1/* 2 * Copyright (c) 2004 Topspin Communications. All rights reserved. 3 * Copyright (c) 2005 Voltaire, Inc. All rights reserved. 4 * Copyright (c) 2005 Sun Microsystems, Inc. All rights reserved. 5 * Copyright (c) 2008 Cisco. All rights reserved. 6 * 7 * This software is available to you under a choice of one of two 8 * licenses. You may choose to be licensed under the terms of the GNU 9 * General Public License (GPL) Version 2, available from the file 10 * COPYING in the main directory of this source tree, or the 11 * OpenIB.org BSD license below: 12 * 13 * Redistribution and use in source and binary forms, with or 14 * without modification, are permitted provided that the following 15 * conditions are met: 16 * 17 * - Redistributions of source code must retain the above 18 * copyright notice, this list of conditions and the following 19 * disclaimer. 20 * 21 * - Redistributions in binary form must reproduce the above 22 * copyright notice, this list of conditions and the following 23 * disclaimer in the documentation and/or other materials 24 * provided with the distribution. 25 * 26 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 27 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 28 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 29 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 30 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 31 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 32 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 33 * SOFTWARE. 34 */ 35 36#define pr_fmt(fmt) "user_mad: " fmt 37 38#include <linux/module.h> 39#include <linux/init.h> 40#include <linux/device.h> 41#include <linux/err.h> 42#include <linux/fs.h> 43#include <linux/cdev.h> 44#include <linux/dma-mapping.h> 45#include <linux/poll.h> 46#include <linux/mutex.h> 47#include <linux/kref.h> 48#include <linux/compat.h> 49#include <linux/sched.h> 50#include <linux/semaphore.h> 51#include <linux/slab.h> 52 53#include <asm/uaccess.h> 54 55#include <rdma/ib_mad.h> 56#include <rdma/ib_user_mad.h> 57 58MODULE_AUTHOR("Roland Dreier"); 59MODULE_DESCRIPTION("InfiniBand userspace MAD packet access"); 60MODULE_LICENSE("Dual BSD/GPL"); 61 62enum { 63 IB_UMAD_MAX_PORTS = 64, 64 IB_UMAD_MAX_AGENTS = 32, 65 66 IB_UMAD_MAJOR = 231, 67 IB_UMAD_MINOR_BASE = 0 68}; 69 70/* 71 * Our lifetime rules for these structs are the following: 72 * device special file is opened, we take a reference on the 73 * ib_umad_port's struct ib_umad_device. We drop these 74 * references in the corresponding close(). 75 * 76 * In addition to references coming from open character devices, there 77 * is one more reference to each ib_umad_device representing the 78 * module's reference taken when allocating the ib_umad_device in 79 * ib_umad_add_one(). 80 * 81 * When destroying an ib_umad_device, we drop the module's reference. 82 */ 83 84struct ib_umad_port { 85 struct cdev cdev; 86 struct device *dev; 87 88 struct cdev sm_cdev; 89 struct device *sm_dev; 90 struct semaphore sm_sem; 91 92 struct mutex file_mutex; 93 struct list_head file_list; 94 95 struct ib_device *ib_dev; 96 struct ib_umad_device *umad_dev; 97 int dev_num; 98 u8 port_num; 99}; 100 101struct ib_umad_device { 102 int start_port, end_port; 103 struct kobject kobj; 104 struct ib_umad_port port[0]; 105}; 106 107struct ib_umad_file { 108 struct mutex mutex; 109 struct ib_umad_port *port; 110 struct list_head recv_list; 111 struct list_head send_list; 112 struct list_head port_list; 113 spinlock_t send_lock; 114 wait_queue_head_t recv_wait; 115 struct ib_mad_agent *agent[IB_UMAD_MAX_AGENTS]; 116 int agents_dead; 117 u8 use_pkey_index; 118 u8 already_used; 119}; 120 121struct ib_umad_packet { 122 struct ib_mad_send_buf *msg; 123 struct ib_mad_recv_wc *recv_wc; 124 struct list_head list; 125 int length; 126 struct ib_user_mad mad; 127}; 128 129static struct class *umad_class; 130 131static const dev_t base_dev = MKDEV(IB_UMAD_MAJOR, IB_UMAD_MINOR_BASE); 132 133static DEFINE_SPINLOCK(port_lock); 134static DECLARE_BITMAP(dev_map, IB_UMAD_MAX_PORTS); 135 136static void ib_umad_add_one(struct ib_device *device); 137static void ib_umad_remove_one(struct ib_device *device); 138 139static void ib_umad_release_dev(struct kobject *kobj) 140{ 141 struct ib_umad_device *dev = 142 container_of(kobj, struct ib_umad_device, kobj); 143 144 kfree(dev); 145} 146 147static struct kobj_type ib_umad_dev_ktype = { 148 .release = ib_umad_release_dev, 149}; 150 151static int hdr_size(struct ib_umad_file *file) 152{ 153 return file->use_pkey_index ? sizeof (struct ib_user_mad_hdr) : 154 sizeof (struct ib_user_mad_hdr_old); 155} 156 157/* caller must hold file->mutex */ 158static struct ib_mad_agent *__get_agent(struct ib_umad_file *file, int id) 159{ 160 return file->agents_dead ? NULL : file->agent[id]; 161} 162 163static int queue_packet(struct ib_umad_file *file, 164 struct ib_mad_agent *agent, 165 struct ib_umad_packet *packet) 166{ 167 int ret = 1; 168 169 mutex_lock(&file->mutex); 170 171 for (packet->mad.hdr.id = 0; 172 packet->mad.hdr.id < IB_UMAD_MAX_AGENTS; 173 packet->mad.hdr.id++) 174 if (agent == __get_agent(file, packet->mad.hdr.id)) { 175 list_add_tail(&packet->list, &file->recv_list); 176 wake_up_interruptible(&file->recv_wait); 177 ret = 0; 178 break; 179 } 180 181 mutex_unlock(&file->mutex); 182 183 return ret; 184} 185 186static void dequeue_send(struct ib_umad_file *file, 187 struct ib_umad_packet *packet) 188{ 189 spin_lock_irq(&file->send_lock); 190 list_del(&packet->list); 191 spin_unlock_irq(&file->send_lock); 192} 193 194static void send_handler(struct ib_mad_agent *agent, 195 struct ib_mad_send_wc *send_wc) 196{ 197 struct ib_umad_file *file = agent->context; 198 struct ib_umad_packet *packet = send_wc->send_buf->context[0]; 199 200 dequeue_send(file, packet); 201 ib_destroy_ah(packet->msg->ah); 202 ib_free_send_mad(packet->msg); 203 204 if (send_wc->status == IB_WC_RESP_TIMEOUT_ERR) { 205 packet->length = IB_MGMT_MAD_HDR; 206 packet->mad.hdr.status = ETIMEDOUT; 207 if (!queue_packet(file, agent, packet)) 208 return; 209 } 210 kfree(packet); 211} 212 213static void recv_handler(struct ib_mad_agent *agent, 214 struct ib_mad_recv_wc *mad_recv_wc) 215{ 216 struct ib_umad_file *file = agent->context; 217 struct ib_umad_packet *packet; 218 219 if (mad_recv_wc->wc->status != IB_WC_SUCCESS) 220 goto err1; 221 222 packet = kzalloc(sizeof *packet, GFP_KERNEL); 223 if (!packet) 224 goto err1; 225 226 packet->length = mad_recv_wc->mad_len; 227 packet->recv_wc = mad_recv_wc; 228 229 packet->mad.hdr.status = 0; 230 packet->mad.hdr.length = hdr_size(file) + mad_recv_wc->mad_len; 231 packet->mad.hdr.qpn = cpu_to_be32(mad_recv_wc->wc->src_qp); 232 packet->mad.hdr.lid = cpu_to_be16(mad_recv_wc->wc->slid); 233 packet->mad.hdr.sl = mad_recv_wc->wc->sl; 234 packet->mad.hdr.path_bits = mad_recv_wc->wc->dlid_path_bits; 235 packet->mad.hdr.pkey_index = mad_recv_wc->wc->pkey_index; 236 packet->mad.hdr.grh_present = !!(mad_recv_wc->wc->wc_flags & IB_WC_GRH); 237 if (packet->mad.hdr.grh_present) { 238 struct ib_ah_attr ah_attr; 239 240 ib_init_ah_from_wc(agent->device, agent->port_num, 241 mad_recv_wc->wc, mad_recv_wc->recv_buf.grh, 242 &ah_attr); 243 244 packet->mad.hdr.gid_index = ah_attr.grh.sgid_index; 245 packet->mad.hdr.hop_limit = ah_attr.grh.hop_limit; 246 packet->mad.hdr.traffic_class = ah_attr.grh.traffic_class; 247 memcpy(packet->mad.hdr.gid, &ah_attr.grh.dgid, 16); 248 packet->mad.hdr.flow_label = cpu_to_be32(ah_attr.grh.flow_label); 249 } 250 251 if (queue_packet(file, agent, packet)) 252 goto err2; 253 return; 254 255err2: 256 kfree(packet); 257err1: 258 ib_free_recv_mad(mad_recv_wc); 259} 260 261static ssize_t copy_recv_mad(struct ib_umad_file *file, char __user *buf, 262 struct ib_umad_packet *packet, size_t count) 263{ 264 struct ib_mad_recv_buf *recv_buf; 265 int left, seg_payload, offset, max_seg_payload; 266 267 /* We need enough room to copy the first (or only) MAD segment. */ 268 recv_buf = &packet->recv_wc->recv_buf; 269 if ((packet->length <= sizeof (*recv_buf->mad) && 270 count < hdr_size(file) + packet->length) || 271 (packet->length > sizeof (*recv_buf->mad) && 272 count < hdr_size(file) + sizeof (*recv_buf->mad))) 273 return -EINVAL; 274 275 if (copy_to_user(buf, &packet->mad, hdr_size(file))) 276 return -EFAULT; 277 278 buf += hdr_size(file); 279 seg_payload = min_t(int, packet->length, sizeof (*recv_buf->mad)); 280 if (copy_to_user(buf, recv_buf->mad, seg_payload)) 281 return -EFAULT; 282 283 if (seg_payload < packet->length) { 284 /* 285 * Multipacket RMPP MAD message. Copy remainder of message. 286 * Note that last segment may have a shorter payload. 287 */ 288 if (count < hdr_size(file) + packet->length) { 289 /* 290 * The buffer is too small, return the first RMPP segment, 291 * which includes the RMPP message length. 