2 * Copyright (c) 2012 Chelsio Communications, Inc.
4 * Written by: Navdeep Parhar <np@FreeBSD.org>
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 #include <sys/cdefs.h>
29 __FBSDID("$FreeBSD$");
32 #include "opt_inet6.h"
35 #include <sys/param.h>
36 #include <sys/types.h>
37 #include <sys/kernel.h>
39 #include <sys/module.h>
40 #include <sys/protosw.h>
41 #include <sys/refcount.h>
42 #include <sys/domain.h>
43 #include <sys/fnv_hash.h>
44 #include <sys/socket.h>
45 #include <sys/socketvar.h>
46 #include <net/ethernet.h>
48 #include <net/if_types.h>
49 #include <net/if_vlan_var.h>
50 #include <net/route.h>
51 #include <netinet/in.h>
52 #include <netinet/in_pcb.h>
53 #include <netinet/ip.h>
54 #include <netinet/ip6.h>
55 #include <netinet6/scope6_var.h>
56 #include <netinet/tcp_timer.h>
57 #include <netinet/tcp_var.h>
59 #include <netinet/tcp_fsm.h>
60 #include <netinet/toecore.h>
62 #include "common/common.h"
63 #include "common/t4_msg.h"
64 #include "common/t4_regs.h"
65 #include "tom/t4_tom_l2t.h"
66 #include "tom/t4_tom.h"
69 static int alloc_stid(struct adapter *, struct listen_ctx *, int);
70 static struct listen_ctx *lookup_stid(struct adapter *, int);
71 static void free_stid(struct adapter *, struct listen_ctx *);
74 static struct listen_ctx *alloc_lctx(struct adapter *, struct inpcb *,
76 static int free_lctx(struct adapter *, struct listen_ctx *);
77 static void hold_lctx(struct listen_ctx *);
78 static void listen_hash_add(struct adapter *, struct listen_ctx *);
79 static struct listen_ctx *listen_hash_find(struct adapter *, struct inpcb *);
80 static struct listen_ctx *listen_hash_del(struct adapter *, struct inpcb *);
81 static struct inpcb *release_lctx(struct adapter *, struct listen_ctx *);
83 static inline void save_qids_in_mbuf(struct mbuf *, struct port_info *);
84 static inline void get_qids_from_mbuf(struct mbuf *m, int *, int *);
85 static void send_reset_synqe(struct toedev *, struct synq_entry *);
88 alloc_stid(struct adapter *sc, struct listen_ctx *lctx, int isipv6)
90 struct tid_info *t = &sc->tids;
91 u_int stid, n, f, mask;
92 struct stid_region *sr = &lctx->stid_region;
95 * An IPv6 server needs 2 naturally aligned stids (1 stid = 4 cells) in
96 * the TCAM. The start of the stid region is properly aligned (the chip
97 * requires each region to be 128-cell aligned).
101 KASSERT((t->stid_base & mask) == 0 && (t->nstids & mask) == 0,
102 ("%s: stid region (%u, %u) not properly aligned. n = %u",
103 __func__, t->stid_base, t->nstids, n));
105 mtx_lock(&t->stid_lock);
106 if (n > t->nstids - t->stids_in_use) {
107 mtx_unlock(&t->stid_lock);
111 if (t->nstids_free_head >= n) {
113 * This allocation will definitely succeed because the region
114 * starts at a good alignment and we just checked we have enough
117 f = t->nstids_free_head & mask;
118 t->nstids_free_head -= n + f;
119 stid = t->nstids_free_head;
120 TAILQ_INSERT_HEAD(&t->stids, sr, link);
122 struct stid_region *s;
124 stid = t->nstids_free_head;
125 TAILQ_FOREACH(s, &t->stids, link) {
126 stid += s->used + s->free;
128 if (s->free >= n + f) {
131 TAILQ_INSERT_AFTER(&t->stids, s, sr, link);
136 if (__predict_false(stid != t->nstids)) {
137 panic("%s: stids TAILQ (%p) corrupt."
138 " At %d instead of %d at the end of the queue.",
139 __func__, &t->stids, stid, t->nstids);
142 mtx_unlock(&t->stid_lock);
149 t->stids_in_use += n;
150 t->stid_tab[stid] = lctx;
151 mtx_unlock(&t->stid_lock);
153 KASSERT(((stid + t->stid_base) & mask) == 0,
154 ("%s: EDOOFUS.", __func__));
155 return (stid + t->stid_base);
158 static struct listen_ctx *
159 lookup_stid(struct adapter *sc, int stid)
161 struct tid_info *t = &sc->tids;
163 return (t->stid_tab[stid - t->stid_base]);
167 free_stid(struct adapter *sc, struct listen_ctx *lctx)
169 struct tid_info *t = &sc->tids;
170 struct stid_region *sr = &lctx->stid_region;
171 struct stid_region *s;
173 KASSERT(sr->used > 0, ("%s: nonsense free (%d)", __func__, sr->used));
175 mtx_lock(&t->stid_lock);
176 s = TAILQ_PREV(sr, stid_head, link);
178 s->free += sr->used + sr->free;
180 t->nstids_free_head += sr->used + sr->free;
181 KASSERT(t->stids_in_use >= sr->used,
182 ("%s: stids_in_use (%u) < stids being freed (%u)", __func__,
183 t->stids_in_use, sr->used));
184 t->stids_in_use -= sr->used;
185 TAILQ_REMOVE(&t->stids, sr, link);
186 mtx_unlock(&t->stid_lock);
189 static struct listen_ctx *
190 alloc_lctx(struct adapter *sc, struct inpcb *inp, struct port_info *pi)
192 struct listen_ctx *lctx;
194 INP_WLOCK_ASSERT(inp);
196 lctx = malloc(sizeof(struct listen_ctx), M_CXGBE, M_NOWAIT | M_ZERO);
200 lctx->stid = alloc_stid(sc, lctx, inp->inp_vflag & INP_IPV6);
201 if (lctx->stid < 0) {
206 lctx->ctrlq = &sc->sge.ctrlq[pi->port_id];
207 lctx->ofld_rxq = &sc->sge.ofld_rxq[pi->first_ofld_rxq];
208 refcount_init(&lctx->refcount, 1);
209 TAILQ_INIT(&lctx->synq);
217 /* Don't call this directly, use release_lctx instead */
219 free_lctx(struct adapter *sc, struct listen_ctx *lctx)
221 struct inpcb *inp = lctx->inp;
223 INP_WLOCK_ASSERT(inp);
224 KASSERT(lctx->refcount == 0,
225 ("%s: refcount %d", __func__, lctx->refcount));
226 KASSERT(TAILQ_EMPTY(&lctx->synq),
227 ("%s: synq not empty.", __func__));
228 KASSERT(lctx->stid >= 0, ("%s: bad stid %d.", __func__, lctx->stid));
230 CTR4(KTR_CXGBE, "%s: stid %u, lctx %p, inp %p",
231 __func__, lctx->stid, lctx, lctx->inp);
236 return (in_pcbrele_wlocked(inp));
240 hold_lctx(struct listen_ctx *lctx)
243 refcount_acquire(&lctx->refcount);
246 static inline uint32_t
247 listen_hashfn(void *key, u_long mask)
250 return (fnv_32_buf(&key, sizeof(key), FNV1_32_INIT) & mask);
254 * Add a listen_ctx entry to the listen hash table.
