1 /* 2 * Copyright (c) 2005 Topspin Communications. All rights reserved. 3 * Copyright (c) 2005, 2006 Cisco Systems. All rights reserved. 4 * Copyright (c) 2005 Mellanox Technologies. All rights reserved. 5 * Copyright (c) 2005 Voltaire, Inc. All rights reserved. 6 * Copyright (c) 2005 PathScale, Inc. All rights reserved. 7 * 8 * This software is available to you under a choice of one of two 9 * licenses. You may choose to be licensed under the terms of the GNU 10 * General Public License (GPL) Version 2, available from the file 11 * COPYING in the main directory of this source tree, or the 12 * OpenIB.org BSD license below: 13 * 14 * Redistribution and use in source and binary forms, with or 15 * without modification, are permitted provided that the following 16 * conditions are met: 17 * 18 * - Redistributions of source code must retain the above 19 * copyright notice, this list of conditions and the following 20 * disclaimer. 21 * 22 * - Redistributions in binary form must reproduce the above 23 * copyright notice, this list of conditions and the following 24 * disclaimer in the documentation and/or other materials 25 * provided with the distribution. 26 * 27 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 28 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 29 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 30 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 31 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 32 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 33 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 34 * SOFTWARE. 35 */ 36 37 #include <linux/module.h> 38 #include <linux/init.h> 39 #include <linux/device.h> 40 #include <linux/err.h> 41 #include <linux/fs.h> 42 #include <linux/poll.h> 43 #include <linux/sched.h> 44 #include <linux/file.h> 45 #include <linux/cdev.h> 46 #include <linux/anon_inodes.h> 47 #include <linux/slab.h> 48 49 #include <asm/uaccess.h> 50 51 #include "uverbs.h" 52 53 MODULE_AUTHOR("Roland Dreier"); 54 MODULE_DESCRIPTION("InfiniBand userspace verbs access"); 55 MODULE_LICENSE("Dual BSD/GPL"); 56 57 enum { 58 IB_UVERBS_MAJOR = 231, 59 IB_UVERBS_BASE_MINOR = 192, 60 IB_UVERBS_MAX_DEVICES = 32 61 }; 62 63 #define IB_UVERBS_BASE_DEV MKDEV(IB_UVERBS_MAJOR, IB_UVERBS_BASE_MINOR) 64 65 static struct class *uverbs_class; 66 67 DEFINE_SPINLOCK(ib_uverbs_idr_lock); 68 DEFINE_IDR(ib_uverbs_pd_idr); 69 DEFINE_IDR(ib_uverbs_mr_idr); 70 DEFINE_IDR(ib_uverbs_mw_idr); 71 DEFINE_IDR(ib_uverbs_ah_idr); 72 DEFINE_IDR(ib_uverbs_cq_idr); 73 DEFINE_IDR(ib_uverbs_qp_idr); 74 DEFINE_IDR(ib_uverbs_srq_idr); 75 DEFINE_IDR(ib_uverbs_xrcd_idr); 76 DEFINE_IDR(ib_uverbs_rule_idr); 77 78 static DEFINE_SPINLOCK(map_lock); 79 static DECLARE_BITMAP(dev_map, IB_UVERBS_MAX_DEVICES); 80 81 static ssize_t (*uverbs_cmd_table[])(struct ib_uverbs_file *file, 82 const char __user *buf, int in_len, 83 int out_len) = { 84 [IB_USER_VERBS_CMD_GET_CONTEXT] = ib_uverbs_get_context, 85 [IB_USER_VERBS_CMD_QUERY_DEVICE] = ib_uverbs_query_device, 86 [IB_USER_VERBS_CMD_QUERY_PORT] = ib_uverbs_query_port, 87 [IB_USER_VERBS_CMD_ALLOC_PD] = ib_uverbs_alloc_pd, 88 [IB_USER_VERBS_CMD_DEALLOC_PD] = ib_uverbs_dealloc_pd, 89 [IB_USER_VERBS_CMD_REG_MR] = ib_uverbs_reg_mr, 90 [IB_USER_VERBS_CMD_DEREG_MR] = ib_uverbs_dereg_mr, 91 [IB_USER_VERBS_CMD_ALLOC_MW] = ib_uverbs_alloc_mw, 92 [IB_USER_VERBS_CMD_DEALLOC_MW] = ib_uverbs_dealloc_mw, 93 [IB_USER_VERBS_CMD_CREATE_COMP_CHANNEL] = ib_uverbs_create_comp_channel, 94 [IB_USER_VERBS_CMD_CREATE_CQ] = ib_uverbs_create_cq, 95 [IB_USER_VERBS_CMD_RESIZE_CQ] = ib_uverbs_resize_cq, 96 [IB_USER_VERBS_CMD_POLL_CQ] = ib_uverbs_poll_cq, 97 [IB_USER_VERBS_CMD_REQ_NOTIFY_CQ] = ib_uverbs_req_notify_cq, 98 [IB_USER_VERBS_CMD_DESTROY_CQ] = ib_uverbs_destroy_cq, 99 [IB_USER_VERBS_CMD_CREATE_QP] = ib_uverbs_create_qp, 100 [IB_USER_VERBS_CMD_QUERY_QP] = ib_uverbs_query_qp, 101 [IB_USER_VERBS_CMD_MODIFY_QP] = ib_uverbs_modify_qp, 102 [IB_USER_VERBS_CMD_DESTROY_QP] = ib_uverbs_destroy_qp, 103 [IB_USER_VERBS_CMD_POST_SEND] = ib_uverbs_post_send, 104 [IB_USER_VERBS_CMD_POST_RECV] = ib_uverbs_post_recv, 105 [IB_USER_VERBS_CMD_POST_SRQ_RECV] = ib_uverbs_post_srq_recv, 106 [IB_USER_VERBS_CMD_CREATE_AH] = ib_uverbs_create_ah, 107 [IB_USER_VERBS_CMD_DESTROY_AH] = ib_uverbs_destroy_ah, 108 [IB_USER_VERBS_CMD_ATTACH_MCAST] = ib_uverbs_attach_mcast, 109 [IB_USER_VERBS_CMD_DETACH_MCAST] = ib_uverbs_detach_mcast, 110 [IB_USER_VERBS_CMD_CREATE_SRQ] = ib_uverbs_create_srq, 111 [IB_USER_VERBS_CMD_MODIFY_SRQ] = ib_uverbs_modify_srq, 112 [IB_USER_VERBS_CMD_QUERY_SRQ] = ib_uverbs_query_srq, 113 [IB_USER_VERBS_CMD_DESTROY_SRQ] = ib_uverbs_destroy_srq, 114 [IB_USER_VERBS_CMD_OPEN_XRCD] = ib_uverbs_open_xrcd, 115 [IB_USER_VERBS_CMD_CLOSE_XRCD] = ib_uverbs_close_xrcd, 116 [IB_USER_VERBS_CMD_CREATE_XSRQ] = ib_uverbs_create_xsrq, 117 [IB_USER_VERBS_CMD_OPEN_QP] = ib_uverbs_open_qp, 118 }; 119 120 static int (*uverbs_ex_cmd_table[])(struct ib_uverbs_file *file, 121 struct ib_udata *ucore, 122 struct ib_udata *uhw) = { 123 [IB_USER_VERBS_EX_CMD_CREATE_FLOW] = ib_uverbs_ex_create_flow, 124 [IB_USER_VERBS_EX_CMD_DESTROY_FLOW] = ib_uverbs_ex_destroy_flow 125 }; 126 127 static void ib_uverbs_add_one(struct ib_device *device); 128 static void ib_uverbs_remove_one(struct ib_device *device); 129 130 static void ib_uverbs_release_dev(struct kref *ref) 131 { 132 struct ib_uverbs_device *dev = 133 container_of(ref, struct ib_uverbs_device, ref); 134 135 complete(&dev->comp); 136 } 137 138 static void ib_uverbs_release_event_file(struct kref *ref) 139 { 140 struct ib_uverbs_event_file *file = 141 container_of(ref, struct ib_uverbs_event_file, ref); 142 143 kfree(file); 144 } 145 146 void ib_uverbs_release_ucq(struct ib_uverbs_file *file, 147 struct ib_uverbs_event_file *ev_file, 148 struct ib_ucq_object *uobj) 149 { 150 struct ib_uverbs_event *evt, *tmp; 151 152 if (ev_file) { 153 spin_lock_irq(&ev_file->lock); 154 list_for_each_entry_safe(evt, tmp, &uobj->comp_list, obj_list) { 155 list_del(&evt->list); 156 kfree(evt); 157 } 158 spin_unlock_irq(&ev_file->lock); 159 160 kref_put(&ev_file->ref, ib_uverbs_release_event_file); 161 } 162 163 spin_lock_irq(&file->async_file->lock); 164 list_for_each_entry_safe(evt, tmp, &uobj->async_list, obj_list) { 165 list_del(&evt->list); 166 kfree(evt); 167 } 168 spin_unlock_irq(&file->async_file->lock); 169 } 170 171 void ib_uverbs_release_uevent(struct ib_uverbs_file *file, 172 struct ib_uevent_object *uobj) 173 { 174 struct ib_uverbs_event *evt, *tmp; 175 176 spin_lock_irq(&file->async_file->lock); 177 list_for_each_entry_safe(evt, tmp, &uobj->event_list, obj_list) { 178 list_del(&evt->list); 179 kfree(evt); 180 } 181 spin_unlock_irq(&file->async_file->lock); 182 } 183 184 static void ib_uverbs_detach_umcast(struct ib_qp *qp, 185 struct ib_uqp_object *uobj) 186 { 187 struct ib_uverbs_mcast_entry *mcast, *tmp; 188 189 list_for_each_entry_safe(mcast, tmp, &uobj->mcast_list, list) { 190 ib_detach_mcast(qp, &mcast->gid, mcast->lid); 191 list_del(&mcast->list); 192 kfree(mcast); 193 } 194 } 195 196 static int ib_uverbs_cleanup_ucontext(struct ib_uverbs_file *file, 197 struct ib_ucontext *context) 198 { 199 struct ib_uobject *uobj, *tmp; 200 201 if (!context) 202 return 0; 203 204 context->closing = 1; 205 206 list_for_each_entry_safe(uobj, tmp, &context->ah_list, list) { 207 struct ib_ah *ah = uobj->object; 208 209 idr_remove_uobj(&ib_uverbs_ah_idr, uobj); 210 ib_destroy_ah(ah); 211 kfree(uobj); 212 } 213 214 /* Remove MWs before QPs, in order to support type 2A MWs. */ 215 list_for_each_entry_safe(uobj, tmp, &context->mw_list, list) { 216 struct ib_mw *mw = uobj->object; 217 218 idr_remove_uobj(&ib_uverbs_mw_idr, uobj); 219 ib_dealloc_mw(mw); 220 kfree(uobj); 221 } 222 223 list_for_each_entry_safe(uobj, tmp, &context->rule_list, list) { 224 struct ib_flow *flow_id = uobj->object; 225 226 idr_remove_uobj(&ib_uverbs_rule_idr, uobj); 227 ib_destroy_flow(flow_id); 228 kfree(uobj); 229 } 230 231 list_for_each_entry_safe(uobj, tmp, &context->qp_list, list) { 232 struct ib_qp *qp = uobj->object; 233 struct ib_uqp_object *uqp = 234 container_of(uobj, struct ib_uqp_object, uevent.uobject); 235 236 idr_remove_uobj(&ib_uverbs_qp_idr, uobj); 237 if (qp != qp->real_qp) { 238 ib_close_qp(qp); 239 } else { 240 ib_uverbs_detach_umcast(qp, uqp); 241 ib_destroy_qp(qp); 242 } 243 ib_uverbs_release_uevent(file, &uqp->uevent); 244 kfree(uqp); 245 } 246 247 list_for_each_entry_safe(uobj, tmp, &context->cq_list, list) { 248 struct ib_cq *cq = uobj->object; 249 struct ib_uverbs_event_file *ev_file = cq->cq_context; 250 struct ib_ucq_object *ucq = 251 container_of(uobj, struct ib_ucq_object, uobject); 252 253 idr_remove_uobj(&ib_uverbs_cq_idr, uobj); 254 ib_destroy_cq(cq); 255 ib_uverbs_release_ucq(file, ev_file, ucq); 256 kfree(ucq); 257 } 258 259 list_for_each_entry_safe(uobj, tmp, &context->srq_list, list) { 260 struct ib_srq *srq = uobj->object; 261 struct ib_uevent_object *uevent = 262 container_of(uobj, struct ib_uevent_object, uobject); 263 264 idr_remove_uobj(&ib_uverbs_srq_idr, uobj); 265 ib_destroy_srq(srq); 266 ib_uverbs_release_uevent(file, uevent); 267 kfree(uevent); 268 } 269 270 list_for_each_entry_safe(uobj, tmp, &context->mr_list, list) { 271 struct ib_mr *mr = uobj->object; 272 273 idr_remove_uobj(&ib_uverbs_mr_idr, uobj); 274 ib_dereg_mr(mr); 275 kfree(uobj); 276 } 277 278 mutex_lock(&file->device->xrcd_tree_mutex); 279 list_for_each_entry_safe(uobj, tmp, &context->xrcd_list, list) { 280 struct ib_xrcd *xrcd = uobj->object; 281 struct ib_uxrcd_object *uxrcd = 282 container_of(uobj, struct ib_uxrcd_object, uobject); 283 284 idr_remove_uobj(&ib_uverbs_xrcd_idr, uobj); 285 ib_uverbs_dealloc_xrcd(file->device, xrcd); 286 kfree(uxrcd); 287 } 288 mutex_unlock(&file->device->xrcd_tree_mutex); 289 290 list_for_each_entry_safe(uobj, tmp, &context->pd_list, list) { 291 struct ib_pd *pd = uobj->object; 292 293 idr_remove_uobj(&ib_uverbs_pd_idr, uobj); 294 ib_dealloc_pd(pd); 295 kfree(uobj); 296 } 297 298 return context->device->dealloc_ucontext(context); 299 } 300 301 static void ib_uverbs_release_file(struct kref *ref) 302 { 303 struct ib_uverbs_file *file = 304 container_of(ref, struct ib_uverbs_file, ref); 305 306 module_put(file->device->ib_dev->owner); 307 kref_put(&file->device->ref, ib_uverbs_release_dev); 308 309 kfree(file); 310 } 311 312 static ssize_t ib_uverbs_event_read(struct file *filp, char __user *buf, 313 size_t count, loff_t *pos) 314 { 315 struct ib_uverbs_event_file *file = filp->private_data; 316 struct ib_uverbs_event *event; 317 int eventsz; 318 int ret = 0; 319 320 spin_lock_irq(&file->lock); 321 322 while (list_empty(&file->event_list)) { 323 spin_unlock_irq(&file->lock); 324 325 if (filp->f_flags & O_NONBLOCK) 326 return -EAGAIN; 327 328 if (wait_event_interruptible(file->poll_wait, 329 !list_empty(&file->event_list))) 330 return -ERESTARTSYS; 331 332 spin_lock_irq(&file->lock); 333 } 334 335 event = list_entry(file->event_list.next, struct ib_uverbs_event, list); 336 337 if (file->is_async) 338 eventsz = sizeof (struct ib_uverbs_async_event_desc); 339 else 340 eventsz = sizeof (struct ib_uverbs_comp_event_desc); 341 342 if (eventsz > count) { 343 ret = -EINVAL; 344 event = NULL; 345 } else { 346 list_del(file->event_list.next); 347 if (event->counter) { 348 ++(*event->counter); 349 list_del(&event->obj_list); 350 } 351 } 352 353 spin_unlock_irq(&file->lock); 354 355 if (event) { 356 if (copy_to_user(buf, event, eventsz)) 357 ret = -EFAULT; 358 else 359 ret = eventsz; 360 } 361 362 kfree(event); 363 364 return ret; 365 } 366 367 static unsigned int ib_uverbs_event_poll(struct file *filp, 368 struct poll_table_struct *wait) 369 { 370 unsigned int pollflags = 0; 371 struct ib_uverbs_event_file *file = filp->private_data; 372 373 poll_wait(filp, &file->poll_wait, wait); 374 375 spin_lock_irq(&file->lock); 376 if (!list_empty(&file->event_list)) 377 pollflags = POLLIN | POLLRDNORM; 378 spin_unlock_irq(&file->lock); 379 380 return pollflags; 381 } 382 383 static int ib_uverbs_event_fasync(int fd, struct file *filp, int on) 384 { 385 struct ib_uverbs_event_file *file = filp->private_data; 386 387 return fasync_helper(fd, filp, on, &file->async_queue); 388 } 389 390 static int ib_uverbs_event_close(struct inode *inode, struct file *filp) 391 { 392 struct ib_uverbs_event_file *file = filp->private_data; 393 struct ib_uverbs_event *entry, *tmp; 394 395 spin_lock_irq(&file->lock); 396 file->is_closed = 1; 397 list_for_each_entry_safe(entry, tmp, &file->event_list, list) { 398 if (entry->counter) 399 list_del(&entry->obj_list); 400 kfree(entry); 401 } 402 spin_unlock_irq(&file->lock); 403 404 if (file->is_async) { 405 ib_unregister_event_handler(&file->uverbs_file->event_handler); 406 kref_put(&file->uverbs_file->ref, ib_uverbs_release_file); 407 } 408 kref_put(&file->ref, ib_uverbs_release_event_file); 409 410 return 0; 411 } 412 413 static const struct file_operations uverbs_event_fops = { 414 .owner = THIS_MODULE, 415 .read = ib_uverbs_event_read, 416 .poll = ib_uverbs_event_poll, 417 .release = ib_uverbs_event_close, 418 .fasync = ib_uverbs_event_fasync, 419 .llseek = no_llseek, 420 }; 421 422 void ib_uverbs_comp_handler(struct ib_cq *cq, void *cq_context) 423 { 424 struct ib_uverbs_event_file *file = cq_context; 425 struct ib_ucq_object *uobj; 426 struct ib_uverbs_event *entry; 427 unsigned long flags; 428 429 if (!file) 430 return; 431 432 spin_lock_irqsave(&file->lock, flags); 433 if (file->is_closed) { 434 spin_unlock_irqrestore(&file->lock, flags); 435 return; 436 } 437 438 entry = kmalloc(sizeof *entry, GFP_ATOMIC); 439 if (!entry) { 440 spin_unlock_irqrestore(&file->lock, flags); 441 return; 442 } 443 444 uobj = container_of(cq->uobject, struct ib_ucq_object, uobject); 445 446 entry->desc.comp.cq_handle = cq->uobject->user_handle; 447 entry->counter = &uobj->comp_events_reported; 448 449 list_add_tail(&entry->list, &file->event_list); 450 list_add_tail(&entry->obj_list, &uobj->comp_list); 451 spin_unlock_irqrestore(&file->lock, flags); 452 453 wake_up_interruptible(&file->poll_wait); 454 kill_fasync(&file->async_queue, SIGIO, POLL_IN); 455 } 456 457 static void ib_uverbs_async_handler(struct ib_uverbs_file *file, 458 __u64 element, __u64 event, 459 struct list_head *obj_list, 460 u32 *counter) 461 { 462 struct ib_uverbs_event *entry; 463 unsigned long flags; 464 465 spin_lock_irqsave(&file->async_file->lock, flags); 466 if (file->async_file->is_closed) { 467 spin_unlock_irqrestore(&file->async_file->lock, flags); 468 return; 469 } 470 471 entry = kmalloc(sizeof *entry, GFP_ATOMIC); 472 if (!entry) { 473 spin_unlock_irqrestore(&file->async_file->lock, flags); 474 return; 475 } 476 477 entry->desc.async.element = element; 478 entry->desc.async.event_type = event; 479 entry->counter = counter; 480 481 list_add_tail(&entry->list, &file->async_file->event_list); 482 if (obj_list) 483 list_add_tail(&entry->obj_list, obj_list); 