Loading...
1/*
2 * Copyright (c) 2004 Topspin Communications. All rights reserved.
3 * Copyright (c) 2005 Voltaire, Inc. All rights reserved.
4 * Copyright (c) 2005 Sun Microsystems, Inc. All rights reserved.
5 * Copyright (c) 2008 Cisco. All rights reserved.
6 *
7 * This software is available to you under a choice of one of two
8 * licenses. You may choose to be licensed under the terms of the GNU
9 * General Public License (GPL) Version 2, available from the file
10 * COPYING in the main directory of this source tree, or the
11 * OpenIB.org BSD license below:
12 *
13 * Redistribution and use in source and binary forms, with or
14 * without modification, are permitted provided that the following
15 * conditions are met:
16 *
17 * - Redistributions of source code must retain the above
18 * copyright notice, this list of conditions and the following
19 * disclaimer.
20 *
21 * - Redistributions in binary form must reproduce the above
22 * copyright notice, this list of conditions and the following
23 * disclaimer in the documentation and/or other materials
24 * provided with the distribution.
25 *
26 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
27 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
28 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
29 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
30 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
31 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
32 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
33 * SOFTWARE.
34 */
35
36#define pr_fmt(fmt) "user_mad: " fmt
37
38#include <linux/module.h>
39#include <linux/init.h>
40#include <linux/device.h>
41#include <linux/err.h>
42#include <linux/fs.h>
43#include <linux/cdev.h>
44#include <linux/dma-mapping.h>
45#include <linux/poll.h>
46#include <linux/mutex.h>
47#include <linux/kref.h>
48#include <linux/compat.h>
49#include <linux/sched.h>
50#include <linux/semaphore.h>
51#include <linux/slab.h>
52#include <linux/nospec.h>
53
54#include <linux/uaccess.h>
55
56#include <rdma/ib_mad.h>
57#include <rdma/ib_user_mad.h>
58#include <rdma/rdma_netlink.h>
59
60#include "core_priv.h"
61
62MODULE_AUTHOR("Roland Dreier");
63MODULE_DESCRIPTION("InfiniBand userspace MAD packet access");
64MODULE_LICENSE("Dual BSD/GPL");
65
66enum {
67 IB_UMAD_MAX_PORTS = RDMA_MAX_PORTS,
68 IB_UMAD_MAX_AGENTS = 32,
69
70 IB_UMAD_MAJOR = 231,
71 IB_UMAD_MINOR_BASE = 0,
72 IB_UMAD_NUM_FIXED_MINOR = 64,
73 IB_UMAD_NUM_DYNAMIC_MINOR = IB_UMAD_MAX_PORTS - IB_UMAD_NUM_FIXED_MINOR,
74 IB_ISSM_MINOR_BASE = IB_UMAD_NUM_FIXED_MINOR,
75};
76
77/*
78 * Our lifetime rules for these structs are the following:
79 * device special file is opened, we take a reference on the
80 * ib_umad_port's struct ib_umad_device. We drop these
81 * references in the corresponding close().
82 *
83 * In addition to references coming from open character devices, there
84 * is one more reference to each ib_umad_device representing the
85 * module's reference taken when allocating the ib_umad_device in
86 * ib_umad_add_one().
87 *
88 * When destroying an ib_umad_device, we drop the module's reference.
89 */
90
91struct ib_umad_port {
92 struct cdev cdev;
93 struct device dev;
94 struct cdev sm_cdev;
95 struct device sm_dev;
96 struct semaphore sm_sem;
97
98 struct mutex file_mutex;
99 struct list_head file_list;
100
101 struct ib_device *ib_dev;
102 struct ib_umad_device *umad_dev;
103 int dev_num;
104 u32 port_num;
105};
106
107struct ib_umad_device {
108 struct kref kref;
109 struct ib_umad_port ports[];
110};
111
112struct ib_umad_file {
113 struct mutex mutex;
114 struct ib_umad_port *port;
115 struct list_head recv_list;
116 struct list_head send_list;
117 struct list_head port_list;
118 spinlock_t send_lock;
119 wait_queue_head_t recv_wait;
120 struct ib_mad_agent *agent[IB_UMAD_MAX_AGENTS];
121 int agents_dead;
122 u8 use_pkey_index;
123 u8 already_used;
124};
125
126struct ib_umad_packet {
127 struct ib_mad_send_buf *msg;
128 struct ib_mad_recv_wc *recv_wc;
129 struct list_head list;
130 int length;
131 struct ib_user_mad mad;
132};
133
134struct ib_rmpp_mad_hdr {
135 struct ib_mad_hdr mad_hdr;
136 struct ib_rmpp_hdr rmpp_hdr;
137} __packed;
138
139#define CREATE_TRACE_POINTS
140#include <trace/events/ib_umad.h>
141
142static const dev_t base_umad_dev = MKDEV(IB_UMAD_MAJOR, IB_UMAD_MINOR_BASE);
143static const dev_t base_issm_dev = MKDEV(IB_UMAD_MAJOR, IB_UMAD_MINOR_BASE) +
144 IB_UMAD_NUM_FIXED_MINOR;
145static dev_t dynamic_umad_dev;
146static dev_t dynamic_issm_dev;
147
148static DEFINE_IDA(umad_ida);
149
150static int ib_umad_add_one(struct ib_device *device);
151static void ib_umad_remove_one(struct ib_device *device, void *client_data);
152
153static void ib_umad_dev_free(struct kref *kref)
154{
155 struct ib_umad_device *dev =
156 container_of(kref, struct ib_umad_device, kref);
157
158 kfree(dev);
159}
160
161static void ib_umad_dev_get(struct ib_umad_device *dev)
162{
163 kref_get(&dev->kref);
164}
165
166static void ib_umad_dev_put(struct ib_umad_device *dev)
167{
168 kref_put(&dev->kref, ib_umad_dev_free);
169}
170
171static int hdr_size(struct ib_umad_file *file)
172{
173 return file->use_pkey_index ? sizeof(struct ib_user_mad_hdr) :
174 sizeof(struct ib_user_mad_hdr_old);
175}
176
177/* caller must hold file->mutex */
178static struct ib_mad_agent *__get_agent(struct ib_umad_file *file, int id)
179{
180 return file->agents_dead ? NULL : file->agent[id];
181}
182
183static int queue_packet(struct ib_umad_file *file,
184 struct ib_mad_agent *agent,
185 struct ib_umad_packet *packet)
186{
187 int ret = 1;
188
189 mutex_lock(&file->mutex);
190
191 for (packet->mad.hdr.id = 0;
192 packet->mad.hdr.id < IB_UMAD_MAX_AGENTS;
193 packet->mad.hdr.id++)
194 if (agent == __get_agent(file, packet->mad.hdr.id)) {
195 list_add_tail(&packet->list, &file->recv_list);
196 wake_up_interruptible(&file->recv_wait);
197 ret = 0;
198 break;
199 }
200
201 mutex_unlock(&file->mutex);
202
203 return ret;
204}
205
206static void dequeue_send(struct ib_umad_file *file,
207 struct ib_umad_packet *packet)
208{
209 spin_lock_irq(&file->send_lock);
210 list_del(&packet->list);
211 spin_unlock_irq(&file->send_lock);
212}
213
214static void send_handler(struct ib_mad_agent *agent,
215 struct ib_mad_send_wc *send_wc)
216{
217 struct ib_umad_file *file = agent->context;
218 struct ib_umad_packet *packet = send_wc->send_buf->context[0];
219
220 dequeue_send(file, packet);
221 rdma_destroy_ah(packet->msg->ah, RDMA_DESTROY_AH_SLEEPABLE);
222 ib_free_send_mad(packet->msg);
223
224 if (send_wc->status == IB_WC_RESP_TIMEOUT_ERR) {
225 packet->length = IB_MGMT_MAD_HDR;
226 packet->mad.hdr.status = ETIMEDOUT;
227 if (!queue_packet(file, agent, packet))
228 return;
229 }
230 kfree(packet);
231}
232
233static void recv_handler(struct ib_mad_agent *agent,
234 struct ib_mad_send_buf *send_buf,
235 struct ib_mad_recv_wc *mad_recv_wc)
236{
237 struct ib_umad_file *file = agent->context;
238 struct ib_umad_packet *packet;
239
240 if (mad_recv_wc->wc->status != IB_WC_SUCCESS)
241 goto err1;
242
243 packet = kzalloc(sizeof *packet, GFP_KERNEL);
244 if (!packet)
245 goto err1;
246
247 packet->length = mad_recv_wc->mad_len;
248 packet->recv_wc = mad_recv_wc;
249
250 packet->mad.hdr.status = 0;
251 packet->mad.hdr.length = hdr_size(file) + mad_recv_wc->mad_len;
252 packet->mad.hdr.qpn = cpu_to_be32(mad_recv_wc->wc->src_qp);
253 /*
254 * On OPA devices it is okay to lose the upper 16 bits of LID as this
255 * information is obtained elsewhere. Mask off the upper 16 bits.
256 */
257 if (rdma_cap_opa_mad(agent->device, agent->port_num))
258 packet->mad.hdr.lid = ib_lid_be16(0xFFFF &
259 mad_recv_wc->wc->slid);
260 else
261 packet->mad.hdr.lid = ib_lid_be16(mad_recv_wc->wc->slid);
262 packet->mad.hdr.sl = mad_recv_wc->wc->sl;
263 packet->mad.hdr.path_bits = mad_recv_wc->wc->dlid_path_bits;
264 packet->mad.hdr.pkey_index = mad_recv_wc->wc->pkey_index;
265 packet->mad.hdr.grh_present = !!(mad_recv_wc->wc->wc_flags & IB_WC_GRH);
266 if (packet->mad.hdr.grh_present) {
267 struct rdma_ah_attr ah_attr;
268 const struct ib_global_route *grh;
269 int ret;
270
271 ret = ib_init_ah_attr_from_wc(agent->device, agent->port_num,
272 mad_recv_wc->wc,
273 mad_recv_wc->recv_buf.grh,
274 &ah_attr);
275 if (ret)
276 goto err2;
277
278 grh = rdma_ah_read_grh(&ah_attr);
279 packet->mad.hdr.gid_index = grh->sgid_index;
280 packet->mad.hdr.hop_limit = grh->hop_limit;
281 packet->mad.hdr.traffic_class = grh->traffic_class;
282 memcpy(packet->mad.hdr.gid, &grh->dgid, 16);
283 packet->mad.hdr.flow_label = cpu_to_be32(grh->flow_label);
284 rdma_destroy_ah_attr(&ah_attr);
285 }
286
287 if (queue_packet(file, agent, packet))
288 goto err2;
289 return;
290
291err2:
292 kfree(packet);
293err1:
294 ib_free_recv_mad(mad_recv_wc);
295}
296
297static ssize_t copy_recv_mad(struct ib_umad_file *file, char __user *buf,
298 struct ib_umad_packet *packet, size_t count)
299{
300 struct ib_mad_recv_buf *recv_buf;
301 int left, seg_payload, offset, max_seg_payload;
302 size_t seg_size;
303
304 recv_buf = &packet->recv_wc->recv_buf;
305 seg_size = packet->recv_wc->mad_seg_size;
306
307 /* We need enough room to copy the first (or only) MAD segment. */
308 if ((packet->length <= seg_size &&
309 count < hdr_size(file) + packet->length) ||
310 (packet->length > seg_size &&
311 count < hdr_size(file) + seg_size))
312 return -EINVAL;
313
314 if (copy_to_user(buf, &packet->mad, hdr_size(file)))
315 return -EFAULT;
316
317 buf += hdr_size(file);
318 seg_payload = min_t(int, packet->length, seg_size);
319 if (copy_to_user(buf, recv_buf->mad, seg_payload))
320 return -EFAULT;
321
322 if (seg_payload < packet->length) {
323 /*
324 * Multipacket RMPP MAD message. Copy remainder of message.
325 * Note that last segment may have a shorter payload.
326 */
327 if (count < hdr_size(file) + packet->length) {
328 /*
329 * The buffer is too small, return the first RMPP segment,
330 * which includes the RMPP message length.