257 listen_hash_add(struct adapter *sc, struct listen_ctx *lctx)
259 struct tom_data *td = sc->tom_softc;
260 int bucket = listen_hashfn(lctx->inp, td->listen_mask);
262 mtx_lock(&td->lctx_hash_lock);
263 LIST_INSERT_HEAD(&td->listen_hash[bucket], lctx, link);
265 mtx_unlock(&td->lctx_hash_lock);
269 * Look for the listening socket's context entry in the hash and return it.
271 static struct listen_ctx *
272 listen_hash_find(struct adapter *sc, struct inpcb *inp)
274 struct tom_data *td = sc->tom_softc;
275 int bucket = listen_hashfn(inp, td->listen_mask);
276 struct listen_ctx *lctx;
278 mtx_lock(&td->lctx_hash_lock);
279 LIST_FOREACH(lctx, &td->listen_hash[bucket], link) {
280 if (lctx->inp == inp)
283 mtx_unlock(&td->lctx_hash_lock);
289 * Removes the listen_ctx structure for inp from the hash and returns it.
291 static struct listen_ctx *
292 listen_hash_del(struct adapter *sc, struct inpcb *inp)
294 struct tom_data *td = sc->tom_softc;
295 int bucket = listen_hashfn(inp, td->listen_mask);
296 struct listen_ctx *lctx, *l;
298 mtx_lock(&td->lctx_hash_lock);
299 LIST_FOREACH_SAFE(lctx, &td->listen_hash[bucket], link, l) {
300 if (lctx->inp == inp) {
301 LIST_REMOVE(lctx, link);
306 mtx_unlock(&td->lctx_hash_lock);
312 * Releases a hold on the lctx. Must be called with the listening socket's inp
313 * locked. The inp may be freed by this function and it returns NULL to
316 static struct inpcb *
317 release_lctx(struct adapter *sc, struct listen_ctx *lctx)
319 struct inpcb *inp = lctx->inp;
322 INP_WLOCK_ASSERT(inp);
323 if (refcount_release(&lctx->refcount))
324 inp_freed = free_lctx(sc, lctx);
326 return (inp_freed ? NULL : inp);
330 send_reset_synqe(struct toedev *tod, struct synq_entry *synqe)
332 struct adapter *sc = tod->tod_softc;
333 struct mbuf *m = synqe->syn;
334 struct ifnet *ifp = m->m_pkthdr.rcvif;
335 struct port_info *pi = ifp->if_softc;
336 struct l2t_entry *e = &sc->l2t->l2tab[synqe->l2e_idx];
338 struct fw_flowc_wr *flowc;
339 struct cpl_abort_req *req;
340 int txqid, rxqid, flowclen;
341 struct sge_wrq *ofld_txq;
342 struct sge_ofld_rxq *ofld_rxq;
343 const int nparams = 6;
344 unsigned int pfvf = G_FW_VIID_PFN(pi->viid) << S_FW_VIID_PFN;
346 INP_WLOCK_ASSERT(synqe->lctx->inp);
348 CTR5(KTR_CXGBE, "%s: synqe %p (0x%x), tid %d%s",
349 __func__, synqe, synqe->flags, synqe->tid,
350 synqe->flags & TPF_ABORT_SHUTDOWN ?
351 " (abort already in progress)" : "");
352 if (synqe->flags & TPF_ABORT_SHUTDOWN)
353 return; /* abort already in progress */
354 synqe->flags |= TPF_ABORT_SHUTDOWN;
356 get_qids_from_mbuf(m, &txqid, &rxqid);
357 ofld_txq = &sc->sge.ofld_txq[txqid];
358 ofld_rxq = &sc->sge.ofld_rxq[rxqid];
360 /* The wrqe will have two WRs - a flowc followed by an abort_req */
361 flowclen = sizeof(*flowc) + nparams * sizeof(struct fw_flowc_mnemval);
363 wr = alloc_wrqe(roundup2(flowclen, EQ_ESIZE) + sizeof(*req), ofld_txq);
366 panic("%s: allocation failure.", __func__);
369 req = (void *)((caddr_t)flowc + roundup2(flowclen, EQ_ESIZE));
371 /* First the flowc ... */
372 memset(flowc, 0, wr->wr_len);
373 flowc->op_to_nparams = htobe32(V_FW_WR_OP(FW_FLOWC_WR) |
374 V_FW_FLOWC_WR_NPARAMS(nparams));
375 flowc->flowid_len16 = htonl(V_FW_WR_LEN16(howmany(flowclen, 16)) |
376 V_FW_WR_FLOWID(synqe->tid));
377 flowc->mnemval[0].mnemonic = FW_FLOWC_MNEM_PFNVFN;
378 flowc->mnemval[0].val = htobe32(pfvf);
379 flowc->mnemval[1].mnemonic = FW_FLOWC_MNEM_CH;
380 flowc->mnemval[1].val = htobe32(pi->tx_chan);
381 flowc->mnemval[2].mnemonic = FW_FLOWC_MNEM_PORT;
382 flowc->mnemval[2].val = htobe32(pi->tx_chan);
383 flowc->mnemval[3].mnemonic = FW_FLOWC_MNEM_IQID;
384 flowc->mnemval[3].val = htobe32(ofld_rxq->iq.abs_id);
385 flowc->mnemval[4].mnemonic = FW_FLOWC_MNEM_SNDBUF;
386 flowc->mnemval[4].val = htobe32(512);
387 flowc->mnemval[5].mnemonic = FW_FLOWC_MNEM_MSS;
388 flowc->mnemval[5].val = htobe32(512);
389 synqe->flags |= TPF_FLOWC_WR_SENT;
391 /* ... then ABORT request */
392 INIT_TP_WR_MIT_CPL(req, CPL_ABORT_REQ, synqe->tid);
393 req->rsvd0 = 0; /* don't have a snd_nxt */
394 req->rsvd1 = 1; /* no data sent yet */
395 req->cmd = CPL_ABORT_SEND_RST;
397 t4_l2t_send(sc, wr, e);
401 create_server(struct adapter *sc, struct listen_ctx *lctx)
404 struct cpl_pass_open_req *req;
405 struct inpcb *inp = lctx->inp;
407 wr = alloc_wrqe(sizeof(*req), lctx->ctrlq);
