1 /* 2 * Copyright (c) 2005 Topspin Communications. All rights reserved. 3 * Copyright (c) 2005 Cisco Systems. All rights reserved. 4 * Copyright (c) 2005 Mellanox Technologies. All rights reserved. 5 * 6 * This software is available to you under a choice of one of two 7 * licenses. You may choose to be licensed under the terms of the GNU 8 * General Public License (GPL) Version 2, available from the file 9 * COPYING in the main directory of this source tree, or the 10 * OpenIB.org BSD license below: 11 * 12 * Redistribution and use in source and binary forms, with or 13 * without modification, are permitted provided that the following 14 * conditions are met: 15 * 16 * - Redistributions of source code must retain the above 17 * copyright notice, this list of conditions and the following 18 * disclaimer. 19 * 20 * - Redistributions in binary form must reproduce the above 21 * copyright notice, this list of conditions and the following 22 * disclaimer in the documentation and/or other materials 23 * provided with the distribution. 24 * 25 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 26 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 27 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 28 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 29 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 30 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 31 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 32 * SOFTWARE. 33 */ 34 35 #include <linux/mm.h> 36 #include <linux/dma-mapping.h> 37 #include <linux/sched.h> 38 #include <linux/export.h> 39 #include <linux/hugetlb.h> 40 #include <linux/slab.h> 41 #include <rdma/ib_umem_odp.h> 42 43 #include "uverbs.h" 44 45 46 static void __ib_umem_release(struct ib_device *dev, struct ib_umem *umem, int dirty) 47 { 48 struct scatterlist *sg; 49 struct page *page; 50 int i; 51 52 if (umem->nmap > 0) 53 ib_dma_unmap_sg(dev, umem->sg_head.sgl, 54 umem->npages, 55 DMA_BIDIRECTIONAL); 56 57 for_each_sg(umem->sg_head.sgl, sg, umem->npages, i) { 58 59 page = sg_page(sg); 60 if (umem->writable && dirty) 61 set_page_dirty_lock(page); 62 put_page(page); 63 } 64 65 sg_free_table(&umem->sg_head); 66 return; 67 68 } 69 70 /** 71 * ib_umem_get - Pin and DMA map userspace memory. 72 * 73 * If access flags indicate ODP memory, avoid pinning. Instead, stores 74 * the mm for future page fault handling in conjunction with MMU notifiers. 75 * 76 * @context: userspace context to pin memory for 77 * @addr: userspace virtual address to start at 78 * @size: length of region to pin 79 * @access: IB_ACCESS_xxx flags for memory being pinned 80 * @dmasync: flush in-flight DMA when the memory region is written 81 */ 82 struct ib_umem *ib_umem_get(struct ib_ucontext *context, unsigned long addr, 83 size_t size, int access, int dmasync) 84 { 85 struct ib_umem *umem; 86 struct page **page_list; 87 struct vm_area_struct **vma_list; 88 unsigned long locked; 89 unsigned long lock_limit; 90 unsigned long cur_base; 91 unsigned long npages; 92 int ret; 93 int i; 94 unsigned long dma_attrs = 0; 95 struct scatterlist *sg, *sg_list_start; 96 int need_release = 0; 97 unsigned int gup_flags = FOLL_WRITE; 98 99 if (dmasync) 100 dma_attrs |= DMA_ATTR_WRITE_BARRIER; 101 102 /* 103 * If the combination of the addr and size requested for this memory 104 * region causes an integer overflow, return error. 