1 /* 2 * Copyright (c) 2006 - 2009 Mellanox Technology Inc. All rights reserved. 3 * Copyright (C) 2008 - 2011 Bart Van Assche <bvanassche@acm.org>. 4 * 5 * This software is available to you under a choice of one of two 6 * licenses. You may choose to be licensed under the terms of the GNU 7 * General Public License (GPL) Version 2, available from the file 8 * COPYING in the main directory of this source tree, or the 9 * OpenIB.org BSD license below: 10 * 11 * Redistribution and use in source and binary forms, with or 12 * without modification, are permitted provided that the following 13 * conditions are met: 14 * 15 * - Redistributions of source code must retain the above 16 * copyright notice, this list of conditions and the following 17 * disclaimer. 18 * 19 * - Redistributions in binary form must reproduce the above 20 * copyright notice, this list of conditions and the following 21 * disclaimer in the documentation and/or other materials 22 * provided with the distribution. 23 * 24 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 25 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 26 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 27 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 28 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 29 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 30 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 31 * SOFTWARE. 32 * 33 */ 34 35 #include <linux/module.h> 36 #include <linux/init.h> 37 #include <linux/slab.h> 38 #include <linux/err.h> 39 #include <linux/ctype.h> 40 #include <linux/kthread.h> 41 #include <linux/string.h> 42 #include <linux/delay.h> 43 #include <linux/atomic.h> 44 #include <linux/inet.h> 45 #include <rdma/ib_cache.h> 46 #include <scsi/scsi_proto.h> 47 #include <scsi/scsi_tcq.h> 48 #include <target/target_core_base.h> 49 #include <target/target_core_fabric.h> 50 #include "ib_srpt.h" 51 52 /* Name of this kernel module. */ 53 #define DRV_NAME "ib_srpt" 54 55 #define SRPT_ID_STRING "Linux SRP target" 56 57 #undef pr_fmt 58 #define pr_fmt(fmt) DRV_NAME " " fmt 59 60 MODULE_AUTHOR("Vu Pham and Bart Van Assche"); 61 MODULE_DESCRIPTION("SCSI RDMA Protocol target driver"); 62 MODULE_LICENSE("Dual BSD/GPL"); 63 64 /* 65 * Global Variables 66 */ 67 68 static u64 srpt_service_guid; 69 static DEFINE_SPINLOCK(srpt_dev_lock); /* Protects srpt_dev_list. */ 70 static LIST_HEAD(srpt_dev_list); /* List of srpt_device structures. */ 71 72 static unsigned srp_max_req_size = DEFAULT_MAX_REQ_SIZE; 73 module_param(srp_max_req_size, int, 0444); 74 MODULE_PARM_DESC(srp_max_req_size, 75 "Maximum size of SRP request messages in bytes."); 76 77 static int srpt_srq_size = DEFAULT_SRPT_SRQ_SIZE; 78 module_param(srpt_srq_size, int, 0444); 79 MODULE_PARM_DESC(srpt_srq_size, 80 "Shared receive queue (SRQ) size."); 81 82 static int srpt_get_u64_x(char *buffer, const struct kernel_param *kp) 83 { 84 return sprintf(buffer, "0x%016llx", *(u64 *)kp->arg); 85 } 86 module_param_call(srpt_service_guid, NULL, srpt_get_u64_x, &srpt_service_guid, 87 0444); 88 MODULE_PARM_DESC(srpt_service_guid, 89 "Using this value for ioc_guid, id_ext, and cm_listen_id instead of using the node_guid of the first HCA."); 90 91 static struct ib_client srpt_client; 92 /* Protects both rdma_cm_port and rdma_cm_id. */ 93 static DEFINE_MUTEX(rdma_cm_mutex); 94 /* Port number RDMA/CM will bind to. */ 95 static u16 rdma_cm_port; 96 static struct rdma_cm_id *rdma_cm_id; 97 static void srpt_release_cmd(struct se_cmd *se_cmd); 98 static void srpt_free_ch(struct kref *kref); 99 static int srpt_queue_status(struct se_cmd *cmd); 100 static void srpt_recv_done(struct ib_cq *cq, struct ib_wc *wc); 101 static void srpt_send_done(struct ib_cq *cq, struct ib_wc *wc); 102 static void srpt_process_wait_list(struct srpt_rdma_ch *ch); 103 104 /* 105 * The only allowed channel state changes are those that change the channel 106 * state into a state with a higher numerical value. Hence the new > prev test. 107 */ 108 static bool srpt_set_ch_state(struct srpt_rdma_ch *ch, enum rdma_ch_state new) 109 { 110 unsigned long flags; 111 enum rdma_ch_state prev; 112 bool changed = false; 113 114 spin_lock_irqsave(&ch->spinlock, flags); 115 prev = ch->state; 116 if (new > prev) { 117 ch->state = new; 118 changed = true; 119 } 120 spin_unlock_irqrestore(&ch->spinlock, flags); 121 122 return changed; 123 } 124 125 /** 126 * srpt_event_handler - asynchronous IB event callback function 127 * @handler: IB event handler registered by ib_register_event_handler(). 128 * @event: Description of the event that occurred. 129 * 130 * Callback function called by the InfiniBand core when an asynchronous IB 131 * event occurs. This callback may occur in interrupt context. See also 132 * section 11.5.2, Set Asynchronous Event Handler in the InfiniBand 133 * Architecture Specification. 134 */ 135 static void srpt_event_handler(struct ib_event_handler *handler, 136 struct ib_event *event) 137 { 138 struct srpt_device *sdev; 139 struct srpt_port *sport; 140 u8 port_num; 141 142 sdev = ib_get_client_data(event->device, &srpt_client); 143 if (!sdev || sdev->device != event->device) 144 return; 145 146 pr_debug("ASYNC event= %d on device= %s\n", event->event, 147 dev_name(&sdev->device->dev)); 148 149 switch (event->event) { 150 case IB_EVENT_PORT_ERR: 151 port_num = event->element.port_num - 1; 152 if (port_num < sdev->device->phys_port_cnt) { 153 sport = &sdev->port[port_num]; 154 sport->lid = 0; 155 sport->sm_lid = 0; 156 } else { 157 WARN(true, "event %d: port_num %d out of range 1..%d\n", 158 event->event, port_num + 1, 159 sdev->device->phys_port_cnt); 160 } 161 break; 162 case IB_EVENT_PORT_ACTIVE: 163 case IB_EVENT_LID_CHANGE: 164 case IB_EVENT_PKEY_CHANGE: 165 case IB_EVENT_SM_CHANGE: 166 case IB_EVENT_CLIENT_REREGISTER: 167 case IB_EVENT_GID_CHANGE: 168 /* Refresh port data asynchronously. */ 169 port_num = event->element.port_num - 1; 170 if (port_num < sdev->device->phys_port_cnt) { 171 sport = &sdev->port[port_num]; 172 if (!sport->lid && !sport->sm_lid) 173 schedule_work(&sport->work); 174 } else { 175 WARN(true, "event %d: port_num %d out of range 1..%d\n", 176 event->event, port_num + 1, 177 sdev->device->phys_port_cnt); 178 } 179 break; 180 default: 181 pr_err("received unrecognized IB event %d\n", event->event); 182 break; 183 } 184 } 185 186 /** 187 * srpt_srq_event - SRQ event callback function 188 * @event: Description of the event that occurred. 189 * @ctx: Context pointer specified at SRQ creation time. 190 */ 191 static void srpt_srq_event(struct ib_event *event, void *ctx) 192 { 193 pr_debug("SRQ event %d\n", event->event); 194 } 195 196 static const char *get_ch_state_name(enum rdma_ch_state s) 197 { 198 switch (s) { 199 case CH_CONNECTING: 200 return "connecting"; 201 case CH_LIVE: 202 return "live"; 203 case CH_DISCONNECTING: 204 return "disconnecting"; 205 case CH_DRAINING: 206 return "draining"; 207 case CH_DISCONNECTED: 208 return "disconnected"; 209 } 210 return "???"; 211 } 212 213 /** 214 * srpt_qp_event - QP event callback function 215 * @event: Description of the event that occurred. 216 * @ch: SRPT RDMA channel. 217 */ 218 static void srpt_qp_event(struct ib_event *event, struct srpt_rdma_ch *ch) 219 { 220 pr_debug("QP event %d on ch=%p sess_name=%s state=%d\n", 221 event->event, ch, ch->sess_name, ch->state); 222 223 switch (event->event) { 224 case IB_EVENT_COMM_EST: 225 if (ch->using_rdma_cm) 226 rdma_notify(ch->rdma_cm.cm_id, event->event); 227 else 228 ib_cm_notify(ch->ib_cm.cm_id, event->event); 229 break; 230 case IB_EVENT_QP_LAST_WQE_REACHED: 231 pr_debug("%s-%d, state %s: received Last WQE event.\n", 232 ch->sess_name, ch->qp->qp_num, 233 get_ch_state_name(ch->state)); 234 break; 235 default: 236 pr_err("received unrecognized IB QP event %d\n", event->event); 237 break; 238 } 239 } 240 241 /** 242 * srpt_set_ioc - initialize a IOUnitInfo structure 243 * @c_list: controller list. 244 * @slot: one-based slot number. 245 * @value: four-bit value. 246 * 247 * Copies the lowest four bits of value in element slot of the array of four 248 * bit elements called c_list (controller list). The index slot is one-based. 249 */ 250 static void srpt_set_ioc(u8 *c_list, u32 slot, u8 value) 251 { 252 u16 id; 253 u8 tmp; 254 255 id = (slot - 1) / 2; 256 if (slot & 0x1) { 257 tmp = c_list[id] & 0xf; 258 c_list[id] = (value << 4) | tmp; 259 } else { 260 tmp = c_list[id] & 0xf0; 261 c_list[id] = (value & 0xf) | tmp; 262 } 263 } 264 265 /** 266 * srpt_get_class_port_info - copy ClassPortInfo to a management datagram 267 * @mad: Datagram that will be sent as response to DM_ATTR_CLASS_PORT_INFO. 268 * 269 * See also section 16.3.3.1 ClassPortInfo in the InfiniBand Architecture 270 * Specification. 271 */ 272 static void srpt_get_class_port_info(struct ib_dm_mad *mad) 273 { 274 struct ib_class_port_info *cif; 275 276 cif = (struct ib_class_port_info *)mad->data; 277 memset(cif, 0, sizeof(*cif)); 278 cif->base_version = 1; 279 cif->class_version = 1; 280 281 ib_set_cpi_resp_time(cif, 20); 282 mad->mad_hdr.status = 0; 283 } 284 285 /** 286 * srpt_get_iou - write IOUnitInfo to a management datagram 287 * @mad: Datagram that will be sent as response to DM_ATTR_IOU_INFO. 288 * 289 * See also section 16.3.3.3 IOUnitInfo in the InfiniBand Architecture 290 * Specification. See also section B.7, table B.6 in the SRP r16a document. 291 */ 292 static void srpt_get_iou(struct ib_dm_mad *mad) 293 { 294 struct ib_dm_iou_info *ioui; 295 u8 slot; 296 int i; 297 298 ioui = (struct ib_dm_iou_info *)mad->data; 299 ioui->change_id = cpu_to_be16(1); 300 ioui->max_controllers = 16; 301 302 /* set present for slot 1 and empty for the rest */ 303 srpt_set_ioc(ioui->controller_list, 1, 1); 304 for (i = 1, slot = 2; i < 16; i++, slot++) 305 srpt_set_ioc(ioui->controller_list, slot, 0); 306 307 mad->mad_hdr.status = 0; 308 } 309 310 /** 311 * srpt_get_ioc - write IOControllerprofile to a management datagram 312 * @sport: HCA port through which the MAD has been received. 313 * @slot: Slot number specified in DM_ATTR_IOC_PROFILE query. 314 * @mad: Datagram that will be sent as response to DM_ATTR_IOC_PROFILE. 315 * 316 * See also section 16.3.3.4 IOControllerProfile in the InfiniBand 317 * Architecture Specification. See also section B.7, table B.7 in the SRP 318 * r16a document. 319 */ 320 static void srpt_get_ioc(struct srpt_port *sport, u32 slot, 321 struct ib_dm_mad *mad) 322 { 323 struct srpt_device *sdev = sport->sdev; 324 struct ib_dm_ioc_profile *iocp; 325 int send_queue_depth; 326 327 iocp = (struct ib_dm_ioc_profile *)mad->data; 328 329 if (!slot || slot > 16) { 330 mad->mad_hdr.status 331 = cpu_to_be16(DM_MAD_STATUS_INVALID_FIELD); 332 return; 333 } 334 335 if (slot > 2) { 336 mad->mad_hdr.status 337 = cpu_to_be16(DM_MAD_STATUS_NO_IOC); 338 return; 339 } 340 341 if (sdev->use_srq) 342 send_queue_depth = sdev->srq_size; 343 else 344 send_queue_depth = min(MAX_SRPT_RQ_SIZE, 345 sdev->device->attrs.max_qp_wr); 346 347 memset(iocp, 0, sizeof(*iocp)); 348 strcpy(iocp->id_string, SRPT_ID_STRING); 349 iocp->guid = cpu_to_be64(srpt_service_guid); 350 iocp->vendor_id = cpu_to_be32(sdev->device->attrs.vendor_id); 351 iocp->device_id = cpu_to_be32(sdev->device->attrs.vendor_part_id); 352 iocp->device_version = cpu_to_be16(sdev->device->attrs.hw_ver); 353 iocp->subsys_vendor_id = cpu_to_be32(sdev->device->attrs.vendor_id); 354 iocp->subsys_device_id = 0x0; 355 iocp->io_class = cpu_to_be16(SRP_REV16A_IB_IO_CLASS); 356 iocp->io_subclass = cpu_to_be16(SRP_IO_SUBCLASS); 357 iocp->protocol = cpu_to_be16(SRP_PROTOCOL); 358 iocp->protocol_version = cpu_to_be16(SRP_PROTOCOL_VERSION); 359 iocp->send_queue_depth = cpu_to_be16(send_queue_depth); 360 iocp->rdma_read_depth = 4; 361 iocp->send_size = cpu_to_be32(srp_max_req_size); 362 iocp->rdma_size = cpu_to_be32(min(sport->port_attrib.srp_max_rdma_size, 363 1U << 24)); 364 iocp->num_svc_entries = 1; 365 iocp->op_cap_mask = SRP_SEND_TO_IOC | SRP_SEND_FROM_IOC | 366 SRP_RDMA_READ_FROM_IOC | SRP_RDMA_WRITE_FROM_IOC; 367 368 mad->mad_hdr.status = 0; 369 } 370 371 /** 372 * srpt_get_svc_entries - write ServiceEntries to a management datagram 373 * @ioc_guid: I/O controller GUID to use in reply. 374 * @slot: I/O controller number. 375 * @hi: End of the range of service entries to be specified in the reply. 376 * @lo: Start of the range of service entries to be specified in the reply.. 377 * @mad: Datagram that will be sent as response to DM_ATTR_SVC_ENTRIES. 378 * 379 * See also section 16.3.3.5 ServiceEntries in the InfiniBand Architecture 380 * Specification. See also section B.7, table B.8 in the SRP r16a document. 381 */ 382 static void srpt_get_svc_entries(u64 ioc_guid, 383 u16 slot, u8 hi, u8 lo, struct ib_dm_mad *mad) 384 { 385 struct ib_dm_svc_entries *svc_entries; 386 387 WARN_ON(!ioc_guid); 388 389 if (!slot || slot > 16) { 390 mad->mad_hdr.status 391 = cpu_to_be16(DM_MAD_STATUS_INVALID_FIELD); 392 return; 393 } 394 395 if (slot > 2 || lo > hi || hi > 1) { 396 mad->mad_hdr.status 397 = cpu_to_be16(DM_MAD_STATUS_NO_IOC); 398 return; 399 } 400 401 svc_entries = (struct ib_dm_svc_entries *)mad->data; 402 memset(svc_entries, 0, sizeof(*svc_entries)); 403 svc_entries->service_entries[0].id = cpu_to_be64(ioc_guid); 404 snprintf(svc_entries->service_entries[0].name, 405 sizeof(svc_entries->service_entries[0].name), 406 "%s%016llx", 407 SRP_SERVICE_NAME_PREFIX, 408 ioc_guid); 409 410 mad->mad_hdr.status = 0; 411 } 412 413 /** 414 * srpt_mgmt_method_get - process a received management datagram 415 * @sp: HCA port through which the MAD has been received. 416 * @rq_mad: received MAD. 417 * @rsp_mad: response MAD. 418 */ 419 static void srpt_mgmt_method_get(struct srpt_port *sp, struct ib_mad *rq_mad, 420 struct ib_dm_mad *rsp_mad) 421 { 422 u16 attr_id; 423 u32 slot; 424 u8 hi, lo; 425 426 attr_id = be16_to_cpu(rq_mad->mad_hdr.attr_id); 427 switch (attr_id) { 428 case DM_ATTR_CLASS_PORT_INFO: 429 srpt_get_class_port_info(rsp_mad); 430 break; 431 case DM_ATTR_IOU_INFO: 432 srpt_get_iou(rsp_mad); 433 break; 434 case DM_ATTR_IOC_PROFILE: 435 slot = be32_to_cpu(rq_mad->mad_hdr.attr_mod); 436 srpt_get_ioc(sp, slot, rsp_mad); 437 break; 438 case DM_ATTR_SVC_ENTRIES: 439 slot = be32_to_cpu(rq_mad->mad_hdr.attr_mod); 440 hi = (u8) ((slot >> 8) & 0xff); 441 lo = (u8) (slot & 0xff); 442 slot = (u16) ((slot >> 16) & 0xffff); 443 srpt_get_svc_entries(srpt_service_guid, 444 slot, hi, lo, rsp_mad); 445 break; 446 default: 447 rsp_mad->mad_hdr.status = 448 cpu_to_be16(DM_MAD_STATUS_UNSUP_METHOD_ATTR); 449 break; 450 } 451 } 452 453 /** 454 * srpt_mad_send_handler - MAD send completion callback 455 * @mad_agent: Return value of ib_register_mad_agent(). 