2 * Copyright (c) 2005 Topspin Communications. All rights reserved.
3 * Copyright (c) 2005, 2006, 2007 Cisco Systems. All rights reserved.
4 * Copyright (c) 2005 PathScale, Inc. All rights reserved.
5 * Copyright (c) 2006 Mellanox Technologies. All rights reserved.
7 * This software is available to you under a choice of one of two
8 * licenses. You may choose to be licensed under the terms of the GNU
9 * General Public License (GPL) Version 2, available from the file
10 * COPYING in the main directory of this source tree, or the
11 * OpenIB.org BSD license below:
13 * Redistribution and use in source and binary forms, with or
14 * without modification, are permitted provided that the following
17 * - Redistributions of source code must retain the above
18 * copyright notice, this list of conditions and the following
21 * - Redistributions in binary form must reproduce the above
22 * copyright notice, this list of conditions and the following
23 * disclaimer in the documentation and/or other materials
24 * provided with the distribution.
26 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
27 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
28 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
29 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
30 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
31 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
32 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
36 #include <linux/file.h>
38 #include <linux/slab.h>
39 #include <linux/sched.h>
41 #include <linux/uaccess.h>
43 #include <rdma/uverbs_types.h>
44 #include <rdma/uverbs_std_types.h>
45 #include "rdma_core.h"
48 #include "core_priv.h"
51 * Copy a response to userspace. If the provided 'resp' is larger than the
52 * user buffer it is silently truncated. If the user provided a larger buffer
53 * then the trailing portion is zero filled.
55 * These semantics are intended to support future extension of the output
58 static int uverbs_response(struct uverbs_attr_bundle *attrs, const void *resp,
63 if (uverbs_attr_is_valid(attrs, UVERBS_ATTR_CORE_OUT))
64 return uverbs_copy_to_struct_or_zero(
65 attrs, UVERBS_ATTR_CORE_OUT, resp, resp_len);
67 if (copy_to_user(attrs->ucore.outbuf, resp,
68 min(attrs->ucore.outlen, resp_len)))
71 if (resp_len < attrs->ucore.outlen) {
73 * Zero fill any extra memory that user
74 * space might have provided.
76 ret = clear_user(attrs->ucore.outbuf + resp_len,
77 attrs->ucore.outlen - resp_len);
86 * Copy a request from userspace. If the provided 'req' is larger than the
87 * user buffer then the user buffer is zero extended into the 'req'. If 'req'
88 * is smaller than the user buffer then the uncopied bytes in the user buffer
91 static int uverbs_request(struct uverbs_attr_bundle *attrs, void *req,
94 if (copy_from_user(req, attrs->ucore.inbuf,
95 min(attrs->ucore.inlen, req_len)))
98 if (attrs->ucore.inlen < req_len) {
99 memset(req + attrs->ucore.inlen, 0,
100 req_len - attrs->ucore.inlen);
101 } else if (attrs->ucore.inlen > req_len) {
102 if (!ib_is_buffer_cleared(attrs->ucore.inbuf + req_len,
103 attrs->ucore.inlen - req_len))
110 * Generate the value for the 'response_length' protocol used by write_ex.
111 * This is the number of bytes the kernel actually wrote. Userspace can use
112 * this to detect what structure members in the response the kernel
115 static u32 uverbs_response_length(struct uverbs_attr_bundle *attrs,
118 return min_t(size_t, attrs->ucore.outlen, resp_len);
122 * The iterator version of the request interface is for handlers that need to
123 * step over a flex array at the end of a command header.
125 struct uverbs_req_iter {
126 const void __user *cur;
127 const void __user *end;
130 static int uverbs_request_start(struct uverbs_attr_bundle *attrs,
131 struct uverbs_req_iter *iter,
135 if (attrs->ucore.inlen < req_len)
138 if (copy_from_user(req, attrs->ucore.inbuf, req_len))
141 iter->cur = attrs->ucore.inbuf + req_len;
142 iter->end = attrs->ucore.inbuf + attrs->ucore.inlen;
146 static int uverbs_request_next(struct uverbs_req_iter *iter, void *val,
149 if (iter->cur + len > iter->end)
152 if (copy_from_user(val, iter->cur, len))
159 static const void __user *uverbs_request_next_ptr(struct uverbs_req_iter *iter,
162 const void __user *res = iter->cur;
164 if (iter->cur + len > iter->end)
165 return (void __force __user *)ERR_PTR(-ENOSPC);
170 static int uverbs_request_finish(struct uverbs_req_iter *iter)
172 if (!ib_is_buffer_cleared(iter->cur, iter->end - iter->cur))
178 * When calling a destroy function during an error unwind we need to pass in
179 * the udata that is sanitized of all user arguments. Ie from the driver
180 * perspective it looks like no udata was passed.
182 struct ib_udata *uverbs_get_cleared_udata(struct uverbs_attr_bundle *attrs)
184 attrs->driver_udata = (struct ib_udata){};
185 return &attrs->driver_udata;
188 static struct ib_uverbs_completion_event_file *
189 _ib_uverbs_lookup_comp_file(s32 fd, struct uverbs_attr_bundle *attrs)
191 struct ib_uobject *uobj = ufd_get_read(UVERBS_OBJECT_COMP_CHANNEL,
197 uverbs_uobject_get(uobj);
200 return container_of(uobj, struct ib_uverbs_completion_event_file,
203 #define ib_uverbs_lookup_comp_file(_fd, _ufile) \
204 _ib_uverbs_lookup_comp_file((_fd)*typecheck(s32, _fd), _ufile)
206 int ib_alloc_ucontext(struct uverbs_attr_bundle *attrs)
208 struct ib_uverbs_file *ufile = attrs->ufile;
209 struct ib_ucontext *ucontext;
210 struct ib_device *ib_dev;
212 ib_dev = srcu_dereference(ufile->device->ib_dev,
213 &ufile->device->disassociate_srcu);
217 ucontext = rdma_zalloc_drv_obj(ib_dev, ib_ucontext);
221 ucontext->res.type = RDMA_RESTRACK_CTX;
222 ucontext->device = ib_dev;
223 ucontext->ufile = ufile;
224 xa_init_flags(&ucontext->mmap_xa, XA_FLAGS_ALLOC);
225 attrs->context = ucontext;
229 int ib_init_ucontext(struct uverbs_attr_bundle *attrs)
231 struct ib_ucontext *ucontext = attrs->context;
232 struct ib_uverbs_file *file = attrs->ufile;
235 if (!down_read_trylock(&file->hw_destroy_rwsem))
237 mutex_lock(&file->ucontext_lock);
238 if (file->ucontext) {
243 ret = ib_rdmacg_try_charge(&ucontext->cg_obj, ucontext->device,
244 RDMACG_RESOURCE_HCA_HANDLE);
248 ret = ucontext->device->ops.alloc_ucontext(ucontext,
249 &attrs->driver_udata);
253 rdma_restrack_uadd(&ucontext->res);
256 * Make sure that ib_uverbs_get_ucontext() sees the pointer update
257 * only after all writes to setup the ucontext have completed
259 smp_store_release(&file->ucontext, ucontext);
261 mutex_unlock(&file->ucontext_lock);
262 up_read(&file->hw_destroy_rwsem);
266 ib_rdmacg_uncharge(&ucontext->cg_obj, ucontext->device,
267 RDMACG_RESOURCE_HCA_HANDLE);
269 mutex_unlock(&file->ucontext_lock);
270 up_read(&file->hw_destroy_rwsem);
274 static int ib_uverbs_get_context(struct uverbs_attr_bundle *attrs)
276 struct ib_uverbs_get_context_resp resp;
277 struct ib_uverbs_get_context cmd;
278 struct ib_device *ib_dev;
279 struct ib_uobject *uobj;
282 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
286 ret = ib_alloc_ucontext(attrs);
290 uobj = uobj_alloc(UVERBS_OBJECT_ASYNC_EVENT, attrs, &ib_dev);
296 resp = (struct ib_uverbs_get_context_resp){
297 .num_comp_vectors = attrs->ufile->device->num_comp_vectors,
298 .async_fd = uobj->id,
300 ret = uverbs_response(attrs, &resp, sizeof(resp));
304 ret = ib_init_ucontext(attrs);
308 ib_uverbs_init_async_event_file(
309 container_of(uobj, struct ib_uverbs_async_event_file, uobj));
310 rdma_alloc_commit_uobject(uobj, attrs);
314 rdma_alloc_abort_uobject(uobj, attrs);
316 kfree(attrs->context);
317 attrs->context = NULL;
321 static void copy_query_dev_fields(struct ib_ucontext *ucontext,
322 struct ib_uverbs_query_device_resp *resp,
323 struct ib_device_attr *attr)
325 struct ib_device *ib_dev = ucontext->device;
327 resp->fw_ver = attr->fw_ver;
328 resp->node_guid = ib_dev->node_guid;
329 resp->sys_image_guid = attr->sys_image_guid;
330 resp->max_mr_size = attr->max_mr_size;
331 resp->page_size_cap = attr->page_size_cap;
332 resp->vendor_id = attr->vendor_id;
333 resp->vendor_part_id = attr->vendor_part_id;
334 resp->hw_ver = attr->hw_ver;
335 resp->max_qp = attr->max_qp;
336 resp->max_qp_wr = attr->max_qp_wr;
337 resp->device_cap_flags = lower_32_bits(attr->device_cap_flags);
338 resp->max_sge = min(attr->max_send_sge, attr->max_recv_sge);
339 resp->max_sge_rd = attr->max_sge_rd;
340 resp->max_cq = attr->max_cq;
341 resp->max_cqe = attr->max_cqe;
342 resp->max_mr = attr->max_mr;
343 resp->max_pd = attr->max_pd;
344 resp->max_qp_rd_atom = attr->max_qp_rd_atom;
345 resp->max_ee_rd_atom = attr->max_ee_rd_atom;
346 resp->max_res_rd_atom = attr->max_res_rd_atom;
347 resp->max_qp_init_rd_atom = attr->max_qp_init_rd_atom;
348 resp->max_ee_init_rd_atom = attr->max_ee_init_rd_atom;
349 resp->atomic_cap = attr->atomic_cap;
350 resp->max_ee = attr->max_ee;
351 resp->max_rdd = attr->max_rdd;
352 resp->max_mw = attr->max_mw;
353 resp->max_raw_ipv6_qp = attr->max_raw_ipv6_qp;
354 resp->max_raw_ethy_qp = attr->max_raw_ethy_qp;
355 resp->max_mcast_grp = attr->max_mcast_grp;
356 resp->max_mcast_qp_attach = attr->max_mcast_qp_attach;
357 resp->max_total_mcast_qp_attach = attr->max_total_mcast_qp_attach;
358 resp->max_ah = attr->max_ah;
359 resp->max_fmr = attr->max_fmr;
360 resp->max_map_per_fmr = attr->max_map_per_fmr;
361 resp->max_srq = attr->max_srq;
362 resp->max_srq_wr = attr->max_srq_wr;
363 resp->max_srq_sge = attr->max_srq_sge;
364 resp->max_pkeys = attr->max_pkeys;
365 resp->local_ca_ack_delay = attr->local_ca_ack_delay;
366 resp->phys_port_cnt = ib_dev->phys_port_cnt;
369 static int ib_uverbs_query_device(struct uverbs_attr_bundle *attrs)
371 struct ib_uverbs_query_device cmd;
372 struct ib_uverbs_query_device_resp resp;
373 struct ib_ucontext *ucontext;
376 ucontext = ib_uverbs_get_ucontext(attrs);
377 if (IS_ERR(ucontext))
378 return PTR_ERR(ucontext);
380 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
384 memset(&resp, 0, sizeof resp);
385 copy_query_dev_fields(ucontext, &resp, &ucontext->device->attrs);
387 return uverbs_response(attrs, &resp, sizeof(resp));
390 static int ib_uverbs_query_port(struct uverbs_attr_bundle *attrs)
392 struct ib_uverbs_query_port cmd;
393 struct ib_uverbs_query_port_resp resp;
394 struct ib_port_attr attr;
396 struct ib_ucontext *ucontext;
397 struct ib_device *ib_dev;
399 ucontext = ib_uverbs_get_ucontext(attrs);
400 if (IS_ERR(ucontext))
401 return PTR_ERR(ucontext);
402 ib_dev = ucontext->device;
404 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
408 ret = ib_query_port(ib_dev, cmd.port_num, &attr);
412 memset(&resp, 0, sizeof resp);
413 copy_port_attr_to_resp(&attr, &resp, ib_dev, cmd.port_num);
415 return uverbs_response(attrs, &resp, sizeof(resp));
418 static int ib_uverbs_alloc_pd(struct uverbs_attr_bundle *attrs)
420 struct ib_uverbs_alloc_pd cmd;
421 struct ib_uverbs_alloc_pd_resp resp;
422 struct ib_uobject *uobj;
425 struct ib_device *ib_dev;
427 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
431 uobj = uobj_alloc(UVERBS_OBJECT_PD, attrs, &ib_dev);
433 return PTR_ERR(uobj);
435 pd = rdma_zalloc_drv_obj(ib_dev, ib_pd);
443 pd->__internal_mr = NULL;
444 atomic_set(&pd->usecnt, 0);
445 pd->res.type = RDMA_RESTRACK_PD;
447 ret = ib_dev->ops.alloc_pd(pd, &attrs->driver_udata);
452 memset(&resp, 0, sizeof resp);
453 resp.pd_handle = uobj->id;
454 rdma_restrack_uadd(&pd->res);
456 ret = uverbs_response(attrs, &resp, sizeof(resp));
460 rdma_alloc_commit_uobject(uobj, attrs);
464 ib_dealloc_pd_user(pd, uverbs_get_cleared_udata(attrs));
469 uobj_alloc_abort(uobj, attrs);
473 static int ib_uverbs_dealloc_pd(struct uverbs_attr_bundle *attrs)
475 struct ib_uverbs_dealloc_pd cmd;
478 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
482 return uobj_perform_destroy(UVERBS_OBJECT_PD, cmd.pd_handle, attrs);
485 struct xrcd_table_entry {
487 struct ib_xrcd *xrcd;
491 static int xrcd_table_insert(struct ib_uverbs_device *dev,
493 struct ib_xrcd *xrcd)
495 struct xrcd_table_entry *entry, *scan;
496 struct rb_node **p = &dev->xrcd_tree.rb_node;
497 struct rb_node *parent = NULL;
499 entry = kmalloc(sizeof *entry, GFP_KERNEL);
504 entry->inode = inode;
508 scan = rb_entry(parent, struct xrcd_table_entry, node);
510 if (inode < scan->inode) {
512 } else if (inode > scan->inode) {
520 rb_link_node(&entry->node, parent, p);
521 rb_insert_color(&entry->node, &dev->xrcd_tree);
526 static struct xrcd_table_entry *xrcd_table_search(struct ib_uverbs_device *dev,
529 struct xrcd_table_entry *entry;
530 struct rb_node *p = dev->xrcd_tree.rb_node;
533 entry = rb_entry(p, struct xrcd_table_entry, node);
535 if (inode < entry->inode)
