aeth_to_usec(aeth); 2531 trace_rvt_rnrnak_add(qp, to); 2532 hrtimer_start(&qp->s_rnr_timer, 2533 ns_to_ktime(1000 * to), HRTIMER_MODE_REL_PINNED); 2534 } 2535 EXPORT_SYMBOL(rvt_add_rnr_timer); 2536 2537 /** 2538 * rvt_stop_rc_timers - stop all timers 2539 * @qp: the QP 2540 * stop any pending timers 2541 */ 2542 void rvt_stop_rc_timers(struct rvt_qp *qp) 2543 { 2544 lockdep_assert_held(&qp->s_lock); 2545 /* Remove QP from all timers */ 2546 if (qp->s_flags & (RVT_S_TIMER | RVT_S_WAIT_RNR)) { 2547 qp->s_flags &= ~(RVT_S_TIMER | RVT_S_WAIT_RNR); 2548 timer_delete(&qp->s_timer); 2549 hrtimer_try_to_cancel(&qp->s_rnr_timer); 2550 } 2551 } 2552 EXPORT_SYMBOL(rvt_stop_rc_timers); 2553 2554 /** 2555 * rvt_stop_rnr_timer - stop an rnr timer 2556 * @qp: the QP 2557 * 2558 * stop an rnr timer and return if the timer 2559 * had been pending. 2560 */ 2561 static void rvt_stop_rnr_timer(struct rvt_qp *qp) 2562 { 2563 lockdep_assert_held(&qp->s_lock); 2564 /* Remove QP from rnr timer */ 2565 if (qp->s_flags & RVT_S_WAIT_RNR) { 2566 qp->s_flags &= ~RVT_S_WAIT_RNR; 2567 trace_rvt_rnrnak_stop(qp, 0); 2568 } 2569 } 2570 2571 /** 2572 * rvt_del_timers_sync - wait for any timeout routines to exit 2573 * @qp: the QP 2574 */ 2575 void rvt_del_timers_sync(struct rvt_qp *qp) 2576 { 2577 timer_delete_sync(&qp->s_timer); 2578 hrtimer_cancel(&qp->s_rnr_timer); 2579 } 2580 EXPORT_SYMBOL(rvt_del_timers_sync); 2581 2582 /* 2583 * This is called from s_timer for missing responses. 2584 */ 2585 static void rvt_rc_timeout(struct timer_list *t) 2586 { 2587 struct rvt_qp *qp = timer_container_of(qp, t, s_timer); 2588 struct rvt_dev_info *rdi = ib_to_rvt(qp->ibqp.device); 2589 unsigned long flags; 2590 2591 spin_lock_irqsave(&qp->r_lock, flags); 2592 spin_lock(&qp->s_lock); 2593 if (qp->s_flags & RVT_S_TIMER) { 2594 struct rvt_ibport *rvp = rdi->ports[qp->port_num - 1]; 2595 2596 qp->s_flags &= ~RVT_S_TIMER; 2597 rvp->n_rc_timeouts++; 2598 timer_delete(&qp->s_timer); 2599 trace_rvt_rc_timeout(qp, qp->s_last_psn + 1); 2600 if (rdi->driver_f.notify_restart_rc) 2601 rdi->driver_f.notify_restart_rc(qp, 2602 qp->s_last_psn + 1, 2603 1); 2604 rdi->driver_f.schedule_send(qp); 2605 } 2606 spin_unlock(&qp->s_lock); 2607 spin_unlock_irqrestore(&qp->r_lock, flags); 2608 } 2609 2610 /* 2611 * This is called from s_timer for RNR timeouts. 2612 */ 2613 enum hrtimer_restart rvt_rc_rnr_retry(struct hrtimer *t) 2614 { 2615 struct rvt_qp *qp = container_of(t, struct rvt_qp, s_rnr_timer); 2616 struct rvt_dev_info *rdi = ib_to_rvt(qp->ibqp.device); 2617 unsigned long flags; 2618 2619 spin_lock_irqsave(&qp->s_lock, flags); 2620 rvt_stop_rnr_timer(qp); 2621 trace_rvt_rnrnak_timeout(qp, 0); 2622 rdi->driver_f.schedule_send(qp); 2623 spin_unlock_irqrestore(&qp->s_lock, flags); 2624 return HRTIMER_NORESTART; 2625 } 2626 EXPORT_SYMBOL(rvt_rc_rnr_retry); 2627 2628 /** 2629 * rvt_qp_iter_init - initial for QP iteration 2630 * @rdi: rvt devinfo 2631 * @v: u64 value 2632 * @cb: user-defined callback 2633 * 2634 * This returns an iterator suitable for iterating QPs 2635 * in the system. 