1 /*
2 * Copyright (c) 2004 Topspin Communications. All rights reserved.
3 * Copyright (c) 2005 Voltaire, Inc. All rights reserved.
4 * Copyright (c) 2005 Sun Microsystems, Inc. All rights reserved.
5 * Copyright (c) 2008 Cisco. All rights reserved.
6 *
7 * This software is available to you under a choice of one of two
8 * licenses. You may choose to be licensed under the terms of the GNU
9 * General Public License (GPL) Version 2, available from the file
10 * COPYING in the main directory of this source tree, or the
11 * OpenIB.org BSD license below:
12 *
13 * Redistribution and use in source and binary forms, with or
14 * without modification, are permitted provided that the following
15 * conditions are met:
16 *
17 * - Redistributions of source code must retain the above
18 * copyright notice, this list of conditions and the following
19 * disclaimer.
20 *
21 * - Redistributions in binary form must reproduce the above
22 * copyright notice, this list of conditions and the following
23 * disclaimer in the documentation and/or other materials
24 * provided with the distribution.
25 *
26 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
27 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
28 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
29 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
30 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
31 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
32 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
33 * SOFTWARE.
34 */
35
36 #include <linux/module.h>
37 #include <linux/device.h>
38 #include <linux/err.h>
39 #include <linux/fs.h>
40 #include <linux/cdev.h>
41 #include <linux/dma-mapping.h>
42 #include <linux/poll.h>
43 #include <linux/mutex.h>
44 #include <linux/kref.h>
45 #include <linux/compat.h>
46 #include <linux/semaphore.h>
47
48 #include <asm/uaccess.h>
49
50 #include <rdma/ib_mad.h>
51 #include <rdma/ib_user_mad.h>
52
53 MODULE_AUTHOR("Roland Dreier");
54 MODULE_DESCRIPTION("InfiniBand userspace MAD packet access");
55 MODULE_LICENSE("Dual BSD/GPL");
56
57 enum {
58 IB_UMAD_MAX_PORTS = 64,
59 IB_UMAD_MAX_AGENTS = 32,
60
61 IB_UMAD_MAJOR = 231,
62 IB_UMAD_MINOR_BASE = 0
63 };
64
65 /*
66 * Our lifetime rules for these structs are the following: each time a
67 * device special file is opened, we look up the corresponding struct
68 * ib_umad_port by minor in the umad_port[] table while holding the
69 * port_lock. If this lookup succeeds, we take a reference on the
70 * ib_umad_port's struct ib_umad_device while still holding the
71 * port_lock; if the lookup fails, we fail the open(). We drop these
72 * references in the corresponding close().
73 *
74 * In addition to references coming from open character devices, there
75 * is one more reference to each ib_umad_device representing the
76 * module's reference taken when allocating the ib_umad_device in
77 * ib_umad_add_one().
78 *
79 * When destroying an ib_umad_device, we clear all of its
80 * ib_umad_ports from umad_port[] while holding port_lock before
81 * dropping the module's reference to the ib_umad_device. This is
82 * always safe because any open() calls will either succeed and obtain
83 * a reference before we clear the umad_port[] entries, or fail after
84 * we clear the umad_port[] entries.
85 */
86
87 struct ib_umad_port {
88 struct cdev *cdev;
89 struct device *dev;
90
91 struct cdev *sm_cdev;
92 struct device *sm_dev;
93 struct semaphore sm_sem;
94
95 struct mutex file_mutex;
96 struct list_head file_list;
97
98 struct ib_device *ib_dev;
99 struct ib_umad_device *umad_dev;
100 int dev_num;
101 u8 port_num;
102 };
103
104 struct ib_umad_device {
105 int start_port, end_port;
106 struct kref ref;
107 struct ib_umad_port port[0];
108 };
109
110 struct ib_umad_file {
111 struct mutex mutex;
112 struct ib_umad_port *port;
113 struct file *filp;
114 struct list_head recv_list;
115 struct list_head send_list;
116 struct list_head port_list;
117 spinlock_t send_lock;
118 wait_queue_head_t recv_wait;
119 struct ib_mad_agent *agent[IB_UMAD_MAX_AGENTS];
120 int agents_dead;
121 u8 use_pkey_index;
122 u8 already_used;
123 };
124
125 struct ib_umad_packet {
126 struct ib_mad_send_buf *msg;
127 struct ib_mad_recv_wc *recv_wc;
128 struct list_head list;
129 int length;
130 struct ib_user_mad mad;
131 };
132
133 static struct class *umad_class;
134
135 static const dev_t base_dev = MKDEV(IB_UMAD_MAJOR, IB_UMAD_MINOR_BASE);
136
137 static DEFINE_SPINLOCK(port_lock);
138 static struct ib_umad_port *umad_port[IB_UMAD_MAX_PORTS];
139 static DECLARE_BITMAP(dev_map, IB_UMAD_MAX_PORTS);
140
141 static void ib_umad_add_one(struct ib_device *device);
142 static void ib_umad_remove_one(struct ib_device *device);
143
ib_umad_release_dev(struct kref * ref)144 static void ib_umad_release_dev(struct kref *ref)
145 {
146 struct ib_umad_device *dev =
