uverbs_ioctl.c 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849
  1. /*
  2. * Copyright (c) 2017, Mellanox Technologies inc. All rights reserved.
  3. *
  4. * This software is available to you under a choice of one of two
  5. * licenses. You may choose to be licensed under the terms of the GNU
  6. * General Public License (GPL) Version 2, available from the file
  7. * COPYING in the main directory of this source tree, or the
  8. * OpenIB.org BSD license below:
  9. *
  10. * Redistribution and use in source and binary forms, with or
  11. * without modification, are permitted provided that the following
  12. * conditions are met:
  13. *
  14. * - Redistributions of source code must retain the above
  15. * copyright notice, this list of conditions and the following
  16. * disclaimer.
  17. *
  18. * - Redistributions in binary form must reproduce the above
  19. * copyright notice, this list of conditions and the following
  20. * disclaimer in the documentation and/or other materials
  21. * provided with the distribution.
  22. *
  23. * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  24. * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  25. * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  26. * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
  27. * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
  28. * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  29. * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  30. * SOFTWARE.
  31. */
  32. #include <rdma/rdma_user_ioctl.h>
  33. #include <rdma/uverbs_ioctl.h>
  34. #include "rdma_core.h"
  35. #include "uverbs.h"
  36. struct bundle_alloc_head {
  37. struct_group_tagged(bundle_alloc_head_hdr, hdr,
  38. struct bundle_alloc_head *next;
  39. );
  40. u8 data[];
  41. };
  42. struct bundle_priv {
  43. /* Must be first */
  44. struct bundle_alloc_head_hdr alloc_head;
  45. struct bundle_alloc_head *allocated_mem;
  46. size_t internal_avail;
  47. size_t internal_used;
  48. struct radix_tree_root *radix;
  49. const struct uverbs_api_ioctl_method *method_elm;
  50. void __rcu **radix_slots;
  51. unsigned long radix_slots_len;
  52. u32 method_key;
  53. struct ib_uverbs_attr __user *user_attrs;
  54. struct ib_uverbs_attr *uattrs;
  55. DECLARE_BITMAP(uobj_finalize, UVERBS_API_ATTR_BKEY_LEN);
  56. DECLARE_BITMAP(spec_finalize, UVERBS_API_ATTR_BKEY_LEN);
  57. DECLARE_BITMAP(uobj_hw_obj_valid, UVERBS_API_ATTR_BKEY_LEN);
  58. /*
  59. * Must be last. bundle ends in a flex array which overlaps
  60. * internal_buffer.
  61. */
  62. struct uverbs_attr_bundle_hdr bundle;
  63. u64 internal_buffer[32];
  64. };
  65. /*
  66. * Each method has an absolute minimum amount of memory it needs to allocate,
  67. * precompute that amount and determine if the onstack memory can be used or
  68. * if allocation is need.
  69. */
  70. void uapi_compute_bundle_size(struct uverbs_api_ioctl_method *method_elm,
  71. unsigned int num_attrs)
  72. {
  73. struct bundle_priv *pbundle;
  74. struct uverbs_attr_bundle *bundle;
  75. size_t bundle_size =
  76. offsetof(struct bundle_priv, internal_buffer) +
  77. sizeof(*bundle->attrs) * method_elm->key_bitmap_len +
  78. sizeof(*pbundle->uattrs) * num_attrs;
  79. method_elm->use_stack = bundle_size <= sizeof(*pbundle);
  80. method_elm->bundle_size =
  81. ALIGN(bundle_size + 256, sizeof(*pbundle->internal_buffer));
  82. /* Do not want order-2 allocations for this. */
  83. WARN_ON_ONCE(method_elm->bundle_size > PAGE_SIZE);
  84. }
  85. /**
  86. * _uverbs_alloc() - Quickly allocate memory for use with a bundle
  87. * @bundle: The bundle
  88. * @size: Number of bytes to allocate
  89. * @flags: Allocator flags
  90. *
  91. * The bundle allocator is intended for allocations that are connected with
  92. * processing the system call related to the bundle. The allocated memory is
  93. * always freed once the system call completes, and cannot be freed any other
  94. * way.
  95. *
  96. * This tries to use a small pool of pre-allocated memory for performance.
