1 /*
2 * Copyright (c) 2007, 2017 Oracle and/or its affiliates. All rights reserved.
3 *
4 * This software is available to you under a choice of one of two
5 * licenses. You may choose to be licensed under the terms of the GNU
6 * General Public License (GPL) Version 2, available from the file
7 * COPYING in the main directory of this source tree, or the
8 * OpenIB.org BSD license below:
9 *
10 * Redistribution and use in source and binary forms, with or
11 * without modification, are permitted provided that the following
12 * conditions are met:
13 *
14 * - Redistributions of source code must retain the above
15 * copyright notice, this list of conditions and the following
16 * disclaimer.
17 *
18 * - Redistributions in binary form must reproduce the above
19 * copyright notice, this list of conditions and the following
20 * disclaimer in the documentation and/or other materials
21 * provided with the distribution.
22 *
23 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
24 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
25 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
26 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
27 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
28 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
29 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
30 * SOFTWARE.
31 *
32 */
33 #include <linux/pagemap.h>
34 #include <linux/slab.h>
35 #include <linux/rbtree.h>
36 #include <linux/dma-mapping.h> /* for DMA_*_DEVICE */
37
38 #include "rds.h"
39
40 /*
41 * XXX
42 * - build with sparse
43 * - should we detect duplicate keys on a socket? hmm.
44 * - an rdma is an mlock, apply rlimit?
45 */
46
47 /*
48 * get the number of pages by looking at the page indices that the start and
49 * end addresses fall in.
50 *
51 * Returns 0 if the vec is invalid. It is invalid if the number of bytes
52 * causes the address to wrap or overflows an unsigned int. This comes
53 * from being stored in the 'length' member of 'struct scatterlist'.
54 */
rds_pages_in_vec(struct rds_iovec * vec)55 static unsigned int rds_pages_in_vec(struct rds_iovec *vec)
56 {
57 if ((vec->addr + vec->bytes <= vec->addr) ||
58 (vec->bytes > (u64)UINT_MAX))
59 return 0;
60
61 return ((vec->addr + vec->bytes + PAGE_SIZE - 1) >> PAGE_SHIFT) -
62 (vec->addr >> PAGE_SHIFT);
63 }
64
rds_mr_tree_walk(struct rb_root * root,u64 key,struct rds_mr * insert)65 static struct rds_mr *rds_mr_tree_walk(struct rb_root *root, u64 key,
66 struct rds_mr *insert)
67 {
68 struct rb_node **p = &root->rb_node;
69 struct rb_node *parent = NULL;
70 struct rds_mr *mr;
71
72 while (*p) {
73 parent = *p;
74 mr = rb_entry(parent, struct rds_mr, r_rb_node);
75
76 if (key < mr->r_key)
77 p = &(*p)->rb_left;
78 else if (key > mr->r_key)
79 p = &(*p)->rb_right;
80 else
81 return mr;
82 }
83
84 if (insert) {
85 rb_link_node(&insert->r_rb_node, parent, p);
86 rb_insert_color(&insert->r_rb_node, root);
87 refcount_inc(&insert->r_refcount);
88 }
89 return NULL;
90 }
91
92 /*
93 * Destroy the transport-specific part of a MR.
94 */
rds_destroy_mr(struct rds_mr * mr)95 static void rds_destroy_mr(struct rds_mr *mr)
96 {
97 struct rds_sock *rs = mr->r_sock;
98 void *trans_private = NULL;
99 unsigned long flags;
100
101 rdsdebug("RDS: destroy mr key is %x refcnt %u\n",
102 mr->r_key, refcount_read(&mr->r_refcount));
103
104 if (test_and_set_bit(RDS_MR_DEAD, &mr->r_state))
105 return;
106
107 spin_lock_irqsave(&rs->rs_rdma_lock, flags);
108 if (!RB_EMPTY_NODE(&mr->r_rb_node))
109 rb_erase(&mr->r_rb_node, &rs->rs_rdma_keys);
110 trans_private = mr->r_trans_private;
111 mr->r_trans_private = NULL;
112 spin_unlock_irqrestore(&rs->rs_rdma_lock, flags);
113
114 if (trans_private)
115 mr->r_trans->free_mr(trans_private, mr->r_invalidate);
116 }
117
__rds_put_mr_final(struct rds_mr * mr)118 void __rds_put_mr_final(struct rds_mr *mr)
119 {
120 rds_destroy_mr(mr);
121 kfree(mr);
122 }
123
124 /*
125 * By the time this is called we can't have any more ioctls called on
126 * the socket so we don't need to worry about racing with others.