105 */ 106 if (((addr + size) < addr) || 107 PAGE_ALIGN(addr + size) < (addr + size)) 108 return ERR_PTR(-EINVAL); 109 110 if (!can_do_mlock()) 111 return ERR_PTR(-EPERM); 112 113 umem = kzalloc(sizeof *umem, GFP_KERNEL); 114 if (!umem) 115 return ERR_PTR(-ENOMEM); 116 117 umem->context = context; 118 umem->length = size; 119 umem->address = addr; 120 umem->page_size = PAGE_SIZE; 121 umem->pid = get_task_pid(current, PIDTYPE_PID); 122 /* 123 * We ask for writable memory if any of the following 124 * access flags are set. "Local write" and "remote write" 125 * obviously require write access. "Remote atomic" can do 126 * things like fetch and add, which will modify memory, and 127 * "MW bind" can change permissions by binding a window. 128 */ 129 umem->writable = !!(access & 130 (IB_ACCESS_LOCAL_WRITE | IB_ACCESS_REMOTE_WRITE | 131 IB_ACCESS_REMOTE_ATOMIC | IB_ACCESS_MW_BIND)); 132 133 if (access & IB_ACCESS_ON_DEMAND) { 134 put_pid(umem->pid); 135 ret = ib_umem_odp_get(context, umem); 136 if (ret) { 137 kfree(umem); 138 return ERR_PTR(ret); 139 } 140 return umem; 141 } 142 143 umem->odp_data = NULL; 144 145 /* We assume the memory is from hugetlb until proved otherwise */ 146 umem->hugetlb = 1; 147 148 page_list = (struct page **) __get_free_page(GFP_KERNEL); 149 if (!page_list) { 150 put_pid(umem->pid); 151 kfree(umem); 152 return ERR_PTR(-ENOMEM); 153 } 154 155 /* 156 * if we can't alloc the vma_list, it's not so bad; 157 * just assume the memory is not hugetlb memory 158 */ 159 vma_list = (struct vm_area_struct **) __get_free_page(GFP_KERNEL); 160 if (!vma_list) 161 umem->hugetlb = 0; 162 163 npages = ib_umem_num_pages(umem); 164 165 down_write(¤t->mm->mmap_sem); 166 167 locked = npages + current->mm->pinned_vm; 168 lock_limit = rlimit(RLIMIT_MEMLOCK) >> PAGE_SHIFT; 169 170 if ((locked > lock_limit) && !capable(CAP_IPC_LOCK)) { 171 ret = -ENOMEM; 172 goto out; 173 } 174 175 cur_base = addr & PAGE_MASK; 176 177 if (npages == 0 || npages > UINT_MAX) { 178 ret = -EINVAL; 179 goto out; 180 } 181 182 ret = sg_alloc_table(&umem->sg_head, npages, GFP_KERNEL); 183 if (ret) 184 goto out; 185 186 if (!umem->writable) 187 gup_flags |= FOLL_FORCE; 188 189 need_release = 1; 190 sg_list_start = umem->sg_head.sgl; 191 192 while (npages) { 193 ret = get_user_pages(cur_base, 194 min_t(unsigned long, npages, 195 PAGE_SIZE / sizeof (struct page *)), 196 gup_flags, page_list, vma_list); 197 198 if (ret < 0) 199 goto out; 200 201 umem->npages += ret; 202 cur_base += ret * PAGE_SIZE; 203 npages -= ret; 204 205 for_each_sg(sg_list_start, sg, ret, i) { 206 if (vma_list && !is_vm_hugetlb_page(vma_list[i])) 207 umem->hugetlb = 0; 208 209 sg_set_page(sg, page_list[i], PAGE_SIZE, 0); 210 } 211 212 /* preparing for next loop */ 213 sg_list_start = sg; 214 } 215 216 umem->nmap = ib_dma_map_sg_attrs(context->device, 217 umem->sg_head.sgl, 218 umem->npages, 219 DMA_BIDIRECTIONAL, 220 dma_attrs); 221 222 if (umem->nmap <= 0) { 223 ret = -ENOMEM; 224 goto out; 225 } 226 227 ret = 0; 228 229 out: 230 if (ret < 0) { 231 if (need_release) 232 __ib_umem_release(context->device, umem, 0); 233 put_pid(umem->pid); 234 kfree(umem); 235 } else 236 current->mm->pinned_vm = locked; 