1 /* 2 * Copyright (c) 2005 Topspin Communications. All rights reserved. 3 * Copyright (c) 2005, 2006 Cisco Systems. All rights reserved. 4 * Copyright (c) 2005 Mellanox Technologies. All rights reserved. 5 * Copyright (c) 2005 Voltaire, Inc. All rights reserved. 6 * Copyright (c) 2005 PathScale, Inc. All rights reserved. 7 * 8 * This software is available to you under a choice of one of two 9 * licenses. You may choose to be licensed under the terms of the GNU 10 * General Public License (GPL) Version 2, available from the file 11 * COPYING in the main directory of this source tree, or the 12 * OpenIB.org BSD license below: 13 * 14 * Redistribution and use in source and binary forms, with or 15 * without modification, are permitted provided that the following 16 * conditions are met: 17 * 18 * - Redistributions of source code must retain the above 19 * copyright notice, this list of conditions and the following 20 * disclaimer. 21 * 22 * - Redistributions in binary form must reproduce the above 23 * copyright notice, this list of conditions and the following 24 * disclaimer in the documentation and/or other materials 25 * provided with the distribution. 26 * 27 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 28 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 29 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 30 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 31 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 32 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 33 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 34 * SOFTWARE. 35 */ 36 37 #include <linux/module.h> 38 #include <linux/init.h> 39 #include <linux/device.h> 40 #include <linux/err.h> 41 #include <linux/fs.h> 42 #include <linux/poll.h> 43 #include <linux/sched.h> 44 #include <linux/file.h> 45 #include <linux/cdev.h> 46 #include <linux/anon_inodes.h> 47 #include <linux/slab.h> 48 49 #include <asm/uaccess.h> 50 51 #include "uverbs.h" 52 53 MODULE_AUTHOR("Roland Dreier"); 54 MODULE_DESCRIPTION("InfiniBand userspace verbs access"); 55 MODULE_LICENSE("Dual BSD/GPL"); 56 57 enum { 58 IB_UVERBS_MAJOR = 231, 59 IB_UVERBS_BASE_MINOR = 192, 60 IB_UVERBS_MAX_DEVICES = 32 61 }; 62 63 #define IB_UVERBS_BASE_DEV MKDEV(IB_UVERBS_MAJOR, IB_UVERBS_BASE_MINOR) 64 65 static struct class *uverbs_class; 66 67 DEFINE_SPINLOCK(ib_uverbs_idr_lock); 68 DEFINE_IDR(ib_uverbs_pd_idr); 69 DEFINE_IDR(ib_uverbs_mr_idr); 70 DEFINE_IDR(ib_uverbs_mw_idr); 71 DEFINE_IDR(ib_uverbs_ah_idr); 72 DEFINE_IDR(ib_uverbs_cq_idr); 73 DEFINE_IDR(ib_uverbs_qp_idr); 74 DEFINE_IDR(ib_uverbs_srq_idr); 75 DEFINE_IDR(ib_uverbs_xrcd_idr); 76 DEFINE_IDR(ib_uverbs_rule_idr); 77 78 static DEFINE_SPINLOCK(map_lock); 79 static DECLARE_BITMAP(dev_map, IB_UVERBS_MAX_DEVICES); 80 81 static ssize_t (*uverbs_cmd_table[])(struct ib_uverbs_file *file, 82 const char __user *buf, int in_len, 83 int out_len) = { 84 [IB_USER_VERBS_CMD_GET_CONTEXT] = ib_uverbs_get_context, 85 [IB_USER_VERBS_CMD_QUERY_DEVICE] = ib_uverbs_query_device, 86 [IB_USER_VERBS_CMD_QUERY_PORT] = ib_uverbs_query_port, 87 [IB_USER_VERBS_CMD_ALLOC_PD] = ib_uverbs_alloc_pd, 88 [IB_USER_VERBS_CMD_DEALLOC_PD] = ib_uverbs_dealloc_pd, 89 [IB_USER_VERBS_CMD_REG_MR] = ib_uverbs_reg_mr, 90 [IB_USER_VERBS_CMD_REREG_MR] = ib_uverbs_rereg_mr, 91 [IB_USER_VERBS_CMD_DEREG_MR] = ib_uverbs_dereg_mr, 92 [IB_USER_VERBS_CMD_ALLOC_MW] = ib_uverbs_alloc_mw, 93 [IB_USER_VERBS_CMD_DEALLOC_MW] = ib_uverbs_dealloc_mw, 94 [IB_USER_VERBS_CMD_CREATE_COMP_CHANNEL] = ib_uverbs_create_comp_channel, 95 [IB_USER_VERBS_CMD_CREATE_CQ] = ib_uverbs_create_cq, 96 [IB_USER_VERBS_CMD_RESIZE_CQ] = ib_uverbs_resize_cq, 97 [IB_USER_VERBS_CMD_POLL_CQ] = ib_uverbs_poll_cq, 98 [IB_USER_VERBS_CMD_REQ_NOTIFY_CQ] = ib_uverbs_req_notify_cq, 