409 log(LOG_ERR, "%s: allocation failure", __func__);
415 OPCODE_TID(req) = htobe32(MK_OPCODE_TID(CPL_PASS_OPEN_REQ, lctx->stid));
416 req->local_port = inp->inp_lport;
418 req->local_ip = inp->inp_laddr.s_addr;
420 req->opt0 = htobe64(V_TX_CHAN(lctx->ctrlq->eq.tx_chan));
421 req->opt1 = htobe64(V_CONN_POLICY(CPL_CONN_POLICY_ASK) |
422 F_SYN_RSS_ENABLE | V_SYN_RSS_QUEUE(lctx->ofld_rxq->iq.abs_id));
429 create_server6(struct adapter *sc, struct listen_ctx *lctx)
432 struct cpl_pass_open_req6 *req;
433 struct inpcb *inp = lctx->inp;
435 wr = alloc_wrqe(sizeof(*req), lctx->ctrlq);
437 log(LOG_ERR, "%s: allocation failure", __func__);
443 OPCODE_TID(req) = htobe32(MK_OPCODE_TID(CPL_PASS_OPEN_REQ6, lctx->stid));
444 req->local_port = inp->inp_lport;
446 req->local_ip_hi = *(uint64_t *)&inp->in6p_laddr.s6_addr[0];
447 req->local_ip_lo = *(uint64_t *)&inp->in6p_laddr.s6_addr[8];
450 req->opt0 = htobe64(V_TX_CHAN(lctx->ctrlq->eq.tx_chan));
451 req->opt1 = htobe64(V_CONN_POLICY(CPL_CONN_POLICY_ASK) |
452 F_SYN_RSS_ENABLE | V_SYN_RSS_QUEUE(lctx->ofld_rxq->iq.abs_id));
459 destroy_server(struct adapter *sc, struct listen_ctx *lctx)
462 struct cpl_close_listsvr_req *req;
464 wr = alloc_wrqe(sizeof(*req), lctx->ctrlq);
467 panic("%s: allocation failure.", __func__);
472 OPCODE_TID(req) = htonl(MK_OPCODE_TID(CPL_CLOSE_LISTSRV_REQ,
474 req->reply_ctrl = htobe16(lctx->ofld_rxq->iq.abs_id);
475 req->rsvd = htobe16(0);
482 * Start a listening server by sending a passive open request to HW.
484 * Can't take adapter lock here and access to sc->flags, sc->open_device_map,
485 * sc->offload_map, if_capenable are all race prone.
488 t4_listen_start(struct toedev *tod, struct tcpcb *tp)
490 struct adapter *sc = tod->tod_softc;
491 struct port_info *pi;
492 struct inpcb *inp = tp->t_inpcb;
493 struct listen_ctx *lctx;
496 INP_WLOCK_ASSERT(inp);
501 log(LOG_ERR, "%s: listen request ignored, %s is busy",
502 __func__, device_get_nameunit(sc->dev));
506 KASSERT(sc->flags & TOM_INIT_DONE,
507 ("%s: TOM not initialized", __func__));
510 if ((sc->open_device_map & sc->offload_map) == 0)
511 goto done; /* no port that's UP with IFCAP_TOE enabled */
514 * Find a running port with IFCAP_TOE (4 or 6). We'll use the first
515 * such port's queues to send the passive open and receive the reply to
518 * XXX: need a way to mark a port in use by offload. if_cxgbe should
519 * then reject any attempt to bring down such a port (and maybe reject
520 * attempts to disable IFCAP_TOE on that port too?).
522 for_each_port(sc, i) {
523 if (isset(&sc->open_device_map, i) &&
524 sc->port[i]->ifp->if_capenable & IFCAP_TOE)
527 KASSERT(i < sc->params.nports,
528 ("%s: no running port with TOE capability enabled.", __func__));
531 if (listen_hash_find(sc, inp) != NULL)
532 goto done; /* already setup */
534 lctx = alloc_lctx(sc, inp, pi);
537 "%s: listen request ignored, %s couldn't allocate lctx\n",
538 __func__, device_get_nameunit(sc->dev));
541 listen_hash_add(sc, lctx);
543 CTR6(KTR_CXGBE, "%s: stid %u (%s), lctx %p, inp %p vflag 0x%x",
544 __func__, lctx->stid, tcpstates[tp->t_state], lctx, inp,
547 if (inp->inp_vflag & INP_IPV6)
548 rc = create_server6(sc, lctx);
550 rc = create_server(sc, lctx);
552 log(LOG_ERR, "%s: %s failed to create hw listener: %d.\n",
553 __func__, device_get_nameunit(sc->dev), rc);
554 (void) listen_hash_del(sc, inp);
555 inp = release_lctx(sc, lctx);
556 /* can't be freed, host stack has a reference */
557 KASSERT(inp != NULL, ("%s: inp freed", __func__));
560 lctx->flags |= LCTX_RPL_PENDING;
569 t4_listen_stop(struct toedev *tod, struct tcpcb *tp)
571 struct listen_ctx *lctx;
572 struct adapter *sc = tod->tod_softc;
573 struct inpcb *inp = tp->t_inpcb;
574 struct synq_entry *synqe;
576 INP_WLOCK_ASSERT(inp);
578 lctx = listen_hash_del(sc, inp);
580 return (ENOENT); /* no hardware listener for this inp */
582 CTR4(KTR_CXGBE, "%s: stid %u, lctx %p, flags %x", __func__, lctx->stid,
586 * If the reply to the PASS_OPEN is still pending we'll wait for it to
587 * arrive and clean up when it does.
589 if (lctx->flags & LCTX_RPL_PENDING) {
590 KASSERT(TAILQ_EMPTY(&lctx->synq),
591 ("%s: synq not empty.", __func__));
592 return (EINPROGRESS);
596 * The host stack will abort all the connections on the listening
597 * socket's so_comp. It doesn't know about the connections on the synq
598 * so we need to take care of those.