127 */
rds_rdma_drop_keys(struct rds_sock * rs)128 void rds_rdma_drop_keys(struct rds_sock *rs)
129 {
130 struct rds_mr *mr;
131 struct rb_node *node;
132 unsigned long flags;
133
134 /* Release any MRs associated with this socket */
135 spin_lock_irqsave(&rs->rs_rdma_lock, flags);
136 while ((node = rb_first(&rs->rs_rdma_keys))) {
137 mr = rb_entry(node, struct rds_mr, r_rb_node);
138 if (mr->r_trans == rs->rs_transport)
139 mr->r_invalidate = 0;
140 rb_erase(&mr->r_rb_node, &rs->rs_rdma_keys);
141 RB_CLEAR_NODE(&mr->r_rb_node);
142 spin_unlock_irqrestore(&rs->rs_rdma_lock, flags);
143 rds_destroy_mr(mr);
144 rds_mr_put(mr);
145 spin_lock_irqsave(&rs->rs_rdma_lock, flags);
146 }
147 spin_unlock_irqrestore(&rs->rs_rdma_lock, flags);
148
149 if (rs->rs_transport && rs->rs_transport->flush_mrs)
150 rs->rs_transport->flush_mrs();
151 }
152
153 /*
154 * Helper function to pin user pages.
155 */
rds_pin_pages(unsigned long user_addr,unsigned int nr_pages,struct page ** pages,int write)156 static int rds_pin_pages(unsigned long user_addr, unsigned int nr_pages,
157 struct page **pages, int write)
158 {
159 int ret;
160
161 ret = get_user_pages_fast(user_addr, nr_pages, write ? FOLL_WRITE : 0,
162 pages);
163
164 if (ret >= 0 && ret < nr_pages) {
165 while (ret--)
166 put_page(pages[ret]);
167 ret = -EFAULT;
168 }
169
170 return ret;
171 }
172
__rds_rdma_map(struct rds_sock * rs,struct rds_get_mr_args * args,u64 * cookie_ret,struct rds_mr ** mr_ret,struct rds_conn_path * cp)173 static int __rds_rdma_map(struct rds_sock *rs, struct rds_get_mr_args *args,
174 u64 *cookie_ret, struct rds_mr **mr_ret,
175 struct rds_conn_path *cp)
176 {
177 struct rds_mr *mr = NULL, *found;
178 unsigned int nr_pages;
179 struct page **pages = NULL;
180 struct scatterlist *sg;
181 void *trans_private;
182 unsigned long flags;
183 rds_rdma_cookie_t cookie;
184 unsigned int nents;
185 long i;
186 int ret;
187
188 if (ipv6_addr_any(&rs->rs_bound_addr) || !rs->rs_transport) {
189 ret = -ENOTCONN; /* XXX not a great errno */
190 goto out;
191 }
192
193 if (!rs->rs_transport->get_mr) {
194 ret = -EOPNOTSUPP;
195 goto out;
196 }
197
198 nr_pages = rds_pages_in_vec(&args->vec);
199 if (nr_pages == 0) {
200 ret = -EINVAL;
201 goto out;
202 }
203
204 /* Restrict the size of mr irrespective of underlying transport
205 * To account for unaligned mr regions, subtract one from nr_pages
206 */
207 if ((nr_pages - 1) > (RDS_MAX_MSG_SIZE >> PAGE_SHIFT)) {
208 ret = -EMSGSIZE;
209 goto out;
210 }
211
212 rdsdebug("RDS: get_mr addr %llx len %llu nr_pages %u\n",
213 args->vec.addr, args->vec.bytes, nr_pages);
214
215 /* XXX clamp nr_pages to limit the size of this alloc? */
216 pages = kcalloc(nr_pages, sizeof(struct page *), GFP_KERNEL);
217 if (!pages) {
218 ret = -ENOMEM;
219 goto out;
220 }
221
222 mr = kzalloc(sizeof(struct rds_mr), GFP_KERNEL);
223 if (!mr) {
224 ret = -ENOMEM;
225 goto out;
226 }
227
228 refcount_set(&mr->r_refcount, 1);
229 RB_CLEAR_NODE(&mr->r_rb_node);
230 mr->r_trans = rs->rs_transport;
231 mr->r_sock = rs;
232
233 if (args->flags & RDS_RDMA_USE_ONCE)
234 mr->r_use_once = 1;
235 if (args->flags & RDS_RDMA_INVALIDATE)
236 mr->r_invalidate = 1;
237 if (args->flags & RDS_RDMA_READWRITE)
238 mr->r_write = 1;
239
240 /*
241 * Pin the pages that make up the user buffer and transfer the page
242 * pointers to the mr's sg array. We check to see if we've mapped
243 * the whole region after transferring the partial page references
244 * to the sg array so that we can have one page ref cleanup path.
