Lines Matching +full:- +full:alt
14 * - Redistributions of source code must retain the above
18 * - Redistributions in binary form must reproduce the above
50 struct ib_device *dev = pp->sec->dev; in get_pkey_idx_qp_list()
52 spin_lock(&dev->port_data[pp->port_num].pkey_list_lock); in get_pkey_idx_qp_list()
53 list_for_each_entry (tmp_pkey, &dev->port_data[pp->port_num].pkey_list, in get_pkey_idx_qp_list()
55 if (tmp_pkey->pkey_index == pp->pkey_index) { in get_pkey_idx_qp_list()
60 spin_unlock(&dev->port_data[pp->port_num].pkey_list_lock); in get_pkey_idx_qp_list()
68 struct ib_device *dev = pp->sec->dev; in get_pkey_and_subnet_prefix()
71 ret = ib_get_cached_pkey(dev, pp->port_num, pp->pkey_index, pkey); in get_pkey_and_subnet_prefix()
75 ret = ib_get_cached_subnet_prefix(dev, pp->port_num, subnet_prefix); in get_pkey_and_subnet_prefix()
87 ret = security_ib_pkey_access(qp_sec->security, subnet_prefix, pkey); in enforce_qp_pkey_security()
92 &qp_sec->shared_qp_list, in enforce_qp_pkey_security()
94 ret = security_ib_pkey_access(shared_qp_sec->security, in enforce_qp_pkey_security()
121 if (pps->main.state != IB_PORT_PKEY_NOT_VALID) { in check_qp_port_pkey_settings()
122 ret = get_pkey_and_subnet_prefix(&pps->main, in check_qp_port_pkey_settings()
135 if (pps->alt.state != IB_PORT_PKEY_NOT_VALID) { in check_qp_port_pkey_settings()
136 ret = get_pkey_and_subnet_prefix(&pps->alt, in check_qp_port_pkey_settings()
167 if (sec->destroying) in qp_to_error()
170 ib_modify_qp(sec->qp, in qp_to_error()
174 if (sec->qp->event_handler && sec->qp->qp_context) { in qp_to_error()
175 event.element.qp = sec->qp; in qp_to_error()
176 sec->qp->event_handler(&event, in qp_to_error()
177 sec->qp->qp_context); in qp_to_error()
181 &sec->shared_qp_list, in qp_to_error()
183 struct ib_qp *qp = shared_qp_sec->qp; in qp_to_error()
185 if (qp->event_handler && qp->qp_context) { in qp_to_error()
187 event.device = qp->device; in qp_to_error()
188 qp->event_handler(&event, in qp_to_error()
189 qp->qp_context); in qp_to_error()
206 pkey->pkey_index, in check_pkey_qps()
208 spin_lock(&pkey->qp_list_lock); in check_pkey_qps()
209 list_for_each_entry(pp, &pkey->qp_list, qp_list) { in check_pkey_qps()
210 if (atomic_read(&pp->sec->error_list_count)) in check_pkey_qps()
215 pp->sec)) { in check_pkey_qps()
216 atomic_inc(&pp->sec->error_list_count); in check_pkey_qps()
217 list_add(&pp->to_error_list, in check_pkey_qps()
221 spin_unlock(&pkey->qp_list_lock); in check_pkey_qps()
228 mutex_lock(&pp->sec->mutex); in check_pkey_qps()
229 qp_to_error(pp->sec); in check_pkey_qps()
230 list_del(&pp->to_error_list); in check_pkey_qps()
231 atomic_dec(&pp->sec->error_list_count); in check_pkey_qps()
232 comp = pp->sec->destroying; in check_pkey_qps()
233 mutex_unlock(&pp->sec->mutex); in check_pkey_qps()
236 complete(&pp->sec->error_complete); in check_pkey_qps()
248 u8 port_num = pp->port_num; in port_pkey_list_insert()
251 if (pp->state != IB_PORT_PKEY_VALID) in port_pkey_list_insert()