600 TAILQ_FOREACH(synqe, &lctx->synq, link) {
601 if (synqe->flags & TPF_SYNQE_HAS_L2TE)
602 send_reset_synqe(tod, synqe);
605 destroy_server(sc, lctx);
610 hold_synqe(struct synq_entry *synqe)
613 refcount_acquire(&synqe->refcnt);
617 release_synqe(struct synq_entry *synqe)
620 if (refcount_release(&synqe->refcnt)) {
621 int needfree = synqe->flags & TPF_SYNQE_NEEDFREE;
625 free(synqe, M_CXGBE);
630 t4_syncache_added(struct toedev *tod __unused, void *arg)
632 struct synq_entry *synqe = arg;
638 t4_syncache_removed(struct toedev *tod __unused, void *arg)
640 struct synq_entry *synqe = arg;
642 release_synqe(synqe);
646 extern void tcp_dooptions(struct tcpopt *, u_char *, int, int);
649 t4_syncache_respond(struct toedev *tod, void *arg, struct mbuf *m)
651 struct adapter *sc = tod->tod_softc;
652 struct synq_entry *synqe = arg;
656 struct ip *ip = mtod(m, struct ip *);
659 wr = (struct wrqe *)atomic_readandclear_ptr(&synqe->wr);
665 if (ip->ip_v == IPVERSION)
666 th = (void *)(ip + 1);
668 th = (void *)((struct ip6_hdr *)ip + 1);
669 bzero(&to, sizeof(to));
670 tcp_dooptions(&to, (void *)(th + 1), (th->th_off << 2) - sizeof(*th),
673 /* save these for later */
674 synqe->iss = be32toh(th->th_seq);
675 synqe->ts = to.to_tsval;
678 struct cpl_t5_pass_accept_rpl *rpl5 = wrtod(wr);
680 rpl5->iss = th->th_seq;
683 e = &sc->l2t->l2tab[synqe->l2e_idx];
684 t4_l2t_send(sc, wr, e);
686 m_freem(m); /* don't need this any more */
691 do_pass_open_rpl(struct sge_iq *iq, const struct rss_header *rss,
694 struct adapter *sc = iq->adapter;
695 const struct cpl_pass_open_rpl *cpl = (const void *)(rss + 1);
696 int stid = GET_TID(cpl);
697 unsigned int status = cpl->status;
698 struct listen_ctx *lctx = lookup_stid(sc, stid);
699 struct inpcb *inp = lctx->inp;
701 unsigned int opcode = G_CPL_OPCODE(be32toh(OPCODE_TID(cpl)));
704 KASSERT(opcode == CPL_PASS_OPEN_RPL,
705 ("%s: unexpected opcode 0x%x", __func__, opcode));
706 KASSERT(m == NULL, ("%s: wasn't expecting payload", __func__));
707 KASSERT(lctx->stid == stid, ("%s: lctx stid mismatch", __func__));
711 CTR4(KTR_CXGBE, "%s: stid %d, status %u, flags 0x%x",
712 __func__, stid, status, lctx->flags);
714 lctx->flags &= ~LCTX_RPL_PENDING;
716 if (status != CPL_ERR_NONE)
717 log(LOG_ERR, "listener (stid %u) failed: %d\n", stid, status);
721 * If the inp has been dropped (listening socket closed) then
722 * listen_stop must have run and taken the inp out of the hash.
724 if (inp->inp_flags & INP_DROPPED) {
725 KASSERT(listen_hash_del(sc, inp) == NULL,
726 ("%s: inp %p still in listen hash", __func__, inp));
730 if (inp->inp_flags & INP_DROPPED && status != CPL_ERR_NONE) {
731 if (release_lctx(sc, lctx) != NULL)
737 * Listening socket stopped listening earlier and now the chip tells us
738 * it has started the hardware listener. Stop it; the lctx will be
739 * released in do_close_server_rpl.
741 if (inp->inp_flags & INP_DROPPED) {
742 destroy_server(sc, lctx);
748 * Failed to start hardware listener. Take inp out of the hash and
749 * release our reference on it. An error message has been logged
752 if (status != CPL_ERR_NONE) {
753 listen_hash_del(sc, inp);
754 if (release_lctx(sc, lctx) != NULL)
759 /* hardware listener open for business */
766 do_close_server_rpl(struct sge_iq *iq, const struct rss_header *rss,
769 struct adapter *sc = iq->adapter;
770 const struct cpl_close_listsvr_rpl *cpl = (const void *)(rss + 1);
771 int stid = GET_TID(cpl);
772 unsigned int status = cpl->status;
773 struct listen_ctx *lctx = lookup_stid(sc, stid);
774 struct inpcb *inp = lctx->inp;
776 unsigned int opcode = G_CPL_OPCODE(be32toh(OPCODE_TID(cpl)));
779 KASSERT(opcode == CPL_CLOSE_LISTSRV_RPL,
780 ("%s: unexpected opcode 0x%x", __func__, opcode));
781 KASSERT(m == NULL, ("%s: wasn't expecting payload", __func__));
782 KASSERT(lctx->stid == stid, ("%s: lctx stid mismatch", __func__));
784 CTR3(KTR_CXGBE, "%s: stid %u, status %u", __func__, stid, status);
786 if (status != CPL_ERR_NONE) {
787 log(LOG_ERR, "%s: failed (%u) to close listener for stid %u\n",
788 __func__, status, stid);
793 inp = release_lctx(sc, lctx);
801 done_with_synqe(struct adapter *sc, struct synq_entry *synqe)
803 struct listen_ctx *lctx = synqe->lctx;
804 struct inpcb *inp = lctx->inp;
805 struct port_info *pi = synqe->syn->m_pkthdr.rcvif->if_softc;
806 struct l2t_entry *e = &sc->l2t->l2tab[synqe->l2e_idx];
808 INP_WLOCK_ASSERT(inp);
810 TAILQ_REMOVE(&lctx->synq, synqe, link);
811 inp = release_lctx(sc, lctx);
814 remove_tid(sc, synqe->tid);
815 release_tid(sc, synqe->tid, &sc->sge.ctrlq[pi->port_id]);
817 release_synqe(synqe); /* removed from synq list */
821 do_abort_req_synqe(struct sge_iq *iq, const struct rss_header *rss,
824 struct adapter *sc = iq->adapter;
825 const struct cpl_abort_req_rss *cpl = (const void *)(rss + 1);
826 unsigned int tid = GET_TID(cpl);
827 struct synq_entry *synqe = lookup_tid(sc, tid);
828 struct listen_ctx *lctx = synqe->lctx;
829 struct inpcb *inp = lctx->inp;
831 struct sge_wrq *ofld_txq;
833 unsigned int opcode = G_CPL_OPCODE(be32toh(OPCODE_TID(cpl)));
836 KASSERT(opcode == CPL_ABORT_REQ_RSS,
837 ("%s: unexpected opcode 0x%x", __func__, opcode));
838 KASSERT(m == NULL, ("%s: wasn't expecting payload", __func__));
839 KASSERT(synqe->tid == tid, ("%s: toep tid mismatch", __func__));
841 CTR6(KTR_CXGBE, "%s: tid %u, synqe %p (0x%x), lctx %p, status %d",
842 __func__, tid, synqe, synqe->flags, synqe->lctx, cpl->status);
844 if (negative_advice(cpl->status))
845 return (0); /* Ignore negative advice */
849 get_qids_from_mbuf(synqe->syn, &txqid, NULL);
850 ofld_txq = &sc->sge.ofld_txq[txqid];
853 * If we'd initiated an abort earlier the reply to it is responsible for
854 * cleaning up resources. Otherwise we tear everything down right here
855 * right now. We owe the T4 a CPL_ABORT_RPL no matter what.