331 */
332 return -ENOSPC;
333 }
334 offset = ib_get_mad_data_offset(recv_buf->mad->mad_hdr.mgmt_class);
335 max_seg_payload = seg_size - offset;
336
337 for (left = packet->length - seg_payload, buf += seg_payload;
338 left; left -= seg_payload, buf += seg_payload) {
339 recv_buf = container_of(recv_buf->list.next,
340 struct ib_mad_recv_buf, list);
341 seg_payload = min(left, max_seg_payload);
342 if (copy_to_user(buf, ((void *) recv_buf->mad) + offset,
343 seg_payload))
344 return -EFAULT;
345 }
346 }
347
348 trace_ib_umad_read_recv(file, &packet->mad.hdr, &recv_buf->mad->mad_hdr);
349
350 return hdr_size(file) + packet->length;
351}
352
353static ssize_t copy_send_mad(struct ib_umad_file *file, char __user *buf,
354 struct ib_umad_packet *packet, size_t count)
355{
356 ssize_t size = hdr_size(file) + packet->length;
357
358 if (count < size)
359 return -EINVAL;
360
361 if (copy_to_user(buf, &packet->mad, hdr_size(file)))
362 return -EFAULT;
363
364 buf += hdr_size(file);
365
366 if (copy_to_user(buf, packet->mad.data, packet->length))
367 return -EFAULT;
368
369 trace_ib_umad_read_send(file, &packet->mad.hdr,
370 (struct ib_mad_hdr *)&packet->mad.data);
371
372 return size;
373}
374
375static ssize_t ib_umad_read(struct file *filp, char __user *buf,
376 size_t count, loff_t *pos)
377{
378 struct ib_umad_file *file = filp->private_data;
379 struct ib_umad_packet *packet;
380 ssize_t ret;
381
382 if (count < hdr_size(file))
383 return -EINVAL;
384
385 mutex_lock(&file->mutex);
386
387 if (file->agents_dead) {
388 mutex_unlock(&file->mutex);
389 return -EIO;
390 }
391
392 while (list_empty(&file->recv_list)) {
393 mutex_unlock(&file->mutex);
394
395 if (filp->f_flags & O_NONBLOCK)
396 return -EAGAIN;
397
398 if (wait_event_interruptible(file->recv_wait,
399 !list_empty(&file->recv_list)))
400 return -ERESTARTSYS;
401
402 mutex_lock(&file->mutex);
403 }
404
405 if (file->agents_dead) {
406 mutex_unlock(&file->mutex);
407 return -EIO;
408 }
409
410 packet = list_entry(file->recv_list.next, struct ib_umad_packet, list);
411 list_del(&packet->list);
412
413 mutex_unlock(&file->mutex);
414
415 if (packet->recv_wc)
416 ret = copy_recv_mad(file, buf, packet, count);
417 else
418 ret = copy_send_mad(file, buf, packet, count);
419
420 if (ret < 0) {
421 /* Requeue packet */
422 mutex_lock(&file->mutex);
423 list_add(&packet->list, &file->recv_list);
424 mutex_unlock(&file->mutex);
425 } else {
426 if (packet->recv_wc)
427 ib_free_recv_mad(packet->recv_wc);
428 kfree(packet);
429 }
430 return ret;
431}
432
433static int copy_rmpp_mad(struct ib_mad_send_buf *msg, const char __user *buf)
434{
435 int left, seg;
436
437 /* Copy class specific header */
438 if ((msg->hdr_len > IB_MGMT_RMPP_HDR) &&
439 copy_from_user(msg->mad + IB_MGMT_RMPP_HDR, buf + IB_MGMT_RMPP_HDR,
440 msg->hdr_len - IB_MGMT_RMPP_HDR))
441 return -EFAULT;
442
443 /* All headers are in place. Copy data segments. */
444 for (seg = 1, left = msg->data_len, buf += msg->hdr_len; left > 0;
445 seg++, left -= msg->seg_size, buf += msg->seg_size) {
446 if (copy_from_user(ib_get_rmpp_segment(msg, seg), buf,
447 min(left, msg->seg_size)))
448 return -EFAULT;
449 }
450 return 0;
451}
452
453static int same_destination(struct ib_user_mad_hdr *hdr1,
454 struct ib_user_mad_hdr *hdr2)
455{
456 if (!hdr1->grh_present && !hdr2->grh_present)
457 return (hdr1->lid == hdr2->lid);
458
459 if (hdr1->grh_present && hdr2->grh_present)
460 return !memcmp(hdr1->gid, hdr2->gid, 16);
461
462 return 0;
463}
464
465static int is_duplicate(struct ib_umad_file *file,
466 struct ib_umad_packet *packet)
467{
468 struct ib_umad_packet *sent_packet;
469 struct ib_mad_hdr *sent_hdr, *hdr;
470
471 hdr = (struct ib_mad_hdr *) packet->mad.data;
472 list_for_each_entry(sent_packet, &file->send_list, list) {
473 sent_hdr = (struct ib_mad_hdr *) sent_packet->mad.data;
474
475 if ((hdr->tid != sent_hdr->tid) ||
476 (hdr->mgmt_class != sent_hdr->mgmt_class))
477 continue;
478
479 /*
480 * No need to be overly clever here. If two new operations have
481 * the same TID, reject the second as a duplicate. This is more
482 * restrictive than required by the spec.
483 */
484 if (!ib_response_mad(hdr)) {
485 if (!ib_response_mad(sent_hdr))
486 return 1;
487 continue;
488 } else if (!ib_response_mad(sent_hdr))
489 continue;
490
491 if (same_destination(&packet->mad.hdr, &sent_packet->mad.hdr))
492 return 1;
493 }
494
495 return 0;
496}
497
498static ssize_t ib_umad_write(struct file *filp, const char __user *buf,
499 size_t count, loff_t *pos)
500{
501 struct ib_umad_file *file = filp->private_data;
502 struct ib_rmpp_mad_hdr *rmpp_mad_hdr;
503 struct ib_umad_packet *packet;
504 struct ib_mad_agent *agent;
505 struct rdma_ah_attr ah_attr;
506 struct ib_ah *ah;
507 __be64 *tid;
508 int ret, data_len, hdr_len, copy_offset, rmpp_active;
509 u8 base_version;
510
511 if (count < hdr_size(file) + IB_MGMT_RMPP_HDR)
512 return -EINVAL;
513
514 packet = kzalloc(sizeof(*packet) + IB_MGMT_RMPP_HDR, GFP_KERNEL);
515 if (!packet)
516 return -ENOMEM;
517
518 if (copy_from_user(&packet->mad, buf, hdr_size(file))) {
519 ret = -EFAULT;
520 goto err;
521 }
522
523 if (packet->mad.hdr.id >= IB_UMAD_MAX_AGENTS) {
524 ret = -EINVAL;
525 goto err;
526 }
527
528 buf += hdr_size(file);
529
530 if (copy_from_user(packet->mad.data, buf, IB_MGMT_RMPP_HDR)) {
531 ret = -EFAULT;
532 goto err;
533 }
534
535 mutex_lock(&file->mutex);
536
537 trace_ib_umad_write(file, &packet->mad.hdr,
538 (struct ib_mad_hdr *)&packet->mad.data);
539
540 agent = __get_agent(file, packet->mad.hdr.id);
541 if (!agent) {
542 ret = -EIO;
543 goto err_up;
544 }
545
546 memset(&ah_attr, 0, sizeof ah_attr);
547 ah_attr.type = rdma_ah_find_type(agent->device,
548 file->port->port_num);
549 rdma_ah_set_dlid(&ah_attr, be16_to_cpu(packet->mad.hdr.lid));
550 rdma_ah_set_sl(&ah_attr, packet->mad.hdr.sl);
551 rdma_ah_set_path_bits(&ah_attr, packet->mad.hdr.path_bits);
552 rdma_ah_set_port_num(&ah_attr, file->port->port_num);
553 if (packet->mad.hdr.grh_present) {
554 rdma_ah_set_grh(&ah_attr, NULL,
555 be32_to_cpu(packet->mad.hdr.flow_label),
556 packet->mad.hdr.gid_index,
557 packet->mad.hdr.hop_limit,
558 packet->mad.hdr.traffic_class);
559 rdma_ah_set_dgid_raw(&ah_attr, packet->mad.hdr.gid);
560 }
561
562 ah = rdma_create_user_ah(agent->qp->pd, &ah_attr, NULL);
563 if (IS_ERR(ah)) {
564 ret = PTR_ERR(ah);
565 goto err_up;
566 }
567
568 rmpp_mad_hdr = (struct ib_rmpp_mad_hdr *)packet->mad.data;
569 hdr_len = ib_get_mad_data_offset(rmpp_mad_hdr->mad_hdr.mgmt_class);
570
571 if (ib_is_mad_class_rmpp(rmpp_mad_hdr->mad_hdr.mgmt_class)
572 && ib_mad_kernel_rmpp_agent(agent)) {
573 copy_offset = IB_MGMT_RMPP_HDR;
574 rmpp_active = ib_get_rmpp_flags(&rmpp_mad_hdr->rmpp_hdr) &
575 IB_MGMT_RMPP_FLAG_ACTIVE;
576 } else {
577 copy_offset = IB_MGMT_MAD_HDR;
578 rmpp_active = 0;
579 }
580
581 base_version = ((struct ib_mad_hdr *)&packet->mad.data)->base_version;
582 data_len = count - hdr_size(file) - hdr_len;
583 packet->msg = ib_create_send_mad(agent,
584 be32_to_cpu(packet->mad.hdr.qpn),
585 packet->mad.hdr.pkey_index, rmpp_active,
586 hdr_len, data_len, GFP_KERNEL,
587 base_version);
588 if (IS_ERR(packet->msg)) {
589 ret = PTR_ERR(packet->msg);
590 goto err_ah;
591 }
592
593 packet->msg->ah = ah;
594 packet->msg->timeout_ms = packet->mad.hdr.timeout_ms;
595 packet->msg->retries = packet->mad.hdr.retries;
596 packet->msg->context[0] = packet;
597
598 /* Copy MAD header. Any RMPP header is already in place. */
599 memcpy(packet->msg->mad, packet->mad.data, IB_MGMT_MAD_HDR);
600
601 if (!rmpp_active) {
602 if (copy_from_user(packet->msg->mad + copy_offset,
603 buf + copy_offset,
604 hdr_len + data_len - copy_offset)) {
605 ret = -EFAULT;
606 goto err_msg;
607 }
608 } else {
609 ret = copy_rmpp_mad(packet->msg, buf);
610 if (ret)
611 goto err_msg;
612 }
613
614 /*
615 * Set the high-order part of the transaction ID to make MADs from
616 * different agents unique, and allow routing responses back to the
617 * original requestor.
