1 /*
2  * Copyright (c) 2004, 2005, 2006 Voltaire, Inc. All rights reserved.
3  * Copyright (c) 2005, 2006 Cisco Systems.  All rights reserved.
4  *
5  * This software is available to you under a choice of one of two
6  * licenses.  You may choose to be licensed under the terms of the GNU
7  * General Public License (GPL) Version 2, available from the file
8  * COPYING in the main directory of this source tree, or the
9  * OpenIB.org BSD license below:
10  *
11  *     Redistribution and use in source and binary forms, with or
12  *     without modification, are permitted provided that the following
13  *     conditions are met:
14  *
15  *	- Redistributions of source code must retain the above
16  *	  copyright notice, this list of conditions and the following
17  *	  disclaimer.
18  *
19  *	- Redistributions in binary form must reproduce the above
20  *	  copyright notice, this list of conditions and the following
21  *	  disclaimer in the documentation and/or other materials
22  *	  provided with the distribution.
23  *
24  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
25  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
26  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
27  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
28  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
29  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
30  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
31  * SOFTWARE.
32  *
33  * $Id: iser_verbs.c 7051 2006-05-10 12:29:11Z ogerlitz $
34  */
35 #include <linux/kernel.h>
36 #include <linux/module.h>
37 #include <linux/delay.h>
38 #include <linux/version.h>
39 
40 #include "iscsi_iser.h"
41 
42 #define ISCSI_ISER_MAX_CONN	8
43 #define ISER_MAX_CQ_LEN		((ISER_QP_MAX_RECV_DTOS + \
44 				ISER_QP_MAX_REQ_DTOS) *   \
45 				 ISCSI_ISER_MAX_CONN)
46 
47 static void iser_cq_tasklet_fn(unsigned long data);
48 static void iser_cq_callback(struct ib_cq *cq, void *cq_context);
49 
50 static void iser_cq_event_callback(struct ib_event *cause, void *context)
51 {
52 	iser_err("got cq event %d \n", cause->event);
53 }
54 
55 static void iser_qp_event_callback(struct ib_event *cause, void *context)
56 {
57 	iser_err("got qp event %d\n",cause->event);
58 }
59 
60 /**
61  * iser_create_device_ib_res - creates Protection Domain (PD), Completion
62  * Queue (CQ), DMA Memory Region (DMA MR) with the device associated with
63  * the adapator.
64  *
65  * returns 0 on success, -1 on failure
66  */
67 static int iser_create_device_ib_res(struct iser_device *device)
68 {
69 	device->pd = ib_alloc_pd(device->ib_device);
70 	if (IS_ERR(device->pd))
71 		goto pd_err;
72 
73 	device->cq = ib_create_cq(device->ib_device,
74 				  iser_cq_callback,
75 				  iser_cq_event_callback,
76 				  (void *)device,
77 				  ISER_MAX_CQ_LEN, 0);
78 	if (IS_ERR(device->cq))
79 		goto cq_err;
80 
81 	if (ib_req_notify_cq(device->cq, IB_CQ_NEXT_COMP))
82 		goto cq_arm_err;
83 
84 	tasklet_init(&device->cq_tasklet,
85 		     iser_cq_tasklet_fn,
86 		     (unsigned long)device);
87 
88 	device->mr = ib_get_dma_mr(device->pd, IB_ACCESS_LOCAL_WRITE |
89 				   IB_ACCESS_REMOTE_WRITE |
90 				   IB_ACCESS_REMOTE_READ);
91 	if (IS_ERR(device->mr))
92 		goto dma_mr_err;
93 
94 	return 0;
95 
96 dma_mr_err:
97 	tasklet_kill(&device->cq_tasklet);
98 cq_arm_err:
99 	ib_destroy_cq(device->cq);
100 cq_err:
101 	ib_dealloc_pd(device->pd);
102 pd_err:
103 	iser_err("failed to allocate an IB resource\n");
104 	return -1;
105 }
106 
107 /**
108  * iser_free_device_ib_res - destroy/dealloc/dereg the DMA MR,
109  * CQ and PD created with the device associated with the adapator.
