net/mlx4: Avoid wrong virtual mappings
The dma_alloc_coherent() function returns a virtual address which can be used for coherent access to the underlying memory. On some architectures, like arm64, undefined behavior results if this memory is also accessed via virtual mappings that are not coherent. Because of their undefined nature, operations like virt_to_page() return garbage when passed virtual addresses obtained from dma_alloc_coherent(). Any subsequent mappings via vmap() of the garbage page values are unusable and result in bad things like bus errors (synchronous aborts in ARM64 speak). The mlx4 driver contains code that does the equivalent of: vmap(virt_to_page(dma_alloc_coherent)), this results in an OOPs when the device is opened. Prevent Ethernet driver to run this problematic code by forcing it to allocate contiguous memory. As for the Infiniband driver, at first we are trying to allocate contiguous memory, but in case of failure roll back to work with fragmented memory. Signed-off-by: Haggai Abramovsky <hagaya@mellanox.com> Signed-off-by: Yishai Hadas <yishaih@mellanox.com> Reported-by: David Daney <david.daney@cavium.com> Tested-by: Sinan Kaya <okaya@codeaurora.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Tento commit je obsažen v:
Haggai Abramovsky
odevzdal
David S. Miller
David S. Miller
rodič
035cd6ba53
revize
73898db043
@@ -419,7 +419,8 @@ static int set_rq_size(struct mlx4_ib_dev *dev, struct ib_qp_cap *cap,
|
||||
}
|
||||
|
||||
static int set_kernel_sq_size(struct mlx4_ib_dev *dev, struct ib_qp_cap *cap,
|
||||
enum mlx4_ib_qp_type type, struct mlx4_ib_qp *qp)
|
||||
enum mlx4_ib_qp_type type, struct mlx4_ib_qp *qp,
|
||||
bool shrink_wqe)
|
||||
{
|
||||
int s;
|
||||
|
||||
@@ -477,7 +478,7 @@ static int set_kernel_sq_size(struct mlx4_ib_dev *dev, struct ib_qp_cap *cap,
|
||||
* We set WQE size to at least 64 bytes, this way stamping
|
||||
* invalidates each WQE.
|
||||
*/
|
||||
if (dev->dev->caps.fw_ver >= MLX4_FW_VER_WQE_CTRL_NEC &&
|
||||
if (shrink_wqe && dev->dev->caps.fw_ver >= MLX4_FW_VER_WQE_CTRL_NEC &&
|
||||
qp->sq_signal_bits && BITS_PER_LONG == 64 &&
|
||||
type != MLX4_IB_QPT_SMI && type != MLX4_IB_QPT_GSI &&
|
||||
!(type & (MLX4_IB_QPT_PROXY_SMI_OWNER | MLX4_IB_QPT_PROXY_SMI |
|
||||
@@ -642,6 +643,7 @@ static int create_qp_common(struct mlx4_ib_dev *dev, struct ib_pd *pd,
|
||||
{
|
||||
int qpn;
|
||||
int err;
|
||||
struct ib_qp_cap backup_cap;
|
||||
struct mlx4_ib_sqp *sqp;
|
||||
struct mlx4_ib_qp *qp;
|
||||
enum mlx4_ib_qp_type qp_type = (enum mlx4_ib_qp_type) init_attr->qp_type;
|
||||
@@ -775,7 +777,9 @@ static int create_qp_common(struct mlx4_ib_dev *dev, struct ib_pd *pd,
|
||||
goto err;
|
||||
}
|
||||
|
||||
err = set_kernel_sq_size(dev, &init_attr->cap, qp_type, qp);
|
||||
memcpy(&backup_cap, &init_attr->cap, sizeof(backup_cap));
|
||||
err = set_kernel_sq_size(dev, &init_attr->cap,
|
||||
qp_type, qp, true);
|
||||
if (err)
|
||||
goto err;
|
||||
|
||||
@@ -787,9 +791,20 @@ static int create_qp_common(struct mlx4_ib_dev *dev, struct ib_pd *pd,
|
||||
*qp->db.db = 0;
|
||||
}
|
||||
|
||||
if (mlx4_buf_alloc(dev->dev, qp->buf_size, PAGE_SIZE * 2, &qp->buf, gfp)) {
|
||||
err = -ENOMEM;
|
||||
goto err_db;
|
||||
if (mlx4_buf_alloc(dev->dev, qp->buf_size, qp->buf_size,
|
||||
&qp->buf, gfp)) {
|
||||
memcpy(&init_attr->cap, &backup_cap,
|
||||
sizeof(backup_cap));
|
||||
err = set_kernel_sq_size(dev, &init_attr->cap, qp_type,
|
||||
qp, false);
|
||||
if (err)
|
||||
goto err_db;
|
||||
|
||||
if (mlx4_buf_alloc(dev->dev, qp->buf_size,
|
||||
PAGE_SIZE * 2, &qp->buf, gfp)) {
|
||||
err = -ENOMEM;
|
||||
goto err_db;
|
||||
}
|
||||
}
|
||||
|
||||
err = mlx4_mtt_init(dev->dev, qp->buf.npages, qp->buf.page_shift,
|
||||
|
||||
Odkázat v novém úkolu
Zablokovat Uživatele