2 * Copyright (c) 2005 Topspin Communications. All rights reserved.
3 * Copyright (c) 2005, 2006 Cisco Systems. All rights reserved.
4 * Copyright (c) 2005 PathScale, Inc. All rights reserved.
5 * Copyright (c) 2006 Mellanox Technologies. All rights reserved.
7 * This software is available to you under a choice of one of two
8 * licenses. You may choose to be licensed under the terms of the GNU
9 * General Public License (GPL) Version 2, available from the file
10 * COPYING in the main directory of this source tree, or the
11 * OpenIB.org BSD license below:
13 * Redistribution and use in source and binary forms, with or
14 * without modification, are permitted provided that the following
17 * - Redistributions of source code must retain the above
18 * copyright notice, this list of conditions and the following
21 * - Redistributions in binary form must reproduce the above
22 * copyright notice, this list of conditions and the following
23 * disclaimer in the documentation and/or other materials
24 * provided with the distribution.
26 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
27 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
28 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
29 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
30 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
31 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
32 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
35 * $Id: uverbs_cmd.c 2708 2005-06-24 17:27:21Z roland $
38 #include <linux/file.h>
41 #include <asm/uaccess.h>
45 #define INIT_UDATA(udata, ibuf, obuf, ilen, olen) \
47 (udata)->inbuf = (void __user *) (ibuf); \
48 (udata)->outbuf = (void __user *) (obuf); \
49 (udata)->inlen = (ilen); \
50 (udata)->outlen = (olen); \
53 ssize_t ib_uverbs_get_context(struct ib_uverbs_file *file,
54 const char __user *buf,
55 int in_len, int out_len)
57 struct ib_uverbs_get_context cmd;
58 struct ib_uverbs_get_context_resp resp;
59 struct ib_udata udata;
60 struct ib_device *ibdev = file->device->ib_dev;
61 struct ib_ucontext *ucontext;
65 if (out_len < sizeof resp)
68 if (copy_from_user(&cmd, buf, sizeof cmd))
71 mutex_lock(&file->mutex);
78 INIT_UDATA(&udata, buf + sizeof cmd,
79 (unsigned long) cmd.response + sizeof resp,
80 in_len - sizeof cmd, out_len - sizeof resp);
82 ucontext = ibdev->alloc_ucontext(ibdev, &udata);
83 if (IS_ERR(ucontext)) {
84 ret = PTR_ERR(file->ucontext);
88 ucontext->device = ibdev;
89 INIT_LIST_HEAD(&ucontext->pd_list);
90 INIT_LIST_HEAD(&ucontext->mr_list);
91 INIT_LIST_HEAD(&ucontext->mw_list);
92 INIT_LIST_HEAD(&ucontext->cq_list);
93 INIT_LIST_HEAD(&ucontext->qp_list);
94 INIT_LIST_HEAD(&ucontext->srq_list);
95 INIT_LIST_HEAD(&ucontext->ah_list);
97 resp.num_comp_vectors = file->device->num_comp_vectors;
99 filp = ib_uverbs_alloc_event_file(file, 1, &resp.async_fd);
105 if (copy_to_user((void __user *) (unsigned long) cmd.response,
106 &resp, sizeof resp)) {
111 file->async_file = filp->private_data;
113 INIT_IB_EVENT_HANDLER(&file->event_handler, file->device->ib_dev,
114 ib_uverbs_event_handler);
115 ret = ib_register_event_handler(&file->event_handler);
119 kref_get(&file->async_file->ref);
120 kref_get(&file->ref);
121 file->ucontext = ucontext;
123 fd_install(resp.async_fd, filp);
125 mutex_unlock(&file->mutex);
130 put_unused_fd(resp.async_fd);
134 ibdev->dealloc_ucontext(ucontext);
137 mutex_unlock(&file->mutex);
141 ssize_t ib_uverbs_query_device(struct ib_uverbs_file *file,
142 const char __user *buf,
143 int in_len, int out_len)
145 struct ib_uverbs_query_device cmd;
146 struct ib_uverbs_query_device_resp resp;
147 struct ib_device_attr attr;
150 if (out_len < sizeof resp)
153 if (copy_from_user(&cmd, buf, sizeof cmd))
156 ret = ib_query_device(file->device->ib_dev, &attr);
160 memset(&resp, 0, sizeof resp);
162 resp.fw_ver = attr.fw_ver;
163 resp.node_guid = file->device->ib_dev->node_guid;
164 resp.sys_image_guid = attr.sys_image_guid;
165 resp.max_mr_size = attr.max_mr_size;
166 resp.page_size_cap = attr.page_size_cap;
167 resp.vendor_id = attr.vendor_id;
168 resp.vendor_part_id = attr.vendor_part_id;
169 resp.hw_ver = attr.hw_ver;
170 resp.max_qp = attr.max_qp;
171 resp.max_qp_wr = attr.max_qp_wr;
172 resp.device_cap_flags = attr.device_cap_flags;
173 resp.max_sge = attr.max_sge;
174 resp.max_sge_rd = attr.max_sge_rd;
175 resp.max_cq = attr.max_cq;
176 resp.max_cqe = attr.max_cqe;
177 resp.max_mr = attr.max_mr;
178 resp.max_pd = attr.max_pd;
179 resp.max_qp_rd_atom = attr.max_qp_rd_atom;
180 resp.max_ee_rd_atom = attr.max_ee_rd_atom;
181 resp.max_res_rd_atom = attr.max_res_rd_atom;
182 resp.max_qp_init_rd_atom = attr.max_qp_init_rd_atom;
183 resp.max_ee_init_rd_atom = attr.max_ee_init_rd_atom;
184 resp.atomic_cap = attr.atomic_cap;
185 resp.max_ee = attr.max_ee;
186 resp.max_rdd = attr.max_rdd;
187 resp.max_mw = attr.max_mw;
188 resp.max_raw_ipv6_qp = attr.max_raw_ipv6_qp;
189 resp.max_raw_ethy_qp = attr.max_raw_ethy_qp;
190 resp.max_mcast_grp = attr.max_mcast_grp;
191 resp.max_mcast_qp_attach = attr.max_mcast_qp_attach;
192 resp.max_total_mcast_qp_attach = attr.max_total_mcast_qp_attach;
193 resp.max_ah = attr.max_ah;
194 resp.max_fmr = attr.max_fmr;
195 resp.max_map_per_fmr = attr.max_map_per_fmr;
196 resp.max_srq = attr.max_srq;
197 resp.max_srq_wr = attr.max_srq_wr;
198 resp.max_srq_sge = attr.max_srq_sge;
199 resp.max_pkeys = attr.max_pkeys;
200 resp.local_ca_ack_delay = attr.local_ca_ack_delay;
201 resp.phys_port_cnt = file->device->ib_dev->phys_port_cnt;
203 if (copy_to_user((void __user *) (unsigned long) cmd.response,