245 *
246 * For now we have no flag that tells us whether the mapping is
247 * r/o or r/w. We need to assume r/w, or we'll do a lot of RDMA to
248 * the zero page.
249 */
250 ret = rds_pin_pages(args->vec.addr, nr_pages, pages, 1);
251 if (ret < 0)
252 goto out;
253
254 nents = ret;
255 sg = kcalloc(nents, sizeof(*sg), GFP_KERNEL);
256 if (!sg) {
257 ret = -ENOMEM;
258 goto out;
259 }
260 WARN_ON(!nents);
261 sg_init_table(sg, nents);
262
263 /* Stick all pages into the scatterlist */
264 for (i = 0 ; i < nents; i++)
265 sg_set_page(&sg[i], pages[i], PAGE_SIZE, 0);
266
267 rdsdebug("RDS: trans_private nents is %u\n", nents);
268
269 /* Obtain a transport specific MR. If this succeeds, the
270 * s/g list is now owned by the MR.
271 * Note that dma_map() implies that pending writes are
272 * flushed to RAM, so no dma_sync is needed here. */
273 trans_private = rs->rs_transport->get_mr(sg, nents, rs,
274 &mr->r_key,
275 cp ? cp->cp_conn : NULL);
276
277 if (IS_ERR(trans_private)) {
278 for (i = 0 ; i < nents; i++)
279 put_page(sg_page(&sg[i]));
280 kfree(sg);
281 ret = PTR_ERR(trans_private);
282 /* Trigger connection so that its ready for the next retry */
283 if (ret == -ENODEV && cp)
284 rds_conn_connect_if_down(cp->cp_conn);
285 goto out;
286 }
287
288 mr->r_trans_private = trans_private;
289
290 rdsdebug("RDS: get_mr put_user key is %x cookie_addr %p\n",
291 mr->r_key, (void *)(unsigned long) args->cookie_addr);
292
293 /* The user may pass us an unaligned address, but we can only
294 * map page aligned regions. So we keep the offset, and build
295 * a 64bit cookie containing <R_Key, offset> and pass that
296 * around. */
297 cookie = rds_rdma_make_cookie(mr->r_key, args->vec.addr & ~PAGE_MASK);
298 if (cookie_ret)
299 *cookie_ret = cookie;
300
301 if (args->cookie_addr && put_user(cookie, (u64 __user *)(unsigned long) args->cookie_addr)) {
302 ret = -EFAULT;
303 goto out;
304 }
305
306 /* Inserting the new MR into the rbtree bumps its
307 * reference count. */
308 spin_lock_irqsave(&rs->rs_rdma_lock, flags);
309 found = rds_mr_tree_walk(&rs->rs_rdma_keys, mr->r_key, mr);
310 spin_unlock_irqrestore(&rs->rs_rdma_lock, flags);
311
312 BUG_ON(found && found != mr);
313
314 rdsdebug("RDS: get_mr key is %x\n", mr->r_key);
315 if (mr_ret) {
316 refcount_inc(&mr->r_refcount);
317 *mr_ret = mr;
318 }
319
320 ret = 0;
321 out:
322 kfree(pages);
323 if (mr)
324 rds_mr_put(mr);
325 return ret;
326 }
327
rds_get_mr(struct rds_sock * rs,char __user * optval,int optlen)328 int rds_get_mr(struct rds_sock *rs, char __user *optval, int optlen)
329 {
330 struct rds_get_mr_args args;
331
332 if (optlen != sizeof(struct rds_get_mr_args))
333 return -EINVAL;
334
335 if (copy_from_user(&args, (struct rds_get_mr_args __user *)optval,
336 sizeof(struct rds_get_mr_args)))
337 return -EFAULT;
338
339 return __rds_rdma_map(rs, &args, NULL, NULL, NULL);
340 }
341
rds_get_mr_for_dest(struct rds_sock * rs,char __user * optval,int optlen)342 int rds_get_mr_for_dest(struct rds_sock *rs, char __user *optval, int optlen)
343 {
344 struct rds_get_mr_for_dest_args args;
345 struct rds_get_mr_args new_args;
346
347 if (optlen != sizeof(struct rds_get_mr_for_dest_args))
348 return -EINVAL;
349
350 if (copy_from_user(&args, (struct rds_get_mr_for_dest_args __user *)optval,
351 sizeof(struct rds_get_mr_for_dest_args)))
352 return -EFAULT;
353
354 /*
355 * Initially, just behave like get_mr().
