1 /* 2 * Copyright (c) 2006 - 2009 Mellanox Technology Inc. All rights reserved. 3 * Copyright (C) 2008 - 2011 Bart Van Assche <bvanassche@acm.org>. 4 * 5 * This software is available to you under a choice of one of two 6 * licenses. You may choose to be licensed under the terms of the GNU 7 * General Public License (GPL) Version 2, available from the file 8 * COPYING in the main directory of this source tree, or the 9 * OpenIB.org BSD license below: 10 * 11 * Redistribution and use in source and binary forms, with or 12 * without modification, are permitted provided that the following 13 * conditions are met: 14 * 15 * - Redistributions of source code must retain the above 16 * copyright notice, this list of conditions and the following 17 * disclaimer. 18 * 19 * - Redistributions in binary form must reproduce the above 20 * copyright notice, this list of conditions and the following 21 * disclaimer in the documentation and/or other materials 22 * provided with the distribution. 23 * 24 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 25 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 26 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 27 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 28 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 29 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 30 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 31 * SOFTWARE. 32 * 33 */ 34 35 #include <linux/module.h> 36 #include <linux/init.h> 37 #include <linux/slab.h> 38 #include <linux/err.h> 39 #include <linux/ctype.h> 40 #include <linux/kthread.h> 41 #include <linux/string.h> 42 #include <linux/delay.h> 43 #include <linux/atomic.h> 44 #include <scsi/scsi_proto.h> 45 #include <scsi/scsi_tcq.h> 46 #include <target/target_core_base.h> 47 #include <target/target_core_fabric.h> 48 #include "ib_srpt.h" 49 50 /* Name of this kernel module. */ 51 #define DRV_NAME "ib_srpt" 52 #define DRV_VERSION "2.0.0" 53 #define DRV_RELDATE "2011-02-14" 54 55 #define SRPT_ID_STRING "Linux SRP target" 56 57 #undef pr_fmt 58 #define pr_fmt(fmt) DRV_NAME " " fmt 59 60 MODULE_AUTHOR("Vu Pham and Bart Van Assche"); 61 MODULE_DESCRIPTION("InfiniBand SCSI RDMA Protocol target " 62 "v" DRV_VERSION " (" DRV_RELDATE ")"); 63 MODULE_LICENSE("Dual BSD/GPL"); 64 65 /* 66 * Global Variables 67 */ 68 69 static u64 srpt_service_guid; 70 static DEFINE_SPINLOCK(srpt_dev_lock); /* Protects srpt_dev_list. */ 71 static LIST_HEAD(srpt_dev_list); /* List of srpt_device structures. */ 72 73 static unsigned srp_max_req_size = DEFAULT_MAX_REQ_SIZE; 74 module_param(srp_max_req_size, int, 0444); 75 MODULE_PARM_DESC(srp_max_req_size, 76 "Maximum size of SRP request messages in bytes."); 77 78 static int srpt_srq_size = DEFAULT_SRPT_SRQ_SIZE; 79 module_param(srpt_srq_size, int, 0444); 80 MODULE_PARM_DESC(srpt_srq_size, 81 "Shared receive queue (SRQ) size."); 82 83 static int srpt_get_u64_x(char *buffer, struct kernel_param *kp) 84 { 85 return sprintf(buffer, "0x%016llx", *(u64 *)kp->arg); 86 } 87 module_param_call(srpt_service_guid, NULL, srpt_get_u64_x, &srpt_service_guid, 88 0444); 89 MODULE_PARM_DESC(srpt_service_guid, 90 "Using this value for ioc_guid, id_ext, and cm_listen_id" 91 " instead of using the node_guid of the first HCA."); 92 93 static struct ib_client srpt_client; 94 static void srpt_release_cmd(struct se_cmd *se_cmd); 95 static void srpt_free_ch(struct kref *kref); 96 static int srpt_queue_status(struct se_cmd *cmd); 97 static void srpt_recv_done(struct ib_cq *cq, struct ib_wc *wc); 98 static void srpt_send_done(struct ib_cq *cq, struct ib_wc *wc); 99 static void srpt_process_wait_list(struct srpt_rdma_ch *ch); 100 101 /* 102 * The only allowed channel state changes are those that change the channel 103 * state into a state with a higher numerical value. Hence the new > prev test. 104 */ 105 static bool srpt_set_ch_state(struct srpt_rdma_ch *ch, enum rdma_ch_state new) 106 { 107 unsigned long flags; 108 enum rdma_ch_state prev; 109 bool changed = false; 110 111 spin_lock_irqsave(&ch->spinlock, flags); 112 prev = ch->state; 113 if (new > prev) { 114 ch->state = new; 115 changed = true; 116 } 117 spin_unlock_irqrestore(&ch->spinlock, flags); 118 119 return changed; 120 } 121 122 /** 123 * srpt_event_handler() - Asynchronous IB event callback function. 124 * 125 * Callback function called by the InfiniBand core when an asynchronous IB 126 * event occurs. This callback may occur in interrupt context. See also 127 * section 11.5.2, Set Asynchronous Event Handler in the InfiniBand 128 * Architecture Specification. 129 */ 130 static void srpt_event_handler(struct ib_event_handler *handler, 131 struct ib_event *event) 132 { 133 struct srpt_device *sdev; 134 struct srpt_port *sport; 135 136 sdev = ib_get_client_data(event->device, &srpt_client); 137 if (!sdev || sdev->device != event->device) 138 return; 139 140 pr_debug("ASYNC event= %d on device= %s\n", event->event, 141 sdev->device->name); 142 143 switch (event->event) { 144 case IB_EVENT_PORT_ERR: 145 if (event->element.port_num <= sdev->device->phys_port_cnt) { 146 sport = &sdev->port[event->element.port_num - 1]; 147 sport->lid = 0; 148 sport->sm_lid = 0; 149 } 150 break; 151 case IB_EVENT_PORT_ACTIVE: 152 case IB_EVENT_LID_CHANGE: 153 case IB_EVENT_PKEY_CHANGE: 154 case IB_EVENT_SM_CHANGE: 155 case IB_EVENT_CLIENT_REREGISTER: 156 case IB_EVENT_GID_CHANGE: 157 /* Refresh port data asynchronously. */ 158 if (event->element.port_num <= sdev->device->phys_port_cnt) { 159 sport = &sdev->port[event->element.port_num - 1]; 160 if (!sport->lid && !sport->sm_lid) 161 schedule_work(&sport->work); 162 } 163 break; 164 default: 165 pr_err("received unrecognized IB event %d\n", 166 event->event); 167 break; 168 } 169 } 170 171 /** 172 * srpt_srq_event() - SRQ event callback function. 173 */ 174 static void srpt_srq_event(struct ib_event *event, void *ctx) 175 { 176 pr_info("SRQ event %d\n", event->event); 177 } 178 179 static const char *get_ch_state_name(enum rdma_ch_state s) 180 { 181 switch (s) { 182 case CH_CONNECTING: 183 return "connecting"; 184 case CH_LIVE: 185 return "live"; 186 case CH_DISCONNECTING: 187 return "disconnecting"; 188 case CH_DRAINING: 189 return "draining"; 190 case CH_DISCONNECTED: 191 return "disconnected"; 192 } 193 return "???"; 194 } 195 196 /** 197 * srpt_qp_event() - QP event callback function. 198 */ 199 static void srpt_qp_event(struct ib_event *event, struct srpt_rdma_ch *ch) 200 { 201 pr_debug("QP event %d on cm_id=%p sess_name=%s state=%d\n", 202 event->event, ch->cm_id, ch->sess_name, ch->state); 203 204 switch (event->event) { 205 case IB_EVENT_COMM_EST: 206 ib_cm_notify(ch->cm_id, event->event); 207 break; 208 case IB_EVENT_QP_LAST_WQE_REACHED: 209 pr_debug("%s-%d, state %s: received Last WQE event.\n", 210 ch->sess_name, ch->qp->qp_num, 211 get_ch_state_name(ch->state)); 212 break; 213 default: 214 pr_err("received unrecognized IB QP event %d\n", event->event); 215 break; 216 } 217 } 218 219 /** 220 * srpt_set_ioc() - Helper function for initializing an IOUnitInfo structure. 221 * 222 * @slot: one-based slot number. 223 * @value: four-bit value. 224 * 225 * Copies the lowest four bits of value in element slot of the array of four 226 * bit elements called c_list (controller list). The index slot is one-based. 227 */ 228 static void srpt_set_ioc(u8 *c_list, u32 slot, u8 value) 229 { 230 u16 id; 231 u8 tmp; 232 233 id = (slot - 1) / 2; 234 if (slot & 0x1) { 235 tmp = c_list[id] & 0xf; 236 c_list[id] = (value << 4) | tmp; 237 } else { 238 tmp = c_list[id] & 0xf0; 239 c_list[id] = (value & 0xf) | tmp; 240 } 241 } 242 243 /** 244 * srpt_get_class_port_info() - Copy ClassPortInfo to a management datagram. 245 * 246 * See also section 16.3.3.1 ClassPortInfo in the InfiniBand Architecture 247 * Specification. 248 */ 249 static void srpt_get_class_port_info(struct ib_dm_mad *mad) 250 { 251 struct ib_class_port_info *cif; 252 253 cif = (struct ib_class_port_info *)mad->data; 254 memset(cif, 0, sizeof(*cif)); 255 cif->base_version = 1; 256 cif->class_version = 1; 257 cif->resp_time_value = 20; 258 259 mad->mad_hdr.status = 0; 260 } 261 262 /** 263 * srpt_get_iou() - Write IOUnitInfo to a management datagram. 264 * 265 * See also section 16.3.3.3 IOUnitInfo in the InfiniBand Architecture 266 * Specification. See also section B.7, table B.6 in the SRP r16a document. 267 */ 268 static void srpt_get_iou(struct ib_dm_mad *mad) 269 { 270 struct ib_dm_iou_info *ioui; 271 u8 slot; 272 int i; 273 274 ioui = (struct ib_dm_iou_info *)mad->data; 275 ioui->change_id = cpu_to_be16(1); 276 ioui->max_controllers = 16; 277 278 /* set present for slot 1 and empty for the rest */ 279 srpt_set_ioc(ioui->controller_list, 1, 1); 280 for (i = 1, slot = 2; i < 16; i++, slot++) 281 srpt_set_ioc(ioui->controller_list, slot, 0); 282 283 mad->mad_hdr.status = 0; 284 } 285 286 /** 287 * srpt_get_ioc() - Write IOControllerprofile to a management datagram. 288 * 289 * See also section 16.3.3.4 IOControllerProfile in the InfiniBand 290 * Architecture Specification. See also section B.7, table B.7 in the SRP 291 * r16a document. 292 */ 293 static void srpt_get_ioc(struct srpt_port *sport, u32 slot, 294 struct ib_dm_mad *mad) 295 { 296 struct srpt_device *sdev = sport->sdev; 297 struct ib_dm_ioc_profile *iocp; 298 299 iocp = (struct ib_dm_ioc_profile *)mad->data; 300 301 if (!slot || slot > 16) { 302 mad->mad_hdr.status 303 = cpu_to_be16(DM_MAD_STATUS_INVALID_FIELD); 304 return; 305 } 306 307 if (slot > 2) { 308 mad->mad_hdr.status 309 = cpu_to_be16(DM_MAD_STATUS_NO_IOC); 310 return; 311 } 312 313 memset(iocp, 0, sizeof(*iocp)); 314 strcpy(iocp->id_string, SRPT_ID_STRING); 315 iocp->guid = cpu_to_be64(srpt_service_guid); 316 iocp->vendor_id = cpu_to_be32(sdev->device->attrs.vendor_id); 317 iocp->device_id = cpu_to_be32(sdev->device->attrs.vendor_part_id); 318 iocp->device_version = cpu_to_be16(sdev->device->attrs.hw_ver); 319 iocp->subsys_vendor_id = cpu_to_be32(sdev->device->attrs.vendor_id); 320 iocp->subsys_device_id = 0x0; 321 iocp->io_class = cpu_to_be16(SRP_REV16A_IB_IO_CLASS); 322 iocp->io_subclass = cpu_to_be16(SRP_IO_SUBCLASS); 323 iocp->protocol = cpu_to_be16(SRP_PROTOCOL); 324 iocp->protocol_version = cpu_to_be16(SRP_PROTOCOL_VERSION); 325 iocp->send_queue_depth = cpu_to_be16(sdev->srq_size); 326 iocp->rdma_read_depth = 4; 327 iocp->send_size = cpu_to_be32(srp_max_req_size); 328 iocp->rdma_size = cpu_to_be32(min(sport->port_attrib.srp_max_rdma_size, 329 1U << 24)); 330 iocp->num_svc_entries = 1; 331 iocp->op_cap_mask = SRP_SEND_TO_IOC | SRP_SEND_FROM_IOC | 332 SRP_RDMA_READ_FROM_IOC | SRP_RDMA_WRITE_FROM_IOC; 333 334 mad->mad_hdr.status = 0; 335 } 336 337 /** 338 * srpt_get_svc_entries() - Write ServiceEntries to a management datagram. 339 * 340 * See also section 16.3.3.5 ServiceEntries in the InfiniBand Architecture 341 * Specification. See also section B.7, table B.8 in the SRP r16a document. 342 */ 343 static void srpt_get_svc_entries(u64 ioc_guid, 344 u16 slot, u8 hi, u8 lo, struct ib_dm_mad *mad) 345 { 346 struct ib_dm_svc_entries *svc_entries; 347 348 WARN_ON(!ioc_guid); 349 350 if (!slot || slot > 16) { 351 mad->mad_hdr.status 352 = cpu_to_be16(DM_MAD_STATUS_INVALID_FIELD); 353 return; 354 } 355 356 if (slot > 2 || lo > hi || hi > 1) { 357 mad->mad_hdr.status 358 = cpu_to_be16(DM_MAD_STATUS_NO_IOC); 359 return; 360 } 361 362 svc_entries = (struct ib_dm_svc_entries *)mad->data; 363 memset(svc_entries, 0, sizeof(*svc_entries)); 364 svc_entries->service_entries[0].id = cpu_to_be64(ioc_guid); 365 snprintf(svc_entries->service_entries[0].name, 366 sizeof(svc_entries->service_entries[0].name), 367 "%s%016llx", 368 SRP_SERVICE_NAME_PREFIX, 369 ioc_guid); 370 371 mad->mad_hdr.status = 0; 372 } 373 374 /** 375 * srpt_mgmt_method_get() - Process a received management datagram. 376 * @sp: source port through which the MAD has been received. 377 * @rq_mad: received MAD. 378 * @rsp_mad: response MAD. 379 */ 380 static void srpt_mgmt_method_get(struct srpt_port *sp, struct ib_mad *rq_mad, 381 struct ib_dm_mad *rsp_mad) 382 { 383 u16 attr_id; 384 u32 slot; 385 u8 hi, lo; 386 387 attr_id = be16_to_cpu(rq_mad->mad_hdr.attr_id); 388 switch (attr_id) { 389 case DM_ATTR_CLASS_PORT_INFO: 390 srpt_get_class_port_info(rsp_mad); 391 break; 392 case DM_ATTR_IOU_INFO: 393 srpt_get_iou(rsp_mad); 394 break; 395 case DM_ATTR_IOC_PROFILE: 396 slot = be32_to_cpu(rq_mad->mad_hdr.attr_mod); 397 srpt_get_ioc(sp, slot, rsp_mad); 398 break; 399 case DM_ATTR_SVC_ENTRIES: 400 slot = be32_to_cpu(rq_mad->mad_hdr.attr_mod); 401 hi = (u8) ((slot >> 8) & 0xff); 402 lo = (u8) (slot & 0xff); 403 slot = (u16) ((slot >> 16) & 0xffff); 404 srpt_get_svc_entries(srpt_service_guid, 405 slot, hi, lo, rsp_mad); 406 break; 407 default: 408 rsp_mad->mad_hdr.status = 409 cpu_to_be16(DM_MAD_STATUS_UNSUP_METHOD_ATTR); 410 break; 411 } 412 } 413 414 /** 415 * srpt_mad_send_handler() - Post MAD-send callback function. 