Commit Graph

117 Commits

Author SHA1 Message Date
Adrian Bunk
2012a116d9 [PATCH] drivers/infiniband/core/mad.c: fix use-after-release case
The Coverity checker spotted this obvious use-after-release bug caused
by a wrong order of the cleanups.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-27 20:23:13 -08:00
Roland Dreier
eabc77935d IB/umad: make sure write()s have sufficient data
Make sure that userspace passes in enough data when sending a MAD.  We
always copy at least sizeof (struct ib_user_mad) + IB_MGMT_RMPP_HDR
bytes from userspace, so anything less is definitely invalid.  Also,
if the length is less than this limit, it's possible for the second
copy_from_user() to get a negative length and trigger a BUG().

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-11-18 14:18:26 -08:00
Linus Torvalds
78b9c0f91c Merge branch 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/roland/infiniband 2005-11-10 13:27:06 -08:00
Roland Dreier
94382f3562 [IB] umad: further ib_unregister_mad_agent() deadlock fixes
The previous umad deadlock fix left ib_umad_kill_port() still
vulnerable to deadlocking.  This patch fixes that by downgrading our
lock to a read lock when we might end up trying to reacquire the lock
for reading.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-11-10 10:22:51 -08:00
Jack Morgenstein
77369ed31d [IB] uverbs: have kernel return QP capabilities
Move the computation of QP capabilities (max scatter/gather entries,
max inline data, etc) into the kernel, and have the uverbs module
return the values as part of the create QP response.  This keeps
precise knowledge of device limits in the low-level kernel driver.

This requires an ABI bump, so while we're making changes, get rid of
the max_sge parameter for the modify SRQ command -- it's not used and
shouldn't be there.

Signed-off-by: Jack Morgenstein <jackm@mellanox.co.il>
Signed-off-by: Michael S. Tsirkin <mst@mellanox.co.il>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-11-10 10:22:50 -08:00
Roland Dreier
ec914c52d6 [IB] umad: get rid of unused mr array
Now that ib_umad uses the new MAD sending interface, it no longer
needs its own L_Key.  So just delete the array of MRs that it keeps.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-11-10 10:22:50 -08:00
Roland Dreier
40de2e548c [IB] Have cq_resize() method take an int, not int*
Change the struct ib_device.resize_cq() method to take a plain integer
that holds the new CQ size, rather than a pointer to an integer that
it uses to return the new size.  This makes the interface match the
exported ib_resize_cq() signature, and allows the low-level driver to
update the CQ size with proper locking if necessary.

No in-tree drivers are exporting this method yet.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-11-10 10:22:50 -08:00
Roland Dreier
2f76e82947 [IB] umad: avoid potential deadlock when unregistering MAD agents
ib_unregister_mad_agent() completes all pending MAD sends and waits
for the agent's send_handler routine to return.  umad's send_handler()
calls queue_packet(), which does down_read() on the port mutex to look
up the agent ID.  This means that the port mutex cannot be held for
writing while calling ib_unregister_mad_agent(), or else it will
deadlock.  This patch fixes all the calls to ib_unregister_mad_agent()
in the umad module to avoid this deadlock.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-11-10 10:22:50 -08:00
Jesper Juhl
6044ec8882 [PATCH] kfree cleanup: misc remaining drivers
This is the remaining misc drivers/ part of the big kfree cleanup patch.

Remove pointless checks for NULL prior to calling kfree() in misc files in
drivers/.

Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
Acked-by: Aristeu Sergio Rozanski Filho <aris@cathedrallabs.org>
Acked-by: Roland Dreier <rolandd@cisco.com>
Acked-by: Pierre Ossman <drzeus@drzeus.cx>
Acked-by: Jean Delvare <khali@linux-fr.org>
Acked-by: Greg Kroah-Hartman <gregkh@suse.de>
Acked-by: Len Brown <len.brown@intel.com>
Acked-by: "Antonino A. Daplas" <adaplas@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-07 07:54:05 -08:00
Tim Schmielau
8c65b4a604 [PATCH] fix remaining missing includes
Fix more include file problems that surfaced since I submitted the previous
fix-missing-includes.patch.  This should now allow not to include sched.h
from module.h, which is done by a followup patch.

