2 * Copyright(c) 2015, 2016 Intel Corporation.
4 * This file is provided under a dual BSD/GPLv2 license. When using or
5 * redistributing this file, you may do so under either license.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of version 2 of the GNU General Public License as
11 * published by the Free Software Foundation.
13 * This program is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
20 * Redistribution and use in source and binary forms, with or without
21 * modification, are permitted provided that the following conditions
24 * - Redistributions of source code must retain the above copyright
25 * notice, this list of conditions and the following disclaimer.
26 * - Redistributions in binary form must reproduce the above copyright
27 * notice, this list of conditions and the following disclaimer in
28 * the documentation and/or other materials provided with the
30 * - Neither the name of Intel Corporation nor the names of its
31 * contributors may be used to endorse or promote products derived
32 * from this software without specific prior written permission.
34 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
35 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
36 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
37 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
38 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
39 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
40 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
41 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
42 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
43 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
44 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
48 #include <linux/types.h>
49 #include <linux/device.h>
50 #include <linux/dmapool.h>
51 #include <linux/slab.h>
52 #include <linux/list.h>
53 #include <linux/highmem.h>
55 #include <linux/uio.h>
56 #include <linux/rbtree.h>
57 #include <linux/spinlock.h>
58 #include <linux/delay.h>
59 #include <linux/kthread.h>
60 #include <linux/mmu_context.h>
61 #include <linux/module.h>
62 #include <linux/vmalloc.h>
66 #include "user_sdma.h"
67 #include "verbs.h" /* for the headers */
68 #include "common.h" /* for struct hfi1_tid_info */
72 static uint hfi1_sdma_comp_ring_size = 128;
73 module_param_named(sdma_comp_size, hfi1_sdma_comp_ring_size, uint, S_IRUGO);
74 MODULE_PARM_DESC(sdma_comp_size, "Size of User SDMA completion ring. Default: 128");
76 /* The maximum number of Data io vectors per message/request */
77 #define MAX_VECTORS_PER_REQ 8
79 * Maximum number of packet to send from each message/request
80 * before moving to the next one.
82 #define MAX_PKTS_PER_QUEUE 16
84 #define num_pages(x) (1 + ((((x) - 1) & PAGE_MASK) >> PAGE_SHIFT))
86 #define req_opcode(x) \
87 (((x) >> HFI1_SDMA_REQ_OPCODE_SHIFT) & HFI1_SDMA_REQ_OPCODE_MASK)
88 #define req_version(x) \
89 (((x) >> HFI1_SDMA_REQ_VERSION_SHIFT) & HFI1_SDMA_REQ_OPCODE_MASK)
90 #define req_iovcnt(x) \
91 (((x) >> HFI1_SDMA_REQ_IOVCNT_SHIFT) & HFI1_SDMA_REQ_IOVCNT_MASK)
93 /* Number of BTH.PSN bits used for sequence number in expected rcvs */
94 #define BTH_SEQ_MASK 0x7ffull
97 * Define fields in the KDETH header so we can update the header
100 #define KDETH_OFFSET_SHIFT 0
101 #define KDETH_OFFSET_MASK 0x7fff
102 #define KDETH_OM_SHIFT 15
103 #define KDETH_OM_MASK 0x1
104 #define KDETH_TID_SHIFT 16
105 #define KDETH_TID_MASK 0x3ff
106 #define KDETH_TIDCTRL_SHIFT 26
107 #define KDETH_TIDCTRL_MASK 0x3
108 #define KDETH_INTR_SHIFT 28
109 #define KDETH_INTR_MASK 0x1
110 #define KDETH_SH_SHIFT 29
111 #define KDETH_SH_MASK 0x1
112 #define KDETH_HCRC_UPPER_SHIFT 16
113 #define KDETH_HCRC_UPPER_MASK 0xff
114 #define KDETH_HCRC_LOWER_SHIFT 24
115 #define KDETH_HCRC_LOWER_MASK 0xff
117 #define PBC2LRH(x) ((((x) & 0xfff) << 2) - 4)
118 #define LRH2PBC(x) ((((x) >> 2) + 1) & 0xfff)
120 #define KDETH_GET(val, field) \
121 (((le32_to_cpu((val))) >> KDETH_##field##_SHIFT) & KDETH_##field##_MASK)
122 #define KDETH_SET(dw, field, val) do { \
123 u32 dwval = le32_to_cpu(dw); \
124 dwval &= ~(KDETH_##field##_MASK << KDETH_##field##_SHIFT); \
125 dwval |= (((val) & KDETH_##field##_MASK) << \
126 KDETH_##field##_SHIFT); \
127 dw = cpu_to_le32(dwval); \
130 #define AHG_HEADER_SET(arr, idx, dw, bit, width, value) \
132 if ((idx) < ARRAY_SIZE((arr))) \
133 (arr)[(idx++)] = sdma_build_ahg_descriptor( \
134 (__force u16)(value), (dw), (bit), \
140 /* KDETH OM multipliers and switch over point */
141 #define KDETH_OM_SMALL 4
142 #define KDETH_OM_LARGE 64
143 #define KDETH_OM_MAX_SIZE (1 << ((KDETH_OM_LARGE / KDETH_OM_SMALL) + 1))
145 /* Last packet in the request */
146 #define TXREQ_FLAGS_REQ_LAST_PKT BIT(0)
148 /* SDMA request flag bits */
149 #define SDMA_REQ_FOR_THREAD 1
150 #define SDMA_REQ_SEND_DONE 2
151 #define SDMA_REQ_HAVE_AHG 3
152 #define SDMA_REQ_HAS_ERROR 4
153 #define SDMA_REQ_DONE_ERROR 5
155 #define SDMA_PKT_Q_INACTIVE BIT(0)
156 #define SDMA_PKT_Q_ACTIVE BIT(1)
157 #define SDMA_PKT_Q_DEFERRED BIT(2)
160 * Maximum retry attempts to submit a TX request
161 * before putting the process to sleep.
163 #define MAX_DEFER_RETRY_COUNT 1
165 static unsigned initial_pkt_count = 8;
167 #define SDMA_IOWAIT_TIMEOUT 1000 /* in milliseconds */
169 struct sdma_mmu_node;
171 struct user_sdma_iovec {
172 struct list_head list;
174 /* number of pages in this vector */
176 /* array of pinned pages for this vector */
179 * offset into the virtual address space of the vector at
180 * which we last left off.
183 struct sdma_mmu_node *node;
186 #define SDMA_CACHE_NODE_EVICT 0
188 struct sdma_mmu_node {
189 struct mmu_rb_node rb;
190 struct list_head list;
191 struct hfi1_user_sdma_pkt_q *pq;
198 struct user_sdma_request {
199 struct sdma_req_info info;
200 struct hfi1_user_sdma_pkt_q *pq;
201 struct hfi1_user_sdma_comp_q *cq;
202 /* This is the original header from user space */
203 struct hfi1_pkt_header hdr;
205 * Pointer to the SDMA engine for this request.