456 * @mad_wc: Work completion reporting that the MAD has been sent. 457 */ 458 static void srpt_mad_send_handler(struct ib_mad_agent *mad_agent, 459 struct ib_mad_send_wc *mad_wc) 460 { 461 rdma_destroy_ah(mad_wc->send_buf->ah, RDMA_DESTROY_AH_SLEEPABLE); 462 ib_free_send_mad(mad_wc->send_buf); 463 } 464 465 /** 466 * srpt_mad_recv_handler - MAD reception callback function 467 * @mad_agent: Return value of ib_register_mad_agent(). 468 * @send_buf: Not used. 469 * @mad_wc: Work completion reporting that a MAD has been received. 470 */ 471 static void srpt_mad_recv_handler(struct ib_mad_agent *mad_agent, 472 struct ib_mad_send_buf *send_buf, 473 struct ib_mad_recv_wc *mad_wc) 474 { 475 struct srpt_port *sport = (struct srpt_port *)mad_agent->context; 476 struct ib_ah *ah; 477 struct ib_mad_send_buf *rsp; 478 struct ib_dm_mad *dm_mad; 479 480 if (!mad_wc || !mad_wc->recv_buf.mad) 481 return; 482 483 ah = ib_create_ah_from_wc(mad_agent->qp->pd, mad_wc->wc, 484 mad_wc->recv_buf.grh, mad_agent->port_num); 485 if (IS_ERR(ah)) 486 goto err; 487 488 BUILD_BUG_ON(offsetof(struct ib_dm_mad, data) != IB_MGMT_DEVICE_HDR); 489 490 rsp = ib_create_send_mad(mad_agent, mad_wc->wc->src_qp, 491 mad_wc->wc->pkey_index, 0, 492 IB_MGMT_DEVICE_HDR, IB_MGMT_DEVICE_DATA, 493 GFP_KERNEL, 494 IB_MGMT_BASE_VERSION); 495 if (IS_ERR(rsp)) 496 goto err_rsp; 497 498 rsp->ah = ah; 499 500 dm_mad = rsp->mad; 501 memcpy(dm_mad, mad_wc->recv_buf.mad, sizeof(*dm_mad)); 502 dm_mad->mad_hdr.method = IB_MGMT_METHOD_GET_RESP; 503 dm_mad->mad_hdr.status = 0; 504 505 switch (mad_wc->recv_buf.mad->mad_hdr.method) { 506 case IB_MGMT_METHOD_GET: 507 srpt_mgmt_method_get(sport, mad_wc->recv_buf.mad, dm_mad); 508 break; 509 case IB_MGMT_METHOD_SET: 510 dm_mad->mad_hdr.status = 511 cpu_to_be16(DM_MAD_STATUS_UNSUP_METHOD_ATTR); 512 break; 513 default: 514 dm_mad->mad_hdr.status = 515 cpu_to_be16(DM_MAD_STATUS_UNSUP_METHOD); 516 break; 517 } 518 519 if (!ib_post_send_mad(rsp, NULL)) { 520 ib_free_recv_mad(mad_wc); 521 /* will destroy_ah & free_send_mad in send completion */ 522 return; 523 } 524 525 ib_free_send_mad(rsp); 526 527 err_rsp: 528 rdma_destroy_ah(ah, RDMA_DESTROY_AH_SLEEPABLE); 529 err: 530 ib_free_recv_mad(mad_wc); 531 } 532 533 static int srpt_format_guid(char *buf, unsigned int size, const __be64 *guid) 534 { 535 const __be16 *g = (const __be16 *)guid; 536 537 return snprintf(buf, size, "%04x:%04x:%04x:%04x", 538 be16_to_cpu(g[0]), be16_to_cpu(g[1]), 539 be16_to_cpu(g[2]), be16_to_cpu(g[3])); 540 } 541 542 /** 543 * srpt_refresh_port - configure a HCA port 544 * @sport: SRPT HCA port. 545 * 546 * Enable InfiniBand management datagram processing, update the cached sm_lid, 547 * lid and gid values, and register a callback function for processing MADs 548 * on the specified port. 549 * 550 * Note: It is safe to call this function more than once for the same port. 551 */ 552 static int srpt_refresh_port(struct srpt_port *sport) 553 { 554 struct ib_mad_reg_req reg_req; 555 struct ib_port_modify port_modify; 556 struct ib_port_attr port_attr; 557 int ret; 558 559 memset(&port_modify, 0, sizeof(port_modify)); 560 port_modify.set_port_cap_mask = IB_PORT_DEVICE_MGMT_SUP; 561 port_modify.clr_port_cap_mask = 0; 562 563 ret = ib_modify_port(sport->sdev->device, sport->port, 0, &port_modify); 564 if (ret) 565 goto err_mod_port; 566 567 ret = ib_query_port(sport->sdev->device, sport->port, &port_attr); 568 if (ret) 569 goto err_query_port; 570 571 sport->sm_lid = port_attr.sm_lid; 572 sport->lid = port_attr.lid; 573 574 ret = rdma_query_gid(sport->sdev->device, sport->port, 0, &sport->gid); 575 if (ret) 576 goto err_query_port; 577 578 sport->port_guid_wwn.priv = sport; 579 srpt_format_guid(sport->port_guid, sizeof(sport->port_guid), 580 &sport->gid.global.interface_id); 581 sport->port_gid_wwn.priv = sport; 582 snprintf(sport->port_gid, sizeof(sport->port_gid), 583 "0x%016llx%016llx", 584 be64_to_cpu(sport->gid.global.subnet_prefix), 585 be64_to_cpu(sport->gid.global.interface_id)); 586 587 if (!sport->mad_agent) { 588 memset(®_req, 0, sizeof(reg_req)); 589 reg_req.mgmt_class = IB_MGMT_CLASS_DEVICE_MGMT; 590 reg_req.mgmt_class_version = IB_MGMT_BASE_VERSION; 591 set_bit(IB_MGMT_METHOD_GET, reg_req.method_mask); 592 set_bit(IB_MGMT_METHOD_SET, reg_req.method_mask); 593 594 sport->mad_agent = ib_register_mad_agent(sport->sdev->device, 595 sport->port, 596 IB_QPT_GSI, 597 ®_req, 0, 598 srpt_mad_send_handler, 599 srpt_mad_recv_handler, 600 sport, 0); 601 if (IS_ERR(sport->mad_agent)) { 602 ret = PTR_ERR(sport->mad_agent); 603 sport->mad_agent = NULL; 604 goto err_query_port; 605 } 606 } 607 608 return 0; 609 610 err_query_port: 611 612 port_modify.set_port_cap_mask = 0; 613 port_modify.clr_port_cap_mask = IB_PORT_DEVICE_MGMT_SUP; 614 ib_modify_port(sport->sdev->device, sport->port, 0, &port_modify); 615 616 err_mod_port: 617 618 return ret; 619 } 620 621 /** 622 * srpt_unregister_mad_agent - unregister MAD callback functions 623 * @sdev: SRPT HCA pointer. 624 * 625 * Note: It is safe to call this function more than once for the same device. 626 */ 627 static void srpt_unregister_mad_agent(struct srpt_device *sdev) 628 { 629 struct ib_port_modify port_modify = { 630 .clr_port_cap_mask = IB_PORT_DEVICE_MGMT_SUP, 631 }; 632 struct srpt_port *sport; 633 int i; 634 635 for (i = 1; i <= sdev->device->phys_port_cnt; i++) { 636 sport = &sdev->port[i - 1]; 637 WARN_ON(sport->port != i); 638 if (ib_modify_port(sdev->device, i, 0, &port_modify) < 0) 639 pr_err("disabling MAD processing failed.\n"); 640 if (sport->mad_agent) { 641 ib_unregister_mad_agent(sport->mad_agent); 642 sport->mad_agent = NULL; 643 } 644 } 645 } 646 647 /** 648 * srpt_alloc_ioctx - allocate a SRPT I/O context structure 649 * @sdev: SRPT HCA pointer. 650 * @ioctx_size: I/O context size. 651 * @buf_cache: I/O buffer cache. 652 * @dir: DMA data direction. 653 */ 654 static struct srpt_ioctx *srpt_alloc_ioctx(struct srpt_device *sdev, 655 int ioctx_size, 656 struct kmem_cache *buf_cache, 657 enum dma_data_direction dir) 658 { 659 struct srpt_ioctx *ioctx; 660 661 ioctx = kzalloc(ioctx_size, GFP_KERNEL); 662 if (!ioctx) 663 goto err; 664 665 ioctx->buf = kmem_cache_alloc(buf_cache, GFP_KERNEL); 666 if (!ioctx->buf) 667 goto err_free_ioctx; 668 669 ioctx->dma = ib_dma_map_single(sdev->device, ioctx->buf, 670 kmem_cache_size(buf_cache), dir); 671 if (ib_dma_mapping_error(sdev->device, ioctx->dma)) 672 goto err_free_buf; 673 674 return ioctx; 675 676 err_free_buf: 677 kmem_cache_free(buf_cache, ioctx->buf); 678 err_free_ioctx: 679 kfree(ioctx); 680 err: 681 return NULL; 682 } 683 684 /** 685 * srpt_free_ioctx - free a SRPT I/O context structure 686 * @sdev: SRPT HCA pointer. 687 * @ioctx: I/O context pointer. 688 * @buf_cache: I/O buffer cache. 689 * @dir: DMA data direction. 690 */ 691 static void srpt_free_ioctx(struct srpt_device *sdev, struct srpt_ioctx *ioctx, 692 struct kmem_cache *buf_cache, 693 enum dma_data_direction dir) 694 { 695 if (!ioctx) 696 return; 697 698 ib_dma_unmap_single(sdev->device, ioctx->dma, 699 kmem_cache_size(buf_cache), dir); 700 kmem_cache_free(buf_cache, ioctx->buf); 701 kfree(ioctx); 702 } 703 704 /** 705 * srpt_alloc_ioctx_ring - allocate a ring of SRPT I/O context structures 706 * @sdev: Device to allocate the I/O context ring for. 707 * @ring_size: Number of elements in the I/O context ring. 708 * @ioctx_size: I/O context size. 709 * @buf_cache: I/O buffer cache. 710 * @alignment_offset: Offset in each ring buffer at which the SRP information 711 * unit starts. 712 * @dir: DMA data direction. 713 */ 714 static struct srpt_ioctx **srpt_alloc_ioctx_ring(struct srpt_device *sdev, 715 int ring_size, int ioctx_size, 716 struct kmem_cache *buf_cache, 717 int alignment_offset, 718 enum dma_data_direction dir) 719 { 720 struct srpt_ioctx **ring; 721 int i; 722 723 WARN_ON(ioctx_size != sizeof(struct srpt_recv_ioctx) && 724 ioctx_size != sizeof(struct srpt_send_ioctx)); 725 726 ring = kvmalloc_array(ring_size, sizeof(ring[0]), GFP_KERNEL); 727 if (!ring) 728 goto out; 729 for (i = 0; i < ring_size; ++i) { 730 ring[i] = srpt_alloc_ioctx(sdev, ioctx_size, buf_cache, dir); 731 if (!ring[i]) 732 goto err; 733 ring[i]->index = i; 734 ring[i]->offset = alignment_offset; 735 } 736 goto out; 737 738 err: 739 while (--i >= 0) 740 srpt_free_ioctx(sdev, ring[i], buf_cache, dir); 741 kvfree(ring); 742 ring = NULL; 743 out: 744 return ring; 745 } 746 747 /** 748 * srpt_free_ioctx_ring - free the ring of SRPT I/O context structures 749 * @ioctx_ring: I/O context ring to be freed. 750 * @sdev: SRPT HCA pointer. 751 * @ring_size: Number of ring elements. 752 * @buf_cache: I/O buffer cache. 753 * @dir: DMA data direction. 754 */ 755 static void srpt_free_ioctx_ring(struct srpt_ioctx **ioctx_ring, 756 struct srpt_device *sdev, int ring_size, 757 struct kmem_cache *buf_cache, 758 enum dma_data_direction dir) 759 { 760 int i; 761 762 if (!ioctx_ring) 763 return; 764 765 for (i = 0; i < ring_size; ++i) 766 srpt_free_ioctx(sdev, ioctx_ring[i], buf_cache, dir); 767 kvfree(ioctx_ring); 768 } 769 770 /** 771 * srpt_set_cmd_state - set the state of a SCSI command 772 * @ioctx: Send I/O context. 773 * @new: New I/O context state. 774 * 775 * Does not modify the state of aborted commands. Returns the previous command 776 * state. 777 */ 778 static enum srpt_command_state srpt_set_cmd_state(struct srpt_send_ioctx *ioctx, 779 enum srpt_command_state new) 780 { 781 enum srpt_command_state previous; 782 783 previous = ioctx->state; 784 if (previous != SRPT_STATE_DONE) 785 ioctx->state = new; 786 787 return previous; 788 } 789 790 /** 791 * srpt_test_and_set_cmd_state - test and set the state of a command 792 * @ioctx: Send I/O context. 793 * @old: Current I/O context state. 794 * @new: New I/O context state. 795 * 796 * Returns true if and only if the previous command state was equal to 'old'. 797 */ 798 static bool srpt_test_and_set_cmd_state(struct srpt_send_ioctx *ioctx, 799 enum srpt_command_state old, 800 enum srpt_command_state new) 801 { 802 enum srpt_command_state previous; 803 804 WARN_ON(!ioctx); 805 WARN_ON(old == SRPT_STATE_DONE); 806 WARN_ON(new == SRPT_STATE_NEW); 807 808 previous = ioctx->state; 809 if (previous == old) 810 ioctx->state = new; 811 812 return previous == old; 813 } 814 815 /** 816 * srpt_post_recv - post an IB receive request 817 * @sdev: SRPT HCA pointer. 818 * @ch: SRPT RDMA channel. 819 * @ioctx: Receive I/O context pointer. 820 */ 821 static int srpt_post_recv(struct srpt_device *sdev, struct srpt_rdma_ch *ch, 822 struct srpt_recv_ioctx *ioctx) 823 { 824 struct ib_sge list; 825 struct ib_recv_wr wr; 826 827 BUG_ON(!sdev); 828 list.addr = ioctx->ioctx.dma + ioctx->ioctx.offset; 829 list.length = srp_max_req_size; 830 list.lkey = sdev->lkey; 831 832 ioctx->ioctx.cqe.done = srpt_recv_done; 833 wr.wr_cqe = &ioctx->ioctx.cqe; 834 wr.next = NULL; 835 wr.sg_list = &list; 836 wr.num_sge = 1; 837 838 if (sdev->use_srq) 839 return ib_post_srq_recv(sdev->srq, &wr, NULL); 840 else 841 return ib_post_recv(ch->qp, &wr, NULL); 842 } 843 844 /** 845 * srpt_zerolength_write - perform a zero-length RDMA write 846 * @ch: SRPT RDMA channel. 847 * 848 * A quote from the InfiniBand specification: C9-88: For an HCA responder 849 * using Reliable Connection service, for each zero-length RDMA READ or WRITE 850 * request, the R_Key shall not be validated, even if the request includes 851 * Immediate data. 852 */ 853 static int srpt_zerolength_write(struct srpt_rdma_ch *ch) 854 { 855 struct ib_rdma_wr wr = { 856 .wr = { 857 .next = NULL, 858 { .wr_cqe = &ch->zw_cqe, }, 859 .opcode = IB_WR_RDMA_WRITE, 860 .send_flags = IB_SEND_SIGNALED, 861 } 862 }; 863 864 pr_debug("%s-%d: queued zerolength write\n", ch->sess_name, 865 ch->qp->qp_num); 866 867 return ib_post_send(ch->qp, &wr.wr, NULL); 868 } 869 870 static void srpt_zerolength_write_done(struct ib_cq *cq, struct ib_wc *wc) 871 { 872 struct srpt_rdma_ch *ch = cq->cq_context; 873 874 pr_debug("%s-%d wc->status %d\n", ch->sess_name, ch->qp->qp_num, 875 wc->status); 876 877 if (wc->status == IB_WC_SUCCESS) { 878 srpt_process_wait_list(ch); 879 } else { 880 if (srpt_set_ch_state(ch, CH_DISCONNECTED)) 881 schedule_work(&ch->release_work); 882 else 883 pr_debug("%s-%d: already disconnected.\n", 884 ch->sess_name, ch->qp->qp_num); 885 } 886 } 887 888 static int srpt_alloc_rw_ctxs(struct srpt_send_ioctx *ioctx, 889 struct srp_direct_buf *db, int nbufs, struct scatterlist **sg, 890 unsigned *sg_cnt) 891 { 892 enum dma_data_direction dir = target_reverse_dma_direction(&ioctx->cmd); 893 struct srpt_rdma_ch *ch = ioctx->ch; 894 struct scatterlist *prev = NULL; 895 unsigned prev_nents; 896 int ret, i; 897 898 if (nbufs == 1) { 899 ioctx->rw_ctxs = &ioctx->s_rw_ctx; 900 } else { 901 ioctx->rw_ctxs = kmalloc_array(nbufs, sizeof(*ioctx->rw_ctxs), 902 GFP_KERNEL); 903 if (!ioctx->rw_ctxs) 904 return -ENOMEM; 905 } 906 907 for (i = ioctx->n_rw_ctx; i < nbufs; i++, db++) { 908 struct srpt_rw_ctx *ctx = &ioctx->rw_ctxs[i]; 909 u64 remote_addr = be64_to_cpu(db->va); 910 u32 size = be32_to_cpu(db->len); 911 u32 rkey = be32_to_cpu(db->key); 912 913 ret = target_alloc_sgl(&ctx->sg, &ctx->nents, size, false, 914 i < nbufs - 1); 915 if (ret) 916 goto unwind; 917 918 ret = rdma_rw_ctx_init(&ctx->rw, ch->qp, ch->sport->port, 919 ctx->sg, ctx->nents, 0, remote_addr, rkey, dir); 920 if (ret < 0) { 921 target_free_sgl(ctx->sg, ctx->nents); 922 goto unwind; 923 } 924 925 ioctx->n_rdma += ret; 926 ioctx->n_rw_ctx++; 927 928 if (prev) { 929 sg_unmark_end(&prev[prev_nents - 1]); 930 sg_chain(prev, prev_nents + 1, ctx->sg); 931 } else { 932 *sg = ctx->sg; 933 } 934 935 prev = ctx->sg; 936 prev_nents = ctx->nents; 937 938 *sg_cnt += ctx->nents; 939 } 940 941 return 0; 942 943 unwind: 944 while (--i >= 0) { 945 struct srpt_rw_ctx *ctx = &ioctx->rw_ctxs[i]; 946 947 rdma_rw_ctx_destroy(&ctx->rw, ch->qp, ch->sport->port, 948 ctx->sg, ctx->nents, dir); 949 target_free_sgl(ctx->sg, ctx->nents); 950 } 951 if (ioctx->rw_ctxs != &ioctx->s_rw_ctx) 952 kfree(ioctx->rw_ctxs); 953 return ret; 954 } 955 956 static void srpt_free_rw_ctxs(struct srpt_rdma_ch *ch, 957 struct srpt_send_ioctx *ioctx) 958 { 959 enum dma_data_direction dir = target_reverse_dma_direction(&ioctx->cmd); 960 int i; 961 962 for (i = 0; i < ioctx->n_rw_ctx; i++) { 963 struct srpt_rw_ctx *ctx = &ioctx->rw_ctxs[i]; 964 965 rdma_rw_ctx_destroy(&ctx->rw, ch->qp, ch->sport->port, 966 ctx->sg, ctx->nents, dir); 967 target_free_sgl(ctx->sg, ctx->nents); 968 } 969 970 if (ioctx->rw_ctxs != &ioctx->s_rw_ctx) 971 kfree(ioctx->rw_ctxs); 972 } 973 974 static inline void *srpt_get_desc_buf(struct srp_cmd *srp_cmd) 975 { 976 /* 977 * The pointer computations below will only be compiled correctly 978 * if srp_cmd::add_data is declared as s8*, u8*, s8[] or u8[], so check 979 * whether srp_cmd::add_data has been declared as a byte pointer. 