618 */
619 if (!ib_response_mad(packet->msg->mad)) {
620 tid = &((struct ib_mad_hdr *) packet->msg->mad)->tid;
621 *tid = cpu_to_be64(((u64) agent->hi_tid) << 32 |
622 (be64_to_cpup(tid) & 0xffffffff));
623 rmpp_mad_hdr->mad_hdr.tid = *tid;
624 }
625
626 if (!ib_mad_kernel_rmpp_agent(agent)
627 && ib_is_mad_class_rmpp(rmpp_mad_hdr->mad_hdr.mgmt_class)
628 && (ib_get_rmpp_flags(&rmpp_mad_hdr->rmpp_hdr) & IB_MGMT_RMPP_FLAG_ACTIVE)) {
629 spin_lock_irq(&file->send_lock);
630 list_add_tail(&packet->list, &file->send_list);
631 spin_unlock_irq(&file->send_lock);
632 } else {
633 spin_lock_irq(&file->send_lock);
634 ret = is_duplicate(file, packet);
635 if (!ret)
636 list_add_tail(&packet->list, &file->send_list);
637 spin_unlock_irq(&file->send_lock);
638 if (ret) {
639 ret = -EINVAL;
640 goto err_msg;
641 }
642 }
643
644 ret = ib_post_send_mad(packet->msg, NULL);
645 if (ret)
646 goto err_send;
647
648 mutex_unlock(&file->mutex);
649 return count;
650
651err_send:
652 dequeue_send(file, packet);
653err_msg:
654 ib_free_send_mad(packet->msg);
655err_ah:
656 rdma_destroy_ah(ah, RDMA_DESTROY_AH_SLEEPABLE);
657err_up:
658 mutex_unlock(&file->mutex);
659err:
660 kfree(packet);
661 return ret;
662}
663
664static __poll_t ib_umad_poll(struct file *filp, struct poll_table_struct *wait)
665{
666 struct ib_umad_file *file = filp->private_data;
667
668 /* we will always be able to post a MAD send */
669 __poll_t mask = EPOLLOUT | EPOLLWRNORM;
670
671 mutex_lock(&file->mutex);
672 poll_wait(filp, &file->recv_wait, wait);
673
674 if (!list_empty(&file->recv_list))
675 mask |= EPOLLIN | EPOLLRDNORM;
676 if (file->agents_dead)
677 mask = EPOLLERR;
678 mutex_unlock(&file->mutex);
679
680 return mask;
681}
682
683static int ib_umad_reg_agent(struct ib_umad_file *file, void __user *arg,
684 int compat_method_mask)
685{
686 struct ib_user_mad_reg_req ureq;
687 struct ib_mad_reg_req req;
688 struct ib_mad_agent *agent = NULL;
689 int agent_id;
690 int ret;
691
692 mutex_lock(&file->port->file_mutex);
693 mutex_lock(&file->mutex);
694
695 if (!file->port->ib_dev) {
696 dev_notice(&file->port->dev, "%s: invalid device\n", __func__);
697 ret = -EPIPE;
698 goto out;
699 }
700
701 if (copy_from_user(&ureq, arg, sizeof ureq)) {
702 ret = -EFAULT;
703 goto out;
704 }
705
706 if (ureq.qpn != 0 && ureq.qpn != 1) {
707 dev_notice(&file->port->dev,
708 "%s: invalid QPN %u specified\n", __func__,
709 ureq.qpn);
710 ret = -EINVAL;
711 goto out;
712 }
713
714 for (agent_id = 0; agent_id < IB_UMAD_MAX_AGENTS; ++agent_id)
715 if (!__get_agent(file, agent_id))
716 goto found;
717
718 dev_notice(&file->port->dev, "%s: Max Agents (%u) reached\n", __func__,
719 IB_UMAD_MAX_AGENTS);
720
721 ret = -ENOMEM;
722 goto out;
723
724found:
725 if (ureq.mgmt_class) {
726 memset(&req, 0, sizeof(req));
727 req.mgmt_class = ureq.mgmt_class;
728 req.mgmt_class_version = ureq.mgmt_class_version;
729 memcpy(req.oui, ureq.oui, sizeof req.oui);
730
731 if (compat_method_mask) {
732 u32 *umm = (u32 *) ureq.method_mask;
733 int i;
734
735 for (i = 0; i < BITS_TO_LONGS(IB_MGMT_MAX_METHODS); ++i)
736 req.method_mask[i] =
737 umm[i * 2] | ((u64) umm[i * 2 + 1] << 32);
738 } else
739 memcpy(req.method_mask, ureq.method_mask,
740 sizeof req.method_mask);
741 }
742
743 agent = ib_register_mad_agent(file->port->ib_dev, file->port->port_num,
744 ureq.qpn ? IB_QPT_GSI : IB_QPT_SMI,
745 ureq.mgmt_class ? &req : NULL,
746 ureq.rmpp_version,
747 send_handler, recv_handler, file, 0);
748 if (IS_ERR(agent)) {
749 ret = PTR_ERR(agent);
750 agent = NULL;
751 goto out;
752 }
753
754 if (put_user(agent_id,
755 (u32 __user *) (arg + offsetof(struct ib_user_mad_reg_req, id)))) {
756 ret = -EFAULT;
757 goto out;
758 }
759
760 if (!file->already_used) {
761 file->already_used = 1;
762 if (!file->use_pkey_index) {
763 dev_warn(&file->port->dev,
764 "process %s did not enable P_Key index support.\n",
765 current->comm);
766 dev_warn(&file->port->dev,
767 " Documentation/infiniband/user_mad.rst has info on the new ABI.\n");
768 }
769 }
770
771 file->agent[agent_id] = agent;
772 ret = 0;
773
774out:
775 mutex_unlock(&file->mutex);
776
777 if (ret && agent)
778 ib_unregister_mad_agent(agent);
779
780 mutex_unlock(&file->port->file_mutex);
781
782 return ret;
783}
784
785static int ib_umad_reg_agent2(struct ib_umad_file *file, void __user *arg)
786{
787 struct ib_user_mad_reg_req2 ureq;
788 struct ib_mad_reg_req req;
789 struct ib_mad_agent *agent = NULL;
790 int agent_id;
791 int ret;
792
793 mutex_lock(&file->port->file_mutex);
794 mutex_lock(&file->mutex);
795
796 if (!file->port->ib_dev) {
797 dev_notice(&file->port->dev, "%s: invalid device\n", __func__);
798 ret = -EPIPE;
799 goto out;
800 }
801
802 if (copy_from_user(&ureq, arg, sizeof(ureq))) {
803 ret = -EFAULT;
804 goto out;
805 }
806
807 if (ureq.qpn != 0 && ureq.qpn != 1) {
808 dev_notice(&file->port->dev, "%s: invalid QPN %u specified\n",
809 __func__, ureq.qpn);
810 ret = -EINVAL;
811 goto out;
812 }
813
814 if (ureq.flags & ~IB_USER_MAD_REG_FLAGS_CAP) {
815 dev_notice(&file->port->dev,
816 "%s failed: invalid registration flags specified 0x%x; supported 0x%x\n",
817 __func__, ureq.flags, IB_USER_MAD_REG_FLAGS_CAP);
818 ret = -EINVAL;
819
820 if (put_user((u32)IB_USER_MAD_REG_FLAGS_CAP,
821 (u32 __user *) (arg + offsetof(struct
822 ib_user_mad_reg_req2, flags))))
823 ret = -EFAULT;
824
825 goto out;
826 }
827
828 for (agent_id = 0; agent_id < IB_UMAD_MAX_AGENTS; ++agent_id)
829 if (!__get_agent(file, agent_id))
830 goto found;
831
832 dev_notice(&file->port->dev, "%s: Max Agents (%u) reached\n", __func__,
833 IB_UMAD_MAX_AGENTS);
834 ret = -ENOMEM;
835 goto out;
836
837found:
838 if (ureq.mgmt_class) {
839 memset(&req, 0, sizeof(req));
840 req.mgmt_class = ureq.mgmt_class;
841 req.mgmt_class_version = ureq.mgmt_class_version;
842 if (ureq.oui & 0xff000000) {
843 dev_notice(&file->port->dev,
844 "%s failed: oui invalid 0x%08x\n", __func__,
845 ureq.oui);
846 ret = -EINVAL;
847 goto out;
848 }
849 req.oui[2] = ureq.oui & 0x0000ff;
850 req.oui[1] = (ureq.oui & 0x00ff00) >> 8;
851 req.oui[0] = (ureq.oui & 0xff0000) >> 16;
852 memcpy(req.method_mask, ureq.method_mask,
853 sizeof(req.method_mask));
854 }
855
856 agent = ib_register_mad_agent(file->port->ib_dev, file->port->port_num,
857 ureq.qpn ? IB_QPT_GSI : IB_QPT_SMI,
858 ureq.mgmt_class ? &req : NULL,
859 ureq.rmpp_version,
860 send_handler, recv_handler, file,
861 ureq.flags);
862 if (IS_ERR(agent)) {
863 ret = PTR_ERR(agent);
864 agent = NULL;
865 goto out;
866 }
867
868 if (put_user(agent_id,
869 (u32 __user *)(arg +
870 offsetof(struct ib_user_mad_reg_req2, id)))) {
871 ret = -EFAULT;
872 goto out;
873 }
874
875 if (!file->already_used) {
876 file->already_used = 1;
877 file->use_pkey_index = 1;
878 }
879
880 file->agent[agent_id] = agent;
881 ret = 0;
882
883out:
884 mutex_unlock(&file->mutex);
885
886 if (ret && agent)
887 ib_unregister_mad_agent(agent);
888
889 mutex_unlock(&file->port->file_mutex);
890
891 return ret;
892}
893
894
895static int ib_umad_unreg_agent(struct ib_umad_file *file, u32 __user *arg)
896{
897 struct ib_mad_agent *agent = NULL;
898 u32 id;
899 int ret = 0;
900
901 if (get_user(id, arg))
902 return -EFAULT;
903 if (id >= IB_UMAD_MAX_AGENTS)
904 return -EINVAL;
905
906 mutex_lock(&file->port->file_mutex);
907 mutex_lock(&file->mutex);
908
909 id = array_index_nospec(id, IB_UMAD_MAX_AGENTS);
910 if (!__get_agent(file, id)) {
911 ret = -EINVAL;
912 goto out;
913 }
914
915 agent = file->agent[id];
916 file->agent[id] = NULL;
917
918out:
919 mutex_unlock(&file->mutex);
920
921 if (agent)
922 ib_unregister_mad_agent(agent);
923
924 mutex_unlock(&file->port->file_mutex);
925
926 return ret;
927}
928
929static long ib_umad_enable_pkey(struct ib_umad_file *file)
930{
931 int ret = 0;
932
933 mutex_lock(&file->mutex);
934 if (file->already_used)
935 ret = -EINVAL;
936 else
937 file->use_pkey_index = 1;
938 mutex_unlock(&file->mutex);
939
940 return ret;
941}
942
943static long ib_umad_ioctl(struct file *filp, unsigned int cmd,
944 unsigned long arg)
945{
946 switch (cmd) {
947 case IB_USER_MAD_REGISTER_AGENT:
948 return ib_umad_reg_agent(filp->private_data, (void __user *) arg, 0);
949 case IB_USER_MAD_UNREGISTER_AGENT:
950 return ib_umad_unreg_agent(filp->private_data, (__u32 __user *) arg);
951 case IB_USER_MAD_ENABLE_PKEY:
952 return ib_umad_enable_pkey(filp->private_data);
953 case IB_USER_MAD_REGISTER_AGENT2:
954 return ib_umad_reg_agent2(filp->private_data, (void __user *) arg);
955 default:
956 return -ENOIOCTLCMD;
957 }
958}
959
960#ifdef CONFIG_COMPAT
961static long ib_umad_compat_ioctl(struct file *filp, unsigned int cmd,
962 unsigned long arg)
963{
964 switch (cmd) {
965 case IB_USER_MAD_REGISTER_AGENT:
966 return ib_umad_reg_agent(filp->private_data, compat_ptr(arg), 1);
967 case IB_USER_MAD_UNREGISTER_AGENT:
968 return ib_umad_unreg_agent(filp->private_data, compat_ptr(arg));
969 case IB_USER_MAD_ENABLE_PKEY:
970 return ib_umad_enable_pkey(filp->private_data);
971 case IB_USER_MAD_REGISTER_AGENT2:
972 return ib_umad_reg_agent2(filp->private_data, compat_ptr(arg));
973 default:
974 return -ENOIOCTLCMD;
975 }
976}
977#endif
978
979/*
980 * ib_umad_open() does not need the BKL:
981 *
982 * - the ib_umad_port structures are properly reference counted, and
983 * everything else is purely local to the file being created, so
984 * races against other open calls are not a problem;
985 * - the ioctl method does not affect any global state outside of the
986 * file structure being operated on;
987 */
988static int ib_umad_open(struct inode *inode, struct file *filp)
989{
990 struct ib_umad_port *port;
991 struct ib_umad_file *file;
992 int ret = 0;
993
994 port = container_of(inode->i_cdev, struct ib_umad_port, cdev);
995
996 mutex_lock(&port->file_mutex);
997
998 if (!port->ib_dev) {
999 ret = -ENXIO;
1000 goto out;
1001 }
1002
1003 if (!rdma_dev_access_netns(port->ib_dev, current->nsproxy->net_ns)) {
1004 ret = -EPERM;
1005 goto out;
1006 }
1007
1008 file = kzalloc(sizeof(*file), GFP_KERNEL);
1009 if (!file) {
1010 ret = -ENOMEM;
1011 goto out;
1012 }
1013
1014 mutex_init(&file->mutex);
1015 spin_lock_init(&file->send_lock);
1016 INIT_LIST_HEAD(&file->recv_list);
1017 INIT_LIST_HEAD(&file->send_list);
1018 init_waitqueue_head(&file->recv_wait);
1019
1020 file->port = port;
1021 filp->private_data = file;
1022
1023 list_add_tail(&file->port_list, &port->file_list);
1024
1025 stream_open(inode, filp);
1026out:
1027 mutex_unlock(&port->file_mutex);
1028 return ret;
1029}
1030
1031static int ib_umad_close(struct inode *inode, struct file *filp)
1032{
1033 struct ib_umad_file *file = filp->private_data;
1034 struct ib_umad_packet *packet, *tmp;
1035 int already_dead;
1036 int i;
1037
1038 mutex_lock(&file->port->file_mutex);
1039 mutex_lock(&file->mutex);
1040
1041 already_dead = file->agents_dead;
1042 file->agents_dead = 1;
1043
1044 list_for_each_entry_safe(packet, tmp, &file->recv_list, list) {
1045 if (packet->recv_wc)
1046 ib_free_recv_mad(packet->recv_wc);
1047 kfree(packet);
1048 }
1049
1050 list_del(&file->port_list);
1051
1052 mutex_unlock(&file->mutex);
1053
1054 if (!already_dead)
1055 for (i = 0; i < IB_UMAD_MAX_AGENTS; ++i)
1056 if (file->agent[i])
1057 ib_unregister_mad_agent(file->agent[i]);
1058
1059 mutex_unlock(&file->port->file_mutex);
1060 mutex_destroy(&file->mutex);
1061 kfree(file);
1062 return 0;
1063}
1064