206 * Since different request could be on different VLs,
207 * each request will need it's own engine pointer.
209 struct sdma_engine *sde;
213 * KDETH.Offset (Eager) field
214 * We need to remember the initial value so the headers
215 * can be updated properly.
219 * KDETH.OFFSET (TID) field
220 * The offset can cover multiple packets, depending on the
221 * size of the TID entry.
226 * Remember this because the header template always sets it
231 * We copy the iovs for this request (based on
232 * info.iovcnt). These are only the data vectors
235 /* total length of the data in the request */
237 /* progress index moving along the iovs array */
239 struct user_sdma_iovec iovs[MAX_VECTORS_PER_REQ];
240 /* number of elements copied to the tids array */
242 /* TID array values copied from the tid_iov vector */
249 struct list_head txps;
251 /* status of the last txreq completed */
256 * A single txreq could span up to 3 physical pages when the MTU
257 * is sufficiently large (> 4K). Each of the IOV pointers also
258 * needs it's own set of flags so the vector has been handled
259 * independently of each other.
261 struct user_sdma_txreq {
262 /* Packet header for the txreq */
263 struct hfi1_pkt_header hdr;
264 struct sdma_txreq txreq;
265 struct list_head list;
266 struct user_sdma_request *req;
272 #define SDMA_DBG(req, fmt, ...) \
273 hfi1_cdbg(SDMA, "[%u:%u:%u:%u] " fmt, (req)->pq->dd->unit, \
274 (req)->pq->ctxt, (req)->pq->subctxt, (req)->info.comp_idx, \
276 #define SDMA_Q_DBG(pq, fmt, ...) \
277 hfi1_cdbg(SDMA, "[%u:%u:%u] " fmt, (pq)->dd->unit, (pq)->ctxt, \
278 (pq)->subctxt, ##__VA_ARGS__)
280 static int user_sdma_send_pkts(struct user_sdma_request *, unsigned);
281 static int num_user_pages(const struct iovec *);
282 static void user_sdma_txreq_cb(struct sdma_txreq *, int);
283 static inline void pq_update(struct hfi1_user_sdma_pkt_q *);
284 static void user_sdma_free_request(struct user_sdma_request *, bool);
285 static int pin_vector_pages(struct user_sdma_request *,
286 struct user_sdma_iovec *);
287 static void unpin_vector_pages(struct mm_struct *, struct page **, unsigned,
289 static int check_header_template(struct user_sdma_request *,
290 struct hfi1_pkt_header *, u32, u32);
291 static int set_txreq_header(struct user_sdma_request *,
292 struct user_sdma_txreq *, u32);
293 static int set_txreq_header_ahg(struct user_sdma_request *,
294 struct user_sdma_txreq *, u32);
295 static inline void set_comp_state(struct hfi1_user_sdma_pkt_q *,
296 struct hfi1_user_sdma_comp_q *,
297 u16, enum hfi1_sdma_comp_state, int);
298 static inline u32 set_pkt_bth_psn(__be32, u8, u32);
299 static inline u32 get_lrh_len(struct hfi1_pkt_header, u32 len);
301 static int defer_packet_queue(
302 struct sdma_engine *,
306 static void activate_packet_queue(struct iowait *, int);
307 static bool sdma_rb_filter(struct mmu_rb_node *, unsigned long, unsigned long);
308 static int sdma_rb_insert(struct rb_root *, struct mmu_rb_node *);
309 static void sdma_rb_remove(struct rb_root *, struct mmu_rb_node *,
311 static int sdma_rb_invalidate(struct rb_root *, struct mmu_rb_node *);
313 static struct mmu_rb_ops sdma_rb_ops = {
314 .filter = sdma_rb_filter,
315 .insert = sdma_rb_insert,
316 .remove = sdma_rb_remove,
317 .invalidate = sdma_rb_invalidate
320 static int defer_packet_queue(
321 struct sdma_engine *sde,
323 struct sdma_txreq *txreq,
326 struct hfi1_user_sdma_pkt_q *pq =
327 container_of(wait, struct hfi1_user_sdma_pkt_q, busy);
328 struct hfi1_ibdev *dev = &pq->dd->verbs_dev;
329 struct user_sdma_txreq *tx =
330 container_of(txreq, struct user_sdma_txreq, txreq);
332 if (sdma_progress(sde, seq, txreq)) {
333 if (tx->busycount++ < MAX_DEFER_RETRY_COUNT)
337 * We are assuming that if the list is enqueued somewhere, it
338 * is to the dmawait list since that is the only place where
339 * it is supposed to be enqueued.
341 xchg(&pq->state, SDMA_PKT_Q_DEFERRED);
342 write_seqlock(&dev->iowait_lock);
343 if (list_empty(&pq->busy.list))
344 list_add_tail(&pq->busy.list, &sde->dmawait);
345 write_sequnlock(&dev->iowait_lock);
351 static void activate_packet_queue(struct iowait *wait, int reason)
353 struct hfi1_user_sdma_pkt_q *pq =
354 container_of(wait, struct hfi1_user_sdma_pkt_q, busy);
355 xchg(&pq->state, SDMA_PKT_Q_ACTIVE);
356 wake_up(&wait->wait_dma);
359 static void sdma_kmem_cache_ctor(void *obj)
361 struct user_sdma_txreq *tx = obj;
363 memset(tx, 0, sizeof(*tx));
366 int hfi1_user_sdma_alloc_queues(struct hfi1_ctxtdata *uctxt, struct file *fp)
368 struct hfi1_filedata *fd;
372 struct hfi1_devdata *dd;
373 struct hfi1_user_sdma_comp_q *cq;
374 struct hfi1_user_sdma_pkt_q *pq;
382 fd = fp->private_data;
384 if (!hfi1_sdma_comp_ring_size) {
391 pq = kzalloc(sizeof(*pq), GFP_KERNEL);
395 memsize = sizeof(*pq->reqs) * hfi1_sdma_comp_ring_size;
396 pq->reqs = kzalloc(memsize, GFP_KERNEL);
400 memsize = BITS_TO_LONGS(hfi1_sdma_comp_ring_size) * sizeof(long);
401 pq->req_in_use = kzalloc(memsize, GFP_KERNEL);
403 goto pq_reqs_no_in_use;
405 INIT_LIST_HEAD(&pq->list);
407 pq->ctxt = uctxt->ctxt;
408 pq->subctxt = fd->subctxt;
409 pq->n_max_reqs = hfi1_sdma_comp_ring_size;
410 pq->state = SDMA_PKT_Q_INACTIVE;
411 atomic_set(&pq->n_reqs, 0);
412 init_waitqueue_head(&pq->wait);
