Loading...
1/*
2 * Copyright (c) 2005 Topspin Communications. All rights reserved.
3 * Copyright (c) 2005 Cisco Systems. All rights reserved.
4 * Copyright (c) 2005 Mellanox Technologies. All rights reserved.
5 *
6 * This software is available to you under a choice of one of two
7 * licenses. You may choose to be licensed under the terms of the GNU
8 * General Public License (GPL) Version 2, available from the file
9 * COPYING in the main directory of this source tree, or the
10 * OpenIB.org BSD license below:
11 *
12 * Redistribution and use in source and binary forms, with or
13 * without modification, are permitted provided that the following
14 * conditions are met:
15 *
16 * - Redistributions of source code must retain the above
17 * copyright notice, this list of conditions and the following
18 * disclaimer.
19 *
20 * - Redistributions in binary form must reproduce the above
21 * copyright notice, this list of conditions and the following
22 * disclaimer in the documentation and/or other materials
23 * provided with the distribution.
24 *
25 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
26 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
27 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
28 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
29 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
30 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
31 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
32 * SOFTWARE.
33 */
34
35#include <linux/mm.h>
36#include <linux/dma-mapping.h>
37#include <linux/sched.h>
38#include <linux/hugetlb.h>
39#include <linux/dma-attrs.h>
40#include <linux/slab.h>
41
42#include "uverbs.h"
43
44#define IB_UMEM_MAX_PAGE_CHUNK \
45 ((PAGE_SIZE - offsetof(struct ib_umem_chunk, page_list)) / \
46 ((void *) &((struct ib_umem_chunk *) 0)->page_list[1] - \
47 (void *) &((struct ib_umem_chunk *) 0)->page_list[0]))
48
49static void __ib_umem_release(struct ib_device *dev, struct ib_umem *umem, int dirty)
50{
51 struct ib_umem_chunk *chunk, *tmp;
52 int i;
53
54 list_for_each_entry_safe(chunk, tmp, &umem->chunk_list, list) {
55 ib_dma_unmap_sg(dev, chunk->page_list,
56 chunk->nents, DMA_BIDIRECTIONAL);
57 for (i = 0; i < chunk->nents; ++i) {
58 struct page *page = sg_page(&chunk->page_list[i]);
59
60 if (umem->writable && dirty)
61 set_page_dirty_lock(page);
62 put_page(page);
63 }
64
65 kfree(chunk);
66 }
67}
68
69/**
70 * ib_umem_get - Pin and DMA map userspace memory.
71 * @context: userspace context to pin memory for
72 * @addr: userspace virtual address to start at
73 * @size: length of region to pin
74 * @access: IB_ACCESS_xxx flags for memory being pinned
75 * @dmasync: flush in-flight DMA when the memory region is written
76 */
77struct ib_umem *ib_umem_get(struct ib_ucontext *context, unsigned long addr,
78 size_t size, int access, int dmasync)
79{
80 struct ib_umem *umem;
81 struct page **page_list;
82 struct vm_area_struct **vma_list;
83 struct ib_umem_chunk *chunk;
84 unsigned long locked;
85 unsigned long lock_limit;
86 unsigned long cur_base;
87 unsigned long npages;
88 int ret;
89 int off;
90 int i;
91 DEFINE_DMA_ATTRS(attrs);
92
93 if (dmasync)
94 dma_set_attr(DMA_ATTR_WRITE_BARRIER, &attrs);
95
96 if (!can_do_mlock())
97 return ERR_PTR(-EPERM);
98
99 umem = kmalloc(sizeof *umem, GFP_KERNEL);
100 if (!umem)
101 return ERR_PTR(-ENOMEM);
102
103 umem->context = context;
104 umem->length = size;
105 umem->offset = addr & ~PAGE_MASK;
106 umem->page_size = PAGE_SIZE;
107 /*
108 * We ask for writable memory if any access flags other than
109 * "remote read" are set. "Local write" and "remote write"
110 * obviously require write access. "Remote atomic" can do
111 * things like fetch and add, which will modify memory, and
112 * "MW bind" can change permissions by binding a window.