Signed-off-by: Tim Schmielau <tim@physik3.uni-rostock.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-07 07:53:41 -08:00
Michael S. Tsirkin
8b37b94721 [IB] umad: two small fixes
Two small fixes for the umad module:
 - set kobject name for issm device properly
 - in ib_umad_add_one(), s is subtracted from the index i when
   initializing ports, so s should be subtracted from the index when
   freeing ports in the error path as well.

Signed-off-by: Michael S. Tsirkin <mst@mellanox.co.il>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-11-06 15:47:02 -08:00
Linus Torvalds
ba77df570c Merge branch 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/roland/infiniband 2005-11-04 16:31:54 -08:00
Roland Dreier
0c99cb6d5f [IB] umad: fix hot remove of IB devices
Fix hotplug of devices for ib_umad module: when a device goes away,
kill off all MAD agents for open files associated with that device,
and make sure that the device is not touched again after ib_umad
returns from its remove_one function.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-11-03 12:01:18 -08:00
Roland Dreier
de6eb66b56 [IB] kzalloc() conversions
Replace kmalloc()+memset(,0,) with kzalloc(), for a net savings of 35
source lines and about 500 bytes of text.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-11-02 07:23:14 -08:00
Roland Dreier
7162a3e0db [IB] uverbs: Avoid NULL pointer deref on CQ async event
Userspace CQs that have no completion event channel attached end up
with their cq_context set to NULL.  However, asynchronous events like
"CQ overrun" can still occur on such CQs, so add a uverbs_file member
to struct ib_ucq_object that we can follow to deliver these events.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-31 07:10:32 -08:00
Tim Schmielau
4e57b68178 [PATCH] fix missing includes
I recently picked up my older work to remove unnecessary #includes of
sched.h, starting from a patch by Dave Jones to not include sched.h
from module.h. This reduces the number of indirect includes of sched.h
by ~300. Another ~400 pointless direct includes can be removed after
this disentangling (patch to follow later).
However, quite a few indirect includes need to be fixed up for this.

In order to feed the patches through -mm with as little disturbance as
possible, I've split out the fixes I accumulated up to now (complete for
i386 and x86_64, more archs to follow later) and post them before the real
patch.  This way this large part of the patch is kept simple with only
adding #includes, and all hunks are independent of each other.  So if any
hunk rejects or gets in the way of other patches, just drop it.  My scripts
will pick it up again in the next round.

Signed-off-by: Tim Schmielau <tim@physik3.uni-rostock.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-30 17:37:32 -08:00
Al Viro
2d3c0b7bed [PATCH] missing include in infiniband
use of IS_ERR/PTR_ERR in infiniband/core/agent.c, without a portable
chain of includes pulling err.h (breaks on a bunch of platforms).

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: Roland Dreier <rolandd@cisco.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-29 10:35:07 -07:00
Roland Dreier
4cce3390c9 [IB] fix up class_device_create() calls
Fix class_device_create() calls to match the new prototype which
takes a parent device pointer.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-28 16:38:15 -07:00
Roland Dreier
70a30e16a8 [IB] uverbs: Fix device lifetime problems
Move ib_uverbs module to using cdev_alloc() and class_device_create()
so that we can handle device lifetime properly.  Now we can make sure
we keep all of our data structures around until the last way to reach
them is gone.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-28 15:38:26 -07:00
Roland Dreier
a74968f8c3 [IB] umad: Fix device lifetime problems
Move ib_umad module to using cdev_alloc() and class_device_create() so
that we can handle device lifetime properly.  Now we can make sure we
keep all of our data structures around until the last way to reach
them is gone.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-28 15:37:23 -07:00
Sean Hefty
cb0f0910f4 [IB] ib_umad: various cleanups
Simplify user_mad.c code in a few places, and convert from kmalloc() +
memset() to kzalloc().  This also fixes a theoretical race window by
not accessing packet->length after posting the send buffer (the send
could complete and packet could be freed before we get to the return
statement at the end of ib_umad_write()).