2636 * 2637 * The @cb is a user-defined callback and @v is a 64-bit 2638 * value passed to and relevant for processing in the 2639 * @cb. An example use case would be to alter QP processing 2640 * based on criteria not part of the rvt_qp. 2641 * 2642 * Use cases that require memory allocation to succeed 2643 * must preallocate appropriately. 2644 * 2645 * Return: a pointer to an rvt_qp_iter or NULL 2646 */ 2647 struct rvt_qp_iter *rvt_qp_iter_init(struct rvt_dev_info *rdi, 2648 u64 v, 2649 void (*cb)(struct rvt_qp *qp, u64 v)) 2650 { 2651 struct rvt_qp_iter *i; 2652 2653 i = kzalloc(sizeof(*i), GFP_KERNEL); 2654 if (!i) 2655 return NULL; 2656 2657 i->rdi = rdi; 2658 /* number of special QPs (SMI/GSI) for device */ 2659 i->specials = rdi->ibdev.phys_port_cnt * 2; 2660 i->v = v; 2661 i->cb = cb; 2662 2663 return i; 2664 } 2665 EXPORT_SYMBOL(rvt_qp_iter_init); 2666 2667 /** 2668 * rvt_qp_iter_next - return the next QP in iter 2669 * @iter: the iterator 2670 * 2671 * Fine grained QP iterator suitable for use 2672 * with debugfs seq_file mechanisms. 2673 * 2674 * Updates iter->qp with the current QP when the return 2675 * value is 0. 2676 * 2677 * Return: 0 - iter->qp is valid 1 - no more QPs 2678 */ 2679 int rvt_qp_iter_next(struct rvt_qp_iter *iter) 2680 __must_hold(RCU) 2681 { 2682 int n = iter->n; 2683 int ret = 1; 2684 struct rvt_qp *pqp = iter->qp; 2685 struct rvt_qp *qp; 2686 struct rvt_dev_info *rdi = iter->rdi; 2687 2688 /* 2689 * The approach is to consider the special qps 2690 * as additional table entries before the 2691 * real hash table. Since the qp code sets 2692 * the qp->next hash link to NULL, this works just fine. 2693 * 2694 * iter->specials is 2 * # ports 2695 * 2696 * n = 0..iter->specials is the special qp indices 2697 * 2698 * n = iter->specials..rdi->qp_dev->qp_table_size+iter->specials are 2699 * the potential hash bucket entries 2700 * 2701 */ 2702 for (; n < rdi->qp_dev->qp_table_size + iter->specials; n++) { 2703 if (pqp) { 2704 qp = rcu_dereference(pqp->next); 2705 } else { 2706 if (n < iter->specials) { 2707 struct rvt_ibport *rvp; 2708 int pidx; 2709 2710 pidx = n % rdi->ibdev.phys_port_cnt; 2711 rvp = rdi->ports[pidx]; 2712 qp = rcu_dereference(rvp->qp[n & 1]); 2713 } else { 2714 qp = rcu_dereference( 2715 rdi->qp_dev->qp_table[ 2716 (n - iter->specials)]); 2717 } 2718 } 2719 pqp = qp; 2720 if (qp) { 2721 iter->qp = qp; 2722 iter->n = n; 2723 return 0; 2724 } 2725 } 2726 return ret; 2727 } 2728 EXPORT_SYMBOL(rvt_qp_iter_next); 2729 2730 /** 2731 * rvt_qp_iter - iterate