980 */ 981 BUILD_BUG_ON(!__same_type(srp_cmd->add_data[0], (s8)0) && 982 !__same_type(srp_cmd->add_data[0], (u8)0)); 983 984 /* 985 * According to the SRP spec, the lower two bits of the 'ADDITIONAL 986 * CDB LENGTH' field are reserved and the size in bytes of this field 987 * is four times the value specified in bits 3..7. Hence the "& ~3". 988 */ 989 return srp_cmd->add_data + (srp_cmd->add_cdb_len & ~3); 990 } 991 992 /** 993 * srpt_get_desc_tbl - parse the data descriptors of a SRP_CMD request 994 * @recv_ioctx: I/O context associated with the received command @srp_cmd. 995 * @ioctx: I/O context that will be used for responding to the initiator. 996 * @srp_cmd: Pointer to the SRP_CMD request data. 997 * @dir: Pointer to the variable to which the transfer direction will be 998 * written. 999 * @sg: [out] scatterlist for the parsed SRP_CMD. 1000 * @sg_cnt: [out] length of @sg. 1001 * @data_len: Pointer to the variable to which the total data length of all 1002 * descriptors in the SRP_CMD request will be written. 1003 * @imm_data_offset: [in] Offset in SRP_CMD requests at which immediate data 1004 * starts. 1005 * 1006 * This function initializes ioctx->nrbuf and ioctx->r_bufs. 1007 * 1008 * Returns -EINVAL when the SRP_CMD request contains inconsistent descriptors; 1009 * -ENOMEM when memory allocation fails and zero upon success. 1010 */ 1011 static int srpt_get_desc_tbl(struct srpt_recv_ioctx *recv_ioctx, 1012 struct srpt_send_ioctx *ioctx, 1013 struct srp_cmd *srp_cmd, enum dma_data_direction *dir, 1014 struct scatterlist **sg, unsigned int *sg_cnt, u64 *data_len, 1015 u16 imm_data_offset) 1016 { 1017 BUG_ON(!dir); 1018 BUG_ON(!data_len); 1019 1020 /* 1021 * The lower four bits of the buffer format field contain the DATA-IN 1022 * buffer descriptor format, and the highest four bits contain the 1023 * DATA-OUT buffer descriptor format. 1024 */ 1025 if (srp_cmd->buf_fmt & 0xf) 1026 /* DATA-IN: transfer data from target to initiator (read). */ 1027 *dir = DMA_FROM_DEVICE; 1028 else if (srp_cmd->buf_fmt >> 4) 1029 /* DATA-OUT: transfer data from initiator to target (write). */ 1030 *dir = DMA_TO_DEVICE; 1031 else 1032 *dir = DMA_NONE; 1033 1034 /* initialize data_direction early as srpt_alloc_rw_ctxs needs it */ 1035 ioctx->cmd.data_direction = *dir; 1036 1037 if (((srp_cmd->buf_fmt & 0xf) == SRP_DATA_DESC_DIRECT) || 1038 ((srp_cmd->buf_fmt >> 4) == SRP_DATA_DESC_DIRECT)) { 1039 struct srp_direct_buf *db = srpt_get_desc_buf(srp_cmd); 1040 1041 *data_len = be32_to_cpu(db->len); 1042 return srpt_alloc_rw_ctxs(ioctx, db, 1, sg, sg_cnt); 1043 } else if (((srp_cmd->buf_fmt & 0xf) == SRP_DATA_DESC_INDIRECT) || 1044 ((srp_cmd->buf_fmt >> 4) == SRP_DATA_DESC_INDIRECT)) { 1045 struct srp_indirect_buf *idb = srpt_get_desc_buf(srp_cmd); 1046 int nbufs = be32_to_cpu(idb->table_desc.len) / 1047 sizeof(struct srp_direct_buf); 1048 1049 if (nbufs > 1050 (srp_cmd->data_out_desc_cnt + srp_cmd->data_in_desc_cnt)) { 1051 pr_err("received unsupported SRP_CMD request type (%u out + %u in != %u / %zu)\n", 1052 srp_cmd->data_out_desc_cnt, 1053 srp_cmd->data_in_desc_cnt, 1054 be32_to_cpu(idb->table_desc.len), 1055 sizeof(struct srp_direct_buf)); 1056 return -EINVAL; 1057 } 1058 1059 *data_len = be32_to_cpu(idb->len); 1060 return srpt_alloc_rw_ctxs(ioctx, idb->desc_list, nbufs, 1061 sg, sg_cnt); 1062 } else if ((srp_cmd->buf_fmt >> 4) == SRP_DATA_DESC_IMM) { 1063 struct srp_imm_buf *imm_buf = srpt_get_desc_buf(srp_cmd); 1064 void *data = (void *)srp_cmd + imm_data_offset; 1065 uint32_t len = be32_to_cpu(imm_buf->len); 1066 uint32_t req_size = imm_data_offset + len; 1067 1068 if (req_size > srp_max_req_size) { 1069 pr_err("Immediate data (length %d + %d) exceeds request size %d\n", 1070 imm_data_offset, len, srp_max_req_size); 1071 return -EINVAL; 1072 } 1073 if (recv_ioctx->byte_len < req_size) { 1074 pr_err("Received too few data - %d < %d\n", 1075 recv_ioctx->byte_len, req_size); 1076 return -EIO; 1077 } 1078 /* 1079 * The immediate data buffer descriptor must occur before the 1080 * immediate data itself. 1081 */ 1082 if ((void *)(imm_buf + 1) > (void *)data) { 1083 pr_err("Received invalid write request\n"); 1084 return -EINVAL; 1085 } 1086 *data_len = len; 1087 ioctx->recv_ioctx = recv_ioctx; 1088 if ((uintptr_t)data & 511) { 1089 pr_warn_once("Internal error - the receive buffers are not aligned properly.\n"); 1090 return -EINVAL; 1091 } 1092 sg_init_one(&ioctx->imm_sg, data, len); 1093 *sg = &ioctx->imm_sg; 1094 *sg_cnt = 1; 1095 return 0; 1096 } else { 1097 *data_len = 0; 1098 return 0; 1099 } 1100 } 1101 1102 /** 1103 * srpt_init_ch_qp - initialize queue pair attributes 1104 * @ch: SRPT RDMA channel. 1105 * @qp: Queue pair pointer. 1106 * 1107 * Initialized the attributes of queue pair 'qp' by allowing local write, 1108 * remote read and remote write. Also transitions 'qp' to state IB_QPS_INIT. 1109 */ 1110 static int srpt_init_ch_qp(struct srpt_rdma_ch *ch, struct ib_qp *qp) 1111 { 1112 struct ib_qp_attr *attr; 1113 int ret; 1114 1115 WARN_ON_ONCE(ch->using_rdma_cm); 1116 1117 attr = kzalloc(sizeof(*attr), GFP_KERNEL); 1118 if (!attr) 1119 return -ENOMEM; 1120 1121 attr->qp_state = IB_QPS_INIT; 1122 attr->qp_access_flags = IB_ACCESS_LOCAL_WRITE; 1123 attr->port_num = ch->sport->port; 1124 1125 ret = ib_find_cached_pkey(ch->sport->sdev->device, ch->sport->port, 1126 ch->pkey, &attr->pkey_index); 1127 if (ret < 0) 1128 pr_err("Translating pkey %#x failed (%d) - using index 0\n", 1129 ch->pkey, ret); 1130 1131 ret = ib_modify_qp(qp, attr, 1132 IB_QP_STATE | IB_QP_ACCESS_FLAGS | IB_QP_PORT | 1133 IB_QP_PKEY_INDEX); 1134 1135 kfree(attr); 1136 return ret; 1137 } 1138 1139 /** 1140 * srpt_ch_qp_rtr - change the state of a channel to 'ready to receive' (RTR) 1141 * @ch: channel of the queue pair. 1142 * @qp: queue pair to change the state of. 1143 * 1144 * Returns zero upon success and a negative value upon failure. 1145 * 1146 * Note: currently a struct ib_qp_attr takes 136 bytes on a 64-bit system. 1147 * If this structure ever becomes larger, it might be necessary to allocate 1148 * it dynamically instead of on the stack. 1149 */ 1150 static int srpt_ch_qp_rtr(struct srpt_rdma_ch *ch, struct ib_qp *qp) 1151 { 1152 struct ib_qp_attr qp_attr; 1153 int attr_mask; 1154 int ret; 1155 1156 WARN_ON_ONCE(ch->using_rdma_cm); 1157 1158 qp_attr.qp_state = IB_QPS_RTR; 1159 ret = ib_cm_init_qp_attr(ch->ib_cm.cm_id, &qp_attr, &attr_mask); 1160 if (ret) 1161 goto out; 1162 1163 qp_attr.max_dest_rd_atomic = 4; 1164 1165 ret = ib_modify_qp(qp, &qp_attr, attr_mask); 1166 1167 out: 1168 return ret; 1169 } 1170 1171 /** 1172 * srpt_ch_qp_rts - change the state of a channel to 'ready to send' (RTS) 1173 * @ch: channel of the queue pair. 1174 * @qp: queue pair to change the state of. 1175 * 1176 * Returns zero upon success and a negative value upon failure. 1177 * 1178 * Note: currently a struct ib_qp_attr takes 136 bytes on a 64-bit system. 1179 * If this structure ever becomes larger, it might be necessary to allocate 1180 * it dynamically instead of on the stack. 1181 */ 1182 static int srpt_ch_qp_rts(struct srpt_rdma_ch *ch, struct ib_qp *qp) 1183 { 1184 struct ib_qp_attr qp_attr; 1185 int attr_mask; 1186 int ret; 1187 1188 qp_attr.qp_state = IB_QPS_RTS; 1189 ret = ib_cm_init_qp_attr(ch->ib_cm.cm_id, &qp_attr, &attr_mask); 1190 if (ret) 1191 goto out; 1192 1193 qp_attr.max_rd_atomic = 4; 1194 1195 ret = ib_modify_qp(qp, &qp_attr, attr_mask); 1196 1197 out: 1198 return ret; 1199 } 1200 1201 /** 1202 * srpt_ch_qp_err - set the channel queue pair state to 'error' 1203 * @ch: SRPT RDMA channel. 1204 */ 1205 static int srpt_ch_qp_err(struct srpt_rdma_ch *ch) 1206 { 1207 struct ib_qp_attr qp_attr; 1208 1209 qp_attr.qp_state = IB_QPS_ERR; 1210 return ib_modify_qp(ch->qp, &qp_attr, IB_QP_STATE); 1211 } 1212 1213 /** 1214 * srpt_get_send_ioctx - obtain an I/O context for sending to the initiator 1215 * @ch: SRPT RDMA channel. 1216 */ 1217 static struct srpt_send_ioctx *srpt_get_send_ioctx(struct srpt_rdma_ch *ch) 1218 { 1219 struct srpt_send_ioctx *ioctx; 1220 unsigned long flags; 1221 1222 BUG_ON(!ch); 1223 1224 ioctx = NULL; 1225 spin_lock_irqsave(&ch->spinlock, flags); 1226 if (!list_empty(&ch->free_list)) { 1227 ioctx = list_first_entry(&ch->free_list, 1228 struct srpt_send_ioctx, free_list); 1229 list_del(&ioctx->free_list); 1230 } 1231 spin_unlock_irqrestore(&ch->spinlock, flags); 1232 1233 if (!ioctx) 1234 return ioctx; 1235 1236 BUG_ON(ioctx->ch != ch); 1237 ioctx->state = SRPT_STATE_NEW; 1238 WARN_ON_ONCE(ioctx->recv_ioctx); 1239 ioctx->n_rdma = 0; 1240 ioctx->n_rw_ctx = 0; 1241 ioctx->queue_status_only = false; 1242 /* 1243 * transport_init_se_cmd() does not initialize all fields, so do it 1244 * here. 1245 */ 1246 memset(&ioctx->cmd, 0, sizeof(ioctx->cmd)); 1247 memset(&ioctx->sense_data, 0, sizeof(ioctx->sense_data)); 1248 1249 return ioctx; 1250 } 1251 1252 /** 1253 * srpt_abort_cmd - abort a SCSI command 1254 * @ioctx: I/O context associated with the SCSI command. 1255 */ 1256 static int srpt_abort_cmd(struct srpt_send_ioctx *ioctx) 1257 { 1258 enum srpt_command_state state; 1259 1260 BUG_ON(!ioctx); 1261 1262 /* 1263 * If the command is in a state where the target core is waiting for 1264 * the ib_srpt driver, change the state to the next state. 1265 */ 1266 1267 state = ioctx->state; 1268 switch (state) { 1269 case SRPT_STATE_NEED_DATA: 1270 ioctx->state = SRPT_STATE_DATA_IN; 1271 break; 1272 case SRPT_STATE_CMD_RSP_SENT: 1273 case SRPT_STATE_MGMT_RSP_SENT: 1274 ioctx->state = SRPT_STATE_DONE; 1275 break; 1276 default: 1277 WARN_ONCE(true, "%s: unexpected I/O context state %d\n", 1278 __func__, state); 1279 break; 1280 } 1281 1282 pr_debug("Aborting cmd with state %d -> %d and tag %lld\n", state, 1283 ioctx->state, ioctx->cmd.tag); 1284 1285 switch (state) { 1286 case SRPT_STATE_NEW: 1287 case SRPT_STATE_DATA_IN: 1288 case SRPT_STATE_MGMT: 1289 case SRPT_STATE_DONE: 1290 /* 1291 * Do nothing - defer abort processing until 1292 * srpt_queue_response() is invoked. 1293 */ 1294 break; 1295 case SRPT_STATE_NEED_DATA: 1296 pr_debug("tag %#llx: RDMA read error\n", ioctx->cmd.tag); 1297 transport_generic_request_failure(&ioctx->cmd, 1298 TCM_CHECK_CONDITION_ABORT_CMD); 1299 break; 1300 case SRPT_STATE_CMD_RSP_SENT: 1301 /* 1302 * SRP_RSP sending failed or the SRP_RSP send completion has 1303 * not been received in time. 1304 */ 1305 transport_generic_free_cmd(&ioctx->cmd, 0); 1306 break; 1307 case SRPT_STATE_MGMT_RSP_SENT: 1308 transport_generic_free_cmd(&ioctx->cmd, 0); 1309 break; 1310 default: 1311 WARN(1, "Unexpected command state (%d)", state); 1312 break; 1313 } 1314 1315 return state; 1316 } 1317 1318 /** 1319 * srpt_rdma_read_done - RDMA read completion callback 1320 * @cq: Completion queue. 1321 * @wc: Work completion. 1322 * 1323 * XXX: what is now target_execute_cmd used to be asynchronous, and unmapping 1324 * the data that has been transferred via IB RDMA had to be postponed until the 1325 * check_stop_free() callback. None of this is necessary anymore and needs to 1326 * be cleaned up. 1327 */ 1328 static void srpt_rdma_read_done(struct ib_cq *cq, struct ib_wc *wc) 1329 { 1330 struct srpt_rdma_ch *ch = cq->cq_context; 1331 struct srpt_send_ioctx *ioctx = 1332 container_of(wc->wr_cqe, struct srpt_send_ioctx, rdma_cqe); 1333 1334 WARN_ON(ioctx->n_rdma <= 0); 1335 atomic_add(ioctx->n_rdma, &ch->sq_wr_avail); 1336 ioctx->n_rdma = 0; 1337 1338 if (unlikely(wc->status != IB_WC_SUCCESS)) { 1339 pr_info("RDMA_READ for ioctx 0x%p failed with status %d\n", 1340 ioctx, wc->status); 1341 srpt_abort_cmd(ioctx); 1342 return; 1343 } 1344 1345 if (srpt_test_and_set_cmd_state(ioctx, SRPT_STATE_NEED_DATA, 1346 SRPT_STATE_DATA_IN)) 1347 target_execute_cmd(&ioctx->cmd); 1348 else 1349 pr_err("%s[%d]: wrong state = %d\n", __func__, 1350 __LINE__, ioctx->state); 1351 } 1352 1353 /** 1354 * srpt_build_cmd_rsp - build a SRP_RSP response 1355 * @ch: RDMA channel through which the request has been received. 1356 * @ioctx: I/O context associated with the SRP_CMD request. The response will 1357 * be built in the buffer ioctx->buf points at and hence this function will 1358 * overwrite the request data. 1359 * @tag: tag of the request for which this response is being generated. 1360 * @status: value for the STATUS field of the SRP_RSP information unit. 1361 * 1362 * Returns the size in bytes of the SRP_RSP response. 1363 * 1364 * An SRP_RSP response contains a SCSI status or service response. See also 1365 * section 6.9 in the SRP r16a document for the format of an SRP_RSP 1366 * response. See also SPC-2 for more information about sense data. 1367 */ 1368 static int srpt_build_cmd_rsp(struct srpt_rdma_ch *ch, 1369 struct srpt_send_ioctx *ioctx, u64 tag, 1370 int status) 1371 { 1372 struct srp_rsp *srp_rsp; 1373 const u8 *sense_data; 1374 int sense_data_len, max_sense_len; 1375 1376 /* 1377 * The lowest bit of all SAM-3 status codes is zero (see also 1378 * paragraph 5.3 in SAM-3). 1379 */ 1380 WARN_ON(status & 1); 1381 1382 srp_rsp = ioctx->ioctx.buf; 1383 BUG_ON(!srp_rsp); 1384 1385 sense_data = ioctx->sense_data; 1386 sense_data_len = ioctx->cmd.scsi_sense_length; 1387 WARN_ON(sense_data_len > sizeof(ioctx->sense_data)); 1388 1389 memset(srp_rsp, 0, sizeof(*srp_rsp)); 1390 srp_rsp->opcode = SRP_RSP; 1391 srp_rsp->req_lim_delta = 1392 cpu_to_be32(1 + atomic_xchg(&ch->req_lim_delta, 0)); 1393 srp_rsp->tag = tag; 1394 srp_rsp->status = status; 1395 1396 if (sense_data_len) { 1397 BUILD_BUG_ON(MIN_MAX_RSP_SIZE <= sizeof(*srp_rsp)); 1398 max_sense_len = ch->max_ti_iu_len - sizeof(*srp_rsp); 1399 if (sense_data_len > max_sense_len) { 1400 pr_warn("truncated sense data from %d to %d bytes\n", 1401 sense_data_len, max_sense_len); 1402 sense_data_len = max_sense_len; 1403 } 1404 1405 srp_rsp->flags |= SRP_RSP_FLAG_SNSVALID; 1406 srp_rsp->sense_data_len = cpu_to_be32(sense_data_len); 1407 memcpy(srp_rsp + 1, sense_data, sense_data_len); 1408 } 1409 1410 return sizeof(*srp_rsp) + sense_data_len; 1411 } 1412 1413 /** 1414 * srpt_build_tskmgmt_rsp - build a task management response 1415 * @ch: RDMA channel through which the request has been received. 1416 * @ioctx: I/O context in which the SRP_RSP response will be built. 1417 * @rsp_code: RSP_CODE that will be stored in the response. 1418 * @tag: Tag of the request for which this response is being generated. 1419 * 1420 * Returns the size in bytes of the SRP_RSP response. 1421 * 1422 * An SRP_RSP response contains a SCSI status or service response. See also 1423 * section 6.9 in the SRP r16a document for the format of an SRP_RSP 1424 * response. 