537 else if (inode > entry->inode)
546 static struct ib_xrcd *find_xrcd(struct ib_uverbs_device *dev, struct inode *inode)
548 struct xrcd_table_entry *entry;
550 entry = xrcd_table_search(dev, inode);
557 static void xrcd_table_delete(struct ib_uverbs_device *dev,
560 struct xrcd_table_entry *entry;
562 entry = xrcd_table_search(dev, inode);
565 rb_erase(&entry->node, &dev->xrcd_tree);
570 static int ib_uverbs_open_xrcd(struct uverbs_attr_bundle *attrs)
572 struct ib_uverbs_device *ibudev = attrs->ufile->device;
573 struct ib_uverbs_open_xrcd cmd;
574 struct ib_uverbs_open_xrcd_resp resp;
575 struct ib_uxrcd_object *obj;
576 struct ib_xrcd *xrcd = NULL;
577 struct fd f = {NULL, 0};
578 struct inode *inode = NULL;
581 struct ib_device *ib_dev;
583 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
587 mutex_lock(&ibudev->xrcd_tree_mutex);
590 /* search for file descriptor */
594 goto err_tree_mutex_unlock;
597 inode = file_inode(f.file);
598 xrcd = find_xrcd(ibudev, inode);
599 if (!xrcd && !(cmd.oflags & O_CREAT)) {
600 /* no file descriptor. Need CREATE flag */
602 goto err_tree_mutex_unlock;
605 if (xrcd && cmd.oflags & O_EXCL) {
607 goto err_tree_mutex_unlock;
611 obj = (struct ib_uxrcd_object *)uobj_alloc(UVERBS_OBJECT_XRCD, attrs,
615 goto err_tree_mutex_unlock;
619 xrcd = ib_dev->ops.alloc_xrcd(ib_dev, &attrs->driver_udata);
626 xrcd->device = ib_dev;
627 atomic_set(&xrcd->usecnt, 0);
628 mutex_init(&xrcd->tgt_qp_mutex);
629 INIT_LIST_HEAD(&xrcd->tgt_qp_list);
633 atomic_set(&obj->refcnt, 0);
634 obj->uobject.object = xrcd;
635 memset(&resp, 0, sizeof resp);
636 resp.xrcd_handle = obj->uobject.id;
640 /* create new inode/xrcd table entry */
641 ret = xrcd_table_insert(ibudev, inode, xrcd);
643 goto err_dealloc_xrcd;
645 atomic_inc(&xrcd->usecnt);
648 ret = uverbs_response(attrs, &resp, sizeof(resp));
655 mutex_unlock(&ibudev->xrcd_tree_mutex);
657 rdma_alloc_commit_uobject(&obj->uobject, attrs);
663 xrcd_table_delete(ibudev, inode);
664 atomic_dec(&xrcd->usecnt);
668 ib_dealloc_xrcd(xrcd, uverbs_get_cleared_udata(attrs));
671 uobj_alloc_abort(&obj->uobject, attrs);
673 err_tree_mutex_unlock:
677 mutex_unlock(&ibudev->xrcd_tree_mutex);
682 static int ib_uverbs_close_xrcd(struct uverbs_attr_bundle *attrs)
684 struct ib_uverbs_close_xrcd cmd;
687 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
691 return uobj_perform_destroy(UVERBS_OBJECT_XRCD, cmd.xrcd_handle, attrs);
694 int ib_uverbs_dealloc_xrcd(struct ib_uobject *uobject, struct ib_xrcd *xrcd,
695 enum rdma_remove_reason why,
696 struct uverbs_attr_bundle *attrs)
700 struct ib_uverbs_device *dev = attrs->ufile->device;
703 if (inode && !atomic_dec_and_test(&xrcd->usecnt))
706 ret = ib_dealloc_xrcd(xrcd, &attrs->driver_udata);
708 if (ib_is_destroy_retryable(ret, why, uobject)) {
709 atomic_inc(&xrcd->usecnt);
714 xrcd_table_delete(dev, inode);
719 static int ib_uverbs_reg_mr(struct uverbs_attr_bundle *attrs)
721 struct ib_uverbs_reg_mr cmd;
722 struct ib_uverbs_reg_mr_resp resp;
723 struct ib_uobject *uobj;
727 struct ib_device *ib_dev;
729 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
733 if ((cmd.start & ~PAGE_MASK) != (cmd.hca_va & ~PAGE_MASK))
736 ret = ib_check_mr_access(cmd.access_flags);
740 uobj = uobj_alloc(UVERBS_OBJECT_MR, attrs, &ib_dev);
742 return PTR_ERR(uobj);
744 pd = uobj_get_obj_read(pd, UVERBS_OBJECT_PD, cmd.pd_handle, attrs);
750 if (cmd.access_flags & IB_ACCESS_ON_DEMAND) {
751 if (!(pd->device->attrs.device_cap_flags &
752 IB_DEVICE_ON_DEMAND_PAGING)) {
753 pr_debug("ODP support not available\n");
759 mr = pd->device->ops.reg_user_mr(pd, cmd.start, cmd.length, cmd.hca_va,
761 &attrs->driver_udata);
767 mr->device = pd->device;
769 mr->type = IB_MR_TYPE_USER;
771 mr->sig_attrs = NULL;
773 atomic_inc(&pd->usecnt);
774 mr->res.type = RDMA_RESTRACK_MR;
775 rdma_restrack_uadd(&mr->res);
779 memset(&resp, 0, sizeof resp);
780 resp.lkey = mr->lkey;
781 resp.rkey = mr->rkey;
782 resp.mr_handle = uobj->id;
784 ret = uverbs_response(attrs, &resp, sizeof(resp));
788 uobj_put_obj_read(pd);
790 rdma_alloc_commit_uobject(uobj, attrs);
794 ib_dereg_mr_user(mr, uverbs_get_cleared_udata(attrs));
797 uobj_put_obj_read(pd);
800 uobj_alloc_abort(uobj, attrs);
804 static int ib_uverbs_rereg_mr(struct uverbs_attr_bundle *attrs)
806 struct ib_uverbs_rereg_mr cmd;
807 struct ib_uverbs_rereg_mr_resp resp;
808 struct ib_pd *pd = NULL;
810 struct ib_pd *old_pd;
812 struct ib_uobject *uobj;
814 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
818 if (cmd.flags & ~IB_MR_REREG_SUPPORTED || !cmd.flags)
821 if ((cmd.flags & IB_MR_REREG_TRANS) &&
822 (!cmd.start || !cmd.hca_va || 0 >= cmd.length ||
823 (cmd.start & ~PAGE_MASK) != (cmd.hca_va & ~PAGE_MASK)))
826 uobj = uobj_get_write(UVERBS_OBJECT_MR, cmd.mr_handle, attrs);
828 return PTR_ERR(uobj);
837 if (cmd.flags & IB_MR_REREG_ACCESS) {
838 ret = ib_check_mr_access(cmd.access_flags);
843 if (cmd.flags & IB_MR_REREG_PD) {
844 pd = uobj_get_obj_read(pd, UVERBS_OBJECT_PD, cmd.pd_handle,
853 ret = mr->device->ops.rereg_user_mr(mr, cmd.flags, cmd.start,
854 cmd.length, cmd.hca_va,
855 cmd.access_flags, pd,
856 &attrs->driver_udata);
860 if (cmd.flags & IB_MR_REREG_PD) {
861 atomic_inc(&pd->usecnt);
863 atomic_dec(&old_pd->usecnt);
866 memset(&resp, 0, sizeof(resp));
867 resp.lkey = mr->lkey;
868 resp.rkey = mr->rkey;
870 ret = uverbs_response(attrs, &resp, sizeof(resp));
873 if (cmd.flags & IB_MR_REREG_PD)
874 uobj_put_obj_read(pd);
877 uobj_put_write(uobj);
882 static int ib_uverbs_dereg_mr(struct uverbs_attr_bundle *attrs)
884 struct ib_uverbs_dereg_mr cmd;
887 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
891 return uobj_perform_destroy(UVERBS_OBJECT_MR, cmd.mr_handle, attrs);
894 static int ib_uverbs_alloc_mw(struct uverbs_attr_bundle *attrs)
896 struct ib_uverbs_alloc_mw cmd;
897 struct ib_uverbs_alloc_mw_resp resp;
898 struct ib_uobject *uobj;
902 struct ib_device *ib_dev;
904 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
908 uobj = uobj_alloc(UVERBS_OBJECT_MW, attrs, &ib_dev);
910 return PTR_ERR(uobj);
912 pd = uobj_get_obj_read(pd, UVERBS_OBJECT_PD, cmd.pd_handle, attrs);
918 if (cmd.mw_type != IB_MW_TYPE_1 && cmd.mw_type != IB_MW_TYPE_2) {
923 mw = pd->device->ops.alloc_mw(pd, cmd.mw_type, &attrs->driver_udata);
929 mw->device = pd->device;
932 atomic_inc(&pd->usecnt);
936 memset(&resp, 0, sizeof(resp));
937 resp.rkey = mw->rkey;
938 resp.mw_handle = uobj->id;
940 ret = uverbs_response(attrs, &resp, sizeof(resp));
944 uobj_put_obj_read(pd);
945 rdma_alloc_commit_uobject(uobj, attrs);
949 uverbs_dealloc_mw(mw);
951 uobj_put_obj_read(pd);
953 uobj_alloc_abort(uobj, attrs);
957 static int ib_uverbs_dealloc_mw(struct uverbs_attr_bundle *attrs)
959 struct ib_uverbs_dealloc_mw cmd;
962 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
966 return uobj_perform_destroy(UVERBS_OBJECT_MW, cmd.mw_handle, attrs);
969 static int ib_uverbs_create_comp_channel(struct uverbs_attr_bundle *attrs)
971 struct ib_uverbs_create_comp_channel cmd;
972 struct ib_uverbs_create_comp_channel_resp resp;
973 struct ib_uobject *uobj;
974 struct ib_uverbs_completion_event_file *ev_file;
975 struct ib_device *ib_dev;
978 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
982 uobj = uobj_alloc(UVERBS_OBJECT_COMP_CHANNEL, attrs, &ib_dev);
984 return PTR_ERR(uobj);
988 ev_file = container_of(uobj, struct ib_uverbs_completion_event_file,
990 ib_uverbs_init_event_queue(&ev_file->ev_queue);
992 ret = uverbs_response(attrs, &resp, sizeof(resp));
994 uobj_alloc_abort(uobj, attrs);
998 rdma_alloc_commit_uobject(uobj, attrs);
1002 static struct ib_ucq_object *create_cq(struct uverbs_attr_bundle *attrs,
1003 struct ib_uverbs_ex_create_cq *cmd)
1005 struct ib_ucq_object *obj;
1006 struct ib_uverbs_completion_event_file *ev_file = NULL;
1009 struct ib_uverbs_ex_create_cq_resp resp;
1010 struct ib_cq_init_attr attr = {};
1011 struct ib_device *ib_dev;
1013 if (cmd->comp_vector >= attrs->ufile->device->num_comp_vectors)
1014 return ERR_PTR(-EINVAL);
1016 obj = (struct ib_ucq_object *)uobj_alloc(UVERBS_OBJECT_CQ, attrs,
1021 if (cmd->comp_channel >= 0) {
1022 ev_file = ib_uverbs_lookup_comp_file(cmd->comp_channel, attrs);
1023 if (IS_ERR(ev_file)) {
1024 ret = PTR_ERR(ev_file);
1029 obj->uevent.uobject.user_handle = cmd->user_handle;
1030 INIT_LIST_HEAD(&obj->comp_list);
1031 INIT_LIST_HEAD(&obj->uevent.event_list);
1033 attr.cqe = cmd->cqe;
1034 attr.comp_vector = cmd->comp_vector;
1035 attr.flags = cmd->flags;
1037 cq = rdma_zalloc_drv_obj(ib_dev, ib_cq);
1042 cq->device = ib_dev;
1044 cq->comp_handler = ib_uverbs_comp_handler;
1045 cq->event_handler = ib_uverbs_cq_event_handler;
1046 cq->cq_context = ev_file ? &ev_file->ev_queue : NULL;
1047 atomic_set(&cq->usecnt, 0);
1049 ret = ib_dev->ops.create_cq(cq, &attr, &attrs->driver_udata);
1053 obj->uevent.uobject.object = cq;
1054 memset(&resp, 0, sizeof resp);
1055 resp.base.cq_handle = obj->uevent.uobject.id;
1056 resp.base.cqe = cq->cqe;
1057 resp.response_length = uverbs_response_length(attrs, sizeof(resp));
1059 cq->res.type = RDMA_RESTRACK_CQ;
1060 rdma_restrack_uadd(&cq->res);
1062 ret = uverbs_response(attrs, &resp, sizeof(resp));
1066 rdma_alloc_commit_uobject(&obj->uevent.uobject, attrs);
1070 ib_destroy_cq_user(cq, uverbs_get_cleared_udata(attrs));
1076 ib_uverbs_release_ucq(ev_file, obj);
1079 uobj_alloc_abort(&obj->uevent.uobject, attrs);
1081 return ERR_PTR(ret);
1084 static int ib_uverbs_create_cq(struct uverbs_attr_bundle *attrs)
1086 struct ib_uverbs_create_cq cmd;
1087 struct ib_uverbs_ex_create_cq cmd_ex;
1088 struct ib_ucq_object *obj;
1091 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
1095 memset(&cmd_ex, 0, sizeof(cmd_ex));
1096 cmd_ex.user_handle = cmd.user_handle;
1097 cmd_ex.cqe = cmd.cqe;
1098 cmd_ex.comp_vector = cmd.comp_vector;
1099 cmd_ex.comp_channel = cmd.comp_channel;
1101 obj = create_cq(attrs, &cmd_ex);
1102 return PTR_ERR_OR_ZERO(obj);
1105 static int ib_uverbs_ex_create_cq(struct uverbs_attr_bundle *attrs)
1107 struct ib_uverbs_ex_create_cq cmd;
1108 struct ib_ucq_object *obj;
1111 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
1121 obj = create_cq(attrs, &cmd);
1122 return PTR_ERR_OR_ZERO(obj);
1125 static int ib_uverbs_resize_cq(struct uverbs_attr_bundle *attrs)
1127 struct ib_uverbs_resize_cq cmd;
1128 struct ib_uverbs_resize_cq_resp resp = {};
1132 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
1136 cq = uobj_get_obj_read(cq, UVERBS_OBJECT_CQ, cmd.cq_handle, attrs);
1140 ret = cq->device->ops.resize_cq(cq, cmd.cqe, &attrs->driver_udata);
1146 ret = uverbs_response(attrs, &resp, sizeof(resp));
1148 rdma_lookup_put_uobject(&cq->uobject->uevent.uobject,
1149 UVERBS_LOOKUP_READ);
1154 static int copy_wc_to_user(struct ib_device *ib_dev, void __user *dest,
1157 struct ib_uverbs_wc tmp;
1159 tmp.wr_id = wc->wr_id;
1160 tmp.status = wc->status;
1161 tmp.opcode = wc->opcode;
1162 tmp.vendor_err = wc->vendor_err;
1163 tmp.byte_len = wc->byte_len;
1164 tmp.ex.imm_data = wc->ex.imm_data;
1165 tmp.qp_num = wc->qp->qp_num;
1166 tmp.src_qp = wc->src_qp;
1167 tmp.wc_flags = wc->wc_flags;
1168 tmp.pkey_index = wc->pkey_index;
1169 if (rdma_cap_opa_ah(ib_dev, wc->port_num))
1170 tmp.slid = OPA_TO_IB_UCAST_LID(wc->slid);
1172 tmp.slid = ib_lid_cpu16(wc->slid);
1174 tmp.dlid_path_bits = wc->dlid_path_bits;
1175 tmp.port_num = wc->port_num;
1178 if (copy_to_user(dest, &tmp, sizeof tmp))
1184 static int ib_uverbs_poll_cq(struct uverbs_attr_bundle *attrs)
1186 struct ib_uverbs_poll_cq cmd;
1187 struct ib_uverbs_poll_cq_resp resp;
1188 u8 __user *header_ptr;
1189 u8 __user *data_ptr;
1194 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
1198 cq = uobj_get_obj_read(cq, UVERBS_OBJECT_CQ, cmd.cq_handle, attrs);
1202 /* we copy a struct ib_uverbs_poll_cq_resp to user space */
1203 header_ptr = attrs->ucore.outbuf;
1204 data_ptr = header_ptr + sizeof resp;
1206 memset(&resp, 0, sizeof resp);
1207 while (resp.count < cmd.ne) {
1208 ret = ib_poll_cq(cq, 1, &wc);
1214 ret = copy_wc_to_user(cq->device, data_ptr, &wc);
1218 data_ptr += sizeof(struct ib_uverbs_wc);
1222 if (copy_to_user(header_ptr, &resp, sizeof resp)) {
1228 if (uverbs_attr_is_valid(attrs, UVERBS_ATTR_CORE_OUT))
1229 ret = uverbs_output_written(attrs, UVERBS_ATTR_CORE_OUT);
1232 rdma_lookup_put_uobject(&cq->uobject->uevent.uobject,
1233 UVERBS_LOOKUP_READ);
1237 static int ib_uverbs_req_notify_cq(struct uverbs_attr_bundle *attrs)
1239 struct ib_uverbs_req_notify_cq cmd;
1243 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
1247 cq = uobj_get_obj_read(cq, UVERBS_OBJECT_CQ, cmd.cq_handle, attrs);
1251 ib_req_notify_cq(cq, cmd.solicited_only ?
