1 /*
2 * Copyright (c) 2005 Topspin Communications. All rights reserved.
3 * Copyright (c) 2005, 2006 Cisco Systems. All rights reserved.
4 * Copyright (c) 2005 Mellanox Technologies. All rights reserved.
5 * Copyright (c) 2005 Voltaire, Inc. All rights reserved.
6 * Copyright (c) 2005 PathScale, Inc. All rights reserved.
7 *
8 * This software is available to you under a choice of one of two
9 * licenses. You may choose to be licensed under the terms of the GNU
10 * General Public License (GPL) Version 2, available from the file
11 * COPYING in the main directory of this source tree, or the
12 * OpenIB.org BSD license below:
13 *
14 * Redistribution and use in source and binary forms, with or
15 * without modification, are permitted provided that the following
16 * conditions are met:
17 *
18 * - Redistributions of source code must retain the above
19 * copyright notice, this list of conditions and the following
20 * disclaimer.
21 *
22 * - Redistributions in binary form must reproduce the above
23 * copyright notice, this list of conditions and the following
24 * disclaimer in the documentation and/or other materials
25 * provided with the distribution.
26 *
27 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
28 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
29 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
30 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
31 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
32 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
33 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
34 * SOFTWARE.
35 */
36
37 #include <linux/module.h>
38 #include <linux/init.h>
39 #include <linux/device.h>
40 #include <linux/err.h>
41 #include <linux/fs.h>
42 #include <linux/poll.h>
43 #include <linux/sched.h>
44 #include <linux/file.h>
45 #include <linux/cdev.h>
46 #include <linux/anon_inodes.h>
47 #include <linux/slab.h>
48
49 #include <asm/uaccess.h>
50
51 #include <rdma/ib.h>
52
53 #include "uverbs.h"
54
55 MODULE_AUTHOR("Roland Dreier");
56 MODULE_DESCRIPTION("InfiniBand userspace verbs access");
57 MODULE_LICENSE("Dual BSD/GPL");
58
59 enum {
60 IB_UVERBS_MAJOR = 231,
61 IB_UVERBS_BASE_MINOR = 192,
62 IB_UVERBS_MAX_DEVICES = 32
63 };
64
65 #define IB_UVERBS_BASE_DEV MKDEV(IB_UVERBS_MAJOR, IB_UVERBS_BASE_MINOR)
66
67 static struct class *uverbs_class;
68
69 DEFINE_SPINLOCK(ib_uverbs_idr_lock);
70 DEFINE_IDR(ib_uverbs_pd_idr);
71 DEFINE_IDR(ib_uverbs_mr_idr);
72 DEFINE_IDR(ib_uverbs_mw_idr);
73 DEFINE_IDR(ib_uverbs_ah_idr);
74 DEFINE_IDR(ib_uverbs_cq_idr);
75 DEFINE_IDR(ib_uverbs_qp_idr);
76 DEFINE_IDR(ib_uverbs_srq_idr);
77 DEFINE_IDR(ib_uverbs_xrcd_idr);
78 DEFINE_IDR(ib_uverbs_rule_idr);
79
80 static DEFINE_SPINLOCK(map_lock);
81 static DECLARE_BITMAP(dev_map, IB_UVERBS_MAX_DEVICES);
82
83 static ssize_t (*uverbs_cmd_table[])(struct ib_uverbs_file *file,
84 const char __user *buf, int in_len,
85 int out_len) = {
86 [IB_USER_VERBS_CMD_GET_CONTEXT] = ib_uverbs_get_context,
87 [IB_USER_VERBS_CMD_QUERY_DEVICE] = ib_uverbs_query_device,
88 [IB_USER_VERBS_CMD_QUERY_PORT] = ib_uverbs_query_port,
89 [IB_USER_VERBS_CMD_ALLOC_PD] = ib_uverbs_alloc_pd,
90 [IB_USER_VERBS_CMD_DEALLOC_PD] = ib_uverbs_dealloc_pd,
91 [IB_USER_VERBS_CMD_REG_MR] = ib_uverbs_reg_mr,
92 [IB_USER_VERBS_CMD_REREG_MR] = ib_uverbs_rereg_mr,
93 [IB_USER_VERBS_CMD_DEREG_MR] = ib_uverbs_dereg_mr,
94 [IB_USER_VERBS_CMD_ALLOC_MW] = ib_uverbs_alloc_mw,
95 [IB_USER_VERBS_CMD_DEALLOC_MW] = ib_uverbs_dealloc_mw,
96 [IB_USER_VERBS_CMD_CREATE_COMP_CHANNEL] = ib_uverbs_create_comp_channel,
97 [IB_USER_VERBS_CMD_CREATE_CQ] = ib_uverbs_create_cq,
98 [IB_USER_VERBS_CMD_RESIZE_CQ] = ib_uverbs_resize_cq,
99 [IB_USER_VERBS_CMD_POLL_CQ] = ib_uverbs_poll_cq,
100 [IB_USER_VERBS_CMD_REQ_NOTIFY_CQ] = ib_uverbs_req_notify_cq,
101 [IB_USER_VERBS_CMD_DESTROY_CQ] = ib_uverbs_destroy_cq,
102 [IB_USER_VERBS_CMD_CREATE_QP] = ib_uverbs_create_qp,
103 [IB_USER_VERBS_CMD_QUERY_QP] = ib_uverbs_query_qp,