413 pq->sdma_rb_root = RB_ROOT;
414 INIT_LIST_HEAD(&pq->evict);
415 spin_lock_init(&pq->evict_lock);
417 iowait_init(&pq->busy, 0, NULL, defer_packet_queue,
418 activate_packet_queue, NULL);
420 snprintf(buf, 64, "txreq-kmem-cache-%u-%u-%u", dd->unit, uctxt->ctxt,
422 pq->txreq_cache = kmem_cache_create(buf,
423 sizeof(struct user_sdma_txreq),
426 sdma_kmem_cache_ctor);
427 if (!pq->txreq_cache) {
428 dd_dev_err(dd, "[%u] Failed to allocate TxReq cache\n",
433 cq = kzalloc(sizeof(*cq), GFP_KERNEL);
437 memsize = PAGE_ALIGN(sizeof(*cq->comps) * hfi1_sdma_comp_ring_size);
438 cq->comps = vmalloc_user(memsize);
442 cq->nentries = hfi1_sdma_comp_ring_size;
445 ret = hfi1_mmu_rb_register(&pq->sdma_rb_root, &sdma_rb_ops);
447 dd_dev_err(dd, "Failed to register with MMU %d", ret);
451 spin_lock_irqsave(&uctxt->sdma_qlock, flags);
452 list_add(&pq->list, &uctxt->sdma_queues);
453 spin_unlock_irqrestore(&uctxt->sdma_qlock, flags);
459 kmem_cache_destroy(pq->txreq_cache);
461 kfree(pq->req_in_use);
473 int hfi1_user_sdma_free_queues(struct hfi1_filedata *fd)
475 struct hfi1_ctxtdata *uctxt = fd->uctxt;
476 struct hfi1_user_sdma_pkt_q *pq;
479 hfi1_cdbg(SDMA, "[%u:%u:%u] Freeing user SDMA queues", uctxt->dd->unit,
480 uctxt->ctxt, fd->subctxt);
483 hfi1_mmu_rb_unregister(&pq->sdma_rb_root);
484 spin_lock_irqsave(&uctxt->sdma_qlock, flags);
485 if (!list_empty(&pq->list))
486 list_del_init(&pq->list);
487 spin_unlock_irqrestore(&uctxt->sdma_qlock, flags);
488 iowait_sdma_drain(&pq->busy);
489 /* Wait until all requests have been freed. */
490 wait_event_interruptible(
492 (ACCESS_ONCE(pq->state) == SDMA_PKT_Q_INACTIVE));
494 kfree(pq->req_in_use);
495 kmem_cache_destroy(pq->txreq_cache);
500 vfree(fd->cq->comps);
507 static u8 dlid_to_selector(u16 dlid)
509 static u8 mapping[256];
510 static int initialized;
515 memset(mapping, 0xFF, 256);
519 hash = ((dlid >> 8) ^ dlid) & 0xFF;
520 if (mapping[hash] == 0xFF) {
521 mapping[hash] = next;
522 next = (next + 1) & 0x7F;
525 return mapping[hash];
528 int hfi1_user_sdma_process_request(struct file *fp, struct iovec *iovec,
529 unsigned long dim, unsigned long *count)
532 struct hfi1_filedata *fd = fp->private_data;
533 struct hfi1_ctxtdata *uctxt = fd->uctxt;
534 struct hfi1_user_sdma_pkt_q *pq = fd->pq;
535 struct hfi1_user_sdma_comp_q *cq = fd->cq;
536 struct hfi1_devdata *dd = pq->dd;
537 unsigned long idx = 0;
538 u8 pcount = initial_pkt_count;
539 struct sdma_req_info info;
540 struct user_sdma_request *req;
546 if (iovec[idx].iov_len < sizeof(info) + sizeof(req->hdr)) {
549 "[%u:%u:%u] First vector not big enough for header %lu/%lu",
550 dd->unit, uctxt->ctxt, fd->subctxt,
551 iovec[idx].iov_len, sizeof(info) + sizeof(req->hdr));
554 ret = copy_from_user(&info, iovec[idx].iov_base, sizeof(info));
556 hfi1_cdbg(SDMA, "[%u:%u:%u] Failed to copy info QW (%d)",
557 dd->unit, uctxt->ctxt, fd->subctxt, ret);
561 trace_hfi1_sdma_user_reqinfo(dd, uctxt->ctxt, fd->subctxt,
564 if (info.comp_idx >= hfi1_sdma_comp_ring_size) {
566 "[%u:%u:%u:%u] Invalid comp index",
567 dd->unit, uctxt->ctxt, fd->subctxt, info.comp_idx);
572 * Sanity check the header io vector count. Need at least 1 vector
573 * (header) and cannot be larger than the actual io vector count.
575 if (req_iovcnt(info.ctrl) < 1 || req_iovcnt(info.ctrl) > dim) {
577 "[%u:%u:%u:%u] Invalid iov count %d, dim %ld",
578 dd->unit, uctxt->ctxt, fd->subctxt, info.comp_idx,
579 req_iovcnt(info.ctrl), dim);
583 if (!info.fragsize) {
585 "[%u:%u:%u:%u] Request does not specify fragsize",
586 dd->unit, uctxt->ctxt, fd->subctxt, info.comp_idx);
590 /* Try to claim the request. */
591 if (test_and_set_bit(info.comp_idx, pq->req_in_use)) {
592 hfi1_cdbg(SDMA, "[%u:%u:%u] Entry %u is in use",
593 dd->unit, uctxt->ctxt, fd->subctxt,
598 * All safety checks have been done and this request has been claimed.
600 hfi1_cdbg(SDMA, "[%u:%u:%u] Using req/comp entry %u\n", dd->unit,
601 uctxt->ctxt, fd->subctxt, info.comp_idx);
602 req = pq->reqs + info.comp_idx;
603 memset(req, 0, sizeof(*req));
604 req->data_iovs = req_iovcnt(info.ctrl) - 1; /* subtract header vector */
608 INIT_LIST_HEAD(&req->txps);
610 memcpy(&req->info, &info, sizeof(info));
612 if (req_opcode(info.ctrl) == EXPECTED) {
613 /* expected must have a TID info and at least one data vector */
614 if (req->data_iovs < 2) {
616 "Not enough vectors for expected request");
623 if (!info.npkts || req->data_iovs > MAX_VECTORS_PER_REQ) {
624 SDMA_DBG(req, "Too many vectors (%u/%u)", req->data_iovs,
625 MAX_VECTORS_PER_REQ);
629 /* Copy the header from the user buffer */
630 ret = copy_from_user(&req->hdr, iovec[idx].iov_base + sizeof(info),
633 SDMA_DBG(req, "Failed to copy header template (%d)", ret);
638 /* If Static rate control is not enabled, sanitize the header. */
639 if (!HFI1_CAP_IS_USET(STATIC_RATE_CTRL))
642 /* Validate the opcode. Do not trust packets from user space blindly. */
643 opcode = (be32_to_cpu(req->hdr.bth[0]) >> 24) & 0xff;
644 if ((opcode & USER_OPCODE_CHECK_MASK) !=
645 USER_OPCODE_CHECK_VAL) {
646 SDMA_DBG(req, "Invalid opcode (%d)", opcode);
651 * Validate the vl. Do not trust packets from user space blindly.
652 * VL comes from PBC, SC comes from LRH, and the VL needs to
653 * match the SC look up.