1425 */ 1426 static int srpt_build_tskmgmt_rsp(struct srpt_rdma_ch *ch, 1427 struct srpt_send_ioctx *ioctx, 1428 u8 rsp_code, u64 tag) 1429 { 1430 struct srp_rsp *srp_rsp; 1431 int resp_data_len; 1432 int resp_len; 1433 1434 resp_data_len = 4; 1435 resp_len = sizeof(*srp_rsp) + resp_data_len; 1436 1437 srp_rsp = ioctx->ioctx.buf; 1438 BUG_ON(!srp_rsp); 1439 memset(srp_rsp, 0, sizeof(*srp_rsp)); 1440 1441 srp_rsp->opcode = SRP_RSP; 1442 srp_rsp->req_lim_delta = 1443 cpu_to_be32(1 + atomic_xchg(&ch->req_lim_delta, 0)); 1444 srp_rsp->tag = tag; 1445 1446 srp_rsp->flags |= SRP_RSP_FLAG_RSPVALID; 1447 srp_rsp->resp_data_len = cpu_to_be32(resp_data_len); 1448 srp_rsp->data[3] = rsp_code; 1449 1450 return resp_len; 1451 } 1452 1453 static int srpt_check_stop_free(struct se_cmd *cmd) 1454 { 1455 struct srpt_send_ioctx *ioctx = container_of(cmd, 1456 struct srpt_send_ioctx, cmd); 1457 1458 return target_put_sess_cmd(&ioctx->cmd); 1459 } 1460 1461 /** 1462 * srpt_handle_cmd - process a SRP_CMD information unit 1463 * @ch: SRPT RDMA channel. 1464 * @recv_ioctx: Receive I/O context. 1465 * @send_ioctx: Send I/O context. 1466 */ 1467 static void srpt_handle_cmd(struct srpt_rdma_ch *ch, 1468 struct srpt_recv_ioctx *recv_ioctx, 1469 struct srpt_send_ioctx *send_ioctx) 1470 { 1471 struct se_cmd *cmd; 1472 struct srp_cmd *srp_cmd; 1473 struct scatterlist *sg = NULL; 1474 unsigned sg_cnt = 0; 1475 u64 data_len; 1476 enum dma_data_direction dir; 1477 int rc; 1478 1479 BUG_ON(!send_ioctx); 1480 1481 srp_cmd = recv_ioctx->ioctx.buf + recv_ioctx->ioctx.offset; 1482 cmd = &send_ioctx->cmd; 1483 cmd->tag = srp_cmd->tag; 1484 1485 switch (srp_cmd->task_attr) { 1486 case SRP_CMD_SIMPLE_Q: 1487 cmd->sam_task_attr = TCM_SIMPLE_TAG; 1488 break; 1489 case SRP_CMD_ORDERED_Q: 1490 default: 1491 cmd->sam_task_attr = TCM_ORDERED_TAG; 1492 break; 1493 case SRP_CMD_HEAD_OF_Q: 1494 cmd->sam_task_attr = TCM_HEAD_TAG; 1495 break; 1496 case SRP_CMD_ACA: 1497 cmd->sam_task_attr = TCM_ACA_TAG; 1498 break; 1499 } 1500 1501 rc = srpt_get_desc_tbl(recv_ioctx, send_ioctx, srp_cmd, &dir, 1502 &sg, &sg_cnt, &data_len, ch->imm_data_offset); 1503 if (rc) { 1504 if (rc != -EAGAIN) { 1505 pr_err("0x%llx: parsing SRP descriptor table failed.\n", 1506 srp_cmd->tag); 1507 } 1508 goto release_ioctx; 1509 } 1510 1511 rc = target_submit_cmd_map_sgls(cmd, ch->sess, srp_cmd->cdb, 1512 &send_ioctx->sense_data[0], 1513 scsilun_to_int(&srp_cmd->lun), data_len, 1514 TCM_SIMPLE_TAG, dir, TARGET_SCF_ACK_KREF, 1515 sg, sg_cnt, NULL, 0, NULL, 0); 1516 if (rc != 0) { 1517 pr_debug("target_submit_cmd() returned %d for tag %#llx\n", rc, 1518 srp_cmd->tag); 1519 goto release_ioctx; 1520 } 1521 return; 1522 1523 release_ioctx: 1524 send_ioctx->state = SRPT_STATE_DONE; 1525 srpt_release_cmd(cmd); 1526 } 1527 1528 static int srp_tmr_to_tcm(int fn) 1529 { 1530 switch (fn) { 1531 case SRP_TSK_ABORT_TASK: 1532 return TMR_ABORT_TASK; 1533 case SRP_TSK_ABORT_TASK_SET: 1534 return TMR_ABORT_TASK_SET; 1535 case SRP_TSK_CLEAR_TASK_SET: 1536 return TMR_CLEAR_TASK_SET; 1537 case SRP_TSK_LUN_RESET: 1538 return TMR_LUN_RESET; 1539 case SRP_TSK_CLEAR_ACA: 1540 return TMR_CLEAR_ACA; 1541 default: 1542 return -1; 1543 } 1544 } 1545 1546 /** 1547 * srpt_handle_tsk_mgmt - process a SRP_TSK_MGMT information unit 1548 * @ch: SRPT RDMA channel. 1549 * @recv_ioctx: Receive I/O context. 1550 * @send_ioctx: Send I/O context. 1551 * 1552 * Returns 0 if and only if the request will be processed by the target core. 1553 * 1554 * For more information about SRP_TSK_MGMT information units, see also section 1555 * 6.7 in the SRP r16a document. 1556 */ 1557 static void srpt_handle_tsk_mgmt(struct srpt_rdma_ch *ch, 1558 struct srpt_recv_ioctx *recv_ioctx, 1559 struct srpt_send_ioctx *send_ioctx) 1560 { 1561 struct srp_tsk_mgmt *srp_tsk; 1562 struct se_cmd *cmd; 1563 struct se_session *sess = ch->sess; 1564 int tcm_tmr; 1565 int rc; 1566 1567 BUG_ON(!send_ioctx); 1568 1569 srp_tsk = recv_ioctx->ioctx.buf + recv_ioctx->ioctx.offset; 1570 cmd = &send_ioctx->cmd; 1571 1572 pr_debug("recv tsk_mgmt fn %d for task_tag %lld and cmd tag %lld ch %p sess %p\n", 1573 srp_tsk->tsk_mgmt_func, srp_tsk->task_tag, srp_tsk->tag, ch, 1574 ch->sess); 1575 1576 srpt_set_cmd_state(send_ioctx, SRPT_STATE_MGMT); 1577 send_ioctx->cmd.tag = srp_tsk->tag; 1578 tcm_tmr = srp_tmr_to_tcm(srp_tsk->tsk_mgmt_func); 1579 rc = target_submit_tmr(&send_ioctx->cmd, sess, NULL, 1580 scsilun_to_int(&srp_tsk->lun), srp_tsk, tcm_tmr, 1581 GFP_KERNEL, srp_tsk->task_tag, 1582 TARGET_SCF_ACK_KREF); 1583 if (rc != 0) { 1584 send_ioctx->cmd.se_tmr_req->response = TMR_FUNCTION_REJECTED; 1585 goto fail; 1586 } 1587 return; 1588 fail: 1589 transport_send_check_condition_and_sense(cmd, 0, 0); // XXX: 1590 } 1591 1592 /** 1593 * srpt_handle_new_iu - process a newly received information unit 1594 * @ch: RDMA channel through which the information unit has been received. 1595 * @recv_ioctx: Receive I/O context associated with the information unit. 1596 */ 1597 static bool 1598 srpt_handle_new_iu(struct srpt_rdma_ch *ch, struct srpt_recv_ioctx *recv_ioctx) 1599 { 1600 struct srpt_send_ioctx *send_ioctx = NULL; 1601 struct srp_cmd *srp_cmd; 1602 bool res = false; 1603 u8 opcode; 1604 1605 BUG_ON(!ch); 1606 BUG_ON(!recv_ioctx); 1607 1608 if (unlikely(ch->state == CH_CONNECTING)) 1609 goto push; 1610 1611 ib_dma_sync_single_for_cpu(ch->sport->sdev->device, 1612 recv_ioctx->ioctx.dma, 1613 recv_ioctx->ioctx.offset + srp_max_req_size, 1614 DMA_FROM_DEVICE); 1615 1616 srp_cmd = recv_ioctx->ioctx.buf + recv_ioctx->ioctx.offset; 1617 opcode = srp_cmd->opcode; 1618 if (opcode == SRP_CMD || opcode == SRP_TSK_MGMT) { 1619 send_ioctx = srpt_get_send_ioctx(ch); 1620 if (unlikely(!send_ioctx)) 1621 goto push; 1622 } 1623 1624 if (!list_empty(&recv_ioctx->wait_list)) { 1625 WARN_ON_ONCE(!ch->processing_wait_list); 1626 list_del_init(&recv_ioctx->wait_list); 1627 } 1628 1629 switch (opcode) { 1630 case SRP_CMD: 1631 srpt_handle_cmd(ch, recv_ioctx, send_ioctx); 1632 break; 1633 case SRP_TSK_MGMT: 1634 srpt_handle_tsk_mgmt(ch, recv_ioctx, send_ioctx); 1635 break; 1636 case SRP_I_LOGOUT: 1637 pr_err("Not yet implemented: SRP_I_LOGOUT\n"); 1638 break; 1639 case SRP_CRED_RSP: 1640 pr_debug("received SRP_CRED_RSP\n"); 1641 break; 1642 case SRP_AER_RSP: 1643 pr_debug("received SRP_AER_RSP\n"); 1644 break; 1645 case SRP_RSP: 1646 pr_err("Received SRP_RSP\n"); 1647 break; 1648 default: 1649 pr_err("received IU with unknown opcode 0x%x\n", opcode); 1650 break; 1651 } 1652 1653 if (!send_ioctx || !send_ioctx->recv_ioctx) 1654 srpt_post_recv(ch->sport->sdev, ch, recv_ioctx); 1655 res = true; 1656 1657 out: 1658 return res; 1659 1660 push: 1661 if (list_empty(&recv_ioctx->wait_list)) { 1662 WARN_ON_ONCE(ch->processing_wait_list); 1663 list_add_tail(&recv_ioctx->wait_list, &ch->cmd_wait_list); 1664 } 1665 goto out; 1666 } 1667 1668 static void srpt_recv_done(struct ib_cq *cq, struct ib_wc *wc) 1669 { 1670 struct srpt_rdma_ch *ch = cq->cq_context; 1671 struct srpt_recv_ioctx *ioctx = 1672 container_of(wc->wr_cqe, struct srpt_recv_ioctx, ioctx.cqe); 1673 1674 if (wc->status == IB_WC_SUCCESS) { 1675 int req_lim; 1676 1677 req_lim = atomic_dec_return(&ch->req_lim); 1678 if (unlikely(req_lim < 0)) 1679 pr_err("req_lim = %d < 0\n", req_lim); 1680 ioctx->byte_len = wc->byte_len; 1681 srpt_handle_new_iu(ch, ioctx); 1682 } else { 1683 pr_info_ratelimited("receiving failed for ioctx %p with status %d\n", 1684 ioctx, wc->status); 1685 } 1686 } 1687 1688 /* 1689 * This function must be called from the context in which RDMA completions are 1690 * processed because it accesses the wait list without protection against 1691 * access from other threads. 1692 */ 1693 static void srpt_process_wait_list(struct srpt_rdma_ch *ch) 1694 { 1695 struct srpt_recv_ioctx *recv_ioctx, *tmp; 1696 1697 WARN_ON_ONCE(ch->state == CH_CONNECTING); 1698 1699 if (list_empty(&ch->cmd_wait_list)) 1700 return; 1701 1702 WARN_ON_ONCE(ch->processing_wait_list); 1703 ch->processing_wait_list = true; 1704 list_for_each_entry_safe(recv_ioctx, tmp, &ch->cmd_wait_list, 1705 wait_list) { 1706 if (!srpt_handle_new_iu(ch, recv_ioctx)) 1707 break; 1708 } 1709 ch->processing_wait_list = false; 1710 } 1711 1712 /** 1713 * srpt_send_done - send completion callback 1714 * @cq: Completion queue. 1715 * @wc: Work completion. 1716 * 1717 * Note: Although this has not yet been observed during tests, at least in 1718 * theory it is possible that the srpt_get_send_ioctx() call invoked by 1719 * srpt_handle_new_iu() fails. This is possible because the req_lim_delta 1720 * value in each response is set to one, and it is possible that this response 1721 * makes the initiator send a new request before the send completion for that 1722 * response has been processed. This could e.g. happen if the call to 1723 * srpt_put_send_iotcx() is delayed because of a higher priority interrupt or 1724 * if IB retransmission causes generation of the send completion to be 1725 * delayed. Incoming information units for which srpt_get_send_ioctx() fails 1726 * are queued on cmd_wait_list. The code below processes these delayed 1727 * requests one at a time. 1728 */ 1729 static void srpt_send_done(struct ib_cq *cq, struct ib_wc *wc) 1730 { 1731 struct srpt_rdma_ch *ch = cq->cq_context; 1732 struct srpt_send_ioctx *ioctx = 1733 container_of(wc->wr_cqe, struct srpt_send_ioctx, ioctx.cqe); 1734 enum srpt_command_state state; 1735 1736 state = srpt_set_cmd_state(ioctx, SRPT_STATE_DONE); 1737 1738 WARN_ON(state != SRPT_STATE_CMD_RSP_SENT && 1739 state != SRPT_STATE_MGMT_RSP_SENT); 1740 1741 atomic_add(1 + ioctx->n_rdma, &ch->sq_wr_avail); 1742 1743 if (wc->status != IB_WC_SUCCESS) 1744 pr_info("sending response for ioctx 0x%p failed with status %d\n", 1745 ioctx, wc->status); 1746 1747 if (state != SRPT_STATE_DONE) { 1748 transport_generic_free_cmd(&ioctx->cmd, 0); 1749 } else { 1750 pr_err("IB completion has been received too late for wr_id = %u.\n", 1751 ioctx->ioctx.index); 1752 } 1753 1754 srpt_process_wait_list(ch); 1755 } 1756 1757 /** 1758 * srpt_create_ch_ib - create receive and send completion queues 1759 * @ch: SRPT RDMA channel. 1760 */ 1761 static int srpt_create_ch_ib(struct srpt_rdma_ch *ch) 1762 { 1763 struct ib_qp_init_attr *qp_init; 1764 struct srpt_port *sport = ch->sport; 1765 struct srpt_device *sdev = sport->sdev; 1766 const struct ib_device_attr *attrs = &sdev->device->attrs; 1767 int sq_size = sport->port_attrib.srp_sq_size; 1768 int i, ret; 1769 1770 WARN_ON(ch->rq_size < 1); 1771 1772 ret = -ENOMEM; 1773 qp_init = kzalloc(sizeof(*qp_init), GFP_KERNEL); 1774 if (!qp_init) 1775 goto out; 1776 1777 retry: 1778 ch->cq = ib_alloc_cq(sdev->device, ch, ch->rq_size + sq_size, 1779 0 /* XXX: spread CQs */, IB_POLL_WORKQUEUE); 1780 if (IS_ERR(ch->cq)) { 1781 ret = PTR_ERR(ch->cq); 1782 pr_err("failed to create CQ cqe= %d ret= %d\n", 1783 ch->rq_size + sq_size, ret); 1784 goto out; 1785 } 1786 1787 qp_init->qp_context = (void *)ch; 1788 qp_init->event_handler 1789 = (void(*)(struct ib_event *, void*))srpt_qp_event; 1790 qp_init->send_cq = ch->cq; 1791 qp_init->recv_cq = ch->cq; 1792 qp_init->sq_sig_type = IB_SIGNAL_REQ_WR; 1793 qp_init->qp_type = IB_QPT_RC; 1794 /* 1795 * We divide up our send queue size into half SEND WRs to send the 1796 * completions, and half R/W contexts to actually do the RDMA 1797 * READ/WRITE transfers. Note that we need to allocate CQ slots for 1798 * both both, as RDMA contexts will also post completions for the 1799 * RDMA READ case. 1800 */ 1801 qp_init->cap.max_send_wr = min(sq_size / 2, attrs->max_qp_wr); 1802 qp_init->cap.max_rdma_ctxs = sq_size / 2; 1803 qp_init->cap.max_send_sge = min(attrs->max_send_sge, 1804 SRPT_MAX_SG_PER_WQE); 1805 qp_init->cap.max_recv_sge = min(attrs->max_recv_sge, 1806 SRPT_MAX_SG_PER_WQE); 1807 qp_init->port_num = ch->sport->port; 1808 if (sdev->use_srq) { 1809 qp_init->srq = sdev->srq; 1810 } else { 1811 qp_init->cap.max_recv_wr = ch->rq_size; 1812 qp_init->cap.max_recv_sge = min(attrs->max_recv_sge, 1813 SRPT_MAX_SG_PER_WQE); 1814 } 1815 1816 if (ch->using_rdma_cm) { 1817 ret = rdma_create_qp(ch->rdma_cm.cm_id, sdev->pd, qp_init); 1818 ch->qp = ch->rdma_cm.cm_id->qp; 1819 } else { 1820 ch->qp = ib_create_qp(sdev->pd, qp_init); 1821 if (!IS_ERR(ch->qp)) { 1822 ret = srpt_init_ch_qp(ch, ch->qp); 1823 if (ret) 1824 ib_destroy_qp(ch->qp); 1825 } else { 1826 ret = PTR_ERR(ch->qp); 1827 } 1828 } 1829 if (ret) { 1830 bool retry = sq_size > MIN_SRPT_SQ_SIZE; 1831 1832 if (retry) { 1833 pr_debug("failed to create queue pair with sq_size = %d (%d) - retrying\n", 1834 sq_size, ret); 1835 ib_free_cq(ch->cq); 1836 sq_size = max(sq_size / 2, MIN_SRPT_SQ_SIZE); 1837 goto retry; 1838 } else { 1839 pr_err("failed to create queue pair with sq_size = %d (%d)\n", 1840 sq_size, ret); 1841 goto err_destroy_cq; 1842 } 1843 } 1844 1845 atomic_set(&ch->sq_wr_avail, qp_init->cap.max_send_wr); 1846 1847 pr_debug("%s: max_cqe= %d max_sge= %d sq_size = %d ch= %p\n", 1848 __func__, ch->cq->cqe, qp_init->cap.max_send_sge, 1849 qp_init->cap.max_send_wr, ch); 1850 1851 if (!sdev->use_srq) 1852 for (i = 0; i < ch->rq_size; i++) 1853 srpt_post_recv(sdev, ch, ch->ioctx_recv_ring[i]); 1854 1855 out: 1856 kfree(qp_init); 1857 return ret; 1858 1859 err_destroy_cq: 1860 ch->qp = NULL; 1861 ib_free_cq(ch->cq); 1862 goto out; 1863 } 1864 1865 static void srpt_destroy_ch_ib(struct srpt_rdma_ch *ch) 1866 { 1867 ib_destroy_qp(ch->qp); 1868 ib_free_cq(ch->cq); 1869 } 1870 1871 /** 1872 * srpt_close_ch - close a RDMA channel 1873 * @ch: SRPT RDMA channel. 1874 * 1875 * Make sure all resources associated with the channel will be deallocated at 1876 * an appropriate time. 1877 * 1878 * Returns true if and only if the channel state has been modified into 1879 * CH_DRAINING. 