292 */ 293 return -ENOSPC; 294 } 295 offset = ib_get_mad_data_offset(recv_buf->mad->mad_hdr.mgmt_class); 296 max_seg_payload = sizeof (struct ib_mad) - offset; 297 298 for (left = packet->length - seg_payload, buf += seg_payload; 299 left; left -= seg_payload, buf += seg_payload) { 300 recv_buf = container_of(recv_buf->list.next, 301 struct ib_mad_recv_buf, list); 302 seg_payload = min(left, max_seg_payload); 303 if (copy_to_user(buf, ((void *) recv_buf->mad) + offset, 304 seg_payload)) 305 return -EFAULT; 306 } 307 } 308 return hdr_size(file) + packet->length; 309} 310 311static ssize_t copy_send_mad(struct ib_umad_file *file, char __user *buf, 312 struct ib_umad_packet *packet, size_t count) 313{ 314 ssize_t size = hdr_size(file) + packet->length; 315 316 if (count < size) 317 return -EINVAL; 318 319 if (copy_to_user(buf, &packet->mad, hdr_size(file))) 320 return -EFAULT; 321 322 buf += hdr_size(file); 323 324 if (copy_to_user(buf, packet->mad.data, packet->length)) 325 return -EFAULT; 326 327 return size; 328} 329 330static ssize_t ib_umad_read(struct file *filp, char __user *buf, 331 size_t count, loff_t *pos) 332{ 333 struct ib_umad_file *file = filp->private_data; 334 struct ib_umad_packet *packet; 335 ssize_t ret; 336 337 if (count < hdr_size(file)) 338 return -EINVAL; 339 340 mutex_lock(&file->mutex); 341 342 while (list_empty(&file->recv_list)) { 343 mutex_unlock(&file->mutex); 344 345 if (filp->f_flags & O_NONBLOCK) 346 return -EAGAIN; 347 348 if (wait_event_interruptible(file->recv_wait, 349 !list_empty(&file->recv_list))) 350 return -ERESTARTSYS; 351 352 mutex_lock(&file->mutex); 353 } 354 355 packet = list_entry(file->recv_list.next, struct ib_umad_packet, list); 356 list_del(&packet->list); 357 358 mutex_unlock(&file->mutex); 359 360 if (packet->recv_wc) 361 ret = copy_recv_mad(file, buf, packet, count); 362 else 363 ret = copy_send_mad(file, buf, packet, count); 364 365 if (ret < 0) { 366 /* Requeue packet */ 367 mutex_lock(&file->mutex); 368 list_add(&packet->list, &file->recv_list); 369 mutex_unlock(&file->mutex); 370 } else { 371 if (packet->recv_wc) 372 ib_free_recv_mad(packet->recv_wc); 373 kfree(packet); 374 } 375 return ret; 376} 377 378static int copy_rmpp_mad(struct ib_mad_send_buf *msg, const char __user *buf) 379{ 380 int left, seg; 381 382 /* Copy class specific header */ 383 if ((msg->hdr_len > IB_MGMT_RMPP_HDR) && 384 copy_from_user(msg->mad + IB_MGMT_RMPP_HDR, buf + IB_MGMT_RMPP_HDR, 385 msg->hdr_len - IB_MGMT_RMPP_HDR)) 386 return -EFAULT; 387 388 /* All headers are in place. Copy data segments. */ 389 for (seg = 1, left = msg->data_len, buf += msg->hdr_len; left > 0; 390 seg++, left -= msg->seg_size, buf += msg->seg_size) { 391 if (copy_from_user(ib_get_rmpp_segment(msg, seg), buf, 392 min(left, msg->seg_size))) 393 return -EFAULT; 394 } 395 return 0; 396} 397 398static int same_destination(struct ib_user_mad_hdr *hdr1, 399 struct ib_user_mad_hdr *hdr2) 400{ 401 if (!hdr1->grh_present && !hdr2->grh_present) 402 return (hdr1->lid == hdr2->lid); 403 404 if (hdr1->grh_present && hdr2->grh_present) 405 return !memcmp(hdr1->gid, hdr2->gid, 16); 406 407 return 0; 408} 409 410static int is_duplicate(struct ib_umad_file *file, 411 struct ib_umad_packet *packet) 412{ 413 struct ib_umad_packet *sent_packet; 414 struct ib_mad_hdr *sent_hdr, *hdr; 415 416 hdr = (struct ib_mad_hdr *) packet->mad.data; 417 list_for_each_entry(sent_packet, &file->send_list, list) { 418 sent_hdr = (struct ib_mad_hdr *) sent_packet->mad.data; 419 420 if ((hdr->tid != sent_hdr->tid) || 421 (hdr->mgmt_class != sent_hdr->mgmt_class)) 422 continue; 423 424 /* 425 * No need to be overly clever here. If two new operations have 426 * the same TID, reject the second as a duplicate. This is more 427 * restrictive than required by the spec. 428 */ 429 if (!ib_response_mad((struct ib_mad *) hdr)) { 430 if (!ib_response_mad((struct ib_mad *) sent_hdr)) 431 return 1; 432 continue; 433 } else if (!ib_response_mad((struct ib_mad *) sent_hdr)) 434 continue; 435 436 if (same_destination(&packet->mad.hdr, &sent_packet->mad.hdr)) 437 return 1; 438 } 439 440 return 0; 441} 442 443static ssize_t ib_umad_write(struct file *filp, const char __user *buf, 444 size_t count, loff_t *pos) 445{ 446 struct ib_umad_file *file = filp->private_data; 447 struct ib_umad_packet *packet; 448 struct ib_mad_agent *agent; 449 struct ib_ah_attr ah_attr; 450 struct ib_ah *ah; 451 struct ib_rmpp_mad *rmpp_mad; 452 __be64 *tid; 453 int ret, data_len, hdr_len, copy_offset, rmpp_active; 454 455 if (count < hdr_size(file) + IB_MGMT_RMPP_HDR) 456 return -EINVAL; 457 458 packet = kzalloc(sizeof *packet + IB_MGMT_RMPP_HDR, GFP_KERNEL); 459 if (!packet) 460 return -ENOMEM; 461 462 if (copy_from_user(&packet->mad, buf, hdr_size(file))) { 463 ret = -EFAULT; 464 goto err; 465 } 466 467 if (packet->mad.hdr.id >= IB_UMAD_MAX_AGENTS) { 468 ret = -EINVAL; 469 goto err; 470 } 471 472 buf += hdr_size(file); 473 474 if (copy_from_user(packet->mad.data, buf, IB_MGMT_RMPP_HDR)) { 475 ret = -EFAULT; 476 goto err; 477 } 478 479 mutex_lock(&file->mutex); 480 481 agent = __get_agent(file, packet->mad.hdr.id); 482 if (!agent) { 483 ret = -EINVAL; 484 goto err_up; 485 } 486 487 memset(&ah_attr, 0, sizeof ah_attr); 488 