655 vl = (le16_to_cpu(req->hdr.pbc[0]) >> 12) & 0xF;
656 sc = (((be16_to_cpu(req->hdr.lrh[0]) >> 12) & 0xF) |
657 (((le16_to_cpu(req->hdr.pbc[1]) >> 14) & 0x1) << 4));
658 if (vl >= dd->pport->vls_operational ||
659 vl != sc_to_vlt(dd, sc)) {
660 SDMA_DBG(req, "Invalid SC(%u)/VL(%u)", sc, vl);
665 /* Checking P_KEY for requests from user-space */
666 if (egress_pkey_check(dd->pport, req->hdr.lrh, req->hdr.bth, sc,
667 PKEY_CHECK_INVALID)) {
673 * Also should check the BTH.lnh. If it says the next header is GRH then
674 * the RXE parsing will be off and will land in the middle of the KDETH
675 * or miss it entirely.
677 if ((be16_to_cpu(req->hdr.lrh[0]) & 0x3) == HFI1_LRH_GRH) {
678 SDMA_DBG(req, "User tried to pass in a GRH");
683 req->koffset = le32_to_cpu(req->hdr.kdeth.swdata[6]);
685 * Calculate the initial TID offset based on the values of
686 * KDETH.OFFSET and KDETH.OM that are passed in.
688 req->tidoffset = KDETH_GET(req->hdr.kdeth.ver_tid_offset, OFFSET) *
689 (KDETH_GET(req->hdr.kdeth.ver_tid_offset, OM) ?
690 KDETH_OM_LARGE : KDETH_OM_SMALL);
691 SDMA_DBG(req, "Initial TID offset %u", req->tidoffset);
694 /* Save all the IO vector structures */
695 for (i = 0; i < req->data_iovs; i++) {
696 INIT_LIST_HEAD(&req->iovs[i].list);
697 memcpy(&req->iovs[i].iov, iovec + idx++, sizeof(struct iovec));
698 ret = pin_vector_pages(req, &req->iovs[i]);
703 req->data_len += req->iovs[i].iov.iov_len;
705 SDMA_DBG(req, "total data length %u", req->data_len);
707 if (pcount > req->info.npkts)
708 pcount = req->info.npkts;
711 * User space will provide the TID info only when the
712 * request type is EXPECTED. This is true even if there is
713 * only one packet in the request and the header is already
714 * setup. The reason for the singular TID case is that the
715 * driver needs to perform safety checks.
717 if (req_opcode(req->info.ctrl) == EXPECTED) {
718 u16 ntids = iovec[idx].iov_len / sizeof(*req->tids);
720 if (!ntids || ntids > MAX_TID_PAIR_ENTRIES) {
724 req->tids = kcalloc(ntids, sizeof(*req->tids), GFP_KERNEL);
730 * We have to copy all of the tids because they may vary
731 * in size and, therefore, the TID count might not be
732 * equal to the pkt count. However, there is no way to
733 * tell at this point.
735 ret = copy_from_user(req->tids, iovec[idx].iov_base,
736 ntids * sizeof(*req->tids));
738 SDMA_DBG(req, "Failed to copy %d TIDs (%d)",
747 dlid = be16_to_cpu(req->hdr.lrh[1]);
748 selector = dlid_to_selector(dlid);
750 /* Have to select the engine */
751 req->sde = sdma_select_engine_vl(dd,
752 (u32)(uctxt->ctxt + fd->subctxt +
755 if (!req->sde || !sdma_running(req->sde)) {
760 /* We don't need an AHG entry if the request contains only one packet */
761 if (req->info.npkts > 1 && HFI1_CAP_IS_USET(SDMA_AHG)) {
762 int ahg = sdma_ahg_alloc(req->sde);
764 if (likely(ahg >= 0)) {
765 req->ahg_idx = (u8)ahg;
766 set_bit(SDMA_REQ_HAVE_AHG, &req->flags);
770 set_comp_state(pq, cq, info.comp_idx, QUEUED, 0);
771 atomic_inc(&pq->n_reqs);
773 /* Send the first N packets in the request to buy us some time */
774 ret = user_sdma_send_pkts(req, pcount);
775 if (unlikely(ret < 0 && ret != -EBUSY)) {
781 * It is possible that the SDMA engine would have processed all the
782 * submitted packets by the time we get here. Therefore, only set
783 * packet queue state to ACTIVE if there are still uncompleted
786 if (atomic_read(&pq->n_reqs))
787 xchg(&pq->state, SDMA_PKT_Q_ACTIVE);
790 * This is a somewhat blocking send implementation.
791 * The driver will block the caller until all packets of the
792 * request have been submitted to the SDMA engine. However, it
793 * will not wait for send completions.
795 while (!test_bit(SDMA_REQ_SEND_DONE, &req->flags)) {
796 ret = user_sdma_send_pkts(req, pcount);
800 set_bit(SDMA_REQ_DONE_ERROR, &req->flags);
801 if (ACCESS_ONCE(req->seqcomp) ==
802 req->seqsubmitted - 1)
806 wait_event_interruptible_timeout(
808 (pq->state == SDMA_PKT_Q_ACTIVE),
810 SDMA_IOWAIT_TIMEOUT));
816 user_sdma_free_request(req, true);
819 set_comp_state(pq, cq, info.comp_idx, ERROR, req->status);
823 static inline u32 compute_data_length(struct user_sdma_request *req,
824 struct user_sdma_txreq *tx)
827 * Determine the proper size of the packet data.
828 * The size of the data of the first packet is in the header
829 * template. However, it includes the header and ICRC, which need
831 * The minimum representable packet data length in a header is 4 bytes,
832 * therefore, when the data length request is less than 4 bytes, there's
833 * only one packet, and the packet data length is equal to that of the
834 * request data length.
835 * The size of the remaining packets is the minimum of the frag
836 * size (MTU) or remaining data in the request.