254 dev = pp->sec->dev; in port_pkey_list_insert()
263 return -ENOMEM; in port_pkey_list_insert()
265 spin_lock(&dev->port_data[port_num].pkey_list_lock); in port_pkey_list_insert()
270 &dev->port_data[port_num].pkey_list, in port_pkey_list_insert()
272 if (tmp_pkey->pkey_index == pp->pkey_index) { in port_pkey_list_insert()
281 pkey->pkey_index = pp->pkey_index; in port_pkey_list_insert()
282 spin_lock_init(&pkey->qp_list_lock); in port_pkey_list_insert()
283 INIT_LIST_HEAD(&pkey->qp_list); in port_pkey_list_insert()
284 list_add(&pkey->pkey_index_list, in port_pkey_list_insert()
285 &dev->port_data[port_num].pkey_list); in port_pkey_list_insert()
287 spin_unlock(&dev->port_data[port_num].pkey_list_lock); in port_pkey_list_insert()
290 spin_lock(&pkey->qp_list_lock); in port_pkey_list_insert()
291 list_add(&pp->qp_list, &pkey->qp_list); in port_pkey_list_insert()
292 spin_unlock(&pkey->qp_list_lock); in port_pkey_list_insert()
294 pp->state = IB_PORT_PKEY_LISTED; in port_pkey_list_insert()
306 if (pp->state != IB_PORT_PKEY_LISTED) in port_pkey_list_remove()
311 spin_lock(&pkey->qp_list_lock); in port_pkey_list_remove()
312 list_del(&pp->qp_list); in port_pkey_list_remove()
313 spin_unlock(&pkey->qp_list_lock); in port_pkey_list_remove()
318 pp->state = IB_PORT_PKEY_VALID; in port_pkey_list_remove()
323 security_ib_free_security(sec->security); in destroy_qp_security()
324 kfree(sec->ports_pkeys); in destroy_qp_security()
336 struct ib_ports_pkeys *qp_pps = qp->qp_sec->ports_pkeys; in get_new_pps()
343 new_pps->main.port_num = qp_attr->port_num; in get_new_pps()
345 new_pps->main.port_num = qp_pps->main.port_num; in get_new_pps()
348 new_pps->main.pkey_index = qp_attr->pkey_index; in get_new_pps()
350 new_pps->main.pkey_index = qp_pps->main.pkey_index; in get_new_pps()
354 (qp_pps && qp_pps->main.state != IB_PORT_PKEY_NOT_VALID)) in get_new_pps()
355 new_pps->main.state = IB_PORT_PKEY_VALID; in get_new_pps()
358 new_pps->alt.port_num = qp_attr->alt_port_num; in get_new_pps()
359 new_pps->alt.pkey_index = qp_attr->alt_pkey_index; in get_new_pps()
360 new_pps->alt.state = IB_PORT_PKEY_VALID; in get_new_pps()
362 new_pps->alt.port_num = qp_pps->alt.port_num; in get_new_pps()
363 new_pps->alt.pkey_index = qp_pps->alt.pkey_index; in get_new_pps()
364 if (qp_pps->alt.state != IB_PORT_PKEY_NOT_VALID) in get_new_pps()
365 new_pps->alt.state = IB_PORT_PKEY_VALID; in get_new_pps()
368 new_pps->main.sec = qp->qp_sec; in get_new_pps()
369 new_pps->alt.sec = qp->qp_sec; in get_new_pps()
375 struct ib_qp *real_qp = qp->real_qp; in ib_open_shared_qp_security()
383 if (!qp->qp_sec) in ib_open_shared_qp_security()
386 mutex_lock(&real_qp->qp_sec->mutex); in ib_open_shared_qp_security()
387 ret = check_qp_port_pkey_settings(real_qp->qp_sec->ports_pkeys, in ib_open_shared_qp_security()
388 qp->qp_sec); in ib_open_shared_qp_security()
394 list_add(&qp->qp_sec->shared_qp_list, in ib_open_shared_qp_security()
395 &real_qp->qp_sec->shared_qp_list); in ib_open_shared_qp_security()