147 container_of(ref, struct ib_umad_device, ref);
148
149 kfree(dev);
150 }
151
hdr_size(struct ib_umad_file * file)152 static int hdr_size(struct ib_umad_file *file)
153 {
154 return file->use_pkey_index ? sizeof (struct ib_user_mad_hdr) :
155 sizeof (struct ib_user_mad_hdr_old);
156 }
157
158 /* caller must hold file->mutex */
__get_agent(struct ib_umad_file * file,int id)159 static struct ib_mad_agent *__get_agent(struct ib_umad_file *file, int id)
160 {
161 return file->agents_dead ? NULL : file->agent[id];
162 }
163
queue_packet(struct ib_umad_file * file,struct ib_mad_agent * agent,struct ib_umad_packet * packet)164 static int queue_packet(struct ib_umad_file *file,
165 struct ib_mad_agent *agent,
166 struct ib_umad_packet *packet)
167 {
168 int ret = 1;
169
170 mutex_lock(&file->mutex);
171
172 for (packet->mad.hdr.id = 0;
173 packet->mad.hdr.id < IB_UMAD_MAX_AGENTS;
174 packet->mad.hdr.id++)
175 if (agent == __get_agent(file, packet->mad.hdr.id)) {
176 list_add_tail(&packet->list, &file->recv_list);
177 selwakeup(&file->filp->f_selinfo);
178 wake_up_interruptible(&file->recv_wait);
179 ret = 0;
180 break;
181 }
182
183 mutex_unlock(&file->mutex);
184
185 return ret;
186 }
187
dequeue_send(struct ib_umad_file * file,struct ib_umad_packet * packet)188 static void dequeue_send(struct ib_umad_file *file,
189 struct ib_umad_packet *packet)
190 {
191 spin_lock_irq(&file->send_lock);
192 list_del(&packet->list);
193 spin_unlock_irq(&file->send_lock);
194 }
195
send_handler(struct ib_mad_agent * agent,struct ib_mad_send_wc * send_wc)196 static void send_handler(struct ib_mad_agent *agent,
197 struct ib_mad_send_wc *send_wc)
198 {
199 struct ib_umad_file *file = agent->context;
200 struct ib_umad_packet *packet = send_wc->send_buf->context[0];
201
202 dequeue_send(file, packet);
203 ib_destroy_ah(packet->msg->ah);
204 ib_free_send_mad(packet->msg);
205
206 if (send_wc->status == IB_WC_RESP_TIMEOUT_ERR) {
207 packet->length = IB_MGMT_MAD_HDR;
208 packet->mad.hdr.status = ETIMEDOUT;
209 if (!queue_packet(file, agent, packet))
210 return;
211 }
212 kfree(packet);
213 }
214
recv_handler(struct ib_mad_agent * agent,struct ib_mad_recv_wc * mad_recv_wc)215 static void recv_handler(struct ib_mad_agent *agent,
216 struct ib_mad_recv_wc *mad_recv_wc)
217 {
218 struct ib_umad_file *file = agent->context;
219 struct ib_umad_packet *packet;
220
221 if (mad_recv_wc->wc->status != IB_WC_SUCCESS)
222 goto err1;
223
224 packet = kzalloc(sizeof *packet, GFP_KERNEL);
225 if (!packet)
226 goto err1;
227
228 packet->length = mad_recv_wc->mad_len;
229 packet->recv_wc = mad_recv_wc;
230
231 packet->mad.hdr.status = 0;
232 packet->mad.hdr.length = hdr_size(file) + mad_recv_wc->mad_len;
233 packet->mad.hdr.qpn = cpu_to_be32(mad_recv_wc->wc->src_qp);
234 packet->mad.hdr.lid = cpu_to_be16(mad_recv_wc->wc->slid);
235 packet->mad.hdr.sl = mad_recv_wc->wc->sl;
236 packet->mad.hdr.path_bits = mad_recv_wc->wc->dlid_path_bits;
237 packet->mad.hdr.pkey_index = mad_recv_wc->wc->pkey_index;
238 packet->mad.hdr.grh_present = !!(mad_recv_wc->wc->wc_flags & IB_WC_GRH);
239 if (packet->mad.hdr.grh_present) {
240 struct ib_ah_attr ah_attr;
241
242 ib_init_ah_from_wc(agent->device, agent->port_num,
243 mad_recv_wc->wc, mad_recv_wc->recv_buf.grh,
244 &ah_attr);
245
246 packet->mad.hdr.gid_index = ah_attr.grh.sgid_index;
247 packet->mad.hdr.hop_limit = ah_attr.grh.hop_limit;
248 packet->mad.hdr.traffic_class = ah_attr.grh.traffic_class;
249 memcpy(packet->mad.hdr.gid, &ah_attr.grh.dgid, 16);
250 packet->mad.hdr.flow_label = cpu_to_be32(ah_attr.grh.flow_label);
251 }
252
253 if (queue_packet(file, agent, packet))
254 goto err2;
255 return;
256
257 err2:
258 kfree(packet);
259 err1:
260 ib_free_recv_mad(mad_recv_wc);
261 }
262
copy_recv_mad(struct ib_umad_file * file,char __user * buf,struct ib_umad_packet * packet,size_t count)263 static ssize_t copy_recv_mad(struct ib_umad_file *file, char __user *buf,
264 struct ib_umad_packet *packet, size_t count)
265 {
266 struct ib_mad_recv_buf *recv_buf;
267 int left, seg_payload, offset, max_seg_payload;
268
269 /* We need enough room to copy the first (or only) MAD segment. */
270 recv_buf = &packet->recv_wc->recv_buf;
271 if ((packet->length <= sizeof (*recv_buf->mad) &&
272 count < hdr_size(file) + packet->length) ||
273 (packet->length > sizeof (*recv_buf->mad) &&
274 count < hdr_size(file) + sizeof (*recv_buf->mad)))
275 return -EINVAL;
276
277 if (copy_to_user(buf, &packet->mad, hdr_size(file)))
278 return -EFAULT;
279
280 buf += hdr_size(file);
281 seg_payload = min_t(int, packet->length, sizeof (*recv_buf->mad));
282 if (copy_to_user(buf, recv_buf->mad, seg_payload))
283 return -EFAULT;
284
285 if (seg_payload < packet->length) {
286 /*
287 * Multipacket RMPP MAD message. Copy remainder of message.
288 * Note that last segment may have a shorter payload.