1252 IB_CQ_SOLICITED : IB_CQ_NEXT_COMP);
1254 rdma_lookup_put_uobject(&cq->uobject->uevent.uobject,
1255 UVERBS_LOOKUP_READ);
1259 static int ib_uverbs_destroy_cq(struct uverbs_attr_bundle *attrs)
1261 struct ib_uverbs_destroy_cq cmd;
1262 struct ib_uverbs_destroy_cq_resp resp;
1263 struct ib_uobject *uobj;
1264 struct ib_ucq_object *obj;
1267 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
1271 uobj = uobj_get_destroy(UVERBS_OBJECT_CQ, cmd.cq_handle, attrs);
1273 return PTR_ERR(uobj);
1275 obj = container_of(uobj, struct ib_ucq_object, uevent.uobject);
1276 memset(&resp, 0, sizeof(resp));
1277 resp.comp_events_reported = obj->comp_events_reported;
1278 resp.async_events_reported = obj->uevent.events_reported;
1280 uobj_put_destroy(uobj);
1282 return uverbs_response(attrs, &resp, sizeof(resp));
1285 static int create_qp(struct uverbs_attr_bundle *attrs,
1286 struct ib_uverbs_ex_create_qp *cmd)
1288 struct ib_uqp_object *obj;
1289 struct ib_device *device;
1290 struct ib_pd *pd = NULL;
1291 struct ib_xrcd *xrcd = NULL;
1292 struct ib_uobject *xrcd_uobj = ERR_PTR(-ENOENT);
1293 struct ib_cq *scq = NULL, *rcq = NULL;
1294 struct ib_srq *srq = NULL;
1296 struct ib_qp_init_attr attr = {};
1297 struct ib_uverbs_ex_create_qp_resp resp;
1299 struct ib_rwq_ind_table *ind_tbl = NULL;
1301 struct ib_device *ib_dev;
1303 if (cmd->qp_type == IB_QPT_RAW_PACKET && !capable(CAP_NET_RAW))
1306 obj = (struct ib_uqp_object *)uobj_alloc(UVERBS_OBJECT_QP, attrs,
1309 return PTR_ERR(obj);
1311 obj->uevent.uobject.user_handle = cmd->user_handle;
1312 mutex_init(&obj->mcast_lock);
1314 if (cmd->comp_mask & IB_UVERBS_CREATE_QP_MASK_IND_TABLE) {
1315 ind_tbl = uobj_get_obj_read(rwq_ind_table,
1316 UVERBS_OBJECT_RWQ_IND_TBL,
1317 cmd->rwq_ind_tbl_handle, attrs);
1323 attr.rwq_ind_tbl = ind_tbl;
1326 if (ind_tbl && (cmd->max_recv_wr || cmd->max_recv_sge || cmd->is_srq)) {
1331 if (ind_tbl && !cmd->max_send_wr)
1334 if (cmd->qp_type == IB_QPT_XRC_TGT) {
1335 xrcd_uobj = uobj_get_read(UVERBS_OBJECT_XRCD, cmd->pd_handle,
1338 if (IS_ERR(xrcd_uobj)) {
1343 xrcd = (struct ib_xrcd *)xrcd_uobj->object;
1348 device = xrcd->device;
1350 if (cmd->qp_type == IB_QPT_XRC_INI) {
1351 cmd->max_recv_wr = 0;
1352 cmd->max_recv_sge = 0;
1355 srq = uobj_get_obj_read(srq, UVERBS_OBJECT_SRQ,
1356 cmd->srq_handle, attrs);
1357 if (!srq || srq->srq_type == IB_SRQT_XRC) {
1364 if (cmd->recv_cq_handle != cmd->send_cq_handle) {
1365 rcq = uobj_get_obj_read(
1366 cq, UVERBS_OBJECT_CQ,
1367 cmd->recv_cq_handle, attrs);
1377 scq = uobj_get_obj_read(cq, UVERBS_OBJECT_CQ,
1378 cmd->send_cq_handle, attrs);
1381 pd = uobj_get_obj_read(pd, UVERBS_OBJECT_PD, cmd->pd_handle,
1383 if (!pd || (!scq && has_sq)) {
1388 device = pd->device;
1391 attr.event_handler = ib_uverbs_qp_event_handler;
1396 attr.sq_sig_type = cmd->sq_sig_all ? IB_SIGNAL_ALL_WR :
1398 attr.qp_type = cmd->qp_type;
1399 attr.create_flags = 0;
1401 attr.cap.max_send_wr = cmd->max_send_wr;
1402 attr.cap.max_recv_wr = cmd->max_recv_wr;
1403 attr.cap.max_send_sge = cmd->max_send_sge;
1404 attr.cap.max_recv_sge = cmd->max_recv_sge;
1405 attr.cap.max_inline_data = cmd->max_inline_data;
1407 INIT_LIST_HEAD(&obj->uevent.event_list);
1408 INIT_LIST_HEAD(&obj->mcast_list);
1410 attr.create_flags = cmd->create_flags;
1411 if (attr.create_flags & ~(IB_QP_CREATE_BLOCK_MULTICAST_LOOPBACK |
1412 IB_QP_CREATE_CROSS_CHANNEL |
1413 IB_QP_CREATE_MANAGED_SEND |
1414 IB_QP_CREATE_MANAGED_RECV |
1415 IB_QP_CREATE_SCATTER_FCS |
1416 IB_QP_CREATE_CVLAN_STRIPPING |
1417 IB_QP_CREATE_SOURCE_QPN |
1418 IB_QP_CREATE_PCI_WRITE_END_PADDING)) {
1423 if (attr.create_flags & IB_QP_CREATE_SOURCE_QPN) {
1424 if (!capable(CAP_NET_RAW)) {
1429 attr.source_qpn = cmd->source_qpn;
1432 if (cmd->qp_type == IB_QPT_XRC_TGT)
1433 qp = ib_create_qp(pd, &attr);
1435 qp = _ib_create_qp(device, pd, &attr, &attrs->driver_udata,
1443 if (cmd->qp_type != IB_QPT_XRC_TGT) {
1444 ret = ib_create_qp_security(qp, device);
1449 qp->send_cq = attr.send_cq;
1450 qp->recv_cq = attr.recv_cq;
1452 qp->rwq_ind_tbl = ind_tbl;
1453 qp->event_handler = attr.event_handler;
1454 qp->qp_type = attr.qp_type;
1455 atomic_set(&qp->usecnt, 0);
1456 atomic_inc(&pd->usecnt);
1459 atomic_inc(&attr.send_cq->usecnt);
1461 atomic_inc(&attr.recv_cq->usecnt);
1463 atomic_inc(&attr.srq->usecnt);
1465 atomic_inc(&ind_tbl->usecnt);
1467 /* It is done in _ib_create_qp for other QP types */
1471 obj->uevent.uobject.object = qp;
1473 memset(&resp, 0, sizeof resp);
1474 resp.base.qpn = qp->qp_num;
1475 resp.base.qp_handle = obj->uevent.uobject.id;
1476 resp.base.max_recv_sge = attr.cap.max_recv_sge;
1477 resp.base.max_send_sge = attr.cap.max_send_sge;
1478 resp.base.max_recv_wr = attr.cap.max_recv_wr;
1479 resp.base.max_send_wr = attr.cap.max_send_wr;
1480 resp.base.max_inline_data = attr.cap.max_inline_data;
1481 resp.response_length = uverbs_response_length(attrs, sizeof(resp));
1483 ret = uverbs_response(attrs, &resp, sizeof(resp));
1488 obj->uxrcd = container_of(xrcd_uobj, struct ib_uxrcd_object,
1490 atomic_inc(&obj->uxrcd->refcnt);
1491 uobj_put_read(xrcd_uobj);
1495 uobj_put_obj_read(pd);
1497 rdma_lookup_put_uobject(&scq->uobject->uevent.uobject,
1498 UVERBS_LOOKUP_READ);
1499 if (rcq && rcq != scq)
1500 rdma_lookup_put_uobject(&rcq->uobject->uevent.uobject,
1501 UVERBS_LOOKUP_READ);
1503 rdma_lookup_put_uobject(&srq->uobject->uevent.uobject,
1504 UVERBS_LOOKUP_READ);
1506 uobj_put_obj_read(ind_tbl);
1508 rdma_alloc_commit_uobject(&obj->uevent.uobject, attrs);
1511 ib_destroy_qp_user(qp, uverbs_get_cleared_udata(attrs));
1514 if (!IS_ERR(xrcd_uobj))
1515 uobj_put_read(xrcd_uobj);
1517 uobj_put_obj_read(pd);
1519 rdma_lookup_put_uobject(&scq->uobject->uevent.uobject,
1520 UVERBS_LOOKUP_READ);
1521 if (rcq && rcq != scq)
1522 rdma_lookup_put_uobject(&rcq->uobject->uevent.uobject,
1523 UVERBS_LOOKUP_READ);
1525 rdma_lookup_put_uobject(&srq->uobject->uevent.uobject,
1526 UVERBS_LOOKUP_READ);
1528 uobj_put_obj_read(ind_tbl);
1530 uobj_alloc_abort(&obj->uevent.uobject, attrs);
1534 static int ib_uverbs_create_qp(struct uverbs_attr_bundle *attrs)
1536 struct ib_uverbs_create_qp cmd;
1537 struct ib_uverbs_ex_create_qp cmd_ex;
1540 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
1544 memset(&cmd_ex, 0, sizeof(cmd_ex));
1545 cmd_ex.user_handle = cmd.user_handle;
1546 cmd_ex.pd_handle = cmd.pd_handle;
1547 cmd_ex.send_cq_handle = cmd.send_cq_handle;
1548 cmd_ex.recv_cq_handle = cmd.recv_cq_handle;
1549 cmd_ex.srq_handle = cmd.srq_handle;
1550 cmd_ex.max_send_wr = cmd.max_send_wr;
1551 cmd_ex.max_recv_wr = cmd.max_recv_wr;
1552 cmd_ex.max_send_sge = cmd.max_send_sge;
1553 cmd_ex.max_recv_sge = cmd.max_recv_sge;
1554 cmd_ex.max_inline_data = cmd.max_inline_data;
1555 cmd_ex.sq_sig_all = cmd.sq_sig_all;
1556 cmd_ex.qp_type = cmd.qp_type;
1557 cmd_ex.is_srq = cmd.is_srq;
1559 return create_qp(attrs, &cmd_ex);
1562 static int ib_uverbs_ex_create_qp(struct uverbs_attr_bundle *attrs)
1564 struct ib_uverbs_ex_create_qp cmd;
1567 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
1571 if (cmd.comp_mask & ~IB_UVERBS_CREATE_QP_SUP_COMP_MASK)
1577 return create_qp(attrs, &cmd);
1580 static int ib_uverbs_open_qp(struct uverbs_attr_bundle *attrs)
1582 struct ib_uverbs_open_qp cmd;
1583 struct ib_uverbs_create_qp_resp resp;
1584 struct ib_uqp_object *obj;
1585 struct ib_xrcd *xrcd;
1586 struct ib_uobject *uninitialized_var(xrcd_uobj);
1588 struct ib_qp_open_attr attr = {};
1590 struct ib_device *ib_dev;
1592 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
1596 obj = (struct ib_uqp_object *)uobj_alloc(UVERBS_OBJECT_QP, attrs,
1599 return PTR_ERR(obj);
1601 xrcd_uobj = uobj_get_read(UVERBS_OBJECT_XRCD, cmd.pd_handle, attrs);
1602 if (IS_ERR(xrcd_uobj)) {
1607 xrcd = (struct ib_xrcd *)xrcd_uobj->object;
1613 attr.event_handler = ib_uverbs_qp_event_handler;
1614 attr.qp_num = cmd.qpn;
1615 attr.qp_type = cmd.qp_type;
1617 INIT_LIST_HEAD(&obj->uevent.event_list);
1618 INIT_LIST_HEAD(&obj->mcast_list);
1620 qp = ib_open_qp(xrcd, &attr);
1626 obj->uevent.uobject.object = qp;
1627 obj->uevent.uobject.user_handle = cmd.user_handle;
1629 memset(&resp, 0, sizeof resp);
1630 resp.qpn = qp->qp_num;
1631 resp.qp_handle = obj->uevent.uobject.id;
1633 ret = uverbs_response(attrs, &resp, sizeof(resp));
1637 obj->uxrcd = container_of(xrcd_uobj, struct ib_uxrcd_object, uobject);
1638 atomic_inc(&obj->uxrcd->refcnt);
1640 uobj_put_read(xrcd_uobj);
1642 rdma_alloc_commit_uobject(&obj->uevent.uobject, attrs);
1646 ib_destroy_qp_user(qp, uverbs_get_cleared_udata(attrs));
1648 uobj_put_read(xrcd_uobj);
1650 uobj_alloc_abort(&obj->uevent.uobject, attrs);
1654 static void copy_ah_attr_to_uverbs(struct ib_uverbs_qp_dest *uverb_attr,
1655 struct rdma_ah_attr *rdma_attr)
1657 const struct ib_global_route *grh;
1659 uverb_attr->dlid = rdma_ah_get_dlid(rdma_attr);
1660 uverb_attr->sl = rdma_ah_get_sl(rdma_attr);
1661 uverb_attr->src_path_bits = rdma_ah_get_path_bits(rdma_attr);
1662 uverb_attr->static_rate = rdma_ah_get_static_rate(rdma_attr);
1663 uverb_attr->is_global = !!(rdma_ah_get_ah_flags(rdma_attr) &
1665 if (uverb_attr->is_global) {
1666 grh = rdma_ah_read_grh(rdma_attr);
1667 memcpy(uverb_attr->dgid, grh->dgid.raw, 16);
1668 uverb_attr->flow_label = grh->flow_label;
1669 uverb_attr->sgid_index = grh->sgid_index;
1670 uverb_attr->hop_limit = grh->hop_limit;
1671 uverb_attr->traffic_class = grh->traffic_class;
1673 uverb_attr->port_num = rdma_ah_get_port_num(rdma_attr);
1676 static int ib_uverbs_query_qp(struct uverbs_attr_bundle *attrs)
1678 struct ib_uverbs_query_qp cmd;
1679 struct ib_uverbs_query_qp_resp resp;
1681 struct ib_qp_attr *attr;
1682 struct ib_qp_init_attr *init_attr;
1685 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
1689 attr = kmalloc(sizeof *attr, GFP_KERNEL);
1690 init_attr = kmalloc(sizeof *init_attr, GFP_KERNEL);
1691 if (!attr || !init_attr) {
1696 qp = uobj_get_obj_read(qp, UVERBS_OBJECT_QP, cmd.qp_handle, attrs);
1702 ret = ib_query_qp(qp, attr, cmd.attr_mask, init_attr);
1704 rdma_lookup_put_uobject(&qp->uobject->uevent.uobject,
1705 UVERBS_LOOKUP_READ);
1710 memset(&resp, 0, sizeof resp);
1712 resp.qp_state = attr->qp_state;
1713 resp.cur_qp_state = attr->cur_qp_state;
1714 resp.path_mtu = attr->path_mtu;
1715 resp.path_mig_state = attr->path_mig_state;
1716 resp.qkey = attr->qkey;
1717 resp.rq_psn = attr->rq_psn;
1718 resp.sq_psn = attr->sq_psn;
1719 resp.dest_qp_num = attr->dest_qp_num;
1720 resp.qp_access_flags = attr->qp_access_flags;
1721 resp.pkey_index = attr->pkey_index;
1722 resp.alt_pkey_index = attr->alt_pkey_index;
1723 resp.sq_draining = attr->sq_draining;
1724 resp.max_rd_atomic = attr->max_rd_atomic;
1725 resp.max_dest_rd_atomic = attr->max_dest_rd_atomic;
1726 resp.min_rnr_timer = attr->min_rnr_timer;
1727 resp.port_num = attr->port_num;
1728 resp.timeout = attr->timeout;
1729 resp.retry_cnt = attr->retry_cnt;
1730 resp.rnr_retry = attr->rnr_retry;
1731 resp.alt_port_num = attr->alt_port_num;
1732 resp.alt_timeout = attr->alt_timeout;
1734 copy_ah_attr_to_uverbs(&resp.dest, &attr->ah_attr);
1735 copy_ah_attr_to_uverbs(&resp.alt_dest, &attr->alt_ah_attr);
1737 resp.max_send_wr = init_attr->cap.max_send_wr;
1738 resp.max_recv_wr = init_attr->cap.max_recv_wr;
1739 resp.max_send_sge = init_attr->cap.max_send_sge;
1740 resp.max_recv_sge = init_attr->cap.max_recv_sge;
1741 resp.max_inline_data = init_attr->cap.max_inline_data;
1742 resp.sq_sig_all = init_attr->sq_sig_type == IB_SIGNAL_ALL_WR;
1744 ret = uverbs_response(attrs, &resp, sizeof(resp));
1753 /* Remove ignored fields set in the attribute mask */
1754 static int modify_qp_mask(enum ib_qp_type qp_type, int mask)
1757 case IB_QPT_XRC_INI:
1758 return mask & ~(IB_QP_MAX_DEST_RD_ATOMIC | IB_QP_MIN_RNR_TIMER);
1759 case IB_QPT_XRC_TGT:
1760 return mask & ~(IB_QP_MAX_QP_RD_ATOMIC | IB_QP_RETRY_CNT |
1767 static void copy_ah_attr_from_uverbs(struct ib_device *dev,
1768 struct rdma_ah_attr *rdma_attr,
1769 struct ib_uverbs_qp_dest *uverb_attr)
1771 rdma_attr->type = rdma_ah_find_type(dev, uverb_attr->port_num);
1772 if (uverb_attr->is_global) {
1773 rdma_ah_set_grh(rdma_attr, NULL,
1774 uverb_attr->flow_label,
1775 uverb_attr->sgid_index,
1776 uverb_attr->hop_limit,
1777 uverb_attr->traffic_class);
1778 rdma_ah_set_dgid_raw(rdma_attr, uverb_attr->dgid);
1780 rdma_ah_set_ah_flags(rdma_attr, 0);
1782 rdma_ah_set_dlid(rdma_attr, uverb_attr->dlid);
1783 rdma_ah_set_sl(rdma_attr, uverb_attr->sl);
1784 rdma_ah_set_path_bits(rdma_attr, uverb_attr->src_path_bits);
1785 rdma_ah_set_static_rate(rdma_attr, uverb_attr->static_rate);
1786 rdma_ah_set_port_num(rdma_attr, uverb_attr->port_num);
1787 rdma_ah_set_make_grd(rdma_attr, false);
1790 static int modify_qp(struct uverbs_attr_bundle *attrs,
1791 struct ib_uverbs_ex_modify_qp *cmd)
1793 struct ib_qp_attr *attr;
1797 attr = kzalloc(sizeof(*attr), GFP_KERNEL);
1801 qp = uobj_get_obj_read(qp, UVERBS_OBJECT_QP, cmd->base.qp_handle,
1808 if ((cmd->base.attr_mask & IB_QP_PORT) &&
1809 !rdma_is_port_valid(qp->device, cmd->base.port_num)) {
1814 if ((cmd->base.attr_mask & IB_QP_AV)) {
1815 if (!rdma_is_port_valid(qp->device, cmd->base.dest.port_num)) {
1820 if (cmd->base.attr_mask & IB_QP_STATE &&
1821 cmd->base.qp_state == IB_QPS_RTR) {
1822 /* We are in INIT->RTR TRANSITION (if we are not,
1823 * this transition will be rejected in subsequent checks).