1065static const struct file_operations umad_fops = {
1066 .owner = THIS_MODULE,
1067 .read = ib_umad_read,
1068 .write = ib_umad_write,
1069 .poll = ib_umad_poll,
1070 .unlocked_ioctl = ib_umad_ioctl,
1071#ifdef CONFIG_COMPAT
1072 .compat_ioctl = ib_umad_compat_ioctl,
1073#endif
1074 .open = ib_umad_open,
1075 .release = ib_umad_close,
1076 .llseek = no_llseek,
1077};
1078
1079static int ib_umad_sm_open(struct inode *inode, struct file *filp)
1080{
1081 struct ib_umad_port *port;
1082 struct ib_port_modify props = {
1083 .set_port_cap_mask = IB_PORT_SM
1084 };
1085 int ret;
1086
1087 port = container_of(inode->i_cdev, struct ib_umad_port, sm_cdev);
1088
1089 if (filp->f_flags & O_NONBLOCK) {
1090 if (down_trylock(&port->sm_sem)) {
1091 ret = -EAGAIN;
1092 goto fail;
1093 }
1094 } else {
1095 if (down_interruptible(&port->sm_sem)) {
1096 ret = -ERESTARTSYS;
1097 goto fail;
1098 }
1099 }
1100
1101 if (!rdma_dev_access_netns(port->ib_dev, current->nsproxy->net_ns)) {
1102 ret = -EPERM;
1103 goto err_up_sem;
1104 }
1105
1106 ret = ib_modify_port(port->ib_dev, port->port_num, 0, &props);
1107 if (ret)
1108 goto err_up_sem;
1109
1110 filp->private_data = port;
1111
1112 nonseekable_open(inode, filp);
1113 return 0;
1114
1115err_up_sem:
1116 up(&port->sm_sem);
1117
1118fail:
1119 return ret;
1120}
1121
1122static int ib_umad_sm_close(struct inode *inode, struct file *filp)
1123{
1124 struct ib_umad_port *port = filp->private_data;
1125 struct ib_port_modify props = {
1126 .clr_port_cap_mask = IB_PORT_SM
1127 };
1128 int ret = 0;
1129
1130 mutex_lock(&port->file_mutex);
1131 if (port->ib_dev)
1132 ret = ib_modify_port(port->ib_dev, port->port_num, 0, &props);
1133 mutex_unlock(&port->file_mutex);
1134
1135 up(&port->sm_sem);
1136
1137 return ret;
1138}
1139
1140static const struct file_operations umad_sm_fops = {
1141 .owner = THIS_MODULE,
1142 .open = ib_umad_sm_open,
1143 .release = ib_umad_sm_close,
1144 .llseek = no_llseek,
1145};
1146
1147static struct ib_umad_port *get_port(struct ib_device *ibdev,
1148 struct ib_umad_device *umad_dev,
1149 u32 port)
1150{
1151 if (!umad_dev)
1152 return ERR_PTR(-EOPNOTSUPP);
1153 if (!rdma_is_port_valid(ibdev, port))
1154 return ERR_PTR(-EINVAL);
1155 if (!rdma_cap_ib_mad(ibdev, port))
1156 return ERR_PTR(-EOPNOTSUPP);
1157
1158 return &umad_dev->ports[port - rdma_start_port(ibdev)];
1159}
1160
1161static int ib_umad_get_nl_info(struct ib_device *ibdev, void *client_data,
1162 struct ib_client_nl_info *res)
1163{
1164 struct ib_umad_port *port = get_port(ibdev, client_data, res->port);
1165
1166 if (IS_ERR(port))
1167 return PTR_ERR(port);
1168
1169 res->abi = IB_USER_MAD_ABI_VERSION;
1170 res->cdev = &port->dev;
1171 return 0;
1172}
1173
1174static struct ib_client umad_client = {
1175 .name = "umad",
1176 .add = ib_umad_add_one,
1177 .remove = ib_umad_remove_one,
1178 .get_nl_info = ib_umad_get_nl_info,
1179};
1180MODULE_ALIAS_RDMA_CLIENT("umad");
1181
1182static int ib_issm_get_nl_info(struct ib_device *ibdev, void *client_data,
1183 struct ib_client_nl_info *res)
1184{
1185 struct ib_umad_port *port = get_port(ibdev, client_data, res->port);
1186
1187 if (IS_ERR(port))
1188 return PTR_ERR(port);
1189
1190 res->abi = IB_USER_MAD_ABI_VERSION;
1191 res->cdev = &port->sm_dev;
1192 return 0;
1193}
1194
1195static struct ib_client issm_client = {
1196 .name = "issm",
1197 .get_nl_info = ib_issm_get_nl_info,
1198};
1199MODULE_ALIAS_RDMA_CLIENT("issm");
1200
1201static ssize_t ibdev_show(struct device *dev, struct device_attribute *attr,
1202 char *buf)
1203{
1204 struct ib_umad_port *port = dev_get_drvdata(dev);
1205
1206 if (!port)
1207 return -ENODEV;
1208
1209 return sysfs_emit(buf, "%s\n", dev_name(&port->ib_dev->dev));
1210}
1211static DEVICE_ATTR_RO(ibdev);
1212
1213static ssize_t port_show(struct device *dev, struct device_attribute *attr,
1214 char *buf)
1215{
1216 struct ib_umad_port *port = dev_get_drvdata(dev);
1217
1218 if (!port)
1219 return -ENODEV;
1220
1221 return sysfs_emit(buf, "%d\n", port->port_num);
1222}
1223static DEVICE_ATTR_RO(port);
1224
1225static struct attribute *umad_class_dev_attrs[] = {
1226 &dev_attr_ibdev.attr,
1227 &dev_attr_port.attr,
1228 NULL,
1229};
1230ATTRIBUTE_GROUPS(umad_class_dev);
1231
1232static char *umad_devnode(const struct device *dev, umode_t *mode)
1233{
1234 return kasprintf(GFP_KERNEL, "infiniband/%s", dev_name(dev));
1235}
1236
1237static ssize_t abi_version_show(const struct class *class,
1238 const struct class_attribute *attr, char *buf)
1239{
1240 return sysfs_emit(buf, "%d\n", IB_USER_MAD_ABI_VERSION);
1241}
1242static CLASS_ATTR_RO(abi_version);
1243
1244static struct attribute *umad_class_attrs[] = {
1245 &class_attr_abi_version.attr,
1246 NULL,
1247};
1248ATTRIBUTE_GROUPS(umad_class);
1249
1250static struct class umad_class = {
1251 .name = "infiniband_mad",
1252 .devnode = umad_devnode,
1253 .class_groups = umad_class_groups,
1254 .dev_groups = umad_class_dev_groups,
1255};
1256
1257static void ib_umad_release_port(struct device *device)
1258{
1259 struct ib_umad_port *port = dev_get_drvdata(device);
1260 struct ib_umad_device *umad_dev = port->umad_dev;
1261
1262 ib_umad_dev_put(umad_dev);
1263}
1264
1265static void ib_umad_init_port_dev(struct device *dev,
1266 struct ib_umad_port *port,
1267 const struct ib_device *device)
1268{
1269 device_initialize(dev);
1270 ib_umad_dev_get(port->umad_dev);
1271 dev->class = &umad_class;
1272 dev->parent = device->dev.parent;
1273 dev_set_drvdata(dev, port);
1274 dev->release = ib_umad_release_port;
1275}
1276
1277static int ib_umad_init_port(struct ib_device *device, int port_num,
1278 struct ib_umad_device *umad_dev,
1279 struct ib_umad_port *port)
1280{
1281 int devnum;
1282 dev_t base_umad;
1283 dev_t base_issm;
1284 int ret;
1285
1286 devnum = ida_alloc_max(&umad_ida, IB_UMAD_MAX_PORTS - 1, GFP_KERNEL);
1287 if (devnum < 0)
1288 return -1;
1289 port->dev_num = devnum;
1290 if (devnum >= IB_UMAD_NUM_FIXED_MINOR) {
1291 base_umad = dynamic_umad_dev + devnum - IB_UMAD_NUM_FIXED_MINOR;
1292 base_issm = dynamic_issm_dev + devnum - IB_UMAD_NUM_FIXED_MINOR;
1293 } else {
1294 base_umad = devnum + base_umad_dev;
1295 base_issm = devnum + base_issm_dev;
1296 }
1297
1298 port->ib_dev = device;
1299 port->umad_dev = umad_dev;
1300 port->port_num = port_num;
1301 sema_init(&port->sm_sem, 1);
1302 mutex_init(&port->file_mutex);
1303 INIT_LIST_HEAD(&port->file_list);
1304
1305 ib_umad_init_port_dev(&port->dev, port, device);
1306 port->dev.devt = base_umad;
1307 dev_set_name(&port->dev, "umad%d", port->dev_num);
1308 cdev_init(&port->cdev, &umad_fops);
1309 port->cdev.owner = THIS_MODULE;
1310
1311 ret = cdev_device_add(&port->cdev, &port->dev);
1312 if (ret)
1313 goto err_cdev;
1314
1315 ib_umad_init_port_dev(&port->sm_dev, port, device);
1316 port->sm_dev.devt = base_issm;
1317 dev_set_name(&port->sm_dev, "issm%d", port->dev_num);
1318 cdev_init(&port->sm_cdev, &umad_sm_fops);
1319 port->sm_cdev.owner = THIS_MODULE;
1320
1321 ret = cdev_device_add(&port->sm_cdev, &port->sm_dev);
1322 if (ret)
1323 goto err_dev;
1324
1325 return 0;
1326
1327err_dev:
1328 put_device(&port->sm_dev);
1329 cdev_device_del(&port->cdev, &port->dev);
1330err_cdev:
1331 put_device(&port->dev);
1332 ida_free(&umad_ida, devnum);
1333 return ret;
1334}
1335
1336static void ib_umad_kill_port(struct ib_umad_port *port)
1337{
1338 struct ib_umad_file *file;
1339 int id;
1340
1341 cdev_device_del(&port->sm_cdev, &port->sm_dev);
1342 cdev_device_del(&port->cdev, &port->dev);
1343
1344 mutex_lock(&port->file_mutex);
1345
1346 /* Mark ib_dev NULL and block ioctl or other file ops to progress
1347 * further.
1348 */
1349 port->ib_dev = NULL;
1350
1351 list_for_each_entry(file, &port->file_list, port_list) {
1352 mutex_lock(&file->mutex);
1353 file->agents_dead = 1;
1354 wake_up_interruptible(&file->recv_wait);
1355 mutex_unlock(&file->mutex);
1356
1357 for (id = 0; id < IB_UMAD_MAX_AGENTS; ++id)
1358 if (file->agent[id])
1359 ib_unregister_mad_agent(file->agent[id]);
1360 }
1361
1362 mutex_unlock(&port->file_mutex);
1363
1364 ida_free(&umad_ida, port->dev_num);
1365
1366 /* balances device_initialize() */
1367 put_device(&port->sm_dev);
1368 put_device(&port->dev);
1369}
1370
1371static int ib_umad_add_one(struct ib_device *device)
1372{
1373 struct ib_umad_device *umad_dev;
1374 int s, e, i;
1375 int count = 0;
1376 int ret;
1377
1378 s = rdma_start_port(device);
1379 e = rdma_end_port(device);
1380
1381 umad_dev = kzalloc(struct_size(umad_dev, ports,
1382 size_add(size_sub(e, s), 1)),
1383 GFP_KERNEL);
1384 if (!umad_dev)
1385 return -ENOMEM;
1386
1387 kref_init(&umad_dev->kref);
1388 for (i = s; i <= e; ++i) {
1389 if (!rdma_cap_ib_mad(device, i))
1390 continue;
1391
1392 ret = ib_umad_init_port(device, i, umad_dev,
1393 &umad_dev->ports[i - s]);
1394 if (ret)
1395 goto err;
1396
1397 count++;
1398 }
1399
1400 if (!count) {
1401 ret = -EOPNOTSUPP;
1402 goto free;
1403 }
1404
1405 ib_set_client_data(device, &umad_client, umad_dev);
1406
1407 return 0;
1408
1409err:
1410 while (--i >= s) {
1411 if (!rdma_cap_ib_mad(device, i))
1412 continue;
1413
1414 ib_umad_kill_port(&umad_dev->ports[i - s]);
1415 }
1416free:
1417 /* balances kref_init */
1418 ib_umad_dev_put(umad_dev);
1419 return ret;
1420}
1421
1422static void ib_umad_remove_one(struct ib_device *device, void *client_data)
1423{
1424 struct ib_umad_device *umad_dev = client_data;
1425 unsigned int i;
1426
1427 rdma_for_each_port (device, i) {
1428 if (rdma_cap_ib_mad(device, i))
1429 ib_umad_kill_port(
1430 &umad_dev->ports[i - rdma_start_port(device)]);
1431 }
1432 /* balances kref_init() */
1433 ib_umad_dev_put(umad_dev);
1434}
1435
1436static int __init ib_umad_init(void)
1437{
1438 int ret;
1439
1440 ret = register_chrdev_region(base_umad_dev,
1441 IB_UMAD_NUM_FIXED_MINOR * 2,
1442 umad_class.name);
1443 if (ret) {
1444 pr_err("couldn't register device number\n");
1445 goto out;
1446 }
1447
1448 ret = alloc_chrdev_region(&dynamic_umad_dev, 0,
1449 IB_UMAD_NUM_DYNAMIC_MINOR * 2,
1450 umad_class.name);
1451 if (ret) {
1452 pr_err("couldn't register dynamic device number\n");
1453 goto out_alloc;
1454 }
1455 dynamic_issm_dev = dynamic_umad_dev + IB_UMAD_NUM_DYNAMIC_MINOR;
1456
1457 ret = class_register(&umad_class);
1458 if (ret) {
1459 pr_err("couldn't create class infiniband_mad\n");
1460 goto out_chrdev;
1461 }
1462
1463 ret = ib_register_client(&umad_client);
1464 if (ret)
1465 goto out_class;
1466
1467 ret = ib_register_client(&issm_client);
1468 if (ret)
1469 goto out_client;
1470
1471 return 0;
1472
1473out_client:
1474 ib_unregister_client(&umad_client);
1475out_class:
1476 class_unregister(&umad_class);
1477
1478out_chrdev:
1479 unregister_chrdev_region(dynamic_umad_dev,
1480 IB_UMAD_NUM_DYNAMIC_MINOR * 2);
1481
1482out_alloc:
1483 unregister_chrdev_region(base_umad_dev,
1484 IB_UMAD_NUM_FIXED_MINOR * 2);
1485
1486out:
1487 return ret;
1488}
1489
1490static void __exit ib_umad_cleanup(void)
1491{
1492 ib_unregister_client(&issm_client);
1493 ib_unregister_client(&umad_client);
1494 class_unregister(&umad_class);
1495 unregister_chrdev_region(base_umad_dev,
1496 IB_UMAD_NUM_FIXED_MINOR * 2);
1497 unregister_chrdev_region(dynamic_umad_dev,
1498 IB_UMAD_NUM_DYNAMIC_MINOR * 2);
1499}
1500
1501module_init(ib_umad_init);
1502module_exit(ib_umad_cleanup);
1/*
2 * Copyright (c) 2004 Topspin Communications. All rights reserved.