857 if (synqe->flags & TPF_ABORT_SHUTDOWN) {
862 done_with_synqe(sc, synqe);
863 /* inp lock released by done_with_synqe */
865 send_abort_rpl(sc, ofld_txq, tid, CPL_ABORT_NO_RST);
870 do_abort_rpl_synqe(struct sge_iq *iq, const struct rss_header *rss,
873 struct adapter *sc = iq->adapter;
874 const struct cpl_abort_rpl_rss *cpl = (const void *)(rss + 1);
875 unsigned int tid = GET_TID(cpl);
876 struct synq_entry *synqe = lookup_tid(sc, tid);
877 struct listen_ctx *lctx = synqe->lctx;
878 struct inpcb *inp = lctx->inp;
880 unsigned int opcode = G_CPL_OPCODE(be32toh(OPCODE_TID(cpl)));
883 KASSERT(opcode == CPL_ABORT_RPL_RSS,
884 ("%s: unexpected opcode 0x%x", __func__, opcode));
885 KASSERT(m == NULL, ("%s: wasn't expecting payload", __func__));
886 KASSERT(synqe->tid == tid, ("%s: toep tid mismatch", __func__));
888 CTR6(KTR_CXGBE, "%s: tid %u, synqe %p (0x%x), lctx %p, status %d",
889 __func__, tid, synqe, synqe->flags, synqe->lctx, cpl->status);
892 KASSERT(synqe->flags & TPF_ABORT_SHUTDOWN,
893 ("%s: wasn't expecting abort reply for synqe %p (0x%x)",
894 __func__, synqe, synqe->flags));
896 done_with_synqe(sc, synqe);
897 /* inp lock released by done_with_synqe */
903 t4_offload_socket(struct toedev *tod, void *arg, struct socket *so)
905 struct adapter *sc = tod->tod_softc;
906 struct synq_entry *synqe = arg;
908 struct inpcb *inp = sotoinpcb(so);
910 struct cpl_pass_establish *cpl = mtod(synqe->syn, void *);
911 struct toepcb *toep = *(struct toepcb **)(cpl + 1);
913 INP_INFO_LOCK_ASSERT(&V_tcbinfo); /* prevents bad race with accept() */
914 INP_WLOCK_ASSERT(inp);
915 KASSERT(synqe->flags & TPF_SYNQE,
916 ("%s: %p not a synq_entry?", __func__, arg));
918 offload_socket(so, toep);
919 make_established(toep, cpl->snd_isn, cpl->rcv_isn, cpl->tcp_opt);
920 toep->flags |= TPF_CPL_PENDING;
921 update_tid(sc, synqe->tid, toep);
922 synqe->flags |= TPF_SYNQE_EXPANDED;
926 save_qids_in_mbuf(struct mbuf *m, struct port_info *pi)
928 uint32_t txqid, rxqid;
930 txqid = (arc4random() % pi->nofldtxq) + pi->first_ofld_txq;
931 rxqid = (arc4random() % pi->nofldrxq) + pi->first_ofld_rxq;
933 m->m_pkthdr.flowid = (txqid << 16) | (rxqid & 0xffff);
937 get_qids_from_mbuf(struct mbuf *m, int *txqid, int *rxqid)
941 *txqid = m->m_pkthdr.flowid >> 16;
943 *rxqid = m->m_pkthdr.flowid & 0xffff;
947 * Use the trailing space in the mbuf in which the PASS_ACCEPT_REQ arrived to
948 * store some state temporarily.
950 static struct synq_entry *
951 mbuf_to_synqe(struct mbuf *m)
953 int len = roundup2(sizeof (struct synq_entry), 8);
954 int tspace = M_TRAILINGSPACE(m);
955 struct synq_entry *synqe = NULL;
958 synqe = malloc(sizeof(*synqe), M_CXGBE, M_NOWAIT);
961 synqe->flags = TPF_SYNQE | TPF_SYNQE_NEEDFREE;
963 synqe = (void *)(m->m_data + m->m_len + tspace - len);
964 synqe->flags = TPF_SYNQE;
971 t4opt_to_tcpopt(const struct tcp_options *t4opt, struct tcpopt *to)
973 bzero(to, sizeof(*to));
976 to->to_flags |= TOF_MSS;
977 to->to_mss = be16toh(t4opt->mss);
981 to->to_flags |= TOF_SCALE;
982 to->to_wscale = t4opt->wsf;
986 to->to_flags |= TOF_TS;
989 to->to_flags |= TOF_SACKPERM;
993 * Options2 for passive open.
996 calc_opt2p(struct adapter *sc, struct port_info *pi, int rxqid,
997 const struct tcp_options *tcpopt, struct tcphdr *th, int ulp_mode)
999 struct sge_ofld_rxq *ofld_rxq = &sc->sge.ofld_rxq[rxqid];
1002 opt2 = V_TX_QUEUE(sc->params.tp.tx_modq[pi->tx_chan]) |
1003 F_RSS_QUEUE_VALID | V_RSS_QUEUE(ofld_rxq->iq.abs_id);
1005 if (V_tcp_do_rfc1323) {
1007 opt2 |= F_TSTAMPS_EN;
1010 if (tcpopt->wsf > 0)
1011 opt2 |= F_WND_SCALE_EN;
1014 if (V_tcp_do_ecn && th->th_flags & (TH_ECE | TH_CWR))
1015 opt2 |= F_CCTRL_ECN;
1017 /* RX_COALESCE is always a valid value (0 or M_RX_COALESCE). */
1019 opt2 |= F_RX_COALESCE_VALID;
1021 opt2 |= F_T5_OPT_2_VALID;
1022 opt2 |= F_CONG_CNTRL_VALID; /* OPT_2_ISS really, for T5 */
1024 if (sc->tt.rx_coalesce)
1025 opt2 |= V_RX_COALESCE(M_RX_COALESCE);
1027 #ifdef USE_DDP_RX_FLOW_CONTROL
1028 if (ulp_mode == ULP_MODE_TCPDDP)
1029 opt2 |= F_RX_FC_VALID | F_RX_FC_DDP;
1032 return htobe32(opt2);
1035 /* XXX: duplication. */
1037 tcp_fields_to_host(struct tcphdr *th)
1040 th->th_seq = ntohl(th->th_seq);
1041 th->th_ack = ntohl(th->th_ack);
1042 th->th_win = ntohs(th->th_win);
1043 th->th_urp = ntohs(th->th_urp);
1047 pass_accept_req_to_protohdrs(const struct mbuf *m, struct in_conninfo *inc,
1050 const struct cpl_pass_accept_req *cpl = mtod(m, const void *);
1051 const struct ether_header *eh;
1052 unsigned int hlen = be32toh(cpl->hdr_len);
1054 const struct tcphdr *tcp;
1056 eh = (const void *)(cpl + 1);
1057 l3hdr = ((uintptr_t)eh + G_ETH_HDR_LEN(hlen));
1058 tcp = (const void *)(l3hdr + G_IP_HDR_LEN(hlen));
1061 bzero(inc, sizeof(*inc));
1062 inc->inc_fport = tcp->th_sport;