all QPs 2732 * @rdi: rvt devinfo 2733 * @v: a 64-bit value 2734 * @cb: a callback 2735 * 2736 * This provides a way for iterating all QPs. 2737 * 2738 * The @cb is a user-defined callback and @v is a 64-bit 2739 * value passed to and relevant for processing in the 2740 * cb. An example use case would be to alter QP processing 2741 * based on criteria not part of the rvt_qp. 2742 * 2743 * The code has an internal iterator to simplify 2744 * non seq_file use cases. 2745 */ 2746 void rvt_qp_iter(struct rvt_dev_info *rdi, 2747 u64 v, 2748 void (*cb)(struct rvt_qp *qp, u64 v)) 2749 { 2750 int ret; 2751 struct rvt_qp_iter i = { 2752 .rdi = rdi, 2753 .specials = rdi->ibdev.phys_port_cnt * 2, 2754 .v = v, 2755 .cb = cb 2756 }; 2757 2758 rcu_read_lock(); 2759 do { 2760 ret = rvt_qp_iter_next(&i); 2761 if (!ret) { 2762 rvt_get_qp(i.qp); 2763 rcu_read_unlock(); 2764 i.cb(i.qp, i.v); 2765 rcu_read_lock(); 2766 rvt_put_qp(i.qp); 2767 } 2768 } while (!ret); 2769 rcu_read_unlock(); 2770 } 2771 EXPORT_SYMBOL(rvt_qp_iter); 2772 2773 /* 2774 * This should be called with s_lock and r_lock held. 2775 */ 2776 void rvt_send_complete(struct rvt_qp *qp, struct rvt_swqe *wqe, 2777 enum ib_wc_status status) 2778 { 2779 u32 old_last, last; 2780 struct rvt_dev_info *rdi; 2781 2782 if (!(ib_rvt_state_ops[qp->state] & RVT_PROCESS_OR_FLUSH_SEND)) 2783 return; 2784 rdi = ib_to_rvt(qp->ibqp.device); 2785 2786 old_last = qp->s_last; 2787 trace_rvt_qp_send_completion(qp, wqe, old_last); 2788 last = rvt_qp_complete_swqe(qp, wqe, rdi->wc_opcode[wqe->wr.opcode], 2789 status); 2790 if (qp->s_acked == old_last) 2791 qp->s_acked = last; 2792 if (qp->s_cur == old_last) 2793 qp->s_cur = last; 2794 if (qp->s_tail == old_last) 2795 qp->s_tail = last; 2796 if (qp->state == IB_QPS_SQD && last == qp->s_cur) 2797 qp->s_draining = 0; 2798 } 2799 EXPORT_SYMBOL(rvt_send_complete); 2800 2801 /** 2802 * rvt_copy_sge - copy data to SGE memory 2803 * @qp: associated QP 2804 * @ss: the SGE state 2805 * @data: the data to copy 2806 * @length: the length of the data 2807 * @release: boolean to release MR 2808 * @copy_last: do a separate copy of the last 8 bytes 2809 */ 2810 void rvt_copy_sge(struct rvt_qp *qp, struct rvt_sge_state *ss, 2811 void *data, u32 length, 2812 bool release, bool copy_last) 2813 { 2814 struct rvt_sge *sge = &ss->sge; 2815 int i; 2816 bool in_last = false; 2817 bool cacheless_copy = false; 2818 struct rvt_dev_info *rdi = ib_to_rvt(qp->ibqp.device); 2819 struct rvt_wss *wss = rdi->wss; 2820 unsigned int sge_copy_mode = rdi->dparms.sge_copy_mode; 2821 2822 if (sge_copy_mode == RVT_SGE_COPY_CACHELESS) { 2823 cacheless_copy = length >= PAGE_SIZE; 2824 } else if (sge_copy_mode == RVT_SGE_COPY_ADAPTIVE) { 2825 if (length >= PAGE_SIZE) { 2826 /* 2827 * NOTE: this *assumes*: 2828 * o The first vaddr is the dest. 2829 * o If multiple pages, then vaddr is sequential. 