3 * Copyright (c) 2005 Voltaire, Inc. All rights reserved.
4 * Copyright (c) 2005 Sun Microsystems, Inc. All rights reserved.
5 * Copyright (c) 2008 Cisco. All rights reserved.
6 *
7 * This software is available to you under a choice of one of two
8 * licenses. You may choose to be licensed under the terms of the GNU
9 * General Public License (GPL) Version 2, available from the file
10 * COPYING in the main directory of this source tree, or the
11 * OpenIB.org BSD license below:
12 *
13 * Redistribution and use in source and binary forms, with or
14 * without modification, are permitted provided that the following
15 * conditions are met:
16 *
17 * - Redistributions of source code must retain the above
18 * copyright notice, this list of conditions and the following
19 * disclaimer.
20 *
21 * - Redistributions in binary form must reproduce the above
22 * copyright notice, this list of conditions and the following
23 * disclaimer in the documentation and/or other materials
24 * provided with the distribution.
25 *
26 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
27 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
28 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
29 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
30 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
31 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
32 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
33 * SOFTWARE.
34 */
35
36#define pr_fmt(fmt) "user_mad: " fmt
37
38#include <linux/module.h>
39#include <linux/init.h>
40#include <linux/device.h>
41#include <linux/err.h>
42#include <linux/fs.h>
43#include <linux/cdev.h>
44#include <linux/dma-mapping.h>
45#include <linux/poll.h>
46#include <linux/mutex.h>
47#include <linux/kref.h>
48#include <linux/compat.h>
49#include <linux/sched.h>
50#include <linux/semaphore.h>
51#include <linux/slab.h>
52#include <linux/nospec.h>
53
54#include <linux/uaccess.h>
55
56#include <rdma/ib_mad.h>
57#include <rdma/ib_user_mad.h>
58#include <rdma/rdma_netlink.h>
59
60#include "core_priv.h"
61
62MODULE_AUTHOR("Roland Dreier");
63MODULE_DESCRIPTION("InfiniBand userspace MAD packet access");
64MODULE_LICENSE("Dual BSD/GPL");
65
66enum {
67 IB_UMAD_MAX_PORTS = RDMA_MAX_PORTS,
68 IB_UMAD_MAX_AGENTS = 32,
69
70 IB_UMAD_MAJOR = 231,
71 IB_UMAD_MINOR_BASE = 0,
72 IB_UMAD_NUM_FIXED_MINOR = 64,
73 IB_UMAD_NUM_DYNAMIC_MINOR = IB_UMAD_MAX_PORTS - IB_UMAD_NUM_FIXED_MINOR,
74 IB_ISSM_MINOR_BASE = IB_UMAD_NUM_FIXED_MINOR,
75};
76
77/*
78 * Our lifetime rules for these structs are the following:
79 * device special file is opened, we take a reference on the
80 * ib_umad_port's struct ib_umad_device. We drop these
81 * references in the corresponding close().
82 *
83 * In addition to references coming from open character devices, there
84 * is one more reference to each ib_umad_device representing the
85 * module's reference taken when allocating the ib_umad_device in
86 * ib_umad_add_one().
87 *
88 * When destroying an ib_umad_device, we drop the module's reference.
89 */
90
91struct ib_umad_port {
92 struct cdev cdev;
93 struct device dev;
94 struct cdev sm_cdev;
95 struct device sm_dev;
96 struct semaphore sm_sem;
97
98 struct mutex file_mutex;
99 struct list_head file_list;
100
101 struct ib_device *ib_dev;
102 struct ib_umad_device *umad_dev;
103 int dev_num;
104 u32 port_num;
105};
106
107struct ib_umad_device {
108 struct kref kref;
109 struct ib_umad_port ports[];
110};
111
112struct ib_umad_file {
113 struct mutex mutex;
114 struct ib_umad_port *port;
115 struct list_head recv_list;
116 struct list_head send_list;
117 struct list_head port_list;
118 spinlock_t send_lock;
119 wait_queue_head_t recv_wait;
120 struct ib_mad_agent *agent[IB_UMAD_MAX_AGENTS];
121 int agents_dead;
122 u8 use_pkey_index;
123 u8 already_used;
124};
125
126struct ib_umad_packet {
127 struct ib_mad_send_buf *msg;
128 struct ib_mad_recv_wc *recv_wc;
129 struct list_head list;
130 int length;
131 struct ib_user_mad mad;
132};
133
134#define CREATE_TRACE_POINTS
135#include <trace/events/ib_umad.h>
136
137static const dev_t base_umad_dev = MKDEV(IB_UMAD_MAJOR, IB_UMAD_MINOR_BASE);
138static const dev_t base_issm_dev = MKDEV(IB_UMAD_MAJOR, IB_UMAD_MINOR_BASE) +
139 IB_UMAD_NUM_FIXED_MINOR;
140static dev_t dynamic_umad_dev;
141static dev_t dynamic_issm_dev;
142
143static DEFINE_IDA(umad_ida);
144
145static int ib_umad_add_one(struct ib_device *device);
146static void ib_umad_remove_one(struct ib_device *device, void *client_data);
147
148static void ib_umad_dev_free(struct kref *kref)
149{
150 struct ib_umad_device *dev =
151 container_of(kref, struct ib_umad_device, kref);
152
153 kfree(dev);
154}
155
156static void ib_umad_dev_get(struct ib_umad_device *dev)
157{
158 kref_get(&dev->kref);
159}
160
161static void ib_umad_dev_put(struct ib_umad_device *dev)
162{
163 kref_put(&dev->kref, ib_umad_dev_free);
164}
165
166static int hdr_size(struct ib_umad_file *file)
167{
168 return file->use_pkey_index ? sizeof(struct ib_user_mad_hdr) :
169 sizeof(struct ib_user_mad_hdr_old);
170}
171
172/* caller must hold file->mutex */
173static struct ib_mad_agent *__get_agent(struct ib_umad_file *file, int id)
174{
175 return file->agents_dead ? NULL : file->agent[id];
176}
177
178static int queue_packet(struct ib_umad_file *file,
179 struct ib_mad_agent *agent,
180 struct ib_umad_packet *packet)
181{
182 int ret = 1;
183
184 mutex_lock(&file->mutex);
185
186 for (packet->mad.hdr.id = 0;
187 packet->mad.hdr.id < IB_UMAD_MAX_AGENTS;
188 packet->mad.hdr.id++)
189 if (agent == __get_agent(file, packet->mad.hdr.id)) {
190 list_add_tail(&packet->list, &file->recv_list);
191 wake_up_interruptible(&file->recv_wait);
192 ret = 0;
193 break;
194 }
195
196 mutex_unlock(&file->mutex);
197
198 return ret;
199}
200
201static void dequeue_send(struct ib_umad_file *file,
202 struct ib_umad_packet *packet)
203{
204 spin_lock_irq(&file->send_lock);
205 list_del(&packet->list);
206 spin_unlock_irq(&file->send_lock);
207}
208
209static void send_handler(struct ib_mad_agent *agent,
210 struct ib_mad_send_wc *send_wc)
211{
212 struct ib_umad_file *file = agent->context;
213 struct ib_umad_packet *packet = send_wc->send_buf->context[0];
214
215 dequeue_send(file, packet);
216 rdma_destroy_ah(packet->msg->ah, RDMA_DESTROY_AH_SLEEPABLE);
217 ib_free_send_mad(packet->msg);
218
219 if (send_wc->status == IB_WC_RESP_TIMEOUT_ERR) {
220 packet->length = IB_MGMT_MAD_HDR;
221 packet->mad.hdr.status = ETIMEDOUT;
222 if (!queue_packet(file, agent, packet))
223 return;
224 }
225 kfree(packet);
226}
227
228static void recv_handler(struct ib_mad_agent *agent,
229 struct ib_mad_send_buf *send_buf,
230 struct ib_mad_recv_wc *mad_recv_wc)
231{
232 struct ib_umad_file *file = agent->context;
233 struct ib_umad_packet *packet;
234
235 if (mad_recv_wc->wc->status != IB_WC_SUCCESS)
236 goto err1;
237
238 packet = kzalloc(sizeof *packet, GFP_KERNEL);
239 if (!packet)
240 goto err1;
241
242 packet->length = mad_recv_wc->mad_len;
243 packet->recv_wc = mad_recv_wc;
244
245 packet->mad.hdr.status = 0;
246 packet->mad.hdr.length = hdr_size(file) + mad_recv_wc->mad_len;
247 packet->mad.hdr.qpn = cpu_to_be32(mad_recv_wc->wc->src_qp);
248 /*
249 * On OPA devices it is okay to lose the upper 16 bits of LID as this
250 * information is obtained elsewhere. Mask off the upper 16 bits.
251 */
252 if (rdma_cap_opa_mad(agent->device, agent->port_num))
253 packet->mad.hdr.lid = ib_lid_be16(0xFFFF &
254 mad_recv_wc->wc->slid);
255 else
256 packet->mad.hdr.lid = ib_lid_be16(mad_recv_wc->wc->slid);
257 packet->mad.hdr.sl = mad_recv_wc->wc->sl;
258 packet->mad.hdr.path_bits = mad_recv_wc->wc->dlid_path_bits;
259 packet->mad.hdr.pkey_index = mad_recv_wc->wc->pkey_index;
260 packet->mad.hdr.grh_present = !!(mad_recv_wc->wc->wc_flags & IB_WC_GRH);
261 if (packet->mad.hdr.grh_present) {
262 struct rdma_ah_attr ah_attr;
263 const struct ib_global_route *grh;
264 int ret;
265
266 ret = ib_init_ah_attr_from_wc(agent->device, agent->port_num,
267 mad_recv_wc->wc,
268 mad_recv_wc->recv_buf.grh,
269 &ah_attr);
270 if (ret)
271 goto err2;
272
273 grh = rdma_ah_read_grh(&ah_attr);
274 packet->mad.hdr.gid_index = grh->sgid_index;
275 packet->mad.hdr.hop_limit = grh->hop_limit;
276 packet->mad.hdr.traffic_class = grh->traffic_class;
277 memcpy(packet->mad.hdr.gid, &grh->dgid, 16);
278 packet->mad.hdr.flow_label = cpu_to_be32(grh->flow_label);
279 rdma_destroy_ah_attr(&ah_attr);
280 }
281
282 if (queue_packet(file, agent, packet))
283 goto err2;
284 return;
285
286err2:
287 kfree(packet);
288err1:
289 ib_free_recv_mad(mad_recv_wc);
290}
291
292static ssize_t copy_recv_mad(struct ib_umad_file *file, char __user *buf,
293 struct ib_umad_packet *packet, size_t count)
294{
295 struct ib_mad_recv_buf *recv_buf;
296 int left, seg_payload, offset, max_seg_payload;
297 size_t seg_size;
298
299 recv_buf = &packet->recv_wc->recv_buf;
300 seg_size = packet->recv_wc->mad_seg_size;
301
302 /* We need enough room to copy the first (or only) MAD segment. */
303 if ((packet->length <= seg_size &&
304 count < hdr_size(file) + packet->length) ||
305 (packet->length > seg_size &&
306 count < hdr_size(file) + seg_size))
307 return -EINVAL;
308
309 if (copy_to_user(buf, &packet->mad, hdr_size(file)))
310 return -EFAULT;
311
312 buf += hdr_size(file);
313 seg_payload = min_t(int, packet->length, seg_size);
314 if (copy_to_user(buf, recv_buf->mad, seg_payload))
315 return -EFAULT;
316
317 if (seg_payload < packet->length) {
318 /*
319 * Multipacket RMPP MAD message. Copy remainder of message.
320 * Note that last segment may have a shorter payload.
321 */
322 if (count < hdr_size(file) + packet->length) {
323 /*
324 * The buffer is too small, return the first RMPP segment,
325 * which includes the RMPP message length.