1063 inc->inc_lport = tcp->th_dport;
1064 if (((struct ip *)l3hdr)->ip_v == IPVERSION) {
1065 const struct ip *ip = (const void *)l3hdr;
1067 inc->inc_faddr = ip->ip_src;
1068 inc->inc_laddr = ip->ip_dst;
1070 const struct ip6_hdr *ip6 = (const void *)l3hdr;
1072 inc->inc_flags |= INC_ISIPV6;
1073 inc->inc6_faddr = ip6->ip6_src;
1074 inc->inc6_laddr = ip6->ip6_dst;
1079 bcopy(tcp, th, sizeof(*th));
1080 tcp_fields_to_host(th); /* just like tcp_input */
1085 ifnet_has_ip6(struct ifnet *ifp, struct in6_addr *ip6)
1088 struct sockaddr_in6 *sin6;
1090 struct in6_addr in6 = *ip6;
1092 /* Just as in ip6_input */
1093 if (in6_clearscope(&in6) || in6_clearscope(&in6))
1095 in6_setscope(&in6, ifp, NULL);
1098 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1099 sin6 = (void *)ifa->ifa_addr;
1100 if (sin6->sin6_family != AF_INET6)
1103 if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, &in6)) {
1108 if_addr_runlock(ifp);
1113 static struct l2t_entry *
1114 get_l2te_for_nexthop(struct port_info *pi, struct ifnet *ifp,
1115 struct in_conninfo *inc)
1118 struct l2t_entry *e;
1119 struct sockaddr_in6 sin6;
1120 struct sockaddr *dst = (void *)&sin6;
1122 if (inc->inc_flags & INC_ISIPV6) {
1123 dst->sa_len = sizeof(struct sockaddr_in6);
1124 dst->sa_family = AF_INET6;
1125 ((struct sockaddr_in6 *)dst)->sin6_addr = inc->inc6_faddr;
1127 if (IN6_IS_ADDR_LINKLOCAL(&inc->inc6_laddr)) {
1128 /* no need for route lookup */
1129 e = t4_l2t_get(pi, ifp, dst);
1133 dst->sa_len = sizeof(struct sockaddr_in);
1134 dst->sa_family = AF_INET;
1135 ((struct sockaddr_in *)dst)->sin_addr = inc->inc_faddr;
1138 rt = rtalloc1(dst, 0, 0);
1142 struct sockaddr *nexthop;
1145 if (rt->rt_ifp != ifp)
1148 if (rt->rt_flags & RTF_GATEWAY)
1149 nexthop = rt->rt_gateway;
1152 e = t4_l2t_get(pi, ifp, nexthop);
1161 ifnet_has_ip(struct ifnet *ifp, struct in_addr in)
1164 struct sockaddr_in *sin;
1168 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1169 sin = (void *)ifa->ifa_addr;
1170 if (sin->sin_family != AF_INET)
1173 if (sin->sin_addr.s_addr == in.s_addr) {
1178 if_addr_runlock(ifp);
1183 #define REJECT_PASS_ACCEPT() do { \
1184 reject_reason = __LINE__; \
1189 * The context associated with a tid entry via insert_tid could be a synq_entry
1190 * or a toepcb. The only way CPL handlers can tell is via a bit in these flags.
1192 CTASSERT(offsetof(struct toepcb, flags) == offsetof(struct synq_entry, flags));
1195 * Incoming SYN on a listening socket.
1197 * XXX: Every use of ifp in this routine has a bad race with up/down, toe/-toe,
1201 do_pass_accept_req(struct sge_iq *iq, const struct rss_header *rss,
1204 struct adapter *sc = iq->adapter;
1206 const struct cpl_pass_accept_req *cpl = mtod(m, const void *);
1207 struct cpl_pass_accept_rpl *rpl;
1209 unsigned int stid = G_PASS_OPEN_TID(be32toh(cpl->tos_stid));
1210 unsigned int tid = GET_TID(cpl);
1211 struct listen_ctx *lctx = lookup_stid(sc, stid);
1214 struct in_conninfo inc;
1217 struct port_info *pi;
1218 struct ifnet *hw_ifp, *ifp;
1219 struct l2t_entry *e = NULL;
1220 int rscale, mtu_idx, rx_credits, rxqid, ulp_mode;
1221 struct synq_entry *synqe = NULL;
1225 unsigned int opcode = G_CPL_OPCODE(be32toh(OPCODE_TID(cpl)));
1228 KASSERT(opcode == CPL_PASS_ACCEPT_REQ,
1229 ("%s: unexpected opcode 0x%x", __func__, opcode));
1230 KASSERT(lctx->stid == stid, ("%s: lctx stid mismatch", __func__));
1232 CTR4(KTR_CXGBE, "%s: stid %u, tid %u, lctx %p", __func__, stid, tid,
1235 pass_accept_req_to_protohdrs(m, &inc, &th);
1236 t4opt_to_tcpopt(&cpl->tcpopt, &to);
1238 pi = sc->port[G_SYN_INTF(be16toh(cpl->l2info))];
1239 hw_ifp = pi->ifp; /* the cxgbeX ifnet */
1240 m->m_pkthdr.rcvif = hw_ifp;
1241 tod = TOEDEV(hw_ifp);
1244 * Figure out if there is a pseudo interface (vlan, lagg, etc.)
1245 * involved. Don't offload if the SYN had a VLAN tag and the vid
1246 * doesn't match anything on this interface.
1248 * XXX: lagg support, lagg + vlan support.
1250 vid = EVL_VLANOFTAG(be16toh(cpl->vlan));
1252 ifp = VLAN_DEVAT(hw_ifp, vid);
1254 REJECT_PASS_ACCEPT();
1259 * Don't offload if the peer requested a TCP option that's not known to
1262 if (cpl->tcpopt.unknown)
1263 REJECT_PASS_ACCEPT();
1265 if (inc.inc_flags & INC_ISIPV6) {
1267 /* Don't offload if the ifcap isn't enabled */
1268 if ((ifp->if_capenable & IFCAP_TOE6) == 0)
1269 REJECT_PASS_ACCEPT();
1272 * SYN must be directed to an IP6 address on this ifnet. This
1273 * is more restrictive than in6_localip.
1275 if (!ifnet_has_ip6(ifp, &inc.inc6_laddr))
1276 REJECT_PASS_ACCEPT();
1279 /* Don't offload if the ifcap isn't enabled */
1280 if ((ifp->if_capenable & IFCAP_TOE4) == 0)
1281 REJECT_PASS_ACCEPT();
1284 * SYN must be directed to an IP address on this ifnet. This
1285 * is more restrictive than in_localip.
