1 /*
2 * Copyright (c) 2005 Topspin Communications. All rights reserved.
3 * Copyright (c) 2005 Intel Corporation. All rights reserved.
4 *
5 * This software is available to you under a choice of one of two
6 * licenses. You may choose to be licensed under the terms of the GNU
7 * General Public License (GPL) Version 2, available from the file
8 * COPYING in the main directory of this source tree, or the
9 * OpenIB.org BSD license below:
10 *
11 * Redistribution and use in source and binary forms, with or
12 * without modification, are permitted provided that the following
13 * conditions are met:
14 *
15 * - Redistributions of source code must retain the above
16 * copyright notice, this list of conditions and the following
17 * disclaimer.
18 *
19 * - Redistributions in binary form must reproduce the above
20 * copyright notice, this list of conditions and the following
21 * disclaimer in the documentation and/or other materials
22 * provided with the distribution.
23 *
24 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
25 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
26 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
27 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
28 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
29 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
30 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
31 * SOFTWARE.
32 */
33
34 #include <linux/completion.h>
35 #include <linux/init.h>
36 #include <linux/fs.h>
37 #include <linux/module.h>
38 #include <linux/device.h>
39 #include <linux/err.h>
40 #include <linux/poll.h>
41 #include <linux/sched.h>
42 #include <linux/file.h>
43 #include <linux/mount.h>
44 #include <linux/cdev.h>
45 #include <linux/idr.h>
46 #include <linux/mutex.h>
47 #include <linux/slab.h>
48
49 #include <linux/nospec.h>
50
51 #include <linux/uaccess.h>
52
53 #include <rdma/ib.h>
54 #include <rdma/ib_cm.h>
55 #include <rdma/ib_user_cm.h>
56 #include <rdma/ib_marshall.h>
57
58 MODULE_AUTHOR("Libor Michalek");
59 MODULE_DESCRIPTION("InfiniBand userspace Connection Manager access");
60 MODULE_LICENSE("Dual BSD/GPL");
61
62 struct ib_ucm_device {
63 int devnum;
64 struct cdev cdev;
65 struct device dev;
66 struct ib_device *ib_dev;
67 };
68
69 struct ib_ucm_file {
70 struct mutex file_mutex;
71 struct file *filp;
72 struct ib_ucm_device *device;
73
74 struct list_head ctxs;
75 struct list_head events;
76 wait_queue_head_t poll_wait;
77 };
78
79 struct ib_ucm_context {
80 int id;
81 struct completion comp;
82 atomic_t ref;
83 int events_reported;
84
85 struct ib_ucm_file *file;
86 struct ib_cm_id *cm_id;
87 __u64 uid;
88
89 struct list_head events; /* list of pending events. */
90 struct list_head file_list; /* member in file ctx list */
91 };
92
93 struct ib_ucm_event {
94 struct ib_ucm_context *ctx;
95 struct list_head file_list; /* member in file event list */
96 struct list_head ctx_list; /* member in ctx event list */
97
98 struct ib_cm_id *cm_id;
99 struct ib_ucm_event_resp resp;
100 void *data;
101 void *info;
102 int data_len;
103 int info_len;
104 };
105
106 enum {
107 IB_UCM_MAJOR = 231,
108 IB_UCM_BASE_MINOR = 224,
109 IB_UCM_MAX_DEVICES = 32
110 };
111
112 #define IB_UCM_BASE_DEV MKDEV(IB_UCM_MAJOR, IB_UCM_BASE_MINOR)
113
114 static void ib_ucm_add_one(struct ib_device *device);
115 static void ib_ucm_remove_one(struct ib_device *device, void *client_data);
116
117 static struct ib_client ucm_client = {
118 .name = "ucm",
119 .add = ib_ucm_add_one,
120 .remove = ib_ucm_remove_one
121 };
122
123 static DEFINE_MUTEX(ctx_id_mutex);
124 static DEFINE_IDR(ctx_id_table);
125 static DECLARE_BITMAP(dev_map, IB_UCM_MAX_DEVICES);
126
ib_ucm_ctx_get(struct ib_ucm_file * file,int id)127 static struct ib_ucm_context *ib_ucm_ctx_get(struct ib_ucm_file *file, int id)
128 {
129 struct ib_ucm_context *ctx;
130
131 mutex_lock(&ctx_id_mutex);
132 ctx = idr_find(&ctx_id_table, id);
133 if (!ctx)
134 ctx = ERR_PTR(-ENOENT);
135 else if (ctx->file != file)
136 ctx = ERR_PTR(-EINVAL);
137 else
138 atomic_inc(&ctx->ref);
139 mutex_unlock(&ctx_id_mutex);
140
141 return ctx;
142 }
143
ib_ucm_ctx_put(struct ib_ucm_context * ctx)144 static void ib_ucm_ctx_put(struct ib_ucm_context *ctx)
145 {
146 if (atomic_dec_and_test(&ctx->ref))
147 complete(&ctx->comp);
148 }
149
ib_ucm_new_cm_id(int event)150 static inline int ib_ucm_new_cm_id(int event)
151 {
152 return event == IB_CM_REQ_RECEIVED || event == IB_CM_SIDR_REQ_RECEIVED;
153 }
154
ib_ucm_cleanup_events(struct ib_ucm_context * ctx)155 static void ib_ucm_cleanup_events(struct ib_ucm_context *ctx)
156 {
157 struct ib_ucm_event *uevent;
158
159 mutex_lock(&ctx->file->file_mutex);
160 list_del(&ctx->file_list);
161 while (!list_empty(&ctx->events)) {
162
163 uevent = list_entry(ctx->events.next,
164 struct ib_ucm_event, ctx_list);
165 list_del(&uevent->file_list);
166 list_del(&uevent->ctx_list);
167 mutex_unlock(&ctx->file->file_mutex);
168
169 /* clear incoming connections. */
170 if (ib_ucm_new_cm_id(uevent->resp.event))
171 ib_destroy_cm_id(uevent->cm_id);
172
173 kfree(uevent);