113 */
114 umem->writable = !!(access & ~IB_ACCESS_REMOTE_READ);
115
116 /* We assume the memory is from hugetlb until proved otherwise */
117 umem->hugetlb = 1;
118
119 INIT_LIST_HEAD(&umem->chunk_list);
120
121 page_list = (struct page **) __get_free_page(GFP_KERNEL);
122 if (!page_list) {
123 kfree(umem);
124 return ERR_PTR(-ENOMEM);
125 }
126
127 /*
128 * if we can't alloc the vma_list, it's not so bad;
129 * just assume the memory is not hugetlb memory
130 */
131 vma_list = (struct vm_area_struct **) __get_free_page(GFP_KERNEL);
132 if (!vma_list)
133 umem->hugetlb = 0;
134
135 npages = PAGE_ALIGN(size + umem->offset) >> PAGE_SHIFT;
136
137 down_write(¤t->mm->mmap_sem);
138
139 locked = npages + current->mm->locked_vm;
140 lock_limit = rlimit(RLIMIT_MEMLOCK) >> PAGE_SHIFT;
141
142 if ((locked > lock_limit) && !capable(CAP_IPC_LOCK)) {
143 ret = -ENOMEM;
144 goto out;
145 }
146
147 cur_base = addr & PAGE_MASK;
148
149 ret = 0;
150 while (npages) {
151 ret = get_user_pages(current, current->mm, cur_base,
152 min_t(unsigned long, npages,
153 PAGE_SIZE / sizeof (struct page *)),
154 1, !umem->writable, page_list, vma_list);
155
156 if (ret < 0)
157 goto out;
158
159 cur_base += ret * PAGE_SIZE;
160 npages -= ret;
161
162 off = 0;
163
164 while (ret) {
165 chunk = kmalloc(sizeof *chunk + sizeof (struct scatterlist) *
166 min_t(int, ret, IB_UMEM_MAX_PAGE_CHUNK),
167 GFP_KERNEL);
168 if (!chunk) {
169 ret = -ENOMEM;
170 goto out;
171 }
172
173 chunk->nents = min_t(int, ret, IB_UMEM_MAX_PAGE_CHUNK);
174 sg_init_table(chunk->page_list, chunk->nents);
175 for (i = 0; i < chunk->nents; ++i) {
176 if (vma_list &&
177 !is_vm_hugetlb_page(vma_list[i + off]))
178 umem->hugetlb = 0;
179 sg_set_page(&chunk->page_list[i], page_list[i + off], PAGE_SIZE, 0);
180 }
181
182 chunk->nmap = ib_dma_map_sg_attrs(context->device,
183 &chunk->page_list[0],
184 chunk->nents,
185 DMA_BIDIRECTIONAL,
186 &attrs);
187 if (chunk->nmap <= 0) {
188 for (i = 0; i < chunk->nents; ++i)
189 put_page(sg_page(&chunk->page_list[i]));
190 kfree(chunk);
191
192 ret = -ENOMEM;
193 goto out;
194 }
195
196 ret -= chunk->nents;
197 off += chunk->nents;
198 list_add_tail(&chunk->list, &umem->chunk_list);
199 }
200
201 ret = 0;
202 }
203
204out:
205 if (ret < 0) {
206 __ib_umem_release(context->device, umem, 0);
207 kfree(umem);
208 } else
209 current->mm->locked_vm = locked;
210
211 up_write(¤t->mm->mmap_sem);
212 if (vma_list)
213 free_page((unsigned long) vma_list);
214 free_page((unsigned long) page_list);
215
216 return ret < 0 ? ERR_PTR(ret) : umem;
217}
218EXPORT_SYMBOL(ib_umem_get);
219
220static void ib_umem_account(struct work_struct *work)
221{
222 struct ib_umem *umem = container_of(work, struct ib_umem, work);
223
224 down_write(&umem->mm->mmap_sem);
225 umem->mm->locked_vm -= umem->diff;
226 up_write(&umem->mm->mmap_sem);
227 mmput(umem->mm);
228 kfree(umem);
229}
230
231/**
232 * ib_umem_release - release memory pinned with ib_umem_get
233 * @umem: umem struct to release
234 */
235void ib_umem_release(struct ib_umem *umem)
236{
237 struct ib_ucontext *context = umem->context;
238 struct mm_struct *mm;
239 unsigned long diff;
240
241 __ib_umem_release(umem->context->device, umem, 1);
242
243 mm = get_task_mm(current);
244 if (!mm) {
245 kfree(umem);
246 return;
247 }
248
249 diff = PAGE_ALIGN(umem->length + umem->offset) >> PAGE_SHIFT;
250
251 /*
252 * We may be called with the mm's mmap_sem already held. This
253 * can happen when a userspace munmap() is the call that drops
254 * the last reference to our file and calls our release
255 * method. If there are memory regions to destroy, we'll end
256 * up here and not be able to take the mmap_sem. In that case
257 * we defer the vm_locked accounting to the system workqueue.