416 */ 417 static void srpt_mad_send_handler(struct ib_mad_agent *mad_agent, 418 struct ib_mad_send_wc *mad_wc) 419 { 420 ib_destroy_ah(mad_wc->send_buf->ah); 421 ib_free_send_mad(mad_wc->send_buf); 422 } 423 424 /** 425 * srpt_mad_recv_handler() - MAD reception callback function. 426 */ 427 static void srpt_mad_recv_handler(struct ib_mad_agent *mad_agent, 428 struct ib_mad_send_buf *send_buf, 429 struct ib_mad_recv_wc *mad_wc) 430 { 431 struct srpt_port *sport = (struct srpt_port *)mad_agent->context; 432 struct ib_ah *ah; 433 struct ib_mad_send_buf *rsp; 434 struct ib_dm_mad *dm_mad; 435 436 if (!mad_wc || !mad_wc->recv_buf.mad) 437 return; 438 439 ah = ib_create_ah_from_wc(mad_agent->qp->pd, mad_wc->wc, 440 mad_wc->recv_buf.grh, mad_agent->port_num); 441 if (IS_ERR(ah)) 442 goto err; 443 444 BUILD_BUG_ON(offsetof(struct ib_dm_mad, data) != IB_MGMT_DEVICE_HDR); 445 446 rsp = ib_create_send_mad(mad_agent, mad_wc->wc->src_qp, 447 mad_wc->wc->pkey_index, 0, 448 IB_MGMT_DEVICE_HDR, IB_MGMT_DEVICE_DATA, 449 GFP_KERNEL, 450 IB_MGMT_BASE_VERSION); 451 if (IS_ERR(rsp)) 452 goto err_rsp; 453 454 rsp->ah = ah; 455 456 dm_mad = rsp->mad; 457 memcpy(dm_mad, mad_wc->recv_buf.mad, sizeof(*dm_mad)); 458 dm_mad->mad_hdr.method = IB_MGMT_METHOD_GET_RESP; 459 dm_mad->mad_hdr.status = 0; 460 461 switch (mad_wc->recv_buf.mad->mad_hdr.method) { 462 case IB_MGMT_METHOD_GET: 463 srpt_mgmt_method_get(sport, mad_wc->recv_buf.mad, dm_mad); 464 break; 465 case IB_MGMT_METHOD_SET: 466 dm_mad->mad_hdr.status = 467 cpu_to_be16(DM_MAD_STATUS_UNSUP_METHOD_ATTR); 468 break; 469 default: 470 dm_mad->mad_hdr.status = 471 cpu_to_be16(DM_MAD_STATUS_UNSUP_METHOD); 472 break; 473 } 474 475 if (!ib_post_send_mad(rsp, NULL)) { 476 ib_free_recv_mad(mad_wc); 477 /* will destroy_ah & free_send_mad in send completion */ 478 return; 479 } 480 481 ib_free_send_mad(rsp); 482 483 err_rsp: 484 ib_destroy_ah(ah); 485 err: 486 ib_free_recv_mad(mad_wc); 487 } 488 489 /** 490 * srpt_refresh_port() - Configure a HCA port. 491 * 492 * Enable InfiniBand management datagram processing, update the cached sm_lid, 493 * lid and gid values, and register a callback function for processing MADs 494 * on the specified port. 495 * 496 * Note: It is safe to call this function more than once for the same port. 497 */ 498 static int srpt_refresh_port(struct srpt_port *sport) 499 { 500 struct ib_mad_reg_req reg_req; 501 struct ib_port_modify port_modify; 502 struct ib_port_attr port_attr; 503 int ret; 504 505 memset(&port_modify, 0, sizeof(port_modify)); 506 port_modify.set_port_cap_mask = IB_PORT_DEVICE_MGMT_SUP; 507 port_modify.clr_port_cap_mask = 0; 508 509 ret = ib_modify_port(sport->sdev->device, sport->port, 0, &port_modify); 510 if (ret) 511 goto err_mod_port; 512 513 ret = ib_query_port(sport->sdev->device, sport->port, &port_attr); 514 if (ret) 515 goto err_query_port; 516 517 sport->sm_lid = port_attr.sm_lid; 518 sport->lid = port_attr.lid; 519 520 ret = ib_query_gid(sport->sdev->device, sport->port, 0, &sport->gid, 521 NULL); 522 if (ret) 523 goto err_query_port; 524 525 if (!sport->mad_agent) { 526 memset(®_req, 0, sizeof(reg_req)); 527 reg_req.mgmt_class = IB_MGMT_CLASS_DEVICE_MGMT; 528 reg_req.mgmt_class_version = IB_MGMT_BASE_VERSION; 529 set_bit(IB_MGMT_METHOD_GET, reg_req.method_mask); 530 set_bit(IB_MGMT_METHOD_SET, reg_req.method_mask); 531 532 sport->mad_agent = ib_register_mad_agent(sport->sdev->device, 533 sport->port, 534 IB_QPT_GSI, 535 ®_req, 0, 536 srpt_mad_send_handler, 537 srpt_mad_recv_handler, 538 sport, 0); 539 if (IS_ERR(sport->mad_agent)) { 540 ret = PTR_ERR(sport->mad_agent); 541 sport->mad_agent = NULL; 542 goto err_query_port; 543 } 544 } 545 546 return 0; 547 548 err_query_port: 549 550 port_modify.set_port_cap_mask = 0; 551 port_modify.clr_port_cap_mask = IB_PORT_DEVICE_MGMT_SUP; 552 ib_modify_port(sport->sdev->device, sport->port, 0, &port_modify); 553 554 err_mod_port: 555 556 return ret; 557 } 558 559 /** 560 * srpt_unregister_mad_agent() - Unregister MAD callback functions. 561 * 562 * Note: It is safe to call this function more than once for the same device. 563 */ 564 static void srpt_unregister_mad_agent(struct srpt_device *sdev) 565 { 566 struct ib_port_modify port_modify = { 567 .clr_port_cap_mask = IB_PORT_DEVICE_MGMT_SUP, 568 }; 569 struct srpt_port *sport; 570 int i; 571 572 for (i = 1; i <= sdev->device->phys_port_cnt; i++) { 573 sport = &sdev->port[i - 1]; 574 WARN_ON(sport->port != i); 575 if (ib_modify_port(sdev->device, i, 0, &port_modify) < 0) 576 pr_err("disabling MAD processing failed.\n"); 577 if (sport->mad_agent) { 578 ib_unregister_mad_agent(sport->mad_agent); 579 sport->mad_agent = NULL; 580 } 581 } 582 } 583 584 /** 585 * srpt_alloc_ioctx() - Allocate an SRPT I/O context structure. 586 */ 587 static struct srpt_ioctx *srpt_alloc_ioctx(struct srpt_device *sdev, 588 int ioctx_size, int dma_size, 589 enum dma_data_direction dir) 590 { 591 struct srpt_ioctx *ioctx; 592 593 ioctx = kmalloc(ioctx_size, GFP_KERNEL); 594 if (!ioctx) 595 goto err; 596 597 ioctx->buf = kmalloc(dma_size, GFP_KERNEL); 598 if (!ioctx->buf) 599 goto err_free_ioctx; 600 601 ioctx->dma = ib_dma_map_single(sdev->device, ioctx->buf, dma_size, dir); 602 if (ib_dma_mapping_error(sdev->device, ioctx->dma)) 603 goto err_free_buf; 604 605 return ioctx; 606 607 err_free_buf: 608 kfree(ioctx->buf); 609 err_free_ioctx: 610 kfree(ioctx); 611 err: 612 return NULL; 613 } 614 615 /** 616 * srpt_free_ioctx() - Free an SRPT I/O context structure. 617 */ 618 static void srpt_free_ioctx(struct srpt_device *sdev, struct srpt_ioctx *ioctx, 619 int dma_size, enum dma_data_direction dir) 620 { 621 if (!ioctx) 622 return; 623 624 ib_dma_unmap_single(sdev->device, ioctx->dma, dma_size, dir); 625 kfree(ioctx->buf); 626 kfree(ioctx); 627 } 628 629 /** 630 * srpt_alloc_ioctx_ring() - Allocate a ring of SRPT I/O context structures. 631 * @sdev: Device to allocate the I/O context ring for. 632 * @ring_size: Number of elements in the I/O context ring. 633 * @ioctx_size: I/O context size. 634 * @dma_size: DMA buffer size. 635 * @dir: DMA data direction. 636 */ 637 static struct srpt_ioctx **srpt_alloc_ioctx_ring(struct srpt_device *sdev, 638 int ring_size, int ioctx_size, 639 int dma_size, enum dma_data_direction dir) 640 { 641 struct srpt_ioctx **ring; 642 int i; 643 644 WARN_ON(ioctx_size != sizeof(struct srpt_recv_ioctx) 645 && ioctx_size != sizeof(struct srpt_send_ioctx)); 646 647 ring = kmalloc(ring_size * sizeof(ring[0]), GFP_KERNEL); 648 if (!ring) 649 goto out; 650 for (i = 0; i < ring_size; ++i) { 651 ring[i] = srpt_alloc_ioctx(sdev, ioctx_size, dma_size, dir); 652 if (!ring[i]) 653 goto err; 654 ring[i]->index = i; 655 } 656 goto out; 657 658 err: 659 while (--i >= 0) 660 srpt_free_ioctx(sdev, ring[i], dma_size, dir); 661 kfree(ring); 662 ring = NULL; 663 out: 664 return ring; 665 } 666 667 /** 668 * srpt_free_ioctx_ring() - Free the ring of SRPT I/O context structures. 669 */ 670 static void srpt_free_ioctx_ring(struct srpt_ioctx **ioctx_ring, 671 struct srpt_device *sdev, int ring_size, 672 int dma_size, enum dma_data_direction dir) 673 { 674 int i; 675 676 for (i = 0; i < ring_size; ++i) 677 srpt_free_ioctx(sdev, ioctx_ring[i], dma_size, dir); 678 kfree(ioctx_ring); 679 } 680 681 /** 682 * srpt_get_cmd_state() - Get the state of a SCSI command. 683 */ 684 static enum srpt_command_state srpt_get_cmd_state(struct srpt_send_ioctx *ioctx) 685 { 686 enum srpt_command_state state; 687 unsigned long flags; 688 689 BUG_ON(!ioctx); 690 691 spin_lock_irqsave(&ioctx->spinlock, flags); 692 state = ioctx->state; 693 spin_unlock_irqrestore(&ioctx->spinlock, flags); 694 return state; 695 } 696 697 /** 698 * srpt_set_cmd_state() - Set the state of a SCSI command. 699 * 700 * Does not modify the state of aborted commands. Returns the previous command 701 * state. 702 */ 703 static enum srpt_command_state srpt_set_cmd_state(struct srpt_send_ioctx *ioctx, 704 enum srpt_command_state new) 705 { 706 enum srpt_command_state previous; 707 unsigned long flags; 708 709 BUG_ON(!ioctx); 710 711 spin_lock_irqsave(&ioctx->spinlock, flags); 712 previous = ioctx->state; 713 if (previous != SRPT_STATE_DONE) 714 ioctx->state = new; 715 spin_unlock_irqrestore(&ioctx->spinlock, flags); 716 717 return previous; 718 } 719 720 /** 721 * srpt_test_and_set_cmd_state() - Test and set the state of a command. 722 * 723 * Returns true if and only if the previous command state was equal to 'old'. 724 */ 725 static bool srpt_test_and_set_cmd_state(struct srpt_send_ioctx *ioctx, 726 enum srpt_command_state old, 727 enum srpt_command_state new) 728 { 729 enum srpt_command_state previous; 730 unsigned long flags; 731 732 WARN_ON(!ioctx); 733 WARN_ON(old == SRPT_STATE_DONE); 734 WARN_ON(new == SRPT_STATE_NEW); 735 736 spin_lock_irqsave(&ioctx->spinlock, flags); 737 previous = ioctx->state; 738 if (previous == old) 739 ioctx->state = new; 740 spin_unlock_irqrestore(&ioctx->spinlock, flags); 741 return previous == old; 742 } 743 744 /** 745 * srpt_post_recv() - Post an IB receive request. 746 */ 747 static int srpt_post_recv(struct srpt_device *sdev, 748 struct srpt_recv_ioctx *ioctx) 749 { 750 struct ib_sge list; 751 struct ib_recv_wr wr, *bad_wr; 752 753 BUG_ON(!sdev); 754 list.addr = ioctx->ioctx.dma; 755 list.length = srp_max_req_size; 756 list.lkey = sdev->pd->local_dma_lkey; 757 758 ioctx->ioctx.cqe.done = srpt_recv_done; 759 wr.wr_cqe = &ioctx->ioctx.cqe; 760 wr.next = NULL; 761 wr.sg_list = &list; 762 wr.num_sge = 1; 763 764 return ib_post_srq_recv(sdev->srq, &wr, &bad_wr); 765 } 766 767 /** 768 * srpt_post_send() - Post an IB send request. 769 * 770 * Returns zero upon success and a non-zero value upon failure. 771 */ 772 static int srpt_post_send(struct srpt_rdma_ch *ch, 773 struct srpt_send_ioctx *ioctx, int len) 774 { 775 struct ib_sge list; 776 struct ib_send_wr wr, *bad_wr; 777 struct srpt_device *sdev = ch->sport->sdev; 778 int ret; 779 780 atomic_inc(&ch->req_lim); 781 782 ret = -ENOMEM; 783 if (unlikely(atomic_dec_return(&ch->sq_wr_avail) < 0)) { 784 pr_warn("IB send queue full (needed 1)\n"); 785 goto out; 786 } 787 788 ib_dma_sync_single_for_device(sdev->device, ioctx->ioctx.dma, len, 789 DMA_TO_DEVICE); 790 791 list.addr = ioctx->ioctx.dma; 792 list.length = len; 793 list.lkey = sdev->pd->local_dma_lkey; 794 795 ioctx->ioctx.cqe.done = srpt_send_done; 796 wr.next = NULL; 797 wr.wr_cqe = &ioctx->ioctx.cqe; 798 wr.sg_list = &list; 799 wr.num_sge = 1; 800 wr.opcode = IB_WR_SEND; 801 wr.send_flags = IB_SEND_SIGNALED; 802 803 ret = ib_post_send(ch->qp, &wr, &bad_wr); 804 805 out: 806 if (ret < 0) { 807 atomic_inc(&ch->sq_wr_avail); 808 atomic_dec(&ch->req_lim); 809 } 810 return ret; 811 } 812 813 /** 814 * srpt_zerolength_write() - Perform a zero-length RDMA write. 815 * 816 * A quote from the InfiniBand specification: C9-88: For an HCA responder 817 * using Reliable Connection service, for each zero-length RDMA READ or WRITE 818 * request, the R_Key shall not be validated, even if the request includes 819 * Immediate data. 820 */ 821 static int srpt_zerolength_write(struct srpt_rdma_ch *ch) 822 { 823 struct ib_send_wr wr, *bad_wr; 824 825 memset(&wr, 0, sizeof(wr)); 826 wr.opcode = IB_WR_RDMA_WRITE; 827 wr.wr_cqe = &ch->zw_cqe; 828 wr.send_flags = IB_SEND_SIGNALED; 829 return ib_post_send(ch->qp, &wr, &bad_wr); 830 } 831 832 static void srpt_zerolength_write_done(struct ib_cq *cq, struct ib_wc *wc) 833 { 834 struct srpt_rdma_ch *ch = cq->cq_context; 835 836 if (wc->status == IB_WC_SUCCESS) { 837 srpt_process_wait_list(ch); 838 } else { 839 if (srpt_set_ch_state(ch, CH_DISCONNECTED)) 840 schedule_work(&ch->release_work); 841 else 842 WARN_ONCE(1, "%s-%d\n", ch->sess_name, ch->qp->qp_num); 843 } 844 } 845 846 /** 847 * srpt_get_desc_tbl() - Parse the data descriptors of an SRP_CMD request. 848 * @ioctx: Pointer to the I/O context associated with the request. 849 * @srp_cmd: Pointer to the SRP_CMD request data. 850 * @dir: Pointer to the variable to which the transfer direction will be 851 * written. 