110  */
111 static void iser_free_device_ib_res(struct iser_device *device)
112 {
113 	BUG_ON(device->mr == NULL);
114 
115 	tasklet_kill(&device->cq_tasklet);
116 
117 	(void)ib_dereg_mr(device->mr);
118 	(void)ib_destroy_cq(device->cq);
119 	(void)ib_dealloc_pd(device->pd);
120 
121 	device->mr = NULL;
122 	device->cq = NULL;
123 	device->pd = NULL;
124 }
125 
126 /**
127  * iser_create_ib_conn_res - Creates FMR pool and Queue-Pair (QP)
128  *
129  * returns 0 on success, -1 on failure
130  */
131 static int iser_create_ib_conn_res(struct iser_conn *ib_conn)
132 {
133 	struct iser_device	*device;
134 	struct ib_qp_init_attr	init_attr;
135 	int			ret;
136 	struct ib_fmr_pool_param params;
137 
138 	BUG_ON(ib_conn->device == NULL);
139 
140 	device = ib_conn->device;
141 
142 	ib_conn->page_vec = kmalloc(sizeof(struct iser_page_vec) +
143 				    (sizeof(u64) * (ISCSI_ISER_SG_TABLESIZE +1)),
144 				    GFP_KERNEL);
145 	if (!ib_conn->page_vec) {
146 		ret = -ENOMEM;
147 		goto alloc_err;
148 	}
149 	ib_conn->page_vec->pages = (u64 *) (ib_conn->page_vec + 1);
150 
151 	params.page_shift        = SHIFT_4K;
152 	/* when the first/last SG element are not start/end *
153 	 * page aligned, the map whould be of N+1 pages     */
154 	params.max_pages_per_fmr = ISCSI_ISER_SG_TABLESIZE + 1;
155 	/* make the pool size twice the max number of SCSI commands *
156 	 * the ML is expected to queue, watermark for unmap at 50%  */
157 	params.pool_size	 = ISCSI_DEF_XMIT_CMDS_MAX * 2;
158 	params.dirty_watermark	 = ISCSI_DEF_XMIT_CMDS_MAX;
159 	params.cache		 = 0;
160 	params.flush_function	 = NULL;
161 	params.access		 = (IB_ACCESS_LOCAL_WRITE  |
162 				    IB_ACCESS_REMOTE_WRITE |
163 				    IB_ACCESS_REMOTE_READ);
164 
165 	ib_conn->fmr_pool = ib_create_fmr_pool(device->pd, &params);
166 	if (IS_ERR(ib_conn->fmr_pool)) {
167 		ret = PTR_ERR(ib_conn->fmr_pool);
168 		goto fmr_pool_err;
169 	}
170 
171 	memset(&init_attr, 0, sizeof init_attr);
172 
173 	init_attr.event_handler = iser_qp_event_callback;
174 	init_attr.qp_context	= (void *)ib_conn;
175 	init_attr.send_cq	= device->cq;
176 	init_attr.recv_cq	= device->cq;
177 	init_attr.cap.max_send_wr  = ISER_QP_MAX_REQ_DTOS;
178 	init_attr.cap.max_recv_wr  = ISER_QP_MAX_RECV_DTOS;
179 	init_attr.cap.max_send_sge = MAX_REGD_BUF_VECTOR_LEN;
180 	init_attr.cap.max_recv_sge = 2;
181 	init_attr.sq_sig_type	= IB_SIGNAL_REQ_WR;
182 	init_attr.qp_type	= IB_QPT_RC;
183 
184 	ret = rdma_create_qp(ib_conn->cma_id, device->pd, &init_attr);
185 	if (ret)
186 		goto qp_err;
187 
188 	ib_conn->qp = ib_conn->cma_id->qp;
189 	iser_err("setting conn %p cma_id %p: fmr_pool %p qp %p\n",
190 		 ib_conn, ib_conn->cma_id,
191 		 ib_conn->fmr_pool, ib_conn->cma_id->qp);
192 	return ret;
193 
194 qp_err:
195 	(void)ib_destroy_fmr_pool(ib_conn->fmr_pool);
196 fmr_pool_err:
197 	kfree(ib_conn->page_vec);
198 alloc_err:
199 	iser_err("unable to alloc mem or create resource, err %d\n", ret);
200 	return ret;
201 }
202 
203 /**
204  * releases the FMR pool, QP and CMA ID objects, returns 0 on success,