  97. */
  98. __malloc void *_uverbs_alloc(struct uverbs_attr_bundle *bundle, size_t size,
  99. gfp_t flags)
  100. {
  101. struct bundle_priv *pbundle =
  102. container_of(&bundle->hdr, struct bundle_priv, bundle);
  103. size_t new_used;
  104. void *res;
  105. if (check_add_overflow(size, pbundle->internal_used, &new_used))
  106. return ERR_PTR(-EOVERFLOW);
  107. if (new_used > pbundle->internal_avail) {
  108. struct bundle_alloc_head *buf;
  109. buf = kvmalloc_flex(*buf, data, size, flags);
  110. if (!buf)
  111. return ERR_PTR(-ENOMEM);
  112. buf->next = pbundle->allocated_mem;
  113. pbundle->allocated_mem = buf;
  114. return buf->data;
  115. }
  116. res = (void *)pbundle->internal_buffer + pbundle->internal_used;
  117. pbundle->internal_used =
  118. ALIGN(new_used, sizeof(*pbundle->internal_buffer));
  119. if (want_init_on_alloc(flags))
  120. memset(res, 0, size);
  121. return res;
  122. }
  123. EXPORT_SYMBOL(_uverbs_alloc);
  124. static bool uverbs_is_attr_cleared(const struct ib_uverbs_attr *uattr,
  125. u16 len)
  126. {
  127. if (uattr->len > sizeof_field(struct ib_uverbs_attr, data))
  128. return ib_is_buffer_cleared(u64_to_user_ptr(uattr->data) + len,
  129. uattr->len - len);
  130. return !memchr_inv((const void *)&uattr->data + len,
  131. 0, uattr->len - len);
  132. }
  133. static int uverbs_set_output(const struct uverbs_attr_bundle *bundle,
  134. const struct uverbs_attr *attr)
  135. {
  136. struct bundle_priv *pbundle =
  137. container_of(&bundle->hdr, struct bundle_priv, bundle);
  138. u16 flags;
  139. flags = pbundle->uattrs[attr->ptr_attr.uattr_idx].flags |
  140. UVERBS_ATTR_F_VALID_OUTPUT;
  141. if (put_user(flags,
  142. &pbundle->user_attrs[attr->ptr_attr.uattr_idx].flags))
  143. return -EFAULT;
  144. return 0;
  145. }
  146. static int uverbs_process_idrs_array(struct bundle_priv *pbundle,
  147. const struct uverbs_api_attr *attr_uapi,
  148. struct uverbs_objs_arr_attr *attr,
  149. struct ib_uverbs_attr *uattr,
  150. u32 attr_bkey)
  151. {
  152. struct uverbs_attr_bundle *bundle =
  153. container_of(&pbundle->bundle, struct uverbs_attr_bundle, hdr);
  154. const struct uverbs_attr_spec *spec = &attr_uapi->spec;
  155. size_t array_len;
  156. u32 *idr_vals;
  157. int ret = 0;
  158. size_t i;
  159. if (uattr->attr_data.reserved)
  160. return -EINVAL;
  161. if (uattr->len % sizeof(u32))
  162. return -EINVAL;
  163. array_len = uattr->len / sizeof(u32);
  164. if (array_len < spec->u2.objs_arr.min_len ||
  165. array_len > spec->u2.objs_arr.max_len)
  166. return -EINVAL;
  167. attr->uobjects =
  168. uverbs_alloc(bundle,
  169. array_size(array_len, sizeof(*attr->uobjects)));
  170. if (IS_ERR(attr->uobjects))
  171. return PTR_ERR(attr->uobjects);
  172. /*
  173. * Since idr is 4B and *uobjects is >= 4B, we can use attr->uobjects
  174. * to store idrs array and avoid additional memory allocation. The
  175. * idrs array is offset to the end of the uobjects array so we will be
  176. * able to read idr and replace with a pointer.