841 if (req->data_len < sizeof(u32))
844 len = ((be16_to_cpu(req->hdr.lrh[2]) << 2) -
845 (sizeof(tx->hdr) - 4));
846 } else if (req_opcode(req->info.ctrl) == EXPECTED) {
847 u32 tidlen = EXP_TID_GET(req->tids[req->tididx], LEN) *
850 * Get the data length based on the remaining space in the
853 len = min(tidlen - req->tidoffset, (u32)req->info.fragsize);
854 /* If we've filled up the TID pair, move to the next one. */
855 if (unlikely(!len) && ++req->tididx < req->n_tids &&
856 req->tids[req->tididx]) {
857 tidlen = EXP_TID_GET(req->tids[req->tididx],
860 len = min_t(u32, tidlen, req->info.fragsize);
863 * Since the TID pairs map entire pages, make sure that we
864 * are not going to try to send more data that we have
867 len = min(len, req->data_len - req->sent);
869 len = min(req->data_len - req->sent, (u32)req->info.fragsize);
871 SDMA_DBG(req, "Data Length = %u", len);
875 static inline u32 pad_len(u32 len)
877 if (len & (sizeof(u32) - 1))
878 len += sizeof(u32) - (len & (sizeof(u32) - 1));
882 static inline u32 get_lrh_len(struct hfi1_pkt_header hdr, u32 len)
884 /* (Size of complete header - size of PBC) + 4B ICRC + data length */
885 return ((sizeof(hdr) - sizeof(hdr.pbc)) + 4 + len);
888 static int user_sdma_send_pkts(struct user_sdma_request *req, unsigned maxpkts)
892 struct user_sdma_txreq *tx = NULL;
893 struct hfi1_user_sdma_pkt_q *pq = NULL;
894 struct user_sdma_iovec *iovec = NULL;
901 /* If tx completion has reported an error, we are done. */
902 if (test_bit(SDMA_REQ_HAS_ERROR, &req->flags)) {
903 set_bit(SDMA_REQ_DONE_ERROR, &req->flags);
908 * Check if we might have sent the entire request already
910 if (unlikely(req->seqnum == req->info.npkts)) {
911 if (!list_empty(&req->txps))
916 if (!maxpkts || maxpkts > req->info.npkts - req->seqnum)
917 maxpkts = req->info.npkts - req->seqnum;
919 while (npkts < maxpkts) {
920 u32 datalen = 0, queued = 0, data_sent = 0;
924 * Check whether any of the completions have come back
925 * with errors. If so, we are not going to process any
926 * more packets from this request.
928 if (test_bit(SDMA_REQ_HAS_ERROR, &req->flags)) {
929 set_bit(SDMA_REQ_DONE_ERROR, &req->flags);
933 tx = kmem_cache_alloc(pq->txreq_cache, GFP_KERNEL);
940 INIT_LIST_HEAD(&tx->list);
942 if (req->seqnum == req->info.npkts - 1)
943 tx->flags |= TXREQ_FLAGS_REQ_LAST_PKT;
946 * Calculate the payload size - this is min of the fragment
947 * (MTU) size or the remaining bytes in the request but only
948 * if we have payload data.
951 iovec = &req->iovs[req->iov_idx];
952 if (ACCESS_ONCE(iovec->offset) == iovec->iov.iov_len) {
953 if (++req->iov_idx == req->data_iovs) {
957 iovec = &req->iovs[req->iov_idx];
958 WARN_ON(iovec->offset);
961 datalen = compute_data_length(req, tx);
964 "Request has data but pkt len is 0");
970 if (test_bit(SDMA_REQ_HAVE_AHG, &req->flags)) {
972 u16 pbclen = le16_to_cpu(req->hdr.pbc[0]);
973 u32 lrhlen = get_lrh_len(req->hdr,
976 * Copy the request header into the tx header
977 * because the HW needs a cacheline-aligned
979 * This copy can be optimized out if the hdr
980 * member of user_sdma_request were also
983 memcpy(&tx->hdr, &req->hdr, sizeof(tx->hdr));
984 if (PBC2LRH(pbclen) != lrhlen) {
985 pbclen = (pbclen & 0xf000) |
987 tx->hdr.pbc[0] = cpu_to_le16(pbclen);
989 ret = sdma_txinit_ahg(&tx->txreq,
990 SDMA_TXREQ_F_AHG_COPY,
991 sizeof(tx->hdr) + datalen,
992 req->ahg_idx, 0, NULL, 0,
996 ret = sdma_txadd_kvaddr(pq->dd, &tx->txreq,
1004 changes = set_txreq_header_ahg(req, tx,
1008 sdma_txinit_ahg(&tx->txreq,
1009 SDMA_TXREQ_F_USE_AHG,
1010 datalen, req->ahg_idx, changes,
1011 req->ahg, sizeof(req->hdr),
1012 user_sdma_txreq_cb);
1015 ret = sdma_txinit(&tx->txreq, 0, sizeof(req->hdr) +
1016 datalen, user_sdma_txreq_cb);
1020 * Modify the header for this packet. This only needs
1021 * to be done if we are not going to use AHG. Otherwise,
1022 * the HW will do it based on the changes we gave it
1023 * during sdma_txinit_ahg().
1025 ret = set_txreq_header(req, tx, datalen);
1031 * If the request contains any data vectors, add up to
1032 * fragsize bytes to the descriptor.
1034 while (queued < datalen &&
1035 (req->sent + data_sent) < req->data_len) {
1036 unsigned long base, offset;
1037 unsigned pageidx, len;
1039 base = (unsigned long)iovec->iov.iov_base;
1040 offset = offset_in_page(base + iovec->offset +
1042 pageidx = (((iovec->offset + iov_offset +
1043 base) - (base & PAGE_MASK)) >> PAGE_SHIFT);
1044 len = offset + req->info.fragsize > PAGE_SIZE ?
1045 PAGE_SIZE - offset : req->info.fragsize;
1046 len = min((datalen - queued), len);
1047 ret = sdma_txadd_page(pq->dd, &tx->txreq,
1048 iovec->pages[pageidx],
1051 SDMA_DBG(req, "SDMA txreq add page failed %d\n",
1058 if (unlikely(queued < datalen &&
1059 pageidx == iovec->npages &&
1060 req->iov_idx < req->data_iovs - 1)) {
1061 iovec->offset += iov_offset;
1062 iovec = &req->iovs[++req->iov_idx];
1067 * The txreq was submitted successfully so we can update
1070 req->koffset += datalen;
1071 if (req_opcode(req->info.ctrl) == EXPECTED)
1072 req->tidoffset += datalen;
1073 req->sent += data_sent;
1075 iovec->offset += iov_offset;
1076 list_add_tail(&tx->txreq.list, &req->txps);
1078 * It is important to increment this here as it is used to
1079 * generate the BTH.PSN and, therefore, can't be bulk-updated
1080 * outside of the loop.
1082 tx->seqnum = req->seqnum++;
1086 ret = sdma_send_txlist(req->sde, &pq->busy, &req->txps);
1087 if (list_empty(&req->txps)) {
1088 req->seqsubmitted = req->seqnum;
1089 if (req->seqnum == req->info.npkts) {
1090 set_bit(SDMA_REQ_SEND_DONE, &req->flags);
1092 * The txreq has already been submitted to the HW queue
1093 * so we can free the AHG entry now. Corruption will not
1094 * happen due to the sequential manner in which
1095 * descriptors are processed.
1097 if (test_bit(SDMA_REQ_HAVE_AHG, &req->flags))
1098 sdma_ahg_free(req->sde, req->ahg_idx);
1100 } else if (ret > 0) {
1101 req->seqsubmitted += ret;
1107 sdma_txclean(pq->dd, &tx->txreq);
1109 kmem_cache_free(pq->txreq_cache, tx);
1114 * How many pages in this iovec element?