205  * -1 on failure
206  */
207 static int iser_free_ib_conn_res(struct iser_conn *ib_conn)
208 {
209 	BUG_ON(ib_conn == NULL);
210 
211 	iser_err("freeing conn %p cma_id %p fmr pool %p qp %p\n",
212 		 ib_conn, ib_conn->cma_id,
213 		 ib_conn->fmr_pool, ib_conn->qp);
214 
215 	/* qp is created only once both addr & route are resolved */
216 	if (ib_conn->fmr_pool != NULL)
217 		ib_destroy_fmr_pool(ib_conn->fmr_pool);
218 
219 	if (ib_conn->qp != NULL)
220 		rdma_destroy_qp(ib_conn->cma_id);
221 
222 	if (ib_conn->cma_id != NULL)
223 		rdma_destroy_id(ib_conn->cma_id);
224 
225 	ib_conn->fmr_pool = NULL;
226 	ib_conn->qp	  = NULL;
227 	ib_conn->cma_id   = NULL;
228 	kfree(ib_conn->page_vec);
229 
230 	return 0;
231 }
232 
233 /**
234  * based on the resolved device node GUID see if there already allocated
235  * device for this device. If there's no such, create one.
236  */
237 static
238 struct iser_device *iser_device_find_by_ib_device(struct rdma_cm_id *cma_id)
239 {
240 	struct list_head    *p_list;
241 	struct iser_device  *device = NULL;
242 
243 	mutex_lock(&ig.device_list_mutex);
244 
245 	p_list = ig.device_list.next;
246 	while (p_list != &ig.device_list) {
247 		device = list_entry(p_list, struct iser_device, ig_list);
248 		/* find if there's a match using the node GUID */
249 		if (device->ib_device->node_guid == cma_id->device->node_guid)
250 			break;
251 	}
252 
253 	if (device == NULL) {
254 		device = kzalloc(sizeof *device, GFP_KERNEL);
255 		if (device == NULL)
256 			goto out;
257 		/* assign this device to the device */
258 		device->ib_device = cma_id->device;
259 		/* init the device and link it into ig device list */
260 		if (iser_create_device_ib_res(device)) {
261 			kfree(device);
262 			device = NULL;
263 			goto out;
264 		}
265 		list_add(&device->ig_list, &ig.device_list);
266 	}
267 out:
268 	BUG_ON(device == NULL);
269 	device->refcount++;
270 	mutex_unlock(&ig.device_list_mutex);
271 	return device;
272 }
273 
274 /* if there's no demand for this device, release it */
275 static void iser_device_try_release(struct iser_device *device)
276 {
277 	mutex_lock(&ig.device_list_mutex);
278 	device->refcount--;
279 	iser_err("device %p refcount %d\n",device,device->refcount);
280 	if (!device->refcount) {
281 		iser_free_device_ib_res(device);
282 		list_del(&device->ig_list);
283 		kfree(device);
284 	}
285 	mutex_unlock(&ig.device_list_mutex);
286 }
287 
288 int iser_conn_state_comp(struct iser_conn *ib_conn,
289 			enum iser_ib_conn_state comp)
290 {
291 	int ret;
292 
293 	spin_lock_bh(&ib_conn->lock);
294 	ret = (ib_conn->state == comp);
295 	spin_unlock_bh(&ib_conn->lock);
296 	return ret;
297 }
298 
299 static int iser_conn_state_comp_exch(struct iser_conn *ib_conn,
300 				     enum iser_ib_conn_state comp,
301 				     enum iser_ib_conn_state exch)
302 {
303 	int ret;
304 
305 	spin_lock_bh(&ib_conn->lock);
306 	if ((ret = (ib_conn->state == comp)))
307 		ib_conn->state = exch;
308 	spin_unlock_bh(&ib_conn->lock);
309 	return ret;
310 }
311 
312 /**
313  * Frees all conn objects and deallocs conn descriptor