ah_attr.dlid = be16_to_cpu(packet->mad.hdr.lid); 489 ah_attr.sl = packet->mad.hdr.sl; 490 ah_attr.src_path_bits = packet->mad.hdr.path_bits; 491 ah_attr.port_num = file->port->port_num; 492 if (packet->mad.hdr.grh_present) { 493 ah_attr.ah_flags = IB_AH_GRH; 494 memcpy(ah_attr.grh.dgid.raw, packet->mad.hdr.gid, 16); 495 ah_attr.grh.sgid_index = packet->mad.hdr.gid_index; 496 ah_attr.grh.flow_label = be32_to_cpu(packet->mad.hdr.flow_label); 497 ah_attr.grh.hop_limit = packet->mad.hdr.hop_limit; 498 ah_attr.grh.traffic_class = packet->mad.hdr.traffic_class; 499 } 500 501 ah = ib_create_ah(agent->qp->pd, &ah_attr); 502 if (IS_ERR(ah)) { 503 ret = PTR_ERR(ah); 504 goto err_up; 505 } 506 507 rmpp_mad = (struct ib_rmpp_mad *) packet->mad.data; 508 hdr_len = ib_get_mad_data_offset(rmpp_mad->mad_hdr.mgmt_class); 509 510 if (ib_is_mad_class_rmpp(rmpp_mad->mad_hdr.mgmt_class) 511 && ib_mad_kernel_rmpp_agent(agent)) { 512 copy_offset = IB_MGMT_RMPP_HDR; 513 rmpp_active = ib_get_rmpp_flags(&rmpp_mad->rmpp_hdr) & 514 IB_MGMT_RMPP_FLAG_ACTIVE; 515 } else { 516 copy_offset = IB_MGMT_MAD_HDR; 517 rmpp_active = 0; 518 } 519 520 data_len = count - hdr_size(file) - hdr_len; 521 packet->msg = ib_create_send_mad(agent, 522 be32_to_cpu(packet->mad.hdr.qpn), 523 packet->mad.hdr.pkey_index, rmpp_active, 524 hdr_len, data_len, GFP_KERNEL); 525 if (IS_ERR(packet->msg)) { 526 ret = PTR_ERR(packet->msg); 527 goto err_ah; 528 } 529 530 packet->msg->ah = ah; 531 packet->msg->timeout_ms = packet->mad.hdr.timeout_ms; 532 packet->msg->retries = packet->mad.hdr.retries; 533 packet->msg->context[0] = packet; 534 535 /* Copy MAD header. Any RMPP header is already in place. */ 536 memcpy(packet->msg->mad, packet->mad.data, IB_MGMT_MAD_HDR); 537 538 if (!rmpp_active) { 539 if (copy_from_user(packet->msg->mad + copy_offset, 540 buf + copy_offset, 541 hdr_len + data_len - copy_offset)) { 542 ret = -EFAULT; 543 goto err_msg; 544 } 545 } else { 546 ret = copy_rmpp_mad(packet->msg, buf); 547 if (ret) 548 goto err_msg; 549 } 550 551 /* 552 * Set the high-order part of the transaction ID to make MADs from 553 * different agents unique, and allow routing responses back to the 554 * original requestor. 555 */ 556 if (!ib_response_mad(packet->msg->mad)) { 557 tid = &((struct ib_mad_hdr *) packet->msg->mad)->tid; 558 *tid = cpu_to_be64(((u64) agent->hi_tid) << 32 | 559 (be64_to_cpup(tid) & 0xffffffff)); 560 rmpp_mad->mad_hdr.tid = *tid; 561 } 562 563 if (!ib_mad_kernel_rmpp_agent(agent) 564 && ib_is_mad_class_rmpp(rmpp_mad->mad_hdr.mgmt_class) 565 && (ib_get_rmpp_flags(&rmpp_mad->rmpp_hdr) & IB_MGMT_RMPP_FLAG_ACTIVE)) { 566 spin_lock_irq(&file->send_lock); 567 list_add_tail(&packet->list, &file->send_list); 568 spin_unlock_irq(&file->send_lock); 569 } else { 570 spin_lock_irq(&file->send_lock); 571 ret = is_duplicate(file, packet); 572 if (!ret) 573 list_add_tail(&packet->list, &file->send_list); 574 spin_unlock_irq(&file->send_lock); 575 if (ret) { 576 ret = -EINVAL; 577 goto err_msg; 578 } 579 } 580 581 ret = ib_post_send_mad(packet->msg, NULL); 582 if (ret) 583 goto err_send; 584 585 mutex_unlock(&file->mutex); 586 return count; 587 588err_send: 589 dequeue_send(file, packet); 590err_msg: 591 ib_free_send_mad(packet->msg); 592err_ah: 593 ib_destroy_ah(ah); 594err_up: 595 mutex_unlock(&file->mutex); 596err: 597 kfree(packet); 598 return ret; 599} 600 601static unsigned int ib_umad_poll(struct file *filp, struct poll_table_struct *wait) 602{ 603 struct ib_umad_file *file = filp->private_data; 604 605 /* we will always be able to post a MAD send */ 606 unsigned int mask = POLLOUT | POLLWRNORM; 607 608 poll_wait(filp, &file->recv_wait, wait); 609 610 if (!list_empty(&file->recv_list)) 611 mask |= POLLIN | POLLRDNORM; 612 613 return mask; 614} 615 616static int ib_umad_reg_agent(struct ib_umad_file *file, void __user *arg, 617 int compat_method_mask) 618{ 619 struct ib_user_mad_reg_req ureq; 620 struct ib_mad_reg_req req; 621 struct ib_mad_agent *agent = NULL; 622 int agent_id; 623 int ret; 624 625 mutex_lock(&file->port->file_mutex); 626 mutex_lock(&file->mutex); 627 628 if (!file->port->ib_dev) { 629 dev_notice(file->port->dev, 630 "ib_umad_reg_agent: invalid device\n"); 631 ret = -EPIPE; 632 goto out; 633 } 634 635 if (copy_from_user(&ureq, arg, sizeof ureq)) { 636 ret = -EFAULT; 637 goto out; 638 } 639 640 if (ureq.qpn != 0 && ureq.qpn != 1) { 641 dev_notice(file->port->dev, 642 "ib_umad_reg_agent: invalid QPN %d specified\n", 643 ureq.qpn); 644 ret = -EINVAL; 645 goto out; 646 } 647 648 for (agent_id = 0; agent_id < IB_UMAD_MAX_AGENTS; ++agent_id) 649 if (!