484 spin_unlock_irqrestore(&file->async_file->lock, flags); 485 486 wake_up_interruptible(&file->async_file->poll_wait); 487 kill_fasync(&file->async_file->async_queue, SIGIO, POLL_IN); 488 } 489 490 void ib_uverbs_cq_event_handler(struct ib_event *event, void *context_ptr) 491 { 492 struct ib_ucq_object *uobj = container_of(event->element.cq->uobject, 493 struct ib_ucq_object, uobject); 494 495 ib_uverbs_async_handler(uobj->uverbs_file, uobj->uobject.user_handle, 496 event->event, &uobj->async_list, 497 &uobj->async_events_reported); 498 } 499 500 void ib_uverbs_qp_event_handler(struct ib_event *event, void *context_ptr) 501 { 502 struct ib_uevent_object *uobj; 503 504 uobj = container_of(event->element.qp->uobject, 505 struct ib_uevent_object, uobject); 506 507 ib_uverbs_async_handler(context_ptr, uobj->uobject.user_handle, 508 event->event, &uobj->event_list, 509 &uobj->events_reported); 510 } 511 512 void ib_uverbs_srq_event_handler(struct ib_event *event, void *context_ptr) 513 { 514 struct ib_uevent_object *uobj; 515 516 uobj = container_of(event->element.srq->uobject, 517 struct ib_uevent_object, uobject); 518 519 ib_uverbs_async_handler(context_ptr, uobj->uobject.user_handle, 520 event->event, &uobj->event_list, 521 &uobj->events_reported); 522 } 523 524 void ib_uverbs_event_handler(struct ib_event_handler *handler, 525 struct ib_event *event) 526 { 527 struct ib_uverbs_file *file = 528 container_of(handler, struct ib_uverbs_file, event_handler); 529 530 ib_uverbs_async_handler(file, event->element.port_num, event->event, 531 NULL, NULL); 532 } 533 534 struct file *ib_uverbs_alloc_event_file(struct ib_uverbs_file *uverbs_file, 535 int is_async) 536 { 537 struct ib_uverbs_event_file *ev_file; 538 struct file *filp; 539 540 ev_file = kmalloc(sizeof *ev_file, GFP_KERNEL); 541 if (!ev_file) 542 return ERR_PTR(-ENOMEM); 543 544 kref_init(&ev_file->ref); 545 spin_lock_init(&ev_file->lock); 546 INIT_LIST_HEAD(&ev_file->event_list); 547 init_waitqueue_head(&ev_file->poll_wait); 548 ev_file->uverbs_file = uverbs_file; 549 ev_file->async_queue = NULL; 550 ev_file->is_async = is_async; 551 ev_file->is_closed = 0; 552 553 filp = anon_inode_getfile("[infinibandevent]", &uverbs_event_fops, 554 ev_file, O_RDONLY); 555 if (IS_ERR(filp)) 556 kfree(ev_file); 557 558 return filp; 559 } 560 561 /* 562 * Look up a completion event file by FD. If lookup is successful, 563 * takes a ref to the event file struct that it returns; if 564 * unsuccessful, returns NULL. 565 */ 566 struct ib_uverbs_event_file *ib_uverbs_lookup_comp_file(int fd) 567 { 568 struct ib_uverbs_event_file *ev_file = NULL; 569 struct fd f = fdget(fd); 570 571 if (!f.file) 572 return NULL; 573 574 if (f.file->f_op != &uverbs_event_fops) 575 goto out; 576 577 ev_file = f.file->private_data; 578 if (ev_file->is_async) { 579 ev_file = NULL; 580 goto out; 581 } 582 583 kref_get(&ev_file->ref); 584 585 out: 586 fdput(f); 587 return ev_file; 588 } 589 590 static ssize_t ib_uverbs_write(struct file *filp, const char __user *buf, 591 size_t count, loff_t *pos) 592 { 593 struct ib_uverbs_file *file = filp->private_data; 594 struct ib_uverbs_cmd_hdr hdr; 595 __u32 flags; 596 597 if (count < sizeof hdr) 598 return -EINVAL; 599 600 if (copy_from_user(&hdr, buf, sizeof hdr)) 601 return -EFAULT; 602 603 flags = (hdr.command & 604 IB_USER_VERBS_CMD_FLAGS_MASK) >> IB_USER_VERBS_CMD_FLAGS_SHIFT; 605 606 if (!flags) { 607 __u32 command; 608 609 if (hdr.command & ~(__u32)(IB_USER_VERBS_CMD_FLAGS_MASK | 610 IB_USER_VERBS_CMD_COMMAND_MASK)) 611 return -EINVAL; 612 613 command = hdr.command & IB_USER_VERBS_CMD_COMMAND_MASK; 614 615 if (command >= ARRAY_SIZE(uverbs_cmd_table) || 616 !uverbs_cmd_table[command]) 617 return -EINVAL; 618 619 if (!file->ucontext && 620 command != IB_USER_VERBS_CMD_GET_CONTEXT) 621 return -EINVAL; 622 623 if (!