356 * TODO: Implement get_mr as wrapper around this
357 * and deprecate it.
358 */
359 new_args.vec = args.vec;
360 new_args.cookie_addr = args.cookie_addr;
361 new_args.flags = args.flags;
362
363 return __rds_rdma_map(rs, &new_args, NULL, NULL, NULL);
364 }
365
366 /*
367 * Free the MR indicated by the given R_Key
368 */
rds_free_mr(struct rds_sock * rs,char __user * optval,int optlen)369 int rds_free_mr(struct rds_sock *rs, char __user *optval, int optlen)
370 {
371 struct rds_free_mr_args args;
372 struct rds_mr *mr;
373 unsigned long flags;
374
375 if (optlen != sizeof(struct rds_free_mr_args))
376 return -EINVAL;
377
378 if (copy_from_user(&args, (struct rds_free_mr_args __user *)optval,
379 sizeof(struct rds_free_mr_args)))
380 return -EFAULT;
381
382 /* Special case - a null cookie means flush all unused MRs */
383 if (args.cookie == 0) {
384 if (!rs->rs_transport || !rs->rs_transport->flush_mrs)
385 return -EINVAL;
386 rs->rs_transport->flush_mrs();
387 return 0;
388 }
389
390 /* Look up the MR given its R_key and remove it from the rbtree
391 * so nobody else finds it.
392 * This should also prevent races with rds_rdma_unuse.
393 */
394 spin_lock_irqsave(&rs->rs_rdma_lock, flags);
395 mr = rds_mr_tree_walk(&rs->rs_rdma_keys, rds_rdma_cookie_key(args.cookie), NULL);
396 if (mr) {
397 rb_erase(&mr->r_rb_node, &rs->rs_rdma_keys);
398 RB_CLEAR_NODE(&mr->r_rb_node);
399 if (args.flags & RDS_RDMA_INVALIDATE)
400 mr->r_invalidate = 1;
401 }
402 spin_unlock_irqrestore(&rs->rs_rdma_lock, flags);
403
404 if (!mr)
405 return -EINVAL;
406
407 /*
408 * call rds_destroy_mr() ourselves so that we're sure it's done by the time
409 * we return. If we let rds_mr_put() do it it might not happen until
410 * someone else drops their ref.
411 */
412 rds_destroy_mr(mr);
413 rds_mr_put(mr);
414 return 0;
415 }
416
417 /*
418 * This is called when we receive an extension header that
419 * tells us this MR was used. It allows us to implement
420 * use_once semantics
421 */
rds_rdma_unuse(struct rds_sock * rs,u32 r_key,int force)422 void rds_rdma_unuse(struct rds_sock *rs, u32 r_key, int force)
423 {
424 struct rds_mr *mr;
425 unsigned long flags;
426 int zot_me = 0;
427
428 spin_lock_irqsave(&rs->rs_rdma_lock, flags);
429 mr = rds_mr_tree_walk(&rs->rs_rdma_keys, r_key, NULL);
430 if (!mr) {
431 pr_debug("rds: trying to unuse MR with unknown r_key %u!\n",
432 r_key);
433 spin_unlock_irqrestore(&rs->rs_rdma_lock, flags);
434 return;
435 }
436
437 if (mr->r_use_once || force) {
438 rb_erase(&mr->r_rb_node, &rs->rs_rdma_keys);
439 RB_CLEAR_NODE(&mr->r_rb_node);
440 zot_me = 1;
441 }
442 spin_unlock_irqrestore(&rs->rs_rdma_lock, flags);
443
444 /* May have to issue a dma_sync on this memory region.