1824 * In the INIT->RTR transition, we cannot have IB_QP_PORT set,
1825 * but the IB_QP_STATE flag is required.
1827 * Since kernel 3.14 (commit dbf727de7440), the uverbs driver,
1828 * when IB_QP_AV is set, has required inclusion of a valid
1829 * port number in the primary AV. (AVs are created and handled
1830 * differently for infiniband and ethernet (RoCE) ports).
1832 * Check the port number included in the primary AV against
1833 * the port number in the qp struct, which was set (and saved)
1834 * in the RST->INIT transition.
1836 if (cmd->base.dest.port_num != qp->real_qp->port) {
1841 /* We are in SQD->SQD. (If we are not, this transition will
1842 * be rejected later in the verbs layer checks).
1843 * Check for both IB_QP_PORT and IB_QP_AV, these can be set
1844 * together in the SQD->SQD transition.
1846 * If only IP_QP_AV was set, add in IB_QP_PORT as well (the
1847 * verbs layer driver does not track primary port changes
1848 * resulting from path migration. Thus, in SQD, if the primary
1849 * AV is modified, the primary port should also be modified).
1851 * Note that in this transition, the IB_QP_STATE flag
1854 if (((cmd->base.attr_mask & (IB_QP_AV | IB_QP_PORT))
1855 == (IB_QP_AV | IB_QP_PORT)) &&
1856 cmd->base.port_num != cmd->base.dest.port_num) {
1860 if ((cmd->base.attr_mask & (IB_QP_AV | IB_QP_PORT))
1862 cmd->base.attr_mask |= IB_QP_PORT;
1863 cmd->base.port_num = cmd->base.dest.port_num;
1868 if ((cmd->base.attr_mask & IB_QP_ALT_PATH) &&
1869 (!rdma_is_port_valid(qp->device, cmd->base.alt_port_num) ||
1870 !rdma_is_port_valid(qp->device, cmd->base.alt_dest.port_num) ||
1871 cmd->base.alt_port_num != cmd->base.alt_dest.port_num)) {
1876 if ((cmd->base.attr_mask & IB_QP_CUR_STATE &&
1877 cmd->base.cur_qp_state > IB_QPS_ERR) ||
1878 (cmd->base.attr_mask & IB_QP_STATE &&
1879 cmd->base.qp_state > IB_QPS_ERR)) {
1884 if (cmd->base.attr_mask & IB_QP_STATE)
1885 attr->qp_state = cmd->base.qp_state;
1886 if (cmd->base.attr_mask & IB_QP_CUR_STATE)
1887 attr->cur_qp_state = cmd->base.cur_qp_state;
1888 if (cmd->base.attr_mask & IB_QP_PATH_MTU)
1889 attr->path_mtu = cmd->base.path_mtu;
1890 if (cmd->base.attr_mask & IB_QP_PATH_MIG_STATE)
1891 attr->path_mig_state = cmd->base.path_mig_state;
1892 if (cmd->base.attr_mask & IB_QP_QKEY)
1893 attr->qkey = cmd->base.qkey;
1894 if (cmd->base.attr_mask & IB_QP_RQ_PSN)
1895 attr->rq_psn = cmd->base.rq_psn;
1896 if (cmd->base.attr_mask & IB_QP_SQ_PSN)
1897 attr->sq_psn = cmd->base.sq_psn;
1898 if (cmd->base.attr_mask & IB_QP_DEST_QPN)
1899 attr->dest_qp_num = cmd->base.dest_qp_num;
1900 if (cmd->base.attr_mask & IB_QP_ACCESS_FLAGS)
1901 attr->qp_access_flags = cmd->base.qp_access_flags;
1902 if (cmd->base.attr_mask & IB_QP_PKEY_INDEX)
1903 attr->pkey_index = cmd->base.pkey_index;
1904 if (cmd->base.attr_mask & IB_QP_EN_SQD_ASYNC_NOTIFY)
1905 attr->en_sqd_async_notify = cmd->base.en_sqd_async_notify;
1906 if (cmd->base.attr_mask & IB_QP_MAX_QP_RD_ATOMIC)
1907 attr->max_rd_atomic = cmd->base.max_rd_atomic;
1908 if (cmd->base.attr_mask & IB_QP_MAX_DEST_RD_ATOMIC)
1909 attr->max_dest_rd_atomic = cmd->base.max_dest_rd_atomic;
1910 if (cmd->base.attr_mask & IB_QP_MIN_RNR_TIMER)
1911 attr->min_rnr_timer = cmd->base.min_rnr_timer;
1912 if (cmd->base.attr_mask & IB_QP_PORT)
1913 attr->port_num = cmd->base.port_num;
1914 if (cmd->base.attr_mask & IB_QP_TIMEOUT)
1915 attr->timeout = cmd->base.timeout;
1916 if (cmd->base.attr_mask & IB_QP_RETRY_CNT)
1917 attr->retry_cnt = cmd->base.retry_cnt;
1918 if (cmd->base.attr_mask & IB_QP_RNR_RETRY)
1919 attr->rnr_retry = cmd->base.rnr_retry;
1920 if (cmd->base.attr_mask & IB_QP_ALT_PATH) {
1921 attr->alt_port_num = cmd->base.alt_port_num;
1922 attr->alt_timeout = cmd->base.alt_timeout;
1923 attr->alt_pkey_index = cmd->base.alt_pkey_index;
1925 if (cmd->base.attr_mask & IB_QP_RATE_LIMIT)
1926 attr->rate_limit = cmd->rate_limit;
1928 if (cmd->base.attr_mask & IB_QP_AV)
1929 copy_ah_attr_from_uverbs(qp->device, &attr->ah_attr,
1932 if (cmd->base.attr_mask & IB_QP_ALT_PATH)
1933 copy_ah_attr_from_uverbs(qp->device, &attr->alt_ah_attr,
1934 &cmd->base.alt_dest);
1936 ret = ib_modify_qp_with_udata(qp, attr,
1937 modify_qp_mask(qp->qp_type,
1938 cmd->base.attr_mask),
1939 &attrs->driver_udata);
1942 rdma_lookup_put_uobject(&qp->uobject->uevent.uobject,
1943 UVERBS_LOOKUP_READ);
1950 static int ib_uverbs_modify_qp(struct uverbs_attr_bundle *attrs)
1952 struct ib_uverbs_ex_modify_qp cmd;
1955 ret = uverbs_request(attrs, &cmd.base, sizeof(cmd.base));
1959 if (cmd.base.attr_mask &
1960 ~((IB_USER_LEGACY_LAST_QP_ATTR_MASK << 1) - 1))
1963 return modify_qp(attrs, &cmd);
1966 static int ib_uverbs_ex_modify_qp(struct uverbs_attr_bundle *attrs)
1968 struct ib_uverbs_ex_modify_qp cmd;
1969 struct ib_uverbs_ex_modify_qp_resp resp = {
1970 .response_length = uverbs_response_length(attrs, sizeof(resp))
1974 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
1979 * Last bit is reserved for extending the attr_mask by
1980 * using another field.
1982 BUILD_BUG_ON(IB_USER_LAST_QP_ATTR_MASK == (1 << 31));
1984 if (cmd.base.attr_mask &
1985 ~((IB_USER_LAST_QP_ATTR_MASK << 1) - 1))
1988 ret = modify_qp(attrs, &cmd);
1992 return uverbs_response(attrs, &resp, sizeof(resp));
1995 static int ib_uverbs_destroy_qp(struct uverbs_attr_bundle *attrs)
1997 struct ib_uverbs_destroy_qp cmd;
1998 struct ib_uverbs_destroy_qp_resp resp;
1999 struct ib_uobject *uobj;
2000 struct ib_uqp_object *obj;
2003 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
2007 uobj = uobj_get_destroy(UVERBS_OBJECT_QP, cmd.qp_handle, attrs);
2009 return PTR_ERR(uobj);
2011 obj = container_of(uobj, struct ib_uqp_object, uevent.uobject);
2012 memset(&resp, 0, sizeof(resp));
2013 resp.events_reported = obj->uevent.events_reported;
2015 uobj_put_destroy(uobj);
2017 return uverbs_response(attrs, &resp, sizeof(resp));
2020 static void *alloc_wr(size_t wr_size, __u32 num_sge)
2022 if (num_sge >= (U32_MAX - ALIGN(wr_size, sizeof (struct ib_sge))) /
2023 sizeof (struct ib_sge))
2026 return kmalloc(ALIGN(wr_size, sizeof (struct ib_sge)) +
2027 num_sge * sizeof (struct ib_sge), GFP_KERNEL);
2030 static int ib_uverbs_post_send(struct uverbs_attr_bundle *attrs)
2032 struct ib_uverbs_post_send cmd;
2033 struct ib_uverbs_post_send_resp resp;
2034 struct ib_uverbs_send_wr *user_wr;
2035 struct ib_send_wr *wr = NULL, *last, *next;
2036 const struct ib_send_wr *bad_wr;
2042 const struct ib_sge __user *sgls;
2043 const void __user *wqes;
2044 struct uverbs_req_iter iter;
2046 ret = uverbs_request_start(attrs, &iter, &cmd, sizeof(cmd));
2049 wqes = uverbs_request_next_ptr(&iter, cmd.wqe_size * cmd.wr_count);
2051 return PTR_ERR(wqes);
2052 sgls = uverbs_request_next_ptr(
2053 &iter, cmd.sge_count * sizeof(struct ib_uverbs_sge));
2055 return PTR_ERR(sgls);
2056 ret = uverbs_request_finish(&iter);
2060 user_wr = kmalloc(cmd.wqe_size, GFP_KERNEL);
2064 qp = uobj_get_obj_read(qp, UVERBS_OBJECT_QP, cmd.qp_handle, attrs);
2070 is_ud = qp->qp_type == IB_QPT_UD;
2073 for (i = 0; i < cmd.wr_count; ++i) {
2074 if (copy_from_user(user_wr, wqes + i * cmd.wqe_size,
2080 if (user_wr->num_sge + sg_ind > cmd.sge_count) {
2086 struct ib_ud_wr *ud;
2088 if (user_wr->opcode != IB_WR_SEND &&
2089 user_wr->opcode != IB_WR_SEND_WITH_IMM) {
2094 next_size = sizeof(*ud);
2095 ud = alloc_wr(next_size, user_wr->num_sge);
2101 ud->ah = uobj_get_obj_read(ah, UVERBS_OBJECT_AH,
2102 user_wr->wr.ud.ah, attrs);
2108 ud->remote_qpn = user_wr->wr.ud.remote_qpn;
2109 ud->remote_qkey = user_wr->wr.ud.remote_qkey;
2112 } else if (user_wr->opcode == IB_WR_RDMA_WRITE_WITH_IMM ||
2113 user_wr->opcode == IB_WR_RDMA_WRITE ||
2114 user_wr->opcode == IB_WR_RDMA_READ) {
2115 struct ib_rdma_wr *rdma;
2117 next_size = sizeof(*rdma);
2118 rdma = alloc_wr(next_size, user_wr->num_sge);
2124 rdma->remote_addr = user_wr->wr.rdma.remote_addr;
2125 rdma->rkey = user_wr->wr.rdma.rkey;
2128 } else if (user_wr->opcode == IB_WR_ATOMIC_CMP_AND_SWP ||
2129 user_wr->opcode == IB_WR_ATOMIC_FETCH_AND_ADD) {
2130 struct ib_atomic_wr *atomic;
2132 next_size = sizeof(*atomic);
2133 atomic = alloc_wr(next_size, user_wr->num_sge);
2139 atomic->remote_addr = user_wr->wr.atomic.remote_addr;
2140 atomic->compare_add = user_wr->wr.atomic.compare_add;
2141 atomic->swap = user_wr->wr.atomic.swap;
2142 atomic->rkey = user_wr->wr.atomic.rkey;
2145 } else if (user_wr->opcode == IB_WR_SEND ||
2146 user_wr->opcode == IB_WR_SEND_WITH_IMM ||
2147 user_wr->opcode == IB_WR_SEND_WITH_INV) {
2148 next_size = sizeof(*next);
2149 next = alloc_wr(next_size, user_wr->num_sge);
2159 if (user_wr->opcode == IB_WR_SEND_WITH_IMM ||
2160 user_wr->opcode == IB_WR_RDMA_WRITE_WITH_IMM) {
2162 (__be32 __force) user_wr->ex.imm_data;
2163 } else if (user_wr->opcode == IB_WR_SEND_WITH_INV) {
2164 next->ex.invalidate_rkey = user_wr->ex.invalidate_rkey;
2174 next->wr_id = user_wr->wr_id;
2175 next->num_sge = user_wr->num_sge;
2176 next->opcode = user_wr->opcode;
2177 next->send_flags = user_wr->send_flags;
2179 if (next->num_sge) {
2180 next->sg_list = (void *) next +
2181 ALIGN(next_size, sizeof(struct ib_sge));
2182 if (copy_from_user(next->sg_list, sgls + sg_ind,
2184 sizeof(struct ib_sge))) {
2188 sg_ind += next->num_sge;
2190 next->sg_list = NULL;
2194 ret = qp->device->ops.post_send(qp->real_qp, wr, &bad_wr);
2196 for (next = wr; next; next = next->next) {
2202 ret2 = uverbs_response(attrs, &resp, sizeof(resp));
2207 rdma_lookup_put_uobject(&qp->uobject->uevent.uobject,
2208 UVERBS_LOOKUP_READ);
2211 if (is_ud && ud_wr(wr)->ah)
2212 uobj_put_obj_read(ud_wr(wr)->ah);
2224 static struct ib_recv_wr *
2225 ib_uverbs_unmarshall_recv(struct uverbs_req_iter *iter, u32 wr_count,
2226 u32 wqe_size, u32 sge_count)
2228 struct ib_uverbs_recv_wr *user_wr;
2229 struct ib_recv_wr *wr = NULL, *last, *next;
2233 const struct ib_sge __user *sgls;