104 [IB_USER_VERBS_CMD_MODIFY_QP] = ib_uverbs_modify_qp,
105 [IB_USER_VERBS_CMD_DESTROY_QP] = ib_uverbs_destroy_qp,
106 [IB_USER_VERBS_CMD_POST_SEND] = ib_uverbs_post_send,
107 [IB_USER_VERBS_CMD_POST_RECV] = ib_uverbs_post_recv,
108 [IB_USER_VERBS_CMD_POST_SRQ_RECV] = ib_uverbs_post_srq_recv,
109 [IB_USER_VERBS_CMD_CREATE_AH] = ib_uverbs_create_ah,
110 [IB_USER_VERBS_CMD_DESTROY_AH] = ib_uverbs_destroy_ah,
111 [IB_USER_VERBS_CMD_ATTACH_MCAST] = ib_uverbs_attach_mcast,
112 [IB_USER_VERBS_CMD_DETACH_MCAST] = ib_uverbs_detach_mcast,
113 [IB_USER_VERBS_CMD_CREATE_SRQ] = ib_uverbs_create_srq,
114 [IB_USER_VERBS_CMD_MODIFY_SRQ] = ib_uverbs_modify_srq,
115 [IB_USER_VERBS_CMD_QUERY_SRQ] = ib_uverbs_query_srq,
116 [IB_USER_VERBS_CMD_DESTROY_SRQ] = ib_uverbs_destroy_srq,
117 [IB_USER_VERBS_CMD_OPEN_XRCD] = ib_uverbs_open_xrcd,
118 [IB_USER_VERBS_CMD_CLOSE_XRCD] = ib_uverbs_close_xrcd,
119 [IB_USER_VERBS_CMD_CREATE_XSRQ] = ib_uverbs_create_xsrq,
120 [IB_USER_VERBS_CMD_OPEN_QP] = ib_uverbs_open_qp,
121 };
122
123 static int (*uverbs_ex_cmd_table[])(struct ib_uverbs_file *file,
124 struct ib_udata *ucore,
125 struct ib_udata *uhw) = {
126 [IB_USER_VERBS_EX_CMD_CREATE_FLOW] = ib_uverbs_ex_create_flow,
127 [IB_USER_VERBS_EX_CMD_DESTROY_FLOW] = ib_uverbs_ex_destroy_flow,
128 [IB_USER_VERBS_EX_CMD_QUERY_DEVICE] = ib_uverbs_ex_query_device,
129 };
130
131 static void ib_uverbs_add_one(struct ib_device *device);
132 static void ib_uverbs_remove_one(struct ib_device *device);
133
ib_uverbs_release_dev(struct kobject * kobj)134 static void ib_uverbs_release_dev(struct kobject *kobj)
135 {
136 struct ib_uverbs_device *dev =
137 container_of(kobj, struct ib_uverbs_device, kobj);
138
139 kfree(dev);
140 }
141
142 static struct kobj_type ib_uverbs_dev_ktype = {
143 .release = ib_uverbs_release_dev,
144 };
145
ib_uverbs_release_event_file(struct kref * ref)146 static void ib_uverbs_release_event_file(struct kref *ref)
147 {
148 struct ib_uverbs_event_file *file =
149 container_of(ref, struct ib_uverbs_event_file, ref);
150
151 kfree(file);
152 }
153
ib_uverbs_release_ucq(struct ib_uverbs_file * file,struct ib_uverbs_event_file * ev_file,struct ib_ucq_object * uobj)154 void ib_uverbs_release_ucq(struct ib_uverbs_file *file,
155 struct ib_uverbs_event_file *ev_file,
156 struct ib_ucq_object *uobj)
157 {
158 struct ib_uverbs_event *evt, *tmp;
159
160 if (ev_file) {
161 spin_lock_irq(&ev_file->lock);
162 list_for_each_entry_safe(evt, tmp, &uobj->comp_list, obj_list) {
163 list_del(&evt->list);
164 kfree(evt);
165 }
166 spin_unlock_irq(&ev_file->lock);
167
168 kref_put(&ev_file->ref, ib_uverbs_release_event_file);
169 }
170
171 spin_lock_irq(&file->async_file->lock);
172 list_for_each_entry_safe(evt, tmp, &uobj->async_list, obj_list) {
173 list_del(&evt->list);
174 kfree(evt);
175 }
176 spin_unlock_irq(&file->async_file->lock);
177 }
178
ib_uverbs_release_uevent(struct ib_uverbs_file * file,struct ib_uevent_object * uobj)179 void ib_uverbs_release_uevent(struct ib_uverbs_file *file,
180 struct ib_uevent_object *uobj)
181 {
182 struct ib_uverbs_event *evt, *tmp;
183
184 spin_lock_irq(&file->async_file->lock);
185 list_for_each_entry_safe(evt, tmp, &uobj->event_list, obj_list) {
186 list_del(&evt->list);
187 kfree(evt);
188 }
189 spin_unlock_irq(&file->async_file->lock);
190 }
191
ib_uverbs_detach_umcast(struct ib_qp * qp,struct ib_uqp_object * uobj)192 static void ib_uverbs_detach_umcast(struct ib_qp *qp,
193 struct ib_uqp_object *uobj)
194 {
195 struct ib_uverbs_mcast_entry *mcast, *tmp;
196
197 list_for_each_entry_safe(mcast, tmp, &uobj->mcast_list, list) {
198 ib_detach_mcast(qp, &mcast->gid, mcast->lid);
199 list_del(&mcast->list);
200 kfree(mcast);
201 }
202 }
203
ib_uverbs_cleanup_ucontext(struct ib_uverbs_file * file,struct ib_ucontext * context)204 static int ib_uverbs_cleanup_ucontext(struct ib_uverbs_file *file,
205 struct ib_ucontext *context)
206 {
207 struct ib_uobject *uobj, *tmp;
208
209 if (!context)
210 return 0;
211