289 */
290 if (count < hdr_size(file) + packet->length) {
291 /*
292 * The buffer is too small, return the first RMPP segment,
293 * which includes the RMPP message length.
294 */
295 return -ENOSPC;
296 }
297 offset = ib_get_mad_data_offset(recv_buf->mad->mad_hdr.mgmt_class);
298 max_seg_payload = sizeof (struct ib_mad) - offset;
299
300 for (left = packet->length - seg_payload, buf += seg_payload;
301 left; left -= seg_payload, buf += seg_payload) {
302 recv_buf = container_of(recv_buf->list.next,
303 struct ib_mad_recv_buf, list);
304 seg_payload = min(left, max_seg_payload);
305 if (copy_to_user(buf, ((void *) recv_buf->mad) + offset,
306 seg_payload))
307 return -EFAULT;
308 }
309 }
310 return hdr_size(file) + packet->length;
311 }
312
copy_send_mad(struct ib_umad_file * file,char __user * buf,struct ib_umad_packet * packet,size_t count)313 static ssize_t copy_send_mad(struct ib_umad_file *file, char __user *buf,
314 struct ib_umad_packet *packet, size_t count)
315 {
316 ssize_t size = hdr_size(file) + packet->length;
317
318 if (count < size)
319 return -EINVAL;
320
321 if (copy_to_user(buf, &packet->mad, hdr_size(file)))
322 return -EFAULT;
323
324 buf += hdr_size(file);
325
326 if (copy_to_user(buf, packet->mad.data, packet->length))
327 return -EFAULT;
328
329 return size;
330 }
331
ib_umad_read(struct file * filp,char __user * buf,size_t count,loff_t * pos)332 static ssize_t ib_umad_read(struct file *filp, char __user *buf,
333 size_t count, loff_t *pos)
334 {
335 struct ib_umad_file *file = filp->private_data;
336 struct ib_umad_packet *packet;
337 ssize_t ret;
338
339 if (count < hdr_size(file))
340 return -EINVAL;
341
342 mutex_lock(&file->mutex);
343
344 while (list_empty(&file->recv_list)) {
345 mutex_unlock(&file->mutex);
346
347 if (filp->f_flags & O_NONBLOCK)
348 return -EAGAIN;
349
350 if (wait_event_interruptible(file->recv_wait,
351 !list_empty(&file->recv_list)))
352 return -ERESTARTSYS;
353
354 mutex_lock(&file->mutex);
355 }
356
357 packet = list_entry(file->recv_list.next, struct ib_umad_packet, list);
358 list_del(&packet->list);
359
360 mutex_unlock(&file->mutex);
361
362 if (packet->recv_wc)
363 ret = copy_recv_mad(file, buf, packet, count);
364 else
365 ret = copy_send_mad(file, buf, packet, count);
366
367 if (ret < 0) {
368 /* Requeue packet */
369 mutex_lock(&file->mutex);
370 list_add(&packet->list, &file->recv_list);
371 mutex_unlock(&file->mutex);
372 } else {
373 if (packet->recv_wc)
374 ib_free_recv_mad(packet->recv_wc);
375 kfree(packet);
376 }
377 return ret;
378 }
379
copy_rmpp_mad(struct ib_mad_send_buf * msg,const char __user * buf)380 static int copy_rmpp_mad(struct ib_mad_send_buf *msg, const char __user *buf)
381 {
382 int left, seg;
383
384 /* Copy class specific header */
385 if ((msg->hdr_len > IB_MGMT_RMPP_HDR) &&
386 copy_from_user(msg->mad + IB_MGMT_RMPP_HDR, buf + IB_MGMT_RMPP_HDR,
387 msg->hdr_len - IB_MGMT_RMPP_HDR))
388 return -EFAULT;
389
390 /* All headers are in place. Copy data segments. */
391 for (seg = 1, left = msg->data_len, buf += msg->hdr_len; left > 0;
392 seg++, left -= msg->seg_size, buf += msg->seg_size) {
393 if (copy_from_user(ib_get_rmpp_segment(msg, seg), buf,
394 min(left, msg->seg_size)))
395 return -EFAULT;
396 }
397 return 0;
398 }
399
same_destination(struct ib_user_mad_hdr * hdr1,struct ib_user_mad_hdr * hdr2)400 static int same_destination(struct ib_user_mad_hdr *hdr1,
401 struct ib_user_mad_hdr *hdr2)
402 {
403 if (!hdr1->grh_present && !hdr2->grh_present)
404 return (hdr1->lid == hdr2->lid);
405
406 if (hdr1->grh_present && hdr2->grh_present)
407 return !memcmp(hdr1->gid, hdr2->gid, 16);
408
409 return 0;
410 }
411
is_duplicate(struct ib_umad_file * file,struct ib_umad_packet * packet)412 static int is_duplicate(struct ib_umad_file *file,
413 struct ib_umad_packet *packet)
414 {
415 struct ib_umad_packet *sent_packet;
416 struct ib_mad_hdr *sent_hdr, *hdr;
417
418 hdr = (struct ib_mad_hdr *) packet->mad.data;
419 list_for_each_entry(sent_packet, &file->send_list, list) {
420 sent_hdr = (struct ib_mad_hdr *) sent_packet->mad.data;
421
422 if ((hdr->tid != sent_hdr->tid) ||
423 (hdr->mgmt_class != sent_hdr->mgmt_class))
424 continue;
425
426 /*
427 * No need to be overly clever here. If two new operations have
428 * the same TID, reject the second as a duplicate. This is more
429 * restrictive than required by the spec.