174 mutex_lock(&ctx->file->file_mutex);
175 }
176 mutex_unlock(&ctx->file->file_mutex);
177 }
178
ib_ucm_ctx_alloc(struct ib_ucm_file * file)179 static struct ib_ucm_context *ib_ucm_ctx_alloc(struct ib_ucm_file *file)
180 {
181 struct ib_ucm_context *ctx;
182
183 ctx = kzalloc(sizeof *ctx, GFP_KERNEL);
184 if (!ctx)
185 return NULL;
186
187 atomic_set(&ctx->ref, 1);
188 init_completion(&ctx->comp);
189 ctx->file = file;
190 INIT_LIST_HEAD(&ctx->events);
191
192 mutex_lock(&ctx_id_mutex);
193 ctx->id = idr_alloc(&ctx_id_table, ctx, 0, 0, GFP_KERNEL);
194 mutex_unlock(&ctx_id_mutex);
195 if (ctx->id < 0)
196 goto error;
197
198 list_add_tail(&ctx->file_list, &file->ctxs);
199 return ctx;
200
201 error:
202 kfree(ctx);
203 return NULL;
204 }
205
ib_ucm_event_req_get(struct ib_ucm_req_event_resp * ureq,struct ib_cm_req_event_param * kreq)206 static void ib_ucm_event_req_get(struct ib_ucm_req_event_resp *ureq,
207 struct ib_cm_req_event_param *kreq)
208 {
209 ureq->remote_ca_guid = kreq->remote_ca_guid;
210 ureq->remote_qkey = kreq->remote_qkey;
211 ureq->remote_qpn = kreq->remote_qpn;
212 ureq->qp_type = kreq->qp_type;
213 ureq->starting_psn = kreq->starting_psn;
214 ureq->responder_resources = kreq->responder_resources;
215 ureq->initiator_depth = kreq->initiator_depth;
216 ureq->local_cm_response_timeout = kreq->local_cm_response_timeout;
217 ureq->flow_control = kreq->flow_control;
218 ureq->remote_cm_response_timeout = kreq->remote_cm_response_timeout;
219 ureq->retry_count = kreq->retry_count;
220 ureq->rnr_retry_count = kreq->rnr_retry_count;
221 ureq->srq = kreq->srq;
222 ureq->port = kreq->port;
223
224 ib_copy_path_rec_to_user(&ureq->primary_path, kreq->primary_path);
225 if (kreq->alternate_path)
226 ib_copy_path_rec_to_user(&ureq->alternate_path,
227 kreq->alternate_path);
228 }
229
ib_ucm_event_rep_get(struct ib_ucm_rep_event_resp * urep,struct ib_cm_rep_event_param * krep)230 static void ib_ucm_event_rep_get(struct ib_ucm_rep_event_resp *urep,
231 struct ib_cm_rep_event_param *krep)
232 {
233 urep->remote_ca_guid = krep->remote_ca_guid;
234 urep->remote_qkey = krep->remote_qkey;
235 urep->remote_qpn = krep->remote_qpn;
236 urep->starting_psn = krep->starting_psn;
237 urep->responder_resources = krep->responder_resources;
238 urep->initiator_depth = krep->initiator_depth;
239 urep->target_ack_delay = krep->target_ack_delay;
240 urep->failover_accepted = krep->failover_accepted;
241 urep->flow_control = krep->flow_control;
242 urep->rnr_retry_count = krep->rnr_retry_count;
243 urep->srq = krep->srq;
244 }
245
ib_ucm_event_sidr_rep_get(struct ib_ucm_sidr_rep_event_resp * urep,struct ib_cm_sidr_rep_event_param * krep)246 static void ib_ucm_event_sidr_rep_get(struct ib_ucm_sidr_rep_event_resp *urep,
247 struct ib_cm_sidr_rep_event_param *krep)
248 {
249 urep->status = krep->status;
250 urep->qkey = krep->qkey;
251 urep->qpn = krep->qpn;
252 };
253
ib_ucm_event_process(struct ib_cm_event * evt,struct ib_ucm_event * uvt)254 static int ib_ucm_event_process(struct ib_cm_event *evt,
255 struct ib_ucm_event *uvt)
256 {
257 void *info = NULL;
258
259 switch (evt->event) {
260 case IB_CM_REQ_RECEIVED:
261 ib_ucm_event_req_get(&uvt->resp.u.req_resp,
262 &evt->param.req_rcvd);
263 uvt->data_len = IB_CM_REQ_PRIVATE_DATA_SIZE;
264 uvt->resp.present = IB_UCM_PRES_PRIMARY;
265 uvt->resp.present |= (evt->param.req_rcvd.alternate_path ?
266 IB_UCM_PRES_ALTERNATE : 0);
267 break;
268 case IB_CM_REP_RECEIVED:
269 ib_ucm_event_rep_get(&uvt->resp.u.rep_resp,
270 &evt->param.rep_rcvd);
271 uvt->data_len = IB_CM_REP_PRIVATE_DATA_SIZE;
272 break;
273 case IB_CM_RTU_RECEIVED:
274 uvt->data_len = IB_CM_RTU_PRIVATE_DATA_SIZE;
275 uvt->resp.u.send_status = evt->param.send_status;
276 break;
277 case IB_CM_DREQ_RECEIVED:
278 uvt->data_len = IB_CM_DREQ_PRIVATE_DATA_SIZE;
279 uvt->resp.u.send_status = evt->param.send_status;
280 break;
281 case IB_CM_DREP_RECEIVED:
282 uvt->data_len = IB_CM_DREP_PRIVATE_DATA_SIZE;
283 uvt->resp.u.send_status = evt->param.send_status;
284 break;
285 case IB_CM_MRA_RECEIVED:
286 uvt->resp.u.mra_resp.timeout =
287 evt->param.mra_rcvd.service_timeout;
288 uvt->data_len = IB_CM_MRA_PRIVATE_DATA_SIZE;
289 break;
290 case IB_CM_REJ_RECEIVED:
291 uvt->resp.u.rej_resp.reason = evt->param.rej_rcvd.reason;
292 uvt->data_len = IB_CM_REJ_PRIVATE_DATA_SIZE;
293 uvt->info_len = evt->param.rej_rcvd.ari_length;
294 info = evt->param.rej_rcvd.ari;
295 break;
296 case IB_CM_LAP_RECEIVED:
297 ib_copy_path_rec_to_user(&uvt->resp.u.lap_resp.path,
298 evt->param.lap_rcvd.alternate_path);
299 uvt->data_len = IB_CM_LAP_PRIVATE_DATA_SIZE;
300 uvt->resp.present = IB_UCM_PRES_ALTERNATE;
301 break;
302 case IB_CM_APR_RECEIVED:
303 uvt->resp.u.apr_resp.status = evt->param.apr_rcvd.ap_status;
304 uvt->data_len = IB_CM_APR_PRIVATE_DATA_SIZE;
305 uvt->info_len = evt->param.apr_rcvd.info_len;
306 info = evt->param.apr_rcvd.apr_info;
307 break;
308 case IB_CM_SIDR_REQ_RECEIVED:
309 uvt->resp.u.sidr_req_resp.pkey =
310 evt->param.sidr_req_rcvd.pkey;
311 uvt->resp.u.sidr_req_resp.port =
312 evt->param.sidr_req_rcvd.port;