210 ssize_t ib_uverbs_query_port(struct ib_uverbs_file *file,
211 const char __user *buf,
212 int in_len, int out_len)
214 struct ib_uverbs_query_port cmd;
215 struct ib_uverbs_query_port_resp resp;
216 struct ib_port_attr attr;
219 if (out_len < sizeof resp)
222 if (copy_from_user(&cmd, buf, sizeof cmd))
225 ret = ib_query_port(file->device->ib_dev, cmd.port_num, &attr);
229 memset(&resp, 0, sizeof resp);
231 resp.state = attr.state;
232 resp.max_mtu = attr.max_mtu;
233 resp.active_mtu = attr.active_mtu;
234 resp.gid_tbl_len = attr.gid_tbl_len;
235 resp.port_cap_flags = attr.port_cap_flags;
236 resp.max_msg_sz = attr.max_msg_sz;
237 resp.bad_pkey_cntr = attr.bad_pkey_cntr;
238 resp.qkey_viol_cntr = attr.qkey_viol_cntr;
239 resp.pkey_tbl_len = attr.pkey_tbl_len;
241 resp.sm_lid = attr.sm_lid;
243 resp.max_vl_num = attr.max_vl_num;
244 resp.sm_sl = attr.sm_sl;
245 resp.subnet_timeout = attr.subnet_timeout;
246 resp.init_type_reply = attr.init_type_reply;
247 resp.active_width = attr.active_width;
248 resp.active_speed = attr.active_speed;
249 resp.phys_state = attr.phys_state;
251 if (copy_to_user((void __user *) (unsigned long) cmd.response,
258 ssize_t ib_uverbs_alloc_pd(struct ib_uverbs_file *file,
259 const char __user *buf,
260 int in_len, int out_len)
262 struct ib_uverbs_alloc_pd cmd;
263 struct ib_uverbs_alloc_pd_resp resp;
264 struct ib_udata udata;
265 struct ib_uobject *uobj;
269 if (out_len < sizeof resp)
272 if (copy_from_user(&cmd, buf, sizeof cmd))
275 INIT_UDATA(&udata, buf + sizeof cmd,
276 (unsigned long) cmd.response + sizeof resp,
277 in_len - sizeof cmd, out_len - sizeof resp);
279 uobj = kmalloc(sizeof *uobj, GFP_KERNEL);
283 uobj->context = file->ucontext;
285 pd = file->device->ib_dev->alloc_pd(file->device->ib_dev,
286 file->ucontext, &udata);
292 pd->device = file->device->ib_dev;
294 atomic_set(&pd->usecnt, 0);
296 mutex_lock(&ib_uverbs_idr_mutex);
299 if (!idr_pre_get(&ib_uverbs_pd_idr, GFP_KERNEL)) {
304 ret = idr_get_new(&ib_uverbs_pd_idr, pd, &uobj->id);
311 memset(&resp, 0, sizeof resp);
312 resp.pd_handle = uobj->id;
314 if (copy_to_user((void __user *) (unsigned long) cmd.response,
315 &resp, sizeof resp)) {
320 mutex_lock(&file->mutex);
321 list_add_tail(&uobj->list, &file->ucontext->pd_list);
322 mutex_unlock(&file->mutex);
324 mutex_unlock(&ib_uverbs_idr_mutex);
329 idr_remove(&ib_uverbs_pd_idr, uobj->id);
332 mutex_unlock(&ib_uverbs_idr_mutex);
340 ssize_t ib_uverbs_dealloc_pd(struct ib_uverbs_file *file,
341 const char __user *buf,
342 int in_len, int out_len)
344 struct ib_uverbs_dealloc_pd cmd;
346 struct ib_uobject *uobj;
349 if (copy_from_user(&cmd, buf, sizeof cmd))
352 mutex_lock(&ib_uverbs_idr_mutex);
354 pd = idr_find(&ib_uverbs_pd_idr, cmd.pd_handle);
355 if (!pd || pd->uobject->context != file->ucontext)
360 ret = ib_dealloc_pd(pd);
364 idr_remove(&ib_uverbs_pd_idr, cmd.pd_handle);
366 mutex_lock(&file->mutex);
367 list_del(&uobj->list);
368 mutex_unlock(&file->mutex);
373 mutex_unlock(&ib_uverbs_idr_mutex);
375 return ret ? ret : in_len;
378 ssize_t ib_uverbs_reg_mr(struct ib_uverbs_file *file,
379 const char __user *buf, int in_len,
382 struct ib_uverbs_reg_mr cmd;
383 struct ib_uverbs_reg_mr_resp resp;
384 struct ib_udata udata;
385 struct ib_umem_object *obj;
390 if (out_len < sizeof resp)
393 if (copy_from_user(&cmd, buf, sizeof cmd))
396 INIT_UDATA(&udata, buf + sizeof cmd,
397 (unsigned long) cmd.response + sizeof resp,
398 in_len - sizeof cmd, out_len - sizeof resp);
400 if ((cmd.start & ~PAGE_MASK) != (cmd.hca_va & ~PAGE_MASK))
404 * Local write permission is required if remote write or
405 * remote atomic permission is also requested.
407 if (cmd.access_flags & (IB_ACCESS_REMOTE_ATOMIC | IB_ACCESS_REMOTE_WRITE) &&
408 !(cmd.access_flags & IB_ACCESS_LOCAL_WRITE))
411 obj = kmalloc(sizeof *obj, GFP_KERNEL);
415 obj->uobject.context = file->ucontext;
418 * We ask for writable memory if any access flags other than
419 * "remote read" are set. "Local write" and "remote write"
420 * obviously require write access. "Remote atomic" can do
421 * things like fetch and add, which will modify memory, and
422 * "MW bind" can change permissions by binding a window.
424 ret = ib_umem_get(file->device->ib_dev, &obj->umem,
425 (void *) (unsigned long) cmd.start, cmd.length,
426 !!(cmd.access_flags & ~IB_ACCESS_REMOTE_READ));
430 obj->umem.virt_base = cmd.hca_va;
432 mutex_lock(&ib_uverbs_idr_mutex);
434 pd = idr_find(&ib_uverbs_pd_idr, cmd.pd_handle);
435 if (!pd || pd->uobject->context != file->ucontext) {
440 if (!pd->device->reg_user_mr) {
445 mr = pd->device->reg_user_mr(pd, &obj->umem, cmd.access_flags, &udata);
451 mr->device = pd->device;
453 mr->uobject = &obj->uobject;
454 atomic_inc(&pd->usecnt);
455 atomic_set(&mr->usecnt, 0);
457 memset(&resp, 0, sizeof resp);
458 resp.lkey = mr->lkey;
459 resp.rkey = mr->rkey;
462 if (!idr_pre_get(&ib_uverbs_mr_idr, GFP_KERNEL)) {
467 ret = idr_get_new(&ib_uverbs_mr_idr, mr, &obj->uobject.id);
474 resp.mr_handle = obj->uobject.id;
476 if (copy_to_user((void __user *) (unsigned long) cmd.response,
477 &resp, sizeof resp)) {
482 mutex_lock(&file->mutex);
483 list_add_tail(&obj->uobject.list, &file->ucontext->mr_list);
484 mutex_unlock(&file->mutex);
486 mutex_unlock(&ib_uverbs_idr_mutex);
491 idr_remove(&ib_uverbs_mr_idr, obj->uobject.id);
495 atomic_dec(&pd->usecnt);
498 mutex_unlock(&ib_uverbs_idr_mutex);
500 ib_umem_release(file->device->ib_dev, &obj->umem);
507 ssize_t ib_uverbs_dereg_mr(struct ib_uverbs_file *file,
508 const char __user *buf, int in_len,
511 struct ib_uverbs_dereg_mr cmd;