1287 if (!ifnet_has_ip(ifp, inc.inc_laddr))
1288 REJECT_PASS_ACCEPT();
1291 e = get_l2te_for_nexthop(pi, ifp, &inc);
1293 REJECT_PASS_ACCEPT();
1295 synqe = mbuf_to_synqe(m);
1297 REJECT_PASS_ACCEPT();
1299 wr = alloc_wrqe(is_t4(sc) ? sizeof(struct cpl_pass_accept_rpl) :
1300 sizeof(struct cpl_t5_pass_accept_rpl), &sc->sge.ctrlq[pi->port_id]);
1302 REJECT_PASS_ACCEPT();
1305 INP_INFO_WLOCK(&V_tcbinfo); /* for 4-tuple check, syncache_add */
1307 /* Don't offload if the 4-tuple is already in use */
1308 if (toe_4tuple_check(&inc, &th, ifp) != 0) {
1309 INP_INFO_WUNLOCK(&V_tcbinfo);
1311 REJECT_PASS_ACCEPT();
1314 inp = lctx->inp; /* listening socket, not owned by TOE */
1317 /* Don't offload if the listening socket has closed */
1318 if (__predict_false(inp->inp_flags & INP_DROPPED)) {
1320 * The listening socket has closed. The reply from the TOE to
1321 * our CPL_CLOSE_LISTSRV_REQ will ultimately release all
1322 * resources tied to this listen context.
1325 INP_INFO_WUNLOCK(&V_tcbinfo);
1327 REJECT_PASS_ACCEPT();
1329 so = inp->inp_socket;
1331 mtu_idx = find_best_mtu_idx(sc, &inc, be16toh(cpl->tcpopt.mss));
1332 rscale = cpl->tcpopt.wsf && V_tcp_do_rfc1323 ? select_rcv_wscale() : 0;
1333 SOCKBUF_LOCK(&so->so_rcv);
1334 /* opt0 rcv_bufsiz initially, assumes its normal meaning later */
1335 rx_credits = min(select_rcv_wnd(so) >> 10, M_RCV_BUFSIZ);
1336 SOCKBUF_UNLOCK(&so->so_rcv);
1338 save_qids_in_mbuf(m, pi);
1339 get_qids_from_mbuf(m, NULL, &rxqid);
1342 INIT_TP_WR_MIT_CPL(rpl, CPL_PASS_ACCEPT_RPL, tid);
1344 struct cpl_t5_pass_accept_rpl *rpl5 = (void *)rpl;
1346 INIT_TP_WR_MIT_CPL(rpl5, CPL_PASS_ACCEPT_RPL, tid);
1348 if (sc->tt.ddp && (so->so_options & SO_NO_DDP) == 0) {
1349 ulp_mode = ULP_MODE_TCPDDP;
1350 synqe->flags |= TPF_SYNQE_TCPDDP;
1352 ulp_mode = ULP_MODE_NONE;
1353 rpl->opt0 = calc_opt0(so, pi, e, mtu_idx, rscale, rx_credits, ulp_mode);
1354 rpl->opt2 = calc_opt2p(sc, pi, rxqid, &cpl->tcpopt, &th, ulp_mode);
1360 refcount_init(&synqe->refcnt, 1); /* 1 means extra hold */
1361 synqe->l2e_idx = e->idx;
1362 synqe->rcv_bufsize = rx_credits;
1363 atomic_store_rel_ptr(&synqe->wr, (uintptr_t)wr);
1365 insert_tid(sc, tid, synqe);
1366 TAILQ_INSERT_TAIL(&lctx->synq, synqe, link);
1367 hold_synqe(synqe); /* hold for the duration it's in the synq */
1368 hold_lctx(lctx); /* A synqe on the list has a ref on its lctx */
1371 * If all goes well t4_syncache_respond will get called during
1372 * syncache_add. Also note that syncache_add releases both pcbinfo and
1375 toe_syncache_add(&inc, &to, &th, inp, tod, synqe);
1376 INP_UNLOCK_ASSERT(inp); /* ok to assert, we have a ref on the inp */
1377 INP_INFO_UNLOCK_ASSERT(&V_tcbinfo);
1380 * If we replied during syncache_add (synqe->wr has been consumed),
1381 * good. Otherwise, set it to 0 so that further syncache_respond
1382 * attempts by the kernel will be ignored.
1384 if (atomic_cmpset_ptr(&synqe->wr, (uintptr_t)wr, 0)) {
1387 * syncache may or may not have a hold on the synqe, which may
1388 * or may not be stashed in the original SYN mbuf passed to us.
1389 * Just copy it over instead of dealing with all possibilities.
1391 m = m_dup(synqe->syn, M_NOWAIT);
1393 m->m_pkthdr.rcvif = hw_ifp;
1395 remove_tid(sc, synqe->tid);
1398 /* Yank the synqe out of the lctx synq. */
1400 TAILQ_REMOVE(&lctx->synq, synqe, link);
1401 release_synqe(synqe); /* removed from synq list */
1402 inp = release_lctx(sc, lctx);
1406 release_synqe(synqe); /* extra hold */
1407 REJECT_PASS_ACCEPT();
1410 CTR5(KTR_CXGBE, "%s: stid %u, tid %u, lctx %p, synqe %p, SYNACK",
1411 __func__, stid, tid, lctx, synqe);
1414 synqe->flags |= TPF_SYNQE_HAS_L2TE;
1415 if (__predict_false(inp->inp_flags & INP_DROPPED)) {
1417 * Listening socket closed but tod_listen_stop did not abort
1418 * this tid because there was no L2T entry for the tid at that
1419 * time. Abort it now. The reply to the abort will clean up.