313 uvt->data_len = IB_CM_SIDR_REQ_PRIVATE_DATA_SIZE;
314 break;
315 case IB_CM_SIDR_REP_RECEIVED:
316 ib_ucm_event_sidr_rep_get(&uvt->resp.u.sidr_rep_resp,
317 &evt->param.sidr_rep_rcvd);
318 uvt->data_len = IB_CM_SIDR_REP_PRIVATE_DATA_SIZE;
319 uvt->info_len = evt->param.sidr_rep_rcvd.info_len;
320 info = evt->param.sidr_rep_rcvd.info;
321 break;
322 default:
323 uvt->resp.u.send_status = evt->param.send_status;
324 break;
325 }
326
327 if (uvt->data_len) {
328 uvt->data = kmemdup(evt->private_data, uvt->data_len, GFP_KERNEL);
329 if (!uvt->data)
330 goto err1;
331
332 uvt->resp.present |= IB_UCM_PRES_DATA;
333 }
334
335 if (uvt->info_len) {
336 uvt->info = kmemdup(info, uvt->info_len, GFP_KERNEL);
337 if (!uvt->info)
338 goto err2;
339
340 uvt->resp.present |= IB_UCM_PRES_INFO;
341 }
342 return 0;
343
344 err2:
345 kfree(uvt->data);
346 err1:
347 return -ENOMEM;
348 }
349
ib_ucm_event_handler(struct ib_cm_id * cm_id,struct ib_cm_event * event)350 static int ib_ucm_event_handler(struct ib_cm_id *cm_id,
351 struct ib_cm_event *event)
352 {
353 struct ib_ucm_event *uevent;
354 struct ib_ucm_context *ctx;
355 int result = 0;
356
357 ctx = cm_id->context;
358
359 uevent = kzalloc(sizeof *uevent, GFP_KERNEL);
360 if (!uevent)
361 goto err1;
362
363 uevent->ctx = ctx;
364 uevent->cm_id = cm_id;
365 uevent->resp.uid = ctx->uid;
366 uevent->resp.id = ctx->id;
367 uevent->resp.event = event->event;
368
369 result = ib_ucm_event_process(event, uevent);
370 if (result)
371 goto err2;
372
373 mutex_lock(&ctx->file->file_mutex);
374 list_add_tail(&uevent->file_list, &ctx->file->events);
375 list_add_tail(&uevent->ctx_list, &ctx->events);
376 wake_up_interruptible(&ctx->file->poll_wait);
377 mutex_unlock(&ctx->file->file_mutex);
378 return 0;
379
380 err2:
381 kfree(uevent);
382 err1:
383 /* Destroy new cm_id's */
384 return ib_ucm_new_cm_id(event->event);
385 }
386
ib_ucm_event(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)387 static ssize_t ib_ucm_event(struct ib_ucm_file *file,
388 const char __user *inbuf,
389 int in_len, int out_len)
390 {
391 struct ib_ucm_context *ctx;
392 struct ib_ucm_event_get cmd;
393 struct ib_ucm_event *uevent;
394 int result = 0;
395
396 if (out_len < sizeof(struct ib_ucm_event_resp))
397 return -ENOSPC;
398
399 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
400 return -EFAULT;
401
402 mutex_lock(&file->file_mutex);
403 while (list_empty(&file->events)) {
404 mutex_unlock(&file->file_mutex);
405
406 if (file->filp->f_flags & O_NONBLOCK)
407 return -EAGAIN;
408
409 if (wait_event_interruptible(file->poll_wait,
410 !list_empty(&file->events)))
411 return -ERESTARTSYS;
412
413 mutex_lock(&file->file_mutex);
414 }
415
416 uevent = list_entry(file->events.next, struct ib_ucm_event, file_list);
417
418 if (ib_ucm_new_cm_id(uevent->resp.event)) {
419 ctx = ib_ucm_ctx_alloc(file);
420 if (!ctx) {
421 result = -ENOMEM;
422 goto done;
423 }
424
425 ctx->cm_id = uevent->cm_id;
426 ctx->cm_id->context = ctx;
427 uevent->resp.id = ctx->id;
428 }
429
430 if (copy_to_user((void __user *)(unsigned long)cmd.response,
431 &uevent->resp, sizeof(uevent->resp))) {
432 result = -EFAULT;
433 goto done;
434 }
435
436 if (uevent->data) {
437 if (cmd.data_len < uevent->data_len) {
438 result = -ENOMEM;
439 goto done;
440 }
441 if (copy_to_user((void __user *)(unsigned long)cmd.data,
442 uevent->data, uevent->data_len)) {
443 result = -EFAULT;
444 goto done;
445 }
446 }
447
448 if (uevent->info) {
449 if (cmd.info_len < uevent->info_len) {
450 result = -ENOMEM;
451 goto done;
452 }
453 if (copy_to_user((void __user *)(unsigned long)cmd.info,
454 uevent->info, uevent->info_len)) {
455 result = -EFAULT;
456 goto done;
457 }
458 }
459
460 list_del(&uevent->file_list);
461 list_del(&uevent->ctx_list);
462 uevent->ctx->events_reported++;
463
464 kfree(uevent->data);
465 kfree(uevent->info);
466 kfree(uevent);
467 done:
468 mutex_unlock(&file->file_mutex);
469 return result;
470 }
471
ib_ucm_create_id(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)472 static ssize_t ib_ucm_create_id(struct ib_ucm_file *file,
473 const char __user *inbuf,
474 int in_len, int out_len)
475 {
476 struct ib_ucm_create_id cmd;
477 struct ib_ucm_create_id_resp resp;
478 struct ib_ucm_context *ctx;
479 int result;
480
481 if (out_len < sizeof(resp))
482 return -ENOSPC;
483
484 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
485 return -EFAULT;
486
487 mutex_lock(&file->file_mutex);
488 ctx = ib_ucm_ctx_alloc(file);
489 mutex_unlock(&file->file_mutex);
490 if (!ctx)
491 return -ENOMEM;
492
493 ctx->uid = cmd.uid;
494 ctx->cm_id = ib_create_cm_id(file->device->ib_dev,
495 ib_ucm_event_handler, ctx);
496 if (IS_ERR(ctx->cm_id)) {
497 result = PTR_ERR(ctx->cm_id);
498 goto err1;
499 }
500
501 resp.id = ctx->id;
502 if (copy_to_user((void __user *)(unsigned long)cmd.response,
503 &resp, sizeof(resp))) {
504 result = -EFAULT;
505 goto err2;
506 }
507 return 0;
508
509 err2:
510 ib_destroy_cm_id(ctx->cm_id);
511 err1:
512 mutex_lock(&ctx_id_mutex);
513 idr_remove(&ctx_id_table, ctx->id);