2234 const void __user *wqes;
2236 if (wqe_size < sizeof (struct ib_uverbs_recv_wr))
2237 return ERR_PTR(-EINVAL);
2239 wqes = uverbs_request_next_ptr(iter, wqe_size * wr_count);
2241 return ERR_CAST(wqes);
2242 sgls = uverbs_request_next_ptr(
2243 iter, sge_count * sizeof(struct ib_uverbs_sge));
2245 return ERR_CAST(sgls);
2246 ret = uverbs_request_finish(iter);
2248 return ERR_PTR(ret);
2250 user_wr = kmalloc(wqe_size, GFP_KERNEL);
2252 return ERR_PTR(-ENOMEM);
2256 for (i = 0; i < wr_count; ++i) {
2257 if (copy_from_user(user_wr, wqes + i * wqe_size,
2263 if (user_wr->num_sge + sg_ind > sge_count) {
2268 if (user_wr->num_sge >=
2269 (U32_MAX - ALIGN(sizeof *next, sizeof (struct ib_sge))) /
2270 sizeof (struct ib_sge)) {
2275 next = kmalloc(ALIGN(sizeof *next, sizeof (struct ib_sge)) +
2276 user_wr->num_sge * sizeof (struct ib_sge),
2290 next->wr_id = user_wr->wr_id;
2291 next->num_sge = user_wr->num_sge;
2293 if (next->num_sge) {
2294 next->sg_list = (void *) next +
2295 ALIGN(sizeof *next, sizeof (struct ib_sge));
2296 if (copy_from_user(next->sg_list, sgls + sg_ind,
2298 sizeof(struct ib_sge))) {
2302 sg_ind += next->num_sge;
2304 next->sg_list = NULL;
2319 return ERR_PTR(ret);
2322 static int ib_uverbs_post_recv(struct uverbs_attr_bundle *attrs)
2324 struct ib_uverbs_post_recv cmd;
2325 struct ib_uverbs_post_recv_resp resp;
2326 struct ib_recv_wr *wr, *next;
2327 const struct ib_recv_wr *bad_wr;
2330 struct uverbs_req_iter iter;
2332 ret = uverbs_request_start(attrs, &iter, &cmd, sizeof(cmd));
2336 wr = ib_uverbs_unmarshall_recv(&iter, cmd.wr_count, cmd.wqe_size,
2341 qp = uobj_get_obj_read(qp, UVERBS_OBJECT_QP, cmd.qp_handle, attrs);
2348 ret = qp->device->ops.post_recv(qp->real_qp, wr, &bad_wr);
2350 rdma_lookup_put_uobject(&qp->uobject->uevent.uobject,
2351 UVERBS_LOOKUP_READ);
2353 for (next = wr; next; next = next->next) {
2360 ret2 = uverbs_response(attrs, &resp, sizeof(resp));
2373 static int ib_uverbs_post_srq_recv(struct uverbs_attr_bundle *attrs)
2375 struct ib_uverbs_post_srq_recv cmd;
2376 struct ib_uverbs_post_srq_recv_resp resp;
2377 struct ib_recv_wr *wr, *next;
2378 const struct ib_recv_wr *bad_wr;
2381 struct uverbs_req_iter iter;
2383 ret = uverbs_request_start(attrs, &iter, &cmd, sizeof(cmd));
2387 wr = ib_uverbs_unmarshall_recv(&iter, cmd.wr_count, cmd.wqe_size,
2392 srq = uobj_get_obj_read(srq, UVERBS_OBJECT_SRQ, cmd.srq_handle, attrs);
2399 ret = srq->device->ops.post_srq_recv(srq, wr, &bad_wr);
2401 rdma_lookup_put_uobject(&srq->uobject->uevent.uobject,
2402 UVERBS_LOOKUP_READ);
2405 for (next = wr; next; next = next->next) {
2411 ret2 = uverbs_response(attrs, &resp, sizeof(resp));
2425 static int ib_uverbs_create_ah(struct uverbs_attr_bundle *attrs)
2427 struct ib_uverbs_create_ah cmd;
2428 struct ib_uverbs_create_ah_resp resp;
2429 struct ib_uobject *uobj;
2432 struct rdma_ah_attr attr = {};
2434 struct ib_device *ib_dev;
2436 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
2440 uobj = uobj_alloc(UVERBS_OBJECT_AH, attrs, &ib_dev);
2442 return PTR_ERR(uobj);
2444 if (!rdma_is_port_valid(ib_dev, cmd.attr.port_num)) {
2449 pd = uobj_get_obj_read(pd, UVERBS_OBJECT_PD, cmd.pd_handle, attrs);
2455 attr.type = rdma_ah_find_type(ib_dev, cmd.attr.port_num);
2456 rdma_ah_set_make_grd(&attr, false);
2457 rdma_ah_set_dlid(&attr, cmd.attr.dlid);
2458 rdma_ah_set_sl(&attr, cmd.attr.sl);
2459 rdma_ah_set_path_bits(&attr, cmd.attr.src_path_bits);
2460 rdma_ah_set_static_rate(&attr, cmd.attr.static_rate);
2461 rdma_ah_set_port_num(&attr, cmd.attr.port_num);
2463 if (cmd.attr.is_global) {
2464 rdma_ah_set_grh(&attr, NULL, cmd.attr.grh.flow_label,
2465 cmd.attr.grh.sgid_index,
2466 cmd.attr.grh.hop_limit,
2467 cmd.attr.grh.traffic_class);
2468 rdma_ah_set_dgid_raw(&attr, cmd.attr.grh.dgid);
2470 rdma_ah_set_ah_flags(&attr, 0);
2473 ah = rdma_create_user_ah(pd, &attr, &attrs->driver_udata);
2480 uobj->user_handle = cmd.user_handle;
2483 resp.ah_handle = uobj->id;
2485 ret = uverbs_response(attrs, &resp, sizeof(resp));
2489 uobj_put_obj_read(pd);
2490 rdma_alloc_commit_uobject(uobj, attrs);
2494 rdma_destroy_ah_user(ah, RDMA_DESTROY_AH_SLEEPABLE,
2495 uverbs_get_cleared_udata(attrs));
2498 uobj_put_obj_read(pd);
2501 uobj_alloc_abort(uobj, attrs);
2505 static int ib_uverbs_destroy_ah(struct uverbs_attr_bundle *attrs)
2507 struct ib_uverbs_destroy_ah cmd;
2510 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
2514 return uobj_perform_destroy(UVERBS_OBJECT_AH, cmd.ah_handle, attrs);
2517 static int ib_uverbs_attach_mcast(struct uverbs_attr_bundle *attrs)
2519 struct ib_uverbs_attach_mcast cmd;
2521 struct ib_uqp_object *obj;
2522 struct ib_uverbs_mcast_entry *mcast;
2525 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
2529 qp = uobj_get_obj_read(qp, UVERBS_OBJECT_QP, cmd.qp_handle, attrs);
2535 mutex_lock(&obj->mcast_lock);
2536 list_for_each_entry(mcast, &obj->mcast_list, list)
2537 if (cmd.mlid == mcast->lid &&
2538 !memcmp(cmd.gid, mcast->gid.raw, sizeof mcast->gid.raw)) {
2543 mcast = kmalloc(sizeof *mcast, GFP_KERNEL);
2549 mcast->lid = cmd.mlid;
2550 memcpy(mcast->gid.raw, cmd.gid, sizeof mcast->gid.raw);
2552 ret = ib_attach_mcast(qp, &mcast->gid, cmd.mlid);
2554 list_add_tail(&mcast->list, &obj->mcast_list);
2559 mutex_unlock(&obj->mcast_lock);
2560 rdma_lookup_put_uobject(&qp->uobject->uevent.uobject,
2561 UVERBS_LOOKUP_READ);
2566 static int ib_uverbs_detach_mcast(struct uverbs_attr_bundle *attrs)
2568 struct ib_uverbs_detach_mcast cmd;
2569 struct ib_uqp_object *obj;
2571 struct ib_uverbs_mcast_entry *mcast;
2575 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
2579 qp = uobj_get_obj_read(qp, UVERBS_OBJECT_QP, cmd.qp_handle, attrs);
2584 mutex_lock(&obj->mcast_lock);
2586 list_for_each_entry(mcast, &obj->mcast_list, list)
2587 if (cmd.mlid == mcast->lid &&
2588 !memcmp(cmd.gid, mcast->gid.raw, sizeof mcast->gid.raw)) {
2589 list_del(&mcast->list);
2600 ret = ib_detach_mcast(qp, (union ib_gid *)cmd.gid, cmd.mlid);
2603 mutex_unlock(&obj->mcast_lock);
2604 rdma_lookup_put_uobject(&qp->uobject->uevent.uobject,
2605 UVERBS_LOOKUP_READ);
2609 struct ib_uflow_resources *flow_resources_alloc(size_t num_specs)
2611 struct ib_uflow_resources *resources;
2613 resources = kzalloc(sizeof(*resources), GFP_KERNEL);
2621 resources->counters =
2622 kcalloc(num_specs, sizeof(*resources->counters), GFP_KERNEL);
2623 resources->collection =
2624 kcalloc(num_specs, sizeof(*resources->collection), GFP_KERNEL);
2626 if (!resources->counters || !resources->collection)
2630 resources->max = num_specs;
2634 kfree(resources->counters);
2639 EXPORT_SYMBOL(flow_resources_alloc);
2641 void ib_uverbs_flow_resources_free(struct ib_uflow_resources *uflow_res)
2648 for (i = 0; i < uflow_res->collection_num; i++)
2649 atomic_dec(&uflow_res->collection[i]->usecnt);
2651 for (i = 0; i < uflow_res->counters_num; i++)
2652 atomic_dec(&uflow_res->counters[i]->usecnt);
2654 kfree(uflow_res->collection);
2655 kfree(uflow_res->counters);
2658 EXPORT_SYMBOL(ib_uverbs_flow_resources_free);
2660 void flow_resources_add(struct ib_uflow_resources *uflow_res,
2661 enum ib_flow_spec_type type,
2664 WARN_ON(uflow_res->num >= uflow_res->max);
2667 case IB_FLOW_SPEC_ACTION_HANDLE:
2668 atomic_inc(&((struct ib_flow_action *)ibobj)->usecnt);
2669 uflow_res->collection[uflow_res->collection_num++] =
2670 (struct ib_flow_action *)ibobj;
2672 case IB_FLOW_SPEC_ACTION_COUNT:
2673 atomic_inc(&((struct ib_counters *)ibobj)->usecnt);
2674 uflow_res->counters[uflow_res->counters_num++] =
2675 (struct ib_counters *)ibobj;
2683 EXPORT_SYMBOL(flow_resources_add);
2685 static int kern_spec_to_ib_spec_action(struct uverbs_attr_bundle *attrs,
2686 struct ib_uverbs_flow_spec *kern_spec,
2687 union ib_flow_spec *ib_spec,
2688 struct ib_uflow_resources *uflow_res)
2690 ib_spec->type = kern_spec->type;
2691 switch (ib_spec->type) {
2692 case IB_FLOW_SPEC_ACTION_TAG:
2693 if (kern_spec->flow_tag.size !=
2694 sizeof(struct ib_uverbs_flow_spec_action_tag))
2697 ib_spec->flow_tag.size = sizeof(struct ib_flow_spec_action_tag);
2698 ib_spec->flow_tag.tag_id = kern_spec->flow_tag.tag_id;
2700 case IB_FLOW_SPEC_ACTION_DROP:
2701 if (kern_spec->drop.size !=
2702 sizeof(struct ib_uverbs_flow_spec_action_drop))
2705 ib_spec->drop.size = sizeof(struct ib_flow_spec_action_drop);
2707 case IB_FLOW_SPEC_ACTION_HANDLE:
2708 if (kern_spec->action.size !=
2709 sizeof(struct ib_uverbs_flow_spec_action_handle))
2711 ib_spec->action.act = uobj_get_obj_read(flow_action,
2712 UVERBS_OBJECT_FLOW_ACTION,
2713 kern_spec->action.handle,
2715 if (!ib_spec->action.act)
2717 ib_spec->action.size =
2718 sizeof(struct ib_flow_spec_action_handle);
2719 flow_resources_add(uflow_res,
2720 IB_FLOW_SPEC_ACTION_HANDLE,
2721 ib_spec->action.act);
2722 uobj_put_obj_read(ib_spec->action.act);
2724 case IB_FLOW_SPEC_ACTION_COUNT:
2725 if (kern_spec->flow_count.size !=
2726 sizeof(struct ib_uverbs_flow_spec_action_count))
2728 ib_spec->flow_count.counters =
2729 uobj_get_obj_read(counters,
2730 UVERBS_OBJECT_COUNTERS,
2731 kern_spec->flow_count.handle,
2733 if (!ib_spec->flow_count.counters)
2735 ib_spec->flow_count.size =
2736 sizeof(struct ib_flow_spec_action_count);
2737 flow_resources_add(uflow_res,
2738 IB_FLOW_SPEC_ACTION_COUNT,
2739 ib_spec->flow_count.counters);
2740 uobj_put_obj_read(ib_spec->flow_count.counters);
2748 static size_t kern_spec_filter_sz(const struct ib_uverbs_flow_spec_hdr *spec)
2750 /* Returns user space filter size, includes padding */
2751 return (spec->size - sizeof(struct ib_uverbs_flow_spec_hdr)) / 2;
2754 static ssize_t spec_filter_size(const void *kern_spec_filter, u16 kern_filter_size,
2755 u16 ib_real_filter_sz)
2758 * User space filter structures must be 64 bit aligned, otherwise this
2759 * may pass, but we won't handle additional new attributes.