Signed-off-by: Sean Hefty <sean.hefty@intel.com>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-27 20:48:11 -07:00
Roland Dreier
089a1bedd8 [IB] ib_umad: fix crash when freeing send buffers
The conversion of user_mad.c to the new MAD send API was slightly off:
in a few places, we used packet->msg instead of packet->msg->mad when
referring to the actual data buffer, which ended up corrupting the
underlying data structure and crashing when we free an invalid pointer.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-27 20:33:43 -07:00
Roland Dreier
7cc656efb5 [IB] simplify mad_rmpp.c:alloc_response_msg()
Change alloc_response_msg() in mad_rmpp.c to return the struct
it allocates directly (or an error code a la ERR_PTR), rather than
returning a status and passing the struct back in a pointer param.
This simplifies the code and gets rid of warnings like

    drivers/infiniband/core/mad_rmpp.c: In function nack_recv:
    drivers/infiniband/core/mad_rmpp.c:192: warning: msg may be used uninitialized in this function

with newer versions of gcc.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-25 15:13:54 -07:00
Sean Hefty
34816ad98e [IB] Fix MAD layer DMA mappings to avoid touching data buffer once mapped
The MAD layer was violating the DMA API by touching data buffers used
for sends after the DMA mapping was done.  This causes problems on
non-cache-coherent architectures, because the device doing DMA won't
see updates to the payload buffers that exist only in the CPU cache.

Fix this by having all MAD consumers use ib_create_send_mad() to
allocate their send buffers, and moving the DMA mapping into the MAD
layer so it can be done just before calling send (and after any
modifications of the send buffer by the MAD layer).

Tested on a non-cache-coherent PowerPC 440SPe system.

Signed-off-by: Sean Hefty <sean.hefty@intel.com>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-25 10:51:39 -07:00
Sean Hefty
ae7971a770 [IB] CM: Fix initialization of QP attributes for UC QPs.
Fix cm_init_qp_init_attr(), cm_init_qp_rtr_attr() and cm_init_qp_rts_attr()
so that they correctly handle the differences between UC and RC QPs.  This
fixes problems with setting up UC QPs through the CM.

Signed-off-by: Sean Hefty <sean.hefty@intel.com>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-24 12:33:56 -07:00
Roland Dreier
ec329a1359 Manual merge of for-linus to upstream (fix conflicts in drivers/infiniband/core/ucm.c) 2005-10-24 10:55:29 -07:00
Roland Dreier
5d7edb3c1a [IB] Add idr_destroy() calls on module unload
Add idr_destroy() calls to the module_exit() functions of the four IB
driver modules that use idrs, so we don't leak idr_layer_cache objects
when these modules are unloaded.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-24 10:53:25 -07:00
Roland Dreier
bbf2078609 [IB] user_mad: Use class_device.devt
Use devt member of struct class_device so that we don't have to create
our own "dev" file in sysfs.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-20 12:54:01 -07:00
Roland Dreier
2e0c512aff [IB] user_mad: trivial coding style fixes
Add spaces after "sizeof" operator to match the rest of file.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-20 12:30:16 -07:00
Roland Dreier
3910f44d79 [IB] cm: Add missing break in switch
Add missing "break" in switch statement.  Without the break, the
CM ended up always falling through and setting every connection
request to use RC transport, which meant that UC connections
didn't work.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-20 12:29:36 -07:00
Roland Dreier
ba8e931024 [IB] Fail sysfs queries after device is unregistered
We keep IB device structures around until the last sysfs reference is
gone, but we shouldn't ask the low-level driver to do anything after
the LLD unregisters the device.  To handle this, check the reg_state
field and just fail sysfs show() requests if the device has already
been unregistered.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-18 14:14:56 -07:00
Roland Dreier
762a03e21e [IB] ucm: quiet sparse warnings
Make ctx_id_mutex and ctx_id_table static to quiet sparse warnings.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:38:50 -07:00
Sean Hefty
07d357d0cb [IB] CM: bind IDs to a specific device
Bind communication identifiers to a device to support device removal.
Export per HCA CM devices to userspace.

Signed-off-by: Sean Hefty <sean.hefty@intel.com>
2005-10-17 15:37:43 -07:00
Sean Hefty
595e726a1f [IB] merge ucm.h into ucm.c
Eliminate ucm.h.  Replace ucm_dbg with direct call to printk KERN_ERR.

Signed-off-by: Sean Hefty <sean.hefty@intel.com>
2005-10-17 15:33:47 -07:00
Roland Dreier
67cdb40ca4 [IB] uverbs: Implement more commands
Add kernel support for userspace calling poll CQ, request CQ
notification, post send, post receive, post SRQ receive, create AH and
destroy AH commands.  These commands allow us to support userspace
verbs for devices that can't perform these operations directly from
userspace (eg the PathScale HCA).