514 mutex_unlock(&ctx_id_mutex);
515 kfree(ctx);
516 return result;
517 }
518
ib_ucm_destroy_id(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)519 static ssize_t ib_ucm_destroy_id(struct ib_ucm_file *file,
520 const char __user *inbuf,
521 int in_len, int out_len)
522 {
523 struct ib_ucm_destroy_id cmd;
524 struct ib_ucm_destroy_id_resp resp;
525 struct ib_ucm_context *ctx;
526 int result = 0;
527
528 if (out_len < sizeof(resp))
529 return -ENOSPC;
530
531 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
532 return -EFAULT;
533
534 mutex_lock(&ctx_id_mutex);
535 ctx = idr_find(&ctx_id_table, cmd.id);
536 if (!ctx)
537 ctx = ERR_PTR(-ENOENT);
538 else if (ctx->file != file)
539 ctx = ERR_PTR(-EINVAL);
540 else
541 idr_remove(&ctx_id_table, ctx->id);
542 mutex_unlock(&ctx_id_mutex);
543
544 if (IS_ERR(ctx))
545 return PTR_ERR(ctx);
546
547 ib_ucm_ctx_put(ctx);
548 wait_for_completion(&ctx->comp);
549
550 /* No new events will be generated after destroying the cm_id. */
551 ib_destroy_cm_id(ctx->cm_id);
552 /* Cleanup events not yet reported to the user. */
553 ib_ucm_cleanup_events(ctx);
554
555 resp.events_reported = ctx->events_reported;
556 if (copy_to_user((void __user *)(unsigned long)cmd.response,
557 &resp, sizeof(resp)))
558 result = -EFAULT;
559
560 kfree(ctx);
561 return result;
562 }
563
ib_ucm_attr_id(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)564 static ssize_t ib_ucm_attr_id(struct ib_ucm_file *file,
565 const char __user *inbuf,
566 int in_len, int out_len)
567 {
568 struct ib_ucm_attr_id_resp resp;
569 struct ib_ucm_attr_id cmd;
570 struct ib_ucm_context *ctx;
571 int result = 0;
572
573 if (out_len < sizeof(resp))
574 return -ENOSPC;
575
576 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
577 return -EFAULT;
578
579 ctx = ib_ucm_ctx_get(file, cmd.id);
580 if (IS_ERR(ctx))
581 return PTR_ERR(ctx);
582
583 resp.service_id = ctx->cm_id->service_id;
584 resp.service_mask = ctx->cm_id->service_mask;
585 resp.local_id = ctx->cm_id->local_id;
586 resp.remote_id = ctx->cm_id->remote_id;
587
588 if (copy_to_user((void __user *)(unsigned long)cmd.response,
589 &resp, sizeof(resp)))
590 result = -EFAULT;
591
592 ib_ucm_ctx_put(ctx);
593 return result;
594 }
595
ib_ucm_init_qp_attr(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)596 static ssize_t ib_ucm_init_qp_attr(struct ib_ucm_file *file,
597 const char __user *inbuf,
598 int in_len, int out_len)
599 {
600 struct ib_uverbs_qp_attr resp;
601 struct ib_ucm_init_qp_attr cmd;
602 struct ib_ucm_context *ctx;
603 struct ib_qp_attr qp_attr;
604 int result = 0;
605
606 if (out_len < sizeof(resp))
607 return -ENOSPC;
608
609 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
610 return -EFAULT;
611
612 ctx = ib_ucm_ctx_get(file, cmd.id);
613 if (IS_ERR(ctx))
614 return PTR_ERR(ctx);
615
616 resp.qp_attr_mask = 0;
617 memset(&qp_attr, 0, sizeof qp_attr);
618 qp_attr.qp_state = cmd.qp_state;
619 result = ib_cm_init_qp_attr(ctx->cm_id, &qp_attr, &resp.qp_attr_mask);
620 if (result)
621 goto out;
622
623 ib_copy_qp_attr_to_user(ctx->cm_id->device, &resp, &qp_attr);
624
625 if (copy_to_user((void __user *)(unsigned long)cmd.response,
626 &resp, sizeof(resp)))
627 result = -EFAULT;
628
629 out:
630 ib_ucm_ctx_put(ctx);
631 return result;
632 }
633
ucm_validate_listen(__be64 service_id,__be64 service_mask)634 static int ucm_validate_listen(__be64 service_id, __be64 service_mask)
635 {
636 service_id &= service_mask;
637
638 if (((service_id & IB_CMA_SERVICE_ID_MASK) == IB_CMA_SERVICE_ID) ||
639 ((service_id & IB_SDP_SERVICE_ID_MASK) == IB_SDP_SERVICE_ID))
640 return -EINVAL;
641
642 return 0;
643 }
644
ib_ucm_listen(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)645 static ssize_t ib_ucm_listen(struct ib_ucm_file *file,
646 const char __user *inbuf,
647 int in_len, int out_len)
648 {
649 struct ib_ucm_listen cmd;
650 struct ib_ucm_context *ctx;
651 int result;
652
653 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
654 return -EFAULT;
655
656 ctx = ib_ucm_ctx_get(file, cmd.id);
657 if (IS_ERR(ctx))
658 return PTR_ERR(ctx);
659
660 result = ucm_validate_listen(cmd.service_id, cmd.service_mask);
661 if (result)
662 goto out;
663
664 result = ib_cm_listen(ctx->cm_id, cmd.service_id, cmd.service_mask);
665 out:
666 ib_ucm_ctx_put(ctx);
667 return result;
668 }
669
ib_ucm_notify(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)670 static ssize_t ib_ucm_notify(struct ib_ucm_file *file,
671 const char __user *inbuf,
672 int in_len, int out_len)
673 {
674 struct ib_ucm_notify cmd;
675 struct ib_ucm_context *ctx;
676 int result;
677
678 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
679 return -EFAULT;
680
681 ctx = ib_ucm_ctx_get(file, cmd.id);
682 if (IS_ERR(ctx))
683 return PTR_ERR(ctx);
684
685 result = ib_cm_notify(ctx->cm_id, (enum ib_event_type) cmd.event);
686 ib_ucm_ctx_put(ctx);
687 return result;
688 }
689
ib_ucm_alloc_data(const void ** dest,u64 src,u32 len)690 static int ib_ucm_alloc_data(const void **dest, u64 src, u32 len)
691 {
692 void *data;
693
694 *dest = NULL;
695