397 mutex_unlock(&real_qp->qp_sec->mutex); in ib_open_shared_qp_security()
399 destroy_qp_security(qp->qp_sec); in ib_open_shared_qp_security()
406 struct ib_qp *real_qp = sec->qp->real_qp; in ib_close_shared_qp_security()
408 mutex_lock(&real_qp->qp_sec->mutex); in ib_close_shared_qp_security()
409 list_del(&sec->shared_qp_list); in ib_close_shared_qp_security()
410 mutex_unlock(&real_qp->qp_sec->mutex); in ib_close_shared_qp_security()
431 qp->qp_sec = kzalloc(sizeof(*qp->qp_sec), GFP_KERNEL); in ib_create_qp_security()
432 if (!qp->qp_sec) in ib_create_qp_security()
433 return -ENOMEM; in ib_create_qp_security()
435 qp->qp_sec->qp = qp; in ib_create_qp_security()
436 qp->qp_sec->dev = dev; in ib_create_qp_security()
437 mutex_init(&qp->qp_sec->mutex); in ib_create_qp_security()
438 INIT_LIST_HEAD(&qp->qp_sec->shared_qp_list); in ib_create_qp_security()
439 atomic_set(&qp->qp_sec->error_list_count, 0); in ib_create_qp_security()
440 init_completion(&qp->qp_sec->error_complete); in ib_create_qp_security()
441 ret = security_ib_alloc_security(&qp->qp_sec->security); in ib_create_qp_security()
443 kfree(qp->qp_sec); in ib_create_qp_security()
444 qp->qp_sec = NULL; in ib_create_qp_security()
457 mutex_lock(&sec->mutex); in ib_destroy_qp_security_begin()
462 if (sec->ports_pkeys) { in ib_destroy_qp_security_begin()
463 port_pkey_list_remove(&sec->ports_pkeys->main); in ib_destroy_qp_security_begin()
464 port_pkey_list_remove(&sec->ports_pkeys->alt); in ib_destroy_qp_security_begin()
471 sec->destroying = true; in ib_destroy_qp_security_begin()
476 sec->error_comps_pending = atomic_read(&sec->error_list_count); in ib_destroy_qp_security_begin()
478 mutex_unlock(&sec->mutex); in ib_destroy_qp_security_begin()
494 for (i = 0; i < sec->error_comps_pending; i++) in ib_destroy_qp_security_abort()
495 wait_for_completion(&sec->error_complete); in ib_destroy_qp_security_abort()
497 mutex_lock(&sec->mutex); in ib_destroy_qp_security_abort()
498 sec->destroying = false; in ib_destroy_qp_security_abort()
509 if (sec->ports_pkeys) { in ib_destroy_qp_security_abort()
510 port_pkey_list_insert(&sec->ports_pkeys->main); in ib_destroy_qp_security_abort()
511 port_pkey_list_insert(&sec->ports_pkeys->alt); in ib_destroy_qp_security_abort()
514 ret = check_qp_port_pkey_settings(sec->ports_pkeys, sec); in ib_destroy_qp_security_abort()
518 mutex_unlock(&sec->mutex); in ib_destroy_qp_security_abort()
534 for (i = 0; i < sec->error_comps_pending; i++) in ib_destroy_qp_security_end()
535 wait_for_completion(&sec->error_complete); in ib_destroy_qp_security_end()
546 list_for_each_entry (pkey, &device->port_data[port_num].pkey_list, in ib_security_cache_change()
563 &device->port_data[i].pkey_list, in ib_security_release_port_pkey_list()
565 list_del(&pkey->pkey_index_list); in ib_security_release_port_pkey_list()
579 struct ib_qp *real_qp = qp->real_qp; in ib_security_modify_qp()
580 bool special_qp = (real_qp->qp_type == IB_QPT_SMI || in ib_security_modify_qp()