314  */
315 static void iser_conn_release(struct iser_conn *ib_conn)
316 {
317 	struct iser_device  *device = ib_conn->device;
318 
319 	BUG_ON(ib_conn->state != ISER_CONN_DOWN);
320 
321 	mutex_lock(&ig.connlist_mutex);
322 	list_del(&ib_conn->conn_list);
323 	mutex_unlock(&ig.connlist_mutex);
324 
325 	iser_free_ib_conn_res(ib_conn);
326 	ib_conn->device = NULL;
327 	/* on EVENT_ADDR_ERROR there's no device yet for this conn */
328 	if (device != NULL)
329 		iser_device_try_release(device);
330 	if (ib_conn->iser_conn)
331 		ib_conn->iser_conn->ib_conn = NULL;
332 	kfree(ib_conn);
333 }
334 
335 /**
336  * triggers start of the disconnect procedures and wait for them to be done
337  */
338 void iser_conn_terminate(struct iser_conn *ib_conn)
339 {
340 	int err = 0;
341 
342 	/* change the ib conn state only if the conn is UP, however always call
343 	 * rdma_disconnect since this is the only way to cause the CMA to change
344 	 * the QP state to ERROR
345 	 */
346 
347 	iser_conn_state_comp_exch(ib_conn, ISER_CONN_UP, ISER_CONN_TERMINATING);
348 	err = rdma_disconnect(ib_conn->cma_id);
349 	if (err)
350 		iser_err("Failed to disconnect, conn: 0x%p err %d\n",
351 			 ib_conn,err);
352 
353 	wait_event_interruptible(ib_conn->wait,
354 				 ib_conn->state == ISER_CONN_DOWN);
355 
356 	iser_conn_release(ib_conn);
357 }
358 
359 static void iser_connect_error(struct rdma_cm_id *cma_id)
360 {
361 	struct iser_conn *ib_conn;
362 	ib_conn = (struct iser_conn *)cma_id->context;
363 
364 	ib_conn->state = ISER_CONN_DOWN;
365 	wake_up_interruptible(&ib_conn->wait);
366 }
367 
368 static void iser_addr_handler(struct rdma_cm_id *cma_id)
369 {
370 	struct iser_device *device;
371 	struct iser_conn   *ib_conn;
372 	int    ret;
373 
374 	device = iser_device_find_by_ib_device(cma_id);
375 	ib_conn = (struct iser_conn *)cma_id->context;
376 	ib_conn->device = device;
377 
378 	ret = rdma_resolve_route(cma_id, 1000);
379 	if (ret) {
380 		iser_err("resolve route failed: %d\n", ret);
381 		iser_connect_error(cma_id);
382 	}
383 	return;
384 }
385 
386 static void iser_route_handler(struct rdma_cm_id *cma_id)
387 {
388 	struct rdma_conn_param conn_param;
389 	int    ret;
390 
391 	ret = iser_create_ib_conn_res((struct iser_conn *)cma_id->context);
392 	if (ret)
393 		goto failure;
394 
395 	iser_dbg("path.mtu is %d setting it to %d\n",
396 		 cma_id->route.path_rec->mtu, IB_MTU_1024);
397 
398 	/* we must set the MTU to 1024 as this is what the target is assuming */
399 	if (cma_id->route.path_rec->mtu > IB_MTU_1024)
400 		cma_id->route.path_rec->mtu = IB_MTU_1024;
401 
402 	memset(&conn_param, 0, sizeof conn_param);
403 	conn_param.responder_resources = 4;
404 	conn_param.initiator_depth     = 1;
405 	conn_param.retry_count	       = 7;
406 	conn_param.rnr_retry_count     = 6;
407 
408 	ret = rdma_connect(cma_id, &conn_param);
409 	if (ret) {
410 		iser_err("failure connecting: %d\n", ret);
411 		goto failure;
412 	}
413 
414 	return;
415 failure:
416 	iser_connect_error(cma_id);
417 }
418 