430 */
431 if (!ib_response_mad((struct ib_mad *) hdr)) {
432 if (!ib_response_mad((struct ib_mad *) sent_hdr))
433 return 1;
434 continue;
435 } else if (!ib_response_mad((struct ib_mad *) sent_hdr))
436 continue;
437
438 if (same_destination(&packet->mad.hdr, &sent_packet->mad.hdr))
439 return 1;
440 }
441
442 return 0;
443 }
444
ib_umad_write(struct file * filp,const char __user * buf,size_t count,loff_t * pos)445 static ssize_t ib_umad_write(struct file *filp, const char __user *buf,
446 size_t count, loff_t *pos)
447 {
448 struct ib_umad_file *file = filp->private_data;
449 struct ib_umad_packet *packet;
450 struct ib_mad_agent *agent;
451 struct ib_ah_attr ah_attr;
452 struct ib_ah *ah;
453 struct ib_rmpp_mad *rmpp_mad;
454 __be64 *tid;
455 int ret, data_len, hdr_len, copy_offset, rmpp_active;
456
457 if (count < hdr_size(file) + IB_MGMT_RMPP_HDR)
458 return -EINVAL;
459
460 packet = kzalloc(sizeof *packet + IB_MGMT_RMPP_HDR, GFP_KERNEL);
461 if (!packet)
462 return -ENOMEM;
463
464 if (copy_from_user(&packet->mad, buf, hdr_size(file))) {
465 ret = -EFAULT;
466 goto err;
467 }
468
469 if (packet->mad.hdr.id < 0 ||
470 packet->mad.hdr.id >= IB_UMAD_MAX_AGENTS) {
471 ret = -EINVAL;
472 goto err;
473 }
474
475 buf += hdr_size(file);
476
477 if (copy_from_user(packet->mad.data, buf, IB_MGMT_RMPP_HDR)) {
478 ret = -EFAULT;
479 goto err;
480 }
481
482 mutex_lock(&file->mutex);
483
484 agent = __get_agent(file, packet->mad.hdr.id);
485 if (!agent) {
486 ret = -EINVAL;
487 goto err_up;
488 }
489
490 memset(&ah_attr, 0, sizeof ah_attr);
491 ah_attr.dlid = be16_to_cpu(packet->mad.hdr.lid);
492 ah_attr.sl = packet->mad.hdr.sl;
493 ah_attr.src_path_bits = packet->mad.hdr.path_bits;
494 ah_attr.port_num = file->port->port_num;
495 if (packet->mad.hdr.grh_present) {
496 ah_attr.ah_flags = IB_AH_GRH;
497 memcpy(ah_attr.grh.dgid.raw, packet->mad.hdr.gid, 16);
498 ah_attr.grh.sgid_index = packet->mad.hdr.gid_index;
499 ah_attr.grh.flow_label = be32_to_cpu(packet->mad.hdr.flow_label);
500 ah_attr.grh.hop_limit = packet->mad.hdr.hop_limit;
501 ah_attr.grh.traffic_class = packet->mad.hdr.traffic_class;
502 }
503
504 ah = ib_create_ah(agent->qp->pd, &ah_attr);
505 if (IS_ERR(ah)) {
506 ret = PTR_ERR(ah);
507 goto err_up;
508 }
509
510 rmpp_mad = (struct ib_rmpp_mad *) packet->mad.data;
511 hdr_len = ib_get_mad_data_offset(rmpp_mad->mad_hdr.mgmt_class);
512 if (!ib_is_mad_class_rmpp(rmpp_mad->mad_hdr.mgmt_class)) {
513 copy_offset = IB_MGMT_MAD_HDR;
514 rmpp_active = 0;
515 } else {
516 copy_offset = IB_MGMT_RMPP_HDR;
517 rmpp_active = ib_get_rmpp_flags(&rmpp_mad->rmpp_hdr) &
518 IB_MGMT_RMPP_FLAG_ACTIVE;
519 }
520
521 data_len = count - hdr_size(file) - hdr_len;
522 packet->msg = ib_create_send_mad(agent,
523 be32_to_cpu(packet->mad.hdr.qpn),
524 packet->mad.hdr.pkey_index, rmpp_active,
525 hdr_len, data_len, GFP_KERNEL);
526 if (IS_ERR(packet->msg)) {
527 ret = PTR_ERR(packet->msg);
528 goto err_ah;
529 }
530
531 packet->msg->ah = ah;
532 packet->msg->timeout_ms = packet->mad.hdr.timeout_ms;
533 packet->msg->retries = packet->mad.hdr.retries;
534 packet->msg->context[0] = packet;
535
536 /* Copy MAD header. Any RMPP header is already in place. */
537 memcpy(packet->msg->mad, packet->mad.data, IB_MGMT_MAD_HDR);
538
539 if (!rmpp_active) {
540 if (copy_from_user(packet->msg->mad + copy_offset,
541 buf + copy_offset,
542 hdr_len + data_len - copy_offset)) {
543 ret = -EFAULT;
544 goto err_msg;
545 }
546 } else {
547 ret = copy_rmpp_mad(packet->msg, buf);
548 if (ret)
549 goto err_msg;
550 }
551
552 /*
553 * Set the high-order part of the transaction ID to make MADs from
554 * different agents unique, and allow routing responses back to the
555 * original requestor.