852 * @data_len: Pointer to the variable to which the total data length of all 853 * descriptors in the SRP_CMD request will be written. 854 * 855 * This function initializes ioctx->nrbuf and ioctx->r_bufs. 856 * 857 * Returns -EINVAL when the SRP_CMD request contains inconsistent descriptors; 858 * -ENOMEM when memory allocation fails and zero upon success. 859 */ 860 static int srpt_get_desc_tbl(struct srpt_send_ioctx *ioctx, 861 struct srp_cmd *srp_cmd, 862 enum dma_data_direction *dir, u64 *data_len) 863 { 864 struct srp_indirect_buf *idb; 865 struct srp_direct_buf *db; 866 unsigned add_cdb_offset; 867 int ret; 868 869 /* 870 * The pointer computations below will only be compiled correctly 871 * if srp_cmd::add_data is declared as s8*, u8*, s8[] or u8[], so check 872 * whether srp_cmd::add_data has been declared as a byte pointer. 873 */ 874 BUILD_BUG_ON(!__same_type(srp_cmd->add_data[0], (s8)0) 875 && !__same_type(srp_cmd->add_data[0], (u8)0)); 876 877 BUG_ON(!dir); 878 BUG_ON(!data_len); 879 880 ret = 0; 881 *data_len = 0; 882 883 /* 884 * The lower four bits of the buffer format field contain the DATA-IN 885 * buffer descriptor format, and the highest four bits contain the 886 * DATA-OUT buffer descriptor format. 887 */ 888 *dir = DMA_NONE; 889 if (srp_cmd->buf_fmt & 0xf) 890 /* DATA-IN: transfer data from target to initiator (read). */ 891 *dir = DMA_FROM_DEVICE; 892 else if (srp_cmd->buf_fmt >> 4) 893 /* DATA-OUT: transfer data from initiator to target (write). */ 894 *dir = DMA_TO_DEVICE; 895 896 /* 897 * According to the SRP spec, the lower two bits of the 'ADDITIONAL 898 * CDB LENGTH' field are reserved and the size in bytes of this field 899 * is four times the value specified in bits 3..7. Hence the "& ~3". 900 */ 901 add_cdb_offset = srp_cmd->add_cdb_len & ~3; 902 if (((srp_cmd->buf_fmt & 0xf) == SRP_DATA_DESC_DIRECT) || 903 ((srp_cmd->buf_fmt >> 4) == SRP_DATA_DESC_DIRECT)) { 904 ioctx->n_rbuf = 1; 905 ioctx->rbufs = &ioctx->single_rbuf; 906 907 db = (struct srp_direct_buf *)(srp_cmd->add_data 908 + add_cdb_offset); 909 memcpy(ioctx->rbufs, db, sizeof(*db)); 910 *data_len = be32_to_cpu(db->len); 911 } else if (((srp_cmd->buf_fmt & 0xf) == SRP_DATA_DESC_INDIRECT) || 912 ((srp_cmd->buf_fmt >> 4) == SRP_DATA_DESC_INDIRECT)) { 913 idb = (struct srp_indirect_buf *)(srp_cmd->add_data 914 + add_cdb_offset); 915 916 ioctx->n_rbuf = be32_to_cpu(idb->table_desc.len) / sizeof(*db); 917 918 if (ioctx->n_rbuf > 919 (srp_cmd->data_out_desc_cnt + srp_cmd->data_in_desc_cnt)) { 920 pr_err("received unsupported SRP_CMD request" 921 " type (%u out + %u in != %u / %zu)\n", 922 srp_cmd->data_out_desc_cnt, 923 srp_cmd->data_in_desc_cnt, 924 be32_to_cpu(idb->table_desc.len), 925 sizeof(*db)); 926 ioctx->n_rbuf = 0; 927 ret = -EINVAL; 928 goto out; 929 } 930 931 if (ioctx->n_rbuf == 1) 932 ioctx->rbufs = &ioctx->single_rbuf; 933 else { 934 ioctx->rbufs = 935 kmalloc(ioctx->n_rbuf * sizeof(*db), GFP_ATOMIC); 936 if (!ioctx->rbufs) { 937 ioctx->n_rbuf = 0; 938 ret = -ENOMEM; 939 goto out; 940 } 941 } 942 943 db = idb->desc_list; 944 memcpy(ioctx->rbufs, db, ioctx->n_rbuf * sizeof(*db)); 945 *data_len = be32_to_cpu(idb->len); 946 } 947 out: 948 return ret; 949 } 950 951 /** 952 * srpt_init_ch_qp() - Initialize queue pair attributes. 953 * 954 * Initialized the attributes of queue pair 'qp' by allowing local write, 955 * remote read and remote write. Also transitions 'qp' to state IB_QPS_INIT. 956 */ 957 static int srpt_init_ch_qp(struct srpt_rdma_ch *ch, struct ib_qp *qp) 958 { 959 struct ib_qp_attr *attr; 960 int ret; 961 962 attr = kzalloc(sizeof(*attr), GFP_KERNEL); 963 if (!attr) 964 return -ENOMEM; 965 966 attr->qp_state = IB_QPS_INIT; 967 attr->qp_access_flags = IB_ACCESS_LOCAL_WRITE | IB_ACCESS_REMOTE_READ | 968 IB_ACCESS_REMOTE_WRITE; 969 attr->port_num = ch->sport->port; 970 attr->pkey_index = 0; 971 972 ret = ib_modify_qp(qp, attr, 973 IB_QP_STATE | IB_QP_ACCESS_FLAGS | IB_QP_PORT | 974 IB_QP_PKEY_INDEX); 975 976 kfree(attr); 977 return ret; 978 } 979 980 /** 981 * srpt_ch_qp_rtr() - Change the state of a channel to 'ready to receive' (RTR). 982 * @ch: channel of the queue pair. 983 * @qp: queue pair to change the state of. 984 * 985 * Returns zero upon success and a negative value upon failure. 986 * 987 * Note: currently a struct ib_qp_attr takes 136 bytes on a 64-bit system. 988 * If this structure ever becomes larger, it might be necessary to allocate 989 * it dynamically instead of on the stack. 990 */ 991 static int srpt_ch_qp_rtr(struct srpt_rdma_ch *ch, struct ib_qp *qp) 992 { 993 struct ib_qp_attr qp_attr; 994 int attr_mask; 995 int ret; 996 997 qp_attr.qp_state = IB_QPS_RTR; 998 ret = ib_cm_init_qp_attr(ch->cm_id, &qp_attr, &attr_mask); 999 if (ret) 1000 goto out; 1001 1002 qp_attr.max_dest_rd_atomic = 4; 1003 1004 ret = ib_modify_qp(qp, &qp_attr, attr_mask); 1005 1006 out: 1007 return ret; 1008 } 1009 1010 /** 1011 * srpt_ch_qp_rts() - Change the state of a channel to 'ready to send' (RTS). 1012 * @ch: channel of the queue pair. 1013 * @qp: queue pair to change the state of. 1014 * 1015 * Returns zero upon success and a negative value upon failure. 1016 * 1017 * Note: currently a struct ib_qp_attr takes 136 bytes on a 64-bit system. 1018 * If this structure ever becomes larger, it might be necessary to allocate 1019 * it dynamically instead of on the stack. 1020 */ 1021 static int srpt_ch_qp_rts(struct srpt_rdma_ch *ch, struct ib_qp *qp) 1022 { 1023 struct ib_qp_attr qp_attr; 1024 int attr_mask; 1025 int ret; 1026 1027 qp_attr.qp_state = IB_QPS_RTS; 1028 ret = ib_cm_init_qp_attr(ch->cm_id, &qp_attr, &attr_mask); 1029 if (ret) 1030 goto out; 1031 1032 qp_attr.max_rd_atomic = 4; 1033 1034 ret = ib_modify_qp(qp, &qp_attr, attr_mask); 1035 1036 out: 1037 return ret; 1038 } 1039 1040 /** 1041 * srpt_ch_qp_err() - Set the channel queue pair state to 'error'. 1042 */ 1043 static int srpt_ch_qp_err(struct srpt_rdma_ch *ch) 1044 { 1045 struct ib_qp_attr qp_attr; 1046 1047 qp_attr.qp_state = IB_QPS_ERR; 1048 return ib_modify_qp(ch->qp, &qp_attr, IB_QP_STATE); 1049 } 1050 1051 /** 1052 * srpt_unmap_sg_to_ib_sge() - Unmap an IB SGE list. 1053 */ 1054 static void srpt_unmap_sg_to_ib_sge(struct srpt_rdma_ch *ch, 1055 struct srpt_send_ioctx *ioctx) 1056 { 1057 struct scatterlist *sg; 1058 enum dma_data_direction dir; 1059 1060 BUG_ON(!ch); 1061 BUG_ON(!ioctx); 1062 BUG_ON(ioctx->n_rdma && !ioctx->rdma_wrs); 1063 1064 while (ioctx->n_rdma) 1065 kfree(ioctx->rdma_wrs[--ioctx->n_rdma].wr.sg_list); 1066 1067 kfree(ioctx->rdma_wrs); 1068 ioctx->rdma_wrs = NULL; 1069 1070 if (ioctx->mapped_sg_count) { 1071 sg = ioctx->sg; 1072 WARN_ON(!sg); 1073 dir = ioctx->cmd.data_direction; 1074 BUG_ON(dir == DMA_NONE); 1075 ib_dma_unmap_sg(ch->sport->sdev->device, sg, ioctx->sg_cnt, 1076 target_reverse_dma_direction(&ioctx->cmd)); 1077 ioctx->mapped_sg_count = 0; 1078 } 1079 } 1080 1081 /** 1082 * srpt_map_sg_to_ib_sge() - Map an SG list to an IB SGE list. 1083 */ 1084 static int srpt_map_sg_to_ib_sge(struct srpt_rdma_ch *ch, 1085 struct srpt_send_ioctx *ioctx) 1086 { 1087 struct ib_device *dev = ch->sport->sdev->device; 1088 struct se_cmd *cmd; 1089 struct scatterlist *sg, *sg_orig; 1090 int sg_cnt; 1091 enum dma_data_direction dir; 1092 struct ib_rdma_wr *riu; 1093 struct srp_direct_buf *db; 1094 dma_addr_t dma_addr; 1095 struct ib_sge *sge; 1096 u64 raddr; 1097 u32 rsize; 1098 u32 tsize; 1099 u32 dma_len; 1100 int count, nrdma; 1101 int i, j, k; 1102 1103 BUG_ON(!ch); 1104 BUG_ON(!ioctx); 1105 cmd = &ioctx->cmd; 1106 dir = cmd->data_direction; 1107 BUG_ON(dir == DMA_NONE); 1108 1109 ioctx->sg = sg = sg_orig = cmd->t_data_sg; 1110 ioctx->sg_cnt = sg_cnt = cmd->t_data_nents; 1111 1112 count = ib_dma_map_sg(ch->sport->sdev->device, sg, sg_cnt, 1113 target_reverse_dma_direction(cmd)); 1114 if (unlikely(!count)) 1115 return -EAGAIN; 1116 1117 ioctx->mapped_sg_count = count; 1118 1119 if (ioctx->rdma_wrs && ioctx->n_rdma_wrs) 1120 nrdma = ioctx->n_rdma_wrs; 1121 else { 1122 nrdma = (count + SRPT_DEF_SG_PER_WQE - 1) / SRPT_DEF_SG_PER_WQE 1123 + ioctx->n_rbuf; 1124 1125 ioctx->rdma_wrs = kcalloc(nrdma, sizeof(*ioctx->rdma_wrs), 1126 GFP_KERNEL); 1127 if (!ioctx->rdma_wrs) 1128 goto free_mem; 1129 1130 ioctx->n_rdma_wrs = nrdma; 1131 } 1132 1133 db = ioctx->rbufs; 1134 tsize = cmd->data_length; 1135 dma_len = ib_sg_dma_len(dev, &sg[0]); 1136 riu = ioctx->rdma_wrs; 1137 1138 /* 1139 * For each remote desc - calculate the #ib_sge. 1140 * If #ib_sge < SRPT_DEF_SG_PER_WQE per rdma operation then 1141 * each remote desc rdma_iu is required a rdma wr; 1142 * else 1143 * we need to allocate extra rdma_iu to carry extra #ib_sge in 1144 * another rdma wr 1145 */ 1146 for (i = 0, j = 0; 1147 j < count && i < ioctx->n_rbuf && tsize > 0; ++i, ++riu, ++db) { 1148 rsize = be32_to_cpu(db->len); 1149 raddr = be64_to_cpu(db->va); 1150 riu->remote_addr = raddr; 1151 riu->rkey = be32_to_cpu(db->key); 1152 riu->wr.num_sge = 0; 1153 1154 /* calculate how many sge required for this remote_buf */ 1155 while (rsize > 0 && tsize > 0) { 1156 1157 if (rsize >= dma_len) { 1158 tsize -= dma_len; 1159 rsize -= dma_len; 1160 raddr += dma_len; 1161 1162 if (tsize > 0) { 1163 ++j; 1164 if (j < count) { 1165 sg = sg_next(sg); 1166 dma_len = ib_sg_dma_len( 1167 dev, sg); 1168 } 1169 } 1170 } else { 1171 tsize -= rsize; 1172 dma_len -= rsize; 1173 rsize = 0; 1174 } 1175 1176 ++riu->wr.num_sge; 1177 1178 if (rsize > 0 && 1179 riu->wr.num_sge == SRPT_DEF_SG_PER_WQE) { 1180 ++ioctx->n_rdma; 1181 riu->wr.sg_list = kmalloc_array(riu->wr.num_sge, 1182 sizeof(*riu->wr.sg_list), 1183 GFP_KERNEL); 1184 if (!riu->wr.sg_list) 1185 goto free_mem; 1186 1187 ++riu; 1188 riu->wr.num_sge = 0; 1189 riu->remote_addr = raddr; 1190 riu->rkey = be32_to_cpu(db->key); 1191 } 1192 } 1193 1194 ++ioctx->n_rdma; 1195 riu->wr.sg_list = kmalloc_array(riu->wr.num_sge, 1196 sizeof(*riu->wr.sg_list), 1197 GFP_KERNEL); 1198 if (!riu->wr.sg_list) 1199 goto free_mem; 1200 } 1201 1202 db = ioctx->rbufs; 1203 tsize = cmd->data_length; 1204 riu = ioctx->rdma_wrs; 1205 sg = sg_orig; 1206 dma_len = ib_sg_dma_len(dev, &sg[0]); 1207 dma_addr = ib_sg_dma_address(dev, &sg[0]); 1208 1209 /* this second loop is really mapped sg_addres to rdma_iu->ib_sge */ 1210 for (i = 0, j = 0; 1211 j < count && i < ioctx->n_rbuf && tsize > 0; ++i, ++riu, ++db) { 1212 rsize = be32_to_cpu(db->len); 1213 sge = riu->wr.sg_list; 1214 k = 0; 1215 1216 while (rsize > 0 && tsize > 0) { 1217 sge->addr = dma_addr; 1218 sge->lkey = ch->sport->sdev->pd->local_dma_lkey; 1219 1220 if (rsize >= dma_len) { 1221 sge->length = 1222 (tsize < dma_len) ? tsize : dma_len; 1223 tsize -= dma_len; 1224 rsize -= dma_len; 1225 1226 if (tsize > 0) { 1227 ++j; 1228 if (j < count) { 1229 sg = sg_next(sg); 1230 dma_len = ib_sg_dma_len( 1231 dev, sg); 1232 dma_addr = ib_sg_dma_address( 1233 dev, sg); 1234 } 1235 } 1236 } else { 1237 sge->length = (tsize < rsize) ? tsize : rsize; 1238 tsize -= rsize; 1239 dma_len -= rsize; 1240 dma_addr += rsize; 1241 rsize = 0; 1242 } 1243 1244 ++k; 1245 if (k == riu->wr.num_sge && rsize > 0 && tsize > 0) { 1246 ++riu; 1247 sge = riu->wr.sg_list; 1248 k = 0; 1249 } else if (rsize > 0 && tsize > 0) 1250 ++sge; 1251 } 1252 } 1253 1254 return 0; 1255 1256 free_mem: 1257 srpt_unmap_sg_to_ib_sge(ch, ioctx); 1258 1259 return -ENOMEM; 1260 } 1261 1262 /** 1263 * srpt_get_send_ioctx() - Obtain an I/O context for sending to the initiator. 1264 */ 1265 static struct srpt_send_ioctx *srpt_get_send_ioctx(struct srpt_rdma_ch *ch) 1266 { 1267 struct srpt_send_ioctx *ioctx; 1268 unsigned long flags; 1269 1270 BUG_ON(!ch); 1271 1272 ioctx = NULL; 1273 spin_lock_irqsave(&ch->spinlock, flags); 1274 if (!list_empty(&ch->free_list)) { 1275 ioctx = list_first_entry(&ch->free_list, 1276 struct srpt_send_ioctx, free_list); 1277 list_del(&ioctx->free_list); 1278 } 1279 spin_unlock_irqrestore(&ch->spinlock, flags); 1280 1281 if (!ioctx) 1282 return ioctx; 1283 1284 BUG_ON(ioctx->ch != ch); 1285 spin_lock_init(&ioctx->spinlock); 1286 ioctx->state = SRPT_STATE_NEW; 1287 ioctx->n_rbuf = 0; 1288 ioctx->rbufs = NULL; 1289 ioctx->n_rdma = 0; 1290 ioctx->n_rdma_wrs = 0; 1291 ioctx->rdma_wrs = NULL; 1292 ioctx->mapped_sg_count = 0; 1293 init_completion(&ioctx->tx_done); 1294 ioctx->queue_status_only = false; 1295 /* 1296 * transport_init_se_cmd() does not initialize all fields, so do it 1297 * here. 1298 */ 1299 memset(&ioctx->cmd, 0, sizeof(ioctx->cmd)); 1300 memset(&ioctx->sense_data, 0, sizeof(ioctx->sense_data)); 1301 1302 return ioctx; 1303 } 1304 1305 /** 1306 * srpt_abort_cmd() - Abort a SCSI command. 