419 static void iser_connected_handler(struct rdma_cm_id *cma_id)
420 {
421 	struct iser_conn *ib_conn;
422 
423 	ib_conn = (struct iser_conn *)cma_id->context;
424 	ib_conn->state = ISER_CONN_UP;
425 	wake_up_interruptible(&ib_conn->wait);
426 }
427 
428 static void iser_disconnected_handler(struct rdma_cm_id *cma_id)
429 {
430 	struct iser_conn *ib_conn;
431 
432 	ib_conn = (struct iser_conn *)cma_id->context;
433 	ib_conn->disc_evt_flag = 1;
434 
435 	/* getting here when the state is UP means that the conn is being *
436 	 * terminated asynchronously from the iSCSI layer's perspective.  */
437 	if (iser_conn_state_comp_exch(ib_conn, ISER_CONN_UP,
438 				      ISER_CONN_TERMINATING))
439 		iscsi_conn_failure(ib_conn->iser_conn->iscsi_conn,
440 				   ISCSI_ERR_CONN_FAILED);
441 
442 	/* Complete the termination process if no posts are pending */
443 	if ((atomic_read(&ib_conn->post_recv_buf_count) == 0) &&
444 	    (atomic_read(&ib_conn->post_send_buf_count) == 0)) {
445 		ib_conn->state = ISER_CONN_DOWN;
446 		wake_up_interruptible(&ib_conn->wait);
447 	}
448 }
449 
450 static int iser_cma_handler(struct rdma_cm_id *cma_id, struct rdma_cm_event *event)
451 {
452 	int ret = 0;
453 
454 	iser_err("event %d conn %p id %p\n",event->event,cma_id->context,cma_id);
455 
456 	switch (event->event) {
457 	case RDMA_CM_EVENT_ADDR_RESOLVED:
458 		iser_addr_handler(cma_id);
459 		break;
460 	case RDMA_CM_EVENT_ROUTE_RESOLVED:
461 		iser_route_handler(cma_id);
462 		break;
463 	case RDMA_CM_EVENT_ESTABLISHED:
464 		iser_connected_handler(cma_id);
465 		break;
466 	case RDMA_CM_EVENT_ADDR_ERROR:
467 	case RDMA_CM_EVENT_ROUTE_ERROR:
468 	case RDMA_CM_EVENT_CONNECT_ERROR:
469 	case RDMA_CM_EVENT_UNREACHABLE:
470 	case RDMA_CM_EVENT_REJECTED:
471 		iser_err("event: %d, error: %d\n", event->event, event->status);
472 		iser_connect_error(cma_id);
473 		break;
474 	case RDMA_CM_EVENT_DISCONNECTED:
475 		iser_disconnected_handler(cma_id);
476 		break;
477 	case RDMA_CM_EVENT_DEVICE_REMOVAL:
478 		iser_err("Device removal is currently unsupported\n");
479 		BUG();
480 		break;
481 	default:
482 		iser_err("Unexpected RDMA CM event (%d)\n", event->event);
483 		break;
484 	}
485 	return ret;
486 }
487 
488 int iser_conn_init(struct iser_conn **ibconn)
489 {
490 	struct iser_conn *ib_conn;
491 
492 	ib_conn = kzalloc(sizeof *ib_conn, GFP_KERNEL);
493 	if (!ib_conn) {
494 		iser_err("can't alloc memory for struct iser_conn\n");
495 		return -ENOMEM;
496 	}
497 	ib_conn->state = ISER_CONN_INIT;
498 	init_waitqueue_head(&ib_conn->wait);
499 	atomic_set(&ib_conn->post_recv_buf_count, 0);
500 	atomic_set(&ib_conn->post_send_buf_count, 0);
501 	INIT_LIST_HEAD(&ib_conn->conn_list);
502 	spin_lock_init(&ib_conn->lock);
503 
504 	*ibconn = ib_conn;
505 	return 0;
506 }
507 
508  /**
509  * starts the process of connecting to the target
510  * sleeps untill the connection is established or rejected
511  */
512 int iser_connect(struct iser_conn   *ib_conn,
513 		 struct sockaddr_in *src_addr,
514 		 struct sockaddr_in *dst_addr,
515 		 int                 non_blocking)