99 [IB_USER_VERBS_CMD_DESTROY_CQ] = ib_uverbs_destroy_cq, 100 [IB_USER_VERBS_CMD_CREATE_QP] = ib_uverbs_create_qp, 101 [IB_USER_VERBS_CMD_QUERY_QP] = ib_uverbs_query_qp, 102 [IB_USER_VERBS_CMD_MODIFY_QP] = ib_uverbs_modify_qp, 103 [IB_USER_VERBS_CMD_DESTROY_QP] = ib_uverbs_destroy_qp, 104 [IB_USER_VERBS_CMD_POST_SEND] = ib_uverbs_post_send, 105 [IB_USER_VERBS_CMD_POST_RECV] = ib_uverbs_post_recv, 106 [IB_USER_VERBS_CMD_POST_SRQ_RECV] = ib_uverbs_post_srq_recv, 107 [IB_USER_VERBS_CMD_CREATE_AH] = ib_uverbs_create_ah, 108 [IB_USER_VERBS_CMD_DESTROY_AH] = ib_uverbs_destroy_ah, 109 [IB_USER_VERBS_CMD_ATTACH_MCAST] = ib_uverbs_attach_mcast, 110 [IB_USER_VERBS_CMD_DETACH_MCAST] = ib_uverbs_detach_mcast, 111 [IB_USER_VERBS_CMD_CREATE_SRQ] = ib_uverbs_create_srq, 112 [IB_USER_VERBS_CMD_MODIFY_SRQ] = ib_uverbs_modify_srq, 113 [IB_USER_VERBS_CMD_QUERY_SRQ] = ib_uverbs_query_srq, 114 [IB_USER_VERBS_CMD_DESTROY_SRQ] = ib_uverbs_destroy_srq, 115 [IB_USER_VERBS_CMD_OPEN_XRCD] = ib_uverbs_open_xrcd, 116 [IB_USER_VERBS_CMD_CLOSE_XRCD] = ib_uverbs_close_xrcd, 117 [IB_USER_VERBS_CMD_CREATE_XSRQ] = ib_uverbs_create_xsrq, 118 [IB_USER_VERBS_CMD_OPEN_QP] = ib_uverbs_open_qp, 119 }; 120 121 static int (*uverbs_ex_cmd_table[])(struct ib_uverbs_file *file, 122 struct ib_udata *ucore, 123 struct ib_udata *uhw) = { 124 [IB_USER_VERBS_EX_CMD_CREATE_FLOW] = ib_uverbs_ex_create_flow, 125 [IB_USER_VERBS_EX_CMD_DESTROY_FLOW] = ib_uverbs_ex_destroy_flow 126 }; 127 128 static void ib_uverbs_add_one(struct ib_device *device); 129 static void ib_uverbs_remove_one(struct ib_device *device); 130 131 static void ib_uverbs_release_dev(struct kref *ref) 132 { 133 struct ib_uverbs_device *dev = 134 container_of(ref, struct ib_uverbs_device, ref); 135 136 complete(&dev->comp); 137 } 138 139 static void ib_uverbs_release_event_file(struct kref *ref) 140 { 141 struct ib_uverbs_event_file *file = 142 container_of(ref, struct ib_uverbs_event_file, ref); 143 144 kfree(file); 145 } 146 147 void ib_uverbs_release_ucq(struct ib_uverbs_file *file, 148 struct ib_uverbs_event_file *ev_file, 149 struct ib_ucq_object *uobj) 150 { 151 struct ib_uverbs_event *evt, *tmp; 152 153 if (ev_file) { 154 spin_lock_irq(&ev_file->lock); 155 list_for_each_entry_safe(evt, tmp, &uobj->comp_list, obj_list) { 156 list_del(&evt->list); 157 kfree(evt); 158 } 159 spin_unlock_irq(&ev_file->lock); 160 161 kref_put(&ev_file->ref, ib_uverbs_release_event_file); 162 } 163 164 spin_lock_irq(&file->async_file->lock); 165 list_for_each_entry_safe(evt, tmp, &uobj->async_list, obj_list) { 166 list_del(&evt->list); 167 kfree(evt); 168 } 169 spin_unlock_irq(&file->async_file->lock); 170 } 171 172 void ib_uverbs_release_uevent(struct ib_uverbs_file *file, 173 struct ib_uevent_object *uobj) 174 { 175 struct ib_uverbs_event *evt, *tmp; 176 177 spin_lock_irq(&file->async_file->lock); 178 list_for_each_entry_safe(evt, tmp, &uobj->event_list, obj_list) { 179 list_del(&evt->list); 180 kfree(evt); 181 } 182 spin_unlock_irq(&file->async_file->lock); 183 } 184 185 static void ib_uverbs_detach_umcast(struct ib_qp *qp, 186 struct ib_uqp_object *uobj) 187 { 188 struct ib_uverbs_mcast_entry *mcast, *tmp; 189 190 list_for_each_entry_safe(mcast, tmp, &uobj->mcast_list, list) { 191 ib_detach_mcast(qp, &mcast->gid, mcast->lid); 192 list_del(&mcast->list); 193 kfree(mcast); 194 } 195 } 196 197 static int ib_uverbs_cleanup_ucontext(struct ib_uverbs_file *file, 198 struct ib_ucontext *context) 199 { 200 struct ib_uobject *uobj, *tmp; 201 202 if (!context) 203 return 0; 204 205 context->closing = 1; 206 207 list_for_each_entry_safe(uobj, tmp, &context->ah_list, list) { 208 struct ib_ah *ah = uobj->object; 209 210 idr_remove_uobj(&ib_uverbs_ah_idr, uobj); 211 