  177. */
  178. idr_vals = (u32 *)(attr->uobjects + array_len) - array_len;
  179. if (uattr->len > sizeof(uattr->data)) {
  180. ret = copy_from_user(idr_vals, u64_to_user_ptr(uattr->data),
  181. uattr->len);
  182. if (ret)
  183. return -EFAULT;
  184. } else {
  185. memcpy(idr_vals, &uattr->data, uattr->len);
  186. }
  187. for (i = 0; i != array_len; i++) {
  188. attr->uobjects[i] = uverbs_get_uobject_from_file(
  189. spec->u2.objs_arr.obj_type, spec->u2.objs_arr.access,
  190. idr_vals[i], bundle);
  191. if (IS_ERR(attr->uobjects[i])) {
  192. ret = PTR_ERR(attr->uobjects[i]);
  193. break;
  194. }
  195. }
  196. attr->len = i;
  197. __set_bit(attr_bkey, pbundle->spec_finalize);
  198. return ret;
  199. }
  200. static void uverbs_free_idrs_array(const struct uverbs_api_attr *attr_uapi,
  201. struct uverbs_objs_arr_attr *attr,
  202. bool commit,
  203. struct uverbs_attr_bundle *attrs)
  204. {
  205. const struct uverbs_attr_spec *spec = &attr_uapi->spec;
  206. size_t i;
  207. for (i = 0; i != attr->len; i++)
  208. uverbs_finalize_object(attr->uobjects[i],
  209. spec->u2.objs_arr.access, false, commit,
  210. attrs);
  211. }
  212. static int uverbs_process_attr(struct bundle_priv *pbundle,
  213. const struct uverbs_api_attr *attr_uapi,
  214. struct ib_uverbs_attr *uattr, u32 attr_bkey)
  215. {
  216. const struct uverbs_attr_spec *spec = &attr_uapi->spec;
  217. struct uverbs_attr_bundle *bundle =
  218. container_of(&pbundle->bundle, struct uverbs_attr_bundle, hdr);
  219. struct uverbs_attr *e = &bundle->attrs[attr_bkey];
  220. const struct uverbs_attr_spec *val_spec = spec;
  221. struct uverbs_obj_attr *o_attr;
  222. switch (spec->type) {
  223. case UVERBS_ATTR_TYPE_ENUM_IN:
  224. if (uattr->attr_data.enum_data.elem_id >= spec->u.enum_def.num_elems)
  225. return -EOPNOTSUPP;
  226. if (uattr->attr_data.enum_data.reserved)
  227. return -EINVAL;
  228. val_spec = &spec->u2.enum_def.ids[uattr->attr_data.enum_data.elem_id];
  229. /* Currently we only support PTR_IN based enums */
  230. if (val_spec->type != UVERBS_ATTR_TYPE_PTR_IN)
  231. return -EOPNOTSUPP;
  232. e->ptr_attr.enum_id = uattr->attr_data.enum_data.elem_id;
  233. fallthrough;
  234. case UVERBS_ATTR_TYPE_PTR_IN:
  235. /* Ensure that any data provided by userspace beyond the known
  236. * struct is zero. Userspace that knows how to use some future
  237. * longer struct will fail here if used with an old kernel and
  238. * non-zero content, making ABI compat/discovery simpler.
  239. */
  240. if (uattr->len > val_spec->u.ptr.len &&
  241. val_spec->zero_trailing &&
  242. !uverbs_is_attr_cleared(uattr, val_spec->u.ptr.len))
  243. return -EOPNOTSUPP;
  244. fallthrough;
  245. case UVERBS_ATTR_TYPE_PTR_OUT:
  246. if (uattr->len < val_spec->u.ptr.min_len ||
  247. (!val_spec->zero_trailing &&
  248. uattr->len > val_spec->u.ptr.len))
  249. return -EINVAL;
  250. if (spec->type != UVERBS_ATTR_TYPE_ENUM_IN &&
  251. uattr->attr_data.reserved)
  252. return -EINVAL;
  253. e->ptr_attr.uattr_idx = uattr - pbundle->uattrs;
  254. e->ptr_attr.len = uattr->len;
  255. if (val_spec->alloc_and_copy && !uverbs_attr_ptr_is_inline(e)) {
  256. void *p;
  257. p = uverbs_alloc(bundle, uattr->len);
  258. if (IS_ERR(p))