258 */
259 if (context->closing) {
260 if (!down_write_trylock(&mm->mmap_sem)) {
261 INIT_WORK(&umem->work, ib_umem_account);
262 umem->mm = mm;
263 umem->diff = diff;
264
265 queue_work(ib_wq, &umem->work);
266 return;
267 }
268 } else
269 down_write(&mm->mmap_sem);
270
271 current->mm->locked_vm -= diff;
272 up_write(&mm->mmap_sem);
273 mmput(mm);
274 kfree(umem);
275}
276EXPORT_SYMBOL(ib_umem_release);
277
278int ib_umem_page_count(struct ib_umem *umem)
279{
280 struct ib_umem_chunk *chunk;
281 int shift;
282 int i;
283 int n;
284
285 shift = ilog2(umem->page_size);
286
287 n = 0;
288 list_for_each_entry(chunk, &umem->chunk_list, list)
289 for (i = 0; i < chunk->nmap; ++i)
290 n += sg_dma_len(&chunk->page_list[i]) >> shift;
291
292 return n;
293}
294EXPORT_SYMBOL(ib_umem_page_count);
1/*
2 * Copyright (c) 2005 Topspin Communications. All rights reserved.
3 * Copyright (c) 2005 Cisco Systems. All rights reserved.
4 * Copyright (c) 2005 Mellanox Technologies. All rights reserved.
5 *
6 * This software is available to you under a choice of one of two
7 * licenses. You may choose to be licensed under the terms of the GNU
8 * General Public License (GPL) Version 2, available from the file
9 * COPYING in the main directory of this source tree, or the
10 * OpenIB.org BSD license below:
11 *
12 * Redistribution and use in source and binary forms, with or
13 * without modification, are permitted provided that the following
14 * conditions are met:
15 *
16 * - Redistributions of source code must retain the above
17 * copyright notice, this list of conditions and the following
18 * disclaimer.
19 *
20 * - Redistributions in binary form must reproduce the above
21 * copyright notice, this list of conditions and the following
22 * disclaimer in the documentation and/or other materials
23 * provided with the distribution.
24 *
25 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
26 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
27 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
28 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
29 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
30 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
31 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
32 * SOFTWARE.
33 */
34
35#include <linux/mm.h>
36#include <linux/dma-mapping.h>
37#include <linux/sched/signal.h>
38#include <linux/sched/mm.h>
39#include <linux/export.h>
40#include <linux/hugetlb.h>
41#include <linux/slab.h>
42#include <rdma/ib_umem_odp.h>
43
44#include "uverbs.h"
45
46
47static void __ib_umem_release(struct ib_device *dev, struct ib_umem *umem, int dirty)
48{
49 struct scatterlist *sg;
50 struct page *page;
51 int i;
52
53 if (umem->nmap > 0)
54 ib_dma_unmap_sg(dev, umem->sg_head.sgl,
55 umem->npages,
56 DMA_BIDIRECTIONAL);
57
58 for_each_sg(umem->sg_head.sgl, sg, umem->npages, i) {
59
60 page = sg_page(sg);
61 if (!PageDirty(page) && umem->writable && dirty)
62 set_page_dirty_lock(page);
63 put_page(page);
64 }
65
66 sg_free_table(&umem->sg_head);
67 return;
68
69}
70
71/**
72 * ib_umem_get - Pin and DMA map userspace memory.
73 *
74 * If access flags indicate ODP memory, avoid pinning. Instead, stores
75 * the mm for future page fault handling in conjunction with MMU notifiers.