ib_destroy_ah(ah); 212 kfree(uobj); 213 } 214 215 /* Remove MWs before QPs, in order to support type 2A MWs. */ 216 list_for_each_entry_safe(uobj, tmp, &context->mw_list, list) { 217 struct ib_mw *mw = uobj->object; 218 219 idr_remove_uobj(&ib_uverbs_mw_idr, uobj); 220 ib_dealloc_mw(mw); 221 kfree(uobj); 222 } 223 224 list_for_each_entry_safe(uobj, tmp, &context->rule_list, list) { 225 struct ib_flow *flow_id = uobj->object; 226 227 idr_remove_uobj(&ib_uverbs_rule_idr, uobj); 228 ib_destroy_flow(flow_id); 229 kfree(uobj); 230 } 231 232 list_for_each_entry_safe(uobj, tmp, &context->qp_list, list) { 233 struct ib_qp *qp = uobj->object; 234 struct ib_uqp_object *uqp = 235 container_of(uobj, struct ib_uqp_object, uevent.uobject); 236 237 idr_remove_uobj(&ib_uverbs_qp_idr, uobj); 238 if (qp != qp->real_qp) { 239 ib_close_qp(qp); 240 } else { 241 ib_uverbs_detach_umcast(qp, uqp); 242 ib_destroy_qp(qp); 243 } 244 ib_uverbs_release_uevent(file, &uqp->uevent); 245 kfree(uqp); 246 } 247 248 list_for_each_entry_safe(uobj, tmp, &context->cq_list, list) { 249 struct ib_cq *cq = uobj->object; 250 struct ib_uverbs_event_file *ev_file = cq->cq_context; 251 struct ib_ucq_object *ucq = 252 container_of(uobj, struct ib_ucq_object, uobject); 253 254 idr_remove_uobj(&ib_uverbs_cq_idr, uobj); 255 ib_destroy_cq(cq); 256 ib_uverbs_release_ucq(file, ev_file, ucq); 257 kfree(ucq); 258 } 259 260 list_for_each_entry_safe(uobj, tmp, &context->srq_list, list) { 261 struct ib_srq *srq = uobj->object; 262 struct ib_uevent_object *uevent = 263 container_of(uobj, struct ib_uevent_object, uobject); 264 265 idr_remove_uobj(&ib_uverbs_srq_idr, uobj); 266 ib_destroy_srq(srq); 267 ib_uverbs_release_uevent(file, uevent); 268 kfree(uevent); 269 } 270 271 list_for_each_entry_safe(uobj, tmp, &context->mr_list, list) { 272 struct ib_mr *mr = uobj->object; 273 274 idr_remove_uobj(&ib_uverbs_mr_idr, uobj); 275 ib_dereg_mr(mr); 276 kfree(uobj); 277 } 278 279 mutex_lock(&file->device->xrcd_tree_mutex); 280 list_for_each_entry_safe(uobj, tmp, &context->xrcd_list, list) { 281 struct ib_xrcd *xrcd = uobj->object; 282 struct ib_uxrcd_object *uxrcd = 283 container_of(uobj, struct ib_uxrcd_object, uobject); 284 285 idr_remove_uobj(&ib_uverbs_xrcd_idr, uobj); 286 ib_uverbs_dealloc_xrcd(file->device, xrcd); 287 kfree(uxrcd); 288 } 289 mutex_unlock(&file->device->xrcd_tree_mutex); 290 291 list_for_each_entry_safe(uobj, tmp, &context->pd_list, list) { 292 struct ib_pd *pd = uobj->object; 293 294 idr_remove_uobj(&ib_uverbs_pd_idr, uobj); 295 ib_dealloc_pd(pd); 296 kfree(uobj); 297 } 298 299 return context->device->dealloc_ucontext(context); 300 } 301 302 static void ib_uverbs_release_file(struct kref *ref) 303 { 304 struct ib_uverbs_file *file = 305 container_of(ref, struct ib_uverbs_file, ref); 306 307 module_put(file->device->ib_dev->owner); 308 kref_put(&file->device->ref, ib_uverbs_release_dev); 309 310 kfree(file); 311 } 312 313 static ssize_t ib_uverbs_event_read(struct file *filp, char __user *buf, 314 size_t count, loff_t *pos) 315 { 316 struct ib_uverbs_event_file *file = filp->private_data; 317 struct ib_uverbs_event *event; 318 int eventsz; 319 int ret = 0; 320 321 spin_lock_irq(&file->lock); 322 323 while (list_empty(&file->event_list)) { 324 spin_unlock_irq(&file->lock); 325 326 if (filp->f_flags & O_NONBLOCK) 327 return -EAGAIN; 328 329 if (wait_event_interruptible(file->poll_wait, 330 !list_empty(&file->event_list))) 331 return -ERESTARTSYS; 332 333 spin_lock_irq(&file->lock); 334 } 335 336 event = list_entry(file->event_list.next, struct ib_uverbs_event, list); 337 338 if (file->is_async) 339 eventsz = sizeof (struct ib_uverbs_async_event_desc); 340 else 341 eventsz = sizeof (struct ib_uverbs_comp_event_desc); 342 