513 struct ib_umem_object *memobj;
516 if (copy_from_user(&cmd, buf, sizeof cmd))
519 mutex_lock(&ib_uverbs_idr_mutex);
521 mr = idr_find(&ib_uverbs_mr_idr, cmd.mr_handle);
522 if (!mr || mr->uobject->context != file->ucontext)
525 memobj = container_of(mr->uobject, struct ib_umem_object, uobject);
527 ret = ib_dereg_mr(mr);
531 idr_remove(&ib_uverbs_mr_idr, cmd.mr_handle);
533 mutex_lock(&file->mutex);
534 list_del(&memobj->uobject.list);
535 mutex_unlock(&file->mutex);
537 ib_umem_release(file->device->ib_dev, &memobj->umem);
541 mutex_unlock(&ib_uverbs_idr_mutex);
543 return ret ? ret : in_len;
546 ssize_t ib_uverbs_create_comp_channel(struct ib_uverbs_file *file,
547 const char __user *buf, int in_len,
550 struct ib_uverbs_create_comp_channel cmd;
551 struct ib_uverbs_create_comp_channel_resp resp;
554 if (out_len < sizeof resp)
557 if (copy_from_user(&cmd, buf, sizeof cmd))
560 filp = ib_uverbs_alloc_event_file(file, 0, &resp.fd);
562 return PTR_ERR(filp);
564 if (copy_to_user((void __user *) (unsigned long) cmd.response,
565 &resp, sizeof resp)) {
566 put_unused_fd(resp.fd);
571 fd_install(resp.fd, filp);
575 ssize_t ib_uverbs_create_cq(struct ib_uverbs_file *file,
576 const char __user *buf, int in_len,
579 struct ib_uverbs_create_cq cmd;
580 struct ib_uverbs_create_cq_resp resp;
581 struct ib_udata udata;
582 struct ib_ucq_object *uobj;
583 struct ib_uverbs_event_file *ev_file = NULL;
587 if (out_len < sizeof resp)
590 if (copy_from_user(&cmd, buf, sizeof cmd))
593 INIT_UDATA(&udata, buf + sizeof cmd,
594 (unsigned long) cmd.response + sizeof resp,
595 in_len - sizeof cmd, out_len - sizeof resp);
597 if (cmd.comp_vector >= file->device->num_comp_vectors)
600 uobj = kmalloc(sizeof *uobj, GFP_KERNEL);
604 if (cmd.comp_channel >= 0) {
605 ev_file = ib_uverbs_lookup_comp_file(cmd.comp_channel);
612 uobj->uobject.user_handle = cmd.user_handle;
613 uobj->uobject.context = file->ucontext;
614 uobj->uverbs_file = file;
615 uobj->comp_events_reported = 0;
616 uobj->async_events_reported = 0;
617 INIT_LIST_HEAD(&uobj->comp_list);
618 INIT_LIST_HEAD(&uobj->async_list);
620 cq = file->device->ib_dev->create_cq(file->device->ib_dev, cmd.cqe,
621 file->ucontext, &udata);
627 cq->device = file->device->ib_dev;
628 cq->uobject = &uobj->uobject;
629 cq->comp_handler = ib_uverbs_comp_handler;
630 cq->event_handler = ib_uverbs_cq_event_handler;
631 cq->cq_context = ev_file;
632 atomic_set(&cq->usecnt, 0);
634 mutex_lock(&ib_uverbs_idr_mutex);
637 if (!idr_pre_get(&ib_uverbs_cq_idr, GFP_KERNEL)) {
642 ret = idr_get_new(&ib_uverbs_cq_idr, cq, &uobj->uobject.id);
649 memset(&resp, 0, sizeof resp);
650 resp.cq_handle = uobj->uobject.id;
653 if (copy_to_user((void __user *) (unsigned long) cmd.response,
654 &resp, sizeof resp)) {
659 mutex_lock(&file->mutex);
660 list_add_tail(&uobj->uobject.list, &file->ucontext->cq_list);
661 mutex_unlock(&file->mutex);
663 mutex_unlock(&ib_uverbs_idr_mutex);
668 idr_remove(&ib_uverbs_cq_idr, uobj->uobject.id);
671 mutex_unlock(&ib_uverbs_idr_mutex);
676 ib_uverbs_release_ucq(file, ev_file, uobj);
681 ssize_t ib_uverbs_resize_cq(struct ib_uverbs_file *file,
682 const char __user *buf, int in_len,
685 struct ib_uverbs_resize_cq cmd;
686 struct ib_uverbs_resize_cq_resp resp;
687 struct ib_udata udata;
691 if (copy_from_user(&cmd, buf, sizeof cmd))
694 INIT_UDATA(&udata, buf + sizeof cmd,
695 (unsigned long) cmd.response + sizeof resp,
696 in_len - sizeof cmd, out_len - sizeof resp);
698 mutex_lock(&ib_uverbs_idr_mutex);
700 cq = idr_find(&ib_uverbs_cq_idr, cmd.cq_handle);
701 if (!cq || cq->uobject->context != file->ucontext || !cq->device->resize_cq)
704 ret = cq->device->resize_cq(cq, cmd.cqe, &udata);
708 memset(&resp, 0, sizeof resp);
711 if (copy_to_user((void __user *) (unsigned long) cmd.response,
716 mutex_unlock(&ib_uverbs_idr_mutex);
718 return ret ? ret : in_len;
721 ssize_t ib_uverbs_poll_cq(struct ib_uverbs_file *file,
722 const char __user *buf, int in_len,
725 struct ib_uverbs_poll_cq cmd;
726 struct ib_uverbs_poll_cq_resp *resp;
733 if (copy_from_user(&cmd, buf, sizeof cmd))
736 wc = kmalloc(cmd.ne * sizeof *wc, GFP_KERNEL);
740 rsize = sizeof *resp + cmd.ne * sizeof(struct ib_uverbs_wc);
741 resp = kmalloc(rsize, GFP_KERNEL);
747 mutex_lock(&ib_uverbs_idr_mutex);
748 cq = idr_find(&ib_uverbs_cq_idr, cmd.cq_handle);
749 if (!cq || cq->uobject->context != file->ucontext) {
754 resp->count = ib_poll_cq(cq, cmd.ne, wc);
756 for (i = 0; i < resp->count; i++) {
757 resp->wc[i].wr_id = wc[i].wr_id;
758 resp->wc[i].status = wc[i].status;
759 resp->wc[i].opcode = wc[i].opcode;
760 resp->wc[i].vendor_err = wc[i].vendor_err;
761 resp->wc[i].byte_len = wc[i].byte_len;
762 resp->wc[i].imm_data = (__u32 __force) wc[i].imm_data;
763 resp->wc[i].qp_num = wc[i].qp_num;
764 resp->wc[i].src_qp = wc[i].src_qp;
765 resp->wc[i].wc_flags = wc[i].wc_flags;
766 resp->wc[i].pkey_index = wc[i].pkey_index;
767 resp->wc[i].slid = wc[i].slid;
768 resp->wc[i].sl = wc[i].sl;
769 resp->wc[i].dlid_path_bits = wc[i].dlid_path_bits;
770 resp->wc[i].port_num = wc[i].port_num;
773 if (copy_to_user((void __user *) (unsigned long) cmd.response, resp, rsize))
777 mutex_unlock(&ib_uverbs_idr_mutex);
782 return ret ? ret : in_len;
785 ssize_t ib_uverbs_req_notify_cq(struct ib_uverbs_file *file,
786 const char __user *buf, int in_len,
789 struct ib_uverbs_req_notify_cq cmd;
793 if (copy_from_user(&cmd, buf, sizeof cmd))
796 mutex_lock(&ib_uverbs_idr_mutex);
797 cq = idr_find(&ib_uverbs_cq_idr, cmd.cq_handle);
798 if (cq && cq->uobject->context == file->ucontext) {
799 ib_req_notify_cq(cq, cmd.solicited_only ?
