Re: [PATCH -next] RDMA/hns: Fix return in hns_roce_rereg_user_mr()

From: YueHaibing <hidden>
Date: 2021-08-05 09:29:32
Also in: lkml

On 2021/8/5 11:40, Leon Romanovsky wrote:

On Thu, Aug 05, 2021 at 10:36:03AM +0800, YueHaibing wrote:

quoted

On 2021/8/4 21:53, Leon Romanovsky wrote:

quoted

On Wed, Aug 04, 2021 at 08:59:39PM +0800, YueHaibing wrote:

quoted

If re-registering an MR in hns_roce_rereg_user_mr(), we should
return NULL instead of pass 0 to ERR_PTR.

Fixes: 4e9fc1dae2a9 ("RDMA/hns: Optimize the MR registration process")
Signed-off-by: YueHaibing <redacted>
---
 drivers/infiniband/hw/hns/hns_roce_mr.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/infiniband/hw/hns/hns_roce_mr.c b/drivers/infiniband/hw/hns/hns_roce_mr.c
index 006c84bb3f9f..7089ac780291 100644
--- a/drivers/infiniband/hw/hns/hns_roce_mr.c
+++ b/drivers/infiniband/hw/hns/hns_roce_mr.c

@@ -352,7 +352,9 @@ struct ib_mr *hns_roce_rereg_user_mr(struct ib_mr *ibmr, int flags, u64 start,
 free_cmd_mbox:
 	hns_roce_free_cmd_mailbox(hr_dev, mailbox);
 
-	return ERR_PTR(ret);
+	if (ret)
+		return ERR_PTR(ret);
+	return NULL;
 }

I don't understand this function, it returns or ERR_PTR() or NULL, but
should return &mr->ibmr in success path. How does it work?

Did you means hns_roce_reg_user_mr()?

hns_roce_rereg_user_mr() returns ERR_PTR() on failure, and return NULL on success,

In ib_uverbs_rereg_mr(), old mr will be used if rereg_user_mr() return NULL, see:

 829         new_mr = ib_dev->ops.rereg_user_mr(mr, cmd.flags, cmd.start, cmd.length,
 830                                            cmd.hca_va, cmd.access_flags, new_pd,
 831                                            &attrs->driver_udata);
 832         if (IS_ERR(new_mr)) {
 833                 ret = PTR_ERR(new_mr);
 834                 goto put_new_uobj;
 835         }
 836         if (new_mr) {
.....
 860                 mr = new_mr;
 861         } else {
 862                 if (cmd.flags & IB_MR_REREG_PD) {
 863                         atomic_dec(&orig_pd->usecnt);
 864                         mr->pd = new_pd;
 865                         atomic_inc(&new_pd->usecnt);
 866                 }
 867                 if (cmd.flags & IB_MR_REREG_TRANS)
 868                         mr->iova = cmd.hca_va;
 869         }

You overwrite various fields in old_mr when executing hns_roce_rereg_user_mr().
For example mr->access flags, which is not returned to the original
state after all failures.

IMO, if ibv_rereg_mr failed, the mr is in undefined state, user needs to call
ibv_dereg_mr in order to release it, so there no need to recover the original state.

Also， mlx4_ib_rereg_user_mr seems to do the same thing.

Also I'm not so sure about if it is valid to return NULL in all flows.

Thanks

quoted

Thanks

quoted

 
 int hns_roce_dereg_mr(struct ib_mr *ibmr, struct ib_udata *udata)
-- 
2.17.1

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help