1307 * @ioctx: I/O context associated with the SCSI command. 1308 * @context: Preferred execution context. 1309 */ 1310 static int srpt_abort_cmd(struct srpt_send_ioctx *ioctx) 1311 { 1312 enum srpt_command_state state; 1313 unsigned long flags; 1314 1315 BUG_ON(!ioctx); 1316 1317 /* 1318 * If the command is in a state where the target core is waiting for 1319 * the ib_srpt driver, change the state to the next state. 1320 */ 1321 1322 spin_lock_irqsave(&ioctx->spinlock, flags); 1323 state = ioctx->state; 1324 switch (state) { 1325 case SRPT_STATE_NEED_DATA: 1326 ioctx->state = SRPT_STATE_DATA_IN; 1327 break; 1328 case SRPT_STATE_CMD_RSP_SENT: 1329 case SRPT_STATE_MGMT_RSP_SENT: 1330 ioctx->state = SRPT_STATE_DONE; 1331 break; 1332 default: 1333 WARN_ONCE(true, "%s: unexpected I/O context state %d\n", 1334 __func__, state); 1335 break; 1336 } 1337 spin_unlock_irqrestore(&ioctx->spinlock, flags); 1338 1339 pr_debug("Aborting cmd with state %d and tag %lld\n", state, 1340 ioctx->cmd.tag); 1341 1342 switch (state) { 1343 case SRPT_STATE_NEW: 1344 case SRPT_STATE_DATA_IN: 1345 case SRPT_STATE_MGMT: 1346 case SRPT_STATE_DONE: 1347 /* 1348 * Do nothing - defer abort processing until 1349 * srpt_queue_response() is invoked. 1350 */ 1351 break; 1352 case SRPT_STATE_NEED_DATA: 1353 pr_debug("tag %#llx: RDMA read error\n", ioctx->cmd.tag); 1354 transport_generic_request_failure(&ioctx->cmd, 1355 TCM_CHECK_CONDITION_ABORT_CMD); 1356 break; 1357 case SRPT_STATE_CMD_RSP_SENT: 1358 /* 1359 * SRP_RSP sending failed or the SRP_RSP send completion has 1360 * not been received in time. 1361 */ 1362 srpt_unmap_sg_to_ib_sge(ioctx->ch, ioctx); 1363 transport_generic_free_cmd(&ioctx->cmd, 0); 1364 break; 1365 case SRPT_STATE_MGMT_RSP_SENT: 1366 transport_generic_free_cmd(&ioctx->cmd, 0); 1367 break; 1368 default: 1369 WARN(1, "Unexpected command state (%d)", state); 1370 break; 1371 } 1372 1373 return state; 1374 } 1375 1376 /** 1377 * XXX: what is now target_execute_cmd used to be asynchronous, and unmapping 1378 * the data that has been transferred via IB RDMA had to be postponed until the 1379 * check_stop_free() callback. None of this is necessary anymore and needs to 1380 * be cleaned up. 1381 */ 1382 static void srpt_rdma_read_done(struct ib_cq *cq, struct ib_wc *wc) 1383 { 1384 struct srpt_rdma_ch *ch = cq->cq_context; 1385 struct srpt_send_ioctx *ioctx = 1386 container_of(wc->wr_cqe, struct srpt_send_ioctx, rdma_cqe); 1387 1388 WARN_ON(ioctx->n_rdma <= 0); 1389 atomic_add(ioctx->n_rdma, &ch->sq_wr_avail); 1390 1391 if (unlikely(wc->status != IB_WC_SUCCESS)) { 1392 pr_info("RDMA_READ for ioctx 0x%p failed with status %d\n", 1393 ioctx, wc->status); 1394 srpt_abort_cmd(ioctx); 1395 return; 1396 } 1397 1398 if (srpt_test_and_set_cmd_state(ioctx, SRPT_STATE_NEED_DATA, 1399 SRPT_STATE_DATA_IN)) 1400 target_execute_cmd(&ioctx->cmd); 1401 else 1402 pr_err("%s[%d]: wrong state = %d\n", __func__, 1403 __LINE__, srpt_get_cmd_state(ioctx)); 1404 } 1405 1406 static void srpt_rdma_write_done(struct ib_cq *cq, struct ib_wc *wc) 1407 { 1408 struct srpt_send_ioctx *ioctx = 1409 container_of(wc->wr_cqe, struct srpt_send_ioctx, rdma_cqe); 1410 1411 if (unlikely(wc->status != IB_WC_SUCCESS)) { 1412 /* 1413 * Note: if an RDMA write error completion is received that 1414 * means that a SEND also has been posted. Defer further 1415 * processing of the associated command until the send error 1416 * completion has been received. 1417 */ 1418 pr_info("RDMA_WRITE for ioctx 0x%p failed with status %d\n", 1419 ioctx, wc->status); 1420 } 1421 } 1422 1423 /** 1424 * srpt_build_cmd_rsp() - Build an SRP_RSP response. 1425 * @ch: RDMA channel through which the request has been received. 1426 * @ioctx: I/O context associated with the SRP_CMD request. The response will 1427 * be built in the buffer ioctx->buf points at and hence this function will 1428 * overwrite the request data. 1429 * @tag: tag of the request for which this response is being generated. 1430 * @status: value for the STATUS field of the SRP_RSP information unit. 1431 * 1432 * Returns the size in bytes of the SRP_RSP response. 1433 * 1434 * An SRP_RSP response contains a SCSI status or service response. See also 1435 * section 6.9 in the SRP r16a document for the format of an SRP_RSP 1436 * response. See also SPC-2 for more information about sense data. 1437 */ 1438 static int srpt_build_cmd_rsp(struct srpt_rdma_ch *ch, 1439 struct srpt_send_ioctx *ioctx, u64 tag, 1440 int status) 1441 { 1442 struct srp_rsp *srp_rsp; 1443 const u8 *sense_data; 1444 int sense_data_len, max_sense_len; 1445 1446 /* 1447 * The lowest bit of all SAM-3 status codes is zero (see also 1448 * paragraph 5.3 in SAM-3). 1449 */ 1450 WARN_ON(status & 1); 1451 1452 srp_rsp = ioctx->ioctx.buf; 1453 BUG_ON(!srp_rsp); 1454 1455 sense_data = ioctx->sense_data; 1456 sense_data_len = ioctx->cmd.scsi_sense_length; 1457 WARN_ON(sense_data_len > sizeof(ioctx->sense_data)); 1458 1459 memset(srp_rsp, 0, sizeof(*srp_rsp)); 1460 srp_rsp->opcode = SRP_RSP; 1461 srp_rsp->req_lim_delta = 1462 cpu_to_be32(1 + atomic_xchg(&ch->req_lim_delta, 0)); 1463 srp_rsp->tag = tag; 1464 srp_rsp->status = status; 1465 1466 if (sense_data_len) { 1467 BUILD_BUG_ON(MIN_MAX_RSP_SIZE <= sizeof(*srp_rsp)); 1468 max_sense_len = ch->max_ti_iu_len - sizeof(*srp_rsp); 1469 if (sense_data_len > max_sense_len) { 1470 pr_warn("truncated sense data from %d to %d" 1471 " bytes\n", sense_data_len, max_sense_len); 1472 sense_data_len = max_sense_len; 1473 } 1474 1475 srp_rsp->flags |= SRP_RSP_FLAG_SNSVALID; 1476 srp_rsp->sense_data_len = cpu_to_be32(sense_data_len); 1477 memcpy(srp_rsp + 1, sense_data, sense_data_len); 1478 } 1479 1480 return sizeof(*srp_rsp) + sense_data_len; 1481 } 1482 1483 /** 1484 * srpt_build_tskmgmt_rsp() - Build a task management response. 1485 * @ch: RDMA channel through which the request has been received. 1486 * @ioctx: I/O context in which the SRP_RSP response will be built. 1487 * @rsp_code: RSP_CODE that will be stored in the response. 1488 * @tag: Tag of the request for which this response is being generated. 1489 * 1490 * Returns the size in bytes of the SRP_RSP response. 1491 * 1492 * An SRP_RSP response contains a SCSI status or service response. See also 1493 * section 6.9 in the SRP r16a document for the format of an SRP_RSP 1494 * response. 1495 */ 1496 static int srpt_build_tskmgmt_rsp(struct srpt_rdma_ch *ch, 1497 struct srpt_send_ioctx *ioctx, 1498 u8 rsp_code, u64 tag) 1499 { 1500 struct srp_rsp *srp_rsp; 1501 int resp_data_len; 1502 int resp_len; 1503 1504 resp_data_len = 4; 1505 resp_len = sizeof(*srp_rsp) + resp_data_len; 1506 1507 srp_rsp = ioctx->ioctx.buf; 1508 BUG_ON(!srp_rsp); 1509 memset(srp_rsp, 0, sizeof(*srp_rsp)); 1510 1511 srp_rsp->opcode = SRP_RSP; 1512 srp_rsp->req_lim_delta = 1513 cpu_to_be32(1 + atomic_xchg(&ch->req_lim_delta, 0)); 1514 srp_rsp->tag = tag; 1515 1516 srp_rsp->flags |= SRP_RSP_FLAG_RSPVALID; 1517 srp_rsp->resp_data_len = cpu_to_be32(resp_data_len); 1518 srp_rsp->data[3] = rsp_code; 1519 1520 return resp_len; 1521 } 1522 1523 static int srpt_check_stop_free(struct se_cmd *cmd) 1524 { 1525 struct srpt_send_ioctx *ioctx = container_of(cmd, 1526 struct srpt_send_ioctx, cmd); 1527 1528 return target_put_sess_cmd(&ioctx->cmd); 1529 } 1530 1531 /** 1532 * srpt_handle_cmd() - Process SRP_CMD. 1533 */ 1534 static void srpt_handle_cmd(struct srpt_rdma_ch *ch, 1535 struct srpt_recv_ioctx *recv_ioctx, 1536 struct srpt_send_ioctx *send_ioctx) 1537 { 1538 struct se_cmd *cmd; 1539 struct srp_cmd *srp_cmd; 1540 u64 data_len; 1541 enum dma_data_direction dir; 1542 int rc; 1543 1544 BUG_ON(!send_ioctx); 1545 1546 srp_cmd = recv_ioctx->ioctx.buf; 1547 cmd = &send_ioctx->cmd; 1548 cmd->tag = srp_cmd->tag; 1549 1550 switch (srp_cmd->task_attr) { 1551 case SRP_CMD_SIMPLE_Q: 1552 cmd->sam_task_attr = TCM_SIMPLE_TAG; 1553 break; 1554 case SRP_CMD_ORDERED_Q: 1555 default: 1556 cmd->sam_task_attr = TCM_ORDERED_TAG; 1557 break; 1558 case SRP_CMD_HEAD_OF_Q: 1559 cmd->sam_task_attr = TCM_HEAD_TAG; 1560 break; 1561 case SRP_CMD_ACA: 1562 cmd->sam_task_attr = TCM_ACA_TAG; 1563 break; 1564 } 1565 1566 if (srpt_get_desc_tbl(send_ioctx, srp_cmd, &dir, &data_len)) { 1567 pr_err("0x%llx: parsing SRP descriptor table failed.\n", 1568 srp_cmd->tag); 1569 goto release_ioctx; 1570 } 1571 1572 rc = target_submit_cmd(cmd, ch->sess, srp_cmd->cdb, 1573 &send_ioctx->sense_data[0], 1574 scsilun_to_int(&srp_cmd->lun), data_len, 1575 TCM_SIMPLE_TAG, dir, TARGET_SCF_ACK_KREF); 1576 if (rc != 0) { 1577 pr_debug("target_submit_cmd() returned %d for tag %#llx\n", rc, 1578 srp_cmd->tag); 1579 goto release_ioctx; 1580 } 1581 return; 1582 1583 release_ioctx: 1584 send_ioctx->state = SRPT_STATE_DONE; 1585 srpt_release_cmd(cmd); 1586 } 1587 1588 static int srp_tmr_to_tcm(int fn) 1589 { 1590 switch (fn) { 1591 case SRP_TSK_ABORT_TASK: 1592 return TMR_ABORT_TASK; 1593 case SRP_TSK_ABORT_TASK_SET: 1594 return TMR_ABORT_TASK_SET; 1595 case SRP_TSK_CLEAR_TASK_SET: 1596 return TMR_CLEAR_TASK_SET; 1597 case SRP_TSK_LUN_RESET: 1598 return TMR_LUN_RESET; 1599 case SRP_TSK_CLEAR_ACA: 1600 return TMR_CLEAR_ACA; 1601 default: 1602 return -1; 1603 } 1604 } 1605 1606 /** 1607 * srpt_handle_tsk_mgmt() - Process an SRP_TSK_MGMT information unit. 1608 * 1609 * Returns 0 if and only if the request will be processed by the target core. 1610 * 1611 * For more information about SRP_TSK_MGMT information units, see also section 1612 * 6.7 in the SRP r16a document. 1613 */ 1614 static void srpt_handle_tsk_mgmt(struct srpt_rdma_ch *ch, 1615 struct srpt_recv_ioctx *recv_ioctx, 1616 struct srpt_send_ioctx *send_ioctx) 1617 { 1618 struct srp_tsk_mgmt *srp_tsk; 1619 struct se_cmd *cmd; 1620 struct se_session *sess = ch->sess; 1621 int tcm_tmr; 1622 int rc; 1623 1624 BUG_ON(!send_ioctx); 1625 1626 srp_tsk = recv_ioctx->ioctx.buf; 1627 cmd = &send_ioctx->cmd; 1628 1629 pr_debug("recv tsk_mgmt fn %d for task_tag %lld and cmd tag %lld" 1630 " cm_id %p sess %p\n", srp_tsk->tsk_mgmt_func, 1631 srp_tsk->task_tag, srp_tsk->tag, ch->cm_id, ch->sess); 1632 1633 srpt_set_cmd_state(send_ioctx, SRPT_STATE_MGMT); 1634 send_ioctx->cmd.tag = srp_tsk->tag; 1635 tcm_tmr = srp_tmr_to_tcm(srp_tsk->tsk_mgmt_func); 1636 rc = target_submit_tmr(&send_ioctx->cmd, sess, NULL, 1637 scsilun_to_int(&srp_tsk->lun), srp_tsk, tcm_tmr, 1638 GFP_KERNEL, srp_tsk->task_tag, 1639 TARGET_SCF_ACK_KREF); 1640 if (rc != 0) { 1641 send_ioctx->cmd.se_tmr_req->response = TMR_FUNCTION_REJECTED; 1642 goto fail; 1643 } 1644 return; 1645 fail: 1646 transport_send_check_condition_and_sense(cmd, 0, 0); // XXX: 1647 } 1648 1649 /** 1650 * srpt_handle_new_iu() - Process a newly received information unit. 1651 * @ch: RDMA channel through which the information unit has been received. 1652 * @ioctx: SRPT I/O context associated with the information unit. 1653 */ 1654 static void srpt_handle_new_iu(struct srpt_rdma_ch *ch, 1655 struct srpt_recv_ioctx *recv_ioctx, 1656 struct srpt_send_ioctx *send_ioctx) 1657 { 1658 struct srp_cmd *srp_cmd; 1659 1660 BUG_ON(!ch); 1661 BUG_ON(!recv_ioctx); 1662 1663 ib_dma_sync_single_for_cpu(ch->sport->sdev->device, 1664 recv_ioctx->ioctx.dma, srp_max_req_size, 1665 DMA_FROM_DEVICE); 1666 1667 if (unlikely(ch->state == CH_CONNECTING)) { 1668 list_add_tail(&recv_ioctx->wait_list, &ch->cmd_wait_list); 1669 goto out; 1670 } 1671 1672 if (unlikely(ch->state != CH_LIVE)) 1673 goto out; 1674 1675 srp_cmd = recv_ioctx->ioctx.buf; 1676 if (srp_cmd->opcode == SRP_CMD || srp_cmd->opcode == SRP_TSK_MGMT) { 1677 if (!send_ioctx) 1678 send_ioctx = srpt_get_send_ioctx(ch); 1679 if (unlikely(!send_ioctx)) { 1680 list_add_tail(&recv_ioctx->wait_list, 1681 &ch->cmd_wait_list); 1682 goto out; 1683 } 1684 } 1685 1686 switch (srp_cmd->opcode) { 1687 case SRP_CMD: 1688 srpt_handle_cmd(ch, recv_ioctx, send_ioctx); 1689 break; 1690 case SRP_TSK_MGMT: 1691 srpt_handle_tsk_mgmt(ch, recv_ioctx, send_ioctx); 1692 break; 1693 case SRP_I_LOGOUT: 1694 pr_err("Not yet implemented: SRP_I_LOGOUT\n"); 1695 break; 1696 case SRP_CRED_RSP: 1697 pr_debug("received SRP_CRED_RSP\n"); 1698 break; 1699 case SRP_AER_RSP: 1700 pr_debug("received SRP_AER_RSP\n"); 1701 break; 1702 case SRP_RSP: 1703 pr_err("Received SRP_RSP\n"); 1704 break; 1705 default: 1706 pr_err("received IU with unknown opcode 0x%x\n", 1707 srp_cmd->opcode); 1708 break; 1709 } 1710 1711 srpt_post_recv(ch->sport->sdev, recv_ioctx); 1712 out: 1713 return; 1714 } 1715 1716 static void srpt_recv_done(struct ib_cq *cq, struct ib_wc *wc) 1717 { 1718 struct srpt_rdma_ch *ch = cq->cq_context; 1719 struct srpt_recv_ioctx *ioctx = 1720 container_of(wc->wr_cqe, struct srpt_recv_ioctx, ioctx.cqe); 1721 1722 if (wc->status == IB_WC_SUCCESS) { 1723 int req_lim; 1724 1725 req_lim = atomic_dec_return(&ch->req_lim); 1726 if (unlikely(req_lim < 0)) 1727 pr_err("req_lim = %d < 0\n", req_lim); 1728 srpt_handle_new_iu(ch, ioctx, NULL); 1729 } else { 1730 pr_info("receiving failed for ioctx %p with status %d\n", 1731 ioctx, wc->status); 1732 } 1733 } 1734 1735 /* 1736 * This function must be called from the context in which RDMA completions are 1737 * processed because it accesses the wait list without protection against 1738 * access from other threads. 