  259. return PTR_ERR(p);
  260. e->ptr_attr.ptr = p;
  261. if (copy_from_user(p, u64_to_user_ptr(uattr->data),
  262. uattr->len))
  263. return -EFAULT;
  264. } else {
  265. e->ptr_attr.data = uattr->data;
  266. }
  267. break;
  268. case UVERBS_ATTR_TYPE_IDR:
  269. case UVERBS_ATTR_TYPE_FD:
  270. if (uattr->attr_data.reserved)
  271. return -EINVAL;
  272. if (uattr->len != 0)
  273. return -EINVAL;
  274. o_attr = &e->obj_attr;
  275. o_attr->attr_elm = attr_uapi;
  276. /*
  277. * The type of uattr->data is u64 for UVERBS_ATTR_TYPE_IDR and
  278. * s64 for UVERBS_ATTR_TYPE_FD. We can cast the u64 to s64
  279. * here without caring about truncation as we know that the
  280. * IDR implementation today rejects negative IDs
  281. */
  282. o_attr->uobject = uverbs_get_uobject_from_file(
  283. spec->u.obj.obj_type, spec->u.obj.access,
  284. uattr->data_s64, bundle);
  285. if (IS_ERR(o_attr->uobject))
  286. return PTR_ERR(o_attr->uobject);
  287. __set_bit(attr_bkey, pbundle->uobj_finalize);
  288. if (spec->u.obj.access == UVERBS_ACCESS_NEW) {
  289. unsigned int uattr_idx = uattr - pbundle->uattrs;
  290. s64 id = o_attr->uobject->id;
  291. /* Copy the allocated id to the user-space */
  292. if (put_user(id, &pbundle->user_attrs[uattr_idx].data))
  293. return -EFAULT;
  294. }
  295. break;
  296. case UVERBS_ATTR_TYPE_RAW_FD:
  297. if (uattr->attr_data.reserved || uattr->len != 0 ||
  298. uattr->data_s64 < INT_MIN || uattr->data_s64 > INT_MAX)
  299. return -EINVAL;
  300. /* _uverbs_get_const_signed() is the accessor */
  301. e->ptr_attr.data = uattr->data_s64;
  302. break;
  303. case UVERBS_ATTR_TYPE_IDRS_ARRAY:
  304. return uverbs_process_idrs_array(pbundle, attr_uapi,
  305. &e->objs_arr_attr, uattr,
  306. attr_bkey);
  307. default:
  308. return -EOPNOTSUPP;
  309. }
  310. return 0;
  311. }
  312. /*
  313. * We search the radix tree with the method prefix and now we want to fast
  314. * search the suffix bits to get a particular attribute pointer. It is not
  315. * totally clear to me if this breaks the radix tree encasulation or not, but
  316. * it uses the iter data to determine if the method iter points at the same
  317. * chunk that will store the attribute, if so it just derefs it directly. By
  318. * construction in most kernel configs the method and attrs will all fit in a
  319. * single radix chunk, so in most cases this will have no search. Other cases
  320. * this falls back to a full search.
  321. */
  322. static void __rcu **uapi_get_attr_for_method(struct bundle_priv *pbundle,
  323. u32 attr_key)
  324. {
  325. void __rcu **slot;
  326. if (likely(attr_key < pbundle->radix_slots_len)) {
  327. void *entry;
  328. slot = pbundle->radix_slots + attr_key;
  329. entry = rcu_dereference_raw(*slot);
  330. if (likely(!radix_tree_is_internal_node(entry) && entry))
  331. return slot;
  332. }
  333. return radix_tree_lookup_slot(pbundle->radix,
  334. pbundle->method_key | attr_key);
  335. }
  336. static int uverbs_set_attr(struct bundle_priv *pbundle,
  337. struct ib_uverbs_attr *uattr)
  338. {
  339. u32 attr_key = uapi_key_attr(uattr->attr_id);
  340. u32 attr_bkey = uapi_bkey_attr(attr_key);
  341. const struct uverbs_api_attr *attr;
  342. void __rcu **slot;
  343. int ret;