556 */
557 if (!ib_response_mad(packet->msg->mad)) {
558 tid = &((struct ib_mad_hdr *) packet->msg->mad)->tid;
559 *tid = cpu_to_be64(((u64) agent->hi_tid) << 32 |
560 (be64_to_cpup(tid) & 0xffffffff));
561 rmpp_mad->mad_hdr.tid = *tid;
562 }
563
564 spin_lock_irq(&file->send_lock);
565 ret = is_duplicate(file, packet);
566 if (!ret)
567 list_add_tail(&packet->list, &file->send_list);
568 spin_unlock_irq(&file->send_lock);
569 if (ret) {
570 ret = -EINVAL;
571 goto err_msg;
572 }
573
574 ret = ib_post_send_mad(packet->msg, NULL);
575 if (ret)
576 goto err_send;
577
578 mutex_unlock(&file->mutex);
579 return count;
580
581 err_send:
582 dequeue_send(file, packet);
583 err_msg:
584 ib_free_send_mad(packet->msg);
585 err_ah:
586 ib_destroy_ah(ah);
587 err_up:
588 mutex_unlock(&file->mutex);
589 err:
590 kfree(packet);
591 return ret;
592 }
593
ib_umad_poll(struct file * filp,struct poll_table_struct * wait)594 static unsigned int ib_umad_poll(struct file *filp, struct poll_table_struct *wait)
595 {
596 struct ib_umad_file *file = filp->private_data;
597
598 /* we will always be able to post a MAD send */
599 unsigned int mask = POLLOUT | POLLWRNORM;
600
601 poll_wait(filp, &file->recv_wait, wait);
602
603 if (!list_empty(&file->recv_list))
604 mask |= POLLIN | POLLRDNORM;
605
606 return mask;
607 }
608
ib_umad_reg_agent(struct ib_umad_file * file,void __user * arg,int compat_method_mask)609 static int ib_umad_reg_agent(struct ib_umad_file *file, void __user *arg,
610 int compat_method_mask)
611 {
612 struct ib_user_mad_reg_req ureq;
613 struct ib_mad_reg_req req;
614 struct ib_mad_agent *agent = NULL;
615 int agent_id;
616 int ret;
617
618 mutex_lock(&file->port->file_mutex);
619 mutex_lock(&file->mutex);
620
621 if (!file->port->ib_dev) {
622 ret = -EPIPE;
623 goto out;
624 }
625
626 if (copy_from_user(&ureq, arg, sizeof ureq)) {
627 ret = -EFAULT;
628 goto out;
629 }
630
631 if (ureq.qpn != 0 && ureq.qpn != 1) {
632 ret = -EINVAL;
633 goto out;
634 }
635
636 for (agent_id = 0; agent_id < IB_UMAD_MAX_AGENTS; ++agent_id)
637 if (!__get_agent(file, agent_id))
638 goto found;
639
640 ret = -ENOMEM;
641 goto out;
642
643 found:
644 if (ureq.mgmt_class) {
645 req.mgmt_class = ureq.mgmt_class;
646 req.mgmt_class_version = ureq.mgmt_class_version;
647 memcpy(req.oui, ureq.oui, sizeof req.oui);
648
649 if (compat_method_mask) {
650 u32 *umm = (u32 *) ureq.method_mask;
651 int i;
652
653 for (i = 0; i < BITS_TO_LONGS(IB_MGMT_MAX_METHODS); ++i)
654 req.method_mask[i] =
655 umm[i * 2] | ((u64) umm[i * 2 + 1] << 32);
656 } else
657 memcpy(req.method_mask, ureq.method_mask,
658 sizeof req.method_mask);
659 }
660
661 agent = ib_register_mad_agent(file->port->ib_dev, file->port->port_num,
662 ureq.qpn ? IB_QPT_GSI : IB_QPT_SMI,
663 ureq.mgmt_class ? &req : NULL,
664 ureq.rmpp_version,
665 send_handler, recv_handler, file);
666 if (IS_ERR(agent)) {
667 ret = PTR_ERR(agent);
668 agent = NULL;
669 goto out;
670 }
671
672 if (put_user(agent_id,
673 (u32 __user *) (arg + offsetof(struct ib_user_mad_reg_req, id)))) {
674 ret = -EFAULT;
675 goto out;
676 }
677
678 if (!file->already_used) {
679 file->already_used = 1;
680 if (!file->use_pkey_index) {
681 printk(KERN_WARNING "user_mad: process %s did not enable "
682 "P_Key index support.\n", curproc->p_comm);
683 printk(KERN_WARNING "user_mad: Documentation/infiniband/user_mad.txt "
684 "has info on the new ABI.\n");
685 }
686 }
687
688 file->agent[agent_id] = agent;
689 ret = 0;
690
691 out:
692 mutex_unlock(&file->mutex);
693
694 if (ret && agent)
695 ib_unregister_mad_agent(agent);
696
697 mutex_unlock(&file->port->file_mutex);
698
699 return ret;
700 }
701
ib_umad_unreg_agent(struct ib_umad_file * file,u32 __user * arg)702 static int ib_umad_unreg_agent(struct ib_umad_file *file, u32 __user *arg)
703 {
704 struct ib_mad_agent *agent = NULL;
705 u32 id;
706 int ret = 0;
707
708 if (get_user(id, arg))
709 return -EFAULT;
710
711 mutex_lock(&file->port->file_mutex);
712 mutex_lock(&file->mutex);
713
714 if (id < 0 || id >= IB_UMAD_MAX_AGENTS || !__get_agent(file, id)) {
715 ret = -EINVAL;
716 goto out;
717 }
718
719 agent = file->agent[id];
720 file->agent[id] = NULL;
721
722 out:
723 mutex_unlock(&file->mutex);
724
725 if (agent)
726 ib_unregister_mad_agent(agent);
727
728 mutex_unlock(&file->port->file_mutex);
729
730 return ret;
731 }
732
ib_umad_enable_pkey(struct ib_umad_file * file)733 static long ib_umad_enable_pkey(struct ib_umad_file *file)
734 {
735 int ret = 0;
736
737 mutex_lock(&file->mutex);
738 if (file->already_used)
739 ret = -EINVAL;
740 else
741 file->use_pkey_index = 1;
742 mutex_unlock(&file->mutex);
743
744 return ret;
745 }
746
ib_umad_ioctl(struct file * filp,unsigned int cmd,unsigned long arg)747 static long ib_umad_ioctl(struct file *filp, unsigned int cmd,
748 unsigned long arg)
749 {
750 switch (cmd) {
751 case IB_USER_MAD_REGISTER_AGENT:
752 return ib_umad_reg_agent(filp->private_data, (void __user *) arg, 0);
753 case IB_USER_MAD_UNREGISTER_AGENT:
754 return ib_umad_unreg_agent(filp->private_data, (__u32 __user *) arg);
755 case IB_USER_MAD_ENABLE_PKEY:
756 return ib_umad_enable_pkey(filp->private_data);
757 default:
758 return -ENOIOCTLCMD;
759 }
760 }
761
762 #ifdef CONFIG_COMPAT
ib_umad_compat_ioctl(struct file * filp,unsigned int cmd,unsigned long arg)763 static long ib_umad_compat_ioctl(struct file *filp, unsigned int cmd,
764 unsigned long arg)
765 {
766 switch (cmd) {
767 case IB_USER_MAD_REGISTER_AGENT:
768 return ib_umad_reg_agent(filp->private_data, compat_ptr(arg), 1);
769 case IB_USER_MAD_UNREGISTER_AGENT:
770 return ib_umad_unreg_agent(filp->private_data, compat_ptr(arg));
771 case IB_USER_MAD_ENABLE_PKEY:
772 return ib_umad_enable_pkey(filp->private_data);
773 default:
774 return -ENOIOCTLCMD;
775 }
776 }
777 #endif
778
779 /*
780 * ib_umad_open() does not need the BKL:
781 *
782 * - umad_port[] accesses are protected by port_lock, the
783 * ib_umad_port structures are properly reference counted, and
784 * everything else is purely local to the file being created, so
785 * races against other open calls are not a problem;
786 * - the ioctl method does not affect any global state outside of the
787 * file structure being operated on;
788 * - the port is added to umad_port[] as the last part of module
789 * initialization so the open method will either immediately run
790 * -ENXIO, or all required initialization will be done.