1739 */ 1740 static void srpt_process_wait_list(struct srpt_rdma_ch *ch) 1741 { 1742 struct srpt_send_ioctx *ioctx; 1743 1744 while (!list_empty(&ch->cmd_wait_list) && 1745 ch->state >= CH_LIVE && 1746 (ioctx = srpt_get_send_ioctx(ch)) != NULL) { 1747 struct srpt_recv_ioctx *recv_ioctx; 1748 1749 recv_ioctx = list_first_entry(&ch->cmd_wait_list, 1750 struct srpt_recv_ioctx, 1751 wait_list); 1752 list_del(&recv_ioctx->wait_list); 1753 srpt_handle_new_iu(ch, recv_ioctx, ioctx); 1754 } 1755 } 1756 1757 /** 1758 * Note: Although this has not yet been observed during tests, at least in 1759 * theory it is possible that the srpt_get_send_ioctx() call invoked by 1760 * srpt_handle_new_iu() fails. This is possible because the req_lim_delta 1761 * value in each response is set to one, and it is possible that this response 1762 * makes the initiator send a new request before the send completion for that 1763 * response has been processed. This could e.g. happen if the call to 1764 * srpt_put_send_iotcx() is delayed because of a higher priority interrupt or 1765 * if IB retransmission causes generation of the send completion to be 1766 * delayed. Incoming information units for which srpt_get_send_ioctx() fails 1767 * are queued on cmd_wait_list. The code below processes these delayed 1768 * requests one at a time. 1769 */ 1770 static void srpt_send_done(struct ib_cq *cq, struct ib_wc *wc) 1771 { 1772 struct srpt_rdma_ch *ch = cq->cq_context; 1773 struct srpt_send_ioctx *ioctx = 1774 container_of(wc->wr_cqe, struct srpt_send_ioctx, ioctx.cqe); 1775 enum srpt_command_state state; 1776 1777 state = srpt_set_cmd_state(ioctx, SRPT_STATE_DONE); 1778 1779 WARN_ON(state != SRPT_STATE_CMD_RSP_SENT && 1780 state != SRPT_STATE_MGMT_RSP_SENT); 1781 1782 atomic_inc(&ch->sq_wr_avail); 1783 1784 if (wc->status != IB_WC_SUCCESS) 1785 pr_info("sending response for ioctx 0x%p failed" 1786 " with status %d\n", ioctx, wc->status); 1787 1788 if (state != SRPT_STATE_DONE) { 1789 srpt_unmap_sg_to_ib_sge(ch, ioctx); 1790 transport_generic_free_cmd(&ioctx->cmd, 0); 1791 } else { 1792 pr_err("IB completion has been received too late for" 1793 " wr_id = %u.\n", ioctx->ioctx.index); 1794 } 1795 1796 srpt_process_wait_list(ch); 1797 } 1798 1799 /** 1800 * srpt_create_ch_ib() - Create receive and send completion queues. 1801 */ 1802 static int srpt_create_ch_ib(struct srpt_rdma_ch *ch) 1803 { 1804 struct ib_qp_init_attr *qp_init; 1805 struct srpt_port *sport = ch->sport; 1806 struct srpt_device *sdev = sport->sdev; 1807 u32 srp_sq_size = sport->port_attrib.srp_sq_size; 1808 int ret; 1809 1810 WARN_ON(ch->rq_size < 1); 1811 1812 ret = -ENOMEM; 1813 qp_init = kzalloc(sizeof(*qp_init), GFP_KERNEL); 1814 if (!qp_init) 1815 goto out; 1816 1817 retry: 1818 ch->cq = ib_alloc_cq(sdev->device, ch, ch->rq_size + srp_sq_size, 1819 0 /* XXX: spread CQs */, IB_POLL_WORKQUEUE); 1820 if (IS_ERR(ch->cq)) { 1821 ret = PTR_ERR(ch->cq); 1822 pr_err("failed to create CQ cqe= %d ret= %d\n", 1823 ch->rq_size + srp_sq_size, ret); 1824 goto out; 1825 } 1826 1827 qp_init->qp_context = (void *)ch; 1828 qp_init->event_handler 1829 = (void(*)(struct ib_event *, void*))srpt_qp_event; 1830 qp_init->send_cq = ch->cq; 1831 qp_init->recv_cq = ch->cq; 1832 qp_init->srq = sdev->srq; 1833 qp_init->sq_sig_type = IB_SIGNAL_REQ_WR; 1834 qp_init->qp_type = IB_QPT_RC; 1835 qp_init->cap.max_send_wr = srp_sq_size; 1836 qp_init->cap.max_send_sge = SRPT_DEF_SG_PER_WQE; 1837 1838 ch->qp = ib_create_qp(sdev->pd, qp_init); 1839 if (IS_ERR(ch->qp)) { 1840 ret = PTR_ERR(ch->qp); 1841 if (ret == -ENOMEM) { 1842 srp_sq_size /= 2; 1843 if (srp_sq_size >= MIN_SRPT_SQ_SIZE) { 1844 ib_destroy_cq(ch->cq); 1845 goto retry; 1846 } 1847 } 1848 pr_err("failed to create_qp ret= %d\n", ret); 1849 goto err_destroy_cq; 1850 } 1851 1852 atomic_set(&ch->sq_wr_avail, qp_init->cap.max_send_wr); 1853 1854 pr_debug("%s: max_cqe= %d max_sge= %d sq_size = %d cm_id= %p\n", 1855 __func__, ch->cq->cqe, qp_init->cap.max_send_sge, 1856 qp_init->cap.max_send_wr, ch->cm_id); 1857 1858 ret = srpt_init_ch_qp(ch, ch->qp); 1859 if (ret) 1860 goto err_destroy_qp; 1861 1862 out: 1863 kfree(qp_init); 1864 return ret; 1865 1866 err_destroy_qp: 1867 ib_destroy_qp(ch->qp); 1868 err_destroy_cq: 1869 ib_free_cq(ch->cq); 1870 goto out; 1871 } 1872 1873 static void srpt_destroy_ch_ib(struct srpt_rdma_ch *ch) 1874 { 1875 ib_destroy_qp(ch->qp); 1876 ib_free_cq(ch->cq); 1877 } 1878 1879 /** 1880 * srpt_close_ch() - Close an RDMA channel. 1881 * 1882 * Make sure all resources associated with the channel will be deallocated at 1883 * an appropriate time. 1884 * 1885 * Returns true if and only if the channel state has been modified into 1886 * CH_DRAINING. 1887 */ 1888 static bool srpt_close_ch(struct srpt_rdma_ch *ch) 1889 { 1890 int ret; 1891 1892 if (!srpt_set_ch_state(ch, CH_DRAINING)) { 1893 pr_debug("%s-%d: already closed\n", ch->sess_name, 1894 ch->qp->qp_num); 1895 return false; 1896 } 1897 1898 kref_get(&ch->kref); 1899 1900 ret = srpt_ch_qp_err(ch); 1901 if (ret < 0) 1902 pr_err("%s-%d: changing queue pair into error state failed: %d\n", 1903 ch->sess_name, ch->qp->qp_num, ret); 1904 1905 pr_debug("%s-%d: queued zerolength write\n", ch->sess_name, 1906 ch->qp->qp_num); 1907 ret = srpt_zerolength_write(ch); 1908 if (ret < 0) { 1909 pr_err("%s-%d: queuing zero-length write failed: %d\n", 1910 ch->sess_name, ch->qp->qp_num, ret); 1911 if (srpt_set_ch_state(ch, CH_DISCONNECTED)) 1912 schedule_work(&ch->release_work); 1913 else 1914 WARN_ON_ONCE(true); 1915 } 1916 1917 kref_put(&ch->kref, srpt_free_ch); 1918 1919 return true; 1920 } 1921 1922 /* 1923 * Change the channel state into CH_DISCONNECTING. If a channel has not yet 1924 * reached the connected state, close it. If a channel is in the connected 1925 * state, send a DREQ. If a DREQ has been received, send a DREP. Note: it is 1926 * the responsibility of the caller to ensure that this function is not 1927 * invoked concurrently with the code that accepts a connection. This means 1928 * that this function must either be invoked from inside a CM callback 1929 * function or that it must be invoked with the srpt_port.mutex held. 1930 */ 1931 static int srpt_disconnect_ch(struct srpt_rdma_ch *ch) 1932 { 1933 int ret; 1934 1935 if (!srpt_set_ch_state(ch, CH_DISCONNECTING)) 1936 return -ENOTCONN; 1937 1938 ret = ib_send_cm_dreq(ch->cm_id, NULL, 0); 1939 if (ret < 0) 1940 ret = ib_send_cm_drep(ch->cm_id, NULL, 0); 1941 1942 if (ret < 0 && srpt_close_ch(ch)) 1943 ret = 0; 1944 1945 return ret; 1946 } 1947 1948 static void __srpt_close_all_ch(struct srpt_device *sdev) 1949 { 1950 struct srpt_rdma_ch *ch; 1951 1952 lockdep_assert_held(&sdev->mutex); 1953 1954 list_for_each_entry(ch, &sdev->rch_list, list) { 1955 if (srpt_disconnect_ch(ch) >= 0) 1956 pr_info("Closing channel %s-%d because target %s has been disabled\n", 1957 ch->sess_name, ch->qp->qp_num, 1958 sdev->device->name); 1959 srpt_close_ch(ch); 1960 } 1961 } 1962 1963 /** 1964 * srpt_shutdown_session() - Whether or not a session may be shut down. 1965 */ 1966 static int srpt_shutdown_session(struct se_session *se_sess) 1967 { 1968 return 1; 1969 } 1970 1971 static void srpt_free_ch(struct kref *kref) 1972 { 1973 struct srpt_rdma_ch *ch = container_of(kref, struct srpt_rdma_ch, kref); 1974 1975 kfree(ch); 1976 } 1977 1978 static void srpt_release_channel_work(struct work_struct *w) 1979 { 1980 struct srpt_rdma_ch *ch; 1981 struct srpt_device *sdev; 1982 struct se_session *se_sess; 1983 1984 ch = container_of(w, struct srpt_rdma_ch, release_work); 1985 pr_debug("%s: %s-%d; release_done = %p\n", __func__, ch->sess_name, 1986 ch->qp->qp_num, ch->release_done); 1987 1988 sdev = ch->sport->sdev; 1989 BUG_ON(!sdev); 1990 1991 se_sess = ch->sess; 1992 BUG_ON(!se_sess); 1993 1994 target_sess_cmd_list_set_waiting(se_sess); 1995 target_wait_for_sess_cmds(se_sess); 1996 1997 transport_deregister_session_configfs(se_sess); 1998 transport_deregister_session(se_sess); 1999 ch->sess = NULL; 2000 2001 ib_destroy_cm_id(ch->cm_id); 2002 2003 srpt_destroy_ch_ib(ch); 2004 2005 srpt_free_ioctx_ring((struct srpt_ioctx **)ch->ioctx_ring, 2006 ch->sport->sdev, ch->rq_size, 2007 ch->rsp_size, DMA_TO_DEVICE); 2008 2009 mutex_lock(&sdev->mutex); 2010 list_del_init(&ch->list); 2011 if (ch->release_done) 2012 complete(ch->release_done); 2013 mutex_unlock(&sdev->mutex); 2014 2015 wake_up(&sdev->ch_releaseQ); 2016 2017 kref_put(&ch->kref, srpt_free_ch); 2018 } 2019 2020 /** 2021 * srpt_cm_req_recv() - Process the event IB_CM_REQ_RECEIVED. 2022 * 2023 * Ownership of the cm_id is transferred to the target session if this 2024 * functions returns zero. Otherwise the caller remains the owner of cm_id. 2025 */ 2026 static int srpt_cm_req_recv(struct ib_cm_id *cm_id, 2027 struct ib_cm_req_event_param *param, 2028 void *private_data) 2029 { 2030 struct srpt_device *sdev = cm_id->context; 2031 struct srpt_port *sport = &sdev->port[param->port - 1]; 2032 struct srp_login_req *req; 2033 struct srp_login_rsp *rsp; 2034 struct srp_login_rej *rej; 2035 struct ib_cm_rep_param *rep_param; 2036 struct srpt_rdma_ch *ch, *tmp_ch; 2037 u32 it_iu_len; 2038 int i, ret = 0; 2039 unsigned char *p; 2040 2041 WARN_ON_ONCE(irqs_disabled()); 2042 2043 if (WARN_ON(!sdev || !private_data)) 2044 return -EINVAL; 2045 2046 req = (struct srp_login_req *)private_data; 2047 2048 it_iu_len = be32_to_cpu(req->req_it_iu_len); 2049 2050 pr_info("Received SRP_LOGIN_REQ with i_port_id 0x%llx:0x%llx," 2051 " t_port_id 0x%llx:0x%llx and it_iu_len %d on port %d" 2052 " (guid=0x%llx:0x%llx)\n", 2053 be64_to_cpu(*(__be64 *)&req->initiator_port_id[0]), 2054 be64_to_cpu(*(__be64 *)&req->initiator_port_id[8]), 2055 be64_to_cpu(*(__be64 *)&req->target_port_id[0]), 2056 be64_to_cpu(*(__be64 *)&req->target_port_id[8]), 2057 it_iu_len, 2058 param->port, 2059 be64_to_cpu(*(__be64 *)&sdev->port[param->port - 1].gid.raw[0]), 2060 be64_to_cpu(*(__be64 *)&sdev->port[param->port - 1].gid.raw[8])); 2061 2062 rsp = kzalloc(sizeof(*rsp), GFP_KERNEL); 2063 rej = kzalloc(sizeof(*rej), GFP_KERNEL); 2064 rep_param = kzalloc(sizeof(*rep_param), GFP_KERNEL); 2065 2066 if (!rsp || !rej || !rep_param) { 2067 ret = -ENOMEM; 2068 goto out; 2069 } 2070 2071 if (it_iu_len > srp_max_req_size || it_iu_len < 64) { 2072 rej->reason = cpu_to_be32( 2073 SRP_LOGIN_REJ_REQ_IT_IU_LENGTH_TOO_LARGE); 2074 ret = -EINVAL; 2075 pr_err("rejected SRP_LOGIN_REQ because its" 2076 " length (%d bytes) is out of range (%d .. %d)\n", 2077 it_iu_len, 64, srp_max_req_size); 2078 goto reject; 2079 } 2080 2081 if (!sport->enabled) { 2082 rej->reason = cpu_to_be32( 2083 SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2084 ret = -EINVAL; 2085 pr_err("rejected SRP_LOGIN_REQ because the target port" 2086 " has not yet been enabled\n"); 2087 goto reject; 2088 } 2089 2090 if ((req->req_flags & SRP_MTCH_ACTION) == SRP_MULTICHAN_SINGLE) { 2091 rsp->rsp_flags = SRP_LOGIN_RSP_MULTICHAN_NO_CHAN; 2092 2093 mutex_lock(&sdev->mutex); 2094 2095 list_for_each_entry_safe(ch, tmp_ch, &sdev->rch_list, list) { 2096 if (!memcmp(ch->i_port_id, req->initiator_port_id, 16) 2097 && !memcmp(ch->t_port_id, req->target_port_id, 16) 2098 && param->port == ch->sport->port 2099 && param->listen_id == ch->sport->sdev->cm_id 2100 && ch->cm_id) { 2101 if (srpt_disconnect_ch(ch) < 0) 2102 continue; 2103 pr_info("Relogin - closed existing channel %s\n", 2104 ch->sess_name); 2105 rsp->rsp_flags = 2106 SRP_LOGIN_RSP_MULTICHAN_TERMINATED; 2107 } 2108 } 2109 2110 mutex_unlock(&sdev->mutex); 2111 2112 } else 2113 rsp->rsp_flags = SRP_LOGIN_RSP_MULTICHAN_MAINTAINED; 2114 2115 if (*(__be64 *)req->target_port_id != cpu_to_be64(srpt_service_guid) 2116 || *(__be64 *)(req->target_port_id + 8) != 2117 cpu_to_be64(srpt_service_guid)) { 2118 rej->reason = cpu_to_be32( 2119 SRP_LOGIN_REJ_UNABLE_ASSOCIATE_CHANNEL); 2120 ret = -ENOMEM; 2121 pr_err("rejected SRP_LOGIN_REQ because it" 2122 " has an invalid target port identifier.