1. 24 Aug, 2017 2 commits
    • Majd Dibbiny's avatar
      IB/mlx5: Fix Raw Packet QP event handler assignment · 1d31e9c0
      Majd Dibbiny authored
      In case we have SQ and RQ for Raw Packet QP, the SQ's event handler
      wasn't assigned.
      
      Fixing this by assigning event handler for each WQ after creation.
      
      [ 1877.145243] Call Trace:
      [ 1877.148644] <IRQ>
      [ 1877.150580] [<ffffffffa07987c5>] ? mlx5_rsc_event+0x105/0x210 [mlx5_core]
      [ 1877.159581] [<ffffffffa0795bd7>] ? mlx5_cq_event+0x57/0xd0 [mlx5_core]
      [ 1877.167137] [<ffffffffa079208e>] mlx5_eq_int+0x53e/0x6c0 [mlx5_core]
      [ 1877.174526] [<ffffffff8101a679>] ? sched_clock+0x9/0x10
      [ 1877.180753] [<ffffffff810f717e>] handle_irq_event_percpu+0x3e/0x1e0
      [ 1877.188014] [<ffffffff810f735d>] handle_irq_event+0x3d/0x60
      [ 1877.194567] [<ffffffff810f9fe7>] handle_edge_irq+0x77/0x130
      [ 1877.201129] [<ffffffff81014c3f>] handle_irq+0xbf/0x150
      [ 1877.207244] [<ffffffff815ed78a>] ? atomic_notifier_call_chain+0x1a/0x20
      [ 1877.214829] [<ffffffff815f434f>] do_IRQ+0x4f/0xf0
      [ 1877.220498] [<ffffffff815e94ad>] common_interrupt+0x6d/0x6d
      [ 1877.227025] <EOI>
      [ 1877.228967] [<ffffffff814834e2>] ? cpuidle_enter_state+0x52/0xc0
      [ 1877.236990] [<ffffffff81483615>] cpuidle_idle_call+0xc5/0x200
      [ 1877.243676] [<ffffffff8101bc7e>] arch_cpu_idle+0xe/0x30
      [ 1877.249831] [<ffffffff810b4725>] cpu_startup_entry+0xf5/0x290
      [ 1877.256513] [<ffffffff815cfee1>] start_secondary+0x265/0x27b
      [ 1877.263111] Code: Bad RIP value.
      [ 1877.267296] RIP [< (null)>] (null)
      [ 1877.273264] RSP <ffff88046fd63df8>
      [ 1877.277531] CR2: 0000000000000000
      
      Fixes: 19098df2 ("IB/mlx5: Refactor mlx5_ib_qp to accommodate other QP types")
      Signed-off-by: default avatarMajd Dibbiny <majd@mellanox.com>
      Reviewed-by: default avatarYishai Hadas <yishaih@mellanox.com>
      Signed-off-by: default avatarLeon Romanovsky <leon@kernel.org>
      Signed-off-by: default avatarDoug Ledford <dledford@redhat.com>
      1d31e9c0
    • Noa Osherovich's avatar
      IB/core: Avoid accessing non-allocated memory when inferring port type · 498ca3c8
      Noa Osherovich authored
      Commit 44c58487 ("IB/core: Define 'ib' and 'roce' rdma_ah_attr types")
      introduced the concept of type in ah_attr:
       * During ib_register_device, each port is checked for its type which
         is stored in ib_device's port_immutable array.
       * During uverbs' modify_qp, the type is inferred using the port number
         in ib_uverbs_qp_dest struct (address vector) by accessing the
         relevant port_immutable array and the type is passed on to
         providers.
      
      IB spec (version 1.3) enforces a valid port value only in Reset to
      Init. During Init to RTR, the address vector must be valid but port
      number is not mentioned as a field in the address vector, so its
      value is not validated, which leads to accesses to a non-allocated
      memory when inferring the port type.
      
      Save the real port number in ib_qp during modify to Init (when the
      comp_mask indicates that the port number is valid) and use this value
      to infer the port type.
      
      Avoid copying the address vector fields if the matching bit is not set
      in the attr_mask. Address vector can't be modified before the port, so
      no valid flow is affected.
      
