Re: [PATCH -next] RDMA/hns: Fix return in hns_roce_rereg_user_mr()

From: Leon Romanovsky
Date: Wed Aug 04 2021 - 23:40:45 EST

Next message: David Stevens: "Re: [PATCH v2 1/4] dma-iommu: fix sync_sg with swiotlb"
Previous message: Hu Haowen: "[PATCH] docs: virt: kvm: api.rst: lengthen title line"
In reply to: YueHaibing: "Re: [PATCH -next] RDMA/hns: Fix return in hns_roce_rereg_user_mr()"
Next in thread: YueHaibing: "Re: [PATCH -next] RDMA/hns: Fix return in hns_roce_rereg_user_mr()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Aug 05, 2021 at 10:36:03AM +0800, YueHaibing wrote:
> On 2021/8/4 21:53, Leon Romanovsky wrote:
> > On Wed, Aug 04, 2021 at 08:59:39PM +0800, YueHaibing wrote:
> >> If re-registering an MR in hns_roce_rereg_user_mr(), we should
> >> return NULL instead of pass 0 to ERR_PTR.
> >>
> >> Fixes: 4e9fc1dae2a9 ("RDMA/hns: Optimize the MR registration process")
> >> Signed-off-by: YueHaibing <yuehaibing@xxxxxxxxxx>
> >> ---
> >> drivers/infiniband/hw/hns/hns_roce_mr.c | 4 +++-
> >> 1 file changed, 3 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/drivers/infiniband/hw/hns/hns_roce_mr.c b/drivers/infiniband/hw/hns/hns_roce_mr.c
> >> index 006c84bb3f9f..7089ac780291 100644
> >> --- a/drivers/infiniband/hw/hns/hns_roce_mr.c
> >> +++ b/drivers/infiniband/hw/hns/hns_roce_mr.c
> >> @@ -352,7 +352,9 @@ struct ib_mr *hns_roce_rereg_user_mr(struct ib_mr *ibmr, int flags, u64 start,
> >> free_cmd_mbox:
> >> hns_roce_free_cmd_mailbox(hr_dev, mailbox);
> >>
> >> - return ERR_PTR(ret);
> >> + if (ret)
> >> + return ERR_PTR(ret);
> >> + return NULL;
> >> }
> >
> > I don't understand this function, it returns or ERR_PTR() or NULL, but
> > should return &mr->ibmr in success path. How does it work?
>
> Did you means hns_roce_reg_user_mr()?
>
> hns_roce_rereg_user_mr() returns ERR_PTR() on failure, and return NULL on success,
>
> In ib_uverbs_rereg_mr(), old mr will be used if rereg_user_mr() return NULL, see:
>
> 829 new_mr = ib_dev->ops.rereg_user_mr(mr, cmd.flags, cmd.start, cmd.length,
> 830 cmd.hca_va, cmd.access_flags, new_pd,
> 831 &attrs->driver_udata);
> 832 if (IS_ERR(new_mr)) {
> 833 ret = PTR_ERR(new_mr);
> 834 goto put_new_uobj;
> 835 }
> 836 if (new_mr) {
> .....
> 860 mr = new_mr;
> 861 } else {
> 862 if (cmd.flags & IB_MR_REREG_PD) {
> 863 atomic_dec(&orig_pd->usecnt);
> 864 mr->pd = new_pd;
> 865 atomic_inc(&new_pd->usecnt);
> 866 }
> 867 if (cmd.flags & IB_MR_REREG_TRANS)
> 868 mr->iova = cmd.hca_va;
> 869 }

You overwrite various fields in old_mr when executing hns_roce_rereg_user_mr().
For example mr->access flags, which is not returned to the original
state after all failures.

Also I'm not so sure about if it is valid to return NULL in all flows.

Thanks

>
>
> >
> > Thanks
> >
> >>
> >> int hns_roce_dereg_mr(struct ib_mr *ibmr, struct ib_udata *udata)
> >> --
> >> 2.17.1
> >>
> > .
> >

Next message: David Stevens: "Re: [PATCH v2 1/4] dma-iommu: fix sync_sg with swiotlb"
Previous message: Hu Haowen: "[PATCH] docs: virt: kvm: api.rst: lengthen title line"
In reply to: YueHaibing: "Re: [PATCH -next] RDMA/hns: Fix return in hns_roce_rereg_user_mr()"
Next in thread: YueHaibing: "Re: [PATCH -next] RDMA/hns: Fix return in hns_roce_rereg_user_mr()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]