\n"); 2123 goto reject; 2124 } 2125 2126 ch = kzalloc(sizeof(*ch), GFP_KERNEL); 2127 if (!ch) { 2128 rej->reason = cpu_to_be32( 2129 SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2130 pr_err("rejected SRP_LOGIN_REQ because no memory.\n"); 2131 ret = -ENOMEM; 2132 goto reject; 2133 } 2134 2135 kref_init(&ch->kref); 2136 ch->zw_cqe.done = srpt_zerolength_write_done; 2137 INIT_WORK(&ch->release_work, srpt_release_channel_work); 2138 memcpy(ch->i_port_id, req->initiator_port_id, 16); 2139 memcpy(ch->t_port_id, req->target_port_id, 16); 2140 ch->sport = &sdev->port[param->port - 1]; 2141 ch->cm_id = cm_id; 2142 cm_id->context = ch; 2143 /* 2144 * Avoid QUEUE_FULL conditions by limiting the number of buffers used 2145 * for the SRP protocol to the command queue size. 2146 */ 2147 ch->rq_size = SRPT_RQ_SIZE; 2148 spin_lock_init(&ch->spinlock); 2149 ch->state = CH_CONNECTING; 2150 INIT_LIST_HEAD(&ch->cmd_wait_list); 2151 ch->rsp_size = ch->sport->port_attrib.srp_max_rsp_size; 2152 2153 ch->ioctx_ring = (struct srpt_send_ioctx **) 2154 srpt_alloc_ioctx_ring(ch->sport->sdev, ch->rq_size, 2155 sizeof(*ch->ioctx_ring[0]), 2156 ch->rsp_size, DMA_TO_DEVICE); 2157 if (!ch->ioctx_ring) 2158 goto free_ch; 2159 2160 INIT_LIST_HEAD(&ch->free_list); 2161 for (i = 0; i < ch->rq_size; i++) { 2162 ch->ioctx_ring[i]->ch = ch; 2163 list_add_tail(&ch->ioctx_ring[i]->free_list, &ch->free_list); 2164 } 2165 2166 ret = srpt_create_ch_ib(ch); 2167 if (ret) { 2168 rej->reason = cpu_to_be32( 2169 SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2170 pr_err("rejected SRP_LOGIN_REQ because creating" 2171 " a new RDMA channel failed.\n"); 2172 goto free_ring; 2173 } 2174 2175 ret = srpt_ch_qp_rtr(ch, ch->qp); 2176 if (ret) { 2177 rej->reason = cpu_to_be32(SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); 2178 pr_err("rejected SRP_LOGIN_REQ because enabling" 2179 " RTR failed (error code = %d)\n", ret); 2180 goto destroy_ib; 2181 } 2182 2183 /* 2184 * Use the initator port identifier as the session name, when 2185 * checking against se_node_acl->initiatorname[] this can be 2186 * with or without preceeding '0x'. 2187 */ 2188 snprintf(ch->sess_name, sizeof(ch->sess_name), "0x%016llx%016llx", 2189 be64_to_cpu(*(__be64 *)ch->i_port_id), 2190 be64_to_cpu(*(__be64 *)(ch->i_port_id + 8))); 2191 2192 pr_debug("registering session %s\n", ch->sess_name); 2193 p = &ch->sess_name[0]; 2194 2195 try_again: 2196 ch->sess = target_alloc_session(&sport->port_tpg_1, 0, 0, 2197 TARGET_PROT_NORMAL, p, ch, NULL); 2198 if (IS_ERR(ch->sess)) { 2199 pr_info("Rejected login because no ACL has been" 2200 " configured yet for initiator %s.\n", p); 2201 /* 2202 * XXX: Hack to retry of ch->i_port_id without leading '0x' 2203 */ 2204 if (p == &ch->sess_name[0]) { 2205 p += 2; 2206 goto try_again; 2207 } 2208 rej->reason = cpu_to_be32((PTR_ERR(ch->sess) == -ENOMEM) ? 2209 SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES : 2210 SRP_LOGIN_REJ_CHANNEL_LIMIT_REACHED); 2211 goto destroy_ib; 2212 } 2213 2214 pr_debug("Establish connection sess=%p name=%s cm_id=%p\n", ch->sess, 2215 ch->sess_name, ch->cm_id); 2216 2217 /* create srp_login_response */ 2218 rsp->opcode = SRP_LOGIN_RSP; 2219 rsp->tag = req->tag; 2220 rsp->max_it_iu_len = req->req_it_iu_len; 2221 rsp->max_ti_iu_len = req->req_it_iu_len; 2222 ch->max_ti_iu_len = it_iu_len; 2223 rsp->buf_fmt = cpu_to_be16(SRP_BUF_FORMAT_DIRECT 2224 | SRP_BUF_FORMAT_INDIRECT); 2225 rsp->req_lim_delta = cpu_to_be32(ch->rq_size); 2226 atomic_set(&ch->req_lim, ch->rq_size); 2227 atomic_set(&ch->req_lim_delta, 0); 2228 2229 /* create cm reply */ 2230 rep_param->qp_num = ch->qp->qp_num; 2231 rep_param->private_data = (void *)rsp; 2232 rep_param->private_data_len = sizeof(*rsp); 2233 rep_param->rnr_retry_count = 7; 2234 rep_param->flow_control = 1; 2235 rep_param->failover_accepted = 0; 2236 rep_param->srq = 1; 2237 rep_param->responder_resources = 4; 2238 rep_param->initiator_depth = 4; 2239 2240 ret = ib_send_cm_rep(cm_id, rep_param); 2241 if (ret) { 2242 pr_err("sending SRP_LOGIN_REQ response failed" 2243 " (error code = %d)\n", ret); 2244 goto release_channel; 2245 } 2246 2247 mutex_lock(&sdev->mutex); 2248 list_add_tail(&ch->list, &sdev->rch_list); 2249 mutex_unlock(&sdev->mutex); 2250 2251 goto out; 2252 2253 release_channel: 2254 srpt_disconnect_ch(ch); 2255 transport_deregister_session_configfs(ch->sess); 2256 transport_deregister_session(ch->sess); 2257 ch->sess = NULL; 2258 2259 destroy_ib: 2260 srpt_destroy_ch_ib(ch); 2261 2262 free_ring: 2263 srpt_free_ioctx_ring((struct srpt_ioctx **)ch->ioctx_ring, 2264 ch->sport->sdev, ch->rq_size, 2265 ch->rsp_size, DMA_TO_DEVICE); 2266 free_ch: 2267 kfree(ch); 2268 2269 reject: 2270 rej->opcode = SRP_LOGIN_REJ; 2271 rej->tag = req->tag; 2272 rej->buf_fmt = cpu_to_be16(SRP_BUF_FORMAT_DIRECT 2273 | SRP_BUF_FORMAT_INDIRECT); 2274 2275 ib_send_cm_rej(cm_id, IB_CM_REJ_CONSUMER_DEFINED, NULL, 0, 2276 (void *)rej, sizeof(*rej)); 2277 2278 out: 2279 kfree(rep_param); 2280 kfree(rsp); 2281 kfree(rej); 2282 2283 return ret; 2284 } 2285 2286 static void srpt_cm_rej_recv(struct srpt_rdma_ch *ch, 2287 enum ib_cm_rej_reason reason, 2288 const u8 *private_data, 2289 u8 private_data_len) 2290 { 2291 char *priv = NULL; 2292 int i; 2293 2294 if (private_data_len && (priv = kmalloc(private_data_len * 3 + 1, 2295 GFP_KERNEL))) { 2296 for (i = 0; i < private_data_len; i++) 2297 sprintf(priv + 3 * i, " %02x", private_data[i]); 2298 } 2299 pr_info("Received CM REJ for ch %s-%d; reason %d%s%s.\n", 2300 ch->sess_name, ch->qp->qp_num, reason, private_data_len ? 2301 "; private data" : "", priv ? priv : " (?)"); 2302 kfree(priv); 2303 } 2304 2305 /** 2306 * srpt_cm_rtu_recv() - Process an IB_CM_RTU_RECEIVED or USER_ESTABLISHED event. 2307 * 2308 * An IB_CM_RTU_RECEIVED message indicates that the connection is established 2309 * and that the recipient may begin transmitting (RTU = ready to use). 2310 */ 2311 static void srpt_cm_rtu_recv(struct srpt_rdma_ch *ch) 2312 { 2313 int ret; 2314 2315 if (srpt_set_ch_state(ch, CH_LIVE)) { 2316 ret = srpt_ch_qp_rts(ch, ch->qp); 2317 2318 if (ret == 0) { 2319 /* Trigger wait list processing. */ 2320 ret = srpt_zerolength_write(ch); 2321 WARN_ONCE(ret < 0, "%d\n", ret); 2322 } else { 2323 srpt_close_ch(ch); 2324 } 2325 } 2326 } 2327 2328 /** 2329 * srpt_cm_handler() - IB connection manager callback function. 2330 * 2331 * A non-zero return value will cause the caller destroy the CM ID. 2332 * 2333 * Note: srpt_cm_handler() must only return a non-zero value when transferring 2334 * ownership of the cm_id to a channel by srpt_cm_req_recv() failed. Returning 2335 * a non-zero value in any other case will trigger a race with the 2336 * ib_destroy_cm_id() call in srpt_release_channel(). 2337 */ 2338 static int srpt_cm_handler(struct ib_cm_id *cm_id, struct ib_cm_event *event) 2339 { 2340 struct srpt_rdma_ch *ch = cm_id->context; 2341 int ret; 2342 2343 ret = 0; 2344 switch (event->event) { 2345 case IB_CM_REQ_RECEIVED: 2346 ret = srpt_cm_req_recv(cm_id, &event->param.req_rcvd, 2347 event->private_data); 2348 break; 2349 case IB_CM_REJ_RECEIVED: 2350 srpt_cm_rej_recv(ch, event->param.rej_rcvd.reason, 2351 event->private_data, 2352 IB_CM_REJ_PRIVATE_DATA_SIZE); 2353 break; 2354 case IB_CM_RTU_RECEIVED: 2355 case IB_CM_USER_ESTABLISHED: 2356 srpt_cm_rtu_recv(ch); 2357 break; 2358 case IB_CM_DREQ_RECEIVED: 2359 srpt_disconnect_ch(ch); 2360 break; 2361 case IB_CM_DREP_RECEIVED: 2362 pr_info("Received CM DREP message for ch %s-%d.\n", 2363 ch->sess_name, ch->qp->qp_num); 2364 srpt_close_ch(ch); 2365 break; 2366 case IB_CM_TIMEWAIT_EXIT: 2367 pr_info("Received CM TimeWait exit for ch %s-%d.\n", 2368 ch->sess_name, ch->qp->qp_num); 2369 srpt_close_ch(ch); 2370 break; 2371 case IB_CM_REP_ERROR: 2372 pr_info("Received CM REP error for ch %s-%d.\n", ch->sess_name, 2373 ch->qp->qp_num); 2374 break; 2375 case IB_CM_DREQ_ERROR: 2376 pr_info("Received CM DREQ ERROR event.\n"); 2377 break; 2378 case IB_CM_MRA_RECEIVED: 2379 pr_info("Received CM MRA event\n"); 2380 break; 2381 default: 2382 pr_err("received unrecognized CM event %d\n", event->event); 2383 break; 2384 } 2385 2386 return ret; 2387 } 2388 2389 /** 2390 * srpt_perform_rdmas() - Perform IB RDMA. 2391 * 2392 * Returns zero upon success or a negative number upon failure. 2393 */ 2394 static int srpt_perform_rdmas(struct srpt_rdma_ch *ch, 2395 struct srpt_send_ioctx *ioctx) 2396 { 2397 struct ib_send_wr *bad_wr; 2398 int sq_wr_avail, ret, i; 2399 enum dma_data_direction dir; 2400 const int n_rdma = ioctx->n_rdma; 2401 2402 dir = ioctx->cmd.data_direction; 2403 if (dir == DMA_TO_DEVICE) { 2404 /* write */ 2405 ret = -ENOMEM; 2406 sq_wr_avail = atomic_sub_return(n_rdma, &ch->sq_wr_avail); 2407 if (sq_wr_avail < 0) { 2408 pr_warn("IB send queue full (needed %d)\n", 2409 n_rdma); 2410 goto out; 2411 } 2412 } 2413 2414 for (i = 0; i < n_rdma; i++) { 2415 struct ib_send_wr *wr = &ioctx->rdma_wrs[i].wr; 2416 2417 wr->opcode = (dir == DMA_FROM_DEVICE) ? 2418 IB_WR_RDMA_WRITE : IB_WR_RDMA_READ; 2419 2420 if (i == n_rdma - 1) { 2421 /* only get completion event for the last rdma read */ 2422 if (dir == DMA_TO_DEVICE) { 2423 wr->send_flags = IB_SEND_SIGNALED; 2424 ioctx->rdma_cqe.done = srpt_rdma_read_done; 2425 } else { 2426 ioctx->rdma_cqe.done = srpt_rdma_write_done; 2427 } 2428 wr->wr_cqe = &ioctx->rdma_cqe; 2429 wr->next = NULL; 2430 } else { 2431 wr->wr_cqe = NULL; 2432 wr->next = &ioctx->rdma_wrs[i + 1].wr; 2433 } 2434 } 2435 2436 ret = ib_post_send(ch->qp, &ioctx->rdma_wrs->wr, &bad_wr); 2437 if (ret) 2438 pr_err("%s[%d]: ib_post_send() returned %d for %d/%d\n", 2439 __func__, __LINE__, ret, i, n_rdma); 2440 out: 2441 if (unlikely(dir == DMA_TO_DEVICE && ret < 0)) 2442 atomic_add(n_rdma, &ch->sq_wr_avail); 2443 return ret; 2444 } 2445 2446 /** 2447 * srpt_xfer_data() - Start data transfer from initiator to target. 2448 */ 2449 static int srpt_xfer_data(struct srpt_rdma_ch *ch, 2450 struct srpt_send_ioctx *ioctx) 2451 { 2452 int ret; 2453 2454 ret = srpt_map_sg_to_ib_sge(ch, ioctx); 2455 if (ret) { 2456 pr_err("%s[%d] ret=%d\n", __func__, __LINE__, ret); 2457 goto out; 2458 } 2459 2460 ret = srpt_perform_rdmas(ch, ioctx); 2461 if (ret) { 2462 if (ret == -EAGAIN || ret == -ENOMEM) 2463 pr_info("%s[%d] queue full -- ret=%d\n", 2464 __func__, __LINE__, ret); 2465 else 2466 pr_err("%s[%d] fatal error -- ret=%d\n", 2467 __func__, __LINE__, ret); 2468 goto out_unmap; 2469 } 2470 2471 out: 2472 return ret; 2473 out_unmap: 2474 srpt_unmap_sg_to_ib_sge(ch, ioctx); 2475 goto out; 2476 } 2477 2478 static int srpt_write_pending_status(struct se_cmd *se_cmd) 2479 { 2480 struct srpt_send_ioctx *ioctx; 2481 2482 ioctx = container_of(se_cmd, struct srpt_send_ioctx, cmd); 2483 return srpt_get_cmd_state(ioctx) == SRPT_STATE_NEED_DATA; 2484 } 2485 2486 /* 2487 * srpt_write_pending() - Start data transfer from initiator to target (write). 2488 */ 2489 static int srpt_write_pending(struct se_cmd *se_cmd) 2490 { 2491 struct srpt_send_ioctx *ioctx = 2492 container_of(se_cmd, struct srpt_send_ioctx, cmd); 2493 struct srpt_rdma_ch *ch = ioctx->ch; 2494 enum srpt_command_state new_state; 2495 2496 new_state = srpt_set_cmd_state(ioctx, SRPT_STATE_NEED_DATA); 2497 WARN_ON(new_state == SRPT_STATE_DONE); 2498 return srpt_xfer_data(ch, ioctx); 2499 } 2500 2501 static u8 tcm_to_srp_tsk_mgmt_status(const int tcm_mgmt_status) 2502 { 2503 switch (tcm_mgmt_status) { 2504 case TMR_FUNCTION_COMPLETE: 2505 return SRP_TSK_MGMT_SUCCESS; 2506 case TMR_FUNCTION_REJECTED: 2507 return SRP_TSK_MGMT_FUNC_NOT_SUPP; 2508 } 2509 return SRP_TSK_MGMT_FAILED; 2510 } 2511 2512 /** 2513 * srpt_queue_response() - Transmits the response to a SCSI command. 2514 * 2515 * Callback function called by the TCM core. Must not block since it can be 2516 * invoked on the context of the IB completion handler. 