445 * Note we could avoid this if the operation was a RDMA READ,
446 * but at this point we can't tell. */
447 if (mr->r_trans->sync_mr)
448 mr->r_trans->sync_mr(mr->r_trans_private, DMA_FROM_DEVICE);
449
450 /* If the MR was marked as invalidate, this will
451 * trigger an async flush. */
452 if (zot_me) {
453 rds_destroy_mr(mr);
454 rds_mr_put(mr);
455 }
456 }
457
rds_rdma_free_op(struct rm_rdma_op * ro)458 void rds_rdma_free_op(struct rm_rdma_op *ro)
459 {
460 unsigned int i;
461
462 for (i = 0; i < ro->op_nents; i++) {
463 struct page *page = sg_page(&ro->op_sg[i]);
464
465 /* Mark page dirty if it was possibly modified, which
466 * is the case for a RDMA_READ which copies from remote
467 * to local memory */
468 if (!ro->op_write) {
469 WARN_ON(!page->mapping && irqs_disabled());
470 set_page_dirty(page);
471 }
472 put_page(page);
473 }
474
475 kfree(ro->op_notifier);
476 ro->op_notifier = NULL;
477 ro->op_active = 0;
478 }
479
rds_atomic_free_op(struct rm_atomic_op * ao)480 void rds_atomic_free_op(struct rm_atomic_op *ao)
481 {
482 struct page *page = sg_page(ao->op_sg);
483
484 /* Mark page dirty if it was possibly modified, which
485 * is the case for a RDMA_READ which copies from remote
486 * to local memory */
487 set_page_dirty(page);
488 put_page(page);
489
490 kfree(ao->op_notifier);
491 ao->op_notifier = NULL;
492 ao->op_active = 0;
493 }
494
495
496 /*
497 * Count the number of pages needed to describe an incoming iovec array.
498 */
rds_rdma_pages(struct rds_iovec iov[],int nr_iovecs)499 static int rds_rdma_pages(struct rds_iovec iov[], int nr_iovecs)
500 {
501 int tot_pages = 0;
502 unsigned int nr_pages;
503 unsigned int i;
504
505 /* figure out the number of pages in the vector */
506 for (i = 0; i < nr_iovecs; i++) {
507 nr_pages = rds_pages_in_vec(&iov[i]);
508 if (nr_pages == 0)
509 return -EINVAL;
510
511 tot_pages += nr_pages;
512
513 /*
514 * nr_pages for one entry is limited to (UINT_MAX>>PAGE_SHIFT)+1,
515 * so tot_pages cannot overflow without first going negative.
516 */
517 if (tot_pages < 0)
518 return -EINVAL;
519 }
520
521 return tot_pages;
522 }
523
rds_rdma_extra_size(struct rds_rdma_args * args,struct rds_iov_vector * iov)524 int rds_rdma_extra_size(struct rds_rdma_args *args,
525 struct rds_iov_vector *iov)
526 {
527 struct rds_iovec *vec;
528 struct rds_iovec __user *local_vec;
529 int tot_pages = 0;
530 unsigned int nr_pages;
531 unsigned int i;
532
533 local_vec = (struct rds_iovec __user *)(unsigned long) args->local_vec_addr;
534
535 if (args->nr_local == 0)
536 return -EINVAL;
537
538 if (args->nr_local > UIO_MAXIOV)
539 return -EMSGSIZE;
540
541 iov->iov = kcalloc(args->nr_local,
542 sizeof(struct rds_iovec),
543 GFP_KERNEL);
544 if (!iov->iov)
545 return -ENOMEM;
546
547 vec = &iov->iov[0];
548
549 if (copy_from_user(vec, local_vec, args->nr_local *
550 sizeof(struct rds_iovec)))
551 return -EFAULT;
552 iov->len = args->nr_local;
553
554 /* figure out the number of pages in the vector */
555 for (i = 0; i < args->nr_local; i++, vec++) {
556
557 nr_pages = rds_pages_in_vec(vec);
558 if (nr_pages == 0)
559 return -EINVAL;
560
561 tot_pages += nr_pages;
562
563 /*
564 * nr_pages for one entry is limited to (UINT_MAX>>PAGE_SHIFT)+1,
565 * so tot_pages cannot overflow without first going negative.
566 */
567 if (tot_pages < 0)
568 return -EINVAL;
569 }
570
571 return tot_pages * sizeof(struct scatterlist);
572 }
573
574 /*
575 * The application asks for a RDMA transfer.