343 if (eventsz > count) { 344 ret = -EINVAL; 345 event = NULL; 346 } else { 347 list_del(file->event_list.next); 348 if (event->counter) { 349 ++(*event->counter); 350 list_del(&event->obj_list); 351 } 352 } 353 354 spin_unlock_irq(&file->lock); 355 356 if (event) { 357 if (copy_to_user(buf, event, eventsz)) 358 ret = -EFAULT; 359 else 360 ret = eventsz; 361 } 362 363 kfree(event); 364 365 return ret; 366 } 367 368 static unsigned int ib_uverbs_event_poll(struct file *filp, 369 struct poll_table_struct *wait) 370 { 371 unsigned int pollflags = 0; 372 struct ib_uverbs_event_file *file = filp->private_data; 373 374 poll_wait(filp, &file->poll_wait, wait); 375 376 spin_lock_irq(&file->lock); 377 if (!list_empty(&file->event_list)) 378 pollflags = POLLIN | POLLRDNORM; 379 spin_unlock_irq(&file->lock); 380 381 return pollflags; 382 } 383 384 static int ib_uverbs_event_fasync(int fd, struct file *filp, int on) 385 { 386 struct ib_uverbs_event_file *file = filp->private_data; 387 388 return fasync_helper(fd, filp, on, &file->async_queue); 389 } 390 391 static int ib_uverbs_event_close(struct inode *inode, struct file *filp) 392 { 393 struct ib_uverbs_event_file *file = filp->private_data; 394 struct ib_uverbs_event *entry, *tmp; 395 396 spin_lock_irq(&file->lock); 397 file->is_closed = 1; 398 list_for_each_entry_safe(entry, tmp, &file->event_list, list) { 399 if (entry->counter) 400 list_del(&entry->obj_list); 401 kfree(entry); 402 } 403 spin_unlock_irq(&file->lock); 404 405 if (file->is_async) { 406 ib_unregister_event_handler(&file->uverbs_file->event_handler); 407 kref_put(&file->uverbs_file->ref, ib_uverbs_release_file); 408 } 409 kref_put(&file->ref, ib_uverbs_release_event_file); 410 411 return 0; 412 } 413 414 static const struct file_operations uverbs_event_fops = { 415 .owner = THIS_MODULE, 416 .read = ib_uverbs_event_read, 417 .poll = ib_uverbs_event_poll, 418 .release = ib_uverbs_event_close, 419 .fasync = ib_uverbs_event_fasync, 420 .llseek = no_llseek, 421 }; 422 423 void ib_uverbs_comp_handler(struct ib_cq *cq, void *cq_context) 424 { 425 struct ib_uverbs_event_file *file = cq_context; 426 struct ib_ucq_object *uobj; 427 struct ib_uverbs_event *entry; 428 unsigned long flags; 429 430 if (!file) 431 return; 432 433 spin_lock_irqsave(&file->lock, flags); 434 if (file->is_closed) { 435 spin_unlock_irqrestore(&file->lock, flags); 436 return; 437 } 438 439 entry = kmalloc(sizeof *entry, GFP_ATOMIC); 440 if (!entry) { 441 spin_unlock_irqrestore(&file->lock, flags); 442 return; 443 } 444 445 uobj = container_of(cq->uobject, struct ib_ucq_object, uobject); 446 447 entry->desc.comp.cq_handle = cq->uobject->user_handle; 448 entry->counter = &uobj->comp_events_reported; 449 450 list_add_tail(&entry->list, &file->event_list); 451 list_add_tail(&entry->obj_list, &uobj->comp_list); 452 spin_unlock_irqrestore(&file->lock, flags); 453 454 wake_up_interruptible(&file->poll_wait); 455 kill_fasync(&file->async_queue, SIGIO, POLL_IN); 456 } 457 458 static void ib_uverbs_async_handler(struct ib_uverbs_file *file, 459 __u64 element, __u64 event, 460 struct list_head *obj_list, 461 u32 *counter) 462 { 463 struct ib_uverbs_event *entry; 464 unsigned long flags; 465 466 spin_lock_irqsave(&file->async_file->lock, flags); 467 if (file->async_file->is_closed) { 468 spin_unlock_irqrestore(&file->async_file->lock, flags); 469 return; 470 } 471 472 entry = kmalloc(sizeof *entry, GFP_ATOMIC); 473 if (!entry) { 474 spin_unlock_irqrestore(&file->async_file->lock, flags); 475 return; 476 } 477 478 entry->desc.async.element = element; 479 entry->desc.async.event_type = event; 480 entry->counter = counter; 481 482 list_add_tail(&entry->list, &file->async_file->event_list); 483 if (obj_list) 484 