516 {
517 	struct sockaddr *src, *dst;
518 	int err = 0;
519 
520 	sprintf(ib_conn->name,"%d.%d.%d.%d:%d",
521 		NIPQUAD(dst_addr->sin_addr.s_addr), dst_addr->sin_port);
522 
523 	/* the device is known only --after-- address resolution */
524 	ib_conn->device = NULL;
525 
526 	iser_err("connecting to: %d.%d.%d.%d, port 0x%x\n",
527 		 NIPQUAD(dst_addr->sin_addr), dst_addr->sin_port);
528 
529 	ib_conn->state = ISER_CONN_PENDING;
530 
531 	ib_conn->cma_id = rdma_create_id(iser_cma_handler,
532 					     (void *)ib_conn,
533 					     RDMA_PS_TCP);
534 	if (IS_ERR(ib_conn->cma_id)) {
535 		err = PTR_ERR(ib_conn->cma_id);
536 		iser_err("rdma_create_id failed: %d\n", err);
537 		goto id_failure;
538 	}
539 
540 	src = (struct sockaddr *)src_addr;
541 	dst = (struct sockaddr *)dst_addr;
542 	err = rdma_resolve_addr(ib_conn->cma_id, src, dst, 1000);
543 	if (err) {
544 		iser_err("rdma_resolve_addr failed: %d\n", err);
545 		goto addr_failure;
546 	}
547 
548 	if (!non_blocking) {
549 		wait_event_interruptible(ib_conn->wait,
550 					 (ib_conn->state != ISER_CONN_PENDING));
551 
552 		if (ib_conn->state != ISER_CONN_UP) {
553 			err =  -EIO;
554 			goto connect_failure;
555 		}
556 	}
557 
558 	mutex_lock(&ig.connlist_mutex);
559 	list_add(&ib_conn->conn_list, &ig.connlist);
560 	mutex_unlock(&ig.connlist_mutex);
561 	return 0;
562 
563 id_failure:
564 	ib_conn->cma_id = NULL;
565 addr_failure:
566 	ib_conn->state = ISER_CONN_DOWN;
567 connect_failure:
568 	iser_conn_release(ib_conn);
569 	return err;
570 }
571 
572 /**
573  * iser_reg_page_vec - Register physical memory
574  *
575  * returns: 0 on success, errno code on failure
576  */
577 int iser_reg_page_vec(struct iser_conn     *ib_conn,
578 		      struct iser_page_vec *page_vec,
579 		      struct iser_mem_reg  *mem_reg)
580 {
581 	struct ib_pool_fmr *mem;
582 	u64		   io_addr;
583 	u64		   *page_list;
584 	int		   status;
585 
586 	page_list = page_vec->pages;
587 	io_addr	  = page_list[0];
588 
589 	mem  = ib_fmr_pool_map_phys(ib_conn->fmr_pool,
590 				    page_list,
591 				    page_vec->length,
592 				    io_addr);
593 
594 	if (IS_ERR(mem)) {
595 		status = (int)PTR_ERR(mem);
596 		iser_err("ib_fmr_pool_map_phys failed: %d\n", status);
597 		return status;
598 	}
599 
600 	mem_reg->lkey  = mem->fmr->lkey;
601 	mem_reg->rkey  = mem->fmr->rkey;
602 	mem_reg->len   = page_vec->length * SIZE_4K;
603 	mem_reg->va    = io_addr;
604 	mem_reg->is_fmr = 1;
605 	mem_reg->mem_h = (void *)mem;
606 
607 	mem_reg->va   += page_vec->offset;
608 	mem_reg->len   = page_vec->data_size;
609 
610 	iser_dbg("PHYSICAL Mem.register, [PHYS p_array: 0x%p, sz: %d, "
611 		 "entry[0]: (0x%08lx,%ld)] -> "
612 		 "[lkey: 0x%08X mem_h: 0x%p va: 0x%08lX sz: %ld]\n",
613 		 page_vec, page_vec->length,
614 		 (unsigned long)page_vec->pages[0],
615 		 (unsigned long)page_vec->data_size,
616 		 (unsigned int)mem_reg->lkey, mem_reg->mem_h,
617 		 (unsigned long)mem_reg->va, (unsigned long)mem_reg->len);
618 	return 0;
619 }
620 
621 /**
622  * Unregister (previosuly registered) memory.
