IB/rdmavt: Setting of QP timeout can overflow jiffies computation (a25ce427) · Commits · 戴 / test

Current computation of qp->timeout_jiffies in rvt_modify_qp() will cause overflow due to the fact that the input to the function usecs_to_jiffies is only 32-bit ( unsigned int). Overflow will occur when attr->timeout is equal to or greater than 30. The consequence is unnecessarily excessive retry and thus degradation of the system performance. This patch fixes the problem by limiting the input to 5-bit and calling usecs_to_jiffies() before multiplying the scaling factor. Reviewed-by:

Mike Marciniszyn <mike.marciniszyn@intel.com> Signed-off-by:

Kaike Wan <kaike.wan@intel.com> Signed-off-by:

Dennis Dalessandro <dennis.dalessandro@intel.com> Signed-off-by:

Doug Ledford <dledford@redhat.com>

drivers/infiniband/sw/rdmavt/qp.c

+1 −3

Original line number	Diff line number	Diff line
		@@ -1258,9 +1258,7 @@ int rvt_modify_qp(struct ib_qp ibqp, struct ib_qp_attr attr,

		if (attr_mask & IB_QP_TIMEOUT) {
		qp->timeout = attr->timeout;
		qp->timeout_jiffies =
		usecs_to_jiffies((4096UL * (1UL << qp->timeout)) /
		1000UL);
		qp->timeout_jiffies = rvt_timeout_to_jiffies(qp->timeout);
		}

		if (attr_mask & IB_QP_QKEY)

include/rdma/rdmavt_qp.h

+14 −0

Original line number	Diff line number	Diff line
		@@ -647,6 +647,20 @@ static inline u32 rvt_div_mtu(struct rvt_qp *qp, u32 len)
		return len >> qp->log_pmtu;
		}

		/**
		* rvt_timeout_to_jiffies - Convert a ULP timeout input into jiffies
		* @timeout - timeout input(0 - 31).
		*
		* Return a timeout value in jiffies.
		*/
		static inline unsigned long rvt_timeout_to_jiffies(u8 timeout)
		{
		if (timeout > 31)
		timeout = 31;

		return usecs_to_jiffies(1U << timeout) * 4096UL / 1000UL;
		}

		extern const int ib_rvt_state_ops[];

		struct rvt_dev_info;

Admin message