1880 */ 1881 static bool srpt_close_ch(struct srpt_rdma_ch *ch) 1882 { 1883 int ret; 1884 1885 if (!srpt_set_ch_state(ch, CH_DRAINING)) { 1886 pr_debug("%s: already closed\n", ch->sess_name); 1887 return false; 1888 } 1889 1890 kref_get(&ch->kref); 1891 1892 ret = srpt_ch_qp_err(ch); 1893 if (ret < 0) 1894 pr_err("%s-%d: changing queue pair into error state failed: %d\n", 1895 ch->sess_name, ch->qp->qp_num, ret); 1896 1897 ret = srpt_zerolength_write(ch); 1898 if (ret < 0) { 1899 pr_err("%s-%d: queuing zero-length write failed: %d\n", 1900 ch->sess_name, ch->qp->qp_num, ret); 1901 if (srpt_set_ch_state(ch, CH_DISCONNECTED)) 1902 schedule_work(&ch->release_work); 1903 else 1904 WARN_ON_ONCE(true); 1905 } 1906 1907 kref_put(&ch->kref, srpt_free_ch); 1908 1909 return true; 1910 } 1911 1912 /* 1913 * Change the channel state into CH_DISCONNECTING. If a channel has not yet 1914 * reached the connected state, close it. If a channel is in the connected 1915 * state, send a DREQ. If a DREQ has been received, send a DREP. Note: it is 1916 * the responsibility of the caller to ensure that this function is not 1917 * invoked concurrently with the code that accepts a connection. This means 1918 * that this function must either be invoked from inside a CM callback 1919 * function or that it must be invoked with the srpt_port.mutex held. 1920 */ 1921 static int srpt_disconnect_ch(struct srpt_rdma_ch *ch) 1922 { 1923 int ret; 1924 1925 if (!srpt_set_ch_state(ch, CH_DISCONNECTING)) 1926 return -ENOTCONN; 1927 1928 if (ch->using_rdma_cm) { 1929 ret = rdma_disconnect(ch->rdma_cm.cm_id); 1930 } else { 1931 ret = ib_send_cm_dreq(ch->ib_cm.cm_id, NULL, 0); 1932 if (ret < 0) 1933 ret = ib_send_cm_drep(ch->ib_cm.cm_id, NULL, 0); 1934 } 1935 1936 if (ret < 0 && srpt_close_ch(ch)) 1937 ret = 0; 1938 1939 return ret; 1940 } 1941 1942 static bool srpt_ch_closed(struct srpt_port *sport, struct srpt_rdma_ch *ch) 1943 { 1944 struct srpt_nexus *nexus; 1945 struct srpt_rdma_ch *ch2; 1946 bool res = true; 1947 1948 rcu_read_lock(); 1949 list_for_each_entry(nexus, &sport->nexus_list, entry) { 1950 list_for_each_entry(ch2, &nexus->ch_list, list) { 1951 if (ch2 == ch) { 1952 res = false; 1953 goto done; 1954 } 1955 } 1956 } 1957 done: 1958 rcu_read_unlock(); 1959 1960 return res; 1961 } 1962 1963 /* Send DREQ and wait for DREP. */ 1964 static void srpt_disconnect_ch_sync(struct srpt_rdma_ch *ch) 1965 { 1966 struct srpt_port *sport = ch->sport; 1967 1968 pr_debug("ch %s-%d state %d\n", ch->sess_name, ch->qp->qp_num, 1969 ch->state); 1970 1971 mutex_lock(&sport->mutex); 1972 srpt_disconnect_ch(ch); 1973 mutex_unlock(&sport->mutex); 1974 1975 while (wait_event_timeout(sport->ch_releaseQ, srpt_ch_closed(sport, ch), 1976 5 * HZ) == 0) 1977 pr_info("%s(%s-%d state %d): still waiting ...\n", __func__, 1978 ch->sess_name, ch->qp->qp_num, ch->state); 1979 1980 } 1981 1982 static void __srpt_close_all_ch(struct srpt_port *sport) 1983 { 1984 struct srpt_nexus *nexus; 1985 struct srpt_rdma_ch *ch; 1986 1987 lockdep_assert_held(&sport->mutex); 1988 1989 list_for_each_entry(nexus, &sport->nexus_list, entry) { 1990 list_for_each_entry(ch, &nexus->ch_list, list) { 1991 if (srpt_disconnect_ch(ch) >= 0) 1992 pr_info("Closing channel %s because target %s_%d has been disabled\n", 1993 ch->sess_name, 1994 dev_name(&sport->sdev->device->dev), 1995 sport->port); 1996 srpt_close_ch(ch); 1997 } 1998 } 1999 } 2000 2001 /* 2002 * Look up (i_port_id, t_port_id) in sport->nexus_list. Create an entry if 2003 * it does not yet exist. 2004 */ 2005 static struct srpt_nexus *srpt_get_nexus(struct srpt_port *sport, 2006 const u8 i_port_id[16], 2007 const u8 t_port_id[16]) 2008 { 2009 struct srpt_nexus *nexus = NULL, *tmp_nexus = NULL, *n; 2010 2011 for (;;) { 2012 mutex_lock(&sport->mutex); 2013 list_for_each_entry(n, &sport->nexus_list, entry) { 2014 if (memcmp(n->i_port_id, i_port_id, 16) == 0 && 2015 memcmp(n->t_port_id, t_port_id, 16) == 0) { 2016 nexus = n; 2017 break; 2018 } 2019 } 2020 if (!nexus && tmp_nexus) { 2021 list_add_tail_rcu(&tmp_nexus->entry, 2022 &sport->nexus_list); 2023 swap(nexus, tmp_nexus); 2024 } 2025 mutex_unlock(&sport->mutex); 2026 2027 if (nexus) 2028 break; 2029 tmp_nexus = kzalloc(sizeof(*nexus), GFP_KERNEL); 2030 if (!tmp_nexus) { 2031 nexus = ERR_PTR(-ENOMEM); 2032 break; 2033 } 2034 INIT_LIST_HEAD(&tmp_nexus->ch_list); 2035 memcpy(tmp_nexus->i_port_id, i_port_id, 16); 2036 memcpy(tmp_nexus->t_port_id, t_port_id, 16); 2037 } 2038 2039 kfree(tmp_nexus); 2040 2041 return nexus; 2042 } 2043 2044 static void srpt_set_enabled(struct srpt_port *sport, bool enabled) 2045 __must_hold(&sport->mutex) 2046 { 2047 lockdep_assert_held(&sport->mutex); 2048 2049 if (sport->enabled == enabled) 2050 return; 2051 sport->enabled = enabled; 2052 if (!enabled) 2053 __srpt_close_all_ch(sport); 2054 } 2055 2056 static void srpt_free_ch(struct kref *kref) 2057 { 2058 struct srpt_rdma_ch *ch = container_of(kref, struct srpt_rdma_ch, kref); 2059 2060 kfree_rcu(ch, rcu); 2061 } 2062 2063 /* 2064 * Shut down the SCSI target session, tell the connection manager to 2065 * disconnect the associated RDMA channel, transition the QP to the error 2066 * state and remove the channel from the channel list. This function is 2067 * typically called from inside srpt_zerolength_write_done(). Concurrent 2068 * srpt_zerolength_write() calls from inside srpt_close_ch() are possible 2069 * as long as the channel is on sport->nexus_list. 2070 */ 2071 static void srpt_release_channel_work(struct work_struct *w) 2072 { 2073 struct srpt_rdma_ch *ch; 2074 struct srpt_device *sdev; 2075 struct srpt_port *sport; 2076 struct se_session *se_sess; 2077 2078 ch = container_of(w, struct srpt_rdma_ch, release_work); 2079 pr_debug("%s-%d\n", ch->sess_name, ch->qp->qp_num); 2080 2081 sdev = ch->sport->sdev; 2082 BUG_ON(!sdev); 2083 2084 se_sess = ch->sess; 2085 BUG_ON(!se_sess); 2086 2087 target_sess_cmd_list_set_waiting(se_sess); 2088 target_wait_for_sess_cmds(se_sess); 2089 2090 target_remove_session(se_sess); 2091 ch->sess = NULL; 2092 2093 if (ch->using_rdma_cm) 2094 rdma_destroy_id(ch->rdma_cm.cm_id); 2095 else 2096 ib_destroy_cm_id(ch->ib_cm.cm_id); 2097 2098 sport = ch->sport; 2099 mutex_lock(&sport->mutex); 2100 list_del_rcu(&ch->list); 2101 mutex_unlock(&sport->mutex); 2102 2103 srpt_destroy_ch_ib(ch); 2104 2105 srpt_free_ioctx_ring((struct srpt_ioctx **)ch->ioctx_ring, 2106 ch->sport->sdev, ch->rq_size, 2107 ch->rsp_buf_cache, DMA_TO_DEVICE); 2108 2109 kmem_cache_destroy(ch->rsp_buf_cache); 2110 2111 srpt_free_ioctx_ring((struct srpt_ioctx **)ch->ioctx_recv_ring, 2112 sdev, ch->rq_size, 2113 ch->req_buf_cache, DMA_FROM_DEVICE); 2114 2115 kmem_cache_destroy(ch->req_buf_cache); 2116 2117 wake_up(&sport->ch_releaseQ); 2118 2119 kref_put(&ch->kref, srpt_free_ch); 2120 } 2121 2122 /** 2123 * srpt_cm_req_recv - process the event IB_CM_REQ_RECEIVED 2124 * @sdev: HCA through which the login request was received. 2125 * @ib_cm_id: IB/CM connection identifier in case of IB/CM. 2126 * @rdma_cm_id: RDMA/CM connection identifier in case of RDMA/CM. 2127 * @port_num: Port through which the REQ message was received. 2128 * @pkey: P_Key of the incoming connection. 2129 * @req: SRP login request. 2130 * @src_addr: GID (IB/CM) or IP address (RDMA/CM) of the port that submitted 2131 * the login request. 2132 * 2133 * Ownership of the cm_id is transferred to the target session if this 2134 * function returns zero. Otherwise the caller remains the owner of cm_id. 2135 */ 2136 static int srpt_cm_req_recv(struct srpt_device *const sdev, 2137 struct ib_cm_id *ib_cm_id, 2138 struct rdma_cm_id *rdma_cm_id, 2139 u8 port_num, __be16 pkey, 2140 const struct srp_login_req *req, 2141 const char *src_addr) 2142 { 2143 struct srpt_port *sport = &sdev->port[port_num - 1]; 2144 struct srpt_nexus *nexus; 2145 struct srp_login_rsp *rsp = NULL; 2146 struct srp_login_rej *rej = NULL; 2147 union { 2148 struct rdma_conn_param rdma_cm; 2149 struct ib_cm_rep_param ib_cm; 2150 } *rep_param = NULL; 2151 struct srpt_rdma_ch *ch = NULL; 2152 char i_port_id[36]; 2153 u32 it_iu_len; 2154 int i, ret; 2155 2156 WARN_ON_ONCE(irqs_disabled()); 2157 2158 if (WARN_ON(!sdev || !req)) 2159 return -EINVAL; 2160 2161 it_iu_len = be32_to_cpu(req->req_it_iu_len); 2162 2163 pr_info("Received SRP_LOGIN_REQ with i_port_id %pI6, t_port_id %pI6 and it_iu_len %d on port %d (guid=%pI6); pkey %#04x\n", 2164 req->initiator_port_id, req->target_port_id, it_iu_len, 2165 port_num, &sport->gid, be16_to_cpu(pkey)); 2166 2167 nexus = srpt_get_nexus(sport, req->initiator_port_id, 2168 req->target_port_id); 2169 if (IS_ERR(nexus)) { 2170 ret = PTR_ERR(nexus); 2171 goto out; 2172 } 2173 2174 ret = -ENOMEM; 2175 rsp = kzalloc(sizeof(*rsp), GFP_KERNEL); 2176 rej = kzalloc(sizeof(*rej), GFP_KERNEL); 2177 rep_param = kzalloc(sizeof(*rep_param), GFP_KERNEL); 2178 if (!rsp || !rej || !rep_param) 2179 goto out; 2180 2181 ret = -EINVAL; 2182 if (it_iu_len > srp_max_req_size || it_iu_len < 64) { 2183 rej->reason = cpu_to_be32( 2184 SRP_LOGIN_REJ_REQ_IT_IU_LENGTH_TOO_LARGE); 2185 pr_err("rejected SRP_LOGIN_REQ because its length (%d bytes) is out of range (%d .. %d)\n", 2186 it_iu_len, 64, srp_max_req_size); 2187 goto reject; 2188 } 2189 2190 if (!sport->enabled) { 2191 rej->reason = cpu_to_be32(SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2192 pr_info("rejected SRP_LOGIN_REQ because target port %s_%d has not yet been enabled\n", 2193 dev_name(&sport->sdev->device->dev), port_num); 2194 goto reject; 2195 } 2196 2197 if (*(__be64 *)req->target_port_id != cpu_to_be64(srpt_service_guid) 2198 || *(__be64 *)(req->target_port_id + 8) != 2199 cpu_to_be64(srpt_service_guid)) { 2200 rej->reason = cpu_to_be32( 2201 SRP_LOGIN_REJ_UNABLE_ASSOCIATE_CHANNEL); 2202 pr_err("rejected SRP_LOGIN_REQ because it has an invalid target port identifier.\n"); 2203 goto reject; 2204 } 2205 2206 ret = -ENOMEM; 2207 ch = kzalloc(sizeof(*ch), GFP_KERNEL); 2208 if (!ch) { 2209 rej->reason = cpu_to_be32(SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2210 pr_err("rejected SRP_LOGIN_REQ because out of memory.\n"); 2211 goto reject; 2212 } 2213 2214 kref_init(&ch->kref); 2215 ch->pkey = be16_to_cpu(pkey); 2216 ch->nexus = nexus; 2217 ch->zw_cqe.done = srpt_zerolength_write_done; 2218 INIT_WORK(&ch->release_work, srpt_release_channel_work); 2219 ch->sport = sport; 2220 if (ib_cm_id) { 2221 ch->ib_cm.cm_id = ib_cm_id; 2222 ib_cm_id->context = ch; 2223 } else { 2224 ch->using_rdma_cm = true; 2225 ch->rdma_cm.cm_id = rdma_cm_id; 2226 rdma_cm_id->context = ch; 2227 } 2228 /* 2229 * ch->rq_size should be at least as large as the initiator queue 2230 * depth to avoid that the initiator driver has to report QUEUE_FULL 2231 * to the SCSI mid-layer. 2232 */ 2233 ch->rq_size = min(MAX_SRPT_RQ_SIZE, sdev->device->attrs.max_qp_wr); 2234 spin_lock_init(&ch->spinlock); 2235 ch->state = CH_CONNECTING; 2236 INIT_LIST_HEAD(&ch->cmd_wait_list); 2237 ch->max_rsp_size = ch->sport->port_attrib.srp_max_rsp_size; 2238 2239 ch->rsp_buf_cache = kmem_cache_create("srpt-rsp-buf", ch->max_rsp_size, 2240 512, 0, NULL); 2241 if (!ch->rsp_buf_cache) 2242 goto free_ch; 2243 2244 ch->ioctx_ring = (struct srpt_send_ioctx **) 2245 srpt_alloc_ioctx_ring(ch->sport->sdev, ch->rq_size, 2246 sizeof(*ch->ioctx_ring[0]), 2247 ch->rsp_buf_cache, 0, DMA_TO_DEVICE); 2248 if (!ch->ioctx_ring) { 2249 pr_err("rejected SRP_LOGIN_REQ because creating a new QP SQ ring failed.\n"); 2250 rej->reason = cpu_to_be32(SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2251 goto free_rsp_cache; 2252 } 2253 2254 INIT_LIST_HEAD(&ch->free_list); 2255 for (i = 0; i < ch->rq_size; i++) { 2256 ch->ioctx_ring[i]->ch = ch; 2257 list_add_tail(&ch->ioctx_ring[i]->free_list, &ch->free_list); 2258 } 2259 if (!sdev->use_srq) { 2260 u16 imm_data_offset = req->req_flags & SRP_IMMED_REQUESTED ? 2261 be16_to_cpu(req->imm_data_offset) : 0; 2262 u16 alignment_offset; 2263 u32 req_sz; 2264 2265 if (req->req_flags & SRP_IMMED_REQUESTED) 2266 pr_debug("imm_data_offset = %d\n", 2267 be16_to_cpu(req->imm_data_offset)); 2268 if (imm_data_offset >= sizeof(struct srp_cmd)) { 2269 ch->imm_data_offset = imm_data_offset; 2270 rsp->rsp_flags |= SRP_LOGIN_RSP_IMMED_SUPP; 2271 } else { 2272 ch->imm_data_offset = 0; 2273 } 2274 alignment_offset = round_up(imm_data_offset, 512) - 2275 imm_data_offset; 2276 req_sz = alignment_offset + imm_data_offset + srp_max_req_size; 2277 ch->req_buf_cache = kmem_cache_create("srpt-req-buf", req_sz, 2278 512, 0, NULL); 2279 if (!ch->req_buf_cache) 2280 goto free_rsp_ring; 2281 2282 ch->ioctx_recv_ring = (struct srpt_recv_ioctx **) 2283 srpt_alloc_ioctx_ring(ch->sport->sdev, ch->rq_size, 2284 sizeof(*ch->ioctx_recv_ring[0]), 2285 ch->req_buf_cache, 2286 alignment_offset, 2287 DMA_FROM_DEVICE); 2288 if (!ch->ioctx_recv_ring) { 2289 pr_err("rejected SRP_LOGIN_REQ because creating a new QP RQ ring failed.\n"); 2290 rej->reason = 2291 cpu_to_be32(SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2292 goto free_recv_cache; 2293 } 2294 for (i = 0; i < ch->rq_size; i++) 2295 INIT_LIST_HEAD(&ch->ioctx_recv_ring[i]->wait_list); 2296 } 2297 2298 ret = srpt_create_ch_ib(ch); 2299 if (ret) { 2300 rej->reason = cpu_to_be32(SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2301 pr_err("rejected SRP_LOGIN_REQ because creating a new RDMA channel failed.\n"); 2302 goto free_recv_ring; 2303 } 2304 2305 strlcpy(ch->sess_name, src_addr, sizeof(ch->sess_name)); 2306 snprintf(i_port_id, sizeof(i_port_id), "0x%016llx%016llx", 2307 be64_to_cpu(*(__be64 *)nexus->i_port_id), 2308 be64_to_cpu(*(__be64 *)(nexus->i_port_id + 8))); 2309 2310 pr_debug("registering session %s\n", ch->sess_name); 2311 2312 if (sport->port_guid_tpg.se_tpg_wwn) 2313 ch->sess = target_setup_session(&sport->port_guid_tpg, 0, 0, 2314 TARGET_PROT_NORMAL, 2315 ch->sess_name, ch, NULL); 2316 if (sport->port_gid_tpg.se_tpg_wwn && IS_ERR_OR_NULL(ch->sess)) 2317 ch->sess = target_setup_session(&sport->port_gid_tpg, 0, 0, 2318 TARGET_PROT_NORMAL, i_port_id, ch, 2319 NULL); 2320 /* Retry without leading "0x" */ 2321 if (sport->port_gid_tpg.se_tpg_wwn && IS_ERR_OR_NULL(ch->sess)) 2322 ch->sess = target_setup_session(&sport->port_gid_tpg, 0, 0, 2323 TARGET_PROT_NORMAL, 2324 i_port_id + 2, ch, NULL); 2325 if (IS_ERR_OR_NULL(ch->sess)) { 2326 WARN_ON_ONCE(ch->sess == NULL); 2327 ret = PTR_ERR(ch->sess); 2328 ch->sess = NULL; 2329 pr_info("Rejected login for initiator %s: ret = %d.\n", 2330 ch->sess_name, ret); 2331 rej->reason = cpu_to_be32(ret == -ENOMEM ? 2332 SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES : 2333 SRP_LOGIN_REJ_CHANNEL_LIMIT_REACHED); 2334 goto destroy_ib; 2335 } 2336 2337 mutex_lock(&sport->mutex); 2338 2339 if ((req->req_flags & SRP_MTCH_ACTION) == SRP_MULTICHAN_SINGLE) { 2340 struct srpt_rdma_ch *ch2; 2341 2342 list_for_each_entry(ch2, &nexus->ch_list, list) { 2343 if (srpt_disconnect_ch(ch2) < 0) 2344 continue; 2345 pr_info("Relogin - closed existing channel %s\n", 2346 ch2->sess_name); 2347 rsp->rsp_flags |= SRP_LOGIN_RSP_MULTICHAN_TERMINATED; 2348 } 2349 } else { 2350 rsp->rsp_flags |= SRP_LOGIN_RSP_MULTICHAN_MAINTAINED; 2351 } 2352 2353 list_add_tail_rcu(&ch->list, &nexus->ch_list); 2354 2355 if (!sport->enabled) { 2356 rej->reason = cpu_to_be32( 2357 SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2358 pr_info("rejected SRP_LOGIN_REQ because target %s_%d is not enabled\n", 2359 dev_name(&sdev->device->dev), port_num); 2360 mutex_unlock(&sport->mutex); 2361 goto reject; 2362 } 2363 2364 mutex_unlock(&sport->mutex); 2365 2366 ret = ch->using_rdma_cm ? 