2830 */ 2831 wss_insert(wss, sge->vaddr); 2832 if (length >= (2 * PAGE_SIZE)) 2833 wss_insert(wss, (sge->vaddr + PAGE_SIZE)); 2834 2835 cacheless_copy = wss_exceeds_threshold(wss); 2836 } else { 2837 wss_advance_clean_counter(wss); 2838 } 2839 } 2840 2841 if (copy_last) { 2842 if (length > 8) { 2843 length -= 8; 2844 } else { 2845 copy_last = false; 2846 in_last = true; 2847 } 2848 } 2849 2850 again: 2851 while (length) { 2852 u32 len = rvt_get_sge_length(sge, length); 2853 2854 WARN_ON_ONCE(len == 0); 2855 if (unlikely(in_last)) { 2856 /* enforce byte transfer ordering */ 2857 for (i = 0; i < len; i++) 2858 ((u8 *)sge->vaddr)[i] = ((u8 *)data)[i]; 2859 } else if (cacheless_copy) { 2860 cacheless_memcpy(sge->vaddr, data, len); 2861 } else { 2862 memcpy(sge->vaddr, data, len); 2863 } 2864 rvt_update_sge(ss, len, release); 2865 data += len; 2866 length -= len; 2867 } 2868 2869 if (copy_last) { 2870 copy_last = false; 2871 in_last = true; 2872 length = 8; 2873 goto again; 2874 } 2875 } 2876 EXPORT_SYMBOL(rvt_copy_sge); 2877 2878 static enum ib_wc_status loopback_qp_drop(struct rvt_ibport *rvp, 2879 struct rvt_qp *sqp) 2880 { 2881 rvp->n_pkt_drops++; 2882 /* 2883 * For RC, the requester would timeout and retry so 2884 * shortcut the timeouts and just signal too many retries. 2885 */ 2886 return sqp->ibqp.qp_type == IB_QPT_RC ? 2887 IB_WC_RETRY_EXC_ERR : IB_WC_SUCCESS; 2888 } 2889 2890 /** 2891 * rvt_ruc_loopback - handle UC and RC loopback requests 2892 * @sqp: the sending QP 2893 * 2894 * This is called from rvt_do_send() to forward a WQE addressed to the same HFI 2895 * Note that although we are single threaded due to the send engine, we still 2896 * have to protect against post_send(). We don't have to worry about 2897 * receive interrupts since this is a connected protocol and all packets 2898 * will pass through here. 2899 */ 2900 void rvt_ruc_loopback(struct rvt_qp *sqp) 2901 { 2902 struct rvt_ibport *rvp = NULL; 2903 struct rvt_dev_info *rdi = ib_to_rvt(sqp->ibqp.device); 2904 struct rvt_qp *qp; 2905 struct rvt_swqe *wqe; 2906 struct rvt_sge *sge; 2907 unsigned long flags; 2908 struct ib_wc wc; 2909 u64 sdata; 2910 atomic64_t *maddr; 2911 enum ib_wc_status send_status; 2912 bool release; 2913 int ret; 2914 bool copy_last = false; 2915 int local_ops = 0; 2916 2917 rcu_read_lock(); 2918 rvp = rdi->ports[sqp->port_num - 1]; 2919 2920 /* 2921 * Note that we check the responder QP state after 2922 * checking the requester's state. 2923 */ 2924 2925 qp = rvt_lookup_qpn(ib_to_rvt(sqp->ibqp.device), rvp, 2926 sqp->remote_qpn); 2927 2928 spin_lock_irqsave(&sqp->s_lock, flags); 2929 2930 /* Return if we are already busy processing a work request. */ 2931 if ((sqp->s_flags & (RVT_S_BUSY | RVT_S_ANY_WAIT)) || 2932 !