(file->device->ib_dev->uverbs_cmd_mask & (1ull << command))) 624 return -ENOSYS; 625 626 if (hdr.in_words * 4 != count) 627 return -EINVAL; 628 629 return uverbs_cmd_table[command](file, 630 buf + sizeof(hdr), 631 hdr.in_words * 4, 632 hdr.out_words * 4); 633 634 } else if (flags == IB_USER_VERBS_CMD_FLAG_EXTENDED) { 635 __u32 command; 636 637 struct ib_uverbs_ex_cmd_hdr ex_hdr; 638 struct ib_udata ucore; 639 struct ib_udata uhw; 640 int err; 641 size_t written_count = count; 642 643 if (hdr.command & ~(__u32)(IB_USER_VERBS_CMD_FLAGS_MASK | 644 IB_USER_VERBS_CMD_COMMAND_MASK)) 645 return -EINVAL; 646 647 command = hdr.command & IB_USER_VERBS_CMD_COMMAND_MASK; 648 649 if (command >= ARRAY_SIZE(uverbs_ex_cmd_table) || 650 !uverbs_ex_cmd_table[command]) 651 return -ENOSYS; 652 653 if (!file->ucontext) 654 return -EINVAL; 655 656 if (!(file->device->ib_dev->uverbs_ex_cmd_mask & (1ull << command))) 657 return -ENOSYS; 658 659 if (count < (sizeof(hdr) + sizeof(ex_hdr))) 660 return -EINVAL; 661 662 if (copy_from_user(&ex_hdr, buf + sizeof(hdr), sizeof(ex_hdr))) 663 return -EFAULT; 664 665 count -= sizeof(hdr) + sizeof(ex_hdr); 666 buf += sizeof(hdr) + sizeof(ex_hdr); 667 668 if ((hdr.in_words + ex_hdr.provider_in_words) * 8 != count) 669 return -EINVAL; 670 671 if (ex_hdr.cmd_hdr_reserved) 672 return -EINVAL; 673 674 if (ex_hdr.response) { 675 if (!hdr.out_words && !ex_hdr.provider_out_words) 676 return -EINVAL; 677 678 if (!access_ok(VERIFY_WRITE, 679 (void __user *) (unsigned long) ex_hdr.response, 680 (hdr.out_words + ex_hdr.provider_out_words) * 8)) 681 return -EFAULT; 682 } else { 683 if (hdr.out_words || ex_hdr.provider_out_words) 684 return -EINVAL; 685 } 686 687 INIT_UDATA_BUF_OR_NULL(&ucore, buf, (unsigned long) ex_hdr.response, 688 hdr.in_words * 8, hdr.out_words * 8); 689 690 INIT_UDATA_BUF_OR_NULL(&uhw, 691 buf + ucore.inlen, 692 (unsigned long) ex_hdr.response + ucore.outlen, 693 ex_hdr.provider_in_words * 8, 694 ex_hdr.provider_out_words * 8); 695 696 err = uverbs_ex_cmd_table[command](file, 697 &ucore, 698 &uhw); 699 700 if (err) 701 return err; 702 703 return written_count; 704 } 705 706 return -ENOSYS; 707 } 708 709 static int ib_uverbs_mmap(struct file *filp, struct vm_area_struct *vma) 710 { 711 struct ib_uverbs_file *file = filp->private_data; 712 713 if (!file->ucontext) 714 return -ENODEV; 715 else 716 return file->device->ib_dev->mmap(file->ucontext, vma); 717 } 718 719 /* 720 * ib_uverbs_open() does not need the BKL: 721 * 722 * - the ib_uverbs_device structures are properly reference counted and 723 * everything else is purely local to the file being created, so 724 * races against other open calls are not a problem; 725 * - there is no ioctl method to race against; 726 * - the open method will either immediately run -ENXIO, or all 727 * required initialization will be done. 728 */ 729 static int ib_uverbs_open(struct inode *inode, struct file *filp) 730 { 731 struct ib_uverbs_device *dev; 732 struct ib_uverbs_file *file; 733 int ret; 734 735 dev = container_of(inode->i_cdev, struct ib_uverbs_device, cdev); 736 if (dev) 737 kref_get(&dev->ref); 738 else 739 return -ENXIO; 740 741 if (!try_module_get(dev->ib_dev->owner)) { 742 ret = -ENODEV; 743 goto err; 744 } 745 746 file = kmalloc(sizeof *file, GFP_KERNEL); 747 if (!file) { 748 ret = -ENOMEM; 749 goto err_module; 750 } 751 752 file->device = dev; 753 file->ucontext = NULL; 754 file->async_file = NULL; 755 kref_init(&file->ref); 756 mutex_init(&file->mutex); 757 758 filp->private_data = file; 759 760 return nonseekable_open(inode, filp); 761 762 err_module: 763 module_put(dev->ib_dev->owner); 