      Fixes: 44c58487 ('IB/core: Define 'ib' and 'roce' rdma_ah_attr types')
      Signed-off-by: default avatarNoa Osherovich <noaos@mellanox.com>
      Reviewed-by: default avatarYishai Hadas <yishaih@mellanox.com>
      Signed-off-by: default avatarLeon Romanovsky <leon@kernel.org>
      Signed-off-by: default avatarDoug Ledford <dledford@redhat.com>
      498ca3c8
  2. 22 Aug, 2017 1 commit
  3. 16 Aug, 2017 10 commits
  4. 07 Aug, 2017 1 commit
    • Doug Ledford's avatar
      Merge tag 'rdma-rc-2017-07-26' of... · 48107c4e
      Doug Ledford authored
      Merge tag 'rdma-rc-2017-07-26' of git://git.kernel.org/pub/scm/linux/kernel/git/leon/linux-rdma into leon-ipoib
      
      IPoIB fixes for 4.13
      
      The patchset provides various fixes for IPoIB. It is combination of
      fixes to various issues discovered during verification along with
      static checkers cleanup patches.
      
      Most of the patches are from pre-git era and hence lack of Fixes lines.
      
      There is one exception in this IPoIB group - addition of patch revert:
      Revert "IB/core: Allow QP state transition from reset to error", but
      it followed by proper fix to the annoying print, so I thought it is
      appropriate to include it.
      Signed-off-by: default avatarDoug Ledford <dledford@redhat.com>
      48107c4e
  5. 04 Aug, 2017 5 commits
    • Dan Carpenter's avatar
      IB/hns: checking for IS_ERR() instead of NULL · 5db465f2
      Dan Carpenter authored
      The hns_roce_v1_create_lp_qp() returns NULL on error, not error pointers.
      
      Fixes: bfcc681b ("IB/hns: Fix the bug when free mr")
      Signed-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
      Signed-off-by: default avatarDoug Ledford <dledford@redhat.com>
      5db465f2
    • Leon Romanovsky's avatar
      RDMA/mlx5: Fix existence check for extended address vector · 931b3c1a
      Leon Romanovsky authored
      The extended address vector is the highest bit in be32 variable,
      but it was compared with the lowest. This patch fixes the endianness
      of that check and removes already declared define.
      
      Fixes: 17d2f88f ("IB/mlx5: Add ODP atomics support")
      Reviewed-by: default avatarArtemy Kovalyov <artemyko@mellanox.com>
      Signed-off-by: default avatarLeon Romanovsky <leonro@mellanox.com>
      Signed-off-by: default avatarDoug Ledford <dledford@redhat.com>
      931b3c1a
    • Yishai Hadas's avatar
      IB/uverbs: Fix device cleanup · efdd6f53
      Yishai Hadas authored
      Uverbs device should be cleaned up only when there is no
      potential usage of.
      
      As part of ib_uverbs_remove_one which might be triggered upon reset flow
      the device reference count is decreased as expected and leave the final
      cleanup to the FDs that were opened.
      
      Current code increases reference count upon opening a new command FD and
      decreases it upon closing the file. The event FD is opened internally
      and rely on the command FD by taking on it a reference count.
      
      In case that the command FD was closed and just later the event FD we
      may ensure that the device resources as of srcu are still alive as they
      are still in use.
      
      Fixing the above by moving the reference count decreasing to the place
      where the command FD is really freed instead of doing that when it was
      just closed.
      
      fixes: 036b1063 ("IB/uverbs: Enable device removal when there are active user space applications")
      Signed-off-by: default avatarYishai Hadas <yishaih@mellanox.com>
      Reviewed-by: default avatarMatan Barak <matanb@mellanox.com>
      Reviewed-by: default avatarJason Gunthorpe <jgunthorpe@obsidianresearch.com>
      Tested-by: default avatarJason Gunthorpe <jgunthorpe@obsidianresearch.com>
      Signed-off-by: default avatarLeon Romanovsky <leon@kernel.org>
      Signed-off-by: default avatarDoug Ledford <dledford@redhat.com>
      efdd6f53
    • Leon Romanovsky's avatar
      RDMA/uverbs: Prevent leak of reserved field · f7a6cb7b
      Leon Romanovsky authored
      initialize to zero the response structure to prevent
      the leakage of "resp.reserved" field.
      
      drivers/infiniband/core/uverbs_cmd.c:1178 ib_uverbs_resize_cq() warn:
      	check that 'resp.reserved' doesn't leak information
      
      Fixes: 33b9b3ee ("IB: Add userspace support for resizing CQs")
      Signed-off-by: default avatarLeon Romanovsky <leonro@mellanox.com>
      Reviewed-by: default avatarDennis Dalessandro <dennis.dalessandro@intel.com>
      Signed-off-by: default avatarDoug Ledford <dledford@redhat.com>
      f7a6cb7b
    • Parav Pandit's avatar
      IB/core: Fix race condition in resolving IP to MAC · 5fff41e1
      Parav Pandit authored
      Currently while resolving IP address to MAC address single delayed work
      is used for resolving multiple such resolve requests. This singled work
      is essentially performs two tasks.
      (a) any retry needed to resolve and
      (b) it executes the callback function for all completed requests
      