576 * Extract all arguments and set up the rdma_op
577 */
rds_cmsg_rdma_args(struct rds_sock * rs,struct rds_message * rm,struct cmsghdr * cmsg,struct rds_iov_vector * vec)578 int rds_cmsg_rdma_args(struct rds_sock *rs, struct rds_message *rm,
579 struct cmsghdr *cmsg,
580 struct rds_iov_vector *vec)
581 {
582 struct rds_rdma_args *args;
583 struct rm_rdma_op *op = &rm->rdma;
584 int nr_pages;
585 unsigned int nr_bytes;
586 struct page **pages = NULL;
587 struct rds_iovec *iovs;
588 unsigned int i, j;
589 int ret = 0;
590
591 if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct rds_rdma_args))
592 || rm->rdma.op_active)
593 return -EINVAL;
594
595 args = CMSG_DATA(cmsg);
596
597 if (ipv6_addr_any(&rs->rs_bound_addr)) {
598 ret = -ENOTCONN; /* XXX not a great errno */
599 goto out_ret;
600 }
601
602 if (args->nr_local > UIO_MAXIOV) {
603 ret = -EMSGSIZE;
604 goto out_ret;
605 }
606
607 if (vec->len != args->nr_local) {
608 ret = -EINVAL;
609 goto out_ret;
610 }
611
612 iovs = vec->iov;
613
614 nr_pages = rds_rdma_pages(iovs, args->nr_local);
615 if (nr_pages < 0) {
616 ret = -EINVAL;
617 goto out_ret;
618 }
619
620 pages = kcalloc(nr_pages, sizeof(struct page *), GFP_KERNEL);
621 if (!pages) {
622 ret = -ENOMEM;
623 goto out_ret;
624 }
625
626 op->op_write = !!(args->flags & RDS_RDMA_READWRITE);
627 op->op_fence = !!(args->flags & RDS_RDMA_FENCE);
628 op->op_notify = !!(args->flags & RDS_RDMA_NOTIFY_ME);
629 op->op_silent = !!(args->flags & RDS_RDMA_SILENT);
630 op->op_active = 1;
631 op->op_recverr = rs->rs_recverr;
632 WARN_ON(!nr_pages);
633 op->op_sg = rds_message_alloc_sgs(rm, nr_pages);
634 if (IS_ERR(op->op_sg)) {
635 ret = PTR_ERR(op->op_sg);
636 goto out_pages;
637 }
638
639 if (op->op_notify || op->op_recverr) {
640 /* We allocate an uninitialized notifier here, because
641 * we don't want to do that in the completion handler. We
642 * would have to use GFP_ATOMIC there, and don't want to deal
643 * with failed allocations.
644 */
645 op->op_notifier = kmalloc(sizeof(struct rds_notifier), GFP_KERNEL);
646 if (!op->op_notifier) {
647 ret = -ENOMEM;
648 goto out_pages;
649 }
650 op->op_notifier->n_user_token = args->user_token;
651 op->op_notifier->n_status = RDS_RDMA_SUCCESS;
652 }
653
654 /* The cookie contains the R_Key of the remote memory region, and
655 * optionally an offset into it. This is how we implement RDMA into
656 * unaligned memory.
657 * When setting up the RDMA, we need to add that offset to the
658 * destination address (which is really an offset into the MR)
659 * FIXME: We may want to move this into ib_rdma.c
660 */
661 op->op_rkey = rds_rdma_cookie_key(args->cookie);
662 op->op_remote_addr = args->remote_vec.addr + rds_rdma_cookie_offset(args->cookie);
663
664 nr_bytes = 0;
665
666 rdsdebug("RDS: rdma prepare nr_local %llu rva %llx rkey %x\n",
667 (unsigned long long)args->nr_local,
668 (unsigned long long)args->remote_vec.addr,
669 op->op_rkey);
670
671 for (i = 0; i < args->nr_local; i++) {
672 struct rds_iovec *iov = &iovs[i];
673 /* don't need to check, rds_rdma_pages() verified nr will be +nonzero */
674 unsigned int nr = rds_pages_in_vec(iov);
675
676 rs->rs_user_addr = iov->addr;
677 rs->rs_user_bytes = iov->bytes;
678
679 /* If it's a WRITE operation, we want to pin the pages for reading.
680 * If it's a READ operation, we need to pin the pages for writing.