  344. slot = uapi_get_attr_for_method(pbundle, attr_key);
  345. if (!slot) {
  346. /*
  347. * Kernel does not support the attribute but user-space says it
  348. * is mandatory
  349. */
  350. if (uattr->flags & UVERBS_ATTR_F_MANDATORY)
  351. return -EPROTONOSUPPORT;
  352. return 0;
  353. }
  354. attr = rcu_dereference_protected(*slot, true);
  355. /* Reject duplicate attributes from user-space */
  356. if (test_bit(attr_bkey, pbundle->bundle.attr_present))
  357. return -EINVAL;
  358. ret = uverbs_process_attr(pbundle, attr, uattr, attr_bkey);
  359. if (ret)
  360. return ret;
  361. __set_bit(attr_bkey, pbundle->bundle.attr_present);
  362. return 0;
  363. }
  364. static int ib_uverbs_run_method(struct bundle_priv *pbundle,
  365. unsigned int num_attrs)
  366. {
  367. int (*handler)(struct uverbs_attr_bundle *attrs);
  368. struct uverbs_attr_bundle *bundle =
  369. container_of(&pbundle->bundle, struct uverbs_attr_bundle, hdr);
  370. size_t uattrs_size = array_size(sizeof(*pbundle->uattrs), num_attrs);
  371. unsigned int destroy_bkey = pbundle->method_elm->destroy_bkey;
  372. unsigned int i;
  373. int ret;
  374. /* See uverbs_disassociate_api() */
  375. handler = srcu_dereference(
  376. pbundle->method_elm->handler,
  377. &pbundle->bundle.ufile->device->disassociate_srcu);
  378. if (!handler)
  379. return -EIO;
  380. pbundle->uattrs = uverbs_alloc(bundle, uattrs_size);
  381. if (IS_ERR(pbundle->uattrs))
  382. return PTR_ERR(pbundle->uattrs);
  383. if (copy_from_user(pbundle->uattrs, pbundle->user_attrs, uattrs_size))
  384. return -EFAULT;
  385. for (i = 0; i != num_attrs; i++) {
  386. ret = uverbs_set_attr(pbundle, &pbundle->uattrs[i]);
  387. if (unlikely(ret))
  388. return ret;
  389. }
  390. /* User space did not provide all the mandatory attributes */
  391. if (unlikely(!bitmap_subset(pbundle->method_elm->attr_mandatory,
  392. pbundle->bundle.attr_present,
  393. pbundle->method_elm->key_bitmap_len)))
  394. return -EINVAL;
  395. if (pbundle->method_elm->has_udata)
  396. uverbs_fill_udata(bundle, &pbundle->bundle.driver_udata,
  397. UVERBS_ATTR_UHW_IN, UVERBS_ATTR_UHW_OUT);
  398. else
  399. pbundle->bundle.driver_udata = (struct ib_udata){};
  400. if (destroy_bkey != UVERBS_API_ATTR_BKEY_LEN) {
  401. struct uverbs_obj_attr *destroy_attr = &bundle->attrs[destroy_bkey].obj_attr;
  402. ret = uobj_destroy(destroy_attr->uobject, bundle);
  403. if (ret)
  404. return ret;
  405. __clear_bit(destroy_bkey, pbundle->uobj_finalize);
  406. ret = handler(bundle);
  407. uobj_put_destroy(destroy_attr->uobject);
  408. } else {
  409. ret = handler(bundle);
  410. }
  411. /*
  412. * Until the drivers are revised to use the bundle directly we have to
  413. * assume that the driver wrote to its UHW_OUT and flag userspace
  414. * appropriately.
  415. */
  416. if (!ret && pbundle->method_elm->has_udata) {
  417. const struct uverbs_attr *attr =
  418. uverbs_attr_get(bundle, UVERBS_ATTR_UHW_OUT);
  419. if (!IS_ERR(attr))
  420. ret = uverbs_set_output(bundle, attr);
  421. }
  422. /*
  423. * EPROTONOSUPPORT is ONLY to be returned if the ioctl framework can
  424. * not invoke the method because the request is not supported. No
  425. * other cases should return this code.