212 context->closing = 1;
213
214 list_for_each_entry_safe(uobj, tmp, &context->ah_list, list) {
215 struct ib_ah *ah = uobj->object;
216
217 idr_remove_uobj(&ib_uverbs_ah_idr, uobj);
218 ib_destroy_ah(ah);
219 kfree(uobj);
220 }
221
222 /* Remove MWs before QPs, in order to support type 2A MWs. */
223 list_for_each_entry_safe(uobj, tmp, &context->mw_list, list) {
224 struct ib_mw *mw = uobj->object;
225
226 idr_remove_uobj(&ib_uverbs_mw_idr, uobj);
227 ib_dealloc_mw(mw);
228 kfree(uobj);
229 }
230
231 list_for_each_entry_safe(uobj, tmp, &context->rule_list, list) {
232 struct ib_flow *flow_id = uobj->object;
233
234 idr_remove_uobj(&ib_uverbs_rule_idr, uobj);
235 ib_destroy_flow(flow_id);
236 kfree(uobj);
237 }
238
239 list_for_each_entry_safe(uobj, tmp, &context->qp_list, list) {
240 struct ib_qp *qp = uobj->object;
241 struct ib_uqp_object *uqp =
242 container_of(uobj, struct ib_uqp_object, uevent.uobject);
243
244 idr_remove_uobj(&ib_uverbs_qp_idr, uobj);
245 if (qp != qp->real_qp) {
246 ib_close_qp(qp);
247 } else {
248 ib_uverbs_detach_umcast(qp, uqp);
249 ib_destroy_qp(qp);
250 }
251 ib_uverbs_release_uevent(file, &uqp->uevent);
252 kfree(uqp);
253 }
254
255 list_for_each_entry_safe(uobj, tmp, &context->srq_list, list) {
256 struct ib_srq *srq = uobj->object;
257 struct ib_uevent_object *uevent =
258 container_of(uobj, struct ib_uevent_object, uobject);
259
260 idr_remove_uobj(&ib_uverbs_srq_idr, uobj);
261 ib_destroy_srq(srq);
262 ib_uverbs_release_uevent(file, uevent);
263 kfree(uevent);
264 }
265
266 list_for_each_entry_safe(uobj, tmp, &context->cq_list, list) {
267 struct ib_cq *cq = uobj->object;
268 struct ib_uverbs_event_file *ev_file = cq->cq_context;
269 struct ib_ucq_object *ucq =
270 container_of(uobj, struct ib_ucq_object, uobject);
271
272 idr_remove_uobj(&ib_uverbs_cq_idr, uobj);
273 ib_destroy_cq(cq);
274 ib_uverbs_release_ucq(file, ev_file, ucq);
275 kfree(ucq);
276 }
277
278 list_for_each_entry_safe(uobj, tmp, &context->mr_list, list) {
279 struct ib_mr *mr = uobj->object;
280
281 idr_remove_uobj(&ib_uverbs_mr_idr, uobj);
282 ib_dereg_mr(mr);
283 kfree(uobj);
284 }
285
286 mutex_lock(&file->device->xrcd_tree_mutex);
287 list_for_each_entry_safe(uobj, tmp, &context->xrcd_list, list) {
288 struct ib_xrcd *xrcd = uobj->object;
289 struct ib_uxrcd_object *uxrcd =
290 container_of(uobj, struct ib_uxrcd_object, uobject);
291
292 idr_remove_uobj(&ib_uverbs_xrcd_idr, uobj);
293 ib_uverbs_dealloc_xrcd(file->device, xrcd);
294 kfree(uxrcd);
295 }
296 mutex_unlock(&file->device->xrcd_tree_mutex);
297
298 list_for_each_entry_safe(uobj, tmp, &context->pd_list, list) {
299 struct ib_pd *pd = uobj->object;
300
301 idr_remove_uobj(&ib_uverbs_pd_idr, uobj);
302 ib_dealloc_pd(pd);
303 kfree(uobj);
304 }
305
306 put_pid(context->tgid);
307
308 return context->device->dealloc_ucontext(context);
309 }
310
ib_uverbs_comp_dev(struct ib_uverbs_device * dev)311 static void ib_uverbs_comp_dev(struct ib_uverbs_device *dev)
312 {
313 complete(&dev->comp);
314 }
315
ib_uverbs_release_file(struct kref * ref)316 static void ib_uverbs_release_file(struct kref *ref)
317 {
318 struct ib_uverbs_file *file =
319 container_of(ref, struct ib_uverbs_file, ref);
320
321 module_put(file->device->ib_dev->owner);
322 if (atomic_dec_and_test(&file->device->refcount))
323 ib_uverbs_comp_dev(file->device);
324
325 kfree(file);
326 }
327
ib_uverbs_event_read(struct file * filp,char __user * buf,size_t count,loff_t * pos)328 static ssize_t ib_uverbs_event_read(struct file *filp, char __user *buf,
329 size_t count, loff_t *pos)
330 {
331 struct ib_uverbs_event_file *file = filp->private_data;
332 struct ib_uverbs_event *event;
333 int eventsz;
334 int ret = 0;
335
336 spin_lock_irq(&file->lock);
337
338 while (list_empty(&file->event_list)) {
339 spin_unlock_irq(&file->lock);
340
341 if (filp->f_flags & O_NONBLOCK)
342 return -EAGAIN;
343
344 if (wait_event_interruptible(file->poll_wait,
345 !list_empty(&file->event_list)))
346 return -ERESTARTSYS;