696 if (!len)
697 return 0;
698
699 data = memdup_user((void __user *)(unsigned long)src, len);
700 if (IS_ERR(data))
701 return PTR_ERR(data);
702
703 *dest = data;
704 return 0;
705 }
706
ib_ucm_path_get(struct sa_path_rec ** path,u64 src)707 static int ib_ucm_path_get(struct sa_path_rec **path, u64 src)
708 {
709 struct ib_user_path_rec upath;
710 struct sa_path_rec *sa_path;
711
712 *path = NULL;
713
714 if (!src)
715 return 0;
716
717 sa_path = kmalloc(sizeof(*sa_path), GFP_KERNEL);
718 if (!sa_path)
719 return -ENOMEM;
720
721 if (copy_from_user(&upath, (void __user *)(unsigned long)src,
722 sizeof(upath))) {
723
724 kfree(sa_path);
725 return -EFAULT;
726 }
727
728 ib_copy_path_rec_from_user(sa_path, &upath);
729 *path = sa_path;
730 return 0;
731 }
732
ib_ucm_send_req(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)733 static ssize_t ib_ucm_send_req(struct ib_ucm_file *file,
734 const char __user *inbuf,
735 int in_len, int out_len)
736 {
737 struct ib_cm_req_param param;
738 struct ib_ucm_context *ctx;
739 struct ib_ucm_req cmd;
740 int result;
741
742 param.private_data = NULL;
743 param.primary_path = NULL;
744 param.alternate_path = NULL;
745
746 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
747 return -EFAULT;
748
749 result = ib_ucm_alloc_data(¶m.private_data, cmd.data, cmd.len);
750 if (result)
751 goto done;
752
753 result = ib_ucm_path_get(¶m.primary_path, cmd.primary_path);
754 if (result)
755 goto done;
756
757 result = ib_ucm_path_get(¶m.alternate_path, cmd.alternate_path);
758 if (result)
759 goto done;
760
761 param.private_data_len = cmd.len;
762 param.service_id = cmd.sid;
763 param.qp_num = cmd.qpn;
764 param.qp_type = cmd.qp_type;
765 param.starting_psn = cmd.psn;
766 param.peer_to_peer = cmd.peer_to_peer;
767 param.responder_resources = cmd.responder_resources;
768 param.initiator_depth = cmd.initiator_depth;
769 param.remote_cm_response_timeout = cmd.remote_cm_response_timeout;
770 param.flow_control = cmd.flow_control;
771 param.local_cm_response_timeout = cmd.local_cm_response_timeout;
772 param.retry_count = cmd.retry_count;
773 param.rnr_retry_count = cmd.rnr_retry_count;
774 param.max_cm_retries = cmd.max_cm_retries;
775 param.srq = cmd.srq;
776
777 ctx = ib_ucm_ctx_get(file, cmd.id);
778 if (!IS_ERR(ctx)) {
779 result = ib_send_cm_req(ctx->cm_id, ¶m);
780 ib_ucm_ctx_put(ctx);
781 } else
782 result = PTR_ERR(ctx);
783
784 done:
785 kfree(param.private_data);
786 kfree(param.primary_path);
787 kfree(param.alternate_path);
788 return result;
789 }
790
ib_ucm_send_rep(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)791 static ssize_t ib_ucm_send_rep(struct ib_ucm_file *file,
792 const char __user *inbuf,
793 int in_len, int out_len)
794 {
795 struct ib_cm_rep_param param;
796 struct ib_ucm_context *ctx;
797 struct ib_ucm_rep cmd;
798 int result;
799
800 param.private_data = NULL;
801
802 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
803 return -EFAULT;
804
805 result = ib_ucm_alloc_data(¶m.private_data, cmd.data, cmd.len);
806 if (result)
807 return result;
808
809 param.qp_num = cmd.qpn;
810 param.starting_psn = cmd.psn;
811 param.private_data_len = cmd.len;
812 param.responder_resources = cmd.responder_resources;
813 param.initiator_depth = cmd.initiator_depth;
814 param.failover_accepted = cmd.failover_accepted;
815 param.flow_control = cmd.flow_control;
816 param.rnr_retry_count = cmd.rnr_retry_count;
817 param.srq = cmd.srq;
818
819 ctx = ib_ucm_ctx_get(file, cmd.id);
820 if (!IS_ERR(ctx)) {
821 ctx->uid = cmd.uid;
822 result = ib_send_cm_rep(ctx->cm_id, ¶m);
823 ib_ucm_ctx_put(ctx);
824 } else
825 result = PTR_ERR(ctx);
826
827 kfree(param.private_data);
828 return result;
829 }
830
ib_ucm_send_private_data(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int (* func)(struct ib_cm_id * cm_id,const void * private_data,u8 private_data_len))831 static ssize_t ib_ucm_send_private_data(struct ib_ucm_file *file,
832 const char __user *inbuf, int in_len,
833 int (*func)(struct ib_cm_id *cm_id,
834 const void *private_data,
835 u8 private_data_len))
836 {
837 struct ib_ucm_private_data cmd;
838 struct ib_ucm_context *ctx;
839 const void *private_data = NULL;
840 int result;
841
842 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
843 return -EFAULT;
844
845 result = ib_ucm_alloc_data(&private_data, cmd.data, cmd.len);
846 if (result)
847 return result;
848
849 ctx = ib_ucm_ctx_get(file, cmd.id);
850 if (!IS_ERR(ctx)) {
851 result = func(ctx->cm_id, private_data, cmd.len);
852 ib_ucm_ctx_put(ctx);
853 } else
854 result = PTR_ERR(ctx);
855
856 kfree(private_data);
857 return result;
858 }
859
ib_ucm_send_rtu(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)860 static ssize_t ib_ucm_send_rtu(struct ib_ucm_file *file,
861 const char __user *inbuf,
862 int in_len, int out_len)
863 {
864 return ib_ucm_send_private_data(file, inbuf, in_len, ib_send_cm_rtu);
865 }
866
ib_ucm_send_dreq(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)867 static ssize_t ib_ucm_send_dreq(struct ib_ucm_file *file,
868 const char __user *inbuf,