800 IB_CQ_SOLICITED : IB_CQ_NEXT_COMP);
803 mutex_unlock(&ib_uverbs_idr_mutex);
808 ssize_t ib_uverbs_destroy_cq(struct ib_uverbs_file *file,
809 const char __user *buf, int in_len,
812 struct ib_uverbs_destroy_cq cmd;
813 struct ib_uverbs_destroy_cq_resp resp;
815 struct ib_ucq_object *uobj;
816 struct ib_uverbs_event_file *ev_file;
820 if (copy_from_user(&cmd, buf, sizeof cmd))
823 memset(&resp, 0, sizeof resp);
825 mutex_lock(&ib_uverbs_idr_mutex);
827 cq = idr_find(&ib_uverbs_cq_idr, cmd.cq_handle);
828 if (!cq || cq->uobject->context != file->ucontext)
831 user_handle = cq->uobject->user_handle;
832 uobj = container_of(cq->uobject, struct ib_ucq_object, uobject);
833 ev_file = cq->cq_context;
835 ret = ib_destroy_cq(cq);
839 idr_remove(&ib_uverbs_cq_idr, cmd.cq_handle);
841 mutex_lock(&file->mutex);
842 list_del(&uobj->uobject.list);
843 mutex_unlock(&file->mutex);
845 ib_uverbs_release_ucq(file, ev_file, uobj);
847 resp.comp_events_reported = uobj->comp_events_reported;
848 resp.async_events_reported = uobj->async_events_reported;
852 if (copy_to_user((void __user *) (unsigned long) cmd.response,
857 mutex_unlock(&ib_uverbs_idr_mutex);
859 return ret ? ret : in_len;
862 ssize_t ib_uverbs_create_qp(struct ib_uverbs_file *file,
863 const char __user *buf, int in_len,
866 struct ib_uverbs_create_qp cmd;
867 struct ib_uverbs_create_qp_resp resp;
868 struct ib_udata udata;
869 struct ib_uqp_object *uobj;
871 struct ib_cq *scq, *rcq;
874 struct ib_qp_init_attr attr;
877 if (out_len < sizeof resp)
880 if (copy_from_user(&cmd, buf, sizeof cmd))
883 INIT_UDATA(&udata, buf + sizeof cmd,
884 (unsigned long) cmd.response + sizeof resp,
885 in_len - sizeof cmd, out_len - sizeof resp);
887 uobj = kmalloc(sizeof *uobj, GFP_KERNEL);
891 mutex_lock(&ib_uverbs_idr_mutex);
893 pd = idr_find(&ib_uverbs_pd_idr, cmd.pd_handle);
894 scq = idr_find(&ib_uverbs_cq_idr, cmd.send_cq_handle);
895 rcq = idr_find(&ib_uverbs_cq_idr, cmd.recv_cq_handle);
896 srq = cmd.is_srq ? idr_find(&ib_uverbs_srq_idr, cmd.srq_handle) : NULL;
898 if (!pd || pd->uobject->context != file->ucontext ||
899 !scq || scq->uobject->context != file->ucontext ||
900 !rcq || rcq->uobject->context != file->ucontext ||
901 (cmd.is_srq && (!srq || srq->uobject->context != file->ucontext))) {
906 attr.event_handler = ib_uverbs_qp_event_handler;
907 attr.qp_context = file;
911 attr.sq_sig_type = cmd.sq_sig_all ? IB_SIGNAL_ALL_WR : IB_SIGNAL_REQ_WR;
912 attr.qp_type = cmd.qp_type;
914 attr.cap.max_send_wr = cmd.max_send_wr;
915 attr.cap.max_recv_wr = cmd.max_recv_wr;
916 attr.cap.max_send_sge = cmd.max_send_sge;
917 attr.cap.max_recv_sge = cmd.max_recv_sge;
918 attr.cap.max_inline_data = cmd.max_inline_data;
920 uobj->uevent.uobject.user_handle = cmd.user_handle;
921 uobj->uevent.uobject.context = file->ucontext;
922 uobj->uevent.events_reported = 0;
923 INIT_LIST_HEAD(&uobj->uevent.event_list);
924 INIT_LIST_HEAD(&uobj->mcast_list);
926 qp = pd->device->create_qp(pd, &attr, &udata);
932 qp->device = pd->device;
934 qp->send_cq = attr.send_cq;
935 qp->recv_cq = attr.recv_cq;
937 qp->uobject = &uobj->uevent.uobject;
938 qp->event_handler = attr.event_handler;
939 qp->qp_context = attr.qp_context;
940 qp->qp_type = attr.qp_type;
941 atomic_inc(&pd->usecnt);
942 atomic_inc(&attr.send_cq->usecnt);
943 atomic_inc(&attr.recv_cq->usecnt);
945 atomic_inc(&attr.srq->usecnt);
947 memset(&resp, 0, sizeof resp);
948 resp.qpn = qp->qp_num;
951 if (!idr_pre_get(&ib_uverbs_qp_idr, GFP_KERNEL)) {
956 ret = idr_get_new(&ib_uverbs_qp_idr, qp, &uobj->uevent.uobject.id);
963 resp.qp_handle = uobj->uevent.uobject.id;
964 resp.max_recv_sge = attr.cap.max_recv_sge;
965 resp.max_send_sge = attr.cap.max_send_sge;
966 resp.max_recv_wr = attr.cap.max_recv_wr;
967 resp.max_send_wr = attr.cap.max_send_wr;
968 resp.max_inline_data = attr.cap.max_inline_data;
970 if (copy_to_user((void __user *) (unsigned long) cmd.response,
971 &resp, sizeof resp)) {
976 mutex_lock(&file->mutex);
977 list_add_tail(&uobj->uevent.uobject.list, &file->ucontext->qp_list);
978 mutex_unlock(&file->mutex);
980 mutex_unlock(&ib_uverbs_idr_mutex);
985 idr_remove(&ib_uverbs_qp_idr, uobj->uevent.uobject.id);
989 atomic_dec(&pd->usecnt);
990 atomic_dec(&attr.send_cq->usecnt);
991 atomic_dec(&attr.recv_cq->usecnt);
993 atomic_dec(&attr.srq->usecnt);
996 mutex_unlock(&ib_uverbs_idr_mutex);
1002 ssize_t ib_uverbs_query_qp(struct ib_uverbs_file *file,
1003 const char __user *buf, int in_len,
1006 struct ib_uverbs_query_qp cmd;
1007 struct ib_uverbs_query_qp_resp resp;
1009 struct ib_qp_attr *attr;
1010 struct ib_qp_init_attr *init_attr;
1013 if (copy_from_user(&cmd, buf, sizeof cmd))
1016 attr = kmalloc(sizeof *attr, GFP_KERNEL);
1017 init_attr = kmalloc(sizeof *init_attr, GFP_KERNEL);
1018 if (!attr || !init_attr) {
1023 mutex_lock(&ib_uverbs_idr_mutex);
1025 qp = idr_find(&ib_uverbs_qp_idr, cmd.qp_handle);
1026 if (qp && qp->uobject->context == file->ucontext)
1027 ret = ib_query_qp(qp, attr, cmd.attr_mask, init_attr);
1031 mutex_unlock(&ib_uverbs_idr_mutex);
1036 memset(&resp, 0, sizeof resp);
1038 resp.qp_state = attr->qp_state;