0 : srpt_ch_qp_rtr(ch, ch->qp); 2367 if (ret) { 2368 rej->reason = cpu_to_be32(SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2369 pr_err("rejected SRP_LOGIN_REQ because enabling RTR failed (error code = %d)\n", 2370 ret); 2371 goto reject; 2372 } 2373 2374 pr_debug("Establish connection sess=%p name=%s ch=%p\n", ch->sess, 2375 ch->sess_name, ch); 2376 2377 /* create srp_login_response */ 2378 rsp->opcode = SRP_LOGIN_RSP; 2379 rsp->tag = req->tag; 2380 rsp->max_it_iu_len = cpu_to_be32(srp_max_req_size); 2381 rsp->max_ti_iu_len = req->req_it_iu_len; 2382 ch->max_ti_iu_len = it_iu_len; 2383 rsp->buf_fmt = cpu_to_be16(SRP_BUF_FORMAT_DIRECT | 2384 SRP_BUF_FORMAT_INDIRECT); 2385 rsp->req_lim_delta = cpu_to_be32(ch->rq_size); 2386 atomic_set(&ch->req_lim, ch->rq_size); 2387 atomic_set(&ch->req_lim_delta, 0); 2388 2389 /* create cm reply */ 2390 if (ch->using_rdma_cm) { 2391 rep_param->rdma_cm.private_data = (void *)rsp; 2392 rep_param->rdma_cm.private_data_len = sizeof(*rsp); 2393 rep_param->rdma_cm.rnr_retry_count = 7; 2394 rep_param->rdma_cm.flow_control = 1; 2395 rep_param->rdma_cm.responder_resources = 4; 2396 rep_param->rdma_cm.initiator_depth = 4; 2397 } else { 2398 rep_param->ib_cm.qp_num = ch->qp->qp_num; 2399 rep_param->ib_cm.private_data = (void *)rsp; 2400 rep_param->ib_cm.private_data_len = sizeof(*rsp); 2401 rep_param->ib_cm.rnr_retry_count = 7; 2402 rep_param->ib_cm.flow_control = 1; 2403 rep_param->ib_cm.failover_accepted = 0; 2404 rep_param->ib_cm.srq = 1; 2405 rep_param->ib_cm.responder_resources = 4; 2406 rep_param->ib_cm.initiator_depth = 4; 2407 } 2408 2409 /* 2410 * Hold the sport mutex while accepting a connection to avoid that 2411 * srpt_disconnect_ch() is invoked concurrently with this code. 2412 */ 2413 mutex_lock(&sport->mutex); 2414 if (sport->enabled && ch->state == CH_CONNECTING) { 2415 if (ch->using_rdma_cm) 2416 ret = rdma_accept(rdma_cm_id, &rep_param->rdma_cm); 2417 else 2418 ret = ib_send_cm_rep(ib_cm_id, &rep_param->ib_cm); 2419 } else { 2420 ret = -EINVAL; 2421 } 2422 mutex_unlock(&sport->mutex); 2423 2424 switch (ret) { 2425 case 0: 2426 break; 2427 case -EINVAL: 2428 goto reject; 2429 default: 2430 rej->reason = cpu_to_be32(SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2431 pr_err("sending SRP_LOGIN_REQ response failed (error code = %d)\n", 2432 ret); 2433 goto reject; 2434 } 2435 2436 goto out; 2437 2438 destroy_ib: 2439 srpt_destroy_ch_ib(ch); 2440 2441 free_recv_ring: 2442 srpt_free_ioctx_ring((struct srpt_ioctx **)ch->ioctx_recv_ring, 2443 ch->sport->sdev, ch->rq_size, 2444 ch->req_buf_cache, DMA_FROM_DEVICE); 2445 2446 free_recv_cache: 2447 kmem_cache_destroy(ch->req_buf_cache); 2448 2449 free_rsp_ring: 2450 srpt_free_ioctx_ring((struct srpt_ioctx **)ch->ioctx_ring, 2451 ch->sport->sdev, ch->rq_size, 2452 ch->rsp_buf_cache, DMA_TO_DEVICE); 2453 2454 free_rsp_cache: 2455 kmem_cache_destroy(ch->rsp_buf_cache); 2456 2457 free_ch: 2458 if (rdma_cm_id) 2459 rdma_cm_id->context = NULL; 2460 else 2461 ib_cm_id->context = NULL; 2462 kfree(ch); 2463 ch = NULL; 2464 2465 WARN_ON_ONCE(ret == 0); 2466 2467 reject: 2468 pr_info("Rejecting login with reason %#x\n", be32_to_cpu(rej->reason)); 2469 rej->opcode = SRP_LOGIN_REJ; 2470 rej->tag = req->tag; 2471 rej->buf_fmt = cpu_to_be16(SRP_BUF_FORMAT_DIRECT | 2472 SRP_BUF_FORMAT_INDIRECT); 2473 2474 if (rdma_cm_id) 2475 rdma_reject(rdma_cm_id, rej, sizeof(*rej)); 2476 else 2477 ib_send_cm_rej(ib_cm_id, IB_CM_REJ_CONSUMER_DEFINED, NULL, 0, 2478 rej, sizeof(*rej)); 2479 2480 if (ch && ch->sess) { 2481 srpt_close_ch(ch); 2482 /* 2483 * Tell the caller not to free cm_id since 2484 * srpt_release_channel_work() will do that. 2485 */ 2486 ret = 0; 2487 } 2488 2489 out: 2490 kfree(rep_param); 2491 kfree(rsp); 2492 kfree(rej); 2493 2494 return ret; 2495 } 2496 2497 static int srpt_ib_cm_req_recv(struct ib_cm_id *cm_id, 2498 const struct ib_cm_req_event_param *param, 2499 void *private_data) 2500 { 2501 char sguid[40]; 2502 2503 srpt_format_guid(sguid, sizeof(sguid), 2504 ¶m->primary_path->dgid.global.interface_id); 2505 2506 return srpt_cm_req_recv(cm_id->context, cm_id, NULL, param->port, 2507 param->primary_path->pkey, 2508 private_data, sguid); 2509 } 2510 2511 static int srpt_rdma_cm_req_recv(struct rdma_cm_id *cm_id, 2512 struct rdma_cm_event *event) 2513 { 2514 struct srpt_device *sdev; 2515 struct srp_login_req req; 2516 const struct srp_login_req_rdma *req_rdma; 2517 char src_addr[40]; 2518 2519 sdev = ib_get_client_data(cm_id->device, &srpt_client); 2520 if (!sdev) 2521 return -ECONNREFUSED; 2522 2523 if (event->param.conn.private_data_len < sizeof(*req_rdma)) 2524 return -EINVAL; 2525 2526 /* Transform srp_login_req_rdma into srp_login_req. */ 2527 req_rdma = event->param.conn.private_data; 2528 memset(&req, 0, sizeof(req)); 2529 req.opcode = req_rdma->opcode; 2530 req.tag = req_rdma->tag; 2531 req.req_it_iu_len = req_rdma->req_it_iu_len; 2532 req.req_buf_fmt = req_rdma->req_buf_fmt; 2533 req.req_flags = req_rdma->req_flags; 2534 memcpy(req.initiator_port_id, req_rdma->initiator_port_id, 16); 2535 memcpy(req.target_port_id, req_rdma->target_port_id, 16); 2536 req.imm_data_offset = req_rdma->imm_data_offset; 2537 2538 snprintf(src_addr, sizeof(src_addr), "%pIS", 2539 &cm_id->route.addr.src_addr); 2540 2541 return srpt_cm_req_recv(sdev, NULL, cm_id, cm_id->port_num, 2542 cm_id->route.path_rec->pkey, &req, src_addr); 2543 } 2544 2545 static void srpt_cm_rej_recv(struct srpt_rdma_ch *ch, 2546 enum ib_cm_rej_reason reason, 2547 const u8 *private_data, 2548 u8 private_data_len) 2549 { 2550 char *priv = NULL; 2551 int i; 2552 2553 if (private_data_len && (priv = kmalloc(private_data_len * 3 + 1, 2554 GFP_KERNEL))) { 2555 for (i = 0; i < private_data_len; i++) 2556 sprintf(priv + 3 * i, " %02x", private_data[i]); 2557 } 2558 pr_info("Received CM REJ for ch %s-%d; reason %d%s%s.\n", 2559 ch->sess_name, ch->qp->qp_num, reason, private_data_len ? 2560 "; private data" : "", priv ? priv : " (?)"); 2561 kfree(priv); 2562 } 2563 2564 /** 2565 * srpt_cm_rtu_recv - process an IB_CM_RTU_RECEIVED or USER_ESTABLISHED event 2566 * @ch: SRPT RDMA channel. 2567 * 2568 * An RTU (ready to use) message indicates that the connection has been 2569 * established and that the recipient may begin transmitting. 2570 */ 2571 static void srpt_cm_rtu_recv(struct srpt_rdma_ch *ch) 2572 { 2573 int ret; 2574 2575 ret = ch->using_rdma_cm ? 0 : srpt_ch_qp_rts(ch, ch->qp); 2576 if (ret < 0) { 2577 pr_err("%s-%d: QP transition to RTS failed\n", ch->sess_name, 2578 ch->qp->qp_num); 2579 srpt_close_ch(ch); 2580 return; 2581 } 2582 2583 /* 2584 * Note: calling srpt_close_ch() if the transition to the LIVE state 2585 * fails is not necessary since that means that that function has 2586 * already been invoked from another thread. 2587 */ 2588 if (!srpt_set_ch_state(ch, CH_LIVE)) { 2589 pr_err("%s-%d: channel transition to LIVE state failed\n", 2590 ch->sess_name, ch->qp->qp_num); 2591 return; 2592 } 2593 2594 /* Trigger wait list processing. */ 2595 ret = srpt_zerolength_write(ch); 2596 WARN_ONCE(ret < 0, "%d\n", ret); 2597 } 2598 2599 /** 2600 * srpt_cm_handler - IB connection manager callback function 2601 * @cm_id: IB/CM connection identifier. 2602 * @event: IB/CM event. 2603 * 2604 * A non-zero return value will cause the caller destroy the CM ID. 2605 * 2606 * Note: srpt_cm_handler() must only return a non-zero value when transferring 2607 * ownership of the cm_id to a channel by srpt_cm_req_recv() failed. Returning 2608 * a non-zero value in any other case will trigger a race with the 2609 * ib_destroy_cm_id() call in srpt_release_channel(). 2610 */ 2611 static int srpt_cm_handler(struct ib_cm_id *cm_id, 2612 const struct ib_cm_event *event) 2613 { 2614 struct srpt_rdma_ch *ch = cm_id->context; 2615 int ret; 2616 2617 ret = 0; 2618 switch (event->event) { 2619 case IB_CM_REQ_RECEIVED: 2620 ret = srpt_ib_cm_req_recv(cm_id, &event->param.req_rcvd, 2621 event->private_data); 2622 break; 2623 case IB_CM_REJ_RECEIVED: 2624 srpt_cm_rej_recv(ch, event->param.rej_rcvd.reason, 2625 event->private_data, 2626 IB_CM_REJ_PRIVATE_DATA_SIZE); 2627 break; 2628 case IB_CM_RTU_RECEIVED: 2629 case IB_CM_USER_ESTABLISHED: 2630 srpt_cm_rtu_recv(ch); 2631 break; 2632 case IB_CM_DREQ_RECEIVED: 2633 srpt_disconnect_ch(ch); 2634 break; 2635 case IB_CM_DREP_RECEIVED: 2636 pr_info("Received CM DREP message for ch %s-%d.\n", 2637 ch->sess_name, ch->qp->qp_num); 2638 srpt_close_ch(ch); 2639 break; 2640 case IB_CM_TIMEWAIT_EXIT: 2641 pr_info("Received CM TimeWait exit for ch %s-%d.\n", 2642 ch->sess_name, ch->qp->qp_num); 2643 srpt_close_ch(ch); 2644 break; 2645 case IB_CM_REP_ERROR: 2646 pr_info("Received CM REP error for ch %s-%d.\n", ch->sess_name, 2647 ch->qp->qp_num); 2648 break; 2649 case IB_CM_DREQ_ERROR: 2650 pr_info("Received CM DREQ ERROR event.\n"); 2651 break; 2652 case IB_CM_MRA_RECEIVED: 2653 pr_info("Received CM MRA event\n"); 2654 break; 2655 default: 2656 pr_err("received unrecognized CM event %d\n", event->event); 2657 break; 2658 } 2659 2660 return ret; 2661 } 2662 2663 static int srpt_rdma_cm_handler(struct rdma_cm_id *cm_id, 2664 struct rdma_cm_event *event) 2665 { 2666 struct srpt_rdma_ch *ch = cm_id->context; 2667 int ret = 0; 2668 2669 switch (event->event) { 2670 case RDMA_CM_EVENT_CONNECT_REQUEST: 2671 ret = srpt_rdma_cm_req_recv(cm_id, event); 2672 break; 2673 case RDMA_CM_EVENT_REJECTED: 2674 srpt_cm_rej_recv(ch, event->status, 2675 event->param.conn.private_data, 2676 event->param.conn.private_data_len); 2677 break; 2678 case RDMA_CM_EVENT_ESTABLISHED: 2679 srpt_cm_rtu_recv(ch); 2680 break; 2681 case RDMA_CM_EVENT_DISCONNECTED: 2682 if (ch->state < CH_DISCONNECTING) 2683 srpt_disconnect_ch(ch); 2684 else 2685 srpt_close_ch(ch); 2686 break; 2687 case RDMA_CM_EVENT_TIMEWAIT_EXIT: 2688 srpt_close_ch(ch); 2689 break; 2690 case RDMA_CM_EVENT_UNREACHABLE: 2691 pr_info("Received CM REP error for ch %s-%d.\n", ch->sess_name, 2692 ch->qp->qp_num); 2693 break; 2694 case RDMA_CM_EVENT_DEVICE_REMOVAL: 2695 case RDMA_CM_EVENT_ADDR_CHANGE: 2696 break; 2697 default: 2698 pr_err("received unrecognized RDMA CM event %d\n", 2699 event->event); 2700 break; 2701 } 2702 2703 return ret; 2704 } 2705 2706 static int srpt_write_pending_status(struct se_cmd *se_cmd) 2707 { 2708 struct srpt_send_ioctx *ioctx; 2709 2710 ioctx = container_of(se_cmd, struct srpt_send_ioctx, cmd); 2711 return ioctx->state == SRPT_STATE_NEED_DATA; 2712 } 2713 2714 /* 2715 * srpt_write_pending - Start data transfer from initiator to target (write). 2716 */ 2717 static int srpt_write_pending(struct se_cmd *se_cmd) 2718 { 2719 struct srpt_send_ioctx *ioctx = 2720 container_of(se_cmd, struct srpt_send_ioctx, cmd); 2721 struct srpt_rdma_ch *ch = ioctx->ch; 2722 struct ib_send_wr *first_wr = NULL; 2723 struct ib_cqe *cqe = &ioctx->rdma_cqe; 2724 enum srpt_command_state new_state; 2725 int ret, i; 2726 2727 if (ioctx->recv_ioctx) { 2728 srpt_set_cmd_state(ioctx, SRPT_STATE_DATA_IN); 2729 target_execute_cmd(&ioctx->cmd); 2730 return 0; 2731 } 2732 2733 new_state = srpt_set_cmd_state(ioctx, SRPT_STATE_NEED_DATA); 2734 WARN_ON(new_state == SRPT_STATE_DONE); 2735 2736 if (atomic_sub_return(ioctx->n_rdma, &ch->sq_wr_avail) < 0) { 2737 pr_warn("%s: IB send queue full (needed %d)\n", 2738 __func__, ioctx->n_rdma); 2739 ret = -ENOMEM; 2740 goto out_undo; 2741 } 2742 2743 cqe->done = srpt_rdma_read_done; 2744 for (i = ioctx->n_rw_ctx - 1; i >= 0; i--) { 2745 struct srpt_rw_ctx *ctx = &ioctx->rw_ctxs[i]; 2746 2747 first_wr = rdma_rw_ctx_wrs(&ctx->rw, ch->qp, ch->sport->port, 2748 cqe, first_wr); 2749 cqe = NULL; 2750 } 2751 2752 ret = ib_post_send(ch->qp, first_wr, NULL); 2753 if (ret) { 2754 pr_err("%s: ib_post_send() returned %d for %d (avail: %d)\n", 2755 __func__, ret, ioctx->n_rdma, 2756 atomic_read(&ch->sq_wr_avail)); 2757 goto out_undo; 2758 } 2759 2760 return 0; 2761 out_undo: 2762 atomic_add(ioctx->n_rdma, &ch->sq_wr_avail); 2763 return ret; 2764 } 2765 2766 static u8 tcm_to_srp_tsk_mgmt_status(const int tcm_mgmt_status) 2767 { 2768 switch (tcm_mgmt_status) { 2769 case TMR_FUNCTION_COMPLETE: 2770 return SRP_TSK_MGMT_SUCCESS; 2771 case TMR_FUNCTION_REJECTED: 2772 return SRP_TSK_MGMT_FUNC_NOT_SUPP; 2773 } 2774 return SRP_TSK_MGMT_FAILED; 2775 } 2776 2777 /** 2778 * srpt_queue_response - transmit the response to a SCSI command 2779 * @cmd: SCSI target command. 2780 * 2781 * Callback function called by the TCM core. Must not block since it can be 2782 * invoked on the context of the IB completion handler. 2783 */ 2784 static void srpt_queue_response(struct se_cmd *cmd) 2785 { 2786 struct srpt_send_ioctx *ioctx = 2787 container_of(cmd, struct srpt_send_ioctx, cmd); 2788 struct srpt_rdma_ch *ch = ioctx->ch; 2789 struct srpt_device *sdev = ch->sport->sdev; 2790 struct ib_send_wr send_wr, *first_wr = &send_wr; 2791 struct ib_sge sge; 2792 enum srpt_command_state state; 2793 int resp_len, ret, i; 2794 u8 srp_tm_status; 2795 2796 BUG_ON(!ch); 2797 2798 state = ioctx->state; 2799 switch (state) { 2800 case SRPT_STATE_NEW: 2801 case SRPT_STATE_DATA_IN: 2802 ioctx->state = SRPT_STATE_CMD_RSP_SENT; 2803 break; 2804 case SRPT_STATE_MGMT: 2805 ioctx->state = SRPT_STATE_MGMT_RSP_SENT; 2806 break; 2807 default: 2808 WARN(true, "ch %p; cmd %d: unexpected command state %d\n", 2809 ch, ioctx->ioctx.index, ioctx->state); 2810 break; 2811 } 2812 2813 if (WARN_ON_ONCE(state == SRPT_STATE_CMD_RSP_SENT)) 2814 return; 2815 2816 /* For read commands, transfer the data to the initiator. */ 2817 if (ioctx->cmd.data_direction == DMA_FROM_DEVICE && 2818 ioctx->cmd.data_length && 2819 !ioctx->queue_status_only) { 2820 for (i = ioctx->n_rw_ctx - 1; i >= 0; i--) { 2821 struct srpt_rw_ctx *ctx = &ioctx->rw_ctxs[i]; 2822 2823 first_wr = rdma_rw_ctx_wrs(&ctx->rw, ch->qp, 2824 ch->sport->port, NULL, first_wr); 2825 } 2826 } 2827 2828 if (state != SRPT_STATE_MGMT) 2829 resp_len = srpt_build_cmd_rsp(ch, ioctx, ioctx->cmd.tag, 2830 cmd->scsi_status); 2831 else { 2832 srp_tm_status 2833 = tcm_to_srp_tsk_mgmt_status(cmd->se_tmr_req->response); 2834 resp_len = srpt_build_tskmgmt_rsp(ch, ioctx, srp_tm_status, 2835 ioctx->cmd.tag); 2836 } 2837 2838 atomic_inc(&ch->req_lim); 2839 2840 if (unlikely(atomic_sub_return(1 + ioctx->n_rdma, 2841 &ch->sq_wr_avail) < 0)) { 2842 pr_warn("%s: IB send queue full (needed %d)\n", 2843 __func__, ioctx->n_rdma); 2844 ret = -ENOMEM; 2845 goto out; 2846 } 2847 2848 ib_dma_sync_single_for_device(sdev->device, ioctx->ioctx.dma, resp_len, 2849 DMA_TO_DEVICE); 2850 2851 sge.addr = ioctx->ioctx.dma; 2852 sge.length = resp_len; 2853 sge.lkey = sdev->lkey; 2854 2855 ioctx->ioctx.cqe.done = srpt_send_done; 2856 send_wr.next = NULL; 2857 send_wr.wr_cqe = &ioctx->ioctx.cqe; 2858 send_wr.sg_list = &sge; 2859 send_wr.num_sge = 1; 2860 send_wr.opcode = IB_WR_SEND; 2861 send_wr.send_flags = IB_SEND_SIGNALED; 2862 2863 ret = ib_post_send(ch->qp, first_wr, NULL); 2864 if (ret < 0) { 2865 pr_err("%s: sending cmd response failed for tag %llu (%d)\n", 2866 __func__, ioctx->cmd.tag, ret); 2867 goto out; 2868 } 2869 2870 return; 2871 2872 out: 2873 atomic_add(1 + ioctx->n_rdma, &ch->sq_wr_avail); 2874 atomic_dec(&ch->req_lim); 2875 srpt_set_cmd_state(ioctx, SRPT_STATE_DONE); 2876 target_put_sess_cmd(&ioctx->cmd); 2877 } 2878 2879 static int srpt_queue_data_in(struct se_cmd *cmd) 2880 { 2881 srpt_queue_response(cmd); 2882 return 0; 2883 } 2884 2885 static void srpt_queue_tm_rsp(struct se_cmd *cmd) 2886 { 2887 srpt_queue_response(cmd); 2888 } 2889 2890 static void srpt_aborted_task(struct se_cmd *cmd) 2891 { 2892 } 2893 2894 static int srpt_queue_status(struct se_cmd *cmd) 2895 { 2896 struct srpt_send_ioctx *ioctx; 2897 2898 ioctx = container_of(cmd, struct srpt_send_ioctx, cmd); 2899 BUG_ON(ioctx->sense_data != cmd->sense_buffer); 2900 if (cmd->se_cmd_flags & 2901 (SCF_TRANSPORT_TASK_SENSE | SCF_EMULATED_TASK_SENSE)) 2902 WARN_ON(cmd->scsi_status != SAM_STAT_CHECK_CONDITION); 2903 ioctx->queue_status_only = true; 2904 srpt_queue_response(cmd); 2905 return 0; 2906 } 2907 2908 static void srpt_refresh_port_work(struct work_struct *work) 2909 { 2910 struct srpt_port *sport = container_of(work, struct srpt_port, work); 2911 2912 srpt_refresh_port(sport); 2913 } 2914 2915 static bool srpt_ch_list_empty(struct srpt_port *sport) 2916 { 2917 struct srpt_nexus *nexus; 2918 bool res = true; 2919 2920 rcu_read_lock(); 2921 list_for_each_entry(nexus, &sport->nexus_list, entry) 2922 if (!list_empty(&nexus->ch_list)) 2923 res = false; 2924 rcu_read_unlock(); 2925 2926 return res; 2927 } 2928 2929 /** 2930 * srpt_release_sport - disable login and wait for associated channels 2931 * @sport: SRPT HCA port. 2932 */ 2933 static int srpt_release_sport(struct srpt_port *sport) 2934 { 2935 struct srpt_nexus *nexus, *next_n; 2936 struct srpt_rdma_ch *ch; 2937 2938 WARN_ON_ONCE(irqs_disabled()); 2939 2940 mutex_lock(&sport->mutex); 2941 srpt_set_enabled(sport, false); 2942 mutex_unlock(&sport->mutex); 2943 2944 while (wait_event_timeout(sport->ch_releaseQ, 2945 srpt_ch_list_empty(sport), 5 * HZ) <= 0) { 2946 pr_info("%s_%d: waiting for session unregistration ...