__get_agent(file, agent_id)) 650 goto found; 651 652 dev_notice(file->port->dev, 653 "ib_umad_reg_agent: Max Agents (%u) reached\n", 654 IB_UMAD_MAX_AGENTS); 655 ret = -ENOMEM; 656 goto out; 657 658found: 659 if (ureq.mgmt_class) { 660 memset(&req, 0, sizeof(req)); 661 req.mgmt_class = ureq.mgmt_class; 662 req.mgmt_class_version = ureq.mgmt_class_version; 663 memcpy(req.oui, ureq.oui, sizeof req.oui); 664 665 if (compat_method_mask) { 666 u32 *umm = (u32 *) ureq.method_mask; 667 int i; 668 669 for (i = 0; i < BITS_TO_LONGS(IB_MGMT_MAX_METHODS); ++i) 670 req.method_mask[i] = 671 umm[i * 2] | ((u64) umm[i * 2 + 1] << 32); 672 } else 673 memcpy(req.method_mask, ureq.method_mask, 674 sizeof req.method_mask); 675 } 676 677 agent = ib_register_mad_agent(file->port->ib_dev, file->port->port_num, 678 ureq.qpn ? IB_QPT_GSI : IB_QPT_SMI, 679 ureq.mgmt_class ? &req : NULL, 680 ureq.rmpp_version, 681 send_handler, recv_handler, file, 0); 682 if (IS_ERR(agent)) { 683 ret = PTR_ERR(agent); 684 agent = NULL; 685 goto out; 686 } 687 688 if (put_user(agent_id, 689 (u32 __user *) (arg + offsetof(struct ib_user_mad_reg_req, id)))) { 690 ret = -EFAULT; 691 goto out; 692 } 693 694 if (!file->already_used) { 695 file->already_used = 1; 696 if (!file->use_pkey_index) { 697 dev_warn(file->port->dev, 698 "process %s did not enable P_Key index support.\n", 699 current->comm); 700 dev_warn(file->port->dev, 701 " Documentation/infiniband/user_mad.txt has info on the new ABI.\n"); 702 } 703 } 704 705 file->agent[agent_id] = agent; 706 ret = 0; 707 708out: 709 mutex_unlock(&file->mutex); 710 711 if (ret && agent) 712 ib_unregister_mad_agent(agent); 713 714 mutex_unlock(&file->port->file_mutex); 715 716 return ret; 717} 718 719static int ib_umad_reg_agent2(struct ib_umad_file *file, void __user *arg) 720{ 721 struct ib_user_mad_reg_req2 ureq; 722 struct ib_mad_reg_req req; 723 struct ib_mad_agent *agent = NULL; 724 int agent_id; 725 int ret; 726 727 mutex_lock(&file->port->file_mutex); 728 mutex_lock(&file->mutex); 729 730 if (!file->port->ib_dev) { 731 dev_notice(file->port->dev, 732 "ib_umad_reg_agent2: invalid device\n"); 733 ret = -EPIPE; 734 goto out; 735 } 736 737 if (copy_from_user(&ureq, arg, sizeof(ureq))) { 738 ret = -EFAULT; 739 goto out; 740 } 741 742 if (ureq.qpn != 0 && ureq.qpn != 1) { 743 dev_notice(file->port->dev, 744 "ib_umad_reg_agent2: invalid QPN %d specified\n", 745 ureq.qpn); 746 ret = -EINVAL; 747 goto out; 748 } 749 750 if (ureq.flags & ~IB_USER_MAD_REG_FLAGS_CAP) { 751 dev_notice(file->port->dev, 752 "ib_umad_reg_agent2 failed: invalid registration flags specified 0x%x; supported 0x%x\n", 753 ureq.flags, IB_USER_MAD_REG_FLAGS_CAP); 754 ret = -EINVAL; 755 756 if (put_user((u32)IB_USER_MAD_REG_FLAGS_CAP, 757 (u32 __user *) (arg + offsetof(struct 758 ib_user_mad_reg_req2, flags)))) 759 ret = -EFAULT; 760 761 goto out; 762 } 763 764 for (agent_id = 0; agent_id < IB_UMAD_MAX_AGENTS; ++agent_id) 765 if (!__get_agent(file, agent_id)) 766 goto found; 767 768 dev_notice(file->port->dev, 769 "ib_umad_reg_agent2: Max Agents (%u) reached\n", 770 IB_UMAD_MAX_AGENTS); 771 ret = -ENOMEM; 772 goto out; 773 774found: 775 if (ureq.mgmt_class) { 776 memset(&req, 0, sizeof(req)); 777 req.mgmt_class = ureq.mgmt_class; 778 req.mgmt_class_version = ureq.mgmt_class_version; 779 if (ureq.oui & 0xff000000) { 780 dev_notice(file->port->dev, 781 "ib_umad_reg_agent2 failed: oui invalid 0x%08x\n", 782 ureq.oui); 783 ret = -EINVAL; 784 goto out; 785 } 786 req.oui[2] = ureq.oui & 0x0000ff; 787 req.oui[1] = (ureq.oui & 0x00ff00) >> 8; 788 req.oui[0] = (ureq.oui & 0xff0000) >> 16; 789 memcpy(req.method_mask, ureq.method_mask, 790 sizeof(req.method_mask)); 791 } 792 793 agent = ib_register_mad_agent(file->port->ib_dev, file->port->port_num, 794 ureq.qpn ? IB_QPT_GSI : IB_QPT_SMI, 795 ureq.mgmt_class ? &req : NULL, 796 ureq.rmpp_version, 797 send_handler, recv_handler, file, 798 ureq.flags); 799 if (IS_ERR(agent)) { 800 ret = PTR_ERR(agent); 801 agent = NULL; 802 goto out; 803 } 804 805 if (put_user(agent_id, 806 (u32 __user *)(arg + 807 offsetof(struct ib_user_mad_reg_req2, id)))) { 808 ret = -EFAULT; 809 goto out; 810 } 811 812 if (!file->already_used) { 813 file->already_used = 1; 814 file->use_pkey_index = 1; 815 } 816 817 file->agent[agent_id] = agent; 818 ret = 0; 819 820out: 821 mutex_unlock(&file->mutex); 822 823 if (ret && agent) 824 ib_unregister_mad_agent(agent); 825 826 mutex_unlock(&file->port->file_mutex); 827 828 return ret; 829} 830 831 832static int ib_umad_unreg_agent(struct ib_umad_file *file, u32 __user *arg) 833{ 834 struct ib_mad_agent *agent = NULL; 835 u32 id; 836 int ret = 0; 837 838 if (get_user(id, arg)) 839 return -EFAULT; 840 841 mutex_lock(&file->port->file_mutex); 842 mutex_lock(&file->mutex); 843 844 if (id >= IB_UMAD_MAX_AGENTS || !