347
348 spin_lock_irq(&file->lock);
349 }
350
351 event = list_entry(file->event_list.next, struct ib_uverbs_event, list);
352
353 if (file->is_async)
354 eventsz = sizeof (struct ib_uverbs_async_event_desc);
355 else
356 eventsz = sizeof (struct ib_uverbs_comp_event_desc);
357
358 if (eventsz > count) {
359 ret = -EINVAL;
360 event = NULL;
361 } else {
362 list_del(file->event_list.next);
363 if (event->counter) {
364 ++(*event->counter);
365 list_del(&event->obj_list);
366 }
367 }
368
369 spin_unlock_irq(&file->lock);
370
371 if (event) {
372 if (copy_to_user(buf, event, eventsz))
373 ret = -EFAULT;
374 else
375 ret = eventsz;
376 }
377
378 kfree(event);
379
380 return ret;
381 }
382
ib_uverbs_event_poll(struct file * filp,struct poll_table_struct * wait)383 static unsigned int ib_uverbs_event_poll(struct file *filp,
384 struct poll_table_struct *wait)
385 {
386 unsigned int pollflags = 0;
387 struct ib_uverbs_event_file *file = filp->private_data;
388
389 poll_wait(filp, &file->poll_wait, wait);
390
391 spin_lock_irq(&file->lock);
392 if (!list_empty(&file->event_list))
393 pollflags = POLLIN | POLLRDNORM;
394 spin_unlock_irq(&file->lock);
395
396 return pollflags;
397 }
398
ib_uverbs_event_fasync(int fd,struct file * filp,int on)399 static int ib_uverbs_event_fasync(int fd, struct file *filp, int on)
400 {
401 struct ib_uverbs_event_file *file = filp->private_data;
402
403 return fasync_helper(fd, filp, on, &file->async_queue);
404 }
405
ib_uverbs_event_close(struct inode * inode,struct file * filp)406 static int ib_uverbs_event_close(struct inode *inode, struct file *filp)
407 {
408 struct ib_uverbs_event_file *file = filp->private_data;
409 struct ib_uverbs_event *entry, *tmp;
410
411 spin_lock_irq(&file->lock);
412 file->is_closed = 1;
413 list_for_each_entry_safe(entry, tmp, &file->event_list, list) {
414 if (entry->counter)
415 list_del(&entry->obj_list);
416 kfree(entry);
417 }
418 spin_unlock_irq(&file->lock);
419
420 if (file->is_async) {
421 ib_unregister_event_handler(&file->uverbs_file->event_handler);
422 kref_put(&file->uverbs_file->ref, ib_uverbs_release_file);
423 }
424 kref_put(&file->ref, ib_uverbs_release_event_file);
425
426 return 0;
427 }
428
429 static const struct file_operations uverbs_event_fops = {
430 .owner = THIS_MODULE,
431 .read = ib_uverbs_event_read,
432 .poll = ib_uverbs_event_poll,
433 .release = ib_uverbs_event_close,
434 .fasync = ib_uverbs_event_fasync,
435 .llseek = no_llseek,
436 };
437
ib_uverbs_comp_handler(struct ib_cq * cq,void * cq_context)438 void ib_uverbs_comp_handler(struct ib_cq *cq, void *cq_context)
439 {
440 struct ib_uverbs_event_file *file = cq_context;
441 struct ib_ucq_object *uobj;
442 struct ib_uverbs_event *entry;
443 unsigned long flags;
444
445 if (!file)
446 return;
447
448 spin_lock_irqsave(&file->lock, flags);
449 if (file->is_closed) {
450 spin_unlock_irqrestore(&file->lock, flags);
451 return;
452 }
453
454 entry = kmalloc(sizeof *entry, GFP_ATOMIC);
455 if (!entry) {
456 spin_unlock_irqrestore(&file->lock, flags);
457 return;
458 }
459
460 uobj = container_of(cq->uobject, struct ib_ucq_object, uobject);
461
462 entry->desc.comp.cq_handle = cq->uobject->user_handle;
463 entry->counter = &uobj->comp_events_reported;
464
465 list_add_tail(&entry->list, &file->event_list);
466 list_add_tail(&entry->obj_list, &uobj->comp_list);
467 spin_unlock_irqrestore(&file->lock, flags);
468
469 wake_up_interruptible(&file->poll_wait);
470 kill_fasync(&file->async_queue, SIGIO, POLL_IN);
471 }
472
ib_uverbs_async_handler(struct ib_uverbs_file * file,__u64 element,__u64 event,struct list_head * obj_list,u32 * counter)473 static void ib_uverbs_async_handler(struct ib_uverbs_file *file,
474 __u64 element, __u64 event,
475 struct list_head *obj_list,
476 u32 *counter)
477 {
478 struct ib_uverbs_event *entry;
479 unsigned long flags;
480
481 spin_lock_irqsave(&file->async_file->lock, flags);
482 if (file->async_file->is_closed) {