2762 if (kern_filter_size > ib_real_filter_sz) {
2763 if (memchr_inv(kern_spec_filter +
2764 ib_real_filter_sz, 0,
2765 kern_filter_size - ib_real_filter_sz))
2767 return ib_real_filter_sz;
2769 return kern_filter_size;
2772 int ib_uverbs_kern_spec_to_ib_spec_filter(enum ib_flow_spec_type type,
2773 const void *kern_spec_mask,
2774 const void *kern_spec_val,
2775 size_t kern_filter_sz,
2776 union ib_flow_spec *ib_spec)
2778 ssize_t actual_filter_sz;
2779 ssize_t ib_filter_sz;
2781 /* User flow spec size must be aligned to 4 bytes */
2782 if (kern_filter_sz != ALIGN(kern_filter_sz, 4))
2785 ib_spec->type = type;
2787 if (ib_spec->type == (IB_FLOW_SPEC_INNER | IB_FLOW_SPEC_VXLAN_TUNNEL))
2790 switch (ib_spec->type & ~IB_FLOW_SPEC_INNER) {
2791 case IB_FLOW_SPEC_ETH:
2792 ib_filter_sz = offsetof(struct ib_flow_eth_filter, real_sz);
2793 actual_filter_sz = spec_filter_size(kern_spec_mask,
2796 if (actual_filter_sz <= 0)
2798 ib_spec->size = sizeof(struct ib_flow_spec_eth);
2799 memcpy(&ib_spec->eth.val, kern_spec_val, actual_filter_sz);
2800 memcpy(&ib_spec->eth.mask, kern_spec_mask, actual_filter_sz);
2802 case IB_FLOW_SPEC_IPV4:
2803 ib_filter_sz = offsetof(struct ib_flow_ipv4_filter, real_sz);
2804 actual_filter_sz = spec_filter_size(kern_spec_mask,
2807 if (actual_filter_sz <= 0)
2809 ib_spec->size = sizeof(struct ib_flow_spec_ipv4);
2810 memcpy(&ib_spec->ipv4.val, kern_spec_val, actual_filter_sz);
2811 memcpy(&ib_spec->ipv4.mask, kern_spec_mask, actual_filter_sz);
2813 case IB_FLOW_SPEC_IPV6:
2814 ib_filter_sz = offsetof(struct ib_flow_ipv6_filter, real_sz);
2815 actual_filter_sz = spec_filter_size(kern_spec_mask,
2818 if (actual_filter_sz <= 0)
2820 ib_spec->size = sizeof(struct ib_flow_spec_ipv6);
2821 memcpy(&ib_spec->ipv6.val, kern_spec_val, actual_filter_sz);
2822 memcpy(&ib_spec->ipv6.mask, kern_spec_mask, actual_filter_sz);
2824 if ((ntohl(ib_spec->ipv6.mask.flow_label)) >= BIT(20) ||
2825 (ntohl(ib_spec->ipv6.val.flow_label)) >= BIT(20))
2828 case IB_FLOW_SPEC_TCP:
2829 case IB_FLOW_SPEC_UDP:
2830 ib_filter_sz = offsetof(struct ib_flow_tcp_udp_filter, real_sz);
2831 actual_filter_sz = spec_filter_size(kern_spec_mask,
2834 if (actual_filter_sz <= 0)
2836 ib_spec->size = sizeof(struct ib_flow_spec_tcp_udp);
2837 memcpy(&ib_spec->tcp_udp.val, kern_spec_val, actual_filter_sz);
2838 memcpy(&ib_spec->tcp_udp.mask, kern_spec_mask, actual_filter_sz);
2840 case IB_FLOW_SPEC_VXLAN_TUNNEL:
2841 ib_filter_sz = offsetof(struct ib_flow_tunnel_filter, real_sz);
2842 actual_filter_sz = spec_filter_size(kern_spec_mask,
2845 if (actual_filter_sz <= 0)
2847 ib_spec->tunnel.size = sizeof(struct ib_flow_spec_tunnel);
2848 memcpy(&ib_spec->tunnel.val, kern_spec_val, actual_filter_sz);
2849 memcpy(&ib_spec->tunnel.mask, kern_spec_mask, actual_filter_sz);
2851 if ((ntohl(ib_spec->tunnel.mask.tunnel_id)) >= BIT(24) ||
2852 (ntohl(ib_spec->tunnel.val.tunnel_id)) >= BIT(24))
2855 case IB_FLOW_SPEC_ESP:
2856 ib_filter_sz = offsetof(struct ib_flow_esp_filter, real_sz);
2857 actual_filter_sz = spec_filter_size(kern_spec_mask,
2860 if (actual_filter_sz <= 0)
2862 ib_spec->esp.size = sizeof(struct ib_flow_spec_esp);
2863 memcpy(&ib_spec->esp.val, kern_spec_val, actual_filter_sz);
2864 memcpy(&ib_spec->esp.mask, kern_spec_mask, actual_filter_sz);
2866 case IB_FLOW_SPEC_GRE:
2867 ib_filter_sz = offsetof(struct ib_flow_gre_filter, real_sz);
2868 actual_filter_sz = spec_filter_size(kern_spec_mask,
2871 if (actual_filter_sz <= 0)
2873 ib_spec->gre.size = sizeof(struct ib_flow_spec_gre);
2874 memcpy(&ib_spec->gre.val, kern_spec_val, actual_filter_sz);
2875 memcpy(&ib_spec->gre.mask, kern_spec_mask, actual_filter_sz);
2877 case IB_FLOW_SPEC_MPLS:
2878 ib_filter_sz = offsetof(struct ib_flow_mpls_filter, real_sz);
2879 actual_filter_sz = spec_filter_size(kern_spec_mask,
2882 if (actual_filter_sz <= 0)
2884 ib_spec->mpls.size = sizeof(struct ib_flow_spec_mpls);
2885 memcpy(&ib_spec->mpls.val, kern_spec_val, actual_filter_sz);
2886 memcpy(&ib_spec->mpls.mask, kern_spec_mask, actual_filter_sz);
2894 static int kern_spec_to_ib_spec_filter(struct ib_uverbs_flow_spec *kern_spec,
2895 union ib_flow_spec *ib_spec)
2897 ssize_t kern_filter_sz;
2898 void *kern_spec_mask;
2899 void *kern_spec_val;
2901 kern_filter_sz = kern_spec_filter_sz(&kern_spec->hdr);
2903 kern_spec_val = (void *)kern_spec +
2904 sizeof(struct ib_uverbs_flow_spec_hdr);
2905 kern_spec_mask = kern_spec_val + kern_filter_sz;
2907 return ib_uverbs_kern_spec_to_ib_spec_filter(kern_spec->type,
2910 kern_filter_sz, ib_spec);
2913 static int kern_spec_to_ib_spec(struct uverbs_attr_bundle *attrs,
2914 struct ib_uverbs_flow_spec *kern_spec,
2915 union ib_flow_spec *ib_spec,
2916 struct ib_uflow_resources *uflow_res)
2918 if (kern_spec->reserved)
2921 if (kern_spec->type >= IB_FLOW_SPEC_ACTION_TAG)
2922 return kern_spec_to_ib_spec_action(attrs, kern_spec, ib_spec,
2925 return kern_spec_to_ib_spec_filter(kern_spec, ib_spec);
2928 static int ib_uverbs_ex_create_wq(struct uverbs_attr_bundle *attrs)
2930 struct ib_uverbs_ex_create_wq cmd;
2931 struct ib_uverbs_ex_create_wq_resp resp = {};
2932 struct ib_uwq_object *obj;
2937 struct ib_wq_init_attr wq_init_attr = {};
2938 struct ib_device *ib_dev;
2940 err = uverbs_request(attrs, &cmd, sizeof(cmd));
2947 obj = (struct ib_uwq_object *)uobj_alloc(UVERBS_OBJECT_WQ, attrs,
2950 return PTR_ERR(obj);
2952 pd = uobj_get_obj_read(pd, UVERBS_OBJECT_PD, cmd.pd_handle, attrs);
2958 cq = uobj_get_obj_read(cq, UVERBS_OBJECT_CQ, cmd.cq_handle, attrs);
2964 wq_init_attr.cq = cq;
2965 wq_init_attr.max_sge = cmd.max_sge;
2966 wq_init_attr.max_wr = cmd.max_wr;
2967 wq_init_attr.wq_context = attrs->ufile;
2968 wq_init_attr.wq_type = cmd.wq_type;
2969 wq_init_attr.event_handler = ib_uverbs_wq_event_handler;
2970 wq_init_attr.create_flags = cmd.create_flags;
2971 INIT_LIST_HEAD(&obj->uevent.event_list);
2973 wq = pd->device->ops.create_wq(pd, &wq_init_attr, &attrs->driver_udata);
2980 obj->uevent.uobject.object = wq;
2981 wq->wq_type = wq_init_attr.wq_type;
2984 wq->device = pd->device;
2985 wq->wq_context = wq_init_attr.wq_context;
2986 atomic_set(&wq->usecnt, 0);
2987 atomic_inc(&pd->usecnt);
2988 atomic_inc(&cq->usecnt);
2990 obj->uevent.uobject.object = wq;
2992 memset(&resp, 0, sizeof(resp));
2993 resp.wq_handle = obj->uevent.uobject.id;
2994 resp.max_sge = wq_init_attr.max_sge;
2995 resp.max_wr = wq_init_attr.max_wr;
2996 resp.wqn = wq->wq_num;
2997 resp.response_length = uverbs_response_length(attrs, sizeof(resp));
2998 err = uverbs_response(attrs, &resp, sizeof(resp));
3002 uobj_put_obj_read(pd);
3003 rdma_lookup_put_uobject(&cq->uobject->uevent.uobject,
3004 UVERBS_LOOKUP_READ);
3005 rdma_alloc_commit_uobject(&obj->uevent.uobject, attrs);
3009 ib_destroy_wq(wq, uverbs_get_cleared_udata(attrs));
3011 rdma_lookup_put_uobject(&cq->uobject->uevent.uobject,
3012 UVERBS_LOOKUP_READ);
3014 uobj_put_obj_read(pd);
3016 uobj_alloc_abort(&obj->uevent.uobject, attrs);
3021 static int ib_uverbs_ex_destroy_wq(struct uverbs_attr_bundle *attrs)
3023 struct ib_uverbs_ex_destroy_wq cmd;
3024 struct ib_uverbs_ex_destroy_wq_resp resp = {};
3025 struct ib_uobject *uobj;
3026 struct ib_uwq_object *obj;
3029 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
3036 resp.response_length = uverbs_response_length(attrs, sizeof(resp));
3037 uobj = uobj_get_destroy(UVERBS_OBJECT_WQ, cmd.wq_handle, attrs);
3039 return PTR_ERR(uobj);
3041 obj = container_of(uobj, struct ib_uwq_object, uevent.uobject);
3042 resp.events_reported = obj->uevent.events_reported;
3044 uobj_put_destroy(uobj);
3046 return uverbs_response(attrs, &resp, sizeof(resp));
3049 static int ib_uverbs_ex_modify_wq(struct uverbs_attr_bundle *attrs)
3051 struct ib_uverbs_ex_modify_wq cmd;
3053 struct ib_wq_attr wq_attr = {};
3056 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
3063 if (cmd.attr_mask > (IB_WQ_STATE | IB_WQ_CUR_STATE | IB_WQ_FLAGS))
3066 wq = uobj_get_obj_read(wq, UVERBS_OBJECT_WQ, cmd.wq_handle, attrs);
3070 wq_attr.curr_wq_state = cmd.curr_wq_state;
3071 wq_attr.wq_state = cmd.wq_state;
3072 if (cmd.attr_mask & IB_WQ_FLAGS) {
3073 wq_attr.flags = cmd.flags;
3074 wq_attr.flags_mask = cmd.flags_mask;
3076 ret = wq->device->ops.modify_wq(wq, &wq_attr, cmd.attr_mask,
3077 &attrs->driver_udata);
3078 rdma_lookup_put_uobject(&wq->uobject->uevent.uobject,
3079 UVERBS_LOOKUP_READ);
3083 static int ib_uverbs_ex_create_rwq_ind_table(struct uverbs_attr_bundle *attrs)
3085 struct ib_uverbs_ex_create_rwq_ind_table cmd;
3086 struct ib_uverbs_ex_create_rwq_ind_table_resp resp = {};
3087 struct ib_uobject *uobj;
3089 struct ib_rwq_ind_table_init_attr init_attr = {};
3090 struct ib_rwq_ind_table *rwq_ind_tbl;
3091 struct ib_wq **wqs = NULL;
3092 u32 *wqs_handles = NULL;
3093 struct ib_wq *wq = NULL;
3094 int i, j, num_read_wqs;
3096 struct uverbs_req_iter iter;
3097 struct ib_device *ib_dev;
3099 err = uverbs_request_start(attrs, &iter, &cmd, sizeof(cmd));
3106 if (cmd.log_ind_tbl_size > IB_USER_VERBS_MAX_LOG_IND_TBL_SIZE)
3109 num_wq_handles = 1 << cmd.log_ind_tbl_size;
3110 wqs_handles = kcalloc(num_wq_handles, sizeof(*wqs_handles),
3115 err = uverbs_request_next(&iter, wqs_handles,
3116 num_wq_handles * sizeof(__u32));
3120 err = uverbs_request_finish(&iter);
3124 wqs = kcalloc(num_wq_handles, sizeof(*wqs), GFP_KERNEL);
3130 for (num_read_wqs = 0; num_read_wqs < num_wq_handles;
3132 wq = uobj_get_obj_read(wq, UVERBS_OBJECT_WQ,
3133 wqs_handles[num_read_wqs], attrs);
3139 wqs[num_read_wqs] = wq;
3142 uobj = uobj_alloc(UVERBS_OBJECT_RWQ_IND_TBL, attrs, &ib_dev);
3144 err = PTR_ERR(uobj);
3148 init_attr.log_ind_tbl_size = cmd.log_ind_tbl_size;
3149 init_attr.ind_tbl = wqs;
3151 rwq_ind_tbl = ib_dev->ops.create_rwq_ind_table(ib_dev, &init_attr,
3152 &attrs->driver_udata);
3154 if (IS_ERR(rwq_ind_tbl)) {
3155 err = PTR_ERR(rwq_ind_tbl);
3159 rwq_ind_tbl->ind_tbl = wqs;
3160 rwq_ind_tbl->log_ind_tbl_size = init_attr.log_ind_tbl_size;
3161 rwq_ind_tbl->uobject = uobj;
3162 uobj->object = rwq_ind_tbl;
3163 rwq_ind_tbl->device = ib_dev;
3164 atomic_set(&rwq_ind_tbl->usecnt, 0);
3166 for (i = 0; i < num_wq_handles; i++)
3167 atomic_inc(&wqs[i]->usecnt);
3169 resp.ind_tbl_handle = uobj->id;
3170 resp.ind_tbl_num = rwq_ind_tbl->ind_tbl_num;
3171 resp.response_length = uverbs_response_length(attrs, sizeof(resp));
3173 err = uverbs_response(attrs, &resp, sizeof(resp));
3179 for (j = 0; j < num_read_wqs; j++)
3180 rdma_lookup_put_uobject(&wqs[j]->uobject->uevent.uobject,
3181 UVERBS_LOOKUP_READ);
3183 rdma_alloc_commit_uobject(uobj, attrs);
3187 ib_destroy_rwq_ind_table(rwq_ind_tbl);
3189 uobj_alloc_abort(uobj, attrs);
3191 for (j = 0; j < num_read_wqs; j++)
3192 rdma_lookup_put_uobject(&wqs[j]->uobject->uevent.uobject,
3193 UVERBS_LOOKUP_READ);
3200 static int ib_uverbs_ex_destroy_rwq_ind_table(struct uverbs_attr_bundle *attrs)
3202 struct ib_uverbs_ex_destroy_rwq_ind_table cmd;
3205 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
3212 return uobj_perform_destroy(UVERBS_OBJECT_RWQ_IND_TBL,
3213 cmd.ind_tbl_handle, attrs);
3216 static int ib_uverbs_ex_create_flow(struct uverbs_attr_bundle *attrs)
3218 struct ib_uverbs_create_flow cmd;
3219 struct ib_uverbs_create_flow_resp resp;
3220 struct ib_uobject *uobj;
3221 struct ib_flow *flow_id;
3222 struct ib_uverbs_flow_attr *kern_flow_attr;
3223 struct ib_flow_attr *flow_attr;
3225 struct ib_uflow_resources *uflow_res;
3226 struct ib_uverbs_flow_spec_hdr *kern_spec;
3227 struct uverbs_req_iter iter;
3231 struct ib_device *ib_dev;
3233 err = uverbs_request_start(attrs, &iter, &cmd, sizeof(cmd));
3240 if (!capable(CAP_NET_RAW))
3243 if (cmd.flow_attr.flags >= IB_FLOW_ATTR_FLAGS_RESERVED)
3246 if ((cmd.flow_attr.flags & IB_FLOW_ATTR_FLAGS_DONT_TRAP) &&
3247 ((cmd.flow_attr.type == IB_FLOW_ATTR_ALL_DEFAULT) ||
3248 (cmd.flow_attr.type == IB_FLOW_ATTR_MC_DEFAULT)))
3251 if (cmd.flow_attr.num_of_specs > IB_FLOW_SPEC_SUPPORT_LAYERS)
3254 if (cmd.flow_attr.size >
3255 (cmd.flow_attr.num_of_specs * sizeof(struct ib_uverbs_flow_spec)))
3258 if (cmd.flow_attr.reserved[0] ||
3259 cmd.flow_attr.reserved[1])
3262 if (cmd.flow_attr.num_of_specs) {
3263 kern_flow_attr = kmalloc(sizeof(*kern_flow_attr) + cmd.flow_attr.size,
3265 if (!kern_flow_attr)
3268 *kern_flow_attr = cmd.flow_attr;
3269 err = uverbs_request_next(&iter, &kern_flow_attr->flow_specs,