1039 resp.cur_qp_state = attr->cur_qp_state;
1040 resp.path_mtu = attr->path_mtu;
1041 resp.path_mig_state = attr->path_mig_state;
1042 resp.qkey = attr->qkey;
1043 resp.rq_psn = attr->rq_psn;
1044 resp.sq_psn = attr->sq_psn;
1045 resp.dest_qp_num = attr->dest_qp_num;
1046 resp.qp_access_flags = attr->qp_access_flags;
1047 resp.pkey_index = attr->pkey_index;
1048 resp.alt_pkey_index = attr->alt_pkey_index;
1049 resp.en_sqd_async_notify = attr->en_sqd_async_notify;
1050 resp.max_rd_atomic = attr->max_rd_atomic;
1051 resp.max_dest_rd_atomic = attr->max_dest_rd_atomic;
1052 resp.min_rnr_timer = attr->min_rnr_timer;
1053 resp.port_num = attr->port_num;
1054 resp.timeout = attr->timeout;
1055 resp.retry_cnt = attr->retry_cnt;
1056 resp.rnr_retry = attr->rnr_retry;
1057 resp.alt_port_num = attr->alt_port_num;
1058 resp.alt_timeout = attr->alt_timeout;
1060 memcpy(resp.dest.dgid, attr->ah_attr.grh.dgid.raw, 16);
1061 resp.dest.flow_label = attr->ah_attr.grh.flow_label;
1062 resp.dest.sgid_index = attr->ah_attr.grh.sgid_index;
1063 resp.dest.hop_limit = attr->ah_attr.grh.hop_limit;
1064 resp.dest.traffic_class = attr->ah_attr.grh.traffic_class;
1065 resp.dest.dlid = attr->ah_attr.dlid;
1066 resp.dest.sl = attr->ah_attr.sl;
1067 resp.dest.src_path_bits = attr->ah_attr.src_path_bits;
1068 resp.dest.static_rate = attr->ah_attr.static_rate;
1069 resp.dest.is_global = !!(attr->ah_attr.ah_flags & IB_AH_GRH);
1070 resp.dest.port_num = attr->ah_attr.port_num;
1072 memcpy(resp.alt_dest.dgid, attr->alt_ah_attr.grh.dgid.raw, 16);
1073 resp.alt_dest.flow_label = attr->alt_ah_attr.grh.flow_label;
1074 resp.alt_dest.sgid_index = attr->alt_ah_attr.grh.sgid_index;
1075 resp.alt_dest.hop_limit = attr->alt_ah_attr.grh.hop_limit;
1076 resp.alt_dest.traffic_class = attr->alt_ah_attr.grh.traffic_class;
1077 resp.alt_dest.dlid = attr->alt_ah_attr.dlid;
1078 resp.alt_dest.sl = attr->alt_ah_attr.sl;
1079 resp.alt_dest.src_path_bits = attr->alt_ah_attr.src_path_bits;
1080 resp.alt_dest.static_rate = attr->alt_ah_attr.static_rate;
1081 resp.alt_dest.is_global = !!(attr->alt_ah_attr.ah_flags & IB_AH_GRH);
1082 resp.alt_dest.port_num = attr->alt_ah_attr.port_num;
1084 resp.max_send_wr = init_attr->cap.max_send_wr;
1085 resp.max_recv_wr = init_attr->cap.max_recv_wr;
1086 resp.max_send_sge = init_attr->cap.max_send_sge;
1087 resp.max_recv_sge = init_attr->cap.max_recv_sge;
1088 resp.max_inline_data = init_attr->cap.max_inline_data;
1089 resp.sq_sig_all = init_attr->sq_sig_type == IB_SIGNAL_ALL_WR;
1091 if (copy_to_user((void __user *) (unsigned long) cmd.response,
1092 &resp, sizeof resp))
1099 return ret ? ret : in_len;
1102 ssize_t ib_uverbs_modify_qp(struct ib_uverbs_file *file,
1103 const char __user *buf, int in_len,
1106 struct ib_uverbs_modify_qp cmd;
1108 struct ib_qp_attr *attr;
1111 if (copy_from_user(&cmd, buf, sizeof cmd))
1114 attr = kmalloc(sizeof *attr, GFP_KERNEL);
1118 mutex_lock(&ib_uverbs_idr_mutex);
1120 qp = idr_find(&ib_uverbs_qp_idr, cmd.qp_handle);
1121 if (!qp || qp->uobject->context != file->ucontext) {
1126 attr->qp_state = cmd.qp_state;
1127 attr->cur_qp_state = cmd.cur_qp_state;
1128 attr->path_mtu = cmd.path_mtu;
1129 attr->path_mig_state = cmd.path_mig_state;
1130 attr->qkey = cmd.qkey;
1131 attr->rq_psn = cmd.rq_psn;
1132 attr->sq_psn = cmd.sq_psn;
1133 attr->dest_qp_num = cmd.dest_qp_num;
1134 attr->qp_access_flags = cmd.qp_access_flags;
1135 attr->pkey_index = cmd.pkey_index;
1136 attr->alt_pkey_index = cmd.alt_pkey_index;
1137 attr->en_sqd_async_notify = cmd.en_sqd_async_notify;
1138 attr->max_rd_atomic = cmd.max_rd_atomic;
1139 attr->max_dest_rd_atomic = cmd.max_dest_rd_atomic;
1140 attr->min_rnr_timer = cmd.min_rnr_timer;
1141 attr->port_num = cmd.port_num;
1142 attr->timeout = cmd.timeout;
1143 attr->retry_cnt = cmd.retry_cnt;
1144 attr->rnr_retry = cmd.rnr_retry;
1145 attr->alt_port_num = cmd.alt_port_num;
1146 attr->alt_timeout = cmd.alt_timeout;
1148 memcpy(attr->ah_attr.grh.dgid.raw, cmd.dest.dgid, 16);
1149 attr->ah_attr.grh.flow_label = cmd.dest.flow_label;
1150 attr->ah_attr.grh.sgid_index = cmd.dest.sgid_index;
1151 attr->ah_attr.grh.hop_limit = cmd.dest.hop_limit;
1152 attr->ah_attr.grh.traffic_class = cmd.dest.traffic_class;
1153 attr->ah_attr.dlid = cmd.dest.dlid;
1154 attr->ah_attr.sl = cmd.dest.sl;
1155 attr->ah_attr.src_path_bits = cmd.dest.src_path_bits;
1156 attr->ah_attr.static_rate = cmd.dest.static_rate;
1157 attr->ah_attr.ah_flags = cmd.dest.is_global ? IB_AH_GRH : 0;
1158 attr->ah_attr.port_num = cmd.dest.port_num;
1160 memcpy(attr->alt_ah_attr.grh.dgid.raw, cmd.alt_dest.dgid, 16);
1161 attr->alt_ah_attr.grh.flow_label = cmd.alt_dest.flow_label;
1162 attr->alt_ah_attr.grh.sgid_index = cmd.alt_dest.sgid_index;
1163 attr->alt_ah_attr.grh.hop_limit = cmd.alt_dest.hop_limit;
1164 attr->alt_ah_attr.grh.traffic_class = cmd.alt_dest.traffic_class;
1165 attr->alt_ah_attr.dlid = cmd.alt_dest.dlid;
1166 attr->alt_ah_attr.sl = cmd.alt_dest.sl;
1167 attr->alt_ah_attr.src_path_bits = cmd.alt_dest.src_path_bits;
1168 attr->alt_ah_attr.static_rate = cmd.alt_dest.static_rate;