\n", 2947 dev_name(&sport->sdev->device->dev), sport->port); 2948 rcu_read_lock(); 2949 list_for_each_entry(nexus, &sport->nexus_list, entry) { 2950 list_for_each_entry(ch, &nexus->ch_list, list) { 2951 pr_info("%s-%d: state %s\n", 2952 ch->sess_name, ch->qp->qp_num, 2953 get_ch_state_name(ch->state)); 2954 } 2955 } 2956 rcu_read_unlock(); 2957 } 2958 2959 mutex_lock(&sport->mutex); 2960 list_for_each_entry_safe(nexus, next_n, &sport->nexus_list, entry) { 2961 list_del(&nexus->entry); 2962 kfree_rcu(nexus, rcu); 2963 } 2964 mutex_unlock(&sport->mutex); 2965 2966 return 0; 2967 } 2968 2969 static struct se_wwn *__srpt_lookup_wwn(const char *name) 2970 { 2971 struct ib_device *dev; 2972 struct srpt_device *sdev; 2973 struct srpt_port *sport; 2974 int i; 2975 2976 list_for_each_entry(sdev, &srpt_dev_list, list) { 2977 dev = sdev->device; 2978 if (!dev) 2979 continue; 2980 2981 for (i = 0; i < dev->phys_port_cnt; i++) { 2982 sport = &sdev->port[i]; 2983 2984 if (strcmp(sport->port_guid, name) == 0) 2985 return &sport->port_guid_wwn; 2986 if (strcmp(sport->port_gid, name) == 0) 2987 return &sport->port_gid_wwn; 2988 } 2989 } 2990 2991 return NULL; 2992 } 2993 2994 static struct se_wwn *srpt_lookup_wwn(const char *name) 2995 { 2996 struct se_wwn *wwn; 2997 2998 spin_lock(&srpt_dev_lock); 2999 wwn = __srpt_lookup_wwn(name); 3000 spin_unlock(&srpt_dev_lock); 3001 3002 return wwn; 3003 } 3004 3005 static void srpt_free_srq(struct srpt_device *sdev) 3006 { 3007 if (!sdev->srq) 3008 return; 3009 3010 ib_destroy_srq(sdev->srq); 3011 srpt_free_ioctx_ring((struct srpt_ioctx **)sdev->ioctx_ring, sdev, 3012 sdev->srq_size, sdev->req_buf_cache, 3013 DMA_FROM_DEVICE); 3014 kmem_cache_destroy(sdev->req_buf_cache); 3015 sdev->srq = NULL; 3016 } 3017 3018 static int srpt_alloc_srq(struct srpt_device *sdev) 3019 { 3020 struct ib_srq_init_attr srq_attr = { 3021 .event_handler = srpt_srq_event, 3022 .srq_context = (void *)sdev, 3023 .attr.max_wr = sdev->srq_size, 3024 .attr.max_sge = 1, 3025 .srq_type = IB_SRQT_BASIC, 3026 }; 3027 struct ib_device *device = sdev->device; 3028 struct ib_srq *srq; 3029 int i; 3030 3031 WARN_ON_ONCE(sdev->srq); 3032 srq = ib_create_srq(sdev->pd, &srq_attr); 3033 if (IS_ERR(srq)) { 3034 pr_debug("ib_create_srq() failed: %ld\n", PTR_ERR(srq)); 3035 return PTR_ERR(srq); 3036 } 3037 3038 pr_debug("create SRQ #wr= %d max_allow=%d dev= %s\n", sdev->srq_size, 3039 sdev->device->attrs.max_srq_wr, dev_name(&device->dev)); 3040 3041 sdev->req_buf_cache = kmem_cache_create("srpt-srq-req-buf", 3042 srp_max_req_size, 0, 0, NULL); 3043 if (!sdev->req_buf_cache) 3044 goto free_srq; 3045 3046 sdev->ioctx_ring = (struct srpt_recv_ioctx **) 3047 srpt_alloc_ioctx_ring(sdev, sdev->srq_size, 3048 sizeof(*sdev->ioctx_ring[0]), 3049 sdev->req_buf_cache, 0, DMA_FROM_DEVICE); 3050 if (!sdev->ioctx_ring) 3051 goto free_cache; 3052 3053 sdev->use_srq = true; 3054 sdev->srq = srq; 3055 3056 for (i = 0; i < sdev->srq_size; ++i) { 3057 INIT_LIST_HEAD(&sdev->ioctx_ring[i]->wait_list); 3058 srpt_post_recv(sdev, NULL, sdev->ioctx_ring[i]); 3059 } 3060 3061 return 0; 3062 3063 free_cache: 3064 kmem_cache_destroy(sdev->req_buf_cache); 3065 3066 free_srq: 3067 ib_destroy_srq(srq); 3068 return -ENOMEM; 3069 } 3070 3071 static int srpt_use_srq(struct srpt_device *sdev, bool use_srq) 3072 { 3073 struct ib_device *device = sdev->device; 3074 int ret = 0; 3075 3076 if (!use_srq) { 3077 srpt_free_srq(sdev); 3078 sdev->use_srq = false; 3079 } else if (use_srq && !sdev->srq) { 3080 ret = srpt_alloc_srq(sdev); 3081 } 3082 pr_debug("%s(%s): use_srq = %d; ret = %d\n", __func__, 3083 dev_name(&device->dev), sdev->use_srq, ret); 3084 return ret; 3085 } 3086 3087 /** 3088 * srpt_add_one - InfiniBand device addition callback function 3089 * @device: Describes a HCA. 3090 */ 3091 static void srpt_add_one(struct ib_device *device) 3092 { 3093 struct srpt_device *sdev; 3094 struct srpt_port *sport; 3095 int i, ret; 3096 3097 pr_debug("device = %p\n", device); 3098 3099 sdev = kzalloc(struct_size(sdev, port, device->phys_port_cnt), 3100 GFP_KERNEL); 3101 if (!sdev) 3102 goto err; 3103 3104 sdev->device = device; 3105 mutex_init(&sdev->sdev_mutex); 3106 3107 sdev->pd = ib_alloc_pd(device, 0); 3108 if (IS_ERR(sdev->pd)) 3109 goto free_dev; 3110 3111 sdev->lkey = sdev->pd->local_dma_lkey; 3112 3113 sdev->srq_size = min(srpt_srq_size, sdev->device->attrs.max_srq_wr); 3114 3115 srpt_use_srq(sdev, sdev->port[0].port_attrib.use_srq); 3116 3117 if (!srpt_service_guid) 3118 srpt_service_guid = be64_to_cpu(device->node_guid); 3119 3120 if (rdma_port_get_link_layer(device, 1) == IB_LINK_LAYER_INFINIBAND) 3121 sdev->cm_id = ib_create_cm_id(device, srpt_cm_handler, sdev); 3122 if (IS_ERR(sdev->cm_id)) { 3123 pr_info("ib_create_cm_id() failed: %ld\n", 3124 PTR_ERR(sdev->cm_id)); 3125 sdev->cm_id = NULL; 3126 if (!rdma_cm_id) 3127 goto err_ring; 3128 } 3129 3130 /* print out target login information */ 3131 pr_debug("Target login info: id_ext=%016llx,ioc_guid=%016llx,pkey=ffff,service_id=%016llx\n", 3132 srpt_service_guid, srpt_service_guid, srpt_service_guid); 3133 3134 /* 3135 * We do not have a consistent service_id (ie. also id_ext of target_id) 3136 * to identify this target. We currently use the guid of the first HCA 3137 * in the system as service_id; therefore, the target_id will change 3138 * if this HCA is gone bad and replaced by different HCA 3139 */ 3140 ret = sdev->cm_id ? 3141 ib_cm_listen(sdev->cm_id, cpu_to_be64(srpt_service_guid), 0) : 3142 0; 3143 if (ret < 0) { 3144 pr_err("ib_cm_listen() failed: %d (cm_id state = %d)\n", ret, 3145 sdev->cm_id->state); 3146 goto err_cm; 3147 } 3148 3149 INIT_IB_EVENT_HANDLER(&sdev->event_handler, sdev->device, 3150 srpt_event_handler); 3151 ib_register_event_handler(&sdev->event_handler); 3152 3153 for (i = 1; i <= sdev->device->phys_port_cnt; i++) { 3154 sport = &sdev->port[i - 1]; 3155 INIT_LIST_HEAD(&sport->nexus_list); 3156 init_waitqueue_head(&sport->ch_releaseQ); 3157 mutex_init(&sport->mutex); 3158 sport->sdev = sdev; 3159 sport->port = i; 3160 sport->port_attrib.srp_max_rdma_size = DEFAULT_MAX_RDMA_SIZE; 3161 sport->port_attrib.srp_max_rsp_size = DEFAULT_MAX_RSP_SIZE; 3162 sport->port_attrib.srp_sq_size = DEF_SRPT_SQ_SIZE; 3163 sport->port_attrib.use_srq = false; 3164 INIT_WORK(&sport->work, srpt_refresh_port_work); 3165 3166 if (srpt_refresh_port(sport)) { 3167 pr_err("MAD registration failed for %s-%d.\n", 3168 dev_name(&sdev->device->dev), i); 3169 goto err_event; 3170 } 3171 } 3172 3173 spin_lock(&srpt_dev_lock); 3174 list_add_tail(&sdev->list, &srpt_dev_list); 3175 spin_unlock(&srpt_dev_lock); 3176 3177 out: 3178 ib_set_client_data(device, &srpt_client, sdev); 3179 pr_debug("added %s.\n", dev_name(&device->dev)); 3180 return; 3181 3182 err_event: 3183 ib_unregister_event_handler(&sdev->event_handler); 3184 err_cm: 3185 if (sdev->cm_id) 3186 ib_destroy_cm_id(sdev->cm_id); 3187 err_ring: 3188 srpt_free_srq(sdev); 3189 ib_dealloc_pd(sdev->pd); 3190 free_dev: 3191 kfree(sdev); 3192 err: 3193 sdev = NULL; 3194 pr_info("%s(%s) failed.\n", __func__, dev_name(&device->dev)); 3195 goto out; 3196 } 3197 3198 /** 3199 * srpt_remove_one - InfiniBand device removal callback function 3200 * @device: Describes a HCA. 3201 * @client_data: The value passed as the third argument to ib_set_client_data(). 3202 */ 3203 static void srpt_remove_one(struct ib_device *device, void *client_data) 3204 { 3205 struct srpt_device *sdev = client_data; 3206 int i; 3207 3208 if (!sdev) { 3209 pr_info("%s(%s): nothing to do.\n", __func__, 3210 dev_name(&device->dev)); 3211 return; 3212 } 3213 3214 srpt_unregister_mad_agent(sdev); 3215 3216 ib_unregister_event_handler(&sdev->event_handler); 3217 3218 /* Cancel any work queued by the just unregistered IB event handler. */ 3219 for (i = 0; i < sdev->device->phys_port_cnt; i++) 3220 cancel_work_sync(&sdev->port[i].work); 3221 3222 if (sdev->cm_id) 3223 ib_destroy_cm_id(sdev->cm_id); 3224 3225 ib_set_client_data(device, &srpt_client, NULL); 3226 3227 /* 3228 * Unregistering a target must happen after destroying sdev->cm_id 3229 * such that no new SRP_LOGIN_REQ information units can arrive while 3230 * destroying the target. 3231 */ 3232 spin_lock(&srpt_dev_lock); 3233 list_del(&sdev->list); 3234 spin_unlock(&srpt_dev_lock); 3235 3236 for (i = 0; i < sdev->device->phys_port_cnt; i++) 3237 srpt_release_sport(&sdev->port[i]); 3238 3239 srpt_free_srq(sdev); 3240 3241 ib_dealloc_pd(sdev->pd); 3242 3243 kfree(sdev); 3244 } 3245 3246 static struct ib_client srpt_client = { 3247 .name = DRV_NAME, 3248 .add = srpt_add_one, 3249 .remove = srpt_remove_one 3250 }; 3251 3252 static int srpt_check_true(struct se_portal_group *se_tpg) 3253 { 3254 return 1; 3255 } 3256 3257 static int srpt_check_false(struct se_portal_group *se_tpg) 3258 { 3259 return 0; 3260 } 3261 3262 static struct srpt_port *srpt_tpg_to_sport(struct se_portal_group *tpg) 3263 { 3264 return tpg->se_tpg_wwn->priv; 3265 } 3266 3267 static char *srpt_get_fabric_wwn(struct se_portal_group *tpg) 3268 { 3269 struct srpt_port *sport = srpt_tpg_to_sport(tpg); 3270 3271 WARN_ON_ONCE(tpg != &sport->port_guid_tpg && 3272 tpg != &sport->port_gid_tpg); 3273 return tpg == &sport->port_guid_tpg ? sport->port_guid : 3274 sport->port_gid; 3275 } 3276 3277 static u16 srpt_get_tag(struct se_portal_group *tpg) 3278 { 3279 return 1; 3280 } 3281 3282 static u32 srpt_tpg_get_inst_index(struct se_portal_group *se_tpg) 3283 { 3284 return 1; 3285 } 3286 3287 static void srpt_release_cmd(struct se_cmd *se_cmd) 3288 { 3289 struct srpt_send_ioctx *ioctx = container_of(se_cmd, 3290 struct srpt_send_ioctx, cmd); 3291 struct srpt_rdma_ch *ch = ioctx->ch; 3292 struct srpt_recv_ioctx *recv_ioctx = ioctx->recv_ioctx; 3293 unsigned long flags; 3294 3295 WARN_ON_ONCE(ioctx->state != SRPT_STATE_DONE && 3296 !(ioctx->cmd.transport_state & CMD_T_ABORTED)); 3297 3298 if (recv_ioctx) { 3299 WARN_ON_ONCE(!list_empty(&recv_ioctx->wait_list)); 3300 ioctx->recv_ioctx = NULL; 3301 srpt_post_recv(ch->sport->sdev, ch, recv_ioctx); 3302 } 3303 3304 if (ioctx->n_rw_ctx) { 3305 srpt_free_rw_ctxs(ch, ioctx); 3306 ioctx->n_rw_ctx = 0; 3307 } 3308 3309 spin_lock_irqsave(&ch->spinlock, flags); 3310 list_add(&ioctx->free_list, &ch->free_list); 3311 spin_unlock_irqrestore(&ch->spinlock, flags); 3312 } 3313 3314 /** 3315 * srpt_close_session - forcibly close a session 3316 * @se_sess: SCSI target session. 3317 * 3318 * Callback function invoked by the TCM core to clean up sessions associated 3319 * with a node ACL when the user invokes 3320 * rmdir /sys/kernel/config/target/$driver/$port/$tpg/acls/$i_port_id 3321 */ 3322 static void srpt_close_session(struct se_session *se_sess) 3323 { 3324 struct srpt_rdma_ch *ch = se_sess->fabric_sess_ptr; 3325 3326 srpt_disconnect_ch_sync(ch); 3327 } 3328 3329 /** 3330 * srpt_sess_get_index - return the value of scsiAttIntrPortIndex (SCSI-MIB) 3331 * @se_sess: SCSI target session. 3332 * 3333 * A quote from RFC 4455 (SCSI-MIB) about this MIB object: 3334 * This object represents an arbitrary integer used to uniquely identify a 3335 * particular attached remote initiator port to a particular SCSI target port 3336 * within a particular SCSI target device within a particular SCSI instance. 