3270 cmd.flow_attr.size);
3274 kern_flow_attr = &cmd.flow_attr;
3277 err = uverbs_request_finish(&iter);
3281 uobj = uobj_alloc(UVERBS_OBJECT_FLOW, attrs, &ib_dev);
3283 err = PTR_ERR(uobj);
3287 qp = uobj_get_obj_read(qp, UVERBS_OBJECT_QP, cmd.qp_handle, attrs);
3293 if (qp->qp_type != IB_QPT_UD && qp->qp_type != IB_QPT_RAW_PACKET) {
3298 flow_attr = kzalloc(struct_size(flow_attr, flows,
3299 cmd.flow_attr.num_of_specs), GFP_KERNEL);
3304 uflow_res = flow_resources_alloc(cmd.flow_attr.num_of_specs);
3307 goto err_free_flow_attr;
3310 flow_attr->type = kern_flow_attr->type;
3311 flow_attr->priority = kern_flow_attr->priority;
3312 flow_attr->num_of_specs = kern_flow_attr->num_of_specs;
3313 flow_attr->port = kern_flow_attr->port;
3314 flow_attr->flags = kern_flow_attr->flags;
3315 flow_attr->size = sizeof(*flow_attr);
3317 kern_spec = kern_flow_attr->flow_specs;
3318 ib_spec = flow_attr + 1;
3319 for (i = 0; i < flow_attr->num_of_specs &&
3320 cmd.flow_attr.size >= sizeof(*kern_spec) &&
3321 cmd.flow_attr.size >= kern_spec->size;
3323 err = kern_spec_to_ib_spec(
3324 attrs, (struct ib_uverbs_flow_spec *)kern_spec,
3325 ib_spec, uflow_res);
3330 ((union ib_flow_spec *) ib_spec)->size;
3331 cmd.flow_attr.size -= kern_spec->size;
3332 kern_spec = ((void *)kern_spec) + kern_spec->size;
3333 ib_spec += ((union ib_flow_spec *) ib_spec)->size;
3335 if (cmd.flow_attr.size || (i != flow_attr->num_of_specs)) {
3336 pr_warn("create flow failed, flow %d: %d bytes left from uverb cmd\n",
3337 i, cmd.flow_attr.size);
3342 flow_id = qp->device->ops.create_flow(
3343 qp, flow_attr, IB_FLOW_DOMAIN_USER, &attrs->driver_udata);
3345 if (IS_ERR(flow_id)) {
3346 err = PTR_ERR(flow_id);
3350 ib_set_flow(uobj, flow_id, qp, qp->device, uflow_res);
3352 memset(&resp, 0, sizeof(resp));
3353 resp.flow_handle = uobj->id;
3355 err = uverbs_response(attrs, &resp, sizeof(resp));
3359 rdma_lookup_put_uobject(&qp->uobject->uevent.uobject,
3360 UVERBS_LOOKUP_READ);
3362 if (cmd.flow_attr.num_of_specs)
3363 kfree(kern_flow_attr);
3364 rdma_alloc_commit_uobject(uobj, attrs);
3367 if (!qp->device->ops.destroy_flow(flow_id))
3368 atomic_dec(&qp->usecnt);
3370 ib_uverbs_flow_resources_free(uflow_res);
3374 rdma_lookup_put_uobject(&qp->uobject->uevent.uobject,
3375 UVERBS_LOOKUP_READ);
3377 uobj_alloc_abort(uobj, attrs);
3379 if (cmd.flow_attr.num_of_specs)
3380 kfree(kern_flow_attr);
3384 static int ib_uverbs_ex_destroy_flow(struct uverbs_attr_bundle *attrs)
3386 struct ib_uverbs_destroy_flow cmd;
3389 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
3396 return uobj_perform_destroy(UVERBS_OBJECT_FLOW, cmd.flow_handle, attrs);
3399 static int __uverbs_create_xsrq(struct uverbs_attr_bundle *attrs,
3400 struct ib_uverbs_create_xsrq *cmd,
3401 struct ib_udata *udata)
3403 struct ib_uverbs_create_srq_resp resp;
3404 struct ib_usrq_object *obj;
3407 struct ib_uobject *uninitialized_var(xrcd_uobj);
3408 struct ib_srq_init_attr attr;
3410 struct ib_device *ib_dev;
3412 obj = (struct ib_usrq_object *)uobj_alloc(UVERBS_OBJECT_SRQ, attrs,
3415 return PTR_ERR(obj);
3417 if (cmd->srq_type == IB_SRQT_TM)
3418 attr.ext.tag_matching.max_num_tags = cmd->max_num_tags;
3420 if (cmd->srq_type == IB_SRQT_XRC) {
3421 xrcd_uobj = uobj_get_read(UVERBS_OBJECT_XRCD, cmd->xrcd_handle,
3423 if (IS_ERR(xrcd_uobj)) {
3428 attr.ext.xrc.xrcd = (struct ib_xrcd *)xrcd_uobj->object;
3429 if (!attr.ext.xrc.xrcd) {
3434 obj->uxrcd = container_of(xrcd_uobj, struct ib_uxrcd_object, uobject);
3435 atomic_inc(&obj->uxrcd->refcnt);
3438 if (ib_srq_has_cq(cmd->srq_type)) {
3439 attr.ext.cq = uobj_get_obj_read(cq, UVERBS_OBJECT_CQ,
3440 cmd->cq_handle, attrs);
3447 pd = uobj_get_obj_read(pd, UVERBS_OBJECT_PD, cmd->pd_handle, attrs);
3453 attr.event_handler = ib_uverbs_srq_event_handler;
3454 attr.srq_context = attrs->ufile;
3455 attr.srq_type = cmd->srq_type;
3456 attr.attr.max_wr = cmd->max_wr;
3457 attr.attr.max_sge = cmd->max_sge;
3458 attr.attr.srq_limit = cmd->srq_limit;
3460 INIT_LIST_HEAD(&obj->uevent.event_list);
3462 srq = rdma_zalloc_drv_obj(ib_dev, ib_srq);
3468 srq->device = pd->device;
3470 srq->srq_type = cmd->srq_type;
3472 srq->event_handler = attr.event_handler;
3473 srq->srq_context = attr.srq_context;
3475 ret = pd->device->ops.create_srq(srq, &attr, udata);
3479 if (ib_srq_has_cq(cmd->srq_type)) {
3480 srq->ext.cq = attr.ext.cq;
3481 atomic_inc(&attr.ext.cq->usecnt);
3484 if (cmd->srq_type == IB_SRQT_XRC) {
3485 srq->ext.xrc.xrcd = attr.ext.xrc.xrcd;
3486 atomic_inc(&attr.ext.xrc.xrcd->usecnt);
3489 atomic_inc(&pd->usecnt);
3490 atomic_set(&srq->usecnt, 0);
3492 obj->uevent.uobject.object = srq;
3493 obj->uevent.uobject.user_handle = cmd->user_handle;
3495 memset(&resp, 0, sizeof resp);
3496 resp.srq_handle = obj->uevent.uobject.id;
3497 resp.max_wr = attr.attr.max_wr;
3498 resp.max_sge = attr.attr.max_sge;
3499 if (cmd->srq_type == IB_SRQT_XRC)
3500 resp.srqn = srq->ext.xrc.srq_num;
3502 ret = uverbs_response(attrs, &resp, sizeof(resp));
3506 if (cmd->srq_type == IB_SRQT_XRC)
3507 uobj_put_read(xrcd_uobj);
3509 if (ib_srq_has_cq(cmd->srq_type))
3510 rdma_lookup_put_uobject(&attr.ext.cq->uobject->uevent.uobject,
3511 UVERBS_LOOKUP_READ);
3513 uobj_put_obj_read(pd);
3514 rdma_alloc_commit_uobject(&obj->uevent.uobject, attrs);
3518 ib_destroy_srq_user(srq, uverbs_get_cleared_udata(attrs));
3519 /* It was released in ib_destroy_srq_user */
3524 uobj_put_obj_read(pd);
3527 if (ib_srq_has_cq(cmd->srq_type))
3528 rdma_lookup_put_uobject(&attr.ext.cq->uobject->uevent.uobject,
3529 UVERBS_LOOKUP_READ);
3532 if (cmd->srq_type == IB_SRQT_XRC) {
3533 atomic_dec(&obj->uxrcd->refcnt);
3534 uobj_put_read(xrcd_uobj);
3538 uobj_alloc_abort(&obj->uevent.uobject, attrs);
3542 static int ib_uverbs_create_srq(struct uverbs_attr_bundle *attrs)
3544 struct ib_uverbs_create_srq cmd;
3545 struct ib_uverbs_create_xsrq xcmd;
3548 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
3552 memset(&xcmd, 0, sizeof(xcmd));
3553 xcmd.response = cmd.response;
3554 xcmd.user_handle = cmd.user_handle;
3555 xcmd.srq_type = IB_SRQT_BASIC;
3556 xcmd.pd_handle = cmd.pd_handle;
3557 xcmd.max_wr = cmd.max_wr;
3558 xcmd.max_sge = cmd.max_sge;
3559 xcmd.srq_limit = cmd.srq_limit;
3561 return __uverbs_create_xsrq(attrs, &xcmd, &attrs->driver_udata);
3564 static int ib_uverbs_create_xsrq(struct uverbs_attr_bundle *attrs)
3566 struct ib_uverbs_create_xsrq cmd;
3569 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
3573 return __uverbs_create_xsrq(attrs, &cmd, &attrs->driver_udata);
3576 static int ib_uverbs_modify_srq(struct uverbs_attr_bundle *attrs)
3578 struct ib_uverbs_modify_srq cmd;
3580 struct ib_srq_attr attr;
3583 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
3587 srq = uobj_get_obj_read(srq, UVERBS_OBJECT_SRQ, cmd.srq_handle, attrs);
3591 attr.max_wr = cmd.max_wr;
3592 attr.srq_limit = cmd.srq_limit;
3594 ret = srq->device->ops.modify_srq(srq, &attr, cmd.attr_mask,
3595 &attrs->driver_udata);
3597 rdma_lookup_put_uobject(&srq->uobject->uevent.uobject,
3598 UVERBS_LOOKUP_READ);
3603 static int ib_uverbs_query_srq(struct uverbs_attr_bundle *attrs)
3605 struct ib_uverbs_query_srq cmd;
3606 struct ib_uverbs_query_srq_resp resp;
3607 struct ib_srq_attr attr;
3611 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
3615 srq = uobj_get_obj_read(srq, UVERBS_OBJECT_SRQ, cmd.srq_handle, attrs);
3619 ret = ib_query_srq(srq, &attr);
3621 rdma_lookup_put_uobject(&srq->uobject->uevent.uobject,
3622 UVERBS_LOOKUP_READ);
3627 memset(&resp, 0, sizeof resp);
3629 resp.max_wr = attr.max_wr;
3630 resp.max_sge = attr.max_sge;
3631 resp.srq_limit = attr.srq_limit;
3633 return uverbs_response(attrs, &resp, sizeof(resp));
3636 static int ib_uverbs_destroy_srq(struct uverbs_attr_bundle *attrs)
3638 struct ib_uverbs_destroy_srq cmd;
3639 struct ib_uverbs_destroy_srq_resp resp;
3640 struct ib_uobject *uobj;
3641 struct ib_uevent_object *obj;
3644 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
3648 uobj = uobj_get_destroy(UVERBS_OBJECT_SRQ, cmd.srq_handle, attrs);
3650 return PTR_ERR(uobj);
3652 obj = container_of(uobj, struct ib_uevent_object, uobject);
3653 memset(&resp, 0, sizeof(resp));
3654 resp.events_reported = obj->events_reported;
3656 uobj_put_destroy(uobj);
3658 return uverbs_response(attrs, &resp, sizeof(resp));
3661 static int ib_uverbs_ex_query_device(struct uverbs_attr_bundle *attrs)
3663 struct ib_uverbs_ex_query_device_resp resp = {};
3664 struct ib_uverbs_ex_query_device cmd;
3665 struct ib_device_attr attr = {0};
3666 struct ib_ucontext *ucontext;
3667 struct ib_device *ib_dev;
3670 ucontext = ib_uverbs_get_ucontext(attrs);
3671 if (IS_ERR(ucontext))
3672 return PTR_ERR(ucontext);
3673 ib_dev = ucontext->device;
3675 err = uverbs_request(attrs, &cmd, sizeof(cmd));
3685 err = ib_dev->ops.query_device(ib_dev, &attr, &attrs->driver_udata);
3689 copy_query_dev_fields(ucontext, &resp.base, &attr);
3691 resp.odp_caps.general_caps = attr.odp_caps.general_caps;
3692 resp.odp_caps.per_transport_caps.rc_odp_caps =
3693 attr.odp_caps.per_transport_caps.rc_odp_caps;
3694 resp.odp_caps.per_transport_caps.uc_odp_caps =
3695 attr.odp_caps.per_transport_caps.uc_odp_caps;
3696 resp.odp_caps.per_transport_caps.ud_odp_caps =
3697 attr.odp_caps.per_transport_caps.ud_odp_caps;
3698 resp.xrc_odp_caps = attr.odp_caps.per_transport_caps.xrc_odp_caps;
3700 resp.timestamp_mask = attr.timestamp_mask;
3701 resp.hca_core_clock = attr.hca_core_clock;
3702 resp.device_cap_flags_ex = attr.device_cap_flags;
3703 resp.rss_caps.supported_qpts = attr.rss_caps.supported_qpts;
3704 resp.rss_caps.max_rwq_indirection_tables =
3705 attr.rss_caps.max_rwq_indirection_tables;
3706 resp.rss_caps.max_rwq_indirection_table_size =
3707 attr.rss_caps.max_rwq_indirection_table_size;
3708 resp.max_wq_type_rq = attr.max_wq_type_rq;
3709 resp.raw_packet_caps = attr.raw_packet_caps;
3710 resp.tm_caps.max_rndv_hdr_size = attr.tm_caps.max_rndv_hdr_size;
3711 resp.tm_caps.max_num_tags = attr.tm_caps.max_num_tags;
3712 resp.tm_caps.max_ops = attr.tm_caps.max_ops;
3713 resp.tm_caps.max_sge = attr.tm_caps.max_sge;
3714 resp.tm_caps.flags = attr.tm_caps.flags;
3715 resp.cq_moderation_caps.max_cq_moderation_count =
3716 attr.cq_caps.max_cq_moderation_count;
3717 resp.cq_moderation_caps.max_cq_moderation_period =
3718 attr.cq_caps.max_cq_moderation_period;
3719 resp.max_dm_size = attr.max_dm_size;
3720 resp.response_length = uverbs_response_length(attrs, sizeof(resp));
3722 return uverbs_response(attrs, &resp, sizeof(resp));
3725 static int ib_uverbs_ex_modify_cq(struct uverbs_attr_bundle *attrs)
3727 struct ib_uverbs_ex_modify_cq cmd;
3731 ret = uverbs_request(attrs, &cmd, sizeof(cmd));
3735 if (!cmd.attr_mask || cmd.reserved)
3738 if (cmd.attr_mask > IB_CQ_MODERATE)
3741 cq = uobj_get_obj_read(cq, UVERBS_OBJECT_CQ, cmd.cq_handle, attrs);
3745 ret = rdma_set_cq_moderation(cq, cmd.attr.cq_count, cmd.attr.cq_period);
3747 rdma_lookup_put_uobject(&cq->uobject->uevent.uobject,
3748 UVERBS_LOOKUP_READ);
3753 * Describe the input structs for write(). Some write methods have an input
3754 * only struct, most have an input and output. If the struct has an output then
3755 * the 'response' u64 must be the first field in the request structure.
3757 * If udata is present then both the request and response structs have a
3758 * trailing driver_data flex array. In this case the size of the base struct
3759 * cannot be changed.
3761 #define UAPI_DEF_WRITE_IO(req, resp) \
3762 .write.has_resp = 1 + \
3763 BUILD_BUG_ON_ZERO(offsetof(req, response) != 0) + \
3764 BUILD_BUG_ON_ZERO(sizeof(((req *)0)->response) != \
3766 .write.req_size = sizeof(req), .write.resp_size = sizeof(resp)
3768 #define UAPI_DEF_WRITE_I(req) .write.req_size = sizeof(req)
3770 #define UAPI_DEF_WRITE_UDATA_IO(req, resp) \
3771 UAPI_DEF_WRITE_IO(req, resp), \
3772 .write.has_udata = \
3774 BUILD_BUG_ON_ZERO(offsetof(req, driver_data) != \
3776 BUILD_BUG_ON_ZERO(offsetof(resp, driver_data) != \
3779 #define UAPI_DEF_WRITE_UDATA_I(req) \
3780 UAPI_DEF_WRITE_I(req), \
3781 .write.has_udata = \
3782 1 + BUILD_BUG_ON_ZERO(offsetof(req, driver_data) != \
3786 * The _EX versions are for use with WRITE_EX and allow the last struct member
3787 * to be specified. Buffers that do not include that member will be rejected.