2517 */ 2518 static void srpt_queue_response(struct se_cmd *cmd) 2519 { 2520 struct srpt_rdma_ch *ch; 2521 struct srpt_send_ioctx *ioctx; 2522 enum srpt_command_state state; 2523 unsigned long flags; 2524 int ret; 2525 enum dma_data_direction dir; 2526 int resp_len; 2527 u8 srp_tm_status; 2528 2529 ioctx = container_of(cmd, struct srpt_send_ioctx, cmd); 2530 ch = ioctx->ch; 2531 BUG_ON(!ch); 2532 2533 spin_lock_irqsave(&ioctx->spinlock, flags); 2534 state = ioctx->state; 2535 switch (state) { 2536 case SRPT_STATE_NEW: 2537 case SRPT_STATE_DATA_IN: 2538 ioctx->state = SRPT_STATE_CMD_RSP_SENT; 2539 break; 2540 case SRPT_STATE_MGMT: 2541 ioctx->state = SRPT_STATE_MGMT_RSP_SENT; 2542 break; 2543 default: 2544 WARN(true, "ch %p; cmd %d: unexpected command state %d\n", 2545 ch, ioctx->ioctx.index, ioctx->state); 2546 break; 2547 } 2548 spin_unlock_irqrestore(&ioctx->spinlock, flags); 2549 2550 if (unlikely(transport_check_aborted_status(&ioctx->cmd, false) 2551 || WARN_ON_ONCE(state == SRPT_STATE_CMD_RSP_SENT))) { 2552 atomic_inc(&ch->req_lim_delta); 2553 srpt_abort_cmd(ioctx); 2554 return; 2555 } 2556 2557 dir = ioctx->cmd.data_direction; 2558 2559 /* For read commands, transfer the data to the initiator. */ 2560 if (dir == DMA_FROM_DEVICE && ioctx->cmd.data_length && 2561 !ioctx->queue_status_only) { 2562 ret = srpt_xfer_data(ch, ioctx); 2563 if (ret) { 2564 pr_err("xfer_data failed for tag %llu\n", 2565 ioctx->cmd.tag); 2566 return; 2567 } 2568 } 2569 2570 if (state != SRPT_STATE_MGMT) 2571 resp_len = srpt_build_cmd_rsp(ch, ioctx, ioctx->cmd.tag, 2572 cmd->scsi_status); 2573 else { 2574 srp_tm_status 2575 = tcm_to_srp_tsk_mgmt_status(cmd->se_tmr_req->response); 2576 resp_len = srpt_build_tskmgmt_rsp(ch, ioctx, srp_tm_status, 2577 ioctx->cmd.tag); 2578 } 2579 ret = srpt_post_send(ch, ioctx, resp_len); 2580 if (ret) { 2581 pr_err("sending cmd response failed for tag %llu\n", 2582 ioctx->cmd.tag); 2583 srpt_unmap_sg_to_ib_sge(ch, ioctx); 2584 srpt_set_cmd_state(ioctx, SRPT_STATE_DONE); 2585 target_put_sess_cmd(&ioctx->cmd); 2586 } 2587 } 2588 2589 static int srpt_queue_data_in(struct se_cmd *cmd) 2590 { 2591 srpt_queue_response(cmd); 2592 return 0; 2593 } 2594 2595 static void srpt_queue_tm_rsp(struct se_cmd *cmd) 2596 { 2597 srpt_queue_response(cmd); 2598 } 2599 2600 static void srpt_aborted_task(struct se_cmd *cmd) 2601 { 2602 struct srpt_send_ioctx *ioctx = container_of(cmd, 2603 struct srpt_send_ioctx, cmd); 2604 2605 srpt_unmap_sg_to_ib_sge(ioctx->ch, ioctx); 2606 } 2607 2608 static int srpt_queue_status(struct se_cmd *cmd) 2609 { 2610 struct srpt_send_ioctx *ioctx; 2611 2612 ioctx = container_of(cmd, struct srpt_send_ioctx, cmd); 2613 BUG_ON(ioctx->sense_data != cmd->sense_buffer); 2614 if (cmd->se_cmd_flags & 2615 (SCF_TRANSPORT_TASK_SENSE | SCF_EMULATED_TASK_SENSE)) 2616 WARN_ON(cmd->scsi_status != SAM_STAT_CHECK_CONDITION); 2617 ioctx->queue_status_only = true; 2618 srpt_queue_response(cmd); 2619 return 0; 2620 } 2621 2622 static void srpt_refresh_port_work(struct work_struct *work) 2623 { 2624 struct srpt_port *sport = container_of(work, struct srpt_port, work); 2625 2626 srpt_refresh_port(sport); 2627 } 2628 2629 /** 2630 * srpt_release_sdev() - Free the channel resources associated with a target. 2631 */ 2632 static int srpt_release_sdev(struct srpt_device *sdev) 2633 { 2634 int i, res; 2635 2636 WARN_ON_ONCE(irqs_disabled()); 2637 2638 BUG_ON(!sdev); 2639 2640 mutex_lock(&sdev->mutex); 2641 for (i = 0; i < ARRAY_SIZE(sdev->port); i++) 2642 sdev->port[i].enabled = false; 2643 __srpt_close_all_ch(sdev); 2644 mutex_unlock(&sdev->mutex); 2645 2646 res = wait_event_interruptible(sdev->ch_releaseQ, 2647 list_empty_careful(&sdev->rch_list)); 2648 if (res) 2649 pr_err("%s: interrupted.\n", __func__); 2650 2651 return 0; 2652 } 2653 2654 static struct srpt_port *__srpt_lookup_port(const char *name) 2655 { 2656 struct ib_device *dev; 2657 struct srpt_device *sdev; 2658 struct srpt_port *sport; 2659 int i; 2660 2661 list_for_each_entry(sdev, &srpt_dev_list, list) { 2662 dev = sdev->device; 2663 if (!dev) 2664 continue; 2665 2666 for (i = 0; i < dev->phys_port_cnt; i++) { 2667 sport = &sdev->port[i]; 2668 2669 if (!strcmp(sport->port_guid, name)) 2670 return sport; 2671 } 2672 } 2673 2674 return NULL; 2675 } 2676 2677 static struct srpt_port *srpt_lookup_port(const char *name) 2678 { 2679 struct srpt_port *sport; 2680 2681 spin_lock(&srpt_dev_lock); 2682 sport = __srpt_lookup_port(name); 2683 spin_unlock(&srpt_dev_lock); 2684 2685 return sport; 2686 } 2687 2688 /** 2689 * srpt_add_one() - Infiniband device addition callback function. 2690 */ 2691 static void srpt_add_one(struct ib_device *device) 2692 { 2693 struct srpt_device *sdev; 2694 struct srpt_port *sport; 2695 struct ib_srq_init_attr srq_attr; 2696 int i; 2697 2698 pr_debug("device = %p, device->dma_ops = %p\n", device, 2699 device->dma_ops); 2700 2701 sdev = kzalloc(sizeof(*sdev), GFP_KERNEL); 2702 if (!sdev) 2703 goto err; 2704 2705 sdev->device = device; 2706 INIT_LIST_HEAD(&sdev->rch_list); 2707 init_waitqueue_head(&sdev->ch_releaseQ); 2708 mutex_init(&sdev->mutex); 2709 2710 sdev->pd = ib_alloc_pd(device); 2711 if (IS_ERR(sdev->pd)) 2712 goto free_dev; 2713 2714 sdev->srq_size = min(srpt_srq_size, sdev->device->attrs.max_srq_wr); 2715 2716 srq_attr.event_handler = srpt_srq_event; 2717 srq_attr.srq_context = (void *)sdev; 2718 srq_attr.attr.max_wr = sdev->srq_size; 2719 srq_attr.attr.max_sge = 1; 2720 srq_attr.attr.srq_limit = 0; 2721 srq_attr.srq_type = IB_SRQT_BASIC; 2722 2723 sdev->srq = ib_create_srq(sdev->pd, &srq_attr); 2724 if (IS_ERR(sdev->srq)) 2725 goto err_pd; 2726 2727 pr_debug("%s: create SRQ #wr= %d max_allow=%d dev= %s\n", 2728 __func__, sdev->srq_size, sdev->device->attrs.max_srq_wr, 2729 device->name); 2730 2731 if (!srpt_service_guid) 2732 srpt_service_guid = be64_to_cpu(device->node_guid); 2733 2734 sdev->cm_id = ib_create_cm_id(device, srpt_cm_handler, sdev); 2735 if (IS_ERR(sdev->cm_id)) 2736 goto err_srq; 2737 2738 /* print out target login information */ 2739 pr_debug("Target login info: id_ext=%016llx,ioc_guid=%016llx," 2740 "pkey=ffff,service_id=%016llx\n", srpt_service_guid, 2741 srpt_service_guid, srpt_service_guid); 2742 2743 /* 2744 * We do not have a consistent service_id (ie. also id_ext of target_id) 2745 * to identify this target. We currently use the guid of the first HCA 2746 * in the system as service_id; therefore, the target_id will change 2747 * if this HCA is gone bad and replaced by different HCA 2748 */ 2749 if (ib_cm_listen(sdev->cm_id, cpu_to_be64(srpt_service_guid), 0)) 2750 goto err_cm; 2751 2752 INIT_IB_EVENT_HANDLER(&sdev->event_handler, sdev->device, 2753 srpt_event_handler); 2754 if (ib_register_event_handler(&sdev->event_handler)) 2755 goto err_cm; 2756 2757 sdev->ioctx_ring = (struct srpt_recv_ioctx **) 2758 srpt_alloc_ioctx_ring(sdev, sdev->srq_size, 2759 sizeof(*sdev->ioctx_ring[0]), 2760 srp_max_req_size, DMA_FROM_DEVICE); 2761 if (!sdev->ioctx_ring) 2762 goto err_event; 2763 2764 for (i = 0; i < sdev->srq_size; ++i) 2765 srpt_post_recv(sdev, sdev->ioctx_ring[i]); 2766 2767 WARN_ON(sdev->device->phys_port_cnt > ARRAY_SIZE(sdev->port)); 2768 2769 for (i = 1; i <= sdev->device->phys_port_cnt; i++) { 2770 sport = &sdev->port[i - 1]; 2771 sport->sdev = sdev; 2772 sport->port = i; 2773 sport->port_attrib.srp_max_rdma_size = DEFAULT_MAX_RDMA_SIZE; 2774 sport->port_attrib.srp_max_rsp_size = DEFAULT_MAX_RSP_SIZE; 2775 sport->port_attrib.srp_sq_size = DEF_SRPT_SQ_SIZE; 2776 INIT_WORK(&sport->work, srpt_refresh_port_work); 2777 2778 if (srpt_refresh_port(sport)) { 2779 pr_err("MAD registration failed for %s-%d.\n", 2780 sdev->device->name, i); 2781 goto err_ring; 2782 } 2783 snprintf(sport->port_guid, sizeof(sport->port_guid), 2784 "0x%016llx%016llx", 2785 be64_to_cpu(sport->gid.global.subnet_prefix), 2786 be64_to_cpu(sport->gid.global.interface_id)); 2787 } 2788 2789 spin_lock(&srpt_dev_lock); 2790 list_add_tail(&sdev->list, &srpt_dev_list); 2791 spin_unlock(&srpt_dev_lock); 2792 2793 out: 2794 ib_set_client_data(device, &srpt_client, sdev); 2795 pr_debug("added %s.\n", device->name); 2796 return; 2797 2798 err_ring: 2799 srpt_free_ioctx_ring((struct srpt_ioctx **)sdev->ioctx_ring, sdev, 2800 sdev->srq_size, srp_max_req_size, 2801 DMA_FROM_DEVICE); 2802 err_event: 2803 ib_unregister_event_handler(&sdev->event_handler); 2804 err_cm: 2805 ib_destroy_cm_id(sdev->cm_id); 2806 err_srq: 2807 ib_destroy_srq(sdev->srq); 2808 err_pd: 2809 ib_dealloc_pd(sdev->pd); 2810 free_dev: 2811 kfree(sdev); 2812 err: 2813 sdev = NULL; 2814 pr_info("%s(%s) failed.\n", __func__, device->name); 2815 goto out; 2816 } 2817 2818 /** 2819 * srpt_remove_one() - InfiniBand device removal callback function. 2820 */ 2821 static void srpt_remove_one(struct ib_device *device, void *client_data) 2822 { 2823 struct srpt_device *sdev = client_data; 2824 int i; 2825 2826 if (!sdev) { 2827 pr_info("%s(%s): nothing to do.\n", __func__, device->name); 2828 return; 2829 } 2830 2831 srpt_unregister_mad_agent(sdev); 2832 2833 ib_unregister_event_handler(&sdev->event_handler); 2834 2835 /* Cancel any work queued by the just unregistered IB event handler. */ 2836 for (i = 0; i < sdev->device->phys_port_cnt; i++) 2837 cancel_work_sync(&sdev->port[i].work); 2838 2839 ib_destroy_cm_id(sdev->cm_id); 2840 2841 /* 2842 * Unregistering a target must happen after destroying sdev->cm_id 2843 * such that no new SRP_LOGIN_REQ information units can arrive while 2844 * destroying the target. 2845 */ 2846 spin_lock(&srpt_dev_lock); 2847 list_del(&sdev->list); 2848 spin_unlock(&srpt_dev_lock); 2849 srpt_release_sdev(sdev); 2850 2851 ib_destroy_srq(sdev->srq); 2852 ib_dealloc_pd(sdev->pd); 2853 2854 srpt_free_ioctx_ring((struct srpt_ioctx **)sdev->ioctx_ring, sdev, 2855 sdev->srq_size, srp_max_req_size, DMA_FROM_DEVICE); 2856 sdev->ioctx_ring = NULL; 2857 kfree(sdev); 2858 } 2859 2860 static struct ib_client srpt_client = { 2861 .name = DRV_NAME, 2862 .add = srpt_add_one, 2863 .remove = srpt_remove_one 2864 }; 2865 2866 static int srpt_check_true(struct se_portal_group *se_tpg) 2867 { 2868 return 1; 2869 } 2870 2871 static int srpt_check_false(struct se_portal_group *se_tpg) 2872 { 2873 return 0; 2874 } 2875 2876 static char *srpt_get_fabric_name(void) 2877 { 2878 return "srpt"; 2879 } 2880 2881 static char *srpt_get_fabric_wwn(struct se_portal_group *tpg) 2882 { 2883 struct srpt_port *sport = container_of(tpg, struct srpt_port, port_tpg_1); 2884 2885 return sport->port_guid; 2886 } 2887 2888 static u16 srpt_get_tag(struct se_portal_group *tpg) 2889 { 2890 return 1; 2891 } 2892 2893 static u32 srpt_tpg_get_inst_index(struct se_portal_group *se_tpg) 2894 { 2895 return 1; 2896 } 2897 2898 static void srpt_release_cmd(struct se_cmd *se_cmd) 2899 { 2900 struct srpt_send_ioctx *ioctx = container_of(se_cmd, 2901 struct srpt_send_ioctx, cmd); 2902 struct srpt_rdma_ch *ch = ioctx->ch; 2903 unsigned long flags; 2904 2905 WARN_ON(ioctx->state != SRPT_STATE_DONE); 2906 WARN_ON(ioctx->mapped_sg_count != 0); 2907 2908 if (ioctx->n_rbuf > 1) { 2909 kfree(ioctx->rbufs); 2910 ioctx->rbufs = NULL; 2911 ioctx->n_rbuf = 0; 2912 } 2913 2914 spin_lock_irqsave(&ch->spinlock, flags); 2915 list_add(&ioctx->free_list, &ch->free_list); 2916 spin_unlock_irqrestore(&ch->spinlock, flags); 2917 } 2918 2919 /** 2920 * srpt_close_session() - Forcibly close a session. 2921 * 2922 * Callback function invoked by the TCM core to clean up sessions associated 2923 * with a node ACL when the user invokes 2924 * rmdir /sys/kernel/config/target/$driver/$port/$tpg/acls/$i_port_id 2925 */ 2926 static void srpt_close_session(struct se_session *se_sess) 2927 { 2928 DECLARE_COMPLETION_ONSTACK(release_done); 2929 struct srpt_rdma_ch *ch = se_sess->fabric_sess_ptr; 2930 struct srpt_device *sdev = ch->sport->sdev; 2931 bool wait; 2932 2933 pr_debug("ch %s-%d state %d\n", ch->sess_name, ch->qp->qp_num, 2934 ch->state); 2935 2936 mutex_lock(&sdev->mutex); 2937 BUG_ON(ch->release_done); 2938 ch->release_done = &release_done; 2939 wait = !list_empty(&ch->list); 2940 srpt_disconnect_ch(ch); 2941 mutex_unlock(&sdev->mutex); 2942 2943 if (!wait) 2944 return; 2945 2946 while (wait_for_completion_timeout(&release_done, 180 * HZ) == 0) 2947 pr_info("%s(%s-%d state %d): still waiting ...\n", __func__, 2948 ch->sess_name, ch->qp->qp_num, ch->state); 2949 } 2950 2951 /** 2952 * srpt_sess_get_index() - Return the value of scsiAttIntrPortIndex (SCSI-MIB). 2953 * 2954 * A quote from RFC 4455 (SCSI-MIB) about this MIB object: 2955 * This object represents an arbitrary integer used to uniquely identify a 2956 * particular attached remote initiator port to a particular SCSI target port 2957 * within a particular SCSI target device within a particular SCSI instance. 