3337 */ 3338 static u32 srpt_sess_get_index(struct se_session *se_sess) 3339 { 3340 return 0; 3341 } 3342 3343 static void srpt_set_default_node_attrs(struct se_node_acl *nacl) 3344 { 3345 } 3346 3347 /* Note: only used from inside debug printk's by the TCM core. */ 3348 static int srpt_get_tcm_cmd_state(struct se_cmd *se_cmd) 3349 { 3350 struct srpt_send_ioctx *ioctx; 3351 3352 ioctx = container_of(se_cmd, struct srpt_send_ioctx, cmd); 3353 return ioctx->state; 3354 } 3355 3356 static int srpt_parse_guid(u64 *guid, const char *name) 3357 { 3358 u16 w[4]; 3359 int ret = -EINVAL; 3360 3361 if (sscanf(name, "%hx:%hx:%hx:%hx", &w[0], &w[1], &w[2], &w[3]) != 4) 3362 goto out; 3363 *guid = get_unaligned_be64(w); 3364 ret = 0; 3365 out: 3366 return ret; 3367 } 3368 3369 /** 3370 * srpt_parse_i_port_id - parse an initiator port ID 3371 * @name: ASCII representation of a 128-bit initiator port ID. 3372 * @i_port_id: Binary 128-bit port ID. 3373 */ 3374 static int srpt_parse_i_port_id(u8 i_port_id[16], const char *name) 3375 { 3376 const char *p; 3377 unsigned len, count, leading_zero_bytes; 3378 int ret; 3379 3380 p = name; 3381 if (strncasecmp(p, "0x", 2) == 0) 3382 p += 2; 3383 ret = -EINVAL; 3384 len = strlen(p); 3385 if (len % 2) 3386 goto out; 3387 count = min(len / 2, 16U); 3388 leading_zero_bytes = 16 - count; 3389 memset(i_port_id, 0, leading_zero_bytes); 3390 ret = hex2bin(i_port_id + leading_zero_bytes, p, count); 3391 3392 out: 3393 return ret; 3394 } 3395 3396 /* 3397 * configfs callback function invoked for mkdir 3398 * /sys/kernel/config/target/$driver/$port/$tpg/acls/$i_port_id 3399 * 3400 * i_port_id must be an initiator port GUID, GID or IP address. See also the 3401 * target_alloc_session() calls in this driver. Examples of valid initiator 3402 * port IDs: 3403 * 0x0000000000000000505400fffe4a0b7b 3404 * 0000000000000000505400fffe4a0b7b 3405 * 5054:00ff:fe4a:0b7b 3406 * 192.168.122.76 3407 */ 3408 static int srpt_init_nodeacl(struct se_node_acl *se_nacl, const char *name) 3409 { 3410 struct sockaddr_storage sa; 3411 u64 guid; 3412 u8 i_port_id[16]; 3413 int ret; 3414 3415 ret = srpt_parse_guid(&guid, name); 3416 if (ret < 0) 3417 ret = srpt_parse_i_port_id(i_port_id, name); 3418 if (ret < 0) 3419 ret = inet_pton_with_scope(&init_net, AF_UNSPEC, name, NULL, 3420 &sa); 3421 if (ret < 0) 3422 pr_err("invalid initiator port ID %s\n", name); 3423 return ret; 3424 } 3425 3426 static ssize_t srpt_tpg_attrib_srp_max_rdma_size_show(struct config_item *item, 3427 char *page) 3428 { 3429 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3430 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg); 3431 3432 return sprintf(page, "%u\n", sport->port_attrib.srp_max_rdma_size); 3433 } 3434 3435 static ssize_t srpt_tpg_attrib_srp_max_rdma_size_store(struct config_item *item, 3436 const char *page, size_t count) 3437 { 3438 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3439 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg); 3440 unsigned long val; 3441 int ret; 3442 3443 ret = kstrtoul(page, 0, &val); 3444 if (ret < 0) { 3445 pr_err("kstrtoul() failed with ret: %d\n", ret); 3446 return -EINVAL; 3447 } 3448 if (val > MAX_SRPT_RDMA_SIZE) { 3449 pr_err("val: %lu exceeds MAX_SRPT_RDMA_SIZE: %d\n", val, 3450 MAX_SRPT_RDMA_SIZE); 3451 return -EINVAL; 3452 } 3453 if (val < DEFAULT_MAX_RDMA_SIZE) { 3454 pr_err("val: %lu smaller than DEFAULT_MAX_RDMA_SIZE: %d\n", 3455 val, DEFAULT_MAX_RDMA_SIZE); 3456 return -EINVAL; 3457 } 3458 sport->port_attrib.srp_max_rdma_size = val; 3459 3460 return count; 3461 } 3462 3463 static ssize_t srpt_tpg_attrib_srp_max_rsp_size_show(struct config_item *item, 3464 char *page) 3465 { 3466 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3467 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg); 3468 3469 return sprintf(page, "%u\n", sport->port_attrib.srp_max_rsp_size); 3470 } 3471 3472 static ssize_t srpt_tpg_attrib_srp_max_rsp_size_store(struct config_item *item, 3473 const char *page, size_t count) 3474 { 3475 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3476 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg); 3477 unsigned long val; 3478 int ret; 3479 3480 ret = kstrtoul(page, 0, &val); 3481 if (ret < 0) { 3482 pr_err("kstrtoul() failed with ret: %d\n", ret); 3483 return -EINVAL; 3484 } 3485 if (val > MAX_SRPT_RSP_SIZE) { 3486 pr_err("val: %lu exceeds MAX_SRPT_RSP_SIZE: %d\n", val, 3487 MAX_SRPT_RSP_SIZE); 3488 return -EINVAL; 3489 } 3490 if (val < MIN_MAX_RSP_SIZE) { 3491 pr_err("val: %lu smaller than MIN_MAX_RSP_SIZE: %d\n", val, 3492 MIN_MAX_RSP_SIZE); 3493 return -EINVAL; 3494 } 3495 sport->port_attrib.srp_max_rsp_size = val; 3496 3497 return count; 3498 } 3499 3500 static ssize_t srpt_tpg_attrib_srp_sq_size_show(struct config_item *item, 3501 char *page) 3502 { 3503 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3504 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg); 3505 3506 return sprintf(page, "%u\n", sport->port_attrib.srp_sq_size); 3507 } 3508 3509 static ssize_t srpt_tpg_attrib_srp_sq_size_store(struct config_item *item, 3510 const char *page, size_t count) 3511 { 3512 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3513 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg); 3514 unsigned long val; 3515 int ret; 3516 3517 ret = kstrtoul(page, 0, &val); 3518 if (ret < 0) { 3519 pr_err("kstrtoul() failed with ret: %d\n", ret); 3520 return -EINVAL; 3521 } 3522 if (val > MAX_SRPT_SRQ_SIZE) { 3523 pr_err("val: %lu exceeds MAX_SRPT_SRQ_SIZE: %d\n", val, 3524 MAX_SRPT_SRQ_SIZE); 3525 return -EINVAL; 3526 } 3527 if (val < MIN_SRPT_SRQ_SIZE) { 3528 pr_err("val: %lu smaller than MIN_SRPT_SRQ_SIZE: %d\n", val, 3529 MIN_SRPT_SRQ_SIZE); 3530 return -EINVAL; 3531 } 3532 sport->port_attrib.srp_sq_size = val; 3533 3534 return count; 3535 } 3536 3537 static ssize_t srpt_tpg_attrib_use_srq_show(struct config_item *item, 3538 char *page) 3539 { 3540 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3541 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg); 3542 3543 return sprintf(page, "%d\n", sport->port_attrib.use_srq); 3544 } 3545 3546 static ssize_t srpt_tpg_attrib_use_srq_store(struct config_item *item, 3547 const char *page, size_t count) 3548 { 3549 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3550 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg); 3551 struct srpt_device *sdev = sport->sdev; 3552 unsigned long val; 3553 bool enabled; 3554 int ret; 3555 3556 ret = kstrtoul(page, 0, &val); 3557 if (ret < 0) 3558 return ret; 3559 if (val != !!val) 3560 return -EINVAL; 3561 3562 ret = mutex_lock_interruptible(&sdev->sdev_mutex); 3563 if (ret < 0) 3564 return ret; 3565 ret = mutex_lock_interruptible(&sport->mutex); 3566 if (ret < 0) 3567 goto unlock_sdev; 3568 enabled = sport->enabled; 3569 /* Log out all initiator systems before changing 'use_srq'. */ 3570 srpt_set_enabled(sport, false); 3571 sport->port_attrib.use_srq = val; 3572 srpt_use_srq(sdev, sport->port_attrib.use_srq); 3573 srpt_set_enabled(sport, enabled); 3574 ret = count; 3575 mutex_unlock(&sport->mutex); 3576 unlock_sdev: 3577 mutex_unlock(&sdev->sdev_mutex); 3578 3579 return ret; 3580 } 3581 3582 CONFIGFS_ATTR(srpt_tpg_attrib_, srp_max_rdma_size); 3583 CONFIGFS_ATTR(srpt_tpg_attrib_, srp_max_rsp_size); 3584 CONFIGFS_ATTR(srpt_tpg_attrib_, srp_sq_size); 3585 CONFIGFS_ATTR(srpt_tpg_attrib_, use_srq); 3586 3587 static struct configfs_attribute *srpt_tpg_attrib_attrs[] = { 3588 &srpt_tpg_attrib_attr_srp_max_rdma_size, 3589 &srpt_tpg_attrib_attr_srp_max_rsp_size, 3590 &srpt_tpg_attrib_attr_srp_sq_size, 3591 &srpt_tpg_attrib_attr_use_srq, 3592 NULL, 3593 }; 3594 3595 static struct rdma_cm_id *srpt_create_rdma_id(struct sockaddr *listen_addr) 3596 { 3597 struct rdma_cm_id *rdma_cm_id; 3598 int ret; 3599 3600 rdma_cm_id = rdma_create_id(&init_net, srpt_rdma_cm_handler, 3601 NULL, RDMA_PS_TCP, IB_QPT_RC); 3602 if (IS_ERR(rdma_cm_id)) { 3603 pr_err("RDMA/CM ID creation failed: %ld\n", 3604 PTR_ERR(rdma_cm_id)); 3605 goto out; 3606 } 3607 3608 ret = rdma_bind_addr(rdma_cm_id, listen_addr); 3609 if (ret) { 3610 char addr_str[64]; 3611 3612 snprintf(addr_str, sizeof(addr_str), "%pISp", listen_addr); 3613 pr_err("Binding RDMA/CM ID to address %s failed: %d\n", 3614 addr_str, ret); 3615 rdma_destroy_id(rdma_cm_id); 3616 rdma_cm_id = ERR_PTR(ret); 3617 goto out; 3618 } 3619 3620 ret = rdma_listen(rdma_cm_id, 128); 3621 if (ret) { 3622 pr_err("rdma_listen() failed: %d\n", ret); 3623 rdma_destroy_id(rdma_cm_id); 3624 rdma_cm_id = ERR_PTR(ret); 3625 } 3626 3627 out: 3628 return rdma_cm_id; 3629 } 3630 3631 static ssize_t srpt_rdma_cm_port_show(struct config_item *item, char *page) 3632 { 3633 return sprintf(page, "%d\n", rdma_cm_port); 3634 } 3635 3636 static ssize_t srpt_rdma_cm_port_store(struct config_item *item, 3637 const char *page, size_t count) 3638 { 3639 struct sockaddr_in addr4 = { .sin_family = AF_INET }; 3640 struct sockaddr_in6 addr6 = { .sin6_family = AF_INET6 }; 3641 struct rdma_cm_id *new_id = NULL; 3642 u16 val; 3643 int ret; 3644 3645 ret = kstrtou16(page, 0, &val); 3646 if (ret < 0) 3647 return ret; 3648 ret = count; 3649 if (rdma_cm_port == val) 3650 goto out; 3651 3652 if (val) { 3653 addr6.sin6_port = cpu_to_be16(val); 3654 new_id = srpt_create_rdma_id((struct sockaddr *)&addr6); 3655 if (IS_ERR(new_id)) { 3656 addr4.sin_port = cpu_to_be16(val); 3657 new_id = srpt_create_rdma_id((struct sockaddr *)&addr4); 3658 if (IS_ERR(new_id)) { 3659 ret = PTR_ERR(new_id); 3660 goto out; 3661 } 3662 } 3663 } 3664 3665 mutex_lock(&rdma_cm_mutex); 3666 rdma_cm_port = val; 3667 swap(rdma_cm_id, new_id); 3668 mutex_unlock(&rdma_cm_mutex); 3669 3670 if (new_id) 3671 rdma_destroy_id(new_id); 3672 ret = count; 3673 out: 3674 return ret; 3675 } 3676 3677 CONFIGFS_ATTR(srpt_, rdma_cm_port); 3678 3679 static struct configfs_attribute *srpt_da_attrs[] = { 3680 &srpt_attr_rdma_cm_port, 3681 NULL, 3682 }; 3683 3684 static ssize_t srpt_tpg_enable_show(struct config_item *item, char *page) 3685 { 3686 struct se_portal_group *se_tpg = to_tpg(item); 3687 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg); 3688 3689 return snprintf(page, PAGE_SIZE, "%d\n", sport->enabled); 3690 } 3691 3692 static ssize_t srpt_tpg_enable_store(struct config_item *item, 3693 const char *page, size_t count) 3694 { 3695 struct se_portal_group *se_tpg = to_tpg(item); 3696 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg); 3697 unsigned long tmp; 3698 int ret; 3699 3700 ret = kstrtoul(page, 0, &tmp); 3701 if (ret < 0) { 3702 pr_err("Unable to extract srpt_tpg_store_enable\n"); 3703 return -EINVAL; 3704 } 3705 3706 if ((tmp != 0) && (tmp != 1)) { 3707 pr_err("Illegal value for srpt_tpg_store_enable: %lu\n", tmp); 3708 return -EINVAL; 3709 } 3710 3711 mutex_lock(&sport->mutex); 3712 srpt_set_enabled(sport, tmp); 3713 mutex_unlock(&sport->mutex); 3714 3715 return count; 3716 } 3717 3718 CONFIGFS_ATTR(srpt_tpg_, enable); 3719 3720 static struct configfs_attribute *srpt_tpg_attrs[] = { 3721 &srpt_tpg_attr_enable, 3722 NULL, 3723 }; 3724 3725 /** 3726 * srpt_make_tpg - configfs callback invoked for mkdir /sys/kernel/config/target/$driver/$port/$tpg 3727 * @wwn: Corresponds to $driver/$port. 3728 * @name: $tpg. 3729 */ 3730 static struct se_portal_group *srpt_make_tpg(struct se_wwn *wwn, 3731 const char *name) 3732 { 3733 struct srpt_port *sport = wwn->priv; 3734 struct se_portal_group *tpg; 3735 int res; 3736 3737 WARN_ON_ONCE(wwn != &sport->port_guid_wwn && 3738 wwn != &sport->port_gid_wwn); 3739 tpg = wwn == &sport->port_guid_wwn ? &sport->port_guid_tpg : 3740 &sport->port_gid_tpg; 3741 res = core_tpg_register(wwn, tpg, SCSI_PROTOCOL_SRP); 3742 if (res) 3743 return ERR_PTR(res); 3744 3745 return tpg; 3746 } 3747 3748 /** 3749 * srpt_drop_tpg - configfs callback invoked for rmdir /sys/kernel/config/target/$driver/$port/$tpg 3750 * @tpg: Target portal group to deregister. 3751 */ 3752 static void srpt_drop_tpg(struct se_portal_group *tpg) 3753 { 3754 struct srpt_port *sport = srpt_tpg_to_sport(tpg); 3755 3756 sport->enabled = false; 3757 core_tpg_deregister(tpg); 3758 } 3759 3760 /** 3761 * srpt_make_tport - configfs callback invoked for mkdir /sys/kernel/config/target/$driver/$port 3762 * @tf: Not used. 3763 * @group: Not used. 3764 * @name: $port. 3765 */ 3766 static struct se_wwn *srpt_make_tport(struct target_fabric_configfs *tf, 3767 struct config_group *group, 3768 const char *name) 3769 { 3770 return srpt_lookup_wwn(name) ? : ERR_PTR(-EINVAL); 3771 } 3772 3773 /** 3774 * srpt_drop_tport - configfs callback invoked for rmdir /sys/kernel/config/target/$driver/$port 3775 * @wwn: $port. 3776 */ 3777 static void srpt_drop_tport(struct se_wwn *wwn) 3778 { 3779 } 3780 3781 static ssize_t srpt_wwn_version_show(struct config_item *item, char *buf) 3782 { 3783 return scnprintf(buf, PAGE_SIZE, "\n"); 3784 } 3785 3786 CONFIGFS_ATTR_RO(srpt_wwn_, version); 3787 3788 static struct configfs_attribute *srpt_wwn_attrs[] = { 3789 &srpt_wwn_attr_version, 3790 NULL, 3791 }; 3792 3793 static const struct target_core_fabric_ops srpt_template = { 3794 .module = THIS_MODULE, 3795 .fabric_name = "srpt", 3796 .tpg_get_wwn = srpt_get_fabric_wwn, 3797 .tpg_get_tag = srpt_get_tag, 3798 .tpg_check_demo_mode = srpt_check_false, 3799 .tpg_check_demo_mode_cache = srpt_check_true, 3800 .tpg_check_demo_mode_write_protect = srpt_check_true, 3801 .tpg_check_prod_mode_write_protect = srpt_check_false, 3802 .tpg_get_inst_index = srpt_tpg_get_inst_index, 3803 .release_cmd = srpt_release_cmd, 3804 .check_stop_free = srpt_check_stop_free, 3805 .close_session = srpt_close_session, 3806 .sess_get_index = srpt_sess_get_index, 3807 .sess_get_initiator_sid = NULL, 3808 .write_pending = srpt_write_pending, 3809 .write_pending_status = srpt_write_pending_status, 3810 .set_default_node_attributes = srpt_set_default_node_attrs, 3811 .get_cmd_state = srpt_get_tcm_cmd_state, 3812 .queue_data_in = srpt_queue_data_in, 3813 .queue_status = srpt_queue_status, 3814 .queue_tm_rsp = srpt_queue_tm_rsp, 3815 .aborted_task = srpt_aborted_task, 3816 /* 3817 * Setup function pointers for generic logic in 3818 * target_core_fabric_configfs.c 3819 */ 3820 .fabric_make_wwn = srpt_make_tport, 3821 .fabric_drop_wwn = srpt_drop_tport, 3822 .fabric_make_tpg = srpt_make_tpg, 3823 .fabric_drop_tpg = srpt_drop_tpg, 3824 .fabric_init_nodeacl = srpt_init_nodeacl, 3825 3826 .tfc_discovery_attrs = srpt_da_attrs, 3827 .tfc_wwn_attrs = srpt_wwn_attrs, 3828 .tfc_tpg_base_attrs = srpt_tpg_attrs, 3829 .tfc_tpg_attrib_attrs = srpt_tpg_attrib_attrs, 3830 }; 3831 3832 /** 3833 * srpt_init_module - kernel module initialization 3834 * 3835 * Note: Since ib_register_client() registers callback functions, and since at 3836 * least one of these callback functions (srpt_add_one()) calls target core 3837 * functions, this driver must be registered with the target core before 3838 * ib_register_client() is called. 3839 */ 3840 static int __init srpt_init_module(void) 3841 { 3842 int ret; 3843 3844 ret = -EINVAL; 3845 if (srp_max_req_size < MIN_MAX_REQ_SIZE) { 3846 pr_err("invalid value %d for kernel module parameter srp_max_req_size -- must be at least %d.\n", 3847 srp_max_req_size, MIN_MAX_REQ_SIZE); 3848 goto out; 3849 } 3850 3851 if (srpt_srq_size < MIN_SRPT_SRQ_SIZE 3852 || srpt_srq_size > MAX_SRPT_SRQ_SIZE) { 3853 pr_err("invalid value %d for kernel module parameter srpt_srq_size -- must be in the range [%d..%d].\n", 3854 srpt_srq_size, MIN_SRPT_SRQ_SIZE, MAX_SRPT_SRQ_SIZE); 3855 goto out; 3856 } 3857 3858 ret = target_register_template(&srpt_template); 3859 if (ret) 3860 goto out; 3861 3862 ret = ib_register_client(&srpt_client); 3863 if (ret) { 3864 pr_err("couldn't register IB client\n"); 3865 goto out_unregister_target; 3866 } 3867 3868 return 0; 3869 3870 out_unregister_target: 3871 target_unregister_template(&srpt_template); 3872 out: 3873 return ret; 3874 } 3875 3876 static void __exit srpt_cleanup_module(void) 3877 { 3878 if (rdma_cm_id) 3879 rdma_destroy_id(rdma_cm_id); 3880 ib_unregister_client(&srpt_client); 3881 target_unregister_template(&srpt_template); 3882 } 3883 3884 module_init(srpt_init_module); 3885 module_exit(srpt_cleanup_module); 3886