__get_agent(file, id)) { 845 ret = -EINVAL; 846 goto out; 847 } 848 849 agent = file->agent[id]; 850 file->agent[id] = NULL; 851 852out: 853 mutex_unlock(&file->mutex); 854 855 if (agent) 856 ib_unregister_mad_agent(agent); 857 858 mutex_unlock(&file->port->file_mutex); 859 860 return ret; 861} 862 863static long ib_umad_enable_pkey(struct ib_umad_file *file) 864{ 865 int ret = 0; 866 867 mutex_lock(&file->mutex); 868 if (file->already_used) 869 ret = -EINVAL; 870 else 871 file->use_pkey_index = 1; 872 mutex_unlock(&file->mutex); 873 874 return ret; 875} 876 877static long ib_umad_ioctl(struct file *filp, unsigned int cmd, 878 unsigned long arg) 879{ 880 switch (cmd) { 881 case IB_USER_MAD_REGISTER_AGENT: 882 return ib_umad_reg_agent(filp->private_data, (void __user *) arg, 0); 883 case IB_USER_MAD_UNREGISTER_AGENT: 884 return ib_umad_unreg_agent(filp->private_data, (__u32 __user *) arg); 885 case IB_USER_MAD_ENABLE_PKEY: 886 return ib_umad_enable_pkey(filp->private_data); 887 case IB_USER_MAD_REGISTER_AGENT2: 888 return ib_umad_reg_agent2(filp->private_data, (void __user *) arg); 889 default: 890 return -ENOIOCTLCMD; 891 } 892} 893 894#ifdef CONFIG_COMPAT 895static long ib_umad_compat_ioctl(struct file *filp, unsigned int cmd, 896 unsigned long arg) 897{ 898 switch (cmd) { 899 case IB_USER_MAD_REGISTER_AGENT: 900 return ib_umad_reg_agent(filp->private_data, compat_ptr(arg), 1); 901 case IB_USER_MAD_UNREGISTER_AGENT: 902 return ib_umad_unreg_agent(filp->private_data, compat_ptr(arg)); 903 case IB_USER_MAD_ENABLE_PKEY: 904 return ib_umad_enable_pkey(filp->private_data); 905 case IB_USER_MAD_REGISTER_AGENT2: 906 return ib_umad_reg_agent2(filp->private_data, compat_ptr(arg)); 907 default: 908 return -ENOIOCTLCMD; 909 } 910} 911#endif 912 913/* 914 * ib_umad_open() does not need the BKL: 915 * 916 * - the ib_umad_port structures are properly reference counted, and 917 * everything else is purely local to the file being created, so 918 * races against other open calls are not a problem; 919 * - the ioctl method does not affect any global state outside of the 920 * file structure being operated on; 921 */ 922static int ib_umad_open(struct inode *inode, struct file *filp) 923{ 924 struct ib_umad_port *port; 925 struct ib_umad_file *file; 926 int ret = -ENXIO; 927 928 port = container_of(inode->i_cdev, struct ib_umad_port, cdev); 929 930 mutex_lock(&port->file_mutex); 931 932 if (!port->ib_dev) 933 goto out; 934 935 ret = -ENOMEM; 936 file = kzalloc(sizeof *file, GFP_KERNEL); 937 if (!file) 938 goto out; 939 940 mutex_init(&file->mutex); 941 spin_lock_init(&file->send_lock); 942 INIT_LIST_HEAD(&file->recv_list); 943 INIT_LIST_HEAD(&file->send_list); 944 init_waitqueue_head(&file->recv_wait); 945 946 file->port = port; 947 filp->private_data = file; 948 949 list_add_tail(&file->port_list, &port->file_list); 950 951 ret = nonseekable_open(inode, filp); 952 if (ret) { 953 list_del(&file->port_list); 954 kfree(file); 955 goto out; 956 } 957 958 kobject_get(&port->umad_dev->kobj); 959 960out: 961 mutex_unlock(&port->file_mutex); 962 return ret; 963} 964 965static int ib_umad_close(struct inode *inode, struct file *filp) 966{ 967 struct ib_umad_file *file = filp->private_data; 968 struct ib_umad_device *dev = file->port->umad_dev; 969 struct ib_umad_packet *packet, *tmp; 970 int already_dead; 971 int i; 972 973 mutex_lock(&file->port->file_mutex); 974 mutex_lock(&file->mutex); 975 976 already_dead = file->agents_dead; 977 file->agents_dead = 1; 978 979 list_for_each_entry_safe(packet, tmp, &file->recv_list, list) { 980 if (packet->recv_wc) 981 ib_free_recv_mad(packet->recv_wc); 982 kfree(packet); 983 } 984 985 list_del(&file->port_list); 986 987 mutex_unlock(&file->mutex); 988 989 if (!already_dead) 990 for (i = 0; i < IB_UMAD_MAX_AGENTS; ++i) 991 if (file->agent[i]) 992 ib_unregister_mad_agent(file->agent[i]); 993 994 mutex_unlock(&file->port->file_mutex); 995 996 kfree(file); 997 kobject_put(&dev->kobj); 998 999 return 0; 1000} 1001 1002static const struct file_operations umad_fops = { 1003 .owner = THIS_MODULE, 1004 .read = ib_umad_read, 1005 .write = ib_umad_write, 1006 .poll = ib_umad_poll, 1007 .unlocked_ioctl = ib_umad_ioctl, 1008#ifdef CONFIG_COMPAT 1009 .compat_ioctl = ib_umad_compat_ioctl, 1010#endif 1011 .open = ib_umad_open, 1012 .release = ib_umad_close, 1013 .llseek = no_llseek, 1014}; 1015 1016static int ib_umad_sm_open(struct inode *inode, struct file *filp) 1017{ 1018 struct ib_umad_port *port; 1019 struct ib_port_modify props = { 1020 .set_port_cap_mask = IB_PORT_SM 1021 }; 1022 int ret; 1023 1024 port = container_of(inode->i_cdev, struct ib_umad_port, sm_cdev); 1025 