326 */
327 return -ENOSPC;
328 }
329 offset = ib_get_mad_data_offset(recv_buf->mad->mad_hdr.mgmt_class);
330 max_seg_payload = seg_size - offset;
331
332 for (left = packet->length - seg_payload, buf += seg_payload;
333 left; left -= seg_payload, buf += seg_payload) {
334 recv_buf = container_of(recv_buf->list.next,
335 struct ib_mad_recv_buf, list);
336 seg_payload = min(left, max_seg_payload);
337 if (copy_to_user(buf, ((void *) recv_buf->mad) + offset,
338 seg_payload))
339 return -EFAULT;
340 }
341 }
342
343 trace_ib_umad_read_recv(file, &packet->mad.hdr, &recv_buf->mad->mad_hdr);
344
345 return hdr_size(file) + packet->length;
346}
347
348static ssize_t copy_send_mad(struct ib_umad_file *file, char __user *buf,
349 struct ib_umad_packet *packet, size_t count)
350{
351 ssize_t size = hdr_size(file) + packet->length;
352
353 if (count < size)
354 return -EINVAL;
355
356 if (copy_to_user(buf, &packet->mad, hdr_size(file)))
357 return -EFAULT;
358
359 buf += hdr_size(file);
360
361 if (copy_to_user(buf, packet->mad.data, packet->length))
362 return -EFAULT;
363
364 trace_ib_umad_read_send(file, &packet->mad.hdr,
365 (struct ib_mad_hdr *)&packet->mad.data);
366
367 return size;
368}
369
370static ssize_t ib_umad_read(struct file *filp, char __user *buf,
371 size_t count, loff_t *pos)
372{
373 struct ib_umad_file *file = filp->private_data;
374 struct ib_umad_packet *packet;
375 ssize_t ret;
376
377 if (count < hdr_size(file))
378 return -EINVAL;
379
380 mutex_lock(&file->mutex);
381
382 if (file->agents_dead) {
383 mutex_unlock(&file->mutex);
384 return -EIO;
385 }
386
387 while (list_empty(&file->recv_list)) {
388 mutex_unlock(&file->mutex);
389
390 if (filp->f_flags & O_NONBLOCK)
391 return -EAGAIN;
392
393 if (wait_event_interruptible(file->recv_wait,
394 !list_empty(&file->recv_list)))
395 return -ERESTARTSYS;
396
397 mutex_lock(&file->mutex);
398 }
399
400 if (file->agents_dead) {
401 mutex_unlock(&file->mutex);
402 return -EIO;
403 }
404
405 packet = list_entry(file->recv_list.next, struct ib_umad_packet, list);
406 list_del(&packet->list);
407
408 mutex_unlock(&file->mutex);
409
410 if (packet->recv_wc)
411 ret = copy_recv_mad(file, buf, packet, count);
412 else
413 ret = copy_send_mad(file, buf, packet, count);
414
415 if (ret < 0) {
416 /* Requeue packet */
417 mutex_lock(&file->mutex);
418 list_add(&packet->list, &file->recv_list);
419 mutex_unlock(&file->mutex);
420 } else {
421 if (packet->recv_wc)
422 ib_free_recv_mad(packet->recv_wc);
423 kfree(packet);
424 }
425 return ret;
426}
427
428static int copy_rmpp_mad(struct ib_mad_send_buf *msg, const char __user *buf)
429{
430 int left, seg;
431
432 /* Copy class specific header */
433 if ((msg->hdr_len > IB_MGMT_RMPP_HDR) &&
434 copy_from_user(msg->mad + IB_MGMT_RMPP_HDR, buf + IB_MGMT_RMPP_HDR,
435 msg->hdr_len - IB_MGMT_RMPP_HDR))
436 return -EFAULT;
437
438 /* All headers are in place. Copy data segments. */
439 for (seg = 1, left = msg->data_len, buf += msg->hdr_len; left > 0;
440 seg++, left -= msg->seg_size, buf += msg->seg_size) {
441 if (copy_from_user(ib_get_rmpp_segment(msg, seg), buf,
442 min(left, msg->seg_size)))
443 return -EFAULT;
444 }
445 return 0;
446}
447
448static int same_destination(struct ib_user_mad_hdr *hdr1,
449 struct ib_user_mad_hdr *hdr2)
450{
451 if (!hdr1->grh_present && !hdr2->grh_present)
452 return (hdr1->lid == hdr2->lid);
453
454 if (hdr1->grh_present && hdr2->grh_present)
455 return !memcmp(hdr1->gid, hdr2->gid, 16);
456
457 return 0;
458}
459
460static int is_duplicate(struct ib_umad_file *file,
461 struct ib_umad_packet *packet)
462{
463 struct ib_umad_packet *sent_packet;
464 struct ib_mad_hdr *sent_hdr, *hdr;
465
466 hdr = (struct ib_mad_hdr *) packet->mad.data;
467 list_for_each_entry(sent_packet, &file->send_list, list) {
468 sent_hdr = (struct ib_mad_hdr *) sent_packet->mad.data;
469
470 if ((hdr->tid != sent_hdr->tid) ||
471 (hdr->mgmt_class != sent_hdr->mgmt_class))
472 continue;
473
474 /*
475 * No need to be overly clever here. If two new operations have
476 * the same TID, reject the second as a duplicate. This is more
477 * restrictive than required by the spec.
478 */
479 if (!ib_response_mad(hdr)) {
480 if (!ib_response_mad(sent_hdr))
481 return 1;
482 continue;
483 } else if (!ib_response_mad(sent_hdr))
484 continue;
485
486 if (same_destination(&packet->mad.hdr, &sent_packet->mad.hdr))
487 return 1;
488 }
489
490 return 0;
491}
492
493static ssize_t ib_umad_write(struct file *filp, const char __user *buf,
494 size_t count, loff_t *pos)
495{
496 struct ib_umad_file *file = filp->private_data;
497 struct ib_umad_packet *packet;
498 struct ib_mad_agent *agent;
499 struct rdma_ah_attr ah_attr;
500 struct ib_ah *ah;
501 struct ib_rmpp_mad *rmpp_mad;
502 __be64 *tid;
503 int ret, data_len, hdr_len, copy_offset, rmpp_active;
504 u8 base_version;
505
506 if (count < hdr_size(file) + IB_MGMT_RMPP_HDR)
507 return -EINVAL;
508
509 packet = kzalloc(sizeof *packet + IB_MGMT_RMPP_HDR, GFP_KERNEL);
510 if (!packet)
511 return -ENOMEM;
512
513 if (copy_from_user(&packet->mad, buf, hdr_size(file))) {
514 ret = -EFAULT;
515 goto err;
516 }
517
518 if (packet->mad.hdr.id >= IB_UMAD_MAX_AGENTS) {
519 ret = -EINVAL;
520 goto err;
521 }
522
523 buf += hdr_size(file);
524
525 if (copy_from_user(packet->mad.data, buf, IB_MGMT_RMPP_HDR)) {
526 ret = -EFAULT;
527 goto err;
528 }
529
530 mutex_lock(&file->mutex);
531
532 trace_ib_umad_write(file, &packet->mad.hdr,
533 (struct ib_mad_hdr *)&packet->mad.data);
534
535 agent = __get_agent(file, packet->mad.hdr.id);
536 if (!agent) {
537 ret = -EIO;
538 goto err_up;
539 }
540
541 memset(&ah_attr, 0, sizeof ah_attr);
542 ah_attr.type = rdma_ah_find_type(agent->device,
543 file->port->port_num);
544 rdma_ah_set_dlid(&ah_attr, be16_to_cpu(packet->mad.hdr.lid));
545 rdma_ah_set_sl(&ah_attr, packet->mad.hdr.sl);
546 rdma_ah_set_path_bits(&ah_attr, packet->mad.hdr.path_bits);
547 rdma_ah_set_port_num(&ah_attr, file->port->port_num);
548 if (packet->mad.hdr.grh_present) {
549 rdma_ah_set_grh(&ah_attr, NULL,
550 be32_to_cpu(packet->mad.hdr.flow_label),
551 packet->mad.hdr.gid_index,
552 packet->mad.hdr.hop_limit,
553 packet->mad.hdr.traffic_class);
554 rdma_ah_set_dgid_raw(&ah_attr, packet->mad.hdr.gid);
555 }
556
557 ah = rdma_create_user_ah(agent->qp->pd, &ah_attr, NULL);
558 if (IS_ERR(ah)) {
559 ret = PTR_ERR(ah);
560 goto err_up;
561 }
562
563 rmpp_mad = (struct ib_rmpp_mad *) packet->mad.data;
564 hdr_len = ib_get_mad_data_offset(rmpp_mad->mad_hdr.mgmt_class);
565
566 if (ib_is_mad_class_rmpp(rmpp_mad->mad_hdr.mgmt_class)
567 && ib_mad_kernel_rmpp_agent(agent)) {
568 copy_offset = IB_MGMT_RMPP_HDR;
569 rmpp_active = ib_get_rmpp_flags(&rmpp_mad->rmpp_hdr) &
570 IB_MGMT_RMPP_FLAG_ACTIVE;
571 } else {
572 copy_offset = IB_MGMT_MAD_HDR;
573 rmpp_active = 0;
574 }
575
576 base_version = ((struct ib_mad_hdr *)&packet->mad.data)->base_version;
577 data_len = count - hdr_size(file) - hdr_len;
578 packet->msg = ib_create_send_mad(agent,
579 be32_to_cpu(packet->mad.hdr.qpn),
580 packet->mad.hdr.pkey_index, rmpp_active,
581 hdr_len, data_len, GFP_KERNEL,
582 base_version);
583 if (IS_ERR(packet->msg)) {
584 ret = PTR_ERR(packet->msg);
585 goto err_ah;
586 }
587
588 packet->msg->ah = ah;
589 packet->msg->timeout_ms = packet->mad.hdr.timeout_ms;
590 packet->msg->retries = packet->mad.hdr.retries;
591 packet->msg->context[0] = packet;
592
593 /* Copy MAD header. Any RMPP header is already in place. */
594 memcpy(packet->msg->mad, packet->mad.data, IB_MGMT_MAD_HDR);
595
596 if (!rmpp_active) {
597 if (copy_from_user(packet->msg->mad + copy_offset,
598 buf + copy_offset,
599 hdr_len + data_len - copy_offset)) {
600 ret = -EFAULT;
601 goto err_msg;
602 }
603 } else {
604 ret = copy_rmpp_mad(packet->msg, buf);
605 if (ret)
606 goto err_msg;
607 }
608
609 /*
610 * Set the high-order part of the transaction ID to make MADs from
611 * different agents unique, and allow routing responses back to the
612 * original requestor.