1422 "%s: stid %u, tid %u, lctx %p, synqe %p (0x%x), ABORT",
1423 __func__, stid, tid, lctx, synqe, synqe->flags);
1424 if (!(synqe->flags & TPF_SYNQE_EXPANDED))
1425 send_reset_synqe(tod, synqe);
1428 release_synqe(synqe); /* extra hold */
1433 release_synqe(synqe); /* extra hold */
1436 CTR4(KTR_CXGBE, "%s: stid %u, tid %u, REJECT (%d)", __func__, stid, tid,
1441 release_tid(sc, tid, lctx->ctrlq);
1443 if (__predict_true(m != NULL)) {
1444 m_adj(m, sizeof(*cpl));
1445 m->m_pkthdr.csum_flags |= (CSUM_IP_CHECKED | CSUM_IP_VALID |
1446 CSUM_DATA_VALID | CSUM_PSEUDO_HDR);
1447 m->m_pkthdr.csum_data = 0xffff;
1448 hw_ifp->if_input(hw_ifp, m);
1451 return (reject_reason);
1455 synqe_to_protohdrs(struct synq_entry *synqe,
1456 const struct cpl_pass_establish *cpl, struct in_conninfo *inc,
1457 struct tcphdr *th, struct tcpopt *to)
1459 uint16_t tcp_opt = be16toh(cpl->tcp_opt);
1461 /* start off with the original SYN */
1462 pass_accept_req_to_protohdrs(synqe->syn, inc, th);
1464 /* modify parts to make it look like the ACK to our SYN|ACK */
1465 th->th_flags = TH_ACK;
1466 th->th_ack = synqe->iss + 1;
1467 th->th_seq = be32toh(cpl->rcv_isn);
1468 bzero(to, sizeof(*to));
1469 if (G_TCPOPT_TSTAMP(tcp_opt)) {
1470 to->to_flags |= TOF_TS;
1471 to->to_tsecr = synqe->ts;
1476 do_pass_establish(struct sge_iq *iq, const struct rss_header *rss,
1479 struct adapter *sc = iq->adapter;
1480 struct port_info *pi;
1482 const struct cpl_pass_establish *cpl = (const void *)(rss + 1);
1483 #if defined(KTR) || defined(INVARIANTS)
1484 unsigned int stid = G_PASS_OPEN_TID(be32toh(cpl->tos_stid));
1486 unsigned int tid = GET_TID(cpl);
1487 struct synq_entry *synqe = lookup_tid(sc, tid);
1488 struct listen_ctx *lctx = synqe->lctx;
1489 struct inpcb *inp = lctx->inp;
1493 struct in_conninfo inc;
1494 struct toepcb *toep;
1497 unsigned int opcode = G_CPL_OPCODE(be32toh(OPCODE_TID(cpl)));
1500 KASSERT(opcode == CPL_PASS_ESTABLISH,
1501 ("%s: unexpected opcode 0x%x", __func__, opcode));
1502 KASSERT(m == NULL, ("%s: wasn't expecting payload", __func__));
1503 KASSERT(lctx->stid == stid, ("%s: lctx stid mismatch", __func__));
1504 KASSERT(synqe->flags & TPF_SYNQE,
1505 ("%s: tid %u (ctx %p) not a synqe", __func__, tid, synqe));
1507 INP_INFO_WLOCK(&V_tcbinfo); /* for syncache_expand */
1511 "%s: stid %u, tid %u, synqe %p (0x%x), inp_flags 0x%x",
1512 __func__, stid, tid, synqe, synqe->flags, inp->inp_flags);
1514 if (__predict_false(inp->inp_flags & INP_DROPPED)) {
1516 if (synqe->flags & TPF_SYNQE_HAS_L2TE) {
1517 KASSERT(synqe->flags & TPF_ABORT_SHUTDOWN,
1518 ("%s: listen socket closed but tid %u not aborted.",
1523 INP_INFO_WUNLOCK(&V_tcbinfo);
1527 ifp = synqe->syn->m_pkthdr.rcvif;
1529 KASSERT(pi->adapter == sc,
1530 ("%s: pi %p, sc %p mismatch", __func__, pi, sc));
1532 get_qids_from_mbuf(synqe->syn, &txqid, &rxqid);
1533 KASSERT(rxqid == iq_to_ofld_rxq(iq) - &sc->sge.ofld_rxq[0],
1534 ("%s: CPL arrived on unexpected rxq. %d %d", __func__, rxqid,
1535 (int)(iq_to_ofld_rxq(iq) - &sc->sge.ofld_rxq[0])));
1537 toep = alloc_toepcb(pi, txqid, rxqid, M_NOWAIT);
1541 * The reply to this abort will perform final cleanup. There is
1542 * no need to check for HAS_L2TE here. We can be here only if
1543 * we responded to the PASS_ACCEPT_REQ, and our response had the
1546 send_reset_synqe(TOEDEV(ifp), synqe);
1548 INP_INFO_WUNLOCK(&V_tcbinfo);
1552 toep->l2te = &sc->l2t->l2tab[synqe->l2e_idx];
1553 if (synqe->flags & TPF_SYNQE_TCPDDP)
1554 set_tcpddp_ulp_mode(toep);
1556 toep->ulp_mode = ULP_MODE_NONE;
1557 /* opt0 rcv_bufsiz initially, assumes its normal meaning later */
1558 toep->rx_credits = synqe->rcv_bufsize;
1560 so = inp->inp_socket;
1561 KASSERT(so != NULL, ("%s: socket is NULL", __func__));
1563 /* Come up with something that syncache_expand should be ok with. */
1564 synqe_to_protohdrs(synqe, cpl, &inc, &th, &to);
1567 * No more need for anything in the mbuf that carried the
1568 * CPL_PASS_ACCEPT_REQ. Drop the CPL_PASS_ESTABLISH and toep pointer
1569 * there. XXX: bad form but I don't want to increase the size of synqe.
1572 KASSERT(sizeof(*cpl) + sizeof(toep) <= m->m_len,
1573 ("%s: no room in mbuf %p (m_len %d)", __func__, m, m->m_len));
1574 bcopy(cpl, mtod(m, void *), sizeof(*cpl));
1575 *(struct toepcb **)(mtod(m, struct cpl_pass_establish *) + 1) = toep;
1577 if (!toe_syncache_expand(&inc, &to, &th, &so) || so == NULL) {
1583 * This is for the unlikely case where the syncache entry that we added
1584 * has been evicted from the syncache, but the syncache_expand above
1585 * works because of syncookies.
1587 * XXX: we've held the tcbinfo lock throughout so there's no risk of
1588 * anyone accept'ing a connection before we've installed our hooks, but
1589 * this somewhat defeats the purpose of having a tod_offload_socket :-(
1591 if (__predict_false(!(synqe->flags & TPF_SYNQE_EXPANDED))) {
1592 struct inpcb *new_inp = sotoinpcb(so);
1595 tcp_timer_activate(intotcpcb(new_inp), TT_KEEP, 0);
1596 t4_offload_socket(TOEDEV(ifp), synqe, so);
1597 INP_WUNLOCK(new_inp);
1600 /* Done with the synqe */
1601 TAILQ_REMOVE(&lctx->synq, synqe, link);
1602 inp = release_lctx(sc, lctx);
1605 INP_INFO_WUNLOCK(&V_tcbinfo);
1606 release_synqe(synqe);
1612 t4_init_listen_cpl_handlers(struct adapter *sc)
1615 t4_register_cpl_handler(sc, CPL_PASS_OPEN_RPL, do_pass_open_rpl);
1616 t4_register_cpl_handler(sc, CPL_CLOSE_LISTSRV_RPL, do_close_server_rpl);
1617 t4_register_cpl_handler(sc, CPL_PASS_ACCEPT_REQ, do_pass_accept_req);
1618 t4_register_cpl_handler(sc, CPL_PASS_ESTABLISH, do_pass_establish);