1026 if (filp->f_flags & O_NONBLOCK) { 1027 if (down_trylock(&port->sm_sem)) { 1028 ret = -EAGAIN; 1029 goto fail; 1030 } 1031 } else { 1032 if (down_interruptible(&port->sm_sem)) { 1033 ret = -ERESTARTSYS; 1034 goto fail; 1035 } 1036 } 1037 1038 ret = ib_modify_port(port->ib_dev, port->port_num, 0, &props); 1039 if (ret) 1040 goto err_up_sem; 1041 1042 filp->private_data = port; 1043 1044 ret = nonseekable_open(inode, filp); 1045 if (ret) 1046 goto err_clr_sm_cap; 1047 1048 kobject_get(&port->umad_dev->kobj); 1049 1050 return 0; 1051 1052err_clr_sm_cap: 1053 swap(props.set_port_cap_mask, props.clr_port_cap_mask); 1054 ib_modify_port(port->ib_dev, port->port_num, 0, &props); 1055 1056err_up_sem: 1057 up(&port->sm_sem); 1058 1059fail: 1060 return ret; 1061} 1062 1063static int ib_umad_sm_close(struct inode *inode, struct file *filp) 1064{ 1065 struct ib_umad_port *port = filp->private_data; 1066 struct ib_port_modify props = { 1067 .clr_port_cap_mask = IB_PORT_SM 1068 }; 1069 int ret = 0; 1070 1071 mutex_lock(&port->file_mutex); 1072 if (port->ib_dev) 1073 ret = ib_modify_port(port->ib_dev, port->port_num, 0, &props); 1074 mutex_unlock(&port->file_mutex); 1075 1076 up(&port->sm_sem); 1077 1078 kobject_put(&port->umad_dev->kobj); 1079 1080 return ret; 1081} 1082 1083static const struct file_operations umad_sm_fops = { 1084 .owner = THIS_MODULE, 1085 .open = ib_umad_sm_open, 1086 .release = ib_umad_sm_close, 1087 .llseek = no_llseek, 1088}; 1089 1090static struct ib_client umad_client = { 1091 .name = "umad", 1092 .add = ib_umad_add_one, 1093 .remove = ib_umad_remove_one 1094}; 1095 1096static ssize_t show_ibdev(struct device *dev, struct device_attribute *attr, 1097 char *buf) 1098{ 1099 struct ib_umad_port *port = dev_get_drvdata(dev); 1100 1101 if (!port) 1102 return -ENODEV; 1103 1104 return sprintf(buf, "%s\n", port->ib_dev->name); 1105} 1106static DEVICE_ATTR(ibdev, S_IRUGO, show_ibdev, NULL); 1107 1108static ssize_t show_port(struct device *dev, struct device_attribute *attr, 1109 char *buf) 1110{ 1111 struct ib_umad_port *port = dev_get_drvdata(dev); 1112 1113 if (!port) 1114 return -ENODEV; 1115 1116 return sprintf(buf, "%d\n", port->port_num); 1117} 1118static DEVICE_ATTR(port, S_IRUGO, show_port, NULL); 1119 1120static CLASS_ATTR_STRING(abi_version, S_IRUGO, 1121 __stringify(IB_USER_MAD_ABI_VERSION)); 1122 1123static dev_t overflow_maj; 1124static DECLARE_BITMAP(overflow_map, IB_UMAD_MAX_PORTS); 1125static int find_overflow_devnum(struct ib_device *device) 1126{ 1127 int ret; 1128 1129 if (!overflow_maj) { 1130 ret = alloc_chrdev_region(&overflow_maj, 0, IB_UMAD_MAX_PORTS * 2, 1131 "infiniband_mad"); 1132 if (ret) { 1133 dev_err(&device->dev, 1134 "couldn't register dynamic device number\n"); 1135 return ret; 1136 } 1137 } 1138 1139 ret = find_first_zero_bit(overflow_map, IB_UMAD_MAX_PORTS); 1140 if (ret >= IB_UMAD_MAX_PORTS) 1141 return -1; 1142 1143 return ret; 1144} 1145 1146static int ib_umad_init_port(struct ib_device *device, int port_num, 1147 struct ib_umad_device *umad_dev, 1148 struct ib_umad_port *port) 1149{ 1150 int devnum; 1151 dev_t base; 1152 1153 spin_lock(&port_lock); 1154 devnum = find_first_zero_bit(dev_map, IB_UMAD_MAX_PORTS); 1155 if (devnum >= IB_UMAD_MAX_PORTS) { 1156 spin_unlock(&port_lock); 1157 devnum = find_overflow_devnum(device); 1158 if (devnum < 0) 1159 return -1; 1160 1161 spin_lock(&port_lock); 1162 port->dev_num = devnum + IB_UMAD_MAX_PORTS; 1163 base = devnum + overflow_maj; 1164 set_bit(devnum, overflow_map); 1165 } else { 1166 port->dev_num = devnum; 1167 base = devnum + base_dev; 1168 set_bit(devnum, dev_map); 1169 } 1170 spin_unlock(&port_lock); 1171 1172 port->ib_dev = device; 1173 port->port_num = port_num; 1174 sema_init(&port->sm_sem, 1); 1175 mutex_init(&port->file_mutex); 1176 INIT_LIST_HEAD(&port->file_list); 1177 1178 cdev_init(&port->cdev, &umad_fops); 1179 port->cdev.owner = THIS_MODULE; 1180 port->cdev.kobj.parent = &umad_dev->kobj; 1181 kobject_set_name(&port->cdev.kobj, "umad%d", port->dev_num); 1182 if (cdev_add(&port->cdev, base, 1)) 1183 goto err_cdev; 1184 1185 port->dev = device_create(umad_class, device->dma_device, 1186 port->cdev.dev, port, 1187 "umad%d", port->dev_num); 1188 if (IS_ERR(port->dev)) 1189 goto err_cdev; 1190 1191 if (device_create_file(port->dev, &dev_attr_ibdev)) 1192 goto err_dev; 1193 if (device_create_file(port->dev, &dev_attr_port)) 1194 goto err_dev; 1195 1196 base += IB_UMAD_MAX_PORTS; 1197 cdev_init(&port->sm_cdev, &umad_sm_fops); 1198 port->sm_cdev.owner = THIS_MODULE; 1199 port->sm_cdev.kobj.parent = &umad_dev->kobj; 1200 kobject_set_name(&port->sm_cdev.kobj, "issm%d", port->dev_num); 1201 if (cdev_add(&port->sm_cdev, base, 