list_add_tail(&entry->obj_list, obj_list); 485 spin_unlock_irqrestore(&file->async_file->lock, flags); 486 487 wake_up_interruptible(&file->async_file->poll_wait); 488 kill_fasync(&file->async_file->async_queue, SIGIO, POLL_IN); 489 } 490 491 void ib_uverbs_cq_event_handler(struct ib_event *event, void *context_ptr) 492 { 493 struct ib_ucq_object *uobj = container_of(event->element.cq->uobject, 494 struct ib_ucq_object, uobject); 495 496 ib_uverbs_async_handler(uobj->uverbs_file, uobj->uobject.user_handle, 497 event->event, &uobj->async_list, 498 &uobj->async_events_reported); 499 } 500 501 void ib_uverbs_qp_event_handler(struct ib_event *event, void *context_ptr) 502 { 503 struct ib_uevent_object *uobj; 504 505 uobj = container_of(event->element.qp->uobject, 506 struct ib_uevent_object, uobject); 507 508 ib_uverbs_async_handler(context_ptr, uobj->uobject.user_handle, 509 event->event, &uobj->event_list, 510 &uobj->events_reported); 511 } 512 513 void ib_uverbs_srq_event_handler(struct ib_event *event, void *context_ptr) 514 { 515 struct ib_uevent_object *uobj; 516 517 uobj = container_of(event->element.srq->uobject, 518 struct ib_uevent_object, uobject); 519 520 ib_uverbs_async_handler(context_ptr, uobj->uobject.user_handle, 521 event->event, &uobj->event_list, 522 &uobj->events_reported); 523 } 524 525 void ib_uverbs_event_handler(struct ib_event_handler *handler, 526 struct ib_event *event) 527 { 528 struct ib_uverbs_file *file = 529 container_of(handler, struct ib_uverbs_file, event_handler); 530 531 ib_uverbs_async_handler(file, event->element.port_num, event->event, 532 NULL, NULL); 533 } 534 535 struct file *ib_uverbs_alloc_event_file(struct ib_uverbs_file *uverbs_file, 536 int is_async) 537 { 538 struct ib_uverbs_event_file *ev_file; 539 struct file *filp; 540 541 ev_file = kmalloc(sizeof *ev_file, GFP_KERNEL); 542 if (!ev_file) 543 return ERR_PTR(-ENOMEM); 544 545 kref_init(&ev_file->ref); 546 spin_lock_init(&ev_file->lock); 547 INIT_LIST_HEAD(&ev_file->event_list); 548 init_waitqueue_head(&ev_file->poll_wait); 549 ev_file->uverbs_file = uverbs_file; 550 ev_file->async_queue = NULL; 551 ev_file->is_async = is_async; 552 ev_file->is_closed = 0; 553 554 filp = anon_inode_getfile("[infinibandevent]", &uverbs_event_fops, 555 ev_file, O_RDONLY); 556 if (IS_ERR(filp)) 557 kfree(ev_file); 558 559 return filp; 560 } 561 562 /* 563 * Look up a completion event file by FD. If lookup is successful, 564 * takes a ref to the event file struct that it returns; if 565 * unsuccessful, returns NULL. 566 */ 567 struct ib_uverbs_event_file *ib_uverbs_lookup_comp_file(int fd) 568 { 569 struct ib_uverbs_event_file *ev_file = NULL; 570 struct fd f = fdget(fd); 571 572 if (!f.file) 573 return NULL; 574 575 if (f.file->f_op != &uverbs_event_fops) 576 goto out; 577 578 ev_file = f.file->private_data; 579 if (ev_file->is_async) { 580 ev_file = NULL; 581 goto out; 582 } 583 584 kref_get(&ev_file->ref); 585 586 out: 587 fdput(f); 588 return ev_file; 589 } 590 591 static ssize_t ib_uverbs_write(struct file *filp, const char __user *buf, 592 size_t count, loff_t *pos) 593 { 594 struct ib_uverbs_file *file = filp->private_data; 595 struct ib_uverbs_cmd_hdr hdr; 596 __u32 flags; 597 598 if (count < sizeof hdr) 599 return -EINVAL; 600 601 if (copy_from_user(&hdr, buf, sizeof hdr)) 602 return -EFAULT; 603 604 flags = (hdr.command & 605 IB_USER_VERBS_CMD_FLAGS_MASK) >> IB_USER_VERBS_CMD_FLAGS_SHIFT; 606 607 if (!flags) { 608 __u32 command; 609 610 if (hdr.command & ~(__u32)(IB_USER_VERBS_CMD_FLAGS_MASK | 611 IB_USER_VERBS_CMD_COMMAND_MASK)) 612 return -EINVAL; 613 614 command = hdr.command & IB_USER_VERBS_CMD_COMMAND_MASK; 615 616 if (command >= ARRAY_SIZE(uverbs_cmd_table) || 617 !uverbs_cmd_table[command]) 618 return -EINVAL; 619 620 if (!file->ucontext && 621 command != IB_USER_VERBS_CMD_GET_CONTEXT) 622 return -EINVAL; 623 624 if (!