483 spin_unlock_irqrestore(&file->async_file->lock, flags);
484 return;
485 }
486
487 entry = kmalloc(sizeof *entry, GFP_ATOMIC);
488 if (!entry) {
489 spin_unlock_irqrestore(&file->async_file->lock, flags);
490 return;
491 }
492
493 entry->desc.async.element = element;
494 entry->desc.async.event_type = event;
495 entry->desc.async.reserved = 0;
496 entry->counter = counter;
497
498 list_add_tail(&entry->list, &file->async_file->event_list);
499 if (obj_list)
500 list_add_tail(&entry->obj_list, obj_list);
501 spin_unlock_irqrestore(&file->async_file->lock, flags);
502
503 wake_up_interruptible(&file->async_file->poll_wait);
504 kill_fasync(&file->async_file->async_queue, SIGIO, POLL_IN);
505 }
506
ib_uverbs_cq_event_handler(struct ib_event * event,void * context_ptr)507 void ib_uverbs_cq_event_handler(struct ib_event *event, void *context_ptr)
508 {
509 struct ib_ucq_object *uobj = container_of(event->element.cq->uobject,
510 struct ib_ucq_object, uobject);
511
512 ib_uverbs_async_handler(uobj->uverbs_file, uobj->uobject.user_handle,
513 event->event, &uobj->async_list,
514 &uobj->async_events_reported);
515 }
516
ib_uverbs_qp_event_handler(struct ib_event * event,void * context_ptr)517 void ib_uverbs_qp_event_handler(struct ib_event *event, void *context_ptr)
518 {
519 struct ib_uevent_object *uobj;
520
521 /* for XRC target qp's, check that qp is live */
522 if (!event->element.qp->uobject || !event->element.qp->uobject->live)
523 return;
524
525 uobj = container_of(event->element.qp->uobject,
526 struct ib_uevent_object, uobject);
527
528 ib_uverbs_async_handler(context_ptr, uobj->uobject.user_handle,
529 event->event, &uobj->event_list,
530 &uobj->events_reported);
531 }
532
ib_uverbs_srq_event_handler(struct ib_event * event,void * context_ptr)533 void ib_uverbs_srq_event_handler(struct ib_event *event, void *context_ptr)
534 {
535 struct ib_uevent_object *uobj;
536
537 uobj = container_of(event->element.srq->uobject,
538 struct ib_uevent_object, uobject);
539
540 ib_uverbs_async_handler(context_ptr, uobj->uobject.user_handle,
541 event->event, &uobj->event_list,
542 &uobj->events_reported);
543 }
544
ib_uverbs_event_handler(struct ib_event_handler * handler,struct ib_event * event)545 void ib_uverbs_event_handler(struct ib_event_handler *handler,
546 struct ib_event *event)
547 {
548 struct ib_uverbs_file *file =
549 container_of(handler, struct ib_uverbs_file, event_handler);
550
551 ib_uverbs_async_handler(file, event->element.port_num, event->event,
552 NULL, NULL);
553 }
554
ib_uverbs_alloc_event_file(struct ib_uverbs_file * uverbs_file,int is_async)555 struct file *ib_uverbs_alloc_event_file(struct ib_uverbs_file *uverbs_file,
556 int is_async)
557 {
558 struct ib_uverbs_event_file *ev_file;
559 struct file *filp;
560
561 ev_file = kmalloc(sizeof *ev_file, GFP_KERNEL);
562 if (!ev_file)
563 return ERR_PTR(-ENOMEM);
564
565 kref_init(&ev_file->ref);
566 spin_lock_init(&ev_file->lock);
567 INIT_LIST_HEAD(&ev_file->event_list);
568 init_waitqueue_head(&ev_file->poll_wait);
569 ev_file->uverbs_file = uverbs_file;
570 ev_file->async_queue = NULL;
571 ev_file->is_async = is_async;
572 ev_file->is_closed = 0;
573
574 filp = anon_inode_getfile("[infinibandevent]", &uverbs_event_fops,
575 ev_file, O_RDONLY);
576 if (IS_ERR(filp))
577 kfree(ev_file);
578
579 return filp;
580 }
581
582 /*
583 * Look up a completion event file by FD. If lookup is successful,
584 * takes a ref to the event file struct that it returns; if
585 * unsuccessful, returns NULL.
586 */
ib_uverbs_lookup_comp_file(int fd)587 struct ib_uverbs_event_file *ib_uverbs_lookup_comp_file(int fd)
588 {
589 struct ib_uverbs_event_file *ev_file = NULL;
590 struct fd f = fdget(fd);
591
592 if (!f.file)
593 return NULL;
594
595 if (f.file->f_op != &uverbs_event_fops)
596 goto out;
597
598 ev_file = f.file->private_data;
599 if (ev_file->is_async) {
600 ev_file = NULL;
601 goto out;
602 }
603
604 kref_get(&ev_file->ref);
605
606 out:
607 fdput(f);