764 765 err: 766 kref_put(&dev->ref, ib_uverbs_release_dev); 767 return ret; 768 } 769 770 static int ib_uverbs_close(struct inode *inode, struct file *filp) 771 { 772 struct ib_uverbs_file *file = filp->private_data; 773 774 ib_uverbs_cleanup_ucontext(file, file->ucontext); 775 776 if (file->async_file) 777 kref_put(&file->async_file->ref, ib_uverbs_release_event_file); 778 779 kref_put(&file->ref, ib_uverbs_release_file); 780 781 return 0; 782 } 783 784 static const struct file_operations uverbs_fops = { 785 .owner = THIS_MODULE, 786 .write = ib_uverbs_write, 787 .open = ib_uverbs_open, 788 .release = ib_uverbs_close, 789 .llseek = no_llseek, 790 }; 791 792 static const struct file_operations uverbs_mmap_fops = { 793 .owner = THIS_MODULE, 794 .write = ib_uverbs_write, 795 .mmap = ib_uverbs_mmap, 796 .open = ib_uverbs_open, 797 .release = ib_uverbs_close, 798 .llseek = no_llseek, 799 }; 800 801 static struct ib_client uverbs_client = { 802 .name = "uverbs", 803 .add = ib_uverbs_add_one, 804 .remove = ib_uverbs_remove_one 805 }; 806 807 static ssize_t show_ibdev(struct device *device, struct device_attribute *attr, 808 char *buf) 809 { 810 struct ib_uverbs_device *dev = dev_get_drvdata(device); 811 812 if (!dev) 813 return -ENODEV; 814 815 return sprintf(buf, "%s\n", dev->ib_dev->name); 816 } 817 static DEVICE_ATTR(ibdev, S_IRUGO, show_ibdev, NULL); 818 819 static ssize_t show_dev_abi_version(struct device *device, 820 struct device_attribute *attr, char *buf) 821 { 822 struct ib_uverbs_device *dev = dev_get_drvdata(device); 823 824 if (!dev) 825 return -ENODEV; 826 827 return sprintf(buf, "%d\n", dev->ib_dev->uverbs_abi_ver); 828 } 829 static DEVICE_ATTR(abi_version, S_IRUGO, show_dev_abi_version, NULL); 830 831 static CLASS_ATTR_STRING(abi_version, S_IRUGO, 832 __stringify(IB_USER_VERBS_ABI_VERSION)); 833 834 static dev_t overflow_maj; 835 static DECLARE_BITMAP(overflow_map, IB_UVERBS_MAX_DEVICES); 836 837 /* 838 * If we have more than IB_UVERBS_MAX_DEVICES, dynamically overflow by 839 * requesting a new major number and doubling the number of max devices we 840 * support. It's stupid, but simple. 841 */ 842 static int find_overflow_devnum(void) 843 { 844 int ret; 845 846 if (!overflow_maj) { 847 ret = alloc_chrdev_region(&overflow_maj, 0, IB_UVERBS_MAX_DEVICES, 848 "infiniband_verbs"); 849 if (ret) { 850 printk(KERN_ERR "user_verbs: couldn't register dynamic device number\n"); 851 return ret; 852 } 853 } 854 855 ret = find_first_zero_bit(overflow_map, IB_UVERBS_MAX_DEVICES); 856 if (ret >= IB_UVERBS_MAX_DEVICES) 857 return -1; 858 859 return ret; 860 } 861 862 static void ib_uverbs_add_one(struct ib_device *device) 863 { 864 int devnum; 865 dev_t base; 866 struct ib_uverbs_device *uverbs_dev; 867 868 if (!device->alloc_ucontext) 869 return; 870 871 uverbs_dev = kzalloc(sizeof *uverbs_dev, GFP_KERNEL); 872 if (!uverbs_dev) 873 return; 874 875 kref_init(&uverbs_dev->ref); 876 init_completion(&uverbs_dev->comp); 877 uverbs_dev->xrcd_tree = RB_ROOT; 878 mutex_init(&uverbs_dev->xrcd_tree_mutex); 879 880 spin_lock(&map_lock); 881 devnum = find_first_zero_bit(dev_map, IB_UVERBS_MAX_DEVICES); 882 if (devnum >= IB_UVERBS_MAX_DEVICES) { 883 spin_unlock(&map_lock); 884 devnum = find_overflow_devnum(); 885 if (devnum < 0) 886 goto err; 887 888 spin_lock(&map_lock); 889 uverbs_dev->devnum = devnum + IB_UVERBS_MAX_DEVICES; 890 base = devnum + overflow_maj; 891 set_bit(devnum, overflow_map); 892 } else { 893 uverbs_dev->devnum = devnum; 894 base = devnum + IB_UVERBS_BASE_DEV; 895 set_bit(devnum, dev_map); 896 } 897 spin_unlock(&map_lock); 898 899 uverbs_dev->ib_dev = device; 900 uverbs_dev->num_comp_vectors = device->num_comp_vectors; 901 902 cdev_init(&uverbs_dev->cdev, NULL); 