76 *
77 * @context: userspace context to pin memory for
78 * @addr: userspace virtual address to start at
79 * @size: length of region to pin
80 * @access: IB_ACCESS_xxx flags for memory being pinned
81 * @dmasync: flush in-flight DMA when the memory region is written
82 */
83struct ib_umem *ib_umem_get(struct ib_ucontext *context, unsigned long addr,
84 size_t size, int access, int dmasync)
85{
86 struct ib_umem *umem;
87 struct page **page_list;
88 struct vm_area_struct **vma_list;
89 unsigned long locked;
90 unsigned long lock_limit;
91 unsigned long cur_base;
92 unsigned long npages;
93 int ret;
94 int i;
95 unsigned long dma_attrs = 0;
96 struct scatterlist *sg, *sg_list_start;
97 int need_release = 0;
98 unsigned int gup_flags = FOLL_WRITE;
99
100 if (dmasync)
101 dma_attrs |= DMA_ATTR_WRITE_BARRIER;
102
103 /*
104 * If the combination of the addr and size requested for this memory
105 * region causes an integer overflow, return error.
106 */
107 if (((addr + size) < addr) ||
108 PAGE_ALIGN(addr + size) < (addr + size))
109 return ERR_PTR(-EINVAL);
110
111 if (!can_do_mlock())
112 return ERR_PTR(-EPERM);
113
114 umem = kzalloc(sizeof *umem, GFP_KERNEL);
115 if (!umem)
116 return ERR_PTR(-ENOMEM);
117
118 umem->context = context;
119 umem->length = size;
120 umem->address = addr;
121 umem->page_shift = PAGE_SHIFT;
122 /*
123 * We ask for writable memory if any of the following
124 * access flags are set. "Local write" and "remote write"
125 * obviously require write access. "Remote atomic" can do
126 * things like fetch and add, which will modify memory, and
127 * "MW bind" can change permissions by binding a window.
128 */
129 umem->writable = !!(access &
130 (IB_ACCESS_LOCAL_WRITE | IB_ACCESS_REMOTE_WRITE |
131 IB_ACCESS_REMOTE_ATOMIC | IB_ACCESS_MW_BIND));
132
133 if (access & IB_ACCESS_ON_DEMAND) {
134 ret = ib_umem_odp_get(context, umem, access);
135 if (ret) {
136 kfree(umem);
137 return ERR_PTR(ret);
138 }
139 return umem;
140 }
141
142 umem->odp_data = NULL;
143
144 /* We assume the memory is from hugetlb until proved otherwise */
145 umem->hugetlb = 1;
146
147 page_list = (struct page **) __get_free_page(GFP_KERNEL);
148 if (!page_list) {
149 kfree(umem);
150 return ERR_PTR(-ENOMEM);
151 }
152
153 /*
154 * if we can't alloc the vma_list, it's not so bad;
155 * just assume the memory is not hugetlb memory
156 */
157 vma_list = (struct vm_area_struct **) __get_free_page(GFP_KERNEL);
158 if (!vma_list)
159 umem->hugetlb = 0;
160
161 npages = ib_umem_num_pages(umem);
162
163 down_write(¤t->mm->mmap_sem);
164
165 locked = npages + current->mm->pinned_vm;
166 lock_limit = rlimit(RLIMIT_MEMLOCK) >> PAGE_SHIFT;
167
168 if ((locked > lock_limit) && !capable(CAP_IPC_LOCK)) {
169 ret = -ENOMEM;
170 goto out;
171 }
172
173 cur_base = addr & PAGE_MASK;
174
175 if (npages == 0 || npages > UINT_MAX) {
176 ret = -EINVAL;
177 goto out;
178 }
179
180 ret = sg_alloc_table(&umem->sg_head, npages, GFP_KERNEL);
181 if (ret)
182 goto out;
183
184 if (!umem->writable)
185 gup_flags |= FOLL_FORCE;
186
187 need_release = 1;
188 sg_list_start = umem->sg_head.sgl;
189
190 while (npages) {
191 ret = get_user_pages_longterm(cur_base,
192 min_t(unsigned long, npages,
193 PAGE_SIZE / sizeof (struct page *)),
194 gup_flags, page_list, vma_list);
195
196 if (ret < 0)
197 goto out;
198
199 umem->npages += ret;
200 cur_base += ret * PAGE_SIZE;
201 npages -= ret;
202
203 for_each_sg(sg_list_start, sg, ret, i) {
204 if (vma_list && !is_vm_hugetlb_page(vma_list[i]))
205 umem->hugetlb = 0;
206
207 sg_set_page(sg, page_list[i], PAGE_SIZE, 0);
208 }
209
210 /* preparing for next loop */