608 return ev_file;
609 }
610
ib_uverbs_write(struct file * filp,const char __user * buf,size_t count,loff_t * pos)611 static ssize_t ib_uverbs_write(struct file *filp, const char __user *buf,
612 size_t count, loff_t *pos)
613 {
614 struct ib_uverbs_file *file = filp->private_data;
615 struct ib_uverbs_cmd_hdr hdr;
616 __u32 flags;
617
618 if (WARN_ON_ONCE(!ib_safe_file_access(filp)))
619 return -EACCES;
620
621 if (count < sizeof hdr)
622 return -EINVAL;
623
624 if (copy_from_user(&hdr, buf, sizeof hdr))
625 return -EFAULT;
626
627 flags = (hdr.command &
628 IB_USER_VERBS_CMD_FLAGS_MASK) >> IB_USER_VERBS_CMD_FLAGS_SHIFT;
629
630 if (!flags) {
631 __u32 command;
632
633 if (hdr.command & ~(__u32)(IB_USER_VERBS_CMD_FLAGS_MASK |
634 IB_USER_VERBS_CMD_COMMAND_MASK))
635 return -EINVAL;
636
637 command = hdr.command & IB_USER_VERBS_CMD_COMMAND_MASK;
638
639 if (command >= ARRAY_SIZE(uverbs_cmd_table) ||
640 !uverbs_cmd_table[command])
641 return -EINVAL;
642
643 if (!file->ucontext &&
644 command != IB_USER_VERBS_CMD_GET_CONTEXT)
645 return -EINVAL;
646
647 if (!(file->device->ib_dev->uverbs_cmd_mask & (1ull << command)))
648 return -ENOSYS;
649
650 if (hdr.in_words * 4 != count)
651 return -EINVAL;
652
653 return uverbs_cmd_table[command](file,
654 buf + sizeof(hdr),
655 hdr.in_words * 4,
656 hdr.out_words * 4);
657
658 } else if (flags == IB_USER_VERBS_CMD_FLAG_EXTENDED) {
659 __u32 command;
660
661 struct ib_uverbs_ex_cmd_hdr ex_hdr;
662 struct ib_udata ucore;
663 struct ib_udata uhw;
664 int err;
665 size_t written_count = count;
666
667 if (hdr.command & ~(__u32)(IB_USER_VERBS_CMD_FLAGS_MASK |
668 IB_USER_VERBS_CMD_COMMAND_MASK))
669 return -EINVAL;
670
671 command = hdr.command & IB_USER_VERBS_CMD_COMMAND_MASK;
672
673 if (command >= ARRAY_SIZE(uverbs_ex_cmd_table) ||
674 !uverbs_ex_cmd_table[command])
675 return -ENOSYS;
676
677 if (!file->ucontext)
678 return -EINVAL;
679
680 if (!(file->device->ib_dev->uverbs_ex_cmd_mask & (1ull << command)))
681 return -ENOSYS;
682
683 if (count < (sizeof(hdr) + sizeof(ex_hdr)))
684 return -EINVAL;
685
686 if (copy_from_user(&ex_hdr, buf + sizeof(hdr), sizeof(ex_hdr)))
687 return -EFAULT;
688
689 count -= sizeof(hdr) + sizeof(ex_hdr);
690 buf += sizeof(hdr) + sizeof(ex_hdr);
691
692 if ((hdr.in_words + ex_hdr.provider_in_words) * 8 != count)
693 return -EINVAL;
694
695 if (ex_hdr.cmd_hdr_reserved)
696 return -EINVAL;
697
698 if (ex_hdr.response) {
699 if (!hdr.out_words && !ex_hdr.provider_out_words)
700 return -EINVAL;
701
702 if (!access_ok(VERIFY_WRITE,
703 (void __user *) (unsigned long) ex_hdr.response,
704 (hdr.out_words + ex_hdr.provider_out_words) * 8))
705 return -EFAULT;
706 } else {
707 if (hdr.out_words || ex_hdr.provider_out_words)
708 return -EINVAL;
709 }
710
711 INIT_UDATA_BUF_OR_NULL(&ucore, buf, (unsigned long) ex_hdr.response,
712 hdr.in_words * 8, hdr.out_words * 8);
713
714 INIT_UDATA_BUF_OR_NULL(&uhw,
715 buf + ucore.inlen,
716 (unsigned long) ex_hdr.response + ucore.outlen,
717 ex_hdr.provider_in_words * 8,
718 ex_hdr.provider_out_words * 8);
719
720 err = uverbs_ex_cmd_table[command](file,
721 &ucore,
722 &uhw);
723
724 if (err)
725 return err;
726
727 return written_count;
728 }
729
730 return -ENOSYS;
731 }
732
ib_uverbs_mmap(struct file * filp,struct vm_area_struct * vma)733 static int ib_uverbs_mmap(struct file *filp, struct vm_area_struct *vma)
734 {
735 struct ib_uverbs_file *file = filp->private_data;
736
737 if (!file->ucontext)
738 return -ENODEV;
739 else
740 return file->device->ib_dev->mmap(file->ucontext, vma);
741 }
742
743 /*
744 * ib_uverbs_open() does not need the BKL:
745 *
746 * - the ib_uverbs_device structures are properly reference counted and
747 * everything else is purely local to the file being created, so
748 * races against other open calls are not a problem;
749 * - there is no ioctl method to race against;
750 * - the open method will either immediately run -ENXIO, or all
751 * required initialization will be done.