  426. */
  427. if (WARN_ON_ONCE(ret == -EPROTONOSUPPORT))
  428. return -EINVAL;
  429. return ret;
  430. }
  431. static void bundle_destroy(struct bundle_priv *pbundle, bool commit)
  432. {
  433. unsigned int key_bitmap_len = pbundle->method_elm->key_bitmap_len;
  434. struct uverbs_attr_bundle *bundle =
  435. container_of(&pbundle->bundle, struct uverbs_attr_bundle, hdr);
  436. struct bundle_alloc_head *memblock;
  437. unsigned int i;
  438. /* fast path for simple uobjects */
  439. i = -1;
  440. while ((i = find_next_bit(pbundle->uobj_finalize, key_bitmap_len,
  441. i + 1)) < key_bitmap_len) {
  442. struct uverbs_attr *attr = &bundle->attrs[i];
  443. uverbs_finalize_object(
  444. attr->obj_attr.uobject,
  445. attr->obj_attr.attr_elm->spec.u.obj.access,
  446. test_bit(i, pbundle->uobj_hw_obj_valid),
  447. commit, bundle);
  448. }
  449. i = -1;
  450. while ((i = find_next_bit(pbundle->spec_finalize, key_bitmap_len,
  451. i + 1)) < key_bitmap_len) {
  452. struct uverbs_attr *attr = &bundle->attrs[i];
  453. const struct uverbs_api_attr *attr_uapi;
  454. void __rcu **slot;
  455. slot = uapi_get_attr_for_method(
  456. pbundle,
  457. pbundle->method_key | uapi_bkey_to_key_attr(i));
  458. if (WARN_ON(!slot))
  459. continue;
  460. attr_uapi = rcu_dereference_protected(*slot, true);
  461. if (attr_uapi->spec.type == UVERBS_ATTR_TYPE_IDRS_ARRAY) {
  462. uverbs_free_idrs_array(attr_uapi, &attr->objs_arr_attr,
  463. commit, bundle);
  464. }
  465. }
  466. for (memblock = pbundle->allocated_mem; memblock;) {
  467. struct bundle_alloc_head *tmp = memblock;
  468. memblock = memblock->next;
  469. kvfree(tmp);
  470. }
  471. }
  472. static int ib_uverbs_cmd_verbs(struct ib_uverbs_file *ufile,
  473. struct ib_uverbs_ioctl_hdr *hdr,
  474. struct ib_uverbs_attr __user *user_attrs)
  475. {
  476. const struct uverbs_api_ioctl_method *method_elm;
  477. struct uverbs_api *uapi = ufile->device->uapi;
  478. struct radix_tree_iter attrs_iter;
  479. struct bundle_priv *pbundle;
  480. struct bundle_priv onstack;
  481. void __rcu **slot;
  482. int ret;
  483. if (unlikely(hdr->driver_id != uapi->driver_id))
  484. return -EINVAL;
  485. slot = radix_tree_iter_lookup(
  486. &uapi->radix, &attrs_iter,
  487. uapi_key_obj(hdr->object_id) |
  488. uapi_key_ioctl_method(hdr->method_id));
  489. if (unlikely(!slot))
  490. return -EPROTONOSUPPORT;
  491. method_elm = rcu_dereference_protected(*slot, true);
  492. if (!method_elm->use_stack) {
  493. pbundle = kmalloc(method_elm->bundle_size, GFP_KERNEL);
  494. if (!pbundle)
  495. return -ENOMEM;
  496. pbundle->internal_avail =
  497. method_elm->bundle_size -
  498. offsetof(struct bundle_priv, internal_buffer);
  499. pbundle->alloc_head.next = NULL;
  500. pbundle->allocated_mem = container_of(&pbundle->alloc_head,
  501. struct bundle_alloc_head, hdr);
  502. } else {
  503. pbundle = &onstack;
  504. pbundle->internal_avail = sizeof(pbundle->internal_buffer);
  505. pbundle->allocated_mem = NULL;
  506. }
  507. /* Space for the pbundle->bundle.attrs flex array */
  508. pbundle->method_elm = method_elm;
  509. pbundle->method_key = attrs_iter.index;
  510. pbundle->bundle.ufile = ufile;
  511. pbundle->bundle.context = NULL; /* only valid if bundle has uobject */
  512. pbundle->radix = &uapi->radix;
  513. pbundle->radix_slots = slot;
  514. pbundle->radix_slots_len = radix_tree_chunk_size(&attrs_iter);
  515. pbundle->user_attrs = user_attrs;
  516. pbundle->internal_used = ALIGN(pbundle->method_elm->key_bitmap_len *
  517. sizeof(*container_of(&pbundle->bundle,
  518. struct uverbs_attr_bundle, hdr)->attrs),
  519. sizeof(*pbundle->internal_buffer));
  520. memset(pbundle->bundle.attr_present, 0,
  521. sizeof(pbundle->bundle.attr_present));
  522. memset(pbundle->uobj_finalize, 0, sizeof(pbundle->uobj_finalize));
  523. memset(pbundle->spec_finalize, 0, sizeof(pbundle->spec_finalize));
  524. memset(pbundle->uobj_hw_obj_valid, 0,
  525. sizeof(pbundle->uobj_hw_obj_valid));
  526. ret = ib_uverbs_run_method(pbundle, hdr->num_attrs);
  527. bundle_destroy(pbundle, ret == 0);
  528. return ret;
  529. }