903 uverbs_dev->cdev.owner = THIS_MODULE; 904 uverbs_dev->cdev.ops = device->mmap ? &uverbs_mmap_fops : &uverbs_fops; 905 kobject_set_name(&uverbs_dev->cdev.kobj, "uverbs%d", uverbs_dev->devnum); 906 if (cdev_add(&uverbs_dev->cdev, base, 1)) 907 goto err_cdev; 908 909 uverbs_dev->dev = device_create(uverbs_class, device->dma_device, 910 uverbs_dev->cdev.dev, uverbs_dev, 911 "uverbs%d", uverbs_dev->devnum); 912 if (IS_ERR(uverbs_dev->dev)) 913 goto err_cdev; 914 915 if (device_create_file(uverbs_dev->dev, &dev_attr_ibdev)) 916 goto err_class; 917 if (device_create_file(uverbs_dev->dev, &dev_attr_abi_version)) 918 goto err_class; 919 920 ib_set_client_data(device, &uverbs_client, uverbs_dev); 921 922 return; 923 924 err_class: 925 device_destroy(uverbs_class, uverbs_dev->cdev.dev); 926 927 err_cdev: 928 cdev_del(&uverbs_dev->cdev); 929 if (uverbs_dev->devnum < IB_UVERBS_MAX_DEVICES) 930 clear_bit(devnum, dev_map); 931 else 932 clear_bit(devnum, overflow_map); 933 934 err: 935 kref_put(&uverbs_dev->ref, ib_uverbs_release_dev); 936 wait_for_completion(&uverbs_dev->comp); 937 kfree(uverbs_dev); 938 return; 939 } 940 941 static void ib_uverbs_remove_one(struct ib_device *device) 942 { 943 struct ib_uverbs_device *uverbs_dev = ib_get_client_data(device, &uverbs_client); 944 945 if (!uverbs_dev) 946 return; 947 948 dev_set_drvdata(uverbs_dev->dev, NULL); 949 device_destroy(uverbs_class, uverbs_dev->cdev.dev); 950 cdev_del(&uverbs_dev->cdev); 951 952 if (uverbs_dev->devnum < IB_UVERBS_MAX_DEVICES) 953 clear_bit(uverbs_dev->devnum, dev_map); 954 else 955 clear_bit(uverbs_dev->devnum - IB_UVERBS_MAX_DEVICES, overflow_map); 956 957 kref_put(&uverbs_dev->ref, ib_uverbs_release_dev); 958 wait_for_completion(&uverbs_dev->comp); 959 kfree(uverbs_dev); 960 } 961 962 static char *uverbs_devnode(struct device *dev, umode_t *mode) 963 { 964 if (mode) 965 *mode = 0666; 966 return kasprintf(GFP_KERNEL, "infiniband/%s", dev_name(dev)); 967 } 968 969 static int __init ib_uverbs_init(void) 970 { 971 int ret; 972 973 ret = register_chrdev_region(IB_UVERBS_BASE_DEV, IB_UVERBS_MAX_DEVICES, 974 "infiniband_verbs"); 975 if (ret) { 976 printk(KERN_ERR "user_verbs: couldn't register device number\n"); 977 goto out; 978 } 979 980 uverbs_class = class_create(THIS_MODULE, "infiniband_verbs"); 981 if (IS_ERR(uverbs_class)) { 982 ret = PTR_ERR(uverbs_class); 983 printk(KERN_ERR "user_verbs: couldn't create class infiniband_verbs\n"); 984 goto out_chrdev; 985 } 986 987 uverbs_class->devnode = uverbs_devnode; 988 989 ret = class_create_file(uverbs_class, &class_attr_abi_version.attr); 990 if (ret) { 991 printk(KERN_ERR "user_verbs: couldn't create abi_version attribute\n"); 992 goto out_class; 993 } 994 995 ret = ib_register_client(&uverbs_client); 996 if (ret) { 997 printk(KERN_ERR "user_verbs: couldn't register client\n"); 998 goto out_class; 999 } 1000 1001 return 0; 1002 1003 out_class: 1004 class_destroy(uverbs_class); 1005 1006 out_chrdev: 1007 unregister_chrdev_region(IB_UVERBS_BASE_DEV, IB_UVERBS_MAX_DEVICES); 1008 1009 out: 1010 return ret; 1011 } 1012 1013 static void __exit ib_uverbs_cleanup(void) 1014 { 1015 ib_unregister_client(&uverbs_client); 1016 class_destroy(uverbs_class); 1017 unregister_chrdev_region(IB_UVERBS_BASE_DEV, IB_UVERBS_MAX_DEVICES); 1018 if (overflow_maj) 1019 unregister_chrdev_region(overflow_maj, IB_UVERBS_MAX_DEVICES); 1020 idr_destroy(&ib_uverbs_pd_idr); 1021 idr_destroy(&ib_uverbs_mr_idr); 1022 idr_destroy(&ib_uverbs_mw_idr); 1023 idr_destroy(&ib_uverbs_ah_idr); 1024 idr_destroy(&ib_uverbs_cq_idr); 1025 idr_destroy(&ib_uverbs_qp_idr); 1026 idr_destroy(&ib_uverbs_srq_idr); 1027 } 1028 1029 module_init(ib_uverbs_init); 1030 module_exit(ib_uverbs_cleanup); 1031