1116 static inline int num_user_pages(const struct iovec *iov)
1118 const unsigned long addr = (unsigned long)iov->iov_base;
1119 const unsigned long len = iov->iov_len;
1120 const unsigned long spage = addr & PAGE_MASK;
1121 const unsigned long epage = (addr + len - 1) & PAGE_MASK;
1123 return 1 + ((epage - spage) >> PAGE_SHIFT);
1126 static u32 sdma_cache_evict(struct hfi1_user_sdma_pkt_q *pq, u32 npages)
1129 struct sdma_mmu_node *node, *ptr;
1130 struct list_head to_evict = LIST_HEAD_INIT(to_evict);
1132 spin_lock(&pq->evict_lock);
1133 list_for_each_entry_safe_reverse(node, ptr, &pq->evict, list) {
1134 /* Make sure that no one is still using the node. */
1135 if (!atomic_read(&node->refcount)) {
1136 set_bit(SDMA_CACHE_NODE_EVICT, &node->flags);
1137 list_del_init(&node->list);
1138 list_add(&node->list, &to_evict);
1139 cleared += node->npages;
1140 if (cleared >= npages)
1144 spin_unlock(&pq->evict_lock);
1146 list_for_each_entry_safe(node, ptr, &to_evict, list)
1147 hfi1_mmu_rb_remove(&pq->sdma_rb_root, &node->rb);
1152 static int pin_vector_pages(struct user_sdma_request *req,
1153 struct user_sdma_iovec *iovec)
1155 int ret = 0, pinned, npages, cleared;
1156 struct page **pages;
1157 struct hfi1_user_sdma_pkt_q *pq = req->pq;
1158 struct sdma_mmu_node *node = NULL;
1159 struct mmu_rb_node *rb_node;
1161 rb_node = hfi1_mmu_rb_extract(&pq->sdma_rb_root,
1162 (unsigned long)iovec->iov.iov_base,
1163 iovec->iov.iov_len);
1164 if (rb_node && !IS_ERR(rb_node))
1165 node = container_of(rb_node, struct sdma_mmu_node, rb);
1170 node = kzalloc(sizeof(*node), GFP_KERNEL);
1174 node->rb.addr = (unsigned long)iovec->iov.iov_base;
1176 atomic_set(&node->refcount, 0);
1177 INIT_LIST_HEAD(&node->list);
1180 npages = num_user_pages(&iovec->iov);
1181 if (node->npages < npages) {
1182 pages = kcalloc(npages, sizeof(*pages), GFP_KERNEL);
1184 SDMA_DBG(req, "Failed page array alloc");
1188 memcpy(pages, node->pages, node->npages * sizeof(*pages));
1190 npages -= node->npages;
1193 * If rb_node is NULL, it means that this is brand new node
1194 * and, therefore not on the eviction list.
1195 * If, however, the rb_node is non-NULL, it means that the
1196 * node is already in RB tree and, therefore on the eviction
1197 * list (nodes are unconditionally inserted in the eviction
1198 * list). In that case, we have to remove the node prior to
1199 * calling the eviction function in order to prevent it from
1200 * freeing this node.
1203 spin_lock(&pq->evict_lock);
1204 list_del_init(&node->list);
1205 spin_unlock(&pq->evict_lock);
1208 if (!hfi1_can_pin_pages(pq->dd, pq->n_locked, npages)) {
1209 cleared = sdma_cache_evict(pq, npages);
1210 if (cleared >= npages)
1213 pinned = hfi1_acquire_user_pages(
1214 ((unsigned long)iovec->iov.iov_base +
1215 (node->npages * PAGE_SIZE)), npages, 0,
1216 pages + node->npages);
1222 if (pinned != npages) {
1223 unpin_vector_pages(current->mm, pages, node->npages,
1229 node->rb.len = iovec->iov.iov_len;
1230 node->pages = pages;
1231 node->npages += pinned;
1232 npages = node->npages;
1233 spin_lock(&pq->evict_lock);
1234 list_add(&node->list, &pq->evict);
1235 pq->n_locked += pinned;
1236 spin_unlock(&pq->evict_lock);
1238 iovec->pages = node->pages;
1239 iovec->npages = npages;
1242 ret = hfi1_mmu_rb_insert(&req->pq->sdma_rb_root, &node->rb);
1244 spin_lock(&pq->evict_lock);
1245 if (!list_empty(&node->list))
1246 list_del(&node->list);
1247 pq->n_locked -= node->npages;
1248 spin_unlock(&pq->evict_lock);
1255 unpin_vector_pages(current->mm, node->pages, 0, node->npages);
1260 static void unpin_vector_pages(struct mm_struct *mm, struct page **pages,
1261 unsigned start, unsigned npages)
1263 hfi1_release_user_pages(mm, pages + start, npages, false);
1267 static int check_header_template(struct user_sdma_request *req,
1268 struct hfi1_pkt_header *hdr, u32 lrhlen,
1272 * Perform safety checks for any type of packet:
1273 * - transfer size is multiple of 64bytes
1274 * - packet length is multiple of 4 bytes
1275 * - packet length is not larger than MTU size
1277 * These checks are only done for the first packet of the
1278 * transfer since the header is "given" to us by user space.
1279 * For the remainder of the packets we compute the values.
1281 if (req->info.fragsize % PIO_BLOCK_SIZE || lrhlen & 0x3 ||
1282 lrhlen > get_lrh_len(*hdr, req->info.fragsize))
1285 if (req_opcode(req->info.ctrl) == EXPECTED) {
1287 * The header is checked only on the first packet. Furthermore,
1288 * we ensure that at least one TID entry is copied when the
1289 * request is submitted. Therefore, we don't have to verify that
1290 * tididx points to something sane.
1292 u32 tidval = req->tids[req->tididx],
1293 tidlen = EXP_TID_GET(tidval, LEN) * PAGE_SIZE,
1294 tididx = EXP_TID_GET(tidval, IDX),
1295 tidctrl = EXP_TID_GET(tidval, CTRL),
1297 __le32 kval = hdr->kdeth.ver_tid_offset;
1299 tidoff = KDETH_GET(kval, OFFSET) *
1300 (KDETH_GET(req->hdr.kdeth.ver_tid_offset, OM) ?
1301 KDETH_OM_LARGE : KDETH_OM_SMALL);
1303 * Expected receive packets have the following
1304 * additional checks:
1305 * - offset is not larger than the TID size
1306 * - TIDCtrl values match between header and TID array
1307 * - TID indexes match between header and TID array
1309 if ((tidoff + datalen > tidlen) ||
1310 KDETH_GET(kval, TIDCTRL) != tidctrl ||
1311 KDETH_GET(kval, TID) != tididx)
1318 * Correctly set the BTH.PSN field based on type of
1319 * transfer - eager packets can just increment the PSN but
1320 * expected packets encode generation and sequence in the
1321 * BTH.PSN field so just incrementing will result in errors.