791 */
ib_umad_open(struct inode * inode,struct file * filp)792 static int ib_umad_open(struct inode *inode, struct file *filp)
793 {
794 struct ib_umad_port *port;
795 struct ib_umad_file *file;
796 int ret = 0;
797
798 spin_lock(&port_lock);
799 port = umad_port[iminor(inode) - IB_UMAD_MINOR_BASE];
800 if (port)
801 kref_get(&port->umad_dev->ref);
802 spin_unlock(&port_lock);
803
804 if (!port)
805 return -ENXIO;
806
807 mutex_lock(&port->file_mutex);
808
809 if (!port->ib_dev) {
810 ret = -ENXIO;
811 goto out;
812 }
813
814 file = kzalloc(sizeof *file, GFP_KERNEL);
815 if (!file) {
816 kref_put(&port->umad_dev->ref, ib_umad_release_dev);
817 ret = -ENOMEM;
818 goto out;
819 }
820
821 mutex_init(&file->mutex);
822 spin_lock_init(&file->send_lock);
823 INIT_LIST_HEAD(&file->recv_list);
824 INIT_LIST_HEAD(&file->send_list);
825 init_waitqueue_head(&file->recv_wait);
826
827 file->port = port;
828 file->filp = filp;
829 filp->private_data = file;
830
831 list_add_tail(&file->port_list, &port->file_list);
832
833 out:
834 mutex_unlock(&port->file_mutex);
835 return ret;
836 }
837
ib_umad_close(struct inode * inode,struct file * filp)838 static int ib_umad_close(struct inode *inode, struct file *filp)
839 {
840 struct ib_umad_file *file = filp->private_data;
841 struct ib_umad_device *dev = file->port->umad_dev;
842 struct ib_umad_packet *packet, *tmp;
843 int already_dead;
844 int i;
845
846 mutex_lock(&file->port->file_mutex);
847 mutex_lock(&file->mutex);
848
849 already_dead = file->agents_dead;
850 file->agents_dead = 1;
851
852 list_for_each_entry_safe(packet, tmp, &file->recv_list, list) {
853 if (packet->recv_wc)
854 ib_free_recv_mad(packet->recv_wc);
855 kfree(packet);
856 }
857
858 list_del(&file->port_list);
859
860 mutex_unlock(&file->mutex);
861
862 if (!already_dead)
863 for (i = 0; i < IB_UMAD_MAX_AGENTS; ++i)
864 if (file->agent[i])
865 ib_unregister_mad_agent(file->agent[i]);
866
867 mutex_unlock(&file->port->file_mutex);
868
869 kfree(file);
870 kref_put(&dev->ref, ib_umad_release_dev);
871
872 return 0;
873 }
874
875 static const struct file_operations umad_fops = {
876 .owner = THIS_MODULE,
877 .read = ib_umad_read,
878 .write = ib_umad_write,
879 .poll = ib_umad_poll,
880 .unlocked_ioctl = ib_umad_ioctl,
881 #ifdef CONFIG_COMPAT
882 .compat_ioctl = ib_umad_compat_ioctl,
883 #endif
884 .open = ib_umad_open,
885 .release = ib_umad_close
886 };
887
ib_umad_sm_open(struct inode * inode,struct file * filp)888 static int ib_umad_sm_open(struct inode *inode, struct file *filp)
889 {
890 struct ib_umad_port *port;
891 struct ib_port_modify props = {
892 .set_port_cap_mask = IB_PORT_SM
893 };
894 int ret;
895
896 spin_lock(&port_lock);
897 port = umad_port[iminor(inode) - IB_UMAD_MINOR_BASE - IB_UMAD_MAX_PORTS];
898 if (port)
899 kref_get(&port->umad_dev->ref);
900 spin_unlock(&port_lock);
901
902 if (!port)
903 return -ENXIO;
904
905 if (filp->f_flags & O_NONBLOCK) {
906 if (down_trylock(&port->sm_sem)) {
907 ret = -EAGAIN;
908 goto fail;
909 }
910 } else {
911 if (down_interruptible(&port->sm_sem)) {
912 ret = -ERESTARTSYS;
913 goto fail;
914 }
915 }
916
917 ret = ib_modify_port(port->ib_dev, port->port_num, 0, &props);
918 if (ret) {
919 up(&port->sm_sem);
920 goto fail;
921 }
922
923 filp->private_data = port;
924
925 return 0;
926
927 fail:
928 kref_put(&port->umad_dev->ref, ib_umad_release_dev);
929 return ret;
930 }
931
ib_umad_sm_close(struct inode * inode,struct file * filp)932 static int ib_umad_sm_close(struct inode *inode, struct file *filp)
933 {
934 struct ib_umad_port *port = filp->private_data;
935 struct ib_port_modify props = {
936 .clr_port_cap_mask = IB_PORT_SM
937 };
938 int ret = 0;
939
940 mutex_lock(&port->file_mutex);
941 if (port->ib_dev)
942 ret = ib_modify_port(port->ib_dev, port->port_num, 0, &props);
943 mutex_unlock(&port->file_mutex);
944
945 up(&port->sm_sem);
946
947 kref_put(&port->umad_dev->ref, ib_umad_release_dev);
948
949 return ret;