1169 attr->alt_ah_attr.ah_flags = cmd.alt_dest.is_global ? IB_AH_GRH : 0;
1170 attr->alt_ah_attr.port_num = cmd.alt_dest.port_num;
1172 ret = ib_modify_qp(qp, attr, cmd.attr_mask);
1179 mutex_unlock(&ib_uverbs_idr_mutex);
1185 ssize_t ib_uverbs_destroy_qp(struct ib_uverbs_file *file,
1186 const char __user *buf, int in_len,
1189 struct ib_uverbs_destroy_qp cmd;
1190 struct ib_uverbs_destroy_qp_resp resp;
1192 struct ib_uqp_object *uobj;
1195 if (copy_from_user(&cmd, buf, sizeof cmd))
1198 memset(&resp, 0, sizeof resp);
1200 mutex_lock(&ib_uverbs_idr_mutex);
1202 qp = idr_find(&ib_uverbs_qp_idr, cmd.qp_handle);
1203 if (!qp || qp->uobject->context != file->ucontext)
1206 uobj = container_of(qp->uobject, struct ib_uqp_object, uevent.uobject);
1208 if (!list_empty(&uobj->mcast_list)) {
1213 ret = ib_destroy_qp(qp);
1217 idr_remove(&ib_uverbs_qp_idr, cmd.qp_handle);
1219 mutex_lock(&file->mutex);
1220 list_del(&uobj->uevent.uobject.list);
1221 mutex_unlock(&file->mutex);
1223 ib_uverbs_release_uevent(file, &uobj->uevent);
1225 resp.events_reported = uobj->uevent.events_reported;
1229 if (copy_to_user((void __user *) (unsigned long) cmd.response,
1230 &resp, sizeof resp))
1234 mutex_unlock(&ib_uverbs_idr_mutex);
1236 return ret ? ret : in_len;
1239 ssize_t ib_uverbs_post_send(struct ib_uverbs_file *file,
1240 const char __user *buf, int in_len,
1243 struct ib_uverbs_post_send cmd;
1244 struct ib_uverbs_post_send_resp resp;
1245 struct ib_uverbs_send_wr *user_wr;
1246 struct ib_send_wr *wr = NULL, *last, *next, *bad_wr;
1249 ssize_t ret = -EINVAL;
1251 if (copy_from_user(&cmd, buf, sizeof cmd))
1254 if (in_len < sizeof cmd + cmd.wqe_size * cmd.wr_count +
1255 cmd.sge_count * sizeof (struct ib_uverbs_sge))
1258 if (cmd.wqe_size < sizeof (struct ib_uverbs_send_wr))
1261 user_wr = kmalloc(cmd.wqe_size, GFP_KERNEL);
1265 mutex_lock(&ib_uverbs_idr_mutex);
1267 qp = idr_find(&ib_uverbs_qp_idr, cmd.qp_handle);
1268 if (!qp || qp->uobject->context != file->ucontext)
1273 for (i = 0; i < cmd.wr_count; ++i) {
1274 if (copy_from_user(user_wr,
1275 buf + sizeof cmd + i * cmd.wqe_size,
1281 if (user_wr->num_sge + sg_ind > cmd.sge_count) {
1286 next = kmalloc(ALIGN(sizeof *next, sizeof (struct ib_sge)) +
1287 user_wr->num_sge * sizeof (struct ib_sge),
1301 next->wr_id = user_wr->wr_id;
1302 next->num_sge = user_wr->num_sge;
1303 next->opcode = user_wr->opcode;
1304 next->send_flags = user_wr->send_flags;
1305 next->imm_data = (__be32 __force) user_wr->imm_data;
1307 if (qp->qp_type == IB_QPT_UD) {
1308 next->wr.ud.ah = idr_find(&ib_uverbs_ah_idr,
1310 if (!next->wr.ud.ah) {
1314 next->wr.ud.remote_qpn = user_wr->wr.ud.remote_qpn;
1315 next->wr.ud.remote_qkey = user_wr->wr.ud.remote_qkey;
1317 switch (next->opcode) {
1318 case IB_WR_RDMA_WRITE:
1319 case IB_WR_RDMA_WRITE_WITH_IMM:
1320 case IB_WR_RDMA_READ:
1321 next->wr.rdma.remote_addr =
1322 user_wr->wr.rdma.remote_addr;
1323 next->wr.rdma.rkey =
1324 user_wr->wr.rdma.rkey;
1326 case IB_WR_ATOMIC_CMP_AND_SWP:
1327 case IB_WR_ATOMIC_FETCH_AND_ADD:
1328 next->wr.atomic.remote_addr =
1329 user_wr->wr.atomic.remote_addr;
1330 next->wr.atomic.compare_add =
1331 user_wr->wr.atomic.compare_add;
1332 next->wr.atomic.swap = user_wr->wr.atomic.swap;
1333 next->wr.atomic.rkey = user_wr->wr.atomic.rkey;
1340 if (next->num_sge) {
1341 next->sg_list = (void *) next +
1342 ALIGN(sizeof *next, sizeof (struct ib_sge));
1343 if (copy_from_user(next->sg_list,
1345 cmd.wr_count * cmd.wqe_size +
1346 sg_ind * sizeof (struct ib_sge),
1347 next->num_sge * sizeof (struct ib_sge))) {
1351 sg_ind += next->num_sge;
1353 next->sg_list = NULL;
1357 ret = qp->device->post_send(qp, wr, &bad_wr);
1359 for (next = wr; next; next = next->next) {
1365 if (copy_to_user((void __user *) (unsigned long) cmd.response,
1366 &resp, sizeof resp))
1370 mutex_unlock(&ib_uverbs_idr_mutex);
1380 return ret ? ret : in_len;
1383 static struct ib_recv_wr *ib_uverbs_unmarshall_recv(const char __user *buf,
1389 struct ib_uverbs_recv_wr *user_wr;
1390 struct ib_recv_wr *wr = NULL, *last, *next;
1395 if (in_len < wqe_size * wr_count +
1396 sge_count * sizeof (struct ib_uverbs_sge))
1397 return ERR_PTR(-EINVAL);
1399 if (wqe_size < sizeof (struct ib_uverbs_recv_wr))
1400 return ERR_PTR(-EINVAL);
1402 user_wr = kmalloc(wqe_size, GFP_KERNEL);
1404 return ERR_PTR(-ENOMEM);
1408 for (i = 0; i < wr_count; ++i) {
1409 if (copy_from_user(user_wr, buf + i * wqe_size,
1415 if (user_wr->num_sge + sg_ind > sge_count) {
1420 next = kmalloc(ALIGN(sizeof *next, sizeof (struct ib_sge)) +
1421 user_wr->num_sge * sizeof (struct ib_sge),
1435 next->wr_id = user_wr->wr_id;
1436 next->num_sge = user_wr->num_sge;
1438 if (next->num_sge) {
1439 next->sg_list = (void *) next +
1440 ALIGN(sizeof *next, sizeof (struct ib_sge));
1441 if (copy_from_user(next->sg_list,
1442 buf + wr_count * wqe_size +
1443 sg_ind * sizeof (struct ib_sge),
1444 next->num_sge * sizeof (struct ib_sge))) {
1448 sg_ind += next->num_sge;
1450 next->sg_list = NULL;
1465 return ERR_PTR(ret);
1468 ssize_t ib_uverbs_post_recv(struct ib_uverbs_file *file,
1469 const char __user *buf, int in_len,