1323 static inline u32 set_pkt_bth_psn(__be32 bthpsn, u8 expct, u32 frags)
1325 u32 val = be32_to_cpu(bthpsn),
1326 mask = (HFI1_CAP_IS_KSET(EXTENDED_PSN) ? 0x7fffffffull :
1330 psn = (psn & ~BTH_SEQ_MASK) | ((psn + frags) & BTH_SEQ_MASK);
1336 static int set_txreq_header(struct user_sdma_request *req,
1337 struct user_sdma_txreq *tx, u32 datalen)
1339 struct hfi1_user_sdma_pkt_q *pq = req->pq;
1340 struct hfi1_pkt_header *hdr = &tx->hdr;
1343 u32 tidval = 0, lrhlen = get_lrh_len(*hdr, pad_len(datalen));
1345 /* Copy the header template to the request before modification */
1346 memcpy(hdr, &req->hdr, sizeof(*hdr));
1349 * Check if the PBC and LRH length are mismatched. If so
1350 * adjust both in the header.
1352 pbclen = le16_to_cpu(hdr->pbc[0]);
1353 if (PBC2LRH(pbclen) != lrhlen) {
1354 pbclen = (pbclen & 0xf000) | LRH2PBC(lrhlen);
1355 hdr->pbc[0] = cpu_to_le16(pbclen);
1356 hdr->lrh[2] = cpu_to_be16(lrhlen >> 2);
1359 * This is the first packet in the sequence that has
1360 * a "static" size that can be used for the rest of
1361 * the packets (besides the last one).
1363 if (unlikely(req->seqnum == 2)) {
1365 * From this point on the lengths in both the
1366 * PBC and LRH are the same until the last
1368 * Adjust the template so we don't have to update
1371 req->hdr.pbc[0] = hdr->pbc[0];
1372 req->hdr.lrh[2] = hdr->lrh[2];
1376 * We only have to modify the header if this is not the
1377 * first packet in the request. Otherwise, we use the
1378 * header given to us.
1380 if (unlikely(!req->seqnum)) {
1381 ret = check_header_template(req, hdr, lrhlen, datalen);
1387 hdr->bth[2] = cpu_to_be32(
1388 set_pkt_bth_psn(hdr->bth[2],
1389 (req_opcode(req->info.ctrl) == EXPECTED),
1392 /* Set ACK request on last packet */
1393 if (unlikely(tx->flags & TXREQ_FLAGS_REQ_LAST_PKT))
1394 hdr->bth[2] |= cpu_to_be32(1UL << 31);
1396 /* Set the new offset */
1397 hdr->kdeth.swdata[6] = cpu_to_le32(req->koffset);
1398 /* Expected packets have to fill in the new TID information */
1399 if (req_opcode(req->info.ctrl) == EXPECTED) {
1400 tidval = req->tids[req->tididx];
1402 * If the offset puts us at the end of the current TID,
1403 * advance everything.
1405 if ((req->tidoffset) == (EXP_TID_GET(tidval, LEN) *
1409 * Since we don't copy all the TIDs, all at once,
1410 * we have to check again.
1412 if (++req->tididx > req->n_tids - 1 ||
1413 !req->tids[req->tididx]) {
1416 tidval = req->tids[req->tididx];
1418 req->omfactor = EXP_TID_GET(tidval, LEN) * PAGE_SIZE >=
1419 KDETH_OM_MAX_SIZE ? KDETH_OM_LARGE : KDETH_OM_SMALL;
1420 /* Set KDETH.TIDCtrl based on value for this TID. */
1421 KDETH_SET(hdr->kdeth.ver_tid_offset, TIDCTRL,
1422 EXP_TID_GET(tidval, CTRL));
1423 /* Set KDETH.TID based on value for this TID */
1424 KDETH_SET(hdr->kdeth.ver_tid_offset, TID,
1425 EXP_TID_GET(tidval, IDX));
1426 /* Clear KDETH.SH only on the last packet */
1427 if (unlikely(tx->flags & TXREQ_FLAGS_REQ_LAST_PKT))
1428 KDETH_SET(hdr->kdeth.ver_tid_offset, SH, 0);
1430 * Set the KDETH.OFFSET and KDETH.OM based on size of
1433 SDMA_DBG(req, "TID offset %ubytes %uunits om%u",
1434 req->tidoffset, req->tidoffset / req->omfactor,
1435 req->omfactor != KDETH_OM_SMALL);
1436 KDETH_SET(hdr->kdeth.ver_tid_offset, OFFSET,
1437 req->tidoffset / req->omfactor);
1438 KDETH_SET(hdr->kdeth.ver_tid_offset, OM,
1439 req->omfactor != KDETH_OM_SMALL);
1442 trace_hfi1_sdma_user_header(pq->dd, pq->ctxt, pq->subctxt,
1443 req->info.comp_idx, hdr, tidval);
1444 return sdma_txadd_kvaddr(pq->dd, &tx->txreq, hdr, sizeof(*hdr));
1447 static int set_txreq_header_ahg(struct user_sdma_request *req,
1448 struct user_sdma_txreq *tx, u32 len)
1451 struct hfi1_user_sdma_pkt_q *pq = req->pq;
1452 struct hfi1_pkt_header *hdr = &req->hdr;
1453 u16 pbclen = le16_to_cpu(hdr->pbc[0]);
1454 u32 val32, tidval = 0, lrhlen = get_lrh_len(*hdr, pad_len(len));
1456 if (PBC2LRH(pbclen) != lrhlen) {
1457 /* PBC.PbcLengthDWs */
1458 AHG_HEADER_SET(req->ahg, diff, 0, 0, 12,
1459 cpu_to_le16(LRH2PBC(lrhlen)));
1460 /* LRH.PktLen (we need the full 16 bits due to byte swap) */
1461 AHG_HEADER_SET(req->ahg, diff, 3, 0, 16,
1462 cpu_to_be16(lrhlen >> 2));
1466 * Do the common updates
1468 /* BTH.PSN and BTH.A */
1469 val32 = (be32_to_cpu(hdr->bth[2]) + req->seqnum) &
1470 (HFI1_CAP_IS_KSET(EXTENDED_PSN) ? 0x7fffffff : 0xffffff);
1471 if (unlikely(tx->flags & TXREQ_FLAGS_REQ_LAST_PKT))
1473 AHG_HEADER_SET(req->ahg, diff, 6, 0, 16, cpu_to_be16(val32 >> 16));
1474 AHG_HEADER_SET(req->ahg, diff, 6, 16, 16, cpu_to_be16(val32 & 0xffff));
1476 AHG_HEADER_SET(req->ahg, diff, 15, 0, 16,
1477 cpu_to_le16(req->koffset & 0xffff));
1478 AHG_HEADER_SET(req->ahg, diff, 15, 16, 16,
1479 cpu_to_le16(req->koffset >> 16));
1480 if (req_opcode(req->info.ctrl) == EXPECTED) {
1483 tidval = req->tids[req->tididx];
1486 * If the offset puts us at the end of the current TID,
1487 * advance everything.
1489 if ((req->tidoffset) == (EXP_TID_GET(tidval, LEN) *
1493 * Since we don't copy all the TIDs, all at once,
1494 * we have to check again.