      While work is executing callbacks, any new work scheduled on for this
      workqueue is lost because workqueue has completed looking at all pending
      requests and now looking at callbacks, but work is still under
      execution. Any further retry to look at pending requests in
      process_req() after executing callbacks would lead to similar race
      condition (may be reduce the probably further but doesn't eliminate it).
      Retrying to enqueue work that from queue_req() context is not something
      rest of the kernel modules have followed.
      
      Therefore fix in this patch utilizes kernel facility to enqueue multiple
      work items to a workqueue. This ensures that no such requests
      gets lost in synchronization. Request list is still maintained so that
      rdma_cancel_addr() can unlink the request and get the completion with
      error sooner. Neighbour update event handling continues to be handled in
      same way as before.
      Additionally process_req() work entry cancels any pending work for a
      request that gets completed while processing those requests.
      
      Originally ib_addr was ST workqueue, but it became MT work queue with
      patch of [1]. This patch again makes it similar to ST so that
      neighbour update events handler work item doesn't race with
      other work items.
      
      In one such below trace, (though on 4.5 based kernel) it can be seen
      that process_req() never executed the callback, which is likely for an
      event that was schedule by queue_req() when previous callback was
      getting executed by workqueue.
      
       [<ffffffff816b0dde>] schedule+0x3e/0x90
       [<ffffffff816b3c45>] schedule_timeout+0x1b5/0x210
       [<ffffffff81618c37>] ? ip_route_output_flow+0x27/0x70
       [<ffffffffa027f9c9>] ? addr_resolve+0x149/0x1b0 [ib_addr]
       [<ffffffff816b228f>] wait_for_completion+0x10f/0x170
       [<ffffffff810b6140>] ? try_to_wake_up+0x210/0x210
       [<ffffffffa027f220>] ? rdma_copy_addr+0xa0/0xa0 [ib_addr]
       [<ffffffffa0280120>] rdma_addr_find_l2_eth_by_grh+0x1d0/0x278 [ib_addr]
       [<ffffffff81321297>] ? sub_alloc+0x77/0x1c0
       [<ffffffffa02943b7>] ib_init_ah_from_wc+0x3a7/0x5a0 [ib_core]
       [<ffffffffa0457aba>] cm_req_handler+0xea/0x580 [ib_cm]
       [<ffffffff81015982>] ? __switch_to+0x212/0x5e0
       [<ffffffffa04582fd>] cm_work_handler+0x6d/0x150 [ib_cm]
       [<ffffffff810a14c1>] process_one_work+0x151/0x4b0
       [<ffffffff810a1940>] worker_thread+0x120/0x480
       [<ffffffff816b074b>] ? __schedule+0x30b/0x890
       [<ffffffff810a1820>] ? process_one_work+0x4b0/0x4b0
       [<ffffffff810a1820>] ? process_one_work+0x4b0/0x4b0
       [<ffffffff810a6b1e>] kthread+0xce/0xf0
       [<ffffffff810a6a50>] ? kthread_freezable_should_stop+0x70/0x70
       [<ffffffff816b53a2>] ret_from_fork+0x42/0x70
       [<ffffffff810a6a50>] ? kthread_freezable_should_stop+0x70/0x70
      INFO: task kworker/u144:1:156520 blocked for more than 120 seconds.
      "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this
      message.
      kworker/u144:1  D ffff883ffe1d7600     0 156520      2 0x00000080
      Workqueue: ib_addr process_req [ib_addr]
       ffff883f446fbbd8 0000000000000046 ffff881f95280000 ffff881ff24de200
       ffff883f66120000 ffff883f446f8008 ffff881f95280000 ffff883f6f9208c4
       ffff883f6f9208c8 00000000ffffffff ffff883f446fbbf8 ffffffff816b0dde
      
      [1] http://lkml.iu.edu/hypermail/linux/kernel/1608.1/05834.htmlSigned-off-by: default avatarParav Pandit <parav@mellanox.com>
      Reviewed-by: default avatarMark Bloch <markb@mellanox.com>
      Signed-off-by: default avatarLeon Romanovsky <leon@kernel.org>
      Signed-off-by: default avatarDoug Ledford <dledford@redhat.com>
      5fff41e1
  6. 23 Jul, 2017 11 commits
  7. 20 Jul, 2017 10 commits