(file->device->ib_dev->uverbs_cmd_mask & (1ull << command))) 625 return -ENOSYS; 626 627 if (hdr.in_words * 4 != count) 628 return -EINVAL; 629 630 return uverbs_cmd_table[command](file, 631 buf + sizeof(hdr), 632 hdr.in_words * 4, 633 hdr.out_words * 4); 634 635 } else if (flags == IB_USER_VERBS_CMD_FLAG_EXTENDED) { 636 __u32 command; 637 638 struct ib_uverbs_ex_cmd_hdr ex_hdr; 639 struct ib_udata ucore; 640 struct ib_udata uhw; 641 int err; 642 size_t written_count = count; 643 644 if (hdr.command & ~(__u32)(IB_USER_VERBS_CMD_FLAGS_MASK | 645 IB_USER_VERBS_CMD_COMMAND_MASK)) 646 return -EINVAL; 647 648 command = hdr.command & IB_USER_VERBS_CMD_COMMAND_MASK; 649 650 if (command >= ARRAY_SIZE(uverbs_ex_cmd_table) || 651 !uverbs_ex_cmd_table[command]) 652 return -ENOSYS; 653 654 if (!file->ucontext) 655 return -EINVAL; 656 657 if (!(file->device->ib_dev->uverbs_ex_cmd_mask & (1ull << command))) 658 return -ENOSYS; 659 660 if (count < (sizeof(hdr) + sizeof(ex_hdr))) 661 return -EINVAL; 662 663 if (copy_from_user(&ex_hdr, buf + sizeof(hdr), sizeof(ex_hdr))) 664 return -EFAULT; 665 666 count -= sizeof(hdr) + sizeof(ex_hdr); 667 buf += sizeof(hdr) + sizeof(ex_hdr); 668 669 if ((hdr.in_words + ex_hdr.provider_in_words) * 8 != count) 670 return -EINVAL; 671 672 if (ex_hdr.cmd_hdr_reserved) 673 return -EINVAL; 674 675 if (ex_hdr.response) { 676 if (!hdr.out_words && !ex_hdr.provider_out_words) 677 return -EINVAL; 678 679 if (!access_ok(VERIFY_WRITE, 680 (void __user *) (unsigned long) ex_hdr.response, 681 (hdr.out_words + ex_hdr.provider_out_words) * 8)) 682 return -EFAULT; 683 } else { 684 if (hdr.out_words || ex_hdr.provider_out_words) 685 return -EINVAL; 686 } 687 688 INIT_UDATA_BUF_OR_NULL(&ucore, buf, (unsigned long) ex_hdr.response, 689 hdr.in_words * 8, hdr.out_words * 8); 690 691 INIT_UDATA_BUF_OR_NULL(&uhw, 692 buf + ucore.inlen, 693 (unsigned long) ex_hdr.response + ucore.outlen, 694 ex_hdr.provider_in_words * 8, 695 ex_hdr.provider_out_words * 8); 696 697 err = uverbs_ex_cmd_table[command](file, 698 &ucore, 699 &uhw); 700 701 if (err) 702 return err; 703 704 return written_count; 705 } 706 707 return -ENOSYS; 708 } 709 710 static int ib_uverbs_mmap(struct file *filp, struct vm_area_struct *vma) 711 { 712 struct ib_uverbs_file *file = filp->private_data; 713 714 if (!file->ucontext) 715 return -ENODEV; 716 else 717 return file->device->ib_dev->mmap(file->ucontext, vma); 718 } 719 720 /* 721 * ib_uverbs_open() does not need the BKL: 722 * 723 * - the ib_uverbs_device structures are properly reference counted and 724 * everything else is purely local to the file being created, so 725 * races against other open calls are not a problem; 726 * - there is no ioctl method to race against; 727 * - the open method will either immediately run -ENXIO, or all 728 * required initialization will be done. 729 */ 730 static int ib_uverbs_open(struct inode *inode, struct file *filp) 731 { 732 struct ib_uverbs_device *dev; 733 struct ib_uverbs_file *file; 734 int ret; 735 736 dev = container_of(inode->i_cdev, struct ib_uverbs_device, cdev); 737 if (dev) 738 kref_get(&dev->ref); 739 else 740 return -ENXIO; 741 742 if (!try_module_get(dev->ib_dev->owner)) { 743 ret = -ENODEV; 744 goto err; 745 } 746 747 file = kmalloc(sizeof *file, GFP_KERNEL); 748 if (!file) { 749 ret = -ENOMEM; 750 goto err_module; 751 } 752 753 file->device = dev; 754 file->ucontext = NULL; 755 file->async_file = NULL; 756 kref_init(&file->ref); 757 mutex_init(&file->mutex); 758 759 filp->private_data = file; 760 761 return nonseekable_open(inode, filp); 762 763 err_module: 764 