752 */
ib_uverbs_open(struct inode * inode,struct file * filp)753 static int ib_uverbs_open(struct inode *inode, struct file *filp)
754 {
755 struct ib_uverbs_device *dev;
756 struct ib_uverbs_file *file;
757 int ret;
758
759 dev = container_of(inode->i_cdev, struct ib_uverbs_device, cdev);
760 if (!atomic_inc_not_zero(&dev->refcount))
761 return -ENXIO;
762
763 if (!try_module_get(dev->ib_dev->owner)) {
764 ret = -ENODEV;
765 goto err;
766 }
767
768 file = kmalloc(sizeof *file, GFP_KERNEL);
769 if (!file) {
770 ret = -ENOMEM;
771 goto err_module;
772 }
773
774 file->device = dev;
775 file->ucontext = NULL;
776 file->async_file = NULL;
777 kref_init(&file->ref);
778 mutex_init(&file->mutex);
779
780 filp->private_data = file;
781 kobject_get(&dev->kobj);
782
783 return nonseekable_open(inode, filp);
784
785 err_module:
786 module_put(dev->ib_dev->owner);
787
788 err:
789 if (atomic_dec_and_test(&dev->refcount))
790 ib_uverbs_comp_dev(dev);
791
792 return ret;
793 }
794
ib_uverbs_close(struct inode * inode,struct file * filp)795 static int ib_uverbs_close(struct inode *inode, struct file *filp)
796 {
797 struct ib_uverbs_file *file = filp->private_data;
798 struct ib_uverbs_device *dev = file->device;
799
800 ib_uverbs_cleanup_ucontext(file, file->ucontext);
801
802 if (file->async_file)
803 kref_put(&file->async_file->ref, ib_uverbs_release_event_file);
804
805 kref_put(&file->ref, ib_uverbs_release_file);
806 kobject_put(&dev->kobj);
807
808 return 0;
809 }
810
811 static const struct file_operations uverbs_fops = {
812 .owner = THIS_MODULE,
813 .write = ib_uverbs_write,
814 .open = ib_uverbs_open,
815 .release = ib_uverbs_close,
816 .llseek = no_llseek,
817 };
818
819 static const struct file_operations uverbs_mmap_fops = {
820 .owner = THIS_MODULE,
821 .write = ib_uverbs_write,
822 .mmap = ib_uverbs_mmap,
823 .open = ib_uverbs_open,
824 .release = ib_uverbs_close,
825 .llseek = no_llseek,
826 };
827
828 static struct ib_client uverbs_client = {
829 .name = "uverbs",
830 .add = ib_uverbs_add_one,
831 .remove = ib_uverbs_remove_one
832 };
833
show_ibdev(struct device * device,struct device_attribute * attr,char * buf)834 static ssize_t show_ibdev(struct device *device, struct device_attribute *attr,
835 char *buf)
836 {
837 struct ib_uverbs_device *dev = dev_get_drvdata(device);
838
839 if (!dev)
840 return -ENODEV;
841
842 return sprintf(buf, "%s\n", dev->ib_dev->name);
843 }
844 static DEVICE_ATTR(ibdev, S_IRUGO, show_ibdev, NULL);
845
show_dev_abi_version(struct device * device,struct device_attribute * attr,char * buf)846 static ssize_t show_dev_abi_version(struct device *device,
847 struct device_attribute *attr, char *buf)
848 {
849 struct ib_uverbs_device *dev = dev_get_drvdata(device);
850
851 if (!dev)
852 return -ENODEV;
853
854 return sprintf(buf, "%d\n", dev->ib_dev->uverbs_abi_ver);
855 }
856 static DEVICE_ATTR(abi_version, S_IRUGO, show_dev_abi_version, NULL);
857
858 static CLASS_ATTR_STRING(abi_version, S_IRUGO,
859 __stringify(IB_USER_VERBS_ABI_VERSION));
860
861 static dev_t overflow_maj;
862 static DECLARE_BITMAP(overflow_map, IB_UVERBS_MAX_DEVICES);
863
864 /*
865 * If we have more than IB_UVERBS_MAX_DEVICES, dynamically overflow by
866 * requesting a new major number and doubling the number of max devices we
867 * support. It's stupid, but simple.
868 */
find_overflow_devnum(void)869 static int find_overflow_devnum(void)
870 {
871 int ret;
872
873 if (!overflow_maj) {
874 ret = alloc_chrdev_region(&overflow_maj, 0, IB_UVERBS_MAX_DEVICES,
875 "infiniband_verbs");
876 if (ret) {
877 printk(KERN_ERR "user_verbs: couldn't register dynamic device number\n");
878 return ret;
879 }
880 }
881
882 ret = find_first_zero_bit(overflow_map, IB_UVERBS_MAX_DEVICES);
883 if (ret >= IB_UVERBS_MAX_DEVICES)
884 return -1;
885
886 return ret;
887 }
888
ib_uverbs_add_one(struct ib_device * device)889 static void ib_uverbs_add_one(struct ib_device *device)
890 {
891 int devnum;
892 dev_t base;
893 struct ib_uverbs_device *uverbs_dev;
894
895 if (!device->alloc_ucontext)
896 return;
897
898 uverbs_dev = kzalloc(sizeof *uverbs_dev, GFP_KERNEL);
899 if (!uverbs_dev)
900 return;
901
902 atomic_set(&uverbs_dev->refcount, 1);
903 init_completion(&uverbs_dev->comp);
904 uverbs_dev->xrcd_tree = RB_ROOT;
905 mutex_init(&uverbs_dev->xrcd_tree_mutex);
906 kobject_init(&uverbs_dev->kobj, &ib_uverbs_dev_ktype);
907
908 spin_lock(&map_lock);
909 devnum = find_first_zero_bit(dev_map, IB_UVERBS_MAX_DEVICES);
910 if (devnum >= IB_UVERBS_MAX_DEVICES) {
911 spin_unlock(&map_lock);