623  */
624 void iser_unreg_mem(struct iser_mem_reg *reg)
625 {
626 	int ret;
627 
628 	iser_dbg("PHYSICAL Mem.Unregister mem_h %p\n",reg->mem_h);
629 
630 	ret = ib_fmr_pool_unmap((struct ib_pool_fmr *)reg->mem_h);
631 	if (ret)
632 		iser_err("ib_fmr_pool_unmap failed %d\n", ret);
633 
634 	reg->mem_h = NULL;
635 }
636 
637 /**
638  * iser_dto_to_iov - builds IOV from a dto descriptor
639  */
640 static void iser_dto_to_iov(struct iser_dto *dto, struct ib_sge *iov, int iov_len)
641 {
642 	int		     i;
643 	struct ib_sge	     *sge;
644 	struct iser_regd_buf *regd_buf;
645 
646 	if (dto->regd_vector_len > iov_len) {
647 		iser_err("iov size %d too small for posting dto of len %d\n",
648 			 iov_len, dto->regd_vector_len);
649 		BUG();
650 	}
651 
652 	for (i = 0; i < dto->regd_vector_len; i++) {
653 		sge	    = &iov[i];
654 		regd_buf  = dto->regd[i];
655 
656 		sge->addr   = regd_buf->reg.va;
657 		sge->length = regd_buf->reg.len;
658 		sge->lkey   = regd_buf->reg.lkey;
659 
660 		if (dto->used_sz[i] > 0)  /* Adjust size */
661 			sge->length = dto->used_sz[i];
662 
663 		/* offset and length should not exceed the regd buf length */
664 		if (sge->length + dto->offset[i] > regd_buf->reg.len) {
665 			iser_err("Used len:%ld + offset:%d, exceed reg.buf.len:"
666 				 "%ld in dto:0x%p [%d], va:0x%08lX\n",
667 				 (unsigned long)sge->length, dto->offset[i],
668 				 (unsigned long)regd_buf->reg.len, dto, i,
669 				 (unsigned long)sge->addr);
670 			BUG();
671 		}
672 
673 		sge->addr += dto->offset[i]; /* Adjust offset */
674 	}
675 }
676 
677 /**
678  * iser_post_recv - Posts a receive buffer.
679  *
680  * returns 0 on success, -1 on failure
681  */
682 int iser_post_recv(struct iser_desc *rx_desc)
683 {
684 	int		  ib_ret, ret_val = 0;
685 	struct ib_recv_wr recv_wr, *recv_wr_failed;
686 	struct ib_sge	  iov[2];
687 	struct iser_conn  *ib_conn;
688 	struct iser_dto   *recv_dto = &rx_desc->dto;
689 
690 	/* Retrieve conn */
691 	ib_conn = recv_dto->ib_conn;
692 
693 	iser_dto_to_iov(recv_dto, iov, 2);
694 
695 	recv_wr.next	= NULL;
696 	recv_wr.sg_list = iov;
697 	recv_wr.num_sge = recv_dto->regd_vector_len;
698 	recv_wr.wr_id	= (unsigned long)rx_desc;
699 
700 	atomic_inc(&ib_conn->post_recv_buf_count);
701 	ib_ret	= ib_post_recv(ib_conn->qp, &recv_wr, &recv_wr_failed);
702 	if (ib_ret) {
703 		iser_err("ib_post_recv failed ret=%d\n", ib_ret);
704 		atomic_dec(&ib_conn->post_recv_buf_count);
705 		ret_val = -1;
706 	}
707 
708 	return ret_val;
709 }
710 
711 /**
712  * iser_start_send - Initiate a Send DTO operation
713  *
714  * returns 0 on success, -1 on failure
715  */
716 int iser_post_send(struct iser_desc *tx_desc)
717 {
718 	int		  ib_ret, ret_val = 0;
719 	struct ib_send_wr send_wr, *send_wr_failed;
720 	struct ib_sge	  iov[MAX_REGD_BUF_VECTOR_LEN];
721 	struct iser_conn  *ib_conn;
722 	struct iser_dto   *dto = &tx_desc->dto;
723 
724 	ib_conn = dto->ib_conn;
725 
726 	iser_dto_to_iov(dto, iov, MAX_REGD_BUF_VECTOR_LEN);
727 
728 	send_wr.next	   = NULL;
729 	send_wr.wr_id	   = (unsigned long)tx_desc;
730 	send_wr.sg_list	   = iov;
731 	send_wr.num_sge	   = dto->regd_vector_len;