module_put(dev->ib_dev->owner); 765 766 err: 767 kref_put(&dev->ref, ib_uverbs_release_dev); 768 return ret; 769 } 770 771 static int ib_uverbs_close(struct inode *inode, struct file *filp) 772 { 773 struct ib_uverbs_file *file = filp->private_data; 774 775 ib_uverbs_cleanup_ucontext(file, file->ucontext); 776 777 if (file->async_file) 778 kref_put(&file->async_file->ref, ib_uverbs_release_event_file); 779 780 kref_put(&file->ref, ib_uverbs_release_file); 781 782 return 0; 783 } 784 785 static const struct file_operations uverbs_fops = { 786 .owner = THIS_MODULE, 787 .write = ib_uverbs_write, 788 .open = ib_uverbs_open, 789 .release = ib_uverbs_close, 790 .llseek = no_llseek, 791 }; 792 793 static const struct file_operations uverbs_mmap_fops = { 794 .owner = THIS_MODULE, 795 .write = ib_uverbs_write, 796 .mmap = ib_uverbs_mmap, 797 .open = ib_uverbs_open, 798 .release = ib_uverbs_close, 799 .llseek = no_llseek, 800 }; 801 802 static struct ib_client uverbs_client = { 803 .name = "uverbs", 804 .add = ib_uverbs_add_one, 805 .remove = ib_uverbs_remove_one 806 }; 807 808 static ssize_t show_ibdev(struct device *device, struct device_attribute *attr, 809 char *buf) 810 { 811 struct ib_uverbs_device *dev = dev_get_drvdata(device); 812 813 if (!dev) 814 return -ENODEV; 815 816 return sprintf(buf, "%s\n", dev->ib_dev->name); 817 } 818 static DEVICE_ATTR(ibdev, S_IRUGO, show_ibdev, NULL); 819 820 static ssize_t show_dev_abi_version(struct device *device, 821 struct device_attribute *attr, char *buf) 822 { 823 struct ib_uverbs_device *dev = dev_get_drvdata(device); 824 825 if (!dev) 826 return -ENODEV; 827 828 return sprintf(buf, "%d\n", dev->ib_dev->uverbs_abi_ver); 829 } 830 static DEVICE_ATTR(abi_version, S_IRUGO, show_dev_abi_version, NULL); 831 832 static CLASS_ATTR_STRING(abi_version, S_IRUGO, 833 __stringify(IB_USER_VERBS_ABI_VERSION)); 834 835 static dev_t overflow_maj; 836 static DECLARE_BITMAP(overflow_map, IB_UVERBS_MAX_DEVICES); 837 838 /* 839 * If we have more than IB_UVERBS_MAX_DEVICES, dynamically overflow by 840 * requesting a new major number and doubling the number of max devices we 841 * support. It's stupid, but simple. 842 */ 843 static int find_overflow_devnum(void) 844 { 845 int ret; 846 847 if (!overflow_maj) { 848 ret = alloc_chrdev_region(&overflow_maj, 0, IB_UVERBS_MAX_DEVICES, 849 "infiniband_verbs"); 850 if (ret) { 851 printk(KERN_ERR "user_verbs: couldn't register dynamic device number\n"); 852 return ret; 853 } 854 } 855 856 ret = find_first_zero_bit(overflow_map, IB_UVERBS_MAX_DEVICES); 857 if (ret >= IB_UVERBS_MAX_DEVICES) 858 return -1; 859 860 return ret; 861 } 862 863 static void ib_uverbs_add_one(struct ib_device *device) 864 { 865 int devnum; 866 dev_t base; 867 struct ib_uverbs_device *uverbs_dev; 868 869 if (!device->alloc_ucontext) 870 return; 871 872 uverbs_dev = kzalloc(sizeof *uverbs_dev, GFP_KERNEL); 873 if (!uverbs_dev) 874 return; 875 876 kref_init(&uverbs_dev->ref); 877 init_completion(&uverbs_dev->comp); 878 uverbs_dev->xrcd_tree = RB_ROOT; 879 mutex_init(&uverbs_dev->xrcd_tree_mutex); 880 881 spin_lock(&map_lock); 882 devnum = find_first_zero_bit(dev_map, IB_UVERBS_MAX_DEVICES); 883 if (devnum >= IB_UVERBS_MAX_DEVICES) { 884 spin_unlock(&map_lock); 885 devnum = find_overflow_devnum(); 886 if (devnum < 0) 887 goto err; 888 889 spin_lock(&map_lock); 890 uverbs_dev->devnum = devnum + IB_UVERBS_MAX_DEVICES; 891 base = devnum + overflow_maj; 892 set_bit(devnum, overflow_map); 893 } else { 894 uverbs_dev->devnum = devnum; 895 base = devnum + IB_UVERBS_BASE_DEV; 896 set_bit(devnum, dev_map); 897 } 898 spin_unlock(&map_lock); 899 900 uverbs_dev->ib_dev = device; 901 uverbs_dev->num_comp_vectors = device->num_comp_vectors; 902 903 cdev_init(&uverbs_dev->cdev, NULL); 