950 }
951
952 static const struct file_operations umad_sm_fops = {
953 .owner = THIS_MODULE,
954 .open = ib_umad_sm_open,
955 .release = ib_umad_sm_close
956 };
957
958 static struct ib_client umad_client = {
959 .name = "umad",
960 .add = ib_umad_add_one,
961 .remove = ib_umad_remove_one
962 };
963
show_ibdev(struct device * dev,struct device_attribute * attr,char * buf)964 static ssize_t show_ibdev(struct device *dev, struct device_attribute *attr,
965 char *buf)
966 {
967 struct ib_umad_port *port = dev_get_drvdata(dev);
968
969 if (!port)
970 return -ENODEV;
971
972 return sprintf(buf, "%s\n", port->ib_dev->name);
973 }
974 static DEVICE_ATTR(ibdev, S_IRUGO, show_ibdev, NULL);
975
show_port(struct device * dev,struct device_attribute * attr,char * buf)976 static ssize_t show_port(struct device *dev, struct device_attribute *attr,
977 char *buf)
978 {
979 struct ib_umad_port *port = dev_get_drvdata(dev);
980
981 if (!port)
982 return -ENODEV;
983
984 return sprintf(buf, "%d\n", port->port_num);
985 }
986 static DEVICE_ATTR(port, S_IRUGO, show_port, NULL);
987
show_abi_version(struct class * class,struct class_attribute * attr,char * buf)988 static ssize_t show_abi_version(struct class *class, struct class_attribute *attr, char *buf)
989 {
990 return sprintf(buf, "%d\n", IB_USER_MAD_ABI_VERSION);
991 }
992 static CLASS_ATTR(abi_version, S_IRUGO, show_abi_version, NULL);
993
ib_umad_init_port(struct ib_device * device,int port_num,struct ib_umad_port * port)994 static int ib_umad_init_port(struct ib_device *device, int port_num,
995 struct ib_umad_port *port)
996 {
997 spin_lock(&port_lock);
998 port->dev_num = find_first_zero_bit(dev_map, IB_UMAD_MAX_PORTS);
999 if (port->dev_num >= IB_UMAD_MAX_PORTS) {
1000 spin_unlock(&port_lock);
1001 return -1;
1002 }
1003 set_bit(port->dev_num, dev_map);
1004 spin_unlock(&port_lock);
1005
1006 port->ib_dev = device;
1007 port->port_num = port_num;
1008 init_MUTEX(&port->sm_sem);
1009 mutex_init(&port->file_mutex);
1010 INIT_LIST_HEAD(&port->file_list);
1011
1012 port->cdev = cdev_alloc();
1013 if (!port->cdev)
1014 return -1;
1015 port->cdev->owner = THIS_MODULE;
1016 port->cdev->ops = &umad_fops;
1017 kobject_set_name(&port->cdev->kobj, "umad%d", port->dev_num);
1018 if (cdev_add(port->cdev, base_dev + port->dev_num, 1))
1019 goto err_cdev;
1020
1021 port->dev = device_create(umad_class, device->dma_device,
1022 port->cdev->dev, port,
1023 "umad%d", port->dev_num);
1024 if (IS_ERR(port->dev))
1025 goto err_cdev;
1026
1027 if (device_create_file(port->dev, &dev_attr_ibdev))
1028 goto err_dev;
1029 if (device_create_file(port->dev, &dev_attr_port))
1030 goto err_dev;
1031
1032 port->sm_cdev = cdev_alloc();
1033 if (!port->sm_cdev)
1034 goto err_dev;
1035 port->sm_cdev->owner = THIS_MODULE;
1036 port->sm_cdev->ops = &umad_sm_fops;
1037 kobject_set_name(&port->sm_cdev->kobj, "issm%d", port->dev_num);
1038 if (cdev_add(port->sm_cdev, base_dev + port->dev_num + IB_UMAD_MAX_PORTS, 1))
1039 goto err_sm_cdev;
1040
1041 port->sm_dev = device_create(umad_class, device->dma_device,
1042 port->sm_cdev->dev, port,
1043 "issm%d", port->dev_num);
1044 if (IS_ERR(port->sm_dev))
1045 goto err_sm_cdev;
1046
1047 if (device_create_file(port->sm_dev, &dev_attr_ibdev))
1048 goto err_sm_dev;
1049 if (device_create_file(port->sm_dev, &dev_attr_port))
1050 goto err_sm_dev;
1051
1052 spin_lock(&port_lock);
1053 umad_port[port->dev_num] = port;
1054 spin_unlock(&port_lock);
1055
1056 return 0;
1057
1058 err_sm_dev:
1059 device_destroy(umad_class, port->sm_cdev->dev);
1060
1061 err_sm_cdev:
1062 cdev_del(port->sm_cdev);
1063
1064 err_dev:
1065 device_destroy(umad_class, port->cdev->dev);
1066
1067 err_cdev:
1068 cdev_del(port->cdev);
1069 clear_bit(port->dev_num, dev_map);
1070
1071 return -1;
1072 }
1073
ib_umad_kill_port(struct ib_umad_port * port)1074 static void ib_umad_kill_port(struct ib_umad_port *port)
1075 {
1076 struct ib_umad_file *file;
1077 int already_dead;