3789 #define UAPI_DEF_WRITE_IO_EX(req, req_last_member, resp, resp_last_member) \
3790 .write.has_resp = 1, \
3791 .write.req_size = offsetofend(req, req_last_member), \
3792 .write.resp_size = offsetofend(resp, resp_last_member)
3794 #define UAPI_DEF_WRITE_I_EX(req, req_last_member) \
3795 .write.req_size = offsetofend(req, req_last_member)
3797 const struct uapi_definition uverbs_def_write_intf[] = {
3798 DECLARE_UVERBS_OBJECT(
3800 DECLARE_UVERBS_WRITE(IB_USER_VERBS_CMD_CREATE_AH,
3801 ib_uverbs_create_ah,
3802 UAPI_DEF_WRITE_UDATA_IO(
3803 struct ib_uverbs_create_ah,
3804 struct ib_uverbs_create_ah_resp),
3805 UAPI_DEF_METHOD_NEEDS_FN(create_ah)),
3806 DECLARE_UVERBS_WRITE(
3807 IB_USER_VERBS_CMD_DESTROY_AH,
3808 ib_uverbs_destroy_ah,
3809 UAPI_DEF_WRITE_I(struct ib_uverbs_destroy_ah),
3810 UAPI_DEF_METHOD_NEEDS_FN(destroy_ah))),
3812 DECLARE_UVERBS_OBJECT(
3813 UVERBS_OBJECT_COMP_CHANNEL,
3814 DECLARE_UVERBS_WRITE(
3815 IB_USER_VERBS_CMD_CREATE_COMP_CHANNEL,
3816 ib_uverbs_create_comp_channel,
3818 struct ib_uverbs_create_comp_channel,
3819 struct ib_uverbs_create_comp_channel_resp))),
3821 DECLARE_UVERBS_OBJECT(
3823 DECLARE_UVERBS_WRITE(IB_USER_VERBS_CMD_CREATE_CQ,
3824 ib_uverbs_create_cq,
3825 UAPI_DEF_WRITE_UDATA_IO(
3826 struct ib_uverbs_create_cq,
3827 struct ib_uverbs_create_cq_resp),
3828 UAPI_DEF_METHOD_NEEDS_FN(create_cq)),
3829 DECLARE_UVERBS_WRITE(
3830 IB_USER_VERBS_CMD_DESTROY_CQ,
3831 ib_uverbs_destroy_cq,
3832 UAPI_DEF_WRITE_IO(struct ib_uverbs_destroy_cq,
3833 struct ib_uverbs_destroy_cq_resp),
3834 UAPI_DEF_METHOD_NEEDS_FN(destroy_cq)),
3835 DECLARE_UVERBS_WRITE(
3836 IB_USER_VERBS_CMD_POLL_CQ,
3838 UAPI_DEF_WRITE_IO(struct ib_uverbs_poll_cq,
3839 struct ib_uverbs_poll_cq_resp),
3840 UAPI_DEF_METHOD_NEEDS_FN(poll_cq)),
3841 DECLARE_UVERBS_WRITE(
3842 IB_USER_VERBS_CMD_REQ_NOTIFY_CQ,
3843 ib_uverbs_req_notify_cq,
3844 UAPI_DEF_WRITE_I(struct ib_uverbs_req_notify_cq),
3845 UAPI_DEF_METHOD_NEEDS_FN(req_notify_cq)),
3846 DECLARE_UVERBS_WRITE(IB_USER_VERBS_CMD_RESIZE_CQ,
3847 ib_uverbs_resize_cq,
3848 UAPI_DEF_WRITE_UDATA_IO(
3849 struct ib_uverbs_resize_cq,
3850 struct ib_uverbs_resize_cq_resp),
3851 UAPI_DEF_METHOD_NEEDS_FN(resize_cq)),
3852 DECLARE_UVERBS_WRITE_EX(
3853 IB_USER_VERBS_EX_CMD_CREATE_CQ,
3854 ib_uverbs_ex_create_cq,
3855 UAPI_DEF_WRITE_IO_EX(struct ib_uverbs_ex_create_cq,
3857 struct ib_uverbs_ex_create_cq_resp,
3859 UAPI_DEF_METHOD_NEEDS_FN(create_cq)),
3860 DECLARE_UVERBS_WRITE_EX(
3861 IB_USER_VERBS_EX_CMD_MODIFY_CQ,
3862 ib_uverbs_ex_modify_cq,
3863 UAPI_DEF_WRITE_I(struct ib_uverbs_ex_modify_cq),
3864 UAPI_DEF_METHOD_NEEDS_FN(create_cq))),
3866 DECLARE_UVERBS_OBJECT(
3867 UVERBS_OBJECT_DEVICE,
3868 DECLARE_UVERBS_WRITE(IB_USER_VERBS_CMD_GET_CONTEXT,
3869 ib_uverbs_get_context,
3870 UAPI_DEF_WRITE_UDATA_IO(
3871 struct ib_uverbs_get_context,
3872 struct ib_uverbs_get_context_resp)),
3873 DECLARE_UVERBS_WRITE(
3874 IB_USER_VERBS_CMD_QUERY_DEVICE,
3875 ib_uverbs_query_device,
3876 UAPI_DEF_WRITE_IO(struct ib_uverbs_query_device,
3877 struct ib_uverbs_query_device_resp)),
3878 DECLARE_UVERBS_WRITE(
3879 IB_USER_VERBS_CMD_QUERY_PORT,
3880 ib_uverbs_query_port,
3881 UAPI_DEF_WRITE_IO(struct ib_uverbs_query_port,
3882 struct ib_uverbs_query_port_resp),
3883 UAPI_DEF_METHOD_NEEDS_FN(query_port)),
3884 DECLARE_UVERBS_WRITE_EX(
3885 IB_USER_VERBS_EX_CMD_QUERY_DEVICE,
3886 ib_uverbs_ex_query_device,
3887 UAPI_DEF_WRITE_IO_EX(
3888 struct ib_uverbs_ex_query_device,
3890 struct ib_uverbs_ex_query_device_resp,
3892 UAPI_DEF_METHOD_NEEDS_FN(query_device)),
3893 UAPI_DEF_OBJ_NEEDS_FN(alloc_ucontext),
3894 UAPI_DEF_OBJ_NEEDS_FN(dealloc_ucontext)),
3896 DECLARE_UVERBS_OBJECT(
3898 DECLARE_UVERBS_WRITE_EX(
3899 IB_USER_VERBS_EX_CMD_CREATE_FLOW,
3900 ib_uverbs_ex_create_flow,
3901 UAPI_DEF_WRITE_IO_EX(struct ib_uverbs_create_flow,
3903 struct ib_uverbs_create_flow_resp,
3905 UAPI_DEF_METHOD_NEEDS_FN(create_flow)),
3906 DECLARE_UVERBS_WRITE_EX(
3907 IB_USER_VERBS_EX_CMD_DESTROY_FLOW,
3908 ib_uverbs_ex_destroy_flow,
3909 UAPI_DEF_WRITE_I(struct ib_uverbs_destroy_flow),
3910 UAPI_DEF_METHOD_NEEDS_FN(destroy_flow))),
3912 DECLARE_UVERBS_OBJECT(
3914 DECLARE_UVERBS_WRITE(IB_USER_VERBS_CMD_DEREG_MR,
3916 UAPI_DEF_WRITE_I(struct ib_uverbs_dereg_mr),
3917 UAPI_DEF_METHOD_NEEDS_FN(dereg_mr)),
3918 DECLARE_UVERBS_WRITE(
3919 IB_USER_VERBS_CMD_REG_MR,
3921 UAPI_DEF_WRITE_UDATA_IO(struct ib_uverbs_reg_mr,
3922 struct ib_uverbs_reg_mr_resp),
3923 UAPI_DEF_METHOD_NEEDS_FN(reg_user_mr)),
3924 DECLARE_UVERBS_WRITE(
3925 IB_USER_VERBS_CMD_REREG_MR,
3927 UAPI_DEF_WRITE_UDATA_IO(struct ib_uverbs_rereg_mr,
3928 struct ib_uverbs_rereg_mr_resp),
3929 UAPI_DEF_METHOD_NEEDS_FN(rereg_user_mr))),
3931 DECLARE_UVERBS_OBJECT(
3933 DECLARE_UVERBS_WRITE(
3934 IB_USER_VERBS_CMD_ALLOC_MW,
3936 UAPI_DEF_WRITE_UDATA_IO(struct ib_uverbs_alloc_mw,
3937 struct ib_uverbs_alloc_mw_resp),
3938 UAPI_DEF_METHOD_NEEDS_FN(alloc_mw)),
3939 DECLARE_UVERBS_WRITE(
3940 IB_USER_VERBS_CMD_DEALLOC_MW,
3941 ib_uverbs_dealloc_mw,
3942 UAPI_DEF_WRITE_I(struct ib_uverbs_dealloc_mw),
3943 UAPI_DEF_METHOD_NEEDS_FN(dealloc_mw))),
3945 DECLARE_UVERBS_OBJECT(
3947 DECLARE_UVERBS_WRITE(
3948 IB_USER_VERBS_CMD_ALLOC_PD,
3950 UAPI_DEF_WRITE_UDATA_IO(struct ib_uverbs_alloc_pd,
3951 struct ib_uverbs_alloc_pd_resp),
3952 UAPI_DEF_METHOD_NEEDS_FN(alloc_pd)),
3953 DECLARE_UVERBS_WRITE(
3954 IB_USER_VERBS_CMD_DEALLOC_PD,
3955 ib_uverbs_dealloc_pd,
3956 UAPI_DEF_WRITE_I(struct ib_uverbs_dealloc_pd),
3957 UAPI_DEF_METHOD_NEEDS_FN(dealloc_pd))),
3959 DECLARE_UVERBS_OBJECT(
3961 DECLARE_UVERBS_WRITE(
3962 IB_USER_VERBS_CMD_ATTACH_MCAST,
3963 ib_uverbs_attach_mcast,
3964 UAPI_DEF_WRITE_I(struct ib_uverbs_attach_mcast),
3965 UAPI_DEF_METHOD_NEEDS_FN(attach_mcast),
3966 UAPI_DEF_METHOD_NEEDS_FN(detach_mcast)),
3967 DECLARE_UVERBS_WRITE(IB_USER_VERBS_CMD_CREATE_QP,
3968 ib_uverbs_create_qp,
3969 UAPI_DEF_WRITE_UDATA_IO(
3970 struct ib_uverbs_create_qp,
3971 struct ib_uverbs_create_qp_resp),
3972 UAPI_DEF_METHOD_NEEDS_FN(create_qp)),
3973 DECLARE_UVERBS_WRITE(
3974 IB_USER_VERBS_CMD_DESTROY_QP,
3975 ib_uverbs_destroy_qp,
3976 UAPI_DEF_WRITE_IO(struct ib_uverbs_destroy_qp,
3977 struct ib_uverbs_destroy_qp_resp),
3978 UAPI_DEF_METHOD_NEEDS_FN(destroy_qp)),
3979 DECLARE_UVERBS_WRITE(
3980 IB_USER_VERBS_CMD_DETACH_MCAST,
3981 ib_uverbs_detach_mcast,
3982 UAPI_DEF_WRITE_I(struct ib_uverbs_detach_mcast),
3983 UAPI_DEF_METHOD_NEEDS_FN(detach_mcast)),
3984 DECLARE_UVERBS_WRITE(
3985 IB_USER_VERBS_CMD_MODIFY_QP,
3986 ib_uverbs_modify_qp,
3987 UAPI_DEF_WRITE_I(struct ib_uverbs_modify_qp),
3988 UAPI_DEF_METHOD_NEEDS_FN(modify_qp)),
3989 DECLARE_UVERBS_WRITE(
3990 IB_USER_VERBS_CMD_POST_RECV,
3991 ib_uverbs_post_recv,
3992 UAPI_DEF_WRITE_IO(struct ib_uverbs_post_recv,
3993 struct ib_uverbs_post_recv_resp),
3994 UAPI_DEF_METHOD_NEEDS_FN(post_recv)),
3995 DECLARE_UVERBS_WRITE(
3996 IB_USER_VERBS_CMD_POST_SEND,
3997 ib_uverbs_post_send,
3998 UAPI_DEF_WRITE_IO(struct ib_uverbs_post_send,
3999 struct ib_uverbs_post_send_resp),
4000 UAPI_DEF_METHOD_NEEDS_FN(post_send)),
4001 DECLARE_UVERBS_WRITE(
4002 IB_USER_VERBS_CMD_QUERY_QP,
4004 UAPI_DEF_WRITE_IO(struct ib_uverbs_query_qp,
4005 struct ib_uverbs_query_qp_resp),
4006 UAPI_DEF_METHOD_NEEDS_FN(query_qp)),
4007 DECLARE_UVERBS_WRITE_EX(
4008 IB_USER_VERBS_EX_CMD_CREATE_QP,
4009 ib_uverbs_ex_create_qp,
4010 UAPI_DEF_WRITE_IO_EX(struct ib_uverbs_ex_create_qp,
4012 struct ib_uverbs_ex_create_qp_resp,
4014 UAPI_DEF_METHOD_NEEDS_FN(create_qp)),
4015 DECLARE_UVERBS_WRITE_EX(
4016 IB_USER_VERBS_EX_CMD_MODIFY_QP,
4017 ib_uverbs_ex_modify_qp,
4018 UAPI_DEF_WRITE_IO_EX(struct ib_uverbs_ex_modify_qp,
4020 struct ib_uverbs_ex_modify_qp_resp,
4022 UAPI_DEF_METHOD_NEEDS_FN(modify_qp))),
4024 DECLARE_UVERBS_OBJECT(
4025 UVERBS_OBJECT_RWQ_IND_TBL,
4026 DECLARE_UVERBS_WRITE_EX(
4027 IB_USER_VERBS_EX_CMD_CREATE_RWQ_IND_TBL,
4028 ib_uverbs_ex_create_rwq_ind_table,
4029 UAPI_DEF_WRITE_IO_EX(
4030 struct ib_uverbs_ex_create_rwq_ind_table,
4032 struct ib_uverbs_ex_create_rwq_ind_table_resp,
4034 UAPI_DEF_METHOD_NEEDS_FN(create_rwq_ind_table)),
4035 DECLARE_UVERBS_WRITE_EX(
4036 IB_USER_VERBS_EX_CMD_DESTROY_RWQ_IND_TBL,
4037 ib_uverbs_ex_destroy_rwq_ind_table,
4039 struct ib_uverbs_ex_destroy_rwq_ind_table),
4040 UAPI_DEF_METHOD_NEEDS_FN(destroy_rwq_ind_table))),
4042 DECLARE_UVERBS_OBJECT(
4044 DECLARE_UVERBS_WRITE_EX(
4045 IB_USER_VERBS_EX_CMD_CREATE_WQ,
4046 ib_uverbs_ex_create_wq,
4047 UAPI_DEF_WRITE_IO_EX(struct ib_uverbs_ex_create_wq,
4049 struct ib_uverbs_ex_create_wq_resp,
4051 UAPI_DEF_METHOD_NEEDS_FN(create_wq)),
4052 DECLARE_UVERBS_WRITE_EX(
4053 IB_USER_VERBS_EX_CMD_DESTROY_WQ,
4054 ib_uverbs_ex_destroy_wq,
4055 UAPI_DEF_WRITE_IO_EX(struct ib_uverbs_ex_destroy_wq,
4057 struct ib_uverbs_ex_destroy_wq_resp,
4059 UAPI_DEF_METHOD_NEEDS_FN(destroy_wq)),
4060 DECLARE_UVERBS_WRITE_EX(
4061 IB_USER_VERBS_EX_CMD_MODIFY_WQ,
4062 ib_uverbs_ex_modify_wq,
4063 UAPI_DEF_WRITE_I_EX(struct ib_uverbs_ex_modify_wq,
4065 UAPI_DEF_METHOD_NEEDS_FN(modify_wq))),
4067 DECLARE_UVERBS_OBJECT(
4069 DECLARE_UVERBS_WRITE(IB_USER_VERBS_CMD_CREATE_SRQ,
4070 ib_uverbs_create_srq,
4071 UAPI_DEF_WRITE_UDATA_IO(
4072 struct ib_uverbs_create_srq,
4073 struct ib_uverbs_create_srq_resp),
4074 UAPI_DEF_METHOD_NEEDS_FN(create_srq)),
4075 DECLARE_UVERBS_WRITE(IB_USER_VERBS_CMD_CREATE_XSRQ,
4076 ib_uverbs_create_xsrq,
4077 UAPI_DEF_WRITE_UDATA_IO(
4078 struct ib_uverbs_create_xsrq,
4079 struct ib_uverbs_create_srq_resp),
4080 UAPI_DEF_METHOD_NEEDS_FN(create_srq)),
4081 DECLARE_UVERBS_WRITE(
4082 IB_USER_VERBS_CMD_DESTROY_SRQ,
4083 ib_uverbs_destroy_srq,
4084 UAPI_DEF_WRITE_IO(struct ib_uverbs_destroy_srq,
4085 struct ib_uverbs_destroy_srq_resp),
4086 UAPI_DEF_METHOD_NEEDS_FN(destroy_srq)),
4087 DECLARE_UVERBS_WRITE(
4088 IB_USER_VERBS_CMD_MODIFY_SRQ,
4089 ib_uverbs_modify_srq,
4090 UAPI_DEF_WRITE_UDATA_I(struct ib_uverbs_modify_srq),
4091 UAPI_DEF_METHOD_NEEDS_FN(modify_srq)),
4092 DECLARE_UVERBS_WRITE(
4093 IB_USER_VERBS_CMD_POST_SRQ_RECV,
4094 ib_uverbs_post_srq_recv,
4095 UAPI_DEF_WRITE_IO(struct ib_uverbs_post_srq_recv,
4096 struct ib_uverbs_post_srq_recv_resp),
4097 UAPI_DEF_METHOD_NEEDS_FN(post_srq_recv)),
4098 DECLARE_UVERBS_WRITE(
4099 IB_USER_VERBS_CMD_QUERY_SRQ,
4100 ib_uverbs_query_srq,
4101 UAPI_DEF_WRITE_IO(struct ib_uverbs_query_srq,
4102 struct ib_uverbs_query_srq_resp),
4103 UAPI_DEF_METHOD_NEEDS_FN(query_srq))),
4105 DECLARE_UVERBS_OBJECT(
4107 DECLARE_UVERBS_WRITE(
4108 IB_USER_VERBS_CMD_CLOSE_XRCD,
4109 ib_uverbs_close_xrcd,
4110 UAPI_DEF_WRITE_I(struct ib_uverbs_close_xrcd),
4111 UAPI_DEF_METHOD_NEEDS_FN(dealloc_xrcd)),
4112 DECLARE_UVERBS_WRITE(IB_USER_VERBS_CMD_OPEN_QP,
4114 UAPI_DEF_WRITE_UDATA_IO(
4115 struct ib_uverbs_open_qp,
4116 struct ib_uverbs_create_qp_resp)),
4117 DECLARE_UVERBS_WRITE(IB_USER_VERBS_CMD_OPEN_XRCD,
4118 ib_uverbs_open_xrcd,
4119 UAPI_DEF_WRITE_UDATA_IO(
4120 struct ib_uverbs_open_xrcd,
4121 struct ib_uverbs_open_xrcd_resp),
4122 UAPI_DEF_METHOD_NEEDS_FN(alloc_xrcd))),
projects / linux-2.6-microblaze.git / blob