904 uverbs_dev->cdev.owner = THIS_MODULE; 905 uverbs_dev->cdev.ops = device->mmap ? &uverbs_mmap_fops : &uverbs_fops; 906 kobject_set_name(&uverbs_dev->cdev.kobj, "uverbs%d", uverbs_dev->devnum); 907 if (cdev_add(&uverbs_dev->cdev, base, 1)) 908 goto err_cdev; 909 910 uverbs_dev->dev = device_create(uverbs_class, device->dma_device, 911 uverbs_dev->cdev.dev, uverbs_dev, 912 "uverbs%d", uverbs_dev->devnum); 913 if (IS_ERR(uverbs_dev->dev)) 914 goto err_cdev; 915 916 if (device_create_file(uverbs_dev->dev, &dev_attr_ibdev)) 917 goto err_class; 918 if (device_create_file(uverbs_dev->dev, &dev_attr_abi_version)) 919 goto err_class; 920 921 ib_set_client_data(device, &uverbs_client, uverbs_dev); 922 923 return; 924 925 err_class: 926 device_destroy(uverbs_class, uverbs_dev->cdev.dev); 927 928 err_cdev: 929 cdev_del(&uverbs_dev->cdev); 930 if (uverbs_dev->devnum < IB_UVERBS_MAX_DEVICES) 931 clear_bit(devnum, dev_map); 932 else 933 clear_bit(devnum, overflow_map); 934 935 err: 936 kref_put(&uverbs_dev->ref, ib_uverbs_release_dev); 937 wait_for_completion(&uverbs_dev->comp); 938 kfree(uverbs_dev); 939 return; 940 } 941 942 static void ib_uverbs_remove_one(struct ib_device *device) 943 { 944 struct ib_uverbs_device *uverbs_dev = ib_get_client_data(device, &uverbs_client); 945 946 if (!uverbs_dev) 947 return; 948 949 dev_set_drvdata(uverbs_dev->dev, NULL); 950 device_destroy(uverbs_class, uverbs_dev->cdev.dev); 951 cdev_del(&uverbs_dev->cdev); 952 953 if (uverbs_dev->devnum < IB_UVERBS_MAX_DEVICES) 954 clear_bit(uverbs_dev->devnum, dev_map); 955 else 956 clear_bit(uverbs_dev->devnum - IB_UVERBS_MAX_DEVICES, overflow_map); 957 958 kref_put(&uverbs_dev->ref, ib_uverbs_release_dev); 959 wait_for_completion(&uverbs_dev->comp); 960 kfree(uverbs_dev); 961 } 962 963 static char *uverbs_devnode(struct device *dev, umode_t *mode) 964 { 965 if (mode) 966 *mode = 0666; 967 return kasprintf(GFP_KERNEL, "infiniband/%s", dev_name(dev)); 968 } 969 970 static int __init ib_uverbs_init(void) 971 { 972 int ret; 973 974 ret = register_chrdev_region(IB_UVERBS_BASE_DEV, IB_UVERBS_MAX_DEVICES, 975 "infiniband_verbs"); 976 if (ret) { 977 printk(KERN_ERR "user_verbs: couldn't register device number\n"); 978 goto out; 979 } 980 981 uverbs_class = class_create(THIS_MODULE, "infiniband_verbs"); 982 if (IS_ERR(uverbs_class)) { 983 ret = PTR_ERR(uverbs_class); 984 printk(KERN_ERR "user_verbs: couldn't create class infiniband_verbs\n"); 985 goto out_chrdev; 986 } 987 988 uverbs_class->devnode = uverbs_devnode; 989 990 ret = class_create_file(uverbs_class, &class_attr_abi_version.attr); 991 if (ret) { 992 printk(KERN_ERR "user_verbs: couldn't create abi_version attribute\n"); 993 goto out_class; 994 } 995 996 ret = ib_register_client(&uverbs_client); 997 if (ret) { 998 printk(KERN_ERR "user_verbs: couldn't register client\n"); 999 goto out_class; 1000 } 1001 1002 return 0; 1003 1004 out_class: 1005 class_destroy(uverbs_class); 1006 1007 out_chrdev: 1008 unregister_chrdev_region(IB_UVERBS_BASE_DEV, IB_UVERBS_MAX_DEVICES); 1009 1010 out: 1011 return ret; 1012 } 1013 1014 static void __exit ib_uverbs_cleanup(void) 1015 { 1016 ib_unregister_client(&uverbs_client); 1017 class_destroy(uverbs_class); 1018 unregister_chrdev_region(IB_UVERBS_BASE_DEV, IB_UVERBS_MAX_DEVICES); 1019 if (overflow_maj) 1020 unregister_chrdev_region(overflow_maj, IB_UVERBS_MAX_DEVICES); 1021 idr_destroy(&ib_uverbs_pd_idr); 1022 idr_destroy(&ib_uverbs_mr_idr); 1023 idr_destroy(&ib_uverbs_mw_idr); 1024 idr_destroy(&ib_uverbs_ah_idr); 1025 idr_destroy(&ib_uverbs_cq_idr); 1026 idr_destroy(&ib_uverbs_qp_idr); 1027 idr_destroy(&ib_uverbs_srq_idr); 1028 } 1029 1030 module_init(ib_uverbs_init); 1031 module_exit(ib_uverbs_cleanup); 1032