1)) 1202 goto err_sm_cdev; 1203 1204 port->sm_dev = device_create(umad_class, device->dma_device, 1205 port->sm_cdev.dev, port, 1206 "issm%d", port->dev_num); 1207 if (IS_ERR(port->sm_dev)) 1208 goto err_sm_cdev; 1209 1210 if (device_create_file(port->sm_dev, &dev_attr_ibdev)) 1211 goto err_sm_dev; 1212 if (device_create_file(port->sm_dev, &dev_attr_port)) 1213 goto err_sm_dev; 1214 1215 return 0; 1216 1217err_sm_dev: 1218 device_destroy(umad_class, port->sm_cdev.dev); 1219 1220err_sm_cdev: 1221 cdev_del(&port->sm_cdev); 1222 1223err_dev: 1224 device_destroy(umad_class, port->cdev.dev); 1225 1226err_cdev: 1227 cdev_del(&port->cdev); 1228 if (port->dev_num < IB_UMAD_MAX_PORTS) 1229 clear_bit(devnum, dev_map); 1230 else 1231 clear_bit(devnum, overflow_map); 1232 1233 return -1; 1234} 1235 1236static void ib_umad_kill_port(struct ib_umad_port *port) 1237{ 1238 struct ib_umad_file *file; 1239 int id; 1240 1241 dev_set_drvdata(port->dev, NULL); 1242 dev_set_drvdata(port->sm_dev, NULL); 1243 1244 device_destroy(umad_class, port->cdev.dev); 1245 device_destroy(umad_class, port->sm_cdev.dev); 1246 1247 cdev_del(&port->cdev); 1248 cdev_del(&port->sm_cdev); 1249 1250 mutex_lock(&port->file_mutex); 1251 1252 port->ib_dev = NULL; 1253 1254 list_for_each_entry(file, &port->file_list, port_list) { 1255 mutex_lock(&file->mutex); 1256 file->agents_dead = 1; 1257 mutex_unlock(&file->mutex); 1258 1259 for (id = 0; id < IB_UMAD_MAX_AGENTS; ++id) 1260 if (file->agent[id]) 1261 ib_unregister_mad_agent(file->agent[id]); 1262 } 1263 1264 mutex_unlock(&port->file_mutex); 1265 1266 if (port->dev_num < IB_UMAD_MAX_PORTS) 1267 clear_bit(port->dev_num, dev_map); 1268 else 1269 clear_bit(port->dev_num - IB_UMAD_MAX_PORTS, overflow_map); 1270} 1271 1272static void ib_umad_add_one(struct ib_device *device) 1273{ 1274 struct ib_umad_device *umad_dev; 1275 int s, e, i; 1276 1277 if (rdma_node_get_transport(device->node_type) != RDMA_TRANSPORT_IB) 1278 return; 1279 1280 if (device->node_type == RDMA_NODE_IB_SWITCH) 1281 s = e = 0; 1282 else { 1283 s = 1; 1284 e = device->phys_port_cnt; 1285 } 1286 1287 umad_dev = kzalloc(sizeof *umad_dev + 1288 (e - s + 1) * sizeof (struct ib_umad_port), 1289 GFP_KERNEL); 1290 if (!umad_dev) 1291 return; 1292 1293 kobject_init(&umad_dev->kobj, &ib_umad_dev_ktype); 1294 1295 umad_dev->start_port = s; 1296 umad_dev->end_port = e; 1297 1298 for (i = s; i <= e; ++i) { 1299 umad_dev->port[i - s].umad_dev = umad_dev; 1300 1301 if (ib_umad_init_port(device, i, umad_dev, 1302 &umad_dev->port[i - s])) 1303 goto err; 1304 } 1305 1306 ib_set_client_data(device, &umad_client, umad_dev); 1307 1308 return; 1309 1310err: 1311 while (--i >= s) 1312 ib_umad_kill_port(&umad_dev->port[i - s]); 1313 1314 kobject_put(&umad_dev->kobj); 1315} 1316 1317static void ib_umad_remove_one(struct ib_device *device) 1318{ 1319 struct ib_umad_device *umad_dev = ib_get_client_data(device, &umad_client); 1320 int i; 1321 1322 if (!umad_dev) 1323 return; 1324 1325 for (i = 0; i <= umad_dev->end_port - umad_dev->start_port; ++i) 1326 ib_umad_kill_port(&umad_dev->port[i]); 1327 1328 kobject_put(&umad_dev->kobj); 1329} 1330 1331static char *umad_devnode(struct device *dev, umode_t *mode) 1332{ 1333 return kasprintf(GFP_KERNEL, "infiniband/%s", dev_name(dev)); 1334} 1335 1336static int __init ib_umad_init(void) 1337{ 1338 int ret; 1339 1340 ret = register_chrdev_region(base_dev, IB_UMAD_MAX_PORTS * 2, 1341 "infiniband_mad"); 1342 if (ret) { 1343 pr_err("couldn't register device number\n"); 1344 goto out; 1345 } 1346 1347 umad_class = class_create(THIS_MODULE, "infiniband_mad"); 1348 if (IS_ERR(umad_class)) { 1349 ret = PTR_ERR(umad_class); 1350 pr_err("couldn't create class infiniband_mad\n"); 1351 goto out_chrdev; 1352 } 1353 1354 umad_class->devnode = umad_devnode; 1355 1356 ret = class_create_file(umad_class, &class_attr_abi_version.attr); 1357 if (ret) { 1358 pr_err("couldn't create abi_version attribute\n"); 1359 goto out_class; 1360 } 1361 1362 ret = ib_register_client(&umad_client); 1363 if (ret) { 1364 pr_err("couldn't register ib_umad client\n"); 1365 goto out_class; 1366 } 1367 1368 return 0; 1369 1370out_class: 1371 class_destroy(umad_class); 1372 1373out_chrdev: 1374 unregister_chrdev_region(base_dev, IB_UMAD_MAX_PORTS * 2); 1375 1376out: 1377 return ret; 1378} 1379 1380static void __exit ib_umad_cleanup(void) 1381{ 1382 ib_unregister_client(&umad_client); 1383 class_destroy(umad_class); 1384 unregister_chrdev_region(base_dev, IB_UMAD_MAX_PORTS * 2); 1385 if (overflow_maj) 1386 unregister_chrdev_region(overflow_maj, IB_UMAD_MAX_PORTS * 2); 1387} 1388 1389module_init(ib_umad_init); 1390module_exit(ib_umad_cleanup); 1391