912 devnum = find_overflow_devnum();
913 if (devnum < 0)
914 goto err;
915
916 spin_lock(&map_lock);
917 uverbs_dev->devnum = devnum + IB_UVERBS_MAX_DEVICES;
918 base = devnum + overflow_maj;
919 set_bit(devnum, overflow_map);
920 } else {
921 uverbs_dev->devnum = devnum;
922 base = devnum + IB_UVERBS_BASE_DEV;
923 set_bit(devnum, dev_map);
924 }
925 spin_unlock(&map_lock);
926
927 uverbs_dev->ib_dev = device;
928 uverbs_dev->num_comp_vectors = device->num_comp_vectors;
929
930 cdev_init(&uverbs_dev->cdev, NULL);
931 uverbs_dev->cdev.owner = THIS_MODULE;
932 uverbs_dev->cdev.ops = device->mmap ? &uverbs_mmap_fops : &uverbs_fops;
933 uverbs_dev->cdev.kobj.parent = &uverbs_dev->kobj;
934 kobject_set_name(&uverbs_dev->cdev.kobj, "uverbs%d", uverbs_dev->devnum);
935 if (cdev_add(&uverbs_dev->cdev, base, 1))
936 goto err_cdev;
937
938 uverbs_dev->dev = device_create(uverbs_class, device->dma_device,
939 uverbs_dev->cdev.dev, uverbs_dev,
940 "uverbs%d", uverbs_dev->devnum);
941 if (IS_ERR(uverbs_dev->dev))
942 goto err_cdev;
943
944 if (device_create_file(uverbs_dev->dev, &dev_attr_ibdev))
945 goto err_class;
946 if (device_create_file(uverbs_dev->dev, &dev_attr_abi_version))
947 goto err_class;
948
949 ib_set_client_data(device, &uverbs_client, uverbs_dev);
950
951 return;
952
953 err_class:
954 device_destroy(uverbs_class, uverbs_dev->cdev.dev);
955
956 err_cdev:
957 cdev_del(&uverbs_dev->cdev);
958 if (uverbs_dev->devnum < IB_UVERBS_MAX_DEVICES)
959 clear_bit(devnum, dev_map);
960 else
961 clear_bit(devnum, overflow_map);
962
963 err:
964 if (atomic_dec_and_test(&uverbs_dev->refcount))
965 ib_uverbs_comp_dev(uverbs_dev);
966 wait_for_completion(&uverbs_dev->comp);
967 kobject_put(&uverbs_dev->kobj);
968 return;
969 }
970
ib_uverbs_remove_one(struct ib_device * device)971 static void ib_uverbs_remove_one(struct ib_device *device)
972 {
973 struct ib_uverbs_device *uverbs_dev = ib_get_client_data(device, &uverbs_client);
974
975 if (!uverbs_dev)
976 return;
977
978 dev_set_drvdata(uverbs_dev->dev, NULL);
979 device_destroy(uverbs_class, uverbs_dev->cdev.dev);
980 cdev_del(&uverbs_dev->cdev);
981
982 if (uverbs_dev->devnum < IB_UVERBS_MAX_DEVICES)
983 clear_bit(uverbs_dev->devnum, dev_map);
984 else
985 clear_bit(uverbs_dev->devnum - IB_UVERBS_MAX_DEVICES, overflow_map);
986
987 if (atomic_dec_and_test(&uverbs_dev->refcount))
988 ib_uverbs_comp_dev(uverbs_dev);
989 wait_for_completion(&uverbs_dev->comp);
990 kobject_put(&uverbs_dev->kobj);
991 }
992
uverbs_devnode(struct device * dev,umode_t * mode)993 static char *uverbs_devnode(struct device *dev, umode_t *mode)
994 {
995 if (mode)
996 *mode = 0666;
997 return kasprintf(GFP_KERNEL, "infiniband/%s", dev_name(dev));
998 }
999
ib_uverbs_init(void)1000 static int __init ib_uverbs_init(void)
1001 {
1002 int ret;
1003
1004 ret = register_chrdev_region(IB_UVERBS_BASE_DEV, IB_UVERBS_MAX_DEVICES,
1005 "infiniband_verbs");
1006 if (ret) {
1007 printk(KERN_ERR "user_verbs: couldn't register device number\n");
1008 goto out;
1009 }
1010
1011 uverbs_class = class_create(THIS_MODULE, "infiniband_verbs");
1012 if (IS_ERR(uverbs_class)) {
1013 ret = PTR_ERR(uverbs_class);
1014 printk(KERN_ERR "user_verbs: couldn't create class infiniband_verbs\n");
1015 goto out_chrdev;
1016 }
1017
1018 uverbs_class->devnode = uverbs_devnode;
1019
1020 ret = class_create_file(uverbs_class, &class_attr_abi_version.attr);
1021 if (ret) {
1022 printk(KERN_ERR "user_verbs: couldn't create abi_version attribute\n");
1023 goto out_class;
1024 }
1025
1026 ret = ib_register_client(&uverbs_client);
1027 if (ret) {
1028 printk(KERN_ERR "user_verbs: couldn't register client\n");
1029 goto out_class;
1030 }
1031
1032 return 0;
1033
1034 out_class:
1035 class_destroy(uverbs_class);
1036
1037 out_chrdev:
1038 unregister_chrdev_region(IB_UVERBS_BASE_DEV, IB_UVERBS_MAX_DEVICES);
1039
1040 out:
1041 return ret;
1042 }
1043
ib_uverbs_cleanup(void)1044 static void __exit ib_uverbs_cleanup(void)
1045 {
1046 ib_unregister_client(&uverbs_client);
1047 class_destroy(uverbs_class);
1048 unregister_chrdev_region(IB_UVERBS_BASE_DEV, IB_UVERBS_MAX_DEVICES);
1049 if (overflow_maj)
1050 unregister_chrdev_region(overflow_maj, IB_UVERBS_MAX_DEVICES);
1051 idr_destroy(&ib_uverbs_pd_idr);
1052 idr_destroy(&ib_uverbs_mr_idr);
1053 idr_destroy(&ib_uverbs_mw_idr);
1054 idr_destroy(&ib_uverbs_ah_idr);
1055 idr_destroy(&ib_uverbs_cq_idr);
1056 idr_destroy(&ib_uverbs_qp_idr);
1057 idr_destroy(&ib_uverbs_srq_idr);
1058 }
1059
1060 module_init(ib_uverbs_init);
1061 module_exit(ib_uverbs_cleanup);
1062