1496 if (++req->tididx > req->n_tids - 1 ||
1497 !req->tids[req->tididx]) {
1500 tidval = req->tids[req->tididx];
1502 req->omfactor = ((EXP_TID_GET(tidval, LEN) *
1504 KDETH_OM_MAX_SIZE) ? KDETH_OM_LARGE :
1506 /* KDETH.OM and KDETH.OFFSET (TID) */
1507 AHG_HEADER_SET(req->ahg, diff, 7, 0, 16,
1508 ((!!(req->omfactor - KDETH_OM_SMALL)) << 15 |
1509 ((req->tidoffset / req->omfactor) & 0x7fff)));
1510 /* KDETH.TIDCtrl, KDETH.TID */
1511 val = cpu_to_le16(((EXP_TID_GET(tidval, CTRL) & 0x3) << 10) |
1512 (EXP_TID_GET(tidval, IDX) & 0x3ff));
1513 /* Clear KDETH.SH on last packet */
1514 if (unlikely(tx->flags & TXREQ_FLAGS_REQ_LAST_PKT)) {
1515 val |= cpu_to_le16(KDETH_GET(hdr->kdeth.ver_tid_offset,
1517 val &= cpu_to_le16(~(1U << 13));
1518 AHG_HEADER_SET(req->ahg, diff, 7, 16, 14, val);
1520 AHG_HEADER_SET(req->ahg, diff, 7, 16, 12, val);
1524 trace_hfi1_sdma_user_header_ahg(pq->dd, pq->ctxt, pq->subctxt,
1525 req->info.comp_idx, req->sde->this_idx,
1526 req->ahg_idx, req->ahg, diff, tidval);
1531 * SDMA tx request completion callback. Called when the SDMA progress
1532 * state machine gets notification that the SDMA descriptors for this
1533 * tx request have been processed by the DMA engine. Called in
1534 * interrupt context.
1536 static void user_sdma_txreq_cb(struct sdma_txreq *txreq, int status)
1538 struct user_sdma_txreq *tx =
1539 container_of(txreq, struct user_sdma_txreq, txreq);
1540 struct user_sdma_request *req;
1541 struct hfi1_user_sdma_pkt_q *pq;
1542 struct hfi1_user_sdma_comp_q *cq;
1552 if (status != SDMA_TXREQ_S_OK) {
1553 SDMA_DBG(req, "SDMA completion with error %d",
1555 set_bit(SDMA_REQ_HAS_ERROR, &req->flags);
1558 req->seqcomp = tx->seqnum;
1559 kmem_cache_free(pq->txreq_cache, tx);
1562 idx = req->info.comp_idx;
1563 if (req->status == -1 && status == SDMA_TXREQ_S_OK) {
1564 if (req->seqcomp == req->info.npkts - 1) {
1566 user_sdma_free_request(req, false);
1568 set_comp_state(pq, cq, idx, COMPLETE, 0);
1571 if (status != SDMA_TXREQ_S_OK)
1572 req->status = status;
1573 if (req->seqcomp == (ACCESS_ONCE(req->seqsubmitted) - 1) &&
1574 (test_bit(SDMA_REQ_SEND_DONE, &req->flags) ||
1575 test_bit(SDMA_REQ_DONE_ERROR, &req->flags))) {
1576 user_sdma_free_request(req, false);
1578 set_comp_state(pq, cq, idx, ERROR, req->status);
1583 static inline void pq_update(struct hfi1_user_sdma_pkt_q *pq)
1585 if (atomic_dec_and_test(&pq->n_reqs)) {
1586 xchg(&pq->state, SDMA_PKT_Q_INACTIVE);
1591 static void user_sdma_free_request(struct user_sdma_request *req, bool unpin)
1593 if (!list_empty(&req->txps)) {
1594 struct sdma_txreq *t, *p;
1596 list_for_each_entry_safe(t, p, &req->txps, list) {
1597 struct user_sdma_txreq *tx =
1598 container_of(t, struct user_sdma_txreq, txreq);
1599 list_del_init(&t->list);
1600 sdma_txclean(req->pq->dd, t);
1601 kmem_cache_free(req->pq->txreq_cache, tx);
1604 if (req->data_iovs) {
1605 struct sdma_mmu_node *node;
1608 for (i = 0; i < req->data_iovs; i++) {
1609 node = req->iovs[i].node;
1614 hfi1_mmu_rb_remove(&req->pq->sdma_rb_root,
1617 atomic_dec(&node->refcount);
1621 clear_bit(req->info.comp_idx, req->pq->req_in_use);
1624 static inline void set_comp_state(struct hfi1_user_sdma_pkt_q *pq,
1625 struct hfi1_user_sdma_comp_q *cq,
1626 u16 idx, enum hfi1_sdma_comp_state state,
1629 hfi1_cdbg(SDMA, "[%u:%u:%u:%u] Setting completion status %u %d",
1630 pq->dd->unit, pq->ctxt, pq->subctxt, idx, state, ret);
1631 cq->comps[idx].status = state;
1633 cq->comps[idx].errcode = -ret;
1634 trace_hfi1_sdma_user_completion(pq->dd, pq->ctxt, pq->subctxt,
1638 static bool sdma_rb_filter(struct mmu_rb_node *node, unsigned long addr,
1641 return (bool)(node->addr == addr);
1644 static int sdma_rb_insert(struct rb_root *root, struct mmu_rb_node *mnode)
1646 struct sdma_mmu_node *node =
1647 container_of(mnode, struct sdma_mmu_node, rb);
1649 atomic_inc(&node->refcount);
1653 static void sdma_rb_remove(struct rb_root *root, struct mmu_rb_node *mnode,
1654 struct mm_struct *mm)
1656 struct sdma_mmu_node *node =
1657 container_of(mnode, struct sdma_mmu_node, rb);
1659 spin_lock(&node->pq->evict_lock);
1661 * We've been called by the MMU notifier but this node has been
1662 * scheduled for eviction. The eviction function will take care
1663 * of freeing this node.
1664 * We have to take the above lock first because we are racing
1665 * against the setting of the bit in the eviction function.
1667 if (mm && test_bit(SDMA_CACHE_NODE_EVICT, &node->flags)) {
1668 spin_unlock(&node->pq->evict_lock);
1672 if (!list_empty(&node->list))
1673 list_del(&node->list);
1674 node->pq->n_locked -= node->npages;
1675 spin_unlock(&node->pq->evict_lock);
1678 * If mm is set, we are being called by the MMU notifier and we
1679 * should not pass a mm_struct to unpin_vector_page(). This is to
1680 * prevent a deadlock when hfi1_release_user_pages() attempts to
1681 * take the mmap_sem, which the MMU notifier has already taken.
1683 unpin_vector_pages(mm ? NULL : current->mm, node->pages, 0,
1686 * If called by the MMU notifier, we have to adjust the pinned
1687 * page count ourselves.
1690 mm->pinned_vm -= node->npages;
1694 static int sdma_rb_invalidate(struct rb_root *root, struct mmu_rb_node *mnode)
1696 struct sdma_mmu_node *node =
1697 container_of(mnode, struct sdma_mmu_node, rb);
1699 if (!atomic_read(&node->refcount))