613 */
614 if (!ib_response_mad(packet->msg->mad)) {
615 tid = &((struct ib_mad_hdr *) packet->msg->mad)->tid;
616 *tid = cpu_to_be64(((u64) agent->hi_tid) << 32 |
617 (be64_to_cpup(tid) & 0xffffffff));
618 rmpp_mad->mad_hdr.tid = *tid;
619 }
620
621 if (!ib_mad_kernel_rmpp_agent(agent)
622 && ib_is_mad_class_rmpp(rmpp_mad->mad_hdr.mgmt_class)
623 && (ib_get_rmpp_flags(&rmpp_mad->rmpp_hdr) & IB_MGMT_RMPP_FLAG_ACTIVE)) {
624 spin_lock_irq(&file->send_lock);
625 list_add_tail(&packet->list, &file->send_list);
626 spin_unlock_irq(&file->send_lock);
627 } else {
628 spin_lock_irq(&file->send_lock);
629 ret = is_duplicate(file, packet);
630 if (!ret)
631 list_add_tail(&packet->list, &file->send_list);
632 spin_unlock_irq(&file->send_lock);
633 if (ret) {
634 ret = -EINVAL;
635 goto err_msg;
636 }
637 }
638
639 ret = ib_post_send_mad(packet->msg, NULL);
640 if (ret)
641 goto err_send;
642
643 mutex_unlock(&file->mutex);
644 return count;
645
646err_send:
647 dequeue_send(file, packet);
648err_msg:
649 ib_free_send_mad(packet->msg);
650err_ah:
651 rdma_destroy_ah(ah, RDMA_DESTROY_AH_SLEEPABLE);
652err_up:
653 mutex_unlock(&file->mutex);
654err:
655 kfree(packet);
656 return ret;
657}
658
659static __poll_t ib_umad_poll(struct file *filp, struct poll_table_struct *wait)
660{
661 struct ib_umad_file *file = filp->private_data;
662
663 /* we will always be able to post a MAD send */
664 __poll_t mask = EPOLLOUT | EPOLLWRNORM;
665
666 mutex_lock(&file->mutex);
667 poll_wait(filp, &file->recv_wait, wait);
668
669 if (!list_empty(&file->recv_list))
670 mask |= EPOLLIN | EPOLLRDNORM;
671 if (file->agents_dead)
672 mask = EPOLLERR;
673 mutex_unlock(&file->mutex);
674
675 return mask;
676}
677
678static int ib_umad_reg_agent(struct ib_umad_file *file, void __user *arg,
679 int compat_method_mask)
680{
681 struct ib_user_mad_reg_req ureq;
682 struct ib_mad_reg_req req;
683 struct ib_mad_agent *agent = NULL;
684 int agent_id;
685 int ret;
686
687 mutex_lock(&file->port->file_mutex);
688 mutex_lock(&file->mutex);
689
690 if (!file->port->ib_dev) {
691 dev_notice(&file->port->dev, "%s: invalid device\n", __func__);
692 ret = -EPIPE;
693 goto out;
694 }
695
696 if (copy_from_user(&ureq, arg, sizeof ureq)) {
697 ret = -EFAULT;
698 goto out;
699 }
700
701 if (ureq.qpn != 0 && ureq.qpn != 1) {
702 dev_notice(&file->port->dev,
703 "%s: invalid QPN %u specified\n", __func__,
704 ureq.qpn);
705 ret = -EINVAL;
706 goto out;
707 }
708
709 for (agent_id = 0; agent_id < IB_UMAD_MAX_AGENTS; ++agent_id)
710 if (!__get_agent(file, agent_id))
711 goto found;
712
713 dev_notice(&file->port->dev, "%s: Max Agents (%u) reached\n", __func__,
714 IB_UMAD_MAX_AGENTS);
715
716 ret = -ENOMEM;
717 goto out;
718
719found:
720 if (ureq.mgmt_class) {
721 memset(&req, 0, sizeof(req));
722 req.mgmt_class = ureq.mgmt_class;
723 req.mgmt_class_version = ureq.mgmt_class_version;
724 memcpy(req.oui, ureq.oui, sizeof req.oui);
725
726 if (compat_method_mask) {
727 u32 *umm = (u32 *) ureq.method_mask;
728 int i;
729
730 for (i = 0; i < BITS_TO_LONGS(IB_MGMT_MAX_METHODS); ++i)
731 req.method_mask[i] =
732 umm[i * 2] | ((u64) umm[i * 2 + 1] << 32);
733 } else
734 memcpy(req.method_mask, ureq.method_mask,
735 sizeof req.method_mask);
736 }
737
738 agent = ib_register_mad_agent(file->port->ib_dev, file->port->port_num,
739 ureq.qpn ? IB_QPT_GSI : IB_QPT_SMI,
740 ureq.mgmt_class ? &req : NULL,
741 ureq.rmpp_version,
742 send_handler, recv_handler, file, 0);
743 if (IS_ERR(agent)) {
744 ret = PTR_ERR(agent);
745 agent = NULL;
746 goto out;
747 }
748
749 if (put_user(agent_id,
750 (u32 __user *) (arg + offsetof(struct ib_user_mad_reg_req, id)))) {
751 ret = -EFAULT;
752 goto out;
753 }
754
755 if (!file->already_used) {
756 file->already_used = 1;
757 if (!file->use_pkey_index) {
758 dev_warn(&file->port->dev,
759 "process %s did not enable P_Key index support.\n",
760 current->comm);
761 dev_warn(&file->port->dev,
762 " Documentation/infiniband/user_mad.rst has info on the new ABI.\n");
763 }
764 }
765
766 file->agent[agent_id] = agent;
767 ret = 0;
768
769out:
770 mutex_unlock(&file->mutex);
771
772 if (ret && agent)
773 ib_unregister_mad_agent(agent);
774
775 mutex_unlock(&file->port->file_mutex);
776
777 return ret;
778}
779
780static int ib_umad_reg_agent2(struct ib_umad_file *file, void __user *arg)
781{
782 struct ib_user_mad_reg_req2 ureq;
783 struct ib_mad_reg_req req;
784 struct ib_mad_agent *agent = NULL;
785 int agent_id;
786 int ret;
787
788 mutex_lock(&file->port->file_mutex);
789 mutex_lock(&file->mutex);
790
791 if (!file->port->ib_dev) {
792 dev_notice(&file->port->dev, "%s: invalid device\n", __func__);
793 ret = -EPIPE;
794 goto out;
795 }
796
797 if (copy_from_user(&ureq, arg, sizeof(ureq))) {
798 ret = -EFAULT;
799 goto out;
800 }
801
802 if (ureq.qpn != 0 && ureq.qpn != 1) {
803 dev_notice(&file->port->dev, "%s: invalid QPN %u specified\n",
804 __func__, ureq.qpn);
805 ret = -EINVAL;
806 goto out;
807 }
808
809 if (ureq.flags & ~IB_USER_MAD_REG_FLAGS_CAP) {
810 dev_notice(&file->port->dev,
811 "%s failed: invalid registration flags specified 0x%x; supported 0x%x\n",
812 __func__, ureq.flags, IB_USER_MAD_REG_FLAGS_CAP);
813 ret = -EINVAL;
814
815 if (put_user((u32)IB_USER_MAD_REG_FLAGS_CAP,
816 (u32 __user *) (arg + offsetof(struct
817 ib_user_mad_reg_req2, flags))))
818 ret = -EFAULT;
819
820 goto out;
821 }
822
823 for (agent_id = 0; agent_id < IB_UMAD_MAX_AGENTS; ++agent_id)
824 if (!__get_agent(file, agent_id))
825 goto found;
826
827 dev_notice(&file->port->dev, "%s: Max Agents (%u) reached\n", __func__,
828 IB_UMAD_MAX_AGENTS);
829 ret = -ENOMEM;
830 goto out;
831
832found:
833 if (ureq.mgmt_class) {
834 memset(&req, 0, sizeof(req));
835 req.mgmt_class = ureq.mgmt_class;
836 req.mgmt_class_version = ureq.mgmt_class_version;
837 if (ureq.oui & 0xff000000) {
838 dev_notice(&file->port->dev,
839 "%s failed: oui invalid 0x%08x\n", __func__,
840 ureq.oui);
841 ret = -EINVAL;
842 goto out;
843 }
844 req.oui[2] = ureq.oui & 0x0000ff;
845 req.oui[1] = (ureq.oui & 0x00ff00) >> 8;
846 req.oui[0] = (ureq.oui & 0xff0000) >> 16;
847 memcpy(req.method_mask, ureq.method_mask,
848 sizeof(req.method_mask));
849 }
850
851 agent = ib_register_mad_agent(file->port->ib_dev, file->port->port_num,
852 ureq.qpn ? IB_QPT_GSI : IB_QPT_SMI,
853 ureq.mgmt_class ? &req : NULL,
854 ureq.rmpp_version,
855 send_handler, recv_handler, file,
856 ureq.flags);
857 if (IS_ERR(agent)) {
858 ret = PTR_ERR(agent);
859 agent = NULL;
860 goto out;
861 }
862
863 if (put_user(agent_id,
864 (u32 __user *)(arg +
865 offsetof(struct ib_user_mad_reg_req2, id)))) {
866 ret = -EFAULT;
867 goto out;
868 }
869
870 if (!file->already_used) {
871 file->already_used = 1;
872 file->use_pkey_index = 1;
873 }
874
875 file->agent[agent_id] = agent;
876 ret = 0;
877
878out:
879 mutex_unlock(&file->mutex);
880
881 if (ret && agent)
882 ib_unregister_mad_agent(agent);
883
884 mutex_unlock(&file->port->file_mutex);
885
886 return ret;
887}
888
889
890static int ib_umad_unreg_agent(struct ib_umad_file *file, u32 __user *arg)
891{
892 struct ib_mad_agent *agent = NULL;
893 u32 id;
894 int ret = 0;
895
896 if (get_user(id, arg))
897 return -EFAULT;
898 if (id >= IB_UMAD_MAX_AGENTS)
899 return -EINVAL;
900
901 mutex_lock(&file->port->file_mutex);
902 mutex_lock(&file->mutex);
903
904 id = array_index_nospec(id, IB_UMAD_MAX_AGENTS);
905 if (!__get_agent(file, id)) {
906 ret = -EINVAL;
907 goto out;
908 }
909
910 agent = file->agent[id];
911 file->agent[id] = NULL;
912
913out:
914 mutex_unlock(&file->mutex);
915
916 if (agent)
917 ib_unregister_mad_agent(agent);
918
919 mutex_unlock(&file->port->file_mutex);
920
921 return ret;
922}
923
924static long ib_umad_enable_pkey(struct ib_umad_file *file)
925{
926 int ret = 0;
927
928 mutex_lock(&file->mutex);
929 if (file->already_used)
930 ret = -EINVAL;
931 else
932 file->use_pkey_index = 1;
933 mutex_unlock(&file->mutex);
934
935 return ret;
936}
937
938static long ib_umad_ioctl(struct file *filp, unsigned int cmd,
939 unsigned long arg)
940{
941 switch (cmd) {
942 case IB_USER_MAD_REGISTER_AGENT:
943 return ib_umad_reg_agent(filp->private_data, (void __user *) arg, 0);
944 case IB_USER_MAD_UNREGISTER_AGENT:
945 return ib_umad_unreg_agent(filp->private_data, (__u32 __user *) arg);
946 case IB_USER_MAD_ENABLE_PKEY:
947 return ib_umad_enable_pkey(filp->private_data);
948 case IB_USER_MAD_REGISTER_AGENT2:
949 return ib_umad_reg_agent2(filp->private_data, (void __user *) arg);
950 default:
951 return -ENOIOCTLCMD;
952 }
953}
954
955#ifdef CONFIG_COMPAT
956static long ib_umad_compat_ioctl(struct file *filp, unsigned int cmd,
957 unsigned long arg)
958{
959 switch (cmd) {
960 case IB_USER_MAD_REGISTER_AGENT:
961 return ib_umad_reg_agent(filp->private_data, compat_ptr(arg), 1);
962 case IB_USER_MAD_UNREGISTER_AGENT:
963 return ib_umad_unreg_agent(filp->private_data, compat_ptr(arg));
964 case IB_USER_MAD_ENABLE_PKEY:
965 return ib_umad_enable_pkey(filp->private_data);
966 case IB_USER_MAD_REGISTER_AGENT2:
967 return ib_umad_reg_agent2(filp->private_data, compat_ptr(arg));
968 default:
969 return -ENOIOCTLCMD;
970 }
971}
972#endif
973
974/*
975 * ib_umad_open() does not need the BKL:
976 *
977 * - the ib_umad_port structures are properly reference counted, and
978 * everything else is purely local to the file being created, so
979 * races against other open calls are not a problem;
980 * - the ioctl method does not affect any global state outside of the
981 * file structure being operated on;
982 */
983static int ib_umad_open(struct inode *inode, struct file *filp)
984{
985 struct ib_umad_port *port;
986 struct ib_umad_file *file;
987 int ret = 0;
988
989 port = container_of(inode->i_cdev, struct ib_umad_port, cdev);
990
991 mutex_lock(&port->file_mutex);
992
993 if (!port->ib_dev) {
994 ret = -ENXIO;
995 goto out;
996 }
997
998 if (!rdma_dev_access_netns(port->ib_dev, current->nsproxy->net_ns)) {
999 ret = -EPERM;
1000 goto out;
1001 }
1002
1003 file = kzalloc(sizeof(*file), GFP_KERNEL);
1004 if (!file) {
1005 ret = -ENOMEM;
1006 goto out;
1007 }
1008
1009 mutex_init(&file->mutex);
1010 spin_lock_init(&file->send_lock);
1011 INIT_LIST_HEAD(&file->recv_list);
1012 INIT_LIST_HEAD(&file->send_list);
1013 init_waitqueue_head(&file->recv_wait);
1014
1015 file->port = port;
1016 filp->private_data = file;
1017
1018 list_add_tail(&file->port_list, &port->file_list);
1019
1020 stream_open(inode, filp);
1021out:
1022 mutex_unlock(&port->file_mutex);
1023 return ret;
1024}
1025
1026static int ib_umad_close(struct inode *inode, struct file *filp)
1027{
1028 struct ib_umad_file *file = filp->private_data;
1029 struct ib_umad_packet *packet, *tmp;
1030 int already_dead;
1031 int i;
1032
1033 mutex_lock(&file->port->file_mutex);
1034 mutex_lock(&file->mutex);
1035
1036 already_dead = file->agents_dead;
1037 file->agents_dead = 1;
1038
1039 list_for_each_entry_safe(packet, tmp, &file->recv_list, list) {
1040 if (packet->recv_wc)
1041 ib_free_recv_mad(packet->recv_wc);
1042 kfree(packet);
1043 }
1044
1045 list_del(&file->port_list);
1046
1047 mutex_unlock(&file->mutex);
1048
1049 if (!already_dead)
1050 for (i = 0; i < IB_UMAD_MAX_AGENTS; ++i)
1051 if (file->agent[i])
1052 ib_unregister_mad_agent(file->agent[i]);
1053
1054 mutex_unlock(&file->port->file_mutex);
1055 mutex_destroy(&file->mutex);