1472 struct ib_uverbs_post_recv cmd;
1473 struct ib_uverbs_post_recv_resp resp;
1474 struct ib_recv_wr *wr, *next, *bad_wr;
1476 ssize_t ret = -EINVAL;
1478 if (copy_from_user(&cmd, buf, sizeof cmd))
1481 wr = ib_uverbs_unmarshall_recv(buf + sizeof cmd,
1482 in_len - sizeof cmd, cmd.wr_count,
1483 cmd.sge_count, cmd.wqe_size);
1487 mutex_lock(&ib_uverbs_idr_mutex);
1489 qp = idr_find(&ib_uverbs_qp_idr, cmd.qp_handle);
1490 if (!qp || qp->uobject->context != file->ucontext)
1494 ret = qp->device->post_recv(qp, wr, &bad_wr);
1496 for (next = wr; next; next = next->next) {
1503 if (copy_to_user((void __user *) (unsigned long) cmd.response,
1504 &resp, sizeof resp))
1508 mutex_unlock(&ib_uverbs_idr_mutex);
1516 return ret ? ret : in_len;
1519 ssize_t ib_uverbs_post_srq_recv(struct ib_uverbs_file *file,
1520 const char __user *buf, int in_len,
1523 struct ib_uverbs_post_srq_recv cmd;
1524 struct ib_uverbs_post_srq_recv_resp resp;
1525 struct ib_recv_wr *wr, *next, *bad_wr;
1527 ssize_t ret = -EINVAL;
1529 if (copy_from_user(&cmd, buf, sizeof cmd))
1532 wr = ib_uverbs_unmarshall_recv(buf + sizeof cmd,
1533 in_len - sizeof cmd, cmd.wr_count,
1534 cmd.sge_count, cmd.wqe_size);
1538 mutex_lock(&ib_uverbs_idr_mutex);
1540 srq = idr_find(&ib_uverbs_srq_idr, cmd.srq_handle);
1541 if (!srq || srq->uobject->context != file->ucontext)
1545 ret = srq->device->post_srq_recv(srq, wr, &bad_wr);
1547 for (next = wr; next; next = next->next) {
1554 if (copy_to_user((void __user *) (unsigned long) cmd.response,
1555 &resp, sizeof resp))
1559 mutex_unlock(&ib_uverbs_idr_mutex);
1567 return ret ? ret : in_len;
1570 ssize_t ib_uverbs_create_ah(struct ib_uverbs_file *file,
1571 const char __user *buf, int in_len,
1574 struct ib_uverbs_create_ah cmd;
1575 struct ib_uverbs_create_ah_resp resp;
1576 struct ib_uobject *uobj;
1579 struct ib_ah_attr attr;
1582 if (out_len < sizeof resp)
1585 if (copy_from_user(&cmd, buf, sizeof cmd))
1588 uobj = kmalloc(sizeof *uobj, GFP_KERNEL);
1592 mutex_lock(&ib_uverbs_idr_mutex);
1594 pd = idr_find(&ib_uverbs_pd_idr, cmd.pd_handle);
1595 if (!pd || pd->uobject->context != file->ucontext) {
1600 uobj->user_handle = cmd.user_handle;
1601 uobj->context = file->ucontext;
1603 attr.dlid = cmd.attr.dlid;
1604 attr.sl = cmd.attr.sl;
1605 attr.src_path_bits = cmd.attr.src_path_bits;
1606 attr.static_rate = cmd.attr.static_rate;
1607 attr.ah_flags = cmd.attr.is_global ? IB_AH_GRH : 0;
1608 attr.port_num = cmd.attr.port_num;
1609 attr.grh.flow_label = cmd.attr.grh.flow_label;
1610 attr.grh.sgid_index = cmd.attr.grh.sgid_index;
1611 attr.grh.hop_limit = cmd.attr.grh.hop_limit;
1612 attr.grh.traffic_class = cmd.attr.grh.traffic_class;
1613 memcpy(attr.grh.dgid.raw, cmd.attr.grh.dgid, 16);
1615 ah = ib_create_ah(pd, &attr);
1624 if (!idr_pre_get(&ib_uverbs_ah_idr, GFP_KERNEL)) {
1629 ret = idr_get_new(&ib_uverbs_ah_idr, ah, &uobj->id);
1636 resp.ah_handle = uobj->id;
1638 if (copy_to_user((void __user *) (unsigned long) cmd.response,
1639 &resp, sizeof resp)) {
1644 mutex_lock(&file->mutex);
1645 list_add_tail(&uobj->list, &file->ucontext->ah_list);
1646 mutex_unlock(&file->mutex);
1648 mutex_unlock(&ib_uverbs_idr_mutex);
1653 idr_remove(&ib_uverbs_ah_idr, uobj->id);
1659 mutex_unlock(&ib_uverbs_idr_mutex);
1665 ssize_t ib_uverbs_destroy_ah(struct ib_uverbs_file *file,
1666 const char __user *buf, int in_len, int out_len)
1668 struct ib_uverbs_destroy_ah cmd;
1670 struct ib_uobject *uobj;
1673 if (copy_from_user(&cmd, buf, sizeof cmd))
1676 mutex_lock(&ib_uverbs_idr_mutex);
1678 ah = idr_find(&ib_uverbs_ah_idr, cmd.ah_handle);
1679 if (!ah || ah->uobject->context != file->ucontext)
1684 ret = ib_destroy_ah(ah);
1688 idr_remove(&ib_uverbs_ah_idr, cmd.ah_handle);
1690 mutex_lock(&file->mutex);
1691 list_del(&uobj->list);
1692 mutex_unlock(&file->mutex);
1697 mutex_unlock(&ib_uverbs_idr_mutex);
1699 return ret ? ret : in_len;
1702 ssize_t ib_uverbs_attach_mcast(struct ib_uverbs_file *file,
1703 const char __user *buf, int in_len,
1706 struct ib_uverbs_attach_mcast cmd;
1708 struct ib_uqp_object *uobj;
1709 struct ib_uverbs_mcast_entry *mcast;
1712 if (copy_from_user(&cmd, buf, sizeof cmd))
1715 mutex_lock(&ib_uverbs_idr_mutex);
1717 qp = idr_find(&ib_uverbs_qp_idr, cmd.qp_handle);
1718 if (!qp || qp->uobject->context != file->ucontext)
1721 uobj = container_of(qp->uobject, struct ib_uqp_object, uevent.uobject);
1723 list_for_each_entry(mcast, &uobj->mcast_list, list)
1724 if (cmd.mlid == mcast->lid &&
1725 !memcmp(cmd.gid, mcast->gid.raw, sizeof mcast->gid.raw)) {
1730 mcast = kmalloc(sizeof *mcast, GFP_KERNEL);
1736 mcast->lid = cmd.mlid;
1737 memcpy(mcast->gid.raw, cmd.gid, sizeof mcast->gid.raw);
1739 ret = ib_attach_mcast(qp, &mcast->gid, cmd.mlid);
1741 uobj = container_of(qp->uobject, struct ib_uqp_object,
1743 list_add_tail(&mcast->list, &uobj->mcast_list);
1748 mutex_unlock(&ib_uverbs_idr_mutex);
1750 return ret ? ret : in_len;
1753 ssize_t ib_uverbs_detach_mcast(struct ib_uverbs_file *file,
1754 const char __user *buf, int in_len,
1757 struct ib_uverbs_detach_mcast cmd;