211 sg_list_start = sg;
212 }
213
214 umem->nmap = ib_dma_map_sg_attrs(context->device,
215 umem->sg_head.sgl,
216 umem->npages,
217 DMA_BIDIRECTIONAL,
218 dma_attrs);
219
220 if (umem->nmap <= 0) {
221 ret = -ENOMEM;
222 goto out;
223 }
224
225 ret = 0;
226
227out:
228 if (ret < 0) {
229 if (need_release)
230 __ib_umem_release(context->device, umem, 0);
231 kfree(umem);
232 } else
233 current->mm->pinned_vm = locked;
234
235 up_write(¤t->mm->mmap_sem);
236 if (vma_list)
237 free_page((unsigned long) vma_list);
238 free_page((unsigned long) page_list);
239
240 return ret < 0 ? ERR_PTR(ret) : umem;
241}
242EXPORT_SYMBOL(ib_umem_get);
243
244static void ib_umem_account(struct work_struct *work)
245{
246 struct ib_umem *umem = container_of(work, struct ib_umem, work);
247
248 down_write(&umem->mm->mmap_sem);
249 umem->mm->pinned_vm -= umem->diff;
250 up_write(&umem->mm->mmap_sem);
251 mmput(umem->mm);
252 kfree(umem);
253}
254
255/**
256 * ib_umem_release - release memory pinned with ib_umem_get
257 * @umem: umem struct to release
258 */
259void ib_umem_release(struct ib_umem *umem)
260{
261 struct ib_ucontext *context = umem->context;
262 struct mm_struct *mm;
263 struct task_struct *task;
264 unsigned long diff;
265
266 if (umem->odp_data) {
267 ib_umem_odp_release(umem);
268 return;
269 }
270
271 __ib_umem_release(umem->context->device, umem, 1);
272
273 task = get_pid_task(umem->context->tgid, PIDTYPE_PID);
274 if (!task)
275 goto out;
276 mm = get_task_mm(task);
277 put_task_struct(task);
278 if (!mm)
279 goto out;
280
281 diff = ib_umem_num_pages(umem);
282
283 /*
284 * We may be called with the mm's mmap_sem already held. This
285 * can happen when a userspace munmap() is the call that drops
286 * the last reference to our file and calls our release
287 * method. If there are memory regions to destroy, we'll end
288 * up here and not be able to take the mmap_sem. In that case
289 * we defer the vm_locked accounting to the system workqueue.
290 */
291 if (context->closing) {
292 if (!down_write_trylock(&mm->mmap_sem)) {
293 INIT_WORK(&umem->work, ib_umem_account);
294 umem->mm = mm;
295 umem->diff = diff;
296
297 queue_work(ib_wq, &umem->work);
298 return;
299 }
300 } else
301 down_write(&mm->mmap_sem);
302
303 mm->pinned_vm -= diff;
304 up_write(&mm->mmap_sem);
305 mmput(mm);
306out:
307 kfree(umem);
308}
309EXPORT_SYMBOL(ib_umem_release);
310
311int ib_umem_page_count(struct ib_umem *umem)
312{
313 int i;
314 int n;
315 struct scatterlist *sg;
316
317 if (umem->odp_data)
318 return ib_umem_num_pages(umem);
319
320 n = 0;
321 for_each_sg(umem->sg_head.sgl, sg, umem->nmap, i)
322 n += sg_dma_len(sg) >> umem->page_shift;
323
324 return n;
325}
326EXPORT_SYMBOL(ib_umem_page_count);
327
328/*
329 * Copy from the given ib_umem's pages to the given buffer.
330 *
331 * umem - the umem to copy from
332 * offset - offset to start copying from
333 * dst - destination buffer
334 * length - buffer length
335 *
336 * Returns 0 on success, or an error code.
337 */
338int ib_umem_copy_from(void *dst, struct ib_umem *umem, size_t offset,
339 size_t length)
340{
341 size_t end = offset + length;
342 int ret;
343
344 if (offset > umem->length || length > umem->length - offset) {
345 pr_err("ib_umem_copy_from not in range. offset: %zd umem length: %zd end: %zd\n",
346 offset, umem->length, end);
347 return -EINVAL;
348 }
349
350 ret = sg_pcopy_to_buffer(umem->sg_head.sgl, umem->npages, dst, length,
351 offset + ib_umem_offset(umem));
352
353 if (ret < 0)
354 return ret;
355 else if (ret != length)
356 return -EINVAL;
357 else
358 return 0;
359}
360EXPORT_SYMBOL(ib_umem_copy_from);