681 */
682 ret = rds_pin_pages(iov->addr, nr, pages, !op->op_write);
683 if (ret < 0)
684 goto out_pages;
685 else
686 ret = 0;
687
688 rdsdebug("RDS: nr_bytes %u nr %u iov->bytes %llu iov->addr %llx\n",
689 nr_bytes, nr, iov->bytes, iov->addr);
690
691 nr_bytes += iov->bytes;
692
693 for (j = 0; j < nr; j++) {
694 unsigned int offset = iov->addr & ~PAGE_MASK;
695 struct scatterlist *sg;
696
697 sg = &op->op_sg[op->op_nents + j];
698 sg_set_page(sg, pages[j],
699 min_t(unsigned int, iov->bytes, PAGE_SIZE - offset),
700 offset);
701
702 rdsdebug("RDS: sg->offset %x sg->len %x iov->addr %llx iov->bytes %llu\n",
703 sg->offset, sg->length, iov->addr, iov->bytes);
704
705 iov->addr += sg->length;
706 iov->bytes -= sg->length;
707 }
708
709 op->op_nents += nr;
710 }
711
712 if (nr_bytes > args->remote_vec.bytes) {
713 rdsdebug("RDS nr_bytes %u remote_bytes %u do not match\n",
714 nr_bytes,
715 (unsigned int) args->remote_vec.bytes);
716 ret = -EINVAL;
717 goto out_pages;
718 }
719 op->op_bytes = nr_bytes;
720
721 out_pages:
722 kfree(pages);
723 out_ret:
724 if (ret)
725 rds_rdma_free_op(op);
726 else
727 rds_stats_inc(s_send_rdma);
728
729 return ret;
730 }
731
732 /*
733 * The application wants us to pass an RDMA destination (aka MR)
734 * to the remote
735 */
rds_cmsg_rdma_dest(struct rds_sock * rs,struct rds_message * rm,struct cmsghdr * cmsg)736 int rds_cmsg_rdma_dest(struct rds_sock *rs, struct rds_message *rm,
737 struct cmsghdr *cmsg)
738 {
739 unsigned long flags;
740 struct rds_mr *mr;
741 u32 r_key;
742 int err = 0;
743
744 if (cmsg->cmsg_len < CMSG_LEN(sizeof(rds_rdma_cookie_t)) ||
745 rm->m_rdma_cookie != 0)
746 return -EINVAL;
747
748 memcpy(&rm->m_rdma_cookie, CMSG_DATA(cmsg), sizeof(rm->m_rdma_cookie));
749
750 /* We are reusing a previously mapped MR here. Most likely, the
751 * application has written to the buffer, so we need to explicitly
752 * flush those writes to RAM. Otherwise the HCA may not see them
753 * when doing a DMA from that buffer.
754 */
755 r_key = rds_rdma_cookie_key(rm->m_rdma_cookie);
756
757 spin_lock_irqsave(&rs->rs_rdma_lock, flags);
758 mr = rds_mr_tree_walk(&rs->rs_rdma_keys, r_key, NULL);
759 if (!mr)
760 err = -EINVAL; /* invalid r_key */
761 else
762 refcount_inc(&mr->r_refcount);
763 spin_unlock_irqrestore(&rs->rs_rdma_lock, flags);
764
765 if (mr) {
766 mr->r_trans->sync_mr(mr->r_trans_private, DMA_TO_DEVICE);
767 rm->rdma.op_rdma_mr = mr;
768 }
769 return err;
770 }
771
772 /*
773 * The application passes us an address range it wants to enable RDMA
774 * to/from. We map the area, and save the <R_Key,offset> pair
775 * in rm->m_rdma_cookie. This causes it to be sent along to the peer
776 * in an extension header.
777 */
rds_cmsg_rdma_map(struct rds_sock * rs,struct rds_message * rm,struct cmsghdr * cmsg)778 int rds_cmsg_rdma_map(struct rds_sock *rs, struct rds_message *rm,
779 struct cmsghdr *cmsg)
780 {
781 if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct rds_get_mr_args)) ||
782 rm->m_rdma_cookie != 0)
783 return -EINVAL;
784
785 return __rds_rdma_map(rs, CMSG_DATA(cmsg), &rm->m_rdma_cookie,
786 &rm->rdma.op_rdma_mr, rm->m_conn_path);
787 }
788
789 /*
790 * Fill in rds_message for an atomic request.