(ib_rvt_state_ops[sqp->state] & RVT_PROCESS_OR_FLUSH_SEND)) 2933 goto unlock; 2934 2935 sqp->s_flags |= RVT_S_BUSY; 2936 2937 again: 2938 if (sqp->s_last == READ_ONCE(sqp->s_head)) 2939 goto clr_busy; 2940 wqe = rvt_get_swqe_ptr(sqp, sqp->s_last); 2941 2942 /* Return if it is not OK to start a new work request. */ 2943 if (!(ib_rvt_state_ops[sqp->state] & RVT_PROCESS_NEXT_SEND_OK)) { 2944 if (!(ib_rvt_state_ops[sqp->state] & RVT_FLUSH_SEND)) 2945 goto clr_busy; 2946 /* We are in the error state, flush the work request. */ 2947 send_status = IB_WC_WR_FLUSH_ERR; 2948 goto flush_send; 2949 } 2950 2951 /* 2952 * We can rely on the entry not changing without the s_lock 2953 * being held until we update s_last. 2954 * We increment s_cur to indicate s_last is in progress. 2955 */ 2956 if (sqp->s_last == sqp->s_cur) { 2957 if (++sqp->s_cur >= sqp->s_size) 2958 sqp->s_cur = 0; 2959 } 2960 spin_unlock_irqrestore(&sqp->s_lock, flags); 2961 2962 if (!qp) { 2963 send_status = loopback_qp_drop(rvp, sqp); 2964 goto serr_no_r_lock; 2965 } 2966 spin_lock_irqsave(&qp->r_lock, flags); 2967 if (!(ib_rvt_state_ops[qp->state] & RVT_PROCESS_RECV_OK) || 2968 qp->ibqp.qp_type != sqp->ibqp.qp_type) { 2969 send_status = loopback_qp_drop(rvp, sqp); 2970 goto serr; 2971 } 2972 2973 memset(&wc, 0, sizeof(wc)); 2974 send_status = IB_WC_SUCCESS; 2975 2976 release = true; 2977 sqp->s_sge.sge = wqe->sg_list[0]; 2978 sqp->s_sge.sg_list = wqe->sg_list + 1; 2979 sqp->s_sge.num_sge = wqe->wr.num_sge; 2980 sqp->s_len = wqe->length; 2981 switch (wqe->wr.opcode) { 2982 case IB_WR_REG_MR: 2983 goto send_comp; 2984 2985 case IB_WR_LOCAL_INV: 2986 if (!(wqe->wr.send_flags & RVT_SEND_COMPLETION_ONLY)) { 2987 if (rvt_invalidate_rkey(sqp, 2988 wqe->wr.ex.invalidate_rkey)) 2989 send_status = IB_WC_LOC_PROT_ERR; 2990 local_ops = 1; 2991 } 2992 goto send_comp; 2993 2994 case IB_WR_SEND_WITH_INV: 2995 case IB_WR_SEND_WITH_IMM: 2996 case IB_WR_SEND: 2997 ret = rvt_get_rwqe(qp, false); 2998 if (ret < 0) 2999 goto op_err; 3000 if (!ret) 3001 goto rnr_nak; 3002 if (wqe->length > qp->r_len) 3003 goto inv_err; 3004 switch (wqe->wr.opcode) { 3005 case IB_WR_SEND_WITH_INV: 3006 if (!rvt_invalidate_rkey(qp, 3007 wqe->wr.ex.invalidate_rkey)) { 3008 wc.wc_flags = IB_WC_WITH_INVALIDATE; 3009 wc.ex.invalidate_rkey = 3010 wqe->wr.ex.invalidate_rkey; 3011 } 3012 break; 3013 case IB_WR_SEND_WITH_IMM: 3014 wc.wc_flags = IB_WC_WITH_IMM; 3015 wc.ex.imm_data = wqe->wr.ex.imm_data; 3016 break; 3017 default: 3018 break; 3019 } 3020 break; 3021 3022 case IB_WR_RDMA_WRITE_WITH_IMM: 3023 if (unlikely(!(qp->qp_access_flags & IB_ACCESS_REMOTE_WRITE))) 3024 goto inv_err; 3025 wc.wc_flags = IB_WC_WITH_IMM; 3026 wc.ex.imm_data = wqe->wr.ex.imm_data; 3027 ret = rvt_get_rwqe(qp, true); 3028 if (ret < 0) 3029 goto op_err; 3030 if (!ret) 3031 goto rnr_nak; 3032 /* skip copy_last set and qp_access_flags recheck */ 3033 goto do_write; 3034 case IB_WR_RDMA_WRITE: 3035 copy_last = rvt_is_user_qp(qp); 3036 if (unlikely(!