1056 kfree(file);
1057 return 0;
1058}
1059
1060static const struct file_operations umad_fops = {
1061 .owner = THIS_MODULE,
1062 .read = ib_umad_read,
1063 .write = ib_umad_write,
1064 .poll = ib_umad_poll,
1065 .unlocked_ioctl = ib_umad_ioctl,
1066#ifdef CONFIG_COMPAT
1067 .compat_ioctl = ib_umad_compat_ioctl,
1068#endif
1069 .open = ib_umad_open,
1070 .release = ib_umad_close,
1071 .llseek = no_llseek,
1072};
1073
1074static int ib_umad_sm_open(struct inode *inode, struct file *filp)
1075{
1076 struct ib_umad_port *port;
1077 struct ib_port_modify props = {
1078 .set_port_cap_mask = IB_PORT_SM
1079 };
1080 int ret;
1081
1082 port = container_of(inode->i_cdev, struct ib_umad_port, sm_cdev);
1083
1084 if (filp->f_flags & O_NONBLOCK) {
1085 if (down_trylock(&port->sm_sem)) {
1086 ret = -EAGAIN;
1087 goto fail;
1088 }
1089 } else {
1090 if (down_interruptible(&port->sm_sem)) {
1091 ret = -ERESTARTSYS;
1092 goto fail;
1093 }
1094 }
1095
1096 if (!rdma_dev_access_netns(port->ib_dev, current->nsproxy->net_ns)) {
1097 ret = -EPERM;
1098 goto err_up_sem;
1099 }
1100
1101 ret = ib_modify_port(port->ib_dev, port->port_num, 0, &props);
1102 if (ret)
1103 goto err_up_sem;
1104
1105 filp->private_data = port;
1106
1107 nonseekable_open(inode, filp);
1108 return 0;
1109
1110err_up_sem:
1111 up(&port->sm_sem);
1112
1113fail:
1114 return ret;
1115}
1116
1117static int ib_umad_sm_close(struct inode *inode, struct file *filp)
1118{
1119 struct ib_umad_port *port = filp->private_data;
1120 struct ib_port_modify props = {
1121 .clr_port_cap_mask = IB_PORT_SM
1122 };
1123 int ret = 0;
1124
1125 mutex_lock(&port->file_mutex);
1126 if (port->ib_dev)
1127 ret = ib_modify_port(port->ib_dev, port->port_num, 0, &props);
1128 mutex_unlock(&port->file_mutex);
1129
1130 up(&port->sm_sem);
1131
1132 return ret;
1133}
1134
1135static const struct file_operations umad_sm_fops = {
1136 .owner = THIS_MODULE,
1137 .open = ib_umad_sm_open,
1138 .release = ib_umad_sm_close,
1139 .llseek = no_llseek,
1140};
1141
1142static struct ib_umad_port *get_port(struct ib_device *ibdev,
1143 struct ib_umad_device *umad_dev,
1144 u32 port)
1145{
1146 if (!umad_dev)
1147 return ERR_PTR(-EOPNOTSUPP);
1148 if (!rdma_is_port_valid(ibdev, port))
1149 return ERR_PTR(-EINVAL);
1150 if (!rdma_cap_ib_mad(ibdev, port))
1151 return ERR_PTR(-EOPNOTSUPP);
1152
1153 return &umad_dev->ports[port - rdma_start_port(ibdev)];
1154}
1155
1156static int ib_umad_get_nl_info(struct ib_device *ibdev, void *client_data,
1157 struct ib_client_nl_info *res)
1158{
1159 struct ib_umad_port *port = get_port(ibdev, client_data, res->port);
1160
1161 if (IS_ERR(port))
1162 return PTR_ERR(port);
1163
1164 res->abi = IB_USER_MAD_ABI_VERSION;
1165 res->cdev = &port->dev;
1166 return 0;
1167}
1168
1169static struct ib_client umad_client = {
1170 .name = "umad",
1171 .add = ib_umad_add_one,
1172 .remove = ib_umad_remove_one,
1173 .get_nl_info = ib_umad_get_nl_info,
1174};
1175MODULE_ALIAS_RDMA_CLIENT("umad");
1176
1177static int ib_issm_get_nl_info(struct ib_device *ibdev, void *client_data,
1178 struct ib_client_nl_info *res)
1179{
1180 struct ib_umad_port *port = get_port(ibdev, client_data, res->port);
1181
1182 if (IS_ERR(port))
1183 return PTR_ERR(port);
1184
1185 res->abi = IB_USER_MAD_ABI_VERSION;
1186 res->cdev = &port->sm_dev;
1187 return 0;
1188}
1189
1190static struct ib_client issm_client = {
1191 .name = "issm",
1192 .get_nl_info = ib_issm_get_nl_info,
1193};
1194MODULE_ALIAS_RDMA_CLIENT("issm");
1195
1196static ssize_t ibdev_show(struct device *dev, struct device_attribute *attr,
1197 char *buf)
1198{
1199 struct ib_umad_port *port = dev_get_drvdata(dev);
1200
1201 if (!port)
1202 return -ENODEV;
1203
1204 return sysfs_emit(buf, "%s\n", dev_name(&port->ib_dev->dev));
1205}
1206static DEVICE_ATTR_RO(ibdev);
1207
1208static ssize_t port_show(struct device *dev, struct device_attribute *attr,
1209 char *buf)
1210{
1211 struct ib_umad_port *port = dev_get_drvdata(dev);
1212
1213 if (!port)
1214 return -ENODEV;
1215
1216 return sysfs_emit(buf, "%d\n", port->port_num);
1217}
1218static DEVICE_ATTR_RO(port);
1219
1220static struct attribute *umad_class_dev_attrs[] = {
1221 &dev_attr_ibdev.attr,
1222 &dev_attr_port.attr,
1223 NULL,
1224};
1225ATTRIBUTE_GROUPS(umad_class_dev);
1226
1227static char *umad_devnode(struct device *dev, umode_t *mode)
1228{
1229 return kasprintf(GFP_KERNEL, "infiniband/%s", dev_name(dev));
1230}
1231
1232static ssize_t abi_version_show(struct class *class,
1233 struct class_attribute *attr, char *buf)
1234{
1235 return sysfs_emit(buf, "%d\n", IB_USER_MAD_ABI_VERSION);
1236}
1237static CLASS_ATTR_RO(abi_version);
1238
1239static struct attribute *umad_class_attrs[] = {
1240 &class_attr_abi_version.attr,
1241 NULL,
1242};
1243ATTRIBUTE_GROUPS(umad_class);
1244
1245static struct class umad_class = {
1246 .name = "infiniband_mad",
1247 .devnode = umad_devnode,
1248 .class_groups = umad_class_groups,
1249 .dev_groups = umad_class_dev_groups,
1250};
1251
1252static void ib_umad_release_port(struct device *device)
1253{
1254 struct ib_umad_port *port = dev_get_drvdata(device);
1255 struct ib_umad_device *umad_dev = port->umad_dev;
1256
1257 ib_umad_dev_put(umad_dev);
1258}
1259
1260static void ib_umad_init_port_dev(struct device *dev,
1261 struct ib_umad_port *port,
1262 const struct ib_device *device)
1263{
1264 device_initialize(dev);
1265 ib_umad_dev_get(port->umad_dev);
1266 dev->class = &umad_class;
1267 dev->parent = device->dev.parent;
1268 dev_set_drvdata(dev, port);
1269 dev->release = ib_umad_release_port;
1270}
1271
1272static int ib_umad_init_port(struct ib_device *device, int port_num,
1273 struct ib_umad_device *umad_dev,
1274 struct ib_umad_port *port)
1275{
1276 int devnum;
1277 dev_t base_umad;
1278 dev_t base_issm;
1279 int ret;
1280
1281 devnum = ida_alloc_max(&umad_ida, IB_UMAD_MAX_PORTS - 1, GFP_KERNEL);
1282 if (devnum < 0)
1283 return -1;
1284 port->dev_num = devnum;
1285 if (devnum >= IB_UMAD_NUM_FIXED_MINOR) {
1286 base_umad = dynamic_umad_dev + devnum - IB_UMAD_NUM_FIXED_MINOR;
1287 base_issm = dynamic_issm_dev + devnum - IB_UMAD_NUM_FIXED_MINOR;
1288 } else {
1289 base_umad = devnum + base_umad_dev;
1290 base_issm = devnum + base_issm_dev;
1291 }
1292
1293 port->ib_dev = device;
1294 port->umad_dev = umad_dev;
1295 port->port_num = port_num;
1296 sema_init(&port->sm_sem, 1);
1297 mutex_init(&port->file_mutex);
1298 INIT_LIST_HEAD(&port->file_list);
1299
1300 ib_umad_init_port_dev(&port->dev, port, device);
1301 port->dev.devt = base_umad;
1302 dev_set_name(&port->dev, "umad%d", port->dev_num);
1303 cdev_init(&port->cdev, &umad_fops);
1304 port->cdev.owner = THIS_MODULE;
1305
1306 ret = cdev_device_add(&port->cdev, &port->dev);
1307 if (ret)
1308 goto err_cdev;
1309
1310 ib_umad_init_port_dev(&port->sm_dev, port, device);
1311 port->sm_dev.devt = base_issm;
1312 dev_set_name(&port->sm_dev, "issm%d", port->dev_num);
1313 cdev_init(&port->sm_cdev, &umad_sm_fops);
1314 port->sm_cdev.owner = THIS_MODULE;
1315
1316 ret = cdev_device_add(&port->sm_cdev, &port->sm_dev);
1317 if (ret)
1318 goto err_dev;
1319
1320 return 0;
1321
1322err_dev:
1323 put_device(&port->sm_dev);
1324 cdev_device_del(&port->cdev, &port->dev);
1325err_cdev:
1326 put_device(&port->dev);
1327 ida_free(&umad_ida, devnum);
1328 return ret;
1329}
1330
1331static void ib_umad_kill_port(struct ib_umad_port *port)
1332{
1333 struct ib_umad_file *file;
1334 int id;
1335
1336 cdev_device_del(&port->sm_cdev, &port->sm_dev);
1337 cdev_device_del(&port->cdev, &port->dev);
1338
1339 mutex_lock(&port->file_mutex);
1340
1341 /* Mark ib_dev NULL and block ioctl or other file ops to progress
1342 * further.
1343 */
1344 port->ib_dev = NULL;
1345
1346 list_for_each_entry(file, &port->file_list, port_list) {
1347 mutex_lock(&file->mutex);
1348 file->agents_dead = 1;
1349 wake_up_interruptible(&file->recv_wait);
1350 mutex_unlock(&file->mutex);
1351
1352 for (id = 0; id < IB_UMAD_MAX_AGENTS; ++id)
1353 if (file->agent[id])
1354 ib_unregister_mad_agent(file->agent[id]);
1355 }
1356
1357 mutex_unlock(&port->file_mutex);
1358
1359 ida_free(&umad_ida, port->dev_num);
1360
1361 /* balances device_initialize() */
1362 put_device(&port->sm_dev);
1363 put_device(&port->dev);
1364}
1365
1366static int ib_umad_add_one(struct ib_device *device)
1367{
1368 struct ib_umad_device *umad_dev;
1369 int s, e, i;
1370 int count = 0;
1371 int ret;
1372
1373 s = rdma_start_port(device);
1374 e = rdma_end_port(device);
1375
1376 umad_dev = kzalloc(struct_size(umad_dev, ports, e - s + 1), GFP_KERNEL);
1377 if (!umad_dev)
1378 return -ENOMEM;
1379
1380 kref_init(&umad_dev->kref);
1381 for (i = s; i <= e; ++i) {
1382 if (!rdma_cap_ib_mad(device, i))
1383 continue;
1384
1385 ret = ib_umad_init_port(device, i, umad_dev,
1386 &umad_dev->ports[i - s]);
1387 if (ret)
1388 goto err;
1389
1390 count++;
1391 }
1392
1393 if (!count) {
1394 ret = -EOPNOTSUPP;
1395 goto free;
1396 }
1397
1398 ib_set_client_data(device, &umad_client, umad_dev);
1399
1400 return 0;
1401
1402err:
1403 while (--i >= s) {
1404 if (!rdma_cap_ib_mad(device, i))
1405 continue;
1406
1407 ib_umad_kill_port(&umad_dev->ports[i - s]);
1408 }
1409free:
1410 /* balances kref_init */
1411 ib_umad_dev_put(umad_dev);
1412 return ret;
1413}
1414
1415static void ib_umad_remove_one(struct ib_device *device, void *client_data)
1416{
1417 struct ib_umad_device *umad_dev = client_data;
1418 unsigned int i;
1419
1420 rdma_for_each_port (device, i) {
1421 if (rdma_cap_ib_mad(device, i))
1422 ib_umad_kill_port(
1423 &umad_dev->ports[i - rdma_start_port(device)]);
1424 }
1425 /* balances kref_init() */
1426 ib_umad_dev_put(umad_dev);
1427}
1428
1429static int __init ib_umad_init(void)
1430{
1431 int ret;
1432
1433 ret = register_chrdev_region(base_umad_dev,
1434 IB_UMAD_NUM_FIXED_MINOR * 2,
1435 umad_class.name);
1436 if (ret) {
1437 pr_err("couldn't register device number\n");
1438 goto out;
1439 }
1440
1441 ret = alloc_chrdev_region(&dynamic_umad_dev, 0,
1442 IB_UMAD_NUM_DYNAMIC_MINOR * 2,
1443 umad_class.name);
1444 if (ret) {
1445 pr_err("couldn't register dynamic device number\n");
1446 goto out_alloc;
1447 }
1448 dynamic_issm_dev = dynamic_umad_dev + IB_UMAD_NUM_DYNAMIC_MINOR;
1449
1450 ret = class_register(&umad_class);
1451 if (ret) {
1452 pr_err("couldn't create class infiniband_mad\n");
1453 goto out_chrdev;
1454 }
1455
1456 ret = ib_register_client(&umad_client);
1457 if (ret)
1458 goto out_class;
1459
1460 ret = ib_register_client(&issm_client);
1461 if (ret)
1462 goto out_client;
1463
1464 return 0;
1465
1466out_client:
1467 ib_unregister_client(&umad_client);
1468out_class:
1469 class_unregister(&umad_class);
1470
1471out_chrdev:
1472 unregister_chrdev_region(dynamic_umad_dev,
1473 IB_UMAD_NUM_DYNAMIC_MINOR * 2);
1474
1475out_alloc:
1476 unregister_chrdev_region(base_umad_dev,
1477 IB_UMAD_NUM_FIXED_MINOR * 2);
1478
1479out:
1480 return ret;
1481}
1482
1483static void __exit ib_umad_cleanup(void)
1484{
1485 ib_unregister_client(&issm_client);
1486 ib_unregister_client(&umad_client);
1487 class_unregister(&umad_class);
1488 unregister_chrdev_region(base_umad_dev,
1489 IB_UMAD_NUM_FIXED_MINOR * 2);
1490 unregister_chrdev_region(dynamic_umad_dev,
1491 IB_UMAD_NUM_DYNAMIC_MINOR * 2);
1492}
1493
1494module_init(ib_umad_init);
1495module_exit(ib_umad_cleanup);