791 */
rds_cmsg_atomic(struct rds_sock * rs,struct rds_message * rm,struct cmsghdr * cmsg)792 int rds_cmsg_atomic(struct rds_sock *rs, struct rds_message *rm,
793 struct cmsghdr *cmsg)
794 {
795 struct page *page = NULL;
796 struct rds_atomic_args *args;
797 int ret = 0;
798
799 if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct rds_atomic_args))
800 || rm->atomic.op_active)
801 return -EINVAL;
802
803 args = CMSG_DATA(cmsg);
804
805 /* Nonmasked & masked cmsg ops converted to masked hw ops */
806 switch (cmsg->cmsg_type) {
807 case RDS_CMSG_ATOMIC_FADD:
808 rm->atomic.op_type = RDS_ATOMIC_TYPE_FADD;
809 rm->atomic.op_m_fadd.add = args->fadd.add;
810 rm->atomic.op_m_fadd.nocarry_mask = 0;
811 break;
812 case RDS_CMSG_MASKED_ATOMIC_FADD:
813 rm->atomic.op_type = RDS_ATOMIC_TYPE_FADD;
814 rm->atomic.op_m_fadd.add = args->m_fadd.add;
815 rm->atomic.op_m_fadd.nocarry_mask = args->m_fadd.nocarry_mask;
816 break;
817 case RDS_CMSG_ATOMIC_CSWP:
818 rm->atomic.op_type = RDS_ATOMIC_TYPE_CSWP;
819 rm->atomic.op_m_cswp.compare = args->cswp.compare;
820 rm->atomic.op_m_cswp.swap = args->cswp.swap;
821 rm->atomic.op_m_cswp.compare_mask = ~0;
822 rm->atomic.op_m_cswp.swap_mask = ~0;
823 break;
824 case RDS_CMSG_MASKED_ATOMIC_CSWP:
825 rm->atomic.op_type = RDS_ATOMIC_TYPE_CSWP;
826 rm->atomic.op_m_cswp.compare = args->m_cswp.compare;
827 rm->atomic.op_m_cswp.swap = args->m_cswp.swap;
828 rm->atomic.op_m_cswp.compare_mask = args->m_cswp.compare_mask;
829 rm->atomic.op_m_cswp.swap_mask = args->m_cswp.swap_mask;
830 break;
831 default:
832 BUG(); /* should never happen */
833 }
834
835 rm->atomic.op_notify = !!(args->flags & RDS_RDMA_NOTIFY_ME);
836 rm->atomic.op_silent = !!(args->flags & RDS_RDMA_SILENT);
837 rm->atomic.op_active = 1;
838 rm->atomic.op_recverr = rs->rs_recverr;
839 rm->atomic.op_sg = rds_message_alloc_sgs(rm, 1);
840 if (IS_ERR(rm->atomic.op_sg)) {
841 ret = PTR_ERR(rm->atomic.op_sg);
842 goto err;
843 }
844
845 /* verify 8 byte-aligned */
846 if (args->local_addr & 0x7) {
847 ret = -EFAULT;
848 goto err;
849 }
850
851 ret = rds_pin_pages(args->local_addr, 1, &page, 1);
852 if (ret != 1)
853 goto err;
854 ret = 0;
855
856 sg_set_page(rm->atomic.op_sg, page, 8, offset_in_page(args->local_addr));
857
858 if (rm->atomic.op_notify || rm->atomic.op_recverr) {
859 /* We allocate an uninitialized notifier here, because
860 * we don't want to do that in the completion handler. We
861 * would have to use GFP_ATOMIC there, and don't want to deal
862 * with failed allocations.
863 */
864 rm->atomic.op_notifier = kmalloc(sizeof(*rm->atomic.op_notifier), GFP_KERNEL);
865 if (!rm->atomic.op_notifier) {
866 ret = -ENOMEM;
867 goto err;
868 }
869
870 rm->atomic.op_notifier->n_user_token = args->user_token;
871 rm->atomic.op_notifier->n_status = RDS_RDMA_SUCCESS;
872 }
873
874 rm->atomic.op_rkey = rds_rdma_cookie_key(args->cookie);
875 rm->atomic.op_remote_addr = args->remote_addr + rds_rdma_cookie_offset(args->cookie);
876
877 return ret;
878 err:
879 if (page)
880 put_page(page);
881 rm->atomic.op_active = 0;
882 kfree(rm->atomic.op_notifier);
883
884 return ret;
885 }
886