869 int in_len, int out_len)
870 {
871 return ib_ucm_send_private_data(file, inbuf, in_len, ib_send_cm_dreq);
872 }
873
ib_ucm_send_drep(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)874 static ssize_t ib_ucm_send_drep(struct ib_ucm_file *file,
875 const char __user *inbuf,
876 int in_len, int out_len)
877 {
878 return ib_ucm_send_private_data(file, inbuf, in_len, ib_send_cm_drep);
879 }
880
ib_ucm_send_info(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int (* func)(struct ib_cm_id * cm_id,int status,const void * info,u8 info_len,const void * data,u8 data_len))881 static ssize_t ib_ucm_send_info(struct ib_ucm_file *file,
882 const char __user *inbuf, int in_len,
883 int (*func)(struct ib_cm_id *cm_id,
884 int status,
885 const void *info,
886 u8 info_len,
887 const void *data,
888 u8 data_len))
889 {
890 struct ib_ucm_context *ctx;
891 struct ib_ucm_info cmd;
892 const void *data = NULL;
893 const void *info = NULL;
894 int result;
895
896 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
897 return -EFAULT;
898
899 result = ib_ucm_alloc_data(&data, cmd.data, cmd.data_len);
900 if (result)
901 goto done;
902
903 result = ib_ucm_alloc_data(&info, cmd.info, cmd.info_len);
904 if (result)
905 goto done;
906
907 ctx = ib_ucm_ctx_get(file, cmd.id);
908 if (!IS_ERR(ctx)) {
909 result = func(ctx->cm_id, cmd.status, info, cmd.info_len,
910 data, cmd.data_len);
911 ib_ucm_ctx_put(ctx);
912 } else
913 result = PTR_ERR(ctx);
914
915 done:
916 kfree(data);
917 kfree(info);
918 return result;
919 }
920
ib_ucm_send_rej(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)921 static ssize_t ib_ucm_send_rej(struct ib_ucm_file *file,
922 const char __user *inbuf,
923 int in_len, int out_len)
924 {
925 return ib_ucm_send_info(file, inbuf, in_len, (void *)ib_send_cm_rej);
926 }
927
ib_ucm_send_apr(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)928 static ssize_t ib_ucm_send_apr(struct ib_ucm_file *file,
929 const char __user *inbuf,
930 int in_len, int out_len)
931 {
932 return ib_ucm_send_info(file, inbuf, in_len, (void *)ib_send_cm_apr);
933 }
934
ib_ucm_send_mra(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)935 static ssize_t ib_ucm_send_mra(struct ib_ucm_file *file,
936 const char __user *inbuf,
937 int in_len, int out_len)
938 {
939 struct ib_ucm_context *ctx;
940 struct ib_ucm_mra cmd;
941 const void *data = NULL;
942 int result;
943
944 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
945 return -EFAULT;
946
947 result = ib_ucm_alloc_data(&data, cmd.data, cmd.len);
948 if (result)
949 return result;
950
951 ctx = ib_ucm_ctx_get(file, cmd.id);
952 if (!IS_ERR(ctx)) {
953 result = ib_send_cm_mra(ctx->cm_id, cmd.timeout, data, cmd.len);
954 ib_ucm_ctx_put(ctx);
955 } else
956 result = PTR_ERR(ctx);
957
958 kfree(data);
959 return result;
960 }
961
ib_ucm_send_lap(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)962 static ssize_t ib_ucm_send_lap(struct ib_ucm_file *file,
963 const char __user *inbuf,
964 int in_len, int out_len)
965 {
966 struct ib_ucm_context *ctx;
967 struct sa_path_rec *path = NULL;
968 struct ib_ucm_lap cmd;
969 const void *data = NULL;
970 int result;
971
972 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
973 return -EFAULT;
974
975 result = ib_ucm_alloc_data(&data, cmd.data, cmd.len);
976 if (result)
977 goto done;
978
979 result = ib_ucm_path_get(&path, cmd.path);
980 if (result)
981 goto done;
982
983 ctx = ib_ucm_ctx_get(file, cmd.id);
984 if (!IS_ERR(ctx)) {
985 result = ib_send_cm_lap(ctx->cm_id, path, data, cmd.len);
986 ib_ucm_ctx_put(ctx);
987 } else
988 result = PTR_ERR(ctx);
989
990 done:
991 kfree(data);
992 kfree(path);
993 return result;
994 }
995
ib_ucm_send_sidr_req(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)996 static ssize_t ib_ucm_send_sidr_req(struct ib_ucm_file *file,
997 const char __user *inbuf,
998 int in_len, int out_len)
999 {
1000 struct ib_cm_sidr_req_param param;
1001 struct ib_ucm_context *ctx;
1002 struct ib_ucm_sidr_req cmd;
1003 int result;
1004
1005 param.private_data = NULL;
1006 param.path = NULL;
1007
1008 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
1009 return -EFAULT;
1010
1011 result = ib_ucm_alloc_data(¶m.private_data, cmd.data, cmd.len);
1012 if (result)
1013 goto done;
1014
1015 result = ib_ucm_path_get(¶m.path, cmd.path);
1016 if (result)
1017 goto done;
1018
1019 param.private_data_len = cmd.len;
1020 param.service_id = cmd.sid;
1021 param.timeout_ms = cmd.timeout;
1022 param.max_cm_retries = cmd.max_cm_retries;
1023
1024 ctx = ib_ucm_ctx_get(file, cmd.id);
1025 if (!IS_ERR(ctx)) {
1026 result = ib_send_cm_sidr_req(ctx->cm_id, ¶m);
1027 ib_ucm_ctx_put(ctx);
1028 } else
1029 result = PTR_ERR(ctx);
1030
1031 done:
1032 kfree(param.private_data);
1033 kfree(param.path);
1034 return result;
1035 }
1036
ib_ucm_send_sidr_rep(struct ib_ucm_file * file,const char __user * inbuf,int in_len,int out_len)1037 static ssize_t ib_ucm_send_sidr_rep(struct ib_ucm_file *file,
1038 const char __user *inbuf,
1039 int in_len, int out_len)
1040 {
1041 struct ib_cm_sidr_rep_param param;