  530. long ib_uverbs_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
  531. {
  532. struct ib_uverbs_file *file = filp->private_data;
  533. struct ib_uverbs_ioctl_hdr __user *user_hdr =
  534. (struct ib_uverbs_ioctl_hdr __user *)arg;
  535. struct ib_uverbs_ioctl_hdr hdr;
  536. int srcu_key;
  537. int err;
  538. if (unlikely(cmd != RDMA_VERBS_IOCTL))
  539. return -ENOIOCTLCMD;
  540. err = copy_from_user(&hdr, user_hdr, sizeof(hdr));
  541. if (err)
  542. return -EFAULT;
  543. if (hdr.length > PAGE_SIZE ||
  544. hdr.length != struct_size(&hdr, attrs, hdr.num_attrs))
  545. return -EINVAL;
  546. if (hdr.reserved1 || hdr.reserved2)
  547. return -EPROTONOSUPPORT;
  548. srcu_key = srcu_read_lock(&file->device->disassociate_srcu);
  549. err = ib_uverbs_cmd_verbs(file, &hdr, user_hdr->attrs);
  550. srcu_read_unlock(&file->device->disassociate_srcu, srcu_key);
  551. return err;
  552. }
  553. int uverbs_get_flags64(u64 *to, const struct uverbs_attr_bundle *attrs_bundle,
  554. size_t idx, u64 allowed_bits)
  555. {
  556. const struct uverbs_attr *attr;
  557. u64 flags;
  558. attr = uverbs_attr_get(attrs_bundle, idx);
  559. /* Missing attribute means 0 flags */
  560. if (IS_ERR(attr)) {
  561. *to = 0;
  562. return 0;
  563. }
  564. /*
  565. * New userspace code should use 8 bytes to pass flags, but we
  566. * transparently support old userspaces that were using 4 bytes as
  567. * well.
  568. */
  569. if (attr->ptr_attr.len == 8)
  570. flags = attr->ptr_attr.data;
  571. else if (attr->ptr_attr.len == 4)
  572. flags = *(u32 *)&attr->ptr_attr.data;
  573. else
  574. return -EINVAL;
  575. if (flags & ~allowed_bits)
  576. return -EINVAL;
  577. *to = flags;
  578. return 0;
  579. }
  580. EXPORT_SYMBOL(uverbs_get_flags64);
  581. int uverbs_get_flags32(u32 *to, const struct uverbs_attr_bundle *attrs_bundle,
  582. size_t idx, u64 allowed_bits)
  583. {
  584. u64 flags;
  585. int ret;
  586. ret = uverbs_get_flags64(&flags, attrs_bundle, idx, allowed_bits);
  587. if (ret)
  588. return ret;
  589. if (flags > U32_MAX)
  590. return -EINVAL;
  591. *to = flags;
  592. return 0;
  593. }
  594. EXPORT_SYMBOL(uverbs_get_flags32);
  595. /*
  596. * Fill a ib_udata struct (core or uhw) using the given attribute IDs.
  597. * This is primarily used to convert the UVERBS_ATTR_UHW() into the
  598. * ib_udata format used by the drivers.
  599. */
  600. void uverbs_fill_udata(struct uverbs_attr_bundle *bundle,
  601. struct ib_udata *udata, unsigned int attr_in,
  602. unsigned int attr_out)
  603. {
  604. struct bundle_priv *pbundle =
  605. container_of(&bundle->hdr, struct bundle_priv, bundle);
  606. struct uverbs_attr_bundle *bundle_aux =
  607. container_of(&pbundle->bundle, struct uverbs_attr_bundle, hdr);
  608. const struct uverbs_attr *in =
  609. uverbs_attr_get(bundle_aux, attr_in);
  610. const struct uverbs_attr *out =
  611. uverbs_attr_get(bundle_aux, attr_out);
  612. if (!IS_ERR(in)) {
  613. udata->inlen = in->ptr_attr.len;
  614. if (uverbs_attr_ptr_is_inline(in))
  615. udata->inbuf =
  616. &pbundle->user_attrs[in->ptr_attr.uattr_idx]
  617. .data;
  618. else
  619. udata->inbuf = u64_to_user_ptr(in->ptr_attr.data);
  620. } else {
  621. udata->inbuf = NULL;
  622. udata->inlen = 0;
  623. }
  624. if (!IS_ERR(out)) {
  625. udata->outbuf = u64_to_user_ptr(out->ptr_attr.data);
  626. udata->outlen = out->ptr_attr.len;
  627. } else {
  628. udata->outbuf = NULL;
  629. udata->outlen = 0;
  630. }
  631. }
  632. int uverbs_copy_to(const struct uverbs_attr_bundle *bundle, size_t idx,
  633. const void *from, size_t size)
  634. {
  635. const struct uverbs_attr *attr = uverbs_attr_get(bundle, idx);
  636. size_t min_size;
  637. if (IS_ERR(attr))
  638. return PTR_ERR(attr);
  639. min_size = min_t(size_t, attr->ptr_attr.len, size);
  640. if (copy_to_user(u64_to_user_ptr(attr->ptr_attr.data), from, min_size))
  641. return -EFAULT;
  642. return uverbs_set_output(bundle, attr);
  643. }
  644. EXPORT_SYMBOL(uverbs_copy_to);
  645. /*
  646. * This is only used if the caller has directly used copy_to_use to write the
  647. * data. It signals to user space that the buffer is filled in.