237 238 up_write(¤t->mm->mmap_sem); 239 if (vma_list) 240 free_page((unsigned long) vma_list); 241 free_page((unsigned long) page_list); 242 243 return ret < 0 ? ERR_PTR(ret) : umem; 244 } 245 EXPORT_SYMBOL(ib_umem_get); 246 247 static void ib_umem_account(struct work_struct *work) 248 { 249 struct ib_umem *umem = container_of(work, struct ib_umem, work); 250 251 down_write(&umem->mm->mmap_sem); 252 umem->mm->pinned_vm -= umem->diff; 253 up_write(&umem->mm->mmap_sem); 254 mmput(umem->mm); 255 kfree(umem); 256 } 257 258 /** 259 * ib_umem_release - release memory pinned with ib_umem_get 260 * @umem: umem struct to release 261 */ 262 void ib_umem_release(struct ib_umem *umem) 263 { 264 struct ib_ucontext *context = umem->context; 265 struct mm_struct *mm; 266 struct task_struct *task; 267 unsigned long diff; 268 269 if (umem->odp_data) { 270 ib_umem_odp_release(umem); 271 return; 272 } 273 274 __ib_umem_release(umem->context->device, umem, 1); 275 276 task = get_pid_task(umem->pid, PIDTYPE_PID); 277 put_pid(umem->pid); 278 if (!task) 279 goto out; 280 mm = get_task_mm(task); 281 put_task_struct(task); 282 if (!mm) 283 goto out; 284 285 diff = ib_umem_num_pages(umem); 286 287 /* 288 * We may be called with the mm's mmap_sem already held. This 289 * can happen when a userspace munmap() is the call that drops 290 * the last reference to our file and calls our release 291 * method. If there are memory regions to destroy, we'll end 292 * up here and not be able to take the mmap_sem. In that case 293 * we defer the vm_locked accounting to the system workqueue. 294 */ 295 if (context->closing) { 296 if (!down_write_trylock(&mm->mmap_sem)) { 297 INIT_WORK(&umem->work, ib_umem_account); 298 umem->mm = mm; 299 umem->diff = diff; 300 301 queue_work(ib_wq, &umem->work); 302 return; 303 } 304 } else 305 down_write(&mm->mmap_sem); 306 307 mm->pinned_vm -= diff; 308 up_write(&mm->mmap_sem); 309 mmput(mm); 310 out: 311 kfree(umem); 312 } 313 EXPORT_SYMBOL(ib_umem_release); 314 315 int ib_umem_page_count(struct ib_umem *umem) 316 { 317 int shift; 318 int i; 319 int n; 320 struct scatterlist *sg; 321 322 if (umem->odp_data) 323 return ib_umem_num_pages(umem); 324 325 shift = ilog2(umem->page_size); 326 327 n = 0; 328 for_each_sg(umem->sg_head.sgl, sg, umem->nmap, i) 329 n += sg_dma_len(sg) >> shift; 330 331 return n; 332 } 333 EXPORT_SYMBOL(ib_umem_page_count); 334 335 /* 336 * Copy from the given ib_umem's pages to the given buffer. 337 * 338 * umem - the umem to copy from 339 * offset - offset to start copying from 340 * dst - destination buffer 341 * length - buffer length 342 * 343 * Returns 0 on success, or an error code. 344 */ 345 int ib_umem_copy_from(void *dst, struct ib_umem *umem, size_t offset, 346 size_t length) 347 { 348 size_t end = offset + length; 349 int ret; 350 351 if (offset > umem->length || length > umem->length - offset) { 352 pr_err("ib_umem_copy_from not in range. offset: %zd umem length: %zd end: %zd\n", 353 offset, umem->length, end); 354 return -EINVAL; 355 } 356 357 ret = sg_pcopy_to_buffer(umem->sg_head.sgl, umem->nmap, dst, length, 358 offset + ib_umem_offset(umem)); 359 360 if (ret < 0) 361 return ret; 362 else if (ret != length) 363 return -EINVAL; 364 else 365 return 0; 366 } 367 EXPORT_SYMBOL(ib_umem_copy_from); 368