1042 struct ib_ucm_sidr_rep cmd;
1043 struct ib_ucm_context *ctx;
1044 int result;
1045
1046 param.info = NULL;
1047
1048 if (copy_from_user(&cmd, inbuf, sizeof(cmd)))
1049 return -EFAULT;
1050
1051 result = ib_ucm_alloc_data(¶m.private_data,
1052 cmd.data, cmd.data_len);
1053 if (result)
1054 goto done;
1055
1056 result = ib_ucm_alloc_data(¶m.info, cmd.info, cmd.info_len);
1057 if (result)
1058 goto done;
1059
1060 param.qp_num = cmd.qpn;
1061 param.qkey = cmd.qkey;
1062 param.status = cmd.status;
1063 param.info_length = cmd.info_len;
1064 param.private_data_len = cmd.data_len;
1065
1066 ctx = ib_ucm_ctx_get(file, cmd.id);
1067 if (!IS_ERR(ctx)) {
1068 result = ib_send_cm_sidr_rep(ctx->cm_id, ¶m);
1069 ib_ucm_ctx_put(ctx);
1070 } else
1071 result = PTR_ERR(ctx);
1072
1073 done:
1074 kfree(param.private_data);
1075 kfree(param.info);
1076 return result;
1077 }
1078
1079 static ssize_t (*ucm_cmd_table[])(struct ib_ucm_file *file,
1080 const char __user *inbuf,
1081 int in_len, int out_len) = {
1082 [IB_USER_CM_CMD_CREATE_ID] = ib_ucm_create_id,
1083 [IB_USER_CM_CMD_DESTROY_ID] = ib_ucm_destroy_id,
1084 [IB_USER_CM_CMD_ATTR_ID] = ib_ucm_attr_id,
1085 [IB_USER_CM_CMD_LISTEN] = ib_ucm_listen,
1086 [IB_USER_CM_CMD_NOTIFY] = ib_ucm_notify,
1087 [IB_USER_CM_CMD_SEND_REQ] = ib_ucm_send_req,
1088 [IB_USER_CM_CMD_SEND_REP] = ib_ucm_send_rep,
1089 [IB_USER_CM_CMD_SEND_RTU] = ib_ucm_send_rtu,
1090 [IB_USER_CM_CMD_SEND_DREQ] = ib_ucm_send_dreq,
1091 [IB_USER_CM_CMD_SEND_DREP] = ib_ucm_send_drep,
1092 [IB_USER_CM_CMD_SEND_REJ] = ib_ucm_send_rej,
1093 [IB_USER_CM_CMD_SEND_MRA] = ib_ucm_send_mra,
1094 [IB_USER_CM_CMD_SEND_LAP] = ib_ucm_send_lap,
1095 [IB_USER_CM_CMD_SEND_APR] = ib_ucm_send_apr,
1096 [IB_USER_CM_CMD_SEND_SIDR_REQ] = ib_ucm_send_sidr_req,
1097 [IB_USER_CM_CMD_SEND_SIDR_REP] = ib_ucm_send_sidr_rep,
1098 [IB_USER_CM_CMD_EVENT] = ib_ucm_event,
1099 [IB_USER_CM_CMD_INIT_QP_ATTR] = ib_ucm_init_qp_attr,
1100 };
1101
ib_ucm_write(struct file * filp,const char __user * buf,size_t len,loff_t * pos)1102 static ssize_t ib_ucm_write(struct file *filp, const char __user *buf,
1103 size_t len, loff_t *pos)
1104 {
1105 struct ib_ucm_file *file = filp->private_data;
1106 struct ib_ucm_cmd_hdr hdr;
1107 ssize_t result;
1108
1109 if (!ib_safe_file_access(filp)) {
1110 pr_err_once("ucm_write: process %d (%s) changed security contexts after opening file descriptor, this is not allowed.\n",
1111 task_tgid_vnr(current), current->comm);
1112 return -EACCES;
1113 }
1114
1115 if (len < sizeof(hdr))
1116 return -EINVAL;
1117
1118 if (copy_from_user(&hdr, buf, sizeof(hdr)))
1119 return -EFAULT;
1120
1121 if (hdr.cmd >= ARRAY_SIZE(ucm_cmd_table))
1122 return -EINVAL;
1123 hdr.cmd = array_index_nospec(hdr.cmd, ARRAY_SIZE(ucm_cmd_table));
1124
1125 if (hdr.in + sizeof(hdr) > len)
1126 return -EINVAL;
1127
1128 result = ucm_cmd_table[hdr.cmd](file, buf + sizeof(hdr),
1129 hdr.in, hdr.out);
1130 if (!result)
1131 result = len;
1132
1133 return result;
1134 }
1135
ib_ucm_poll(struct file * filp,struct poll_table_struct * wait)1136 static unsigned int ib_ucm_poll(struct file *filp,
1137 struct poll_table_struct *wait)
1138 {
1139 struct ib_ucm_file *file = filp->private_data;
1140 unsigned int mask = 0;
1141
1142 poll_wait(filp, &file->poll_wait, wait);
1143
1144 if (!list_empty(&file->events))
1145 mask = POLLIN | POLLRDNORM;
1146
1147 return mask;
1148 }
1149
1150 /*
1151 * ib_ucm_open() does not need the BKL:
1152 *
1153 * - no global state is referred to;
1154 * - there is no ioctl method to race against;
1155 * - no further module initialization is required for open to work
1156 * after the device is registered.
1157 */
ib_ucm_open(struct inode * inode,struct file * filp)1158 static int ib_ucm_open(struct inode *inode, struct file *filp)
1159 {
1160 struct ib_ucm_file *file;
1161
1162 file = kmalloc(sizeof(*file), GFP_KERNEL);
1163 if (!file)
1164 return -ENOMEM;
1165
1166 INIT_LIST_HEAD(&file->events);
1167 INIT_LIST_HEAD(&file->ctxs);
1168 init_waitqueue_head(&file->poll_wait);
1169
1170 mutex_init(&file->file_mutex);
1171
1172 filp->private_data = file;
1173 file->filp = filp;
1174 file->device = container_of(inode->i_cdev, struct ib_ucm_device, cdev);
1175
1176 return nonseekable_open(inode, filp);
1177 }
1178
ib_ucm_close(struct inode * inode,struct file * filp)1179 static int ib_ucm_close(struct inode *inode, struct file *filp)
1180 {
1181 struct ib_ucm_file *file = filp->private_data;
1182 struct ib_ucm_context *ctx;
1183
1184 mutex_lock(&file->file_mutex);
1185 while (!list_empty(&file->ctxs)) {
1186 ctx = list_entry(file->ctxs.next,
1187 struct ib_ucm_context, file_list);
1188 mutex_unlock(&file->file_mutex);
1189
1190 mutex_lock(&ctx_id_mutex);
1191 idr_remove(&ctx_id_table, ctx->id);
1192 mutex_unlock(&ctx_id_mutex);
1193
1194 ib_destroy_cm_id(ctx->cm_id);
1195 ib_ucm_cleanup_events(ctx);
1196 kfree(ctx);
1197
1198 mutex_lock(&file->file_mutex);
1199 }
1200 mutex_unlock(&file->file_mutex);
1201 kfree(file);
1202 return 0;
1203 }
1204
1205 static DECLARE_BITMAP(overflow_map, IB_UCM_MAX_DEVICES);