581 real_qp->qp_type == IB_QPT_GSI || in ib_security_modify_qp()
582 real_qp->qp_type >= IB_QPT_RESERVED1); in ib_security_modify_qp()
587 rdma_protocol_ib(real_qp->device, qp_attr->port_num) && in ib_security_modify_qp()
588 !real_qp->qp_sec), in ib_security_modify_qp()
590 __func__, real_qp->qp_num); in ib_security_modify_qp()
598 if (pps_change && !special_qp && real_qp->qp_sec) { in ib_security_modify_qp()
599 mutex_lock(&real_qp->qp_sec->mutex); in ib_security_modify_qp()
604 mutex_unlock(&real_qp->qp_sec->mutex); in ib_security_modify_qp()
605 return -ENOMEM; in ib_security_modify_qp()
614 ret = port_pkey_list_insert(&new_pps->main); in ib_security_modify_qp()
617 ret = port_pkey_list_insert(&new_pps->alt); in ib_security_modify_qp()
621 real_qp->qp_sec); in ib_security_modify_qp()
625 ret = real_qp->device->ops.modify_qp(real_qp, in ib_security_modify_qp()
637 tmp_pps = real_qp->qp_sec->ports_pkeys; in ib_security_modify_qp()
638 real_qp->qp_sec->ports_pkeys = new_pps; in ib_security_modify_qp()
642 port_pkey_list_remove(&tmp_pps->main); in ib_security_modify_qp()
643 port_pkey_list_remove(&tmp_pps->alt); in ib_security_modify_qp()
646 mutex_unlock(&real_qp->qp_sec->mutex); in ib_security_modify_qp()
683 WRITE_ONCE(ag->smp_allowed, in ib_mad_agent_security_change()
684 !security_ib_endport_manage_subnet(ag->security, in ib_mad_agent_security_change()
685 dev_name(&ag->device->dev), ag->port_num)); in ib_mad_agent_security_change()
694 if (!rdma_protocol_ib(agent->device, agent->port_num)) in ib_mad_agent_security_setup()
697 INIT_LIST_HEAD(&agent->mad_agent_sec_list); in ib_mad_agent_security_setup()
699 ret = security_ib_alloc_security(&agent->security); in ib_mad_agent_security_setup()
707 ret = security_ib_endport_manage_subnet(agent->security, in ib_mad_agent_security_setup()
708 dev_name(&agent->device->dev), in ib_mad_agent_security_setup()
709 agent->port_num); in ib_mad_agent_security_setup()
713 WRITE_ONCE(agent->smp_allowed, true); in ib_mad_agent_security_setup()
714 list_add(&agent->mad_agent_sec_list, &mad_agent_list); in ib_mad_agent_security_setup()
720 security_ib_free_security(agent->security); in ib_mad_agent_security_setup()
726 if (!rdma_protocol_ib(agent->device, agent->port_num)) in ib_mad_agent_security_cleanup()
729 if (agent->qp->qp_type == IB_QPT_SMI) { in ib_mad_agent_security_cleanup()
731 list_del(&agent->mad_agent_sec_list); in ib_mad_agent_security_cleanup()
735 security_ib_free_security(agent->security); in ib_mad_agent_security_cleanup()
740 if (!rdma_protocol_ib(map->agent.device, map->agent.port_num)) in ib_mad_enforce_security()
743 if (map->agent.qp->qp_type == IB_QPT_SMI) { in ib_mad_enforce_security()
744 if (!READ_ONCE(map->agent.smp_allowed)) in ib_mad_enforce_security()
745 return -EACCES; in ib_mad_enforce_security()
749 return ib_security_pkey_access(map->agent.device, in ib_mad_enforce_security()
750 map->agent.port_num, in ib_mad_enforce_security()
752 map->agent.security); in ib_mad_enforce_security()