1078 int id;
1079
1080 dev_set_drvdata(port->dev, NULL);
1081 dev_set_drvdata(port->sm_dev, NULL);
1082
1083 device_destroy(umad_class, port->cdev->dev);
1084 device_destroy(umad_class, port->sm_cdev->dev);
1085
1086 cdev_del(port->cdev);
1087 cdev_del(port->sm_cdev);
1088
1089 spin_lock(&port_lock);
1090 umad_port[port->dev_num] = NULL;
1091 spin_unlock(&port_lock);
1092
1093 mutex_lock(&port->file_mutex);
1094
1095 port->ib_dev = NULL;
1096
1097 list_for_each_entry(file, &port->file_list, port_list) {
1098 mutex_lock(&file->mutex);
1099 already_dead = file->agents_dead;
1100 file->agents_dead = 1;
1101 mutex_unlock(&file->mutex);
1102
1103 for (id = 0; id < IB_UMAD_MAX_AGENTS; ++id)
1104 if (file->agent[id])
1105 ib_unregister_mad_agent(file->agent[id]);
1106 }
1107
1108 mutex_unlock(&port->file_mutex);
1109
1110 clear_bit(port->dev_num, dev_map);
1111 }
1112
ib_umad_add_one(struct ib_device * device)1113 static void ib_umad_add_one(struct ib_device *device)
1114 {
1115 struct ib_umad_device *umad_dev;
1116 int s, e, i;
1117
1118 if (rdma_node_get_transport(device->node_type) != RDMA_TRANSPORT_IB)
1119 return;
1120
1121 if (device->node_type == RDMA_NODE_IB_SWITCH)
1122 s = e = 0;
1123 else {
1124 s = 1;
1125 e = device->phys_port_cnt;
1126 }
1127
1128 umad_dev = kzalloc(sizeof *umad_dev +
1129 (e - s + 1) * sizeof (struct ib_umad_port),
1130 GFP_KERNEL);
1131 if (!umad_dev)
1132 return;
1133
1134 kref_init(&umad_dev->ref);
1135
1136 umad_dev->start_port = s;
1137 umad_dev->end_port = e;
1138
1139 for (i = s; i <= e; ++i) {
1140 umad_dev->port[i - s].umad_dev = umad_dev;
1141
1142 if (rdma_port_get_link_layer(device, i) == IB_LINK_LAYER_INFINIBAND)
1143 if (ib_umad_init_port(device, i, &umad_dev->port[i - s]))
1144 goto err;
1145 }
1146
1147 ib_set_client_data(device, &umad_client, umad_dev);
1148
1149 return;
1150
1151 err:
1152 while (--i >= s)
1153 if (rdma_port_get_link_layer(device, i) == IB_LINK_LAYER_INFINIBAND)
1154 ib_umad_kill_port(&umad_dev->port[i - s]);
1155
1156 kref_put(&umad_dev->ref, ib_umad_release_dev);
1157 }
1158
ib_umad_remove_one(struct ib_device * device)1159 static void ib_umad_remove_one(struct ib_device *device)
1160 {
1161 struct ib_umad_device *umad_dev = ib_get_client_data(device, &umad_client);
1162 int i;
1163
1164 if (!umad_dev)
1165 return;
1166
1167 for (i = 0; i <= umad_dev->end_port - umad_dev->start_port; ++i)
1168 if (rdma_port_get_link_layer(device, i + 1) == IB_LINK_LAYER_INFINIBAND)
1169 ib_umad_kill_port(&umad_dev->port[i]);
1170
1171 kref_put(&umad_dev->ref, ib_umad_release_dev);
1172 }
1173
ib_umad_init(void)1174 static int __init ib_umad_init(void)
1175 {
1176 int ret;
1177
1178 ret = register_chrdev_region(base_dev, IB_UMAD_MAX_PORTS * 2,
1179 "infiniband_mad");
1180 if (ret) {
1181 printk(KERN_ERR "user_mad: couldn't register device number\n");
1182 goto out;
1183 }
1184
1185 umad_class = class_create(THIS_MODULE, "infiniband_mad");
1186 if (IS_ERR(umad_class)) {
1187 ret = PTR_ERR(umad_class);
1188 printk(KERN_ERR "user_mad: couldn't create class infiniband_mad\n");
1189 goto out_chrdev;
1190 }
1191
1192 ret = class_create_file(umad_class, &class_attr_abi_version);
1193 if (ret) {
1194 printk(KERN_ERR "user_mad: couldn't create abi_version attribute\n");
1195 goto out_class;
1196 }
1197
1198 ret = ib_register_client(&umad_client);
1199 if (ret) {
1200 printk(KERN_ERR "user_mad: couldn't register ib_umad client\n");
1201 goto out_class;
1202 }
1203
1204 return 0;
1205
1206 out_class:
1207 class_destroy(umad_class);
1208
1209 out_chrdev:
1210 unregister_chrdev_region(base_dev, IB_UMAD_MAX_PORTS * 2);
1211
1212 out:
1213 return ret;
1214 }
1215
ib_umad_cleanup(void)1216 static void __exit ib_umad_cleanup(void)
1217 {
1218 ib_unregister_client(&umad_client);
1219 class_destroy(umad_class);
1220 unregister_chrdev_region(base_dev, IB_UMAD_MAX_PORTS * 2);
1221 }
1222
1223 module_init(ib_umad_init);
1224 module_exit(ib_umad_cleanup);
1225