ib_ucm_release_dev(struct device * dev)1206 static void ib_ucm_release_dev(struct device *dev)
1207 {
1208 struct ib_ucm_device *ucm_dev;
1209
1210 ucm_dev = container_of(dev, struct ib_ucm_device, dev);
1211 kfree(ucm_dev);
1212 }
1213
ib_ucm_free_dev(struct ib_ucm_device * ucm_dev)1214 static void ib_ucm_free_dev(struct ib_ucm_device *ucm_dev)
1215 {
1216 if (ucm_dev->devnum < IB_UCM_MAX_DEVICES)
1217 clear_bit(ucm_dev->devnum, dev_map);
1218 else
1219 clear_bit(ucm_dev->devnum - IB_UCM_MAX_DEVICES, overflow_map);
1220 }
1221
1222 static const struct file_operations ucm_fops = {
1223 .owner = THIS_MODULE,
1224 .open = ib_ucm_open,
1225 .release = ib_ucm_close,
1226 .write = ib_ucm_write,
1227 .poll = ib_ucm_poll,
1228 .llseek = no_llseek,
1229 };
1230
show_ibdev(struct device * dev,struct device_attribute * attr,char * buf)1231 static ssize_t show_ibdev(struct device *dev, struct device_attribute *attr,
1232 char *buf)
1233 {
1234 struct ib_ucm_device *ucm_dev;
1235
1236 ucm_dev = container_of(dev, struct ib_ucm_device, dev);
1237 return sprintf(buf, "%s\n", ucm_dev->ib_dev->name);
1238 }
1239 static DEVICE_ATTR(ibdev, S_IRUGO, show_ibdev, NULL);
1240
1241 static dev_t overflow_maj;
find_overflow_devnum(void)1242 static int find_overflow_devnum(void)
1243 {
1244 int ret;
1245
1246 if (!overflow_maj) {
1247 ret = alloc_chrdev_region(&overflow_maj, 0, IB_UCM_MAX_DEVICES,
1248 "infiniband_cm");
1249 if (ret) {
1250 pr_err("ucm: couldn't register dynamic device number\n");
1251 return ret;
1252 }
1253 }
1254
1255 ret = find_first_zero_bit(overflow_map, IB_UCM_MAX_DEVICES);
1256 if (ret >= IB_UCM_MAX_DEVICES)
1257 return -1;
1258
1259 return ret;
1260 }
1261
ib_ucm_add_one(struct ib_device * device)1262 static void ib_ucm_add_one(struct ib_device *device)
1263 {
1264 int devnum;
1265 dev_t base;
1266 struct ib_ucm_device *ucm_dev;
1267
1268 if (!device->alloc_ucontext || !rdma_cap_ib_cm(device, 1))
1269 return;
1270
1271 ucm_dev = kzalloc(sizeof *ucm_dev, GFP_KERNEL);
1272 if (!ucm_dev)
1273 return;
1274
1275 device_initialize(&ucm_dev->dev);
1276 ucm_dev->ib_dev = device;
1277 ucm_dev->dev.release = ib_ucm_release_dev;
1278
1279 devnum = find_first_zero_bit(dev_map, IB_UCM_MAX_DEVICES);
1280 if (devnum >= IB_UCM_MAX_DEVICES) {
1281 devnum = find_overflow_devnum();
1282 if (devnum < 0)
1283 goto err;
1284
1285 ucm_dev->devnum = devnum + IB_UCM_MAX_DEVICES;
1286 base = devnum + overflow_maj;
1287 set_bit(devnum, overflow_map);
1288 } else {
1289 ucm_dev->devnum = devnum;
1290 base = devnum + IB_UCM_BASE_DEV;
1291 set_bit(devnum, dev_map);
1292 }
1293
1294 cdev_init(&ucm_dev->cdev, &ucm_fops);
1295 ucm_dev->cdev.owner = THIS_MODULE;
1296 kobject_set_name(&ucm_dev->cdev.kobj, "ucm%d", ucm_dev->devnum);
1297
1298 ucm_dev->dev.class = &cm_class;
1299 ucm_dev->dev.parent = device->dev.parent;
1300 ucm_dev->dev.devt = base;
1301
1302 dev_set_name(&ucm_dev->dev, "ucm%d", ucm_dev->devnum);
1303 if (cdev_device_add(&ucm_dev->cdev, &ucm_dev->dev))
1304 goto err_devnum;
1305
1306 if (device_create_file(&ucm_dev->dev, &dev_attr_ibdev))
1307 goto err_dev;
1308
1309 ib_set_client_data(device, &ucm_client, ucm_dev);
1310 return;
1311
1312 err_dev:
1313 cdev_device_del(&ucm_dev->cdev, &ucm_dev->dev);
1314 err_devnum:
1315 ib_ucm_free_dev(ucm_dev);
1316 err:
1317 put_device(&ucm_dev->dev);
1318 return;
1319 }
1320
ib_ucm_remove_one(struct ib_device * device,void * client_data)1321 static void ib_ucm_remove_one(struct ib_device *device, void *client_data)
1322 {
1323 struct ib_ucm_device *ucm_dev = client_data;
1324
1325 if (!ucm_dev)
1326 return;
1327
1328 cdev_device_del(&ucm_dev->cdev, &ucm_dev->dev);
1329 ib_ucm_free_dev(ucm_dev);
1330 put_device(&ucm_dev->dev);
1331 }
1332
1333 static CLASS_ATTR_STRING(abi_version, S_IRUGO,
1334 __stringify(IB_USER_CM_ABI_VERSION));
1335
ib_ucm_init(void)1336 static int __init ib_ucm_init(void)
1337 {
1338 int ret;
1339
1340 ret = register_chrdev_region(IB_UCM_BASE_DEV, IB_UCM_MAX_DEVICES,
1341 "infiniband_cm");
1342 if (ret) {
1343 pr_err("ucm: couldn't register device number\n");
1344 goto error1;
1345 }
1346
1347 ret = class_create_file(&cm_class, &class_attr_abi_version.attr);
1348 if (ret) {
1349 pr_err("ucm: couldn't create abi_version attribute\n");
1350 goto error2;
1351 }
1352
1353 ret = ib_register_client(&ucm_client);
1354 if (ret) {
1355 pr_err("ucm: couldn't register client\n");
1356 goto error3;
1357 }
1358 return 0;
1359
1360 error3:
1361 class_remove_file(&cm_class, &class_attr_abi_version.attr);
1362 error2:
1363 unregister_chrdev_region(IB_UCM_BASE_DEV, IB_UCM_MAX_DEVICES);
1364 error1:
1365 return ret;
1366 }
1367
ib_ucm_cleanup(void)1368 static void __exit ib_ucm_cleanup(void)
1369 {
1370 ib_unregister_client(&ucm_client);
1371 class_remove_file(&cm_class, &class_attr_abi_version.attr);
1372 unregister_chrdev_region(IB_UCM_BASE_DEV, IB_UCM_MAX_DEVICES);
1373 if (overflow_maj)
1374 unregister_chrdev_region(overflow_maj, IB_UCM_MAX_DEVICES);
1375 idr_destroy(&ctx_id_table);
1376 }
1377
1378 module_init(ib_ucm_init);
1379 module_exit(ib_ucm_cleanup);
1380