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:20:31 -07:00
Roland Dreier
883a99c702 [IB] uverbs: Add a mask of device methods allowed for userspace
Give each device a uverbs_cmd_mask, so that a low-level driver can
control which methods may be called on behalf of userspace.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:20:30 -07:00
Roland Dreier
56c202d6e4 [IB] fail SA queries if device initialization failed
If the SA query module's initialization fails for a device, then that
device won't have a struct ib_sa_device associated.  We should fail SA
queries in that case, rather than blindly dereferencing the NULL
pointer we get back from ib_get_client_data().

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:20:29 -07:00
Roland Dreier
305a7e8705 [IB] uverbs: unlock correctly in error paths
A couple of functions were missing spin_unlock calls in error paths.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:20:29 -07:00
Roland Dreier
4ab6fb7e5b [IB] Fix leak on MAD initialization failure
There is a bug in ib_mad_init_device(): if ib_agent_port_open() fails
for a given port, then the current code doesn't call ib_mad_port_close()
for that port.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:20:28 -07:00
Roland Dreier
116c0074ec [IB] Check port number in ib_query_port()/ib_modify_port()
Check port number before passing query_port or modify_port operations
on to device driver.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:20:27 -07:00
Roland Dreier
f575394f1d [IB] uverbs: reject invalid memory registration permission flags
Reject userspace memory registrations with invalid permission flags:
"local write" is required if "remote write" or "remote atomic" is also
requested.

Pointed out by Jack Morgenstein <jackm@mellanox.co.il>

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:20:27 -07:00
Roland Dreier
274c089163 [IB] uverbs: Add device-specific ABI version attribute
Add abi_version attribute to uverbs class devices to allow for
ABI versioning of device-specific interfaces.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:20:26 -07:00
Roland Dreier
eb9d3cd5ce [IB] uverbs: Fix up resource creation error paths
By waiting to add resources to our lists until after the last
operation that can fail, we don't have to remove them from their lists
in the error path.  Also, we should hold the idr mutex until we know
whether resource creation has succeed or failed, to avoid someone
finding a resource in our table before we're ready.

Loosely based on work by Robert Walsh <rjwalsh@pathscale.com>.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:20:25 -07:00
Roland Dreier
6b73597e70 [IB] uverbs: ABI-breaking fixes for userspace verbs
Introduce new userspace verbs ABI version 3.  This eliminates some
unneeded commands, and adds support for user-created completion
channels.  This cleans up problems with file leaks on error paths, and
also makes sure that file descriptors are always installed into the
correct process.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:20:25 -07:00
Jack Morgenstein
0c33aeedb2 [IB] Add checks to multicast attach and detach
Add checks so that we only allow multicast attach/detach with
a valid multicast GID and the correct QP type.

Signed-off-by: Jack Morgenstein <jackm@mellanox.co.il>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-10-17 15:20:24 -07:00
Al Viro
dd0fc66fb3 [PATCH] gfp flags annotations - part 1
- added typedef unsigned int __nocast gfp_t;

 - replaced __nocast uses for gfp flags with gfp_t - it gives exactly
   the same warnings as far as sparse is concerned, doesn't change
   generated code (from gcc point of view we replaced unsigned int with
   typedef) and documents what's going on far better.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-08 15:00:57 -07:00
Roland Dreier
63c47c286d [IB] uverbs: Close some exploitable races
Al Viro pointed out that the current IB userspace verbs interface
allows userspace to cause mischief by closing file descriptors before
we're ready, or issuing the same command twice at the same time.  This
patch closes those races, and fixes other obvious problems such as a
module reference leak.

Some other interface bogosities will require an ABI change to fix
properly, so I'm deferring those fixes until 2.6.15.

Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-09-26 13:01:03 -07:00
Hal Rosenstock
f2065e4242 [IB] Fix RMPP receive length calculation
Based on simplification idea from Sean Hefty <sean.hefty@intel.com>

Signed-off-by: Hal Rosenstock <halr@voltaire.com>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-09-21 12:33:09 -07:00
Sean Hefty
972d512a17 [IB] Add MAD data field size definitions
Clean up code by using enums instead of hard-coded magic numbers.

Signed-off-by: Sean Hefty <sean.hefty@intel.com>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-09-21 12:31:26 -07:00
Hal Rosenstock
eff4c654b1 [PATCH] IB: Fix data length for RMPP SA sends
We need to subtract off the header length from our payload
length when sending multi-packet SA messages.

Signed-off-by: Hal Rosenstock <halr@voltaire.com>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
2005-09-19 13:51:01 -07:00