(qp->qp_access_flags & IB_ACCESS_REMOTE_WRITE))) 3037 goto inv_err; 3038 do_write: 3039 if (wqe->length == 0) 3040 break; 3041 if (unlikely(!rvt_rkey_ok(qp, &qp->r_sge.sge, wqe->length, 3042 wqe->rdma_wr.remote_addr, 3043 wqe->rdma_wr.rkey, 3044 IB_ACCESS_REMOTE_WRITE))) 3045 goto acc_err; 3046 qp->r_sge.sg_list = NULL; 3047 qp->r_sge.num_sge = 1; 3048 qp->r_sge.total_len = wqe->length; 3049 break; 3050 3051 case IB_WR_RDMA_READ: 3052 if (unlikely(!(qp->qp_access_flags & IB_ACCESS_REMOTE_READ))) 3053 goto inv_err; 3054 if (unlikely(!rvt_rkey_ok(qp, &sqp->s_sge.sge, wqe->length, 3055 wqe->rdma_wr.remote_addr, 3056 wqe->rdma_wr.rkey, 3057 IB_ACCESS_REMOTE_READ))) 3058 goto acc_err; 3059 release = false; 3060 sqp->s_sge.sg_list = NULL; 3061 sqp->s_sge.num_sge = 1; 3062 qp->r_sge.sge = wqe->sg_list[0]; 3063 qp->r_sge.sg_list = wqe->sg_list + 1; 3064 qp->r_sge.num_sge = wqe->wr.num_sge; 3065 qp->r_sge.total_len = wqe->length; 3066 break; 3067 3068 case IB_WR_ATOMIC_CMP_AND_SWP: 3069 case IB_WR_ATOMIC_FETCH_AND_ADD: 3070 if (unlikely(!(qp->qp_access_flags & IB_ACCESS_REMOTE_ATOMIC))) 3071 goto inv_err; 3072 if (unlikely(wqe->atomic_wr.remote_addr & (sizeof(u64) - 1))) 3073 goto inv_err; 3074 if (unlikely(!rvt_rkey_ok(qp, &qp->r_sge.sge, sizeof(u64), 3075 wqe->atomic_wr.remote_addr, 3076 wqe->atomic_wr.rkey, 3077 IB_ACCESS_REMOTE_ATOMIC))) 3078 goto acc_err; 3079 /* Perform atomic OP and save result. */ 3080 maddr = (atomic64_t *)qp->r_sge.sge.vaddr; 3081 sdata = wqe->atomic_wr.compare_add; 3082 *(u64 *)sqp->s_sge.sge.vaddr = 3083 (wqe->wr.opcode == IB_WR_ATOMIC_FETCH_AND_ADD) ? 3084 (u64)atomic64_add_return(sdata, maddr) - sdata : 3085 (u64)cmpxchg((u64 *)qp->r_sge.sge.vaddr, 3086 sdata, wqe->atomic_wr.swap); 3087 rvt_put_mr(qp->r_sge.sge.mr); 3088 qp->r_sge.num_sge = 0; 3089 goto send_comp; 3090 3091 default: 3092 send_status = IB_WC_LOC_QP_OP_ERR; 3093 goto serr; 3094 } 3095 3096 sge = &sqp->s_sge.sge; 3097 while (sqp->s_len) { 3098 u32 len = rvt_get_sge_length(sge, sqp->s_len); 3099 3100 WARN_ON_ONCE(len == 0); 3101 rvt_copy_sge(qp, &qp->r_sge, sge->vaddr, 3102 len, release, copy_last); 3103 rvt_update_sge(&sqp->s_sge, len, !release); 3104 sqp->s_len -= len; 3105 } 3106 if (release) 3107 rvt_put_ss(&qp->r_sge); 3108 3109 if (!test_and_clear_bit(RVT_R_WRID_VALID, &qp->r_aflags)) 3110 goto send_comp; 3111 3112 if (wqe->wr.opcode == IB_WR_RDMA_WRITE_WITH_IMM) 3113 wc.opcode = IB_WC_RECV_RDMA_WITH_IMM; 3114 else 3115 wc.opcode = IB_WC_RECV; 3116 wc.wr_id = qp->r_wr_id; 3117 wc.status = IB_WC_SUCCESS; 3118 wc.byte_len = wqe->length; 3119 wc.qp = &qp->ibqp; 3120 wc.src_qp = qp->remote_qpn; 3121 wc.slid = rdma_ah_get_dlid(&qp->remote_ah_attr) & U16_MAX; 3122 wc.sl = rdma_ah_get_sl(&qp->remote_ah_attr); 3123 wc.port_num = 1; 3124 /* Signal completion event if the solicited bit is set. */ 3125 rvt_recv_cq(qp, &wc, wqe->wr.send_flags & IB_SEND_SOLICITED); 3126 3127 send_comp: 3128 spin_unlock_irqrestore(&qp->r_lock, flags); 3129 spin_lock_irqsave(&sqp->s_lock, flags); 3130 rvp->n_loop_pkts++; 3131 flush_send: 3132 sqp->s_rnr_retry = sqp->s_rnr_retry_cnt; 3133 spin_lock(&sqp->r_lock); 3134 rvt_send_complete(sqp, wqe, send_status); 3135 spin_unlock(&sqp->r_lock); 3136 if (local_ops) { 3137 atomic_dec(&sqp->local_ops_pending); 3138 local_ops = 0; 3139 } 3140 goto again; 3141 3142 rnr_nak: 3143 /* Handle RNR NAK */ 3144 if (qp->ibqp.qp_type == IB_QPT_UC) 3145 goto send_comp; 3146 rvp->n_rnr_naks++; 3147 /* 3148 * Note: we don't need the s_lock held since the BUSY flag 3149 * makes this single threaded. 3150 */ 3151 if (sqp->s_rnr_retry == 0) { 3152 send_status = IB_WC_RNR_RETRY_EXC_ERR; 3153 goto serr; 3154 } 3155 if (sqp->s_rnr_retry_cnt < 7) 3156 sqp->s_rnr_retry--; 3157 spin_unlock_irqrestore(&qp->r_lock, flags); 3158 spin_lock_irqsave(&sqp->s_lock, flags); 3159 if (!(ib_rvt_state_ops[sqp->state] & RVT_PROCESS_RECV_OK)) 3160 goto clr_busy; 3161 rvt_add_rnr_timer(sqp, qp->r_min_rnr_timer << 3162 IB_AETH_CREDIT_SHIFT); 3163 goto clr_busy; 3164 3165 op_err: 3166 send_status = IB_WC_REM_OP_ERR; 3167 wc.status = IB_WC_LOC_QP_OP_ERR; 3168 goto err; 3169 3170 inv_err: 3171 send_status = 3172 sqp->ibqp.qp_type == IB_QPT_RC ? 3173 IB_WC_REM_INV_REQ_ERR : 3174 IB_WC_SUCCESS; 3175 wc.status = IB_WC_LOC_QP_OP_ERR; 3176 goto err; 3177 3178 acc_err: 3179 send_status = IB_WC_REM_ACCESS_ERR; 3180 wc.status = IB_WC_LOC_PROT_ERR; 3181 err: 3182 /* responder goes to error state */ 3183 rvt_rc_error(qp, wc.status); 3184 3185 serr: 3186 spin_unlock_irqrestore(&qp->r_lock, flags); 3187 serr_no_r_lock: 3188 spin_lock_irqsave(&sqp->s_lock, flags); 3189 spin_lock(&sqp->r_lock); 3190 rvt_send_complete(sqp, wqe, send_status); 3191 spin_unlock(&sqp->r_lock); 3192 if (sqp->ibqp.qp_type == IB_QPT_RC) { 3193 int lastwqe; 3194 3195 spin_lock(&sqp->r_lock); 3196 lastwqe = rvt_error_qp(sqp, IB_WC_WR_FLUSH_ERR); 3197 spin_unlock(&sqp->r_lock); 3198 3199 sqp->s_flags &= ~RVT_S_BUSY; 3200 spin_unlock_irqrestore(&sqp->s_lock, flags); 3201 if (lastwqe) { 3202 struct ib_event ev; 3203 3204 ev.device = sqp->ibqp.device; 3205 ev.element.qp = &sqp->ibqp; 3206 ev.event = IB_EVENT_QP_LAST_WQE_REACHED; 3207 sqp->ibqp.event_handler(&ev, sqp->ibqp.qp_context); 3208 } 3209 goto done; 3210 } 3211 clr_busy: 3212 sqp->s_flags &= ~RVT_S_BUSY; 3213 unlock: 3214 spin_unlock_irqrestore(&sqp->s_lock, flags); 3215 done: 3216 rcu_read_unlock(); 3217 } 3218 EXPORT_SYMBOL(rvt_ruc_loopback); 3219