  648. */
  649. int uverbs_output_written(const struct uverbs_attr_bundle *bundle, size_t idx)
  650. {
  651. const struct uverbs_attr *attr = uverbs_attr_get(bundle, idx);
  652. if (IS_ERR(attr))
  653. return PTR_ERR(attr);
  654. return uverbs_set_output(bundle, attr);
  655. }
  656. int _uverbs_get_const_signed(s64 *to,
  657. const struct uverbs_attr_bundle *attrs_bundle,
  658. size_t idx, s64 lower_bound, u64 upper_bound,
  659. s64 *def_val)
  660. {
  661. const struct uverbs_attr *attr;
  662. attr = uverbs_attr_get(attrs_bundle, idx);
  663. if (IS_ERR(attr)) {
  664. if ((PTR_ERR(attr) != -ENOENT) || !def_val)
  665. return PTR_ERR(attr);
  666. *to = *def_val;
  667. } else {
  668. *to = attr->ptr_attr.data;
  669. }
  670. if (*to < lower_bound || (*to > 0 && (u64)*to > upper_bound))
  671. return -EINVAL;
  672. return 0;
  673. }
  674. EXPORT_SYMBOL(_uverbs_get_const_signed);
  675. int _uverbs_get_const_unsigned(u64 *to,
  676. const struct uverbs_attr_bundle *attrs_bundle,
  677. size_t idx, u64 upper_bound, u64 *def_val)
  678. {
  679. const struct uverbs_attr *attr;
  680. attr = uverbs_attr_get(attrs_bundle, idx);
  681. if (IS_ERR(attr)) {
  682. if ((PTR_ERR(attr) != -ENOENT) || !def_val)
  683. return PTR_ERR(attr);
  684. *to = *def_val;
  685. } else {
  686. *to = attr->ptr_attr.data;
  687. }
  688. if (*to > upper_bound)
  689. return -EINVAL;
  690. return 0;
  691. }
  692. EXPORT_SYMBOL(_uverbs_get_const_unsigned);
  693. int uverbs_copy_to_struct_or_zero(const struct uverbs_attr_bundle *bundle,
  694. size_t idx, const void *from, size_t size)
  695. {
  696. const struct uverbs_attr *attr = uverbs_attr_get(bundle, idx);
  697. if (IS_ERR(attr))
  698. return PTR_ERR(attr);
  699. if (size < attr->ptr_attr.len) {
  700. if (clear_user(u64_to_user_ptr(attr->ptr_attr.data) + size,
  701. attr->ptr_attr.len - size))
  702. return -EFAULT;
  703. }
  704. return uverbs_copy_to(bundle, idx, from, size);
  705. }
  706. EXPORT_SYMBOL(uverbs_copy_to_struct_or_zero);
  707. /* Once called an abort will call through to the type's destroy_hw() */
  708. void uverbs_finalize_uobj_create(const struct uverbs_attr_bundle *bundle,
  709. u16 idx)
  710. {
  711. struct bundle_priv *pbundle =
  712. container_of(&bundle->hdr, struct bundle_priv, bundle);
  713. __set_bit(uapi_bkey_attr(uapi_key_attr(idx)),
  714. pbundle->uobj_hw_obj_valid);
  715. }
  716. EXPORT_SYMBOL(uverbs_finalize_uobj_create);