Re: [PATCH -next] RDMA/hns: Fix return in hns_roce_rereg_user_mr()

From: YueHaibing
Date: Thu Aug 05 2021 - 05:29:32 EST


On 2021/8/5 11:40, Leon Romanovsky wrote:
> On Thu, Aug 05, 2021 at 10:36:03AM +0800, YueHaibing wrote:
>> On 2021/8/4 21:53, Leon Romanovsky wrote:
>>> On Wed, Aug 04, 2021 at 08:59:39PM +0800, YueHaibing wrote:
>>>> If re-registering an MR in hns_roce_rereg_user_mr(), we should
>>>> return NULL instead of pass 0 to ERR_PTR.
>>>>
>>>> Fixes: 4e9fc1dae2a9 ("RDMA/hns: Optimize the MR registration process")
>>>> Signed-off-by: YueHaibing <yuehaibing@xxxxxxxxxx>
>>>> ---
>>>> drivers/infiniband/hw/hns/hns_roce_mr.c | 4 +++-
>>>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>>>
>>>> diff --git a/drivers/infiniband/hw/hns/hns_roce_mr.c b/drivers/infiniband/hw/hns/hns_roce_mr.c
>>>> index 006c84bb3f9f..7089ac780291 100644
>>>> --- a/drivers/infiniband/hw/hns/hns_roce_mr.c
>>>> +++ b/drivers/infiniband/hw/hns/hns_roce_mr.c
>>>> @@ -352,7 +352,9 @@ struct ib_mr *hns_roce_rereg_user_mr(struct ib_mr *ibmr, int flags, u64 start,
>>>> free_cmd_mbox:
>>>> hns_roce_free_cmd_mailbox(hr_dev, mailbox);
>>>>
>>>> - return ERR_PTR(ret);
>>>> + if (ret)
>>>> + return ERR_PTR(ret);
>>>> + return NULL;
>>>> }
>>>
>>> I don't understand this function, it returns or ERR_PTR() or NULL, but
>>> should return &mr->ibmr in success path. How does it work?
>>
>> Did you means hns_roce_reg_user_mr()?
>>
>> hns_roce_rereg_user_mr() returns ERR_PTR() on failure, and return NULL on success,
>>
>> In ib_uverbs_rereg_mr(), old mr will be used if rereg_user_mr() return NULL, see:
>>
>> 829 new_mr = ib_dev->ops.rereg_user_mr(mr, cmd.flags, cmd.start, cmd.length,
>> 830 cmd.hca_va, cmd.access_flags, new_pd,
>> 831 &attrs->driver_udata);
>> 832 if (IS_ERR(new_mr)) {
>> 833 ret = PTR_ERR(new_mr);
>> 834 goto put_new_uobj;
>> 835 }
>> 836 if (new_mr) {
>> .....
>> 860 mr = new_mr;
>> 861 } else {
>> 862 if (cmd.flags & IB_MR_REREG_PD) {
>> 863 atomic_dec(&orig_pd->usecnt);
>> 864 mr->pd = new_pd;
>> 865 atomic_inc(&new_pd->usecnt);
>> 866 }
>> 867 if (cmd.flags & IB_MR_REREG_TRANS)
>> 868 mr->iova = cmd.hca_va;
>> 869 }
>
> You overwrite various fields in old_mr when executing hns_roce_rereg_user_mr().
> For example mr->access flags, which is not returned to the original
> state after all failures.

IMO, if ibv_rereg_mr failed, the mr is in undefined state, user needs to call
ibv_dereg_mr in order to release it, so there no need to recover the original state.

Also, mlx4_ib_rereg_user_mr seems to do the same thing.

>
> Also I'm not so sure about if it is valid to return NULL in all flows.
>
> Thanks
>
>>
>>
>>>
>>> Thanks
>>>
>>>>
>>>> int hns_roce_dereg_mr(struct ib_mr *ibmr, struct ib_udata *udata)
>>>> --
>>>> 2.17.1
>>>>
>>> .
>>>
> .
>