732 	send_wr.opcode	   = IB_WR_SEND;
733 	send_wr.send_flags = dto->notify_enable ? IB_SEND_SIGNALED : 0;
734 
735 	atomic_inc(&ib_conn->post_send_buf_count);
736 
737 	ib_ret = ib_post_send(ib_conn->qp, &send_wr, &send_wr_failed);
738 	if (ib_ret) {
739 		iser_err("Failed to start SEND DTO, dto: 0x%p, IOV len: %d\n",
740 			 dto, dto->regd_vector_len);
741 		iser_err("ib_post_send failed, ret:%d\n", ib_ret);
742 		atomic_dec(&ib_conn->post_send_buf_count);
743 		ret_val = -1;
744 	}
745 
746 	return ret_val;
747 }
748 
749 static void iser_handle_comp_error(struct iser_desc *desc)
750 {
751 	struct iser_dto  *dto     = &desc->dto;
752 	struct iser_conn *ib_conn = dto->ib_conn;
753 
754 	iser_dto_buffs_release(dto);
755 
756 	if (desc->type == ISCSI_RX) {
757 		kfree(desc->data);
758 		kmem_cache_free(ig.desc_cache, desc);
759 		atomic_dec(&ib_conn->post_recv_buf_count);
760 	} else { /* type is TX control/command/dataout */
761 		if (desc->type == ISCSI_TX_DATAOUT)
762 			kmem_cache_free(ig.desc_cache, desc);
763 		atomic_dec(&ib_conn->post_send_buf_count);
764 	}
765 
766 	if (atomic_read(&ib_conn->post_recv_buf_count) == 0 &&
767 	    atomic_read(&ib_conn->post_send_buf_count) == 0) {
768 		/* getting here when the state is UP means that the conn is *
769 		 * being terminated asynchronously from the iSCSI layer's   *
770 		 * perspective.                                             */
771 		if (iser_conn_state_comp_exch(ib_conn, ISER_CONN_UP,
772 		    ISER_CONN_TERMINATING))
773 			iscsi_conn_failure(ib_conn->iser_conn->iscsi_conn,
774 					   ISCSI_ERR_CONN_FAILED);
775 
776 		/* complete the termination process if disconnect event was delivered *
777 		 * note there are no more non completed posts to the QP               */
778 		if (ib_conn->disc_evt_flag) {
779 			ib_conn->state = ISER_CONN_DOWN;
780 			wake_up_interruptible(&ib_conn->wait);
781 		}
782 	}
783 }
784 
785 static void iser_cq_tasklet_fn(unsigned long data)
786 {
787 	 struct iser_device  *device = (struct iser_device *)data;
788 	 struct ib_cq	     *cq = device->cq;
789 	 struct ib_wc	     wc;
790 	 struct iser_desc    *desc;
791 	 unsigned long	     xfer_len;
792 
793 	while (ib_poll_cq(cq, 1, &wc) == 1) {
794 		desc	 = (struct iser_desc *) (unsigned long) wc.wr_id;
795 		BUG_ON(desc == NULL);
796 
797 		if (wc.status == IB_WC_SUCCESS) {
798 			if (desc->type == ISCSI_RX) {
799 				xfer_len = (unsigned long)wc.byte_len;
800 				iser_rcv_completion(desc, xfer_len);
801 			} else /* type == ISCSI_TX_CONTROL/SCSI_CMD/DOUT */
802 				iser_snd_completion(desc);
803 		} else {
804 			iser_err("comp w. error op %d status %d\n",desc->type,wc.status);
805 			iser_handle_comp_error(desc);
806 		}
807 	}
808 	/* #warning "it is assumed here that arming CQ only once its empty" *
809 	 * " would not cause interrupts to be missed"                       */
810 	ib_req_notify_cq(cq, IB_CQ_NEXT_COMP);
811 }
812 
813 static void iser_cq_callback(struct ib_cq *cq, void *cq_context)
814 {
815 	struct iser_device  *device = (struct iser_device *)cq_context;
816 
817 	tasklet_schedule(&device->cq_tasklet);
818 }
819