1758 struct ib_uqp_object *uobj;
1760 struct ib_uverbs_mcast_entry *mcast;
1763 if (copy_from_user(&cmd, buf, sizeof cmd))
1766 mutex_lock(&ib_uverbs_idr_mutex);
1768 qp = idr_find(&ib_uverbs_qp_idr, cmd.qp_handle);
1769 if (!qp || qp->uobject->context != file->ucontext)
1772 ret = ib_detach_mcast(qp, (union ib_gid *) cmd.gid, cmd.mlid);
1776 uobj = container_of(qp->uobject, struct ib_uqp_object, uevent.uobject);
1778 list_for_each_entry(mcast, &uobj->mcast_list, list)
1779 if (cmd.mlid == mcast->lid &&
1780 !memcmp(cmd.gid, mcast->gid.raw, sizeof mcast->gid.raw)) {
1781 list_del(&mcast->list);
1787 mutex_unlock(&ib_uverbs_idr_mutex);
1789 return ret ? ret : in_len;
1792 ssize_t ib_uverbs_create_srq(struct ib_uverbs_file *file,
1793 const char __user *buf, int in_len,
1796 struct ib_uverbs_create_srq cmd;
1797 struct ib_uverbs_create_srq_resp resp;
1798 struct ib_udata udata;
1799 struct ib_uevent_object *uobj;
1802 struct ib_srq_init_attr attr;
1805 if (out_len < sizeof resp)
1808 if (copy_from_user(&cmd, buf, sizeof cmd))
1811 INIT_UDATA(&udata, buf + sizeof cmd,
1812 (unsigned long) cmd.response + sizeof resp,
1813 in_len - sizeof cmd, out_len - sizeof resp);
1815 uobj = kmalloc(sizeof *uobj, GFP_KERNEL);
1819 mutex_lock(&ib_uverbs_idr_mutex);
1821 pd = idr_find(&ib_uverbs_pd_idr, cmd.pd_handle);
1823 if (!pd || pd->uobject->context != file->ucontext) {
1828 attr.event_handler = ib_uverbs_srq_event_handler;
1829 attr.srq_context = file;
1830 attr.attr.max_wr = cmd.max_wr;
1831 attr.attr.max_sge = cmd.max_sge;
1832 attr.attr.srq_limit = cmd.srq_limit;
1834 uobj->uobject.user_handle = cmd.user_handle;
1835 uobj->uobject.context = file->ucontext;
1836 uobj->events_reported = 0;
1837 INIT_LIST_HEAD(&uobj->event_list);
1839 srq = pd->device->create_srq(pd, &attr, &udata);
1845 srq->device = pd->device;
1847 srq->uobject = &uobj->uobject;
1848 srq->event_handler = attr.event_handler;
1849 srq->srq_context = attr.srq_context;
1850 atomic_inc(&pd->usecnt);
1851 atomic_set(&srq->usecnt, 0);
1853 memset(&resp, 0, sizeof resp);
1856 if (!idr_pre_get(&ib_uverbs_srq_idr, GFP_KERNEL)) {
1861 ret = idr_get_new(&ib_uverbs_srq_idr, srq, &uobj->uobject.id);
1868 resp.srq_handle = uobj->uobject.id;
1869 resp.max_wr = attr.attr.max_wr;
1870 resp.max_sge = attr.attr.max_sge;
1872 if (copy_to_user((void __user *) (unsigned long) cmd.response,
1873 &resp, sizeof resp)) {
1878 mutex_lock(&file->mutex);
1879 list_add_tail(&uobj->uobject.list, &file->ucontext->srq_list);
1880 mutex_unlock(&file->mutex);
1882 mutex_unlock(&ib_uverbs_idr_mutex);
1887 idr_remove(&ib_uverbs_srq_idr, uobj->uobject.id);
1890 ib_destroy_srq(srq);
1891 atomic_dec(&pd->usecnt);
1894 mutex_unlock(&ib_uverbs_idr_mutex);
1900 ssize_t ib_uverbs_modify_srq(struct ib_uverbs_file *file,
1901 const char __user *buf, int in_len,
1904 struct ib_uverbs_modify_srq cmd;
1906 struct ib_srq_attr attr;
1909 if (copy_from_user(&cmd, buf, sizeof cmd))
1912 mutex_lock(&ib_uverbs_idr_mutex);
1914 srq = idr_find(&ib_uverbs_srq_idr, cmd.srq_handle);
1915 if (!srq || srq->uobject->context != file->ucontext) {
1920 attr.max_wr = cmd.max_wr;
1921 attr.srq_limit = cmd.srq_limit;
1923 ret = ib_modify_srq(srq, &attr, cmd.attr_mask);
1926 mutex_unlock(&ib_uverbs_idr_mutex);
1928 return ret ? ret : in_len;
1931 ssize_t ib_uverbs_query_srq(struct ib_uverbs_file *file,
1932 const char __user *buf,
1933 int in_len, int out_len)
1935 struct ib_uverbs_query_srq cmd;
1936 struct ib_uverbs_query_srq_resp resp;
1937 struct ib_srq_attr attr;
1941 if (out_len < sizeof resp)
1944 if (copy_from_user(&cmd, buf, sizeof cmd))
1947 mutex_lock(&ib_uverbs_idr_mutex);
1949 srq = idr_find(&ib_uverbs_srq_idr, cmd.srq_handle);
1950 if (srq && srq->uobject->context == file->ucontext)
1951 ret = ib_query_srq(srq, &attr);
1955 mutex_unlock(&ib_uverbs_idr_mutex);
1960 memset(&resp, 0, sizeof resp);
1962 resp.max_wr = attr.max_wr;
1963 resp.max_sge = attr.max_sge;
1964 resp.srq_limit = attr.srq_limit;
1966 if (copy_to_user((void __user *) (unsigned long) cmd.response,
1967 &resp, sizeof resp))
1971 return ret ? ret : in_len;
1974 ssize_t ib_uverbs_destroy_srq(struct ib_uverbs_file *file,
1975 const char __user *buf, int in_len,
1978 struct ib_uverbs_destroy_srq cmd;
1979 struct ib_uverbs_destroy_srq_resp resp;
1981 struct ib_uevent_object *uobj;
1984 if (copy_from_user(&cmd, buf, sizeof cmd))
1987 mutex_lock(&ib_uverbs_idr_mutex);
1989 memset(&resp, 0, sizeof resp);
1991 srq = idr_find(&ib_uverbs_srq_idr, cmd.srq_handle);
1992 if (!srq || srq->uobject->context != file->ucontext)
1995 uobj = container_of(srq->uobject, struct ib_uevent_object, uobject);
1997 ret = ib_destroy_srq(srq);
2001 idr_remove(&ib_uverbs_srq_idr, cmd.srq_handle);
2003 mutex_lock(&file->mutex);
2004 list_del(&uobj->uobject.list);
2005 mutex_unlock(&file->mutex);
2007 ib_uverbs_release_uevent(file, uobj);
2009 resp.events_reported = uobj->events_reported;
2013 if (copy_to_user((void __user *) (unsigned long) cmd.response,
2014 &resp, sizeof resp))
2018 mutex_unlock(&ib_uverbs_idr_mutex);
2020 return ret ? ret : in_len;
projects / mv-sheeva.git / blob