2958 */ 2959 static u32 srpt_sess_get_index(struct se_session *se_sess) 2960 { 2961 return 0; 2962 } 2963 2964 static void srpt_set_default_node_attrs(struct se_node_acl *nacl) 2965 { 2966 } 2967 2968 /* Note: only used from inside debug printk's by the TCM core. */ 2969 static int srpt_get_tcm_cmd_state(struct se_cmd *se_cmd) 2970 { 2971 struct srpt_send_ioctx *ioctx; 2972 2973 ioctx = container_of(se_cmd, struct srpt_send_ioctx, cmd); 2974 return srpt_get_cmd_state(ioctx); 2975 } 2976 2977 /** 2978 * srpt_parse_i_port_id() - Parse an initiator port ID. 2979 * @name: ASCII representation of a 128-bit initiator port ID. 2980 * @i_port_id: Binary 128-bit port ID. 2981 */ 2982 static int srpt_parse_i_port_id(u8 i_port_id[16], const char *name) 2983 { 2984 const char *p; 2985 unsigned len, count, leading_zero_bytes; 2986 int ret, rc; 2987 2988 p = name; 2989 if (strncasecmp(p, "0x", 2) == 0) 2990 p += 2; 2991 ret = -EINVAL; 2992 len = strlen(p); 2993 if (len % 2) 2994 goto out; 2995 count = min(len / 2, 16U); 2996 leading_zero_bytes = 16 - count; 2997 memset(i_port_id, 0, leading_zero_bytes); 2998 rc = hex2bin(i_port_id + leading_zero_bytes, p, count); 2999 if (rc < 0) 3000 pr_debug("hex2bin failed for srpt_parse_i_port_id: %d\n", rc); 3001 ret = 0; 3002 out: 3003 return ret; 3004 } 3005 3006 /* 3007 * configfs callback function invoked for 3008 * mkdir /sys/kernel/config/target/$driver/$port/$tpg/acls/$i_port_id 3009 */ 3010 static int srpt_init_nodeacl(struct se_node_acl *se_nacl, const char *name) 3011 { 3012 u8 i_port_id[16]; 3013 3014 if (srpt_parse_i_port_id(i_port_id, name) < 0) { 3015 pr_err("invalid initiator port ID %s\n", name); 3016 return -EINVAL; 3017 } 3018 return 0; 3019 } 3020 3021 static ssize_t srpt_tpg_attrib_srp_max_rdma_size_show(struct config_item *item, 3022 char *page) 3023 { 3024 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3025 struct srpt_port *sport = container_of(se_tpg, struct srpt_port, port_tpg_1); 3026 3027 return sprintf(page, "%u\n", sport->port_attrib.srp_max_rdma_size); 3028 } 3029 3030 static ssize_t srpt_tpg_attrib_srp_max_rdma_size_store(struct config_item *item, 3031 const char *page, size_t count) 3032 { 3033 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3034 struct srpt_port *sport = container_of(se_tpg, struct srpt_port, port_tpg_1); 3035 unsigned long val; 3036 int ret; 3037 3038 ret = kstrtoul(page, 0, &val); 3039 if (ret < 0) { 3040 pr_err("kstrtoul() failed with ret: %d\n", ret); 3041 return -EINVAL; 3042 } 3043 if (val > MAX_SRPT_RDMA_SIZE) { 3044 pr_err("val: %lu exceeds MAX_SRPT_RDMA_SIZE: %d\n", val, 3045 MAX_SRPT_RDMA_SIZE); 3046 return -EINVAL; 3047 } 3048 if (val < DEFAULT_MAX_RDMA_SIZE) { 3049 pr_err("val: %lu smaller than DEFAULT_MAX_RDMA_SIZE: %d\n", 3050 val, DEFAULT_MAX_RDMA_SIZE); 3051 return -EINVAL; 3052 } 3053 sport->port_attrib.srp_max_rdma_size = val; 3054 3055 return count; 3056 } 3057 3058 static ssize_t srpt_tpg_attrib_srp_max_rsp_size_show(struct config_item *item, 3059 char *page) 3060 { 3061 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3062 struct srpt_port *sport = container_of(se_tpg, struct srpt_port, port_tpg_1); 3063 3064 return sprintf(page, "%u\n", sport->port_attrib.srp_max_rsp_size); 3065 } 3066 3067 static ssize_t srpt_tpg_attrib_srp_max_rsp_size_store(struct config_item *item, 3068 const char *page, size_t count) 3069 { 3070 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3071 struct srpt_port *sport = container_of(se_tpg, struct srpt_port, port_tpg_1); 3072 unsigned long val; 3073 int ret; 3074 3075 ret = kstrtoul(page, 0, &val); 3076 if (ret < 0) { 3077 pr_err("kstrtoul() failed with ret: %d\n", ret); 3078 return -EINVAL; 3079 } 3080 if (val > MAX_SRPT_RSP_SIZE) { 3081 pr_err("val: %lu exceeds MAX_SRPT_RSP_SIZE: %d\n", val, 3082 MAX_SRPT_RSP_SIZE); 3083 return -EINVAL; 3084 } 3085 if (val < MIN_MAX_RSP_SIZE) { 3086 pr_err("val: %lu smaller than MIN_MAX_RSP_SIZE: %d\n", val, 3087 MIN_MAX_RSP_SIZE); 3088 return -EINVAL; 3089 } 3090 sport->port_attrib.srp_max_rsp_size = val; 3091 3092 return count; 3093 } 3094 3095 static ssize_t srpt_tpg_attrib_srp_sq_size_show(struct config_item *item, 3096 char *page) 3097 { 3098 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3099 struct srpt_port *sport = container_of(se_tpg, struct srpt_port, port_tpg_1); 3100 3101 return sprintf(page, "%u\n", sport->port_attrib.srp_sq_size); 3102 } 3103 3104 static ssize_t srpt_tpg_attrib_srp_sq_size_store(struct config_item *item, 3105 const char *page, size_t count) 3106 { 3107 struct se_portal_group *se_tpg = attrib_to_tpg(item); 3108 struct srpt_port *sport = container_of(se_tpg, struct srpt_port, port_tpg_1); 3109 unsigned long val; 3110 int ret; 3111 3112 ret = kstrtoul(page, 0, &val); 3113 if (ret < 0) { 3114 pr_err("kstrtoul() failed with ret: %d\n", ret); 3115 return -EINVAL; 3116 } 3117 if (val > MAX_SRPT_SRQ_SIZE) { 3118 pr_err("val: %lu exceeds MAX_SRPT_SRQ_SIZE: %d\n", val, 3119 MAX_SRPT_SRQ_SIZE); 3120 return -EINVAL; 3121 } 3122 if (val < MIN_SRPT_SRQ_SIZE) { 3123 pr_err("val: %lu smaller than MIN_SRPT_SRQ_SIZE: %d\n", val, 3124 MIN_SRPT_SRQ_SIZE); 3125 return -EINVAL; 3126 } 3127 sport->port_attrib.srp_sq_size = val; 3128 3129 return count; 3130 } 3131 3132 CONFIGFS_ATTR(srpt_tpg_attrib_, srp_max_rdma_size); 3133 CONFIGFS_ATTR(srpt_tpg_attrib_, srp_max_rsp_size); 3134 CONFIGFS_ATTR(srpt_tpg_attrib_, srp_sq_size); 3135 3136 static struct configfs_attribute *srpt_tpg_attrib_attrs[] = { 3137 &srpt_tpg_attrib_attr_srp_max_rdma_size, 3138 &srpt_tpg_attrib_attr_srp_max_rsp_size, 3139 &srpt_tpg_attrib_attr_srp_sq_size, 3140 NULL, 3141 }; 3142 3143 static ssize_t srpt_tpg_enable_show(struct config_item *item, char *page) 3144 { 3145 struct se_portal_group *se_tpg = to_tpg(item); 3146 struct srpt_port *sport = container_of(se_tpg, struct srpt_port, port_tpg_1); 3147 3148 return snprintf(page, PAGE_SIZE, "%d\n", (sport->enabled) ? 1: 0); 3149 } 3150 3151 static ssize_t srpt_tpg_enable_store(struct config_item *item, 3152 const char *page, size_t count) 3153 { 3154 struct se_portal_group *se_tpg = to_tpg(item); 3155 struct srpt_port *sport = container_of(se_tpg, struct srpt_port, port_tpg_1); 3156 struct srpt_device *sdev = sport->sdev; 3157 struct srpt_rdma_ch *ch; 3158 unsigned long tmp; 3159 int ret; 3160 3161 ret = kstrtoul(page, 0, &tmp); 3162 if (ret < 0) { 3163 pr_err("Unable to extract srpt_tpg_store_enable\n"); 3164 return -EINVAL; 3165 } 3166 3167 if ((tmp != 0) && (tmp != 1)) { 3168 pr_err("Illegal value for srpt_tpg_store_enable: %lu\n", tmp); 3169 return -EINVAL; 3170 } 3171 if (sport->enabled == tmp) 3172 goto out; 3173 sport->enabled = tmp; 3174 if (sport->enabled) 3175 goto out; 3176 3177 mutex_lock(&sdev->mutex); 3178 list_for_each_entry(ch, &sdev->rch_list, list) { 3179 if (ch->sport == sport) { 3180 pr_debug("%s: ch %p %s-%d\n", __func__, ch, 3181 ch->sess_name, ch->qp->qp_num); 3182 srpt_disconnect_ch(ch); 3183 srpt_close_ch(ch); 3184 } 3185 } 3186 mutex_unlock(&sdev->mutex); 3187 3188 out: 3189 return count; 3190 } 3191 3192 CONFIGFS_ATTR(srpt_tpg_, enable); 3193 3194 static struct configfs_attribute *srpt_tpg_attrs[] = { 3195 &srpt_tpg_attr_enable, 3196 NULL, 3197 }; 3198 3199 /** 3200 * configfs callback invoked for 3201 * mkdir /sys/kernel/config/target/$driver/$port/$tpg 3202 */ 3203 static struct se_portal_group *srpt_make_tpg(struct se_wwn *wwn, 3204 struct config_group *group, 3205 const char *name) 3206 { 3207 struct srpt_port *sport = container_of(wwn, struct srpt_port, port_wwn); 3208 int res; 3209 3210 /* Initialize sport->port_wwn and sport->port_tpg_1 */ 3211 res = core_tpg_register(&sport->port_wwn, &sport->port_tpg_1, SCSI_PROTOCOL_SRP); 3212 if (res) 3213 return ERR_PTR(res); 3214 3215 return &sport->port_tpg_1; 3216 } 3217 3218 /** 3219 * configfs callback invoked for 3220 * rmdir /sys/kernel/config/target/$driver/$port/$tpg 3221 */ 3222 static void srpt_drop_tpg(struct se_portal_group *tpg) 3223 { 3224 struct srpt_port *sport = container_of(tpg, 3225 struct srpt_port, port_tpg_1); 3226 3227 sport->enabled = false; 3228 core_tpg_deregister(&sport->port_tpg_1); 3229 } 3230 3231 /** 3232 * configfs callback invoked for 3233 * mkdir /sys/kernel/config/target/$driver/$port 3234 */ 3235 static struct se_wwn *srpt_make_tport(struct target_fabric_configfs *tf, 3236 struct config_group *group, 3237 const char *name) 3238 { 3239 struct srpt_port *sport; 3240 int ret; 3241 3242 sport = srpt_lookup_port(name); 3243 pr_debug("make_tport(%s)\n", name); 3244 ret = -EINVAL; 3245 if (!sport) 3246 goto err; 3247 3248 return &sport->port_wwn; 3249 3250 err: 3251 return ERR_PTR(ret); 3252 } 3253 3254 /** 3255 * configfs callback invoked for 3256 * rmdir /sys/kernel/config/target/$driver/$port 3257 */ 3258 static void srpt_drop_tport(struct se_wwn *wwn) 3259 { 3260 struct srpt_port *sport = container_of(wwn, struct srpt_port, port_wwn); 3261 3262 pr_debug("drop_tport(%s\n", config_item_name(&sport->port_wwn.wwn_group.cg_item)); 3263 } 3264 3265 static ssize_t srpt_wwn_version_show(struct config_item *item, char *buf) 3266 { 3267 return scnprintf(buf, PAGE_SIZE, "%s\n", DRV_VERSION); 3268 } 3269 3270 CONFIGFS_ATTR_RO(srpt_wwn_, version); 3271 3272 static struct configfs_attribute *srpt_wwn_attrs[] = { 3273 &srpt_wwn_attr_version, 3274 NULL, 3275 }; 3276 3277 static const struct target_core_fabric_ops srpt_template = { 3278 .module = THIS_MODULE, 3279 .name = "srpt", 3280 .get_fabric_name = srpt_get_fabric_name, 3281 .tpg_get_wwn = srpt_get_fabric_wwn, 3282 .tpg_get_tag = srpt_get_tag, 3283 .tpg_check_demo_mode = srpt_check_false, 3284 .tpg_check_demo_mode_cache = srpt_check_true, 3285 .tpg_check_demo_mode_write_protect = srpt_check_true, 3286 .tpg_check_prod_mode_write_protect = srpt_check_false, 3287 .tpg_get_inst_index = srpt_tpg_get_inst_index, 3288 .release_cmd = srpt_release_cmd, 3289 .check_stop_free = srpt_check_stop_free, 3290 .shutdown_session = srpt_shutdown_session, 3291 .close_session = srpt_close_session, 3292 .sess_get_index = srpt_sess_get_index, 3293 .sess_get_initiator_sid = NULL, 3294 .write_pending = srpt_write_pending, 3295 .write_pending_status = srpt_write_pending_status, 3296 .set_default_node_attributes = srpt_set_default_node_attrs, 3297 .get_cmd_state = srpt_get_tcm_cmd_state, 3298 .queue_data_in = srpt_queue_data_in, 3299 .queue_status = srpt_queue_status, 3300 .queue_tm_rsp = srpt_queue_tm_rsp, 3301 .aborted_task = srpt_aborted_task, 3302 /* 3303 * Setup function pointers for generic logic in 3304 * target_core_fabric_configfs.c 3305 */ 3306 .fabric_make_wwn = srpt_make_tport, 3307 .fabric_drop_wwn = srpt_drop_tport, 3308 .fabric_make_tpg = srpt_make_tpg, 3309 .fabric_drop_tpg = srpt_drop_tpg, 3310 .fabric_init_nodeacl = srpt_init_nodeacl, 3311 3312 .tfc_wwn_attrs = srpt_wwn_attrs, 3313 .tfc_tpg_base_attrs = srpt_tpg_attrs, 3314 .tfc_tpg_attrib_attrs = srpt_tpg_attrib_attrs, 3315 }; 3316 3317 /** 3318 * srpt_init_module() - Kernel module initialization. 3319 * 3320 * Note: Since ib_register_client() registers callback functions, and since at 3321 * least one of these callback functions (srpt_add_one()) calls target core 3322 * functions, this driver must be registered with the target core before 3323 * ib_register_client() is called. 3324 */ 3325 static int __init srpt_init_module(void) 3326 { 3327 int ret; 3328 3329 ret = -EINVAL; 3330 if (srp_max_req_size < MIN_MAX_REQ_SIZE) { 3331 pr_err("invalid value %d for kernel module parameter" 3332 " srp_max_req_size -- must be at least %d.\n", 3333 srp_max_req_size, MIN_MAX_REQ_SIZE); 3334 goto out; 3335 } 3336 3337 if (srpt_srq_size < MIN_SRPT_SRQ_SIZE 3338 || srpt_srq_size > MAX_SRPT_SRQ_SIZE) { 3339 pr_err("invalid value %d for kernel module parameter" 3340 " srpt_srq_size -- must be in the range [%d..%d].\n", 3341 srpt_srq_size, MIN_SRPT_SRQ_SIZE, MAX_SRPT_SRQ_SIZE); 3342 goto out; 3343 } 3344 3345 ret = target_register_template(&srpt_template); 3346 if (ret) 3347 goto out; 3348 3349 ret = ib_register_client(&srpt_client); 3350 if (ret) { 3351 pr_err("couldn't register IB client\n"); 3352 goto out_unregister_target; 3353 } 3354 3355 return 0; 3356 3357 out_unregister_target: 3358 target_unregister_template(&srpt_template); 3359 out: 3360 return ret; 3361 } 3362 3363 static void __exit srpt_cleanup_module(void) 3364 { 3365 ib_unregister_client(&srpt_client); 3366 target_unregister_template(&srpt_template); 3367 } 3368 3369 module_init(srpt_init_module); 3370 module_exit(srpt_cleanup_module); 3371